Current Crypto Trends with Bruce Schneier

Saint Aardvark writes "SecurityFocus has published an interview with Bruce Schneier. Fascinating stuff, especially the level-headed assessments of the NSA, spam and the impact of full disclosure: 'Q: Since most crypto protocols on the internet, such as SSL or SSH, uses public-keys to build a secure channel, wouldn't a unexpected public disclosure create a chaos on the internet ? A: No. Chaos is hard to create, even on the Internet. Here's an example. Go to Amazon.com. Buy a book without using SSL. Watch the total lack of chaos.'"

Interesting interview...

[nacturation]

Is it just me, or does the interview read mostly like "Stop asking me dumb questions"?

Re:Nothing constructive from Schnier anymore

[Tiresias_Mons]

I stopped reading the monthly cryptograms a while ago. I think BS is becoming a victim of his own pseudo-popularity. He still makes some valid points though, but its mostly reiteration of earlier things he said about peer review/disclosure, snake oil salesman, and the like.

Then part of me wonders if maybe he just doesn't care anymore and is sick and tired of people asking the same questions. Its gotta be tiring having to answer the same series of policy questions over and over again, especially when, as he always seems to retierate, nothing is ever going to be 100% secure, which isn't a very popular idea. Can't say I'd blame him really.

Please stop abusing the English language

[lelitsch]

I am certainly no grammar Nazi--actually, English is my third language, so I am far from perfect. But for the love of God, could the people at Security Focus please try to do some rudimentary editing and proofreading? I don't mind typos, but some of their questions are so wrong that they are very hard to read and understand.

"Do you think that NSA is promoting ECC based crypto because they cannot crack RSA/DSA based one?"

What?

"Or maybe just because they can crack RSA/DSA they prefer to protect USbusiness with ECC (supposed to be harder to crack)?"

Huh?

"What about crypto monopoly? Don't you think that having just a couple of public-key algorithms based on the same math problem could lead to a catastrophe if cracked ?"

This doesn't follow any European-language grammar.

But the next question takes the cake:

"Why is often used a money-rewarded challenge to verify a crypto algorithm?"

Current trends no different than past trends.

[Anonymous Coward]

The general public doesn't get it and doesn't want to get it. They don't care about computer security, once pwned they buy a new computer.

They don't care about homeland security either, just wave your arms and tell them that everything is more secure and they'll buy it. Restrict them as well and they'll swear it's more secure.

Security LOLOLOLOLOLOLOLOLOLOLOLOLOLOL

Re:bad example

[lukewarmfusion]

I read a couple of his SSL articles and understand where he's coming from. But I don't agree with the mentality that "it's not perfect, so why bother" that he seems to have.

WEP and SSL aren't perfect - but that doesn't mean you shouldn't use them. Some degress of "chaos" would result if you stopped altogether. Just head on down to Panera, the library, or a college campus and pick up all the email accounts, credit cards, etc. that you desire.

Uncrackable?

[hoka]

Puh-leaze. While in a reasonable amount of time he is contextually correct, "uncrackable" indicates that there is no way of cracking the code, which isn't true. These things can all be brute forced, even though it might take a really, really long time to crack.

Re:Interesting interview...

[spidereyes]

It does but it's nice to see someone with some balls for once give clearcut answers and actual references instead of the usual poppycock which has become standard. Most of the stuff you read is filled with so much fluff it's painful to read, Bruce just put it out there clear and simple.

What? No "sky is falling predictions?!?!?"

[inherent monkey love]

Isn't it funny how the people who really know security are rarely seen making doom and gloom predictions about the end of society as we know it? Most times I see a real security wizard speaking either at a conference or in an interview, they're pragmatic and reasoned in their answers to questions, even stupid ones. Why is it that the people in the best position to know about the security or insecurity of our networks are so calm and circumspect and the remainder of the industry seems hell bent of FUD?

Re:He didn't answer the question

[Spiked_Three]

Not true. I send my credit card through un-encrypted email all the time. People on the receiving end freak out and go into panic. Guess what? Never had a bit of trouble.
I hate to say it, but most of the people running around crying 'the secure sky is falling' are clueless (vast majority) or are trying to make money from it (Schneier et al.)
Crypto is part of a total solution. And as is always the case, the weakest link determines the overall strength. You can have the best military encryption on the planet, and if you write your password on a sticky note and tack it to the bottom of your keyboard the encryption doesnt do dick. There are far too many weak points on the internet, for someone who knows what is really going on, to get very excited about encryption.
How many of the thousands of ID thefts that occurred recently (Bank of America) were originated on a secure (SSL?) link? Answer: probably all of them. See? SSL isn't really all that helpful. Its one of those markets that was created to make money, and the vast majority of the public believe they are buying value.
While I generally take everything Scnierer says with a grain of salt (because I know he says what someone pays him to say) I'd have to agree with him on this one. No panic, no chaos, no big deal.

Well, in defense of Schneier's succinct responses

[MmmmAqua]

I don't think the interviewer has much knowledge about cryptography, or even security in general. I am judging solely based on the questions asked:

I mean TCP/IP does not use crypto, while a VPN does. Do you think that in the future we'll use crypto for every type of communication?
Which displays a fairly simplistic, and unfortunately common, grasp of security principles, which is: crypto makes things secure, and everything must be secure. The reality is that cryptography is part of a greater security process, and that not every communication *must* be secure. Do you care if someone hears you discussing the newest Family Guy episode at the office, or hears you say "Hi" to your coworkers? No. So why should you be concerned if you're transmitting SYN/ACK or a comment to Slashdot in a relatively clear manner? Secure processes should be implemented where they are needed, and nowhere else, or else security becomes a burden forcing users to find ways to circumvent it.

Should we use crypto to stop the spam problem ?
I hardly know where to begin. How should we use cryptography to prevent spam? There are ways and ways to reduce spam, and perhaps cryptography in the form of some type of message authentication will play a role in that or not, but this is like asking "Should we use hydrogen molecules to cure cancer?". Hydrogen molecules in what context or construct?

I'm no cryptographer, but (call me crazy) I expect a guy writing for SecurityFocus to know more than I do. Or at least to ask questions in an intelligent manner.

I emaila credit card number AND I LIVED!

[wsanders]

I've sent a credit card number unencypted over the Internet and - nothing bad happened!

It's just a matter of probability - if you have a 1 in 1000000000000000 chance of having a number stolen because of a problem with SSL, you probably have a 1 in 1000000000 chance of having THE packet with your credit card number stolen in transit because some baddie is snooping on the connection.

Of course, once your CC number arrives on the destination server, whether it arrives via SSL or plain-text HTTP, it is logged in world-readable log files and you are doomed.

Re:bad example

[swillden]

My bank, for example, displays account numbers in full on the screen. Seems like they would be forced to shut down accesses indefinitely, and since my bank is online-only, it means huge loss of business if not going out of business.

On-line only banks would indeed be in trouble until a replacement technology could be fielded.

Since SSL is a "pluggable" protocol, if RSA were broken, ECC, or Diffie-Hellman or something else could be substituted instead. This might require you to download a browser update, and would require your bank to make some changes on their end. Whether or not this would drive them out of business would depend on how they handled it, and what their current financial status is.

So: It would hurt a few companies for a short period of time. Some of them might be killed. Chaos would not ensue except perhaps in some of those companies and among their customers. The on-line only banks are a miniscule portion of the banking industry, though, and there aren't many other sorts of companies that would be as sensitive. I use an on-line brokerage that would also be affected. I could still make trades over the phone, though (they might have to add phone lines fast, and maybe upgrade their VRU system to handle the higher load).

The effect on the economy, even the on-line economy, would be negligible.

Re:Uncrackable?

[Jack9]

And a door that is shut but isn't airtight, is technically still open? Do you actually think that was insightful?

Ex: Election data encrypted and transmitted. You intercept it. If you the quickest you can decrypt, alter, re-encrypt and resend it, is 100 years after that election is concluded, how is it different from the algorithm being "uncrackable"?

I dont apply a time constraint to the usefulness algorithm alone, when thinking about security, I also have to apply it to the useful lifespan of the data. As far as I can tell, ppl want to keep their email addresses longer than their specific residences or even credit card numbers (in the U.S.) and they are frequently doing so. What's useful enough to want to protect longer than a couple thousand years?

The article implies that if you make your keys long enough, the computational advancement of machines will not endanger your data for a couple decades for CERTAIN...unless someone breaks modern mathematical factoring, at which time you can switch to something different like a lead safe.

Re:bad example

[JoeBuck]

You think that Internet commerce will break down if someone can sniff your credit card number. But then, when you go to a restaurant, you hand over your physical credit card to some waiter you don't know from Adam.

Re:No prize for you

[RupW]

All four of the sentences you quote actually are quite readable English. Two of them are perfectly grammatical. I'll make minor modifications in asterisks and bold to show you what I mean.

I disagree: the two you corrected aren't very readable without the modifications. Worse, they're confused on the technical details so a technically-informed reader will stumble: this still doesn't make sense:

because they cannot crack *an* RSA/DSA*-*based one?

unless "RSA/DSA" is a compound crypto scheme - which it isn't. Better: "because they cannot crack RSA- or DSA-based schemes".

Similar complaints with the second one. Additionally the "just" spoils the inferred rhythm as-read (and so the readability), and "USbusiness" should clearly be "U.S. businesses".

Third: he's talking about putting all your eggs in one basket cryptographically. That isn't "monopoly". Again there's readability problems with "having just a couple of" and writing "based" as an intransitive. I really don't think "if cracked" is well-formed either: I'd expect you'd need an explicit subject for "cracked".

But the fourth one? That can't possibly be right!

Why is often used a money-rewarded challenge to verify a crypto algorithm?"

"often used" here *isn't* an adverb phrase. It's not hyphenated for a start :-p. But let's pretend it is an adverb phrase: eliminate it and we've got "why is <noun> <infinitive>". That doesn't parse.

Re:Well, in defense of Schneier's succinct respons

[Anonymous Coward]

Quoth the poster: "The reality is that cryptography is part of a greater security process, and that not every communication *must* be secure."

Ah, but sometimes not having every communication secure can cause an insecurity in another way.

1. The fact that some of your communications are encrypted/secured gives an observer the information that you are transmitting something secret/sensitive when that occurs. That in itself can be valuable knowledge. For example, if the Army normally sends messages unencrypted to field personnel, and suddenly starts sending a lot of secure communications, that can give away that something big is about to happen.

2. If you secure all your communications, then someone trying to intercept a particular communication message must spend time decrypting all of them to get anything. They don't know which ones to look at.

I'm not arguing that all web traffic should be encrypted or anything like that. And you and I both know that VPN runs on top of TCP/IP, which makes the comparison a bit weird. But it is true that if the underlying transport mechanism (TCP/IP) were trustably secure, we might not need to worry about all these different kinds and layers of security on top of it. Just a thought.

Re:He didn't answer the question

[Spiked_Three]

I'd have to agree with that. I've never seen a lock stop someone who wanted to break into a house. I mean for god sakes, you have glass windows don't you?
Again, that uber hard steel deadbolt 10 feet from a pane of glass is about as stupid as it gets. The weak link sets the level of security.

Re:Well, in defense of Schneier's succinct respons

[rgmoore]

Do you care if someone hears you discussing the newest Family Guy episode at the office, or hears you say "Hi" to your coworkers? No. So why should you be concerned if you're transmitting SYN/ACK or a comment to Slashdot in a relatively clear manner?

That depends on how paranoid you are. If most of your messages are unencrypted, then the few encrypted ones stand out. Selective encryption is like putting a big sign on the encrypted messages telling eavesdroppers that they're worth listening to. If you encrypt everything (and run in through a good anonymizer proxy), then somebody who wants to monitor you has to decrpyt all your Family Guy discussions to find your few subversive messages. If you're really worried about security, you might want to keep up a high backround level of meaningless messages, which would both increase a listener's decryption load and help to foil attempts at traffic analysis.

Re:bad example

[Tack]

I thought the standard wisdom was that WEP is useless, so if you're serious, always use a VPN over your wireless. right?

That's true, but WEP isn't entirely useless as one layer in the system. If somebody is war driving down my street looking for an easy target, the few minutes it will take them to crack my WEP key is often enough to keep them driving on.

Think of WEP as a locked window. As a security system, a window is crap. It can be broken without any tools and you can even see what's behind it! But locking my windows and doors might help deter someone looking to swipe the $20 bill on my table. Of course, it also might not, so if they smash the window they'll have to deal with the noisy alarm that will go off. Similarly, anyone who takes the time to crack my WEP key will have to contend with openvpn.

In some senses, WEP is security through obscurity. A system shouldn't rely on obscurity for security, but it does contribute to a solution to certain types of problems. It's basically like tinting the windows of your car so nobody can see your nice stereo. "Nothing to see here. Move along."

Jason.

Re:Doing well on the SPAM problem?

[ajs]

"Sure, new spam filters can be pretty effective. But it takes a lot of resources to deal with spam in terms of hardware and network bandwidth. 75% of all e-mail traffic is SPAM. Millions upon millions a day."

And how does this have anything to do with what Schneier said? Yes, extracting signal from noise is expensive, presents problems of diminishing returns and the cost/benefit doesn't favor an end to the problem any time soon. However, he's correct: as far as the average person is concerned, spam is a relatively solved problem.

I heard an interesting quote recently: "any problem that can be solved by throwing money at it is not a real problem." Spam is not a real problem. It's a complication, but not a problem. Does it raise the price of business communications? Yes. Is that a problem? Not really, it just changes the economics.

The real problem is that the people in the trenches who are the recipients of said money develop a sense that they are fighting some sort of holy war against an adversary that will one day be defeated. I have news for you: you are a machine that takes a noise source with weak signal in and produces an amplified version of the signal with some noise reduction. Noise is not evil, and signal will never be "pure".