I agree. On the other hand, read Uncrackable Email Part 1 by Lee Adams.
In the end, there's always pair-of-pliers-and-blowtorch decryption.
FBI seeks permission to surveil web browsing & email
- Thread starter Beethoven
- Start date
- Status
I agree. On the other hand, read Uncrackable Email Part 1 by Lee Adams.
In the end, there's always pair-of-pliers-and-blowtorch decryption.
The FBI still does need a search warrant to tap someone's connection, which is why the universities aren't fighting this on the basis of right to privacy or free speech, but rather just due to cost.
Also, it is not possible to crack many forms of encryption. There are assymetrical algorithms such as RSA and SHA1 that use one key to encrypt and the other to decrypt, and one cannot be derived from the other. For a brute force crack of 256 bit encryption would take a computer with a processor powered by it's own cold fusion reactor a couple millennia.
And many encryption programs cannot have any backdoors because they are open source.
Also any packets sent over the net pass over several servers to get to their destination. Anyone who has access to any of these hops can read anything that's not encrypted (or that is - but it wouldn't do them much good).
Also, it is not possible to crack many forms of encryption. There are assymetrical algorithms such as RSA and SHA1 that use one key to encrypt and the other to decrypt, and one cannot be derived from the other. For a brute force crack of 256 bit encryption would take a computer with a processor powered by it's own cold fusion reactor a couple millennia.
And many encryption programs cannot have any backdoors because they are open source.
Also any packets sent over the net pass over several servers to get to their destination. Anyone who has access to any of these hops can read anything that's not encrypted (or that is - but it wouldn't do them much good).
Last edited:
javafiend said:
I read the article by Adams. It's well established that if someone gets physical access to your system - the game is probably over. He also makes the point that you have to know how to use PGP correctly, the problems aronund this are well documented. I've worked with the FBI on computer crime cases, some of their people are very good - many are computer illiterate.
Simple fix - if you're paranoid, take your disk with you. Most are removable. I once worked in an underground facility with two safe doors at the entrance (it was a secure facility) and when we were done using the systems the disks came out and were locked in a safe. Another more difficult solution, establish (out of band) a series of one time pads (Vernam cipher) with the person you want to communicate with. It's not easy to establish perfectly random pads, most I've seen were pseudo-random at best. It is secure if you can get the implementation done correctly.
SpookyPistolero
Member
Agreed that this didn't take long to go over my head, either. So basically, the only way for the average fellow to go about without having his email read at will would hypothetically be to download something like that 'PGP' program? Or am I missing a few things?
This is another reason why I'm voting libertarian in the future. This is a crock.
This is another reason why I'm voting libertarian in the future. This is a crock.
Blech. You ever look at a first draft and wonder if it was written by someone with English as a second language? 
Yeah, that's me. It's better now. A bit.
Yeah, that's me. It's better now. A bit.
SpookyPistolero
Member
Thanks much for the link and help Derek. And yes, I definitely know what you mean about first drafts. If only my final drafts were any better, haha...
If you are old enough and you have a decent memory, you can remember that this kind of thing happens over and over and over again through the years -- that is government breaking the law and infringing on the rights of the people. Government, any government, is not to be trusted and must be watched with the greatest of suspicion.
I don't know why so many people want to entrust government with their lives -- it does not deserve such trust.
Rick,
The pads don't have to be random at all, as long as they never fall into the wrong hands, just as the CD's full of pads (kind of like a CD collection full of Kerberos tickets) embassies and submarines use. On my previous post, I used hashes, XORS, or really any computations on pics of naked ladies to make a point. As long as the pads are shared out-of-band and the implementation is a DECENT one (scrambles the source material before any commercial Ciphers), it's secure. The commercial ciphers are just there to burn cycles, they are NOT there to protect the data, they are there to add randomness, just as compression would.
Maybe you could bounce a couple ideas around for me.
1) Oracle counted its first (and only) customer for years as NSA. What's to stop all those Cray T3's from just cataloguing every PKE prime pair in a database? Sure it would be HUGE (number of entries anyway, if not actual data size) but since almost all key generation is done using SKIP constants to speed that up anyway, and Eulers theorem (IIRC) to produce "sufficient primes", why not pre-generate all the possible results. Do a query on public key, out pops private key. Once you have the shared secret, there is nothing to crack. Tell me these folks don't have the brute power to compute these (over a few years, they would have started long ago) and store them. Scary thought eh? Disk space is awful cheap, and getting cheaper all the time.
2) I am wondering if all this FBI hoopla, the "Able Danger" stuff (supposedly shut down for years), etc. isn't all still the same brainchild and project of the lunatic Admiral Poindexter (sp?) of Iran-Contra fame. He supposedly was neck-deep in this sort of work on behalf of DIA and NSA, (domestic information mining and collection, as well as codebreaking) and a nutcase like that could leave just such a deplorable legacy.
Seriously, don't you think steganography is already giving these people indigestion? Suppose you wanted to email somebody a "real" email, asking how the family is, how the dog is, etc. Inside the email are a few numbers strewn about. Maybe the first is somebody's age (40), the second some measurements from your new power-lounger-deluxe (34x23x96) lazyboy or whatever. The recipient then, receives this, and opens their (pre-agreed to) October 1996 copy of Shotgun news to page 40, and then puts together the 34th, 23rd, and 96th words, etc. to make the real message.
Do you really think that anybody is going to find THAT needle in a haystack? Compared to the criminal mind, everybody working against such a problem are pikers. In fact, FBI are hoping that criminals/terrorists are lazy and trust software to do what would take a few minutes by hand. Substitute a matched set of handwritten Korans for "Shotgun News" and you can see my point.
First you have to identify that there IS a message. That is joe publics best defense. No fancy shmancy software is required. The same could be done via snail-mail.
99% of your communications can wait until facetime. For those that can't, with like-minded people, the "message" isn't going to be anywhere in plain sight. Hell, it might be embedded in an MP3 or
a picture on a THR post.
Lots to think about, lots of simple solutions, aren't there?
THEY are so screwed. Which is why they want backdoors and keyloggers ON YOUR PC.
The pads don't have to be random at all, as long as they never fall into the wrong hands, just as the CD's full of pads (kind of like a CD collection full of Kerberos tickets) embassies and submarines use. On my previous post, I used hashes, XORS, or really any computations on pics of naked ladies to make a point. As long as the pads are shared out-of-band and the implementation is a DECENT one (scrambles the source material before any commercial Ciphers), it's secure. The commercial ciphers are just there to burn cycles, they are NOT there to protect the data, they are there to add randomness, just as compression would.
Maybe you could bounce a couple ideas around for me.
1) Oracle counted its first (and only) customer for years as NSA. What's to stop all those Cray T3's from just cataloguing every PKE prime pair in a database? Sure it would be HUGE (number of entries anyway, if not actual data size) but since almost all key generation is done using SKIP constants to speed that up anyway, and Eulers theorem (IIRC) to produce "sufficient primes", why not pre-generate all the possible results. Do a query on public key, out pops private key. Once you have the shared secret, there is nothing to crack. Tell me these folks don't have the brute power to compute these (over a few years, they would have started long ago) and store them. Scary thought eh? Disk space is awful cheap, and getting cheaper all the time.
2) I am wondering if all this FBI hoopla, the "Able Danger" stuff (supposedly shut down for years), etc. isn't all still the same brainchild and project of the lunatic Admiral Poindexter (sp?) of Iran-Contra fame. He supposedly was neck-deep in this sort of work on behalf of DIA and NSA, (domestic information mining and collection, as well as codebreaking) and a nutcase like that could leave just such a deplorable legacy.
Seriously, don't you think steganography is already giving these people indigestion? Suppose you wanted to email somebody a "real" email, asking how the family is, how the dog is, etc. Inside the email are a few numbers strewn about. Maybe the first is somebody's age (40), the second some measurements from your new power-lounger-deluxe (34x23x96) lazyboy or whatever. The recipient then, receives this, and opens their (pre-agreed to) October 1996 copy of Shotgun news to page 40, and then puts together the 34th, 23rd, and 96th words, etc. to make the real message.
Do you really think that anybody is going to find THAT needle in a haystack? Compared to the criminal mind, everybody working against such a problem are pikers. In fact, FBI are hoping that criminals/terrorists are lazy and trust software to do what would take a few minutes by hand. Substitute a matched set of handwritten Korans for "Shotgun News" and you can see my point.
First you have to identify that there IS a message. That is joe publics best defense. No fancy shmancy software is required. The same could be done via snail-mail.
99% of your communications can wait until facetime. For those that can't, with like-minded people, the "message" isn't going to be anywhere in plain sight. Hell, it might be embedded in an MP3 or
a picture on a THR post.Lots to think about, lots of simple solutions, aren't there?
THEY are so screwed. Which is why they want backdoors and keyloggers ON YOUR PC.
Ultima-Ratio
Member
And?
Hasn't Carnavore been up for a few years already??
Hasn't Carnavore been up for a few years already??
Yes, they do have to be random. Think about it, if they;re random, every key sequence is equally likely and an attacker has no information with which to cryptanalyze the ciphertext. Since every plaintext message is equally possible, the attacker has no way to determine which one is the correct plaintext. A random key sequence added to a nonrandom plaintext message produces a completely random ciphertext message and no amount of computational power is going to change that.
You hit that one on the head. In my last meeting with him, I had that evil little monster sitting across my desk from me, he tried to climb up on top of the desk once to make a point. He really was completely crazy and a very difficult person to work with. I'm sorry you reminded me of him, I'd almost been away from that world long enough to forget him. He had a number of projects going on in this area.
I don't want to turn this thread into a crypto discussion.
I don't consider a PRNG Random, and have no access to radioactive isotopes. Regardless, it's not a crypto thread and I won't belabor the point.
What I've heard was mostly 2nd hand, but always amounted to being 1 inch away from tearing up and biting carpets when he didn't get his way. Unfortunately, from what I've been able to piece together, it wasn't often enough where our liberties are concerned.
And that's the gist of this thread. Once given an inch of surveillance powers, there is no end to the wackjobs that can be found to fill chairs and abuse those powers.
I just get saddened thinking about people worrying about this, especially non-technical users. Since they can't adequately run or protect their home PCs, they WILL get the brunt of the spying, keyloggers, trojans, etc. While those who use ridiculously simple means to avoid having their message recognized as such (embed it in massive SPAM for instance) will skate without scrutiny.
Of course, couriers, word of mouth, USPS, FedEx, etc. are all efficient means of information delivery, just not as immediate. I suppose thats coming next, a pdf of every letter sent to NSA, including the ones "To Santa" at Christmas time.
Unintended consequences? I don't belive it. I think it's purely intentional. So I try to reassure people that your options, for truly important, truly secure commo aren't as limited as you would think.
There are ways to fight back too, especially "securing" ALL your email, AIM, MSN, etc traffic. The bigger the haystack, the better for all of us honest folks.
Bottom line, I believe the (capital "I") Internet is hated by government. If they can't control it, they will regulate, tax, and spy on it. Be ready.
Waitone
Member
Communication is communication. Method and technology is irrelevant. I want the same legal safeguards for smoke signals, snail mail, and email. Fed.gov wants to snoop? Fine, but I want a disinterest third party to monitor. Oh, but that's not an efficient use of precious investigative time. Equine skat. I don't want efficiency. I want to be safe from prying governmental eyes. Stay away from me and don't start the harassment and we'll get along just fine.
Flyboy
Member
Lupinus:
Actually, it is possible to have uncrackable encryption. Any properly-constructed one-time pad is, by definition, uncrackable; the only way to decrypt it is to get a copy of the key. The problem, then becomes one of key exchange: how do I, the sender, and you, the recipient, agree upon a key without it leaking? One of the experiemtal schemes being tested now is quantum encryption: we exchange photons between us to establish a key, using the spin of the photon to represent the bit. Quantum encryption works because measuring the spin of the photon changes it: nobody can read it after you do, because the key has been altered by you, and if anybody intercepts the key before you, we won't be able to agree on a key, so we'll recognize the man-in-the-middle attack. Quantum mechanics is fun, if twisted; I highly recommend you read In Search of Schrodinger's Cat for a good primer on the subject.
Even without using quantum methods, though, there are ways to pass the key (one-time-pad). Most modern schemes use something called "asymmetric" or "public key" encryption. These schemes take advantage of the fact that some mathematical operations aren't reversable. For example, modular division is, in essence, asking for the remainder of a division problem. Five modulo three (sometimes expressed as 5 % 3) is two: five divided by three is one, with a remainder of two. Eight modulo three is also two, as are eleven, fourteen, and so forth, ad infinitum. If I give you the answer to the problem (two), and the modulus (three), you still can't figure out the original number, because it could be any of an infinite set. This is the property of non-reversability.
Public key encryption works on these principles: I give you a public key that you can use to encrypt a message, but without knowing some secret bit of data (my private key), you can't decrypt it. As long as I keep my private key secret, the cipher is secure. An interesting side effect of this is that if I encrypt with my private key, it can be decrypted with my public key. Doesn't sound very useful, but in fact, it's very important: encrypting with my private key (which, you'll recall, I've kept secret) proves that the message was authored by me: it's a digital signature, and anybody in the world can sign it, as long as he has my public key (which is posted on several keyservers for all to download).
Now, as you say, these aren't necessarily uncrackable. They are, however, so difficult to crack as to be effectively unbreakable; the term for that is "computationally secure," and it means that while it might be possible to break the cipher, doing so would take a lot of time. How much time? One estimate I saw put the time to crack a 512-bit key at about six weeks. Doesn't sound very good, but if you add just a single bit, it doubles the keyspace, doubling the time to crack: a 513-bit key would come in at three months (twelve weeks). If I recal correctly PGP generates a 1024-bit key by default. That's six weeks * 2^512, or longer than the estimated age of the universe, to crack your message. And 1024-bit keys are the default; I used the 4096-bit option. Short answer: good luck, mate. Of course, this assumes no weakness in the algorithm itself, which is a poor assumption, but there are several algorithms considered by the experts to be secure, and I tend to trust people like Bruce Schneier (the "S" in "RSA").
So there's your answer on security and ciphers. Another good book to read, if you're interested in cryptography, is Simon Singh's The Code Book. Excellent read.
(Incidentally, there's another benefit to using digital encryption for every message: if everybody did it, spam would pretty much go away as a problem. Think about it: if it takes just a tenth of a second to encrypt a message to a recipient, spammers won't possibly be able to send tens of millions of messages per day from a single machine; the economics of spam will change radically, it'll cease to be profitable, and it'll just go away.)
Actually, it is possible to have uncrackable encryption. Any properly-constructed one-time pad is, by definition, uncrackable; the only way to decrypt it is to get a copy of the key. The problem, then becomes one of key exchange: how do I, the sender, and you, the recipient, agree upon a key without it leaking? One of the experiemtal schemes being tested now is quantum encryption: we exchange photons between us to establish a key, using the spin of the photon to represent the bit. Quantum encryption works because measuring the spin of the photon changes it: nobody can read it after you do, because the key has been altered by you, and if anybody intercepts the key before you, we won't be able to agree on a key, so we'll recognize the man-in-the-middle attack. Quantum mechanics is fun, if twisted; I highly recommend you read In Search of Schrodinger's Cat for a good primer on the subject.
Even without using quantum methods, though, there are ways to pass the key (one-time-pad). Most modern schemes use something called "asymmetric" or "public key" encryption. These schemes take advantage of the fact that some mathematical operations aren't reversable. For example, modular division is, in essence, asking for the remainder of a division problem. Five modulo three (sometimes expressed as 5 % 3) is two: five divided by three is one, with a remainder of two. Eight modulo three is also two, as are eleven, fourteen, and so forth, ad infinitum. If I give you the answer to the problem (two), and the modulus (three), you still can't figure out the original number, because it could be any of an infinite set. This is the property of non-reversability.
Public key encryption works on these principles: I give you a public key that you can use to encrypt a message, but without knowing some secret bit of data (my private key), you can't decrypt it. As long as I keep my private key secret, the cipher is secure. An interesting side effect of this is that if I encrypt with my private key, it can be decrypted with my public key. Doesn't sound very useful, but in fact, it's very important: encrypting with my private key (which, you'll recall, I've kept secret) proves that the message was authored by me: it's a digital signature, and anybody in the world can sign it, as long as he has my public key (which is posted on several keyservers for all to download).
Now, as you say, these aren't necessarily uncrackable. They are, however, so difficult to crack as to be effectively unbreakable; the term for that is "computationally secure," and it means that while it might be possible to break the cipher, doing so would take a lot of time. How much time? One estimate I saw put the time to crack a 512-bit key at about six weeks. Doesn't sound very good, but if you add just a single bit, it doubles the keyspace, doubling the time to crack: a 513-bit key would come in at three months (twelve weeks). If I recal correctly PGP generates a 1024-bit key by default. That's six weeks * 2^512, or longer than the estimated age of the universe, to crack your message. And 1024-bit keys are the default; I used the 4096-bit option. Short answer: good luck, mate. Of course, this assumes no weakness in the algorithm itself, which is a poor assumption, but there are several algorithms considered by the experts to be secure, and I tend to trust people like Bruce Schneier (the "S" in "RSA").
So there's your answer on security and ciphers. Another good book to read, if you're interested in cryptography, is Simon Singh's The Code Book. Excellent read.
(Incidentally, there's another benefit to using digital encryption for every message: if everybody did it, spam would pretty much go away as a problem. Think about it: if it takes just a tenth of a second to encrypt a message to a recipient, spammers won't possibly be able to send tens of millions of messages per day from a single machine; the economics of spam will change radically, it'll cease to be profitable, and it'll just go away.)
- Status
