Bad Movie Wednesday

One of a continuing series

This one came out in 2016 from Universal Pictures and is now streaming on Amazon Prime Video, where I obtained the screen shots. It’s Snowden, about the short, eventful, career of Edward Snowden. Details are from Wikipedia. The opening scene shows the closing days of the drama, as renegade NSA contractor Edward Snowden (Joseph Gordon-Levitt) approaches Glenn Greenwald (Zachary Quinto), a journalist for The Guardian, and documentarian Laura Poitras (Melissa Leo) in an upscale shopping mall in Hong Kong. Snowden is carrying a Rubics cube, by which I interpret he was to be identified. Snowden has left his contract job in Hawaii, taking with him a micro SD card of stolen data. He intends to release it to the world.
There follows a flashback of Snowden’s previous life, beginning with his abortive military career. He trains at Fort Benning, but washes out after breaking both legs.
He finds his niche in the CIA, which takes him on after he demonstrates extraordinary skills in qualifying exams.
From that point through 2012 Snowden moves from working for the CIA to working for Dell on an NSA contract. During this time he becomes aware of computer surveillance of such power it has the ability to snoop on anybody and to ruin peoples lives. Additionally he becomes disenchanted while observing the nonchalance with which combat drone operators accept collateral damage as part of the way of doing business.
Finally, he leaves Dell to work for an NSA contractor in Hawaii, and he uses his access there to load a micro SD card with pilfered data. He smuggles the card out of the facility by hiding it in the Rubics cube.
After the Guardian and Wikileaks publish the data, Snowden becomes a hero to many and a pariah to those who have the power to crush him.
From Hong Kong, Snowden makes his way to Russia, where he remains to this day, unable to travel without a passport that will protect him from the United States Government. Oliver Stone directed this, and he also directed JFK, which famously portrayed the murder of President Kennedy as a vast conspiracy. By that measure we expect to see some of the same kind of treatment here, and we are not disappointed. Snowden is depicted as an earnest and conflicted individual, and there is no doubt that is how he sees himself. A turning point for him, also depicted in the movie, is NSA Director James Clapper’s skirting the issue of gathering data on American citizens. I have previously addressed this:
When all committee members had used their allotted five minutes, Chairman Feinstein opened for a second round of questions on camera before we’d adjourn to the closed hearing. Only Senators Feinstein, Angus King, and Ron Wyden had “round two” questions, hers on Hezbollah and Senator King’s on extremism in North Africa. Senator Wyden’s seemed to come out of left field: And this is for you, Director Clapper—again, on the surveillance front. And I hope we can do this in just a yes or no answer, because I know Senator Feinstein wants to move on. Last summer, the NSA director was at a conference and he was asked a question about the NSA surveillance of Americans. He replied, and I quote here, ‘‘The story that we have millions, or hundreds of millions, of dossiers on people is completely false.’’ The reason I’m asking the question is, having served on the committee now for a dozen years, I don’t really know what a dossier is in this context. So what I wanted to see is if you could give me a yes or no answer to the question, does the NSA collect any type of data at all on millions, or hundreds of millions, of Americans?   Clapper, James R.. Facts and Fears: Hard Truths from a Life in Intelligence (p. 207). Penguin Publishing Group. Kindle Edition.
The movie depicts Snowden as a prime mover and shaker in the cyber intelligence business, and indications are that he had some credible chops. Wikipedia indicates he tested about a 145 IQ, which is about par for a Ph.D. candidate, but not stratospheric. The movie shows him stealing his trove of data while working in Hawaii, but indications are he obtained the major part of his load before going there. I watched this drama play out five years ago and saw (still do) Snowden as a self-appointed majority of one. Nothing much has come down the pike since to dispel my notion.

Majority of One

A Continuation—Number 2

Four years ago I posted on the Edward Snowden business:

Snowden has seen something that is wrong with this country, and he has acted to correct it. From his point of view. The issue is currently being batted about in the halls of government, and some are saying PRISM and FISA are bad, and some are saying they are good. The discussion will likely go on for some time, and in the end some disagreement is sure to persist.

In the mean time Snowden has nullified all those other votes with his one vote. He has become a Majority of One. It would appear that sometimes it is necessary to destroy one part of democracy in order to save another part.

There’s a long tradition of defying the law to do what’s right. Mohandas Gandhi was one such person. Martin Luther King was another. We have to wonder whether Snowden saw himself in the same light as these two. Both saw a wrong that needed to be corrected, and both went beyond the law. Of course, there’s a difference. Gandhi and King owned up, didn’t flee, didn’t back away. They offered themselves up to suffer the legal consequences of their actions. Both were murdered. Snowden, to the contrary, sought refuge from justice within the purview of one of the most corrupt and anti-democratic regimes on the planet, refusing to submit to the legal consequences of what he did. It takes some of the shine off.

That said, I never condoned Snowden’s methods. The government actions he exposed were not part of a great scheme to subjugate people and to suppress equal opportunity under the law. Furthermore, there is serious question whether anybody’s civil rights were in jeopardy. Snowden figured he had a vote in the matter, and he cast it—a majority of one.

There’s more.

While the Edward Snowden affair was still fresh in people’s minds, others figured they had a better lock on what was right and just than the American court system. There was the episode I titled High-Pocket Pickpocket.

Bundy’s family has been grazing cattle on the disputed piece of public land since the 1800s. The government allows private entities to use public lands for commercial purposes on a fee basis. The trouble with Bundy began in 1993 when the government changed the rules for grazing in this area, and Bundy quit paying the fees in protest. From all appearances, Bundy is getting a lot of support from locals and from out-of-towners who share a disdain for government regulations:

What I found most impressive was the support Nevada rancher Cliven Bundy got from those whose pockets he was picking. The cold facts are this. Bundy’s ranch was grazing its cattle on government land for which a fee was required. He refused to pay the fee. In essence, he was getting for free the use of the land and the grazing. Contrast this to somebody in competition with the Bundy ranch. The competition, those raising cattle and selling to the same market, either owned their land or else leased it, often from the government. It’s a nice arrangement for Bundy, he can 1) undercut the competition and still break even, or 2) he can go head to head with the competition and pocket more of the proceeds. Either way, it’s a win for Bundy. As I mentioned three years ago, this arrangement put Bundy ahead of his competition to the tune of $1.3 million over the previous 20 years. And civil liberties be damned.

What really caught the news was the armed confrontation with government agents. Bundy’s friends and neighbors were not of the same ilk as Gandhi and King. They brought their guns. And they pointed them at the G-men. There were further developments and ultimately consequences. See the image above from the FBI video in Oregon last year. Bundy’s sons and some like-minded people took command of a government building in the wilderness and held out for several days. They had guns. As the confrontation with the FBI came to a conclusion, one of the Bundy fans, Robert LaVoy Finicum, was shot and killed by an agent. So much for a majority of one.

Subsequently there was a trial, and the anti-government gunmen were acquitted of the charges against them. Additionally, an FBI agent who participated in the confrontation with Finicum has been indicted for making false statements concerning the event:

An FBI agent, W. Joseph Astarita, is alleged to have fired two shots at Finicum’s pickup, one of which penetrated the roof of the pickup and exited through a window. FBI agents were believed to have recovered the ejected empty cartridges. A five-count indictment for lying about the circumstances at the scene of Finicum’s death, and obstruction of justice, has been obtained in Portland against Astarita by the Department of Justice. He is being represented by a public defender.

There have been other developments. The consequences of Bundy and supporters pointing guns at federal agents are winding their way through the justice system. The first to go down has been one Gregory Burleson:

The weight of a heavy sentence landed in the quiet federal courtroom Wednesday morning, leaving Gregory Burleson occasionally stroking his graying beard and his attorney pleading unsuccessfully for leniency.

The 53-year-old Burleson was the first to be sentenced for his role in the 2014 standoff between federal agents and supporters of Cliven Bundy near his Nevada ranch.

He got 68 years in prison.

Again, so much for a majority of one. An additional Bundy friend has been convicted and is due to be sentenced in September, unlikely to get the breaks obtained by Burleson. Four others obtained acquittals on offenses related to the ranch standoff, but they are now schedule for trial on federal charges. Once that trial is concluded, according to the Los Angeles Times, Cliven Bundy and his son Ammon will go to trial for their part.

As you may have guessed, that’s not the end of the list of people who think American law is for other people. Most recently we have the case of former  Maricopa County (Arizona) Sheriff Joe Arpaio. In years past he made a name for himself as the toughest sheriff in the United States of A. This by being rough on prisoners and also on those not yet prisoners. On multiple occasions the courts have had to smack Sheriff Joe down for wandering outside the laws governing civil rights in this country. Bypassing all that and getting to the most recent, a federal judge enjoined the sheriff from enforcing his policy of profiling suspected illegal aliens, an injunction which he disregarded. He was charged with contempt of court, and about the same time the voters of Maricopa County ended his decades-long tenure. And the majority of one has also come to an end:

Former Sheriff Joe Arpaio committed a crime by defying a court order to stop detaining suspected undocumented immigrants, a judge ruled on Monday, in the latest rebuke for a once-popular politician who was voted out of office last year.

United States District Judge Susan R. Bolton found Mr. Arpaio, 85, guilty of criminal contempt of court, a misdemeanor punishable by up to six months in jail. Mr. Arpaio’s lawyers said he would appeal.

So that’s what it all comes to. There is the rule of law, and there is personal preference. Keep your personal preference close to your heart and defy the law at your peril:

Lying here in the darkness
I hear the sirens wail
Somebody going to emergency
Somebody’s going to jail

And Edward Snowden will need to learn to speak Russian.

Applied Cryptography

This is a continuation of a previous post.

I subscribe to Scientific American, have for maybe 50 years. I saved this issue:

ScientificAmericanAugust1979Small

Yes, it’s all about corals. No, there’s an additional item:

Page 146

Page 146

Martin Hellman and Whitfield Diffie published a paper “New Directions in Cryptography” in IEEE Transactions on Information Theory (November 1976).

Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.

Today people may find this curious, but 40 years ago the prospect of e-mail was just looming on the horizon. For those not old enough to remember, what we had for e-mail in olden days was called the telegraph. If you wanted to send somebody a message you went to Western Union and gave them all the text, and they sent your message by wire. Or by radio link. Then somebody printed out the message on the other end, and a guy on a bicycle delivered it to your door. I have received one or more of those.

The hot new concept of e-mail was that a person could sit at his own computer at home or else at his boss’s computer at work, compose a message, enter the recipient’s e-mail address, and hit the send button. Not many people were doing that 38 years ago.

But suppose you want to keep your e-mail contents private. No problem. You just run your encryption program against your e-mail text, and you send the encrypted text. The recipient on the other end will run the proper decrypting program against the message to extract the clear text. If he has the proper cypher key. You have to give him the key.

Suppose giving your recipient the key were not a problem. Now you want to send e-mail to hundreds of people. You have to give each one of them the same cypher key. Even if there were a secure way of doing this, things would begin to get a little shaky. It only takes one loose cannon (just ask Edward Snowden) among your long list of recipients, and your plan for secure messaging is blown.

This is what Diffie and Hellman sought to fix. It works like this:

You have two processes for handling messages. One encrypts messages, and the other decrypts messages. Call the two processes E and D for encrypt and decrypt. Now have all participants come up with their own pair of E and D (no two alike supposedly). Everybody publishes for all the world to see his E. Now we have all these published encryption processes which we will call E1, E2, E3, etc. Everybody keeps his D to himself, a secret. How are you going to use this system?

No problem. If you want to send a message to number 2, you get yourself a copy of E2 and encrypt the message. Then you send the encrypted message to 2, who has no problem extracting the clear text, because he has the only copy of D2. This process is described using the following notation:

D2(E2(m)) = m

In this notation m is the clear text message. The parenthesis mean “apply the operator (D or E) to whatever is inside the parenthesis.

What Diffie and Hellman did not do in their 1976 paper was to describe a way to implement this. In 1978 Ronald Rivest, Adi Shamia and Len Adelman (RSA) published  “A Method for Obtaining Digital Signatures and Public-Key Cryptosystsms.” They foolishly offered to send a copy of their paper to readers who requested one. I did not have e-mail at the time, but postal mail worked just fine:

PublicKey1977

An essential requirement of a public key system is that your everyday Edward Snowden should not be able to take E and derive D from it. The method described by RSA involves using pairs of very large prime numbers. Call a pair of these numbers p and q. Then

p x q = n.

The number n is not prime. It has only two factors, p and q. Now suppose each of p and q are 100 decimal digits long (or more). Then the length of n is 200 (or more). The RSA method uses p and q (and n) to produce e and d. Read the RSA paper, page 6. This involves some nice math, which I will not elaborate on here.

A user R can publish n and e, keeping d (and p and q) private. Somebody wanting to send R a message uses n and e to encrypt the message. R uses n and d to decrypt the message. Knowing n it is still very difficult to compute d, even if you know e. Computing d is tantamount to factoring n (into p and q). It is well known that the factoring problem is hard. Factoring n is only a bit less difficult than doing a search for p (or q), but it is not easy enough to make it feasible with present day computational facilities.

Practical cryptographic systems use keys many (>> 100) digits long and are considered to be secure. The RSA public key system is proposed as a method for securely distributing keys to users in the field. As of this writing the Wikipedia entry outlines some approaches to attacking the RSA public key system:

  • When encrypting with low encryption exponents (e.g., e = 3) and small values of the m, (i.e., m < n1/e) the result of me is strictly less than the modulus n. In this case, ciphertexts can be easily decrypted by taking the eth root of the ciphertext over the integers.
  • If the same clear text message is sent to e or more recipients in an encrypted way, and the receivers share the same exponent e, but different pq, and therefore n, then it is easy to decrypt the original clear text message via the Chinese remainder theoremJohan Håstad noticed that this attack is possible even if the cleartexts are not equal, but the attacker knows a linear relation between them. This attack was later improved by Don Coppersmith.

See also: Coppersmith’s Attack

  • Because RSA encryption is a deterministic encryption algorithm (i.e., has no random component) an attacker can successfully launch a chosen plaintext attack against the cryptosystem, by encrypting likely plaintexts under the public key and test if they are equal to the ciphertext. A cryptosystem is called semantically secure if an attacker cannot distinguish two encryptions from each other even if the attacker knows (or has chosen) the corresponding plaintexts. As described above, RSA without padding is not semantically secure.
  • RSA has the property that the product of two ciphertexts is equal to the encryption of the product of the respective plaintexts. That is m1em2e ≡ (m1m2)e (mod n). Because of this multiplicative property a chosen-ciphertext attack is possible. E.g., an attacker, who wants to know the decryption of a ciphertext c ≡ me (mod n) may ask the holder of the private key to decrypt an unsuspicious-looking ciphertext c′ ≡ cre (mod nfor some value r chosen by the attacker. Because of the multiplicative property c′ is the encryption of mr (mod n). Hence, if the attacker is successful with the attack, he will learn mr (mod n) from which he can derive the message m by multiplying mr with the modular inverse of r modulo n.

I have as yet not learned of any systematic way to attack the RSA key system. PGP stands for Pretty Good Privacy, and it incorporates public key technology:

While originally used primarily for encrypting the contents of e-mail messages and attachments from a desktop client, PGP products have been diversified since 2002 into a set of encryption applications which can be managed by an optional central policy server. PGP encryption applications include e-mail and attachments, digital signatures, laptop full disk encryption, file and folder security, protection for IM sessions, batch file transfer encryption, and protection for files and folders stored on network servers and, more recently, encrypted and/or signed HTTP request/responses by means of a client side (Enigform) and a server side (mod openpgp) module. There is also a WordPress plugin available, called wp-enigform-authentication, that takes advantage of the session management features of Enigform with mod_openpgp.

I have my copy of the RSA paper, and thanks to the remarkable progress the Internet has made since 1979 you can now get your own copy through the link I supplied above. I have scanned Hellman’s Scientific American article to a PDF, and I will send a copy to everybody who asks for one. By e-mail.