[guardian-dev] How To Generate SSL keys without Backdoor

Eugen Leitl eugen at leitl.org
Fri Oct 4 05:38:34 PDT 2013


----- Forwarded message from Aaron Lux <a at AaronLux.com> -----

Date: Thu, 03 Oct 2013 23:50:40 -0500
From: Aaron Lux <a at AaronLux.com>
To: guardian-dev at lists.mayfirst.org
Subject: [guardian-dev] How To Generate SSL keys without Backdoor
Message-ID: <524E4920.7040007 at AaronLux.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0
Reply-To: Aaron Lux <a at AaronLux.com>

How to generate SSL keys which cannot be compromised. (Courtesy of FBI):

> ATTACHMENT B
> Lavabit uses 2048?bit Secure Socket Layer (SSL) certificates purchased from GoDaddy to
> encrypt communication bet".Veen users and its server. SSL encryption employs public-key
> cryptography, in which both the sender and receiver each have two mathematically linked keys: a
> "public" key and a "private" key. "Public" keys arc published, but "private" keys are not. In this
> circumstance, a Lavabit customer uses Lavabit's published public key to initiate an encrypted
> email session with Lavabit over the internet. Lavabit's servers then decrypt this traffic using their
> private key. The only way to decrypt this traffic is through the usage of this private key. A SSL
> certificate is another name for a published public key.
> To obtain a SSL certificate from GoOaddy, a user needs to firs! generate a 2048-bil
> private key on hislher computer. Depending on the operating system and web server used, there
> are mUltiple ways to generate a private key. One of the more popular methods is to use a freely
> available command-line tool called OpenSSL. This generation also creates a certificate signing
> request file. The user sends this file to the SSL generation authority (e.g. GoOaddy) and
> OoOaddy then sends back the SSL certifi cate. The private key is not sent to GoDaddy and
> should be retained by the user. This private key is sto red on the user's web server to permit
> decryption of internet traffic, as described above. The FBI's collection system that will be
> installed to implement the PRiTT also requires the private key to be stored to decrypt Lavabit
> email and internet traffic. This decrypted traffic will then be filtered for the target email address
> specified in the PRlTI order.
> Depending on how exactly the private key was first generated by the user, it itself may be
> encrypted and protected by a password supplied by the user. This additional level of security is
> useful if, for example, a backup copy of the private key is stored on a CD. Ifthal CD v.'8S lost or
> stolen, the private key would not be compromised because a password would be required to
> access it. However, the user that generated the private key would have supplied it at generation
> time and would thus have knowledge of it. The OpenSSL tool described above is capable of
> decrypting encrypted private keys and converting the keys to a non-encrypted format with a
> simple, well -documented command. The FBI's collection system and most web servcrs requ ires
> the key to be stored in a non-encrypted format.
>
> A 2048-bit key is composed of 512 characters. The standard practice of exchanging
> private SSL keys between entities is to use some electronic medium (e.g., CD or secure internet
> exchange). SSL keys are rarely, if ever, exchanged verbally or through print medium due to their
> long length and possibil ity of human error. Mr. Levison has previously stated that Lavabit
> actually uses five separate public/private key pairs, one for each type of mail protocol used by
> Lavabit.
> PEM format is an industry-standard file format for digitally representing SSL keys. PEM
> files can easily be created using the OpenSSL tool described above. The preferred medium for
> receiving these keys would be on a CO.
_______________________________________________
Guardian-dev mailing list

Post: Guardian-dev at lists.mayfirst.org
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/eugen%40leitl.org

You are subscribed as: eugen at leitl.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5



More information about the cypherpunks mailing list