Decryption on foreign computer about kip HOT 7 OPEN

Wife's computer or a more of your computers should be fairly easy, just grab Dropbox or any similar service, since the unencrypted data are never committed to the filsystem. Unless I can't read source code that is.

Library computer is worse. I like your idea in general though I'm not sure how good would AES in javascript be. It also seems kind of redundant -- you are already using SSL to protect yourself from network sniffing (and you presumably have your server's fingerprint on a paper with you). It makes sense however if you really don't want to have both data and key on any computer for a long time.

Another way would be to use one time passwords -- generate asymmetrically encrypted data and use OTP to acces it (through SSL and http-basic) and when you session is done, press a button that makes the switch to the next OTP. That requires the remote computer to have the data in plain however.

from kip.

The idea of doing part of the decryption on the server (AES) is that it should defeat any browser caching / logging. It it's just in HTML the browser might write the page to the disk - browsers cache HTTPS content just like HTTP content.

I love the idea of one-time passwords. Maybe a combination of a passphrase and a one-time PIN code. "Web-based methods" here looks possible: http://en.wikipedia.org/wiki/One-time_password#Web-based_methods

from kip.

cherokee admin is using onetime password to secure the admin.

as the side note there is a gpg an attempt to write GPG client in in
JShttps://github.com/GPGTools/Mobile
.

On Fri, Mar 30, 2012 at 7:31 PM, Graham King <
[email protected]

wrote:

The idea of doing part of the decryption on the server (AES) is that it
should defeat any browser caching / logging. It it's just in HTML the
browser might write the page to the disk - browsers cache HTTPS content
just like HTTP content.

I love the idea of one-time passwords. Maybe a combination of a passphrase
and a one-time PIN code. "Web-based methods" here looks possible:
http://en.wikipedia.org/wiki/One-time_password#Web-based_methods

---

Reply to this email directly or view it on GitHub:
#7 (comment)

from kip.

Another option is, at the web cafe, download putty.exe, ssh to your server, and just run kip (with --print option) there.

(some time later, having though about it)... but then the web cafe (which we assume is running a key logger) has your ssh password. Double plus bad.

from kip.

Some thoughts:

• The encrypted kip files themselves do not need protecting. The only thing to protect is your passphrase. We can put encrypted files on a public web server. The secret key be kept secret, but it's CAST5 encrypted with a hash of your passphrase, so actually it's safe too.
• Decrypting GPG files in javascript would be a lot of work. You have to first do radix-64 to go from ascii to binary, then you have to AES decrypt, and finally you have to unzip. I for one am not excited about doing that type of thing in Javascript.
• I couldn't find any windows programs to do the decryption, that you don't need to install. For example putty.exe you download and run. GPG4Win and 7-zip (which does AES) and so on, you need install permissions. And this wouldn't cover iPad / Mac anyway.
• I would love to find a Javacript file that could decrypt something that GPG can make. Any algorithm would do. Then the preparation is kip just decrypts everything with your secret key, re-encrypts it with a "travel" key you choose, and you copy the files to your web server, along with some javascript for the decryption.
• Failing that I think we have to do server-side decryption and transmit the password in the clear (over SSL). You were going to copy that password and type it right into gmail's login box anyway, so we're not adding any risk. We would definitely need one-time passwords, otherwise a key logger would give someone access to all your passwords, not just the gmail one you wanted.

from kip.

It sounds like javascript encryption doesn't add much security over SSL, like wrb mentioned. See Javascript Cryptography Considered Harmful. We can set headers to ask the browser not to cache the page.

Interesting discussion about key loggers at security.stackexchange.com. In short if you can't trust the client (web cafe machine), you shouldn't log in.

That said, there seems to be two ways to have secure login from an untrusted computer:

1. Two-factor authentication. Combining "something you know", which is your passphrase, with "something you own", usually a physical security token, such as a SecurID. The Yubikey looks cool, but it requires USB port access and, well, I don't think we can expect people to buy a device to use kip.
2. One time passwords. This is great, but I can't think of a way to manage it. You can't memorise them all.
   • Do you print out a big list and carry it around with you? That works for a short time, like a vacation, but not for random access on my wife's computer.
   • Do you use sentences from a book, like in a spy novel? You would only need to capture a couple of sentences for Google to find the matching book.

Unless we can come up with an elegant way of making one-time passwords, I think we should drop the requirement to be secure on an insecure client (web cafe), and focus on allowing access on a trusted machine (wife's laptop, friends house) which doesn't have kip / gpg on it. That's a much simpler scenario. As long as we're over SSL, we can ask for the secret key's passphrase.

GPG allows you to change your passphrase without changing your secret key, the passphrase just encrypts your secret key.

from kip.

Pull request in #11

from kip.