[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
re:using PGP only for digital signatures
On Mon, 6 Nov 1995, Bill Stewart wrote:
> At 04:12 PM 11/4/95 -0500, James Black <[email protected]> wrote:
> Somebody else has brought up the insecurity of using security software
> on multi-user machines, where the system administrator or anybody who cracks
> root can steal your passphrases and even replace the trustable software with
> trojan-horse versions; your students will be safer if they only trust stuff
> running on PCs from software they've verified themselves. But you can at least
> do signature-checking safely on a multi-user machine if the software is
> protected adequately.
I brought up the security issue with the administrator that I am
talking with, about the implementation of PGP as it looks like it will go
through all the hurdles. The last difficulty is that we have a student
that has an account here, but he is actually overseas (so we will have
two copies of PGP, and he will use the international one, not the US
one). The security issue is important. Part of that is that most users
use dumb terminals, so any programs ran will be done on remote servers.
My solution (until I get a better idea) is to just write a mail program
that can check the hash value (I think that is the term) of the PGP
executable, compare it against the one that it created originally and use
it, only if they are the same. The user can also request the number, and
write it down for his own personal comparisons. The program will also
automatically encrypt, if it finds the public key on the user's keyring,
or the universities keyring. I will now check on how secure the LAN
network is, as I am a student and I want to know that the system is
safe. She (the administrator) felt that if it is safe against people
getting into accounts it should be safe, but if I my signature is on a
document, then people will believe that it is from me (until I state
otherwise), and that could be more damaging than getting into my account.
Well, I am looking into the security side, since the legal issues are
pretty much done with (IMOHO). If anyone has any brilliant ideas as to
how to run PGP on a multi-user network utilitizing dumb terminals so it
can be transparent I am interested in options.
Well, take care and have fun, and I will look for RIPEM (I think that
was the name) and see if that will be adequate, at the moment.