[Fwd: Czech attack to PGP]

[Nicholas Bohm]

At 10:06 23/03/2001 +0000, Charles Lindsey wrote:
>	On Thu, 22 Mar 2001 20:27:10 +0000
>	Ben Laurie <ben@algroup.co.uk> said...
>
>..... Description of Czech attack.
>
>Try the following for size.
>
>1. Plod seizes your computer under a legitimate warrant, thereby
>acquiring your private key.
>
>2. He demands that you provide the passphrase under a RIPA notice.
>
>3. You refuse, on the grounds that this is a signature only key.
>
>4. Plod does not believe you, but he cannot prove it is not signature
>only. But he deperately needs your passphrase (for whatever reason).
>So he invites you to "demonstrate this is a signature key" by signing
>something with it.
>
>5. You are only too happy to oblige. Anything to get you off the hook.
>But "Please Mr Plod, you have got the only copy of my private key, so I
>will need to have it back in order to do the demo".

You need to be more sceptical.  Signing something provides no evidence that
the key is "signature only".

>6. "Certainly" says Plod. "Here is a copy of it on this floppy disc"
>(but of course it isn't - it has been Czeched). So you sign his test
>document (your passphrase and key appear to work correctly) and give it
>back to Plod.

Was is it really the only copy that was seized?  You don't have a backup
you can compare?  Here's another good reason for keeping one (well out of
Plod's way, too, e.g. in the hands of a friend, perhaps overseas, who can
email it to you when required - if by now really nervous, perhaps you
signed the key bloc and can now verify it).

>7. Plod now has your private key.

Regards

Nicholas

Salkyns, Great Canfield,
Takeley, Bishop’s Stortford CM22 6SX, UK

Phone	01279 871272	(+44 1279 871272)
Fax	01279 870215	(+44 1279 870215)
Mobile	07715 419728 (+44 7715 419728)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF