On pgp

["Dave Farber" <dave () farber net>]

---------- Forwarded message ---------
From: Dewayne Hendricks <dewayne () warpspeed com>
Date: Thu, Feb 23, 2017 at 10:58 PM
Subject: [Dewayne-Net] on pgp
To: Multiple recipients of Dewayne-Net <dewayne-net () warpspeed com>


on pgp
By ~stef/blog/
Feb 23 2017
<https://www.ctrlc.hu/~stef/blog/posts/on_pgp.html>

History

First and foremost I have to pay respect to PGP, it was an important weapon
in the first cryptowar. It has helped many whistleblowers and dissidents.
It is software with quite interesting history, if all the cryptograms could
tell... PGP is also deeply misunderstood, it is a highly successful
political tool. It was essential in getting crypto out to the people. In my
view PGP is not dead, it's just old and misunderstood and needs to be
retired in honor.

However the world has changed from the internet happy times of the '90s,
from a passive adversary to many active ones - with cheap commercially
available malware as turn-key-solutions, intrusive apps, malware, NSLs, gag
orders, etc.

Archive & Compromise

Today it is cheap for a random spy agency to archive all encrypted messages
for later decryption - if necessary. A few years ago in the spy files of
Wikileaks there wasFinfly ISP (PDF) - a proxy that infected binaries during
download at the ISP. Since then the hacking team leak got us an in-depth
look at who is buying this kind of mass spy gear. While Data Retention is
repealed in the EU by the court in Strasbourg, many countries still
practice this, in addition to taps by domestic intelligence agencies which
can easily filter out PGP messages. Deploying some malware on persons of
interests to recover their secret keys and the password is a cheap
operation that can be executed even after minimal training.

Models

What discussion about PGP's obsoleteness lacks, is something that is very
much required in cryptographic discourse: the adversary model, a set of
actions the adversary can perform. Those cryptographic adversary models
however, might be a bit to deep mathematics for many end-users, for them I
came up with the quite populist 4c model, there's only four generic
adversaries classes:

Today it is cheap for a random spy agency to archive all encrypted messages
for later decryption - if necessary. A few years ago in the spy files of
Wikileaks there wasFinfly ISP (PDF) - a proxy that infected binaries during
download at the ISP. Since then the hacking team leak got us an in-depth
look at who is buying this kind of mass spy gear. While Data Retention is
repealed in the EU by the court in Strasbourg, many countries still
practice this, in addition to taps by domestic intelligence agencies which
can easily filter out PGP messages. Deploying some malware on persons of
interests to recover their secret keys and the password is a cheap
operation that can be executed even after minimal training.

Models

What discussion about PGP's obsoleteness lacks, is something that is very
much required in cryptographic discourse: the adversary model, a set of
actions the adversary can perform. Those cryptographic adversary models
however, might be a bit to deep mathematics for many end-users, for them I
came up with the quite populist 4c model, there's only four generic
adversaries classes:

        • Citizens
        • Criminals
        • Corporations
        • Country-level actors

Is PGP a reasonable tool to protect against other citizens? Probably yes,
unless your kid or wife's PI installs a remote access trojan (aka is an
active adversary). Is it good against criminals? Probably, but only because
it's not economical for criminals to extract value from your cryptograms.
Does it protect against corporations? Probably as long as they stay within
the law and don't siphon down everything they find anyway (i.e. smartphone
apps). Does it protect against country level actors? Most probably not.

Unsuitable models

Consider your average investigative journalist or whistleblower, with
windows or a mac, that they haven't updated because then their kids
favorite game doesn't run anymore or they simply don't want windows 10. An
encrypted message archiving adversary is able to read your mails using a
simple active malware attack, copying your secret key and logging your
password for it. After this is captured, the malware can and should remove
itself.

In "first" world countries like France where there's now a "state of
emergency" or the UK with their snoopers charter or the dutch who just
passed another dystopian dragnet surveillance bill, this directly affects
climate activists as much as labor unions or journalists. The case is
probably even worse in Turkey or any of the Eastern Bloc states. This makes
forward secrecy a mandatory requirement, as this implies that the malware
has to be constantly active and thus also enhances chances of detection and
mitigation, and also requires much better trained personal to operate.

[snip]

Dewayne-Net RSS Feed: <http://dewaynenet.wordpress.com/feed/>



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170223232523:407D570A-FA49-11E6-9059-EDB496F546EA
Powered by Listbox: http://www.listbox.com