Mirrors
/
open-keychain
mirror of https://github.com/open-keychain/open-keychain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated OpenPGP Security (markdown)

Dominik Schürmann 2015-08-03 00:50:59 +02:00
parent 9ede007606
commit 08c6ce1f98
1 changed files with 6 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
OpenPGP-Security.md

@ -1,21 +1,14 @@
## Keyserver Security
* All pre-configured keyservers use HKPS
* The default keyserver is hkps://hkps.pool.sks-keyservers.net using a pinned certificate (can be found in assets)
* When updating a key from a keyserver, the fingerprint of the downloaded key is checked to match the fingerprint of the existing key
## OpenPGP Security Choices
* We never generate v3 signatures, always v4
* We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak)
* If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys)
* We never use MD5 for generating signatures
* No verification of signatures with MD5 hashes
* Sensible list of [allowed hash algorithms, symmetric encryption algorithms](https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpConstants.java)
* Sensible key generation defaults: SHA-256 with AES-256 where possible, preferred ciphers up to date
* Whitelist of ciphers, whitelist of hash algorithms, minimum key requirements, and cipher/hash/key defaults can be found in [PgpConstants](https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpConstants.java).
* We explicitly don't honor the preferred algorithms indicated by imported public keys to prevent fallback attacks (see coruus comments).
### ToDo?
Show warning on...
* We still verify v3 signatures
* signatures with RSA 1024
## Keyserver Security
* All pre-configured keyservers use HKPS
* The default keyserver is hkps://hkps.pool.sks-keyservers.net using a pinned certificate (can be found in assets)
* When updating a key from a keyserver, the fingerprint of the downloaded key is checked to match the fingerprint of the existing key
## Version Header in ASCII Armor
We don't include a version header in ASCII Armored OpenPGP packets as defined in [RFC4880](http://tools.ietf.org/html/rfc4880#page-56).