3. Thesis
• I really like the PGP/GPG protocol.
• However, I want the public keyservers to die.
4. Short primer on PGP/GPG
• Symmetric vs asymmetric cryptography
Alice Bob
5. Short primer on PGP/GPG
• Symmetric vs asymmetric cryptography
Alice Bob
Tommy Trickster
6. Short primer on PGP/GPG
• Symmetric vs asymmetric cryptography
Alice Bob
Tommy Trickster
Before 1991:
Steps to defeat Tommy Trickster:
1. Alice and Bob meet secretly and
agree on a key
2. They use this key to both encrypt
and decrypt their messages
3. If Tommy Trickster learns the key,
they are fucked
Symmetric: uses a single key to encrypt
and decrypt
7. Short primer on PGP/GPG
• Symmetric vs asymmetric cryptography
Alice Bob
Tommy Trickster
1991-Present:
Steps to defeat Tommy Trickster:
1. Bob publishes his public key
2. Alice finds his public key and uses it
to encrypt her message
3. Bob receives Alice's message and
uses his private key to decrypt it.
4. Tommy Trickster must get Bob's
private key to read the message
Asymmetric: uses one key to encrypt,
and another key to decrypt
8. Short primer on PGP/GPG
• Symmetric vs asymmetric cryptography
Alice Bob
Tommy Trickster
Keyserver
Two new questions:
1. Where can Bob publish his key so
Alice can find it?
2. How can Alice be sure that key is
actually his?
Answer: a keyserver full of signed keys
10. Second Attempt: key signing
• Berlinsides 2016 talk
Output:
aestetix@aestetix $ python pglulz.py
Created key 56F9958B for Ed Snowden esnowden@nsa.gov
now to prepare keys to be signed
This is where we upload our new key to the keyserver
Found 31 keys for Buckaroo Banzai Badguys
Fetching keys from Buckaroo Banzai Badguys
Signing key 1 of 31
{ ... lots of keys ... }
Signing key 31 of 31
Found 1 keys for John Small Berries
Input (yaml):
---
hard_reset: True
keyserver: pgp.mit.edu
real_run: False
keys_directory: key_directory
signing_key:
name: 'Ed Snowden'
email: 'esnowden@nsa.gov'
groups_to_sign:
1:
name: 'Buckaroo Banzai Badguys'
matching: 'buckaroobanzai.com'
21. pgpfs- the bad and the good
• The bad:
• Very slow
• "Security" through obscurity
22. pgpfs- the bad and the good
• The bad:
• Very slow
• "Security" through obscurity
• You do not control where your data is (like the cloud)
23. pgpfs- the bad and the good
• The bad:
• Very slow
• "Security" through obscurity
• You do not control where your data is (like the cloud)
• You must not lose your .kat file
24. pgpfs- the bad and the good
• The good:
• keys are never deleted, only revoked
• From pgp.mit.edu/faq.html:
"Can you delete my key from the key server?
No, we cannot remove your key from the key server. When you submit a key to our key
server the key is also forwarded to other key servers around the world, and they in
turn forward the key to still other servers. Deleting the key from our server would not
cause it to be deleted from any of the other servers in the world and so this is not an
effective way to ensure the discontinued use of your key."
25. pgpfs- the bad and the good
• The good:
• keys are never deleted, only revoked
• The keyservers become a RAID 1 (cloned)
➡
➡
26. pgpfs- the bad and the good
• The good:
• keys are never deleted, only revoked
• The keyservers become a RAID 1 (cloned)
• It is a fun and hilarious way to abuse the public keyservers