back to article Privacy expert dismisses PRISM-busting typeface as 'art project'

Attempts to use a mixed-up font that makes machine reading more difficult in order to foil NSA snoopers or hackers are almost certain to fail, according to privacy experts. Sang Mun, a former South Korean Army man who worked in liaison with the US National Security Agency (NSA) during his service, spent a year creating the ZXX …

COMMENTS

This topic is closed for new posts.
  1. Forget It
    Angel

    UTF-8 alternative

    Otherwise you could compose message avoiding standard characters - using UTF-8 alternative

    instead.

    As seen in alt.free.newsservers here:

    http://groups.google.com/forum/#!topic/alt.free.newsservers/jR21H6TnYG0

    [Note El Reg complains if you try to cut and past that example into this forum - may be our developers are smarted than we thought.

    1. Michael H.F. Wilkinson Silver badge

      Re: UTF-8 alternative

      Just using a different fixed font encoding is identical to using using the oldest cypher in the book: simple substitution. You can easily simulate the enigma machine on your PC, and that is much better than the proposed solution. However, note that fairly old computer machinery could already crack that (with the help of some nifty linguistic trickery and a few coding blunders of the Germans)

      One-time pads do a rather better job, and are easily accessible (though harder to distribute).

      1. Anonymous Coward
        Anonymous Coward

        No

        It's not equivalent to any kind of cypher.

        As stated in the article, the computer is looking at the ASCII or UTF character codes, the font doesn't even come into it.

        1. Gannon (J.) Dick
          Unhappy

          Re: No

          Right apropos PRISM. A font will not even slow PRISM down.

          We live in strange times though. Advertisers would consider an unusual font a cypher to be cracked. It draws their attention and in doing so draws other Advertisers attention, and others ... The avalanche effect violates Kerckhoff's Principle or Shannon's Maxim (whatever your preference)

          "It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience".

          If Google+ declares a font a cypher, then Facebook, Linkedin, Amazon ... wants to "crack" it as well. They line up, and the Web slows to a crawl. The unintended consequence of building a better "Art Form" is a Gallery full of Paparazzi waiting for a Celibrity to appear.

          1. Sir Runcible Spoon

            Re: No

            Have I missed something here?

            Type out your message in the fuzzy font

            Take a screenshot

            email the picture to the recipient.

            Flaws?

            I have another idea---banner font size 32, Ascii art FTW - All your data are belong to us

  2. Suricou Raven

    Correction:

    PGP/GPG rely on the prime-number thing. Truecrypt does not. It uses a different type of encryption entirely. Somewhat amusingly, two of the three cyphers it supports were developed on behalf of the US government.

    1. Daniel B.
      Boffin

      Re: Correction:

      PGP/GPG relies on the prime number thingy for secret key transmission. It is only used for sending the encryption key used by the symmetrical encryption algorithm which is used for the actual message. The symmetrical encryption algorithms used by PGP/GPG are also used in TrueCrypt, specifically AES.

      TrueCrypt requires recipients to know a secret key/passphrase beforehand, and that's where you need something like PGP or roll out your own RSA implementation for that. And that's where you end up using the prime number thingy, or maybe Elliptic Curve if you can do that.

  3. My Alter Ego

    Expert?

    You don't need to be an expert of any kind to see that this was a ridiculous idea.

    1. Jolyon Smith
      Pint

      Re: Expert?

      Um.... given that the original work was by a Korean, I wonder if in our rush to ridicule, perhaps something has been lost in translation.

      Perhaps the intention is to send a message which appears to be digital garbage, essentially using the font as a Caeserian Cypher. PRISM, the NSA, GCSB, GCHQ etc see "Xy kxtrt" but when you view that message using a particular font you see "Hi there".

      And given that lowercase and uppercase characters have difference code points, you can even make letter distribution analysis more difficult by employing a different Caesar Shift for upper and lowercase (not to mention rotations that mix non-letter and letter characters etc).

      So even if the original effort was not along these lines and really was as naive as the report of the report of the blog post suggests, the essence of the idea has some validity.

      i.e. send messages which make no sense when examined as a series of character code points, and which only make sense when rendered visually using a very specific font. Adding CAPTCHA style obfuscation then becomes your last line of defence against snooping, should the authorities render your message using the required font and attempt to OCR it.

      The foolishness of that final defence is only that if the snoopers have reached a level of awareness that they know with which font to render before attempting to OCR, then with only a small effort with a few correctly rendered messages, humans could quickly decode the Caesar shift in the font and apply that algorithmically to all other similar digital messages - no need to OCR.

      1. My Alter Ego

        Re: Expert?

        Sorry, but using a encryption scheme that pre-dates Julius Caesar isn't a good idea however you look at it. There's a reason why we have RSA, AES et al - because anything susceptible to frequency analysis *is* useless.

        The last time I rolled my own encryption was a decade ago and even then I accepted that it was merely obfuscation as performance was far more of a concern. Encryption should be left to the mathemagicians.

        I'm aware that this was done to raise awareness, but even my non-techie friends are talking about the NSA and Snowden. There may be a plus-side however - cretinous [would be] terrorists and criminals may start using this to "encrypt" their word documents*.

        * Caesar Cipher

        In 2011, Rajib Karim was convicted in the United Kingdom of "terrorism offences" after using the Caesar cipher to communicate with Bangladeshi Islamic activists discussing plots to blow up British Airways planes or disrupt their IT networks. Although the parties had access to far better encryption techniques (Karim himself used PGP for data storage on computer disks), they chose to use their own scheme(implemented in Microsoft Excel), rejecting a more sophisticated code program called Mujhaddin Secrets "because 'kaffirs', or non-believers, know about it, so it must be less secure"

      2. Gav
        Boffin

        Re: Expert? @Jolyon Smith

        You've an interesting idea there, but that doesn't appear to be what the designer of the font is proposing. He really is talking about rendering ASCII codes in weird ways, which is absolutely no hurdle to decoding if you have access to the original bytes making up those codes. Just render the bytes in standard Ariel and all is revealed. So really, this achieves nothing unless you are prepared to send all your internet communications as bitmaps, and if you're willing to go to that length you are as well using proper encryption.

        Anyway, to get back to what you suggest; all it amounts to is encoding the text and using the font to decode. Which font you use is the key to unlocking it. Which would work, but the simplest of encryption applications could perform exactly the same with millions of different keys, without need for millions of different fonts.

    2. Tom 35

      Re: Expert?

      Maybe if you use it they flag you as low hanging fruit to be investigated.

    3. big_D Silver badge
      IT Angle

      Re: Expert?

      Yeah, I hadn't finished reading half of the headline, before I saw this was a nonsense idea.

  4. DrXym

    Well duh

    I've written to the NSA suggesting they read the characters directly from the bytestream rather than printing intercepts out in the sender's preferred font and OCR'ing them back into a legible form. I'm hoping to hear back from them soon.

    Oh shit I just realised I used the ZXX crypto font when I sent my suggestion!

  5. Thomas Gray
    Coat

    "...suffer from bird shit–related problems."

    Most communication on the Internet is shit anyway.

    1. Anonymous Coward
      Joke

      Re: "...suffer from bird shit–related problems."

      You mean we've been running RFC1149 in place of undersea cables all this time?

      And here I was thinking it was just some idea that some Norwegians managed to implement.

      1. Anonymous Coward
        Anonymous Coward

        Re: "...suffer from bird shit–related problems."

        http://www.blug.linux.no/rfc1149/ ← link with additional detail

  6. Anonymous Coward
    Anonymous Coward

    Just get a doctor to write it - no-one can ever understand a doctor's handwriting...

    1. Darryl
      Facepalm

      Ah, but then they just have to hire pharmacists to decrypt it

  7. Anonymous Coward
    Anonymous Coward

    Perhaps I'm going to use

    RADIX50 AND THEN ONE'S COMPLEMENT IT TO MAKE IT EVEN MORE IMPENETRABLE. IT WORKED FOR PASSWORDS ON RSX SO WHY NOT.

    I'M NOT SHOUTING, IT'S JUST THE WAY RADIX50 AKA RAD50 HAS WORKED FOR DECADES. IT DOES A TO Z AND 0 TO 9 AND NOT MUCH ELSE BUT WHAT ELSE DO YOU NEED ANYWAY. DEFINITELY NOT COMIC SANS OR WINGDINGS.

  8. ed2020
    Stop

    TruCrypt

    It's TrueCrypt, not TruCrypt.

  9. Kingston Black
    Coat

    "Ah! Carrier Pigeons..."

    Somewhere in the bowels of the USA a new threat is perceived, and members of the Royal Racing Pigeon Association become "persons of interest".

    The one with Trill in the pocket please.

    1. Mr Young
      Thumb Up

      Re: "Ah! Carrier Pigeons..."

      can it avoid DPI and carry a message - maybe avoid SCUD etc?

  10. dorsetknob
    Alien

    Word from the Tor Network is

    That the North Koreans are genetically cross breeding carrier pigeons with Parrots

    1. Michael H.F. Wilkinson Silver badge
      Coat

      A Norwegian blue?

      Sorry, couldn't resist

  11. Turtle

    "Straightforward"? Really?

    "ZXX fonts are designed to work in a similar way to Captcha challenges, of the type internet users are often required to go through to register for a new web service, in that they are difficult for computers to solve but straightforward for humans."

    No, they're not "straightforward". Depending on the level of difficulty chosen by the entity implementing the captchas, they can verge on "impossible".

  12. Anonymous Coward
    Anonymous Coward

    PRISM-defeating? No, seriously I doubt it, considering what I know about the project (which isn't much, even though I work for INSCOM two weeks a year and a weekend a month, barring deployment) they're intercepting metadata on the server side, nothing you do on a client is going to beat that unless you can somehow block the Chocolate Factory or your carrier from ever getting their hands on your data, and thats a pretty fucking tall order unless you go all Unabomber and shit. They can still hand over cyphertext packets as easily as cleartext.

    TEMPEST defeating though, maybe, at least on a CRT or a Plasma, and Ive only heard about TEMPEST in regard to Plasma monitors in theoretical discussion. With an LCD for TEMPEST you'd have to be right up against the target and in that case, you generally have access to a USB port if its COTS.

    I do seem to recall a program that Steganos had a few years back which was a text editor supposed to be able to not be read by anyone who might be intercepting transient EM emissions. Called it Zero Emission Pad. I have it, but I don't think you can easily find the installer anymore. But honestly, I never heard anything about it actually working out of the TEMPEST lab at Fort Huachuca (if its still there, I know they were contemplating moving it to Sandia or the INSCOM/NRO facility White Sands Missile Range but Im not sure it ever did, and) and someone would have probably said something on the A-Space or Intellipedia about it had it actually worked as directed, but then again, TEMPEST is a specialized area of study and I work on RADAR MASINT.

  13. This post has been deleted by its author

  14. Cliff

    avian one time pad joy

    More fun than sudoku is to do your one time pad encryption by hand - seeing as how it is the underpinning of all our modern tools, it is also rewarding to understand what's going on under the covers. http://yatta.co.uk/encryption/ if you want to give it a try (originally published in 2600)

    1. Sir Runcible Spoon
      Joke

      Re: avian one time pad joy

      "(originally published in 2600)"

      Wow man, it's like..from the future yeah?

  15. Gannon (J.) Dick
    IT Angle

    Take Me To Your Leader, seriously

    Maybe my tinfoil hat is pinching, but I'm in a bad mood over the trouble my gadgets were giving me this morning. I also think that Advertising Big Dogs, Inc. are not all that unpredictable and might turn up the slurp to the highest possible setting if privacy regulation is a possibility. They gotta try and the trouble they will all try at once.

    And if that happens it will be best for everyone to know the cause as soon as possible. I have a concern for privacy and have for a long time.

    http://lists.w3.org/Archives/Public/public-egov-ig/2013Jun/0029.html

    Won't someone please think of the little green men ?

  16. Anonymous Coward
    Anonymous Coward

    Wheels within wheels

    Step 1: Encode suspicious but meaningless message using ZXX crypto font (e.g. "The brown gelding prefers oats.")

    Step 2: Create .png image of resultant message.

    Step 3: Use steganography to bury real message in .png file.

    Step 4: The real message is "The orange cat prefers whipped cream".

    Step 5: ???

    Step 6: Profit

  17. jake Silver badge

    "buy a pigeon"

    The local feral cats say that won't work.

    Probably the cheapest & easiest way to avoid the .fed is to buy a congress-critter ... but there are two problems with this idea. The first is that if you attempt it with the wrong critter, you'll do hard time. The second is that you don;t have enough money, unless you're in charge of the finances of one of the Fortune 150s ...

    1. DaiKiwi

      Re: "buy a pigeon"

      The third problem is making sure they stay bought

    2. kovesp

      Re: "buy a pigeon"

      Before commenting read the applicable RFCs. Cat-in-the-middle attacks are already addressed. As are a variety of other issues, including the suggestion of avoiding standing under the dropped packets. TCP/IP Over Avian Carriers is a mature technology with a long and distigwished history.

      If you wan't overcome the relatively low troughput (a gew KiB/h) then take a look at the work done by Israeli researchers utilizing giant snails.

  18. Allan George Dyer
    Black Helicopters

    More research required...

    "If you really want unbreakable message security, buy a pigeon"

    Does RFC 1149/RFC 2549 support BGP? And does subverting it involve a pigeon femme fatale?

    (I was going to go all pretentious and translate pigeon to French, but it already is).

  19. Yet Another Anonymous coward Silver badge

    Not an 'entirely' stupid concept

    There was a series of fonts developed at the computer lab in Cambridge to stop electronic eavesdropping on monitors http://www.cl.cam.ac.uk/teaching/0910/R08/work/slides-ykrt2-videorf.pdf

    Of course it doesn't help if the evil boffins at the milk marketing board are tapping your internet rather than hiding in the bushes

  20. Henry Wertz 1 Gold badge

    Ineffective

    Indeed, a PDF or DOC file or whatever will have plain text in it. If you print an image and send that, it's just a nice clean printout using a font so I would think OCR would be 100% accurate once it's trained on the font once.

  21. Robert E A Harvey

    Missing the point.

    Yes, end-to-end encryption is clever for pre-established links. But it's poor at widespread dissemination, which is (I imagine) the mode intended for this font.

  22. DagMurphy

    isn't the point to render as a png or the like?

    The nosy NSA can intercept the bits of the png all they like they will however require significantly more processing to read the message...

    1. Anonymous Coward
      Thumb Up

      Re: isn't the point to render as a png or the like?

      Your post is like a penny dropping right through this thread, reversing almost all previous posts. Well done. Using the font like this would certainly make PRISM work harder.

  23. Anonymous Coward
    Anonymous Coward

    carrier pigeons and one-time pads*

    Pigeons with sanitary towels are not so good at transatlantic communication.

    *always with wings.

  24. NomNomNom

    uh surely you would send a ZXX message as a bitmap....otherwise why compare it to a captcha?

    it has drawbacks (eg larger size, the receiver cannot copy/paste) but it would beat automatic filters looking for keywords

  25. RobertD
    Happy

    Nab him...

    The most obvious problem with the use of pigeons is surely The Vulture Squadron - although to be fair I can't think of a time when they actually stopped the pigeon. The mastermind was a shady, never-seen character called the General though, so maybe Hanna-Barbera were on to something.

  26. Anonymous Coward
    Anonymous Coward

    Misleading

    This is completely misleading. It would only be accurate if using the text as a standard font, for example on a HTML page.

    If the font is used in a graphical way and saved as an image then it does indeed do exactly what it says on the tin and make it much more difficult for NSA etc. to OCR it.

    The key is using the font in a graphical program and then exporting it as a JPG.

    1. NomNomNom

      Re: Misleading

      yeah I thought it was obvious too

    2. Anonymous Coward
      Anonymous Coward

      Re: Misleading

      What you thought was "obvious" is in fact discussed in the article if you had cared to read it. The issue is that there's no point going to all that trouble when proper encryption that actually works would be easier.

      1. Anonymous Coward
        Anonymous Coward

        Re: Misleading

        "Proper encryption" relies on the person on the other end being as smart as you. Anyone can "read" an image.

        I don't see this as a way of stopping the NSA or other powers that-be from reading your comms. It's just a way to get you on a more level playing field against automatic snooping and storing of all comms.

  27. David Pollard

    Meanwhile ...

    ... handwriting seems to offer a simple alternative.

    1. NomNomNom

      Re: Meanwhile ...

      The difference is your handwriting hasn't been engineered to maximize human readability while minimizing machine readability

  28. JimmyPage Silver badge

    Vaguely reminds me of a comment

    by a security expert years ago, who said that if people wanted to communicate securely, the best bet was to fax each other in handwritten arabic.

  29. RandSec

    Factoring is NOT Known to be Hard

    "There's nothing to suggest that even the NSA can readily break these algorithms, whose security ultimately relies on mathematical proofs on the difficulty of factoring the product of two very large prime numbers."

    Sadly, there are no proofs which show that factoring is "hard" in a mathematical sense. A quick way to factor may yet be discovered. Perhaps it already has.

    1. Michael Wojcik Silver badge

      Re: Factoring is NOT Known to be Hard

      Right, though while we're criticizing the glaring technical flaws in the article, we might take issue with this sentence too:

      Advances in cryptanalysis or quantum computing might make even the best privacy-protecting technologies we have now crackable in the future.

      Could we please drop the "quantum computing breaks all our crypto" myth? As RandSec pointed out, the hardness of factoring isn't proven - and that's for classical or quantum algorithms, so there's currently no reason to believe that we'll find (much less be able to use) a quantum factoring algorithm better than Shor's before we find a better classical algorithm (if we ever find either).

      For other quantum approaches to cryptanalysis, most are going to be isomorphic to searching, and Grover's algorithm is proven to be asymptotically optimal for quantum searching. Grover's algorithm is O(N1/2) - it takes on the order of the square root of the time that the optimal classical approach takes.

      And that's equivalent to cutting the length of the key in half. Double the length of your key, and you're no worse off than before.

      As far as anyone knows, quantum cryptanalysis is not an issue for asymmetric encryption in general, or for symmetric encryption at all, and never will be. Yes, it could be a problem for RSA specifically - so make your keys longer or use some other asymmetric cipher. Done.

This topic is closed for new posts.

Other stories you might like