Silk Road forums
Discussion => Security => Topic started by: meatwad on September 24, 2012, 03:23 pm
-
Doesn't it defeat the purpose of encryption to encrypt a message and send it to a vendor via the SR messaging system, only to have to send my public key to them as well unencrypted via SR messaging? It just seems like if anyone were watching/intercepting the messages on SR that it would be easy for them to get both the original encrypted message as well as my key to unlock and read that message... Any help is appreciated.
-
They need your(vendor's) computer to decrypt a msg you(vendor) encrypted.Public key is nothing without the private key.So don't worry...
-
But couldnt they get the vendors key from his vendor page, then intercept my key when i send it to the vendor through SR messaging??? Then that person would have both the vendors key and my key and would have no trouble reading my encrypted message. What am I not understanding here?
-
Maybe I misunderstand how PGP works... If someone has both the encrypted message and my public key, what stops them from reading that message? Would they not be able to read it because they didnt know public key of the person I was sending the message to? I am sorry if I am confusing anyone, but it just seems that its a whole lot of work to use PGP when you can so easily be unmasked this way. Can someone please enlighten me?
-
But couldnt they get the vendors key from his vendor page, then intercept my key when i send it to the vendor through SR messaging??? Then that person would have both the vendors key and my key and would have no trouble reading my encrypted message. What am I not understanding here?
What you're missing is that there isn't two keys involved in the scenario you just described. There are actually 4 keys, but you don't usually see the private keys when you're using your PGP GUI interface. Which is good, otherwise people would be accidentally posting them much more often than they do.
It's like this: Each time you invent a PGP key, it is made of two parts. 1 public, which you give to everybody else, and 1 private, which is hidden and has to be kept secret at all costs. So the LE agents don't have the private key, so they can't decode the message.
The public and private keys are intimately mathematically related using one way trapdoor functions and a fuck ton of exotica from number theory that about 5 people on the planet understand. Don't feel bad about this, very few PhD mathematicians grasp this material either, it takes an entire lifetime of study. All we need to understand, is that there is no way to easily generate the private key from the public key. Simple.
So, in practical terms, having your public key is pointless, which is why they are dotted around the forum everywhere like tins of beer at a country music festival. If two people are communicating with PGP encrypting messages, having both their public keys is completely pointless.
-- Pine PGP pep talk -- If you're not interested in cryptography's details look away now, if you are fascinated by the cryptodragonsbehere, continue!
By "no way to easily generate", I ain't kidding around. I think sometimes the way crypto people talk sometimes gives the impression it's much easier than it is, a misleading impression. PGP is not actually an encryption algorithm in of itself, it is a suite of encryption technology called a cryptosystem or a hybrid cryptosystem if you're being pedantic.
Here is an example of the difficulty of breaking such a cryptosystem. It is not related to the business of PGP keys in of themselves directly, but it is connected to the encryption process.
One of the components of the PGP cryptosystem is a symmetric cipher called CAST-128. CAST-128 is used every time you encrypt a message, I believe it's the current default for GPG. Because of Landauer's principle, any computation to brute force such a 128 bit cipher will generate heat. How much heat? We're talking about the energy from 100 atomic weapons would be emitted just to power through the computations necessary to do this. So no shit, it's hard, I'm not sure even the supposedly secret quantum computer thingys the government is building at Utah would be sufficient. In fact I doubt those are for brute force cracking encrypted messages at all, if that actually is the case then tactics have prevailed over strategy and the US will not win the next war because they've lost the plot entirely. So you see the problem for a LEO, it's so far beyond their capabilities to brute force PGP it's funny. That doesn't mean they can't get you if they put enough effort in, it just means that decrypting your messages isn't going to be the way it'll be done. In practice PGP can be attacked, but not by throwing computer power around. Even if quantum computers become standard, it will only halve the strength of asymmetric ciphers and we'll use PGP keys twice as large if necessary.
So, you see, that PGP is very cool. Very fucking cool indeed. So everybody should learn this stuff, and I do mean literally everybody. Note to Limetless: The geeks... always win. Really.
Note One:
Just because it's well nigh on impossible to brute force, doesn't mean that cracking your PGP messages is impossible. There are lots of possible side channel attacks, keyloggers to obtain your password, software to steal your private key, or they could just torture you until you give up, that kind of thing. That is why the Real Secret of Public Key Crypto is to be Anonymous. If you are Anonymous, side channel attacks are extremely difficult to implement until you do dumb things like download software from drug forums and run it on your computer. Not mentioning any names or anything, just saying.
The LE agents in the USA and UK cannot crack PGP. So they are trying more draconian methods, like putting people in jail if they don't give up their private keys/passphrases.
This is tantamount to "guilty until proven innocent", and is the exact reverse of everything Western justice was supposed to stand for. It means if you forget you password IRL, then you have committed a crime. These people are Fascists, don't be beguiled by their talk of 'public interest'. The black market is in the moral right and not the law. They are also employing law that literally comes straight out of the middle ages when it comes to 'criminal conspiracy' laws. The same laws were right next door to some stellar legal work by the CoR on witch burning. Good job guys.
Note Two:
Your 1024 or 2048 bit key is not related to the CAST-128 cipher directly like I mentioned before. With symmetric crypto, I think that basically 256 bit cipher will be twice as good as a 128 bit cipher (cryptogeeks jump in if I'm incorrect). A 2048 bit that is from an asymmetric cipher is exponentially better than a 1024 bit key. Which is why everybody should be using 4096 bit keys really. It is easy to break a 512 bit key, but it is definitely not 8 times harder to break a 4096 bit key. A 128 bit symmetric cipher is roughly equivalent to a 3072 bit asymmetric key. So, in theory it would take 100 nuclear weapons to brute force pine's PGP key. Fortunately thanks to nuclear nonproliferation treaties and the work and the work of Phil Zimmerman (:D) these aren't exactly just lying around the place, so that's nice.
-
I'm a complete noob about GPG/PGP, but is seems to me, that when you send your public key to the vendor you would encrypt it with their public key and only they can unlock it, with their private key, which requires the pass phrase.
If I'm not mistaken, they would then reply with your pub key and you in turn would do the same. But to make sure why not encrypt with their public key and then try to decrypt with your private key and you may see what I mean more clearly.
Hope that helps.
-
I'm a complete noob about GPG/PGP, but is seems to me, that when you send your public key to the vendor you would encrypt it with their public key and only they can unlock it, with their private key, which requires the pass phrase.
If I'm not mistaken, they would then reply with your pub key and you in turn would do the same. But to make sure why not encrypt with their public key and then try to decrypt with your private key and you may see what I mean more clearly.
Hope that helps.
You're right, you can do that. That way LE don't have your public key.
But I'm saying even if they did have it, it's utterly useless, at least as an aid to decrypting the message. I mean preassumbly if they know you're communicating to vendor X, it doesn't matter whether they know you've sent your public key, since no new information is collected about the exchange.
I still would encrypt my public key with the vendor's public key though, but this is just on general principals you understand, I don't think it helps LE much.
Note: unless you used your real name or email address or some identifying piece of information when you generated the public key... That... isn't a good idea. Me and Guru and others have repeatably explained this. On the other hand you should be using the same name on your public key as you use for your SR account (reread that carefully...). This means it's easier for the vendor to reply when he or she is faced with umpteen public keys with such helpful labels as "John Doe" and so on.
However! And this is a big however. You should not be using your SR forum name on a public key which you also use on SR itself. This would mean your posts on SRF could be associated to a SR account's transactions if SR was hacked into. Just on general principals, don't do it. And this most especially applies to vendors IMHO. I realize this may cause problems when you're trying to reply to feedback on the forum though... It's a general sort of problem, I'll let you guys know if I work out a solution to it. SWIM is not a real solution.
-
Solution: If all the vendors have the option of using a shared SRF account, which anybody can access but has to type capchas for every post they make, then they can respond to customers, while keeping their SRF identity separate from their SR account.
-
Yes I think you didn't understand how it works.You have a private key and a public key.If I want to send you an encrypted msg,I should know your public key.So I can encrypt a text with your public key...That means this msg is just for you and no one except you can read this msg.Because this msg encrypted with your public key and you have the private key(in your software) for read this msg.If someone find your or my public key or an encrypted msg with your or my public key...it means nothing with your or my private key.I think you can understand it well now.And when you understand this simple subject you see pgp as a very easy matter.
Edit:I didn't see your messages Pine I'm reading them now but I'm sure you explained it much better than me :)
-
Ok, thank you to all who replied. I believe I get it now. To read a persons encrypted message I only need their public key, they dont need mine to send me a encrypted message that I can read. Correct?
-
Ok, thank you to all who replied. I believe I get it now. To read a persons encrypted message I only need their public key, they dont need mine to send me a encrypted message that I can read. Correct?
Actually not correct :) To read a person's encrypted message,this person should be encrypted this message with your public key.You need this person's public key if you want to send to this person an encrypted message.
-
Ok, thank you to all who replied. I believe I get it now. To read a persons encrypted message I only need their public key, they dont need mine to send me a encrypted message that I can read. Correct?
No.
You don't need somebody's public key to read a message from them. You just need your private key. They have encrypted a message using your public key. Then you decrypt it using your private key. When you send them an encrypted message, it is exactly the same thing, only that you're using their public key.
-
Hey Meatwad – I remember thinking exactly the same thing as you – what’s the point of sending my public key cause if someone intercepts it they’ll be able to read any of my messages. But no, that’s not how it works:
You create a public key and send it out to … Pine. Pine takes that public key and imports it into her encryption software. Pine can now send you encrypted messages that she creates using your public key – only you can decrypt and read them on your local PC, using your encryption/decryption software since they were made with your public key. That’s that. If she sends those messages to anyone else OR anyone else intercepts those messages, that person will not be able to decrypt and read them.
So far only Pine can send you encoded messages, but what if you want to send one to Pine?
By the same method, if you want to send Pine an encrypted message you will need to import her public key and create a message using it that only Pine and her software will be able to decrypt.
If LE (or anyone else) wants to ‘get’ all your messages that you sent to Pine, they would have to be in front of Pine’s personal computer and enter her password to decrypt. .. . or they could just stand behind her while enters the password and the peer over her shoulder. ???
-
Ok, thank you to all who replied. I believe I get it now. To read a persons encrypted message I only need their public key, they dont need mine to send me a encrypted message that I can read. Correct?
Not quite. But don't be discouraged, it's strange concept to wrap your head around at first.
In GPG, keys come in pairs. A public and a private key.
The public key is used to encrypt a message: to scramble it's contents until it's gibberish.
The private key is used to decrypt a message: take the scrambled message and turn it back into normal text.
The vendor gives everybody his public key. You can use this key to send him an encrypted message.
However, this encrypted message *cannot* be decrypted with the public key. For that, you need the private key. And the vendor keeps that one secret.
If you want somebody to send you an encrypted message, you have to give him your public key (and of course keep your private key secret).
That way, the communication is secure.
It's good that you're thinking about these things. If you have any questions, drop them here. ;-)
-
Public key cryptography will eventually be taught on the school curriculum, but until then!
It is only difficult because people think it is difficult. The greatest barrier to learning PGP is psychological. Everybody can learn PGP.
I use metaphors, visualizations to make the concepts tangible. For example, you can think of your webmail account like on Yahoo or Hotmail or Gmail etc.
You have:
Username
Password
Both are required to gain access to your account and read emails. You give your username, which also doubles up as your email address with webmail, to everybody. You don't care who has it really, because that is not relevant, it doesn't help anybody read your email or anything like that. So your email address is like your public key.
Your password on the other hand, is like your private key. Nobody else must have this. Each time you read your emails, you use your password/private key. Each time people want to communicate with you, they need to use your email address/public key.
-
Public key cryptography will eventually be taught on the school curriculum, but until then!
It is only difficult because people think it is difficult. The greatest barrier to learning PGP is psychological. Everybody can learn PGP.
I agree. There is nothing to it.
However, I can imagine that the idea is a bit counter-intuitive. You scramble your message using the public key. Why not do the entire process in reverse to get back the original text??
The mathematical operations in the algorithm make that impossible. You have to get used to that idea.
-
Ok. So it doesnt really matter if I send my address encrypted and in the same message to that vendor, also send my public key. As long as I encrypted my address with the vendors public key, no one else can read it unless they are the vendor. I think I got it now. Thank you all.
-
Exactly. If it's encrypted with the vendor's public key, only he can read it.
It doesn't really matter whether you send your public key encrypted or decrypted, it's public information. Many of us put our public key in our signature.
-
So no shit, it's hard, I'm not sure even the supposedly secret quantum computer thingys the government is building at Utah would be sufficient.
Quantum computers might be able to pwn a 128 bit symmetric algorithm with grovers algorithm, but they will have no luck with 256 bit symmetric algorithms.
In fact I doubt those are for brute force cracking encrypted messages at all, if that actually is the case then tactics have prevailed over strategy and the US will not win the next war because they've lost the plot entirely.
They are primarily for breaking asymmetric algorithms. If the asymmetric algorithm used for symmetric key transfer is broken, they don't need to break the symmetric algorithm because they can get the key to decrypt the ciphertext by pwning the asymmetric algorithm.
So you see the problem for a LEO, it's so far beyond their capabilities to brute force PGP it's funny. That doesn't mean they can't get you if they put enough effort in, it just means that decrypting your messages isn't going to be the way it'll be done. In practice PGP can be attacked, but not by throwing computer power around. Even if quantum computers become standard, it will only halve the strength of asymmetric ciphers and we'll use PGP keys twice as large if necessary.
False, it will halve the strength of symmetric ciphers with grovers algorithm, with enough stabilized qubits shors algorithm can obtain private asymmetric keys from public asymmetric keys almost instantaneously. Of course that is only against weak asymmetric algorithms, but that includes RSA and ECDH/ECDSA. Quantum computers are currently predicted to start becoming exponentially more powerful, and an RSA key with 128 bit symmetric security against a quantum computer will take ~two terabyte hard drives to store. Slightly less for ECC but still enormous. The future of asymmetric encryption is probably in multivariate quadratic polynomial based algorithms.
Just because it's well nigh on impossible to brute force, doesn't mean that cracking your PGP messages is impossible. There are lots of possible side channel attacks, keyloggers to obtain your password, software to steal your private key, or they could just torture you until you give up, that kind of thing. That is why the Real Secret of Public Key Crypto is to be Anonymous. If you are Anonymous, side channel attacks are extremely difficult to implement until you do dumb things like download software from drug forums and run it on your computer. Not mentioning any names or anything, just saying.
That confuses a side channel attack with a bypass attack.
Your 1024 or 2048 bit key is not related to the CAST-128 cipher directly like I mentioned before. With symmetric crypto, I think that basically 256 bit cipher will be twice as good as a 128 bit cipher (cryptogeeks jump in if I'm incorrect). A 2048 bit that is from an asymmetric cipher is exponentially better than a 1024 bit key.
You have that backwards.
-
the following message was encrypted using TextEdit with GPA on a Mac OS 10.6.8. does anyone know why it is missing the prefix after the header? the message fails to decrypt.
-----BEGIN PGP MESSAGE-----
hQEMA8uolDl0PKr4AQgAo0nLHyvM/kJ79uWIdj/2GU+jV1dpUrk3BQZjJLpogmCI
nRxLyiEfeH9FLr9mlqj4jtvu1/4zXWoNsuU+uVYIuSVooMsVXipkRcvUbSepoNKr
oftp6Gi+xVjoaGOGLKQPhVgjvsuC6BMXSX3IUcQs1/pJrsjjJzq/6R0pkpFMIPBo
FKfv6Ds6eOIjE1BkbP+E6+WFbNkIR9EZDBmKDkAfvCfMgfjS6nbF1AxWc2+Xn+Ac
HVcUSJIpopU1gIbjU+XBsZPAqM/9kHAkHo4FpWMKEbpsH2ToYrgIWx0hn6V0cYOG
NIV5HSqq4la09Lz90q7onc29a6jYGgfl2mHf5X0YtNJ5AY4ZKy9IpGKL3+wVWGtJ
JX8rdGnKwBj2MjyBC6fCVKGXFoOklE5G9pBtWpSu6nsu4khyyhDki06CfyDLuVMH
hhrFKA+8KA+g8lwvMzp4Cyg9ayBd+fKdOlYv43S6AjucddMBtkoBL7fMRLreqJXC
HnBIo+AUjMKkzg==
=xG9n
-----END PGP MESSAGE-----