Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
This forum is in permanent archive mode. Our new active community can be found here.
Secure Communication
With the closing of several secure email companies and the coming death of cloud storage in the US (from a global market perspective) I came up with an idea. I do not know if this idea has been implemented before but I think it might allow a certain level of privacy and security to email-like communications.
Currently you can encrypt the contents of your message but the sender and recipient information is not. Something that gets encrypted. Often the knowledge that two people are in communication is enough and the contents do not need to be deciphered for the message to have value to those who are watching.
What if there were a way to encrypt everything about the message?
If there were a secure message server that a person could connect to via an encrypted and secure connection with all communication only staying on that server (or servers all with secure links) would that be secure enough? It wouldn't be email because the messages would never travel over the internet in an email form as such no one could pull the 'envelope' data from the messages.
Currently you can encrypt the contents of your message but the sender and recipient information is not. Something that gets encrypted. Often the knowledge that two people are in communication is enough and the contents do not need to be deciphered for the message to have value to those who are watching.
What if there were a way to encrypt everything about the message?
If there were a secure message server that a person could connect to via an encrypted and secure connection with all communication only staying on that server (or servers all with secure links) would that be secure enough? It wouldn't be email because the messages would never travel over the internet in an email form as such no one could pull the 'envelope' data from the messages.
Comments
Silent Circle offers full secure messaging, phone, etc., at least according to their website. One of the founders is Phil Zimmerman, the guy who invented PGP, so odds are pretty good they're doing things right. The only problem is that it ain't super cheap at $120/year.
Edit: yes, with PGP the envelope information is still unencrypted. Although, you don't need to give up webmail with PGP. For one thing, there is the Mailvelope Firefox and Chrome extension that gives you PGP access to most webmail accounts. Of course, if you don't trust that extension, PGP is just plain text, so you can just copy and paste from your webmail window to your PGP window as necessary.
http://en.wikipedia.org/wiki/WASTE
Also, just use GPG encryption and signing of important email. Give up on the metadata aspect (who you're emailing) and secure the data aspect (what you're saying).
You can use GPG with webmail easily.
Ideally, you send all emails to a big list of people, and everyone important does the same. If all emails are encrypted, and all go to this list, then the metadata is munged. An observer can neither determine the contents of the communication, nor reliably who is communicating with whom. They can only tell that this list of email addresses is somehow linked.
By sending cats on a regular basis, you also obscure when you are communicating.
Is there 'expansion' software? The opposite of compression? Make a 75kb lolcat file into 10MB and then email it in an encrypted message?
Think of the lols among NSA staffers when they finally break the encryption and see a picture of a cat asking for tuna samiches.
If you want to fill up lots of bytes, you need to either randomly generate them or get them from somewhere else. Yeah, that kind of approach works only if you have enough people doing it. In fact, if only a few people do it you may only attract more attention to yourselves because you're taking those extra measures.
For a properly-implemented standard encryption, if all you have access to is a set of encrypted messages, it is simply infeasible break the encryption in a reasonable amount of time, because the only way to do so is effectively brute force. You can glean information from the metadata and message lengths, which are un-hideable, but encrypted emails are safe unless they access your computer and get your encryption key.
In short, encryption is not really breakable unless the listeners have access to a large amount of sideband information.
Also, hard drive companies charge ludicrous amounts for enterprise-class storage, I'm talking the dollars per gigabyte range. If the NSA is just picking up all the traffic it can get their storage costs would very rapidly outpace the entire agency's budget. Loooooooooooool.
So you need about 27,000 square feet to hold one exabyte using said array. 18 exabytes is about 486,000 square feet. The NSA's Utah datacenter alone is estimated to have from 3-12 exabytes of capacity. Now I'm not saying that the NSA has thousands of exabytes of capacity, however, given how a single datacenter could potentially hold 2/3 of that amount, it's possible that they could easily meet 18 exabytes when spread out across multiple datacenters. I wouldn't be surprised if the NSA has multiple 10's of exabytes of storage available spread across multiple data centers.
That said, and I am embarrassed somewhat at this, I did miscalculate just how big an exabyte was per se. The point was even a zip bomb wouldn't be able to do significant damage to the NSA and I just used a simple 2^64 maximum file size to express how much that could potentially be without stepping back to think exactly how big that was. Extra embarrassing since I've worked in enterprise storage for my entire career.
Part of my miscalculation was that I was remembering my then employer's petabyte lab (as in it literally held one petabyte of storage) back in 2000 (when the largest drives said employer was shipping were around 30GB or so), and then expanding that in my mind somewhat based on how much storage capacity had increased without doing any hard calculations as to just how much it has increased like I sort of did above. My quick thinking turned out to underestimate just how much more space an exabyte today would take over a petabyte in 2000, even with improvements in capacity since then. My mistake, although I don't think I was that far off, given what we know about the Utah datacenter and current storage capacities. Even if they don't have 18 exabytes available now, odds are they will relatively soon, unless their funding gets cut dramatically.
But I'm talking about the cost of buying that storage - if you're buying disk drives at enterprise prices, which the NSA probably is, you're paying on the order of a dollar per gigabyte (no, I'm not joking), and 1.5 exabytes of storage runs you $1.5 billion - around the cost of the entire rest of the center. If you can somehow make the drives last on average five years, you're looking at a $300 million annual equipment replacement cost.
Moreover, one can reliably half the actual storage content again on the assumption that the NSA will very likely have some redundancy in that data center.
At least you only reveal an upper bound on message lengths.
As far as redundancy, they may have that for archival purposes (which they may compress/deduplicate/etc.), but they wouldn't need it for scratch space, but that all gets down to the nitty gritty as to how the NSA set up its storage hierarchy.
Plus, there is plenty of wiggle room in pricing for enterprise storage, as I know first hand. Sure, the list price for enterprise storage is $1/gigabyte, but if you're buying enough of it, salespeople could give you a substantial discount as well. Heck, while this isn't a case of giving a discount on the storage itself, a enterprise software product I used to work on, which normally cost several tens of thousands of dollars to purchase on its own, was often thrown into the purchase like a Cracker Jack prize to sweeten the deal a salesperson was making to a customer buying an enterprise array from my then employer. I would be surprised if other things, such as discounts of drives, etc., weren't also thrown in -- especially when in a bidding war against other enterprise storage vendors.
In addition, going back to the whole storage hierarchy thing, many enterprises use cheaper/lower grade storage for less critical data (such as scratch space) or use extra redundancy (RAID6 or similar) to get away with using cheaper grade storage on medium critical data (archival, backups, etc.). The really expensive stuff typically only gets deployed for the most important stuff, and sometimes they don't even bother with spinning disks and go straight to massive quantities of flash at that end. So while the NSA's most important stuff may use the $1/gig storage (or even pricier flash), there is also a very good chance they're using much cheaper stuff for less critical storage.
But as I said, I also misestimated the amount of space an exabyte would take by expanding upon how much space a petabyte took 13 years ago and assumed, without thinking things through, that storage density increased by more than it actually did.
Remember, the government always goes with the lowest bidder (or nearly lowest). If there was no bidding war, you may have a point there, but once you get into a bidding war, then all bets are off.
That's part of the problem when people say "don't use Google/Microsoft/Yahoo/etc., it makes your email easy for the Feds to access." Sure, having all those emails in one place does make things slightly easier. However, it's not that much harder for someone, whether the Feds or a miscreant with the proper access, to simply put a tap on the upstream data lines coming out of Google/Microsoft/Yahoo/Your Personal Server and scoop up as much yummy data as they like. Heck, my house ran its own email server in college, and I (and others) would routinely packet sniff upstream of the server and show people just how insecure things were. Granted, that was small peanuts compared to what the NSA can do/is doing, but it's not exactly rocket science to do it either. The only significant differences between what I did back then and what the NSA is doing are a matter of scale (the NSA has much bigger hardware to scoop up data with) and access (the NSA can get upstream of major ISPs, whereas I could only get upstream of the server located in my house).