Delaying the GPG update until Whonix’s next scheduled release creates a security gap. Users who avoid third-party repositories will lack post-quantum encryption capabilities during this period remain unable to encrypt messages or files with quantum-resistant keys.
Pushing GPG 2.5.19 to Whonix repositories ahead of the standard release cycle would address this. Such a move positions Whonix at the forefront of proactive security, potentially making it the first distribution to offer post-quantum gpg natively.
The package is pre-compiled from GNUPG. Implementation requires only uploading and signing within Whonix’s repository infrastructure. Please address this as soon as possible.
2 Likes
For various reasons Kicksecure tries to diverge by the smallest possible amount from its upstream projects, and especially from Debian:
- wants to share its work with the rest of the Free Software community;
- benefits from additional code review;
- values maintainability very much and believes users are best served if Kicksecure keeps the amount of work needed to maintain Kicksecure as small as possible;
- Dev/maintainability;
- Focus on low-effort maintainability
Note: Whonix is Based on Kicksecure.
For quantum-resistant cryptography, Kicksecure and Whonix ship with the Codecrypt package by default. Note that, as post-quantum algorithms have been frequently broken by cryptanalysis, using Codecrypt alone is potentially a bad idea. It would likely be better to encrypt data with GPG first, then encrypt the GPG blob with Codecrypt, ensuring that if either kind of encryption is broken, the other one still has a chance of working.
2 Likes
Next version of Kicksecure, Whonix most likely won’t come with GnuPG at all.
3 Likes
Kyber is not the best possible pq algo. It’s debatable why NIST is pushing and promoting this one compared to other more robust finalists. I’m not implying that it is broken but the family of algos it is from are encountering notable cryptanalysis attacks
2 Likes
I understand this, but it would require no serious effort to push the newest GNUPG for now. Codecrypt is not audited and would be even less trusted than Kyber with GPG.
Excellent! Are any post quantum algorithms supported in sq? And even if this is the case, is there any way we could get the newest version of GPG on Whonix/Kicksecure 18?
When something better is available, use it but for the time being this implementation in GPG is a hybrid, I think it would be safer than ECC alone. I see no reason not to use what is currently available and adopting better options when they are available?
It would require serious effort. GPG is a core component of Debian and may be used by more than just end-users and Whonix’s own code. Replacing GPG would require determining what apps may be affected, determining which of those apps we care about, and ensuring that the newer GPG was compatible with those applications. Beyond that, GPG is written in C, and architecture-specific code is difficult for us to package for platforms other than x86_64, while we want to support additional CPU types such as ARM64. Use of precompiled binaries may be unacceptable for security and compatibility reasons. I could go on, but this is:
2 Likes