CSO: The Resource for Security Executives
CSO Newsletters
CSO's
free newsletter keeps you informed about the latest articles, analysis,
news, reports and other developments at CSOonline.com. Sign up today.
Subscribe to CSO
CSO is free to qualified readers in the U.S. and Canada.
Read CSO Online
All the issues of CSO are available online.
| Mind Your P's
| How do CSOs make sense of the
chaos and understand which of the countless policy tools might really
address their particular needs?
Read More
|
|
|
What every CSO needs to know about encryption
BY SIMSON GARFINKEL
CRYPTOGRAPHY IS the fundamental technology used to protect
information in today's information economy. Not coincidently, it is
also responsible for the commercialization of the Internet. Netscape
was able to kick off the Internet revolution because of its SSL encryption
technology, a scheme that lets consumers send encrypted credit card
numbers over the Internet by just filling out a Web form and clicking a
button. Say what you will about the dotcom excesses that followed, but
much of what we take for granted on the Internet today simply wouldn't
have happened without ubiquitous, easy-to-use cryptography.
Yet despite its importance, it is
amazing how much disinformation there is out there regarding
cryptography. For example, I recently gave a demonstration of a new
e-mail encryption system at a conference sponsored by the National
Science Foundation. A professor from a university (that will remain
nameless) didn't understand the point of my project. "Isn't all e-mail
encrypted?" he asked.
"Well, no, it isn't," I told him.
While it's true that practically every e-mail client in use today
supports either OpenPGP or Secure/MIME—the two competing standards for
encrypting e-mail—it's also true that very few people encrypt their
e-mail because doing so is tremendously difficult.
Later, another attendee told me that
he didn't bother encrypting e-mail because computers were so fast these
days that anybody who wanted to could easily crack a message.
"Well, no, they can't," I said.
Although many encryption systems have been "cracked" or "broken" in
recent years, the so-called strong cryptography
systems used today are generally regarded as unbreakable.
Unfortunately, that simple fact hasn't stopped many journalists,
academics and business leaders from asserting otherwise. Rest assured:
They're wrong.
With so much confusion out there,
it's worth devoting some attention to a brief synopsis on encryption
and an exposition of its most common myths. (Next month I'll continue
with an exploration of PKI or, more specifically, an attack on PKI
excesses.) Cryptography
is a set of mathematical techniques used to lock up information so that
it can be unlocked only by a person who has the necessary key or
password. Cryptography can also be used to digitally sign or certify
information so that you can determine if it was modified without
authorization. If there is no possibility that your data might be
eavesdropped upon, stolen, modified or publicized without your
permission, then there is no reason to protect your data with
cryptography. I've tried hard, however, and I can't think of any
information that doesn't fall into the "protect" category.
There are fundamentally two kinds of
cryptographic systems. The first, called symmetric, uses the same key
to encrypt and decrypt. Think of this key as a password: Anybody who
knows the key can access the data. Probably the best-known symmetric
system is the Data Encryption Standard (DES). Developed in the 1970s by IBM and the National Security Agency (NSA), DES is still widely used today.
There are 340 billion billion billion billion 128-bit keys, which means
it would take a billion computers more than 10 trillion years to try
all the keys. |
The
second kind of cryptography is called public-key cryptography. These
systems generally have one key that encrypts and a second that
decrypts. The best-known public-key system is the RSA algorithm, named
after its inventors Ron Rivest, Adi Shamir and Len Adleman.
Both symmetric and public-key
systems use keys, but they use the keys in different ways. With
symmetric systems, the 1s and 0s in a binary key are like the metal
ridges on a house key: To decrypt an enciphered message, each bit in
the key must match perfectly. An attacker who doesn't know the key used
to encrypt a message can attempt to "crack" the code by trying every
possible combination. That approach, however, becomes increasingly
unworkable as the key gets longer (there are roughly 4 billion
different keys that are 32-bits long; increase the key to 40-bits long,
and you get 250,000 times—or millions of billions—as many keys that
need to be searched).
Public-key systems are based on
mathematical problems such as factoring large numbers. These problems
give the systems their two-key properties; they also leave the systems
open to attacks other than an exhaustive key search. As a result, keys
used for public-key systems have to be much larger than symmetric keys
to get the same level of security.
A few examples can quickly
illustrate how this all works. The DES encryption algorithm uses a
56-bit key, which means that there are roughly 72 millions of billions
of keys available. If you tried to crack a message encrypted with DES
by searching a billion keys a second, it would take 72 million seconds
to try them all—roughly two and a half years. As it turns out, modern
computers can do much better: In 1999, a network of computers found a
DES key in about 22 hours, crunching 245 billion keys per
second.Recently, DES was retired in favor of the Advanced Encryption
Standard (AES). Instead of a 56-bit key, AES can run with a 128-, 192-
or 256-bit key. How long will it be until AES is obsolete? Possibly
never. There are 340 billion billion billion billion 128-bit keys; if
you had a billion computers, each one of which could crack a billion
keys a second—it would still take more than 10 trillion years to try
all 128-bit keys. (The sun will turn into a red giant and destroy the
earth in 4 billion years or less, so 128-bit keys are probably safe.)
If you started paying attention to information security
back in the 1990s, then you likely got an inaccurate view of this whole
encryption business. Back then, practically every month saw another
front-page story about some encryption system being "cracked" or
"broken." Even a message encrypted with the vaunted RSA algorithm fell
when enough programmers applied sufficient processing power.
But the truth about modern
encryption systems is really quite different from the perception that
all of this news coverage helped to create. Back in the 1990s, there
was a huge fight taking place between U.S. businesses and the U.S.
government. The businesses were selling to an increasingly global
market, and their customers wanted to use encryption to protect
communications and stored data. But groups within the federal
government, including the NSA and the FBI, were themselves actively
engaged in a worldwide program of eavesdropping
and data monitoring: They didn't want the enemies of the United States
to start using strong encryption systems that couldn't be broken.
A 2-Bit Law
Under federal law and international treaty, encryption systems are
considered "dual-use" technology; that is, they have both commercial
and military purposes. In the early 1990s, U.S. industry cut a deal
with the federal government to allow the export of encryption systems
that were restricted to using symmetric keys that were 40 bits in
length. Although 40 bits might have provided enough security for
routine business communications when the compromise was struck, by the
middle of the decade 40 bits was clearly insufficient. To demonstrate
the inadequacy, groups of researchers set out to crack messages
encrypted with 40-bit keys. Their success didn't prove that any
encryption system could be overcome—it just proved the absurdity of the
government's 40-bit restriction.
Because symmetric algorithms are
faster than public key, most encryption systems today use a combination
of the two. The SSL algorithm built into most Web browsers uses RSA to
exchange a pair of keys, and RC2 or RC4 for bulk data encryption. The
Secure Shell (SSH) remote access system is similar except it uses
either Blowfish or 3DES—a version of DES that uses 168-bit keys instead
of 56-bit keys—for bulk encryption.
As both SSL and SSH demonstrate, the
latest trend in encryption systems is to make the algorithms
"pluggable." These days, the same basic software can use a variety of
algorithms, usually determined when the program runs. The big benefit
of pluggable systems is that they let end users change encryption
algorithms without getting new applications. In other words, if a
serious bug is found with the Blowfish cipher, it's a simple matter to
tell SSH to use 3DES instead.
The primary reason you want to use
encryption is to protect valuable information from being eavesdropped
on over a network. The first thing to protect is passwords—you should
use encryption for your POP (point of presence) mail server, and you
should replace Telnet with SSH. Intranets that require passwords should
eschew "http" and instead use "https" for all URLs. Follow those basic
rules, and anybody using a packet sniffer won't be able to find
passwords when he examines your network—sage advice for both wireless
networks and wired LANs. Once you've got that working, take a look at
cryptographic file systems, which let you set up a specially secured
space on your hard drive. You can't stop people from stealing laptops,
but you can protect the confidential information contained on them.
The most important thing to realize
about encryption is that it's virtually free. Today, support for
unbreakable encryption is built into practically every piece of
communications software and operating system. If you are not using it,
you are making a big mistake.
Simson Garfinkel, CISSP, is a technology writer based in the Boston
area. He is also CTO of Sandstorm Enterprises, an information warfare
software company. He can be reached at machineshop@cxo.com.
> Read "Mind Your P's"
Most Recent Responses:
VNFHCHDHSJVNFGN
JAN
DEDE
FGEGBBJGHFHRYEYD
Email
Print
|
