My Patch for the Internet Security Hole

I just posted another article about the problem, but there are several steps which could be taken today to plug the hole. Although that won’t protect any historical communications. This involves doubling security with post-quantum cryptography (PQC) and also the use of a novel scheme that I propose here.

PQC can’t be used alone today, it’s not proven. Many of the algorithms used to secure internet communication today was thoroughly researched, peer reviewed, and tested. It stands the test of time. But PQC is relatively new, and although accelerated efforts could have been taken years ago to mature sooner, they were not. That doesn’t mean PQC doesn’t have a part to play today.

Encryption can be overlapped, yielding the benefits of both. RSA for example is very mature, but breakable by a Quantum Computer. Any PQC is immature, but theoretically unbreakable by a Quantum Computer. By combining these the benefits of both are gained, with additional CPU overhead. This should be implemented today.

Standards need to be fast tracked, and software vendors implement with haste. Only encapsulation is required, like a tunnel in a tunnel. But TLS likely already has the ability for dual-algorithm protection built into the protocol. I’m yet to find out.

In addition to the doubling described above, I have a novel approach, Whisp. Web applications (ignoring oAuth) store a hash of a password for each user, this hash can help to form a key to be used during symmetric encryption. Because symmetric encryption is also mature and unbreakable (even by Quantum Computer), it’s an even better candidate for doubling. But it would require some changes to Web Application login process, and has some unique disadvantages.

Traditionally, in a web application, a TLS session is started which secures the transmission of a login username and password. Under Whisp, the 100% secured TLS session would only be able to start after the user enters the password. The usual DH or RSA process is used to generate a symmetric key for the session, but then that key is processed further using the hash of the users’ password (likely with a hashing algorithm). Only if the user enters the correct password, will the secure tunnel be active and communication continue. There are still draw backs to this approach however.

The initial password still needs to be communicated to the server upon registration. So this would work well for all established user accounts, but creation of new user accounts would require additional protections (perhaps PQC doubling) when communicating a new password.

I would favor the former suggestion of PQC doubling, but there may well be good reasons to also use Whisp. And it shouldn’t be long before PQC can be relied upon on its own.

Busted! Internet Community Caught Unprepared

Internet Security (TLS) is no longer safe. That green HTTPS word, the golden padlock, all lies. The beneficiaries: trusted third parties who charge for certificates. Yes, it sounds like a scam, but not one actively peddled, this one is from complacency from the people who oversee the standards of the internet. Is there bribery involved? Who knows.

A month ago, there were no problems with TLS. Because it was only the 6th of October when a paper was published which paves the way to build machines which can break TLS. Update: Now a whole Q-computer architecture has been designed publically (what has been done privately?), and can be built under $1B. These machines are called Quantum Computers. So where’s the scam?

The nerds behind the Internet, knew long ago about the threat of developing such a machine. They also knew that new standards and processes could be built unbreakable even by a Quantum Computer. But what did they do? They sat on their hands.

I predicted in 2010 that it would take 5 years before a Quantum Computer would be feasible. I wasn’t specific about a mass production date. I was only 4 months out. Now it’s feasible for all your internet traffic to be spied on, including passwords, if the spy has enough money and expertise. But that’s not the worst part.

Your internet communication last year may be deciphered also. In fact, all of your internet traffic of the past, that you thought was safe, could be revealed, if an adversary was able to store it.

I wrote to Verisign in 2010 and asked them what they were doing about the looming Internet Emergency, and they brushed my concern aside. True, users have been secure to date, but they knew it was only a Security Rush. Like living in the moment and getting drunk, not concerned about tomorrow’s hangover, users have been given snake oil, a solution that evaporates only years later.

All of these years, money could have been poured into accelerated research. And there are solutions today, but they’re not tested well enough. But the least that could be done is a doubling of security. Have both the tried and tested RSA, as well as a new theoretically unbreakable encryption, in tandem.

Why is there still no reaction to the current security crisis? There are solid solutions that could be enacted today.

Updates

Improve security with compression

Block cipher encryption.
Image via Wikipedia

I have a particular interest in encryption and how to make it stronger.Whilst considering OTP and its vulnerability of reusing a random or psuedorandom stream on plain-text, I was simulating the problem with a puzzle I have come across in the past. (Ever played one of those cryptoquip puzzles in the paper, where one letter is equivelent to another letter? You look at the small words and with trial and error guess words until they make sense across the whole sentance.)

I realised that encryption is significanly affected by the entropy of the input plain-text. As far as I know this is an unproven hypothesis. However it is at least easily verifyable for simple encryption, such as that found in the cryptoquip puzzle. I believe that source entropy losses it’s significance in overal security as the encryption method itself improves. However this may only be because once encryption is significantly strong doubling it would have no perceivable outcome. For example AES is considered one of the strongest, if not the strongest symmetric encrytion algorithm to date. Doubling the trillions and trillions of computing power required to break is not readily perceivable by our minds (and ten digits on our hands).

It is commonly accepted that you should compress before you encrypt, because encryption increases entropy which eliminates the ability for any valuable compression. It should be noted though that compression also increases entropy which in light of this article, is very good for security.

If you want good security you should consider using compression as well. You will have the benefit of an improved cipher as well as shorter messages. Perhaps compression can improve cipher strength enough such that some more computationally efficient ciphers are as strong or stronger than AES.

I hope that one day we will see an encryption scheme which incorporates compression in its design. It may also incorporate some other mechanisms to further increase the entropy of inputted plain-text data. Building a joint compression/encryption algorithm may also yeild performance improvements over seperate coherent compression and encryption steps.

It all sounds promising, but this is not an undertaking which I am experienced enough in to tackle.

Enhanced by Zemanta

Memorable IPv6 Addresses

Back in Nov 2009, I foresaw that IPv6 addresses would become a menace to memorise. So I had a crack at improving memorability of such addresses, See http://blog.jgc.org/2011/07/pronounceable-ipv6-addresses-wpa2-psk.html?m=1. The basic idea is that sounds which make up words or resemble words are much easier to remember than individual digits. I was actually thinking about this idea last night, how it could be applied to remembering strong passwords.

This morning I got an email from a collegue who pointed out this: http://www.halfbakery.com/idea/IPv6_20Worded_20Addresses#1260513928. I don’t believe the scheme used here is as memorable as mine, but it sounds like other people are having similar ideas.

Back to my thoughts last night on more memorable passwords. We know we’re supposed to use Upper and Lower case, special symbols etc. But even then you’re not using the full 64bit capacity of the full 8 character recommended string. To use my scheme to memorise more secure passwords, you would simply use my tool.

I made a video 🙂

[youtube=http://www.youtube.com/watch?v=f60GGxPskG4]

Phishing Drill – Find your gullible users

Do you remember participating in fire drills in school? I remember them fondly – less school work for the day. I also remember earthquake drills when I went to school in Vancouver for a year. So what to drills do? They educate us about the signs and signals to look out for, and then how to react. I believe spam filters work fairly well (that was a sudden change of subject). I use gmail and spam detection is built-in, however I still do receive the occasional spam message. Education of those who fall for spam and phishing is an important factor in reducing associated problems and scams. If all internet users had their wits about them, we could put spammers and phishers out of the business – and most door to door salesmen. So how do we achieve this without million dollar advertising campaigns?…. Drills. Spam/Phishing Drills, or to be more generic, perhaps Internet Gullability Drills (IGD – everyone loves an initialism).

How do you drill the whole of the Internet? “Attention Internet, we will be running a drill at 13:00 UTC”…. probably definitely not. My proposed method involves every web application, which liaises with their customers by email or is at risk of being spoofed in a phishing scam, to have their own private drills. Such a drill would involve sending out an email message which resembles a real life phishing/spam email. Each time different variables could be used – email structure, sender email, recipients name, a direct link to a spoof site. In any case the drill should be able to detect those who fall for the drill. They can then be notified of their stupidity in the matter in a more delicate way than most would – “Haha – you just fell for our IGD you loser!”, is way off.

Ultimately a Gullability prevention centre website would exist which the users could be referred to, so they may refresh themselves in current threats, how to identify them and how to react. Quite a simple solution, and maybe I’m not the first one to think about it, I didn’t bother searching the Internet for a similar idea…

 

The Web Security Emergency

We responsible users of the internet have always been wary when surfing the Web. We know that we need to make sure websites use TLS security, we need to see HTTPS and a tick next to the certificate to ensure no one is eaves dropping on information being transmitted.

How wrong we are.

The security industry has long known the weakness of RSA and ECC  – the major cryptography used on the internet –  as well as other asymmetric cryptography algorithms, against a quantum computer. And they have done little, to prepare for the advent of the first quantum computer, because it has always been a futuristic dream. But this position is quickly becoming antiquated, there have been many developments in the last few years which now have scientists projecting the first quantum computer to arrive within 5 years. 5 years isn’t that far away when you consider that your sensitive data could be being recorded by anyone today or even in the past, with a hope to decrypt it in 5 years!

There are people who think that Quantum computers will never come, but they are just burying their heads in the sand. Researchers have already developed one which implements Shor’s algorithm – the one which breaks RSA and ECC – on a chip!

So what is the security industry doing about it now? The threat won’t arrive in 5 years, the internet is insecure today. People are carrying out bank transactions today, believing that the data being transmitted will never be read by an unauthorized third party. Programs and drivers are signed with algorithms which will be broken in 5 years, what will stop malware then? There are also anonymous systems such as Tor and I2P which likely use RSA as the basis for their security, in 5 years how many citizens in politically oppressed countries will get the death penalty?

Fortunately there are asymmetric cryptography algorithms which are not known to be breakable by quantum computers, but these have not been standardised or fully researched yet. These can be found at http://spectrum.ieee.org/computing/software/cryptographers-take-on-quantum-computers. So what it comes down to is, that the security industry doesn’t have the answer, and that’s the reason they are not telling anyone of the problem, they’re effectively covering up the truth.

UPDATE:

I’ve seen a lot of rapid developments recently, I’m still optimistic about an RSA breaking quantum computer within 5 years (from June 3, 2010)

http://arstechnica.com/science/news/2012/04/doped-diamond-sends-single-photons-flying.ars

UPDATE:

The commercially available D-Wave (Quantum Annealling) can factorise numbers, according to some of their marketing, and this stackexchange question. The StackExchange question also describes the currently perceived limits of D-Wave or Quantum Annealling in general, estimating that N^2 qubits are required for an N bit prime. The current DWave is only 512 bits.

If the amount of bits were to double annually, then 1024 bit SSL encryption would potentially be easily cracked by such a device in 11 years.

However, this is what is commercially available. Given enough money it would be conceivable that a Goverment / Military could possess one now. Maybe even the NSA.

UPDATE:

D-Wave cannot break today’s SSL web encryption:

The optimizer they now claim to have is restricted to problems that can be mapped to an Ising model—in other words, the computer is not universal. (This precludes Shor’s algorithm, which factors integers on a quantum computer.)

http://arstechnica.com/science/2013/08/d-waves-black-box-starts-to-open-up/2/

UPDATE

I’ve got less than a year left on my 5 year prediction, but I have finally found a scientist themselves make a prediction, it would not be unreasonable to think US DoD could have this already, or within a year, but it would be most practical to simply say I was possibly out by 5 years. So effectively the warning starts today!

They hold out the possibility of a quantum computer being built in the next five to 15 years.

see http://www.abc.net.au/pm/content/2014/s4105988.htm

UPDATE [2015-09-30]:

Even the NSA are worried about the post-quantum computing world, see: http://hackaday.com/2015/09/29/quantum-computing-kills-encryption/

UPDATE [2015-10-14]:

Maybe my prediction was right (only out by 4 months): http://www.engineering.unsw.edu.au/news/quantum-computing-first-two-qubit-logic-gate-in-silicon

Apparently it is feasible to build a quantum computer today. One that can defeat all encryption used in internet communication today (as long as that data is wire tapped and stored). Although it may take 5 years for mass scale commercialization, I’m sure NSA, FBI and DOD of the USA would be capable of building a quantum computer now, if they didn’t already have one.

The breakthrough by UNSW, could very well have been discovered earlier in secret. So this has implications for international espionage today, broader law enforcement in years, and the whole underpinning of the internet security in 5 years.

Using WiFi and searching Google via HTTPS? In 5 years, the owner of the Access Point could very likely decrypt your searches, and other information including bank passwords.

The only secure encryption today requires a password to be entered on each end of the communication channel.

Further Reading

http://en.wikipedia.org/wiki/Quantum_computer

http://www.newscientist.com/article/dn17736-codebreaking-quantum-algorithm-run-on-a-silicon-chip.html

http://www.itnews.com.au/News/213800,toshiba-invention-brings-quantum-computing-closer.aspx

http://www.nature.com/nature/journal/v460/n7252/pdf/nature08121.pdf

http://spectrum.ieee.org/computing/software/cryptographers-take-on-quantum-computers