[cryptography] Preserve us from poorly described/implemented crypto

Ian G iang at iang.org
Tue Jun 7 08:12:48 EDT 2011


On 6/06/11 11:57 AM, David G. Koontz wrote:
> On 5/06/11 6:26 PM, Peter Gutmann wrote:
>
>> That's the thing, you have to consider the threat model: If anyone's really
>> that desperately interested in watching your tweets about what your cat's
>> doing as you type them then there are far easier attack channels than going
>> through the crypto.
>
>
>> It's a consumer-grade keyboard, not military-crypto hardware, chances are
>> it'll use something like AES in CTR mode with an all-zero IV on startup, so
>> all you need to do is force a disassociate, it'll reuse the keystream, and you
>> can recover everything with an XOR.
>
>
> There are other ways to deny effectiveness. If the fixed keys are generated
> from things knowable during Bluetooth device negotiation the security would
> be illusory.  If that security were dependent on an external security factor
> but otherwise based on knowable elements you'd have key escrow.
>
> It's hard to imagine as Peter said there'd be any great interest in
> cryptanalytic attacks on keyboard communications.  You could counter the
> threat by using your laptop's built-in keyboard. It sounds like a marketing
> gimmick, and could be considered a mild form of snake oil - the threat
> hasn't been defined, nor the effectiveness of the countermeasure proven.  A
> tick box item to show sincerity without demonstrating dedication.


Maybe it is intended just as a slight hurdle to stop the kid brother 
listening in to big sister's sex chat with her b/f.  Or office level 
snooping.

As such, it's welcome.  It means that anyone who does succeed has gone 
to special efforts to do this .. which leaves some tracks.

There are the military / national security guys.  And then there are the 
rest of us.  For the rest of society, some simple opportunistic fix is 
often all that is needed to knock out 99.9% of the opportunistic 
attacks.  As practically all of our threats are opportunistic, this is 
pretty much the top priority for society at large.

iang



More information about the cryptography mailing list