Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

PGP CL passphrase hashing?

Created: 20 Jun 2012 • Updated: 27 Jun 2012 | 6 comments
Alex_CST's picture
This issue has been solved. See solution.

Hi,

I have a scenario whereby I need to be able to hide a passphrase in a script that encrypts and decrypts files that get passed towards it, like a dumb encrypter.  There are no users or anything along those lines, the source and desination will always be the same place (on its local HDD) because it gets decrypted, modified, then re-encrypted again.

Is there a way I can do this without having keys AND being able to hide the passphrase being used (if one does get used?)

Comments 6 CommentsJump to latest comment

dfinkelstein's picture

You can do one of the following:

1.  Provide the passphrase in the PGP_PASSPHRASE environment variable

2.  Read the passphrase from a separate file descriptor using the "--passphrase-fd" option (or "--passphrase-fd8 on Windows).  E.g.:

pgp --decrypt input.pgp --passphrase-fd 0 < file-with-passphrase

3.  Enable the passphrase cache, and enter the passphrase once manually.

--------

David Finkelstein

Symantec R&D

Alex_CST's picture

would the file with the passphrase just be a simple txt file with the password?  Would we be able to provide domain credentials to get access to this file?  What I am trying to avoid is system administrators being able to get the password and being able to decrypt the files

Thanks

Edit:

If it's not possible to obfuscate what would be the best option in my scenario?  Here it is:

No PGP in this environment at all thus far.  Users of a website will be using a custom web appliation to modify files (word documents mostly) when the documents are at rest they MUST be encrypted.  There could be hundreds of people who modify these files but they cant be responsible for their own keys.  Would we just manually create keys for all these people and have them on the server?  Or would the passphrase be better?  It doesnt matter who encrypts and decrypts, it just needs to happen

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

dfinkelstein's picture

Are your documents stored locally with each user (that is, they submit the document to the server, work on it through the web application, and then it is saved back down to their system, where it must reside encrypted), or is all the storage done on the web server?

Who, exactly, do you trust to know passphrases that can unlock the keys that decrypt the files?  Can your users provide a passphrase?  Or should only a "security administrator" be able to unlock the keys, and this person is different from the system administrator of the web server?

In the example I showed, the passphrase would be in plain text in the file.

Based on the little I know so far, it seems that the following are your best solutions:

1.  Utilize the passphrase cache.  Here, you run a long-lived instance of PGP Command Line ("pgp --agent") and then the security administrator enters the passphrase (or passphrases) once, either in a terminal shell or perhaps through an administrative interface of your application.  (Note that these invocations must be done as the same system user who is invoking PGP Command Line to decrypt.)

2.  Have users enter a passphrase as part of their interaction with the web application.

3.  Store the decryption keys on PGP Universal, and utilize PGP Key Management Services to gain access to the key for decryption.  In this scenario, you hold an authentication credential locally, but the actual decryption key is stored securely on a different system.  If you suspect a local administrator of stealing the authentication credential, you can revoke the credential and issue a new one.

--------

David Finkelstein

Symantec R&D

Alex_CST's picture

We want to interfere with the application as little as possible.  We do not want end users to have to enter an additional passphrase but give the assumption that if they are using the web application they have been authenticated and are legitimate.

The web application is all on a SQL back end, that gives file references to where files are stored.  SQL needs to be able to tell where the files are stored, and when a user calls to read/edit one, the web server (.NET application with Flex) calls PGP to decrypt.  So it goes:

Adding a file

Web Application upload ---call to encrypt---> PGP ---encrypted file---> Web Application ---> Injected into SQL 

All files will be stored in 1 location most likely.  There will not be a universal server so we cant use KMS.

Would the most likely scenario be that each call to encrypt and decrypt will be done by the same key and passphrase regardless of the user?

Does that make sense?

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

dfinkelstein's picture

Unless your keys don't have any passphrase at all (which is not recommended), you need to provide some sort of passphrase to use the key, at least once.

Based on your workflow, and the attacks you are trying to mitigate, you'll have to decide what the best course of action is.

Since you are concerned about local administrator access to the key passphrases, it sounds to me like it would be best for you to either use a passphrase cache (though that will require you, the security administrator, to enter it once on the system before the key could be used by your software; you'll have to re-enter it after every system reboot), or to store your keys in PGP Universal.  PGP Command Line would authenticate to PGP Universal to use the key, and if an administrator steals the authentication credential you generate a new one (and fire the administrator).

Regards,

--------

David Finkelstein

Symantec R&D

SOLUTION
Alex_CST's picture

I guess the solution will be for an appointed person to know the password to enter it in on reboot of the machine whenever that's required.

Thanks!

Please mark posts as solutions if they solve your problem!

http://www.cstl.com