Full Disclosure mailing list archives
Re: RE: [security] A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
From: Valdis.Kletnieks () vt edu
Date: Fri, 26 May 2006 22:35:41 -0400
On Sat, 27 May 2006 00:32:21 BST, fractalg () highspeedweb net said:
1) Are you saying that the key used to encrypt is fixed (it's not our passphrase !?!?!), and your passphrase is just to access the disk, meaning, just to control user access to the pgp disk ???
No, what he's saying is that if you can subvert the PGP software at a point after it has both the secret key and the passphrase and has combined them, you can get access to the files. But that's been a known attack vector against essentially all crypto for basically forever. It's basically the same problem with using SSL to secure a network connection - if the host itself has been compromised, you can see the data before it goes into the tunnel. It's similar to attacks on TCP sequence numbers - Bellovin et al pointed out the danger, but it wasn't till Mitnick's attacks that it was actually a practical attack. All the same, even though it's been a known theoretical attack since PGP was released, Adonis did a nice piece of work in actually showing it to be a practical attack.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: [security] A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. fractalg (May 26)
- Re: RE: [security] A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. Valdis . Kletnieks (May 26)