
CrypTech: Making the Internet a Little Bit Safer - Sami_Lehtinen
https://cryptech.is/
======
pdimitar
And, we know these guys' operation isn't a honeypot since NSA has trouble
hacking certain more privacy-conscious individuals or organizations... how
exactly?

I mean, people, let's be real here. Unless you're a hardcore mathematician
with programming background in devising crypto algorithms AND you have strong
knowledge in signal processing on top of that, how do you know that anything
you download/buy in terms of "more private" hardware/software, is actually
indeed "more private"?

We're at the mercy of people who keep saying "we care about your privacy and
security". Everybody is screaming "we are better than the rest!" and all of us
are simply left scratching our heads.

For all we know, even GNU's guidelines on which crypto algorithms to use might
be flawed due to an ingenious and impossible to spot subtle mathematical flaw
in the said algorithms.

What _actual_ hope do we have?

~~~
dottedmag
Security reviews and the hope that the whole academic field of security
researches is not bought a-la-carte by NSA.

~~~
pdimitar
_Cynical and long rant alert_ :

From a psychological standpoint and my own experience, as you grow older, it
becomes harder and harder to resist bribes or being bought out to inject
vulnerabilities in a software/hardware you work on. Idealism lasts 5 (maximum
10) years of heavy work during which you squander the seemingly infinite
energy of your youth, then you become very tired, then you make it worse with
coffee, energy drinks and all-nighters, then you destroy several possible
relationships and friendships, you become grumpy and cold, and one day you
find that you don't care about what's good for the world anymore.

You also find yourself staring at your ceiling and wondering WTF are you doing
with your life. And unless you're one of the rarer human beings who is
actually decisive and has the courage to make a U-turn and change your life to
exactly what you want from it, then you'll be stuck for life.

Now imagine we fast-forward lots of years later. At 35-45 you no longer care
about most (or all) of your youth ideals. All it takes is one phone call or
email offering you a 5-digit figure and you're bought out. And if the sum is
6-7 digits then forget about it, you'd sell the entire humankind. We can all
pretend to be on high moral thrones but I am sure most people wouldn't think
for more than 2 minutes after they receive the said phone call or an email.

So at this point, I simply can't believe anyone when they say they really want
privacy and security to be enforced and to try and beat NSA & Co. in their own
game. I know I want to, if only out of spite and to show them they're not so
awesome as they think, but meh, I am not an electric or electronic engineer. I
can't reverse-engineer a chip. I can't devise a new chip. I can't isolate
equipment in a room and try and check if it emits signals I don't want it to
emit. I can't hack the kernel of my Android phone and kill its services who
always drain my battery.

Basically, I can't do almost anything about it. So I am thinking about it on a
human level. Humans are easily bought. If not, they are even easier to
threaten.

------
marcosdumay
Hum... I'm at a loss. I just can not imagine what a "hardware cryptographic
engine" does, and how would anybody use one.

I'm even more at loss trying to imagine how a specialized device can help
"securing email, web, DNSsec, PKIs". Well, for DNSsec I can imagine something,
but not the others.

Is it to be used as a SSL terminating proxy in front of your services? How
could it secure email, for example? How is that goal compatible with not
getting "drawn into re-implementation of application protocol layers"?

~~~
nickpsecurity
It will help if you understand what HSM's are, why they're used, and where
they benefit. Nice intro here:

[https://markgamache.blogspot.com/2011/05/why-we-use-
hardware...](https://markgamache.blogspot.com/2011/05/why-we-use-hardware-
security-modules.html)

I'll add that many have tamper-resistance mechanisms of varying security for
physical attacks. The better ones also have a trusted path, or dedicated
device, for entering PIN's or passwords. The main drawbacks, as link notes,
are usability/complexity, closed-source components must be trusted, and _very-
high_ cost (eg four, five digits). Projects like this intend to reduce or
eliminate effect of those last three.

~~~
marcosdumay
Thanks. I see it now.

------
JoachimSchipper
The lack of a chapter "physical security" in their documentation is rather
disappointing. There's a few bits on the wiki, but that's it. Physical
security - that is, keeping people from just breaking the keys out of your
system - is one of the hardest parts of building such a system!

One might prefer a Pi with a suitable smartcard attached...

~~~
nickpsecurity
"One might prefer a Pi with a suitable smartcard attached..."

It's what my pal "Thoth" is essentially working on minus the Pi part. The
EAL5-6 rated smartcards have significant effort put into SW protections and
tamper-resistance. Not stopping high-end attackers with physical access in all
likelihood but might keep out riff raff. He's putting mail and/or file
encryption on them to protect keys against host compromise. Tells me the
Ledger Blue is the best of the new, more-open ones as they know what Red-Black
separation is, implement some of it physically, have trusted path, and act on
some feedback. Check it out.

EDIT: Given this is open source, I forgot to mention multiple smartcards & SW
TCB's can be combined in voter configuration with trusted hardware & software
to reduce risk of vendor subversion. Unlikely that all the major vendors would
work together or be compromised by same group unless threat profile is too big
for most to survive already. :)

------
microcolonel
> We hope that a group of interested organizations will offer funding for
> development, and that the IACR and public sector cryptographers will provide
> algorithmic advice and wide and open review.

I wonder: Do they mean _private sector cryptographers_ ?

~~~
Canada
They mean cryptographers who publish openly. As opposed to cryptographers
whose work is classified or otherwise concealed from the public.

Not all cryptographers who work in the public sector do so in secret. Not
everyone who works in the private sector shares research openly.

------
hagbarddenstore
Soo... How does this solve traffic that happens outside the encrypted network?

