As you may know, the our border agents have started to require various travelers (i.e. the shifty-looking ones that try to cross borders) who happen to have tech gadgets with them to turn those gadgets on, login, mount encrypted drives, etc., so that those agents can make copies. I’m not planning to leave the country, but I’m also not interested in taking chances here.

Normally while the gross invasion of privacy of others bothers me, the actual fact of this sort of behavior does not, because I usually don’t travel with my various vitally private files (usually to do with cryptography) with me.

This has changed since I started using a USB key and portable applications to do what of my personal business I do at work. Until this morning, I had GPG, GPGShell and my GPG/PGP keys on my USB key that I use for portable computing. Now I don’t. The alternative was to keep that stuff on my USB key but put them in a hidden cryptography volume. I decided that was probably too fiddly and I didn’t need that stuff with me that badly.

But why would I think about it at all?

It boils down to trust, not just the casual, social concept, but the Formal Trust that crypto geeks talk about.

Let me do a quick whirlwind tour of cryptography. This description is really basic and it conflates certain things about crypto and its history that I normally wouldn’t conflate, but for summary purposes I think it’s okay. Please don’t flame me or think me an idiot for summarizing to this degree (if you are a crypto freak). I know this is far more complicated.

In the beginning, Caesar and his ilk created simple “substitution ciphers” where one letter replaced another, so if you knew what letter stood in for another you could decipher his ciphers and read the original message. The catch here is that while you have a semi-secure (people do this sort of thing in puzzles these days) that would be difficult to casually decode, you have to transmit the method of decipherment to the person you want to receive the message as well as transmit the ciphered message.

Basically, cryptography stuck with this sort of method, with ever more difficult and sophisticated methods of scrambling and the reversing the scramble. Some methods of scrambling/descrambling required machines (like Enigma a sort of steampunk electrical mechanism for scrambling/descrambling that was used in German naval subs in WWII), and others used hand-driven calculations to the same effect. Like Caesar’s original cipher, the challenge here was to transmit the method or mechanism for scrambling/descrambling between the two ends of the communication. Then the message could travel in relative safety over open air (radio) or wires (telegraph).

When computers became available (the first computers having been built partly to decode these last kinds of messages), they pretty much demolished the security of the scrambled messages, so new classes of scrambling/encryption had to be invented that were proof even against computer analysis. We still mostly used the same kind of encryption where you did a reversible type of scrambling and each end of the communication had to know the same method for scrambling/descrambling and the challenge continued to be making sure that that method was securely communicated and protected so that the message could travel potentially in the open as long as the encryption key was known by the communicators. This is called symmetrical encryption, because there is mathematical symmetry in encryption and decryption.

We are now and have been for more than a decade in the age of asymmetrical encryption or public/private encryption. A while ago, mathematicians found that there were a class of very useful mathematical relations between really huge prime number pairs and relatively simple maths with them. You can sort of mystically entangle two really huge prime numbers so that if you know one, you can scramble/encrypt any other number to it such that the other number can unscramble/decrypt it. If you turn a message into a big-ass number, then you can use this method to create two keys: one to publish to the world and have people encrypt messages to you with and the other to decrypt them. This handily addressed the issue of having to transfer the secret key securely between recipients that we had with the ciphers and the symmetrical encryption, but introduced a new question: How do we know that the key we’re using is actually the one that pairs with the secret key we’re hoping our buddy actually owns?

Enter Formal Trust. Formal Trust comes in degrees. Full trust in the formal sense means that you trust whatever it is you trust as much as you trust yourself. Partial Trust can mean that you identified some guy at a trusting (technically a key signing party) party by his key digest (a unique mathematical summary of a much larger digital file) and his photo ID, but you’re not sure if you really trust him beyond that. No trust or limited trust means that the thing you’re (not) trusting is probably already compromised or you have no assurance at all that it is who it says it is, or has any idea how to handle its own security.

You actually do this trust stuff with complicated security/crypto transactions like calling your buddy up after he downloads a key from a public server, establishing your identity by trading anecdotes or secret phrases or whatever, and then reading your key digest (a long string of numbers and letters) to him so he can check his copy of your key against the digest you just read to him.

Alternatively, you can go with a central authority like Verisign or Thawte, who will verify your identity and possession of your key in other ways (spying and background checks, as well as their own formal trust protocols).

We finally come ’round to why I am thinking this hard about my keys. I have full formal trust with a couple of buddies. They would expect me to think this hard, which is partly why I do, to uphold my end of the trust relationship, and because in the Crypto world I am sort of average in paranoia and geekiness, but sufficiently both to find this sort of thing really interesting to think about and to do.

Tags:   crypto · gpg · pgp · portable applications · travel · trust · usbNo Comments