[Remops] austria remailer's keys compromised
christian mock
cm at tahina.priv.at
Tue Apr 24 18:42:10 BST 2012
Today, the police arrived with a court order that allowed them to
create a forensic disk image of the austria remailer. This apparently
was on request of the US authorities, related to the Pittsburgh bomb
threats.
Therefore, I had to destroy any existing keys and create new keys (see
below).
What does this mean?
- The remailer's private keys are compromised, so any message that was
encrypted to those keys can be decrypted, *if* it was intercepted in
the form it reached the austria remailer.
- If you've been following best practice and used a chain of
remailers, this chain has been weakened, but probably not broken.
- Since I've destroyed all existing keys, messages "in flight"
encrypted to those keys will be discarded. I'm sorry about that.
- You need to update your keyrings before you can include austria in
your chains again
- Depending on how paranoid you are, you may assume the machine is
backdoored, since the authorities have had access. I will re-install
the machine from trustworthy media, but due to the logistics
involved this will take a few weeks.
The new keys:
austria mixmaster at remailer.privacy.at 8ed603304ed22f688e8f8afe08a0e57b 2:3.0 C 2012-04-24 2013-05-19
-----Begin Mix Key-----
8ed603304ed22f688e8f8afe08a0e57b
258
AATM4V5Fhkf9E5jzDrhDyUOZQO8Eu8X6Ba9Jccd9
o0BTp+AkejjTAIirKd55NKf+w67CtEDOA8WBK+5m
CX42MevVLN4P+SYeCRrkiZiDQKl7v3Fr6G17St+0
VwTNL9JUQLub/H/IQjIHu61P0M8n9e3kowpGGNhk
NdcaeJMLOAFVKwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
-----End Mix Key-----
Type Bits/KeyID Date User ID
pub 1024D/B052DF06 2012-04-24 "privacy.at Anonymous Remailer" <mixmaster at remailer.privacy.at>
sub 1024g/B5DDE492 2012-04-24
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: Mixmaster 3.0 (OpenPGP module)
mQGiBE+W3BURBAD5FrmY4fYooh5aaJmCvR6Z8C3DvhxBXhmiHessswt6Kowv2p5t
mdVGg7XMjnzehy1pki9UfB+bSdSFhvONH7NnK9XaLlm9hJ8hdCPSH5Jg9NlB6pMP
f8dJFBNVofPAaE5sVTCGQ0Ma8W9jKh0LSpBg0pjkn5b/PiTZDCKhpSN3CQCg/JDs
SHR7veH6VY2RdMbP5wg7U/sEAI8rBeCec5POEQ31Velv706Dv24STApWoVMOcW00
KCAjUY56wZKbM/Pa/Aja/t0+21rYsDzL3+r2YPdc6+/49FgtyuWmlIJqAkv7anfm
nHOCansJXuShKLbszYAurfPP6igah/KxYBEfTPpK62TKwixlUJvufW5XFP99M0nA
bYlgBACIgUDMT/PXMg/z0Zz+MKeYZrrclNGyFc2SPdlXHZReSXawvOseM3M/2sVh
rN6nehl96ugjVtRJsYAyDNXa++8FUB5B08GtzXQ6ymyiMuFtDOfn4uJzSrfbXSEP
fL8ed3BJ0S5t3vjtg7ItrbiSvl94U6wXPkZZ8cA6NchHiT1h7rQ/InByaXZhY3ku
YXQgQW5vbnltb3VzIFJlbWFpbGVyIiA8bWl4bWFzdGVyQHJlbWFpbGVyLnByaXZh
Y3kuYXQ+iQBNBBARAgANBQJPltwVAwsDAgIeAQAKCRBm3YRksFLfBupPAJ9ZK/g1
JNTYM/tLOX5tvotuT5lIKACgmI32n+xW14ZKJG0/sRkDppW5peG5AQ0ET5bcFRAE
APw2F8c5MYPI5XyNVqXhwdZBcqO8DusajQ8wsGEPqhJKxRwRjW1TWFsbKLQeB9Bf
/MEeTVdnoPmBT1ryJjKYVfwL9kFyNnOO+rP0jCSkZoUQvwGRNfuQaSAyxAiRmS1o
KQHCHc0wOMhtZGv+DfbnNrvExVSos/x1X/zOHGvT2AhnAAMFA/9Y8cIBcVGkaLXD
SyemCu9i8amva394YwA3kh661rrwE1585lSoT5SqM+hmGvOo9WgIqYKh4EFKLgxa
FBy7YEbuHtzj1IwNuSUPU0a1aqW9kBFoKyTxTtwgbW6gtcedjn5iYDyYsK+GV3aX
3p0HeamzTcgvBikpCLdsaNlDyJEQ3IkARgQYEQIABgUCT5bcFQAKCRBm3YRksFLf
Bvm9AJ0fhedgsVmoJDvncEEN6G6gW4tyfACg76NyUepsYDumwyiOc2/+RsDfLBQ=
=5GOB
-----END PGP PUBLIC KEY BLOCK-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: Digital signature
URL: <http://lists.mixmin.net/pipermail/remops/attachments/20120424/02f41eea/attachment.pgp>
More information about the Remops
mailing list