Re: SECURITY: Logistics of paranoia.

Harvey Newstrom (harv@gate.net)
Fri, 05 Jun 1998 13:15:24 -0400


Alex Future Bokov wrote:
>
> Let's say James Bond and Austin Powers want to correspond about
> secret stuff. Obviously, they would exchange keys signed by trusted
> parties and go at it. However, what if there are no trusted parties, and a
> face to face meeting is too risky/expensive? They could each create a new
> key-pair not associated with their normal identities and correspond
> through two-way anonymous remailers, thus neither knowing whom they're
> talking to but at least knowing it's the same entity each time. If one of
> them is captured or subverted, they still won't be able to give away the
> identity of the other. Can anyone see any vulnerabilities in this plan
> whatsoever?

No special vulnerabilities specific to this method. However, no method is
foolproof. Let me point out the obvious problems with using this method in the
real world.

1. The participants don't know who their talking to, so you can't contact a
specific individual. The unknown individual could be the enemy you are trying
to hide messages from.

2. This is only as secure as the anonymous remailer. All people with access
to that machine could trace the messages to a real e-mail address. If someone
hacks into that machine, they can do the same. If a government pressures the
owner, they may provide the information to the government.

3. This is only secure as the key exchange. If you never meet the person, and
you never exchange keys in a secure medium, then the key exchange can be
spoofed. Say you contact me as an anonymous person. Instead of replying to
you, I can reencrypt it and send it to a third party as if it came from you. I
get their response, reencrypt it back to you. You and the third party think
you have met and are having a secure conversation as you described above.
Neither of would know that I am reading all of your encrypted messages back and
forth.

4. The internet is not secure. Even with anonymous remailers and encryption,
I might be able to detect clues about who is talking to whom. For example, the
timing and scheduling of your messages to the remailer might let me detect
similar sized and schedule messages from the remailer to your target. If you
are the only person to send three 100K e-mails today to the remailer, and then
I see another person receive three 10K e-mails from the remailer later that
night, then I can figure out who your anonymous e-mail is really going to. I
don't need to hack the remailer or either of your computers. I only need to
monitor Internet traffic.

5. PGP keys are only as secure as your machine and your passphrase.
Encryption keys are typically stored in computer hardware. If someone can hack
into your machine, or if they take physical possession of your machine, then
they have your decryption key. If somebody can break down your door and take
your PC, then they can take your decryption key. If somebody can hack through
your Browser to see your hard disk, then they can take your decryption key.

6. Encryption does not prevent decoding, it only slows it down. Faster
computers may be able to crack it. New methods are being invented all the
time. Remember that most "uncrackable" codes are later cracked with new
technology or methods. Just because it seems uncrackable to you, or seems
uncrackable now, doesn't mean that it will remain uncrackable indefinitely.

Sorry if these are obvious points. Any security specialist will respond with
methods to counter these. Don't use the Internet, have your PC self destruct
if physically moved, don't trust anonymous remailers, don't store your key on
your computer, etc. If you aren't this paranoid, then the method you describe
is not as foolproof as it may seem, due to other methods not directly related
to cracking the encryption.

--
Harvey Newstrom  <mailto:harv@gate.net>  <http://www.gate.net/~harv>
...author of the "ultimate nutrient reference book" --American Libraries