mersenneforum.org

mersenneforum.org (https://www.mersenneforum.org/index.php)
-   Tales From the Crypt(o) (https://www.mersenneforum.org/forumdisplay.php?f=130)
-   -   Breakthrough in Very Large Integer factorization? (https://www.mersenneforum.org/showthread.php?t=25697)

jpcu1237 2020-07-03 03:53

Breakthrough in Very Large Integer factorization?
 
Saw this in the news today:

[URL="https://www.silicon.co.uk/mobility/mobile-apps/police-crack-encrochat-encryption-hundreds-arrests-346164"]https://www.silicon.co.uk/mobility/mobile-apps/police-crack-encrochat-encryption-hundreds-arrests-346164[/URL]

and BBC article states, "Nikki Holland, NCA director of investigations, said the operational team had described it "as akin to cracking the enigma code".

[URL="https://www.bbc.com/news/uk-53263310"]https://www.bbc.com/news/uk-53263310[/URL]

It appears that the platform used RSA and AES and other algorithms, but details unclear from open sources online.

So, if they did crack the algorithm, then a revolutionary breakthrough has occurred? Any chatter out there?

retina 2020-07-03 04:15

The service protocol was hacked by police with a MITM device. Nothing new to see here. When discussing your criminal activities with people don't use insecure services that don't have E2E encryption, right?

The algorithms were not compromised.

Unless it is ruse to pretend they can't crack AES but secretly can. I find that unlikely.

jpcu1237 2020-07-03 04:23

My sense is that you are correct. From what I read online about the platform, however, it was robust and E2E. The MITM device intercepted the encrypted comms, and then what? Maybe they captured keys somehow on HSM on devices?

retina 2020-07-03 04:53

[QUOTE=jpcu1237;549655]My sense is that you are correct. From what I read online about the platform, however, it was robust and E2E. The MITM device intercepted the encrypted comms, and then what? Maybe they captured keys somehow on HSM on devices?[/QUOTE]No. It clearly wasn't robust. If it was then it wouldn't matter how many MITM devices were in the connection.

My guess is the client simply trusted the destination. So for A talking to B, the MITM will provide a key to A and say "Hi, I'm B", and A trusted it without verifying it was talking to the correct destination.

jpcu1237 2020-07-03 05:06

[QUOTE=retina;549659]No. It clearly wasn't robust. If it was then it wouldn't matter how many MITM devices were in the connection.

My guess is the client simply trusted the destination. So for A talking to B, the MITM will provide a key to A and say "Hi, I'm B", and A trusted it without verifying it was talking to the correct destination.[/QUOTE]
Agreed, not robust in the sense secure, since it failed. I meant based on the limited info left online:

[QUOTE]
EncroChat protects conversations with the following four tenets

Perfect Forward Secrecy Each message session with each contact is encrypted with a different set of keys. If any given key is ever compromised, it will never result in the compromise of previously transmitted messages – or even passive observation of future messages.

Repudiable Authentication Messages do not employ digital signatures that provide third party proofs. However, you are still assured you are messaging with whom you think you are.

Deniability Anyone can forge messages after a conversation is complete to make them look like they came from you. However, during a conversation the recipient is assured all messages received are authentic and unmodified. This assures non-reputability of messages.

Encryption Strength The algorithms employed are many times stronger than that of PGP (RSA+AES). We employ algorithms from different families of mathematics, which protects message content in the event that one encryption algorithm is ever solved.[/QUOTE]

[URL="http://encrochat.network"]http://encrochat.network[/URL]
Maybe the authorities will publish a report on the architecture and what they did, but doubtful, unless researchers get interested.

retina 2020-07-03 05:26

[QUOTE=jpcu1237;549661][URL="http://encrochat.network"]http://encrochat.network[/URL]
Maybe the authorities will publish a report on the architecture and what they did, but doubtful, unless researchers get interested.[/QUOTE]Self published "about" pages can make as many wonderful claims as they wish. But unless the code and protocols have been properly scrutinised and the implementation independently verified then such claims are meaningless.

xilman 2020-07-03 06:45

[QUOTE=jpcu1237;549652]So, if they did crack the algorithm, then a revolutionary breakthrough has occurred? Any chatter out there?[/QUOTE]Exceedinlgly unlikely IMO.

Far more likely is exploitation of implementation weakness coupled with traffic analysis and infiltration of the user base. Classical espionage, in other words.

IMO, anyway.

xilman 2020-07-03 08:00

[QUOTE=xilman;549665]Exceedinlgly unlikely IMO.

Far more likely is exploitation of implementation weakness coupled with traffic analysis and infiltration of the user base. Classical espionage, in other words.

IMO, anyway.[/QUOTE]My guess wasn't too far wrong.

[url]https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked[/url] has much more detail.

retina 2020-07-03 09:07

[QUOTE=xilman;549668][url]https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked[/url] has much more detail.[/QUOTE]So the MITM device was installed on the phone. Even easier for the police, just grab the plaintext.

So the question remains how was the malware installed? A compromised server delivering an-important-security-update? Which would just prove the point once you have a working system don't blindly "fix" it with updates.

xilman 2020-07-03 12:26

[QUOTE=retina;549670]So the MITM device was installed on the phone. Even easier for the police, just grab the plaintext.[/QUOTE]Technically this is not a MITM, which requires a device between the end points, not at an end point.
[QUOTE=retina;549670]
So the question remains how was the malware installed? A compromised server delivering an-important-security-update? Which would just prove the point once you have a working system don't blindly "fix" it with updates.[/QUOTE]That has not yet been established but it seems rather likely to me.

It is, of course, possible that there was an important security flaw which needed fixing.

R.D. Silverman 2020-07-03 13:38

[QUOTE=xilman;549677]Technically this is not a MITM, which requires a device between the end points, not at an end point.
That has not yet been established but it seems rather likely to me.

It is, of course, possible that there was an important security flaw which needed fixing.[/QUOTE]


Perhaps I should hire myself out.......

I could probably make big bucks.


All times are UTC. The time now is 03:54.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.