On the Difficulty of Securing Channels

In the last post I discussed two different approaches to securing email, a software/protocol version and an in itself hardware solution. It is time to talk some serious weaknesses of relying on infrastructure outside of your control. Issues I've wrote on before, but in the context of securing communications it could use some readdressing along with synthesis.

One of my earliest posts, from soon after the Silk Road bust, was on how tor is probably and has for some time been a honeypot. I kind of casually concluded with the assertion that securing the message is always of paramount importance because the channel is probably hostile. In tor's case the obvious problems is the "three lucky hops attack" where an adversary who controls your entry, mixing, and exit node can generally make life hell.1 Tor generally it has been admitted in leaks from the NSA and Brit NSA to be a pain to break, though they generally break it eventually for sufficiently valuable targets. With Tor's origin as a United States Navy Project, who might be running enough nodes of all kinds to frequently tag adversaries through a three luck hops attack…

For lesser channels though, the Washington post has a decent article on the NSA solution to those problems. If you don't care to follow the link, basically they just tap right into the fiber optic line outside of large provider's data centers. If you think being in the US, that using only US sites can keep you out of the NSA's jurisdiction, unfortunately a lot of traffic leaves the border as a matter of course.2 Essentially anything sent in plaintext or eventually posted in plaintext may as well be public. You have already been owned.

What about SSL and Certificate Authority based public key infrastructure? In the case of Google this may be instructive:

The leaked documents include a post-it note as part of an internal NSA Powerpoint presentation showing a diagram of Google network traffic, an arrow pointing to the Google front-end server with text reading, 'SSL Added and Removed Here' with a smiley face. When shown the sketch by The Post and asked for comment, two engineers with close ties to Google responded with strings of profanity

So maybe that is a datacenter to datacenter weakness? Manipulation can go further though. An https connection is only as good as the certificate you are presented, but your browser has a default list of certificates whose signatures it will trust. Getting one Certificate Authority's signature, either though coercion or breaking a weak certificate, to sign a certificate in the name of another site allows man in the middle attacks to happen. With the number of CAs though how likely is it that only one has been coerced, bribed, or otherwise compromised.3

This leads us to a fundamental difference between the Silent Circle / Dark Email model versus the No Such lAbs / Cardano model. On some level Anything that requires trust beyond what you can physically secure, probably can't be secured. For some people physical security goes as far as they can reach with their fist, others with a hammer, and still others with their rifle. Then there is the part where the Cardano relies on firmware based in open source GPG software firmware offering functionality equivalent to GPG software which will be offered for examination in the Open Source tradition while Silent Circle is still closed source.

The conclusion for anyone sanely paranoid has to be that no matter how much you depend on others to secure your channel of communication, you have to secure your own messages. Even Lavabit couldn't do that as Levinson's eventual surrender of the private key demonstrates. I don't really think that for people who really need private communications channels that a sane alternative to the Cardano exists. I mean if Petraeus and his mistress had Cardanos, he would probably still run the CIA.

Update 1: This post being the result of a Whiskey fuelled fever dream some copy editing is incoming.


  1. Entry and exit nodes alone may be enough for a sophisticated attacker  

  2. This is before considering that for the Brit NSA being a US national makes you a foreign national.  

  3. I lean towards bribed or legally coerced as possibilities. I plan on addressing the actual expensiveness of rubber hose cryptography at a later time.  

3 thoughts on “On the Difficulty of Securing Channels

  1. Minor nitpick: Cardano receives messages sent by traditional GPG, and produces signatures which the latter can verify – but does not use it internally. The firmware is being written entirely from scratch.

    Naturally the design will be published and its detailed study strongly encouraged. For one thing, this is my only protection against the gasenwagen.

Leave a Reply

Your email address will not be published. Required fields are marked *