We’ve been thinking about it wrong: The norm has been Insecurity by obscurity

The Crypto AG CIA backdoor story (2020) clarifies to me much of the neverending flood of “outlaw strong crypto” thinkpieces and “lawful access” (a/k/a mandated backdoors) proposals.

I realised today that the whole discussion was missing a major insight: For much of the Cold War period, the operational standard has been instead ...

Expanding this further, you might also frame this as surveillance by obscurity.

Or the whole suite of information-monopoly vices: surveillance, censorship, disinformation, propaganda, manipulation.

All rely on a level of indirection between the target and the attacker, and on systems whose malicious behaviour is brokered by a not-immediately-apparent flaw.

Show thread

@dredmorbius @hhardy01 ehh, I see his point, if you squint just right;

if your key and process are common knowledge, then decryption is trivial, so one or both must be obscure.

it’s not what the term originally means, but it fits in an era where everyone has a computer.

@TransGal4872 The term has a meaning within the art, and that meaning says you and hhardy are wrong.

Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component. Security experts have rejected this view as far back as 1851, and advise that obscurity should never be the only security mechanism.

When I say this is basic long-rejected stuff, I mean century-and-a-half-and-some old.

Which is why the question bores me.

"Security by obscurity" means that knowledge of the method alone is sufficient to compromise a system.

Keyspace search for a sufficiently large keyspace is intractable. The universe will die before you find the key.

With a cryptographic / system compromise, any key is equally insecure, in that 1) defeating the protection is viable and 2) in some sort of reasonable time or expense.

E.g., no matter the size of your alphabet shift, a Caesar's cipher is insecure.

By your logic, OTP is insecure if you know the pad. The point is to not reveal the pad.

@dredmorbius I think I said that it was a bit of a stretch on both parts of the stated problem, I was just saying that hhardy’s point was valid though malformed

@hhardy01 Strong crypto.

Armed force.

Physical barriers.

Overwhelming dstance.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!