mercredi 17 novembre 2010

Protecting journalist sources in a digital age

The need for secrecy to a journalist has been brought to the fore after three french media inquiring on the Woerth-Bettencourt state affair had been robbed in just two weeks. Laptops, GPS systems, hard drives and CD-ROM’s with data pertaining to this case have disappeared in a series of targeted burglaries. This is very bad news for the informants, and a deterrence toward those likely to hand over valuable information to the press. What can journalists do to keep confidence of the public and retain the ability to do their job in a digital age ? Let everybody know that they use state of the art techniques to protect their sources. This means that all their data, wherever they are stored, on drives or USB keys, are protected with some strong cryptography. Is it possible for non-technical people like the writers often are ? Yes. On many Linux systems, the installer displays options to use encrypted partitions. The simplest form is a cyphered /home partition, where personal data are stored. Problems may come from applications writing things elsewhere, like the /var or the /tmp directories. The swap partition may also leak some clues to nosey thefts equipped with proper recovery tools. The most secure solution is the encryption of the whole disk, but a small partition necessary to bootstrap the system. The drawback is the cost in CPU burden, as every disk write or read needs a bit of computing power. Laptops with double core can handle that but they may drain batteries fairly quickly when reading, copying or downloading many files.

How strong is an AES-128 bits key, a widely used standard for disk encryption ? Computer scientists refer this to as an NP-complete problem, meaning that there are no other (known) solution than to compute the 2128 possibilities to be sure. To give an idea of how huge this number is, Jon Callas, CTO, CSO of PGP Corp devised a nice fiction.

Imagine a computer that is the size of a grain of sand that can test keys against some encrypted data. Also imagine that it can test a key in the amount of time it takes light to cross it. Then consider a cluster of these computers, so many that if you covered the earth with them, they would cover the whole planet to the height of 1 meter. The cluster of computers would crack a 128-bit key on average in 1,000 years.

Read the article here:

I did again the math, just to be sure. If we take a sand made of cubic grains of 1 mm, which is rather coarse, but still sand, I found that the huge heap would verefie the whole key space in a bit more than 37 minutes. With a more realistic sand, say with round grains neatly packed, as they take 74% of the space and you can add more in the same volume, the solution is spit out in about 28 minutes. I guess that with such a computer, we could do more interesting things, even in a half hour. My result is somewhat different than Callas’ but doesn’t invalidate the point. The weakest link is not the algorithm, but the passphrase used to protect the key. It has to be long, 20 characters at least for a 128 bits key, almost random and at the same time easy to remember, because you don’t want to write it down. Callas points out that spy agencies use profiling and computing methods to infer it from names of relatives, loved ones, pets and important dates of life. So fellow journalists, don’t cut corners.

Aucun commentaire:

Enregistrer un commentaire