[Cryptography] OpenPGP and trust
Stuart Longland
stuartl at longlandclan.yi.org
Sun Mar 30 02:44:39 EDT 2014
On Sat, 29 Mar 2014 19:22:54 -0700, Watson Ladd wrote:
> On Sat, Mar 29, 2014 at 6:57 PM, Dave Horsfall <dave at horsfall.org>
> wrote:
>> Naturally I changed the key every so often, because the idiots regarded
>> it as a challenge to decrypt my commands (I'd quickly learned to avoid
>> replay attacks by using some sort of a rolling-key scheme), but strong
>> crypto was, and still is, a definite no-no.
Indeed, this is one exact scenario I'm thinking of. In my case, proving
I'm "VK4MSL" to an automatic station (regardless of the medium; it could
equally be the Internet or a radio link), and thus allowing the station
to make a decision as to, based on my alleged identity, grant me
particular privileges.
It could be that you are an administrator of a system, giving a system
administration command (e.g. "turn repeater off") or you could be logging
into a system to retrieve BBS messages and deleting the ones you've read
and sending sending a few replies. (You don't want someone maliciously
logging in and deleting your mail before you get to it, or stirring up
other kinds of mischief by sending bogus mail on your behalf.)
The other thing I want to remove, is reliance on a central system, where
it be Logbook Of The World, QRZ.com, HamQTH.com, or having to verify
yourself again and again (e.g. EchoLink require you to email them a scan
of your license).
(The irony that I'm trying to remedy the situation of multiple databases
by effectively creating another is not lost on me. The thing I'm *not*
doing, is creating another *centralised* database.)
> Aren't MACs okay? I believe the 2003 ARRL handbook explains that each
> command to an OSCAR is suffixed with an authentication code to prevent
> mischief.
I would've thought so. So long as the actual message isn't obscured, the
other is nothing more than a fancy checksum for the purposes of privacy.
i.e. it does the same job as CRC: tells the other end that the message
they received more likely matches the other end (ignoring collisions).
The other thing it does is tell them the person who sent that message
knows the requisite private key, i.e. the message more likely originated
from the person/group who holds that key and not an imposter.
Digital signatures would remove the need to set up a shared secret out-of-
band and thus easier to update. One would probably generate their key to
expire when their license does (with a small grace period perhaps).
I'm just looking at ways of using existing technology to try and
implement this idea. I take the discussion here, rather than to an
amateur radio list/forum/newsgroup, because people here won't go "You're
using encryption!! Boo! Hiss!". (And there are people who don't
understand the difference between things like "encryption" and
"encoding", who would make such judgements.)
More information about the cryptography
mailing list