Schneier on Security

Wael • February 23, 2018 10:07 PM

@Ratio,

True. It’s a vacuous term in the current context, though.

Air-gap isn’t any better, either. Better terminology is needed. I don’t like the word “gap”.

Wael • February 23, 2018 10:42 PM

@Anura,

@Anura,

Lol! Very funny 🙂

(I’m more of an idea guy).

You’re half-way there! Give it the right spin and you may get partial funding from NSF 🙂

Wael • February 24, 2018 12:42 AM

@Ratio,

How so? The issue with “air gap” is the way it’s used, not the term itself, IMHO.

Like so: If the term itself were clear, you wouldn’t have studies like the topic of this thread. What’s an airgap? Off the grid? Shielded? Sitting in a vacuum? All of that? Plus more? We had a similar discussion a while back but I’m not in the mood to look for a link. The summary is: airgap means different things to different people at different times. Me? I would classify a WiFi connected device as air-gapped (based on the terminology.) I know it isn’t a correct interpretation. Then again: what does air-gap mean to you?

To describe the goal or how to achieve it?

Both! Then find a descriptive term. It’ll be clear that “air-gapped” isn’t it. So: what’s the goal? And how do we achieve it?

Wael • February 24, 2018 8:46 AM

@Ratio,

Dang! I had so many spelling mistakes!

“Energy gap” doesn’t actually mean anything!

To me it means: having the protected device within the confines of an energy barrier that prevents all forms of unwanted transmissions.

The word ‘gap’ could be replaced by ‘barrier’.

Wael • February 25, 2018 7:11 AM

@Ratio,

I’m not sure why you ask.

It’s a consequence of what you stated.

You seem to be agreeing now, and thus disagreeing with the earlier sentence I just cited. What gives?

The term is clear in some people’s minds and ambiguous in other’s. If air-gap means “off the grid”, such as in a “cold crypto-currency wallet”, then studies like this are valid. If air-gap means “energy-gap” or barrier, then studies like this need to take a different form. Here, the researchers discuss how to jump a “gap” using magnetism, which is supposedly not a viable attack doable against an energy-gapped system. And if it’s doable, then the system isn’t protected as claims: an implementation weakness that may apply to a proper subset of the sample space.

No, hence the “if you want to extend this to wireless” earlier.

Then you say that “air-gap” needs an extension to cover wireless. In other words: the term “air-gap” by itself isn’t an expression that completely covers the meaning of the goal. Others, by the way, and rightly so, don’t consider a wirelessly connected system to the internet as being “air-gapped”. You can extend this argument to other methods: sonic and ultrasonic, sound through solids, light, static electricity, magnetism, … See the BadBIOS discussion for the ultrasonic method.

What is my definition if not the description of the goal, and how is it flawed?

When a definition needs extensions to cover the intended goals, then it fails (by definition.) See above 😉

I assume by “it” you mean “having … prevents all forms of unwanted transmissions”?

Yes!

Congrats on being filthy rich very soon, I guess.

Guess again. Techniques like that do exist and are in place. Thye exist at the macro and micro levels. I don’t want to digress off too far, but think of a system in an underground room underneath a mountain with several levels of protection layers: physical access control zones, passive shielding, active shielding, noise injection…. Someone else got filthy rich (same guy who sells the hammer for $500.)

Is this the problem statement or the proposed solution?

Neither: it’s a description of a state, just like “air-gap” is. And there is where the confusion comes. Example Requirement: Air-gap this system. Solution: Unplug the Ethernet cable, and task accomplished (in some people’s minds.) Example Requirement 2: “Energy-gap” (I have some reservations as I stated before on the terminology.) Solution: Stick the system in a controlled access zone, in a bunker underground with its own power supply, don’t allow any devices near it (not even a watch, isolate it mechanically, optically, electromagnetically (which includes optical,) etc…

Wael • February 25, 2018 10:19 AM

@Clive Robinson,

The problem is one of “jargon”. After all what does TEMPEST or EmSec realy mean?

For starters, ‘TEMPEST’ is all caps. It must be an initialism, an acronym, or an abbreviation of some phrase that I don’t wish to look up. EmSec? My first discussion about C-v-P started with “What does ‘Security'” mean.

However, I agree with the rest to a certain extent. The point I’m raising isn’t about a particular choice of words. We may call it ‘Bullfrog’ as far as I’m concerned [1]. We just need to agree on the meaning of the ‘idiom’. “energy gap” is more descriptive than air-gap”, though. I believe the term will be mainstream in the future although I dislike the word “gap” as I’ve stated repeatedly. Also note that magnets and gravity are not “Energy”, strictly speaking. They are forces as you well know; part of the four forces of ‘nature’: Weak Nuclear, Strong Nuclear, Electromagnetic, and Gravitational.

Then there is energy which is the capacity for doing ‘work’. There are Electrical, Chemical, Potential, Kinetic, Thermal, Nuclear, Magnetic, Electromagnetic, Acoustic (could be a form of kinetic) energies… And that’s what you want to curtail and control in order to protect against side-channels / out of band emissions. Now we both know that energy cannot be created nor destroyed. The problem becomes then: dissipate the energy in a manner that’s unusable by an adversary located within a certain distance of the protected device / system. Dissipate it in a manner that obfuscates the fingerprint of the operations to be protected… This will tangentially take us to the E-v-S discussion, I would imagine.

[1] If I say I’m hungry, you know what I mean. If I say I’m starving, well: it means I need to eat within the next 5 minutes or so. If I say it’s ‘air-gapped’, well: perhaps I stuck a balloon in the system… who knows 😉

Wael • February 25, 2018 5:32 PM

@Clive Robinson,

have you had further thoughts on the entangled bit communication…

Didn’t have the time… Stay warm 🙂

Wael • February 25, 2018 9:24 PM

@Ratio,

Ok. Let’s take it in steps:

Why would it? To me, “air gap” is part of the solution space, not the problem space.

What part of the solution-space does ‘air-gap’ cover and what does the solution space look like?

Wael • February 25, 2018 10:36 PM

@Ratio,

I believe I understand what you’re saying. But let’s continue:

Problem Space = {Intentional physical connection, Unintentional stray connections}

Solution Space = {Break physical network connections, Shield Sound, Shield stray Electromagnetic fields, Shield Electric Fields, Shield Magnetic Fields, Shield Acoustics, Control Access, Adopt best practice OpSec…}

Attack Surface Space (so-called techniques of jumping air-gapped systems:) = {Acoustics, Electromagnetic fields, Electric fields, Magnetic fields, Optical, Kinetic, …}

Air-gaps cover the first element of the Solution Space. Agree? Also the term “Energy-gap” is part of the problem space (if you ignore the word ‘shield’.) Agree?

Perhaps it’s the reason I subconsciously disliked the word gap, but let’s see…