Security of crypto security measures
Mok-Kong Shen
How secure are the crypto security measures in practice today? In
everyday life, it is trivial that, if one puts treasures in a safe,
one has to consider how secure is the lock and even whether the
gangsters could carry the safe away. In matters closer to crypto,
UNIX, according to a revelation by one of its designers decades
after its launch, had a backdoor. And Windows have permanently to
be patched due to hacker attacks being detected. After all, it
is a general fact that the majority of all kinds of software are
not perfectly verified (if any formal verification were attempted
at all), so that there is almost always some non-negligible chance
of the existence of bugs that could be exploited. (The recently
reported case that the kernel of an OS was proved to be ok is a
very rare exception, I suppose.) In history of crypto, one knows
(or rather it is very plausibly believed by many) that a well-known
crypto machine manufacturer once enabled backdoor in its products
delivered to a certain country that was used for encryption of
diplomatic communications. Not very long time ago there was quite
some discussions in the media in Germany on the issue of whether
"online investigations" should be legalized, which, as far as I
understand, seem to mean the deployment of Trojans etc. on the
computers of the civilians by offcial agencies.
So how sure is a normal user of security software in the security
of his/her private communications in the current state of affairs?
Thanks.
M. K. Shen
Spinner
Security of crypto is one of the smaller elements of data protection
and the chain of trust tied to it.
1. If you didn't do it ALL for the crypto part, including write it,
code it, and literally build the hardware it runs on (from discrete
components), then you have to trust somebody. Usually a bunch of
somebodies. Bottom line: You're guessing the platform is safe
(without proof) and you're guessing the running code is faithful to
the program (also without proof).
2. The security of the algorithm is generally provable to a
satisfactory level. e.g. open source routines (AES) and even
executables (axcrypt) that have been out and about for a while. Peer
inspection is the only real way to 'validate;' a crypto algorithm for
real people (not nation states)
3. Crypto is the trivial element. Nobody normal owns a provably secure
computer. (Did you build the chips? No?, then you're guessing. Lets
not even go into the OS).
4. The question is How hard is it for somebody to read your stuff. Are
you sure the data you encrypt has NEVER existed in plan text on your
computer? If it has, was it really really really erased? Ever sent
bits of it to other people? Backups? Does EVERYBODY you ever sent it
to protect it as well as you do?
5. Its lightning and path of least resistance (aka work factor).
Where's the easiest way to grab the data? The crypto math and
implementation is not the problem.. it's the whole package from
eyeball to eyeball, including all the machines and math between
eyeballs (even if theyre both yours).
6. Fully securing all the other operational parts of the process is
generally far more complex (and expensive in time and risk of losing
your data forever) than picking a good crypto package.
7. Locks are for honest people. If somebody wants your stuff bad
enough, they will get it. Money in the right hands does wonders.
8. Crypto on pcs is good for protecting your general collection of
passwords from accidental compromise of the machine (virus, etc.)
9. Once information leaves your head, it becomes vulnerable to theft,
visual, audible, and electronic. Every step is another hole for it to
leak out of. The crypto is just the safe deposit box, your stuff
passes through a lot of other hands getting to and from the box.
10. This just means match the lockbox to the security you have in the
process of transporting it to and from. As long as they are
equivalent, you have some trustable level of security. If you don't
pay attention to ALL the steps, you're guessing.
--
2+2!=5 even for extremely large values of 2
Mok-Kong Shen
[snip]
> So how sure is a normal user of security software in the security
> of his/her private communications in the current state of affairs?
For a long time I very much wondered why the mass of common people
apparently has no interest at all in the topic of encryption of their
private messages, even though it is certainly very well known to
anybody that the capability of hackers and official mafias is now
ubiquitous and boundless due to the advancements in hightech. But
I finally realized that the answer is indeed entirely trivial. For
(an average) layman has no means at all to even superficially know
whether any piece of security software (or hardware) is ok. If, for
example, an AES software is in exe-file, that's for him evidently
an absolute blackbox. Even if it is in C code, he is (assuming he
has never done serious programming work) unlikely to be able to read,
let alone properly understand it. Now, if he doesn't attempt to
encrypt a privacy relevant e-mail, the chance of his secret being
known would be 1/1000000 (if we assume for argument's purpose that
the mafias have the time and money to randomly pick one out of a
million messages to examine). If, on the other hand, he encrypts
that message, then it would unavoidably be sorted out through
automatic screening mechanisms for detailed processing (he would be
defacto shouting "Here is a secret message!" to the mafias).
M. K. Shen
Mok-Kong Shen
> Mok-Kong Shen wrote:
>> So how sure is a normal user of security software in the security
>> of his/her private communications in the current state of affairs?
> Security of crypto is one of the smaller elements of data protection
> and the chain of trust tied to it.
Very true.
> 1. If you didn't do it ALL for the crypto part, including write it,
> code it, and literally build the hardware it runs on (from discrete
> components), then you have to trust somebody. Usually a bunch of
> somebodies. Bottom line: You're guessing the platform is safe
> (without proof) and you're guessing the running code is faithful to
> the program (also without proof).
I had recently a chat with acquaintances on the apparent "drift" of
morals (trustworthyness etc.) with time. One friend pointed out that
there were recent cases where certain big figures of politics had
"provably" lied to the world. The other then said that life for the
common people has in his view become much worse than the time where
there was slavery etc. For today one has even to take the trouble to
vote and elect the majesties, while in ancient times one didn't need
do that, for the kings and czars were simply there! In fact quite
some acquaintances told me that they with time have been increasingly
careful in all sorts of transactions. (I suppose the economic crisis
amply supports this anyway.)
> 2. The security of the algorithm is generally provable to a
> satisfactory level. e.g. open source routines (AES) and even
> executables (axcrypt) that have been out and about for a while. Peer
> inspection is the only real way to 'validate;' a crypto algorithm for
> real people (not nation states)
While surfing on the internet, I saw slides of lecture notes of
somebody teaching information security where he claimed that the
design of DES by IBM was modified at the last stage due to comments
by NSA such that DES could be cracked by official agencies having
the appropriate knowledge. It seems by nature difficult to contradict
such skeptisms.
> 3. Crypto is the trivial element. Nobody normal owns a provably secure
> computer. (Did you build the chips? No?, then you're guessing. Lets
> not even go into the OS).
>
> 4. The question is How hard is it for somebody to read your stuff. Are
> you sure the data you encrypt has NEVER existed in plan text on your
> computer? If it has, was it really really really erased? Ever sent
> bits of it to other people? Backups? Does EVERYBODY you ever sent it
> to protect it as well as you do?
In fact I have since some time doubt whether my PC hasn't trojans.
One suspicious indicator is that the frequency of software updates
seems to be much higher than what I would expect as a layman. (On
switching off I am very often told to let some updates be installed,
without knowing the names of the software involved). BTW, long time
ago, my job involved distributing certain software on diskettes to
colleagues. Once they came back to me complaining that their virus
detection software found virus on the diskettes I handed out. It
turned out that there was virus on the computers of the workers of
the software producer, which contaminated the original diskettes
delivered to us.
> 5. Its lightning and path of least resistance (aka work factor).
> Where's the easiest way to grab the data? The crypto math and
> implementation is not the problem.. it's the whole package from
> eyeball to eyeball, including all the machines and math between
> eyeballs (even if theyre both yours).
>
> 6. Fully securing all the other operational parts of the process is
> generally far more complex (and expensive in time and risk of losing
> your data forever) than picking a good crypto package.
>
> 7. Locks are for honest people. If somebody wants your stuff bad
> enough, they will get it. Money in the right hands does wonders.
>
> 8. Crypto on pcs is good for protecting your general collection of
> passwords from accidental compromise of the machine (virus, etc.)
>
> 9. Once information leaves your head, it becomes vulnerable to theft,
> visual, audible, and electronic. Every step is another hole for it to
> leak out of. The crypto is just the safe deposit box, your stuff
> passes through a lot of other hands getting to and from the box.
>
> 10. This just means match the lockbox to the security you have in the
> process of transporting it to and from. As long as they are
> equivalent, you have some trustable level of security. If you don't
> pay attention to ALL the steps, you're guessing.
All this seems to be a price (justified or not, depending on one's
personal standpoint) to be paid for the advancement of science and
technology. As to security I suppose, today as in ancient times,
the most secure way of transmitting a secret message remains via a
trustworthy courier who carries the message in his brain, before
of course the time when MRI and similar techniques could be refined
to the point of automatically reading the hard disc in one's head.
(Note though that a recent news reported on a successful experiment
of a certain thought transfer between two persons via computers
through tapping their brain waves.)
Thanks,
M. K. Shen