Stories
Slash Boxes
Comments

SoylentNews is people

Crypto-guru Slams 'NSA-proof' Tech

posted by Woods on Saturday May 17 2014, @03:50AM   Printer-friendly
from the complex-cryptography-cannot-cover-corner-cutting dept.

AnonTechie writes:

In a presentation titled "Crypto Won't Save You" at the AusCERT conference on Australia's Gold Coast, respected cryptographer Peter Gutmann of the University of Auckland took security bods through a decade of breaches featuring a laundry list of the world's biggest brands. Gutmann's point was to demonstrate how the weakest point of cryptography was typically in its implementation rather than the maths itself. He demonstrated that consumer devices from the Amazon Kindle to the Sony Playstation and Microsoft Xbox consoles were hacked not because of weak cryptography, but due to poor deployment of security mechanisms, which were bypassed by attackers.

View Gutmann's 95-page slide deck here (PDF).

 
This discussion has been archived. No new comments can be posted.
Crypto-guru Slams 'NSA-proof' Tech | Log In/Create an Account | Top | 15 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by frojack on Saturday May 17 2014, @06:35AM

    by frojack (1554) Subscriber Badge on Saturday May 17 2014, @06:35AM (#44594) Journal

    Actually what he said is that the Crypto is simply avoided, end-run, bypassed, by backdoors, and collecting the data before it is encrypted or after it is decrypted.

    He actually said:

    Gutmann said the spy agency and its allies could be warded off with properly implemented cryptography, and that new "NSA-proof" protocols were not needed.

    "We don't need any new NSA-proof protocols. Any well-designed, appropriately-deployed protocol is NSA-proof," he said.

    He specifically said its not about the maths. He couldn't have been clearer about this point.

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2, Redundant) by edIII on Saturday May 17 2014, @07:18AM

    by edIII (791) on Saturday May 17 2014, @07:18AM (#44599)

    He specifically said its not about the maths. He couldn't have been clearer about this point.

    No, I got that. I'm saying it is about the maths ultimately and saying we don't need NSA-proof protocols is wishful thinking and hubris.

    There are methods of exploitation that ignore implementation. For example, if you 100% compromise the CSPRNG algorithm (not implementation of it), you may so dramatically reduce the level of protection afforded that you can consider the method highly compromised. In similar fashion you can compromise key exchange protocols without respect to implementations. Just the math and logic.

    Any well-designed, appropriately-deployed protocol is NSA-proof

    That well-designed part covers the math, and that implies to me that the math is important. I hardly think that the CSPRNG the NSA compromised was thought of as not well designed at the time it was accepted into standards and used in many methods.

    Nothing is NSA-proof. Nothing except quantum stuff that doesn't exist yet, and that will still be vulnerable to implementations too. It's all about probabilities and the amount of processing power you can throw at it. While they talk impressive numbers nearing 100th order, the truth is that adding key exchange protocols and CSPRNGs to it can very significantly weaken that back down to a point were petascale computing can handle it, and exascale computing will find it manageable.

    You may have chosen a number between 1 and 1x10^99999, but if I can predict what that will be from a sophisticated analysis of the probabilities and the methods, you might as well have chosen from a range of one. The math is far more important than he is letting on, and he is saying they are done. The NSA has math only tools at their disposal.

    I just don't know how you can make a blanket statement that our methods are bulletproof now if we only had proper implementations of them. That's quite a statement to say the methods can withstand that amount of brain power looking for mathematical weaknesses and also withstand the sheer amount of processing power that will be directed towards it.

    --
    Technically, lunchtime is at any moment. It's just a wave function.

    • (Score: 0) by Anonymous Coward on Saturday May 17 2014, @07:01PM

      by Anonymous Coward on Saturday May 17 2014, @07:01PM (#44681)

      You're saying it's is the math because broken math is susceptible to compromise no matter how good the non-algorithm implementation is.

      Gutman is saying it doesn't matter how good the math (by which he means only the encryption algorithm) is, because all the other parts of the system are easier to break. The key exchange procedure, for example. Or just the fact that, in order to be useful, the data has to exist, unencrypted at some point, and it can just be stolen then. His point is that the encryption algorithms already in use are sufficiently complex that it's already easier for Them to target other parts of the system. He's saying that, even if the math is imperfect and less complex than we think, it's still easier to use a keylogger.

      Even quantum-encrypted data exists in cleartext before being encrypted. It's much easier to get it off the encrypting computer before processing than to muck about decrypting the data in transit. Who cares if you're doing quantum encryption, if They have a video camera pointed at your monitor?