[pmmail-list] Stupid PGP question(s)

PMMail OS/2 Support pmmail-list@blueprintsoftwareworks.com
Mon, 16 Jul 2001 13:18:31 -0300 

This has been answered but because I like to be verbose and because
I've always been miffed at the very straightforward nature of PGP but
the very unclear docs (at least on OS/2) for it, I've rambled off a
bit below. Read if you want.

On Sat, 14 Jul 2001 11:20:18 -0400, Andrew Webber wrote:

>I thought it would be easy enough to recreate
>the keys using the regular system tray PGP application I
>downloaded, but the key that results does not decrypt those
>messages.

Definitely not. Every key will be unique due to random data.

>If I install PMMail on another system, should I be able to recreate
>the same private key if I've lost it (but I know the passphrase)?  

Never. You can not recreate a private or public key, ever.

>If I install PGP outside PMMail on another machine, should I be
>able to recreate the same private key, or will the same passphrase
>always produce a different private key?

As noted, passphrases have nothing to do with the content of keys.
Passphrases are just used to unlock your key so it can be used.

The thing is, your private key is itself a sort of password. A VERY
"strong" password, but in reality, it's just a password like any
other. It is such an immensely long string of random numbers and
letters that there is no way any normal person could ever remember it
and typing it in would be a pain in the butt. So, we save the private
key in a file on our hard drives. When we get sent an encrypted
message that requires that "password" to decrypt it (for example),
instead of asking us to type it in, PGP just reads the password (i.e.
our private key) from our hard disk.

Now, obviously a "password" (our private key) is really not very good
if it's saved on a computer disk. Anyone could steal it and we
probably wouldn't even know! So, that "password" (our private key) is
itself encrypted with a password. This second password is used to
encrypt and decrypt our first password (our private key). Since it is
hoped that we will use a long string of numbers/letters (but not as
long as our private key!), possibly with multiple "words", encryption
folks refer to it as a passphrase instead of a password.

In reality, most of us don't use a long string of random numbers and
letters. We use a sentence of words because it's easier for us to
remember. This is not the ideal but you have to balance perfect
security with the reality of everyday life. If you have to write it
down somewhere to remember it, a passphrase becomes almost as
insecure as your private key would be if it was left unencrypted in
the first place. Anyone could stumble on the passphrase and then
unencrypt your private key and then silently intercept any encrypted
mail that came for you. Or they could use it to "sign" messages
pretending to be you.

Others have answered this but, yes, you need a backup of your
private/public keyrings. Again, you have to balance perfect security
with reality. Having no backups and keeping the only existing keyring
with you at all times is the safest policy. That means it's difficult
for anyone to steal your private key and if they do, you will
probably know it.

That's not practical though. In terms of backups, storing a backup on
CD in a safe deposit box is probably the most sensible and easiest
thing to accomplish. You might be "out of touch" for a weekend at
most if your computer crashes.

If you need to store copies of your keys for routine use on multiple
machines, you have to accept that the chances of someone stealing
your keyrings goes up since you probably aren't physically guarding
both machines at once. Remember though that once they steal your
keyring/private key, they still need to "crack"* your passphrase to
decrypt and start using your private key.

*"crack" = guessing it; finding it if you've written it down; using a
"brute force" attack where a computer tries sequential letter/number
combinations, dictionary combinations, etc.

If you have not written down your passphrase and you are not of
special interest to anyone, you are probably safe since probably no
one will ever try a brute force attack on your passphrase.


--
Trevor Smith
PMMail/2 Technical Support
pmmailos2@blueprintsoftwareworks.com



- pmmail-list - The PMMail Dicussion List ---------------------------
To UNSUBSCRIBE, send a message to mdaemon@bmtmicro.com with the first 
line of the message body being...
UNSUBSCRIBE pmmail-list@blueprintsoftwareworks.com