Donate for the Cryptome archive of files from June 1996 to the present

2 February 2014

Stopping NSA


2014-0165.pdf NSA-GCHQ Allegedly Hack Cryptographer Quisquater February 2, 2014

Date: Sun, 02 Feb 2014 13:38:59 +0300
From: ianG <iang[at]>
To: Phillip Hallam-Baker <hallam[at]>
Cc: Cryptography Mailing List <cryptography[at]>
Subject: Re: [Cryptography] Now it's personal -- Belgian cryptographer MITM'd by GCHQ/NSA
List-Archive: <>

On 2/02/14 04:33 AM, Phillip Hallam-Baker wrote:

> Why assume that its the NSA/GCHQ?

Because the Belgians are saying it is, and because the Snowden revelations pointed at a persistent attack of the indicated parties.

We can play the game of "you don't know that for a fact" forever, but at the end of the day, they will never enter court and let the court declare it a fact, so that easy excuse is their game, their rules, their victory.

Old military truism: the battle is won by the general that imposes his plan over the other.

> When I got stopped three times by UK customs on one trip during the crypto
> wars it was pretty obvious what was going on. But this incident could have
> been due to Iran, Israel, Russia, China (in no particular order) and there
> might well be more countries getting in on the pervasive intercept party.

I've got no doubt that others are attempting to hack into the telcos and whatever.

> This is not about stopping the NSA.

I think there are several considerations here.

1. We need models of all players. We need statistics and likelihoods.

2. We have an attitude that keeps tripping us up on polite diversions such as "you don't know that for a fact" or "these are the nice guys, they wouldn't do it to you" or "the other guys are doing this, give us money!"

We need some way of avoiding our own biases, and that starts from knowing ourselves.

3. We need a model that describes the control that these folks have. Is it no control? Or is there some way to limit it? Right now the evidence suggests that there are no controls that haven't been trashed by one means or another.

Facts claimed recently: they routinely lie to congress and court. The secret non-court never analysed mass surveillance before Snowden. They collect and target citizens. They hack allies, they spy on sovereigns, they spy for industry.

4. And, as a minor consideration for some citizens of some countries that have a no arbitrary search or seizure clause, we need the facts to see if they have self-declared themselves the subject of criminal prosecution.

5. Ditto for alliances.

6. You can't stop the Chinese unless you've first stopped the NSA. Ditto for 5-eyes. Unless you have principles, you cannot decide when and how to face up to your external threats, you cannot even differentiate external from internal.

7. GCHQ, ASD, the others, they more or less follow the NSA.

If you put it all together, at a first order of approximation, maybe it is that: about stopping the NSA.

> The NSA wanabees are far more numerous
> and likely just as well resourced. They won't have as much cash but they
> will use what they have at least ten times more effectively.

Idk. I think the others are well-outclassed at this stage. Back in the cold war, the Russians did a pretty good job in humint. They still couldn't match the satellite & sigint assets tho. The Chinese, now? I have no idea, I have yet to see any real unbiased data (by that I mean data that has been released for the direct purpose of convincing congress to fund cyberwar).

What's their budget this year?

I agree on one point -- the Chinese seem to be more focussed on economic theft than trying to mass surveille the world of angry birds. I really would be asking for my money back if I was congress.

> We do have a model for protecting Web sites that works pretty well called
> PCI. That is the scheme that the credit card companies developed to protect
> their assets when they are exposed online. PCI is supported by numerous
> tools and services that provide compliance checking. It isn't perfect but
> it is a known starting point.
> What we need is PCI for social media sites and for email providers. It does
> not have to be perfect and it won't be. But it will be a start.

Well. PCI models against hacks and insider attacks.

Then there is mass surveillance. The model against mass surveillance has been known for 2 decades: mass crypto. Yet, we've never been able to get that idea through to the NISTs, the IETF, the committees, the toolmakers, etc.

It would be a mighty fine idea if NIST were to come out and start pushing opportunistic encryption, but they do not serve the users, they serve the toolmakers, who use cryptography as a discriminator. You can't have a national standard without a national industry to sell tools.

Then there is phishing. The model against phishing -- which was used in the belgacom attack -- has been known for 2 decades as well, it was built into secure web browsing. But it never worked, and the tool makers like it that way.

> And unlike
> the credit card companies we have a lot more ability to change our
> credentials.

Exactly -- change! Maybe we need those people who build PCI and FIPS and whathaveyou to start recognising that the models they built have to actually work. Else they should fall on their swords, because they are incapable of changing.

Pigs might fly. PCI like all such more likely exists to serve PCI people. We definitely don't want such a millstone around the social network folks. We want them to change, to face their threats as they evolve.



The cryptography mailing list