Re: [dsfjdssdfsd] Discussion: Malicious Entropy Attacks: Eggs, and Baskets

Arnold Reinhold <agr@me.com> Tue, 18 March 2014 20:57 UTC

Return-Path: <agr@me.com>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C62C91A0427 for <dsfjdssdfsd@ietfa.amsl.com>; Tue, 18 Mar 2014 13:57:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KzZCdjvvWbj8 for <dsfjdssdfsd@ietfa.amsl.com>; Tue, 18 Mar 2014 13:57:35 -0700 (PDT)
Received: from nk11p00mm-asmtp001.mac.com (nk11p00mm-asmtp001.mac.com [17.158.161.0]) by ietfa.amsl.com (Postfix) with ESMTP id 76A3E1A0125 for <dsfjdssdfsd@ietf.org>; Tue, 18 Mar 2014 13:57:34 -0700 (PDT)
MIME-version: 1.0
Content-type: text/plain; charset=windows-1252
Received: from [192.168.1.134] (c-66-31-43-48.hsd1.ma.comcast.net [66.31.43.48]) by nk11p00mm-asmtp001.mac.com (Oracle Communications Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013)) with ESMTPSA id <0N2N00HCUGVO8V60@nk11p00mm-asmtp001.mac.com> for dsfjdssdfsd@ietf.org; Tue, 18 Mar 2014 20:57:26 +0000 (GMT)
From: Arnold Reinhold <agr@me.com>
In-reply-to: <20140318023932.GA7144@thunk.org>
Date: Tue, 18 Mar 2014 16:57:25 -0400
Content-transfer-encoding: quoted-printable
Message-id: <642B9BBD-A39E-4842-AE84-FEB71545F631@me.com>
References: <531F6068.4080907@akr.io> <20140311195443.GD2190@thunk.org> <F3B65184-1544-48FA-8C20-52FEAC208D8A@me.com> <56491888.20140315165037@gmail.com> <DF42CACF-3AC7-4FA9-934C-18D4A0504FB9@me.com> <20140316171716.GD31988@thunk.org> <D1CAFBA9-92AB-4CE6-871E-740A428DA859@me.com> <20140318023932.GA7144@thunk.org>
To: tytso@mit.edu
X-Mailer: Apple Mail (2.1874)
x-icloud-spam-score: 34444444 f=me.com; e=me.com; is=no; ir=yes; pp=ham; spf=n/a; dkim=n/a; dmarc=n/a; wl=n/a; pwl=n/a; clxs=n/a; clxl=n/a
X-MANTSH: 1TEIXREEbG1oaGkdHB0lGUkdDRl5PWBoaGBEKTEMXGx0EGx8SBBscHwQdHhAbHho fGhEKWE0XSxEKbX4XGhEKTFkXGxobGxEKWUkXEQpZXhdoY3kRCkNOF0sbHhpiTk0ZBBtCQxl4c wcYYxgaHx17ExEKWFwXGQQaBB0HTUsdEkhJHEwFGx0EGx8SBBscHwQdHhAbHhofGxEKXlkXYXJ GTHgRCkxGF2xraxEKQ1oXHBwEGRsEHhkEHhIRCkRYFxkRCkRJFxgRCkJGF2x9TER+fWUTaV4TE QpCRRd6f314WmxMXkNiQBEKQk4XbHBgeUAdYlJpGmIRCkJMF21oe2BOY0UFBWFoEQpCbBdnfnB FRFl6SEF9HBEKQkAXZGZdZm5LfkscWV4RCnBoF2FwGl15YnNlGXxGEQpwaBdpRW9DAUYfSH4eR REKcGgXbERbY2xjXRNrGmMRCnBoF2BHZWB4fEsSZl5JEQpwaBdjbWgSRUNHQnxJZREKcGwXbn9 kQ21zfkQebhMR
Archived-At: http://mailarchive.ietf.org/arch/msg/dsfjdssdfsd/b4I2jC7LMIg0R_Y3SF9IIwTcTfs
Cc: dsfjdssdfsd@ietf.org, =?windows-1252?Q?=22Kriszti=E1n_Pint=E9r_=40thunk=2Eorg=22?= <pinterkr@thunk.org>
Subject: Re: [dsfjdssdfsd] Discussion: Malicious Entropy Attacks: Eggs, and Baskets
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd/>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Mar 2014 20:57:37 -0000

On Mar 17, 2014, at 10:39 PM, tytso@mit.edu wrote:

> On Mon, Mar 17, 2014 at 08:43:36PM -0400, Arnold Reinhold wrote:
>> 2. The personal privacy threat model, which fears the mass
>> surveillance society, doesn’t trust corporate vendors and certifying
>> bodies, and considers state actors principal threats. I’d put
>> Bitcoin and the like here.
> 
> ... and this also needs to separated into the "proof against a
> targetted attack" and "protect against mass surveillance".
> 
> There's a big difference between NSA or FBI cutting a deal with AT&T
> so that they get to put an Carnivore style keyword monitoring device
> in a telephone closet at a fiber exchange point, and the FBI deciding
> to park a Tempest van outside of your house.
> 
> Cheers,
> 
> 						- Ted

What used to require a Tempest van, today probably fits in a briefcase or even a shirt pocket. And the hardware, in terms of of wide band digitizing and signal processing is now widely available and inexpensive. 

The targeted attack vs mass surveillance/war driving/bang-on-every-exposed-port model should be another dimension to the threat model, but the former shouldn’t be ignored.  Trillions of dollars already flow through financial systems daily and the Internet of Things is just getting started. There will be ever more high value systems to attack, and increasingly sophisticated evil-doers with the means to go after them. (My nightmare sees drug cartels wishing to develop new revenue streams to replace market share lost to legalization and following Sutton’s Law in its most literal sense.)

Before eliminating any capability, such as rapid recovery from PRNG state compromise, based on a claim that the requirement is unreasonable under the threat models being addressed, those threat models (and the claim) should be made fully explicit and subjected to review like any other aspect of the proposed standard.

Arnold Reinhold