Comments (7)
Arguments against signature support:
-
There's already a good, relatively modern signature system available to everything that would use age (minisign/signify), and we should be encouraging its adoption, not confusing it.
-
Signature support creates an affordance for using
age
for secure messaging, an application for which it is not at all suited. -
Signatures have weird UX interactions with authentication (you could argue that confusion here is at the heart of the PGP MDC problem),
-
The signature proposal here adds optional headers and, in effect, opens a door to protocol negotiation that may be hard to close.
Ultimately, the issue I see with signatures is that it's not clear what the use case is, and one of the best things about age
is that it's fiercely scoped down to its use case. If someone comes up with a clear use case for signed encrypted files that isn't "very bad version of Signal", the formats for both minisign and age are well-documented and both are available as libraries; nothing stops people from using them both.
from age.
I wholeheartedly agree with all of @adamcaudill's reasoning, except the proposed implementation.
minisign
/signify
- AFAIK the tools and their formats do not support streamed verification, thus they cannot simply be used together withage
in command or library form in streaming use cases. It means requiring more storage/passes and opening for TOCTOU vulnerabilities.- Signal - In making a useful file/stream encryption/security tool, I see no relevance whether or not a tool can be used as a bad Signal replacement.
- PGP/GPG has many, many issues. I don't see how having users create their own encrypt+sign concoction would be more secure than designing and implementing an actually secure format and tool. Creating a WoT immitation and multitudes of key, encryption and signature formats probably would not be the best of ideas.
- I guess so, if you do it badly
The use case is, that secure messaging - transporting files/streams through space and/or time usually requires both encryption and authentication of the data (making sure it's the correct data).
from age.
I prefer to have static binaries compile/run on multiple distributions/OSs easily. That is why I like golang and am trying to void C/C++ libs. The go-minisign
looked like a potential, but it only handles verifying signatures.
In the end, I am going to use age
, but it would be nice if it was built in.
# Encrypt the md5
md5sum file | age -r ... > file.sig
# Decrypt the md5 to compare against "md5sum file"
age -d -i ... file.sig
from age.
What people really want is a single key agent to do all their crypto needs, and GPG sucks if only because it doesnt allow the usage of plain encryption keys and cannot do encryption and signatures with a single secret. Wether or not code X or code Y is needed to sign/encrypt is not really a problem, although it doesnt really make sense to split them, but whatever; this is the dark age of sotware and a man shall do with what is available to him. GPG key agent currently supports a lot of systems.
What does Signal have to do with any of this? It seems quite off-topic; here's some messaging platform that uses phone numbers to create trust. Lol. How does one get signal data from his messages to prove a certain device sent a certain message at a certain time? Who the fuck knows! So it's not a real tool, just another crypto2000 vertically-integrated corporate thing. If anything, libolm is what should be used as a comparison, and it seems to mostly do data-encryption, not signatures
from age.
Having no signature support pushes the problem onto users, and comes close to forcing users to "roll their own cryptography." They're not being asked to implement PK, but there are any number of ways a user could hack together their signing solution that opens attack vectors. Having a lack of a standard exposes users and hinders adoption. For example, look at @pauldotknopf's solution above: md5sum is vulnerable to intentional corruption and shouldn't be used here. Finally, by taking no position, age limits itself to people with a certain level of technical sophistication, which is exclusive. It consequently provides a disincentive for client software to add support as it forces them into a walled garden where the only (likely) compatible software is itself.
A solution might provide a wrapper that uses minisign and age together as an all-in-one tool, easy to use and set up, combining public signing and encryption keys and farming out to the respective libraries... but, then, what about that hypothetical solution different from adding signing to age?
- Is it really preferable to have users figure out their own standards for signing and encryption?
- With everybody forging their own paths, how many different protocols will M people have to support to communicate with each other?
- What is the happy path -- a good, working solution -- for users?
- Why does adding signing support require solving the key trust problem? The author of opmsg argues for (and implements) the trust model outside of the encryption/signing tool.
from age.
I'll add my two grains of salt :P
First, what is the threat model here? If I'm encrypting a file to myself and keeping it somewhere where it can't be tampered with then I see no problem.
In other use-cases, it sounds like there is no way to verify the origin of the file, or that the file was intended to me. Which is problematic even when I encrypt to myself.
I am not too familiar with minisign, but the problem of composing here is that it most likely doesn't work in some of the important use-cases:
- if I encrypt something to you, and sign the ciphertext and append the signature, someone can still replace the signature with theirs and pretend that they sent you the encrypted file).
- If I do the reverse and encrypt the file + signature, now you can re-encrypt this to someone else and they'll think I sent them the file
from age.
This issue seems somewhat related to #59. I will add that I fully agree with tqbf who says
Unlike a full-on signing feature, a decryption feature that takes a durable sender public key seems straightforwardly an improvement?
from age.
Related Issues (20)
- age subprocess unable to read ssh key password from terminal, when called from vim HOT 1
- agessh: ParseIdentity doesn't handle inconsistent Ed25519 return type from ParseRawPrivateKey
- cmd/age-keygen: -y should report error if it fails to parse input HOT 1
- Unable to encrypt/decrypt file using ssh-rsa key
- Remove Bech32 length limitations
- Age v1.1.0 fails to build with "go install" HOT 3
- Weird characters in place of terminal escape sequences on Windows Console
- plugin: add library support for using and providing plugins HOT 3
- cmd/age: print a better error message when plugins are missing HOT 1
- command '/bin/sh -c go install filippo.io/age/cmd/...@latest' returned a non-zero code: 1 HOT 3
- Using the same file as input and output produces a corrupt result without notice. HOT 4
- Latest release spins CPU HOT 4
- Allow to use a file named - as INPUT HOT 7
- c2sp.org/age-plugin returns 404 Not Found HOT 1
- Age terminates too soon on MacOS HOT 5
- Can this method be used to encrypt movie files? HOT 1
- report unexpected HOT 1
- age: error: failed to wrap key for recipient #0: test plugin: write |1: broken pipe HOT 16
- Plugin receives only one identity or recipient when there are multiple HOT 1
- failed to decrypt and authenticate payload chunk HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from age.