Pushy People are a Security Risk
Yeah, it's that simple. The more you push, the more we infosec bods investigate you and the garbage you try to push through.
Two new encryption algorithms developed by the NSA have been rejected by an international standards body amid accusations of threatening behavior. The "Simon" and "Speck" cryptographic tools were designed for secure data to and from the next generation of internet-of-things gizmos and sensors, and were intended to become a …
Reap the fucking whirlwind America!!! You sowed this shit simply by mushrooming your allies. Now from NSA slyness to Facebook + CA + Palantir sleaziness, we don't trust you anymore. Our once great ally is now dead! Frankly, you can trust China more than the US now. Because we know they can't be trusted, but they have an economic awareness of potential fallout too, so China is more cautious about being pushy!
Really. Like trolls on Slashdot, then ?
First they get all their shiny toys stolen from under their noses, now they reveal themselves as the fucking trolls they are.
Well I do hope that this will long be remembered. Nothing proposed by the US should be approved for a very long time.
Don't forget : it takes time to build trust, but only an instant to lose it.
And you just lost, NSA.
Big time.
When some of the design choices made by the NSA were questioned by experts, Ashur states, the g-men's response was to personally attack the questioners, which included himself, Orr Dunkelman and Daniel Bernstein, who represented the Israeli and German delegations respectively.
But what has NSA encryption got to do with Climate change?
But what has NSA encryption got to do with Climate change?
Hypothetically, if scientists started to discuss Climate Change when using this "security", the NSA could pass the content on to the rich sociopaths in the USA who PRETEND that it is not real.
Oh come now. Who has been foolish to trust the NSA in the past decade or three or six and half? They probably know full well that they can't lose what they don't have and figured they might as well be as boorish as they please. Remember, these are the guys who regularly lie to congress with impunity.
http://lists.infradead.org/pipermail/linux-arm-kernel/2018-April/573548.html
Eric Biggers points out that there is no alternative block cipher suitable for low power processors to support dm-crypt or fscrypt filesystem encryption, and the alternative is no encryption at all.
Bruce Schneier's opinion is Personally, I doubt that they're backdoored
I'd be interested to see Daniel Bernstein's opinion.
DJB offers us a cautionary tale.
July 2008: big headlines in all the mainstream media (I heard it on BBC radio headlines): Internet address system is horribly broken and dangerous. CERT have it here.
... yet ...
July 2001: DJB points out the same thing.
Seven years, no-one listened. Except those of us who already believed DJB, and used djbdns for our own servers.
The time to question someone's credentials is before you submit something to be evaluated by them, not afterwards, otherwise it is hard to dispel accusations of sour grapes.
If you think the evaluation was performed poorly, you are free to raise cogently argued and well-evidenced objections, citing examples, rather than attacking the credentials of the evaluation team.
With regard to the NSA, it is entirely possible that "Simon" and "Speck" are cryptographically sound (i.e. no cryptographic back door), but are vulnerable to poor implementations. It is suspected that the NSA supported the use of AES because it is easy to mistakenly make a software implementation vulnerable to side-channel attacks [1], [2], [3], especially as the Snowden papers reference NSA and GCHQ projects to subvert encryption (BULLRUN and Edgehill respectively [4]). It is worth remembering that Snowden said "Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on." The NSA and other agencies are suspected to have worked quite hard to enable poorly implemented strong encryption to be widespread.
People are a great deal more aware of side-channels now, and look at using constant time algorithms, being careful about use of caches, making power consumption analysis more difficult, and using multiple sources of entropy, and not just a single hardware RNG provided on die by the manufacturer when generating required random numbers for nonces etc. Certifying an algorithm on its own is only one step of the process, as you also need to think about identifying implementation pitfalls to avoid.
No doubt there will be recriminations and fall-out from this decision. It will be interesting to see what happens next, as low-power IoT things do need some form of good encryption available to them. The show will go on.
It would be counterproductive to include anything as blatent as a mistake in an encryption algorithm which is going to be studied by many independent cryptologists.
But if you know that your codebreakers have skills in a particular area, it makes sense to suggest algorithms which may be more vulnerable to attacks using those skills rather than others...
It would be counterproductive to include anything as blatent as a mistake in an encryption algorithm which is going to be studied by many independent cryptologists.
A deliberate vulnerability in the algorithm isn't always necessary. Often the mathematics provide a way to insert a backdoor.
That was the case with Dual_EC_DRBG. No one who knows how the stock curve parameters were arrived at has spoken up - and you couldn't trust anyone who did. If they're backdoored, the only way to find out is by a computationally-infeasible brute-force search (unless you have an algorithm, or very large and reliable QC, that breaks ECC, in which case we have bigger worries).1
Cryptographers were suspicious of Dual_EC_DRBG because no one could tell whether it might be backdoored, and because it had no advantages over other CPRNGs.
DES is another example. The NSA tweaked the S-Boxes to be resistant to differential cryptanalysis, which was not yet publicly understood. They didn't adjust them to resist linear cryptanalysis. Had they also not yet discovered linear cryptanalysis, or did they leave DES (mildly) vulnerable to it as a backdoor?
1Of course the Dual_EC_DRBG specification tells you how to generate your own parameters, so there was never any reason for anyone to use the ones specified by NIST. Yet, somehow, RSA did in BSAFE. Incompetence or malice? We'll probably never know.
"low-power IoT things do need some form of good encryption available to them."
You were doing so well till you made that particular claim..
Back to basics:
* Who says any of us *need* IoT things? 'need' and 'want' are different, remember.
* Who says these things need implementations to be low power? What does 'low power' mean anyway in this context? E.g. x86-class power consumption? DAB-radio class power consumption? RFID-tag (or remote vehicle 'unlocking') class power consumption?
* Who says these things need to be able to securely communicate sensitive data at reasonable speed?
Examples welcome, but based on the recorded history of IoT stuff so far, and the demonstrable absence of "continuous product and service improvement", the less IoT stuff there is in critical roles in the world around us, the more secure (in some broader sense of the word 'security') most of us will be.
* Who says any of us *need* IoT things? 'need' and 'want' are different, remember.
I would consider your fridge ordering a fresh pint of milk to not require a particularly strong encryption, never mind that your fridge is mains-powered and not running on button cells. But for an implanted health-monitoring device (which these days also falls under the IoT label) you need as strong encryption as you can get while consuming next to nothing.
"I wouldn't like one that could be manipulated from outside and pushed until it catches fire."
Back in the 20th century, people in various fields used to understand the difference between something designed to be purely observed (e.g. a temperature sensor, a blood sugar monitor, vehicle speed sensor, etc), and something involved in some kind of control process (e.g. a thermostat controlling heating or cooling system, drug pump, vehicle braking system, etc).
When did people start to get seriously confused about the difference between read-only access to systems and data (mostly harmless, except from a confidentiality point of view) with read-write (potentially catastrophic in some cases)?
When software became the king of them all, so you if you can get control of a system you can feed the wrong sensor data to a control system because it's all software controlled, and make it work the wrong way. Weak or backdoored encryption can help to get into a system.
"When *crap* software became the king of them all" surely?
Any file/storage/device accesscontrol system that couldn't distinguish between "no access", "read only" access, and "read write"access would have been laughed out of the industry in the late 20th century. Why are such systems now acceptable?
"Weak or backdoored encryption can help to get into a system."
So can total lack of meaningful access control in a 'modern' OS/application combination. Especially where the software and systems provideres seem more interested in slurping personal information than actually providing useful relevant and secure StuffThatWorks.
"Fridges are the cause of many house fires."
Primarily because no one ever bothers to clean around the working parts of it. (And before anyone points fingers, I'm guilty as charged; I did mine last year and pulled ~5 years of collected cat fur, dust, and other detrius off the running gear, which ran about two inches think in some parts. The prompt for this? The fan was making noise. It's running a lot better now. :) )
There are an awful lot of ip cameras floating around on the net. Remember the massive DDOS attack launched from them? The NSA probably wouldn't mind looking through them all to supplement the existing CCTV systems they have access to.
Strongly encrypted streams sounds like a pretty good idea to me.
Interesting. Of course, the phantom downvoter *could* be you, making a story for yourself. Have a downvote, in support of your thesis, and for posting anonymously.
"Except one" in your post is meaningless: it could just be, for example, a post made after the "downvoter" had been and gone.
The ‘nonsuchagency’ got that which they deserved. Unfortunately both USA and Russia have blotted their copybook trying to run roughshod over us, the great unwashed engineer.
Trust as said before is earned and not gained in schoolyard namecalling - maybe the upcoming Ivy League leavers will learn a lesson from this. When you are told no by the experts, no amount of temper tantrums or threats will faze any professional who knows their tomatoes. I.e. we couldn’t give one shit you are NSA, CIA or FBI - your power outside your borders is limited so up yours you bunch of bullying turds.
Good on you to all those who told them where to get off.
That's what NSA does gets the low down on you so they can undermine you later, ie. by challenging your qualifications. Hi paranoia - Do not trust any one - A secret is not secret if any others know it.
Encryption :- many cannot see the Gorilla in the room and it's now dancing with the Elephant. so who needs encryption, few of us. Much electronics and security can be a distraction that costs individuals and countries much in order to 'cyber up' whilst the Gorilla just walks by the window.
Do Not Put Valuables on the Internet.
Convenience is the enemy of security, Overcome your need for convenience and you will be more secure.
For encryption to truly work you need a new different one every time, and then it's for the short term, just to hold out until D-day.
Linux:~ hahahahaha, there is so much junk in the Linux kernel you'd probably find DOS in there too.
The "west", and I'm including Japan and SKorea here, are pushing like crazy to get your fridges, tellys, and crappers onto the internet. And which countries have limited or severely constrained internet access? Russia, China, NKorea. Notice anything peculiar? But remember, even tho' a net is just a bunch of holes held together with string it's perfectly safe to hold your privates.
"It explicitly mentions the 1st Battalion of Ikea corps too. No, not a joke either."
Errr, not a joke no, but it is fictional. The real giveaway is the text that says "Science Fiction" in the top left.
Um, Voland old chum, you do understand the difference between fiction and reality right?
Um, Voland old chum, you do understand the difference between fiction and reality right?
I do. I also understand how close can be fiction to reality when it is about the fallout from BrExit, Transatlantic Partnership treaty and a few other things.
While the book is much weaker than the phenomenally brilliant Children of Time and nowhere as horrifying as Dogs of War, this is yet another place where Chaikovski's fiction is well rooted into the present. It is a possible future (and not a particularly far fetched one). Including the 1st Battalion of Ikea.
When I was co-chair of MQTT at OASID we had a small privately owned member company try to push these same two suspect standards into MQTT 3.1.1 on behalf of a third party. It all smelt very fishy. Seems that said company was being dangled a carrot n terms of juicy contracts.
"In my professional experience Israelis, especially Israeli academics, are easily pushed around by simple bullying."
Given the extent to which the US and Israel are tied together on intel and military matters, a stand by one good man will not last. Israel receives (publicly) about $4bn a year in defence subsidies from the US. Add that to the fact that TLAs never ever admit they are wrong, and we can expect the Israelis to choose a different representative soon, somebody more acceptable to the lying, cheating, anti-democratic forces of the NSA and others.
"Now you've told us which professionals have some integrity - the ones you are trying to discredit."
...Unless that's what they WANT you to think, and making Ashur and Dunkelstein's credentials appear unassailable to the community by loudly and blatantly attacking them is just part of a longer-range plan...!
(Note to self: Stop at grocery store on way home from work tonight -- Almost out of tinfoil!)
This is a very concerning news article!
We/everything need(s) strong encryption that can be relied upon (trusted).
Who do we trust to design the next generation of encryption for IoT?
The Ruskies?
I suggest we kidnap some smart people from North Korea to design and code the new standards! :)
"the kind of crypto she has been asking for since she was Home Secretary."
There seems to be a typo here, should have read
""the kind of crypto that spooks like Charles Farr have been asking for since people like May have been Home Secretary."
'Twas Ever Thus.
Never forget that Microsoft worked with the NSA when designing Windows Vista. I vaguely remember Mark Russinovich saying something about fighting the "bad guys" or something like that. Yeah, right. Then, when Snowden leaked information about the NSA in 2013, he acted surprised. Nice act. With the cloud, things have only gotten worse.
I have always wondered how “if they have physical access the game is over” and “secure cloud services” can live together. If you don’t control the hardware, the firmware, the virtualisation layer etc how secure can it really be, especially in a post spectre/meltdown world?
This is actually a solved problem, from the standpoint of business risk. In the US, there are major companies (like, really, really, big) whose sole business is to provide accounting & auditing services to other businesses. Likewise, law firms. These firms must keep customer data secured and isolated.
AWS securing and isolating customer data is not a differentiator in the market, it is baseline to entering the market. As Google quickly found out.
Of course, securing and isolating a NAS is different than securing and isolating a file cabinet. But the principle is the same.
" there are major companies (like, really, really, big) whose sole business is to provide accounting & auditing services to other businesses."
Yup
"These firms must keep customer data secured and isolated."
And so far, there have been some pretty spectacular fails. Those are just the ones we get to hear about.
"that places the IoT at a dilemma"
OTOH I don't think it places most of us in a dilemma in respect of IoT. We wouldn't trust it with or without encryption. In fact, without makes it easier for the users products to see that it's up to. It's the vendors who need to be trusted and anything that makes it easier for them to hide what they're up to is a good thing. For instance, would anyone have discovered that a smart TV was analysing the user's LAN and reporting back what files it found if the communication had been encrypted.
What makes you think it's actually the TV and not something else impersonating the TV without some kind of attribution, which encryption can provide?
Like it or not, IoT is a thing, and more than likely an undead thing, meaning waiting for it to die may not be an option. Hell, it may even be nuke-proof.
I would expect that lightweight encryption could be very useful. Security is proportional to the cost of breaking in. It's not a binary function of unhackable versus hackable; your secure front door will just force the intruders to go through the windows or the walls.
To maximize its effectiveness, lightweight encryption should be indistinguishable from heavyweight encryption. If the bad actor cannot predict the resources required to break in, it will raise his cost.
. There is also the CIA. Who, rather like the UK's SIS, specialise in misinformation techniques.
If I were looking to compromise the choice of a global crypto standard, using misinformation techniques, I might put a lot of resources into developing a really good algorithm. So much so that few other countries bothered to create one as good.
Then, present it to the Standards Authority, and behave in such a way as to make them suspicious of my intentions, and reject it.
Leaving the Standards Authority with no choice but to pick the far less good second-placer.
Such an approach would be second-nature for the misinformation specialists. Do you remember the fake story going the rounds during the Falklands War about all the water on the island being infected with sheep-fluke? Which resulted in half the weapons resupply flights coming in from Argentina carrying nothing more deadly than water?
go and create a proper encryption system.
You seriously think that ISO is going to accept a 2nd-rate anything simply because they refused a potential 1st-rate one ? You're thinking bureaucrat.
Think engineer. They're going to go and make another 1st-rate one, because Standards.
"You seriously think that ISO is going to accept a 2nd-rate anything simply because they refused a potential 1st-rate one ?"
Office Open XML? MicroSoft's essentially impossible to implement "standard" version of Word's document format. Versus Open Document Format, although at least that's an ISO standard as well.
Which resulted in half the weapons resupply flights coming in from Argentina carrying nothing more deadly than water?
Please do look up the LD50 for dihydrogen monoxide, will you? A mere 6 liters. I don't know how much those planes carried, but I expect the cargo to have been sufficient for killing at least a hundred persons when administering it in the most effective way. Less effective would be freezing it into cubes of about 10 kg (2.38 jubs) each and hitting someone right on the noggin with that from sufficient height, or dropping the entire water container on a group, again from some height.
Misinformation, my arse.
Kweiyang Markleysburg centimetre interweaved soken shisham Garling Zoellick clinograph exembryonate extrorse Bandello larum-bell Honorine mysids Landon Euryalida zootomical liverhearted atune Superior Huoh condolers L'Ouverture chacate termor Merri Tzapotec OOP northbound regnerable lactigenous volatilities nonpersuasive three-pound chemosterilant viscerating Frederico superseverely thioarsenic virologies
Assuming that WiFi or wired is used within the home then all that is needed is a home IoT hub.
This can then VPN to any external resource. It can also update any encryption as the standards evolve and firewall the IoT devices from external attack.
You can take it as a given that there will be no long term support of individual devices (think Android mobile phones) so you need an isolation layer to protect your devices from the exploits as they emerge.
Rasberry Pi should offer a good starting point.
How about you probably not wanting the not very strongly encrypted wireless communication between your implanted blood sugar level monitor and that IoT hub being captured by the neighbours' sprog's Furby Mk.IV, and relayed to someone who should not have access to that data?
There’s clearly two categories of IoT device here, medical implants and everything else. For the latter the OP makes a valid point. For health implants I’d argue they need to be very short range and engineered entirely different from a convenience widget.
That's an extremely good point.
Medical devices, like medicine itself, have been too easily compromised by amoral commercialization and profiteering.
Why do we even allow patents on pharmaceuticals (we came way too close to having one on the Human Genome)? Especially when so much of the basic research is done with government money? Why isn't the hardware, firmware, software of medical devices required to be open source? Why does the complete text of many international standards cost $1,000s to purchase? What about the siloing of important medical research by high priced medical journals?
Of course even the best encrytion is useless if the idiot leadership of manufacturers have allowed hardcoded root passwords to be left in their products, as apparently many have.
I worked for a company that developed a blood sugar monitoring device that would be attached to the patient and communicate with a wireless device similar to a smart phone. They'd been working on it for a couple of years when I joined them and spent many many millions on the chip inside the device. There was a good mix of tech and medical expertise in the management board and while I am sure everyone wanted to get paid, the costs of development were high and someone has to pay for it.
I'm a big fan of open source but the fact is government don't pay for much of anything anymore!
I still don't understand why the BBC archive is kept from us since we the license payer, paid for it, dad's army yet again on repeat is all we can hope for (and the biggest sole reason against the license fee).
Government bodies can't be trusted to do this stuff so private for profit is the only way.
"Government bodies can't be trusted to do this stuff so private for profit is the only way."
Incorrect, because private enterprise will never be interested in one-and-dones. No repeat business. For such long-term goals, it's either the government or bust.
"I still don't understand why the BBC archive is kept from us since we the license payer, paid for it, dad's army yet again on repeat is all we can hope for (and the biggest sole reason against the license fee)."
Almost fifteen years ago, the then Director General of the BBC announced pretty much what you describe. It was announced by Greg Dyke in the Richard Dunn Memorial Lecture at the Edinburgh TV Festival in August 2003, and due to be launched a year later.
The realtity seems to be that the BBC-owned archive was eventually privatised (exclusively?) to the likes of Dave, Yesterday, etc (the ones which are part BBC owned?) and they were hoping no one would notice the previous commitment has sunk without trace. And in the post-Birt era, the "BBC" programmes were largely not owned by the BBC,
Read all about the Creative Archive:
http://news.bbc.co.uk/1/hi/entertainment/3177479.stm
"Greg Dyke, director general of the BBC, has announced plans to give the public full access to all the corporation's programme archives.
Mr Dyke said on Sunday that everyone would in future be able to download BBC radio and TV programmes from the internet.
The service, the BBC Creative Archive, would be free and available to everyone, as long as they were not intending to use the material for commercial purposes, Mr Dyke added.
"The BBC probably has the best television library in the world," said Mr Dyke, who was speaking at the Edinburgh TV Festival.
"Up until now this huge resource has remained locked up, inaccessible to the public because there hasn't been an effective mechanism for distribution. But the digital revolution and broadband are changing all that. For the first time there is an easy and affordable way of making this treasure trove of BBC content available to all."
[continues]
The speech in full (in case the details matter):
http://www.bbc.co.uk/pressoffice/speeches/stories/dyke_richard_dunn.shtml
What angered me most about the Snoden-revealed chicanery is the trillions lost due to the need for independent development of encryption techniques. (Not just direct costs, but the delays in dependent technologies as well as the lost due to cracking.)
I probably ought to reach out to my political contacts and see about having the US just completely pull out of these kinds of things. The only customer that can trust the NSA today is the US government.
I've lived long enough to have bought cool new toys that lose their shine a week after I get them home. The same goes for software to do things that I can do just as easily with a pencil and paper.
Most of the IoT devices fall into my category as fun for a week until the realization hits that I've complicated some basic task to get features that are just useless. Not only useless, but are likely to be used against me in some way. Why do I need a thermostat connected to the internet? Why should I need to have the ability to monitor or adjust the temperature of the house from anywhere on the planet? I "might" leave the heater set when I leave on holiday, but to date, I've never done that. What that IoT thermostat does do is allow any miscreant that gets in to it run my AC up to ice age and enrich the electric company. I don't see anything wrong with my old fashioned programmable thermostat. About the only upgrade that would be handy is a switch to change over from standard to daylight saving time and back so I don't have to remember how twice a year. If it could set it's clock automatically, that would be a help too.
The bulk of IoT that seems to be getting a big push into the market are self-installed spy devices. I'll stick with requiring the Man to put in their own bugs if they want to that bad.
In recent news: A killer was caught through having a DNA profile done at an ancestry site. As interesting as it is to know about where your genes have been, it appears that at least one of those companies is happy to let the police rummage around in their files. Yes, I know, I'm paranoid. The bigger question, though, am I paranoid enough?