[SGVLUG] Security "riddle"

Tue Nov 24 12:03:41 PST 2009

> -----Original Message----- Of Mike Rubel
> [in response to me]
> > the actual answer given is as follows:
> >
> >   1) place the item in the box and lock it with your lock
> >   2) send the item to the recipient.
> >   3) the recipient ADDS his own lock to the box and RETURNS it
> >   4) when you receive the box back, you REMOVE your lock
> and send it
> > again
> ...
> >   6) the recipient can remove his own lock and retrieve the
> contents.
> > If the lock was cut, they know the integrity of the
> shipment has been
> > compromised [i.e., a gpg signature "failure"]
>
> This also seems susceptible to man-in-the-middle, ...

[MITM impersonates the recipient to intercept the item, and then impersonates the sender so the recipient is none the wiser]

Hmmm.. Yes, I suppose as you've described it, it can still be intercepted.  I suspect most, if not all, variants of this scheme are susceptible, it's just a matter of degree.  What you need is a way to make the cost of success greater than the value the attacker would receive for intercepting the "item".

> It seems that the MITM can only be foiled if the sender and
> recipient have a separate, trusted communication channel by
> which they can either confirm receipt of the box to one
> another, or confirm the authenticity of each others' locks.
> Of course, although this channel must be trustworthy, it does
> not need to be hidden.

So, step 4a would be to call the recipient and confirm he has received, locked, and returned the package (and possibly ask to describe the lock)  Of course, ensuring that the person answering the phone is indeed the recipient and not the MITM might be a bit tricky.

Another variation would be that in addition to the first lock, you could also write a pre-determined "code word" on a piece of tape and place it on the box so that it covers the seal (i.e., opening the box would require cutting or removing the tape) [the "code word" could also be your signature, though this would be susceptible to forgery]  The recipient would also apply a tape strip to the box - this is essentially a challenge/response protocol on top of the "public" key [lock] mechanism.

Aha - got it - instead of a "code word", you tape a strand of hair to the box (and likewise the recipient) - each of you then confirms the DNA of the other...  (ok, maybe at this point the "cost" of sending the item exceeds the value of sending the item...)

Or even simpler - and more to the point here - each of you would put your fingerprint on the box (and cover the print with clear tape so the print can't be smudged or covered by the "shippers")  Now part of the process (just like GPG) would be to "check each other's fingerprint" ;)