Re: Remailer passphrases

[frantz@netcom.com (Bill Frantz)]

At  5:43 AM 3/12/96 -0500, Gary Howland wrote:
>On Mon, 11 Mar 1996, Gary Howland wrote:
>> root access to the system, something like "strings /dev/kmem" could narrow
>> the search for the passphrase down significantly.  Of course one could
>> obfuscate the passphrase by XOR'ing it with 0x80, but that's only security
>> through obscrurity.
>
>Sure, _if_ they were able to gain root access without rebooting the machine,
>but the usual scenario is that the filth turn up with black bin liners, not
>men from the NSA.

The bottom line of all cryptography is that there is something that must be
kept secret.  Since it must be kept secret, there is always a significant
level of paranoia about the means to keep the secret.  For example, one
could imagine an attacker attaching a logic analyzer to the CPU chip,
unloading the on-chip caches and then rummaging thru the system memory for
the secret.

One of the reasons classical (government) crypto users change keys
frequently is to minimize the amount of data compromised by a broken key. 
We keep hearing about NSA decrypting 20 year old cyphertext and showing
more of the workings of the atomic spy rings operating in the 40s and 50s. 
If an opponent can rubber hose the key, her job is easy.  If she has to
perform cryptoanalysis, it is much harder.  Remailers should regularly
change their keys to avoid compromising previously recorded traffic.  (They
can have a long lived key for signing their traffic keys.)

Regards - Bill


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA