[OpenAFS] Open AFS, SSL and wireless security.

Derek Atkins warlord@MIT.EDU
02 Jul 2003 11:15:14 -0400 

"Tim O'Callaghan" <tim.ocallaghan@limestudios.com> writes:

> If the UK government wanted info from my machine, they would come and 
> take my machine. Hmm... Have to think about what would happen if someone
> 
> stole my machine... But anyway the threat model here is domestic. 

Ok, so you're talking about your neighbor, which about the same number
of resources as you have... Ok..

> Depends... Approx how many transmissions do you need to have a crack at
> a long 
> term key?

Probably on the order of 2^80 (give or take) for a 3des/aes long-term
key...  Note that this happens about once every 10 hours per user, so
isn't very likely.

The "AFS long-term key" is used for each RX connection at connection
setup time.  This, unfortunately, is a 1DES key so it only needs about
2^50 (give or take) connection setups -- however that doesn't happen
very frequently, either.

Then there is the "AFS Session Key", which is used to authenticate and
encrypt the data.  This key is only valid for 8-10 hours and is again
a 1DES size key.  How much data are you sending in 8-10 hours?

Also, how much computation power do you expect your neighbor to have?

> > This depends on your actual threat model.  Could the NSA do 
> > it?  Yea. But they could also do it with SSL, too ;) 
> > Could your neighbor? HIGHLY unlikely.  
> My neighbour represents a constant threat, as they will be there for the
> long term, and hence 
> have much more of an opportunity to have a crack at it. 
> Would they? no idea. 
> Could they? assuming i patch regularily, as you say highly unlikley. But
> in general, i prefer to be on the moderate side of paranoid, more of a
> hobby than a career :)

See, that appears to be your problem..  No offense, but you're being
paranoid without actually understanding the risks.  :(

> By my way of thinking (again I'm only a layman) they'd have to crack my 
> SSL and then have a crack at openAFS & Kerberos(?)

Nope, it doesn't work that way.  They can just collect all your
traffic and work on it later.  Once they break your SSL key they go
back and have all your other data in storage -- so now they go an
work on that.

ALL of this is extremely unlikely.  I would bet a dollar to a dime
that that 95% of all neighbors out there would give up as soon as they
saw WEP, and 99% (or more) of all neighbors would give up if data was
encrypted in ANY way at the next level).

Seriously, _ANY_ real encryption (I'll admit that WEP isn't real) is
"good enough" against your neighbor, unless your neighbor happens to
be in the NSA.  I'll even go so far as saying that WEP (even though it
IS broken) is useful against most neighbors...

So, in my expert opinion: Kerberos and AFS is "good enough" to protect
you from your neighbors.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available