标签: encryption

Amid a huge number of recent news stories about systems getting hacked I read several in the area of IoT about Zigbee getting hacked , Chrysler getting hacked , and Tesla getting both hacked and fixed . Granted, part of the rush came from the recent DEFCON conference in Las Vegas, but such stories still can be very depressing for engineers trying to build the next generation of devices. Are we really doing the world a favor by creating ever more complex systems that inevitably expose the users to hackers?   This got me thinking about the nature of system development. We have all seen descriptions of the various stages of maturity for any technology, but I realized that the ones I have seen are missing a step. Consider the one below.   A more realistic description of the stages of technology.   The first three stages are familiar, but consider the consequence of implementing a design to make it broadly useful. That wider audience is also what makes it interesting to hackers. There is really no point to hacking something that no one is using, and new technology is always the most fertile ground in terms of complexity and the availability of exploitable holes. It seems like these days a new technology barely has a chance to enjoy being in the ‘Useful’ stage before it gets pushed into the ‘Abuse-able’ stage.   Up until now I have carefully avoided characterizing the hacking involved as being “white hat” or “black hat” hacking. In fact, even those two characterizations are too limiting. The only difference between them is if the flaw is discovered by the good guys or the bad guys. What I have come to realize over the years is that the world is infinitely more complex than that.   Right now we have encryption technology that is good enough that the FBI is very publicly calling for the creation of back doors into it. Their rationale is that the bad guys are using it too effectively to do what they do that makes them bad. That is a very reasonable argument when the FBI is hunting pedophiles. Does the same argument hold when it is the Chinese government that is hunting underground discussion of the Tiananmen Square massacre? The definition of good guys and bad guys is very open to interpretation.   Garage mechanics have been hacking cars just about as long as there have been cars in an effort to make them faster or in some other way more interesting. This is considered abuse by the car manufacturers and the government regulators, but it is very different from finding ways to break into or take control of someone else’s car.   Whether any type of hacking of a new technology is good or bad is a judgement that largely depends on how the hack is used. As I said, the world is an infinitely complex place – this is what makes it interesting. Whether or not we are really making it better by making it even more complex is a question that we each have to answer for ourselves.   Larry Mittag is a consultant on connected embedded systems .

Recently, I finished reading Richard J. Aldrich's GCHQ: The uncensored story of Britain's most sensitive intelligence agency . The Government Communication Headquarters (GCHQ), Britain's equivalent of the NSA, is a direct descendant of Bletchley Park, where the British decoded German messages encoded by the Enigma machine and where the world's first programmable electronic digital computer, the Colossus, was built. It was the stomping ground of Alan Turing during the Second World War and -- according to Winston Churchill -- where the war was won. In my not-so-humble opinion, the greatest technical museum for any electrical engineer is Bletchley Park.   Back to the book, which is about how the British monitor telecommunications traffic from around the world and decode it to provide "intelligence" for military and political purposes. It is a fairly weighty tome, long on facts and short on anecdotes. It is also not a particularly easy read. However, on page 400, I was wading through the description of the Falklands War when I came across this sentence: "The Argentinean Air Force's traffic was the hardest to read, since it had recently invested in new encrypted communications made by a subsidiary of the British defence company Racal, based in South Africa."   "Just a minute," I said aloud to myself, "that was one of mine." Actually, this is a bit of an exaggeration. In fact, I had designed the first prototype -- the proof of concept -- for the microprocessor that controlled the digital tuning of a radio to operate as a frequency-hopping device. It was a very early application of a microprocessor. It synchronized the transmission and then controlled the calculation of the next frequency to which the transmission would hop.   The facts presented in the book are a little suspect, since by that time Racal had sold the organization to a South African company, Grinaker Electronics, but perhaps Racal still held some shares or was responsible for international marketing. The book makes the point that, when it comes to arms supplies, there are some very strange bedfellows, so the fact that this system had ended up in Argentina did not surprise me too much. What did surprise me was that this system should come back into my life 38 years later. It felt really surreal, almost like I was looking at the back of my own head. Maybe I have been around long enough to be on my second lap now.   All this reminded me of the British engineer Sir Robert Alexander Watson-Watt, was a significant contributor to the development of radar during the Second World War. He emigrated to Canada in the 1950s and -- later in life -- was caught in a radar speed trap in Ontario. He is reported to have said to the police officer, "Had I known what you were going to do with it, I would never have invented it." He even wrote a poem about it:   Pity Sir Robert Watson-Watt, strange target of this radar plot And thus, with others I can mention, the victim of his own invention. His magical all-seeing eye enabled cloud-bound planes to fly but now by some ironic twist it spots the speeding motorist and bites, no doubt with legal wit, the hand that once created it.   Does any of this strike a chord with you? Have you ever been blindsided by your own design? If so, it would be great if you would share your experiences in the comments below.   Aubrey Kagan Engineering Manager Emphatec

I recently read Richard J. Aldrich's GCHQ: The uncensored story of Britain's most sensitive intelligence agency . The Government Communication Headquarters (GCHQ), Britain's equivalent of the NSA, is a direct descendant of Bletchley Park, where the British decoded German messages encoded by the Enigma machine and where the world's first programmable electronic digital computer, the Colossus, was built. It was the stomping ground of Alan Turing during the Second World War and -- according to Winston Churchill -- where the war was won. In my not-so-humble opinion, the greatest technical museum for any electrical engineer is Bletchley Park.   Back to the book, which is about how the British monitor telecommunications traffic from around the world and decode it to provide "intelligence" for military and political purposes. It is a fairly weighty tome, long on facts and short on anecdotes. It is also not a particularly easy read. However, on page 400, I was wading through the description of the Falklands War when I came across this sentence: "The Argentinean Air Force's traffic was the hardest to read, since it had recently invested in new encrypted communications made by a subsidiary of the British defence company Racal, based in South Africa."   "Just a minute," I said aloud to myself, "that was one of mine." Actually, this is a bit of an exaggeration. In fact, I had designed the first prototype -- the proof of concept -- for the microprocessor that controlled the digital tuning of a radio to operate as a frequency-hopping device. It was a very early application of a microprocessor. It synchronized the transmission and then controlled the calculation of the next frequency to which the transmission would hop.   The facts presented in the book are a little suspect, since by that time Racal had sold the organization to a South African company, Grinaker Electronics, but perhaps Racal still held some shares or was responsible for international marketing. The book makes the point that, when it comes to arms supplies, there are some very strange bedfellows, so the fact that this system had ended up in Argentina did not surprise me too much. What did surprise me was that this system should come back into my life 38 years later. It felt really surreal, almost like I was looking at the back of my own head. Maybe I have been around long enough to be on my second lap now.   All this reminded me of the British engineer Sir Robert Alexander Watson-Watt, was a significant contributor to the development of radar during the Second World War. He emigrated to Canada in the 1950s and -- later in life -- was caught in a radar speed trap in Ontario. He is reported to have said to the police officer, "Had I known what you were going to do with it, I would never have invented it." He even wrote a poem about it:   Pity Sir Robert Watson-Watt, strange target of this radar plot And thus, with others I can mention, the victim of his own invention. His magical all-seeing eye enabled cloud-bound planes to fly but now by some ironic twist it spots the speeding motorist and bites, no doubt with legal wit, the hand that once created it.   Does any of this strike a chord with you? Have you ever been blindsided by your own design? If so, it would be great if you would share your experiences in the comments below.   Aubrey Kagan Engineering Manager Emphatec

Anyone versed in the specifications of telecom protocols will recognize that they are both detailed and complex. So it is surprising -- especially given the revelations of whistle blowers such as Edward Snowdon and the current cyber security fixation -- that the Optical Transport Network (OTN) does not inherently feature any encryption.   The OTN's evolution has seen the successful inclusion of Ethernet packets into the payload. Originally, the OTN was designed to transport SONET/SDH, but it has been adapted to work with the faster Ethernet standards.   There is growing interest among equipment vendors in the notion of adding encryption to provide privacy and tamper detection on OTN systems with minimal added latency. The growing use of networks for applications such as financial transactions is a key driver for this technology.     Encrypting an OTN system requires the equipment vendor to work closely with an intellectual property (IP) vendor for several reasons. First, the method of securely transmitting the encryption keys must be organized. Fortunately, unlike in many systems, the keys in OTN systems are updated fairly infrequently. This allows for pre-computation of some encryption parameters in software, rather than providing hardware to compute them on the fly, as would be necessary in a protocol such as MACsec or IPsec, in which keys can change for every packet. Another issue is to get an efficient, low-latency core to fit into the design. Nearly every system contains a programmable logic chip such as a field programmable gate array (FPGA) to handle a range of protocol, framing, control, and interfacing tasks. The encryption IP core can be included in the FPGA. Where sufficient spare resources exist, this can even be achieved without moving to a larger device.   Algotronix Ltd.'s recently released OTN encryption core offers an interesting solution. The UK vendor has carefully optimized the core to be compatible with the traffic characteristics of the OTN system, such as fixed packet length. As a result, the lookup table (LUT) usage of the duplex AES-GCM core for the OTN is half what would be necessary for a duplex AES-GCM implementation for encrypting and decrypting 10G Ethernet packets.   The core provides AES-GCM with 96-bit IV and a choice of 128-bit or 256-bit keys. This gives privacy as well as confirmation that the decrypted packet has not been altered, which is mandatory for many systems. Designers can use recent FPGA families supplied by all leading vendors and select from a number of implementation options. Another very useful option is the ability to drive the FPGA tools into using certain resource types for key blocks of the core. The AES system requires the creation of what are known as S-Boxes as a significant part of the total resource requirement. Enabling the design tools to favor logic or memory blocks for these elements can allow the design to fit into the available spare capacity and therefore to squeeze the encryption core into a tightly packed layout.   One special consideration for encryption IP relates to confidence that the security has not been compromised. A concern in any high-security design is to ensure that so-called Trojan Horse features have not been maliciously included. It is important, therefore, to select a reputable vendor whose source code can be carefully inspected. It greatly reduces the risk that anybody has contributed malicious code to, say, an open source project. Licensing source code, rather than just a netlist, gives users the option to analyze the design. It also reduces the burden and cost of a detailed analysis of all the security components in the system.   Verification is the number one headache in system design. AES with Galois/Counter Mode (AES-GCM) was standardized by the National Institute of Standards and Technology (NIST) with a number of different operating modes. The institute also provides a large number of tests with "known answer" patterns to be used in implementation validation. For validation, it is good to know that the core ships with a comprehensive test bench including a behavioral model of AES-GCM. Along with the Algotronix-supplied testbench code, the core can also be simulated in a self-checking configuration within the user design, where it checks its output against a behavioral model.   The introduction of an IP core optimized for OTN systems gives equipment manufacturers the opportunity to differentiate their products with cost-effective, low-latency security features.

In 2012, three young software engineers in Switzerland developed their own secure mobile messaging app called Threema, with the clear goal to give users a tool to prevent their personal data to be stored, mined and possibly abused by big corporations and government agencies.   With the mounting interest in privacy rights and tales of data misuse in the news, the app attracted 3 million users to date, most of them over the last few months. Available for less than two euros, Threema became the most popular secure instant messenger in Germany and topped the download charts in German speaking countries for months according to Roman Flepp, Threema's Head of Marketing.   There are already many encryption services around, some more expensive, others open source and free to distribute, such as Tox - https://tox.im/ , OpenPeer - http://openpeer.org or Pretty Easy Privacy - http://pep-project.org now running a crowdfunding campaign on Indiegogo just to name a few.   So what could explain the popularity of this particular application today, ease of use for one?   “Ease of use is probably just one factor. Another important one is the possibility to use Threema anonymously” wrote us Flepp in an email exchange.   “Unlike other secure messengers, we do not use a mobile phone number (which can be easily traced to a real person) as a "primary key" to identify users but a randomly assigned 8 digit ID. This makes the «centralized hackable platform» much less of a problem than with traditional concepts”, he continued.   “Even if the server platform was hacked there's not much there to see since we do not store any meta data. Our architecture shifts most of the tasks normally done on a server, such as maintaining lists of group members, to the clients (i.e. the app itself). The role of the server is basically reduced to that of a buffer to temporarily hold the encrypted messages until the chat partners is back online.”   “The fact that we are an independent company without external funding and that our servers are located in Switzerland, where data protection laws are still pretty strict, might have added further to our popularity”, concluded Flepp. What sort of impact do you think the mass adoption of secure communication could have on society? We asked.    “More and more people now think twice before giving away private data. This growing awareness is a good thing. Using secure communication channels such as Threema is the best we can do at the moment. In the end it's going to be an arms race between surveillance authorities and citizens”. “People have a right to privacy. We give the society a tool to protect itself. At the end of the day each of us decides for its own. – It’s hard to say which impact the mass adoption of secure communication could have on society. We think it is definitely the better way to use secure communication than to contribute to data mining and to be exposed to the risk of arbitrary or possibly even abusive surveillance. A society built on mass surveillance and general distrust is probably not a place anyone would like to live in, anyway.” See Threema’s promotional video clip   So does Flepp see a shift among Internet companies making business on end-user data mining? “We don’t know how other companies make money in order to pay their bills. But you will probably agree, that there is a reason why many services in the internet and app industry are free. There's no such thing as free lunch. The question everyone should ask is: How do these companies make money?   In the long run, we think that there will be a comeback of the conservative approach such as Threema's: You pay a few bucks for a service so we can pay our bills with your money and not your private data.   The Threema app is available worldwide, an English language version has just been launched.   - Julien Happich