cyber-security for activists - chaos computer clubhannes/prosa.pdf · xzxzxzx bob's public....
TRANSCRIPT
Hvem er jeg?
• Jeg er tysker
• Jeg arbejder som PhD-studerende på IT-Universitet
• Jeg forstår lidt dansk og jeg kan snakke meget lidt dansk
• Derfor jeg snakker engelsk
Why am I here?
• I am a replacement
• I’m a nerd (and have been involved in some projects)
• I like to teach activists about the internet
• I observe that many people don’t know and don’t care much about security in the internet
Overview
• Privacy in the internet
• Kinds of Attackers
• How to protect: cryptography
• Web, Mail, Chat, Hard disk
Cryptography
• Asymmetric cryptography
• Public and private key
• Using RSA or DSA/ElGamal
• Based on hard mathematical problems:
• Integer factorization (RSA)
• Discrete logarithm
Asymmetric cryptography
• Everybody has a public and a private key
• Private key is protected with a password
• Distribute public key to friends (communication partners)
• Decryption and signing done with private key
• Encryption and verification with public key
Attacker
• Local - has access to computer
• Family members
• Friends
• Police/secret service - might get access
• If they bust you
Local encryption
• Keep secret file private
• Use your own public keyAlice
secret datacsddsszxzxzxxzxzxzxzx
Alice's public
Local decryption
• Decrypt encrypted file
• Use own private keyAlice
secret datacsddsszxzxzxxzxzxzxzx
Alice's private
Local private files
• Using encryption, only you can read your private files
• Helps against family, friends; whomever you don’t want to read your private stuff
Tools for File encryption
• either PGP/GPG (gnupg)
• dmcrypt or LUKS on Linux
• geli on FreeBSD
• FileVault on MacOSX
• Truecrypt (Windows, Mac, Linux)
• PGPDisk on Windows
Truecrypt
• OS-independent
• Should be used also on USB sticks etc
• Keys or password
• Feature: hidden volume
• Two encryption containers
• Only one visible
• Put interesting content in one, secret in the other
Possible attackers
• Eve can read everything
• Might be on the local network
• Or at the Internet Service Provider
• Or the police having access to the ISP
BobAlice
Hi Bob
Eve
Encryption
• Alice encrypts a message for Bob
• Alice got Bob’s public keyAlice
Hi, Bobcsddsszxzxzxxzxzxzxzx
Bob's public
Adversary
• Only sees the encrypted message
• Can observer that Alice and Bob communicated csddssz
xzxzxxzxzxzxzx
Eve
But, wait!
• How does Bob now the message was from Alice?
• Eve could also have encrypted that message
• (because Bob’s public key is public)
Signature
• Alice can sign any of her messages with her private key
• A signature is prepended Alice
Hi, BobSignature
Hi, Bob
Alice's private
Verification
• Anyone who has Alice’s public key can verify her signature Bob
Signature valid
Hi, Bob
Signature
Hi, Bob
Alice's public
But Eve could see the message with signature
• Therefore, encrypt and sign!Alice
Hi, Bob
Signature
csddsszxzxzxxzxzx
zxzx
Bob's public
Alice's private
Encrypt and sign communication
• So that only you and the other end can read the message
• And you are both sure to communicate with the right person
Tools for communication
• Different approaches whom to trust
• And how to get the public keys
• remember: you always need the public key of your communication partner
Different solutions• SSL: hierarchic, central trusted authority
• good for companies
• used in the web: http_s_
• PGP: decentralized trust; web of trust
• NGO/activists
• OTR: decentralized, plus more features
• NGO/activists
• thought which properties are worthwhile
SSL (Secure Socket Layer)• Client-to-server encryption
• Every browser has a list of trusted Certificate Authorities
• These are companies who sell certificates
• They should check the request comes from the owner of the domain
• Several cases where this has not been true
• Or where CA’s were hacked
PGP - Pretty good Privacy
• Client-to-client encryption
• Message encryption and decryption, signing
• Be aware: only content, no headers are encrypted
• File encryption and decryption
PGP - Web of trust
• Problem: I want to get Bob’s key
• and want to be sure that it is really Bob’s key
• Download and verify that it his by a second communication channel (telephone)
• This is tedious!
• If Alice has signed Bob’s key and I trust Alice’s key
• I can just get Bob’s key and be sure it is his
• Works if keys are stored on a public keyserver
PGP Key signing parties
• Some people suggest key signing parties
• Everyone verifies fingerprints and passport/ID-card
• But wait, this is not what is important:
• The mail address is important to verify
• You shouldn’t care about the name, but the mail address of the key
PGP
• If private key is lost (or stolen)
• Can decrypt all stored messages
• Can proof (mathematically) that the message has been sent
• Protect your key!
PGP Keyserver• Expose some information
• Email-address
• Date of signing
• “I met/know this person”
• To make sense, must be public
• support for local signatures as well
• Is like a social network (social network analysis: analyze groups of people)
OTR (Off-the-record)
• Nice features:
• Plausible deniability
• Nobody can proof that it was my message
• Perfect forward secrecy
• Even if one key is recovered, only that message can be decrypted
• No support for offline storage (need handshake and online people)
• Same problem as PGP which key to trust
OTR
• Can be used with Instant Messaging
• GTalk
• Facebook Chat
• By using an external Client (Pidgin, Adium)
What are useful properties?• Confidentiality: only receiver can read message
• Encryption (encrypted with receivers public key)
• Authenticity: sender is really sender
• Signature (signed with senders private key)
• Integrity: message has not been modified
• Signature (can be verified)
• Repudiation: sender has really sent message
• Only sender has private key, can’t deny that
• Deniability: no outsider can proof identity of sender
In short
• Public key cryptography is awesome!
• Client-to-server and Client-to-client encryption
• SSL for websites (client-to-server)
• GnuPG for Mail and file encryption (client-to-client)
• OTR for Chat (plausible deniability “I didn’t say that”)
• Truecrypt for hard drive (if they bust you)
Useful links• https everywhere https://www.eff.org/https-
everywhere/
• gnupg http://gnupg.org/
• thunderbird and enigmail http://www.mozillamessaging.com/thunderbird/ http://www.enigmail.mozdev.org/
• firegpg http://getfiregpg.org/ (discontinued)
• pidgin (with otr) http://www.pidgin.im/
• truecrypt http://www.truecrypt.org/