Re: PGP Lame question (PKI 101)

> "Ari Silverstein" <abcarisilversteinn@yahoo.comxyz> wrote in message
> news:1t2m5xmlx79x5.6vu4198g5yn1$.dlg@40tude.net...
> [using PGP]
>> If I sit down at your computer and use your email address/client and send
>> an email to Recipient, then authentication *of the individual* has failed.
>> What has succeeded is the authentication of a nonforged email address,
>> correct?

On Mon, 05 Dec 2005 00:27:58 GMT, Joseph Ashwood wrote:
 
> Not in the slightest. Even though you may be able to sit down at a given
> machine (we'll even use my machine as an example) that doesn't mean that you
> will have access to the PGP keyring which is protected by an additional
> passphrase, you will not be able to sign the email, thus you will not be
> able to do anything approaching what you claim.

The sending of the email presupposes that the PGP (in this case) protection
scheme has been broken (for instance by attack on the passphrase or reading
a Post-it note). Now what we have is a real, known email address from a
Forger. Authentication (verification "you are who you say you are") of the
user becomes paramount if there is a compromise of the signatory
mechanisms.

As per my first comment in this thread.

"You may only extract that the Sender is sending from a particular
computer,or email account, but there is no *authentication* that says John
Doe, age 50, of OnePersonTown, Vermont *was* the actual Sender, typed and
released the email to the Recipient." If the email was sent, properly
signed, then the presupposition must be that the signatory mechanism was
compromised. This comment may not have been linear to the discussion but,
hey, widen up.
 
>> Agree but when he re-encrypts, the private key has changed to the
>> Forwarder's yes?

On Mon, 05 Dec 2005 00:27:58 GMT, Joseph Ashwood wrote:
 
> No. The signing key will remain the same, as the message is simply
> re-encrypted, not re-signed. I really feel it would be useful for you, in
> light of that fact that you have claimed to be developing a "secure" email
> system for a not-for-profit, to read up on such fundamentals as PGP and
> PKCS7 both of which will likely be of great use in understanding what you
> are undertaking.

Appreciate the comment. It is not necessary for me to have cryptographic
knowledge to any higher level than I now have although I certainly am not
adverse to learning. That is why we have a technical staff and why we
separate marketing and most original product thinking from them.

Automobile designers, for instance, do not need the skill sets of
automobile engineers, they design with a certain amount of foreknowledge of
the technical side, the engineers boot the design back if it fails their
criteria. This is the way we work, YMMV.
 
>> Now we are back to authenticating the individual and why I believe this is
>> important. If a Forger or a Thief is allowed to steal the necessary files,
>> or computer time, to do as you have said, then the only way (I can think
>> of
>> off hand) to throttle these attempts is to make positive that the person
>> who is the Sender is one and only one unique individual. The system should
>> kick out any Forger's attempts then.
>
> Actually this attack has nothing to do with forgery, the signature included
> is in fact 100% authentic. Instead one has to fix the signature target
> problem, which is exactly as has been stated.
> Joe

In fact, it has everything to do with forgery since the presupposition as
stated above. It also has everything to do with the use of the terms
authentication, as I have used it, which is split between two methodologies
identification and verification.

>From any security standard that I would deal with, the sig is authentic but
does not meet the terms for either verification-authentication since there
is no matching of evidences of person only evidences of signatory
complicity. A well rounded, highly secure system would make the
presupposition that the signatory mechanism could be broken and require
verification. Ours certainly do.

MOF, PGP encryption aside, the known weak link of the way users handle
passwording systems, a secured system without an appropriate biometric
authenticator is practically near worthless as so adjudicated by the
obvious demand for (multi)biometric modalities in even the lower forms of
verification (passports and the REAL IC card).

-- 
Drop the alphabet for email