Monday, November 21, 2011

Hackable Everything - Part II

Last week, I titled my blog post "Hackable Everything" and stated that everything is potentially hackable.  Some people asked me if perhaps I was being a bit melodramatic.  Just because there have been some recent news about security flaws, does that really mean that everything is vulnerable?

An interesting question.

First of all, let me point out that encryption algorithms today are actually very good.  There was a time when government agencies such as the NSA could apply massive computing power to break widely used encryption (typically 56 bit DES).  During the 1990s, as the Internet grew in popularity and interest in encryption became more widespread, the government tried to figure out how to keep their ability to decipher electronic communications.  The Clinton administration famously (or infamously) tried to mandate the use of the Clipper chip, which would provide encryption, but also provide backdoor access to government agencies.

They failed.  Today, we routinely use encryption algorithms and keys which are beyond the capability of any known computer or collection of computers to break.

How sure are we of this?  Couldnt the NSA have some massive computer buried in a government bunker that blows away our estimates?

To grossly oversimplify things, let's note that for a well-designed, properly implemented encryption algorithm, the difficulty in breaking it is a function of the key size.  DES, once the most commonly used algorithm, used a 56 bit key.  Over time, computers grew in power to be able to defeat this using a brute force attack - that is, trying every possible combination until they found the key by pure luck.

How do you make a 56 bit key twice as hard to crack?  Double the key length to 112?  Nope.  You just have to add one bit to make it a 57 bit key.

As key sizes grow, the numbers grow so fast as to make your head spin.

An 8 bit key has 256 possibilities.  A child could crack this in minutes using pen and paper.
A 16 bit key has 65536 possibilities.  A pretty big number, but you can probably visualize it if you try.
A 32 bit key has 4.3 Billion possibilities.  This is roughly the number of seconds in 136 years.
A 64 bit key has 18.4 Quintillion possibilities.  This is roughly 468 million times greater than Warren Buffets fortune.
A 128 bit key has 340 Undecillion possibilities.  This is roughly 340 trillion times greater than the estimated number of stars in the Universe.

128 bits is pretty much the minimum key length used in symmetric encryption these days.  In 2008, 56 bit DES was demonstrated to be crackable within a day.  Assuming we could get this down to a second, cracking a 128 bit key would still take 149 trillion years.  Im comfortable that the NSA doesnt have a computer 149 trillion times more powerful than the state of the art, which could crack this in a year.  Bump the key size up to 256 or 512 bits just for fun, and you cant even come up with metaphors to express the difficulty.  You can knock this down significantly by extrapolating Moore's law will continue developing more and more powerful hardware over the next several decades, but assuming you're not trying to keep data secure for a century, you're good.

So why then do I say that anything can be hacked?

First of all, note the requirement that algorithms be well designed and properly implemented.  The problem is, you never know whether this is the case, except in hindsight.  WEP was once considered to be unbreakable wireless security.  Then it was noticed that the very powerful algorithms it uses were implemented in a sloppy fashion, making it easy to step right around them.  Today, a script kiddy with minimal technical knowledge can download free programs to break WEP using a standard laptop.

OK, thats a challenge, but with care and lots of testing, you can implement a pretty solid encryption algorithm with a high degree of confidence.  We have a number of algorithms and products that have been closely scrutinized by thousands of people.  Theyre probably pretty good.

The second challenge, however, is more difficult to solve.  All security is built upon trusting something.  (Ask yourself how secure an encrypted transaction with Bernie Madoff would have been.)  Anything you have to trust is a potentially vulnerable point in your security infrastructure.

For example, most security on the Internet depends on "Certificates", which enable a person to unambiguously assert their identity, encrypt their data, and make sure any messages they send can be tied accurately back to themselves.  Certificates are the foundation upon which most everything else is based.  Having your certificate be compromised is like opening the back door to the castle - it simply doesn't matter how thick your walls are, or how deep your moat is, if people can enter freely.  Recently, a number of Certificate Authorities have been hacked, including Diginotar and KPN.  Once the Certificate Authority is breached, some Certificates (perhaps all) issued by that Authority are no longer secure.

Here's the scary part: check your browser, and see how many Certificate Authorities it considers to be "trusted".  The answer is close to 600.

600 companies, any of which might have a weak password, or a poorly implemented algorithm, or a single open port on a server, or a pissed-off employee who didn't get the raise they really thought they deserved.  Every one of which your browser is trusting 100% to keep you secure.  Do you have the detailed technical and organizational knowledge to know if this trust is justified?  Have you even heard of Izenpe S.A. (which I just found in my Certificate list in Firefox)?  Diginotar didn't tell anybody about their breach for many months.  Would you know if others have already been breached?

Are you feeling safe now?

The third point is even more difficult to come to terms with: data leaks.  No matter how secure the transmission is, it doesn't matter if somebody can read your data before it's encrypted at the end points.  Who cares if you use 1024 bit encryption if there's a keystroke logger installed on your machine which captures everything you do before it can be encrypted?
Or maybe they don't even need a keystroke logger.  Try sitting in a room where somebody else is typing.  Close your eyes, and listen to the sound of their keystrokes.  Do you notice how they don't all sound quite the same?  (If you're not convinced, ask them to touch type for a few minutes, then hit the same key over and over again with one finger.)  Depending on the location in the keyboard, each key strike has a slightly different pitch and timbre.  Researchers at Georgia Tech recently demonstrated how the accelerometer in an iPhone 4 could determine what was being typed on a nearby keyboard with 80% accuracy.  This was considered a much more interesting demonstration than simply using the microphone, because the accelerometer is much less secure you usually get notified when the microphone is turned on.  How is  encryption going to save you from that?

Now granted, this iPhone exploit is not easily replicable - they needed the phone to be perfectly positioned, on the right type of table, and all sorts of other controllable factors.  But technology always gets better, and more pervasive.  How long before an iPhone can do the same type of detection from 10 feet away?  How long before somebody figures out how to do it using a laser microphone against your window from 300 feet away?  How long before the current proliferation of cameras and microphones in consumer, industrial and municipal devices means that you're always within range of some camera, somewhere?

When any one of them can potentially be hacked, how will you ever know that anything you say or type won't be monitored?

This all sounds like the stuff of spy movies.  You're probably thinking, "Sure, this could happen in theory.  But who's going to take the time and effort to go after me?"  That's probably true.  Until technology makes it so simple to do that your neighbor's kids can buy the necessary gear for less than $10.  Counterfeiting money was once the exclusive domain of organized crime.  Then we had a new generation of printers and copiers which could churn out perfect copies of dollar bills.  You'll notice our currency has gone through some significant redesigns in the last twenty years, adding many new security measures.  This wasn't to stop organized crime.  This was to stop the average consumer for whom temptation had become just a little too hard to resist.

This is the point where I'm supposed to editorialize, and point out that only with immediate action right now can we avoid calamity.  But I don't have any answers on this one.  If you do, I'd be interested to hear about it.  But first, find a venture capitalist and start a company to implement it, because security concerns are going to be one of the hottest topics of the twenty first century.

No comments:

Post a Comment