On Wed, 11 Oct 2000, Arnold G. Reinhold wrote:
The fact that some people put Medeco's in glass doors, doesn't mean Medeco should never develop a better lock.
I don't have a problem with people who manufacture locks. I have a problem with the people who sell them. A sign of irrational fear is when the thing that is the *symbol* of security -- in this case the lock, or the cipher, is made very strong -- but used in a way that does not afford good *actual* security. If the fear of being burgled weren't at least partly irrational, meaning if it were based mostly on experience rather than mostly on fear -- we'd be seeing doors with half-inch thick steel plates in them to provide the same level of security as the medeco lock -- and reinforced concrete walls to provide the same level of security as the door. Ditto ciphers. A strong cipher is like that Medeco lock, or even better - but if the "door" is a dumb key management policy, or the key is easily guessable, then what has been gained? Because what is a lock, really? It makes it harder to get in *without breaking anything*. But actual burglars could really care less whether they break some of your stuff -- provided it's stuff they can't steal. So if actual burglars were as common as the people who sell these fancy locks tend to make out in their sales pitches, most folks would know, from experience, that burglars who break a window or a door are far more common than burglars who pick a lock -- and would be demanding *actual* security, meaning windows, doors and walls made of unbreakable stuff, rather than just *symbolic* security, of a strong lock or a strong cipher. If you want to propose a "Paranoid Encryption Standard", IE, a system for people who actually *DO* expect people to spend several million bucks and hundreds of man-years and thousands of CPU-years trying to break it, then it's going to have to encompass a hell of a lot more than ciphers. Start with physical machine security -- put the box in a concrete bunker with armed guards, give it a flat-panel monitor and roll your own drivers and video hardware. Stick a thermite grenade with a photosensitive fuse in the hard drive box. Make a continuous circuit through all the case components, that will detect anybody taking the case off, and blow the HD if the circuit's broken. Do a couple dozen other things along this line, and you'll have the physical security thing covered about as well as your cipher protects the data. But you're not through yet -- you've got the lock and the door, but burglars can still come in through the windows and the walls. You've got to do some real serious data security as well. First of all, nothing unencrypted is EVER written to the hard drive except a bootstrap loader that prompts for a cipher key. When it gets the cipher key, it reads and attempts to unencrypt the rest of the boot record. There is NO swap partition, and no swapping OS is to be used. The system computes a new cipher key every day using a cryptographically strong random number generator, and notifies you of it in a pencil-and-paper cipher that you can solve. (on high-entropy binary data, pencil-and-paper ciphers are actually quite strong) That's the key you would need to use the following day. If you don't log on for one day, you will not have the key for the following day, period. Thus, if someone seizes your box and you can hold out for *one* day, the data is GONE. But the burglars can still come in, maybe, through the roof. So just to make sure of it, put a timer in there that blows the HD if it's ever been more than 24 hours since you were last logged on. *There's* your paranoid encryption standard. Use blowfish for the cipher, and the cipher won't be the weakest point. Bear