Idea for PGP implementation

ToshiroOC · Dec 19, 2002, 10:36 AM

I have an idea for extremely strong (a.k.a. near impervious to everyone but the NSA and the FBI) encrpytion based upon layering PGP. If you send a PGP public key to another computer, and it sent a PGP-encrypted public key back, and that public key was used to encrypt another public key that was used... etc. until you have near infinite encryption that, to break starting from the first intercepted key and all of the following, would be damn near impossible without having something downstream of the decoder in either of the receiving/sending computers. Is this realistic? Does it work? Why hasn't anyone thought of this before (or if they have, why isn't it being used).

ToshiroOC

UberLord · Dec 20, 2002, 11:14 AM

So this means that someone can't actually read it unless they have ALL the keys and decrypt it in the right order? More secure yes, but much much more of a PITA. Most users of PGP don't want that level of extra things to do. What we want is a simple one click way of encrypting/decrypting stuff which works.

ToshiroOC · Dec 20, 2002, 12:14 PM

I am talking about this as a method of encryption, not as something to do manually. I don't see why you couldn't make a program that automated the entire process and created an extremely secure system... I am just asking if anyone sees a flaw in my logic or if it works, why no one has done anything with it to date...

ToshiroOC

UberLord · Dec 20, 2002, 02:04 PM

The one problem I see is the ammount of public keys going around. Think of the maintenance - if one key gets compromised do you change just key? Can you trust the receipient to replace the correct key in the sequence? I'm not questioning the logic here - it sounds pretty solid (but I'm not a crypto expert) but the maintainance, useability would almost certainly suffer. And I dont see how writing a "key management" progarm that kept things just as simpe as using a single public/private key could work with your proposal

ToshiroOC · Dec 20, 2002, 08:02 PM

I'm talking about a temporary, one-session-only sort of contruction. One computer would send a packet requesting a public key, then the other computer would send one, then the first computer would send a different one encrypted, etc. so on and so forth, then once the session was over all of the keys involved would be discarded. Since you would not need to know someone's public key in advance to initiate an encrypted session, I don't see why you would need to worry about remembering anyone's PGP key.

ToshiroOC

UberLord · Dec 21, 2002, 12:32 PM

Thats not secure at all! If you send the key with each packet, it can easily be decrypted. The whole point to a public/private key system is that you only send the public key to each recipient once.

ToshiroOC · Dec 22, 2002, 01:23 AM

I get the feeling that we are thinking in slightly different directions now. Let me elaborate a bit on what I am thinking of, as you might have a valid point against something different than what I am talking about, or you might just see something that I am not... so here it goes:

Computer 1 sends a connect request to Computer 2

Computer 2 sends an acknowledge to Computer 1

Computer 1 sends a randomly generated Public Key 1 to Computer 2

Computer 2 sends a randomly generated Public Key 2 encrypted with Public Key 1 to Computer 1

Computer 1 sends a randomly generated Public Key 3 encrypted with Public Key 2 which has been decoded by Private Key 1 to Computer 2

Computer 2 sends a randomly generated Public Key 4 encrypted with Public Key 3 decoded with Private Key 2 to Computer 1

Computer 1 and Computer 2 continue these last two steps (edit: with Key # + n) until specified level of security is reached, then using the last two generated Public Keys encode data and send it, with the recipient decoding the data with their corresponding Private Key.

I still don't see any flaws in my logic, though I could easily be making a mistake... However, please realize that the point of using PGP versus some other kind of encryption is exactly because you can't use the Public Key easily to decrypt, though you can use it easily to encrypt, meaning that the Public Key can be openly transmitted without causing a security breach.

ToshiroOC

UberLord · Dec 22, 2002, 10:41 AM

Ah - I see what you're trying to do now.

There's just one flaw - and thats the encryption. I think that this is what you need

Computer 1 makes a random private key and a random public key based on the private key and sends it to computer 2 as clear text (it has to be).

Computer 2 makes a random private key and a random public key based on the private key and sends it to computer 1 as clear text.

Computers 1 and 2 can now transfer secured data with there public/private keys in the secure knowledge that all data ONLY came from them and wasn't "inserted" into the data-stream.

Using this key combination, the data transaction is secure - the only weakness aside from the encryption is that the first public keys sent are clear text. Unless say you state a specific encryption for each one - say something simple like ZIP'ed with a time-sensitive password would do the trick ;

Of course, there's no limit as to how many key combinations are sent to double/treble the level of encrption. However, only a cyptographer would know if it really makes things more secure.

BTW, this system has already been invented - it's called SSH and you can tunnel pretty much everything via it. I've setup an FTP server at work thats only accessable via an SSH tunnel as one of our clients sometimes needs to send databases to fix problems with that contain very sensitive data.

ToshiroOC · Dec 23, 2002, 01:42 AM

Damn - as I was posting the first one I thought of SSH, but I really had no idea at all as to how it was implemented, so I threw that out in the hopes that it was better and easier than whatever was out there, including SSH. Apparently someone beat me to the punch (again). Your simplified version sorta cuts out the genius of my idea (which, although unecessary, I personally liked a lot

), but that was essentially what I was talking about, except the encryption would be changing so that the private key being used for the final level fo encryption wouldn't be cracked from the initial broadcasted public key, which is possible given enough time and energy. Thank you for spending the time to work though this - it was pretty helpful having feedback, even though it turned out that my idea was preemptively stolen (: ))!

ToshiroOC

Dec 19, 2002, 10:36 AM	#1
ToshiroOC Unbiased. Join Date: Jun 2002 Posts: 4,812 Rep Power: 0	Idea for PGP implementation I have an idea for extremely strong (a.k.a. near impervious to everyone but the NSA and the FBI) encrpytion based upon layering PGP. If you send a PGP public key to another computer, and it sent a PGP-encrypted public key back, and that public key was used to encrypt another public key that was used... etc. until you have near infinite encryption that, to break starting from the first intercepted key and all of the following, would be damn near impossible without having something downstream of the decoder in either of the receiving/sending computers. Is this realistic? Does it work? Why hasn't anyone thought of this before (or if they have, why isn't it being used). ToshiroOC __________________ [img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator)

Dec 20, 2002, 11:14 AM	#2
UberLord A Legend in Underwear Join Date: May 2002 Location: Unknown Posts: 5,255 Rep Power: 0	So this means that someone can't actually read it unless they have ALL the keys and decrypt it in the right order? More secure yes, but much much more of a PITA. Most users of PGP don't want that level of extra things to do. What we want is a simple one click way of encrypting/decrypting stuff which works. __________________ Gentoo Linux - Developer (baselayout) Read my blog "I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours." Stephen Roberts

Dec 20, 2002, 12:14 PM	Thread Starter #3
ToshiroOC Unbiased. Join Date: Jun 2002 Posts: 4,812 Rep Power: 0	I am talking about this as a method of encryption, not as something to do manually. I don't see why you couldn't make a program that automated the entire process and created an extremely secure system... I am just asking if anyone sees a flaw in my logic or if it works, why no one has done anything with it to date... ToshiroOC __________________ [img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator)

Dec 20, 2002, 02:04 PM	#4
UberLord A Legend in Underwear Join Date: May 2002 Location: Unknown Posts: 5,255 Rep Power: 0	The one problem I see is the ammount of public keys going around. Think of the maintenance - if one key gets compromised do you change just key? Can you trust the receipient to replace the correct key in the sequence? I'm not questioning the logic here - it sounds pretty solid (but I'm not a crypto expert) but the maintainance, useability would almost certainly suffer. And I dont see how writing a "key management" progarm that kept things just as simpe as using a single public/private key could work with your proposal __________________ Gentoo Linux - Developer (baselayout) Read my blog "I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours." Stephen Roberts

Dec 20, 2002, 08:02 PM	Thread Starter #5
ToshiroOC Unbiased. Join Date: Jun 2002 Posts: 4,812 Rep Power: 0	I'm talking about a temporary, one-session-only sort of contruction. One computer would send a packet requesting a public key, then the other computer would send one, then the first computer would send a different one encrypted, etc. so on and so forth, then once the session was over all of the keys involved would be discarded. Since you would not need to know someone's public key in advance to initiate an encrypted session, I don't see why you would need to worry about remembering anyone's PGP key. ToshiroOC __________________ [img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator)

Dec 21, 2002, 12:32 PM	#6
UberLord A Legend in Underwear Join Date: May 2002 Location: Unknown Posts: 5,255 Rep Power: 0	Thats not secure at all! If you send the key with each packet, it can easily be decrypted. The whole point to a public/private key system is that you only send the public key to each recipient once. __________________ Gentoo Linux - Developer (baselayout) Read my blog "I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours." Stephen Roberts

Dec 22, 2002, 01:23 AM	Thread Starter #7
ToshiroOC Unbiased. Join Date: Jun 2002 Posts: 4,812 Rep Power: 0	I get the feeling that we are thinking in slightly different directions now. Let me elaborate a bit on what I am thinking of, as you might have a valid point against something different than what I am talking about, or you might just see something that I am not... so here it goes: Computer 1 sends a connect request to Computer 2 Computer 2 sends an acknowledge to Computer 1 Computer 1 sends a randomly generated Public Key 1 to Computer 2 Computer 2 sends a randomly generated Public Key 2 encrypted with Public Key 1 to Computer 1 Computer 1 sends a randomly generated Public Key 3 encrypted with Public Key 2 which has been decoded by Private Key 1 to Computer 2 Computer 2 sends a randomly generated Public Key 4 encrypted with Public Key 3 decoded with Private Key 2 to Computer 1 Computer 1 and Computer 2 continue these last two steps (edit: with Key # + n) until specified level of security is reached, then using the last two generated Public Keys encode data and send it, with the recipient decoding the data with their corresponding Private Key. I still don't see any flaws in my logic, though I could easily be making a mistake... However, please realize that the point of using PGP versus some other kind of encryption is exactly because you can't use the Public Key easily to decrypt, though you can use it easily to encrypt, meaning that the Public Key can be openly transmitted without causing a security breach. ToshiroOC __________________ [img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator)

Dec 22, 2002, 10:41 AM	#8
UberLord A Legend in Underwear Join Date: May 2002 Location: Unknown Posts: 5,255 Rep Power: 0	Ah - I see what you're trying to do now. There's just one flaw - and thats the encryption. I think that this is what you need Computer 1 makes a random private key and a random public key based on the private key and sends it to computer 2 as clear text (it has to be). Computer 2 makes a random private key and a random public key based on the private key and sends it to computer 1 as clear text. Computers 1 and 2 can now transfer secured data with there public/private keys in the secure knowledge that all data ONLY came from them and wasn't "inserted" into the data-stream. Using this key combination, the data transaction is secure - the only weakness aside from the encryption is that the first public keys sent are clear text. Unless say you state a specific encryption for each one - say something simple like ZIP'ed with a time-sensitive password would do the trick ; Of course, there's no limit as to how many key combinations are sent to double/treble the level of encrption. However, only a cyptographer would know if it really makes things more secure. BTW, this system has already been invented - it's called SSH and you can tunnel pretty much everything via it. I've setup an FTP server at work thats only accessable via an SSH tunnel as one of our clients sometimes needs to send databases to fix problems with that contain very sensitive data. __________________ Gentoo Linux - Developer (baselayout) Read my blog "I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours." Stephen Roberts

Dec 23, 2002, 01:42 AM	Thread Starter #9
ToshiroOC Unbiased. Join Date: Jun 2002 Posts: 4,812 Rep Power: 0	Damn - as I was posting the first one I thought of SSH, but I really had no idea at all as to how it was implemented, so I threw that out in the hopes that it was better and easier than whatever was out there, including SSH. Apparently someone beat me to the punch (again). Your simplified version sorta cuts out the genius of my idea (which, although unecessary, I personally liked a lot ), but that was essentially what I was talking about, except the encryption would be changing so that the private key being used for the final level fo encryption wouldn't be cracked from the initial broadcasted public key, which is possible given enough time and energy. Thank you for spending the time to work though this - it was pretty helpful having feedback, even though it turned out that my idea was preemptively stolen (: ))! ToshiroOC __________________ [img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator)