Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

engineered weakness

From: "David Farber" <dave () farber net>
Date: Thu, 11 Aug 2005 10:57:56 -0400


-----Original Message-----
From: "David P. Reed"<dpreed () reed com>
Sent: 8/11/05 8:32:37 AM
To: "dave () farber net"<dave () farber net>
Cc: "Ip Ip"<ip () v2 listbox com>
Subject: engineered weakness

Dave - I've avoided weighing in on this debate, but I can't help trying 
to simplify it since so many non-credible claims are being made.

The problem is this:  to convince yourself technologoically that your 
communications cannot be tapped, you need three key things:

a. A pre-existing arrangement that lets you know who you are talking to 
with absolute certainty. (authentication protocol and system, including 
all means for issuing and distributing keys)

b. A communications medium that does not leak information specific to 
your communications activity to observers. (a very low signal to noise 
channel for all observers and *collections of observers acting in concert*).

c. Transparency into the operation of all of the tools you use to access 
the communications medium and validate the arrangement.

In practice, none of these can be satisfied with certainty, precisely 
because the communications problems to which we apply the technology 
have the following human needs:

1. To communicate with people we've never met and have never set up a 
relationship with.

2. To use finite and highly observable media that have bottlenecks, etc. 
where encrypted traffic can be extracted, correlated by multiple 
observations and statistically datamined.
Radio and inter-connected networks using gateways have these properties.

3. The practical difficulties of understanding all of the elements of 
the communications system, even if the code is theoretically available 
to you and your partners.  (e.g. how many people understand that SSH is 
trivial to attack using techniques based on arpspoofing, certificate 
capture, keylogging, bios hooking, etc.).

Personally, I have to presume that my communications are always somewhat 
insecure, and at best I can manage the cost so that only the really 
determined and large-scale operators can read my stuff.   Any "security 
expert" that tells you they can achieve otherwise - including those who 
say that quantum encryption is an answer! - really don't understand the 
communications security problem, and should not be trusted, IMO.

Coming back to CALEA, the real worry I have is that the LE community is 
pursuing the idea that they have the right to lower the cost to 
themselves of observing all communications at will, while imposing two 
costs:

- making all communications more systematically vulnerable to 
illegitimate observation and tapping.   Whenever you lower the cost to 
wiretap by fiat, you prevent the users from acting to protect their own 
communications.  LE spends no time on protecting people against 
wiretapping, and it's that behavior that is provably on the rise today 
as information becomes more exploitable and more digital.

- imposing costs for engineering systems based on "requirements" from LE 
that have not been fully shown to have benefits in actual use.   "Trust 
us", we're professsionals, is the message we hear.   But in fact the 
professionals making the design decisions do NOT know how the wiretaps 
actually reduce crime or danger to society.   They are merely engineers 
attempting to translate a mandate.

It's clear that our security depends on the ability for some mutual 
observation of behavior to occur among the members of society - it's the 
"immune system" that keeps the society growing and relatively healthy in 
the sense that we continue to work out our differences together rather 
than devolving into wars and gangs.   It's also clear that we trust LE 
to hold a special role.   But LE is not the primary purpose of our 
society, and we need to consider the needs of LE regarding 
communications in the context of the much more complex role that secure 
communications plays in our society today.

It doesn't help for LE to trivialize the impact of engineered weakness, 
and it doesn't help for the engineering community to trivialize the 
problem of security into debates about the relative security of CDMA 
cellphones vs. Skype vs. SSH (which are more alike in their weaknesses 
than different in their strengths).

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: