Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Crypto Solely for Criminals?

Posted by michael on from the my-lock-my-key dept.

deran9ed writes: "Interesting outlook from an article on IDG detailing the use of encryption, and the negative campaigns against it. "When the Feds -- be they CIA, FBI, NSA, or Treasury Department -- discuss crypto, they make it sound as if anyone using it must be a child pornographer, drug smuggler, or terrorist." I wonder if the government feels the same about corporations encrypting their business plans in order to avoid having them stolen. Here's the article." The author has a point. SSL and SSH (or whatever it's called now) are widely used. But how many people routinely encrypt their email?

8 of 179 comments (clear)

  1. PGP and mailing lists by rjh · · Score: 4

    Encrypting material on mailing lists has a significant "what's the point?" factor. Most mailing lists are so easy to get on that encrypting traffic on the email list serves no useful purpose.

    Any mailing list which is open to the public gets no benefit from encryption. Any mailing list which is closed only gets minimal benefit; the security of a message drops to the square of the recipients. If your intent is merely to protect mailing list data from casual eavesdropping along the way, though, here's a scheme.

    1. Joining the list is done through the typical process, but a public key is given to the server as part of the process. (Out-of-band verification, etc., is assumed and won't be covered here.)

    2. Whenever someone posts to the list, they sign the message and encrypt it with the server's public key.

    3. When the server gets a message, it decrypts the message. It now has plaintext + signature. After verifying the signature, it sends the message out to each listmember, encrypting it for their specific key.

    4. When a client gets a message, it decrypts-and-verifies that it came from the listserver. It then verifies that it came from the original sender.

    ... Note that this scheme is horribly naieve and is extremely vulnerable to attack. It also doesn't solve the key management issue; but instead of every listmember needing every listmember's key and all the assorted key management that entails, the burden is shifted entirely to the server.

    It's a simpler scheme than every participant encrypting for every other participant's key, and simpler schemes tend to be more robust and secure. That doesn't mean that this scheme is robust and secure.

    As I said, encrypting mailing lists has a large what's-the-point factor. There are so many ways to attack a mailing list that I doubt one could be secured.

  2. Here's why. by rjh · · Score: 4

    It has to do with importance. If the only time you encrypt email is when it's important, then it becomes very easy for an attacker to say--"oh, hey! This fellow usually sends one encrypted email a week, but this week he's sent off 25. I wonder what's up?"

    Simply knowing that a message is important can often be all the help an attacker needs. This is called "traffic analysis" (analyzing patterns in who talks to whom about what, whether the conversations are normal or priority traffic, etc).

    By routinely encrypting all your traffic, that denies an attacker the ability to say "... hey, encrypted traffic is coming down the wire; something's up."

  3. I don't get it by RPoet · · Score: 5

    There's always been the principle of innocent until proven guilty. But as soon as there's anything electronic in the picture, it's suddenly the opposite; you're under suspicion for anything and have to prove your innocense, and nobody seems to complain.
    --

    --
    "Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
    1. Re:I don't get it by Cyberdyne · · Score: 4
      There's always been the principle of innocent until proven guilty. But as soon as there's anything electronic in the picture, it's suddenly the opposite; you're under suspicion for anything and have to prove your innocense, and nobody seems to complain.

      That's the problem in the UK: our beloved RIP Act reverses the burden of proof - the police can demand your encryption keys, and unless you can prove you do not have the key, you get locked up. Oh, and you aren't allowed to tell anyone else about it. You think the DMCA and UCITA are bad? At least you're allowed to tell people if you're charged with violating them!

  4. Email Always Encrypted by Alpha+Prime · · Score: 5

    At our company we encrypt all email. Since a lot of the discussions are about patented or patent pending ideas, due dilligence requires that any email going over the net be encrypted. We expanded that to be all email to add to the noise factor should someone be watching.

  5. Problems with Encrypting Email by rjh · · Score: 5
    1. Crypto software is hard to use.

      Before anyone even thinks of refuting this one, think about this: anything that requires more technical know-how than Outlook Express or Eudora is automatically going to fail in the marketplace. Why? Because 95% of the market finds their own technological skills tapped out at the level of using Outlook Express for basic email, to say nothing of doing something as advanced as (gasp) installing a crypto plug-in.

      As long as crypto software has any kind of significant learning curve, crypto software is not going to be widely-used. SSH is widely-used today, mostly because for casual use it's indistinguishable from telnet--the sysadmin (who has tech savvy) takes care of key management and the users just have to be told "type ssh instead of telnet".

    2. Public-key infrastructure is still mostly a myth.

      For all the millions which have been invested in PKI, it's mostly a crapshoot. The typical user still doesn't have a bat's chance in hell of using a public-key infrastructure properly. If Joe User wants to encrypt a message for John User, Joe doesn't know where to find John's public key, wouldn't know how to import the key even if he had it, and wouldn't know to do an out-of-band fingerprint verification before using it.

    3. Crypto requires learning.

      Sometime, take a look at the documentation that comes with PGP. It's pretty good, all things considered. It's also about the heftiest documentation I've ever seen for a consumer software product.

      Users don't want to learn. Users think (not unreasonably) that programmers should make programs work the way the users think they should, instead of demanding that users learn the way the programmers think the program should work.
    ... Those reasons are the big ones for why more email isn't encrypted. 95% of the population lacks the technical skill to use encrypted email, and 95% of the population doesn't recognize the need to encrypt mail anyway.

    For the record, my public key is available on Slashdot. I encourage anyone who sends email to me to use it. Even without a fingerprint verification, it's better than nothing.
  6. keeping it private by steve.m · · Score: 4

    One way to look at using crypto is that you don't send postcards discussing private matters, you put a letter in an envelope so the postman can't read it.

    I encrypt my email so only the recepient can read it - if the security services here in the UK want to read my email, they will use the RIP bill to get the private key and passphrase from me. At least then I'll know they are interested in me ;)

  7. As an experiment... by Bob+McCown · · Score: 5

    ...about 3 years ago, a bunch of us started pgp-ing our email at work, both internally and externally. Within a week, an email from the IT department went around asking people NOT to use encryption, as 'it is causing an undue load on the mail server'. Baloney, they just couldnt read our mail any more....