Re: CRIME Kerberos summation.

From: Crispin Cowan (crispin@private)
Date: Thu Jul 18 2002 - 13:38:12 PDT

Next message: Hamblet, Robin: "CRIME GoToMyPC"

Previous message: Todd Ellner: "CRIME related to the TIPS stuff..."
In reply to: Toby: "Re: CRIME Kerberos summation."
Next in thread: Christiansen, John (SEA): "RE: CRIME Kerberos summation."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Toby wrote:

>Shaun Savage writes:
>  
>
>>The problem that I see is the the public workstation is "not secure"
>>~ and having the community carry "secure eletronic ID" would cost too
>>much to impliment.   This would rule out public key systems,    so the
>>login ID and password is the best for this semi secure enviroment.  I
>>would like a system that has fine grain Access Control per user.  
>>I was thinking about using kerberos different services for the access
>>control.    
>>    
>>
>A "secure electronic ID" could be nothing more than a floppy with your
>private key on it, encrypted with a symmetric key based on a long
>passphrase.
>I know people who do this with their PGP keys...
>
There is a qualitative difference in security between smart cards and 
floppies with keys on them:

    * floppy: the private key is shared with the PC that loads it and
      processes your crypto stuff for you. This is ok, so long as you
      are damned sure that the PC has not been infected with any kind of
      virus or trojan that can sniff for private keys and export them
      through some kind of creative covert channel.
    * smart card: the private key is held private on the smart card, and
      never shared with the PC. Rather, the PC has to hand blocks of
      text to the smart card to be encrypted or signed. Since smart
      cards have weak CPUs, the "blocks of text" are more likely to be
      session keys and message hashes, but the logic is the same.

The smart card is vastly more secure, because it is much easier to 
believe that the smart card has avoided being infected with some 
malicious code.

Danger Will Robinson: there is a temptation to think of your cell 
phone/PDA as a smart card equivalent. That's ok until the idiots^W 
clever people building cell phones and PDAs start engineering in 
downloadable application support and network access. D'oh! Too late :(

Crispin

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com/~crispin/
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html

Next message: Hamblet, Robin: "CRIME GoToMyPC"
Previous message: Todd Ellner: "CRIME related to the TIPS stuff..."
In reply to: Toby: "Re: CRIME Kerberos summation."
Next in thread: Christiansen, John (SEA): "RE: CRIME Kerberos summation."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 18 2002 - 14:59:59 PDT