[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BEWARE of SnakeOil (tm)



SNAKEOIL ALERT:
Cc: [email protected]

On Mon, 31 Aug 1998 18:37:35 -0600, Cdn-Firearms Digest wrote:

>Date: Mon, 31 Aug 1998 15:30:34 -0600
>From: Lee Scroggins <[email protected]>
>Subject: New/easy to use strong file encryption fyi
>
>For anyone interested in easy to use strong file encryption, or just
>afraid that your gun related data/Emails may be too tempting for the
>officials, the following article points to an interesting site
>(http://www.filesafety.com).

Maybe his product is valid, but, after having read the the Cypherpunks mailing list for 
years, here are my conclusions:
 
- beware of any product that has not been *extensively* peer-reviewed, with *all* the 
source code made public.  Security breaches are *very* easy to overlook and no software 
should *ever* be used unless it was peer-reviewed.

- the fact that a software uses a specific encryption technique that is described in 
well known books and that this technique is usually recognized as secure by the 
cryptanalysis community doesn't mean that the *specific* software implementation of it 
is truly secure.  Thus, the need not only to peer-review the specific encryption 
technique but *also* and *especially* the precise coding implementation. 

[from their web page] "CryptView will allow you to validate algorithms and examine the 
internals of SecureOffice files. You can see the inside of the cryptography box. 
CryptView allows you to examine file formats and come to your own conclusions about the 
Security of SecureOffice. "

- the fact an encrypted output doesn't look comprehensible to *you* or to a software 
engineer doesn't mean that a cryptanalyst cannot crack it within minutes...  It is a 
*very* complicated science indeed.  If you are not a PhD in cryptanalysis with years of 
experience in software security, you can't know.  One of the NSA top cryptanalyst once 
said that before you spent at least fifteen years of your life cracking codes, you have 
no idea of how to devise a truly secure one.

> Please note that the US govt seems to be having a hissy fit about it
> (you might want to look while it still exists).

They try pursue anybody who violates ITAR in a public way.  If I were to walk with a 
PGP diskette across the border outside Cana-USA, I would be liable under ITAR even if I 
never wrote a line of software in my life.

> Individuals can be charged with violating federal restrictions on the
> export of encryption software, but the government also appears to be 
> worried that Booher has simply made it to easy to use extremely secure
> encryption--with or without export.

Yes, in USA, and it applies to Canada too, encryption software is considered the same 
as missiles for export purposes (category: ammunition).  It is regulated by ITAR, just 
like guns.  But this text borders on being glib.

PGP caused a lot of trouble to his author too, but PGP has been *very extensively* peer 
reviewed.  At least, AFAIK, V2.6.2.  The newer version of PGP uses *several* encryption 
techniques, among which you have to choose.

> The subpoena Booher received also ordered him to bring to the courthouse the
> source code for his product, suggesting the government wants to reverse
> engineer it.

Absolute BS!  The security is afforded by the specific cryptography mathematics that 
are themselves *extensively* well known, peer reviewed and, in the case of 3DES (DES), 
*invented* in government labs!  The other technique, RSA, is used in PGP and the patent 
will expire in a few years.

> Booher intends to patent his source code and says he does not plan to
> hand it  over to anyone.

Un-peer-reviewed code has an excedingly high probability of being snakeoil, especially 
if it is marketed before being reviewed...

A false feeling of security is much more dangerous than no security at all.

All the govts have vested interest in disseminating pseudo-strong cryptography.  This 
statement is not paranoia, it is recent and regularly recurring history.

I find the information in the web page way too incomplete and, to the limit, 
misleading. Personnally, I prefer to stick to PGP.  Version 5.x is *easy* to use.

I do get tired of seeing posts like that around...
One of theses days, I will write a FAQ on encryption for the layman...
If ever I find that this software is appropriate, I will say so on the CFD.
I do not own any interests, direct or indirect, in PGP.

Ciao

jfa

Security is not afforded by a few tools, it is a state of mind.