Securely delegating trust with digital signatures and secret storage systems ⚙️

More Tech stuff!

The secret to having healthy, shiny hair is pretty easy to guess. Wash it regularly. Use a decent shampoo. Definitely do not iron it

Here’s a secret nobody will ever guess:

115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936.

At Monzo, we think about “secrets” as any piece of information we want to tightly control access to, for example passwords, encryption keys, and safe codes. They’re often just very large numbers with countless possibilities.

Previously we’ve talked about how we manage and control access to secrets, and how we protect our most sensitive ones from the most determined attackers.

In this blog post @awn, our Security Infrastructure Engineer explains how we use a combination of different secret storage systems to implement a balance between security assurances and usability

If you have any questions feel free to drop them in the comments

I’ve got myself fixated on this bit. There’s 26 so is this just a cipher alphabet? But then am I supposed to be decrypting something? It could be hashing…

@AlanDoe you’re ruining my evening

So they’re just demonstrating how to do a alphabet?

Pity, I’m over wordle and wanted something to solve

‘p455w0rd’

sorted

My favourite easy to understand low level explanation on how public/private keys are secure is from Tom Scott, the link should take you to the correct place (1 minute in)

For a more accurate example of a secret, here’s the public key for the key pair I’ve just generated for my iPad.

Cryptocurrencies often encode secrets in English words, for example here is my Bitcoin wallet’s secret:

setup evil gap electric expire napkin around dance run fee cash maze salute hollow diesel hawk process write verify mystery shoot cruel tomorrow media

@N26throwaway @Rat_au_van

The number written in the blog post represents the number of different possible keys if a key is 256 bits long. I think there was some miscommunication when the social media posts were written so it looks like that number is itself a secret

Have you been tapped on the digital shoulder yet?

If you liked this post you might also like other posts I’ve written at https://spacetime.dev where there’s more technical details : )

I’m in the ed25519 camp personally

: ) Draw.io is pretty good for quickly making diagrams

The reason rsa keys are so long is because rsa is implemented in a field over the integers (there are both + and x operations with inverses) which leads to better attacks against it so the key-size has to increase a lot to compensate, but only one operation is really necessary. It’s also tricky to implement securely and ends up being relatively slow in practice

On the other hand EC keys are implemented inside a group over some finite field so there is only one operation which leads to fewer attacks meaning the keys can be very short. Curve25519 for example (which is what ed25519 is based on) is very fast, has a small and simple implementation, small keys, and it avoids timing side-channels by design, so attackers cannot monitor how long operations take in order to learn sensitive information. This has been a big problem in the past.

There’s also the NIST curves (e.g. p-256 secp256k1) but they are not as secure and are controversial because of unexplained constants used in their design, and in light of the Snowden leaks there is more suspicion of NIST designs in general (See Dual_EC_DRBG - Wikipedia). SafeCurves is a good overview of the security of various existing curves: https://safecurves.cr.yp.to/

There’s also cool abstractions like Why Ristretto? - The Ristretto Group which provide a safe prime-order elliptic curve group which eliminates small co-factors and simplifies implementations