[Cryptography] Dark Mail Alliance specs?

Ralf Senderek crypto at senderek.ie
Thu Mar 27 07:22:08 EDT 2014 

On Thu, 27 Mar 2014, Bear wrote:

> But security is a negative result. If you want to demonstrate security
> you want to show that something *didn't* happen, and that is much much
> more difficult. I don't know whether the cloud machine I rented is
> secure in my interests as a user or just a VM sitting there logging
> all the packets and memory writes, until suddenly I'm seeing my
> customers' credit card details being sold at black hat sites.

Let's be specific:
If you use strong encryption on the cloud server and the decryption
key _is not stored on the server_ but comes from outside (when needed), 
travelling to the server via a (working) TLS and the cloud server is
a dedicated machine in a data centre, why can't it be secure?

As we know, security is not absolute, so a threat model is required
to assess security:

1) attacks with no physical access through network:
    * the customer's database is stored encrypted, the key cannot
      be found on the server's file system.
    * malfunction of web server software are limited to what the
      web server process can access.
    * attempts to gain root privilege via ssh are blocked or slowed
      down

2) attacks with physical access
    * if data centre employees access the file system to modify it,
      which is possible with physical access, there might be visible
      evidence of this modification. That's why security is a process
      and not a product.

> Because the machine owners can in principle break the machine users'
> security with impunity, with no evidence visible to the user, and
> then later deny all knowledge of how that customer database got out
> there, I'm never going to be able to prove it if the security of
> the cloud fails me.

That's true if you assume that root access and invisible modification
of crucial software is possible. Otherwise there is evidence.

Now compare this kind of cloud server with the "zero-click encryption"
using plain text RSA private keys on smartphones and you'll see the
difference. If your customer's credit card info is being sold at black
hat sites, where did that information most likely have come from?


         --ralf

More information about the cryptography mailing list