A neat data sharing technique

2 June 2017

We needed to share some data with another company, and this related to Credit card transactions. But we did not want to share the actual card numbers (PANs), what to do. What we came up with is quite neat, and can probably be used by others.

The external company collects the card numbers they want information on, they encrypt these with RSA with a key they generate and do not share. They send these encrypted numbers to us, we further encrypt them with our own RSA key and jumble the order of the entries, then send them back. So now they have a set of PANs double encrypted.

We perform an extract of the relevant transactions and encrypt the PANs with our RSA key, and send these as well. Now the recipients of these can encrypt these with their key and because RSA is a commutative function, can match up the two sets to see if the PANs they sent to us were used in the extracted transactions.

We have added a daily salt to these encryptions so that correlations can’t be used to work out which encrypted PANs map to the original PANs, and we bulk up the transactions so that individual transactions cannot be identified.

A friend of mine wrote up the proof of this:

Let Nv = our Key Modulus

Let E = our Operand (a number greater than 1, which is carefully chosen…)

So our Public Key, Vp = the couplet (Nv, E)

[Ignoring the Private Key as it’s not important…]


Let Ng = their Key modulus

F = their operand

So their public key Gp = couplet (Ng, F)

Let X = a PAN

Let Encrypt(K,M) be the RSA encryption algorithm of encrypting message M using key K

To encrypt the PAN using our Public Key: Cv = Encrypt( Vp, X)

This is actually Cv = X^E mod Nv

Then encrypt again using their Public Key: Cvg = Encrypt(Gp, Cv)

This is actually Cvg = Cv^F mod Ng

Similarly, encrypt the PAN using their Public Key: Cg = Encrypt (Gp, X)

This is actually Cg = X^F mod Ng

Then encrypt again using our Public Key: Cgv = Encrypt(Vp, Cg)

This is actually Cgv = Cg^E mod Nv

So Cvg = CvF mod Ng

= (X^E mod Nv)F mod Ng

= X^EF mod Nv mod Ng

= X^FE mod Ng mod Nv

= (X^F mod Ng)^E mod Ny

= Cg^E mod Ny

= Cgv

1. it doesn’t matter whether we encrypt with our key first or second, we get the same answer.

2. this means that the RSA algorithm is a commutative encryption algorithm

And so if we produce a value Cvg and they produce value Cgv and the values are the same, we can deduce that both organisations encrypted the same PAN, and nobody is actually sharing any PANs in the process.

Password Managers

7 February 2017

Lastpass Screenshot

I am constantly surprised that ordinary people don’t use password managers. I would expect most security professionals to use them, but even there I find many do not use a password manager.

So what is a Password manager? Basically a database that stores usernames and passwords for you. The data is encrypted with a master password so you do have to remember that one password. When you visit a site or start an application that needs a password the password manager fills in the credentials for you.

Why is this better than what I do at the moment? If you don’t use a password manager then you must be doing one of the following:

1. Use the same password, or a small set of passwords on many sites.

This is a bad idea, mostly because if one of those sites is compromised then you will need to change your password on all the sites you have used that password on. Can you remember all of those sites? How long will it take you to do that?

2. Write passwords down.

Actually this is not too bad, as long as you look after the password book. You can do some things to make sure that if the book is stolen then it doesn’t immediately compromise all your passwords. But if you lose that book how do you go about changing your passwords?

3. Use an algorithm to generate the password for each site.

It could be paper based or something you can remember and do in your head or a combination. Usually you use the domain name of the site to work out your password. The problem here is if that site is compromised then you have to change your password, lots of these and you have a long list of exceptions, or alternative methods for passwords. It will soon become unmanageable.

Software to the rescue.

So the answer is to use a password safe software. There are a number of systems available. I recommend both lastpass and keepass. Lastpass is internet based, and implemented through a browser plugin whereas keepass is an application you run locally on your machine.

Both allow you to store usernames, passwords and the URL of the login page. Both have a master password to encrypt the password store, and only decrypt the password in memory on the local machine.

Keepass has a local database, but this can be synced with other machines with a Dropbox, GDrive, OneDrive, or even sftp. Because the database is only decrypted in memory this is safe. Keepass is open source and there are clients for all desktop operating systems, and some mobile as well. There is a huge range of extensions to extend the basic functionality.

I personally use lastpass, but I also regularly export my keystore and import it into keepass so I have a backup.

So why is this good.

1. you have a different password on every site. OK if you don’t have this when you start you can progress towards this. Because you only have to remember one password, there is no effort in having a different password for every site.

2. You use long, randomly generated passwords. These systems will generate a new password for you, so you may as well make it long and complex as you don’t have to remember it. And that makes you much more secure. So when you set up a new account or change an existing password, generate it randomly and a make it 16 characters long (if the site accepts this).

3. Your password manager checks the domain you are visiting and will only enter the amazon password into the page at amazon.com not amason.com amaz0n.com amazom.com arnazon.com

4. Use your password manager as your bookmarks, if you need to visit your bank, select it in the password manager and it will go there and log you on.

5. Use you password manager to store password recovery information. Because you are using a password manager you don’t need to be able to recover a forgotten password, but some sites insist on this. Never answer the security questions with the correct information, if they want your mothers maiden name put something random in there, otherwise it may be possible to have your account taken over using the password recovery process.

6. You can use this to store and auto fill other sensitive information like Name, address, credit card numbers etc. This avoids storing cards on a website, from where it may be compromised. And because it is automated just as fast as having the website store the data.

So if you have read this far you should be totally convinced and ready to start using a password manager now. Well done.

The #IPBill aka #Snooperscharter second letter

26 November 2015

Here is my second letter to My MP. This is the important one as they rarely see your first letter.

Dear Alok Sharma,

I thank you for your reply to my letter (ref: CRM12097), while your response tries to clarify some aspects of this bill you fail to address any of this issues that I raised.

I would like to explain just a few of the issues I, an others in the Cyber Security community, have with the Investigatory Powers Bill. Firstly the bulk collection of data.

Bulk collection of data records “meta data” is not equivalent to a phone bill. This implies that it only relates to a small part of a citizens life and interactions. In the case of the Internet we are living our lives where all our actions and thoughts travel on the Internet in some form. And this is rapidly expanding, from smart phones reporting location, activity, and biomedical information to our homes becoming automated and reporting machines that we live in. The “meta-data” of these interactions is vast and detailed view of our lives.

If you want a simple parallel it is equivalent to the information collected by the East German Stasi, collected and stored, and could be searched and analysed.

It is amoral in a free society to collect and store this level of information on citizens, whatever the justification.

Secondly the the storage and analysis of this data does not help the police, or GCHQ in performing their roles. If this is to protect us against terrorism it will not work. All of the recent terrorist attacks have been performed by persons known to the police. No cases of terrorism have been identified from bulk analysis of data. If this data truly was able to do this then we should demand extraordinary proof that this is the case, and subject this to public scrutiny. Where the NSA has been challenged to do this they have failed to provide a single case where access to bulk data was instrumental.

The simple argument here is that if the terrorists of all previous actions were known to the police but they were unable to spot this from the data they have, how does adding more data to the pile help.

This collection will be expensive and hamper the development of businesses in the UK. The Snowden revaluations mainly reflected on the operation of the NSA, and those revelations had, and are having a major impact on US businesses that sell technology solutions, especially internationally. This bill will have an even worse impact on UK businesses than the current revelations have already had.

The collection of useful data is easily bypassed by citizens. The entertainment industry has been trying to detect and prosecute people for copyright infringing activities for 10 years. This has taught much of the population how to use technologies like VPNs, and TOR. When these are used data collected under these Bulk collection schemes is useless.

The collection of this data is probably illegal under the European Convention on Human Rights. The recent ruling on the data retention directive, should alert you the the fact that the basic human rights are being infringed by the current collection schemes, and so this will probably be illegal under a similar challenge when it eventually comes. It would certainly not be legal under the American constitution.

Next I would like to discuss encryption. In your letter you say that you do not want to break encryption, The point in my letter was specifically about end-to-end encryption. This is where the service provider is unable to decrypt messages. The Bill states that service provider must comply with a warrant, and provide decrypted information. So what does this mean for services where the service provider is unable to do this? This implies that you will ban such services. If you think that this will help catch criminals, and not seriously harm UK businesses you don’t understand the issues.

End-to-end encryption uses the same technologies that secure connections to services providers. These are widely available technologies in open source products. These will be used whatever the law states.

I hope that this will help you understand how deeply flawed this bill is and and convince you not to support this. I have only covered a couple of issues with this bill, there are many more that I have not covered here.

Yours sincerely,

Stuart Ward

Investigatory Powers Bill

21 November 2015

One of the problems in our political system is that most of the members of parliament, and their advisor’s, pundits, and the politically active population have little knowledge or understanding of the technical infrastructure that runs our world. A combination of the lack of interest in politics by technical people, and the lack of education in scientific disciplines of our politicians.

We on the technical side, dare I call us geeks, now need to get involved in the political discussion. The second round of the crypto wars s upon us with the combination of people saying they don’t care about interception, and the week voice of those of us who do understand and care in speaking up, if we don’t speak up we will loose.

Can I urge all of you out there to write to your MP! It is not hard, but if we all do it, we can start to reclaim the internet for the good of the future.

Here is what I have sent, awaiting a reply.

Re: Investigatory Powers Bill
Dear Alock Sharma

I am very concerned about this new bill and the massive encroachment into the public right to privacy it enshrines. This has rightly earned the nickname “The Snoopers Charter”

If you want access to my data Get A Warrant!

The bill seems to retrospectively enshrine into law the massive, and probably illegal, interception of the internet by GCHQ. Prevent any disclosure of the extent of that interception and prevent anyone leaking information about that from using a public interest defence.

The only reason we know anything about these activities is because of whistle-blowers, who have endured political witch-hunts as a result of revealing these illegal activities.

The “Going Dark” argument, that the Police are unable to investigate crimes because of the improvements in security of the internet is a very spurious one. It implies that there has been total surveillance of the population in the past (and present) and this needs to continue.

If the police need access to end-to-end encrypted communication that can get a warrant and cease the device, view the decrypted messages.

The idea that a law can ban end-to-end encryption is as ridiculous as the claim from David Cameron to ban encryption, or mandate back-doors in all systems. The security profession has told you many times that inserting back doors safely into encryption software is imposable. (see Keys under dormats)

If you want access to my data Get A Warrant!

Banning end-to-end encryption will not stop the bad guys using it. How to do this, and the programs to do it are all publicly available and open source. All you will do is hamper UK law abiding citizens in using these, and kill the security software industry in this country.

There are also the sections allowing the Police, and GCHQ to break the Computer Misuse act, by hacking into any computer or device they wish. There is no justification for allowing this extreme power. The government should be working to improve our security not undermining it.

What we want from an investigatory powers bill is something like:

1. Full disclosure of all interception programs, and the number of cases involved
2. Disclosure after a reasonable amount of time that my data has been intercepted.
3. Independent oversight of All cases by someone like the RIPA Interception Commissioner
4. All cases to be authorised by an individual warrant authorised by a judicial person.

What we want is the law as it applies to everything else, should apply to the internet. Searching my data should be the same as searching my house, or searching my person. It is the same amount of intrusion, it should have the same controls.

I trust that you will NOT vote for this bill and will argue against it in the House.

Yours Sincerely

Stuart Ward

Cracking the Hacking Team

6 July 2015

The somewhat notorious Hacking Team seem to have been subject to an attack of using their own tools. This points to the use of poor passwords, and reusing password on multiple systems.

The other lesson here is to have tools looking for ex-filtration of data, at least to detect when something has gone wrong.

We should be able to learn something here…


“Hacking Team appears to have committed two of the classic mistakes in security: Never use simple passwords and never reuse passwords. For a security company that’s this high profile, there’s no excuse for these sins. We don’t know yet how the attackers got into HT’s systems, but given the poor passwords that have been revealed in the documents, it could have been as simple as brute-forcing the passwords on a few system,” Martin McKeay, Akamai senior security advocate, commented for Help Net Security.

“The other major mistake made by HT was not noticing that 400Gb of data was leaving their systems. Extrusion detection for an organization that specializes in malware and monitoring should be one of the defenses they concentrate on, because it’s what other people would use to detect their tools. Expect your tools to be used against you is a basic warfare tenet.”

And I have now fallen into the trap of the miss use of the word “Hacking” in a negative context.

More evidence that bulk snooping dosent work

27 April 2015


But little came of the Stellarwind tips. In 2004, the F.B.I. looked at a sampling of all the tips to see how many had made a “significant contribution” to identifying a terrorist, deporting a terrorism suspect, or developing a confidential informant about terrorists.

Just 1.2 percent of the tips from 2001 to 2004 had made such a contribution. Two years later, the F.B.I. reviewed all the leads from the warrantless wiretapping part of Stellarwind between August 2004 and January 2006. None had proved useful.

Article on IMSI Catchers and Stingrays

24 April 2015

I have been helping a proper journalist, Brady Dale, write a article on the use and abuse of Stingrays and other IMSI catchers. It turned out quite well. It is up on Motherboard.