Mark Kent <mark.kent@xxxxxxxxxxx> writes:
> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
>> ____/ Mark Kent on Thursday 24 January 2008 17:38 : \____
>>
>>> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
>>>> New $2B Dutch Transport Card is Insecure
>>>>
>>>> ,----[ Quote ]
>>>>| Kerckhoffs?s Principle, one of the bedrock maxims of cryptography, says
>>>>| that security should never rely on keeping an algorithm secret. It?s okay
>>>>| to have a secret key, if the key is randomly chosen and can be changed when
>>>>| needed, but you should never bank on an algorithm remaining secret.
>>>>|
>>>>| Unfortunately the designers of Mifare Classic did not follow this
>>>>| principle. Instead, they chose to combine a secret algorithm with a
>>>>| relatively short 48-bit key. This is a problem because once you know the
>>>>| algorithm it?s possible for an attacker to search the entire 48-bit key
>>>>| space, and therefore to forge cards, in a matter or days or weeks.
>>>>|
>>>>| [...]
>>>>|
>>>>| Now the Dutch authorities have a mess on their hands. About $2 billion have
>>>>| been invested in this project, but serious fraud seems likely if it is
>>>>| deployed as designed. This kind of disaster would have been more likely had
>>>>| the design process been more open. Secrecy was not only an engineering
>>>>| mistake (violating Kerckhoffs?s Principle) but also a policy mistake, as it
>>>>| allowed the project to get so far along before independent analysts had a
>>>>| chance to critique it. A more open process, like the one the U.S.
>>>>| government used in choosing the Advanced Encryption Standard (AES) would
>>>>| have been safer. Governments seem to have a hard time understanding that
>>>>| openness can make you more secure.
>>>> `----
>>>>
>>>> http://www.freedom-to-tinker.com/?p=1250
>>>>
>>>
>>> It's taken me a *very* long time to understand what goes wrong in the
>>> thinking of non-technical people in this security space, but I've cracked
>>> it, at least in my own mind, anyway. The problem is that few people
>>> comprehend the difference between "secure" and "secret" at least when
>>> it comes to technology.
>>>
>>> * Most people can understand that a bank is safe because it is secure, not
>>> because it's a secret.
>>>
>>> * Most people can understand that a secret, once "out", is, well, no
>>> longer secret.
>>>
>>> * Security, for the bank, is addressed through buildings, equipment, and
>>> processes.
>>>
>>> * Secrecy, on the other hand, only has one possible route. As the "wise
>>> woman" in Black Adder said, the only way you could keep something secret
>>> from the world is to kill everyone in the world.
>>>
>>> * Security, however, assumes that everyone already knows what and where
>>> the target is.
>>>
>>> Most people would see the above remarks as being pretty-much self-evident,
>>> or common-sense, or some other version of "but I already knew that".
>>> However, when you apply the same thinking to the example above, they
>>> fall apart, because whilst they can understand, broadly, how a lock or a
>>> safe works, even how bars on windows and burglar alarms work, they
>>> *cannot* grasp that a weak algorithm is like a poor lock.
>>>
>>> Keeping the key pattern a "secret" is no protection if the lock is poor,
>>> again, most people will understand that, but what they lack is the
>>> comparison between algorithm=lock and key=key.
>>>
>>> Naturally, if you give away your key, you will negate the effect of the
>>> algorithm, unless, as in any lock, you *change* the key.
>>>
>>> Hmm, I think I might write a beginner's paper on this.
>>
>> Do another article for linux.com. They'll accept it, I'm sure.
>>
>
> A good suggestion, I think I will. This is a fantastic simplification
> of the problem, I think.
You would think that. In my opinion it is a fantastic complication of a
problem you yourself seem to have fabricated. You're an egotistical wind
bag and I suspect any article by you would send a viagra to sleep.
|
|
