[ale] OT - New encryption technology using a piece of paper
planas
jslozier at gmail.com
Wed Sep 7 00:12:16 EDT 2011
On Tue, 2011-09-06 at 12:53 -0400, Michael H. Warfield wrote:
> On Tue, 2011-09-06 at 09:53 -0400, Ron Frazier wrote:
> > Hi David,
>
> > I posted the original message on this topic. Actually, the party never
> > got started very well. The discussion drifted into whether pass phrases
> > are better (sometimes they are) or whether password cards are better
> > (sometimes they are). However, the merits of the OTG system for it's
> > intended purpose were never discussed in any depth.
>
> Ok... As long as we want to refocus back on that. As a cryptographer,
> I will pick several bones with monsieur Gibson.
>
> As you may have already noted, any time his name comes up in certain
> circles, it evokes strong reactions. Some swear by him and some swear
> at him and some of us look in on him once in a while (I'm not unfamiliar
> with his site) just for shits and giggles and a good belly laugh if we
> are in a good mood for one. Most of the time I just shake my head and
> look the other way. He keeps the natives entertained... Sigh...
>
> First bone. This is NOT encryption. This is a simple "Latin square"
> substitution cipher. That's all. No transposition even.
>
> He claims it's secure. No self respecting cryptographer would make a
> claim that a substitution cipher is "secure". We have a hard enough
> time just making or swallowing any sorts of claims that a system is
> "secure". "Secure" is a relative term. Secure for what value of
> security? Secure against what forms of attacks? Secure against what
> element of information leakage? Broad sweeping claims of something
> being secure immediate swing my bullshit meter into action.
I assume there is no perfectly secure cryptographic system. The only
reason there is apparent security is due the limitations of the
technology used to attack the cypher system. The Enigma type codes were
breakable using very early digital computers in a time frame for the
information to be useful.
The goal is to be difficult enough that crackers will decide to look for
easier prey, those who use simple, guessable passwords. If it takes two
or three weeks or even months to crack the encryption used for a group
of credit card accounts, most of the accounts will be usable after
cracking. If however, it takes 5 to 10 years, then the reward will not
be worth effort, too long a time lapse.
> His claim that "This “Off The Grid” technology is the only known system
> to provide secure encryption using nothing but a specially designed
> piece of paper." Even given that it is NOT encryption, his claim is
> bogus on multiple levels. Such ciphers have been known about an
> analyzed for years. And it is not secure. And it is not the only nor
> the first.
>
> He claims it's future proof. Well, I may have to buy that argument. It
> may well be just as bad in the future as it is today. He's got me
> there.
>
> What is the problem set it seeks to address? It seeks to address
> password reuse. In that regard alone, it may have some value. Password
> reuses is one of the biggest problems we have with a lot of users.
>
> Pen and pencil ciphering has been around back to to ancient times. This
> much is not new. His grid is not new. He even references Latin Squares
> in his description. But he does a lot of hand waving and provides no
> mathematically rigid proof to his claims as to the security of "his"
> system. In his FAQ he tries to make claims of making up for claiming
> that they are replacing the 2^128 "complexity" of AES with some huge
> amount of "entropy" by saying "The entropy of Latin Squares is so large
> that no one even knows how large it is!" My bullshit meter was pegged
> bent and broken right off the top right there. Not only are his
> arguments NOT mathematically rigid, that gave me the impression he was
> pulling numbers out of a place where the sun simply does not shine. He
> effort to argue that the 128 bits in AES was "complexity" while he was
> added some other secret ingredient "entropy" really just blew my mind.
>
> In some spots he's juxtaposing numbers in a way that is simply
> mathematical gibberish. He claims to come up with 2400^6 possibly
> combinations but that's logically impossible with the limited character
> set. He's obsessed with the procedural pairing that he's lost sight of
> the simple fact that a password matches or it doesn't whether it was
> derived from a domain name or not. 6 characters from a character set of
> 72 characters only has 72^6 bits of entropy (or complexity or what ever
> he's trying to hide in the blue smoke of his argument),
>
> YES! He has an interesting system that does work with paper and pencil
> and gives you a way to come up with unique passwords for web sites. It
> helps eliminate password reuse. But the passwords are no more secure
> than a lot of other systems out there and, who cares if it's paper and
> pencil or a random generator in your password safe? A key logger is
> still going to own your shorts. A password sniffer will still get it.
> A compromised hash database is still going to get busted (especially if
> its a short password - anything less than 12 is toast).
>
> Bruce Schneier has always had a term for that which I never mind
> quoting: Snake Oil. Trust it. Secure. Says so, right on the bottle.
>
> Regards,
> Mike
>
> > The intended
> > purpose is to allow average users to easily create moderate length
> > cryptographically strong passwords that are unique for each site they
> > visit. The sites in question, many times, will not accept long complex
> > passwords. Furthermore, the system allows the user to create said
> > passwords without using anything other than the piece of paper with the
> > grid on it. All they need to traverse the grid is the domain name of
> > interest. They don't have to remember any key code to get them to their
> > password (as in pass cards), and they can use the password in places
> > where a pass phrase will not be accepted, unless it's a very short pass
> > phrase. As I mentioned in one of the posts, I deal with two sites which
> > will only accept 8 character passwords, so even the default method of
> > the OTG system which generates a 12 character upper / lower case
> > password won't work. If desired, entropy of the final password can be
> > increased by adding length, symbols, or numbers. I am currently
> > evaluating all these methods to go to a system of having one password
> > for every website. Not sure what I'm going to do yet. I may end up
> > using something like OTG to generate some passwords and something like
> > LastPass to enter them into websites automatically. Then I can save the
> > grid for later reference. At sites where pass phrases of decent length
> > will work, I'll probably use those. As I see it, the pros and cons for
> > each method are:
> >
> > * Pass Phrases - easiest to remember, if you have a dozen - probably
> > still have to write down, long ones or ones with symbols won't work for
> > many sites, good entropy if they're long, if attacker knows you're using
> > words separated by spaces, his search for your pass phrase becomes much
> > easier
> >
> > * Password Cards - somewhat easy to remember a key code, if you have a
> > dozen - probably still have to write key codes down, shorter ones should
> > work for most sites, longer ones won't
> >
> > * OTG - nothing to remember - use the domain name, if you have a dozen -
> > generate as needed, somewhat tedious, shorter ones should work for most
> > sites, longer ones won't
> >
> > Sincerely,
> >
> > Ron
> >
> >
> > On 9/5/2011 10:14 PM, David Hillman wrote:
> > > I guess I came too late to the party. I read "Off The Grid" and
> > > wondered how long it would be before really well-informed people poked
> > > holes in the whole idea. To me, it looks like it'll do a better job
> > > of creating passwords than most of the user population (who might find
> > > it to be too complicated). The rest will have to be handled by the
> > > system administrator with a defense strategy that consists of a
> > > mile-wide moat filled with alligators, rocks and burning faeces.
> > > Intruders tend to shy away from that level of stinkiness. Now that I
> > > have contributed, I can go back to reading about Single Packet
> > > Authorization (SPA).
> > >
> > >
> > > On Sun, Sep 4, 2011 at 8:56 PM, Michael H. Warfield <mhw at wittsend.com
> > > <mailto:mhw at wittsend.com>> wrote:
> > >
> > > On Sun, 2011-09-04 at 19:49 -0500, Pat Regan wrote:
> > > > On Sat, 03 Sep 2011 20:06:56 -0400
> > > > "Michael H. Warfield" <mhw at wittsend.com
> > > <mailto:mhw at wittsend.com>> wrote:
> > > >
> > > > > The forced changes provide no benefit and yet add that little tiny
> > > > > extra opportunity of additional threat. And, yes, there are
> > > password
> > > > > sniffers that will fire on password changes so they follow your
> > > > > changes as you make them. Factor it in how you will.
> > >
> > > > A company I used to work for about a decade ago had a 60 or 90 day
> > > > schedule on their forced password changes. The requirements for the
> > > > passwords weren't very strict, either.
> > >
> > > > Most of the customer service people ended up teaching each other the
> > > > same password scheme of current month+year (jan99, for example).
> > > Since
> > > > those passwords were good for 60 or 90 days, you could walk out
> > > on that
> > > > call center floor and guess almost anyone's password in 2 or 3
> > > tries.
> > >
> > > In my talks on this, I try to dance around it a little bit without
> > > being
> > > as blatant as that, but you are absolutely correct. Forced expiration
> > > and password changes invariably force most users into predictable
> > > patterns which are of no benefit and often just the opposite.
> > >
> > > The other effect, when password strength/complexity checkers are not
> > > enforced, is the "jumping in front of the bus effect". Small but
> > > real,
> > > it's the case where a user is forced to change his password and he
> > > changes it to one that the attackers are using to guess... Powned...
> > >
> > > > Pat
> > >
> > > Regards,
> > > Mike
> > > --
> > > Michael H. Warfield (AI4NB) | (770) 985-6132
> > > <tel:%28770%29%20985-6132> | mhw at WittsEnd.com
> > > /\/\|=mhw=|\/\/ | (678) 463-0932
> > > <tel:%28678%29%20463-0932> | http://www.wittsend.com/mhw/
> > > NIC whois: MHW9 | An optimist believes we live in the
> > > best of all
> > > PGP Key: 0x674627FF | possible worlds. A pessimist is
> > > sure of it!
> > >
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org <mailto:Ale at ale.org>
> > > http://mail.ale.org/mailman/listinfo/ale
> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > http://mail.ale.org/mailman/listinfo
> > >
> > >
> > >
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://mail.ale.org/mailman/listinfo/ale
> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > http://mail.ale.org/mailman/listinfo
> > >
> >
> > --
> >
> > (PS - If you email me and don't get a quick response, you might want to
> > call on the phone. I get about 300 emails per day from alternate energy
> > mailing lists and such. I don't always see new messages very quickly.)
> >
> > Ron Frazier
> >
> > 770-205-9422 (O) Leave a message.
> > linuxdude AT c3energy.com
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
--
Jay Lozier
jslozier at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20110907/07fa08dd/attachment-0001.html
More information about the Ale
mailing list