- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
They want to ban useful encryption that is effectively unbreakable. Ultimately, it does sound like they want to ban any encryption scheme for which they do not have a backdoor.
Bad guys can't break encryption right now. It is mathematically infeasible. It's like if you had a magic lock on your house that only you could open. Encryption can be that secure. But if a backdoor is introduced, then it becomes like a regular old lock that any criminal (with sufficient knowhow) can break into. You've lost a big portion of your protection.
It's not that you couldn't try to ban it. You'd just find it about as effective as banning math. The criminals would still have good encryption, since appropriate algorithms can be found all sorts of security textbooks. So now you've only banned your average citizen from having privacy, while not solving the problem you're purportedly trying to solve.
Admin
Export-grade ciphers for everyone!
Admin
The average citizen has better privacy now because of encryption, than they had before its advent. What Obama meant with
was that yes, a backdoor would allow the government and the sufficiently bad guys to access your data, in the same way that both can access your home right now. He argues that you shouldn't have more privacy than before, at the expense of public safety. You shouldn't have a magic lock.
Admin
Encryption can't let just some people in. It's either nobody gets in without the key or everyone gets in without the key. You can't make math work sometimes.
The only way I can think of that would make the government able to see my TLS traffic without "the bad guys" being able to is if I sent a duplicate copy of my traffic to the government. But then that's the clipper chip again, and that was broken by a guy named Matt Blaze.
In any case, weakening encryption does not prevent "the bad guys" from using strong encryption. I'm very surprised that the people who don't understand this and the people who use the "only criminals would use firearms" argument are the exact same people.
The difference is that you can destroy a physical object like a firearm. You can't destroy math like an encryption algorithm.
Admin
I don't see the problem. Matt Blaze does not sound like a very islamic name. So chances that ISIS and other terrorist organisations can break that chip are virtually nonexistant. :trolleybus:
Disclaimer: This post is clearly satire and does in no way reflect my opinion on the whole debate!
Filed Under: Somehow I am sad that I thought I needed to add that disclaimer
Admin
That's just your western-centric racist math, though.
Admin
Most analogies to this are terrible, but try this one, and see if it doesn't come a little closer.
Apple has developed an encryption system for the iPhone 5S and newer (Syed Farook's phone is a 5C, and so MIGHT actually be hackable as the court has demanded) and Apple's modern encryption cannot be hacked by the FBI, and so the government is starting to make noises about banning "unbreakable" encryption.
As I said, there aren't any really good analogies, but imagine that Firestone and Michelin were to invent an absolutely INVULNERABLE tire. It would NEVER go flat, no matter what road hazards you hit. Is the government going to ban the sale of these tires? Because, you know, the Highway Patrol would no longer be able to deploy a spike strip to flatten your tires and end a high-speed pursuit, and the police have an absolute right to chase you down for whatever imagined crimes you MIGHT have committed.
Admin
Speaking of which...
http://www.wired.com/2015/09/lockpickers-3-d-print-tsa-luggage-keys-leaked-photos/
& http://nypost.com/2015/09/20/the-8-key-that-can-open-new-york-city-to-terrorists/ :
(credit to https://daringfireball.net/ for finding those)
Edit: Half-:hanzo:d
Admin
I have an idea, lets mandate all locks of doors and safes in U.S. must be unlockable by some magic keys from police (like those TSA approved luggages), and see how many days does it take for the bad guys to break into houses by those magic keys (or a "printed" one).
Admin
I think I maybe came up with a better analogy, but I'm not sure i can explain it properly... I know I can't explain it quickly. Thoughts?
Here's my analogy. It doesn't cover digital signing, but I hope it gets the idea of secure messages across fairly well:
--
Have you ever seen those artworks that just look like a pile of junk on the floor, but when lit from a certain angle, the shadow forms a perfect silhouette of something else? Or even form full portraits when viewed from the right angle?
Well, imagine something like that, but even more complex and astounding: Imagine I can make a solid cube of millions of colored flecks of semi-transparent of plastic and tiny mirrors, such that, if I put it in a special rig of hundreds of colored laser lights that are in certain positions, a fully formed photograph is projected on the screen behind. Without my rig of lasers, though, the cube just looks like a random multi-colored sparkly sparkly ornament. Let's call these ornaments/photos 'Cryptograms'.
Here's the thing, though - anyone who doesn't have my rig, or the exact specifications for it (number, position, aim, color and intensity of laser lights in my specific rig - and remember there are hundreds of them) really can't get anything like a sensible image to form from the cube. Lets call the specs of my rig my 'Private key', since it is my secret and it unlocks the photo from the cryptogram cube. It would take thousands of years of trying by a rapidly moving robot to try all the possible laser combinations possible.
We can make a new cube for any image - in fact machines to do this are freely available, say.
For you to make a new cryptogram cube for my specific rig to work on, you actually don't need all the specs of my rig. All you need is a much smaller cube that helps your cube-maker come up with a cube that will work for my rig. I'm going to make copies of these smaller cubes freely available so everyone who cares to can make cryptogram cubes that only I can read. Let's call these smaller cubes used for encoding my 'public key'.
Here's the trick: even with my public key, no matter how much you pull it apart, you really, really can't figure out my 'private key', i.e. the actual specifications of my rig. This is mathematically impossible in the same way that you can't tell at all from just knowing the slope of a line where on a graph the line actually is, only with even more information that you just don't know from the public key. There is absolutely no danger to me in having the public key totally available to anyone and everyone - the only thing anyone can do with it is make a new cryptogram for me, an no way it can be used to decode messages intended for me.
-- end of analogy --
Do you think this is useful?
Admin
Sort of? You're kinda-sorta describing an asymmetric cryptography system based on holograms, but it doesn't really cover things like symmetric crypto-systems. And that's important, since most asymmetric (public key) cryptography is used for (semi-)ad-hoc key management for symmetric cryptography systems1, like AES. In this particular case, I doubt that asymmetric crypto plays much of a role - disk and file encryption tends to be symmetric.
Also, your analogy doesn't really explain why it couldn't have a way for only the "good guys" to get in, but always keep bad guys out.
You may already know all this, but my fingers got carried away with me.
To reinforce the first point, SSL/TLS is often thought of as a major example of public key cryptography - and it is - but it's not only public key cryptography. Take a look at Chrome's security information for this forum:
[image]That bottom paragraph is the important bit:
Broken down, this means:So when you connect to the site, you:
1: The reason for this is because asymmetric cryptography tends to become weaker if you encrypt more than some not-so-large amount of data, which doesn't/shouldn't happen with a well-designed symmetric block cipher. 2: Technically, you develop an asymmetric key which is then used to transfer/make a symmetric key, IIRC.
Admin
While I disagree with backdooring encryptions, I couldn't bother reading past this point:
This is an oft-shared argument that is plain, simply wrong and stupid. The very foundation of any asynchronous encryption algorithm is that only one party can do the math. Think RSA: nobody else can factor the number from your private key. If they could, the entire encryption algorithm is dead. And this holds for any type of encryption. Backdoors can be just as secure as the encryption algorithm itself. Granted, it wouldn't be easy: all backdoor keys would need to be stored on some off-line server to prevent compromise of the entire database of keys for the backdoor. But it can be done securely. Don't get me wrong, I still don't agree with adding backdoors. But the primary argument by most computer experts is an outright lie.
Admin
Encryption == DRM.
If the government demanded to be able to copy any movie (just in case, of course), then within days you'd see copies for movies in their full resolution available on the internet, from Chinese, Russian and even local pirates.
Of course Hollywood has paid the government to make them believe that this is completely unacceptable, so they accept that DRM must be uncrackable.
Admin
...would probably be fairly susceptible to timing attacks (did you mean "asymmetric"? [image])
Sure they can! Just give them some time. Although, if they have your private key why would they bother?
Not unless it's key escrow of a secure algorithm - if the backdoor is algorithmic instead, it's susceptible to someone examining the algorithm and figuring it out, which is historically not something to bet against happening. And even under key escrow, it's still less secure because someone without the same interest in keeping things secret has the secret. Look at the links above about all the leaks of physical keys.
Part of security is trust, and the point of that statement is that the more entities who know the secret, the less trust you can have that it will remain so. And it's deliberately hyperbolic to make that point - sure, in reality two people can share a secret (even more than that!) and keep it safe, but like big-O analysis and statistics, it's not the particular case that matters but rather the general one(s). And in general, key escrow can't be trusted to keep everyone's secrets, and it would take a lot of work to prove that a particular case is the exception.
Admin
Hmmm... thanks. You're absolutely right that it only describes one of the three pillars of the art... maybe if it was introduced as such, it would still be useful.
As for adding a back door for the cops making a back door for everyone... maybe just add in a sentence after "It would take thousands of years of trying by a rapidly moving robot to try all the possible laser combinations possible." like this: "Of course, if the details of my private key (and everyone else's) are stored somewhere for the FBI to use if needed, then really we are all trusting that the many thousands of people who have access to that storage place all have no temptation ever to sell or give these secrets to anyone else..."
?
Admin
Maybe it's the dyscalculia, but I can't actually picture this bit at all. I know what you're trying to describe, because I understand asymmetric key encryption, but this smaller cube thing sounds less physically possible than the light rig bit.
Admin
It's not you, his analogy collapsed under its own weight and drifted into hypothetical land.
Admin
Cool.
I'm always a fan of KISS: accept that all analogies are faulty, but you have to use them anyway. So I just go with
Admin
Unfortunately, the FBI's side seems to amount to a combination of:
someonea terrorist refuses to give them the key after they get a warrant?! They need a way in or something terrible could happen!Admin
:rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl: :rofl:
That's about all I can say on the matter without inciting a flamewar :)
Admin
Admin
If the keys are held by someone other than the recipient of the message, it's already compromised.
Admin
Isn't it also slower than symmetric encryption?
Admin
Yes, massively so.
Admin
Some people would disagree with you on that. :m::arrow_down:
Admin
Did your formula not give the chances of drawing too many balls from the urn as zero?
Admin
The "lock" analogy plays out very closely with suitcases. I bought a new suitcase about a decade ago. It came with a combination lock. Next to the combination lock was a keyhole with "TSA" and a number, for which I wasn't being given the key. When I asked the sales assistant what this was, he explained it was a lock that could be opened by baggage screeners, as a result of the USA's Homeland Security. My immediate reaction was that criminals will simply get hold of these keys, giving them access. And I live in Europe, so having a weakness built in as a result of US legislation was not thrilling. The concept was the same as allowing the government to break your encryption. A quick google shows that these are as insecure as I expected... http://www.extremetech.com/computing/214521-hackers-have-created-master-keys-to-tsa-approved-locks-and-the-tsa-couldnt-care-less
Admin
"Yet, in John Oliver’s segment, we hear a police officer that since there’s no door or safe that they couldn’t break open, encryption should be the same way. "
Um... it is... The fact that the time required to do it is best measured in decades or sometimes centuries rather than minutes or hours is merely an artifice of how much more complicated an encryption mechanism is than a door lock.
Also, there are lots of safe designs that will destroy their contents rather than allow them to be accessed by an unauthorized party. Are we going to ban those too?
Admin
"matter with negative mass"...reminds me of a book, "timemaster", where someone found a strange way to make Antimatter, and Antimatter had negative mass.