Announcement

Collapse
No announcement yet.

PGP Key Signing Party .. Sign my key, Damn it.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • PGP Key Signing Party .. Sign my key, Damn it.

    [The Keysiging will be Day two (Saturday) at 14:00 to 16:00 or whenever people stop showing up with cards]

    Sign a PGP key today, starting with mine.

    I know that sounds selfish, but hey, you've got to be proactive about these things!

    What I want to do is to revive the PGP party at DEFCON in a new streamlined fashion. With the advent of PGP key servers, such as keyserver.pgp.com, there is no need to do the floppy shuffle. All you need is the key ID and fingerprint of the person’s key you want to sign. You search for that key on the key servers, and if the two match you are sure it is the right key for the right person.

    PGP, and when I say PGP I also mean GPG, is a great security tool. But like any tool you have to use it properly to get the most out of it. In the case of PGP it comes down to a strong pass phrase, keeping your secret key file to yourself, and creating a web of trust.

    To create that web of trust you need to sign other people’s keys, and have yours signed as well. This has always been a pain in the ass because of the logistics of swapping floppies, etc.

    To help facilitate this I have created a template for OfficeDepot micro-perf business cards. Use the template, and fill in your email address, key ID and fingerprint. Add a picture if you want. Then print a bunch of these out, and bring them to the con. Look for the PGP key exchange on the schedule, and show up to swap fingerprints with others. Heck, just hand them out all during con.

    The goal is to increase the hacker web of trust with as little effort as possible. To do this you should take a few steps in advance:

    1 Make sure your PGP key is valid and the one you want to use. One people start signing it it is a pain to discard it and start over.

    2 Submit your key to keyserver.pgp.com. There are many others, but for ease of use we'll pick just one for now.

    3 Print cards with your key ID and fingerprint. It would help to add your name or email address as well so people can remember who you are when it comes time for them to sign your key.

    Once you have handed out your card and collected some from others it is time to process them after the show.

    1 Search keyserver.pgp.com for the key id of the key you want to sign, and import it to your public key ring.

    2 Sign that public key, and make sure to select Allow signature to be exported. This allows others to rely on your signature.

    3 Send the signed key to the keyserver. On the graphical version of PGP for Windows or OS/X this is done using the send-to command. Highlight the newly signed key and send-to the server keyserver.pgp.com. It synchronizes the key you have with the key on the keyserver.

    4 You are all done! The owner of the key can now check to see if you have signed their key.

    Now it is time to check to see if anyone has signed your key.

    1 Select your key and perform an update command. You will see your key that is found on the key servers. Import it to your public key ring, and see if there are any new signatures on it.

    Just to stay current it is a good idea every couple of months to update your own key, as well as the keys of others. If you have to revoke your key it is polite to submit the revocation to the key servers so others know not to use that key anymore.

    Download the template here:
    http://www.defcon.org/dtangent/pgp-card-template.doc
    http://www.defcon.org/dtangent/pgp-card-template.sxw

    OK, now that you have read that, go sign my damn key! I'll sign yours as well if I am sure you are who you say you are!

    My PGP Key:
    The Dark Tangent (RSA 2048) <dtangent@defcon.org>
    Key ID: 0x308D3094
    PGP Fingerprint: D709 EAEB E09E DFC3 E47F 87AF 0EBE 0282 308D 3094
    PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

  • #2
    Signed! Thanks for the template. Will it work fine with those Avery business cards blanks from Office Depot?

    My PGP Key:
    rich@synscan.com
    Key ID: 0xE2E25EFA
    PGP Fingerprint: 9DF9 CBD2 52A8 650D 0452 B1A2 DB91 483A E2E2 5EFA

    Comment


    • #3
      Originally posted by Dark Tangent
      2 Submit your key to keyserver.pgp.com. There are many others, but for ease of use we'll pick just one for now.
      This server doesn't resolve for me and others. I noticed the card template specifies pgp.mit.edu. Which should we be using?
      the fresh princess of 1338

      What did I do to make you think I give a shit?

      Comment


      • #4
        Originally posted by octalpus
        This server doesn't resolve for me and others. I noticed the card template specifies pgp.mit.edu. Which should we be using?
        Ah, I knew it was too good to be true. keyserver.pgp.com is an LDAP keyserver. It is installed by default, so I picked it. The only problem is if you are behind a firewall that does not allow LDAP out.

        I use mostly the first two key servers below, and they all sync with each other over time. If I have LDAP access I use the keyserver.pgp.com one. Otherwise I use the pgpkeys.mit.edu one, which really resolves to cryptonomicon.mit.edu.

        Here are the configs for the keyservers I have currently set up:

        cryptonomicon.mit.edu
        PGP keyserver over HTTP
        port 11371

        http keyserver
        wwwkeys.eu.pgp.net
        port 11371

        For LDAP servers I have:

        keyserver.pgp.com
        and
        europe.keys.pgp.com
        port 11370

        I'd stick with the http servers if possible..

        Thanks!

        DT
        PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

        Comment


        • #5
          My key information:

          chris [at] defcon [dot] org
          KeyID: 432DC5AC
          Key Fingerprint: D7BB 3866 EDD9 0797 9940 6730 3B25 ADC7 432D C5AC

          I update to the following keyservers:

          wwwkeys.pgp.net
          http://212.55.198.213:11371
          http://18.7.14.139:11371
          pgp.mit.edu

          I update to them every two days.

          If you trust that as my key please sign it. Feel free to email me to verify the authenticity or you can wait and I will verify it in person at DefCon. I will sign your key (after verification) once you have signed mine.

          Chris
          perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

          Comment


          • #6
            [The following question is not one to any of the above posters. It is a general question being asked to the reader.]

            Isn't the point of a key signing party to have it done in person so you can verify the person whose key your signing is really who they say they are? The personal verification is one of those things which helps to strengthen the "web of trust." Signing keys of people without meeting/verification defeats one of the many attributes of authentication.

            If you are new to gpg/pgp, and do not know people who are asking you to sign theri keys online, then DON'T. Your signing of their keys says that you have done some careful verification that they are who they say they are. This berification is the _purpose_ of the key signing party.

            What is the "web of trust"?
            Consider the case where Person A knows person B who knows person C.
            Person A and person B have signed each other's keys and pushed their changes to a key server.
            Person B and person C have signed each other's keys and pushed them to a key server.

            Now, even though person A and Person C have not signed each other's keys, each can have a level of certainty that the document they are checking for having been signed by each other is actually from the person in question. Why? there is only 1 "node" between them. There are limits to how many hops your web of trust will permit you to hop through people before trust is considered so low that the next hop won't give you a path for a trusted sig.

            Verification of identification:
            In non-underground locations, a common verification tool is a drivers' license with some other metric. However, this is not something people will be willing to use here so easily.

            Other methods for identification could include the following:

            Add your UID here, post your fingerprint. When someone gets a card from you in person, they can verify the key from the server, and its fingerprint with the key id on your card and fingerprint from the forum. (the greater the number of dissimilar sources you can use to verify the person giving you an id/fingerprint, the stronger the verification of that key before signing.

            Include an in-person metric and trusted source. If you have a best friend who does not lie to you, someone you trust, and they tell you another person is who they claim to be, this can help you with trusting the person is who they say they are, but not grant you as much trust as if you had been able to verify their identity through other means.

            With gpg (though I am not sure about pgp) you can edit a trust level for each person. This permits you to specify how certain you are of who they are. This is available in modern versions of gpg. You can specify how carefully you checked their ID before signing, and establish levels of trust for the person.

            You can download new keys, and install new keys, but signing is you stating that you have done careful checking that the person who owns the key you are signing is who they say they are.

            Using public key servers is one way to help with this. Using a separate web page of the person you are meeting, where they have published their fingerprint/id on their web page is another, communicating with them through an established meium is another, talking on the phone, meeting in person, having someone you trust verify the person is who they say they are, etc... Each one of these that you can add to the process of checking helps to raise the level with which you can verify the person is who they say they are before you sign their key.

            For those who are new to gpg/pgp, read through this:
            Key signing party howto

            Thanks!

            [Edit: added content below]

            Public key signing parties kick ass!
            Last edited by TheCotMan; July 14, 2004, 07:06.

            Comment


            • #7
              ID: 0x485A35B7
              Email: dark [at] ca2600.org
              Fingerprint: 9AD6 5B32 97C1 3B92 16B0 A1BE 338D 8A95 485A 35B7

              Keyservers that I update to: keyserver.pgp.com, europe.keys.pgp.com:11370


              - CD

              Comment


              • #8
                ok here you go

                simple3 [email goes here]

                0x6B6AC736

                BD65 28F6 B388 4976 005B B471 A8A0 335A 6B6A C736

                --simple3

                Comment


                • #9
                  Originally posted by TheCotMan
                  Isn't the point of a key signing party to have it done in person so you can verify the person whose key your signing is really who they say they are? The personal verification is one of those things which helps to strengthen the "web of trust." Signing keys of people without meeting/verification defeats one of the many attributes of authentication.
                  I have had this discussion before (with my local Linux Users Group), and my conclusion was that a face-to-face meeting is completely unnecessary. I call myself Voltage Spike. You know me as Voltage Spike. If I show up to the key-signing party, then I will be completely unable to produce identification that proves I am Voltage Spike. It simply means that somebody felt that it was worth the effort to physically move their butt somewhere to claim they are me.

                  I suppose you could solve this issue by arranging a secret passphrase (electronically) with each individual ahead of time and then verifying that at the party, but I still don't feel that physical presence greatly increases the level of trust.

                  In my LUG, as elsewhere, I proved my identity through my level of effort. I used the same identity, the same style of posting, and the same key consistently. Over time, people came to accept that I was who I was. Although anyone could have done the same thing to pretend they were me, there would be two problems: the level of effort makes the attempt unlikely, and their key would be different than mine (and would thus raise suspicion).

                  The three categories of verification are usually: something you are (usually biological), something you know (like a passphrase), and something you have (like a key card). A combination of more than one generally indicates a higher-level of verification, so let's see how that fits in here.

                  I will assume that the purpose of the key-signing party for my online persona is to prove that I, Voltage Spike, am available at a specific email address.

                  The first can be verified by attempting to reach me through email. Using a reasonably reliable network, my access to that email account helps demonstrate that I am that account.

                  The second may be arranged through the forum, such as the aforementioned passphrase. I suppose that this information could be conveyed in the email from above.

                  The third verification, "something" I have, is the matching private-key file.

                  I'm certainly not saying a personal meeting has no merit, and I'm also not saying that we should simply trust each other blindly. I just think that "rewarding" those that are the most active by signing their keys has the added benefit of raising the level of effort required to enter into the web of trust.

                  Besides, it is way too easy to buy into the web of trust at a key-signing party by offering free drinks. ;)

                  Comment


                  • #10
                    Originally posted by Voltage Spike
                    [CHOP some good support for your argument]
                    I'm certainly not saying a personal meeting has no merit, and I'm also not saying that we should simply trust each other blindly. I just think that "rewarding" those that are the most active by signing their keys has the added benefit of raising the level of effort required to enter into the web of trust.

                    Besides, it is way too easy to buy into the web of trust at a key-signing party by offering free drinks. ;)
                    (If I understand you correctly, one of your points is this) If the use of a PhotoID is removed for in person meeting, then this does decrease the value of an in person meeting.

                    One of the things that an in person meeting does provide, is a name to a face, so that the human-sensed biometrics that we use can be applied with meeting them in the future.

                    Beyond socializing, meeting in person does help strengthen the web of trust by eliminating nodes which may have been previously traversed through a shared friend. When A and C meet, they and get to know each other and exchange keys directly instead of relying upon B to be their bridge. Using the forum after the in person meeting can further aid this verification-before-signing and may make it possible for others to pass through A to get to C or C to get to A if the inclusion of B caused either to be too many hops away.

                    One more thing to note:
                    Someone else's key need not be signed by you in order for you to use it. You can load new keys without signing them, and use those keys for checking sigs, etc. One of the differences (of course) is that when you verify a file as having been signed by the person who claims to have signed it, the check only verified someone signed it with a private key that is "paired" to the public key you are using to perform the check if there is no path to the newly loaded key in the web of trust.

                    Some people will sign keys because their applications that use pgp/gpg won't "work" unless a key is signed, or can be verified through other signed keys in the web of trust. This is just a limit in applications to adaquately describe to the user what risks are associated with using keys that are not signed, or cannot be verfied through the web of trust.

                    I like your response. You provided a thoughtful reply: Thanks!

                    Comment


                    • #11
                      I could swear you're my boss, CotMan. He's made the exact same argument about the Web of Trust.

                      I'm not entirely sure but I'm pretty certain my government issued photo ID doesn't say "gzzah" on it. DT's probably does, however. He's got them connections. The only thing we have to verify trust is by what we post here and any close friends that you may trust.

                      Getting into the Web of Trust, however, can be difficult if you don't have anybody that will "vouch" for you. If someone were to walk up to you during the keysigning party and say "Hey, I'm gzzah. Sign." how are you going to verify that it's really me? I can tell you that I've met some of the people here but I was a wallflower at the last cons I went to. They probably wouldn't remember me. I'm not that memerable. :)

                      I believe the point of this signing exercise is to simply get the ball rolling. I know DT has a whole gang of people he knows that will willingly sign his PGP key. He just wants the rest of us to do it so we can have a sense of community spirit.

                      Or maybe he really doesn't have that many friends and needs the forum crowd to help him out... We nice people! We help the needy!
                      We own everything so you don't have to!

                      Comment


                      • #12
                        Originally posted by TheCotMan
                        (If I understand you correctly, one of your points is this) If the use of a PhotoID is removed for in person meeting, then this does decrease the value of an in person meeting.
                        Almost... My point was that you can't use a photo ID to verify who I am because there is (currently) no way for me to obtain a document verifiying I am Voltage Spike. I could verify my
                        real-life identity, but I am hesitant to do that and it has no bearing on the "electronic me".

                        Originally posted by TheCotMan
                        One of the things that an in person meeting does provide, is a name to a face, so that the human-sensed biometrics that we use can be applied with meeting them in the future.
                        Ah, that is a good point. However, this is Defcon. The risk of social engineering is likely to be high. :)

                        Originally posted by TheCotMan
                        Beyond socializing, meeting in person does help strengthen the web of trust by eliminating nodes which may have been previously traversed through a shared friend. When A and C meet, they and get to know each other and exchange keys directly instead of relying upon B to be their bridge.
                        Ah, but wouldn't this work online as well as it does off?

                        Note that you are also bypassing the web of trust here. You are assuming that because A verifies B and B verifies C, then A verifies C. However, is this not the point of the web?

                        Besides, there is nothing stating A can't sign C's key at a later date simply because they had previously been related only through B.

                        Originally posted by TheCotMan
                        I like your response. You provided a thoughtful reply: Thanks!
                        You are going to thank me for that? Are you trying to imply that my post was an exception and not the normal response around here? :p

                        Comment


                        • #13
                          Originally posted by TheCotMan
                          Beyond socializing, meeting in person does help strengthen the web of trust by eliminating nodes which may have been previously traversed through a shared friend. When A and C meet, they and get to know each other and exchange keys directly instead of relying upon B to be their bridge.

                          Originally posted by Voltage Spike
                          Ah, but wouldn't this work online as well as it does off?
                          Well, I am looking at, "in addition to." The idea is to have an in person meeting in addition to online transactions. The greater the number of different methods for identification you have, the greater your chances in avoiding vouching for another by signing a key who will expose you to a poisoned web of trust.

                          Consider meeting someone at DefCon where you have only met them in person, or only met them online. Even if they post a great deal, when you sign their certificate, you can establish a level of trust for that person. If they are part of a group of people who trojan source code, and alter a web site and package to show a different maintainer KeyID for verification of a package, then if you happen to download a source package and then verify against the key published on their website, your web of trust may show the package is "trustworthy" because the web of trust allows you to hop through this evil hacker's key to their wicked associates. By signing keys without careful checking, especially when you consider the population of this group, you increase your exposure to having access to posioned webs of trust.

                          I think newer versions of gpg allow you to actually set the level of trust for a user and specify how well you have verified the person as being who they claim they are, when you sign their key. This is a nice feature, and may decrease risk of exposure to posioned webs of trust.

                          Originally posted by Voltage Spike
                          Note that you are also bypassing the web of trust here. You are assuming that because A verifies B and B verifies C, then A verifies C. However, is this not the point of the web?
                          Again, I'm not writing about using an in person meeting as a replacement. In the first post and the second post, I outlined it as an additional piece of information. (First step in knowing a thread is nearing an end: statement is repeated more than once. I won't be replying to this topic of this thread again if the issue of using an in-person meeting as an _additional_ metric needs to be restated again-- meaning, with other methods of checking.)

                          Originally posted by Voltage Spike
                          Besides, there is nothing stating A can't sign C's key at a later date simply because they had previously been related only through B.
                          Nothing stopping a person from doing this, but if that is done, then what is wrong with signing everyone's keys through which is only one hop further from you? If A knows B who knows C and A signs C's key at some later date without performing careful checking, then why not continue to progression and sign other people's keys who are more than one hop away? After each cycle, people who were 2 hops away become 1 hop away. Given enough time, you could effectively sign all public keys. I do not like this idea. What is gained by signing someone's key in this fashion?

                          Originally posted by Voltage Spike
                          You are going to thank me for that? Are you trying to imply that my post was an exception and not the normal response around here? :p
                          Sure! I'll thank you for that, but not because it is an exception, but because I had something to add in a reply other than "nice post" or "me too." Just because I do not follow up a post as good or bad does not mean I do not think it; I just see no need to post something like that unless I am contributing to the content of the thread.

                          Comment


                          • #14
                            Ah. What we have here is a failure to communicate. I will attempt to address that.

                            Originally posted by TheCotMan
                            Well, I am looking at, "in addition to." The idea is to have an in person meeting in addition to online transactions. The greater the number of different methods for identification you have, the greater your chances in avoiding vouching for another by signing a key who will expose you to a poisoned web of trust.
                            I realize what you are saying. I was questioning how a real-life meeting would increase the level of trust between two people who have only known each other electronically.

                            The most relevant statement relating to this issue was that of the "human-sensed biometrics", a factor I had not considered.

                            Originally posted by TheCotMan
                            Consider meeting someone at DefCon where you have only met them in person, or only met them online. Even if they post a great deal, when you sign their certificate, you can establish a level of trust for that person. If they are part of a group of people who trojan source code, and alter a web site and package to show a different maintainer KeyID for verification of a package, then if you happen to download a source package and then verify against the key published on their website, your web of trust may show the package is "trustworthy" because the web of trust allows you to hop through this evil hacker's key to their wicked associates.
                            Pardon me for making assumptions, but I believe you are confused on this issue.

                            The purpose of key signing and the web of trust is to verify that a key does, in fact, belong to a specific individual. However, just because I trust that A and B are who they say they are does not mean I trust either A or B. I can only claim with a certain degree of reliability that the package, in this case, comes from A or B.

                            You bring up an interesting idea, though: using your own personal web of trust to verify the "trustworthiness" of an individual. In other words, I am not going to sign A's key, even though I know for a fact that he is A, because A is a "bad guy". The principles of verification are largely the same, but it would only work if the people in your web know why they are signing a key and what the consequences might be.

                            Originally posted by TheCotMan
                            By signing keys without careful checking, especially when you consider the population of this group, you increase your exposure to having access to posioned webs of trust.
                            hehe, that is why there are different levels of trust (at least in PGP/GPG). If I know you take great pleasure in signing as many keys as possible, you are getting filed under "untrusted". However, my close friends with the tin-foil hats may be "completely" trusted. :)

                            Originally posted by TheCotMan
                            I think newer versions of gpg allow you to actually set the level of trust for a user and specify how well you have verified the person as being who they claim they are, when you sign their key. This is a nice feature, and may decrease risk of exposure to posioned webs of trust.
                            I don't know of such a feature, but you may be getting confused with the aforementioned trust values. The trust doesn't specify your level of trust in that individual's identity. The trust specifies your faith in that individual to verify a person's identity before signing.

                            When you sign a key, you are either all in or all out. When A signs B's key, A is stating that the signed key definitely belongs to B.

                            Originally posted by TheCotMan
                            Again, I'm not writing about using an in person meeting as a replacement.
                            I apologize if I implied you felt that way. I knew that was not the case.

                            Originally posted by TheCotMan
                            (First step in knowing a thread is nearing an end: statement is repeated more than once. I won't be replying to this topic of this thread again if the issue of using an in-person meeting as an _additional_ metric needs to be restated again-- meaning, with other methods of checking.)
                            Ouch, now that is snippy (little offense intended).

                            Your ultimatum implies that your posts never require clarification and are not open for discussion. While I find many of your posts well thought-out and insightful, I am surprised to meet such a claim. :)

                            Originally posted by TheCotMan
                            Nothing stopping a person from doing this, but if that is done, then what is wrong with signing everyone's keys through which is only one hop further from you? If A knows B who knows C and A signs C's key at some later date without performing careful checking, then why not continue to progression and sign other people's keys who are more than one hop away?
                            I understand the problem. Essentially, we both thought, incorrectly, that the other party was arguing the same point.

                            Originally posted by TheCotMan
                            When A and C meet, they and get to know each other and exchange keys directly instead of relying upon B to be their bridge.
                            I hope you can see where the confusion comes in. Your example of A and C meeting at the key-signing party and, because they both know B, signing each other's keys implies a violation of the web of trust. While you did use the phrase "get to know each other", it appeared, in context, that you were attempting to shortcut the web.

                            Originally posted by Voltage Spike
                            Besides, there is nothing stating A can't sign C's key at a later date simply because they had previously been related only through B.
                            (Ooh, quoting myself. How presumptuous of me. :))

                            I knew I should have qualified my statement with "if A gets to know C well enough". I thought, apparently incorrectly, that the meaning of my statement would be apparent in context.

                            Originally posted by TheCotMan
                            Just because I do not follow up a post as good or bad does not mean I do not think it; I just see no need to post something like that unless I am contributing to the content of the thread.
                            I know it is a little off-topic, but I'll be brief.

                            I whole-heartedly agree. I hope that, by posting only when I think it will add to the discussion, I increase the "signal-to-noise ratio" in public forums. Although this rule may not skyrocket the number of posts that I make (a number which is all-too-obvious in the vBulletin software), I prefer a reputation for "quality over quantity".

                            Comment


                            • #15
                              Web of trust....

                              Exactly: meeting someone in person, and signing their key doesn't guarantee that they are in fact who they are claiming to be. So where do you draw the line? You could meet someone online, talk for two years- and finally meet and sign keys, only to find out that the online persona created/used by that person was totally bogus from the start. It boils down to 'degrees' of trust. Meeting in person may add a degree of trust (ie you've physically seen them) but that is all it adds, a *degree*-

                              Also consider, there are some people who you can *pretty much* verify they are who they say they are....like if you meet Dark Tanget at DC, you pretty much know that this is the person who calls himself DT, so you sign keys. If someone who doesn't look like DT comes up to you and says "sign my key" you know that he is full of crap. Again, you've added a degree of trust by physically seening that person. For sake of argument, there could be a person out there who *looks* like DT, and if you didn't know him could get you to sign a key under the guise that he was in fact DT. Round and round we go.

                              It's still better than the unencrypted plain-text state of most of the web these days.

                              LosT

                              Comment

                              Working...
                              X