Slashdot Mirror
Export-level Encryption Proves Insufficient
rossjudson writes: "The Independent is running an article about the shoe bomber terrorist. The interesting bit for Slashdot readers is at the bottom -- apparently the 40-bit encryption in the export version of Windows 2000 was cracked by a set of computers using a brute force method. So let's confront the question: Should the US prohibit the export of high-encryption software? Here is a case where the default values (40 bit) clearly helped recover valuable information from a system." There's another article in New Scientist focusing on the encryption issue.
Yeah because prohibiting the export of this will prevent anyone evil from getting hold of it...
Sig is taking a break!
If you really want to make the world a safer place, please demand that everyone wear helmets all of the time.
--Lawrence Lessig for Congress!
Advanced Math Textbook +
Computer +
Low-level programming skills =
High Grade Encryption... Anywhere in the world.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
40 bits is nothing, and has been for decades. /chosen/ to be crackable. And in my book, and in the minds of many others, that pretty much disqualifies it from even being called 'crypto'.
That limit was
THL.
Keeping
Should the US prohibit the export of high-encryption software?
Sure, why not? It isn't as if there are any cryptographers in any other countries in the world, is it?
Legislation is pointless, and even damaging in this case. The cryptography playing field is fairly level. That's not inherently a good or a bad thing; just as al-Queda can encrypt their files, they are equally prevented from intercepting sensitive information by the same technology. If legislation restricts crypto, we will find ourselves in a situation in which the FBI can't crack terrorist comms, yet terrorists can intercept commercial data. Airline security information, oilrig blueprints, whatever.
HE WAS/IS A CITIZEN OF THE USA
Since when? Reid is a British subject, not a US Citizen.
Why do people think that having a law regarding exporting software/code is going to stop ANYONE from using it? It's just like gun laws in Canada, the only people who are affected are the law abiding citizens who legally use their guns, or have them for decoration. If someone REALLY wants to use 128 bit encryption, they are going to. There is no way around that. Software is so easily obtainable that anyone who has access to a Windows platform can download it and install it. It really is a no brainer.
Now for this guy who happened to have 40-bit encryption installed by default, he's just a moron then. He obviously didn't know that 40-bit was easily breakable, he didn't care, or didn't take the 10 seconds to download and enable 128 bit on his computer.
I chalk it up to stupidy on his part for not simply looking for the stronger encryption (it's out there, and easily obtainable).
Now for the conspiracy theorists: He wasn't ACTUALLY using 40-bit encryption, that's what they want you to think. He was using the full 128-bit encryption, but the NSA can easily crack that level now due to the computer power they have. They simply tell the media it's 40-bit just so that we don't come up and develop something even more powerful which would take them longer to decrypt.
I have no signature
He's obviously a complete idiot for only using 40-bit encryption in the first place. He's an idiot for trying to light the shoes with a match.
Conclusion: We know the guy is an idiot... what would happen if a SMART person tried this?
I thought the US annexed the UK with mtv and endless pop culture in the early 80's.
An Education is the Font of All Liberty
128-bit Encryption Becomes the Default in Windows 2000 Service Pack 2 (SP2)
The Windows® 2000 operating system was the first Microsoft platform with 128-bit encryption to be shipped internationally after the United States government relaxed its export restrictions for strong encryption in early 2000. Microsoft has obtained the necessary approvals to ship Windows 2000 with strong encryption to all customers worldwide except U.S. embargoed destinations.
In fact, we should just make terrorism illegal, then people would stop. Because criminals follow the law, right?
Even though Osama was able to get a bunch of people into US flight schools, he surely wouldn't've been able to go to CompUSA, buy a copy of W2K off the shelf, and somehow get a 5 x 5 x 1/16" piece of plastic outside a country with roughly 10,000 miles of borders and 1500 international flights daily. Nope, no way that coulda happened.
Considering how much planning and communication had to take place for 9/11 to happen, we only have a video tape and a few files? Sounds like the low tech method works better for keeping things under raps. Is a computer isn't going to commit suicide if the FBI catches it (well I suppose you could boobie trap it). A terrorist on the otherhand can mislead, or commit suicide. The only thing weak encryption does is make businesses more vulnerable to government snooping and crackers. Plus the government can use things like a warrant to get access. Oh I forgot they hate having to ask judges for warrants and answering questions like "do you have sufficient proof or cause?"
40 bit
128 bit
Cowboy Neal with a pen
Yeah, yeah. That's what they all say... :-)
I dunno... What do you wanna do?
Who needs it? Well, businesses, anybody with information they want to keep private, anybody with information they don't want their bosses or employers to know, anybody who keeps secret information or documents that they don't want wife/children/family/parents to pry into, people with mistresses, and yes, perhaps some really bad people like terrorists.
The fact that one already acknowledged to be EXTREMELY incompetent terrorist who failed to successfully ignite his shoe bomb (which was packed with high explosive) ALSO failed to properly obtain a high security add-on for his computer is evidence of exactly one thing: his incompetence. Not of the effectiveness of export restrictions. So while I agree that perhaps investigators obtained useful information because he was using weak encryption, and that is fortunate, export restrictions would not prevent a determined, modestly informed criminal or criminal organization from using real crypto (as opposed to 40 bit crippleware).
You could argue that a really determined criminal could take down a plane too. That's probably true, but we're talking about levels of effort on different orders of magnitude here. One involves 5 minutes and a few clicks on a computer. The other involves serious tactical planning to commit a terrorist act. Conclusion: crypto export restrictions have never protected us from a competent criminal, and they still cause economic harm by restricting free trade of goods that support proper encryption by US companies, giving unfair advantage to foreign companies.
So let me get this straight...
Two journalist are in Afghanistan, one of their laptop is broken, so they deside to buy anther one.
So far, so good, I would probably have tried to repair it and ask for replacement, but then, I am not in Afghanistan.
They buy two computers, another laptop and a desktop. What did they buy the desktop for again?
And they buy it from people who are looting buildings? I always thought journalist to have low ethics anyway...
Instead of re-installing the PC, they decide to look at what is on it. Ok, I can understand that, but they must have spent quite some time looking at those files to determine that they were willing to spend five days to crack some of the encrypted files they found.
In other words, two american journalist pick up a PC (they had no reason to buy), and they happen to find Terrorist secret files on it. Sounds too good to be true. I don't buy it, it's a setup.
And now they use that to attest of the validity of the export restriction on encryption.
If the BSA or RIIA is going after me because I have some illegal stuff on my hard disk, I can just claim that I got my PC second hand, and that all this stuff was left there by the terrorists who had the PC first...
Black holes occur when God divides by zero.
If this guy was informed about cryptography (not necessarily knowledgable, but informed - sort of like having the equivalent of a financial planner for cryptography) he would've used one of a number of bolt on products to really secure his computer. Some of these products are commercial, others are open source. He may have more difficulty getting (and if he's properly informed - less trust in) the higher grade commercial packages but it'd still be doable. Fly to California, go to Fry's and buy it. If he goes for the source code route its just about impossible to police. You can get it anywhere in the world where there's an internet connection or a mail system (CD ROM or a package of floppies through the mail).
Saying that 40 bit encryption is an assistance to the CIA/FBI/NSA is only true if you rely on having stupid terrorists, in this case it was obviously true. Suppose they hired the equivalent of a director of IT though, who would come up with approved solutions. Life would become more difficult for the government. Whether the solutions that are proposed are legal or not doesn't matter. You're planning on blowing up aircraft, knocking down buildings and killing people. You won't even bat an eyelash at breaking encryption laws.
What low grade encryption really helps with is gathering data against ordinary citizens such as the guy who was a bit less than honest about his tax return.
Also, despite this low grade encryption the attack wasn't stopped. It's only after everybodies eyes were on this guy that his computer was examined and found to have low grade encryption.
Chris Kuivenhoven is a thief, beware
I've just read 50 posts saying that limiting export strength encryption won't stop any non-US people from using higher encryption. I agree that this makes perfect sense. It's completely logical.
But everyone seems to conveniently ignore the fact that this group DID rely on the export strength encryption that they had available. They DIDN'T use PGP or any one of the myriad of other options for better encryption. Perhaps the premise that a slashdot reader is familiar with other encryption techniques isn't equivalent to the premise that an Al-Qaida member will be familiar with other encryption techniques.
Any reasonable and complete argument against limiting export strength encryption at least needs to address this fact. One could argue that it is an unusual case, that it won't be repeated, that you don't care if non-US folks have default access to better encryption, etc.
But arguing that it will never stop anyone from using better techniques seems silly when presented with this case of a group using exactly the default abilities that they were given in Win2k.
"Should the US prohibit the export of high-encryption software? Here is a case where the default values (40 bit) clearly helped recover valuable information from a system."
If the US could somehow ensure that we were the only ones who provided encryption, this may be an argument on national security bounds. However, we cannot.
If anything, all of this talk about encryption has provided criminals with the knowledge that we can eventually break in. Even if that were not the case, better encryption is available in any of over a hundred countries, many with little concern for US regulations. I believe 128-bit encryption has been freely available for years, provided by companies outside the US.
We need freely available encryption of every higher levels to stay ahead of our enemies (and some would argue our friends). Consider it only took five days to break the 40-bit encryption. How long would it take someone to brute force his or her way into a financial institution? Banks, trading firms; electronic merchants, etc. are and or should be constantly upgrading their security and encryption levels.
Encryption should be viewed like a car. A car has very powerful, valuable, perhaps even essential uses. Unfortunately, people can use cars to rob, kidnap, and murder. Still, we allow and even encourage access to cars because the benefits far outweigh the problems that periodically occur.
Correct. 40-bit keys have no protective value. Remember the article about IBM's crypto chip being broken? (Somebody please provide the link to /. article, I can't at the moment.) In practice, they broke single DES, 56 bits worth of security in a good block cipher. In brute force.
It took at most 2 days with ~1000 $US worth of gear to find the key. Let's assume that they needed the full 48 hours to get that key broken. Simple math follows:
48 hours is 48*3600 seconds. It takes this much time to brute-force a 56-bit key. 40 bits is 1/(2^16) times the size of that, hence the time to break a 40-bit key with similar equipment is 48*3600/(2^16) seconds. This is no more than about 2.6 seconds.
To underline this as clearly as I can: 40-bit keys provide NO security. They may have provided some, at a time - but definetely not for some time now.
There is no such thing as good luck. There is only misfortune and its occasional absence.
The ability to protect and secure information is vital to the growth of electronic commerce and to the growth of the Internet itself.
You are absolutely right. I'm surprised that sheer profit motive alone hasn't pushed big software corporations and their pals in Congress to permit and even encourage the export of more sophisticated encryption. Using weak encryption makes about as much sense as guarding your premises with flimsy locks and corrugated fences. I'm just as interested in keeping the government out of my business as I am keeping out competitors.
So what if better code-making leads to better code-breaking? You build better bullet-proof glass, and someone comes up with better bullets. (Likewise missile shield: missiles; mousetrap: mouse, etc.) It's progress. It's full employment for developers, programmers and marketers. I think profit motive will trump "patriotism" on this issue.
The only real newsworthy bit I saw in it is that apparently the people who bought the laptop and then decrypted the disk are not govenrment operatives, but "just" people working for the Wall Street Journal. If anything, this says that moderate cryptography knowledge has become routine in corporate America.
When the NSA can uncover my deepest secrets, that's one thing. When a potential employer can decrypt anything protected with twenty year old technology, I don't worry yet, but talk to me again in my mid-40s. I wonder when some of the early posts to alt.anonymous.* will become decipherable.
The point here is that making a law against a minor offence (using crypto) in order to protect against a bigger offence (terrorism) is pointless, as the larger offence is:
- already against the law
- punishable by much higher terms than the minor offence
Thus, somebody who is already determined to commit the larger offence wouldn't be bothered at all that in the process he is also committing one minor offence or two.The same article could be used to make the point that we should make a law that makes it mandatory that you take off your shoes when going to the loo... After all, the only way the attempted attentat was stopped was because Reid tried to light his shoes in the cabin, rather than in the toilet, and thus could be stopped by crew & fellow travellers.
Say no to software patents.
Despite this public knowledge, Al Quaeda has been using weak (MS-supplied) crypto to protect sensitive information... that could be discovered within days. Therefore:
Just my US$0.02...
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
It used ot be that the French version was horribly cripled. Lotus folks actually compared it to sending mail on a postcard :-)
Anyway, it was done this way becaue th eFrench did NOT want the US Govt. to have an easier time decrypting the documens than did the French Govt. so they required a really poor encryption be used in Notes. Once the US Govt. dropped it's export restricitons the French Govt. lifted this requirement since this placed us all on a "level" playing field. One of the point revisions of R5 brought nearly all of the versions together except the French I THINK. Due to the extreme crippling they had to do the French may have had their own upgrade or have been forced to reissue certs and IDs - I'm fuzzy on this. I believe if you spend some time on the Notes site you'll find your answer.
On a plus note - Lotus has determined that 128 just isn't good enough. They mentioned plans to upgrade the crypto at Lotusphere last year but it probably won't be there till RNext goes gold. If there's one product out there that actually seems to care about security and was WAY ahead of the certificate thing it's Notes. And no, they aren't perfect...
Build it, Drive it, Improve it! Hybridz.org
There I was, foaming at the mouth and ready to launch into a "how can you be so stupid?" diatribe. How can you keep encryption out of the hands of Bad People by denying it to Good People? In general terms, writing laws aimed at criminals is futile, because the criminals (by definition!) won't care about the law and will use whatever technology or methods they want. Nobody would be stupid or lazy or overconfident enough to use the lame default encryption on an export system, surely?
And then I read the article.
The al-Qa'ida machine was indeed running 40 bit encryption. It's hard to credit, but it really does appear that they simply were too stupid or too lazy or overconfident to upgrade the default lame-o-crypt settings. It's astonishing, especially compared to the planning that they put into September 11th, but there it is.
No, I don't think we should try and ban strong encryption. There are plenty of Good People who can make use of it (think Tibet), and any competent and determined Bad People can get it anyway. But these opponents just demonstrated clearly that while they were determined, they were not competent, and that changes my mind, just a litle.
I can see an argument for encouraging developers (Microsoft, MacOS and yes, Linux hackers) to supply 40 bit security by default on all consumer systems. Aunt Jemima doesn't need strong encryption, you and I probably don't need it. I wouldn't want strong encryption to be limited, but honest to god, I'd be flattered if anyone ever thought it was worth breaking even 40 bits worth on anything that I produced. I want the option to upgrade to be there, but I feel no particular need to use it, and here's the kicker: the less we kick up a fuss about it - and just quietly download the strong stuff ourselves without demanding that Aunt Jemina have it by default - the better.
I can't help but think that the more noise we make about the distinctions between low and high encryption, the more likely it is that even stupid, lazy, overconfident terrorists will perk up their ears and ask "Hey! Is this something we should be thinking about? Maybe we should send Achmed out to buy a copy of 'Security For Dummies'." Because they clearly are dummies, and I'm quite happy for them to stay that way, thanks all the same.
If you were blocking sigs, you wouldn't have to read this.
Recorded voice: "Please press 1 if your call is related to the time-limited explosives exchange program. Please press 2 if you are experiencing problems igniting your shoes. Or please hold to speak to a support terrorist."
(time passes)
Recorded voice: "Please hold.. your call is important to us, brother. We are currently transitioning our support strategy to Compaq Global Services."
(time passes.. bad musak to the tune of "The Girl from Ipanema")
BoFA (Bastard Operator from Afghanistan): "Hello, caller, you're through."
T: "Hi, er.. yeah.. my laptop seems to be broken.. I can't decrypt my files!"
BoFA: "Are you using the Standard Terrorist Operating Environment?"
T: "Er.. no.. my cell leader says that this other routine we found on the internet is more secure."
BoFA: "I'm afraid we only support the STOE with W2K SP2 128-bit EFS."
T: "Is there anything you can do?"
BoFA: "You can wipe the laptop and start again. We can do that for you, but we'll have to charge 10,000,000,000,000 afghanis (or US$100) to your cost code."
T: "But it's got secret plans of the Pentagon on it!"
BoFA: "I'm sorry, I can't help you. If every terrorist picks their favourite non-symmetric crypto, we can't be expected to know them all. We're trying to run an elite multinational terrorist organisation here."
T: "Okay.. I'll try somewhere else. On another matter, can you help me with my Palm Pilot? I stuffed it with C4, and now it won't start properly."
BoFA: "I'm afraid we only support Pocket PC."
*click*
somehow get a 5 x 5 x 1/16" piece of plastic outside a country
Why bother?
Just print the code in a book (or even use the 3-line RSA algoritham on a bit of paper) and it was perfectly legal to export it from the US (freedom of the press).
This is how the international PGP versions were legitematley exported, and then scanned in using OCR to get the code in an electronic format again.
This was partly why the law was overturned. What is the point in banning the export of code in an electronic format, when it was perfectly legal (first amendment) to export in a writen format.
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
128 bit- HaHa, silly mortal! You'll never unlock my secrets before the apocolypse comes!!!
64 bit- You'll get my secrets when they're no longer of any use! (RC5 anyone?)
56 bit- Never! Never will you have my secrets. If never means three weeks from now anyway.
40 bit- You'll have to arm-wrestle me for access.
32 bit- You'll have to thumbwrestle me for access.
24 bit- You want access? You'll pry it from my cold, dead... Hey, give that back!!!
8 bit- What's your favorite color?
4 bit- Guess my shoe size
1 bit- Want access?
0 No
1 Yes
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
Why is he an idiot? He had C4 of some sort in the shoes and det cord that could've ignited it had he managed to get the match to light the cord. It WOULD have worked. Ask a military or demo person about it. The det cord would supposedly have burned hot enough to lite C4 but the downside is that det cord that can do that is HARD to light with a match. Ergo - he picked the right tool for the "job" but an observant flight attendant stopped him! Yeah, I'd question blowing one's self up but at least he was doing it in a way that would have the intended effect!
As for the encryption - duh! READ the article, it was on a HD that didn't belong to him. The report was a debriefing of the guy written by a debriefer. He had NO control over what encryption was done on it - it could've been skywritten from an airplane for all the "control" he had over it. The mistake in this case was NOT his, it was some other moron. (sigh)
Build it, Drive it, Improve it! Hybridz.org
What the crypto regulations really do is prevent most people in the USA from adopting it. None of the three-letter agencies want everyone encrypting their E-mail or network traffic by default. That simply wouldn't do -- if everyone did it, how would they know who actually has something to hide? So they make it a pain in the ass for software developers to incorporate it into their software and they make it a pain in the ass for most users (Who don't know to go to international sites where you don't have to fill out a form to download the software) to get it.
The irony is that now they're bitching because the network is so insecure and how a cyber-attack could bring down public utilities and banks and things. Well they're just reaping what they've sown. The network would have tended to cryptographic authentication and tighter security except for the artificial and fundamentally useless restrictions the federal government has put in place.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Something that runs parallel to this is the world of Neil Stephenson's "The Diamond Age." It goes something like once there exists a secure and anonymous network for individuals to exhange information and transactions, the current world order collapses. Why? Because governments can no longer track the flow of money.
There are a lot of arguments about how a reasonably motivated terrorist can just code their own strong crypto. But that kind of misses the point.
I would imagine that most decryption is done in bulk, sifting through for the occasional terrorist tidbit. Even if some terrorists do use 128+ bit, it frees up a hell of a lot of resources if the majority of the load is still easily crackable. It also allows the authorities to montior more different sources so now they can add minor suspects rather than having to focus on the major ones.
So, yes, for the most sophisticated criminals, export laws don't make a difference. For the total bulk work that the NSA etc. do, reducing the number of people with strong crypto makes their lives easier.
and it probably happened just the same way as it would in any organisation... Pointy Bearded Boss tells computer-guy to 'make the computer secure' or something. Computer guy thinks "Bollocks to that, we're in the arse end of Afghanistan, who's going to come and get it?" ,uses the default available, and goes for a coffee. PBB gives him a slap on the back and everyone has a nice glowy feeling.
Next thing, al-qaeda is owned by the l33t nsa haxors, and their credit card numbers are all over irc.
bummer for the sysadmin.
This is dead-on accurate. The line between "terrorist" and "freedom fighter" is pretty damn thin, probably even non-existant. Mostly, the thing that determines what label applies is which side you are on.
By current standards, the actions of the French Resistance in WWII would be considered "terrorism". However, the partisans of the French Resistance will probably never be refered to as terrorists, because their opponents (the Nazis) are nearly universally recognized as being evil and (more importantly) they were on the winning side
IMHO what seperates the terrorist from a legitimate partisan is that the latter will not intentionally target civilians. The Pentagon was a valid military target by the accepted standards of warfare and international law; the WTC was not. If the 9/11 bombers had taken over the planes on the ground and evacuated the passengers first before making their kamakazi attacks, and if they had restricted themselves to military & government targets, the US would not have the near-universal international support we are currently enjoying for our military efforts in Afghanistan. If you want to be treated as a soldier and not a murderer, you need to play by the accepted rules of warfare. The fact that al-Queda and other terrorist groups fail to understand this basic premise just goes to show how ignorant and delusional they really are.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
So why didn't he go lock himself in the lavatory and light it, instead of trying to do it in his seat?
10 PRINT CHR$(205.5+RND(1)); : GOTO 10