Syria had everyone who is anyone in Washington – and their assistants – which includes me and Gretchen, of course, inside working today. That’s a real shame because the weather was absolutely gorgeous outdoors and all I could do was look through the picture window at it as the sun shined down through a seventy-five degree cerulean sky of perfect, white puffy cumulus clouds on a breezy Pennsylvania Avenue. On the other hand, I was booked solid for consultations starting at eight in the morning and made some seriously crazy cash, so I’d be lying if I should say I would have given that up for a bike ride down the C&O canal with Cerise and a picnic under a shady tree by an old stone lock house. There’s tomorrow for that, after all, and if I’m lucky the weather will hold.
I didn’t make any money from one pair of visitors, however, that being my dear brother-in-law, Hank, and his sister-in-law, Shannon, who drove all the way down from West Virginia to discuss matters of great importance – to them, anyway. As during their last visit, they arrived without warning, insisting that they see me. And, just like the last time, Gretchen made them wait until the end of the day. So, exactly as they had done before, Hank and Shannon hung out the entire time in the reception area, wearing stone faced, fearsome expressions and their trademark survivalist outfits of flannel shirts, jeans, hiking boots, Gore-tex jackets, black baseball caps and enormous grasshopper shades, again giving my legitimate clients who were forced to wait out there with them serious cases of the willies all day long.
Once admitted to my office, Hank wasted no time. “We need to talk in… you know,” he whispered in my ear, nodding meaningfully to the door behind my desk.
I did indeed know. Behind that door is a corridor, with an entrance to, among other things, a TS/Q Cube, which I had constructed several years ago for the use of certain clients with special privacy needs and which we had also used during Hank and Shannon’s last visit to my office to discuss their previous issues with the Vast Global Conspiracy Against Freedom. It is furnished rather sparely with a rectangular teak conference table having a central pillar, surrounded by four Aeron chairs. The floor is raised – two steps up bring you to the gate of the internal Faraday cage, which is constructed from a perforated metal grill material similar to that found in the windows of microwave ovens. No electromagnetic radiation outside of a narrow range of visible frequencies can escape the Faraday cage. An no visible light can escape the Cube, of course, since the cage itself is encased inside four walls, a ceiling and a raised floor behind a mechanically locking outer door leading to the corridor. The walls, ceiling and the raised floor outside the Faraday cage are covered with anechoic, sound absorbing material capable of reducing a 140 decibel gun blast to five micro-Pascals. Not even the wiring for the lights inside the Cube goes outside the Faraday cage – there’s a pack of rechargeable batteries built into the conference table pillar. They’re good for eight hours of continuous operation, after which I have to switch them out with another pack from a recharger located outside the Cube. In short, it’s the perfect place for a couple of completely paranoid apocalypse-obsessed survivalist lunatics to have a nice, private conversation.
“Tom,” Shannon opened, “we’ve got a serious problem.”
“You sure do,” I shot back. “Hank, your wife – my sister – is barely hanging on, along with your husband, Shannon, caring for your two huge broods of Catholic children in that house in Fairfax, which you two have abandoned for the life of wilderness survival bunker enthusiasts in the Appalachian mountains.”
“When the [expletive] hits the fan, Tom,” Shannon assured me with the matter-of-fact tone only a genuine true believer can muster, “it’s going to be complete anarchy down here in DC, and the house in Fairfax – and your nice, well-furnished, comfy mansion in Great Falls, too, I might add – are going to be overrun with heavily armed, looting, raping, murdering [expletive] from Anacostia and illegal immigrant pepper-belly [expletive] beaners from Adams Morgan and South Arlington, and you, Rose, Arthur and the kids will all have to get down on your knees and thank me and Hank for seeing what was coming and doing something about it!”
“We’ve been real busy, Tom,” Hank assured me. “We’ve put together a support infrastructure that can ensure our families’ survival for three years in a blast-hardened, CBW-proof and radiation-resistant environment.”
“You mean,” I sought to clarify, “that abandoned coal mine you were talking about?”
“No,” Hank confessed, “that didn’t happen.”
“Why not?” I pressed.
“Um… well,” Hank muttered, “ah… the owner couldn’t put out the fire, so we had to call it quits.”
“At least,” I remarked, “you had the common sense to insist on that before forking over any money.”
“Yeah, yeah, I know,” Hank admitted, “you were the one who advised us to make it condition of the sale. But the place we ended up with isn’t like that at all.”
“What is it, then?” I inquired.
“It’s… a… um… limestone cavern,” Hank revealed.
“A cave? You bought a cave?” I replied.
“Not a cave,” Shannon insisted. “A cave is just an opening in the rocks. A limestone cavern has huge interior spaces created with stalactites, stalagmites and flow stone. That’s what we’ve got, Tom – a great big limestone cavern!”
“And you’re living in it now?” I asked.
“No,” Hank confessed, “we’re living in a mobile home.”
“You’re living in a trailer?” I japed. “You mean, you’re authentic West Virginia trailer trash now?”
“Your so-called ‘trailer trash,’ Tom,” Shannon growled, “live in trailer parks, okay? We have a mobile home set up on our property near the cavern entrance. We’re staying there while we coordinate with our… partners to complete construction on the… survival complex.”
“Are you saying,” I wondered, “that you have located a bunch of… um… like-minded individuals who are collaborating with you in this… ah… enterprise?”
“Exactly,” Shannon confirmed, “and that’s the source of our big problem. We’ve been communicating with them using encrypted messaging over a virtual private network, and now…”
“And now,” I concluded, “Edward Snowden has dropped another embarrassment bomb on the United States federal government, and you’ve learned that the National Security Agency has been collecting, decrypting and reading everybody’s secret messages.”
“Yeah, essentially,” Hank acknowledged.
“In cahoots,” I added, “with the British Government Communications Headquarters, the Canadian, Australian and New Zealand intelligence services, otherwise known as ‘The Five Eyes,’ and with the complete cooperation of Microsoft, Yahoo, Facebook and dozens of other hardware, software and network firms.”
“You see? You see?” Shannon demanded. “You see what Hank and I have been talking about, Tom? Who are the crazy conspiracy crackpots now, huh? If this isn’t an international, big-government, big-business conspiracy to undermine the American way of life, then I’d sure like to know exactly what the [expletive] is!”
“Oh, come on now,” I chided. “You two didn’t drive all the way from Dogpatch to Washington so you could say you told me so – or to argue with me about the difference between an international, big-government, big-business conspiracy and the legitimate efforts of free democracies to thwart terrorism, either.”
“You’re right, Tom,” Hank agreed. “We’re concerned about what the government might have found out about our… operations.”
“Well,” I opined, “it’s not likely anyone in our government or anybody else’s would have the least scintilla of interest in where you and your… compatriots… have stashed your beans and band-aids. I take it, what you’re worried about is their interest in where you’ve put your bullets?”
“And guns,” Shannon affirmed, “and… related items.”
“Explosives?” I exclaimed.
“Strictly for excavation and… defensive purposes,” Hank explained. “Come on, Tom. You’re the expert here. You’ve read all about what Snowden spilled to the media. What are Shannon and I and our… friends… dealing with? Is it true, like I heard that somebody said, you can’t trust any company that claims their product or service is secure – not one cloud provider, not one software provider, not one hardware manufacturer, nobody?”
“You never could,” I dryly stated.
“What!” Shannon shouted. “You mind explaining that remark?”
“First, you have to realize that perfectly unbreakable encryption exists,” I replied. “It’s been around for over a century and it’s used all the time by spies, even today. It’s called the one-time pad system. In the 1940’s, either Professor Vladimir Aleksandrovich Kotelnikov, Hero of the Soviet Union, or Claude Shannon, Senior Engineer at Bell Laboratories, depending on who you ask, presented a mathematical proof that one-time pad encryption, properly implemented, is completely unbreakable.”
“Unbreakable?” Shannon wondered. “In that case, how come people don’t use that all the time?”
“Because,” I continued, “it’s cumbersome. Alice has to construct a one-time pad using a lot of truly random numbers, make an accurate copy of it, and give it to Bob. After receipt of his copy, Bob has to keep it absolutely secure. Then, to encrypt a message to Alice, Bob has to perform a mathematical operation known as a modular addition to encrypt his message against a section of the one-time pad, after which it can never be used again, and must always remain secret or be destroyed by both Bob and Alice after Alice has decrypted the message. Then, when Alice receives the encrypted message, she performs a modular subtraction to obtain the plain text. These days, using a computerized one-time pad, Bob’s machine performs a bit-wise exclusive-OR transformation of the plain text against a section of the one-time pad, which consists of a random sequence of ones and zeros. Then, to decrypt the message after she has received it, Alice must perform another bit-wise exclusive-OR transformation on that same sequence.”
“Who are Alice and Bob?” Hank inquired with a puzzled tone.
“They’re nobody, you bonehead!” Shannon admonished.
“Uh… then I guess I’m not going to ask what ‘modular addition’ and ‘bit-wise exclusive-OR,’ mean,” Hank sheepishly declared.
“[Expletive] Google it!” Shannon fumed, exasperated. “That’s what I’m going to [expletive] do!”
“Thanks, Shannon,” I said, continuing. “You can see the limitations of one-time pad encryption for things like network security in e-commerce, banking or business applications. Bob can’t use it to send a secret message to Alice until he receives a one-time pad, in plain text, from her over a secure channel. The problem is, there aren’t any secure plain text channels on the Internet. So the practical alternative relies on another approach – computational infeasibility.”
“What’s…” Hank began.
“In your case,” Shannon sneered, “’computational infeasibility’ is probably why you can’t balance your checkbook!”
“Close, but not quite,” I clarified. “The best known example of computational infeasibility is the Enigma system, developed by the German High Command during World War II. The idea behind it is, you can distribute a key to all the submarines and military field headquarters, and they can use it to encrypt and decrypt messages on a particular day. Then Berlin sends out a shortwave transmission the next day telling them what key to use next. The public keys are all produced by the Enigma machines, and unless you have one – plus the latest set of internal hardware called rotors – there’s a limit to how fast you can decrypt an encrypted message. Sure, you could still decrypt it, using the technology the Germans knew about in 1940, but it would be 1965 before you could read the message. Then the Allies captured some Enigma machines and documentation, and the British at Bletchley Park, under the direction of Alan Turing, developed the first electromechanical computers, and so we broke the code and won the war, but that’s the concept of computational infeasibility – not that Chuck can’t intercept the encrypted transmission and decrypt it eventually, but that by the time he does, the content of the message will be useless, ancient history.”
“And that’s what everybody uses on the Internet?” Hank gasped. “Some crazy [expletive] the Nazis invented and bunch of snooty, prancing English [expletive] working in some park managed to crack?”
“Afraid so,” I informed him. “Public key encryption systems, like the Secure Sockets Layer, send your computer what’s called a public key. Bob’s computer uses it to encrypt his message – consisting of, say, his full name, address, credit card number, the SKUs of the items in his instance of Alice’s Shopping Cart application, his total order amount and his account PIN – to Alice’s e-commerce Web site. There, only Alice’s e-commerce system, equipped with what’s known as a private key, can decrypt Bob’s message into plain text in a reasonably short period of time, such as three seconds, for example. Meanwhile, Chuck, who has intercepted Bob’s encrypted message, and who only has core access to a very powerful, but still ordinary mainframe computer, for example, wouldn’t be able to decrypt that credit card information until 2040, even if the decrypting job was the only algorithm that mainframe computer ran, 24/7, 365 days a year. That’s computational infeasibility, circa 2013.”
“Wow,” Hank breathed in amazement, “so, by 2040, Bob’s credit card number would be expired and knowing it wouldn’t be worth [expletive] to this Chuck guy, anyhow.”
“Now you get it,” I assured him. “But the NSA, on the other hand, they have supercomputers that are considerably faster than the typical mainframe, and specially designed to break public key encryption. So if Chuck works for the NSA, he could get Bob’s credit card number out of that public key encrypted message to Alice in a couple of days, max; probably less, in fact. But if Chuck wanted personal information and credit card numbers, of course, he’d be much better off tricking a system administrator at Alice’s e-commerce firm into giving him their password, breaking into Alice’s customer database and downloading Bob’s along with a hundred thousand others.”
“Christ!” Hank yelped in fright. “You’re saying it’s quick and easy to trick a systems guy out of his password? That can’t be right!”
“Well, depending on Alice’s e-commerce software and back end database,” I pointed out, “Chuck might be able to break in without a password, right from the catalog Web page at Alice’s e-commerce site, using SQL injection. But what I’m getting at here is, nobody but the NSA, CGHQ, or another agency like them, is going to intercept people’s encrypted messages with any reasonable, sane expectation of decoding them. And even then, think about the volume – sure, maybe if they play fair, their supercomputers can decrypt a one-page email in a few minutes, but their listening capabilities are so extensive, they’re collecting millions of them. They need to be able to decrypt a one-page public-key encoded email message every few milliseconds, not every few minutes. That’s why they leaned on Microsoft and all those other companies to provide them with ‘back doors’ to their encryption software. And for over ten years, Microsoft and all those other companies have been bending over and grabbing their ankles for the NSA and its buddies, letting them have as much back-door action as they want. Plus, for at least that long, NSA has been the sole, ultimate arbiter of Internet security protocols. Even the National Institute of Standards and Technology has to lube up and take it. There’s so much back-door stuff going on with them, you might as well say they invented twerking.”
“Ten years?” Hank whined. “So it’s not just Obama? You mean it’s been… Bush, too?”
“Sorry to dis your big hero and all,” I let him know, “but yeah, His Simian Excellency, President George W. Bush, also.”
“So what can we do?” Shannon implored. “When the End Times arrive, and the Obama regime becomes a Socialist dictatorship, the first thing the government will do is seize everybody’s weapons, ammunition and explosives! And according to you, the NSA has used back doors supplied by their federal cronies and IT industry lackeys to hack into our VPN, decode all our secret messages and figure out all our clandestine storage locations!”
“You’ve got to change your approach to communications,” I advised, “so programs such as Bull Run, Edgehill and Cheesy Names…”
“Cheesy Names?” Hank interrupted.
“Yeah,” I conceded, “they’re all cheesy names, actually. But ‘Cheesy Names,’ specifically, is the program to crack SSL certificates. No, don’t ask me what SSL certificates are, okay? Do any of your… ahem… confederates… possess any significant IT skills?”
“I think,” Shannon offered, “that a couple of them have kids who… well… might be… uh… qualified.”
“All right then,” I recommended, “in that case, tell them to configure all the machines used for secure communications to run Linux, not Windows. Ubuntu is a pretty good distro, use that. Tell the kids to find a symmetric cryptography system that employs a conventional discrete-log-based solution, not one that uses elliptic-curve based algorithms, because the NSA has back doors to all the elliptic curve and Diophantine constant inverse matrices, worldwide.”
“Huh?” Shannon looked up from writing in a spiral bound pocket notebook.
“If they can’t get that,” I told here, “they should get GPG, Silent Circle, Tails, OTR, TrueCrypt, or BleachBit, and/or TLS…”
“Slow down,” Shannon commanded, “B-L-E-A-C-H space B-I-T?”
“No space,” I corrected. “Then everybody in the secure communications group has to go out and buy a brand new computer that has never been connected to the Internet. No used machines – only completely new hardware, right out of the box, will work. The object of that is to initiate and maintain an air gap system – whatever common encryption solution you adopt has to be loaded on the new computers. Then, whenever you want to send a private message, encrypt it on the new stand-alone machine that has never been connected to the Internet, download the encrypted file to a thumb drive, walk it over to your Internet machine and send the message as an email attachment. To decrypt, the recipients must each download the attachment to their own thumb drive, walk it over to their new machine, upload it and decrypt it there.”
“[Expletive],” Hank bitterly complained. “Doing all this [expletive] is going to be really [expletive] complicated and expensive!”
“You bet your bippy this stuff is complicated and expensive,” I observed, “you and your… friends… are up against the NSA, and they’ve got billions of dollars and thousand of PhDs. Good luck. Anything else?”
“How do you spell Dio…” Shannon stammered, “uh, Diophant…”
“D-I-O-P-H-A-N-T-I-N-E,” I slowly intoned. “So, okay, assuming I can’t talk either of you into rejoining your families, whom, I reiterate, miss and need you very much – are you two good to go now?”
“Um… well… you know,” Hank pleaded with a hangdog look, “like last time, it sure would be nice to have some gas money for the drive back to West Virginia.”
“All right,” I sighed, opening my wallet and handing Hank $500, “I assume this will cover it. Now see if you can stay out of my hair until Armageddon arrives.”