Replying to Avatar simulx

ultimately, it's not safe to put your private key anywhere. it should live on a yubikey or something and never leave unless explicitly exported to another public key (using a cert that verifies the hardware). but browsers and smartphones simply have shitty support for talking to device keychains and hardware devices. and a lot of this failure is caused by the cryptography community with increasingly opaque and bad standards (won't let me do a dh operation, because i might do it wrong)

so we all just paste private keys.

the entire cryptography community got something very basic wrong when X.509 came out

it's the same thing they get wrong when it comes to password security

every time you try to prevent users from using the gun you made to shoot themselves in the foot, you inevitable create a new class of users that just makes their own gun from scratch. which is arguably much more dangerous.

good example: frequent password changes lead to people making easy to remember passwords with minor differences on the end. or writing them down. or sticking them all on a notepad doc on their machine

better solution: require very long passphrases with no special characters. long == hard to break.
Avatar
simulx 2y ago

if i can't execute a simply elliptic curve multiplication with my stored private key, i am forcing some protocol developers to *not use my smartcard*. smartcards and webcrypto apis must support multiply/tweak. optionally they can also support higher level and safer signing operations. but to *fail* to support lower level operations they are inviting disaster. (no schnorr sigs? paste a private key. no verifiable secret sharing protocol? paste a private key . no key-export-to-pubkey feature? you guessed it.)

#[0]

Reply to this note

Please Login to reply.

Discussion

No replies yet.