Security Experts:

When Encryption Isn't Enough

“The giraffe is probably dead” was the musician’s excuse for being late to our corporate event in Johannesburg. Someone had apparently been transporting the animal under an overpass with insufficient clearance. Result: traffic jam. I’ve heard creative excuses for being tardy, but the skepticism must have shown on my face because she added, “It’s all over the Twitter!” and showed me the Twitpic on her smartphone. I couldn’t help but bark a laugh, as did many around us.

In a neat little coincidence, I had literally, just minutes before, finished a talk in which I used Twitter as an example of a social media company with a new focus on security and privacy. In the past, Twitter had been quite “unprivate.” It had used unencrypted communication—probably because all tweets are, by definition, public—so what would be the point of concealing tweets with encryption?

Twitter soon discovered the point: at the same time that Twitter became a popular medium for activists during upheavals like the Arab Spring, it also became a public net through which government agencies could monitor their citizens. One set of public data revealed who follows whom on Twitter. If a person followed too many trouble-making Tweeters, he or she might get a late-night visit from the thought police.

In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.

Using a bit of clever math, monitoring agencies could still analyze a user’s encrypted Twitter stream and, because of the avatar profile image sizes associated with each Twitter account, make a pretty good guess at which other Twitter users they were following. How so? The common image formats (PNG, JPG) compress visual data. When compressed data is encrypted, the size of the resulting ciphertext is deterministic, and relatively static! You can verify this yourself–encrypt a photo of yourself using different passwords and the resulting ciphertext will either be exactly the same size or close. In one famous demonstration of this technique, Vincent Berg of IOActive wrote a tool that was able to guess which map tiles were being pulled down from Google Maps, even though the stream was encrypted.

So, you know what’s really cool? Twitter addressed this problem by padding most avatar images to a constant boundary. I informally checked a handful of Twitter profile avatar images; they padded out to 16,298 bytes. Encrypted, they would be roughly the same length as well. This would make the images difficult to tell apart from each other, thereby increasing the overall privacy of the Twitter ecosystem. It was a simple, elegant fix that today may save lives and promote freedom of speech around the world.

Giraffe in a Truck

Figure 1 - Source: Thinus Botha / Twitter

Getting back to the giraffe. Later that night, we learned that it did indeed perish, much like what happened in the movie The Hangover III earlier this year. The hundreds of tweets and retweets about the giraffe harmlessly swirled around social media like so many leaves in the wind.

Twitter users may be relatively safe, for now. What worries me, however, is that many activists all over the globe may be using other social media sites that aren’t as on top of it as Twitter with regards to cryptanalysis and privacy. Monitoring agencies may be able to catch citizenry in their surveillance nets by casting about only a little farther away than Twitter.

view counter
David Holmes is an evangelist for F5 Networks' security solutions, with an emphasis on distributed denial of service attacks, cryptography and firewall technology. He has spoken at conferences such as RSA, InfoSec and Gartner Data Center. Holmes has authored white papers on security topics from the modern DDoS threat spectrum to new paradigms of firewall management. Since joining F5 in 2001, Holmes has helped design system and core security features of F5's Traffic Management Operating System (TMOS). Prior to joining F5, Holmes served as Vice President of Engineering at Dvorak Development. With more than 20 years of experience in security and product engineering, Holmes has contributed to security-related open source software projects such as OpenSSL. Follow David Holmes on twitter @Dholmesf5.