On television shows, sometimes characters encounter encrypted data. There are a number of popular tropes regarding this:
I am not an expert on cryptography. I have a passing interest in computer security, but I am by no means an expert. So, I will not approach the topic as an expert. I won't try to explain any of the math involved; I suspect that previous explanations may have failed to reach these writers' ears because they were too confusing. Here are a few simple facts about the plot-lines above:
The underlying misconception, I think, is to believe that cryptography is like a locked box that the villain has put their data into. If the cops found a locked box with some evidence in it, they could ask you for the key (which you would have to hide in one of a limited number of places) or they could simply drill a hole in the box. Stressed technicians in these TV shows frequently declare that they are "going as fast as they can" with the decryption, as if they were drilling through some very hard metal.
Cryptography is not a metal box. It's more like a parallel dimension. There isn't really a good analogy, because no physical security system is quite like cryptography. But since you're a TV writer if you're reading this (right?) think of it like a Stargate. Imagine that portable stargates are cheap to manufacture. Everybody has one; when you buy stuff over the internet, you put your credit card into a stargate and it comes out near the payment processor securely. (This is how the little lock on your browser works.)
The Cryptogate is not exactly like a Stargate, either. There isn't a small, limited number of places it can go. These little devices can go to any point in the multiverse. Rather than a rotating wheel with a number of characters, they have a little slot, where you insert a piece of glass. It etches a random pattern on the glass (this is your "private key") that describes the point where your object will be sent: you don't know where it is, except that it will be a spot where it's safe to stick your hand to retrieve it. It could be anywhere in an infinite number of worlds, in a cave, in the sky: nobody knows, not even you. You put your "private key" in the key slot, the gate opens up, you drop your valuables in, and then you take your key out. Those valuables are gone forever. The gate is a useless hoop of metal without your "key"; there's no way to guess what mysterious pattern of scratches it put on that glass, the destination was random.
You may notice there's no password in that extended metaphor, and indeed, one can use cryptography entirely without passwords; the private key is the important bit. However, since many people leave the private key on their hard drive, rather than separately, it is itself encrypted with a password. We can extend the metaphor even further to include this: let's say that your little piece of glass only describes what galaxy will be selected, and you choose a magic phrase that selects what location within that galaxy will be selected. So, you insert the key, but the gate is still useless until you say the word. Then it opens up to reveal your stuff.
If you need a physical analogy in your mind, this is what you should imagine breaking cryptography is like. A bunch of very frustrated technical people sitting around, staring at a useless loop of metal, knowing that it contains what they need, but totally unable to make it do anything useful without a tiny piece of glass that they don't have, and a magic word that they don't know. They can sit around guessing words and scratching random patterns on glass all day, but they will never know if they're "20% done".
Now that I've destroyed any possible dramatic tension that can come from the race to "break the code", here are some suggestions you can replace these tired old fallacies with:
- A technically savvy villain has encrypted some data. The hero needs to guess the password to decrypt it. To do so, the hero delves into the villain's psychology. Eventually we discover that the most important thing to the villain is actually their pet rabbit, named "fluffy bunny", not their secret terrorist organization as we initially guessed. The hero enters "fluffy", just in the nick of time. Hooray, the hero has cracked the encryption!
- A technically savvy villain has encrypted some data, and the hero has their hard drive. It will take 10 hours to decrypt, but the first bomb goes off in 8 hours! The hero manages to deal with the first blast, giving our diligent technicians time to decrypt the data.
- A technically savvy villain has encrypted the data. Normally it would be easy to break, but there are multiple layers of encryption, each somehow more devious than the last! However, our diligent technicians report hourly progress as they break through each "layer".
- A technically savvy villain has a computer system that the heroes wish to acquire remote access to. In order to access this system, the hero hacker must "break the encryption". This will take some time, but, when the "encryption" is "broken", they have access to the villain's computer, and can control it completely.
I am not an expert on cryptography. I have a passing interest in computer security, but I am by no means an expert. So, I will not approach the topic as an expert. I won't try to explain any of the math involved; I suspect that previous explanations may have failed to reach these writers' ears because they were too confusing. Here are a few simple facts about the plot-lines above:
- Nobody who has even twenty minutes of experience with encryption software will choose a password like "fluffy". Of course, many users have weak passwords for their Facebook accounts, but a child-prodigy criminal mastermind who expects federal agents to get his encrypted hard drive will have a password like "qua2IeshvePhu2QuAeShohd8". They will train themselves to type this from memory, very quickly. Better yet, if their data is encrypted, it is likely encrypted with a key. This key will most likely be separate from their data, and the key will itself be encrypted with the password. These are not crazy military-grade precautions; this is the default behavior of the free encryption software present in various operating systems.
- Here's a simple rule of thumb. If you only take one thing away from this article, I hope it will be this:You cannot "break" encryption. Ever.
In the days where movie stars will spend months and millions of dollars intensely learning kung-fu so that they can accurately portray martial-arts moves, it is amazing to me that it isn't worth one hour's time for the average television writer who is incorporating cryptography as a plot device to learn this one, very basic piece of information.
Brute-force attacks against current cryptographic methods would, using present-day cryptographic technology, take — and this is not an exaggeration — a billion billion billion billion billion years to crack. While there have been a few successful attacks against modern cryptographic methods, they are almost exclusively attacks which involve a bug in a popular piece of software, not a flaw in the cryptographic math. Those bugs are fixed quickly when they are discovered, and someone concerned about the integrity of their encrypted data could quickly and easily find out about them and get a fixed version of the software in question. If one cryptographic algorithm were well and truly cracked, there are dozens of others which our villains could upgrade to. Again, none of this is crazy military-grade security. This is software that any teenager with a free hour to search the internet could find. I was encrypting my hard drive with stuff like this when I was 12.
That's not to say that you can't have encryption being cracked on a television show. Please be aware, however, that generalized crypto-cracking as a routine task performed by technicians, even extremely skilled technicians, is science fiction. It is inappropriate in a dramatic show that is trying to be realistic.
Again, for emphasis: cracking crypto isn't "really hard". It isn't "practically impossible". You don't need an "elite hacker" who is "really good" to do it. Breaking crypto is really, totally, theoretically impossible, and there is a worldwide, very public community of mathematicians and researchers trying to make sure it stays that way. If your heroes work for some kind of secret spy agency, they should remark upon the ethical considerations of their special access to technology that the general public and the scientific community does not have and are not aware of.
The one exception to this rule is if the villain chooses a weak password, which can be guessed by a random password guesser. Our heroes may get lucky and discover that they chose a password which a brute-force decryptor guesses in the first quintillion or so tries. However, in this case, there is no way to know how long the cracking will take, before it is done. Each new guess for the password is totally blind; either it decrypts the data or it doesn't. There's no way to tell how many more guesses you have to go, or in fact whether any of the guesses will work before your guesser runs out of things it could reasonably try. - Since one "layer" of encryption is effectively impossible to break, it would be very strange for our villain to use "layers" of encryption. There's rarely a need. Ther e are some obscure possible exceptions: the villains might be if they wanted to ensure co-operation within their group, and encrypted data in such a way that multiple keys were required to decrypt it. Or they might be using onion routing. However, each "layer" of encryption is equally impossible to break, so it still wouldn't make sense to talk about breaking them one at a time.
- All "encryption" is, is converting a block of sensible data ("plaintext") into a block of what appears to be unreadable nonsense ("ciphertext") unless you have the secret decoder ring. If the hero "breaks the encryption" (which, as I've said above, is probably impossible) they still can't access the villain's computer over the internet, unless the thing that was encrypted was the villain's remote access password.
The underlying misconception, I think, is to believe that cryptography is like a locked box that the villain has put their data into. If the cops found a locked box with some evidence in it, they could ask you for the key (which you would have to hide in one of a limited number of places) or they could simply drill a hole in the box. Stressed technicians in these TV shows frequently declare that they are "going as fast as they can" with the decryption, as if they were drilling through some very hard metal.
Cryptography is not a metal box. It's more like a parallel dimension. There isn't really a good analogy, because no physical security system is quite like cryptography. But since you're a TV writer if you're reading this (right?) think of it like a Stargate. Imagine that portable stargates are cheap to manufacture. Everybody has one; when you buy stuff over the internet, you put your credit card into a stargate and it comes out near the payment processor securely. (This is how the little lock on your browser works.)
The Cryptogate is not exactly like a Stargate, either. There isn't a small, limited number of places it can go. These little devices can go to any point in the multiverse. Rather than a rotating wheel with a number of characters, they have a little slot, where you insert a piece of glass. It etches a random pattern on the glass (this is your "private key") that describes the point where your object will be sent: you don't know where it is, except that it will be a spot where it's safe to stick your hand to retrieve it. It could be anywhere in an infinite number of worlds, in a cave, in the sky: nobody knows, not even you. You put your "private key" in the key slot, the gate opens up, you drop your valuables in, and then you take your key out. Those valuables are gone forever. The gate is a useless hoop of metal without your "key"; there's no way to guess what mysterious pattern of scratches it put on that glass, the destination was random.
You may notice there's no password in that extended metaphor, and indeed, one can use cryptography entirely without passwords; the private key is the important bit. However, since many people leave the private key on their hard drive, rather than separately, it is itself encrypted with a password. We can extend the metaphor even further to include this: let's say that your little piece of glass only describes what galaxy will be selected, and you choose a magic phrase that selects what location within that galaxy will be selected. So, you insert the key, but the gate is still useless until you say the word. Then it opens up to reveal your stuff.
If you need a physical analogy in your mind, this is what you should imagine breaking cryptography is like. A bunch of very frustrated technical people sitting around, staring at a useless loop of metal, knowing that it contains what they need, but totally unable to make it do anything useful without a tiny piece of glass that they don't have, and a magic word that they don't know. They can sit around guessing words and scratching random patterns on glass all day, but they will never know if they're "20% done".
Now that I've destroyed any possible dramatic tension that can come from the race to "break the code", here are some suggestions you can replace these tired old fallacies with:
- It's not just bad guys who use cryptography. In any secure super-secret anti-terrorism anti-supervillain government organization, encrypting all communication is likely to be routine. What if one of the villains got hold of one of the heroes' private keys, via some kind of deception? The heroes would be confident that their communications were secure and authentic, because the code is "unbreakable" — but humans are always the weakest link.
- A bad guy is planning something bad, and encryping their plans. The good guys know that if they barge in, the bad guy is going to instantly destroy the key, making the data they need permanently irretrievable. Cryptography may be secure, but there are some real-life things that aren't. Like monitors and keyboards. (Wouldn't it be spooky to show your spy characters determining what someone was typing by listening to them with a stethoscope against a wall? Or looking at their screen through a solid object? That's something you can really do!)
- A bad guy is using SSL encryption to communicate with a web site. Luckily our baddy doesn't really know how security works, so the good guys execute a man in the middle attack with the complicity of the baddy's ISP and a valid certificate authority such as VeriSign, for all intents and purposes becoming the "real" web site. If you're one of those too-clever-by-half writer types that likes that highfalutin social commentary stuff, this might be an intriguing look at our society's blind trust of the flawed security model of the web.
- I took away four plot devices, so I'll give you four back: one of our heroes (either temporarily or permanently) loses their encryption key, and cannot access vital information. Can they get the key back in time? Or: can they remember enough of their data to work without access to their computerized information?
- As a bonus: Spooks ran an interesting episode about a game-over exploit for TLS. There was still a lot of cringeworthy misunderstanding of what crypto really is, though. (In a typical mistake, the guy who possesses the crypto crack can mysteriously control computers with it. But I could suspend my disbelief, because if he could really break crypto that easily, he could observe any communication with the supposedly secure systems, including network sessions that included passwords.)
Posts
16 comments:
I've got #6 for you. It's actually an expansion on #2 ("The good guys know that if they barge in, the bad guy is going to instantly destroy the key"). How about
6. The good guys barge in, the bad guy pulls a USB key out of the system, instantly locking it, then steps on it with a steel-toed boot. The good guys have to piece it back together. That's also something you can actually do. You can combine it with screen or keyboard snooping if you want to explain how they got the password once the glue has dried.
I have to wonder if TV shows are helping the FBI and NSA by keeping criminals very poorly informed about computer security.
After all, if you use TV as a guide to running your (vaguely computer oriented) crime syndicate, your main lessons are:
A: Crypto only slows down feds; It can't actually stop them, so it's really not worth the trouble.
B: The government apparently can't spy on you, reconstruct your keystrokes through security camera footage or electromagnetic interference, or see your screen through walls or anything, so don't sweat it. Unless they physically capture you and seize your computer, you're totally safe.
C: Once they inevitably capture you and seize your computer, they will know all your secrets after about 6-8 hours... So while you may be tempted to act all badass and "lawyer up", you should really just cut a plea bargain and squeal on all your buddies immediately.
D: Profit!
I don't disagree with anything you've said. However, the martial-arts talents of actors are, in fact, quite level with the cryptology knowledge of screen writers.
That is to say they are extremely shallow, just enough to barely fool someone with no knowledge of the matter what so ever.
layers of encryption don't really work like that. if you decrypt a block of ciphertext into another block of ciphertext, it is indistinguishable (without some kind of plain text header saying 'here be more encryption') from a failed decryption
Agreed - decryption sucks in the movies. My pet peev is in the series supernatural where Sammy sits and guesses passwords and 'hacks' into accounts. He can even reliably say "Oh another few hours or so" when asked how far he is in hacking an account.
Weaknesses in encryption algorithms can be exploited by manipulating the internals of the algorithms to increase the collision domain. There is ongoing development in encryption algorithms as older algorithms are reduced in effectiveness by several orders of magnitude due to flaws in the way they work.
Additionally, a "progress bar" could be possible if a dictionary attack was being used to decrypt - with extended dictionaries (most passwords are a lower text dictionary word followed by a single digit.) you can easily reduce your decryption attempts to a manageable figure. Super-villains would unlikely be vulnerable to that.
Encryption can be drastically reduced in effectiveness by exploiting weaknesses in the random seed engine used to feed the encryption algorithm. Villains should derive their random seeds from decaying uranium to be safe.
Quantum computing shows promise of totally destroying current encryption methods, so that could be a way to bypass in the movies.
Other than that, consider TEMPEST standards for information protection. Most super villains seem vulnerable to that avenue of attack.
I have still to come across any program that flashes a big red "access denied", blaring it over the speakers too in case you're blind or can't read.
You sounded like you weren't too keen on the metaphor comparing cryptography to a Stargate (which I thought was pretty good). Perhaps you were thinking of something more like Nightcrawler?
Anyway, I think you've done quite a good public service here. Cryptography in popular culture is almost as egregious as building a GUI with Visual Basic to trace an IP. A grateful nation gives its thanks.
Um, you can estimate how long something would take to brute force. If you can exhaust the keyspace (try every key) in, say, 10 days, on average, you'll find the key in half that time, as you have a 50:50 shot in finding the key in the first half of the keyspace.
So you may very well find the key in half-billion, billion, billion years! ;)
Really Paranoid people will frequently use openbsd which can not only encrypt their entire home dir but can also be configured to systematically wipe the system out if there are too many failed password attempts.
Not that either of these couldn't be implemented in other operating systems. OS X and Windows both make it easy for total newbs to encrypt their home directories. I'm not aware of a system other than Open BSD which will, out of the box, let you toggle a setting to wipe out the system after too many failed logins though.
#27 .. The good guys recieve part of an encrypted data transmission and are able to decrypt the video content and decifer what is said, although the picture and sound quality is worse than a badly tuned old school television ..
the only half-way reasonable decryption i've ever seen on tv was in the last few episodes of veronica mars, where a university supercomputer was used to brute-force an encrypted hard drive. i have a feeling this would only work for someone dumb enough to use a 128-bit key (or maybe even only an old "export" 40-bit key?), but it's at least headed in the right direction.
You can decrypt/decode everything if you are a Pythagorean who worships Bob (a creature of pure math, he prefers to think of himself as the Alpha and the Omega function)
Sounds like someone's been watching Swordfish a few too many times...
All this crypto systems are not in use anymore. They were considered impossible to crack. As fare as I know most of them are cracked or at last considered to week for government and military use today.
All this crypto systems are not in use anymore. They were considered impossible to crack. As fare as I know most of them are cracked or at last considered to week for government and military use today.
This crypto systems http://jproc.ca/crypto/menu.html is today consider to week or cracked today. There are tree types of cryptosystems
1. Not cracked yet.
2. Cracked, but you don't know.
3. Cracked, you know.
The only way to keep as system secure is to protect the key, and the algorithm it is using.
I am a not a TV writer, but a novelist who has a plotline involving cryptology. Would you mind if I contact you with a few questions about whether my plotline is plausible?
Post a Comment