Backdoors, Trust and Scalable Solutions

Transcript

1. Backdoors, Trust and scalable solutions Ashutosh Ahelleya

2. Encryption

3. Some questions 1. How is the key generated? 2. What

   are the consequences of seed being predictable? 3. Where does the security of PRNGs lie in? 4. How do we generate “true random” values for the seed? a. How do modern systems compute “true random” values? 5. Why not generate the key using a TRNG? 6. Properties of PRNGs a. How can these features be useful? 7. Assumption that forms the basis of our model for security 8. How is the key sent over the same insecure channel?

4. How is the key generated?

5. How is the key generated? Deterministic function 1. Outputs random

   looking numbers using an algorithm 2. Takes few “true random” bits and outputs much larger “pseudo random” bits Trivial examples: log(x), sin(x) etc.

6. Pseudo Random Number Generators: PRNGs

7. PRNG trivial example: log(x) Every PRNG requires some initial “true

   random” number as input → SEED

8. What happens if the seed is predictable?

9. What happens if the seed is predictable? PRNG is public

   → Attacker also has access Conclusion: seed should not be predictable

10. Security-decisive factors of a PRNG 1. Seed should be truly

    random and should not be predictable 2. Given a set of outputs of a PRNG, attacker should not be able to guess seed

11. How do we generate “true random” values for the seed?

12. True Random Number Generators A function that generates outputs from

    physical sources such as temperature, thermal noise etc. that are known to produce non-predictable outputs. Hence, they are called True Random Number Generators.

13. How to modern systems compute “true random” values?

14. None

15. Present day: usage of lava lamps in Cloudflare More about

    it here Youtube video: https://www.youtube.com/watch?v=1cUUfMeOijg
16. None

17. Why not generate the key using a TRNG?

18. Why not generate the key using a TRNG? Neither feasible

    nor scalable

19. Property of RNGs

20. None

21. How can this feature be useful? Synchronised RN generation: 2FA

22. Assumption that forms the basis of our model for security

    “Nature is truly random”

23. How are cryptography standards created? CFP by NIST → Testing

    → standard = Winner! CSPRNG

24. Dual EC DRBG: abstract CSPRNG published by NIST SP 800-90A

    in 2006 P, Q → Points on an EC S 0 → Seed S 2 → Updated seed 1. Operation: S i * P is computationally hard to reverse, similar to large integer multiplication 2. Security model: P, Q should be generated independently

25. What if P, Q are not independent?

26. What if P, Q are not independent? Assertion: Only we

    know the relation between P and Q, no one else does

27. Inference Dual EC PRNG has the potentiality of a backdoor

    if P, Q are not generated independently

28. What is a backdoor?

29. None

30. What is a backdoor? An intentional flaw in an algorithm

    or an implementation that allows an individual to bypass the security mechanism the system was designed to enforce.

31. Why would someone do it? Organisations can inject a backdoor

    without others knowing about it, for reasons of importance to their state, such as surveillance etc.

32. The Objection

33. Independency?

34. None

35. Allegation → confirmation

36. None
37. None
38. None

39. End of Dual EC DRBG 1. Withdrawn in 2014 2.

    Stayed a CSPRNG for 7 years!

40. How difficult of a problem it is to detect backdoors?

    Why?

41. Let’s talk about trust

42. Different meanings of trust 1. Personal and intimate trust 2.

    Less personal trust

43. What breaks trust?

44. What breaks trust? Overcommit, underdeliver Hype >>> value

45. None

46. What happens when a bubble bursts? Theranos: Silicon Valley’s greatest

    disaster The Big Short

47. Systems species use to incentivize trustworthy behaviour

48. Incentivising trustworthy behaviour 1. Morals 2. Reputation 3. Institutions 4.

    Security Systems Reference: Liars and Outliers by Bruce Schneier

49. NO! Reference: Reflections on Trusting Trust Can we trust the

    code we did not create?

50. Types of system we can adopt 1. Fully transparent 2.

    Fully private 3. Trustless

51. Cambridge-Analytica aftermath

52. None
53. None

54. Can we have a trustless system?

55. Who do we trust then?

56. “We, as humans, trust the established rules that induce organisations

    to behave according to a norm, imposing sanctions to those who do not, more than the system itself.” Reference: There’s no good reason to trust blockchain technology Who do we trust then?