Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC

New Message Reply About this list Date view Thread view Subject view Author view

Mike Rosing (eresrch@msn.fullfeed.com)
Sat, 2 Jan 1999 23:05:47 -0600 (CST)


On Sat, 2 Jan 1999, Ryan Lackey wrote:

> My laptop HDD, which was the only place in the world my PGP key 0xFBAF5E44
> was stored, appears to have died at 0xFBAF5E44, taking the key with it. Due
> to the presence of confidential data on that drive, I do not think it will
> be data recovered, at least not quickly. The drive itself is not long for
> this world; some appropriate death will befall it as soon as I can come up
> with a suitable implement of destruction.
[....]
> Abstract commentary on security:
>
[....]

This is an interesting problem. Your identity was tied to a macine,
and when it failed the verification of your identity was lost.

This is a plug, but it's taken at the most opportune time I can
imagine. If PGP used elliptic curve PK you wouldn't have this
problem. Your verification can be regened by hashing your pass
phrase. That's not the same as being unlocked, it's being recreated.
>From your wetware. If that goes, all your data is lost too.

One major advantage of being able to carry around your verification
in your head is that you can create your secret key on any machine.
That's also dangerous for the unaware, but in this case you could
have recoverd most of your data and not have had to send the message.

Patience, persistence, truth,
Dr. mike


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:01