Computer Security

[DigitalWarrior]

I will check out that scheme when I get to work.  A separate pad per file is good, since being broken yields only one key which is probably not reused.  Is it commercial (If so I probably have a write up on it already), or is it home brewed?

If it is home brewed, I will bet heavily that it is screwed up somewhere else.  Is the whole hard drive encrypted?  If not you probably have problems with temporary files and swap space.  Where does the pad come from?  Where do you keep the multiple pads and how do you keep them sorted?  How do you control access to the pads?  A lot of homebrewed stuff is an bank vault door mounted to a wooden frame.  Don't try to blast through the door, just push through the drywall or use a crowbar on the jam. 

There is also always my very best friend, the keystroke logger.

[Zefferon]

It's homebrewed.

The original was written in VB6.

I have recently "ported" it to Linux with nasm.

Is the whole hard drive encrypted?

No.

If not you probably have problems with temporary files and swap space.

I'm very concerned about this. I beleive there are ways to lock memory under both Windows and Linux. I'm researching that now.

Where does the pad come from?

Generated by algorithm.
In VB6:
   ReDim PAD(m0)     'PAD is a byte array
   Dim Z1 As Single, Z2 As Byte
   For L0 = 0 To m0
      Do
         Z1 = (Rnd() * 255#) + 1
         Z2 = Int(Z1)
         If (Z2 > 0) And (Z2 < 255) Then Exit Do
      Loop
      PAD(L0) = Z2
   Next

In nasm:
   global   padMake:function
padMake:
;caller passes pad size in ECX as # of dwords
   MOV   EAX,13      ;get system time
   XOR   EBX,EBX
   INT   80h
   MOV   EBX,70D1D1Dh
padMake0:
   ADD   EAX,EBX
   STOSD
   BSWAP   EAX
   LOOP   padMake0
   RET

Where do you keep the multiple pads and how do you keep them sorted?  How do you control access to the pads?

Thumb drives. Sorted? Sort what?

There is also always my very best friend, the keystroke logger.

The VB6 version can be used entirely with mouse kliks. Can a keylogger record what was selected in a dialog box?

The pads are generated entirely in memory and only written to the thumb drives, so my main concern there is if the memory gets swapped.

My small files that get edited regularly are decrypted in memory, edited in memory, encrypted in memory, then written bak to disk. Once again, there is the concern about disk swapping.

Medium Security:
Webpages that are downloaded by my FORUM DOWNLOADER are encrypted in memory and appended to an archive file without first being saved to disk. Since the webpages are a lot smaller than a meg, they intercept the pad at random locations, because the encrypter uses PAD-WRAPAROUND.

High Security:
I boot off of a floppy that loads a monolithic program. The computer stays in real-8086 mode, and an OS is never loaded. Small files, such as diarys, can be decrypted, edited, and saved without going into protected mode.

Can your keylogger work if an OS isn't loaded?

Do you have any spyware of any kind that will work if an OS isn't activated?

[K. Darien Freeheart]

Z1 = (Rnd() * 255#) + 1

Depending on where Rnd() comes from, this might be an issue. Some rand calls are powered by PRNG and if weak, can generate predictable numbers. I recall within the last two years Linux (kernel) and Openssh both being affected by something similar. Of course, we're talking marginal issue here, but if you're writing your own encryption schemes, you probably find hacking enjoyable as well, so there you go.

Sorted? Sort what?

If not you probably have problems with temporary files and swap space.

The assumption was that you're using full drive encryption, in which case the OS needs to be aware of the keys to decrypt and use various files. If you're decrypting only select files, it's probably managed by user interaction (ala PGP/GPG).

Can your keylogger work if an OS isn't loaded?

Yes. It doesn't record what the OS sees, it records what the hardware generates, via PS/2 or USB. What he's referring to is for the ultra paranoid and is a hardware spy, not software. There are some proof-of-concept methods that don't even require hardware, but can measure electrical interference generated by the keyboard/mouse itself.

[DigitalWarrior]

The rnd function is questionable :http://www.vbforums.com/archive/index.php/t-362096.html.  /dev/random on a non-live cd system is probably much better.  I think you mentioned that for small files you use the middle of the pad.  That is entirely unnecessary if random is random (the middle is not more or less random than the beginning).  I am not a cryptanalyst, and do not review code often or particularly well.

That OpenSSH thing sucked to live through.

The assumption for a group of sorted/indexed pads also applies to a "Well I know which USB stick I am supposed to use" system too.  It sounds like anyone with access to the usb stick has access to the pad.  I would want the USB stick encrypted.

If it can be got on thinkgeek it is not "ultra-paranoid" and is barely above the level of an attack from a roommate you got on craigslist.  An audio pickup to decode the sounds of the keystrokes is paranoid.

There is a newish theoretical rootkit that can be installed on the bios's persistent memory of some systems, making it immune from diskwipes.  I doubted it too when I first saw it, but it is true and I nearly cried as the necessary level of paranoia got tossed into orbit.

[K. Darien Freeheart]

There is a newish theoretical rootkit that can be installed on the bios's persistent memory of some systems, making it immune from diskwipes.

Related but tangentical. I've always chuckled at the people who say "My computer is immune from being spied on by secret code in proprietary software because I use Linux!" and don't really think about the BIOS or device firmware. 

[DigitalWarrior]

Technically it is almost true ""My computer is immune from being spied on by secret code in proprietary software because I use Linux!" but in addition to the things you mention there is also being spied on by bad code in open software, and by bad ISPs, and by bad web-sites.  A user can also install proprietary software on Linux.

[Zefferon]

There is a newish theoretical rootkit that can be installed on the bios's persistent memory of some systems, making it immune from diskwipes.

I have been against using flash chips for bioses (biosii?) ever since they started doing it. It is way to easy to backdoor such hardware. This makes my functional 386sx and 486 mobos all the more precious.

On my older mobos, if you want to change the bios, you have to burn a fresh prom.
(Yes, I can do that)

That OpenSSH thing sucked to live through.

That website seems to be primarily concerned with secure data over the net. My idea is that if I want to send you confidential files over the net, I give you a thumb drive in person with pads on it, and you know the sequence of pads to use for each successive file I post.

The rnd function is questionable

Depending on where Rnd() comes from, this might be an issue.

I'm going to test this guy's idea:
http://www.fourmilab.ch/hotbits/

It sounds like anyone with access to the usb stick has access to the pad.

Absolutely. If you steal the stick, you have the pads. Good luck figuring out which file they match. Here is a sample of what you'll see in the stick's root dir:
E:\
   i8T4_sw~6b==            1024 KB
   77+jH~f9B-a3            1008 KB
   ~$jj44w&i8y9             510 KB
   t4t4=Y2y7ii8           14384 KB
   b4gt76j4h=j              788 KB


Which files are encrypted files and which are pads? You don't know.
I said I always use pads 1 megabyte in size.

I lied.

from a roommate you got on craigslist.

Nonsequiter. Disconnection.

There are some proof-of-concept methods that don't even require hardware, but can measure electrical interference generated by the keyboard/mouse itself.

Tempest.
We worked on that when I was at WPAFB in the early eighties.
Computers in offices with windows on the ground floor were easy to read.
Computers in rooms in the interior of the building were basically out of reach.
You had to take the reader inside. There is plenty of computer equipment with extra rf shielding built in if you are concerned about it.

If someone wants to go to the time and expense to tempest me, I'm flattered.
If I get really concerned about, I'll set up equipment to produce an rf hash cloud.

Yes. It doesn't record what the OS sees, it records what the hardware generates, via PS/2 or USB.

Programs that hook interrupts have to be loaded. If they aren't hidden in the OS - and by that I mean all the individual drivers that are loaded when the OS loads - they have to be hidden in the boot loader. That's easy to spot. If I boot from one of my blak floppies, no
spy software can load unless it's in the bios, and I can chek that by looking at the interrupt table.

[thinkliberty]

there is a new web (and more) data security app called vanish, it looks interesting http://vanish.cs.washington.edu/

[DigitalWarrior]

This is either brilliant and truly new, or stunningly retarded.  My bet is on the latter. 

As I understand it, I either have to get an encryption key or unencrypted data.  In either case I can make copies of the data by various means.  This might just make the original unreadable.  It is not the original you have to worry about.  copypasta and printscreen

[thinkliberty]

This is either brilliant and truly new, or stunningly retarded.  My bet is on the latter. 

As I understand it, I either have to get an encryption key or unencrypted data.  In either case I can make copies of the data by various means.  This might just make the original unreadable.  It is not the original you have to worry about.  copypasta and printscreen

It's brand new, they are presenting their paper to the USENIX Security '09 conference in Montreal, Canada, August 10–14th, if you are going to be there you can pull your bullshit card and have them try to explain your concerns with it.

I think it has to do with deleting web histories so it's harder to tie someones digital history to a person.  (internet archive, search engine caches etc.) 

It's not fail proof someone can copy and paste the information and archive it before the key is deleted. Nothing will stop anyone from reading the message before the key is deleted. It's not meant to work that way.

The message is readable by anyone with the plugin on their web browser until the timer deletes the encryption key. Then the message is unreadable, even by the original poster.

[UOGSammich]

well this sounds a little crazy

what information do you need? Lets just get down to business.