Looks possible, according to this:
http://www.wired.com/threatlevel/2009/06/deep-packet-inspection/
QuoteFollowing a report last week that Iran is spying on domestic internet users with western-supplied technology, advocacy groups are pressuring federal lawmakers to scrutinize the use of the same technology in the U.S.
The Open Internet Coalition sent a letter to all members of the House and Senate urging them to launch hearings aimed at examining and possibly regulating the so-called deep-packet inspection technology.
...
But similar technology is being installed at ISPs in the U.S.
It spurred extensive controversy last year when Charter Communications, one of the country's largest ISPs, announced that it planned to use deep-packet inspection to spy on broadband customers to help advertisers deliver targeted ads.
The plan sparked a backlash and heated congressional hearings. Publicity about the issue died down, however, after Charter retreated from its plan, and Congress moved on to other matters. But deep-packet inspection didn't go away.
ISPs insist they need it to help combat spam and malware. But the technology is ripe for abuse, not only by ISPs but also by the U.S. government, which could force providers to retain and hand over data they collect about users.
I
did wonder about this at the time. I'm glad to see people with more clout were thinking the same thing.
I wish I could say I was surprised.
Though, one think I've been thinking about, is how does DPI cope with cryptography and stenography?
We need to violate people's rights so we can protect their freedom.
Quote from: Rumwolf on July 04, 2009, 03:58:20 AM
I wish I could say I was surprised.
Though, one think I've been thinking about, is how does DPI cope with cryptography and stenography?
DPI?
Deep Packet Inspection
Quote from: Rumwolf on July 04, 2009, 03:58:20 AMThough, one think I've been thinking about, is how does DPI cope with cryptography and stenography?
If I remember correctly from a conversation with a friend who seems to know plenty about this kind of thing, it doesn't. I'm having a few pints with him in a few days, so I'll bring it up.
Quote from: Rumwolf on July 04, 2009, 03:58:20 AM
I wish I could say I was surprised.
Though, one think I've been thinking about, is how does DPI cope with cryptography and stenography?
Doubt that it can, directly. Might give a good enough sample to crack some encryptions, though. Also, it's steganography, unless you're talking about using snail mail and your secretary's computer for your sekrit bidness.
Modern crypto schemes are effectively unbreakable*, DPI won't do crap to them, and knowing whose talking to who is still useful, but DPI isn't needed for that. I suppose the NSA might have cracked RSA or AES-256 and not told us, but if they did they probably would have stopped using them. Side channel attacks are pretty much the only thing you have to worry about, and those rely on issues on your system, like Debian's infamous botched PRNG, or the backdoor into Window's PRNG they found a while back.
*A new attack was just published on how to break AES-256. It requires 2^119 steps, or about 20,000,000,000,000 years with a multi petaflop system, thus effectively unbreakable.
Quote from: yhnmzw on July 05, 2009, 06:26:58 PM
Also, it's steganography, unless you're talking about using snail mail and your secretary's computer for your sekrit bidness.
:oops:
Quote from: Requia on July 06, 2009, 02:37:35 AMpetaflop
I just wanna say, I love this word. Though I think it should be used every time PETA unveil another media initiative.
Prima: Hey have you heard? PETA have hired nudists to chain themselves to major takeaway food stores because of the conditions the animals are kept in before slaughter.
Secunda: Oh, really? Sounds like another PETAflop to me.
damn, now i need to figure out how to harness the new PETAflop benchmark.
How many PETAflops would you say the Seinfeld/Microsoft commercial was? How about all the Ford commercials on American Idol?
Quote from: Requia on July 06, 2009, 02:37:35 AM
Modern crypto schemes are effectively unbreakable*, DPI won't do crap to them, and knowing whose talking to who is still useful, but DPI isn't needed for that. I suppose the NSA might have cracked RSA or AES-256 and not told us, but if they did they probably would have stopped using them. Side channel attacks are pretty much the only thing you have to worry about, and those rely on issues on your system, like Debian's infamous botched PRNG, or the backdoor into Window's PRNG they found a while back.
*A new attack was just published on how to break AES-256. It requires 2^119 steps, or about 20,000,000,000,000 years with a multi petaflop system, thus effectively unbreakable.
Correct... Deep Packet Inspection is basically like the ISP opening your mail, reading it, looking for marketing hooks, sticking it back in the envelope and sending it on to you. Sure, it is a good way to combat spam, but opening and reading all of your mail to stop mail fraud would probably be seen as ludicrous to most people.
Encryption as Requia points out will protect you, since they open the envelope and see gibberish.
> ISPs insist they need it to help combat spam and malware.
this is bullshit and plain wrong.
Quote from: Rumwolf on July 04, 2009, 03:58:20 AMI wish I could say I was surprised.
"I may not be surprised, but I'm damn well making a big stink about it." Nokia=Siemens=Fascism Enablers.
Quote from: Ratatosk on July 06, 2009, 02:43:51 PMEncryption as Requia points out will protect you, since they open the envelope and see gibberish.
Wow that's just great, so eh, who of you guys is already using encrypted channels for the majority of your communications?
Nobody? Oh
ok snide cynicism aside, one concept in crypto security is that as long as everybody is writing on postcards, anyone sending a letter in an envelope will stand out of the crowd, regardless of how hard it is to open and read the envelope.
twitter is not encrypted. neither is over 99% of all email. or the websites you're visiting. the forum posts you make. the AIM/MSN/IRC conversations you have.
(just before anyone points it out, the fact that GMail uses SSL/https, or maybe your IMAP mailserver does, that's just the authentication protocol between server and client. the protocol between the mailservers themselves remains unencrypted, and probably already DPIed, as ever)
what does help, is using TOR.
you know why TOR is so slow right? because nobody wants to be a TOR exit node. cause they fear they might aid pedophiles*. or terrorism.
and because the law isnt entirely clear about whether or not you are liable for these things when you allow your TOR client to be an exit node.
of course, if everybody would be an exit node, the TOR network would both be more anonymous and a lot faster (although still slower than regular internet, but I do not think by much)
oh and by the way, TOR is insecure in other ways, since any exit node can (illegaly) inspect the plaintext output of any TOR clients (except they dont know who they are), any passwords sent along in plaintext are insecure. so that would be where this SSL/https stuff comes in handy, since that takes care of the plaintext password side of the situation :-)
* and, I won't lie, as current (illegal) TOR exit node analysis points out, this indeed seems to be the case. for pedophilia that is, not terrorism.
Quote from: Triple Zero on July 07, 2009, 07:17:34 PM
ok snide cynicism aside, one concept in crypto security is that as long as everybody is writing on postcards, anyone sending a letter in an envelope will stand out of the crowd, regardless of how hard it is to open and read the envelope.
That's why you'd want to use steganography. I guess it could also lead to be cryptography being illegal, (except for banking stuff etc I suppose).
Actually, it kinda reminds me of this:http://xkcd.com/538/
Which in cases where you are suspected of something illegal being encrypted would be pretty close to what would happen.
Ok, I'm not sure how computer cryptography works, so correct me please if I'm wrong. But wouldn't the two communicators have to trade an encryption key at some point, thus if the all packets being sent can be read, couldn't the key be picked up as well (and used to decrypt the message)?
Quote from: Rumwolf on July 08, 2009, 08:23:22 AMQuote from: Triple Zero on July 07, 2009, 07:17:34 PMok snide cynicism aside, one concept in crypto security is that as long as everybody is writing on postcards, anyone sending a letter in an envelope will stand out of the crowd, regardless of how hard it is to open and read the envelope.
That's why you'd want to use steganography. I guess it could also lead to be cryptography being illegal, (except for banking stuff etc I suppose).
no, because stego means you're still hiding.
also it won't work anymore if everybody uses it, cause then you can scan for the patterns. and the goal is for everyone to be able to communicate without being snooped upon right?
another reason why you dont want to use stego is that you need to agree upon the secret channel before you can send someone a steganographed message. if I were to send you a JPEG photo, you wouldnt know whether the message is the photo, maybe some visual riddle pertaining the photo, or the message is hidden in the least significant bit, in the JPEG comment, or in only every fifth red pixel or whatever.
but if the secret channel is always the same, it can be deep packet inspected again.
furthermore, you *really* gotta know what you're doing. the basic idea of hiding a message in the least significant bits of an image is in fact real easy to detect, because the LSB's of a real world image such as a photograph have a completely different pattern than when replaced with an encoded message. some stego articles even state incorrectly that the LSB of an image is similar to random noise. check it for yourself, it's not. if it was, you can replace random noise with encrypted data or compressed data and it's pretty hard to tell the difference, but there are in fact not many secret channels that contain random noise by default and can be replaced with different "noise" without much problems.
finally, getting past all these disadvantages, proper, secure stego, requires several orders of magnitude in additional bandwidth.
IMO, stego is only useful for extra-special secrecy, or having to improvise smuggling something past a watchful eye.
no, the proper way to get this right is to take a look at our postal system. the solution is already in the example I gave. most snail mail is encased in envelopes ("encrypted") and only a small part of the mail is on postcards ("plaintext"). it is regarded as "normal" to put your mail in an envelope, and not regarded as "he has something to hide".
if much more people would get into the habit of using PGP on their email, even, no
especially if they have nothing to hide, it would just become the normal thing to do "yeah of course I PGP my email, who knows where the data might end up? this way only aunt Betty can open the message. that just makes sense, right"
QuoteActually, it kinda reminds me of this:http://xkcd.com/538/
Which in cases where you are suspected of something illegal being encrypted would be pretty close to what would happen.
doesn't apply to DPI. it's too large scale. they can't rubberhose all people that send encrypted packets.
and if they only do it with people that "are suspected of something illegal being encrypted", this is not a problem of DPI but with why or how these people were suspected.
which is a lot harder is all data on the internet that is assumed to be private is in fact really private and encrypted properly.
they don't need to DPI communications in order to torture suspected dissidents either.
QuoteOk, I'm not sure how computer cryptography works, so correct me please if I'm wrong. But wouldn't the two communicators have to trade an encryption key at some point, thus if the all packets being sent can be read, couldn't the key be picked up as well (and used to decrypt the message)?
yes but there are a bunch of very neat tricks to minimize this danger. look up the Diffie Hellman key exchange protocol, for an example.
also public/private key schemes (such as in PGP) only run this risk once, when the public keys are exchanged, so if you meet in person once, that is enough to be able to securely communicate from then on. also with "key signing" you can have friends vouching for the authenticity of other people that you may not have met, there are key signing authorities ... lots of stuff.
it is something to be aware of, yes. but fortunately not impossible to get around.
Quoteok snide cynicism aside, one concept in crypto security is that as long as everybody is writing on postcards, anyone sending a letter in an envelope will stand out of the crowd, regardless of how hard it is to open and read the envelope.
The last company I worked for encrypted literally everything meant for transmission over public infrastructure, sometimes with 3 or 4 layers of the stuff (huge pain in my ass really). Most of the internal stuff was encrypted too.
Quote from: Triple Zero on July 08, 2009, 10:24:13 AM
Good points, I'd say you're right about getting people to encrypt the majority of what they do, unfortunately the public isn't educated about a) how to do it and b) why to do it, so it will probably take a while to the movement to get to the mass public, by which time technology would have changed anyway.
I actually thought stego was like random noise, but then again I don't know a whole lot about encryption.
Quote from: Triple Zero on July 08, 2009, 10:24:13 AM
they don't need to DPI communications in order to torture suspected dissidents either.
Doesn't mean they won't use it as "evidence" to justify their actions. But if more people encrypt then it wouldn't be that much of a problem.
Quote from: Triple Zero on July 08, 2009, 10:24:13 AM
it is something to be aware of, yes. but fortunately not impossible to get around.
Good to know.
Stego is good if you have lots of stuff and the stego bit looks like an unsuspecting piece of useless stuff. So if I have some data hidden away in some jpgs on my disk, along with 1000 non-stego jpgs, its a good way to hide stuff.... to use it as a regular communication tool though weakens the 'needle in haystack' layer of its security.
There are a couple things you can do to deal with deep packet inspection. However, which you choose depends greatly on what you're trying to protect yourself from. Let's say I live in a free country where corporations want to spy on my packets for marketing purposes. In that case, personally encrypted traffic is fine. I am stopping their ability to LOOK, but its OBVIOUS. My ISP probably won't do much about it and will just ignore my packets.
If on the other hand I live in a country where I am not free and the government is doing DPI in order to find dissidents... encryption will make me stick out like a sore thumb. Even if everyone uses some encryption, it is trivial to statistically see who is sending way more encrypted traffic than normal. To get past this sort of snooping you need chaff. Cory Doctorow's book Little Brother, hypothesis about Paranoid Linux, which is designed specifically to create this kind of chaff. There was some movement on a real world project like that but its currently dead on the vine :(
Torrents are a great way to create chaff, most torrent clients have a way to send encrypted traffic, and its normal enough. The only real thing you'd need is a way to hide things inside something that looks like torrent info.
I'm actually kinda surprised more groups aren't using Spam as a covert channel.
Quote from: Ratatosk on July 09, 2009, 03:18:40 PM
Stego is good if you have lots of stuff and the stego bit looks like an unsuspecting piece of useless stuff. So if I have some data hidden away in some jpgs on my disk, along with 1000 non-stego jpgs, its a good way to hide stuff.... to use it as a regular communication tool though weakens the 'needle in haystack' layer of its security.
unless encryption is somehow illegal, I'd opt for TrueCrypt first, stego second.
you can still stego your stuff in any layer of TrueCrypt, and on top of that, you can hide the entire TrueCrypt partition with stego, just insert a 30 meg TrueCrypt partition somewhere in the middle of an AVI file. if you do it properly (frame boundary, thing), the AVI will even still play without as much as a hiccup.
QuoteIf on the other hand I live in a country where I am not free and the government is doing DPI in order to find dissidents... encryption will make me stick out like a sore thumb. Even if everyone uses some encryption, it is trivial to statistically see who is sending way more encrypted traffic than normal. To get past this sort of snooping you need chaff. Cory Doctorow's book Little Brother, hypothesis about Paranoid Linux, which is designed specifically to create this kind of chaff. There was some movement on a real world project like that but its currently dead on the vine :(
this is why we need to get the MASSES to start using PGP as soon as possible.
let me repeat myself:
the proper way to get this right is to take a look at our postal system. the solution is already in the example I gave. most snail mail is encased in envelopes ("encrypted") and only a small part of the mail is on postcards ("plaintext"). it is regarded as "normal" to put your mail in an envelope, and not regarded as "he has something to hide".
if much more people would get into the habit of using PGP on their email, even, no especially if they have nothing to hide, it would just become the normal thing to do
"yeah of course I PGP my email, who knows where the data might end up? this way only aunt Betty can open the message. that just makes sense, right"the bolded bit should become
common sense to (most) people. just like it's common sense to keep your CC info to yourself.
now, I'm gonna be honest, and tell you I have never really used PGP (or GPG) myself. I never generated a private/public key pair and am not encrypting my emails.
HOWEVER, I am going to make it a point of figuring out how to do this (I bet it's really easy). I think of myself as being pretty good in explaining computer stuff to people that normally struggle with computers (as long as I can explain my Machine Learning topics to my mum, and teach economy/business students to program Java) and then I'm gonna see how many people I can get "over" to at least install a kind of plugin that allows them to read my encrypted messages.
cause I think the time is right, and it's now or never. assume that DPI is already there, make encrypting communications be the norm instead of the exception, so that when the time comes DPI is used to weed out "dissidents", they first need to outlaw encryption, and if that's widespread enough, people might get a clue what's up and protest. ... ok it's a small chance, but enough recent events concerning privacy and freedom of information have convinced me that, it's on bitches.
i like what you are saying 000, i looked into it a bit and it was beyond me at the time to figure out tec talk for tec guys, but if you find a plug in and run email encryption and can explain it i would like to learn
Quote from: Triple Zero on July 09, 2009, 06:22:45 PM
Quote from: Ratatosk on July 09, 2009, 03:18:40 PM
Stego is good if you have lots of stuff and the stego bit looks like an unsuspecting piece of useless stuff. So if I have some data hidden away in some jpgs on my disk, along with 1000 non-stego jpgs, its a good way to hide stuff.... to use it as a regular communication tool though weakens the 'needle in haystack' layer of its security.
unless encryption is somehow illegal, I'd opt for TrueCrypt first, stego second.
you can still stego your stuff in any layer of TrueCrypt, and on top of that, you can hide the entire TrueCrypt partition with stego, just insert a 30 meg TrueCrypt partition somewhere in the middle of an AVI file. if you do it properly (frame boundary, thing), the AVI will even still play without as much as a hiccup.
Yep, I use Trucrypt almost every day :) Though I haven't used it in combination with Stego, that's an interesting idea. The hidden encrypted disk option is nice and I use it on a thumb drive for transferring encryption keys from one environment to another.
Quote
QuoteIf on the other hand I live in a country where I am not free and the government is doing DPI in order to find dissidents... encryption will make me stick out like a sore thumb. Even if everyone uses some encryption, it is trivial to statistically see who is sending way more encrypted traffic than normal. To get past this sort of snooping you need chaff. Cory Doctorow's book Little Brother, hypothesis about Paranoid Linux, which is designed specifically to create this kind of chaff. There was some movement on a real world project like that but its currently dead on the vine :(
this is why we need to get the MASSES to start using PGP as soon as possible.
let me repeat myself:
the proper way to get this right is to take a look at our postal system. the solution is already in the example I gave. most snail mail is encased in envelopes ("encrypted") and only a small part of the mail is on postcards ("plaintext"). it is regarded as "normal" to put your mail in an envelope, and not regarded as "he has something to hide".
if much more people would get into the habit of using PGP on their email, even, no especially if they have nothing to hide, it would just become the normal thing to do "yeah of course I PGP my email, who knows where the data might end up? this way only aunt Betty can open the message. that just makes sense, right"
the bolded bit should become common sense to (most) people. just like it's common sense to keep your CC info to yourself.
now, I'm gonna be honest, and tell you I have never really used PGP (or GPG) myself. I never generated a private/public key pair and am not encrypting my emails.
HOWEVER, I am going to make it a point of figuring out how to do this (I bet it's really easy). I think of myself as being pretty good in explaining computer stuff to people that normally struggle with computers (as long as I can explain my Machine Learning topics to my mum, and teach economy/business students to program Java) and then I'm gonna see how many people I can get "over" to at least install a kind of plugin that allows them to read my encrypted messages.
cause I think the time is right, and it's now or never. assume that DPI is already there, make encrypting communications be the norm instead of the exception, so that when the time comes DPI is used to weed out "dissidents", they first need to outlaw encryption, and if that's widespread enough, people might get a clue what's up and protest. ... ok it's a small chance, but enough recent events concerning privacy and freedom of information have convinced me that, it's on bitches.
I've used PGP since 1994. I remember people then saying exactly the same thing... "We gotta get everyone to encrypt email" However, until Outlook Express and GMail do it automatically, I don't think its gonna happen. People are just too ignorant of the security issues involved or fail to see what value they get out of the extra work. It's not like a Web of Trust is all that easy to explain to the world at large. And at the end of the day, unless we have huge signing parties on a very regular basis, among people we can trust implicitly, there are a lot of potential holes and abuses a malevolent government could implement.
The current GPG/PGP solutions are pretty good. I implemented PGP Universal here at the office and basically the users have no idea what's going on. They just know that if a message should be encrypted they put a key word in the Subject and it gets encrypted by policy.
I use firegpg (firefox plugin), ridiculously simple, integrates flawlessly with gmail.
Quote from: Requia on July 09, 2009, 07:03:10 PM
I use firegpg (firefox plugin), ridiculously simple, integrates flawlessly with gmail.
Ohh nice, haven't tried it yet. I'll have to give it a go!
yea, i think i once had a problem with something they call "illegal numbers" or somehting.
apparently, if the US gov. cannot decrypt the cypher, then that string of numbers is illegal...
therefore, all US-available encryption protocols are breakable
(not to mention quantum computing, which I hear is doing well at solving Factors)
Not that it matters, i mean, transparency is all, still, it is an option that people
should truly believe they have?
PGP in the USA runs on breakable RSA...
the new versions are all RSA
I think you have to go down to 7.x?
Rev Stan is false on every post in the last three.
1) Quantum Computing is not anywhere near factoring anything.
2) The US Government cannot decrypt a lot of stuff currently and a 'string of numbers' doesn't even make sense in the context. :kingmeh:
3) RSA has had some issues, but none of them make cracking PGP trivial. In fact, with the corrected PKCS padding algorithm and no access to the hardware generating the key, any attack would be extremely difficult and its likely that the attacker would revert to trying to crack the key via brute force.
uh, I think you implicitly agreed to all and then qualified by adding "hard to do"
you never heard of illegal numbers, see, that the problem...
this is a waste of time
Actually, since I was tangentially involved with DeCSS, I am aware of illegal numbers. I'm also aware that they are entirely meaningless in the context of this discussion.
Quote from: Rev. Stanley Baldwin on July 09, 2009, 07:45:19 PM
uh, I think you implicitly agreed to all and then qualified by adding "hard to do"
Sure, "hard to do" as in "It would require a period of time from the esitmated creation of the Universe until now, to brute force PGP".
Any encryption system can be brute forced... its simply a matter of trying all the keys. The advantage lies in a key space that is so large, it is infeasible to actually get through enough of the keyspace to have any real chance of finding the key.
In theory any keysystem could be broken immediately, if you had a really reall really lucky guess. 1:2^2048 is pretty low odds though... 1:2^256 is pretty low odds as well (AES 256, the current standard for symmetric encryption).
right, which is why you are happy w/ RSA, good luck
and the key word, iIS tangentially
why would one need to brute-force RSA...?
and please do not be bamboozled by thermodynamic arguments
on the heat-death of the universe, those calcs are all based on
brute force...
RSA = USA piglatin...
Well, it took him 60 posts to go from incomprehensible to asshole.
Quote from: Rev. Stanley Baldwin on July 09, 2009, 08:04:20 PM
why would one need to brute-force RSA...?
Because, as long as the proper padding is used.... brute-force is the only form of attack that is feasible. It's faster than trying to solve the RSA problem or factor all of the large primes. All of these attacks are hard (in the crypto sense meaning 'not yet solvable'). Could something change, sure. Could the government have a sooper seekrit solve for the RSA problem? Sure.
Is it likely? Fuck no.
really, no one believes that bubble-fish and RSA are compromised?
Quote from: Rev. Stanley Baldwin on July 09, 2009, 08:11:21 PM
really, no one believes that bubble-fish and RSA are compromised?
Blowfish, I assume you mean?
Well, people believe lots of things. For example, some people believe that YHVH is getting ready to destroy the world and rapture up the Christians. Some people believe the Illuminati controls everything and some people think the NSA has secret crypto technology that can decrypt PGP.
Generally, in conversing with these people I find a number of reasons to consider anything they believe suspect. Like you, for instance...
PGP is a shell...
its the algorythm that counts...
really, are you the ones that repackaged it?
Assigned reading: Applied Cryptography circa '1997 ed....
Quote from: Rev. Stanley Baldwin on July 09, 2009, 08:18:11 PM
PGP is a shell...
its the algorythm that counts...
PGP is an application which uses algorithms. I have in fact, worked through the code (back when it was easily available). At the time I was doing a lot of work with Bruce Schneier (author of blowfish, infact) and Matt Curtin. PGP was my "I'm a n00b, teach me" work while they were busy doing cool new shit that was way over my head.
Now, is the current version I have running in this corporation completely free of backdoors and NSA spooks, I don't know. We have legal agreements in place with PGP corp. which states that such things don't exist. if the company deemed it necessary we could get the source code and have it analyzed by a professional cryptographer. However, we have decided not to do that since a business that we partner with regularly paid for just such an assessment about a year before we purchased our solution.
In short, IF NSA doors exist they are so well hidden that the company can allow cryptographers and programmers to look through their code without concern. That seems highly unlikely.
The code for GPG is still publicly available and I have a high level of confidence in its current incarnation.
Now, please explain what the fuck illegal numbers or 'quantum' has to do with this conversation, other than buzzwords that you heard through your tinfoil hat?
Quote from: Rev. Stanley Baldwin on July 09, 2009, 08:20:02 PM
Assigned reading: Applied Cryptography circa '1997 ed....
Read it, own first and second edition... cut my teeth on crypto with its author (see above)
Quote from: Ratatosk on July 09, 2009, 06:38:48 PM
Yep, I use Trucrypt almost every day :) Though I haven't used it in combination with Stego, that's an interesting idea. The hidden encrypted disk option is nice and I use it on a thumb drive for transferring encryption keys from one environment to another.
when I browsed the TrueCrypt docs, first thing I noticed was you can hide a TC partition in any file and still mount it.
QuoteI've used PGP since 1994. I remember people then saying exactly the same thing... "We gotta get everyone to encrypt email"
yeah I know, but times have changed a lot since 1994 and so has usability. we just gotta keep trying, right?
hey, how am I going to be sure this won't take off if i don't even try it myself? :)
QuoteHowever, until Outlook Express and GMail do it automatically, I don't think its gonna happen. People are just too ignorant of the security issues involved or fail to see what value they get out of the extra work. It's not like a Web of Trust is all that easy to explain to the world at large. And at the end of the day, unless we have huge signing parties on a very regular basis, among people we can trust implicitly, there are a lot of potential holes and abuses a malevolent government could implement.
I'm pretty sure there are already enough easy-to-use plugins for most popular software out there.
the Web of Trust and key-signing parties stuff I don't know enough about yet to judge how easy or hard that will be. but carrying an USB stick with my public key and giving it to my friends and family every time I meet one, would be a good start, no? And once I got that, I could securely email those I have IRL shared my public key with any public keys of others I happen to obtain, right?
and
1. I'm pretty sure Rev.Stan is trolling by now.
2. I'm also pretty sure he's trying to hide his lack of knowledge by obtuse language.
3. "Illegal numbers", or "Illegal primes" refer to, afaik, some algorithm that
used to be classified and therefore illegal
in certain countries such as the USA, encoded as a hex number and then padded with extra digits to yield a prime number. Legally this prime number
used to be illegal and that's kinda funny so it got famous.
4. Indeed Quantum Computing is nowhere near factoring or solving any encryptions. A friend of mine used to work on the topic and no, it doesn't do much yet. Only theoretical in machines that cannot be built yet.
5. I've read quite a bit lately about the current state of crypto algorithms, and it led me to believe that even using a slightly tougher variation of the old Playfair cipher would still foil anything except a targeted attack. And therefore it would foil DPI as well if it would be widely used. Now RSA is several orders of magnitude harder to crack, so yeah, widespread use of RSA would definitely prevent DPI Big Brother scenarios.
6. There is no algorithm yet to easily crack RSA. If it had been found, I don't see how the USA gov could keep it to itself. But maybe that's wishful thinking, if someone can argue how they could keep it to themselves, I'd like to hear about it.
etc
As usual Trip, you are riding the correct motorcycle ;-)
For what it's worth, there *is* a history of NSA backdooring of production cryptography tech. That said, the last I have heard of that was something in the mid-nineties for *hardware crypto devices*, and there was such a stink about that that I can't see the NSA bothering with it again. Furthermore, it isn't as though the internet is americans-only; to my knowledge, encryption standards cannot be controlled (I have no idea if that 'crypto is munitions' thing is still around, but I know that it was gotten around back in the day).
That said, I have minimal knowledge and minimal interest in cryptography. Ratatosk and 000 are most likely to be riding the correct motorcycle, and if some of what I am posting is BS, let it be reasonably clear that it's probably because I suck at crypto and am not phrasing this stuff right.
Quote from: Enki-][ on July 09, 2009, 09:50:03 PM
For what it's worth, there *is* a history of NSA backdooring of production cryptography tech. That said, the last I have heard of that was something in the mid-nineties for *hardware crypto devices*, and there was such a stink about that that I can't see the NSA bothering with it again. Furthermore, it isn't as though the internet is americans-only; to my knowledge, encryption standards cannot be controlled (I have no idea if that 'crypto is munitions' thing is still around, but I know that it was gotten around back in the day).
That said, I have minimal knowledge and minimal interest in cryptography. Ratatosk and 000 are most likely to be riding the correct motorcycle, and if some of what I am posting is BS, let it be reasonably clear that it's probably because I suck at crypto and am not phrasing this stuff right.
Backdoors in crypto have existed in the past... or at least potential backdoors. Dual_EC_DRBG was a random number generator pushed as a standard by NSA. Within a year or so of it coming out, cryptanalysis showed a bais in number selection which gave a strong supporting argument to the people saying the NSA was pushing the algorithm for their own reasons (it was slow and icky to begin with).
The Windows Crypto API was also strongly suspect for awhile (NT4 days I think), based on some flaws which could constitute a backdoor, if the flaws were intentional.
There were machines produced in Sweden or Denmark or somewhere like that which there was strong evidence to support that the NSA may have been putting a number of backdoors in, based on the country the product was gonna go to.
Again, no confirmation for any of this... it could all have simply been bad implementations. It could also have been the NSA. Lots of coincidences don't mean it WAS the NSA, but lots of coincidences shouldn't be ignored. It's most illuminating, however, to note three things:
1) Out of all of the potential NSA backdoors that are known, one appears to have been successful for a long period of time. That was the hardware machines, which were proprietary and NOT peer-reviewed.
2) None of these systems were OPEN. Good Crypto uses open algorithms and open implementations. If the world can see the code and still can't break the crypto, then you've maybe got something.
3) Cryptanalysis found the issues in Windows Cryto API and Dual_EC_DRBG. Backdoors in crypto are almost always reliant on tricks in math... math that can be tested outside the system by others. In short, its very difficult and likely to be found.
In short, the NSA might have Super Quantum Computer with a magical wireless backdoor to every PGP install on the planet. The NSA may also be in contact with aliens.
I would say that its more likely they're chatting with Ford Prefect than looking around inside PGP encrypted messages. :lulz:
From what I understand, Quantum Computers are *in theory* potentially more useful for brute forcing because they can more easily parallelize permutation-type operations. That said, AFAIK we don't have quantum computers on the cutting edge of lab development that can do the kind of computation that your freebie desk calculator can.
Quote from: Enki-][ on July 09, 2009, 10:28:23 PM
From what I understand, Quantum Computers are *in theory* potentially more useful for brute forcing because they can more easily parallelize permutation-type operations. That said, AFAIK we don't have quantum computers on the cutting edge of lab development that can do the kind of computation that your freebie desk calculator can.
Correct.
Of course the actual EXISTING cool quantum crypto stuff lies in key exchange. There's a system available right now which utilizes quantum entanglement to provide the shared key to the other side. This is cool because there isn't really a 'channel' for a man-in-the-middle and ... even if there was a man-in-the-middle, by looking at it he would change the eigenstate and the sender/receivers would KNOW someone peeked at their key exchange.
In simple, there are two boxes with a bunch of entangled quanta. (Q1 is entangled with Q1 in the other box etc). Each q is a bit (qbit), each bit is either spinning up, or spinning down... Up and Down is a binary choice so Up can stand for 1 and down can stand for 0 (or vice versa). If we change the pattern in box A, the pattern changes in box B. This provides us a way to send and receive keys for encryption through quantum entanglement. The only requirement is that you have qbits equal to the bit-length of the key you want to use.
In theory you could send any key this way, but given its particular advantages, it actually makes One time Pads feasible for communication... without having to eat the paper.
Quantum brute forcing is easy to account for. Just use a 2048 bit key instead of 1024. (or 4096, whatever). that said, I don't think 1024 will be secure enough in 10-15 years, even without quantum, long term secrets need vastly better encryption.
Also, if you people are going to start encrypting, how should we do a key exchange?
Quote from: Requia on July 10, 2009, 03:21:35 AM
Quantum brute forcing is easy to account for. Just use a 2048 bit key instead of 1024. (or 4096, whatever). that said, I don't think 1024 will be secure enough in 10-15 years, even without quantum, long term secrets need vastly better encryption.
If Quantum Computing really breaks out... I doubt 2048 would even be much of a bump. Elliptic Curve encryption or another scheme that doesn't rely on 'hard' problems like factoring large primes will probably be necessary.
Quote from: Requia on July 10, 2009, 06:34:53 AM
Also, if you people are going to start encrypting, how should we do a key exchange?
Well, with PGP/GPG it has to do with a level of trust. So we can create a Public and Private Keypair, post the public ones here and everyone can get a copy of each others Public Key. In a perfect world, we would all get together, or at least in subgroups and verify each key individually. That doesn't seem likely here. PGP/GPG does have an additional feature of a fingerprint which can be used to id the key via communication... then trust is based on the trust that you were really communicating with the person in question.
I think I'll start a new thread for GPG/PGP keys with a maybe with a quick "Here's what to do" at the top....
Good idea. I included something like PGP for Dummies with the Rogue Discordian download, but I have been less than stellar when it comes to learning the material.
Also, when it comes to Windows and flaws, I did hear the Russians thought Microsoft were putting in "flaws" into the computers sent to them in the mid-90s at the behest of the NSA. Now, this could be the usual Russian paranoia, or it could not be, I don't have the exact reports in front of me, and read them quite a while ago. I do know that at least one shipment was also interrupted and bugged en route to Moscow by the CIA, however.
Apparently, this is when the Russians got really interested in Linux and its more practical advantages over Windows....
Quote from: Ratatosk on July 09, 2009, 10:10:08 PMBackdoors in crypto have existed in the past... or at least potential backdoors. Dual_EC_DRBG was a random number generator pushed as a standard by NSA. Within a year or so of it coming out, cryptanalysis showed a bais in number selection which gave a strong supporting argument to the people saying the NSA was pushing the algorithm for their own reasons (it was slow and icky to begin with).
The Windows Crypto API was also strongly suspect for awhile (NT4 days I think), based on some flaws which could constitute a backdoor, if the flaws were intentional.
was this the one where the RNG had some theoretical pair of numbers that would be incredibly hard to figure out giving just the algorithm, but would totally break the security if someone knew this pair of numbers?
also, TIME IS RUNNING OUT:
http://www.schneier.com/blog/archives/2009/07/nsa_building_ma.html
at least, if we assume the paranoid scenario, what is the NSA going to do with all this computing power that just happens to be near major communications nodes? protect the public, surely :)
Key Thread: http://www.principiadiscordia.com/forum/index.php?topic=21479.0 (http://www.principiadiscordia.com/forum/index.php?topic=21479.0)
TZ: I think that was the RND issue in fact.
Cain: Yeah, I have no doubt that international espionage has often tried to include back doors etc in specific situations. Of course, in almost all of these instances it's been with secret closed source solutions, where no one can get in and verify what's going on.
YAY CRYPTO!
Quote from: Ratatosk on July 10, 2009, 02:09:54 PM
I think I'll start a new thread for GPG/PGP keys with a maybe with a quick "Here's what to do" at the top....
don't skimp on the crypto for dummies aspect if you just type in a bunch of acronyms (most crypto discussions degenerate into) it wont help much
"first DMF your SR5 Packet in your BRD node bla bla bla ETC...'
Quote from: fomenter on July 10, 2009, 04:48:05 PM
Quote from: Ratatosk on July 10, 2009, 02:09:54 PM
I think I'll start a new thread for GPG/PGP keys with a maybe with a quick "Here's what to do" at the top....
don't skimp on the crypto for dummies aspect if you just type in a bunch of acronyms (most crypto discussions degenerate into) it wont help much
"first DMF your SR5 Packet in your BRD node bla bla bla ETC...'
http://www.principiadiscordia.com/forum/index.php?topic=21479.0
Crypto For Dummies enough, or need a rewrite, clarification?
i will try to down load gnupg and follow them and see..
the first problem i hit is the gnupg site is written in acronyms ?? and it doesn't say if it works on vista or not, and the download doesn't have a run file for installation and i cant figure out how to install it .. i may just be to low tec to make this stuff work.
i tried drinking coffee and attempted it again same problem i guess i am cryptography fail how do you install - run gnupg??
ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe (http://ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe)
click that link, then run the executable.
Then install FireGPG:
http://getfiregpg.org/s/install (http://getfiregpg.org/s/install)
and restart Firefox.
Go to the Tools section, FireGPG and start the Key Manager. Create a new set of keys via the little wizard and you should be good to go.
the first link seems to be broken?
Weird, it works from the GPG page, but not from here... maybe they're blocking referrers to stop leeching dunno...
Anyway, go to http://www.gnupg.org/download/index.en.html (http://www.gnupg.org/download/index.en.html), scroll down to the Binaries Section and select the FTP link by
ยท GnuPG 1.4.9 compiled for Microsoft Windows.
got it thanks! on to the next step..
Quote from: Ratatosk on July 10, 2009, 05:57:42 PM
ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe
click that link, then run the executable.
fixed.
dunno what you did, but the URL of the link pointed to http://ftp://... :-)
Quote from: Triple Zero on July 10, 2009, 08:02:32 PM
Quote from: Ratatosk on July 10, 2009, 05:57:42 PM
ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe
click that link, then run the executable.
fixed.
dunno what you did, but the URL of the link pointed to http://ftp://... :-)
AH! Bastard SMF Tag! I URL'd it via the button and it added the http
http://pidgin-encrypt.sourceforge.net/
More fun encryption programs. This one is an end to end for gaim/Pidgin (this lets you do AIM, yahoo chat, msn chat etc from the same program), so you can have secure IMs.
Uses its own keychain, looks like it'll be automatic once its set up properly.
http://www.cypherpunks.ca/otr/ another one that appears to do the same thing, need to see if they're compatible.
cool I will check it out. I use pidgin, am "tripzilch" on AIM.
Compatibility appears to be a no, but I can run both at the same time.
the OTR plugin seems to offer more/additional security/privacy than the pidgin-encrypt plugin, according to the OTR FAQ:
Q: How is this different from the pidgin-encryption plugin?
A: The pidgin-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your past pidgin-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation!
So I'll just get OTR, then.