11 reasons encryption is (almost) dead

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.networkworld.com/research/2014/050514-11-reasons-encryption-is-almost-281293.html?source=nww_rss

Everyone who has studied mathematics at the movie theater knows that
encryption is pretty boss. Practically every spy in every spy movie looks
at an encrypted file with fear and dread. Armies of ninjas can be fought.
Bombs can be defused. Missiles can be diverted. But an encrypted file can
only be cracked open with the proper key -- and that key is always in the
hands of a dangerously attractive agent hidden in a sumptuous hideout on
the other side of the world. (Never in Newark or New Haven -- who wants to
film there?)

Alas, this theorem of encryption security may be accepted as proven by math
geniuses at Hollywood U., but reality is a bit murkier. Encryption isn't
always perfect, and even when the core algorithms are truly solid, many
other links in the chain can go kablooie. There are hundreds of steps and
millions of lines of code protecting our secrets. If any one of them fails,
the data can be as easy to read as the face of a five-year-old playing Go
Fish.

Encryption is under assault more than ever -- and from more directions than
previously thought. This doesn't mean you should forgo securing sensitive
data, but forewarned is forearmed. It's impossible to secure the entire
stack and chain. Here are 11 reasons encryption is no longer all it's
cracked up to be.

Encryption's weak link No. 1: No proofs -- just an algorithm arms race

The math at the heart of encryption looks impressive, with lots of
superscripts and subscripts, but it doesn't come with any hard and fast
proofs. One of the most famous algorithms, RSA, is said to be secure -- as
long as it's hard to factor large numbers. That sounds impressive, but it
simply shifts the responsibility. Is it truly that hard to factor large
numbers? Well, there's no proof that it's hard, but no one knows how to do
it right all of the time. If someone figures out a fast algorithm, RSA
could be cracked open like an egg, but that hasn't happened yet ... we
think.

Encryption's weak link No. 2: Disclosure is the only means of detecting a
crack

Suppose you figured out how to factor large numbers and crack RSA
encryption. Would you tell the world? Perhaps. It would certainly make you
famous. You might get appointed a professor at a fancy college. You might
even land a cameo on "The Big Bang Theory."

But the encryption-cracking business can be shady. It isn't hard to imagine
that it attracts a higher share of individuals or organizations that might
want to keep their newfound power secret and use it to make money or
extract valuable information.

Many of our assumptions about the security of cryptography are based on the
belief that people will share all of their knowledge of vulnerabilities --
but there is no guarantee anyone will do this. The spy agencies, for
instance, routinely keep their knowledge to themselves. And rumors
circulate about an amazing cryptographic breakthrough in 2010 that's still
classified. Why should the rest of us act any differently?

Encryption's weak link No. 3: The chain is long and never perfect

There are a number of excellent mathematical proofs about the security of
this system or that system. They offer plenty of insight about one
particular facet, but they say little about the entire chain. People like
to use phrases like "perfect forward security" to describe a mechanism that
changes the keys frequently enough to prevent leaks from spreading. But for
all of its perfection, the proof covers only one part of the chain. A
failure in the algorithm or a glitch in the software can circumvent all
this perfection. It takes plenty of education to keep this straight.

Encryption's weak link No. 4: Cloud computing power is cheap and massive

Some descriptions of algorithms like to make claims that it would take
"millions of hours" to try all the possible passwords. That sounds like an
incredibly long time until you realize that Amazon alone may have half a
million computers for rent by the hour. Some botnets may have more than a
million nodes. Big numbers aren't so impressive these days.

Encryption's weak link No. 5: Video cards bring easy parallelism to cracking

The same hardware that can chew through millions of triangles can also try
millions of passwords even faster. GPUs are incredible parallel computers,
and they're cheaper than ever. If you need to rent a rack, Amazon rents
them too by the hour too.

Encryption's weak link No. 6: Hypervisors -- the scourge of the
hypervigilant

You've downloaded the most secure distro, you've applied all the updates,
you've cleaned out all the cruft, and you've turned off all the weird
background processes. Congratulations, you're getting closer to having a
secure server. But let's say you're still obsessed and you audit every
single last line of code yourself. To be extra careful, you even audit the
code of the compiler to make sure it isn't slipping in a backdoor.

It would be an impressive stunt, but it wouldn't matter much. Once you have
your superclean, completely audited pile of code running in a cloud, the
hypervisor in the background could do anything it wanted to your code or
your memory -- so could the BIOS. Oh well.

Encryption's weak link No. 7: Hidden layers abound

The hypervisor and the BIOS are only a few of the most obvious layers
hidden away. Practically every device has firmware -- which can be
remarkably porous. It's rarely touched by outsiders, so it's rarely
hardened.

One research "hardware backdoor" called Rakshasa can infect the BIOS and
sneak into the firmware of PCI-based network cards and CD drivers. Even if
your encryption is solid and your OS is uninfected, your network card could
be betraying you. Your network card can think for itself! It will be a bit
harder for the network card to reach into the main memory, but stranger
things have happened.

These hidden layers are in every machine, usually out of sight and long
forgotten. But they can do amazing things with their access.

Encryption's weak link No. 8: Backdoors aplenty

Sometimes programmers make mistakes. They forget to check the size of an
input, or they skip clearing the memory before releasing it. It could be
anything. Eventually, someone finds the hole and starts exploiting it.

Some of the most forward-thinking companies release a steady stream of
fixes that never seems to end, and they should be commended. But the
relentless surge of security patches suggests there won't be an end anytime
soon. By the time you've finished reading this, there are probably two new
patches for you to install.

Any of these holes could compromise your encryption. It could patch the
file and turn the algorithm into mush. Or it could leak the key through
some other path. There's no end to the malice that can be caused by a
backdoor.

Encryption's weak link No. 9: Bad random-number generators

Most of the hype around encryption focuses on the strength of the
encryption algorithm, but this usually blips over the fact that the
key-selection algorithm is just as important. Your encryption can be
superstrong, but if the eavesdropper can guess the key, it won't matter.

This is important because many encryption routines need a trustworthy
source of random numbers to help pick the key. Some attackers will simply
substitute their own random-number generator and use it to undermine the
key choice. The algorithm remains strong, but the keys are easy to guess by
anyone who knows the way the random-number generator was compromised.

Encryption's weak link No. 10: Typos

One of the beauties of open source software is that it can uncover bugs --
maybe not all of the time but some of the time.

Apple's iOS, for instance, had an extra line in its code: goto fail. Every
time the code wanted to check a certificate to make sure it was accurate,
the code would hit the goto statement and skip it all. Oops.

Was it a mistake? Was it put there on purpose? We'll never know. But it
sure took a long time for the wonderful "many eyes" of the open source
community to find it.

Encryption's weak link No. 11: Certificates can be faked

Let's say you go to PeteMail.com with an encrypted email connection, and to
be extra careful, you click through to check out the certificate. After a
bit of scrutiny, you discover it says it was issued by the certificate
authority Alpha to PeteMail.com and it's all legit. You're clear, right?

Wrong. What if PeteMail.com got its real SSL certificate from a different
certificate authority -- say, Beta. The certificate from Alpha may also be
real, but Alpha just made a certificate for PeteMail.com and gave it to the
eavesdropper to make the connection easier to bug. Man-in-the-middle
attacks are easier if the man in the middle can lie about his identity.
There are hundreds of certificate authorities, and any one of them can
issue certs for SSL.

This isn't a hypothetical worry. There are hundreds of certificate
authorities around the world, and some are under the control of the local
governments. Will they just create any old certificate for someone? Why
don't you ask them?

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!