Latest Essays
Page 72
The Process of Security
I’ve been writing the CryptoRhythms column for this magazine for a little over a year now. When the editor and I sat down a couple months ago to talk about topics for 2000, I told him I wanted to expand the focus a bit from crypto-specific topics to broader information security subjects. So even though the column still falls under the CryptoRhythms banner, you can expect some (but not all) of this year’s columns to address broader security issues that in some way incorporate cryptography. This month’s article does just that, focusing on the process of security…
Risks of PKI: Electronic Commerce
Open any popular article on public-key infrastructure (PKI) and you’re likely to read that a PKI is desperately needed for E-commerce to flourish. Don’t believe it. E-commerce is flourishing, PKI or no PKI. Web sites are happy to take your order if you don’t have a certificate and even if you don’t use a secure connection. Fortunately, you’re protected by credit-card rules.
The main risk in believing this popular falsehood stems from the cryptographic concept of “non-repudiation”.
Under old, symmetric-key cryptography, the analog to a digital signature was a message authentication code (MAC). If Bob received a message with a correct MAC, he could verify that it hadn’t changed since the MAC was computed. If only he and Alice knew the key needed to compute the MAC and if he didn’t compute it, Alice must have. This is fine for the interaction between them, but if the message was “Pay Bob $1,000,000.00, signed Alice” and Alice denied having sent it, Bob could not go to a judge and prove that Alice sent it. He could have computed the MAC himself…
Risks of PKI: Secure E-Mail
Public-key infrastructure (PKI), usually meaning digital certificates from a commercial or corporate certificate authority (CA), is touted as the current cure-all for security problems.
Certificates provide an attractive business model. They cost almost nothing to manufacture, and you can dream of selling one a year to everyone on the Internet. Given that much potential income for CAs, we now see many commercial CAs, producing literature, press briefings and lobbying. But, what good are certificates? In particular, are they any good for E-mail? What about free certificates, as with PGP?…
The 1999 Crypto Year-in-Review
In 1999, the major developments in cryptography were more political than scientific. Of course, there were scientific conferences and scientific announcements, some of which were significant. But, by far, the most important events happened in the areas of law, court cases and regulation. As we move into the new millennium, these political and regulatory shifts could have resounding effects on the implementation of cryptography, especially in how it relates to balancing privacy concerns with the needs of government and law enforcement.
U.S. Export Control…
A Plea for Simplicity
You can't secure what you don't understand.
Ask any 21 experts to predict the future, and they’re likely to point in 21 different directions. But whatever the future holds—IP everywhere, smart cards everywhere, video everywhere, Internet commerce everywhere, wireless everywhere, agents everywhere, AI everywhere, everything everywhere—the one thing you can be sure of is that it will be complex. For consumers, this is great. For security professionals, this is terrifying. The worst enemy of security is complexity. This has been true since the beginning of computers, and it’s likely to be true for the foreseeable future…
DVD Encryption Broken
A version of this article appeared as a guest commentary on ZDNet.
The scheme to protect DVDs has been broken. There are now freeware programs on the net that remove the copy protection on DVDs, allowing them to be played, edited, and copied without restriction.
This should be no surprise to anyone, least of all to the entertainment industry.
The protection scheme is seriously flawed in several ways. Each DVD is encrypted with something called Content Scrambling System (CCS). It has a 40-bit key. (I have no idea why. The NSA and the FBI shouldn’t care about DVD encryption. There aren’t any encrypted terrorist movies they need to watch.) It’s not even a very good algorithm. But even if the encryption were triple-DES, this scheme would be flawed…
Why Computers Are Insecure
A shortened version of this essay appeared in the November 15, 1999 issue of Computerworld as “Satan’s Computer: Why Security Products Fail Us.”
Almost every week the computer press covers another security flaw: a virus that exploits Microsoft Office, a vulnerability in Windows or UNIX, a Java problem, a security hole in a major Web site, an attack against a popular firewall. Why can’t vendors get this right, we wonder? When will it get better?
I don’t believe it ever will. Here’s why:
Security engineering is different from any other type of engineering. Most products, such as word processors or cellular phones, are useful for what they do. Security products, or security features within products, are useful precisely because of what they don’t allow to be done. Most engineering involves making things work. Think of the original definition of a hacker: someone who figured things out and made something cool happen. Security engineering involves making things not happen. It involves figuring out how things fail, and then preventing those failures…
Risks of Relying on Cryptography
Cryptography is often treated as if it were magic security dust: “sprinkle some on your system, and it is secure; then, you’re secure as long as the key length is large enough—112 bits, 128 bits, 256 bits” (I’ve even seen companies boast of 16,000 bits.) “Sure, there are always new developments in cryptanalysis, but we’ve never seen an operationally useful cryptanalytic attack against a standard algorithm. Even the analyses of DES aren’t any better than brute force in most operational situations. As long as you use a conservative published algorithm, you’re secure.”…
The Trojan Horse Race
1999 is a pivotal year for malicious software ( malware) such as viruses, worms, and Trojan horses. Although the problem is not new, Internet growth and weak system security have evidently increased the risks.
Viruses and worms survive by moving from computer to computer. Prior to the Internet, computers (and viruses!) communicated relatively slowly, mostly through floppy disks and bulletin boards. Antivirus programs were initially fairly effective at blocking known types of malware entering personal computers, especially when there were only a handful of viruses. But now there are over 10,000 virus types; with e-mail and Internet connectivity, the opportunities and speed of propagation have increased dramatically…
International Cryptography
Revised version.
One of the stranger justifications of U.S. export controls is that they prevent the spread of cryptographic expertise. Years ago, the Administration argued that there were no cryptographic products available outside the U.S. When several studies proved that there were hundreds of products designed, built, and marketed outside the U.S., the Administration changed its story. These products were all no good, they argued. Export controls prevent superior American products from getting into foreign hands, forcing them to use inferior non-U.S. products…
Sidebar photo of Bruce Schneier by Joe MacInnis.