Encryption -- the NFC killer app

30 Jan 2015

I believe I have found the killer app for NFC - off-phone encryption hardware for the post-Snowden era.

One of the revelations that Edward Snowden told us is that strong encryption works. Over the new year the person Snowden chose to contact, documentary filmmaker Laura Poitras, spelled out at the Chaos Computer Congress that the two protocols that the United States NSA and the UK’s GCHQ could not decrypt were PGP (Pretty Good Privacy public-key encryption) and OTR (Off-The-Record instant messaging encryption).

However, while the math behind PGP may be secure, unless messages are decrypted on air-gapped, offline PCs, the endpoints are the weakest link in the chain. If the file containing the key itself could be stolen it would be a relatively simple case of brute-force guessing the password to the key for the encryption to be broken.

The idea of using mobile smart phones with PGP has long met with derision by the security community. Smart phones are by their nature online 24/7 and are thus the secret key file is a sitting duck for attacks - especially with the plethora of insecure apps to exploit.

Edward Snowden’s lawyer said he only uses a simple phone and in Spain, police are taught to recognize terrorists by, among other factors, if they use a laptop in a car.

Enter Yubico’s Yubikey Neo, a small USB device that, among other features, works as an OpenPGP smartcard.

This addresses the key problem with PGP keys on a mobile smart device. The private key is never present the phone itself, even for a split-second, and the actual decryption or signing happens on the Yubikey via NFC or on the laptop via USB.

Indeed, for better or for worse, there is no way that a user can extract a private key generated on the key itself. For those paranoid that Yubico might be backdooring their key-generation algorithm, an option is to generate a key on an air-gapped PC and then transfer it to the Yubikey Neo.

The combination of Android K-9 email client, OpenKeyChain PGP and Yubikey Neo suddenly solves the usability / security trade-off that has hampered widespread PGP adoption on mobile devices

Signing or decrypting an email needs the Yubikey to be held against the back of the device for a few seconds, a PIN is entered and there is also a counter of the number of times the PIN has been entered.

No, the software is not perfect and there are many rough edges on both the encryption part and the email part. Keys are limited to 2048-bit RSA keys (most people use 4096-bit keys these days and OpenKeyChain natively supports up to an overkill 16,384-bit RSA key), key editing and signing does not work with NFC keys on OpenKeyChain (meaning you cannot pledge your trust of another user), generating a new key meant I had to uninstall and reinstall K-9 for it to recognize the new key on the same Yubikey and with the advent of quantum computing RSA keys of all sizes will be easy to break.

Science fantasy? Hardly. The Snowden documents told us that the NSA does have quantum computers but is having problems scaling them and shielding them to make cracking codes practical.

Yubico has told me that in an emergency the Yubikey is safe to eat and still works when passed through a digestive tract (and cleaned), though perhaps the company might want to create a version that is dissolved or at least disabled by digestive juices.

Google unveiled its first NFC-enabled Android smartphone, the Samsung Nexus S, back in December 2010 and nothing much happened.

The promise four years ago was for contactless payments. However, Google Wallet over NFC was only supported in the United States and never really caught on. NFC screen sharing and file sharing? While that was possible, nobody really bothered and preferred to share via instant-messaging apps instead.

Encryption of email is not just for the dissidents and journalists with a nation-state as an adversary, but it is a solution to the question of privacy in an era where governments the world over are seemingly hell-bent on mass-surveillance programs.

More and more countries, including Thailand, are putting in man-in-the-middle proxies to degrade encryption to make email easier to intercept in plain text. But while these attacks make it easier for security services to eavesdrop, it also makes life easier for cyber criminals too.

No centralized app can be secure to coercion (be it commercial or national security threats) which is the beauty of protocols such as PGP, OTR or ZRTP (for encrypted voice) as rather than a turnkey solution, they run on top of established, decentralised networks and only secure the message.

Even if you have nothing to hide, using encryption as a matter of course will mean that when you do have something to hide, that message will not stick out like a sore thumb.

Related content

No Comments Yet! Be the first to share what you think!