Is Encryption Really Secure?

taustin writes: "Phil Zimmerman did the world a great favor when he created PGP and released it for free for personal use. But no encryption program is better than the practices of those who use it, and the easiest way to crack any security system is with the help (knowing or otherwise) of the people who use it." from Bruce Schnier's latest book, _Secrets and Lies_: "Remember, for the whole digital-signature system to work, you have to be sure that only you know your private key. Okay then, how do you protect it? You almost certainly don't own a secure computing system with physical access controls, TEMPEST shielding, "air wall" network security, and other protections; you store your private key on a conventional computer." In other words, your encrypted files may only be as secure as the computer and network on which the key resides.

taustin continues: "I made a disturbing connection the other day between PGP (or any encryption program) and the many security vulnerabilities that keep cropping up in web browsers and mail clients. It seems we don't go a week without some new way for a 'hostile web site' or 'malicious email' to read files from our hard drives. These are usually downplayed, because, in general, they can only read, not write to or delete, files, and because one needs to know the exact file name and path to exploit them. How easy is it to guess at the path and file name of a file that could be damaging for someone to just read?

Encryption relies on keys, which are kept in keyrings, which are computer files; and those keyring files have a default install location; and while that default location can be changed, the program still keeps track of where it is. In the case of PGP, this is a file called PGPprefs.txt, and that has a default location that (as far as I know) cannot be changed. And if it can be changed, the location of the preferences file has to be stored somewhere.

So it looks to me like it wouldn't be all that tough for someone who knows how to exploit one or more of these vulnerabilities to just grab someone's entire private keyring if they don't have all the patches installed.

What's really disturbing is to compare all this to current 'sneak-and-peek' search warrant practices - where police agents can break into your home or business to conduct a search without having to tell you, before or after, that they've done so. It is not entirely clear if such searches are illegal now, but they would be sanctioned by bills like HR. 2987, the Methamphetamine Anti-Proliferation Act of 1999. With the ability to remotely steal a private key, without even having to enter you home, and legal sanction to do so, there are frightening possibilities.

Having the keyring, of course, is not quite all there is to it. Keyrings are protected by passphrases, as well. But passphrases are not as secure as encryption keys themselves are - they are chosen by the user, and most will fall to dictionary attacks very quickly.

So what are good practices to adopt when using encryption software? Should one keep the keyring on a floppy disk, and never have it in the computer when it's connected? Should PGP (and other encryption programs) be changed so that the user has to manually identify where the keyring is whenever the program starts? Is it possible to make the program as safe in Real Life as the alogrithm is mathematically?"

ibutton

[austad]

Ibutton is a small device which fits on your keychain and can plug into the USB port on your computer. You can use it to store your private key, along with the public keys of others. It can also be used as a key to your computer, both through the usb port, or through a little thing you tap it against that you attach to your monitor. It's also good for door authentication, several lock companies make locks that work with these for around $80 each. The Ibutton itself costs between $10 and $25 depending on which model you get. It can do other things too, and it's not a foolproof way to prevent someone from getting at your key, but, it's a good preventative measure, and it's sure to make it harder for an attacker.

Read my FAQ!

[ssimpson]

Interesting story - you may like to look at my PGP DH vs PGP RSA FAQ.

To quote the FAQ:

8.2. Get the threat in perspective!

The NSA (probably!) aren't specifically interested in you. They aren't going to break into your house to install bugs, or monitor your screen from a block away. They will however collect all of your messages sent over public networks.

PGP protects you from one form of monitoring - Echelon or other passive network sniffing. When your messages are captured by this global monitoring system, along with millions of other messages a day, the NSA can possibly decide to try and decode your message.

The most significant threat to PGP comes from user sloppiness. It is far easier to install a keylogger on your computer, install a trojan version of PGP, or bruteforce your passphrase than to break any of the cryptographic mechanisms employed by PGP.

If you are seriously worried about Intelligence Agencies actively monitoring you, then the last thing you should be worried about is them cryptographically attacking your PGP crypto implementation!

I'm currently working on a new version, and the ToDo list is here.

All this worry about encryption

[ackthpt]

I haven't read boo about anyone having a major leak due to poor encryption. What I do hear about is

AOL'ers so stupid they type PayPal Id's and passwords into bogus email, which forwards this on to a mailbox somewhere. (I got the spam but spotted the bogousity immediately.)

Security holes in M$ IIS so big that it gets hacked on a regular basis, because either there are so many holes or admins can't/don't keep up. So much for a quality product.

People who open email attachments (let alone use clients well known for their integrated virus vulnerability) even when this sort of scare has gone on for years.

People write passwords on Post-It notes and leave them in their drawers, or que horre on the monitor.

We have met the enemy and he is us. Never was more true.

--

PGP helps my courtship.

[Kiss+the+Blade]

People sometimes attack PGP because it is mostly used by criminals and beast bearded dirty GNU hippies.

But there is another demographic that uses it: Lovers.

I have been trying to court Heidi Wall and save her sweet innocence from that bastard offspring of de Sade, shoeboy, for some time. PGP allows me to talk to her and my friends who are aiding me in complete secrecy. By using PGP, I can be much more open in my billet doux than I would ever dare to be normally, as I am sure that third parties are not watching over my shoulder.

Speaking as a virgin, and one who has reserved his heart for one girl and one girl alone, I can say that PGP is enormously useful to me in my courtship. I hope that it further breaks out of its criminal ghetto and is used by lovers everywhere.

If you are courting a girl, try PGP. It helps you reveal your heart.

KTB:Lover, Poet, Artiste, Aesthete, Programmer.

Do you know what PGP stands for?

[shyster]

It's called Pretty Good Privacy for a reason, you know.

I think what you want is the upgraded version, DGP (Damn Good Privacy), or perhaps UFBP (Unfucking-Believable Privacy). We're expected to release those upgrades Real Soon Now (tm).

Some ideas....

[rixster]

1) Always, whenever you create a new keypair, create a revocation key. Copy that key onto a floppy / CF / Smartmedia card etc etc, and delete it from the default store. If you're really paranoid about "sneak and peek" etc, revoke and re-issue another key when you start sending really private stuff.

2) Make your passphrase something stupidly difficult. Even two words without spaces is n^2 (where n = number of words you know, probably about 30,000 if your averagely(sic?) smart) harder to crack.

3) Keep up-to-date software. Remember the pgp 6.5.1 problem ? (I don't know if I have the right version, but it was something to do with not generating sufficient random numbers - although someone will probably correct me)

4) Treat all unencrypted email as public domain. Consider it read by your boss, IT department, the recipient's boss and the recipients IT department.

5) Treat all encrypted stuff as just encrypted for a certain period of time. All those encrypted archives that people made 10 years ago ? With todays tech, it'll probably be just a matter of hours before they're all plain text again.

6) Use cryptology for messages that don't require it - otherwise only the interesting stuff will be attacked

That's my 0.03 EUR. Chances are I've kept some gaping holes in their, but what the hell - have to make some posts sometimes....

My dear boy

[Slashdot+Playboy]

It is good to see you taking the plunge - that first dip into the olympic-sized pool of love.

Speaking as Slashdot Playboy since 1997, I feel I am qualified to advise young pups such as yourself on the appropriate etiquette when wooing a young lady such as this.

I recommend you make the young lady feel in control. Remember - you are a love god and she is your willing pupil. Young ladies love a man who can show her who is boss. Speak firmly but not roughly to here.

Do not suggest PGP to her, tell her that you will be using PGP.

Hold this young lady by the hand. Carry her over the romantic threshold. Slather her in kisses. Make your own provision for prophylatics. Buy her a single red rose. Whisk her off to Paris. Do whatever it is it takes.

Show this feisty young lady you are in command. Fear not the monstrous shoeboy, with his rough and ready approach to women. You shall woo her like she's never been wooed before and will never be wooed again.

--
Slashdot playboy.

Slashdot love god since 1997