We live in a post-Snowden reality. Revelations about NSA
spying have prompted a broader use of encryption in the marketplace with a surge
of new security products that promise to keep our business and digital lives
private. They may not all be effective.
Marketers are responsive to consumer fears. Potassium iodide tablets were flying off the proverbial
shelves after the 9/11 attacks, and gold coin peddlers exploited uncertainty
in the wake of the great recession. Data security concerns are a comparable
case (though arguably much more legitimate).
Multiple “secure” smartphones (1,2,3) and cloud
services have already come to the rescue. Some U.S. companies are also frantically responding to slumping sales. We’re not here to challenge the
veracity of their products, but can examine the wider issue of whether
encryption is truly a cure-all. It depends - not
every house is built equally well; implementations aren't either.
We spoke with some of the world’s leading cryptographers to
learn their opinions on whether products promising anonymity are marketing
snake oil or truly protective against government experts that have spent
decades at thwarting
“The issue is not one of who is ahead, NSA or private
industry. Frankly, cryptology is based on math, and the math is open to
anyone who cares to study it.
For example, the recent revelation that the NSA
had put a cryptographic backdoor in a specific random number generator was not
news to the cryptology community. As early as 2006 a paper had been written on
the topic by researchers who studied that random number generator and concluded
that it was certainly possible that there was a cryptographic backdoor.
problem lies in the security community. Very few people in the security
community really know cryptology. I routinely speak to groups of security
professionals (people with 10+ years experience, graduate degrees, multiple
certifications, etc.) and it usually takes less than 3 minutes to find
significant areas of cryptology they are completely ignorant of. Simply put
the answer lies in more security professionals, software engineers, etc. having
a working knowledge of cryptology.
Now, at some point newer methodologies will be needed, but
for now AES 256 bit encryption for hard drives, or RSA 4096 bit encryption for
online communications is more than sufficient…if it is implemented
correctly. But, I routinely find new examples of improperly implemented cryptology. And that is related to my first point: too few security
professionals really have a good working knowledge of cryptology.”
“I think the most important
Snowden revelation is that encryption works. I wrote this [guide
for staying secure].” Schneier cautioned to be on the look out for nonsense
marketing, noting that no one “in the field” is really calling for new forms of
“The Snowden revelations confirm
what experienced cryptographers have strongly suspected all along. They don't have any
special wizardry; they can't make quantum
computing work better than university labs can;
and systems such as Tor that are implemented carefully using well-known cryptographic primitives keep them out.
They have also confirmed what security engineers
have long known; namely that the NSA and
the other agencies put a lot of effort into compromising actual systems by getting at the vendors. Perhaps their
biggest secret coup ever was the purchase of
Crypto AG, a Swiss firm that supplies
many non-aligned governments; they bought this from the founder Boris Hagelin in the 1950s and were discovered
only in the 1990s. That gave them access
to the traffic of perhaps 100 governments'
diplomatic and military traffic for forty years.
More recently they used export controls to bully security
companies into implementing cryptography
with short keylengths or deliberate
backdoors. The Snowden papers added much more to
our knowledge of this; some $250m a year
seems to have been spent on compromising crypto
and security standards, and products.
In short, the problem isn't the cryptography. We know how to do that. It's whether you can trust the engineers who implement it.
In general the vendors cannot produce robust
products, since they would not be allowed
to export them. If your company needs to protect information from state actors, you need to employ people who know what
they're doing and you'll probably end up putting
together much of what you need from free
software products. If you don't have the technical and managerial self-confidence to do that, you are
meat in the market.”
“I'm afraid I don't know what security
cell phones, etc. are currently using. I would doubt that the NSA is ahead of
the rest of us in terms of breaking stuff (such as AES, etc.) that is generally
regarded as secure (but I don't know if phones are using stuff that is generally
regarded as secure -- this is just my personal ignorance). Most of what I've
read about NSA "breaking" stuff is not about mathematical/scientific
advances, but completely different: cooperation from vendors, secretly
inserting hardware and software in places, etc.”
Phillip Rogaway; UC
Davis professor and cryptography researcher:
“We really don't know where the
NSA is in terms of cryptanalytic
capabilities. The Snowden-related revelations have only concerned approaches to circumvent the cryptography -- ways to go around it, one might
say, not ways to directly break it.
None of us outsiders know what the
NSA can break.
But, like most cryptographers, I believe that
good-quality cryptography cannot be directly
broken by the NSA, or by anyone else. I believe that that is why the
NSA is driven to go around it. Almost
certainly, there is no other cost-effective choice -- especially when the
government wants to make available everything, not just targeted communications.
As for particular vendor products, it is one of
the problems with the personal-security-products
marketplace that it can be difficult or impossible to distinguish well-executed
cryptography from snake oil. I'm sure there's no shortage of snake oil. But
high-quality tools are also available. Some of them are open-source and free.
With good tools, I think usability is the issue, not effectiveness.
While many cool and exotic ideas in cryptography
have come into existence in recent years,
it's not these that are needed to help
people get back a bit of privacy. The most useful tools are probably things
like ToR, PGP, and OTR, none of which realize anything new or exotic.
Yet more important than trying to get most people
to use such tools -- which is not going to happen -- is to work our way
back, as a people, to a world where
surveillance is not routinized. Right now
you really need to assume that every single email, phone call, credit-card
transaction, web-site visit, or change of physical location (if you carry a
cell phone) is going to be recorded within intelligence-agency databases,
machine scrutinized, and maintained for
an indefinite period of time. That's not a world consistent with free
expression or democratic values.”
(image credit: CT.gov)
This post was originally published on Smartplanet.com