1. 10
  1.  

  2. 3

    Just some rough thoughts on attack vectors, my estimate of the level of the audience of lobsters is that I’m not going to be saying anything that you haven’t though of already, but if you don’t find yourself actively interested in security and are considering using this (all 3-4 of you) read on. I haven’t got much time, so this is a little hap hazard and I may be wrong, so I haven’t chased up references nor looked at any code. It’s rough, and should be considered if you’re going to go this route.

    Vector 1 (against network adversary in the middle: ISP / Government / employee at ISP / employer / cafe user) - monitor for hits on www.jabberwocky.com/software/paperkey/ (which I assume is the url in homebrew) - exploit router (if remote), exploit printer (routers and printer not known for security)

    Vector 2 (against network adversary in the middle: ISP / Government / employee at ISP / employer / cafe user) - mitm the HTTP request from homebrew (HTTPS fails) from homebrew to www.jabberwocky.com/software/paperkey/

    It doesn’t appear homebrew does signature checking, and that hash checking is just for checking the cache has the right file. https://github.com/Homebrew/homebrew/issues/15631

    Yeah, so that’s some FUD for you, but you should definitely consider a good answer to this FUD before you go and do this.

    </two cents>

    1. 2

      It doesn’t appear homebrew does signature checking, and that hash checking is just for checking the cache has the right file. https://github.com/Homebrew/homebrew/issues/15631

      Wow. That’s, uh, an interesting bug report. Wonder how the other OS X package managers do it.

      1. 1

        Definitely all valid points, thanks! I’m currently storing a backup using paperkey’s output, plain ASCII print out, and a digital copy stored on a new flash drive. When I was printing them out I even thought that it was definitely possible to check the printer’s spool for cached versions of the printout.

      2. 1

        I’m not sure about the need to extract just the private key bits. My entire private key file is 4.8KB; that’s a 4096-bit key, which is the upper limit of what’s needed now. I’d estimate that you can fit somewhere north of 5000 characters on a sheet of letter paper legibly; printed in hex, at two characters per byte, you should have plenty of room on two pages to fit an entire private key, with some additional ECC for good measure. Or you could base64 it, and cram the entire thing on one page.

        I also like that my key is passphrased, so I can responsibly limit the security I keep my printout under (it’s not clear to me if paperkey supports this), and I actually don’t have my public key hosted anywhere else (that’s something to fix, though).

        1. 1

          Why not just use GPG Ascii Armor output and print it to your local printer?

          Examples here: http://wiki.openskills.org/OpenSkills/OpenPGP+Key+Backup

          This doesn’t require third party tools at all.

          The ‘difficult’ part here that this system seems to fix is the ’re-importing your print out'.