[e2e] security through obscurity *does* work - keep an open mind...

[Scott Boone]

On 13 Feb 2006, at 11:36 AM, David P. Reed wrote:
> Scott Boone wrote:
>
>> [ insert anecdotate about "why security through obscurity doesn't  
>> work" here ]
>>
> Actually, cryptography is merely "security through obscurity".    
> The only issue is the work factor involved.
>
> It's perfectly reasonable, IMHO, to use precise timing correlation  
> filters vs. keyed sequence filters (e.g., PR sequences generated  
> algorithmically from a key that has relatively low entropy  
> generated from a 6-8 character mnemonic password) as the mechanism  
> to raise the work factor.
>
> There's no a priori reason that precisely controllable timing can't  
> generate high robustness against attacks.   Remember that DDoS  
> attacks, for example, gain some of their power by synchronization,  
> so limiting the ability to synchronize collective action would  
> raise the work factor threshold for DDoS.

do not use slogans on e2e.  check.

my slogan-related concern did not have anything to do with how secure  
the identification of the host itself was.  my remark had more to do  
with the following issue:

1) something somewhere (edge routers, NAT boxes) has to have globally  
reachable addresses.  these are still attackable.  hiding some IDs  
doesn't hide all IDs, and is of limited utility.  it is unclear to me  
how much you will gain by obfuscating a host's IP; my understanding  
(mostly obtained from a skimming the occasional NANOG and CAIDA  
presentation) is that serious DDoS attacks tend to impact edge  
routers and links.

furthermore:

2) the control mechanism used to negotiate DHTs between pairs must  
have a globally reachable address.  this address can be sniffed by an  
attacker.  therefore, this approach is subject to a control plane  
attack.

3) any DHT implementation is going to have libraries that an  
intelligently designed worm will be able to call, which should then  
allow said worm to circumvent any host ID obfuscation.  it makes a  
worm's job harder but does not force the worm to have to break the hash.

and the elephant in the room:

4) many application use patterns on the internet would not play  
nicely with protocols that require two nodes to prearrange  
communications time in advance through a third party broker.  how do  
two nodes even know they both want to talk to each other beforehand  
in most cases (e.g. http)?  most internet services have to be  
globally reachable and open to requests from anywhere.

> Reasoning by slogan is dangerous - that's more or less how we end  
> up with MD5 being viewed as "secure" as it was...

that's certainly an ironic example given the slogan I used.

> Or those who are ignorant of evanescent waves saying such boners as  
> "you can't tap optical fibers without detection because you have to  
> break them; you can't inject signals into optical fibers without  
> detection because that can only be done at the endpoints".   Such  
> scientific ignorance provides no protection at all...

'reasoning by irrelevant tangent' is dangerous too.


(scott)