Security is Relative, not Absolute

Many security products promise the moon and stars with ridiculous statements such as “stop hackers” and “100% safe”–which are misleading at best and often downright lies at worst. No one likes to be uncomfortable, but the truth is very uncomfortable indeed:  there is no such thing as absolute security on the internet.

Kleptography is the new reality, and kleptotrojans in random number generators/compilers/key generators are a lethal threat.  Getting on the internet means being open to the delivery of kleptographic tools.  Almost as bad, we now have the internet of things, another series of threats.  What is the solution?  For the information that you want to keep private, you must go off-line.  If your life depends on it, air gapping is the only solution.

But there is strong security and near-absolute security for information which is not so serious.  We can have a high expectation of privacy, anonymity, or both, with good products.

Using a product such as Protonmail for your email provider is an instance of strong security for privacy.  Encrypting a file off-line with a symmetric cipher such as CAMELLIA256 and hashing it with SHA512, and sending that over Protonmail would be even better.  Using a one-time pad, encrypting it with an appropriate public key or a symmetric cipher, and sending that over an end-to-end encrypted provider like Protonmail is near-absolute security.  Done properly, that message will remain unter vier Augen, and will have never really existed once the key to the one-time pad is destroyed.

That said, one must be careful to be aware and to follow the laws that apply to cryptography in your area.  For example, in Thailand it is illegal to destroy keys.  In Thailand, you can use symmetric keys, but keep a copy because that is the law.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s