7

Some well funded intelligence services with potentially untrustworthy employees intercept and store encrypted data for years, in hopes of cracking it with future technology. What can I do to make this more difficult for them, and how can I limit the scope of a successful attack? I already use SSL and store passwords as salty hash, with unique salt. I encrypt private data using the largest keys that the tools at hand allow, but I have no idea how much of a difference that makes against a quantum computer.

Some ideas that have crossed my mind:

  • Send some encrypted noise / lorem ipsum / random media before and after real HTTPS requests.
  • Implement a crazy PGP over HTTPS scheme. Public key exchange happens during the first real HTTPS request, after a few fake exchanges. Fake keys are kept and used for fake communication.

As you can probably tell, I'm not a security researcher, I just develop web apps for a small startup. I just discovered OWASP thanks to the "related questions" sidebar, I will be reading up on that.

Dan Ross
  • 195
  • 5
  • 4
    Hit me with a hammer! I didn't know we now had commercially available quantum computers! – LateralFractal Sep 11 '13 at 06:37
  • Actually we don't. Not if [this summary](http://www.scottaaronson.com/blog/?p=431) of D-Wave is correct. – LateralFractal Sep 11 '13 at 06:59
  • That summary was from 2009, but the jury is still out. Lockheed Martin bought one for U. of Southern California and asked them to figure out if it is legit, according to [Ars Technica](http://arstechnica.com/science/2013/08/d-waves-black-box-starts-to-open-up/) – Dan Ross Sep 11 '13 at 07:18
  • 1
    Google reckons they confirmed the quantum part of theirs, but for the amount of money they spent on the device it'd be pretty easy to just build a really fast traditional computer and masquerade it was quantum. – Polynomial Sep 11 '13 at 10:02
  • 2
    There is no real security for user information from powerful adversaries like the NSA or China. If your user information is valuable enough, the NSA or China (or Dr. Evil) will buy your startup and strip mine the user information. Your founders will be rich and you will be laid off. – emory Sep 11 '13 at 12:11

3 Answers3

7

As you can probably tell, I'm not a security researcher, I just develop web apps for a small startup.

That's your answer right there. Don't be a Dave an invent your own cryptography scheme. Just stick to known protocols that have been studied extensively. It appears that you are already doing just that.

Let's say that the NSA really has backdoors into every single cryptography protocol ever (it's just an assumption, it's most likely not true so relax....). What makes you think the NSA who hires a lot of very smart people cannot break your homemade scheme?

Just continue doing what you have been doing and you will be as secure as you are ever gonna be.

  • I suppose you're right. If my tinkering broke an existing system that I relied on, I wouldn't even know how to test for that. It's just too bad that groups like the EFF doesn't get massive funding from the adversaries of these intelligence agencies. – Dan Ross Sep 11 '13 at 06:55
3

implement HTPS in a secure way:

  • SSL + PFS (perfect forward secrecy) seems the way to go atm; it is was hashing salting was to password-protection

  • use a setup that doesnt fall into recent found attack-scenarios (BREACH, CRIME, BEAST); suggestion on cipher-suites depends on your user-base and used implementation

  • run your site completely in HTTPS, use HSTS - headers and https - redirects on http

  • BEWARE of any tips you'll find regarding cipher-suites etc; test ANY SSL-setup you're not sure off with ssllabs.com

  • there's more to it, but suggestions depends on implementation.

1

Like stated before, implement SSL/TLS in a correct way. Providing authentication and confidentiality is important.

That said, you are a web developer. So you write code, some usefull tips

Dan Dascalescu
  • 1,945
  • 2
  • 15
  • 23
Anonymous
  • 333
  • 2
  • 11