We are going to look at a logic problem that impacts offensive security and how we can use Artificial Intelligence (AI) and Machine Learning (ML) to solve it. We are going to look at the implications of “Chekhov’s Gun,” and how its lessons can be applied to digital security.
What is Chekhov’s Gun?
According to ChatGPT: Chekhov’s Gun can be summarized as a storytelling principle that states that any element in a story that is introduced but not used later on, is a wasted element. It is named after Russian playwright Anton Chekhov, who wrote that “if in the first act you have hung a pistol on the wall, then in the following one it should be fired. Otherwise don’t put it there.”
Put another way, any element introduced is intended to be used, otherwise why expend the effort of introducing it? It’s now used as a logic problem, where “Chekhov’s ______” deals with the logical implications of an item’s existence.
The problem with Intent
When applied to security and encryption, an adversary can make assumptions about one’s intentions and outcomes based on their actions, which can be more indicative than anything physically found.
Consider the scenario of an embezzler being searched by the police. To protect themselves, they purchase a top-of-the-line hidden safe and move all incriminating files into it. When the police search the embezzler’s place and find nothing, the safe has done its job.
However, during the search a receipt is found for the purchase of the safe. The discovery of a record of the safe’s purchase and installation raises suspicions and opens the embezzler up to risk in multiple ways.
First, the police may assume that the embezzler’s intent was to hide the existence of the safe and its contents, as they would not have purchased an expensive hidden safe if they had nothing to conceal as a reinforced fireproof safe would be larger and cheaper.
Second, they may assume that the safe contains valuable and important items. You logically wouldn’t buy a safe and then not put these items into it.
The problem with assumptions
These assumptions can lead to coercion, the implication of guilt, and severe punishment or execution in some cases. Police have a specific datapoint (the location of the safe) they are able to probe for, and then immediately verify. They may not be able to force you to answer, but they know what question to ask.
It can also create the implication of guilt if you refuse to reveal the location. Most people, privacy issues aside, would likely cooperate given the possible alternatives. Some adversaries may assume guilt based on refusal to comply.
A specific digital example of this problem is the use of TOR, an incredibly useful tool for secure communication. However, the use of TOR alone is seen as a guilty act in many parts of the world, and some governments may assume one is a drug dealer and execute them based on this assumption alone.
Fortunately, just as there are solutions to Chekhov’s Gun in storytelling, such as the use of Red Herrings, we can apply these same approaches to digital security and hidden items. These are story elements that are included to be deliberately misleading.
Solving “Chekhov’s Hidden Container” problem
We are going to carry on with the scenario above, but with Red Herrings created via machine learning. In the case of the embezzler, this could include creating multiple fake data sets and clues to make it impossible for the police to make assumptions about any individual activities.
We are going to look at this from the perspective of “General Stickyfingers,” who is a military commander as well as embezzler. To solve the problem of intent, we are going to build our environment around these hidden compartments.
We get furniture exclusively from “Hidden Containers ‘R Us” and stack them everywhere – and even put some inside of other hiding places. We will remove the ability to draw any inferences regarding the existence of the hidden compartments, and your adversary will never be completely sure they found them all.
However, even with these precautions, we are still vulnerable to a search. We can make it much more difficult, but we are still vulnerable to brute force efforts.
Apply Machine Learning
To mitigate this risk, we could use AI and ML to generate fake financial documents, which could be unique to individually generated financial crimes or implicate different individuals for the same crime. This would make it extremely difficult for the police to identify which documents are genuine without outside references.
In addition to these measures, we could also use our position as a commander to further muddy the waters. We could mandate that all furniture used in their buildings also include hidden compartments, and encourage the occupants to use some of these hiding places without providing any context on which ones are relevant.
By implementing these strategies, we could protect ourselves from searches and interrogations, and make it difficult for our opponents to make assumptions about their intent. It would also be harder to know which hiding places are relevant, decoys or are known by whom, providing an additional level of obfuscation to their secrets.
The final decision is if we want the environment for every individual to be identified or unique. If we make each environment identical, we completely remove the ability to draw any conclusions from the existence of any containers. If we make each one unique, we increase the complexity of the investigation and make it much more difficult to draw comparisons.
Building an Obfuscation Engine
Now we will take these same principles and apply them to digital security. Our goal will be to remove all assumptions based on intent, and apply AI and ML to protect our information.
Protecting Civilian allies
The first and most important use of this technology is to protect our civilian allies. In the current global conflicts, we see an incredible willingness from these populations to support the cyberconflict.
However, these individuals often lack the technical skills and knowledge to effectively defend themselves online, and there are significant personal risks for those who are caught participating in cyber activities. This puts an effective limit to how effectively these volunteers can participate.
To address these challenges, it is important to develop tools and protections that can be easily used by civilians. By utilizing the concept of “hidden compartments” within these tools, we can provide a layer of security and deception that can confuse and mislead adversaries.
One example of this approach is the use of containers within an open-source Linux operating system. These tools can be configured to run automatically, without the need for user input.
By providing allies with the knowledge on how to access the specific containers, they can utilize the tools while keeping them hidden within a sea of fakes. Additionally, fake information troves can be intentionally left in plain sight to further mislead adversaries.
The key to this approach is the choice of how each tool is constructed. If each tool uses an identical structure, with the same configuration of hidden compartments, it becomes much more difficult for adversaries to discover the relevant tools.
Furthermore, by flooding a population with these tools, it becomes impossible to determine which small subset of the population is actively using them. This makes it much more difficult for adversaries to target specific individuals or groups.
The best part of this approach is that you don’t have to deploy the tools to be successful. The fact they exist and could be compromising vital systems might be enough to force a reaction. Getting an opponent to distrust their systems could be as effective as destroying them.
Obfuscation and Encryption Engine
In order to ensure the security of sensitive files, it is important to implement a robust encryption and obfuscation system. In a large-scale cyber conflict, thousands of individuals may have access to the data, making it crucial to have a system that can withstand intense scrutiny.
One solution is to use nested containers with multiple layers of encryption. Files are initially encrypted and placed within a container, which is then itself encrypted. This process is repeated to the desired level of depth. This method is highly secure, and the use of multiple encryption keys can provide an added layer of protection.
The image below shows a visualization of one container (so 1/20th of the total size), and shows the legitimate data caches surrounding the generated files:
However, this method also raises concerns about intent, as it can make one’s intentions obvious in certain situations. To address this, we can use machine learning to create fake caches of data that appear relevant but are not.
These fake caches can be created in a virtually limitless supply, and can be used to poison the well with false information, making it impossible for adversaries to make any assumptions about the true content of the data. Additionally, these fake caches can be used as honeypots to pass fake intelligence to your adversary.
Secure Hardware / Laptops
The final common use case for security and encryption is to secure a laptop or other hardware device. This scenario, while simple in concept, involves applying the principles discussed earlier on a localized level. To build on our initial scenarios, this would be the most effective way to utilize the hidden compartments once they are constructed.
To secure a laptop, we begin by using multiple hard drives and a “decoy boot” that runs automatically and is designed to deter casual investigations. This decoy boot is a fully functioning operating system that is separate from the main, secure operating system.
The main operating system and data are stored on multiple other drives, which are protected using the secure containers previously discussed.
In addition to these containers, tripwires are added within the system to detect and respond to unauthorized access. These tripwires include fake containers and honeypots that are designed to catch the attention of an adversary. When accessed, they trigger a complete wiping of the data on the device, providing a failsafe mechanism to protect against unintended investigations.
Additionally, there is a manual destruction mechanism that the operator can initiate covertly to avoid discovery.
TLDR: Your intent can tell more than your data
The main takeaway should be that your adversaries can use your intent to make dangerous assumptions that might be worse than actual exposure. This is not a new problem, but we have new technology to deal with it. By using AI and ML, you can hide your intent on a scale that was previously impossible. Think about what your adversary could determine about you and use these techniques to make it work against them.