Friday, August 14, 2015

Episode 7 is up. And some thoughts about a cyberworld with failed encryption and low trust

First of all, because it matters most of all, I'm gratified that I'm getting email from many of you, little flares of discussion on Twitter, and informed multisided argument over at Light Reading about "Silence Like Diamonds". That little adventure novelet is honestly drawing more attention and creating more conversation than some of my novels. (Possibly it even deserves to.) Thanks, guys, not only could I not have done it without you, by definition, if there hadn't been a you, I wouldn't've done it.
Second, in case you missed that there subtle hint right there, time to start reading "Silence Like Diamonds," because Episode 7 is up now, and as I mentioned  earlier this week, we are now, rhymthically speaking, getting into the space where a whole lot of stuff ought to blow up. (And I am nothing if not slavish to rhythm).  If you haven't started yet, since each episode is only a thousand words, you can be caught up in something less than an hour, so just hop on over and start at Episode 1 or wherever you like on the Episode List.
And now to the heart of things: One chunk of the ongoing discussion I've been enjoying, mostly as a spectator, is the conversation brought on by this blog piece and amplified by Mitch Wagner over at Light Reading, where you'll find the public discussion. The question, broadly, is that given that many good minds are at work on a fast factorization process, and a fast factorization process would rip open RSA and public key encryption generally, reducing decrypting times from literally astronomical to a matter of days or less. Right now we don't know if it's even possible (and depending on how paranoid you are, we also don't know that someone doesn't have it already).
So, Mitch asked a bit nervously, if a fast factorization algorithm is found, that means all the locks are open and everything will be read. Can humanity survive? More importantly, can people in the computing, software, and communications industries continue to afford upgrades, games, and huge conferences?
I think the reason behind that question is that we're living in a polar condition -- that is, privacy and secrecy could hardly be more effective than they are now.  Nearly all the hacks and penetrations we know about are caused by sloppy humans, not by broken encryption. The balance was tipped over hard to the encryptor side two generations ago, and our security wizards have developed some extremely comforting and predictable adages about where to look for trouble, which have worked so well for so long that some of them have been lulled into the comforting belief that that is all there is to it. If you like a slight dash of irony, the major weakness in security with respect to this subject is that so many security people have a false sense of security.
But historically there have been times when the balance flipped the other way.  The world did not end, but it sure was different.
During the mid-19c cluster of wars that began with the Crimean War and finished with the Franco-Prussian War, for example, cryptanalysts were breaking codes at their desks within hours (tools like frequency tables were well developed, the more common transpositions were easily parsed by known methods, single value ciphers were still the most common, and the trick of assigning tasks to half a dozen code clerks had been mostly worked out). Moreover, the more important messages had to move by courier because the telegraph lines were insecure. Cavalry scouts spent a fair bit of their time looking for a man by himself in the other uniform, riding hard, and their instructions about such riders were "The mail doesn't go through, and getting the saddlebag is more important than getting the prisoner."
How did the armies of the time adapt? First of all, they very nearly abandoned cryptography.  Lee's Special Order 191, the one that was used to wrap three cigars and fell into McClellan's hands, was unencrypted. (Had it been encrypted in the strongest cipher Lee and Stonewall Jackson shared, McClellan's cipher clerks would have needed no more than two hours to figure out the gist of it, with a few words ambiguous or garbled). The intercepted, enciphered diplomatic telegram that eventually became a key to proving Dreyfuss's innocence was partly decoded on the first day and fully decoded within six; but the intercepted document that pointed suspicion toward him in the first place was also unencrypted, even though it was a letter to the German embassy offering a catalog of French top secret military documents for purchase.
Instead of the futile effort to make the meaning unreadable, they concentrated on physical security and deception. That was the great age of the hollow cane, the false-bottomed flask, and the double-layered corset. Vital messages might be sent in multiple copies -- only one of which was valid -- by multiple riders, none of whom knew whether they were carrying the true one or not. Authentication was by prearrangement, personal codes that resembled passwords, trellis devices, and a host of other techniques, but perhaps the most important security measure was always understood to be to minimize the need for secrecy in the first place: send the message as late as possible, talk only about the very immediate future.
Or consider how banks in the United States operated between President Jackson's successful closure of the Bank of the United States and Lincoln's establishment of the National Banking System.  In those days checking accounts were rare, and for the wealthy; the most common way banks gave out money was by issuing banknotes, which at the time was not just a quaint expression for denominated bills, but were actually issued by individual private banks, to be redeemed at that  bank only for  gold or silver, or the notes of other banks (and very occasionally for government securities, including "Treasury notes," i.e. the paper money the federal government issued to pay its employees, which went into circulation when they spent it and went back out when people used it to pay taxes).   
At that time not only did the U.S. prohibit interstate banking, but many states didn't allow intercounty banking, so the result was that  there were literally thousands of banks all issuing paper money in the United States, some in states like Ohio, Michigan, New York, and Vermont that regulated the practice tightly, and some in states like Texas, South Carolina, Delaware, and Missouri that barely regulated it at all. (Check out the slideshow on thispage, which is actually about a quite different topic; a few slides into the show, there are a dozen or so images of bills in strange denominations  -- $3, okay, but an $11 bill? They wanted them all in primes, or to always get change back from a ten?) 
Especially before the telegraph, this meant that if you accepted payment in $17.50 bills (yes, that denomination existed) from, say, Reverend Bob's Friendly Bank of Possum Droppings, Minnesota, and deposited them into the Dependable Farmers and Mechanics Bank of Swampland, Louisiana, it might take a month for the bank notes to be mailed back to Possum Droppings and the clerk there to send a verification letter to a clearinghouse that would then ship gold coin to Swampland. (This, by the way, is why train robbers were so intent on robbing trains for generations, and train robbing was the career peak for armed robbery: the mail train carried many big sacks of untraceable banknotes that could be redeemed in thousands of places if you had the time). 
 To the surprise of no one who has ever known any people, notes from non-existent banks abounded; unscrupulous printers made copies of notes from distant banks; people opened banks solely to print notes; Ponzi schemes long before Ponzi were widespread.
Yet the United States economy managed to be the fastest growing in the world, and though there was plenty of trouble and the great banking historian Bray Hammond commented that when Abraham Lincoln took office to run what would be, in many ways, the first modern war, he had a financial system perfectly designed for the Wars of the Roses .... all the same, it worked.
How did they do it? Discount houses would pay a fraction of face value in exchange for assuming the value of the bills.  More than a dozen publishers put out monthly volumes listing known-to-be-reliable banks and the denominations, serial numbers, and descriptions of their bills. Money was printed that could only be in private hands up to a fixed date, after which private individuals were not supposed to take it but banks and clearinghouses would accept it for redemption.  After the telegraph, bank detectives could be dispatched to distant cities with up to date information to keep corresponding banks safe from false notes issued on more reliable banks.  And by the late 1840s, the urgent need for fast shipping of banknotes and money orders to and from the California gold fields resulted in the creation of "express" companies, which specialized in high-security (i.e. armed guard) high-speed (i.e. railroads and steamboats where available, horse relays or stagecoaches where not) shipments mostly of bank notes, and sometimes of gold. In very short order, the express companies began to handle dozens of other financial and security duties, since they had bonded clerks and often the only decent safes in tow.  By the 1870s, express companies had become  predominantly financial. (Two of those early express companies are still with us: American Express and Wells Fargo).
Now, shipping boxes of doubtful bank notes by fast horse with armed guards is certainly not the economical way of doing things. It was a huge overload and a drag on the economy.  But it could be done, and it worked well enough for the economy to keep going. There's even a fair case that it may have led to more rather than less growth; much of the canal era and the early railroad era were financed in large measure by bank notes that could never be redeemed, so that much of the building of vital infrastructure was in effect a freebie for the entrepreneur (and a ripoff for the investor).
As for the thing that scares a lot of people about decryption, the revelation of secrets like that bank account you're going to use to run off with your on-the-side, or the payments to your love-child's mother, or your top secret weed stash financing (which lately has been making banks in Colorado, where I live, very happy and mellow indeed without ever having to touch the product) ... ever gone to a coed steambath or a nudist colony?  Disconcerting momentarily, but when everyone's naked, it stops being a thing pretty fast.  One church deacon with a Swiss bank account and a Costa Rican love nest is a scandal; a hundred thousand of them, with two thousand more caught every month, is just a predictable part of the archbishop's overhead.
I'm not saying that the shattering of encryption would make no difference at all.  All the alternatives -- more extensive use of one time pads, physical security, spoofing, alternate-channel verification, and so on -- would cost much more and work much less well than what we have now.  Look for more fraud, more robbery, more money spent by both sides on guards, goons, and guns. 
Look for a time when good security people get rich quick, and lead interesting lives.  Which brings me back to Episode 7 of "Silence Like Diamonds. " Remember the main characters in that story are flourishing private consultants and business people pulling down fat contracts from major corporations.  And what field are they all in? Security.
If you're in any of the security fields today, you might want to burn a little incense to the Gods of Fast Factorization. Because just about the only safe prediction, if fast factoring becomes a reality, is that you're going to be rich. Nobody, after all, makes more money than someone who promises to try to sell you what no one can deliver.