PDA

View Full Version : Thinking outside the box


dsinope
11-15-2008, 9:55 AM
http://imgs.xkcd.com/comics/legal_hacks.png

ETD1010
11-15-2008, 10:19 PM
I don't get it :confused:

sorensen440
11-15-2008, 10:21 PM
I don't get it :confused:

me neither....

bwiese
11-15-2008, 10:26 PM
For those that don't get the comic....

- many crytographic software, hardware, etc. have the status of 'arms' and their export is limited/controlled/prohibited. Gov't even wanted to restrict crypto use *within the USA* in the 1990s and wanted 'key escrow' cipher systems so Big Gov could read anything it wanted to.

The comic was about using crypto to bypass ISP website filtering, and if that were attacked, it could be regarded as an RKBA violation.

CCWFacts
11-15-2008, 10:35 PM
Indeed.

Back in the 90s, Al Gore was going to save us from terrorists by mandating that every phone etc have a Clipper chip (http://en.wikipedia.org/wiki/Clipper_Chip) in it, to allow the US government to read communications without worrying about strong encryption.

Bill and Al were not only scared of guns, they were scared of people being able to maintain the privacy of their communications.

And crypto was, at the time, regulated as a munition, and so it required all these export approvals from the State Dept and the NSA to be exportable. That's what that cartoon is about. There were in fact a few people who were harassed for illegal exports, but I don't know if anyone was ever convicted for exporting some ordinary general-purpose encryption software.

Today encryption software is built into everything, include web browsers, operating systems, etc. Everything except telephones, that is. Ordinary cellphones today have more than enough horsepower to do end-to-end voice encryption, but it is not done. It would be so easy to do today that it's almost trivial, but there's some legacy of "we need to be able to wiretap phone calls or the world will end".

By the way, I'm not saying that phones should never be tapped. They should, sometimes. It's a perfectly legitimate law enforcement and national security tactic. But they don't need the Clipper chip to do that. My assumption is that, today, if they have to get access to some encrypted stream, they probably have enough not-publicly-known exploits within all the various operating systems that they can get in pretty easily. So even though crypto is widely used on computers today, it is not the end of snooping.

To prove my point about vulnerabilities and exploits being omnipresent back-doors to bypass almost any strong encryption scheme, Al Gore's Clipper chip itself had a very serious, very exploitable flaw built in to it, published by Matt Blaze in 1994. If the Clipper chip had a big gaping hole like that in it, well, they shouldn't worry too much about being denied access to the files on your Windows XP box.

dsinope
11-15-2008, 10:54 PM
Today encryption software is built into everything, include web browsers, operating systems, etc. Everything except telephones, that is. Ordinary cellphones today have more than enough horsepower to do end-to-end voice encryption, but it is not done. It would be so easy to do today that it's almost trivial, but there's some legacy of "we need to be able to wiretap phone calls or the world will end".


Cell phones are interesting devices. They can be programmed remotely - the central office pushes down a new OS. Using that OS someone could cause a phone to behave in ways the user doesn't expect. It could, for example, turn on the microphone to high gain and transmit anything it hears, and take and transmit a photo every couple of minutes. It looks like the FBI has used the technique at least once - US v John Tomero, et al (http://www.politechbot.com/docs/fbi.ardito.roving.bug.opinion.120106.txt)

OnStar also includes small print in it's user agreement a warning that it's microphone can be turned on to monitor a car's occupants, and that it will comply with law enforcement to do so.

Yes, the point of the cartoon is that the IT community fought long and hard against the crypto restrictions. The joke is that if they hadn't, and let crypto be called munitions, they could challenge the restrictions with the second ammendment instead of with the first.

hoffmang
11-15-2008, 11:15 PM
:whistling:

-Gene

Codelphious
11-16-2008, 12:02 AM
I love cryptography, and I think any effort to improve on the matter is worth investing in. I'm sure I'm not the only one who believes the NSA building in Maryland isn't pulling down more electricity than Las Vegas simply tapping phone lines -- there's clearly massive computing going on.

I had one professor in college state that he believed the NSA may posses enough computing power to crack a 128-bit AES cipher in a reasonable amount of time (days/weeks as opposed to years). Why else would they "recommed 128-bit" as opposed to 192 or 256? 256-bit is only slightly slower and offers not twice, but 2^127 times more protection.

Of course the NSA adopted AES; it's their "baby", so to speak. So who's to say they don't already know of an exploit?

RSA on the other hand is incredibly reliable (when used with sufficiently large keys). Since RSA is based on mathematical equations which are theoretically impossible to solve quickly (without the key), I see no reason not to recommend it. Plus, since it's a hybrid crypto-system you can encrypt data using someone's public key, which only they can decrypt with their private key. Which completely solves the key distribution problem, since a public key can never be used to decrypt a message (only encrypt)... it's just so mathematically beautiful!

Sorry for the bore-a-thon. Like I said, I love cryptography. :D

hoffmang
11-16-2008, 12:27 AM
I've actually interacted with NSA over key lengths. They were on the industries side back in the Crypto wars as they felt that it was more important that we in the US needed to be secure against everyone else.

Every recommendation that NSA has made to any major crypto scheme has proven to make it safer upon close inspection.

-Gene

N6ATF
11-16-2008, 12:29 AM
:wacko:

CCWFacts
11-16-2008, 12:42 AM
I've actually interacted with NSA over key lengths. They were on the industries side back in the Crypto wars as they felt that it was more important that we in the US needed to be secure against everyone else.

Yes, that's also my impression.

Every recommendation that NSA has made to any major crypto scheme has proven to make it safer upon close inspection

That's my impression, with only one exception: DES key length. Why did they need to put so many parity bits in the key? It reduced the key strength to 56 bits, which is fatally weak, which was probably obvious even back in the 70s when it was first released.

jumbopanda
11-16-2008, 3:55 AM
It takes a very very particular type of person to understand a joke like that.

hoffmang
11-16-2008, 11:32 AM
That's my impression, with only one exception: DES key length. Why did they need to put so many parity bits in the key? It reduced the key strength to 56 bits, which is fatally weak, which was probably obvious even back in the 70s when it was first released.

I think that was an era issue. At the time of DES adoption, it was before widespread commercial cryptography. Also, parity checking was really needed in the old networks. To NSA's credit they did push the banking sector to got to 3DES and subsequently AES.

-Gene

CCWFacts
11-16-2008, 11:50 AM
I think that was an era issue.

Perhaps. I guess they were also implementing this mainly in hardware. For us today, there's zero cost or performance difference in 64bits vs. 128bits keys, but for them, with 1970s hardware implementations, it was a very big difference.

To NSA's credit they did push the banking sector to got to 3DES and subsequently AES.

Yes, and AES looks very solid, and designed through a very open process.

The NSA has done a lot to enhance commercial security. They used to publish the "rainbow books". They have contributed a lot to SELinux (security enhanced). Among many other things.

leelaw
11-16-2008, 12:33 PM
:whistling:

-Gene

:rofl2:

rayra
11-16-2008, 3:18 PM
I've actually interacted with NSA over key lengths. They were on the industries side back in the Crypto wars as they felt that it was more important that we in the US needed to be secure against everyone else.

Every recommendation that NSA has made to any major crypto scheme has proven to make it safer upon close inspection.
-Gene

Very carefully parsed sentence, counselor. It completely leaves out the intrusiveness / back doors / freedom-curtailments that the NSA was advocating, still advocates. And which the EFF fought from the beginning.

http://w2.eff.org/Privacy/Crypto/

hoffmang
11-16-2008, 3:21 PM
Very carefully parsed sentence, counselor. It completely leaves out the intrusiveness / back doors / freedom-curtailments that the NSA was advocating, still advocates. And which the EFF fought from the beginning.

http://w2.eff.org/Privacy/Crypto/

1. You really do not know who you are talking to.

2. You are confusing DOJ and the Clinton administration with NSA. The .gov is not necessarily of one mind on issues like this.

It's not really that hard to figure out who I am and why I point out #1. I'll give you a h (http://www.imc.org/ietf-openpgp/mail-archive/msg00010.html)int.

-Gene

dsinope
11-17-2008, 8:53 AM
:rofl2:

Sorry if I offended, that wasn't my intention.

swhatb
11-17-2008, 12:45 PM
For those that don't get the comic....

- many crytographic software, hardware, etc. have the status of 'arms' and their export is limited/controlled/prohibited. Gov't even wanted to restrict crypto use *within the USA* in the 1990s and wanted 'key escrow' cipher systems so Big Gov could read anything it wanted to.

The comic was about using crypto to bypass ISP website filtering, and if that were attacked, it could be regarded as an RKBA violation.

thanks... now i get it.

hoffmang
11-17-2008, 3:01 PM
Sorry if I offended, that wasn't my intention.

I think leelaw was just (appropriately) laughing at my post.

-Gene

sierratangofoxtrotunion
11-17-2008, 3:11 PM
I think leelaw was just (appropriately) laughing at my post.

-Gene

I laughed too, but didn't comment. You've made my head spin talking about digital certificates and other things I'm not familiar with. I do fluid dynamics, not computers! But what's with the link to PGP stuff from the 90s? Your name doesn't appear on it...

jb7706
11-17-2008, 3:41 PM
Your name doesn't appear on it...

Go to the page. On your keyboard press and hold CTRL and F key. Type Hoffman in the box and hit enter. You can also Google for Gene Hoffman pgp. Interesting reading.

sierratangofoxtrotunion
11-17-2008, 5:18 PM
Go to the page. On your keyboard press and hold CTRL and F key. Type Hoffman in the box and hit enter. You can also Google for Gene Hoffman pgp. Interesting reading.

Ah, ok, I just skimmed, I didn't actually check.

Fjold
11-17-2008, 8:18 PM
Nerd humor

pizzatorte
11-17-2008, 9:12 PM
Every recommendation that NSA has made to any major crypto scheme has proven to make it safer upon close inspection.

That's my impression, with only one exception: DES key length. Why did they need to put so many parity bits in the key? It reduced the key strength to 56 bits, which is fatally weak, which was probably obvious even back in the 70s when it was first released.

The NSA made recommendations for a particular change in how DES worked. At the time everyone was paranoid that they were introducing some back door that no one else could unlock. Nearly 20 years later, public cryptologists discovered that these changes actually made certain attacks much more difficult. The open cryptology community had only just discovered the method, but the NSA clearly knew about it decades earlier.

http://en.wikipedia.org/wiki/Data_Encryption_Standard#NSA.27s_involvement_in_th e_design

CCWFacts
11-17-2008, 9:24 PM
The NSA made recommendations for a particular change in how DES worked. At the time everyone was paranoid that they were introducing some back door that no one else could unlock. Nearly 20 years later, public cryptologists discovered that these changes actually made certain attacks much more difficult. The open cryptology community had only just discovered the method, but the NSA clearly knew about it decades earlier.

Yup. They knew about differential cryptanalysis, and they wanted DES to be safe against it, but they didn't want to reveal DC, so they made the changes and said, "just trust us". Of course, a lot of people didn't, but the NSA was, in fact, correct and trustworthy in that one instance at least.

I think now things have shifted more towards openness in security design. AES was developed based on submissions from the public, with a thoroughly open design and review process. I think there's been a realization that "security through obscurity" is a disease, at least when it comes to protocol designs. Operationally, yes, keep it obscure, but for the design of a protocol, or even a piece of software, the advantages of keeping it open usually outweigh the possible advantages of secrecy.

nick
11-17-2008, 9:47 PM
Nerd humor

Not nerd, geek :)

nick
11-17-2008, 9:54 PM
Seriously though, I leave work to relax and read up on something relaxing, i.e. guns. What do I get instead? Work :nuts: