[147162] in cryptography@c2.net mail archive
Re: [Cryptography] End to end
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Mon Sep 16 17:42:22 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <CAG5KPzydzXdnXryHh8rpUj0feUMhDKMQg2jVB1rQTAx+aL0OTA@mail.gmail.com>
Date: Mon, 16 Sep 2013 15:58:15 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ben Laurie <ben@links.org>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============5093460789403895473==
Content-Type: multipart/related; boundary=089e011827aefc8cad04e6859f28
--089e011827aefc8cad04e6859f28
Content-Type: multipart/alternative; boundary=089e011827aefc8cab04e6859f27
--089e011827aefc8cab04e6859f27
Content-Type: text/plain; charset=ISO-8859-1
On Mon, Sep 16, 2013 at 3:14 PM, Ben Laurie <ben@links.org> wrote:
>
> On 16 September 2013 18:49, Phillip Hallam-Baker <hallam@gmail.com> wrote:
>
>> To me the important thing about transparency is that it is possible for
>> anyone to audit the key signing process from publicly available
>> information. Doing the audit at the relying party end prior to every
>> reliance seems a lower priority.
>>
>
> This is a fair point, and we could certainly add on to CT a capability to
> post-check the presence of a pre-CT certificate in a log.
>
Yeah, not trying to attack you or anything. Just trying to work out exactly
what the security guarantees provided are.
> In particular, there are some type of audit that I don't think it is
>> feasible to do in the endpoint. The validity of a CT audit is only as good
>> as your newest notary timestamp value. It is really hard to guarantee that
>> the endpoint is not being spoofed by a PRISM capable adversary without
>> going to techniques like quorate checking which I think are completely
>> practical in a specialized tracker but impractical to do in an iPhone or
>> any other device likely to spend much time turned off or otherwise
>> disconnected from the network.
>>
>
> I think the important point is that even infrequently connected devices
> can _eventually_ reveal the subterfuge.
>
I doubt it is necessary to go very far to deter PRISM type surveillance. If
that continues very long at all. The knives are out for Alexander, hence
the story about his Enterprise bridge operations room.
Now the Russians...
Do we need to be able to detect PRISM type surveillance in the infrequently
connected device or is is sufficient to be able to detect it somewhere?
One way to get as good timestamp into a phone might be to use a QR code:
This is I think as large as would be needed:
[image: Inline image 1]
--
Website: http://hallambaker.com/
--089e011827aefc8cab04e6859f27
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">On Mon, Sep 16, 2013 at 3:14 PM, Ben Laurie <span dir=3D"l=
tr"><<a href=3D"mailto:ben@links.org" target=3D"_blank">ben@links.org</a=
>></span> wrote:<br><div class=3D"gmail_extra"><div class=3D"gmail_quote=
"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:=
1px #ccc solid;padding-left:1ex">
<div dir=3D"ltr"><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">=
<div class=3D"im">On 16 September 2013 18:49, Phillip Hallam-Baker <span di=
r=3D"ltr"><<a href=3D"mailto:hallam@gmail.com" target=3D"_blank">hallam@=
gmail.com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div>To me the important thing about transpa=
rency is that it is possible for anyone to audit the key signing process fr=
om publicly available information. Doing the audit at the relying party end=
prior to every reliance seems a lower priority.=A0</div>
</blockquote><div><br></div></div><div>This is a fair point, and we could c=
ertainly add on to CT a capability to post-check the presence of a pre-CT c=
ertificate in a log.</div></div></div></div></blockquote><div><br></div>
<div>Yeah, not trying to attack you or anything. Just trying to work out ex=
actly what the security guarantees provided are.</div><div><br></div><div>=
=A0<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;b=
order-left:1px #ccc solid;padding-left:1ex">
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div=
class=3D"im"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;=
border-left:1px #ccc solid;padding-left:1ex"><div>In particular, there are =
some type of audit that I don't think it is feasible to do in the endpo=
int. The validity of a CT audit is only as good as your newest notary times=
tamp value. It is really hard to guarantee that the endpoint is not being s=
poofed by a PRISM capable adversary without going to techniques like quorat=
e checking which I think are completely practical in a specialized tracker =
but impractical to do in an iPhone or any other device likely to spend much=
time turned off or otherwise disconnected from the network.</div>
</blockquote><div><br></div></div><div>I think the important point is that =
even infrequently connected devices can _eventually_ reveal the subterfuge.=
=A0</div></div></div></div>
</blockquote></div><br>I doubt it is necessary to go very far to deter PRIS=
M type surveillance. If that continues very long at all. The knives are out=
for Alexander, hence the story about his Enterprise bridge operations room=
.=A0</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">Now the Rus=
sians...=A0</div><div class=3D"gmail_extra"><br></div><div class=3D"gmail_e=
xtra"><br></div><div class=3D"gmail_extra">Do we need to be able to detect =
PRISM type surveillance in the infrequently connected device or is is suffi=
cient to be able to detect it somewhere?</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">One way to =
get as good timestamp into a phone might be to use a QR code: This is I thi=
nk as large as would be needed:</div><div class=3D"gmail_extra"><br></div><=
div class=3D"gmail_extra">
<img src=3D"cid:ii_141285516b34f6a7" alt=3D"Inline image 1"><br clear=3D"al=
l"><div><br></div><div><br></div><div><br></div>-- <br>Website: <a href=3D"=
http://hallambaker.com/">http://hallambaker.com/</a><br>
</div></div>
--089e011827aefc8cab04e6859f27--
--089e011827aefc8cad04e6859f28
Content-Type: image/png; name="qr-256.png"
Content-Transfer-Encoding: base64
Content-ID: <ii_141285516b34f6a7>
X-Attachment-Id: ii_141285516b34f6a7
iVBORw0KGgoAAAANSUhEUgAAAXgAAAF4CAIAAADR/3XxAAAABnRSTlMA/gABAP1bbA07AAAJVklE
QVR4nO3dQY4bORAAwdXC//+yffCZBxpMFylHXFeWeno0CQJbqP78/PnzP4DS/9MXAHw/oQFyQgPk
hAbICQ2QExogJzRA7sfqP3w+n795HX9sNQdUX//u5556/cruz/vKfXvlc0/9vqbuzymr63eiAXJC
A+SEBsgJDZATGiAnNEBOaIDcco5mZWp/zak5kfpzd9/n1HXuzl/U8zun5kFu25dU359dr/w9OtEA
OaEBckID5IQGyAkNkBMaICc0QG57jmZlaq/HSr2/45X9L7V6L8/Ufp/X3fb36EQD5IQGyAkNkBMa
ICc0QE5ogJzQALljczS3mXqO0tQeltf39Uzt0zl1PbftqbmNEw2QExogJzRATmiAnNAAOaEBckID
5L52jmalnlOo97CcMrUH55X9O7vX+crPNcWJBsgJDZATGiAnNEBOaICc0AA5oQFyx+Zobtuj8cq+
j6nnE73+/lNeuf7brtOJBsgJDZATGiAnNEBOaICc0AA5oQFy23M037p349Tch7mYv/P+U69fqa9n
93Nv40QD5IQGyAkNkBMaICc0QE5ogJzQALnPbXsraq/MHaycmvvYff9du9cz9T2cmg9a+da/Ryca
ICc0QE5ogJzQADmhAXJCA+SEBsgt52im9musnJpHmJo3mbr++j7Ubrv+2/5ept5n9/VONEBOaICc
0AA5oQFyQgPkhAbICQ2QWz7X6bbn0dw2T1HP49Q/1+t7T6bmRE5dz0o9j7ZSv78TDZATGiAnNEBO
aICc0AA5oQFyQgPklnM0K9+6L6Oes1iZmse5bS5p1+tzJbfd/3p+x4kGyAkNkBMaICc0QE5ogJzQ
ADmhAXL5c5123Tans/L6/p3X99GsTO2ReZ05GuB5QgPkhAbICQ2QExogJzRATmiA3PY+min1fpkp
U9fzrft9dt22L+mUU597ai7JiQbICQ2QExogJzRATmiAnNAAOaEBcttzNPV8ym3zHSv1fplT93P3
c/+1+aPbnmN12x6lU5/rRAPkhAbICQ2QExogJzRATmiAnNAAue05mqn9I6def9s+lNv2lay8/ryk
+vv2rU7dBycaICc0QE5ogJzQADmhAXJCA+SEBsgt52hu259yytQ+nVf2vEw952jXbXt8Xv97qa/T
iQbICQ2QExogJzRATmiAnNAAOaEBcss5mqnnH+2+T73vZvfnvW2Ooza152Vq3uo2U/dz93voRAPk
hAbICQ2QExogJzRATmiAnNAAue19NCun5ly+dX/HbXM6p5yaY6p/L6c+95X5ml320QDPExogJzRA
TmiAnNAAOaEBckID5D5TcxD1fpmp+YhX7kP98942b/LKdb7OPhpgjNAAOaEBckID5IQGyAkNkBMa
ILfcR3Obei6mfj5U7bbnQNXXc9vc09T7n/rclVPX40QD5IQGyAkNkBMaICc0QE5ogJzQALnlPprl
P3h8f8fUvEm9d+Z1tz3X6Vvv/9R+IicaICc0QE5ogJzQADmhAXJCA+SEBsgt99FMzSPU8xSn5llu
m6955f7vvr7em7NSf+7U9+qU3et0ogFyQgPkhAbICQ2QExogJzRATmiA3PZznab2d9w2dzA1n7JS
z9dMzbncNl9z21zS1D6p3etxogFyQgPkhAbICQ2QExogJzRATmiA3PYczUr9//Nf30ty296ZXafu
w9RzhVZOzafU38/X39+JBsgJDZATGiAnNEBOaICc0AA5oQFyx+Zo6j0Xp0zNoZwytfenNrVX5ZRX
vv+7Ts0ZOdEAOaEBckID5IQGyAkNkBMaICc0QO5zah/K8gPivTO3zR3U+2Wm9q1M7Yvht9v2E614
rhMwRmiAnNAAOaEBckID5IQGyAkNkDu2j2bXbXMcU8+Z2v3c2+aSXp97WqnnfU7NN51S/x6daICc
0AA5oQFyQgPkhAbICQ2QExogt9xHk3/woXmNeh5hat7hlf0vr9z/275vt81t1d8TJxogJzRATmiA
nNAAOaEBckID5IQGyI091+mVfTRTP+8ue2R+u23+ZeWVv6NT31snGiAnNEBOaICc0AA5oQFyQgPk
hAbILZ/rNDVfMDWHcur9zaecff3KK/ftNlN7bZxogJzQADmhAXJCA+SEBsgJDZATGiC3/Vynqef4
7HrleUan5lB21XMxp5iv+TNTz2tbcaIBckID5IQGyAkNkBMaICc0QE5ogNxyH83UXpiVqTmOV+5D
7ZXnXt12PVNzRlN7glacaICc0AA5oQFyQgPkhAbICQ2QExogt9xHs/v//297js+/tsfk9bmPXd+6
x+eV+7N7nU40QE5ogJzQADmhAXJCA+SEBsgJDZA7Nkez8vrzlVa+9f1vmye67flEtan5l3oOyIkG
yAkNkBMaICc0QE5ogJzQADmhAXLLOZr8gy/bJ7IyNf8ytcdk5ZV9LvX1nHr/lW/9/TrRADmhAXJC
A+SEBsgJDZATGiAnNEDux+4/mNpXUs871HttVu9z216Yeq7nttevnPq9TM3F7Krny5xogJzQADmh
AXJCA+SEBsgJDZATGiC3nKOZel7S7vvszju8Pndzao5j19TnnnJqr9DU7+W2+bVdTjRATmiAnNAA
OaEBckID5IQGyAkNkBt7rlOtnk+57flEK1PPh3plzuiV55rd9v67nGiAnNAAOaEBckID5IQGyAkN
kBMaILe9j+Y29VzA1BzK1OeuvLKf6NT7TP1cu+//ylySEw2QExogJzRATmiAnNAAOaEBckID5JZz
NCu37e9Ymdrrsfv6257ftDI1r7Trtj0st+3NsY8G+FpCA+SEBsgJDZATGiAnNEBOaIDc9hzNyqk5
jtueMzW15+WU3TmO2+Zxpp63dcpt81BTnGiAnNAAOaEBckID5IQGyAkNkBMaIHdsjuZ19X6ZU17f
S7LyrfuG6tev3DbX5kQD5IQGyAkNkBMaICc0QE5ogJzQALmvnaM5NY8wNb+w67a5idfvQ339t92f
+vlTTjRATmiAnNAAOaEBckID5IQGyAkNkDs2R3PbfpNX5kGmnnO0a2ouqXbq/k/9Xk6pn3vlRAPk
hAbICQ2QExogJzRATmiAnNAAue05mqk9GrtOzTXUcy6nrvPUfMfu5+6a+v7cNreyq55z2bV7PU40
QE5ogJzQADmhAXJCA+SEBsgJDZD7vD5fANzPiQbICQ2QExogJzRATmiAnNAAOaEBcr8AtRb+TAGH
644AAAAASUVORK5CYII=
--089e011827aefc8cad04e6859f28--
--===============5093460789403895473==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5093460789403895473==--
