so, this is a post that's been rolling around in my brain for a while. it doesn't mean it's any more organized for all that.
the whole NSA-spying-Edward-Snowden-RSA thing has been intriguing to me because i worked in cryptography for several years. i've used the BSafe library, of which one method of generating keys was compromised (or not, depending who you listen to). but i wasn't working in security research or anything, i was working for a company that did security for banks. this was straight-up, applied-in-the-so-called-real-world cryptography.
and one thing i learned is that a lot of these conversations hit a wall when you're talking about how much money and time things cost. but not only that, people vastly overestimate what cryptography can accomplish. and even more so, the combination of "good enough" and overestimation leads to a lot of misunderstandings.
here is a perfect example. i am connected to blogger.com using an https connection. this means, in the words of firefox's page info
The page you are viewing was encrypted before being transmitted over the internet.one major problem with this statement: also according to the page info, this is encrypted with "High-grade Encryption" which is a whole 128-bit key.
Encryption makes it very difficult for unauthorized people to view information traveling between computers. It is therefore very unlikely that anyone rad this page as it traveled across the network.
128 bits is not a high-grade encryption key. at least not anymore.
here's the problem with encryption: with enough computing power, you can brute-force anything. bigger keys just make the time it would take to brute-force the encryption astronomically inconvenient.
and here's another problem: as far as i can tell, most encryption standards solidified with the wide expansion of the internet back in the late '90s to early '00s. i remember setting up my laptop in my dorm room in 1997 and my dad telling me to set netscape not to allow 40-bit SSL keys but to insist on 128-bit keys.
128 bits is the same length that google is still using in their SSL encryption today in 2014.
i was really hoping that i had read that wrong and it was 128 bytes, which would make a lot more sense almost 20 years later, but no. 128 bits. bits. (i assume you know this, but just in case: there are 8 bits to a byte. because of how encryption works, key lengths are almost always measured in bits).
my 1997 laptop had a processor that was clocked at a whole 150mhz (yes, i still remember this) and was a 32-bit processor. my current laptop that i am typing this post on is clocked at 2.7ghz, has 2 cores, and is 64-bit. while this one laptop alone probably would take a while to brute-force the SSL encryption of this connection, a whole lot of these tied together wouldn't, and hey, nowadays we have botnets and AWS and have also made significant advances in distributed computing models.
and if you think the NSA doesn't have a whole lot of processors somewhere dedicated to breaking encryption if they need to then you are not nearly paranoid enough about the NSA.
so really, it doesn't matter a whole lot if the NSA compromised one of the key generating algorithms in RSA's BSafe library. most commercial applications of encryption aren't using large enough keys to make that matter anyway. it's great that google has moved to using "https everywhere" but since they're not using even the smallest practical 1024-bit key, i don't really feel they're doing a whole lot to stop the NSA reading my email.
if we're really serious about our privacy, then we'll stop demanding "encryption" and start demanding encryption that has changed with the increased processing power that Moore's law continues to make available to us. we'll demand updated protocols that insist on asymmetric instead of symmetric encryption. and we'll demand serious investment in implementing individual encryption certificates for email that can work not only with 3rd party mail clients, but also with the web apps and mobile apps.
oh, and stay away from people with wrenches.
No comments:
Post a Comment