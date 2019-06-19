How Secure Are Zip Files? Senator Wyden Asks NIST To Develop Standards For Safely Sending and Receiving Files (senate.gov) 165
Federal workers and the public in general might be mistaken about the security of .zip files, Sen. Ron Wyden said on Wednesday [PDF], and he's asking the National Institute of Standards and Technology to issue guidance on the best way to send sensitive files over the internet. Wyden wrote: Government agencies routinely share and receive sensitive data through insecure methods -- such as emailing .zip files -- because employees are not provided the tools and training to do so safely. As you know, it is a routine practice in the government, and indeed the private sector, to send by email-protected .zip files containing sensitive documents. Many people incorrectly believe that password-protected .zip files can protect sensitive data.
Indeed, many password-protected .zip files can be easily broken with off-the-shelf hacking tools. This is because many of the software programs that create .zip files use a weak encryption algorithm by default. While secure methods to protect and share data exist and are freely available, many people do not know which software they should use. Given the ongoing threat of cyber attacks by foreign state actors and high-profile data breaches, this is a potentially catastrophic national security problem that needs to be fixed. The government must ensure that federal workers have the tools and training they need to safetly share sensitive data. To address this problem, I ask that NIST create and publish an easy-to-understand guide describing the best way for individuals and organizations to securely share sensitive data over the internet.
We already know. Public Key Cryptography. (Score:4, Informative)
GPG. Learn it. Use it. Love it.
The users aren't stupid. The technology is just a royal pain in the ass to use, even when you have a thorough understanding of how it works. Even security professionals don't want anything to do with it because it's such a minefield.
PGP is inherently flawed (Score:2, Informative)
Look, PGP doesn't work. It's a technically great solution except
... how do I exchange tokens? Where do I store tokens? How do I associate tokens with users? How do I authenticate tokens ... all of that shit needs to *just work*, and it can't as PGP is envisioned. Let's exchange tokens by email. But, the point of PGP is the assumption that email is compromised, so ... I have to somehow get her public key hash, out of band. And they have to send it, and I have to do something to attach it to his email addres
You have to do real work at some point. (Score:1)
At some point, you have to do the hard work of actually verifying some piece of data.
The point is to make the point of hard work well understood and self-contained; do it once, and then never look back.
There's no such thing as a free lunch. You've got to do the goddamn, motherfucking work at some point; but, you entitled pricks will not accept this fact about our Universe, which is why the OP said you're too stupid to get anything workable.
how do I exchange tokens? Where do I store tokens?
You exchange them using keyservers, or whatever method you want. The tokens are automatically saved for you in the keystore when you download them.
I have to somehow get her public key hash, out of band.
You don't have to do this. I mean sure the hardcore bearded gpg nerds to do the keysigning party thing, but you as an average user don't have to. Heck even a phone call would do. Or you can have them send you the hash via e-mail and then you download the key separately from a keyserver.
I have to do something to attach it to his email address, in whichever email app I'm using.
No you don't, the keys have fields for names and e-mail addresses, like th
The basic problem is what you're describing is still more effort than sending an encrypted
.zip file. We need software that makes email encryption as easy for the end user as accessing a secure web site is, or at least easier than creating an encrypted zip file and sending the key out of band. When we get there, people will start using encrypted email, but not until then.
No, there are human problems. GPG and other public key cryptography methods follow a concept of chain of trust. Users will routinely break the chain of trust and just mark any new key as trusted.
"New urgent task from CFO; *new cert detected* *Trust new cert?*"
"Hmm. well, it's from the CFO, so I should trust it."
That's the level most of the population is at with security. They don't question if something really came from the CFO. They trust the email subject line more than the signature.
You'd have to train users to download pubkeys only from the trusted keyserver.
Visicalc debuted 40 years ago and users are still hand-calculating fields and re-entering them into spreadsheets. You can't seriously be suggesting "user training" as a solution to the problem.
No it just means people haven't been taught. We need to stop assuming everyone's got a degree in ComSci and start with the assumption that most computer users can barely drive their mouse
And here is where things break down. There is no such thing as a trustworthy central server. This is why government loves PKI so much, they get more bang for their buck compromising a central trusted location, otherwise they have to dupe or exploit individual clients and the burden is too heavy.
The only hard part is finding people's public key. That's it.
It's on their desktop. In a file named "Public key", right next to a file named "Private key"
The reason it is a pain is because almost no email program has implemented it.
We learned to top quote, because that was the default setting. We learned ro send email in HTML, because that was the default setting.
So if a GPG signature would have been the defaullt setting, there would be no issue.
Even the signing only as a defauult would be a great thing to have. Is that email from my bank or from a spammer? The signed part would solve that.
And once that is commonplace to be used, people will find out how to
That's the point of the govt wanting standards defined. You and I , computer people, know how to secure shit. As the Hillary Clinton email fiasco showed however , you can't assume non computer people know how to do email or encryption safely. So guidance along with some active measures to enforce it is neccesary, cos your always gonna get grandma bureaucrat not knowing what she doesn't know unless someone knows to tell them
I was a contractor for the us govt, and I received zip files all day from employees for projects I was working on. This is business as usual.
Lately having gone through a vehicle change I was astounded that businesses and agencies involved had a universal solution to the problem of "OK, you want me to send you a photo of this document" and it was, "Oh just email it." Not even "email us an encrypted zip", just "email it to me". Fucking nutto. Though one did suggest, when I said that sounded rather insecure, that I should just encrypt the zip and then send the password in a separate email... for fucking serious they really did. I bet all their
Which one do you think is more secure?
Fax. Takes a lot more effort to hack a phone line.
Given that the connection between the email client and email server is secure connection, and email servers connect using TLS, why do you think emailing documents is insecure?
Can you vouch for the security of the SMTP servers that relays your email over the Internet?
For a congress-critter; Wyden is actually pretty sharp when it comes to technology, security, and privacy.
He also legitimately seems to care about citizens vs corporate interests in this matter.
(inb4 shill.)
Here is a thought (Score:1)
How about someone introduce the honorable gentleman from Oregon to GPG? A file encrypted by GPG with a 4096 bit key is mostly secure except from the boy and girls at certain 3 letter agencies.
Such a file may be secure, but it's also a royal pain in the ass to deal with. Any parties involved end up wasting a huge amount of time setting up complex software that's often very unintuitive and itself a royal pain in the ass to deal with.
There's a reason all of this software has failed to gain any real traction over the decades: users absolutely hate using it!
They'll find some other way that lets them do what they want, without the hassles of what you suggest.
How about you try working in Help Desk for a week and try to explain public and private keys and signatures to all the secretaries of your company and letting us know how that goes?
I have worked Help Desk, years ago and I am still helping people use GPG and Enigmail. It is not that hard. It just takes patience and good humor. It is possible it just requires people to do their job.
try to explain public and private keys and signatures to all the secretaries of your company
How's this:
A GPG key has two parts.
A private key, this one you keep private and safe.
A public key, this one you can make public and publish to a keyserver or send/give to people.
When someone wants to send an encrypted mail or file to you, they use your public key to do so. Then when you receive it you use your private key to decrypt it.
When you want to send an encrypted mail or file to others, you use their public key and they use their private key to decrypt.
GPG keys can also be used for verification to ensure that someone really did send an e-mail.
For example if you use your key to cryptographically "sign" an e-mail, the recipient can use your public key to check to see if the signature is good. If it is, you are the confirmed sender.
And vice versa if someone sends a signed e-mail to you.
" try to explain public and private keys and signatures to all the secretaries of your company"
Secretaries will follow well-written, complete, and correct instructions.
Engineers, on the other hand, will argue with the domain experts about the way they should have done it, make up their own procedures, and then complain when they've broken everything.
(Why yes I am an engineer. Why do you ask?)
And how is somebody suppose to know that they should use GPG & a 4096 bit key? From somebody on Slashdot? Typically for any institutional process standards are created & enforced. For the government that standards body is usually NIST. Those standards are the way to officially introduce the honorable gentleman from Oregon & his staff to GPG or whatever is deemed appropriate.
It's not him (Score:2)
This Senator is pretty tech savvy. His personal use is not what this is about. Once the NIST makes a ruling, then everyone in the government starts following it, and in regulated businesses (e.g. finance and healthcare). It's considered the minimum acceptable.
Read his request as "codify rules so people stop thinking this is okay", no "how to I encrypt?"
this is pointless (Score:1)
Last I checked, banks are already on top of this and have a good way of doing this with any type of file.
do we really need the government, the same people who were petitioning for weaker encryption, to develop standards?
most banks don't bother and will send you to their HTTPS web site (which hopefully is secure, otherwise they shouldn't be allowed to call themselves a bank) to retrieve your reports.
Sending reports by email is just not worth it.
That's what they do, as do utility companies and pretty much any place that does paperless billing - but in a couple ways that fails to provide arguably important functionality that physically mailed statements did.
1) Physical statements, once mailed, are an record that is now beyond
The government isn't monolithic: One department in the NSA tries to break codes, another points out security holes in encryption to companies to prevent cyberattacks, the US Navy helped develop TOR and the NIST (referenced in this article) had a hand is AES, SHA-1, SHA-2, etc. But NIST typically blesses standards, or chooses from proposals. For instance, in 2016 they disallowed certain NSA e
What is wrong with pgp? (Score:1)
It has worked extremely well for like 20+ years.
No. (Score:4, Informative)
Fix email security, so only the intended recipient can receive the file, and this problem goes away.
Fix email security, so only the intended recipient can receive the file, and this problem goes away.
This would require point-to-point transmission and would cease to be email or even analogous to mail in any way. The intended recipient's digital (and possibly physical) location would have to be known to the sending program, and the sender and receiver would have to set up a secure tunnel between each other. That's not email any more, it's encrypted AIM/Jabber/Messenger.
Do not confuse privacy with security.
Security means I got what you said I should get
Privacy means you and I only know what is in there.
Encryption can handle both. But does not have to.
Fix email security, so only the intended recipient can receive the file, and this problem goes away.
Does email you send regularly not go to the intended recipient? If so the problem might be between the keyboard and chair.
Does email you send regularly not go to the intended recipient?
It always goes to an SMTP server, which is not the intended recipient.
If so the problem might be between the keyboard and chair.
Your problem seems to be massive dishonesty between the spinal column and skull cap. You pretended to know shit. You dont know dick. Full stop.
The SMTP server acts on behalf of the recipient but provides little to no verification of that.
SMTP is sent by looking up the DNS (spoofable), receiving an IP (potentially spoofed), connecting to that IP and (maybe) checking the header (again, spoofable). Even a "secure" SMTP session does zero checking of the certificate authenticity - it doesn't have the kind of DNS-authority that HTTP insists open and you can perfectly well use a self-signed cert. Nobody is tracking "what cert each email server uses" on
Fix email security, so only the intended recipient can receive the file, and this problem goes away.
Why not just ensure that everyone in the world is a perfect citizen who would not read / instantly forget any information that is sent to them by accident? It's more achievable than your suggestion.
Super weak. (Score:3)
If you have a plain text version of any one of the files encrypted in a zip file, you can recover a key for the encryption, allowing simple decryption of all files.
Not peer reviewed, but:
https://securiteam.com/tools/5... [securiteam.com]
Perhaps the most important part of that page is this section:
"Also remember that before attempting to crack the password, pkcrack outputs the 3 key set used by PKZip. These keys can be used to decrypt the file without having the actual password. The tool 'decrypt' in the pkcrack toolkit does just that."
It's incredibly quick to decrypt the files if you don't care about recovering the original password.
The default ZIP encryption is extremely weak, yes, however there are extensions to use more sophisticated ciphers like AES. The problem is, most people don't know, don't use, or don't have a clue that you can encrypt ZIP files securely, how to configure it, or even if their software supports it. (It, like ZIP64, is a horrible mess of competing standards, so software ends up having to support all variants of an implementation, but there's always some variant unsupported, which is the one you have).
What NIST really needs to do is standardize the follow up to the ZIP standard with 64-bit file support (for files larger than 4GB), proper encryption support, and have decode only support for the ex-competing standards as deprecated so you can still unzip legacy ZIP files.
The heart of the problem (Score:2)
If you have idiots design it, you get something that is both insecure and hard to use (like the requirement to change your password every three months. I'm still not entirely sure what attack vector they are looking to stop with that one).
Secure Email? VeraCrypt? LUKS? (Score:2)
even if ZIP was secure (Score:3)
How do you send the password? Inside another password-protected ZIP?
Even if one channel is compromised, how likely is it that both are?
(Works for two-factor authentication)
Serious answer from actual practice of fairly sensitive documents? Here you go: Send an e-mail with a password-protected zipped attachment (or maybe password protected PDF file). Write: "I will send the password in a separate e-mail." Send the next e-mail 10 seconds later with: "Password is mickeymouse". We of course don't send files this way, but receive documents like this far too often (well, not that often, but more than once a year).
There are plenty of ways of sending the password. The basic approach is to send it to them out of band, i.e. by text message, phone, etc. It's not a perfect solution- if somebody is really out to get you they could tap your phone- but it would require the person trying to steal the data to hack two means of communication instead of just one.
It's better than nothing, but not by much. If someone gets into your email account then the password protection is for nothing, however if someone is doing some automated scraping of data passing through the internet an encrypted PDF/zip will likely be ignored as too much hassle for a drive-by. It also helps for when people leave files lying around on USB sticks or on file shares that anyone can see, or it gets synced to their icloud which they let other people into, etc. etc. Chances are surprisingly high
How secure does it need to be? (Score:1)
Password Zip files protect against casual, lazy criminals, much like your front door lock does. Before anyone goes off about how this isn't accurate, and just how easy it is to break a zip file, I'd point out that lock picking is also very easy, and you can just buy a freaking pick gun that'll open many locks without much effort. Or you can just kick down the door, since the door frame itself is of poor quality.
Sending files securely isn't really all that much of a secret, and NIST making some "official d
Or you can just kick down the door, since the door frame itself is of poor quality.
Or for doors that open outward, which are surprisingly common, you can ignore the lock and just tap the pins out of the hinges.
Question (Score:3)
Such as? Asking for a friend.
Not Surprising (Score:2)
Glad you asked, Senator! (Score:5, Interesting)
What's interesting about this is that a Senator is asking. Someone in government. And it turns out there's an answer to his question (many other people have already mentioned it) called OpenPGP. I think these things are related in an important way.
You see, everyone's gripe about OpenPGP is that they've never met anyone in real life (even your best friends and family, apparently, not to mention coworkers) so you've never had the opportunity to exchange fingerprints and sign each other. And since you don't know anyone, you can't introduce anyone to anyone.
You know who has met everyone, Senator Wyden? The government.
Hey, feds, if you'll certify my identity enough to issue me a passport, you ought to have signed my key. Hey state, you issued me a driver's license? Then sign my key too. Hey bank, you asked to see my government id and then after that, have had a many-decades-long relationship with me? Sign my key, because you really do know exactly who I am. Hey, school. Hey, employer. Hey, whatever-the-fuck community organization. Hey, church. Hey, favorite bar, sign my key, because you've certainly checked my id enough times.
Some of that is beyond any Senator's power to demand. And some of it isn't.
As for why the government might not want to become a giant node in the web of trust, all I can think of is that they would prefer that communications not be too secure. If they start signing people, that legitimizes cryptography and of course other people and entities would sign the key too, so when the government tries to mitm someone, they'd be discovered. Is that the problem, Senator?
The Bank don't know who you are, their machine recognises your customer ID and handles moving around the numbers that represent your money. They've no interest in you beyond your ability to make them money; in the past a person at the bank would be able to greet you by name and would probably know your balance and your general banking habits.
The government could probably be turned in to a system that is good for signing people's keys but in the UK at least it's not yet such a thing IMO.
The right place for key signing is the DMV. Everyone with an ID can have a key. None of that other stuff should be necessary.
SCP? SFTP? HTTPS? (Score:2)
The problem here is that most internet users have no idea what the basic underlying internet protocols are. People only know "apps" and "sites." So if they want to communicate with someone, instead of asking the person "What protocols do you support? Should I SFTP this to your site? Or would you rather I do an HTTPS file upload?" they ask "Do you use Facebook? Or Gmail?" Folks, the internet is fundamentally broken because of this. We have to educate people that all these problems of privacy and secu
Really, it isn't just the end-users fault. It's the developers fault too. Some developer is assigned the job of making a backup solution, and instead of using SFTP, they make their own custom protocol based-on REST over HTTPS with Facebook for the authentication.
S/MIME? (Score:2)
I thought we did have a standard: S/MIME. You need to get an e-mail certificate (or generate a private key and x.509 certificate yourself) to use it, but that's not that hard a task.
Hand deliver it (Score:2)
Ever notice we still have Fax machines? There's a reason for that.
NIST: Internet operator's certification (Score:2)
It's better to burn out than it is to rust.