The economics of Cryto security

From: charlie strauss <cems_at_earthlink_dot_net>
Date: Fri Apr 13 2007 - 13:03:00 CDT

Science magazine has a scholarly article discussing the woeful state of Information Security.

http://www.sciencemag.org/cgi/content/full/314/5799/610

The thesis of their article aligns with one of the many reasons I oppose entirely Basing (as opposed to merely augmenting) voting system on cryptographic security. Basically even if it were foolproof when implement right, such an implementation will never occur simply because the people responsible for Security are not the ones harmed by it's penetration nor are they legally liable.

People charged with implementing security are more interested in selling you the belief it is secure than the actual security. To drill this home here's a roundup of the news in this area from JUST THE LAST 24 HOURS.

The secure passwrod protected "self-destructing" memory stick preferred by EU govenrments turns out to not be secure at all, requiring no password:
http://tweakers.net/reviews/683
turns out 1) the password validation is done by software running on the PC not the stick 2) there is no physcial self destruction of the data.

The basic concept used by Fidelity, Bank Of America, pentagoncredit union, and Yahoo's On-line banking credential system to prove to the user that they are looking at a bonified site (and not a phisher) has been show to be easily spoofed.
http://paranoia.dubfire.net/2007/04/deceit-augmented-man-in-middle-attack.html

Now one can also point to examples, where nominally people vested interest in security ought to be present and they still don't do the due dilligence to assure they are buying secure systems. This is relevant to voting since for example, because neither the clerks nor the vendors are creating the security protocols--they licesnse these.

 the Department Of Defense has a persistent cyber security problem
http://www.washingtonpost.com/wp-dyn/content/article/2007/04/12/AR2007041201010.html

And latest HDDVD protection system which was cracked day one. Since they had literally billions of dollars piracy they wanted to deter, it seems like the Movie studios had a vested interest in seeing that the format was slightly more robust. It took longer than that to crack the previous DVD CSS system. Last week the DVD folks announced the previous crack had been plugged by revoking the cracked encrytption key in future movie releases.. This week someone cracked it again, using the same approach as the previous time. And just for spite the people that cracked it, used the key found in the Xbox, making it diabolically hard for the HDDVD folks to revoke the Xbox keys. (risk the wrath of millions of xbox owners insufficiently tech-savvy to update their xboxes to a new key).
http://forum.doom9.org/showthread.php?t=124294

Toss onto this old revelations that
1) the basic hardware encrytption chip used in all ATMS is crackable and your PIN is actually written on magstripe of the debit.
2) if that were not enough, a surprisingly high number of buyers of ATMS never change the default password for total access to the machine.

And it seems that it's best not to base security on crypto if your method requires that the implementors don't feel the pain of it being cracked. On the other hand a little splash of crypto on top of a robust system is probably not a bad thing if it can be done transparently and without complicating the operation.

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Mon Apr 30 23:17:07 2007

This archive was generated by hypermail 2.1.8 : Mon Apr 30 2007 - 23:17:16 CDT