Cyber-security for activists

Hannes & VidirOdense, 9. April 2011

Hvem er jeg?

• Jeg er tysker

• Jeg arbejder som PhD-studerende på IT-Universitet

• Jeg forstår lidt dansk og jeg kan snakke meget lidt dansk

• Derfor jeg snakker engelsk

Why am I here?

• I am a replacement

• I’m a nerd (and have been involved in some projects)

• I like to teach activists about the internet

• I observe that many people don’t know and don’t care much about security in the internet

Overview

• Privacy in the internet

• Kinds of Attackers

• How to protect: cryptography

• Web, Mail, Chat, Hard disk

Privacy

• Cookies

• Content in clear text via internet

• Social networks

Cryptography

• Asymmetric cryptography

• Public and private key

• Using RSA or DSA/ElGamal

• Based on hard mathematical problems:

• Integer factorization (RSA)

• Discrete logarithm

Asymmetric cryptography

• Everybody has a public and a private key

• Private key is protected with a password

• Distribute public key to friends (communication partners)

• Decryption and signing done with private key

• Encryption and verification with public key

Attacker

• Local - has access to computer

• Family members

• Friends

• Police/secret service - might get access

• If they bust you

What?

• Alice has a public and a private key Alice

public

private

Local encryption

• Keep secret file private

• Use your own public keyAlice

secret datacsddsszxzxzxxzxzxzxzx

Alice's public

Local decryption

• Decrypt encrypted file

• Use own private keyAlice

secret datacsddsszxzxzxxzxzxzxzx

Alice's private

Local private files

• Using encryption, only you can read your private files

• Helps against family, friends; whomever you don’t want to read your private stuff

Tools for File encryption

• either PGP/GPG (gnupg)

• dmcrypt or LUKS on Linux

• geli on FreeBSD

• FileVault on MacOSX

• Truecrypt (Windows, Mac, Linux)

• PGPDisk on Windows

Truecrypt

• OS-independent

• Should be used also on USB sticks etc

• Keys or password

• Feature: hidden volume

• Two encryption containers

• Only one visible

• Put interesting content in one, secret in the other

But I want to communicate!

• As simple as that BobAlice

Hi Bob

Possible attackers

• Eve can read everything

• Might be on the local network

• Or at the Internet Service Provider

• Or the police having access to the ISP

BobAlice

Hi Bob

Eve

Encryption

• Alice encrypts a message for Bob

• Alice got Bob’s public keyAlice

Hi, Bobcsddsszxzxzxxzxzxzxzx

Bob's public

Decryption

• Bob needs his private key for thatBob

Hi, Bobcsddsszxzxzxxzxzxzxzx

Bob's private

Adversary

• Only sees the encrypted message

• Can observer that Alice and Bob communicated csddssz

xzxzxxzxzxzxzx

Eve

But, wait!

• How does Bob now the message was from Alice?

• Eve could also have encrypted that message

• (because Bob’s public key is public)

Signature

• Alice can sign any of her messages with her private key

• A signature is prepended Alice

Hi, BobSignature

Hi, Bob

Alice's private

Verification

• Anyone who has Alice’s public key can verify her signature Bob

Signature valid

Hi, Bob

Signature

Hi, Bob

Alice's public

But Eve could see the message with signature

• Therefore, encrypt and sign!Alice

Hi, Bob

Signature

csddsszxzxzxxzxzx

zxzx

Bob's public

Alice's private

Encrypt and sign communication

• So that only you and the other end can read the message

• And you are both sure to communicate with the right person

Tools for communication

• Different approaches whom to trust

• And how to get the public keys

• remember: you always need the public key of your communication partner

Different solutions• SSL: hierarchic, central trusted authority

• good for companies

• used in the web: http_s_

• PGP: decentralized trust; web of trust

• NGO/activists

• OTR: decentralized, plus more features

• NGO/activists

• thought which properties are worthwhile

SSL (Secure Socket Layer)• Client-to-server encryption

• Every browser has a list of trusted Certificate Authorities

• These are companies who sell certificates

• They should check the request comes from the owner of the domain

• Several cases where this has not been true

• Or where CA’s were hacked

PGP - Pretty good Privacy

• Client-to-client encryption

• Message encryption and decryption, signing

• Be aware: only content, no headers are encrypted

• File encryption and decryption

PGP - Web of trust

• Problem: I want to get Bob’s key

• and want to be sure that it is really Bob’s key

• Download and verify that it his by a second communication channel (telephone)

• This is tedious!

• If Alice has signed Bob’s key and I trust Alice’s key

• I can just get Bob’s key and be sure it is his

• Works if keys are stored on a public keyserver

PGP Key signing parties

• Some people suggest key signing parties

• Everyone verifies fingerprints and passport/ID-card

• But wait, this is not what is important:

• The mail address is important to verify

• You shouldn’t care about the name, but the mail address of the key

PGP

• If private key is lost (or stolen)

• Can decrypt all stored messages

• Can proof (mathematically) that the message has been sent

• Protect your key!

PGP Keyserver• Expose some information

• Email-address

• Date of signing

• “I met/know this person”

• To make sense, must be public

• support for local signatures as well

• Is like a social network (social network analysis: analyze groups of people)

OTR (Off-the-record)

• Nice features:

• Plausible deniability

• Nobody can proof that it was my message

• Perfect forward secrecy

• Even if one key is recovered, only that message can be decrypted

• No support for offline storage (need handshake and online people)

• Same problem as PGP which key to trust

OTR

• Can be used with Instant Messaging

• GTalk

• Facebook Chat

• By using an external Client (Pidgin, Adium)

What are useful properties?• Confidentiality: only receiver can read message

• Encryption (encrypted with receivers public key)

• Authenticity: sender is really sender

• Signature (signed with senders private key)

• Integrity: message has not been modified

• Signature (can be verified)

• Repudiation: sender has really sent message

• Only sender has private key, can’t deny that

• Deniability: no outsider can proof identity of sender

In short

• Public key cryptography is awesome!

• Client-to-server and Client-to-client encryption

• SSL for websites (client-to-server)

• GnuPG for Mail and file encryption (client-to-client)

• OTR for Chat (plausible deniability “I didn’t say that”)

• Truecrypt for hard drive (if they bust you)

Useful links• https everywhere https://www.eff.org/https-

everywhere/

• gnupg http://gnupg.org/

• thunderbird and enigmail http://www.mozillamessaging.com/thunderbird/ http://www.enigmail.mozdev.org/

• firegpg http://getfiregpg.org/ (discontinued)

• pidgin (with otr) http://www.pidgin.im/

• truecrypt http://www.truecrypt.org/