PGP Encryption

Brian Morrison pmmail@rpglink.com
Wed, 15 Mar 2000 13:14:25


On Wed, 15 Mar 2000 20:26:45 -0400 (AST), Trevor Smith wrote:

>>keyring. Someone I correspond with has both my public keys, we normally
>>use our DH keys because of the better security they offer, and the fact
>>that the signing and encryption keys are distinct. However, I also use
>
>Signing and encryption keys are distinct? How's that?

An RSA private key can both decrypt and sign, so if someone has you
decryption key they can also impersonate you. DH keys have a signing
key that is actually a DSS (digital signature standard) key, 1024 bits.
This is used for signing, the DH private decryption key is *never* used
for anything other than decryption. This ensures that no one can
impersonate you if they are granted legal access to your decryption
key.

>
>>I also know someone (who runs the International PGP pages in fact) who
>>has several keys, shown as of low and high security, all with the same
>>associated address. He can only decrypt the high security key at his
>>home, but can decrypt the low security key at his place of work. 
>
>I don't understand the reason for the above. Why would he need the
>different keys? If you have a "high security" key, what's the purpose
>of ever using the "low security" one(s)?
>

Well, let's assume that he receives messages related to his work that
are commercially sensitive and need to be decrypted there. However, in
addition he receives some mail, which can be accessed remotely from
work, that needs the very best security level possible. It could
contain anything, maybe involving job offers from other employers, or
even more confidential information like the results of a medical test
maybe. He does not trust the security of the machines at work because
it might be possible to search for traces of files left over on the
hard disk if the OS feels like swapping at the time the decryption is
running. So, he can only access the key (stored on a floppy disk locked
in a safe) when he is at home.

I know you might think this is paranoid, but we are *all* going to need
to think very carefully about these issues as we cannot predict what we
will be doing with our computers even in two years time, let alone in
five years. For this reason I would also like PMMail/2 to be able to
encrypt attachments as PMMail 2000 can. This was always listed as
coming in a future feature upgrade on the Southsoft web site. I assume
that BSW will want to honour that commitment :-)

Sorry to keep on about this Trevor, but some of us simply don't trust
any government anywhere and must take our security into our own hands.

-- 
Brian Morrison                                  bdm@fenrir.demon.co.uk
              do you know how far this has gone?
               just how damaged have I become?
                                      'Even Deeper' by Nine Inch Nails