Understanding the priorities in cryptography

Understanding the priorities in cryptography

Summary: In recent news on Quantum cryptography, a company is pushing Quantum cryptography into the mainstream. Without judging the particular company, Cavium, or the merit of their products, I will say that people in general have huge misconceptions about cryptography and they need to be aware of them when theyevaluate security products.

TOPICS: Security

In recent news on Quantum cryptography, a company is pushing Quantum cryptography into the mainstream. Without judging the particular company, Cavium, or the merit of their products, I will say that people in general have huge misconceptions about cryptography and they need to be aware of them when theyevaluate security products.

Cryptography is a war with two fronts, authentication and encryption. Break one and the other is moot no matter how strong it is. You can think of authentication as the key and encryption as the lock and door. If an adversary gains possession of your key or worse, a copy of it, they could care less if your door is made out of 6-foot thick kevlar and steel because they will simply open the door as you would with your key. Because most people (even security products) correlate cryptography and security with just encryption, they usually put little or no effort on authentication. Encryption in its current state is probably the least of our worries, yet it is given the most attention.

If you take the original DES (Data Encryption Standard) algorithm, which is nearly 30 years old, it is a testament to IBM and the NSA that there are still no practical cryptanalysis techniques to break DES. The fact that DES can be brute-forced is irrelevant because the short key length of 56 bits can easily be tripled using 3DES, which makes 2 to the 112 times more combinations to have to brute-force. The official heir to 3DES is AES, which has key lengths between 128 bits to 256 bits and was fully vetted by the security community during a five-year standards process. This pretty much rules out any kind of brute force attack for the foreseeable future, and it is very unlikely that someone will find any cryptanalytic weaknesses in AES any time soon. Most VPN or encryption products rely on 3DES and AES and they currently have absolutely no need to change their encryption algorithm. The rare exception in recent years has been the original 802.11 wireless LAN standard and 802.11 products that relied on a completely shoddy implementation of RC4 called WEP and a less shoddy implementation of RC4 called TKIP, which is currently clinging on for dear life. Note that the IEEE finally rectified the situation last year with the 802.11i standard, which demands AES encryption.

The problem with most products or applications that aresuppose to be"secure" is the authentication protocols they use. What little attention given to authentication is wasted on bickering over password strength and password policies. It really doesn't matter how complex your password is or how often you change your password when somany organizations use clear text authentication protocols in common applications like Telnet, SMTP/POP mail, FTP and HTTP. The biggest problem with passwords is the fact that people actually rely on them in the first place. I still get a good laugh when IT people blame users for their authentication woes when they permit weak or clear text authentication protocols over the LAN or even Internet in the first place. One of the most dominant wireless authentication protocols, called LEAP and used by market leader Cisco, is laughably weak; even its subsequent standard EAP-FAST has problems in its default state. If you start talking about good authentication protocols like PEAP or, better yet, EAP-TLS, and people start worrying that they might actually have to implement a PKI.

Maybe it's just human nature to be infatuated with the single pill solution to all of our medical and aesthetic problems. That same ill-conceived logic makes us infatuated with the single box that -- no matter how insanely priced and how ineffective -- can solve all of our security problems. Theharsh reality is this: magic pills and magic boxes don't exist. There is no substitute for good cryptographic fundamentals.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Passwords

    I disagree that the biggest problem with passwords is that people rely on them. I reckon that if staff were educated of the need for strong passwords, rather than simply being dictated to that their passwords must be "more random" that would solve alot of the problem.

    There are scores of techniques for chosing better passwords - such as embedding words within other words, using acronymns for long phrases and sprinkling with numbers. It is the chronic lack of this skill that leads to weak passwords.

    We are going to need passwords for the forseeable future so this is in fact the only option : educate the workforce.
    • If the password is transmitted in clear text...

      If the password is transmitted in clear text, the strength of the password is moot.
    • Passwords are dead

      As simple an idea that ?clear text? authentication goes, it never ceases to amaze me that people still don't understand what that means. When we talk about weak hash based authentication protocols, it?s very unlikely that you?ll ever get more than 50 percent of the population (with a lot of arm twisting) to use strong enough passwords without writing them down. Once SSL/TLS based authentication protocols are adopted, password strength is moot so long as the password isn?t human guessable. Even then, the password is still easy prey for the good old key logger (hardware or software). This is why even the best SSL/TLS based authentication protocols are at best acceptable because the key is easy to copy and once copied, impossible to know when a password compromise has occurred. For strong authentication, hardware cryptographic tokens are the only way to go.
      • Seriously, Passwords are dead

        First off, great article George. I regularly go off on tirades about this. Especially when users use the same password for many systems, which they almost all do.

        It seems like the concept of a security model is just not on the radar of most people. To extend your analogy, one also needs to trust the locksmith who keys the lock, the carpenter who hangs the door and the materials that make up the wall that the door goes through. My step father, who's a carpenter, had done several home repairs for people who's home was entered by simply cutting a whole in a wall... authentication was completely bypassed.

        I am constantly amazed by people's view of PKI. People seem to think its amazingly complex and hard to manage, yet they use it daily without even realizing it. I well designed and properly installed PKI just keeps on ticking. The sooner PKI based tokens are embraced, the better off we all are.


        • Thanks, it's very hard to get the point accross about passwords

          Try this link to about universal authentication.


          It takes the authentication concept much further in to all aspects of life.