Crypto (was "Sharing printers without samba?")

[Daniel Mons]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Ryder wrote:
> I, too believe in encryption, even in a closed network - but my
> experience of certificates and sharing Public keys has been bad - and 
> expensive in $$ for the certificates.

Many Linux distros provide you with tools to build your own security
systems at $0.

SSH and PGP keys can be built easily, and provide "military strength"
cryptography (AES256 capable encryption is available in OpenSSH, which
is NSA standard).  OpenSSH provides the "ssh-kegen" tool to build your
own keys at $0 which you can use for secure communications between your
computers whether they are inside or outside the physical organisation
boundaries.  And as before, these keys can be used for data transfer
also (scp, WinSCP, Fugu, rsync-over-ssh, etc, etc).  I make it personal
policy not to offer any unencrypted method of data transfer to any
server I am responsible for (rcp, plain rsync, ftp, etc).  If absolutely
necessary (say, building a http/webdev server for calendar syncing via
iCal, Mozilla Lighting, etc) then I'll wrap the connection in SSL/TLS.

Probably the only time you need to spend money is if you need a trusted
certificate for a public-facing web server, and generally only for
business or e-commerce purposes only.  For private use (say, you're
hosting a wiki or other company-sensitive data on a remote location), a
self-signed certificate ($0 with OpenSSL) will give the same
cryptographic strength, and you can distribute your keys within your own
organisation (or with third parties who need access) and know they're
trustworthy.  If you want to get serious you can also buy your mail/PGP
certificates/keys from trusted groups, but for most people that's not
necessary.  (Even then, people like Thawte provide $0 ways of getting
PGP certs/keys that have a fairly good level of trust, and that can be
enhanced by finding people in your area to sign the keys).

> 
> As an aside, I read a couple of years ago (but is it true?) that under US law
> all such certificates under had to have keys accessible to "the authorities"
> for emails/data passing across US boundaries. I understand the reasoning from
> an anti-terrorism perspective but frankly don't trust the US on these things.
> Not paranoid - but there is a reason for encrypting which is defeated if people
> you don't know have access to it. Call me paranoid by all means - I prefer Private
> and Commercial Property. (This is not meant as a criticism / put-down of you - forgive
> me if it comes across that way).

There are no laws in any first-world country to provide your private
keys to the authorities.  Your public keys are public (which is the
point), and allow third parties to either verify documents come from
you, or encrypt messages back to you (which can then only be decrypted
by your private key, which only you have access too).

PGP and SSH (RSA/AES/Blowfish/etc) encryption is strong enough to avoid
detection even by government departments, and again the government has
no way of forcing you to relinquish your private keys.  The only extreme
would be if you were suspected of serious criminal activity, and a
federal court mandated that you release your encryption keys.  A case
just like this occurred in the US in 2007, and the judge presiding
eventually ruled that a person could not be forced to reveal passwords
and encryption keys:
http://en.wikipedia.org/wiki/United_States_v._Boucher

Australia isn't the US of course, and the case mentioned was an extreme
involving highly illegal activity.  I've been using the strongest
encryption schemes available to me since they've become publicly
available, and thus far the Australian government has not come knocking
on my door.

This is getting a bit off-topic, but the thing about encryption is the
more people who use it, the more it will be attacked.  This is actually
a good thing, because it "proves" your encryption is sound.  The US
government for a long time used encryption in the military and
government that was not available to the public.  They found time and
time again this was eventually broken either by members of the public,
or by other governments.

In the 80's and 90's it became apparent that if they released encryption
standards into the public domain, more people would use it, and more
people would try to break it.  Standards like DES and 3DES are great
examples of what was "good" encryption that was eventually broken and
then improved by the private sector (IBM, in that case).  Similarly, AES
was a government project that opened competition for a new encryption
scheme to the world (private and public).  The winning standard -
Rijndael, was released publicly.  Again, the US (and other) governments
realise that doing so makes it a bigger target, but in that regard it
means it will be tested far more thoroughly by those attempting to break
it worldwide.  If something like AES becomes compromised trivially, word
 will spread quickly, and governments can quickly switch to other
systems like Twofish, Serpent, etc.

Similarly, the TOR project was originally sponsored by the US Navy who
realised that releasing it into the public gave them a better chance of
having the system tested (and moreso, that hiding government traffic in
private noise is a nice obfuscation system):
https://www.torproject.org/
http://en.wikipedia.org/wiki/Tor_(anonymity_network)

Anyways... I could go on about this for days.  I'll stop it here unless
anyone wants to extend the discussion further.

- -Dan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIN2MWeFJDv0P9Qb8RAtyMAJ97wgdunCslTJuNbDAle3Ipx6E1CgCeK6d7
QW7IQs4pk17ssNxabmf6WlU=
=NokB
-----END PGP SIGNATURE-----