[clug] DIY cloud services?

[Paul Wayper]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 17/02/15 07:37, Alex Satrapa wrote:
> On 16 Feb 2015, at 10:19, George at Clug <Clug at goproject.info> wrote:
>> Data encryption is a deterrent to accessing your data, it does not mean
>> that the data cannot be accessed.
> 
> Two ways that the NSA can break your encryption without resorting to
> super-computer equivalents of the Bletchley Park Bombes:
> 
> 1) The “rubber-hose” workaround (i.e.: physically abuse you until you
> cough up the code) http://xkcd.com/538/
> 
> 2) Compromise the computation path of the encryption, everything from
> proposing dodgy encryption standards through to “influencing” processor
> design. One example discussed was persuading a chip fabricator to
> fabricate the exact design required but to “accidentally” leave certain
> transistors poorly doped. This would ensure that the “random” numbers
> generated by the chip looked random to casual observers, but anyone who
> knew the secret could reduce the entropy of the generated numbers by a
> few orders of magnitude (i.e.: the numbers follow a more-easily-guessable
> pattern).

You forgot

3) Legally have the right to force you to render up encryption keys by
requiring your data as evidence in a criminal investigation.

Though if you've done nothing wrong and you're not storing information about
criminal proceedings, then that's not a problem is it?

Number 2 is why I believe the kernel doesn't trust the hardware random
number generator but uses it as a source of random bits that is
cryptographically mixed with other random data.

The general point is sound: for most people, putting encrypted blobs of data
on remote servers is a perfectly good defence.  It doesn't even matter if
the data is not encrypted in transit - as long as the keys are secure, the
data is safe from being read while on the remote server.

It's worth watching Peter Gutmann's talk from LCA - "Crypto Won't Save You
Either":

https://www.youtube.com/watch?v=_ahcUuNO4so

The point being that most cryptographic algorithms are actually so good at
protecting your data that it's much easier to attack the endpoints of the
encryption, where the data is in plain text, than trying to break the
crypto.  In this I include rubber hose cryptanalysis - it's not worth the
NSA's while finding where you are, visiting you in the night and beating you
up for your backup keys unless you're so high on their wanted list that the
operational cost is worth it and you're so secure that every other method of
attacking you has failed.

Besides, the NSA wouldn't do that - they'd contract it to the CIA.

So encrypt your backups if you care about someone else reading them.  Or
have a storage place that you trust (for me, my brother's home server) and
encryption on the transfer (ssh does nicely) so that the data doesn't mean
anything in transit.

Have fun,

Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlTjAc8ACgkQu7W0U8VsXYKAeACdFTaYpzfDdAQ20VW1085Ritfb
tYAAn20wNC1+XVrCnSHo097aHcYyP3w+
=mLhl
-----END PGP SIGNATURE-----