[Cryptography] "we need to protect [our dox] by at least encrypting them"

ianG iang at iang.org
Mon Nov 7 20:04:16 EST 2016 

On 06/11/2016 00:04, Benjamin Kreuter wrote:
> On Sat, 2016-11-05 at 14:29 +0100, ianG wrote:
>
>> The big picture is this:  the node is the threat, not the
>> wire.  This
>> case as 99% of the threat evidence out there is all about hacking
>> some
>> server and scarfing up everything, *or* some insider threat leaking
>> the
>> trove.
>
> The fact that the server might be hacked is *exactly* why end-to-end
> encryption is needed.  PGP is not really about protecting mail on the
> wire, it is about dealing with the fact that "sending" mail really
> means creating copies on multiple machines, any one of which might be
> compromised, and those copies might be stored indefinitely.  Huma
> Abedin just learned that lesson the hard way.


But this rabbit hole goes further - unless the app decodes in a sandbox 
and can prove that nothing else can get into the sandbox, the bottom 
line is that Huma's erstwhile 'end-node' is still a node.

All PGP does is eliminate all the visible, easy intermediate nodes, 
maybe.  E.g., if it is a usable interface, then the mail is decrypted 
into IMAP so it can be read and searched and so forth... so even then 
the nodes might be reduced but the vulnerable ones are still present.

However you do the analysis, it still ends up that the best strategy for 
the attacker is to ignore the wire and hack the node.  So the only 
defensive strategy that actually faces up to the attacker is to defend 
the node.  Start from the node.

Most all security work starts from the wire - it's that old CIA thing 
that's embedded into the consciousness.  It's that box we have to get 
out of.


> I think insider threats are not really a cryptography problem, although
> certain approaches to dealing with insider threats call for some sort
> of cryptography.  Modern cryptography is about dealing with the
> security problems that arise when information flows across some
> organizational or security boundaries.  Such problems are inherent to
> any Internet-connected system and to any application that uses the
> Internet:


Well, no.  Insider threats are beyond cryptography only when you're in 
cryptothinking's cryptobox.  Consider Bitcoin - it's a cryptographic 
solution to an insider threat, that of Ivan issuing more money or 
accepting false tender.  SSH and PGP could be considered as criticism of 
the insider vulnerability of PKI.  Shamir secret sharing, ring or group 
signatures, etc.


>> Or both - with the news that 5 intelligence services were likely
>> (99%)
>> to have hacked Hillary's private servers, and wikileaks likely
>> getting
>> their leaks from insiders.
>
> Exactly: the server is not trustworthy, simply because it is connected
> to the Internet.

Yeah - in that at the very least, we should expect the counter-intel 
services to have provided a hack-proof box to Hillary that she chose not 
to use.


>> Which is to say, we could paper the planet with wire encryption -
>> pure
>> PGP mail and HTTPS as standard - and we'd not move the threat needle
>> by
>> more than 1%.
>
> How would using PGP fail to move the threat needle?  If the mail on the
> server was encrypted the needle would have been moved, in the sense
> that hacking just one server would not give you access to anything.


ach - because to be usable, an email client has to connect to IMAP and 
analyse all the mail in the clear.  This is of course to damn crypto for 
email's pre-historic architecture, which is why a lot of people say that 
email can never be secured, and should be abandoned wholesale.

In essence I'm saying that we *could* talk about PGP having been used to 
encrypt all the data and have it encrypted at rest on the box.  But in 
practice, it never seems to work out that way.


>  If
> the private keys are kept on a hardware token that requires a periodic
> button press to decrypt anything, the needle moves even more (and the
> usability benefits of having keys on a token are nice too).


To be worth anything it has to work for 1++ bn people.   The paper 
designs of the security industry are routinely crushed between the 
unstoppable force of the hacker and the immovable rock of Kherckhoffs' 6th.

Idle question - did Hillary have a hardware token?

iang

More information about the cryptography mailing list