The View From Here: Your Word Is Your Bond

  Locations of visitors to this page
be notified of website changes? subscribe
Sirius logo

 

Sirius News home

'net resources

on island travel

on cryptography

the PowerPC chip

PGPFone

on writing bug reports

'net resources II

useful Mac apps

on ThePalace

time on Macs

Macs <-> pagers!

a web-rendering engine

Newtons for Technomads

on obsolescense

a popourri

a digital hub

extending Frontier

the Apple soap opera

Java for poets

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

The View From Here: Your Word Is Your Bond

November 1995

This column aims to give you the practical basics for understanding, obtaining, and using cryptographic software to protect documents on your computer and email while in transit to another person.

Most likely you're using your computer - and your connection to networks - more and more for communicating with others. One would hope that not all of this traffic is trivial, unimportant, insignificant. Do you ever say anything that matters? I mean really matters?

Do you send employee evaluations, business strategems, sensitive data, or anything else you would rather not have your co-workers or competitors know before you're ready? Catty electronic mail (email)? Do you send notes of a personal nature to others? Romance? Self-help?

What about documents on your office and home computers? Anything you would prefer a snooping employee not read while you're out for a three-martini lunch? Anything you're not ready to have your significant other or offspring read?

  • Recipient verification - only the intended recipient can read the email

Encryption - properly used - provides a way for you to control who sees your documents while the documents are on your computer. It also provides a way for you to control who can read your email (but not what they do with it once they decrypt it and read it). It also protects your email should it be perused in transit by a bored (or ill-intentioned) person in between you and the intended recipient, or should it bounce to a third-party postmaster (if you provide a bad email address, or a system is down, or some other unforeseen pothole on the net). If you have something you don't want to fall into the public domain, it's your responsibility to protect it.

Hiding the contents of email from the prying eyes of others is only one part of what we value in communications (such as when we spend money certifying or registering a letter through the postal services).

  • Authentication of contents - the contents are unchanged during delivery

  • Sender verification - only the sender could have sent the message

  • Ease of communication - you can send certified or registered (that is, protected) postal mail to anyone with a street address

One solution for all

Each of the goals I've mentioned can be reached with the use of some rather simple mathematics (which you won't have to learn) and some rather elementary properties of prime numbers. Boiled down to one sentence, it's easy to multiply prime numbers, but a royal pain the the processor to factor them out of the product. Modern practical cryptography relies on this. "Asymmetric public key cryptography" provides us with

  • digital signatures, which identify the message sender and prove the document contents are unchanged

  • encryption, to effectively hide document contents from prying eyes

  • a nifty way to initiate secure communications with someone without having beforehand exchanged some secret key.

This last point is particularly important in an increasingly networked world, where having to meet each person at least once beforehand would be somewhere between impractical and impossible.

Enough flapdoodle! Where's the goods?

Okay, okay. Here we go.

Protecting documents locally (site security)

Since the introduction of MacOS 8.0 CryptDisk has become a commercial product known as PGPdisk. CryptDisk will work on System 7. -- Michael (Autumn 1997)

Will Price's CryptDisk for Macintosh is all the program you'll ever need to protect the files on your computer. Once you've obtained CryptDisk, all you have to do is fire it up, make one (or more) encrypted folders, and put the files you want to protect in them. CryptDisk is so fast that you'll never notice it's there, except the first time you use that folder, when you'll have to provide a "pass-phrase".

Windows users have the DOS-level Secure File System, about which I'm not qualified to speak.

I use CryptDisk on my Macintosh PowerBook to store the folder hierarchy that "Eudora" (my email program) uses. Every message I send and receive is protected while on my machine. Since I take my PowerBook everywhere I go, from client to client and from country to country, I think it's prudent to protect my email.

Protecting documents in transit (communications security)

CryptDisk satisfies only one of my four goals. I use Philip Zimmermann's Pretty Good Privacy software, also known as "PGP". (You've probably heard of the "Zimmermann Legal Defense Fund".) PGP gives me digital signatures, in-transit encryption, and an easy way to start secure communications with anyone else who uses (or can be convinced to use) PGP.

Once you obtain "PGP", you'll have four steps to follow before you're to communicate privately.

  1. Generate a PGP key-pair. (Hint: choose at least a 1024-bit key to generate. Smaller sizes are not secure, larger sizes are slow to use.)

  2. Sign your own key.

  3. Get some PGP-using friends that know you personally to sign your key. These people are vouching for your identity, nothing else.

  4. Submit your PGP public key to a "PGP key server", from where you'll also be able to retrieve the keys of others. Your secret key you keep, well, secret.

You now enjoy security for documents on your computer and during email transmission. There's much more to the fascinating world of cryptographic than what I've had space to describe, including secure voice communications (with PGPFone) and public debates on the appropriateness of privacy (or the stricture against it) in a democratic society.

Notes and commentary

Just some things you should know to round out this column.

RTFM

In-depth documentation comes with each program; please read these files. You could stand to lose your data if you don't know how to operate cryptographic software.

PGP and Eudora work together

If you're a Eudora for Macintosh user, you'll probably want to get the "MacPGP Kit", a set of AppleScripts that seamlessly unite PGP and "Eudora".

Don't lose your pass-phrase

What some people don't understand about unbreakable security is that it's unbreakable. If you forget your pass-phrase, what you've encrypted is lost forever. Forever. It happened during a "coup in Trinidad" with tragic results.

Are you allowed to have privacy?

There is a war going on, and know it or not, you'll be affected by its outcome. The war is being waged by the United States government against your ability to keep a private diary or to communicate in privacy with others. They want to be able to read everything you've stored on your computer or sent to others. The war is over in France, Iran, and Iraq; their citizens no longer have those rights. (The French government, which spies on its own citizenry, also "monitors" foreign companies doing business in France and passes the information gleaned onto local companies, and has an economic as well as a security incentive to prevent private communications.)

Debate and legislative implementation has been going on for several years, and continues today. There is much information available to you from my web pages, Wired magazine, the Cypherpunk archives, Computer Professionals for Social Responsibilty, and the Electronic Frontier Foundation.

Algorithms for keeping secrets aren't themselves secret

It's interesting to note that the methods of encryption, RSA and IDEA, do not need to be hidden. The strength of these algorithms do not come from being secret, but rather on the properties of prime numbers and intense peer scrutiny of the source code for defects and weaknesses. Never, never, never, never trust a proprietary (secret) algorithm. They're worthless for these reasons:

  1. Source code never remains secret from someone who really wants it. If there ever really was an effective encryption algorithm that depended upon the method of encryption being secret, this would already be enough to not use it.

  2. The result of encryption has in it patterns that will lead an expert cryptographer to break it. Quickly. Really.

  3. That's if there isn't even an easier way to break it. Philip Zimmermann, in the documentation that accompanies PGP, tells of inventing a "secure" encryption identical to one presented in an introductory cryptography course as a trivial system to break. Trust only what's survived a prolonged attack by the cryptography community.

Algorithms need to see the light of day, and to survive lengthy and concerted attacks. Both RSA and IDEA have survived them.

Everyone knows how to decrypt RSA and IDEA

There are known algorithms for factoring primes out of a product. They are a mix of brute force and eliminating unpromising avenues of attack before wasting time on those attacks. They will, eventually, factor that product. We make "eventually" longer that the expected lifetime of the universe by choosing a proper key-length. (In cryptography, size counts.) A 512-byte key, considered unbreakable in 1982, is questionable today. It's been replaced by a 1024-byte key. The paranoid among us use a 2048-byte key. (The trade-off is the increased amount of time your computer will spend on each message if it has to process a 2048-byte key than a shorter one. Only you know how secure you need your information to be.)

Everything I've written holds true for factoring algorithms known to the public. It is always possible that a cryptographer in the employ of the "National Security Agency" (or somewhere else) has discovered a much quicker way to factor products. If this is true, the protection provided by a key of a certain length drops. It is the common belief of the cryptographic community that this is not terribly likely, especially as civilian cryptographers are doing their best to find such a thing. The upshot of finding one would be that we'd need to increase the length of our keys.

It is also possible that a cryptographer will discover some fatal flaw in the mathematics of prime number cryptography, and IDEA and RSA (and the software that depends upon them) will become worthless. Other methods have fallen before the passage of time. If that happens, I'll have to write another column.

Michael 'Mickey' Sattler has been involved in the cryptographic community since around 1982 (check out My PGP Story), when he coded an implementation of RSA with the help of "R". He has just finished one book, entitled Internet TV with CU-SeeMe, and is working on another, about electronic communications and security. He's a beta-tester for cryptographic communications software that you'll be using in 1996.

previous previousnext next

Have you found errors nontrivial or marginal, factual, analytical and illogical, arithmetical, temporal, or even typographical? Please let me know; drop me email. Thanks!
 
What's New?  •  Search this Site  •  Website Map
Travel  •  Burning Man  •  San Francisco
Kilts! Kilts! Kilts!  •  Macintosh  •  Technology  •  CU-SeeMe
This page is copyrighted 1993-2008 by Lila, Isaac, Rose, and Mickey Sattler. All rights reserved.