Crypto Wars by Black Boxes and Standards
Intelligence services go after cryptography. That’s the news you have probably read in the past weeks. That’s no surprise. They have been doing this for centuries. If your job is to intercept and analyse communication, then cryptography gets in your way (provided the target uses it properly). Intelligence services have been dealing with creating and breaking ciphers since their existence. How do you break cryptography? What can you do to attack encrypted communication? There are multiple ways to obtain messages in clear text.
- Attack the encrypted data!
This is widely known as cryptanalysis. Basically you intercept the encrypted message and try to deduce the plain text. Given sufficient failures in the history of cipher designs, this is pretty hard with most modern ciphers. Algorithms used today are developed and tested to withstand attacks like this. Of course, nobody is perfect, errors in implementation or ciphers used in a wrong way can make cryptanalysis easier. But even provided the target does everything right (remember, crypto is hard), you can always try to guess the encryption key(s) by brute forcing lots of keys and see whether a combination unlocks the secret. Modern hardware will help you here, but still you have to pay the bills for electric power. - Get the key(s)!
Since key management is hard, few organisations have the luxury of doing this on their own. PKI and certificates rule most encrypted communication. With centralised management you may not need to brute force them. Instead you can copy them (no one steals digitally, it’s all just copies), possibly with a polite dose of legal blackmail if your actions are backed by the government. Sometimes this doesn’t work, but mostly it does. Doesn’t have to be the keys though, handing over the decrypted messages will do fine, too (for all you „cloud“ lovers out there). - Attack the client!
High-end servers, smartphones, personal computers, washing machines, TV sets, elevators, network switches, power plants and digital cameras often share a common property – you can break them and run your own code. Why attack the cryptography when you can sit at either end-point and peek at the message before it gets encrypted? Welcome to the wonderful world of malicious software! Cybercrime has embraced this opportunity decades ago. It seems others have caught up. - Attack the hardware!
Quite some cryptographic operations rely on high quality random numbers. You need them when creating keys for example. Decent randomness is hard to come by. Usually rare randomness is mixed with mathematical methods (so called pseudorandom number generators) to get the job done. There are hardware random generators to help you there. They use physical processes containing randomness to boost random number generation. Great! The disadvantage is that they are contained in a chip and cannot be audited easily. If the manufacturer decides not to publish the internals, then you are stuck with believing what they disclose. There is no way you can check whether this device will always work as it is intended to. Of course you can run statistical tests, but your hardware chip might have some extra features you don’t know about. There is a publication describing parts of a computer chip which can exhibit malicious behaviour.
A compromised random number generator can lead to weak cryptographic keys which can be broken in a fraction of the time you usually need. - Attack the standards!
Given that cryptography is very hard to understand, few people follow the standardisation process (compared to more popular activities, no offence). Of course, mathematicians are part of it. However, once a standard is chosen, most of the implementation follows the guidelines. There is already an ongoing discussion about standards proposed by the US-American NIST about deliberately weakening encryption standards. Once a standard is deployed in the real world, changing the implementation is next to impossible (i.e. you cannot modify all devices using IPsec worldwide easily).
The impact of recent revelations still can’t be assessed. The discussion has just started. If you know about cryptography, you can work your way around some of these threats. If you rely on outsourcing, you very probably can’t do anything (again, imagine the word „cloud“ weaved into the sentence). You can always use superencryption to boost your communication, but this requires extra steps and extra keys. Security doesn’t come for free, but advice sometimes does.
If you are interested in getting to know your options, maybe you should attend DeepSec 2013. The current events will most definitely be discussed there. ☺