Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was watching the news and saw some things about a new bill in the UK to increase the time police can hold a suspected terrorist to up to 90 days. The reason given that this extra time is needed to crack their hard drives to look at the data.
This got me thinking, I Googled for Linux encryption software for files and fiilesystems, of which there are many, but what I really want to know is how long it would theoretically take to crack them?
There are ways (and software) to make encryption produce 2 likely plaintexts. The most obvious way is the one that's in Bruce Schneier book:
Generate an one-time pad and make
C = P ^ K
Then generate the plaintext you'd like the police to see in any event and generate the key from the ciphertext you've got:
K2 = C ^ P2
There are many other ways, using compression to achieve better performance. There are virtually infinite number of possible keys with related plaintexts (bounded only by the number of bytes). I believe there are ways to make it impossible to crack these ciphertexts using techniques like these and steganography.
The book crypto by Steven Levey is an very good read if you are into the history behind cryptography as it relates to computers.
Cracking speed is always relative to the amount of computing power and the strength of the encryption. With Morres Law however this theoretical time limit is getting shorter all the time. On the upside there is always going to be someone designing the unbreakable key as well.
If you looked only at theoretical cracking-times, as in a brute-force search of the keyspace, even basic consumer-grade ciphers could take "forever." But most breaks occur, not through a direct attack on the cipher, but an attack on the key-management procedure.
For example, a dictionary attack can be completed in a matter of minutes. A cluster of machines could process permutations on every word in about the same amount of time.
The simple fact that the key probably consists of a string of characters found on a typewriter keyboard, most likely without much of a mixture of upper/lower case, greatly reduces the total number of possible binary keys that could be generated -- depending on exactly what algorithm was used to hash the password into a key.
When a ciphertext is re-enciphered, even two or three times, the transformation is logically equivalent to one transformation unless the systems used in the recipherment are mathematically different.
Encryption may leave behind deleted temporary-files, which are not usually "scrubbed."
A good police/detective agency will have, or will accumulate, more evidence than just the encrypted files on one computer. And the refusal to decrypt a file which is believed to contain evidence related to a crime, is probably a crime in itself. So you get locked-up anyway. Look outside: it's the last time you'll see the sunlight for the rest of your life, which could be a very long time. But maybe if you decrypt that file, tell us what you know, tell us who else was in with you . . .
Lovely isn't it. In US law at least our 5th Amendment specifically says we don't have to testify against ourselves. However court decisions have perverted it so that you can be held in contempt of court with no trial for refusing to provide documents or even blood samples. In my not so humble opinion using your own blood to convict you clearly violates this amendment.
Reading the Evening Standard (I know, I know) on the way home tonight, it seems that the current length of time the police are allowed to hold people was originally suggested by the police shortly after 9/11. And now they think it's too short. And the arguments they used back then are being regurgitated again.
So. Either the police got it wrong and underestimated the time, or the reasons are fallacious and they want it for something else.
It's a delicate game. On the one hand, we do not want the "law enforcement" business to turn into an instrument of coercion. And, on the other hand, we do not want truly-evil people to play games with the legal system. Obviously, both of these things do occur, but tens of thousands of legal cases are processed every year and an equal number of arrests are made, so the system doesn't absolutely fail and doesn't absolutely ignore its own rules.
If you have a legitimate secret and are questioned about it by a law-enforcement agency, it is probably better to try to see things from their point of view and to cooperate. In some cases involving very sensitive trade secrets, courts have approved the use of a third-party arbiter who can review the material and testify about it without revealing it. "Obstruction of justice" is a valid crime unto itself. I don't think it's really quite fair to take a "soapbox" position on such matters, even though the media does so quite regularly.
That sounds frighteningly like something a friend I once had said:
"If you're not doing anything wrong why do you care if the police walk through your house any time they want?".
I don't really think using the 'loo is "wrong" but wouldn't want the police to walk in while I was doing it. Some things are private just because we want them to be and saying "we have to invade your privacy for the common good" smacks of fascism to me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.