Re: best way to secure communication?
On (20/05/06 18:22), lee wrote:
> On Thu, May 18, 2006 at 08:12:29PM +0100, James Westby wrote:
> > My point was that if you are worried about people putting the effort
> > in to cracking *your* SSL based chats, then I would be wondering
> > what you were actually talking about.
> Oh, I don't think that anybody will try.
You're probably right, but you're doing the right thing by thinking
about it anyway.
The people that would usually have to be concerned about the level of
security provided by SSL, would have to have some very tempting
information that they wanted to keep secret for the next 50 years.
> > And if I was that concerned about it then I would not be asking for
> > advice like this on d-u (apologies to all subscibers). I would be
> > doing research in to how to actually acheive some proper security,
> > rather than using some attempts to add encryption to existing
> > protocels over public switched networks (no offence to those who
> > have added encryption capabilities to these protocols, capabilities
> > I use all the time and value a lot).
> Do you think it's insecure to use existing protocols with added
No, not as a rule, there are some fantastic uses of encryption which are
added to existing protocols.
The problem may be that the encryption would be of limited use due to
the underlying protocol in some cases. For instance it might be added to
some very "open" protocols (not as in open-source) that allow the
clients to get away with a lot, and so the encryption can be bypassed.
No metter how well the encryption is implemented on top of a protocol
like that it could be circumvented easily. For real security it has to
be designed in from the start.
The other problem was with the use of packet switched networks, which
provide many, many ways for an attacker to manipulate the playing field.
This makes it much harder to be sure that what you are doing is secure.
> > If you are just the paranoid type then SSL using something like
> > TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
> > (man 1 ciphers) should put off the casual attacker.
> I'm trying not to become paranoid. I only want to make it sufficiently
> difficult for ppl eventually trying to spy. The more difficult, the
> better. The hard thing is to find out what can be considered as
> 'sufficiently difficult'.
That's a subjective thing.
> > I'm not sure what you mean by the other end of the communication? Are
> > you planning to be talking to people who don't use encryption? In that
> > case there is not a lot of point in worrying about how strong your
> > encryption is.
> No, but I don't have much influence on the other end, other than
> deploying some solution for encryption, provided that the solution is
> sufficiently easy to install and to use. No more than that, so if
> someone would try to attack, he'd probably attack the other end since
> it appears to be the weakest part.
That's probably the case yes. But if you use end-to-end gpg encryption
then you should be alright. As long as your friends aren't the sort of
people who hand out their private keys to anyone that asks.
> If I were paranoid, I won't even try this because it is 'sufficiently
> futile' ;) Within its limitations, it's still better than nothing. But
> it would be a very bad thing not to know of the limitations and to
> think that is actually secure.
> The plugin for Gaim seems to be nice, we're going to try it out. Maybe
> the other options will also become interesting.
> Do you think it's sufficiently secure that way? Like 'the plugin works
> as advertised' or 'the plugin is crap because it's easyly decrypted or
> exploited'? With whatever be used, it's hard to tell.
I haven't seen this plugin so I can't tell you I'm afraid.
Without seeing it I would say that gpg meets your needs, and the authors
of the plugin have probably done a good job of writing it. My only
concern would be the key distribution, but you can come up with a
solution to that, especially if you know who you want to talk to before