CDR: Re: Rijndael & Hitachi
Ray Dillinger
bear at sonic.net
Wed Oct 11 13:09:48 PDT 2000
On Wed, 11 Oct 2000, Arnold G. Reinhold wrote:
>The fact that some people put Medeco's in glass doors, doesn't mean
>Medeco should never develop a better lock.
I don't have a problem with people who manufacture locks.
I have a problem with the people who sell them.
A sign of irrational fear is when the thing that is the
*symbol* of security -- in this case the lock, or the cipher,
is made very strong -- but used in a way that does not afford
good *actual* security.
If the fear of being burgled weren't at least partly
irrational, meaning if it were based mostly on experience
rather than mostly on fear -- we'd be seeing doors with
half-inch thick steel plates in them to provide the same
level of security as the medeco lock -- and reinforced
concrete walls to provide the same level of security as
the door.
Ditto ciphers. A strong cipher is like that Medeco
lock, or even better - but if the "door" is a dumb
key management policy, or the key is easily guessable,
then what has been gained?
Because what is a lock, really? It makes it harder to
get in *without breaking anything*. But actual burglars
could really care less whether they break some of your
stuff -- provided it's stuff they can't steal. So if
actual burglars were as common as the people who sell
these fancy locks tend to make out in their sales pitches,
most folks would know, from experience, that burglars
who break a window or a door are far more common than
burglars who pick a lock -- and would be demanding
*actual* security, meaning windows, doors and walls made
of unbreakable stuff, rather than just *symbolic* security,
of a strong lock or a strong cipher.
If you want to propose a "Paranoid Encryption Standard",
IE, a system for people who actually *DO* expect people
to spend several million bucks and hundreds of man-years
and thousands of CPU-years trying to break it, then it's
going to have to encompass a hell of a lot more than
ciphers. Start with physical machine security -- put
the box in a concrete bunker with armed guards, give it
a flat-panel monitor and roll your own drivers and video
hardware. Stick a thermite grenade with a photosensitive
fuse in the hard drive box. Make a continuous circuit
through all the case components, that will detect anybody
taking the case off, and blow the HD if the circuit's
broken. Do a couple dozen other things along this line,
and you'll have the physical security thing covered about
as well as your cipher protects the data.
But you're not through yet -- you've got the lock and the
door, but burglars can still come in through the windows
and the walls. You've got to do some real serious data
security as well.
First of all, nothing unencrypted is EVER written to the
hard drive except a bootstrap loader that prompts for a
cipher key. When it gets the cipher key, it reads and
attempts to unencrypt the rest of the boot record.
There is NO swap partition, and no swapping OS is to be used.
The system computes a new cipher key every day using a
cryptographically strong random number generator, and notifies
you of it in a pencil-and-paper cipher that you can solve.
(on high-entropy binary data, pencil-and-paper ciphers are
actually quite strong) That's the key you would need to
use the following day. If you don't log on for one day,
you will not have the key for the following day, period.
Thus, if someone seizes your box and you can hold out for
*one* day, the data is GONE.
But the burglars can still come in, maybe, through the roof.
So just to make sure of it, put a timer in there that blows
the HD if it's ever been more than 24 hours since you were
last logged on.
*There's* your paranoid encryption standard. Use blowfish for
the cipher, and the cipher won't be the weakest point.
Bear
More information about the cypherpunks-legacy
mailing list