back to article Free government-penned crypto can swipe identities

The PLAID (Protocol for Lightweight Authentication of Identity) cryptography kit appears to be insecure. PLAID is a homebrew cryptography system designed by Centrelink - the Australian government agency that shovels out tens of billions a year in welfare payments. The system has been considered for use by US government …

  1. Destroy All Monsters Silver badge
    Windows

    Yes

    The PLAID (Protocol for Lightweight Authentication of Identity) cryptography kit appears to be insecure designed by government.

    Beleaguered cards spat out junk data encrypted with an RSA shill key and it was this ciphertext which could be crunched to discover the key used, and a users' card number with accuracy that increased significantly with the number of scans.

    Finally that final sequence in War Games makes sense. Armed forces used PLAID to secure the launch codes.

    1. Black Betty

      Re: War Games

      What security? The launch codes were all zeros. WOPR would have launched on the first iteration.

  2. dan1980

    Sorry - it's 2014 and someone is still capable of implementing RSA without proper padding?

    Well, if anyone is, one would have to suppose it's the government.

  3. Gordon 10 Silver badge
    WTF?

    Am I reading this correctly?

    The "hacks" require holding on to the card for a noticeable period of time?

    If so isn't this just fud to be filed under "no shit Sherlock"? Concerning but not critical.

    Whilst I'm all for good robust security - Im getting a little tired of researchers behaving like chicken little and publishing screaming headlines without any supporting analysis of their likelihood under a given use case. They are doing themselves and the security community no favours.

    1. Nick Kew Silver badge
      Holmes

      Re: Am I reading this correctly?

      Didn't the article say contactless?

      You'd have contactless access to $random-bod for some time if you just sit around somewhere public, like in a cafe or on a train. And if you're serious about $particular-target, you watch for an opportunity and deliberately sit at the next table and order your coffee.

      1. StephenH

        Re: Am I reading this correctly?

        Or sit in a Centrelink office waiting area - you can be pretty sure the people there will 1. Have a Centrelink card and 2. Be waiting for a long time

  4. Adam 1 Silver badge

    it gets worse

    Their web portal has a password policy that restricts citizens to just 8 characters/digits.

    Why does it matter about the maximum password length ; they all SHA256 down to the same size irrespective of length right guys? Er, guys, you aren't storing those passwords in plain text or reversible encryption are you?

  5. DNTP

    Someone who is conspiracy minded might suggest certain factors in the government selection process deliberately steered towards an insecure solution.

    So later they can bring up "widespread fraud, the potential for widespread fraud, the cost of fraud to the working taxpayer" etc. as a reason to cut social welfare to everyone who actually needs it.

  6. Alister Silver badge

    did unadvisable things with RSA encryption

    The word is "inadvisable", you don't have to invent new ones.

    1. Destroy All Monsters Silver badge
      Paris Hilton

      Probably a portemanteau term of "inadvisable" and "umentionable".

      1. Marketing Hack Silver badge
        Headmaster

        Oh good. I usually use nonfuckingadvisable in these situations :)

  7. Henry Wertz 1 Gold badge

    Malice or incompetence?

    So, does anyone have an opinion here, was this malice or incompetence?

    That is, is this a cryptosystem where the Australian spy agencies could have some interest in introducing a cryptosystem that at first glance appears OK but has weaknesses? (This "at first glance" part doesn't seem to work, those who design in intentional weaknesses seem to underestimate the capabilities of civilian cryptoanlysts to find these weaknesses.) Or is this not the case?

    Regarding incompetence -- I don't mean this as a big insult to whoever worked on this. Writing your own secure cryptosystem is difficult to the point that it's ill-advised for most people to do so; and even a crypto expert could overlook something or other. It's fairly ill-advised to ship a product based on a new cryptosystem without letting other crypto experts look it over first to check for just the kind of weaknesses found in the article; then the cryptosystem can either be fixed or it can be scrapped if it's inherently flawed.

    1. keybasher

      Re: Malice or incompetence?

      Well, Bruce Schneier has written that good cryptography is HARD, and home grown efforts are notoriously prone to fault.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019