Sunday, October 21, 2007

Cryptography and snake oil

Colin Percival, security officer for the FreeBSD project, has been looking at a new peer to peer (file sharing) data storage company called Wuala. This system is designed to let people share their disk space and bandwidth with others, to create a distributed, encrypted (for data security/privacy) online storage system that could be used for, for example, backup.

Online storage and backup is a fast-growing area of IT and the idea that this might be provided by a free, peer to peer system seems attractive at first sight.

But wait. One of Bruce Schneier's warning signs of cryptographic snake oil (unsubstantiated claims) came to Percival's mind when he read this on the Wuala website:

Security is a key design issue in Wuala: All files stored in Wuala are encrypted and all cryptographic operations are performed locally. Your password never leaves your computer - so no one, including us, can access your files unless you publish them. Wuala employs the 128 bit AES algorithm for encryption and the 2048 bit RSA algorithm for authentication.
In an interview, the CEO of Wuala had claimed:
In our system, everything is encrypted and the encryption is used by the CIA for top secret files.
(Beware of companies that claim military-grade anything, by the way). Percival notes that:
The US Committee on National Security Systems Policy No.15 states that "TOP SECRET information will require use of either the 192 or 256 [bit] key lengths [of AES]". Since 128-bit AES is not 192-bit AES or 256-bit AES, the cryptography used by Wuala may not be used by any US Governmental agency for top secret files.
Percival is himself working on a system for providing encrypted snapshotted remote backups as a commercial service, but I don't think this is clouding his view of Wuala. What's more, I offer a similar system myself. But even after these disclaimers, it's reasonable to say that with respect to Wuala the existence of inflated, incorrect and dubious security claims is a concern and, speaking personally, I'd be reluctant to make use of their service.

UPDATE: Colin Percival has pointed in the comments to his updated post about Wuala.

1 comment:

Anonymous said...

FYI, I've posted an update to my earlier post concerning Wuala:

http://www.daemonology.net/blog/2007-10-26-wuala-update.html