On Nov 26, Mark inquired about "secure" methods of exchanging public
keys. Apparently the only really secure method is a physical transfer
face-to-face with someone you know; or to have a key certified by
someone you trust whose key you trust. [PGP has key certification
built-in; for other implementations, just digitally sign some form
of the key to be certified].
There is no secure method of exchanging public keys using only the
net. As far as you know all your messages, both incoming and
outgoing, are being intercepted by a "spoofer" who will substitute
his public key for yours in all outgoing messages and another public
key of his for each unique public key intercepted in incoming mail.
A few methods were discussed on Extropians of trying to get a genuine
public key distributed by outsmarting the spoofer. But if the spoofer
is smarter than you, these methods will fail.
That leaves methods which exchange, or at least verify, keys by other
means than the network. I proposed a service to verify keys by paper
mail and (optionally) telephone. Here is an update of what I posted.
The offer is still good.
================================================================
I'd like to announce the opening of the Swank Public Key Verification
Service.
To become a customer, do the following.
1)On a piece of paper put:
a)Your name and Network address.
b)The "armored" ASCii form of your PGP 2.0 Public Key.
c)(optional) Any other information you want to certify
about yourself, such as:
Home address.
Mailing address (if different).
Home phone number.
Occupation-Work Phone-Work Address.
"I am not a law enforcement officer or agent."
d)"I certify the above to be true under penalty of perjury".
e)A photocopy of your driver's license or other picture ID
with signature.
Actually this is a photocopy of all of the above with the
ID on top of the original.
[note: if you don't want to reveal your home address, you
can cover that portion of your photo ID. Your name, photo,
and signature must show]
f)Your signature. (NOT photocopied)
g)(optional). have the paper notarized.
2)E-mail to me
edgar@spectrx.saigon.com (Edgar W. Swank)
An ASCII message containing Items a) through d).
You may encrypt this with my public key (optional).
3)Mail to me at
Edgar W. Swank
5515 Spinnaker Dr., #4
San Jose, CA 95123
Via U.S. Mail or alternate such as FedEx:
a)The paper prepared as specified above.
b)A self-addressed, stamped envelope.
This could also be a pre-paid FedEx envelope.
It could be addressed to a trusted friend if you're
concerned your own mail may be intercepted.
c)$1.00 cash (preferred), check, money order, etc.
Payment by check will delay processing until check clears.
If you don't enclose a self-addressed stamped envelope,
enclose an extra $1.00.
That all you have to do. Then what I will do for you:
I will visually verify that the public key on the paper matches
the key I received via E-mail and that the signature on your
photocopied ID matches your original signature on the paper.
(I do not claim to be a handwriting expert).
I will send to you by return E-Mail your public key signed with
my public key.
I will send to you in the evelope you supplied (or to the address
you specify) a paper about myself constructed as described above
(but not notarized - if you want notarized send an extra $10).
This will give you a verification independent of the network
that my public key is really mine.
I will post your machine-readable ASCII record that you E-mailed to me
to Extropians and Cypherpunks (optional, specify if you DON'T want
this). This feature is subject to no objection from Extropians and
Cypherpunks list management.
I will keep your paper on file for at least one year.
Anyone may request a photocopy of your paper (and up to three others)
by sending me $1 and a self-addressed, stamped envelope.
I will also send your machine-readable ASCII record to his
network address, if supplied.
Any customer may also phone me directly at (408)227-3471 during
reasonable hours and I will verify your/others public key(s) by
reading them over the phone.
Edgar W. Swank
5515 Spinnaker Dr., #4
San Jose, CA 95123
edgar@spectrx.saigon.com (Edgar W. Swank)
(408)227-3471 (listed)
Cal. Drivers License MO531219
Retired from IBM -- Employee #788281
I am not a law enforcement officer or agent
Here is my PGP 2.0 Public Key:
--Type bits/keyID Date User ID
--pub 1024/87C0C7 1992/10/17 Edgar W. Swank
There is no secure method of exchanging public keys using only the net. [spoofing, etc.]
As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to create an hash or a public key which can be read over the telephone to make sure that a key transmitted electronically has not been altered in transmission.
[long business description deleted]
There's really no need for a physical authentication service with the telephone verfication ability.
Plan B is to exchange/verify public keys face-to-face at parties,
There is just such a plan underway to have a PGP key exchange table at Usenix in January.
I have printed up business-card size copies of *fragments* of my public keys with the 6-hex-digit "Key ID".
What could easily be printed is the hash function of the key. That would be even harder to duplicate. Eric
From: Eric Hughes
There is no secure method of exchanging public keys using only the net. [spoofing, etc.]
As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to create an hash or a public key which can be read over the telephone to make sure that a key transmitted electronically has not been altered in transmission.
Just to point out, though, this is not foolproof. A good impressionist can fool people, especially if they are extremely skilled. A person with Rich Little's or Peter Sellers' level of skill can sound astonishingly like the original person (although a sound spectrograph isn't fooled, other humans can be). Perry
participants (3)
-
edgar@spectrx.Saigon.COM
-
Eric Hughes
-
pmetzger@shearson.com