Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Enthusiast Zone > Classic Macs and Mac OS > FEE in Mac OS9 - security issues?

FEE in Mac OS9 - security issues?
Thread Tools
njacksona
Guest
Status:
Reply With Quote
Oct 2, 1999, 11:03 PM
 

It is now known that Apple will use proprietry encryption technology in OS9. There implimenatiom of the security features relies on FEE, Fast Elliptical Encryption, a technology totally un tested and not in the least bit secure from what I can gather fro m the paltry data extracted from the www and boooks on the subject.

Can anyone here convince me that Apple is not providing a wet paper bag of a tcchnology. Security gets increasingly important. And whilst everyone who's anyone in the encryption business swears by IDEA or BlowFish, why does Apple reply on such an unknown.

I know they have the clever Dr. Richard Crandell(?) working on this tech at Apple. But his entropic theories have not been put to the test.

Can anyone reassure me on this subject as each and every day sees encroacnment into out Data by the tactics of Intel and M$.

Regards,
Neal

p.s Will a user be able to drag/drop whole folders to encrypt/decrypt or just individual files?
     
henryv
Guest
Status:
Reply With Quote
Oct 3, 1999, 12:37 AM
 
The elliptical curve encryption doesn't look too bad.

Check out http://www.idg.net/go.cgi?id=147369 to see one example of its acceptance by people (ABN-AMRO Bank, American Express, Deloitte & Touche, Hitachi Ltd., Inter Clear Service Ltd., Visa International, Pitney Bowes, HP) who have much to lose if it weren't secure enough. The Health Care Financing Administration has also agreed to use it,

For us users with little math knowledge to really judge how good a crypto system really is, how difficult to crack it is a useful benchmark. So, http://www.inria.fr/Actualites/pre55-eng.html and http://cnn.com/TECH/computing/9909/2...idg/index.html have a recent report of the effort needed to crack a 97-bit elliptic curve code. It took 16,000 MIPS-years, twice as much as cracking a 512-bit RSA problem.

Note that the length of the keys for elliptic curve cryptography will be >160-bits (see a Centricom whitepaper: http://www.certicom.com/ecc/weccrypt.htm), that will be comparable to 1024-bit RSA to crack.
     
Cyphers
Guest
Status:
Reply With Quote
Oct 6, 1999, 11:27 PM
 
You honestly think Apple has a clue about encryption? Their file encryptor is weak crypto. FEE is a proprietary joke. Anything proprietary in the crypto world is a joke. Their ASC (Apple Secure Compression) is an even bigger joke. Multiple Users security is bypassed by simply botting from a CD. These guys are smoking something. I would never depend on Apple for security. PGP 6.5.1 especially PGPdisk is where it's at.
     
scott
Guest
Status:
Reply With Quote
Oct 7, 1999, 05:16 AM
 
Multiple Users security is bypassed by simply botting from a CD. These guys are smoking something. I would never depend on Apple for security.
Multiple Users is not designed to keep people locked out as much as it is keep settings seperate. I'm not aware of any Apple materials that claim otherwise. The intention is mainly that family users can share a Mac.

What they do claim is that encryption == privacy. To the best of my knowledge, simply bypassing Multile Users does not decrypt files. The issue of "how good is FEE?" is up for discussion. I agree Apple should have just gone with PGP, but I'm no cryto expert.

As far as why they chose FEE, I think they've had it lying around for a while (there was talk of using it in Rhapsody). Not a justification, an explanation. Several years ago, PGP was not the force it is now.

- Scott
     
scott
Guest
Status:
Reply With Quote
Oct 7, 1999, 05:26 AM
 
Further clarification on this:

"If, however, it's people pretending to be you, no dice: they can talk and talk till they're blue in the face, and Mac OS 9 will deny them access to your personal files."
http://www.apple.com/macos/feature3.html


It's a bit nebulous, but basically, you can encrypt files. Booting from a CD to circumvent Multiple Users (assuming that really does work), doesn't get you into encrypted files.

Also -- Cyphers, you say "FEE is a proprietary joke." What does that mean exactly? Does that mean you have successfully cracked it in a reasonable amount of time?

Thanks,

- Scott
     
Cyphers
Guest
Status:
Reply With Quote
Oct 7, 1999, 03:46 PM
 
No, it means that from the perspective of the cryptographic community, proprietary algorithms are an oxymoron. Algorithms require in some cases decades of peer review in order to truly become trusted. FEE is an algorithm that is very new and has spent most of its life essentially hidden from view. Frankly, I think the question that went through the minds at Apple was "What algorithm can we use to differentiate ourselves?" rather than the more obvious "What algorithm can we use to make this secure and trusted?" They thought different for the sake of thinking different.

Obviously the multiple users issue has nothing to do with this directly. But if the question is whether you can decrypt files, the file encryption in standard MacOS 9 is weak crypto of course so that the OS can be exported. A simple brute force attack should be able to break it in a reasonable amount of time. It is only a matter of time before someone writes a screen saver which cracks encrypted MacOS 9 files in the background just like the S/MIME one that came out last year.
     
quant
Guest
Status:
Reply With Quote
Oct 7, 1999, 10:06 PM
 
Actually, I'd like to know how FEE differs from ECC. Elliptic Curve Cryptography was developed in 1985, and Japanese companies Hitachi and Matsu****a have been working on it the last few years. The real force in ECC these days seems to be Certicom.

ECC's benefit over RSA is speed: a 160-bit ECC key should be just as secure as a 1024-bit RSA key, but requires less computational power to encrypt and decrypt. If ECC has a weakness, it's that it hasn't been around as long as RSA, and so it hasn't been subjected to as many attacks. But that doesn't mean that it's insecure; there are plenty of large companies using it, including AT&T, Hewlett Packard, and Bank of America.

From an article entitled "baa9916cryptofinal-public.doc" on PGP's site, I found the following information:

"ECC's unique properties make it especially well suited to applications where processing capability is severely limited, since it provides the highest strength per bit of any cryptosystem known today."

If PGP is themselves investigating and/or considering ECC, how weak can it be? Phil Zimmermann wrote this today in reply to my questions about ECC and FEE:

"We don't use ECC because we don't mind using larger keys. Desktop machines
have plenty of CPU power and storage, so we use other public key algorithms,
and get other flexibilities that way that are not available to us if we use
ECC. The algorithms we use have a longer more proven track record than ECC
algorithms. We may use ECC someday, but it will be so that we can run in
smartcards or other handheld devices that have less CPU horsepower."

You can find a good (if a little old) overview of ECC history and explanation at http://www.cjmag.co.jp/magazine/issu...takezaki.html. Certicom has an ECC tutorial at <A HREF="http://www.certicom.com/ecc/enter/index.htmA>

Make of this what you will, but I've found nothing on the web about FEE, and nothing relating it to ECC; I'm just guessing that there's a relationship because they're both based on elliptical encryption.
     
vizion
Guest
Status:
Reply With Quote
Oct 12, 1999, 07:21 AM
 
An interesting link can be: http://www.cwi.nl/~kik/persb-UK.html It's about the cracking of a 512-bits key used within many e-commerce transactions.
     
Junior Member
Join Date: Oct 1999
Location: SF, CA
Status: Offline
Reply With Quote
Oct 14, 1999, 03:31 PM
 
Am I totally off my rocker or do I correctly recall reading somewhere that the encryption technology in OS9 had some sort of plug-in architechture, so that other encryption algorithms could be used in the future??
     
Fresh-Faced Recruit
Join Date: Oct 1999
Location: Way out west where the cayotes howl
Status: Offline
Reply With Quote
Oct 15, 1999, 02:10 AM
 
While I agree it would have been better to use a tested, open algorithm for the encryption, I also welcome the presence on my computer.

I'll use the FEE encryption (when I get os9) for most of my files. What I've got on my computer right now -- unecrypted -- will simply be encrypted with FEE. It's better than where things are right now. If I have some hard-core spy data, sure, I'll use something stronger.

Using the analogy that Zimmerman uses in the PGP readme: my files right now are on postcards, read by anyone who cares to look. Encryption provides an envelope, a degree of privacy. The fact that the envelope can, with some degree of effort, be opened is acceptable as long as the degree of effort is known. When I need stronger encryption (which I haven't felt motivated to so far), I'll get stronger encryption. I appreciate the fact that Apple has included any encryption at all.

While it may not be the most robust algorithm available, it's better than plaintext.
     
Fresh-Faced Recruit
Join Date: Oct 1999
Status: Offline
Reply With Quote
Oct 17, 1999, 02:44 AM
 
As far as I can tell, if you can bypass multi-user simply by using a boot disc, then all that voiceprint stuff is just completely for show, since you don't even need a password to see stuff as long as you have a different boot disc.

That seems pretty silly.
     
scott
Guest
Status:
Reply With Quote
Oct 18, 1999, 07:57 PM
 
As far as I can tell, if you can bypass multi-user simply by using a boot disc, then all that voiceprint stuff is just completely for show, since you don't even need a password to see stuff as long as you have a different boot disc.
Please check out my message earlier in the thread, posted 10/07.

- Scott
     
Dedicated MacNNer
Join Date: Oct 1999
Location: Raleigh, NC, USA
Status: Offline
Reply With Quote
Oct 20, 1999, 03:47 PM
 
Scott (and others),
regarding access to the FEE encrypted files:

Do I understand correctly that access to those files is available without password, only if the user logged in via the typical OS9 startup and that otherwise the user has to provide the FEE password used to decrypt the files?

Also, the keychain: Is the keychain accessable to someone who boots off of the CDROM?

Thanks!

------------------
Tadd Torborg
     
quant
Guest
Status:
Reply With Quote
Oct 26, 1999, 08:07 PM
 
Tadd,

The user will be able to see the names of the encrypted files, but if he/she double-clicks on them, they'll be prompted for a password (and denied access when they don't have it).

On another topic, I read over the help on "encryption" in OS 9, and saw the whatever they are using (elliptic, RSA, they don't say), it's only 56-bit!

I'd guess that they chose 56-bit so they could export the OS without having to modify it for international markets.

But it sure does seem stupid that my Palm III, with Certicom's freeware 163-bit memo encryption, is cryptographically stronger than my B&W G3 or iBook..
     
Professional Poster
Join Date: Mar 1999
Status: Offline
Reply With Quote
Jan 17, 2000, 01:05 PM
 
http://www.smartmac.com/

...an article that details the encryption technology used in Mac OS 9.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 11:05 AM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2