On Fri, June 17, 2016 10:19 am, James B. Byrne wrote:>
> On Thu, June 16, 2016 14:23, Valeri Galtsev wrote:
>>
>> On Thu, June 16, 2016 1:09 pm, Gordon Messmer wrote:
>>>
>>> I doubt that most users check the dates on SSL certificates,
>>> unless they are familiar enough with TLS to understand that
>>> a shorter validity period is better for security.
>>
>> Oh, this is what he meant: Cert validity period. Though I agree with
you in general (shorter period public key is exposed smaller chance
secret key brute-force discovered),>
> Like many things that appear to be common-sense these assumptions have
no empirical basis. A properly generated RSA certificate and key of
sufficient strength -- RSA k>=2048bits -- should provide protection from
brute force attacks for decades if not centuries. The usual way a
private key gets compromised is by theft or by tampering with its
generation. Putting yourself on a hamster wheel of
constant> certificate generation and distribution simply increases the
> opportunities for key theft and tampering.
>
> Keys issued to individuals certainly should have short time limits on
them. In the same way that user accounts on systems should always have
a near term expiry date set. People are careless. And their
motivations are subject to change.
James, though in general one is likely to agree with this, I still
consider the conclusion I came to after discussions more than decade ago
valid for myself. Namely: forcing everyone to change password often sets
careful people off for nothing. Passwords they create and carefully keep
can stand for decades, and only can be compromised on some compromised
machine. Now, from my (careful person) point of view, US National labs
forcing me change password every 6 Months is just confirming the fact they
imply their boxes are compromised often. As: my passwords (passphrases)
are different everywhere, and I only connect one way ever: from trusted
(maintained by me that is) machine to untrusted (maintained by someone
else that is). Never from untrusted machine elsewhere.
Now, simple argument we had: if you force person to change password often,
even worse thing will happen: person will never remember ever changing
password and the last will be written on a piece of paper stuck to the
back of the screen or similar. Yes, I know about and I do use encrypted
storage dedicated for passwords. Does everybody? Things change but people
don't (almost don't).
So, the best bet for multi-user machine is to run it under assumption that
bad guys are already inside. Occasionally you see them attempting
elevation of privileges, smash them, and make the user whose password was
stolen change that, and change all his/her passwords everywhere, banks and
other $$$ accounts first. After this sort of exercise this same person
never is the one in this same sort of trouble. Yes I had these cases, not
many during last decade and a half. I also have seen an opposite attitude
on occasion (user didn't care his password was compromised on machine I
administer), then that user had all [bad] what sysadmin can get him...
> So having a guillotine date on a
> personal certificate makes sense from an administrative standpoint. One
wants to fail safe. But modifying certificates on
sealed> servers?. Really, unless one has evidence of penetration and theft of
the key store, what possible benefit accrues from changing secured
device keys on a frequent basis?
My point exactly. Only I usually try to say it in so short way, that my
point fails to propagate to readers ;-(
>
> We mainly use 4096bit keys which will be secure from brute force until
the advent of Quantum computing. At which point brute force attacks will
become a pointless worry. Not because the existing RSA> certificates and keys will withstand those attacks but because the
encryption process itself will move onto quantum devices.
That> development, if and when it occurs, will prove more than the code
breakers will ever be able to handle. Of course then one must worry
about the people who build the devices. But we all have to do that
already. Bought any USB devices from China recently?
Well, I started to avoid Lenovo after they shipped laptop with malware
preinstalled. It took them some time after they bought laptop line from
IBM. But yes, firmware/microcode malware is something that will bite us
soon.
BTW, the secret known to two people is not a secret.... Who said that?
Cheers,
Valeri
>
> --
> *** e-Mail is NOT a SECURE channel ***
> Do NOT transmit sensitive data via e-Mail
> Do NOT open attachments nor follow links sent by e-Mail
>
> James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
> Harte & Lyne Limited http://www.harte-lyne.ca
> 9 Brockley Drive vox: +1 905 561 1241
> Hamilton, Ontario fax: +1 905 561 0757
> Canada L8E 3C3
>
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++