Passwords and Passphrases

First of all you should notice that if you are really involved in top secret issues, if you are a company involved in billion dollars business, if you are a secret agent, in a nutshell, if your life depend on one message privacy, well, don't be worried about passphrases security; just keep on reading this page, and you will be surprised to know that sometimes, well, even the strongest cryptographic algorithm maybe really useless...;-)

(In case you are a simple PGP user like me, and you just consider privacy an important issue, keep on reading this page for your information...).

What 'they' need to crack PGP

In order to read an encrypted message intended for you, an attacker needs your private key and your passphrase. Anyone who get your private key and your passphrase can read all encrypted messages directed to you! How can they get your 'secring.skr' file (your private key) and/or your secret passphrase? And what countermeasures you can adopt? Let's see most known Problems and relative Countermeasures:

16. You leave your private key inside of your computer - If you do it, remember of it when you deliver your computer to a repair shop, when you sell the computer (without reformatting the hard disk), when your secretary uses your computer, when your son's uni friends use your computer, when you are connected to the Internet and a malicious trojan horse stole your secret key, when someone in your office goes to your computer at lunchtime, when your computer is stolen...in a nutshell: take away your private key from your computer! You have been warned... :)
    3. Though it is a very hard job to decrypt a message with your private key (secring.skr) without your passphrase, I think you should keep your private key in a secure place. So:
       1. Move your secring.skr file from your computer to a secure place (for example a floppy disk)
       2. Do not mark the floppy disk containing your private key in a manner like this: 'My really secure PGP private key...'
       3. Protect your floppy disk from undesired glances by means of some encryption software such as PassKeeper 1.2 (this software uses a DES implementation written by Eric Young)

16. You give your private key around - Ok, you think I'm joking now...well, there are really several people who give their password/passphrase to other. Often crackers phone to their victims pretending to be their ISP: 'Hello, I'm Foo Foobar from FooISP...due to recent problems concerning security, we have to change all profiles which are related to our users...for this reasons we have to erase and modify all old passwords...as you won't be able to use your current password in a very next future, I have to get it in order to erase it from our main computer...I'm going to give you your temporary new password 'trapduserXX'...so will you please give me your current password?'...Well, believe or not, MANY users (also expert users) fall into the trap and give their passwords. This job is called 'Social Engineering', and it is the most effectively used technique to retrieve passwords. All crackers know it... ;-)
    3. Don't give your password to anyone for any reason!! Believe me: your ISP don't need your password...

16. You leave your password/passphrase on a stick note on your PC monitor, on a desk calendar, in a diary, since you can't remember it...
    3. Never write your password/passphrase down! You should use a mnemonic technique or something. Refer to next section concerning how to choose password and passphrases

16. You write down your password/passphrase on a piece of paper and then throw it to the wastebasket - In this case, remember that in your office anyone can retrieve pieces of paper from your wastebasket at lunchtime...Besides remember that if you write down your password/passphrase on a piece of paper and then destroy it, a weak trace of what you wrote is still here (on the sheet of the notebook which is located under that you used to write the password/passphrase)
    3. Again, never write your password/passphrase down! If you can't avoid that, take care at notebook...;-)

16. You type your password/passphrase in front of someone who can see what you type
    3. Notice if someone is watching what you type while you are typing your password/passphrase. If so, ask him to look away from your keyboard while you are typing your password/passphrase

16. You choose a bad password/passphrase - The problem is that some programs - called password cracker - can break easily this kind of password. Password crackers use dictionaries to attempt all words on and on until they find out the right password. One of this tools - pretty known - is PGPcrack. PGPcrack is a widely distributed brute force utility used for cracking PGP encrypted files. It uses a dictionary file to get words to try, and it try them uninterruptedly until it discovers the password. PGPcrack cycled through over 15,000 words a second on a 100 Mhz Pentium (while I'm writing there are 450 Mhz Pentium around...). I think it's superfluous to tell that someone demonstrated that 56 bit DES can be cracked by means of a brute force attack. However, just for your information, you have to know that DES (Data Encryption Standard) is the most widely used commercial encryption algorithm, developed by the US Government and IBM in the 1970s. It uses a 56 bit encryption key (in a nutshell, there are 72,057,594,037,927,936 possible keys). It was considered as a very secure algorithm, since it was cracked! Cryptography Research, Advanced Wireless Technologies, and Electronic Frontier Foundation developed a specially designed hardware and software to search 90 billion keys per second. Well, not even to say, they retrieved the key and won the $10,000 DES Challenge on July 15, 1998 after searching for 56 hours. Notice that total project budget remained under $250,000...
    3. Choose good passwords/passphrases. Here follow some guidelines:
       1. You should avoid choosing your first name or second name, your nickname, your date of birth, names of people, common words, names of countries, animals and so on
       2. Don't use proverbs: some advanced password crackers know proverbs...
       3. Don't use dictionary words
       4. The longer the password the better: avoid password less than eight characters (in fact you should use passphrases)
       5. When choosing a password, mix digits letters and special characters as: ':;£$(,.ç@&/!
       6. Use a nonsense mnemonic to help. For instance, consider this phrase: 'I am writing these pages to help people to use PGP? Well I hope so!'. The corresponding passphrase maybe something like this: 'Imwritin'thesepages2helppeople2usePGP?WellIhopeso!'
       7. Create a password starting from a passphrase. So you should use a some kind of phrase which you can remember, then take the first letter of each word of the phrase and gather them to form your password. For example a phrase like this: 'My Dog Eat 2 Sausages Every Weeks!' is a right phrase. The password is: MDE2SEW!
       8. Don't use the same password for multiple purposes. On the contrary, you should use compartmentalized passphrases (i.e. certain passphrases for strong security such as PGP and some other for weak security such as screensavers). However to know more about passphrases, I suggest you to read the 'passphrase FAQ'. You can find the 'passphrase FAQ' and other related (and interesting) stuff here:
          1. Galactus' page (Netherlands)
          2. Don Henson's page (USA Texas)
          3. Patrick Finerty's page (USA Utah)
          4. SkuzNET - How to Choose a Passphrase FAQ
          5. Passphrase FAQ by Randall T. Williams
          6. The Diceware Passphrase Home Page (Diceware is a nice system to picking passphrases :-)
          7. The Diceware FAQ
          8. Besides you can find a PGP signed copy of the FAQ on alt.security.pgp.

16. A hidden microphone can grab your password
    3. Just don't read your password/passphrase out aloud! Well some people do it. You should remember that a hidden microphone can grab your password...

16. A hidden camera grab your password
    3. Use technical surveillance countermeasures methods

16. Your swap file was stolen - Windows3.x and Windows95 use a swap file to simulate a bigger memory size (virtual memory) and if you take a copy of the swap file and a file editor, you will be able to find PGP passphrases scanning though the bytes.
    3. After decrypting/signing a PGP message, wipe the swap file and power off. Otherwise, if you have enough memory, turn disk swapping off.

16. 'Not enough deleted' files - You have to know that when you delete a file, it is still here, because the operating system doesn't actually delete it. It just marks the file as deleted. However the file is still there, and you can still retrieve it with some tools such as the Norton Utilities for example. Notice that some applications keep a temporary copy of a document while you are working on it, and delete it as soon as you finish the session. Well, that temporary file is not actually deleted: it is simply *marked* as deleted...
    3. There are wiping utilities which actually delete files by overwriting them. PGP has a wipe feature, but only with one pass. It is sufficient in most of cases, but experts say that you should overwrite a file at least 3 times before it is deleted (well, even if there are very sophisticated scanning electron microscopes which can retrieve files that have been overwritten between 7 and 9 times, I think you are quite secure with those wiping utilities...;-)

16. Your keystrokes were monitored - There are programs which read keys when pressed. An attacker could install this kind of software on your system, hence he could read your passphrase while you type it. There are several methods to do that. For example, there are a lot of keyboard sniffing tools on the net such as Dos based tools. I'm talking about Dos based keyboard sniffers, because it's a bit more complicated to install programs on Unix systems, as root access is needed (of course, unless you are using an X-Window interface, as there are a lot of tools to read key pressing from an X-Window session). But how can an attacker install this kind of software on your system? Well, for example by means of a virus. Notice that loading of TSR viruses isn't needed for this purpose. In fact a boot virus can without problems do this work.
    3. Download software from trusted sources only. Use an antivirus software. Use an anti-keyboard monitoring package like 'NetSafe'.

16. Your web browser was insecure - Web browser have security bugs. Besides some programming language such as Java, Javascript, VBscript, ActiveX can be used to retrieve information from your computer (for example your keyring). Some of these programming language take more care about security problems (see Java) but some others are less secure (see ActiveX). Besides, older versions are less secure than newer versions (see first Javascript versions).
    3. Use the latest web browsers version. Disable Java, Javascript, VBscript, ActiveX in your browser. Use Lynx (an old text browser that not present any known security risks)

16. Someone watches you while typing your passphrase using a telescope through the window
    3. As you can see, an attacker doesn't need complicated tools...So, well, close the window... ;-)

16. Someone uses TEMPEST to retrieve information - TEMPEST stands for Transient ElectroMagnetic PulsE STandard and it is a standard for electromagnetic shielding for computer equipment. It means that video display units (CRT's) CPU and/or peripheral equipment, emitted electromagnetic radiation similar to radio waves which could be intercepted from a remote location at quite distance and with little efforts. For example, someone could set up a monitoring van outside your home, aim an antenna and read all you are typing - and seeing - on your computer (to know more look at http://www.eskimo.com/~joelm/tempest.html).
    3. Purchase TEMPEST-shielded hardware. Use common radio frequency shielding techniques.

16. A Trojan Horse stole your password/passphrase - What's a trojan horse? It's an apparently harmful program. Well, that program does just all things you expect of it. But like the Ulisse's trojan horse, in a similar way, a malicious code is written inside of that program. That code can record your secret passphrase and, if it finds a modem, send it to a specified host.
    3. Unfortunately, you can't detect a trojan horse before it can act. Antiviruses can't detect trojan horses, because they seem just like harmful, normal programs.

16. An attacker doesn't need your passphrase because your 'modified' PGP copy always encrypt messages with an additional key. PGP can be modified either binary code patches or modifying and compiling the source code (remember that PGP source code is publicly available on the net). Besides notice that your copy of PGP can be physically replaced with a modified copy when you are not present. Finally anyone can use a 'man in the middle' attack to give you a modified PGP copy while you download it from a legitimate site such as MIT (this attack is also called 'session hijacking')
    3. You should protect your computer with a password. You should download more than one copy of PGP and compare them. You should get your copy of PGP from a known and secure source. You should verify all signatures. You should compile your own trusted sources. You should keep secure hashes of your copy of PGP and check it regularly.

16. Viruses designed to collect/steal information stole your private key
    3. Just use an antivirus software