Gideon Samid • Gideon@BitMint.com
Last month, The Guardian published yet another revelation by Edward Snowden, who claims a high patriotic calling but is regarded by U.S. officials as committing high treason. Mr. Snowden claims the National Security Agency (NSA) has secretly cryptanalyzed the popular ciphers used in America and around the world for everyday business purposes. The agency now routinely reads the encrypted communication used for payment transactions in this country and beyond.
Some foreigners may be alarmed by this revelation, but we Americans trust our government; we trust that the NSA will not abuse their great achievement, that they will not jeopardize our civil order. Even if that statement could pass without objection, the real thing to be alarmed about is that the NSA has no monopoly on smarts. We would love to believe otherwise—that our cryptanalysts are smarter than foreign whiz kids, and that what the NSA achieved, foreigners have no chance to match.
Even if that statement could be accepted at face value, what about another Snowden? What if a self-serving, disgruntled individual with a high-security clearance has already shared with the bad guys the cryptanalysis of such security standards as AES, RSA, ECC, and so on, and done so in stealth?
What is noteworthy is that, while the NSA has obviously denied having such cryptanalytic power (if they admitted it, everyone would run away from these ciphers and the NSA would lose the ability to exploit its feat), they have not stated that it is ridiculous or impossible. That’s because it is neither ridiculous nor impossible. All the mainstay ciphers we use in whatever payment protocol you care to mention are certifiably breakable. They can be cracked using ultrafast computers or by employing yet unpublished mathematical insight, or a combination thereof.
Computers get faster all the time, relevant mathematical knowledge is published monthly, and the so-called intractability of our popular ciphers is eroding as we speak. This cardinal fact is easily ignored because the banks, the processors, and the various payment-service companies are eager to boast of the high security of their ciphers. Security executives brag about the super-secure algorithm they have deployed, and cryptographers tout their merchandise as job-security measures.
As Bitcoin penetrates Main Street, traders worry about its exchange rate with the dollar. They hardly concern themselves with the specter of a collapse of the digital currency’s cryptographic foundation, which would in an instant melt away all their cryptomoney. The Bitcoin Web site itself misleads its readers, claiming that cryptography proves that the Bitcoin algorithms are secure. Cryptography does not prove any such thing. The chosen ciphers simply have not been cracked by any published paper. It would behoove Bitcoin promoters to provide a “fair disclosure” warning to that effect. And much as the Food and Drug Administration did vis-à-vis the tobacco industry, the NSA, or the National Institute of Science and Technology, should issue a warning to the public.
The fact that we can’t prove mathematically that our ciphers are effective should not discourage their use, if for no other reason than that these ciphers are the best we have. To dismiss them implies killing e-commerce. Yet, awareness of this vulnerability should guide us into a host of defensive measures. First, design your payment cryptography (data in motion, data in display, and data in storage) in a switchable format so you can pull out a cipher that was suddenly announced as breached and replace it with another, for which no such news exists. Beware: Some designers enmesh the cipher so elaborately that it may be necessary to recode the entire payment system if a new cipher is required.
Second, think ahead. What will you put in place of the faulty cipher if you have to change? Third, deploy the “Second Security” strategy, allowing the alternative cipher to operate in parallel to the main one.
The guidelines for business continuity require us to consider that, overnight, more than one cipher could be discredited. What then? Your cryptographic consultant had better prepare you for that day. While we have no ultimate remedy for cryptography between strangers, cryptography among recognized partners may be instantly re-established using unbreakable ciphers that are immunized against both faster computers and smarter computer scientists. Examples are the old, cumbersome Vernam cipher and the new, agile Daniel cipher (U.S. patents 1,310,719 and 6,823,068, respectively).