On Thu, Jun 16, 2011 at 5:27 PM, James A. Donald <jamesd@echeque.com> wrote:
On 2011-06-17 4:02 AM, Nico Williams wrote:
Crypto is no more than an equivalent of doors, locks, keys, safes, and
hiding.
The state can break locks, but it cannot break crypto.
Hiding *is* effectual against the state - and long has been even before crypto.
The key word here being *effectual*. Crypto is effective, but some of your posts make it seem to be a panacea, similar to how Bruce Schneier originally thought (see preface of *Applied Cryptography*) that cryptography was going to be the salvation of information security. Crypto certainly has a major role to play in ensuring confidentiality and integrity, but it is not an be-all andend-all. The point is, the state doesn't always *need *to *break *crypto to get your secrets. To that end, I think you are misinterpreting what Nico was trying to say, which was, crypto is no guarantee that you can hide things from the state, at least as it is practiced by the general populace. Specifically, if that "state" is some corrupt regime, crypto *may*[1] help, but it will not ensure with 100% certainty that your secrets will remain confidential from the state. For that to be true, everything would have to be secure, from the OS all the way down to all the firmware. (See Ken Thompson's ACM Turing Award lecture, *On Trusting Trust*.) You'd also have to eliminate all possible side channel attacks such as EMF leaks. And even if you are secure from attacks coming from all those threat sources, an unscrupulous state will have no compunctions about using a rubber hose attack on you or ones you care about to get your secrets or get you to divulge your crypto keys. (Someone in an earlier post mentioned how it is already getting close to that in certain criminal cases in England. How much worse would it be with a corrupt regime not following principled rule-of-law at all?) While I don't want to put words into Nico's mouth, I think he was merely trying to point out the difference between the use of crypto in theory and crypto in practice. _________ [1] Using crypto in a fascist or otherwise corrupt state where crypto is not the norm may have the opposite affect of drawing attention to yourself and arousing the suspicion of the state. So in such cases, one at least needs to account for plausible deniability, otherwise you'd be better off keeping your head low so as not to be noticed in the first place. -kevin -- Blog: http://off-the-wall-security.blogspot.com/ "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents." -- Nathaniel Borenstein _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE