Month: June 2013

Cloud computing and privacy: misaligned incentives

Continuing revelations from The Guardian and Washington Post about the extent of US and British surveillance over Internet communications is once again raising questions around privacy and cloud computing. This is not the first time critics have argued that increasingly storing greater amounts of data with remote services is a step backwards. But in previous instances underlying issues were often quirks of regulation, such as ECPA setting a lower bar for access to stored communications.

There is a more fundamental reason cloud services amplify privacy risks, if not necessarily create them in the first place. The ideal model from a commercial  perspective calls for hoarding user data and having free reign over processing that data internally. That freedom enables  services built on intelligent ways of crunching information to generate new value. The ideal model from the perspective of user privacy calls for minimizing data collection and keeping the provider at arm’s length from having direct access to data. Models optimizing for privacy stand at significant disadvantage in economic terms.

It comes down to a distinction between two different uses of the cloud: storage and processing. Storage is a commodity. Processing is not. Storage can be made privacy-friendly easily, processing can not.

Let’s take a simple example: backing up files to protect against data loss. Hardware failures happen, disks crash, sometimes entire systems are burglarized from residences. Each person trying to protect against this individually becomes unwieldy: imagine backing up your data regularly on drives and locking them away in bank vaults. There are clear economies of scale from centralizing that into commercial services, offering users the option to have their data remotely backed up over the network to the cloud– which is short hand for distributing it across data centers that may be located anywhere in the world. This enables another use case: since the information uploaded is always accessible from anywhere with a network connection– unlike offline backups stored in a vault– consumers also enjoy the benefit of mobility.

The critical question: can the provider offering this service read uploaded data? In principle there is no need. All of the information can be encrypted by the user before getting uploaded to the cloud, using cryptographic keys that are only known to the owner of that information. If the user experiences data loss and wants to restore the files lost, they download the encrypted bits from the cloud, then use those keys to decrypt locally to recover the original information.

The problem is few services operate this way. There is one design/engineering reason, and one business reason for that. To get the design argument out-of-the-way: “users can not be trusted to manage their own encryption keys” the critiques charge. “If they lose access to keys, we can not be the ones to tell them all their data is gone.” (One amusing manifestation of this is a type of design where data is encrypted but the encryption keys are escrowed with service provider– in other words, useless window dressing.) Aside from the obvious problem of patronizing users, this argument overlooks the obvious fact that many fielded systems work exactly that way. BitLocker disk encryption technology in Windows makes it very clear that loss of keys means loss of access to encrypted volumes. It nudges and cajoles the user into printing a hard-copy of recovery keys for safe keeping to forestall that outcome.

The deeper problem is economical.

Remote storage is a mature technology with limited room for innovation. It has a simple, one-dimensional competitive model based on price per gigabyte of capacity. Some variability can be thrown in by an escalating feature arms-race: Does it support sharing? Can files be accessed from mobile devices? Is syncing automated? Yet it is difficult to distinguish a service based on these features because at the end of the day most providers have converged on similar paradigms with comparable feature set. Cloud storage appears as a local folder or drive, with items uploaded by simply dragging icons into that location, using the familiar GUI metaphor. Once feature sets have reached equilibrium and all the check-boxes are marked in the comparison table, the result is a race to the bottom in pricing between interchangeable services, competing on offering most storage at lowest cost. That number will quickly converge to zero.

It is much easier to compete on clever ways of processing uploaded data, “adding value” in the IT lexicon. For example, scan all the documents for keywords and offer full-text search. Index all of the photographs, sort them by location and time taken, identify faces for tagging. Allow publishing those images for all the world to admire, or limited sharing with groups of friends.  Given a spreadsheet modeling financial data, keep it updated with stock quotes in real-time. Sometimes the processing is for the benefit of the provider: scan email messages for keywords to display relevant advertising. The extreme case is “pure” cloud computing, where all processing of the data, including the process of creating/editing the documents is done by interacting with the service online.

Such intelligence built into the hosted service is a sustainable advantage that can continue differentiating the business over time. The price of storage continues to drop thanks to Moore’s law but that has an equalizing effect. Not only does a rising tide lift all boats, it wipes out any temporary advantage. Even if one provider temporarily builds a cheaper/more efficient storage system using custom in-house designs, less skilled competitors will sooner or later close the gap when they purchase the next generation hardware off-the-shelf. (Better yet, they can outsource storage requirements to an existing cloud platform such as EC2 or Azure to benefit from their economies of scale.) By contrast better algorithms for crunching customer data and producing new information provide a competitive edge that is more difficult to replicate. Improvements in hardware alone do not help achieve parity. Nor can these capabilities that purchased from a third-party as part of a standardized offering.

To summarize: economic pressures on cloud services create strong incentives for amassing customer data in ways that can be readily processed. It is not an appealing proposition to become glorified disk drives in the cloud storing opaque blocks of encrypted information the service has no visibility into. That incentive structure means that cloud services will continue to  concentrate information security risk in the short-term. User data may well be protected in transit and even in storage– websites boast of impressive-sounding data practices such as “military grade AES 256-bit encryption.” At the end of the day, the business model depends on being able to recover the original data and operate on it. Regardless of how many layers of encryption exist, somewhere some machine controlled by the service provider has the ability to reconstruct the data. That means so can other people: disgruntled employees, foreign governments such as China conducting industrial espionage, as well as overreaching surveillance programs from US intelligence.

CP

** Is there a middle ground? Some processing can be done on encrypted data. From the early days of cryptography, researchers noted that some encryption schemes had these useful properties: given encrypted version of unknown values, sometimes it was possible to compute a function of the original values, such as their sum or product. But these remained parlor tricks. It was not until more recently that the Holy Grail of the field, fully homomorphic encryption (FHE) schemes were first constructed, allowing the computation of arbitrary functions on encrypted data– in theory. The operative keyword remains “theory”– these schemes are extremely inefficient in the generalized case. For some important use cases such as searching over encrypted text, more specialized , practical implementation exist. To date no major cloud service has attempted to commercialize that model.

T-Mobile, jailbreaking devices and security updates: economics of mobile (part II)

[continued from part I]

Market inefficiencies result when devices are “subsidized” by the carrier, starting with the fact that it is not even a proper subsidy. The analogy with leasing a car breaks down for two reasons:

  • At some point over the lifetime of the service plan, the phone is paid for and subscriber is released from the contract Yet the technical limitations on the device are not lifted. (In fairness, there has been some progress over time, including carriers providing limited unlocking capabilities to customer that ask, reinforced by regulations guaranteeing that freedom.)
  • More fundamentally, consumers are rarely given a meaningful choice of paying outright for their phone from the beginning in exchange for not having any carrier-imposed restrictions imposed in the first place. There is a small market for unlocked devices that can be used in conjunction with any GSM carrier. There is also a healthy grassroots movement for jail-breaking and unlocking devices, but this is hardly sanctioned by carriers or OEMs. Nor is relying on the existence of security vulnerabilities in mobile software a sound basis for improving competition in the market.

Distorted incentives caused by such bundling also explains why the recent ACLU petition to FTC is tilting at windmills. ACLU  charges that wireless carriers are short-changing subscribers by abandoned devices with known, exploitable security vulnerabilities. Looking at the economics makes it clear why that happens:

  • Each time a device is sold directly through the carrier channel, the carrier earns a net profit and extends the “lock-in” period for subscriptions. Shipping updates to existing devices is a cost with intangible benefits. Those costs are increased  owing to carriers’ enthusiasm for customizing the core Android OS with their “value add” software. Since they are no longer shipping an off-the-shelf version, security updates coming out of Google must be carefully reviewed and integrated into their own private fork.
    Compared to the more familiar PC market, this is a fundamentally a different model for software distribution: Dell may sell machines loaded with Windows, but has little say in scheduling security updates to the operating system. Consumers are free to download them directly from Microsoft Update.
  • Further upstream, similar set of incentives apply to the OEM.  Selling one more device generates new revenue, servicing existing ones is pure overhead. Of course there are indirect pressures to continue support: abandoning the device after initial sale would lead to a reputation akin to that of an automobile manufacturer who refuses to service vehicles sold or produce spare parts. (Tampered by the reality that mobile devices last ~18 months on average and are much cheaper to upgrade compared to cars.)
    OEM options are also limited by what the carrier will permit. Since OEMs do not typically sell direct to consumers– with notable exceptions for Apple and that negligible fraction of “pure” Nexus devices— any demand to continue support must originate with the carrier. But the carrier has the exact opposite incentives: the conscientious OEM who eagerly ships Android upgrades and security patches to existing device is undesirable. It eats into the carriers ability to book additional revenue from hardware sales.

There is an argument for vertical integration here. Devices getting upgraded is a net positive for the ecosystem, and it may even allow charging more for hardware by increasing consumer confidence that their large investment will not become obsolete anytime soon. But in a fragmented ecosystem, none of the individual actors in isolation has the right incentives.   In the case of the iPhone by contrast, Apple acts as hardware OEM, operating  system provider and often the distribution channel via retail stores. Coupled with the precedent set by AT&T exclusivity (something AT&T had to compete with other carriers for) Apple has been able to maintain an iron grip on the core operating system and deliver upgrades independently of carrier incentives, optimizing for the brand and ecosystem overall.

CP

T-Mobile, jailbreaking devices and security updates: economics of mobile (part I)

An economic subtext connects these three seemingly unrelated events:

  1. T-Mobile announcing a new approach to pricing wireless plans, with emphasis on surfacing the full price of phones instead of subsidizing hardware with inflated charges on voice/data service.
  2. ACLU petition to FTC on Android security, urging action against wireless carriers for not delivering security updates to mobile devices
  3. Ongoing argument about user freedom to jailbreak devices and load alternative software– including replacing the entire operating system– than what the device originally shipped with

All of them are facets of the same clash of incentives surrounding mobile devices. The cast of characters in this conflict is numerous, some looming large others largely consigned to invisible roles. First is the hardware manufacturer who assembled the hardware (“assembled” because often times it amounts to no more than sourcing components from dozens of suppliers and soldering/gluing them together) Then there is the operating system vendor who wrote the platform running on that device. There are application developers competing to develop applications running on that platform, trying to reach maximum audience. Fourth is the wireless carrier, who often acts as the distribution channel in the US. While it possible to purchases phones  à la carte without bundled service plans– Google has been on the frontlines of trying to popularize that model with Nexus series of flagship Android devices– most devices are purchased as part of bundle that includes wireless service. In fact as the original exclusivity of iPhone to AT&T demonstrates, a highly desirable device may be available only from one particular carrier.  Finally, there is the hapless consumer at the end of that chain, the one using that phone every day for making calls  and accessing the internet. Sometimes one or more of these roles is played by the same entity. For example Apple both produces  the iPhone, furnishes the operating system and provides some of the key applications. Google did not have the same extent of vertical integration until the 2012 acquisition of Motorola mobility, which builds devices. All of these players are battling over a fundamental question: Who controls the phone? Whose device is it? Who gets to decide what can be done using the capabilities of that hardware? That question has been answered in different ways depending on circumstances. The carrier wins in the majority of cases with a simple argument: the user never really paid for the device. Phones are sold at substantial discount relative to the cost of the hardware, with the expectation that wireless service revenue over the lifetime of the contract will make up for that loss. It is better to view the phone as “leased” to the consumer instead of outright sold, according to this argument. In the same way that lessee can not make extensive modifications to leased cars such as swapping the engine, subscribers are expected to follow the requirements from the carrier. Logical conclusion, if one accepts this premise, is carriers call the shots and impose restrictions according to their own interests.

Most obvious example is that devices are locked to a specific carrier, artificially creating interoperability and restricting full use of hardware capabilities. Not all GSM networks use the same frequency bands, but OEMs intentionally build phones to operate on multiple frequencies. This allows the device to operate with any carrier, by popping in the appropriate SIM card. This helps not only for permanently switching  carries but also when travelling overseas, with a temporary prepaid SIM from the destination country.) But if AT&T has subsidized the cost of the device, then a user who goes over to T-Mobile shortly after purchasing one is a net loss. Naturally the contract imposes 12 or 24 month terms, guaranteed to recoup the hardware subsidy with a healthy profit margin. Not trusting consumers to honor that– it would be messy sending a collections agency after everyone to recoup the amount owed if they defect early– the carrier also raises switching costs at the hardware level. The phone is restricted from operating on other networks, by locking the baseband to one carrier, effectively undoing the flexibility OEMs built-in at manufacture time.

[continued]

CP

GoldKey tokens: installing smart card driver for PIV (part III)

Picking up from part I and part II, we turn to the problem of installing vendor-specific drivers to access additional PIV functionality in GoldKey USB token which is not exposed by the driver built into Windows.

The driver can downloaded from Microsoft Update Catalog. (Credit goes to Himanshu Soni from MSFT for this hint.) First step is obtaining the hardware ID. This is easiest to do from the GUI using Device Manager:

Viewing device properties in Computer Management / MMC

Viewing device properties in Computer Management / MMC

The hardware ID is hidden in the “Details” tab of the Properties dialog, by scrolling the drop down menu:

Device details for GoldKey token detected as smart card

Device details for GoldKey token, detected as PIV-compatible smart card

Right-clicking to copy that ID, we can run a query on online Catalog by hardware ID. The search returns a couple of hits, for different version of the driver and operating system. After installing the latest driver available for the appropriate local Windows version, there will be several changes in the way smart card stack operates. First the USB token will be identified as GoldKey instead of as generic PIV card:

Smart cards and readers, after GoldKey driver installation

Smart cards and readers, after GoldKey driver installation

Note that the virtual smart card reader presented by GoldKey– after all every card must be present in a reader according to PC/SC model– is still identified as a generic MSFT device based on the Windows user-mode driver framework (WUDF)

Another side-effect of installing the driver is a change to the registry to correctly identify all future instances of GoldKey based on the answer-to-reset (ATR) value returned by the card on initial activation. Looking at HKLM\Software\Microsoft\Cryptography\Calais\SmartCards, we observe that there is a new card type in addition to the built-in entries for PIV and GIDS:

Registry key corresponding to GoldKey

Registry key corresponding to GoldKey

As for the meaning of the values:

  • “Crypto Provider” refers to the cryptographic service provider (CSP) associated with this smart  card. Not surprisingly, since the token confirms to the Windows smart-card architecture described earlier, this is the vendor-independent base CSP used for all smart cards. Same goes for the “Key Storage Provider” entry, which is the CSP-equivalent in the next-generation cryptographic API in Windows.
  • 80000001 value identifies the smart-card mini driver. In this case it is a DLL authored by GoldKey installed from Microsoft Update earlier. (By contrast, the other two entries both point to the same system DLL with tell-tale prefix “ms” often used for MSFT binaries.) This module will be loaded by the CSP/KSP, depending on which interface an application is using.
  • The more interesting values are “ATR” and “ATR Mask,” which are responsible for the discovery logic. When a new smart card is presented, the system checks its ATR for exact match against each smart card type defined these registry keys. The criterion for comparison is:

Observed & ATR-Mask == ATR & ATR-Mask

where “Observed” is the ATR returned by the unknown card, & denotes bitwise and operator, ATR and ATR-Mask are the values taken from registry key. The mask provides flexibility when the ATR can vary slightly for the “same” type of card. For example a certain byte may differ depending on card options, even when all of them have exact same card applications and should be mapped to the same driver. By setting specific bytes or bits in the mask to zero, they are effectively ignored in the comparison. In other words it is a rudimentary wild-card pattern. In this case, the ATR mask is set to all ones, indicating an exact byte-for-byte comparison with no variations allowed.

With the ATR mapping in place, all other instances of GoldKey tokens will also be correctly associated with the custom driver. Next we can examine what happens during a provisioning operation by re-running the command line from last post and capturing an APDU trace.

[continued]

CP

PIV cards: provisioning according to FIPS (part II)

The first post in this series described how the PIV specification defined different privilege levels, and specifically required administrator access to enroll for new digital certificates on a compliant card. By itself this is not a technical limitation. After all end users can be given the administrator credential for their cards, in addition to the usual PIN used for authenticating as card-holder. Alternatively cards can be issued with a well-known default administrator key. Realistic deployments do not work this way. Typically those credentials are held by the organization overseeing the card program. Enrollment is either done ahead of time– users are issued cards already configured with the necessary certificates– or it is done in person. The user shows up at the IT department office and connects their card to a dedicated machine that has access to the administrator keys for all cards issued by that organization. There are two arguments for doing it this way:

  • Lower maintenance costs. Users can not delete credentials or otherwise mess up the existing card state if they do not have credentials necessary for doing so. But this argument fails for two reasons. First users would have to go out of their way to trigger provisioning events, using specialized software. Second even with the administrator restriction, they can still lock up a card by entering wrong PIN repeatedly. In the case of Global Platform compliant cards, they may even brick the card for good by repeatedly failing authentication to the card manager.
  • Verify the authenticity of cards. This is a more subtle requirement: when a user is trying to enroll for a certificate, how does the issuer know that keys were indeed generated on a smart card? The whole point of using smart cards is that key material is generated and lives only inside the card; it never leaves that trusted boundary. During certificate enrollment, the user is presenting a CSR already signed with the private key they claim was generated on the card. Can the issuer verify this? Even if enrollment is done in person similar concerns remain for high-assurance environments. How does the IT staff know that user is presenting a genuine card? After all anyone can take a blank white plastic card, print all the right logos and provision an applet that looks like PIV but has an intentional backdoor for leaking keys.
    Requiring extra authentication before generating keys and loading certificates can mitigate that, if the protocol is designed properly. It is not clear this holds for PIV. There is a challenge-response scheme for authenticating administrators, but at the end of the day the card responds with a simple yes/no answer declaring success. A bogus card can always report success making it look indistinguishable from the genuine version. (That said, it is possible to use this as a primitive operation to verify that the card is genuine. Armed with the administrator credentials, one can flip a coin and depending on the result, either authenticate correctly or deliberately supply the wrong answer to the card. A counterfeit card has 50% chance of  returning the correct success/failure status. Repeating that multiple times one can get down the probability of using bogus card as low as desired. It is unclear if such a process is ever used in practice.)

Back to the GoldKey. As hinted earlier, the PIV application on the token supports provisioning as card holder. The catch is that requires installing additional software. This is an unintended side-effect of the way discovery works in Windows: The GoldKey token presents itself as a plain smart card and reader combination, the OS will automatically try to infer the type of card. One of the steps in this process is to check for PIV and GIDS cards by selecting the well-known AID for those standards. By design the token responds successfully to a SELECT for PIV. But that leads the OS to conclude that this is “just” an ordinary PIV card and associate it with the built-in driver. This can be observed by expanding the “Smart cards” node in Device Manager:

GoldKey token detected as PIV card

GoldKey token detected as PIV card

That inscrutable device name comes from the document defining the PIV standard: National Institute of Standards & Technology (NIST) publication 800-73. The good news is smart card discovery worked flawless and identified the GoldKey token as PIV card. The bad news is that built-in driver for PIV does not support provisioning, for reasons alluded to above and in the earlier post. One way to verify this is to try using certreq tool to generate a self-signed certificate for a regular PIV card, as described in the MSDN article on BitLocker. The operation will fail:

Error when attempting to provision to standard PIV card

Error when attempting to provision to standard PIV card using the built-in driver

As an aside, GoldKey would present a different error if used in the same scenario, since it also emulates a card reader with a fixed card– there is no point in asking user to insert a different card.

Getting past this stage requires installing the correct smart card mini driver.

[continued]

CP