1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-01-10 20:27:58 +01:00

Add threat model sketch to pgpainless-core/README

This commit is contained in:
Paul Schaub 2021-12-03 13:07:38 +01:00
parent fae5cd0efe
commit 5485d490e2
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -6,4 +6,40 @@ SPDX-License-Identifier: Apache-2.0
# PGPainless-Core
Wrapper around Bouncycastle's OpenPGP implementation.
Wrapper around Bouncycastle's OpenPGP implementation.
## Protection Against Attacks
PGPainless aims to fulfil the primary goals of cryptography:
* Confidentiality through message encryption
* Authenticity through signatures
* Integrity through the use of Modification Detection Code and again signatures
In short: Communication protected using PGPainless is intended to be private,
users can verify that messages they receive were really send by their communication peer
and users can verify that messages have not been tampered with.
This is being achieved by preventing a number of typical attacks on the users communication,
like the attacker introducing an evil subkey to the victims public key, or the attacker creating
counterfeit signatures to fool the victim.
Due to its nature as a library however, it does not make sense to set up defences against all possible
attack types (see below).
So here is a threat model that best applies to PGPainless.
### Threat Model
A threat model that makes the most sense for PGPainless would be an evil attacker using PGPainless
through a benign client application (like an email app) on a trustworthy device.
The attacker can try to feed the application malicious input (like manipulated public key updates,
specially crafted PGP message objects etc.) but they cannot access the victims decrypted secret key material as
it is protected by the device (eg. stored in a secure key store).
### What doesn't PGPainless Protect Against?
#### Brute Force Attacks
It was decided that protection against brute force attacks on passwords used in symmetric encryption
(password encrypted messages/keys) are out of scope for PGPainless.
PGPainless cannot limit access to the ciphertext that is being brute forced, as that is provided by
the application that uses PGPainless.
Therefore, protection against brute force attacks must be employed by the application itself.