Why "carnivore" type systems can't be (entirely) open source

Brian Gladman Brian Gladman" <brg at gladman.plus.com
Sat, 3 Feb 2001 23:49:40 -0000 

From: "Owen Lewis" <oml@eloka.demon.co.uk>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Sunday, January 28, 2001 6:51 PM
Subject: Re: Why "carnivore" type systems can't be (entirely) open source

[snip]
> > ...STO in this case was being used to
> > protect a deliberate 'designed in' insecurity.  It is hence a very good
> > example of a typical use of STO.
>
> Thank you. I agree that it is a typical use. Whether there are deliberate
> design insecurity does not, in this context, matter. The security afforded
> was sufficient (or very nearly so) for the purposes in hand. It seems
> reasonable to suppose that the nations that contributed to the design of
GSM
> would have made a forecast of the probable secure life and were fairly
> accurate in doing so.

You surely mean insecure life since it was never secure to start with.

If I read your position correctly you claim that this is an example of STO
use to achieve security because, by protecting a known design weakness, the
useful life of the product was extended.  On the other hand I claim that it
had no useful life to start with and hence that this is an example of the
use of STO to hide design insecurity and hence to 'con' users into trusting
an algorithm that was untrustworthy from the very outset.

These are pretty well opposite interpretations of the same facts so I guess
we have to allow others on the list to judge for themselves whether STO in
this case promoted security or insecurity.

Where community (a) deploys cryptography to 'protect' information owned by
community (b) and (a) hides the design used from (b) you can be almost
certain that (a) is conning (b) and is peddling insecurity rather than
security.

> > I don't think that anyone disputes the value of STO in hiding design
> > insecurity and this is precisely why it is a completely discredited
> approach
> > when the objective is the exact opposite.
>
> Do you say that that governments with the capability to design their own
> ciphers and all of whom invariably do not make 'open source' the
algorithms
> of such are simply covering deliberate design insecurity? Somehow, I doubt
> that you would argue so but, unless you find that you can do so cogently,
> then your point must fall.

You are making the assumption here that there are only two possible reasons
for this secrecy and concluding that if it is not one of them it must be the
other.  Not so.

I might also add that you are wrong in claiming that governments invariably
do not publish their own algorithms. For example, the US government has
openly published the Skipjack and KEA algorithms that are widely used by the
US DoD to protect medium grade classified information.

> > Anyone who argues that security is enhanced when STO is used to protect
> > the 'security' available from deliberately broken cipher algorithms is
> > logically correct (in limited circumstances)
>
> The plain fact is that where honest men do their best to produce a secure
> crypto design and test it as such against the finest parameters they know,
> they can never be sure that there is neither someone smarter out there or
> that there will not be some theoretical development that will limit the
> secure life of their best efforts.

And dishonest men sell broken ones with known weaknesses that are hidden by
STO.

   Brian