[pass] GPG Compression and Authenticity
siim at p6drad-teel.net
Wed Mar 19 08:15:51 CET 2014
Good to hear that pass is getting some auditing attention :)
I'm struggling to find a situation where signing would help significantly. If an attacker can modify the store, they will be able to deny you access to any of the passwords. In which case would it be more useful for them to provide a wrong password? For a social engineering attack? To get an account to lock?
It also seems that it would be somewhat rare to have a pass repo that is *pulled* from as this is the only case I can think of where this attack isn't shadowed by a complete compromise:
1) Changed repo contents do end up being queried (on a different machine)
2) Attacker can't just snoop on local gpg invocations (there aren't any)
With this in mind (unless there is a more serious threat I'm overlooking or a dead-simple fix in pass) your suggestion sounds appropriate.
"Jason A. Donenfeld" <Jason at zx2c4.com> wrote:
>Alfredo Pironti, CCd, has written me to point out two issues in pass.
>The first is that he believes gpg compression might reveal information
>relating to the entropy of the enclosed password. Commit 51f9b6888
>The second is something I've known about and considered for a long
>time, which is that an attacker can swap out a gpg'd password with a
>different one, or rename and/or delete passwords, because we only
>encrypt but do not sign incoming passwords or filesystem information.
>Apparently this is a big enough deal that a LaTeXified paper is being
>submitted to a conference about it. The response toward this which I'm
>leaning is that folks who desire tamper-proof password stores should
>use the "gpg-sign" option of git-commit, along with hooks for
>Password-Store mailing list
>Password-Store at lists.zx2c4.com
More information about the Password-Store