Please help me punch holes in my encryption scheme.

Discussion in 'Mac Apps and Mac App Store' started by kresh, Feb 10, 2010.

  1. kresh macrumors 6502a

    kresh

    #1
    I have some things I want to keep very safe. It is not pornography (i.e. kiddie porn), nor is it illegally downloaded media files.

    Imagine if I had caught a local official doing something in public that was extremely bad, and I wanted to release the pictures anonymously to our local paper and did not want the police to seize my computer and prove it was me. This is not the situation, but it is the type of stuff I want to keep extremely safe.

    Anyway, this is what I have done:

    1) Created a truecrypt volume inside my file vaulted documents folder.

    2) There is a password and three keyfiles.

    3) The password is a 60 count password coming from an extremely long text document filled with random numbers, symbols, and letters of both cases. The file is almost 1 MB in size and I know exactly where to copy from. (Not in the top 1/5 or the bottom 1/5 nor close to the middle).

    4) The first keyfile is an MP3 file. I made the file by recording me shaking toothpicks in a jar in front of the microphone so that it is a unique file. It is kept in another 500MB truecrypt volume without any keyfiles but a similar password from the same document above.

    5) The second keyfile is a another unique MP3 file of my dog barking. It is kept in a folder that is protected using Espionage 2 (as a 256bit SparseImage).

    6) The third keyfile is a plain MS Word document from my Documents folder. This file has not been touched in years.

    Ok, what have I done wrong and what do I need to do to fix it. Any help would be much appreciated.

    Sorry for writing a book!
     
  2. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #2
    Seems pretty secure to me, although the password is the weakness if it's actually a continuous string in the text file. Are you in the US? If you are I'd say you're going a little overboard... if the public official was actually breaking the law, you're well entitled to report it.
     
  3. MacDawg macrumors P6

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #3
    They will just trace your post here and find out your scheme and break it in 30 seconds

    Way to go

    Woof, Woof - Dawg [​IMG]
     
  4. rdowns macrumors Penryn

    rdowns

    Joined:
    Jul 11, 2003
  5. kresh thread starter macrumors 6502a

    kresh

    #5
    Some US states have made it illegal to photograph police officers on duty.

    Thanks for the tip about the password. I will break it up.
     
  6. JNB macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #6
    Since you've already given enough information as to what was done, your encryption methodology, and the fact that you're posting on a public forum (and hence, identifiable), I'd say it was a lot of effort down the tubes. The specific evidence wouldn't have to be recovered as you've provided more than enough for identifying you as the source.

    Other than that, I think you're fine.
     
  7. kresh thread starter macrumors 6502a

    kresh

    #7
    Knowing and proving are two separate issues. The situation is different enough that I could deny that I was talking here is what I am keeping safe.
     
  8. GoCubsGo macrumors Nehalem

    GoCubsGo

    Joined:
    Feb 19, 2005
    #8
    *grabs jar of toothpicks*
    *begins to Hack the Gibson*
     
  9. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #9
    Now that I think about it, keeping your files safe isn't your major issue... getting it to the local paper anonymously is a much more difficult problem.
     
  10. kresh thread starter macrumors 6502a

    kresh

    #10
    I thought about walking in wearing a trench coat, a hat and glasses with a rubber nose. :)

    I have thought about it, but that part I am scared to post online.
     
  11. GoCubsGo macrumors Nehalem

    GoCubsGo

    Joined:
    Feb 19, 2005
    #11
    Ummm you just did post it online.

    Dude if it's really this bad and really something to be this worried about you may want to just quite while you're ahead. If you don't care about the credit then go to the library and post it online from there.
     
  12. rdowns macrumors Penryn

    rdowns

    Joined:
    Jul 11, 2003
    #12

    Nope. Libraries have security cameras these day. :D
     
  13. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #13
    Using Tor to create a GMail account and sending it that way should be fine.
     
  14. whooleytoo macrumors 603

    whooleytoo

    Joined:
    Aug 2, 2002
    Location:
    Cork, Ireland.
    #14
    Install a very powerful, concealed electromagnet in the frame of your front & rear doors. That way if/when they remove it from your house, the drives will be wiped. :)

    I'd have more faith in hiding the data, with basic encryption to prevent casual browsing, than having any 'unbreakable' encryption. You might even consider breaking up the data, and storing it in several locations, such that if any of it is missing the rest can't be read.
     
  15. CylonGlitch macrumors 68030

    CylonGlitch

    Joined:
    Jul 7, 2009
    Location:
    SoCal
    #15
    The encryption scheme isn't the problem, you have gone a bit overboard. You don't need TrueCrypt AND FileVault, they do basically the same thing. They use the AES algorithm to encrypt the data. I believe TrueCrypt has the option for doing 256 bit AES, and that is what you'll want to use, I don't know how many bits FileVault uses.

    As for the passphrase from the 1024 byte file; that's a good method. It really isn't that necessary to break it up into different locations but that would make it a bit more secure. But shifting the bits a few would be even better; but makes it a LOT harder to get access to. The biggest problem with your password this way isn't the password, it is the fact you copy it to the clipboard. If you don't clear the clipboard with something else, then it remains available to everyone.

    Using 3 different key files isn't really necessary either. One would be enough, 3 is just overkill. The way to protect that one file would be the make it something like a picture you've taken, but throw it on a flash drive with 100 other pictures you've taken and keep the drive with you at all time. Now you've got the only key.

    There are other things you can do to "secure" it more, but anyone who is able to get past the above wouldn't be stopped by anything else either. You could split the files into multiple files (i.e. bit, byte, word splitting or something along those lines) and then encrypting each segment independently with different key files and passwords.

    As for getting them to the police station. Just put the information in an envelope, fully pay the postage, and drop it in the mailbox closest to the police station. Thus it gets traced back to basically "them" if they try, no way to get it back to you.

    There are some very easy ways to send the information via email / web without anyone being able to trace you too. But that doesn't seem to be what you need here.

    But after all this, it sounds like something so horrid that it will rock the world. Most likely, the police won't do anything anyway because what you think is so bad, isn't in their eyes. And if they don't have someone to use as a witness (i.e. YOU) they can't trust digital information since it is very easy to forge.
     
  16. CylonGlitch macrumors 68030

    CylonGlitch

    Joined:
    Jul 7, 2009
    Location:
    SoCal
    #16
    For the record, the only real good way to send information anonymously on the internet is to make sure that it can't be traced to you. But regardless what you think, every network device has a unique MAC ID that is very difficult to spoof. Thus even using something like an anonymous gmail account, can be linked back to you because they can get the MAC address of your NIC and then watch for it to show up again somewhere else and bingo, they have you. Besides GMail will know who your ISP is, and they will know who connected to their service.

    How to get around this? Simple. Buy yourself a cheap USB Wireless adaptor. Drive around until you find an open wireless network somewhere away from where you live. Connect to it. Establish an anonymous gmail account (don't do this before otherwise the logs might bite you). Then send your email. Unplug the USB adaptor, drive to somewhere public (mall maybe) and leave the USB adaptor somewhere for someone to find. (make sure you wipe off any fingerprints first).

    NOTE: this isn't very legal, but it is one of the few ways to truly be anonymous.
     
  17. kresh thread starter macrumors 6502a

    kresh

    #17

    I used "Serpent-Twofish-AES" with the "Whirlpool" hash algorythm:

    Serpent-Twofish-AES http://www.truecrypt.org/docs/?s=cascades
    Three ciphers in a cascade [15, 16] operating in XTS mode (see the section Modes of Operation). Each 128-bit block is first encrypted with AES (256-bit key) in XTS mode, then with Twofish (256-bit key) in XTS mode, and finally with Serpent (256-bit key) in XTS mode. Each of the cascaded ciphers uses its own key. All encryption keys are mutually independent (note that header keys are independent too, even though they are derived from a single password – see the section Header Key Derivation, Salt, and Iteration Count). See above for information on the individual cascaded ciphers.

    The reason I don't just trust File Vault 256 bit (or Espionage using Apple's File Vault technology) is that I am not convinced they don't have a backdoor built in for use when served with a subpoena.

    I don't know what you mean.
     
  18. gødspeed macrumors regular

    gødspeed

    Joined:
    Jun 11, 2009
    Location:
    Oregon
    #18
    Use Tor to send it to the newspaper via an offshore email provider, such as hush.ai

    In case something goes wrong (how much do you trust your newspaper?), submit it to WikiLeaks as well. They aren't displaying leaks at the moment, but they are still taking submissions.
     
  19. MacDawg macrumors P6

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #19
    Hurry up man... the safety and security of the world is being compromised until you blow the whistle on these perps

    Just use the Terminal to make it a hidden file
    Boom... done

    So what if you get caught... As Spock so eloquently said, "the needs of the many outweigh the needs of the one"

    Godspeed

    Woof, Woof - Dawg [​IMG]
     
  20. gødspeed macrumors regular

    gødspeed

    Joined:
    Jun 11, 2009
    Location:
    Oregon
    #20
    Well he did say that the situation he described was an example, not the actual case. Whistleblowers do face some pretty significant dangers -- less so in the U.S, but depending on who you are informing about anonymity can still be essential. I agree that he's likely going over-the-top here if it's a small-time official in a small town, but you never know. If it were an official in Chicago, I'd take all these precautions and more :p

    I would consider finding a journalist that you trust, and giving the story to him. Sending it straight to a desk at your local newspaper sounds like the weak part of your plan. There are shield laws that protect journalists, so your primary concern should be to cover your own ass.
     
  21. CylonGlitch macrumors 68030

    CylonGlitch

    Joined:
    Jul 7, 2009
    Location:
    SoCal
    #21
    Sadly, most encryption schemes you get publicly have some type of back door. It has gotten better, but the government has put pressure on these companies to make it happen (even worse in other countries). BUT, I don't believe that the AES algorithm has this problem except the fact that the polynomial is readily known and that does facilitate breaking the key. (Last I heard, a 128 bit key could be broken in a few hours)

    BUT you'd have to do something REALLY bad for them to come after you and want to go through all this trouble. Don't believe the CSI programs, 99% of the time, if the police can't get the information easily, they don't dig further. Only in the cases of national security will the FBI make a stronger effort.

    Every byte is 8 bits. A = 41h = 0100 0001

    Thus if you have ABCD the bits will be
    A = 0100 0001
    B = 0100 0010
    C = 0100 0011
    D = 0100 0100

    or
    01000001010000100100001101000100

    Splicing bites, you could pick a random start position and create bytes from there.

    Code:
    01000001010000100100001101000100
    ---765432107654321076543210-----
    yields :
    0000 1010 = 0Ah
    0001 0010 = 12h
    0001 1010 = 1Ah

    yields :
    <LF><DC2><SUB>

    Thus, picking a random 256 bit pattern out of a stream of 1024 bytes makes it damn hard to figure out what the key is if you have no starting reference point. Most people will start at the beginning of a byte, and thus would try (from the example of a data stream of ABCD) things like A, B, C, D, AB, BC, CD, ABC, BCD but not try something that spans bytes.

    But as I said, it makes getting access to the key MUCH harder since you have to do all the calculations to get the actual key.
     
  22. ChOas macrumors regular

    Joined:
    Nov 24, 2006
    Location:
    The Netherlands
    #22
    MAC addresses do not cross over ethernet segments. The only MAC address gmail sees is the address of the interface of the last hop the packet went through before arriving. If indeed that is an ethernet coupling.

    Apart from that, MAC spoofing is trivial.
     
  23. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #23
    Err... I don't think so. DES can be broken in a couple hours, but not AES, and definitely not AES-256.

    It wouldn't be the FBI.
     
  24. CylonGlitch macrumors 68030

    CylonGlitch

    Joined:
    Jul 7, 2009
    Location:
    SoCal
    #24
    Depends on the people involved and the equipment they are using. :D


    Agreed, but it is easier label to use because more people understand it.
     
  25. kresh thread starter macrumors 6502a

    kresh

    #25
    It is not that kind of trouble. I would be more worried about a civil bench ordering the seizure, followed by the bench turning the hard drive over to a contractor for encryption breaking. I can't imagine the FBI/NSA involvement.


    Wow, that would take forever unless I scripted it for the conversion to present me with a string to copy from, even if I copied by hand.
     

Share This Page