Germany Frees Crypto

Michael Bacon streaky_Bacon at email.msn.com
Mon, 7 Jun 1999 11:26:25 +0100 

On Sunday, June 06, 1999 7:30 PM, Brian Gladman 
[SMTP:gladman@seven77.demon.co.uk] wrote:
> From: John Young <jya@pipeline.com>
> To: <ukcrypto@maillist.ox.ac.uk>
> Sent: 03 June 1999 18:58
> Subject: Re: Germany Frees Crypto
>
> [snip]
> > As someone working on an Echelon story asked elsewhere, just what
> > strength of crypto can NSA crack these days.
> >
>
> In my view this question has to be posed and answered carefully.  The
> reality is that most crypto cracks are not done by breaking the 
algorithms
> but by exploiting weaknesses in their implementation.  It fairly clear 
that
> we are already using algorithms that would be way beyond NSA's ability to
> break by brute force if they were implemented perfectly and operated in a
> perfect environment.
[snip -MB]
> ... Governments
> have learnt from a lot of practical experience how easy it is to 
undermine
> algorithm security during implementation. The open world still has to 
learn
> much of this.

>From practical experience implementing crypto systems world-wide in the 
late 80s I fully agree with Brian's comment on the situation in the 'open 
world'.  My experience was that:

a) the design of many algorithms was such that they did not deliver the 
strength suggested by the key space available;

b) their implementation in hardware (or software) did not always match the 
design - eg. a message encrypted using the supplier's model of the 
algorithm would not decrypt using the product (and v.v.);

c) mechanisms for the automatic generation of keys did not check for 'weak 
keys';

d) the key management systems were relatively simple to compromise (even 
accidentally);

e) implementation of the key management processes (by the users) was 
generally badly flawed (or quickly deteriorated) so as to expose old, 
current or new keys to simple examination.  In a large commercial 
organisation I saw one 'secure modem' rack with the current keys (a) all 
the same, and (b) written on a 'yellow sticky' on the rack!

> The open world still has to learn much of this.
> I believe that this will happen at a rapidly increasing rate
> so I don't think this advantage will last much more than a few more years
> but it is there now and it means that key length just gives an unlikely
> upper limit on the security that applications offer.

Here I disagree with Brian.  My experience is that companies tolerate 
security but don't appreciate it's value.  Recently a major industrial name 
enquired of me about implementing e-mail security world-wide.  On 
investigation I found that the same message would be sent by a number of 
different electronic media (e-mail, fax, telex, even telephone).  They 
 were only interested in securing e-mail and wanted to use encryption,  I 
explained that replicating and sending the message in clear by other means 
in addition to e-mail made a nonsense of their case for encrypted e-mail 
and also compromised the security offered by the cyrpto system for 
non-replicated messages.  Their reaction was one of disbelief and 'complete 
ignoral'.  I pointed out that in many of their offices a single telephone 
line would carry e-mail (dial-up) telephone and fax and that it was trivial 
to tap telephones.  This too was met with bland incredulity.

Not too long ago in a South American country the MD of the operating 
compamy of a 'household name' insisted on installing a digitally encrypted 
telephone for his exclusive use.  Of course, he wanted it in his office and 
was oblivious to the fact that it, and his conversations, would be 
compromised by 'bugging' his office (we took a large number of bugs out of 
his office during a sweep - and not just to prove our point!).  He's 
probably still using it, and thinking that it's 'secure'!

I don't think that the necessary improvement in procedures will be executed 
properly by everyone and properly maintained.  There are two ends (at 
least) to a crypto communication, both need to be rigourous in their 
approach to crypto.  In _big_ organisations (especially operating 
world-wide) that is close to impossible to achieve over any period after 
initial implementation and training - ask the auditors!

"You can tell all of the people all of the time, but only some of them will 
listen and only some of the time.  Fewer of them will obey even less of the 
time."