cinch-plugins icon indicating copy to clipboard operation
cinch-plugins copied to clipboard
verified publisher icon Quintus

GPG authentication

Open Quintus opened this issue 13 years ago • 0 comments

Never use insecure passwords again: Challenge-response authentication with GPG for Cinch, if you really want to build your own channel-maintenance bot. It could work like this:

  1. Set the acceptable GPG key IDs in Cinch’s config (this is static, and can neither be accessed nor written from IRC).
  2. You request Cinch to encrypt a message targetted at you.
  3. Cinch checks if the key ID is on the white list, and if so, sends you some randomly generated blob ecrypted with your public key.
  4. You decrypt the message and sent it back signed to Cinch.
  5. Cinch checks whether the two messages are equal and your signature is valid
  6. If everything is fine, Cinch grants you Op rights.

This gives us three layers of security:

  1. Whitelist. (easy to cirumvent, just look up the Op’s key ID)
  2. Randomly generated, encrypted message. (This is harder, but you may find some way to compute what message was generated and skip the decryption step)
  3. GPG signature check. (As long as you properly keep your private key private, there shouldn’t be any time-feasable way to crack this)

Of course, if anyone can hack into your bot this won’t help you any far. I’d therefore appreciate at least one other pair of eyes that looks over the code if I really implement this sometime.

However, there’s still a security problem here. Someone could intercept the signed message on its way back to Cinch, so there must be some kind of Nick mapping in the signed message — the GPG signature guarantees the message’s integrety, so a possible interceptor may intercept the message, but cannot change it without having Cinch notice that.

Valete, Quintus

Quintus avatar Dec 18 '12 21:12 Quintus