How would you do that ...
Hi all, a little project I am working on. https://lists.gnupg.org/pipermail/gnupg-users/2021-May/065124.html Regards Stefan
On 5/3/21, Stefan Claas <spam.trap.mailing.lists@gmail.com> wrote:
a little project I am working on. https://lists.gnupg.org/pipermail/gnupg-users/2021-May/065124.html
----- Stefan Vasilev stefan.vasilev at posteo.ru May 3 2021 here is a little scenario. Alice and Bob needs to find a way to do encrypted communications globally. The task is the following: Alice needs to travel to a foreign country without any devices (laptop, smartphone etc.). At arrival she needs to communicate daily (no real time communications) with Bob to exchange encrypted documents. Alice is not allowed to login in any services, like her Gmail account, social media etc. to not reveal her login credentials. She can't use Tor, because at her destination Tor is blocked. The only option she has is to use Internet Cafés or public libraries etc. She is aware that at an Internet Café keyloggers may be installed. Last but not least she does not carry any notices on paper with her. How would you solve this task? ----- You say the box has been compromised, thus the crypted docs and all app sessions and [meta]data connections happening on the box can be totally captured, and your face at the venue... all such usually lead to failure. And since you say you have no secure devices, this implies you are forced to use the compromised box to [de]crypt and read/write the plaintext docs, perhaps those also on camera too, all of which are failure. Nor can you do practical crypto outside the box/venue of entire big daily "docs" with pencil, or in your head. Your stated problem is unsolvable without access to a secure device. Get a secure device. Or accept risk of booting your OS on the untrusted hardware. Or use pencil size text "docs" for which you will need a PSK (or a KEX proto which will be even more pencil msg overhead). Or give up and go offline out of band, or out of the country, or revolt.
On Tue, May 4, 2021 at 4:55 AM grarpamp <grarpamp@gmail.com> wrote:
You say the box has been compromised, thus the crypted docs and all app sessions and [meta]data connections happening on the box can be totally captured, and your face at the venue... all such usually lead to failure. And since you say you have no secure devices, this implies you are forced to use the compromised box to [de]crypt and read/write the plaintext docs, perhaps those also on camera too, all of which are failure. Nor can you do practical crypto outside the box/venue of entire big daily "docs" with pencil, or in your head.
Your stated problem is unsolvable without access to a secure device.
Get a secure device.
Or accept risk of booting your OS on the untrusted hardware.
Or use pencil size text "docs" for which you will need a PSK (or a KEX proto which will be even more pencil msg overhead).
Or give up and go offline out of band, or out of the country, or revolt.
No, not giving up. It should serve as an exercise for the interested reader. :-) Alice can, once arrived at her destination, purchase a brand new notebook. The thing which she then needs to figure out can she or Bob send some stuff in advance to her Hotel, she will book in, or some other place, in a tamper resistant bag? And what if the bag was compromised? The bag would include a serial USB to USB cable and something like a Kanguru Defender USB stick, with some goodies on it. The thought here is that equipped with a brand new notebook, Alice can write her stuff, encrypt it and once she arrives at an Internet Café she feeds securely data to the compromised Café computer, assuming trojans etc. can not go through a simple serial terminal program transfer. Part two is the daily communications, which requires no log-in in any kind of service. Fax communication/telegrams are ruled out, because of possible large data amounts to be transferred. Regards Stefan
"Keyloggers" implied you only had broken boxes. But now you say that you buy box. There is no "serial USB to USB" cable. There is "USB" cable. There is "serial (TIA-232-F)" to "USB" convertors. BadUSB exploits apply across USB to USB. qr cd floppy tape sd as alternates. You have more data options... https://www.youtube.com/watch?v=kWp6hZ-5ndc https://en.wikipedia.org/wiki/RS-232 https://en.wikipedia.org/wiki/USB https://en.wikipedia.org/wiki/USB_flash_drive https://github.com/topics/badusb "firmware on your device is the NSA's best friend it's reasonable to assume that all firmware is a cesspool of insecurity" It's all workarounds, throwing such oppressors out in revolt, and not installing anyone in its place, is the actual fix to the problem. People trying to do that with computers has proven to be a colossal inefficient waste of many years. Go outside and play.
On Wed, May 5, 2021 at 2:27 AM grarpamp <grarpamp@gmail.com> wrote:
"Keyloggers" implied you only had broken boxes. But now you say that you buy box.
There is no "serial USB to USB" cable. There is "USB" cable. There is "serial (TIA-232-F)" to "USB" convertors.
I mean this one: https://www.ftdichip.com/Support/Documents/DataSheets/Cables/DS_USBNMC.pdf Do you think, or better have a URL explaining if someone attaches such a cable to a compromised PC and a brand new notebook that a trojan is capable of reaching the notebook? These cables work with CoolTerm for example, where a user sees how many bytes will be transferred. If the answer is yes, what about audio cable data transfers, which are much slower (baud rate wise)? If again the answer is yes too, than encrypted fax communications in a copy shop are the better option, at least for Bob to acknowledge the data reception from Alice, so that she knows that Bob received the data. Regards Stefan
On Wed, May 5, 2021 at 4:30 PM Stefan Claas <spam.trap.mailing.lists@gmail.com> wrote:
If again the answer is yes too, than encrypted fax communications in a copy shop are the better option, at least for Bob to acknowledge the data reception from Alice, so that she knows that Bob received the data.
For encrypted Fax communications Alice and Bob can use my b2w encoder/decoder along with Google's format preserving encryption Adiantum, which I also offer. And if a Fax machine is not available Alice or Bob can send short voice encrypted messages with Adiantum too and use my bin2nato encoder/decoder, which beats internationally the PGP wordlist or mnemonicode, so that a six year old kid can use it internationally, while you can't do that with non-native English speakers using the PGP wordlist or mnemonicode. Regards Stefan
The below text is in my gmail drafts. In my memory, I was pretty sure I had further revised it and sent it. However, here it is as only a half-revised draft, somehow. Storing on the list to close my weird experience: You're already hosed because I posted this idea to this list, but here it is: In the destination country, get a job in something like machine learning or cryptography so that working with weird stuff fits your profile. Encrypt data into normal conversation like an experienced criminal would. Perhaps you could independently train GPT-2 on a huge shared secret. Send conversation to an innocuous recipient via a public channel. Intended recipient acquires text from public channel. Can reply to a either innocuous recipient or communication channel. Replies as the recipient. Could do website behavior knocking (click links on a host in a pre-arranged or cryptographic order) if you needed an out-of-band channel. The situation has a lot of unknown parameters. Get a common job and use your new laptop for two years before beginning communications.
On Thu, May 6, 2021, 4:49 AM Karl <gmkarl@gmail.com> wrote:
The below text is in my gmail drafts. In my memory, I was pretty sure I had further revised it and sent it. However, here it is as only a half-revised draft, somehow. Storing on the list to close my weird experience:
You're already hosed because I posted this idea to this list, but here it is:
I recall I had repeatedly further revised this introductory line and settled on wording including "these are only ideas".
In the destination country, get a job in something like machine learning or cryptography so that working with weird stuff fits your profile.
Encrypt data into normal conversation like an experienced criminal would. Perhaps you could independently train GPT-2 on a huge shared secret.
Send conversation to an innocuous recipient via a public channel.
Intended recipient acquires text from public channel. Can reply to a either innocuous recipient or communication channel. Replies as the recipient.
I recall I had revised this such that the intended recipient replies to an unrelated innocuous recipient as themselves. I thought this might reduce weirdness that a surveillance system might profile -- e.g. law enforcement oriented systems would be more likely to notice behaviors associated with pretending to be somebody else. My revision was lost.
Could do website behavior knocking (click links on a host in a pre-arranged or cryptographic order) if you needed an out-of-band channel.
The situation has a lot of unknown parameters. Get a common job and use your new laptop for two years before beginning communications.
I recall I had removed this final paragraph, after making the starting paragraph regarding getting a job. My revision was lost. I recall sending the message, but considering that my idea needed better rearchitecting around the specific concerns and skills of the people in the thread, before sending it.
Encrypt data into normal conversation like an experienced criminal would. Perhaps you could independently train GPT-2 on a huge shared secret.
I had proposed a shared secret could involve something like the text of a an agreed-upon public document encrypted with patterns from your iris. The revision containing that was lost.
You would need to research... - if BadUSB requires the host OS to program the firmwares in one or both of the host and mated usb chips, or if also a usb chip can alone program the firmware of the usb mate that is plugged into it. - if that cable speaks dumb serial over its middle, or a usb protocol as if mated over middle wire. Usb to dumb serial proto converters exist in that case. Then even some more coded escapes could be filtered out down to only ASCII with some makerboard in middle etc. Because "bytes" to the app are not necessarily what extra bytes are flying on an underlying proto bus. Don't cross infect stuff. https://www.youtube.com/watch?v=jyaLZHiJJnE FTDI has stories about driver "intellectual property".
what about audio cable data transfers
Someone posted some qrcode tools among talk of bitstreams over video patterns. Maybe there is some secret encoded data message between speaker and earphone, or not, no cable needed ;) https://www.youtube.com/watch?v=IOqxarVWKRs
participants (3)
-
grarpamp -
Karl -
Stefan Claas