key.randomness.backfire.txt

`Date: Thu, 11 Mar 1999 15:02:01 -0700 (MST)  
From: mea culpa <[email protected]>  
To: InfoSec News <[email protected]>  
Subject: [ISN] Are your secrets safe? (crypto)  
  
  
  
http://www.newscientist.com/cgi-bin/pageserver.cgi?/ns/19990313/newsstory3.html  
  
Are your secrets safe?   
Duncan Graham-Rowe  
  
THEY MAY LOOK HARMLESS but screensavers could betray you while you're out  
at lunch. Two cryptographers have discovered that the randomness of the  
"keys" that are used to encode encrypted documents could be their  
downfall.  
  
The discovery was made by Adi Shamir at the Weizmann Institute of Science  
in Rehovot, Israel, joint inventor of the widely used RSA public key  
cryptography system, and Nicko van Someren of nCipher, a British  
electronic security company based in Cambridge. The more random a private  
signature key is, the harder it is to crack encrypted files. But by  
scanning hard drives for chunks of data that are particularly random, the  
pair found that it is possible to weed out keys stored on a disc.  
  
Most programs organise data into some sort of level of structure, so  
blocks of randomness stand out and can be spotted with the same ease that  
a human eye can tell the difference between a good TV picture from one  
with lots of interference. According to van Someren, this means that even  
though the keys take up a mere kilobyte of memory, it could take as little  
as 40 minutes to find a signature key on a modern 10-gigabyte hard drive.  
  
"It would be possible to write a program that searches the hard disc  
automatically and sends the key to the villain," says van Someren. This,  
he says, could be carried out by a virus that runs only when the  
screensaver is on, making it extremely difficult for the user to detect. A  
running screensaver could contain viral code that would tell a hacker when  
the user is away from their desk--and thus wouldn't notice the computer  
slowing down as the virus hunts for keys.  
  
The possibility highlights the need to keep signature keys safe, says Phil  
Zimmermann, who wrote Pretty Good Privacy (PGP), a popular encryption  
program that is reckoned to be hard to crack. "Users must never leave  
their private key exposed in a non-secure environment," he says. "This is  
as obvious as not leaving your wallet unattended on a bus bench."  
  
Any worthwhile encryption program encrypts the key before storing it,  
making it useless if found. However, a "swap" file--a temporary file  
stored on the hard disc--may still hold the key in its unencrypted form,  
allowing it to be detected by hackers. There are ways to combat this sort  
of attack, such as overwriting swap files as the PGP program does. But  
some encryption systems are vulnerable, particularly those on Web servers  
where the keys are constantly in use.   
  
>From New Scientist, 13 March 1999  
  
-o-  
Subscribe: mail [email protected] with "subscribe isn".  
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]  
  
`