lmccarth@ducie.cs.umass.edu writes:
Could someone please elaborate on the foolishness of using PGP with a passphrase on a public machine (as I do) ?
It is not secure to use your private key on a machine that you do not have physical control over. It is probably secure to store a passphrase-protected private key on such a machine, as long as you do not feed it into a program which decrypts it.
Am I wrong in thinking that my secret key is useless to an intruder until she guesses my passphrase ?
Or monitors your keystrokes as you type in your passphrase, or watches your address space as PGP uses the key, etc etc... Given the state of Unix security, I would certainly not want to type my passphrase into a Unix box unless I was the only user, was directly connected to the box through a wire I could see, and had just done a fresh boot after verifying the MD5 hash on all the OS binaries. Not likely to be the case at your average public installation.
I have no net access except via an account on a public machine, so I'm not about to start storing my secret key elsewhere, but I'll change my passphrase to <null> if it's irrelevant anyway.
Having a passphrase will protect against casual acquisition of your private key, but only physical security when the key is used will protect you against a determined opponent. --- As long as I am typing, permit me to add my two cents to the "digital signatures on the list" flame war. Like many proponents of strong cryptography, I rarely use it in everyday life. I occasionally encrypt personal mail to friends overseas when I know it is going to take numerous hops over insecure links en route, and I will digitally sign mail or Usenet articles if I want to say something that I consider important in a way that cannot be altered or spoofed. This happens rarely. I would consider having to digitally sign everything I post to the list, no matter how frivilous, the moral equivalent of being allowed to speak only while under sworn oath. Now oaths and notaries are certainly useful things in appropriate places, like courtrooms and lawyers offices, but I don't think any of us would care to live our lives having our every utterance subject to their certification. It would certainly not aid our cause to have the government be able to point and say - "Even the cypherpunks make people digitally identify themselves when posting messages to their list" - while at the same time attempting to explain to people why we aren't happy with Chaum's less than anonymous ECash or Web sites that require registration and personal information before permitting access to privacy-related material. The Net, like life, offers a certain plausable deniability in what has been said, and who has said it. Some of the best messages on the list in past years have been Tim's witty and entertaining spoofs of his ideological opponents. Let's save absolute certainty about the real or pseudo-anonymous identities of speakers in this forum for times when, in the sole opinion of the person posting, such certainty is deemed necessary. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $