Big Brother Awards
quintessenz search  /  subscribe  /  upload  /  contact  
/q/depesche *
RSS-Feed Depeschen RSS
Hosted by NESSUS
<<   ^   >>
Date: 1999-07-19

Crypto/hacking als schoene Kunst betrachtet

-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

Bruce Schneier über elegante und weniger elegante
Verfahren, Verschlüsselungs/programme seitwärts zu

-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

What is "crypto-hacking"? As the first person to use the
term, I get to define it. Crypto-hacking is hacking the
mathematics of cryptography; it's forcing cryptography to do
something new, something different, something unexpected.
It's pushing the boundaries of cryptography. And it's been
happening regularly over the past several years:

Using information about timing, power consumption, and
radiation of a device when it executes a cryptographic
algorithm, crypto-hackers have been able to break smart
cards and other "secure" tokens. These are called "side-
channel attacks."

By forcing faults during operation, crypto-hackers have been
able to break even more smart cards. This is called "failure

In a beautiful display of crypto-hacking, one researcher was
able to break RSA when used in the PKCS format. The
break didn't break RSA, but the way it was used. Just think
of the beauty: we don't know how to factor num
bers and we don't know how to break RSA. But if you use RSA in a certain way, which happens to be a pretty common way, than it is possible in some systems to break the security of RSA...without breaking RSA.

Crypto-hackers have analyzed many systems by breaking the random number generators used to supply cryptographic keys. The cryptographic algorithms might be secure, but the key-generation procedures were not. Again, thin
k of the beauty: the algorithm is secure, but the method to produce keys for the algorithm has a weakness, which means that there aren't as many possible keys as there should be.

Researchers have broken cryptographic systems by looking at the way different keys are related to each other. Each key might be secure, but the combination of several related keys can be enough to cryptanalyze the system

The common thread through all of these exploits is that they've all pushed the envelope of what constitutes cryptanalysis. Before side-channel attacks, cryptographers never thought about using information other than the
plaintext and the ciphertext to attack algorithms. After the first paper, researchers began to look at different side channels, invasive side channels, attacks based on introducing transient and permanent faults, etc. Su
ddenly there was a whole new way to do cryptanalysis.

Crypto-hacking = cheating.

Several years ago I was talking with an NSA employee about a particular exploit. He told the story about how a system was broken; it was a sneaky attack, one that I didn't think should even count. "That's cheating," I s
aid. He looked at me as if I'd just arrived from Neptune.

Cheating is one of the basic tenets of security engineering. Conventional engineering is about making things work. It's the genesis of the term "hack," as in "he worked all night and hacked the code together." The code
works; it doesn't matter what it looks like. Security is different; it's about making sure things don't NOT work. It's making sure security isn't broken, even in the presence of a malicious adversary who does everything
in his power to make sure that things don't work in the worst possible way at the worst possible times. A good attack is one that the engineers never even thought about. Good attackers cheat.

And the future of crypto-hacking is the future of cheating. Clever people will continue to invent new ways to attack the mathematics of cryptography.

Like any kind of hacking, hacking cryptography requires a specific set of skills. The most important cryptographic skill is advanced mathematics; you can't analyze cryptographic systems without it. You can't cheat witho
ut it. You can break systems that use cryptography by going around the cryptography, but that's not crypto-hacking. Crypto-hacking means hacking the cryptography, which means advanced mathematics. And this explains why
you don't see many crypto-hackers wandering around: the mathematics is hard.

Most of the crypto-hacking we've seen comes not from disenfranchised outsiders, but from fringe insiders: graduate students, and some academic and corporate researchers. I can't think of one crypto-hacking exploit by som
eone with a "handle." In fact, most of the crypto-hackers get
an amazing amount of positive publicity from their exploits:
newspaper articles, academic papers, accolades. There isn't
much underground crypto-hacking going on.

There are some crypto-hacking tools, but not many. There
are programs that take advantage of poor passwords in UNIX
and NT, or poor passphrases in PGP, to break the
encryption. There's a program that tries to break PKZip
encryption, again based on poor password choice. But there
aren't any real tools that allow for serious crypto-hacking,
simply because too much mathematical expertise would be
required to use them.

I don't see this changing in the future. Cryptography will
continue to be a science of mathematics, and crypto-hacking
will necessarily be exactly the same. There will be all sorts
of cool crypto-hacking exploits, but it's not going to become
a mass-market avocation.


-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by Harkank
published on: 1999-07-19
comments to
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<   ^   >>
Druck mich


Eintritt zur Gala
sichern ...

25. Oktober 2023
Big Brother Awards Austria
q/Talk 1.Juli: The Danger of Software Users Don't Control
Dr.h.c. Richard Stallman live in Wien, dem Begründer der GPL und des Free-Software-Movements
bits4free 14.Juli 2011: OpenStreetMap Erfinder Steve Coast live in Wien
Wie OpenStreetMaps die Welt abbildet und was ein erfolgreiches Crowdsourcing Projekt ausmacht.