Go Back  FlyerTalk Forums > Travel&Dining > Travel Safety/Security > Practical Travel Safety and Security Issues
Reload this Page >

CBP officer gave me a stern warning that my laptop shouldn't have ripped DVD/Blu-ray

CBP officer gave me a stern warning that my laptop shouldn't have ripped DVD/Blu-ray

Old May 15, 10, 11:11 am
  #76  
FlyerTalk Evangelist
 
Join Date: Sep 2002
Location: LAX/TPE
Programs: CO Platinum 1K, United 1K, SPG LT Platinum, National Executive Elite, Platinum TSA Hater
Posts: 35,918
Originally Posted by mre5765 View Post
Good luck breaking 256 bit AES encryption.
Considering what the government did to the creator of PGP, I'd almost guarantee at least the NSA and CIA have a backdoor to the known commercial products, otherwise the product might still be labeled an illegal munition and illegal to use or export.
bocastephen is offline  
Old May 15, 10, 11:35 am
  #77  
FlyerTalk Evangelist
 
Join Date: Sep 2007
Location: SJC, SFO, YYC
Programs: AA-EXP, AA-0.41MM, UA-Gold, Ex UA-1K (2006 thru 2015), PMUA-0.95MM, COUA-1.5MM-lite, AF-Silver
Posts: 13,437
Originally Posted by bocastephen View Post
Considering what the government did to the creator of PGP, I'd almost guarantee at least the NSA and CIA have a backdoor to the known commercial products, otherwise the product might still be labeled an illegal munition and illegal to use or export.
Well your guarantee would be wrong because your post is based on old information.

Under Clinton, the rules were relaxed. Bush did absolutely nothing to reverse that, and neither has Obama. You have to get an export license for sure, but except for certain classes of products (e.g. products that perform cryptanalysis) such licenses are relatively easy to get, and once obtained, exporters are allowed to "self certify" that minor updates to software products are in compliance with the scope of the original license. I've obtained many export licenses for products with encryption.

I've worked for two companies that legally export products with strong encryption, and I can guarantee you that my software did not and does not have a backdoor. I dealt with the NSA many times, and at no time was I asked to put a backdoor in, nor would I have agreed to do so (plan B would be to ship two versions of the product, one for the domestic market, and one for everywhere else, sans encryption).

For your reading pleasure: http://books.google.com/books?id=r68...ed=0CDwQ6AEwAw

Besides which most of the products being discussed in this thread are Open Source, so secret backdoors would be impossible.

Last edited by mre5765; May 15, 10 at 11:41 am
mre5765 is offline  
Old May 16, 10, 12:35 am
  #78  
 
Join Date: Sep 2009
Posts: 381
Originally Posted by mre5765 View Post
"Good luck breaking 256 bit AES encryption."
Shortcut attacks target some aspect of the encryption algorithm to recover the key or plaintext in less time than a brute-force attack would take on the same algorithm. The NSA has resources to employ both. Since they would have the pax's laptop, they would have possession of the encrypted data and possibly some plaintext with which to deduce some or all of the cipher text.

Originally Posted by bocastephen View Post
"Agreed, but the idea was to show a less-than-technically astute customs inspector there is nothing for them to see so they leave you alone."
I would not make that assumption. CBP is a large organization. It would be safe to say that they have a unit of their own to deal with these situations. If they retain possession of the laptop because the pax was noncompliant, they have the time to work on the problem. I'm not saying that's right but we know that it happens. You can learn a lot about someone from what's on their computer. Unless they are using a drive encryption utility, which encrypts the entire drive, there will be plaintext files on the computer with which to work with.

Last edited by Kiwi Flyer; May 16, 10 at 9:35 pm Reason: merge consecutive posts
QUERY is offline  
Old May 16, 10, 1:13 am
  #79  
Ari
FlyerTalk Evangelist
 
Join Date: Aug 2005
Location: Chicago
Posts: 11,196
Originally Posted by Alpha View Post
Did I miss the memo? I didn't realize that they were allowed to search files on your laptop. Are they allowed to do that even if you don't give permission? I travel with a lot of legal docs under federal protective order, among other things, and would be pretty miffed if someone insisted on nosing through my HD.
Even CBP recognizes that legal documents are subject to restrictions against search.
Ari is offline  
Old May 16, 10, 5:32 am
  #80  
FlyerTalk Evangelist
 
Join Date: Sep 2007
Location: SJC, SFO, YYC
Programs: AA-EXP, AA-0.41MM, UA-Gold, Ex UA-1K (2006 thru 2015), PMUA-0.95MM, COUA-1.5MM-lite, AF-Silver
Posts: 13,437
Originally Posted by QUERY View Post
Shortcut attacks target some aspect of the encryption algorithm to recover the key or plaintext in less time than a brute-force attack would take on the same algorithm. The NSA has resources to employ both. Since they would have the pax's laptop, they would have possession of the encrypted data and possibly some plaintext with which to deduce some or all of the cipher text.
Makes no difference.

http://www.schneier.com/blog/archive...tack_on_a.html

We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time.
Let's focus on time. Let's lower that to 2^110 for simplicity. Let's say with the plaintext the NSA can attempt one decryption operation in one nanosecond (one billionth of a second). Then to find the key takes:
2^110 / ( 10^9 * 3600 * 24 * 365.25 *10^15) = 41 quadrillion years.
Now let's say the NSA has spent $10 trillion to buy enough computers to build a massively parallel key cracker. Let's say each cracker costs just $10. So the NSA has one trillion computers to crack keys. So instead of
41 quadrillion years, the NSA takes a mere 41 thousand years.

And I've been extremely generous in my over estimation of the resources the NSA has. I suspect that it takes at least a microsecond, not a nanosecond, to try to decrypt some ciphertext and compare to the known plaintext. I suspect the NSA has spend closer to $100B on its key cracking hardware. And I suspect a key cracker node is closer to $100. So the number is likely closer to 41,000 * 1000 * 100 * 10, or 41 billion years to crack a key.

As I said, good luck with that.
mre5765 is offline  
Old May 16, 10, 11:36 am
  #81  
FlyerTalk Evangelist
 
Join Date: Mar 2008
Location: DFW
Posts: 18,370
Originally Posted by QUERY View Post
I would not make that assumption. CBP is a large organization. It would be safe to say that they have a unit of their own to deal with these situations. If they retain possession of the laptop because the pax was noncompliant, they have the time to work on the problem. I'm not saying that's right but we know that it happens. You can learn a lot about someone from what's on their computer. Unless they are using a drive encryption utility, which encrypts the entire drive, there will be plaintext files on the computer with which to work with.
Such a large organization to spend time and resources trying to crack citizens laptops yet unable to secure our borders.

Seems like a job failure to me!
Boggie Dog is offline  
Old May 16, 10, 12:41 pm
  #82  
 
Join Date: Apr 2009
Location: FrostByte Falls, Mn
Programs: Holiday Inn Plat NW gold AA gold
Posts: 2,157
Originally Posted by mre5765 View Post
Makes no difference.

http://www.schneier.com/blog/archive...tack_on_a.html

We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time.
Let's focus on time. Let's lower that to 2^110 for simplicity. Let's say with the plaintext the NSA can attempt one decryption operation in one nanosecond (one billionth of a second). Then to find the key takes:
2^110 / ( 10^9 * 3600 * 24 * 365.25 *10^15) = 41 quadrillion years.
Now let's say the NSA has spent $10 trillion to buy enough computers to build a massively parallel key cracker. Let's say each cracker costs just $10. So the NSA has one trillion computers to crack keys. So instead of
41 quadrillion years, the NSA takes a mere 41 thousand years.

And I've been extremely generous in my over estimation of the resources the NSA has. I suspect that it takes at least a microsecond, not a nanosecond, to try to decrypt some ciphertext and compare to the known plaintext. I suspect the NSA has spend closer to $100B on its key cracking hardware. And I suspect a key cracker node is closer to $100. So the number is likely closer to 41,000 * 1000 * 100 * 10, or 41 billion years to crack a key.

As I said, good luck with that.
Pretty good numbers. If your key phrase is short then that significantly reduces the time it would take to open the encrypted hard drive. Quite often that is the weakest link in encryption. A long phrase is hard to remember but strong. A short phrase is easy to remember but susceptible to brute force cracking. Picking up a foreign novel and taking the first letter of every page and using that as a key would make that pretty secure against brute force attacks.
AngryMiller is offline  
Old May 16, 10, 2:41 pm
  #83  
 
Join Date: May 2009
Location: DCA
Programs: AA Gold
Posts: 50
Originally Posted by AngryMiller View Post
Pretty good numbers. If your key phrase is short then that significantly reduces the time it would take to open the encrypted hard drive. Quite often that is the weakest link in encryption. A long phrase is hard to remember but strong. A short phrase is easy to remember but susceptible to brute force cracking. Picking up a foreign novel and taking the first letter of every page and using that as a key would make that pretty secure against brute force attacks.
There have only been a couple hundred million book titles ever published, worldwide. And Google intends to put as many of them as possible on-line, eventually. So the keyspace described by "the Nth character of each page of some book" is eminently vulnerable to brute-force attack in the foreseeably near future. But yes, it's still much better than most pass-phrases out there.

Good crypto is hard and unintuitive. One mistake can trip you up. And a "rubber hose" attack can defeat even the most technically perfect cryptosystem.

I rather expect that anyone who fails to submissively divulge any requested pass-phrase to the CBP will find themselves on a lifetime "secondary them hard" list; thanks to ubiquitous, secret, unaccountable and unappealable traveler information databases, it's easier than ever for a CBP officer to capriciously and arbitrarily inflict lifelong extrajudicial punishment upon you.

Given that the US has granted its border agents the kind of unaccountable power more typical of a police-state, the only way for an ordinary citizen to truly win the border checkpoint data-privacy battle is by declining the fight; carry no data with you. But you can still win the war by using the Internet to send your encrypted data across borders.
Self_Loading_Ballast is offline  
Old May 16, 10, 6:11 pm
  #84  
Suspended
 
Join Date: Jul 2008
Posts: 2,726
Originally Posted by Ari View Post
Even CBP recognizes that legal documents are subject to restrictions against search.
But only in the custody of an attorney. If the rest of us have legal documents, we're just SOL.
n4zhg is offline  
Old May 17, 10, 9:33 pm
  #85  
 
Join Date: Sep 2009
Posts: 381
Originally Posted by mre5765 View Post
"Makes no difference.

http://www.schneier.com/blog/archive...tack_on_a.html

We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time.
Let's focus on time. Let's lower that to 2^110 for simplicity. Let's say with the plaintext the NSA can attempt one decryption operation in one nanosecond (one billionth of a second). Then to find the key takes:
2^110 / ( 10^9 * 3600 * 24 * 365.25 *10^15) = 41 quadrillion years.
Now let's say the NSA has spent $10 trillion to buy enough computers to build a massively parallel key cracker. Let's say each cracker costs just $10. So the NSA has one trillion computers to crack keys. So instead of
41 quadrillion years, the NSA takes a mere 41 thousand years.

And I've been extremely generous in my over estimation of the resources the NSA has. I suspect that it takes at least a microsecond, not a nanosecond, to try to decrypt some ciphertext and compare to the known plaintext. I suspect the NSA has spend closer to $100B on its key cracking hardware. And I suspect a key cracker node is closer to $100. So the number is likely closer to 41,000 * 1000 * 100 * 10, or 41 billion years to crack a key.

As I said, good luck with that."
You are implying that Schneier is somehow the only expert in cryptology and that the methods he used were the only ones that could be used(which he doesn't elaborate on). The NSA probably have some of the best cryptographers working for them. Also, if they have access to the laptop and if a hard drive encryption utility was not used, they will have access to many plaintext files as well. In addition, they have the owner's identity and personal info on him as well.
QUERY is offline  
Old May 17, 10, 10:27 pm
  #86  
FlyerTalk Evangelist
 
Join Date: Jan 2005
Location: BWI
Programs: AA Gold, HH Diamond, National Emerald Executive, TSA Disparager Gold
Posts: 15,127
Originally Posted by QUERY View Post
You are implying that Schneier is somehow the only expert in cryptology and that the methods he used were the only ones that could be used(which he doesn't elaborate on). The NSA probably have some of the best cryptographers working for them. Also, if they have access to the laptop and if a hard drive encryption utility was not used, they will have access to many plaintext files as well. In addition, they have the owner's identity and personal info on him as well.
Chances are if they can break it, someone else can. They're paranoid enough that if it can be broken in a reasonable amount of time, published or not, it won't be used to protect TS data.

AES is expected to protect TS until at least 2030 with the 256 bit implementation. If you want to tell if AES is getting closer to being broken sooner for start looking for NIST competitions sooner than that and for NSA's Suite B to be updated before then.
Superguy is offline  
Old May 18, 10, 11:54 am
  #87  
 
Join Date: Dec 2009
Location: LAX
Programs: CX MPC SL
Posts: 63
Originally Posted by QUERY View Post
Very interesting idea except that OS accounts can be enumerated from the Registry and the GUI(Windows OS). Also, while TrueCrypt is a good encryption program, don't underestimate the decryption capabilities of the Federal Government. If warranted, they need only get the NSA involved.
We have a laptop at the office that we share when we go on business trips. I don't have access to other people's windows logins. I can only log on to mine. So all of the files in there under other people's login will not be accessible, nor can I make them accessible. The computer can be seized, then if I don't provide passwords and it can be seen there are other login accounts?
armandov9 is offline  
Old May 18, 10, 1:26 pm
  #88  
 
Join Date: Apr 2008
Location: United States
Posts: 1,438
more on cracking NSA's crypto from the man who did it, sued US govt re crypto export

Originally Posted by mre5765 View Post
Originally Posted by bocastephen View Post
Originally Posted by mre5765 View Post
Good luck breaking 256 bit AES encryption.
Considering what the government did to the creator of PGP, I'd almost guarantee at least the NSA and CIA have a backdoor to the known commercial products, otherwise the product might still be labeled an illegal munition and illegal to use or export.
Well your guarantee would be wrong because your post is based on old information.

Under Clinton, the rules were relaxed. Bush did absolutely nothing to reverse that, and neither has Obama. You have to get an export license for sure, but except for certain classes of products (e.g. products that perform cryptanalysis) such licenses are relatively easy to get, and once obtained, exporters are allowed to "self certify" that minor updates to software products are in compliance with the scope of the original license.
The case against Phil Zimmerman, author of PGP, was dropped in 1996. (Side note: His latest project, Zfone, software which allows for encrypted Internet phone calls, is active again, with an update in Spring of 2009, after, if I remember correctly, years of inactivity.)

Related information from the home page of John Gilmore, who led the team that cracked NSA's cryptography:

Encryption is secret writing. Codes and ciphers. Spies. Encryption was originally used by military and diplomatic organizations; Julius Caesar invented an encryption scheme. In the last century, electronic communication (telegraphy and radio) made it widely useful, and computerization has made it extremely cheap. Widespread public networking has made it useful to everyone, for everything from putting "envelopes" around your email for privacy, moving money around the net safely, to proving that you're really you when you're halfway around the world.

The US government is deathly afraid of its own citizens (and non-US-citizens) having access to good encryption. This fear extends all the way up to the Vice President and the head of the FBI, who personally get involved in creating encryption policy. Everyone in government refuses to tell us why, saying it's classified and the national security is at stake. Rubbish! The security of the nation is already gone when its government violates the basic rights of its own citizenry, as these agencies do every day. They are "burning the Constitution in order to save it". (My own belief is that what's really at stake is a wiretap-based power base that J. Edgar Hoover and the classified spy agencies have built up for their own benefit.)

The most Byzantine set of laws, regulations, policies, departments, and practices you've ever heard of are employed by the National Security Agency and three or four other Executive Branch departments in an attempt to keep good crypto from bad guys. Unfortunately, they have also succeeded in keeping good crypto from good guys who have Constitutional rights. I instigated a lawsuit to correct this, with Dan Bernstein as plaintiff and the Electronic Frontier Foundation backing him up. I was a technical advisor to the lawyers in the case. On December 6, 1996, Judge Patel decided that the export regulations are unconstitutional. The government appealed, and on May 6, 1999, the 9th Circuit Court of Appeals agreed with her. The government appealed to an 11-judge panel in the 9th Circuit (an "en banc review"), which was granted, and then the government "voluntarily" changed the encryption export regulations so that most free software and academic research, and a lot of proprietary encryption software as well, can be easily published from the US. The "en banc review" of the old regulations became moot, and the case has been handed back down to Judge Patel, who ultimately ended it. The new regulations are even more complex than the old ones, and carry the same old harsh penalties for inadvertent violation. They need to not just be "reformed" but scrapped.

The government claims to retain the right to change those rules whenever it wants, and restrict encryption software again if it chooses. Congressman Judd Gregg announced support for doing so in the week of hysterical reaction after the World Trade Center was destroyed by hijacked airliners, but was shouted down by the people who'd spent a decade fighting this battle before he could gather any political support.

I have had an interest in encryption since childhood, and have spent a lot of time working on crypto export control issues.

I led the team that built the world's first publicly announced DES Cracker, a machine that finds the secret key used to encrypt messages in the government's favorite encryption scheme, the Data Encryption Standard (DES). The National Security Agency intervened when the scheme was being standardized in the early 1970s, shortening the secret keys so that they could build their own DES Crackers. But they spent the next 25 years lying to us about how secure the scheme is, to encourage everyone to use it -- and we did. This left NSA able to secretly eavesdrop on anyone who used DES, which includes the entire financial community, and most computer and network security systems. Technology has advanced to where anyone with $200,000 can break the code, leaving all of our DES-protected infrastructures at risk. Thanks NSA! By 2002 much of the older DES-based software has been replaced, though there are numerous places that still use it, and its use is an option in many new protocol implementations even though it is known to be insecure. NIST has standardized a new algorithm with much longer keys, which has not been studied nearly as long as DES, but which has resisted all attacks so far. Smart people have stopped designing DES into new systems. Triple-DES or AES seem to be the preferred replacements.

Originally Posted by mre5765 View Post
Besides which most of the products being discussed in this thread are Open Source, so secret backdoors would be impossible.
And since most of those technologies (not products) are implemented not only as open source software, but as free software (libre, not just gratis), everyone has the freedom to run the software for any purpose and the freedom to redistribute copies of it, so it's heavily-used and well-tested.
pmocek is offline  
Old May 18, 10, 8:51 pm
  #89  
 
Join Date: Jan 2003
Posts: 51
They don't have to break the 256-bit encryption key

Originally Posted by mre5765 View Post
Good luck breaking 256 bit AES encryption.
They don't break the 256-bit encryption key. They break the password, in a brute force manner. For most passwords, using a supercomputer this can be done in a matter of weeks at most.
So the way to defeat that is to use not only a password, but also a keyfile. A keyfile is a file that gets combined with the password-generated key to create the decryption key. So now the brute force attacker needs to iterate not only over all possible passwords, but all possible keyfiles.
Good luck breaking that.
AisleSitter is offline  
Old May 19, 10, 12:49 am
  #90  
 
Join Date: Sep 2009
Posts: 381
Originally Posted by armandov9 View Post
"We have a laptop at the office that we share when we go on business trips. I don't have access to other people's windows logins. I can only log on to mine. So all of the files in there under other people's login will not be accessible, nor can I make them accessible. The computer can be seized, then if I don't provide passwords and it can be seen there are other login accounts?"
You didn't state what OS you had on the laptop but, assuming it was Windows XP or Vista, you probably don't have an administrator account on the laptop. Someone at your office does, however, and that person has access to ALL files of ALL accounts(either by default or by configuration). They also have access to the Computer Management snap-in(Local Users and Groups) for Administrative Tools. That person can also see all accounts by using the command line. Click Start, then Run, type in lusrmgr.msc in the Open field and click OK. The administrator of that laptop, if he/she has configured it for restrictive access, will have these features locked out so a user cannot access them or modify any settings already made.

Originally Posted by Superguy View Post
"Chances are if they can break it, someone else can. They're paranoid enough that if it can be broken in a reasonable amount of time, published or not, it won't be used to protect TS data.

AES is expected to protect TS until at least 2030 with the 256 bit implementation. If you want to tell if AES is getting closer to being broken sooner for start looking for NIST competitions sooner than that and for NSA's Suite B to be updated before then."
When I was in school in 2005, there was speculation out there that NSA had already broken AES prior to its implementation as the de facto standard for encryption. Whether or not that is true, we will never know. They certainly would not publish the fact if it were true, for obvious reasons. Look to history and you will see that countries that broke the codes of other countries took great pains to keep it a secret for as long as possible.

Last edited by Kiwi Flyer; May 19, 10 at 2:43 pm Reason: merge consecutive posts
QUERY is offline  

Thread Tools
Search this Thread
Search Engine: