PGP and dictionary attacks on private secret keyring
Michal Vymazal
I'm studiing the PGP (and GPG) documentation. As known, one of the major
(and known, of course) risk is a dictionary attack on a (stolen) private
secret keyring. Everywhere is written, that this type of attack is very
easy to do (is somebody get my keyring) but I can't find any documents
about this type of attack.
I have the GPG sources, but this didn't help me. Can anybody send me a
link to this type of documentation?
Thanks
Michal
--
Michal Vymazal
vymazal at secunet dot cz
Michal Vymazal
Shawn K. Quinn
from Michal Vymazal <bla...@secunet.cz>
in message <def3mp$1i0$1...@server4.gts.cz>
posted at 2005-08-23T12:09
> I'm studiing the PGP (and GPG) documentation. As known, one of the major
> (and known, of course) risk is a dictionary attack on a (stolen) private
> secret keyring. Everywhere is written, that this type of attack is very
> easy to do (is somebody get my keyring) but I can't find any documents
> about this type of attack.
It's not that easy to do, especially if the iterated and salted S2K
method is used (section 3.6.1.3 of RFC 2440). If you're dumb enough to
use just salted S2K or even simple S2K, then you deserve what you get
(and don't even get me started about unprotected secret keys).
> I have the GPG sources, but this didn't help me. Can anybody send me a
> link to this type of documentation?
Sounds to me like you don't know what a dictionary attack is, so start
here: <http://en.wikipedia.org/wiki/Dictionary_attack>
--
___ _ _____ |*|
/ __| |/ / _ \ |*| Shawn K. Quinn
\__ \ ' < (_) | |*| skq...@speakeasy.net
|___/_|\_\__\_\ |*| Houston, TX, USA
Michal Vymazal
> begin quotation
> from Michal Vymazal <bla...@secunet.cz>
> in message <def3mp$1i0$1...@server4.gts.cz>
> posted at 2005-08-23T12:09
>
>>I'm studiing the PGP (and GPG) documentation. As known, one of the major
>>(and known, of course) risk is a dictionary attack on a (stolen) private
>>secret keyring. Everywhere is written, that this type of attack is very
>>easy to do (is somebody get my keyring) but I can't find any documents
>>about this type of attack.
>
>
> It's not that easy to do, especially if the iterated and salted S2K
> method is used (section 3.6.1.3 of RFC 2440). If you're dumb enough to
> use just salted S2K or even simple S2K, then you deserve what you get
> (and don't even get me started about unprotected secret keys).
>
>
>>I have the GPG sources, but this didn't help me. Can anybody send me a
>>link to this type of documentation?
>
>
> Sounds to me like you don't know what a dictionary attack is, so start
> here: <http://en.wikipedia.org/wiki/Dictionary_attack>
>
attack. I'm using GPG, but I need to know the possibility of an attacker
in case of an stolen keyring. What I need is to know, how much time I
will have to make changes (revocate key, generate a new key, logistic
changes). And for this reason i need to reconstruct the consecution of
the attacker.
--
Michal Vymazal
vymazal at secunet tecka cz
Matt Westfall
Hash: SHA1
Yeah basically don't let someone get ahold of your secret key, lol.
Or have a really good password.
Anything suceptible to dictionary attack deserves to get cracked in the
first place, lol.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFESEG2b/8X6V5MpAURAmPUAJ9y01aC2CnbVkp0WcZV2XL3Hi7sJACgoMGy
WoWS24iSBFFe71G3vv+qzcE=
=XrhG
-----END PGP SIGNATURE-----
Dirty Harry
wrote:
>
>Yeah basically don't let someone get ahold of your secret key, lol.
>
>Or have a really good password.
>
>Anything suceptible to dictionary attack deserves to get cracked in the
>first place, lol.
Okay, what the heck is a dictionary attack? Suppose my password is
"droptrashcanterminateacidradiohotel" Can a dictionary attack crack this
password? If so, how does it work?