!GpMMBTUuJduUZAAKXM:matrix.org

OpenPGP/GPG

237 Members
OpenPGP/GnuPG related questions, discussions and  projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW OR OTHER QUESTIONABLE STUFF 58 Servers

Load older messages


SenderMessageTime
15 Feb 2024
@aheinecke:kde.orgaheinecke We have support right now to enable this through the Windows registry, so it is easy for Admins / Security People to activate it. 12:57:06
@Valodim:stratum0.orgValodim

Use a good password for your user account and a good passphrase to protect your secret key. This passphrase is the weakest part of the whole system.

12:57:29
@Valodim:stratum0.orgValodimthis is the sentence I mean, which was in the gpg man page for the longest time12:57:38
@Valodim:stratum0.orgValodimgnupg itself also still has this:12:58:41
@Valodim:stratum0.orgValodimimage.png
Download image.png
12:58:43
@Valodim:stratum0.orgValodimand the archaic12:59:56
@Valodim:stratum0.orgValodimimage.png
Download image.png
12:59:57
@heiko:mtrx.hkos.cloudheiko
In reply to @Valodim:stratum0.org
sent an image.
Tracing straight back to PGP 👍️
13:01:12
@aheinecke:kde.orgaheinecke Yes I am talking about pinentry-qt and Kleopatra on Windows the command line is only used for scripting. But I see to it that the sentece is removed from the man page. 13:10:36
@aheinecke:kde.orgaheinecke
In reply to @Valodim:stratum0.org
image.png
Pinentry-qt does not have that.
13:10:49
@Valodim:stratum0.orgValodim
In reply to @aheinecke:kde.org
Yes I am talking about pinentry-qt and Kleopatra on Windows the command line is only used for scripting. But I see to it that the sentece is removed from the man page.
it's no longer on the man page, which I'm glad about. that was my point :)
13:11:22
@aheinecke:kde.orgaheinecke And for VMs this can actually be true. I more then once waited for >10 Minutes for an RSA3072 key on a VM which was idling :/ 13:12:01
@Valodim:stratum0.orgValodim geez. is gnupg still using /dev/random to get its entropy? 13:12:54
@aheinecke:kde.orgaheinecke Only the seed afaik 13:13:17
@aheinecke:kde.orgaheinecke But I wonder if that was before we had our jitter RNG. I mean we only have that since 2018 so it is basically brand new o.O 13:13:53
@aheinecke:kde.orgaheinecke I would have to check the code 13:14:52
@aheinecke:kde.orgaheinecke At least on Windows it is quite fast. But its possible we use dev/random on linux and only our own RNG + other sources on Windows 13:16:04
@Valodim:stratum0.orgValodimbeen a while since https://www.2uo.de/myths-about-urandom/ was published..13:16:06
@Valodim:stratum0.orgValodimbut I did think gnupg used urandom at this point, which is also why I thought that warning was outdated. oh well13:16:47
@aheinecke:kde.orgaheinecke Well most of the time on our VS-NfD evaluation was spent on the entropy source. So we don't really like to touch it. But that warning could well be outdated. 13:18:30
@deknos82:matrix.orgdeknos82jitter is another technology altogether afaik..13:18:34
@deknos82:matrix.orgdeknos82this was from before jitter afaik13:18:45
@deknos82:matrix.orgdeknos82but i actually do not know currently, if ONLY jitter is used or other components as well/only in some BSI/FIPS/whatever settings.13:19:27
@aheinecke:kde.orgaheinecke Yes cryptovision greenshield also used it since they needed an evaluated one and we put it under BSD license 13:20:11
@aheinecke:kde.orgaheinecke
In reply to @Valodim:stratum0.org
but I did think gnupg used urandom at this point, which is also why I thought that warning was outdated. oh well
/* And read a few bytes from our entropy source. If we have the
  • Jitter RNG we can fast get a lot of entropy. Thus we read 1024
  • bits from that source.
  • Without the Jitter RNG we keep the old method of reading only a
  • few bytes usually from /dev/urandom which won't block. */
    if (_gcry_rndjent_get_version (NULL))
    read_random_source (RANDOM_ORIGIN_INIT, 128, GCRY_STRONG_RANDOM);
    else
    read_random_source (RANDOM_ORIGIN_INIT, 32, GCRY_STRONG_RANDOM);
13:22:44
@Valodim:stratum0.orgValodim
In reply to @aheinecke:kde.org
Well most of the time on our VS-NfD evaluation was spent on the entropy source. So we don't really like to touch it. But that warning could well be outdated.
I had the same experience with BSI stuff, they kept going on and on about the entropy source. it was pretty ridiculous tbqh
13:23:51
@aheinecke:kde.orgaheinecke I don't think they see it that way. If I were an adversary like the NSA. I would ensure that I maybe through the date can somwhat predict the RNG to put it at least in a crackable range, say 2^32 but no other advisary can e.g. not the Chinese Security Services, so e.g. they don't like for CryptGenRandom on Windows and I find that reasonable. 13:27:29
@aheinecke:kde.orgaheinecke That is the point where I would attack S/MIME and OpenPGP because it basically impossible to detect esp. if you only patch it into the binary. 13:28:47
@aheinecke:kde.orgaheinecke And don't forget ECCDrgb 13:29:02
@aheinecke:kde.orgaheinecke no need for fancy public / private key hacking if you can predict the session key in a hackable range. 13:30:09

Show newer messages


Back to Room ListRoom Version: 1