tech-security: Re: BPG Security Server

Subject: Re: BPG Security Server
To: Curt Sampson <cjs@cynic.net>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: tech-security
Date: 07/25/2005 22:00:57
In message <Pine.NEB.4.62.0507261023070.21556@angelic.cynic.net>, Curt Sampson 
writes:
>
>So, Steven Bellovin's comments on various clients he wanted to use with
>PGP got me thinking, and it got me thinking that I just don't trust them
>with my passphrase. For stuff like that, it seems to make a lot more
>sense to implement a small, trusted "PGP server" with a console that
>would accept requests from client applications for use of keys, allow
>me to approve or deny these requests, take my password when necessary,
>act as a caching agent for my key, and so on. Essentially, I envision
>something like this:
>
>     * Run server, enter my password, it caches my keys.
>
>     * Client requests encryption of stuff, either with a given key or
>       with no particular key
>     * Server prompts me to see if client is allowed to use the encryption
>       service
>     * Server help me find the key to use, or shows key info for
>       the client-requested key, and I verify trust information and tell
>       server that it's ok to use the key
>     * Server then performs encryption for client on request, until its
>       time limit expires or I cut it off.
>
>     * Client requests signing of stuff
>     * Server prompts me to see if client is allowed to use the encryption
>       service
>     * Same as above re chosing keys and so on
>     * Server then performs signing for client on request, until its
>       time limit or signature count limit expires or I cut it off.
>
>Thoughts?
>

I like where you're going, but I'm not sure how to pull it off.  I see 
two problems right off the bat.

First -- how does the PGP server interact with the user?  Let it speak 
only stdin/stdout in a separate xterm, screen window, or alternate 
console?  It's possible, though the human factors don't impress me.  
For that matter, how does the user know there isn't some other 
application reading stdin in that xterm/screen window/console?

Second -- how does the server authenticate the application that's 
asking for a key?  That is, how does it know that it's bpg and not some 
Trojan horse that's been lurking in the background?  

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb