← Back to context

Comment by Retr0id

7 hours ago

> We do have encryption methods, but at the same time we’re always having to create new encryption methodologies when bad actors find new decryption strategies.

> But if someone doesn’t even know the data is being transferred, then it’s really very hard for them to hack into it. If you can send information secretly then it definitely helps to prevent it being acquired by people you don’t want to access it.

Very strange framing. Symmetric cryptography has been "unhackable" for a while now, for all intents and purposes. The real advantage is surely that nobody notices you're transmitting data at all?

15 comments

Retr0id

Reply
nine_k  7 hours ago

The cypher may be prefectly impenetrable, but the software running on the transmitter or receiver may be more brittle. You cannot attack what you don't even know exists nearby.

  • Retr0id  7 hours ago

    A secure cipher is indistinguishable from random data, you can't infer what software is on either end just by eavesdropping.

    • andrewflnr  5 hours ago

      In practice you can infer a lot. The payload of a TLS stream is formally indistinguishable from random data, but you can still tell on the wire that it's TLS. There aren't a lot of widely-used TLS implementations. It's been a while since I looked at the specifics, but I bet there's a lot of more specific signature data in the plain-text parts of the protocol like supported ciphers. You can make some good guesses from the metadata.

      In the case of a physical interception, you can probably infer more. If you, after reading this article, spot an enemy drone that doesn't have any obvious emissions, then, well, there might only be one option for the software running on that drone, namely The Software that your enemy uses on their drones.

      Anyway, it's not clear to me from the article whether the source object from the signal will necessarily be invisible. I think every transmitter still at least looks like a point source of blackbody radiation. The signal may not be detectable from thermal background radiation, but if the background itself is coming from a big obvious drone, well, you know it "exists nearby".

      3 replies →

    • nine_k  7 hours ago

      But once you've located the device, you can use a number of electronic warfare approaches to crack into it, not necessarily through its main radio interface. For instance, electromagnetic interference, heating, etc, all can inject a subtle hardware failure that the software is not ready to handle.

      2 replies →

beloch  5 hours ago

It adds a layer of obscurity, but not real security. If somebody is looking, neither sender or receiver can detect it or know if their ciphertext was intercepted. Depending on the methods used, the cipertext might not be immediately crackable with currently known algorithms and resources. However, it can be archived and broken at a later date, or by an actor who has access to algorithms/resources that aren't currently public.

  • cornholio  1 hour ago

    Covert transmission is security. Think of a spy or North Korean dissident, mere detection of a transmission means compromise; Eve will extract the plain text using the trusty $10 wrench.

  • Retr0id  5 hours ago

    harvest-now-decrypt-later attacks aren't much of a concern for modern symmetric cryptography. heck, even known-broken ciphers like rc4 aren't easy to break in a non-interactive setting with modest ciphertext sizes and no key reuse.