[2488] in cryptography@c2.net mail archive
Re: NYT Article on Groat Spy Case
daemon@ATHENA.MIT.EDU (Phil Karn)
Mon Apr 13 17:26:28 1998
Date: Mon, 13 Apr 1998 14:17:31 -0700 (PDT)
From: Phil Karn <karn@qualcomm.com>
To: reinhold@world.std.com
CC: cryptography@c2.net
In-reply-to: <v0313030cb158165442fc@[24.128.40.70]> (reinhold@world.std.com)
>community's real concerns about widespread cryptography may be. Software
>cryptosystems, like PGP running on a PC, are extremely vulnerable to
>bag-job attacks, but next generation systems using smart cards may be far
>less vulnerable.
Indeed. I have long felt that the most direct and logical way to
target any software cryptosystem, no matter how strong its
cryptography, is to pull a bag job and install a trojan horse. For a
system like PGP that has no perfect forward secrecy to
compartmentalize the damage from a key compromise, this is especially
easy. Just modify the PGP binary to quietly squirrel a copy of the
user's secret key into his next message and pick it up later with a
tap on his line. The trojan should then patch itself out to make it
less likely to be discovered later.
Online systems that provide perfect forward secrecy are a little
harder to hack indetectably, as the trojan has to remain indefinitely.
Here it might be easier to attack the operating system, say by reading
the swap device (a major vulnerability of all software cryptosystems
running on modern operating systems). (Side question: does Linux or
BSD have a page-lock system call yet?)
Another possibility is bugging keyboards to catch passphrases. The bug
could draw its power from the keyboard, so it wouldn't need
batteries. It could store everything in nonvolatile memory for later
retrieval.
LANs could also be bugged fairly easily. How often do *you* inspect
the big pile of 10Base-T cables in your attic? :-)
All this makes me wonder if there are any back doors (deliberate or
otherwise) in commonly available burglar alarm systems. After all,
without an easy way to defeat the alarm itself, the passive IR
detectors in my house probably make it harder to break into without
detection than the CIA vault seen in the "Mission Impossible" movie...
Phil
