crypto

All your keys are belong to us

The official truth, which for once seems believable, is:

because strong encryption can be so effective, classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware.

So, the NSA has the private key that is used by your https server. The question then is, how?

If you leave the front door wide open, and you find your house has been burgled, it is possible that the burglars have a super secret underground tunnel that comes up into a well hidden trapdoor in your basement.

But chances are that they waltzed in through the wide open front door.

And by “wide open front door” I mean the common practice of the certificate authority making up your secret key for you and sending it to you.

Snowden, who knows what the NSA is up to, tells us:

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.

Trouble is, seldom properly implemented.

Strong, non human memorable, secret keys should be created in place on the device that their corresponding public key identifies, and never leave that device. There should be no user interface and no best practice procedures for managing such secret keys, only for managing the corresponding public keys, which should be presented to the user as guids or something like a guid, as something like a vin number. The way a sysem administrator should perceive setting up an https server is that the server makes up a guid, and he then gets a certificate from the certificate authority saying that the guid is good for his organization and/or domain name, and installs the certificate for the guid on the server. He should not need to know or think about private keys.

20 comments All your keys are belong to us

red says:

What’s the NY times goal behind reveling this? Did the NSA fail to go along with identifying politcal dissidents? Leftests hate privacy, so what’s the point of attacking the NSA?

jim says:

To pronounce the official spin on what Snowden leaked.

Marc says:

“Leftests hate privacy”

Correction: leftists hate privacy for other people.

Ralph Nader is nothing if not a leftist. Seems pretty keen on preserving his own privacy.

Dan says:

Ralph Nader is emphatically not a leftist in the modern sense. He has principles. Most leftists have none.

The causes Ralph Nadar focuses on (consumer safety, pollution, big money capture of Congress, conditions in nursing homes for instance) are totally about the public good. It should be pointed out that Nader’s environmentalism was the best kind, focused on specific pollution in a way that was solvable and in a way that was solved in America. Modern environmentalism is perfect for leftists because it focuses vaguely on ‘climate change’ and allows for endless statism with no closure in sight.

Modern leftists are divisive for the sake of division itself, for instance devoting 20 years of intensive efforts on all fronts toward ‘gay marriage’, something that is only 0.5% of marriages, while 75% of blacks are born out of wedlock.

The first criterion to be a modern leftist is that you derive pleasure from bashing some combination of (1) whites, (2) the religious, and (3) traditional America, and preferably all three at once. Ralph Nader does not qualify.

Erik says:

Possibly also (4) masculinity, (5) capitalism unless you meant for those to be aspects of 3.

Marc says:

“Ralph Nader is emphatically not a leftist in the modern sense”

If Nader is not a leftist, then the Overton Window has moved very far to the left indeed.

To show that Nader is not a leftist, would need to show that Nader has a mid-17th century royalist analog.

Marc says:

“The first criterion to be a modern leftist is that you derive pleasure from bashing some combination of (1) whites, (2) the religious, and (3) traditional America, and preferably all three at once. Ralph Nader does not qualify.”

http://www.votenader.org/issues/social/affirmative-action/

“After more than 300 years of de facto affirmative action to benefit white males, we need affirmative action for people of color and women to offset enduring historic wrongs as well as present day inequalities.”

Thales says:

First link is broken.

jim says:

fixed

Dan says:

Leftists have much more to hide. They are more likely to have affairs. Their finances also run wholly contrary to their stated political philosophy.

Steve Johnson says:

The way a sysem administrator should perceive setting up an https server is that the server makes up a guid, and he then gets a certificate from the certificate authority saying that the guid is good for his organization and/or domain name, and installs the certificate for the guid on the server. He should not need to know or think about private keys.

Isn’t that exactly how it works?

You create a certificate then send the certificate to a certificate signer who then vouches for your certificate matching what they have on file. Their certificate is built into the infrastructure (embedded in browsers).

Of course then all the certificate signers are free to execute man in the middle attacks.

jim says:

Well that is how it works when I do it.

But, “the certificate authority making up your secret key for you and sending it to you” is not the way it’s supposed to work, and not the way it does work in my experience.

The CA chain is a vulnerability, but difficult to exploit undetectably, thanks to things like CertPatrol

jim says:

That is probably because you know it is not supposed to work that way, and are making sure it does not work that way.

spandrell says:

Can Capitalism start working for once and produce a person who can provide this? He’ll become filthy rich. Also wanted by USG, but filthy, terribly rich.

jim says:

Been done. These implementations – where the only way to do it was the right way, because they generated the private key in place and gave you no easy access to it – were the first implementations written, and somehow, mysteriously, disappeared, replaced by implementations where it is easy to do it wrong.

peppermint says:

> leftists hate privacy

Ask a progressive some time what they think about privacy. They absolutely support privacy and free speech and will give you long essays about the subject.

The decision in Roe v. Wade was that a woman has privacy about her medical procedures. Strict constitutionalists, invariably libertarians who hope that we can be ruled by a goddamn piece of paper, reject the discovery of a right to privacy in the Constitution.

Anyway, Moldbug says that leftists view privacy as a kind of political right, and, whine about the lack of privacy to show off that they are better communists than the government.

http://unqualified-reservations.blogspot.com/2013/06/civil-liberties-and-single-reactionary.html

Red says:

The leftist version of privacy is only applied when it’s hiding their perversions, blood lust, and any evil acts they enjoy. That right to privacy used for Roe vs Wade doesn’t exist in court unless it’s supporting a leftist cause or group. Leftists want to know what you think, how you live, and how unholy you are so that they can police your behavior in the puritan way.

jim says:

Ask a progressive some time what they think about privacy. They absolutely support privacy and free speech and will give you long essays about the subject.

Yet your company can be criminalized for racist thoughts overheard by someone listening at a keyhole.

Thales says:

Any particular Leftist values his own individual privacy, but any Leftist who deigns to hold to some “principle” will, as is the nature of Leftism, find himself out-flanked on the Left by someone who does not, and thus find himself to be largely irrelevant as any kind of policy/trendsetter.

Leave a Reply

Your email address will not be published. Required fields are marked *