Cryptography Reference
In-Depth Information
has access to a Deep Crack machine (see Section 4.4.1), it will take him about
4.5 days to read an intercepted message. That's not worth his while. However, if
Alice uses an asymmetric method for encryption and secures her private key by
DES only, Mallory will steal the key and then has to run Deep Crack only once.
Even if Alice suspects there is a threat and switches to 256-bit AES, it's too late.
This risk can be reduced considerably, but it takes some work. Alice cre-
ates a 'good' key pair and has the public key certified. She stores the private
(encrypted) key on external data media and on a secure computer, perhaps one
without network access. She then creates a 'work key' and signs it using her
'good' key. She uses this work key for daily mail traffic and changes it every
now and then, perhaps monthly. In the event that Mallory guesses her 'work
passphrase', or steals the decrypted private key from the storage medium (as
described as Risk 7 in Section 4.5.3), then the most he can do is read the mail
traffic of one month in arrears. GnuPG supports this work by use of keyrings.
Of course, all of Alice's mail conversers need to know that they have to get
a new public key every month. But this effort is negligible in security-critical
applications. In practice, one can have two key pairs and need to change the
work key only if one thinks it might have been compromised, or if one wants
to use an algorithm that wasn't supported when the key was created. However,
the cost should be in a reasonable ratio to the required security.
7.2 PEM/RIPEM, the PGP Rival, and S/MIME
PGP had only one rival to my knowledge, namely PEM. Since this was the
first concept that used a certification hierarchy, we will discuss it here, though
PEM is insufficient and doesn't play a role today (see also [Schmeh]).
7.2.1 The PEM and S/MIME Standards Contra OpenPGP
PGP is a true child of the Internet, similar to Linux: a programmer put an
infinite amount of work into it, then other people helped improve his product.
PGP succeeded despite massive animosities from governmental authorities, as
we saw in Section 7.1.1.
The situation was totally different with PEM ( Privacy Enhanced Mail ). As
the name suggests, PEM pursued a goal similar to PGP. However, PEM didn't
start out as a program, but as a standard that was elaborated by many experts.
The standard was initially described in RFCs 1113 through 1115; more current
versions are RFCs 1421 through 1424 of February 1993 (you will find these
on our Web site).
Search WWH ::




Custom Search