Opened 4 years ago

Last modified 4 years ago

#48 new task

Consider --compress-algo NULL

Reported by: Daniel Kahn Gillmor Owned by: Silvio Rhatto
Priority: major Milestone: hardened
Component: security Version: 2.0.0
Keywords: Cc:

Description

the openpgp mailing list has a discussion right now about the riskiness of the use of compression when compressing password files when an attacker can observe the size of the file and can force the user to add a new password of the attackers' choosing (similar to the TLS CRIME attack):

https://www.ietf.org/mail-archive/web/openpgp/current/msg07252.html

I haven't thought through all the consequences here yet, but it's possible that we should ensure that keyringer always uses --compress-algo NULL when encrypting any of its data files.

Change History (2)

comment:1 Changed 4 years ago by Silvio Rhatto

If that's the case, then it should be easy to implement:

diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index f1af951..e42d51b 100755
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -289,10 +289,11 @@ function keyringer_set_env {
     exit 1
   fi
 
+  # Don't use compression, see https://keyringer.pw/trac/ticket/48
   if [ ! -z "$KEYID" ]; then
-    GPG="gpg --quiet -u $KEYID"
+    GPG="gpg --quiet --compress-algo none -u $KEYID"
   else
-    GPG="gpg --quiet"
+    GPG="gpg --quiet --compress-algo none"
   fi
 
   # Check keyring config version

I also haven't read the whole thread so I'm still unsure if we shall implement this by default.

comment:2 Changed 4 years ago by Silvio Rhatto

Milestone: hardened
Note: See TracTickets for help on using tickets.