Giter Site home page Giter Site logo

keywatch's Introduction

Keywatch

Automatic key change detection for PGP

Public keyservers are inherently untrustworthy: anyone can submit a key, and even servers such as the PGP Global Directory, which provides email verification, can only be as secure as the email verification process.

Ideally we would all use the web of trust, however this does not occur very often in practice. If PGP is used at all, in many cases it is used with a key downloaded directly from a website, or—more precariously—from a keyserver.

Keywatch audits these sources in order to prevent malicious users or servers from providing incorrect keys. Should a malicious user submit a new key to the keyserver, the true user will be made aware. A unique feature of Keywatch is the ability to act against malicious keyservers as well. By connecting to the keyserver using Tor, it is possible to provide a conditional guarantee that the keyserver is not selectively providing different keys to different users.

Keywatch is provided under the MIT licence.

Note: A preprint is available, describing the approach in more detail along with the security guarantees that it provides:

L. J. Gunn, A. Allison, D. Abbott, Verifying public keys without trust: how anonymity can guarantee data integrity, ArXiV:1602.03316, 2016.

Synopsis

Connect to a keyserver via specified proxy and watch for changes in the fingerprint of the first response.

  keywatchd [-s keyserver] [-p proxy] <email> ...

By default, keywatchd will use Tor to connect to http://jirk5u4osbsr34t5.onion:11371, a hidden service that provides access to the SKS Keyserver network. This is defensive design decision to ensure that a bug cannot cause the site to be resolved directly, without the use of Tor.

You can test the program by putting a sample HKP response onto a local webserver at /pks/lookup:

info:1:2
pub:F3E3889185605B82933D6180D28891D2136B33B0:1:4096:1445547156::
uid:Lachlan Gunn <[email protected]>:1449261644::
uid:Lachlan Gunn <[email protected]>:1449262330::
pub:AE75A45641CD9EC9FF468912B679F3623E7B3C06:1:4096:1433251694::
uid:Lachlan Gunn <[email protected]>:1433254056::
uid:Lachlan Gunn <[email protected]>:1433254020::

Then, run keywatchd as follows:

keywatchd -s http://localhost -p "" [email protected]

Sometime during the first twenty seconds, it will load the file from the web server. Now modify the fingerprint in the first key somehow (we have added an initial 'X'). The next time the key is downloaded, the changed fingerprint will be detected and the email will turn red on the display, remaining so even after the fingerprint is returned to its original state.

Building keywatchd

Keywatch is written in C++, and requires the following libraries:

  • Boost (including program_options),
  • libcurl,
  • Crypto++, and
  • libncurses

The build infrastructure uses CMake, and has been tested on Linux with both GCC and clang. It can be built as follows:

keywatch > mkdir build && cd build && cmake .. && make
-- The C compiler identification is GNU 4.8.4
-- The CXX compiler identification is GNU 4.8.4
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++
-- Check for working CXX compiler: /usr/bin/c++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Boost version: 1.55.0
-- Found the following Boost libraries:
--   program_options
-- Found CURL: /usr/lib/x86_64-linux-gnu/libcurl.so (found version "7.35.0") 
-- Configuring done
-- Generating done
-- Build files have been written to: /home/lachlan/source/keywatchd/build
Scanning dependencies of target keywatchd
[ 16%] Building CXX object src/CMakeFiles/keywatchd.dir/main.cc.o
[ 33%] Building CXX object src/CMakeFiles/keywatchd.dir/keys/keys.cc.o
[ 50%] Building CXX object src/CMakeFiles/keywatchd.dir/hkp/hkp.cc.o
[ 66%] Building CXX object src/CMakeFiles/keywatchd.dir/hkp/parser.cc.o
[ 83%] Building CXX object src/CMakeFiles/keywatchd.dir/daemon/config.cc.o
[100%] Building CXX object src/CMakeFiles/keywatchd.dir/daemon/worker.cc.o
Linking CXX executable keywatchd
[100%] Built target keywatchd

The resulting executable is build/src/keywatchd.

keywatch's People

Contributors

lachlangunn avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.