On Nov 26, Mark inquired about "secure" methods of exchanging public keys. Apparently the only really secure method is a physical transfer face-to-face with someone you know; or to have a key certified by someone you trust whose key you trust. [PGP has key certification built-in; for other implementations, just digitally sign some form of the key to be certified]. There is no secure method of exchanging public keys using only the net. As far as you know all your messages, both incoming and outgoing, are being intercepted by a "spoofer" who will substitute his public key for yours in all outgoing messages and another public key of his for each unique public key intercepted in incoming mail. A few methods were discussed on Extropians of trying to get a genuine public key distributed by outsmarting the spoofer. But if the spoofer is smarter than you, these methods will fail. That leaves methods which exchange, or at least verify, keys by other means than the network. I proposed a service to verify keys by paper mail and (optionally) telephone. Here is an update of what I posted. The offer is still good. ================================================================ I'd like to announce the opening of the Swank Public Key Verification Service. To become a customer, do the following. 1)On a piece of paper put: a)Your name and Network address. b)The "armored" ASCii form of your PGP 2.0 Public Key. c)(optional) Any other information you want to certify about yourself, such as: Home address. Mailing address (if different). Home phone number. Occupation-Work Phone-Work Address. "I am not a law enforcement officer or agent." d)"I certify the above to be true under penalty of perjury". e)A photocopy of your driver's license or other picture ID with signature. Actually this is a photocopy of all of the above with the ID on top of the original. [note: if you don't want to reveal your home address, you can cover that portion of your photo ID. Your name, photo, and signature must show] f)Your signature. (NOT photocopied) g)(optional). have the paper notarized. 2)E-mail to me edgar@spectrx.saigon.com (Edgar W. Swank) An ASCII message containing Items a) through d). You may encrypt this with my public key (optional). 3)Mail to me at Edgar W. Swank 5515 Spinnaker Dr., #4 San Jose, CA 95123 Via U.S. Mail or alternate such as FedEx: a)The paper prepared as specified above. b)A self-addressed, stamped envelope. This could also be a pre-paid FedEx envelope. It could be addressed to a trusted friend if you're concerned your own mail may be intercepted. c)$1.00 cash (preferred), check, money order, etc. Payment by check will delay processing until check clears. If you don't enclose a self-addressed stamped envelope, enclose an extra $1.00. That all you have to do. Then what I will do for you: I will visually verify that the public key on the paper matches the key I received via E-mail and that the signature on your photocopied ID matches your original signature on the paper. (I do not claim to be a handwriting expert). I will send to you by return E-Mail your public key signed with my public key. I will send to you in the evelope you supplied (or to the address you specify) a paper about myself constructed as described above (but not notarized - if you want notarized send an extra $10). This will give you a verification independent of the network that my public key is really mine. I will post your machine-readable ASCII record that you E-mailed to me to Extropians and Cypherpunks (optional, specify if you DON'T want this). This feature is subject to no objection from Extropians and Cypherpunks list management. I will keep your paper on file for at least one year. Anyone may request a photocopy of your paper (and up to three others) by sending me $1 and a self-addressed, stamped envelope. I will also send your machine-readable ASCII record to his network address, if supplied. Any customer may also phone me directly at (408)227-3471 during reasonable hours and I will verify your/others public key(s) by reading them over the phone. Edgar W. Swank 5515 Spinnaker Dr., #4 San Jose, CA 95123 edgar@spectrx.saigon.com (Edgar W. Swank) (408)227-3471 (listed) Cal. Drivers License MO531219 Retired from IBM -- Employee #788281 I am not a law enforcement officer or agent Here is my PGP 2.0 Public Key: --Type bits/keyID Date User ID --pub 1024/87C0C7 1992/10/17 Edgar W. Swank <edgar@spectrx.saigon.com> --sig 67F70B Philip R. Zimmermann <prz@sage.cgd.ucar.edu> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.03 mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf 9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2 hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR tClFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYWlnb24uY29tPokAlQIF ECsRFxzidd4O/2f3CwEBsmID/2qXL/VdjGxxYFNIZdA+DC6howUXlHw66MUArILE 2/9J69VvcpbQTKmD4A+04SwH9q8SDzWxsg+1VANuy08EE0up9pm7ZBzrxkFcOydh sEwOt9fRn9EJ3tDNYe1SVoxV9Fc47of55Om7cTNrky0hdp1LA13uf/TeV3nrBYa2 1zaz =IFW+ -----END PGP PUBLIC KEY BLOCK----- ====================================================================== Other Options: If you have a listed phone number and request it, I will verify your number through information and call you (collect) to verify the public key you sent me. I will add this as a notation to your electronic and paper record. No extra charge! Another possible option is to use a full color photocopy of your photo ID. This costs about $1.00 at photocopy centers such as Photo Drive-Up as opposed to 5 or 10 cents for an ordinary photocopy. I will also note this on your electronic and paper record. ====================================================================== So far I have zero (0) customers. Philip Zimmerman, in e-mail to me, endorsed the idea, but he has declined to become a customer himself even though I waived the fee for him. Plan B is to exchange/verify public keys face-to-face at parties, such as the PenSFA parties I previously posted info about. Rather than bringing diskettes, I would think printed copies of (armored form) public keys would be easy to handle. I have printed up business-card size copies of *fragments* of my public keys with the 6-hex-digit "Key ID". I think it would be very difficult to generate a valid new key pair where the public key matched the key ID and key fragment. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca
There is no secure method of exchanging public keys using only the net. [spoofing, etc.]
As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to create an hash or a public key which can be read over the telephone to make sure that a key transmitted electronically has not been altered in transmission.
[long business description deleted]
There's really no need for a physical authentication service with the telephone verfication ability.
Plan B is to exchange/verify public keys face-to-face at parties,
There is just such a plan underway to have a PGP key exchange table at Usenix in January.
I have printed up business-card size copies of *fragments* of my public keys with the 6-hex-digit "Key ID".
What could easily be printed is the hash function of the key. That would be even harder to duplicate. Eric
From: Eric Hughes <hughes@soda.berkeley.edu>
There is no secure method of exchanging public keys using only the net. [spoofing, etc.]
As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to create an hash or a public key which can be read over the telephone to make sure that a key transmitted electronically has not been altered in transmission.
Just to point out, though, this is not foolproof. A good impressionist can fool people, especially if they are extremely skilled. A person with Rich Little's or Peter Sellers' level of skill can sound astonishingly like the original person (although a sound spectrograph isn't fooled, other humans can be). Perry
participants (3)
-
edgar@spectrx.Saigon.COM -
Eric Hughes -
pmetzger@shearson.com