SoylentNews is people
SoylentNews
posted by
Woods
on Saturday May 17 2014, @03:50AM
from the complex-cryptography-cannot-cover-corner-cutting dept.
from the complex-cryptography-cannot-cover-corner-cutting dept.
In a presentation titled "Crypto Won't Save You" at the AusCERT conference on Australia's Gold Coast, respected cryptographer Peter Gutmann of the University of Auckland took security bods through a decade of breaches featuring a laundry list of the world's biggest brands. Gutmann's point was to demonstrate how the weakest point of cryptography was typically in its implementation rather than the maths itself. He demonstrated that consumer devices from the Amazon Kindle to the Sony Playstation and Microsoft Xbox consoles were hacked not because of weak cryptography, but due to poor deployment of security mechanisms, which were bypassed by attackers.
This discussion has been archived.
No new comments can be posted.
Crypto-guru Slams 'NSA-proof' Tech
|
Log In/Create an Account
| Top
| 15 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
We are now enjoying total mutual interaction in an imaginary hot tub ...
(Score: 2, Redundant) by edIII on Saturday May 17 2014, @07:18AM
No, I got that. I'm saying it is about the maths ultimately and saying we don't need NSA-proof protocols is wishful thinking and hubris.
There are methods of exploitation that ignore implementation. For example, if you 100% compromise the CSPRNG algorithm (not implementation of it), you may so dramatically reduce the level of protection afforded that you can consider the method highly compromised. In similar fashion you can compromise key exchange protocols without respect to implementations. Just the math and logic.
That well-designed part covers the math, and that implies to me that the math is important. I hardly think that the CSPRNG the NSA compromised was thought of as not well designed at the time it was accepted into standards and used in many methods.
Nothing is NSA-proof. Nothing except quantum stuff that doesn't exist yet, and that will still be vulnerable to implementations too. It's all about probabilities and the amount of processing power you can throw at it. While they talk impressive numbers nearing 100th order, the truth is that adding key exchange protocols and CSPRNGs to it can very significantly weaken that back down to a point were petascale computing can handle it, and exascale computing will find it manageable.
You may have chosen a number between 1 and 1x10^99999, but if I can predict what that will be from a sophisticated analysis of the probabilities and the methods, you might as well have chosen from a range of one. The math is far more important than he is letting on, and he is saying they are done. The NSA has math only tools at their disposal.
I just don't know how you can make a blanket statement that our methods are bulletproof now if we only had proper implementations of them. That's quite a statement to say the methods can withstand that amount of brain power looking for mathematical weaknesses and also withstand the sheer amount of processing power that will be directed towards it.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0) by Anonymous Coward on Saturday May 17 2014, @07:01PM
You're saying it's is the math because broken math is susceptible to compromise no matter how good the non-algorithm implementation is.
Gutman is saying it doesn't matter how good the math (by which he means only the encryption algorithm) is, because all the other parts of the system are easier to break. The key exchange procedure, for example. Or just the fact that, in order to be useful, the data has to exist, unencrypted at some point, and it can just be stolen then. His point is that the encryption algorithms already in use are sufficiently complex that it's already easier for Them to target other parts of the system. He's saying that, even if the math is imperfect and less complex than we think, it's still easier to use a keylogger.
Even quantum-encrypted data exists in cleartext before being encrypted. It's much easier to get it off the encrypting computer before processing than to muck about decrypting the data in transit. Who cares if you're doing quantum encryption, if They have a video camera pointed at your monitor?