headers
secureaccess@rocketmail.com | 10 Aug 2011 20:48
Picon
Favicon

Re: Has anyone used this?

dynamic is what strike me, when i try the demo, it appears to be secure and so easy? no?

--- In PGP-Basics <at> yahoogroups.com, sol gongola <sdgongola <at> ...> wrote:
>
> AFAIK It has nothing to do with pgp or encryption.
> 
> The usual password is something that you know.
> 
> This software uses a password based on something external to you. An example is the use of a password key
fob.. The concept is not new. I came across it in an SF novel written in the 1960s where a password was based
on some merging of the current time stamp and something personal to the user.  
>

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           http://www.gswot.org
Permalink | Reply | 0 comments |
headers
jbn10161 | 23 Aug 2011 19:52

Encrypting information that's already encrypted

Every so often, like now, I remember that I really don't understand very well how encryption works....

If I encrypt some structured information that was already encrypted, is corruption or some other bad
effect likely to occur?  (One example is syncing a KeePass database via SpiderOak.)  Or is it all just math
that necessarily works out (in the absence of a media or power glitch)?

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           http://www.gswot.org
Permalink | Reply | 7 comments |
headers
Mike Daigle | 23 Aug 2011 20:16
Picon
Favicon

Re: Encrypting information that's already encrypted

On Tue, Aug 23, 2011 at 1:52 PM, jbn10161 <jbn10161 <at> fastmail.fm> wrote:

> Every so often, like now, I remember that I really don't understand very
> well how encryption works....
>
> If I encrypt some structured information that was already encrypted, is
> corruption or some other bad effect likely to occur?  (One example is
> syncing a KeePass database via SpiderOak.)  Or is it all just math that
> necessarily works out (in the absence of a media or power glitch)?
>
>
It has been mentioned on this list before that it is preferred not to
encrypt already encrypted files as it may reveal information that could be
used to break it (the encryption).

--

-- 
Mike Daigle                                 http://www.mikedaigle.ca
mikedaigle.CA CRT, CRL, and PGP        http://pki.mikedaigle.ca/keys
Canadian Motorcycle Cruisers Chapter 015        http://www.cmc015.ca

[Non-text portions of this message have been removed]

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           http://www.gswot.org
(Continue reading)

Permalink | Reply | 6 comments |
headers
ottokek | 24 Aug 2011 17:33
Picon
Favicon
Gravatar

Trustdb depth

Hello,

When I run "gpg --update-trustdb" I get
gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model
gpg: depth: 0  valid:   3  signed:  10  trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: depth: 1  valid:  10  signed: 106  trust: 0-, 0q, 0n, 1m, 9f, 0u
gpg: depth: 2  valid: 105  signed: 105  trust: 0-, 105q, 0n, 0m, 0f, 0u

I've seen online that other peope get depth levels of 4, 5 or even 6 (eg.
http://lists.gnupg.org/pipermail/gnupg-users/2008-August/034137.html has depth 4).

The manual (http://www.gnupg.org/gph/en/manual/r2017.html) metions that one could add
"max-cert-depth" to gpg.conf and I did add "max-cert-depth 5" but it does not have any effect.

Does anybody know what is going on here with the depth thing?

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           http://www.gswot.org
Permalink | Reply | 0 comments |
headers
Faramir | 25 Aug 2011 06:09
Picon

Re: Encrypting information that's already encrypted


El 23-08-2011 15:16, Mike Daigle escribió:
> On Tue, Aug 23, 2011 at 1:52 PM, jbn10161 <jbn10161 <at> fastmail.fm>
> wrote:
> 
> 
>> Every so often, like now, I remember that I really don't understand
>> very well how encryption works....
>> 
>> If I encrypt some structured information that was already
>> encrypted, is corruption or some other bad effect likely to occur?
>> (One example is syncing a KeePass database via SpiderOak.)  Or is
>> it all just math that necessarily works out (in the absence of a
>> media or power glitch)?
>> 
>> 
> It has been mentioned on this list before that it is preferred not
> to encrypt already encrypted files as it may reveal information that
> could be used to break it (the encryption).

  I remember an article by Bruce Schneier, where he talked about using
an encrypted drive, and also encrypting individual files inside the
drive, for an extra layer of security (of course, only a few important
files would be encrypted that way).

  Also, some software use cascade encryption, the file would be
encrypted using one algorithm first, and then re-encrypted using another
algorith. I suppose each algorithm use a different key.

  Best Regards
(Continue reading)

Permalink | Reply | 0 comments |
headers
er | 27 Aug 2011 11:40
Picon

Working with keys

Hello,

I just installed GPGTools

http://www.gpgtools.org/

which can be described, I think, GPG Keychain Access for Mac.

I send an empty email to my chosen remailer with "remailer-key" in the 
subject line and received an email containing

-----BEGIN PGP PUBLIC KEY BLOCK-----

[...]

-----END PGP PUBLIC KEY BLOCK-----

I then read the instructions for importing a key from

https://github.com/GPGTools/GPGKeychainAccess/wiki/Getting-started#wiki-working

:

<snip>
How do I import keys into GPG Keychain Access? When your friend has sent 
you his exported key you can import that key (which will most likely 
have the following file-extension .asc, .gpgkey or .key) by:

     Using the icon in the Tool Bar
     Or using the menu entry File > Import...
(Continue reading)

Permalink | Reply | 5 comments |
headers
Mike Daigle | 27 Aug 2011 15:08
Picon
Favicon

Re: Working with keys

On Sat, Aug 27, 2011 at 5:40 AM, er <er.ci.2020 <at> gmail.com> wrote:

> How do I import keys into GPG Keychain Access? When your friend has sent
> you his exported key you can import that key (which will most likely
> have the following file-extension .asc, .gpgkey or .key) by:
>
>     Using the icon in the Tool Bar
>     Or using the menu entry File > Import...
>     Or simply drag & drop the key in the main window of GPG Keychain Access
>     Or Copy & Paste
> </snip>
>
> Here comes my question : Which of these formats (.asc, .gpgkey etc.)
> should it be, and how to I convert from ASCII (the remailer's email
> content) to that format?

The odds are that any public key you receive will be in ASCII format,
and this is the norm. The file extension really doesn't matter except
that associating particular file extensions with your OpenPGP
application may make importing keys easier (ie; simply double clicking
on one). So, a file with a .asc, .pgp, .gpg or other extension is
likely to be ASCII, but even if it is binary you can still work with
it just the same.

The public key file you received can be imported whether it is binary
or radix-64 encoded. The former will look quite odd in a text editor,
and the latter will reveal the familiar opening and closing PGP
headers with ciphertext in between.

You're good to go. Just import the key as instructed.
(Continue reading)

Permalink | Reply | 4 comments |
headers
er | 27 Aug 2011 15:57
Picon

Re: Working with keys


> You're good to go. Just import the key as instructed.
>

Thanks, but it did not work, or I misread the instructions.

I copied all of the email to an rtf file, saved it, and changed the 
extension to '.gpg'. This extension is recognized GPG Keychain Access's 
GUI (I know from the fact that other files names appear grey), but 
invoking the Import with that file returns 'Nothing imported'.

Perhaps I should use the command line, instead?

------------
Copy of the remailer's email:
------------

$remailer{"hsub"} = "<hsub <at> mixmaster.mixmin.net> cpunk max pgp pgponly 
repgp remix latent hash cut test ekx hsub inflt50 rhop5 reord post klen100";

Here is the DSA PGP key:

Type Bits/KeyID     Date       User ID
pub  1024D/312CD8D9 2009-09-08 Bananasplit Remailer 
<hsub <at> mixmaster.mixmin.net>
sub  1024g/09D26E80 2009-09-08

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: Mixmaster 3.1-alpha2 (OpenPGP module)
(Continue reading)

Permalink | Reply | 3 comments |
headers
Mike Daigle | 27 Aug 2011 16:05
Picon
Favicon

Re: Working with keys

On Sat, Aug 27, 2011 at 9:57 AM, er <er.ci.2020 <at> gmail.com> wrote:

>> You're good to go. Just import the key as instructed.
>>
>
> Thanks, but it did not work, or I misread the instructions.
>
> I copied all of the email to an rtf file, saved it, and changed the
> extension to '.gpg'. This extension is recognized GPG Keychain Access's
> GUI (I know from the fact that other files names appear grey), but
> invoking the Import with that file returns 'Nothing imported'.
>
> Perhaps I should use the command line, instead?

Maybe some formatting messed something up when you exported to .rtf
format. Try exporting to plain ol' text format and see if that can be
imported. What you quoted certainly looks like a public key block in
good form. It also could be a matter of your application not being
able to strip away the excess (the rest of the message not including
the key block) and so your solution might be to copy and paste the key
block only.

Let us know how it works out.

--

-- 
Mike Daigle                                 http://www.mikedaigle.ca
mikedaigle.CA CRT, CRL, and PGP        http://pki.mikedaigle.ca/keys
Canadian Motorcycle Cruisers Chapter 015        http://www.cmc015.ca

------------------------------------
(Continue reading)

Permalink | Reply | 2 comments |
headers
er | 27 Aug 2011 19:22
Picon

Re: Working with keys


> format. Try exporting to plain ol' text format and see if that can be
> imported. What you quoted certainly looks like a public key block in
> good form.

Indeed, that worked, thanks. I saved it to Unicode using TextWrangler (I 
mention this because I don't think the default Mac editor, TextEdit, can 
do that).

------------------------------------

______________________________________________________________
Archives:                  http://groups.yahoo.com/group/PGP-Basics/messages
OT List:                         http://groups.yahoo.com/group/PGP-Basics-OT
OT Subscribe:                 mailto:PGP-Basics-OT-subscribe <at> yahoogroups.com
Gossamer Spider Web of Trust                           http://www.gswot.org
Permalink | Reply | 1 comment |

Gmane