[liberationtech] scrambler

Thu Aug 29 12:45:09 PDT 2013

Michael Hicks writes:

> ok so I guess I just send u guys the links and u check out my software and Vet it? This was made for people to be able to protect their privacy and the NSA can't hack it No One can it's impossible. all the information is at scrambler.webs.com

It's true that no one can crack a one-time pad, which your software
claims to implement.  A one-time pad might be useful for some people,
though it's possible that they shouldn't then use a computer to encrypt
and decrypt, because using a computer introduces new vulnerabilities
(like radiofrequency emanations and remote software exploits).

There might still be cryptographic vulnerabilities in the random number
generation that your software uses.  There was recently a high-profile
vulnerability in the random number generation provided by the Java
implementation on Android, which allowed keys to be compromised.  If
there were a similar vulnerability in the Java implementations people
use with your software, it might have similar consequences -- which
might not be the fault of your software, but might still undermine its
security.

A one-time pad is probably not very useful to most people who need to
communicate securely because they have to find a safe way, ahead of
time, to distribute and store the key material with each potential
party that they may communicate with.  That's a pretty heavy burden,
especially when people are meeting new contacts and wanting to
communicate with those contacts (without having been able to arrange
a prior physical key distribution).

It also doesn't integrate easily with any form of communications
other than exchanging files, although it would be possible to extend
it to other things like e-mail or IM if you could manage the sequence
numbers properly to avoid reusing key material (something our existing
protocols don't really help with).

If you read _Between Silk and Cyanide_, there's a good and interesting
historical account of wartime military use of one-time pads.  One of
the messages seems to be that it was quite expensive and cumbersome,
though perhaps well worth it for the particular application.  It's hard
to imagine many audiences prepared to actually bear these costs for
many of their communications today.  We already see people complaining
about the effort and overhead of things like PGP merely because some
aspects of the key management are made explicit to the user.  For
one-time pads _every_ aspect of key management is made explicit -- and
manual, and requiring the exchange of physical objects!

My intuition is that people who feel that one-time pads are necessary
should probably learn to operate them by hand, the way the SOE agents
in that book did.

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107