On 8/8/13 9:33 PM, Steve Smith wrote:
I don't get 'double' encryption... I get what it is, I just don't get
how it is any better/different than longer keys? Just a convenient
way to implement double key length?
Is there any other benefit?
The double encryption has to do with the treatment of passphrases and
private keys (see below). The text below is from the Google cache of
Lavabit's former website. Reliably defeating this would mean changing
how their software works (misrepresenting the company to their
customers), which is the heavy-handed PRISM technique.
Marcus
"This process works by combining three different encryption schemes with
Elliptical Curve Cryptography (ECC) as the cornerstone. When a user
activates the asymmetric encryption feature, two ECC keys are generated
with 521 bits of strength. The first key, or the "public" key, is stored
in plain text on the server. This public key is used to encrypt incoming
messages. Because of how ECC works, only someone with the second
"private" key can decipher messages encrypted with the public key. To
protect the private key from attackers, it is encrypted using the
Advanced Encryption Standard (AES) with a 256 bit key. AES is a
synchronous encryption scheme that uses a secret passphrase to
encrypt/decrypt a ciphered message. In the case of Lavabit's secure
e-mail system, the ciphered message is a user's private key and the
secret passphrase is a hashed version of the user's password.
To ensure maximum security, passwords are hashed using the Secure Hash
Algorithm (SHA). SHA takes the plaintext password as its input and
produces a random 512 bit string as the output. With only the SHA
output, it is cryptographically impossible to determine the original
input. Effectively, hashing is a repeatable one-way process.
To increase the randomness of our hash outputs and the difficulty of
reversing the process, Lavabit combines the password with the account
name and a cryptographic salt. This combined string is then hashed three
consecutive times, with the former iteration's output being used as the
input value of the next iteration. The output of the first hash
iteration is used as the secret passphrase for AES mentioned above. The
third iteration is stored in our password database and is used to verify
that users entered their password correctly.
The product of this encryption process is a message that is
cryptographically impossible to read without the password. We say
"cryptographically impossible" because, in theory, an attacker with
unlimited computing resources could use brute force to decipher the
original message. However in practice, the key lengths Lavabit has
chosen equal enough possible inputs that a brute-force attack shouldn't
be feasible for a long time to come."
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
