Security Basics mailing list archives
RE: Hack PGP
From: "Pablo Hauser" <pablohauser () yahoo com ar>
Date: Thu, 20 Jan 2005 00:08:23 -0300
I think he said NASA computers because of the supercomputing mainframes they have there... www.nas.nasa.gov/About/Projects/Columbia/columbia.html ;) __________________________________________________ Pablo D. Hauser LeXXoN Solutions www.lexxonsolutions.com.ar -----Mensaje original----- De: nvfeito () advancedsl com ar [mailto:nvfeito () advancedsl com ar] Enviado el: Martes, 18 de Enero de 2005 18:56 Para: security-basics () securityfocus com Asunto: Re: Hack PGP He meant nsa.gov, national security agency, not the nasa computers..., besides, just a little cluster with a few home pc's can be used to break some keys, just kidding, the fact is that if I were to avoid trust someone, I would not trust berkeley center, cause the same thing they're doing with seti@home they can do with pgp keys, but anyway, paranoia aside, the thing with pgp keys it's that there's a rumour (I've heard this back in 2000/2001) that the M.I.T guys did have a reverse algorithm tool, quite difficult since the keys are randomly generated by events on the host computer, but that rumour spreaded and some people stoped trusting pgp and started thinking on gpg, which is pretty similar but not the same, besides the algorithm restrictions that imposes on non American Computers about the amount of bit encryptions, Europe it's quite different about this regulations. On Tuesday 18 January 2005 08:37 pm, Valentin Höbel wrote:
for short, as I wrote before, you heave to realise that the data is lost, except you know someone who has access to the nasa conmputer centers, as Conlan Adams told you before ;) People wouldn't use PGP if the keys were easy to brake. ---------- Forwarded message ---------- From: Conlan Adams <conlan () mebtc org> Date: Tue, 18 Jan 2005 10:30:37 -0500 Subject: RE: Hack PGP To: security-basics () securityfocus com Here, I heard these guys can help http://www.nsa.gov/ :-) -----Original Message----- From: Daniel Persson [mailto:mailto.woden () gmail com] Sent: Monday, January 17, 2005 4:30 PM To: security-basics () securityfocus com Subject: Re: Hack PGP Well I pretty much knew it was impossible but I had to ask. Well my key lenght was 4196 bits so it's quite strong and well when I say wipe
I mean using a tool that writes zeroes and random data over the disk atleast 3-4 passes. So the key and all chanses of opening the files are pretty much history. I was just curious if there was anyone that had made a try to break it and how far they had come. Thanks alot for the discussion. On Mon, 17 Jan 2005 20:33:57 +0100, Andreas Putzo <andreas () inferno nadir org> wrote:Hello, On Saturday 15 January 2005 07:06, Daniel Persson wrote:I have a delema that is quite strange but then again feasable. I didabackup on my system and wiped my harddrive and then installed everything from scratch. My problem was that the PGP keys where locked down on my harddriveandcouldn't be copied by the backup system.Bad. Very bad. Keep at least one copy of your secret key on a savemedium,eg. an usb-stick or a disk in your bank deposit box. Facing your problem, i would 1st try, to recover the key from your harddisk. By 'wipe' you mean a simple delete? If so, you _may have a change without paying a lot of money for a forensic professional. You may take a look at sleuthkit[1] or 'The Coroners Toolkit' to lookatyour HD for deleted files. If the name information for your secret_key is gone, you can possibly identify it on its size. Of course, you have to stop writing to this harddisk immediately! Takeanimage with 'dd' to another harddisk and work with this image furtheron.Good luck! Andreas [1] http://www.sleuthkit.org-- Daniel Persson mailto.woden () gmail com
-- Saludos. Nazareno Vicente Feito
Current thread:
- Hack PGP Daniel Persson (Jan 17)
- Re: Hack PGP James Eaton-Lee (Jan 18)
- Re: Hack PGP Andreas Putzo (Jan 18)
- Re: Hack PGP Daniel Persson (Jan 18)
- Re: Hack PGP Keith Morgan (Jan 19)
- Re: Hack PGP Daniel Persson (Jan 18)
- <Possible follow-ups>
- Re: Hack PGP Saint Anthony (Jan 19)
- RE: Hack PGP Conlan Adams (Jan 19)
- Hack PGP Valentin Höbel (Jan 19)
- Re: Hack PGP Nazareno Vicente Feito (Jan 19)
- RE: Hack PGP Pablo Hauser (Jan 20)
- Re: Hack PGP Dan Margolis (Jan 20)
- Re: Hack PGP David J. Bianco (Jan 24)
- Hack PGP Valentin Höbel (Jan 19)
- Re: Hack PGP Christopher Anders (Jan 19)