Assorted Schneier News Stories
I have several stories in the news (and one podcast), mostly surrounding the talks I gave at the RSA Conference last month.
I have several stories in the news (and one podcast), mostly surrounding the talks I gave at the RSA Conference last month.
Interesting articles, but your shirt is the star of the show, Bruce!
Ben Brockert • March 15, 2012 4:07 PM
Could you recommend one or two of the articles that you felt was well done or presented content that would be novel to your loyal blog readers?
Nick P • March 15, 2012 6:41 PM
The photographer who did the Arts Technica picture needs some practice. That was a horrible shot, imho.
Good news is that reader survey show Bruce winning the liability debate with around 3/4 of the vote. I think liability is the best move, although it must be done very carefully. I think Marcus’ worries about stifled innovation are a little groundless. He mentioned not having seen other industries innovation increase after regulation. Actually, I think the telephone, wireless, transportation & health care fields have innovated plenty over the years. The only liability hurting innovation in tech right now is the patent system.
Nick P • March 15, 2012 7:05 PM
Matt Blaze posts a review on these so-called “secure radios” that many LEO’s are using. The results are what most of you probably expected.
Clive Robinson • March 16, 2012 4:30 AM
@ Nick P,
I saw “why johny cann’t…” a while ago and it made me smile, that sort of wry “I told you so” wry smile that turnss into a grimace of pain when those you have told deny it/didnt u.nderstand you/ whatever else shift’s the blaim so the spear goes in the messengers back…
P25 like TETRA is a trunked mobile radio network, but simply it tries to leverage the existing “only just working” narrowband VHF/UHF FM voice half duplex point to point system used by emergancy and other related services for digital full duplex multidrop operation.
Obviously the sales people give wonderfull stories of what people are doing with these systems, but forget to mention the many downsides including the fact digital systems of these types don’t work well with mariginal signals (unlike voice FM/AM systems) and the time you are most likley to need them is when you have marginal conditions and desperatly need to interact with other emergancy and related services.
Adding encryption etc on top does not realy offer much, if you cann’t communicate reliably, operatives will fall back on other insecure technology quickly.
In the UK where TETRA has been rolled out to the Met Police, we see Police officers carrying their TETRA radios (often turned to silent or off) and a couple of mobile phones which they do all the talking on esspecialy about highly confidential matters.
And out in the battle zones we see both frontline and command personnel using iPhones and the like instead of their highly rugged highly secure highly heavy but heavily non functioning military radio systems.
To be blunt point to point crypto is easy in the lab it is harder but still usable in certain simple and very predictable communications environments where key managment is not an issue. But where key managment and interoperability is required with multiple nets that need to be secure from each other but allow some interoperability it’s a nightmare that just does not work.
Put simply security by the “code word and eyes only” models needs a very high level of complexity, and in the battle field complexity kills your own quickly, more quickly than single net unencrypted comms!!!
This is because at the end of the day it’s not “overriding resources”, “tactical advantage” or “Knowing your enemy” that wins battles but how you deploy the resources you have effectivly in a fluid and ever changing set of conditions as “no battle plan survives first contact with the enemy” .
Which means that it’s effective “Command and Control” in real time (or faster 😉 that gives you the advantage or edge over your enemy. Any boots on the ground soldier who has lived through just one hard contact with an enemy knows this and they know it in a way that backroom boys with their smart ideas and sales persons in their shiny suits never do or care to. The soldiers want comms that they can trust and really rely upon. Two iPhones with speed dial set forfills this role conveniently and easily, 25lbs of secure radio get’s nowhere close even in the most favourable of conditions.
Now something to make your eyes open wide and even forcably exhale your first morning coffee all over your screen,
That’s right the Internet is comming to your emergancy service radios real soon now (if it’s not already there).
Anybody remember the police force that had COTS IP video cameras and hard drive storage working across unencrypted links over WiFi etc in squad cars?
David • March 16, 2012 5:42 AM
re – “Over-The-Air Rekeying” (from your etherstack link) – I’m just a little confused. Isn’t this exactly one of the main downfalls of the Enigma system? (the fact that new encryption codes were transmitted using old [expired] keys.)
“Those who cannot think for themselves are forced to re-live history over and over again!”
Paeniteo • March 16, 2012 7:23 AM
@David: “Isn’t this exactly one of the main downfalls of the Enigma system? (the fact that new encryption codes were transmitted using old [expired] keys.)”
I don’t know whether over-the-air key transmissions have happened and if they did, they would certainly have helped in breaking the Enigma. However, the attack methods that I’m aware of did not rely on such a thing, so I wouldn’t call it a “main” downfall.
In fact, the daily Enigma keys were commonly stored in codebooks like this:
Clive Robinson • March 16, 2012 8:29 AM
re – “Over-The-Air Rekeying”… …I’m just a little confused. Isn’t this exactly one of the main downfalls of the Enigma system(the fact that new encryption codes were transmitted using old [expired] keys.
Yes and no, and it’s just one tiny reason why key managment is so hard.
As I’m not sure as to if you are interested in the general “in the field” re-keying or the specific Enigma issues I’ll try to cover both.
The Enigma system was used in many ways one of which was with the broken “Dockyard cipher” and likewise the “weather code” systems. It was also used on U-Boats where incremental changes took it from weak through very strong to eventually unreadable with the technology of the era shortly before the U-Boats ceased to be an issue to the alied shipping.
There is nothing inherantly wrong with the idea of “over the air” or “in field” re-keying, the issues as always in security arise from the implementation details, (as it’s where the Devil hides” 😉
Firstly though you need to understand one security issue that’s a real fly in the ointment of all over the air or field re-keying systems and it’s an operational not crypto security proviso,
You only ever issue an “out-station to home-station key” not a “general net key” for re-keying over the air, in case the out-station has been over-run and is now under enemy influance. It is this “turned” issue that was behined the reason the Russians only issued out to home keys not net keys to agents and only in person never over the air. Where the Russian’s mucked up was to re-use One Time Pad (OTP) KeyMat, see Project VERONA for more details.
Any way with that proviso out of the way back to how to do over the air re-keying…
I can for instance issue one half of a unique genuinely random OTP to each out-station, to use specifically for emergancy re-keying, provided only the two copies of the pad exist (at the home and out stations) then it’s perfectly safe to do. This system is still in operational use at many out-station ComCens in Diplomatic and other “missions” that might reasonably be expected to get cut off or even over-run due to being in the middle of a conflict zone and without physical access.
Replacing such OTP systems due to ID Smart Cards a slightly weaker system is if you use an appropriate PKI then you can send an asymetric key under the PK of the out-station or operator signed by the home-station PK. Which if you think about it is essentialy how PKI communications between two entities works, re-keying on a message by message basis.
You can also use multiple symetric keys, for instance you have the general “traffic key” used by the radio-net etc and each out-station has one or more “unique to it” master keys by which it individually can be re-keyed (the actual details are more complicated to prevent replay attacks etc). This sort of system has often been used by “TV Set-top decoders” be they for cable or satellite broadcasting.
Where it all goes wrong (as it did with some Enigma nets) is where you either use a general “command&control key” or a current or previous “traffic key” (as some set-top box designers have found the hard way).
The reason is twofold, firstly cryptoanalysis “in depth” that is the more traffic sent under a given key the more likely it is to be broken, secondly the more copies of the key the more likley it is to become known to the enemy.
Thus the solutions to cryptanalysis are either reduce the traffic under a given key to a minimum or have a sufficiently large key space such that the in-dept issue does not arise. And the solution to the number of copies of the key is the more preferable “do it another way”.
The problem the Enigma had was that although in theory it’s key space was very very large in practice it was split into five parts. The first was the individual rotor wiring, second the position of the alphabetic slip ring on the rotor, third the number of rotors in use, fourth the order the rotors were in and fith the plug board.
Originaly in use the only thing that changed on a message by message basis within a given radio net was the start position of the rotors selected by the operator (supposadly at random).
In reality this ment the number of message keys were a lot less than 26^3 wrapped in a simple simple substitution cipher from the other parts that provided the large key space.
A further issue was the way the random rotor start position was sent in a message. It made identifing messages sent under the same key relativly easy, and a lot worse due to repeating the “identifier” enabled the rotor wiring to by crypto analysed by three Poles, and a simple system of perforated sheets of card to be used to find the actual rotor positions.
By the end of the war the Enigma had been technicaly enhanced with a larger choice of rotors, the addition of a fourth “shim” rotor on the U-Boat version of the Enigma and an “Uhr-Box” that was used in the leads of the plugboard to provide sixty different daily plugboard settings simply by rotating the knob on the Uhr-Box every hour or less. Various changes in the operating proceadure such as setting the “ground settings” daily not every three month and not repeating key identifiers removed most of the entry points used by the Poles and later the code breakers at Bletchly.
Admiral Karl Donnitz who commanded the U-Boat fleet repeatedly had doubts about the security of the Enigma but the security service always pointed to informants/agents. Towards the end he decreed that each U-Boat would have it’s own unique key schedual. But even this was occasionaly broken due to “Known plain text” attacks on amongst other things the dockyard and weather codes. And the allies going “gardening” by dropping mines etc near ports and knowing that the plain text used for the easily broken dockyard system for merchant and other ships would also be used to warn the U-Boats.
Modern codes such as AES usually don’t have the issues to do with a small keyspace (though technology caught up with the small DES key space in about a quater of a century). Thus provided the user does not use simplistic cipher modes (such as Electronic Code Book) and does not use a rigidly stylised message format the cryptanalysis used against Enigma won’t work.
Thus if the final Enigma system had been fielded from day one it is likely that there would not have been an “Ultra Secret” and WWII would have lasted by many estimates probably atleast another two years.
However I personaly feel that is an optomistic view point, if you consider the losses to merchant shipping to the UK and later Russia, without Ultra it would have been very very much larger and increased with time (attacks only get better). The losses would probably have resulted in the UK being starved of resources into surrender, long before the US or Russia became involved.
At the end of the day what actually won the war was not the code breaking but the US manufacturing base and access to plentiful raw resources against which neither Germany or Japan could compete. And what stopped the destroyed Europe re-arming and entering into another war within a generation was the Marshal plan which helped bring economic stability.
Both my parents were veterans of WWII and I later served alongside others who had lived through it. I found that there are a lot of odd notions people have about WWII and got taught in history lessons, sadly they get worse with time. For instance there was little or nothing of the “were all in it together” and such like the truth is very very much less rosy not just at street crook level but all the way up to the most senior levels of government. War is not glamorous in any way at home or on the battle field and brother hood is rare except on the front line. The only result is generaly bankruptcy for the nations involved and oddly improved social conditions for those at the bottom of the social pile and fairly rapid scientiffic and technical development.
I wish people especialy Politicos would learn and understand the longterm leasons before we enter into another conflict in Places like Iran or North Korea.
Is this accurate?
“His advice to protect your privacy online included using skype and securing data by deleting it.”
What makes Skype a recommended communication mechanism?
bob • March 16, 2012 9:32 AM
The photograph’s by Dan Goodin who is a security researcher not a photographer.
I’m guessing it’s the only photo available.
Maybe I should insert the word “free” in that sentence somewhere.
Or possibly, all the cameras that did manage to focus on the the shirt, broke.
Nick P • March 16, 2012 10:52 AM
I recommend staying away from Skype for confidential data. “Skip Skype.” Skype’s security scheme has them in control of encryption keys, security & the user’s machine to a degree. The program does a lot of spooky things and the deobfuscated program some hackers reported on didn’t match an independent analysis of source code & crypto. (Software bait and switch!)
Personally, I think it’s not so far-fetched that Skype is some kind of intelligence operation at the moment.
RobertT • March 16, 2012 8:11 PM
“I recommend staying away from Skype for confidential data. “Skip Skype.” Skype’s security scheme has them in control of encryption keys…”
This is exactly the reason that I always use “Tom Tom Skype” at least than I know that a responsible government is in charge of the encryption keys….:-)
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Leave a comment