Re: Newbie naive question, perhaps - - be kind
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: Newbie naive question, perhaps - - be kind

From: Will Dickson <wrd@glaurung.demon.co.uk>
Date: Sun Oct 16 2005 - 01:39:33 CEST



On Sat, 15 Oct 2005 15:47:06 +0000, Arthur wrote:



> 1) Some of the commercial programs, such as Cryptainer,



I personally have never heard of this product. However, a brief skim of


their site doesn't ring any alarm bells.



seem to suggest


> that their  encryptions are essentially unbreakable: trillions of years


> of computer time would be required to break their Blowfish and AES


> encryption schemes in the program. Yet they suggest long passwords or


> pass phrases to make hacking these passwords "more difficult." They


> encouraged written questions from potential buyers, but have not


> answered my question: isn't the program as weak as its weakest link,


> e.g. the password??



Yes, it is. Hopefully newbie-friendly explanation:



If:



1, your encryption program uses AES (or Blowfish as far as I know);



2. it implements it properly;



3. it doesn't include any kind of "back door" or "emergency key recovery"


or (various other euphemisms which boil down to it stashing the key


somewhere obscure and hoping nobody finds it; they will, they will);



4. does various other technical details correctly;



then the only practical way, as far as anybody[1] knows, to recover your


data, is to guess what your password was. If the password is short, or is


a real word, then they can use a computer (or, more to the point, lots of


computers) to do the guessing. This is called a "dictionary attack". If


your password is long and at least somewhat gibberish, then this is much


more difficult. Long and random enough, and the effort required will be


more than anybody can be bothered to expend. At this, point, you have won.



[1] That is, anybody in the open cryptography community. What else the NSA


and friends may or may not know is an open question, since they don't tell


anyone. The smart money is that they can't do anything with it either; no


doubt the chaps in tinfoil hats would take a different view.



> 2) if these encryption schemes are so unbreakable, and commercially


> available, why haven't I heard news items describing "terrorists" and


> their use of unbreakable encrypted e-mail ("tomorrow at 10:15, Sidney,


> we light the fuse")?



http://en.wikipedia.org/wiki/Traffic_analysis



You might also care to consider the various political relationships which


exist in the realms of journalism and media broadcasting. There's a lot


more that goes on in the world, than gets onto the news. (And remember,


it's *shiny* side out.)



Can I assume that "hackability" or unbreakability


> is merely a matter of degree, and that the police or local computer


> repairman will in all likelihood be intrigued in my newly encrypted data


> files and e-mail and therefore try all the harder to see what's within?



OK, you're mixing up several different things here. "Hacking" (or


"cracking", to use the correct term, which the mainstream press never do)


is about finding flaws of one kind or another in implementations of


computer programs, and exploiting them to gain unauthorised access to a


computer and / or the data held on it. This is illegal in most "first


world" countries, and lots of other places which want the US and / or the


EU to be friends with them.



Finding flaws in encryption algorithms themselves, rather than in the


implementations (the "recipe", if you like, rather than the actual cake


that somebody baked from it) is called "cryptanalysis". It's a branch of


mathematics, and is carried on by people who are a lot smarter than me.


It's legal.



That said, you are correct in that "unbreakable" is a pretty woolly term.


There are four main subdivisions:



1. One-time-pad. This really *is* unbreakable. You can prove it


mathematically. However, nobody uses these because they have plenty of


other problems. Any program which claims to use "one-time-pads", a)


doesn't, b) is snake oil, and c) should be avoided like the plague.



2. Computationally infeasible. If you have planet-sized computers, and


live for thousands of years, you can break this in what, to you, is a


reasonable length of time. If you're an early 21st century human, you


don't, so you can't. AES with a 128-bit, *properly random* key, falls into


this category, as far as we know.



3. Good enough. Takes longer, and / or needs more computers, than anybody


who is interested in you can be bothered to devote to the matter.



4. Term of art in websites promoting snake oil. Usually translates as


"massively flawed and capable of being broken in about half an hour if


somebody competent put their mind to it."



Successful cryptanalysis of AES or even Blowfish is not something you need


to worry about. If your application is using some other algorithm,


especially if they won't tell you what it is, then it's probably snake


oil, and you do. The snake-oil FAQ can be found at


http://www.faqs.org/faqs/cryptography-faq/snake-oil/ and is recommended


reading.



If some random computer technician sees a bunch of encrypted stuff, he may


well be intrigued. (He will probably guess it to be porn :-) However, if


you've chosen a good passphrase, and everything else I wrote at the


beginning holds true, then his curiosity will get him nowhere.



If law enforcement see it, they may also be intrigued. It won't get them


anywhere either. Their next step may be to come and have a chat with you.


If this happens, you should probably call your boss, and have him/her call


your legal department. However, none of this is too likely, so I wouldn't


worry about it.



HTH



Will.


Received on Mon Oct 17 20:48:20 2005