• Algorithm Management
• Key Length
• Key Recovery
• Scope of Protection
THE CHALLENGES OF ALGORITHM MANAGEMENT
The general mathematics behind an encryption algorithm is fairly straightforward. At first glance, writing algorithms seems to be very easy to do. In reality, writing secure algorithms is extremely difficult. The details of how the algorithm is assembled play an important role in its effectiveness.
Differential crypt analysis was first discovered in the mid-1990s as a method for cracking symmetric Key algorithms very quickly. Early on, the difference between algorithms that could be broken and algorithms that were secure was how the data was broken up prior to encryption. Something as simple as how the data is put into blocks determined whether an algorithm was secure.
A key lesson is to never, under any circumstances, trust proprietary algorithms.
Strong, robust cryptology is built in such a way that even if the algorithm is known, the cipher text is not breakable. The strength of the cipher text is based on the secrecy of the Key, not the secrecy of the algorithm.
With encryption, it is not possible to prove that an algorithm is secure; it is only possible prove that an algorithm is not secure through proper testing. Therefore, an algorithm’s strength is properly validated only by: publicly releasing the algorithm to experts in the field, then allowing those experts to closely examine that algorithm and to attempt to break it over an extended period of time (for example, a decade).
In an example situation, a vendor of hard drive encryption solutions recently attended a tradeshow; making broad claims about how secure the product was because the company had developed a proprietary, highly secure algorithm.
The vendor refused to provide details on how the algorithm worked, claiming that providing the details would weaken the algorithm’s security. This refusal, in essence, demonstrated that the algorithm had not been tested. The chance of a vendor producing a perfectly secure algorithm with no mistakes is impossible. In this example, since no one tested the vendor’s algorithm, the program was easy to “crack.”
In reality, with the use of a hex editor tool and an approval in place, a skilled computer professional could easily acquire the Key off of the system and decrypt all of the sensitive information. Of course, the vendor claimed that such a test was biased, as a normal attacker would have less expertise. Best practices, however, dictate that if an organization chooses to deploy a security product, it should deploy the product that defends against highly skilled attackers, rather than choosing a product that will only defend against a low-grade attacker.
It is a commonly held impression that the strength of an encryption solution is based on the length of the Key. Indeed, though it is partially true that the longer the Key length, the stronger the encryption, this outlook focuses on the wrong area. Instead, the focus needs to be on the protection of the Key, not on the length of the Key.
All encryption can be cracked through a brute force attack. Since an Encryption Key is a string of ones and zeros, if an attacker is able to try all possible combinations, he or she could eventually crack any Key and decrypt the information. As computers become faster and faster, in order to thwart the success of a brute force attack, it is critical that Keys become longer and longer. While Key length is important, however, if the organization deploys a robust product, the algorithm and Key length will be taken care of already.
In an example situation, an executive’s briefcase, containing his laptop, was stolen. Since the executive’s organization deployed data encryption solutions that used a large Key, the organization determined that the theft was a low-risk occurrence that did not require any further action.
Based on further examination, the organization later determined that the briefcase also contained the executive’s PDA, which had no password or encryption, making any information on it easily readable. Like many people, the executive had many accounts, passwords and Keys that he believed he had stored very safely on the PDA that were, in reality, totally unprotected. Because of the full scope of the risk, the organization’s information technology department soon escalated the issue and took immediate action.
Ideally, an organization would have in place large Key lengths that are properly protected. However, if the organization had to choose between large Key lengths with unprotected Keys, or shorter Key lengths with a protected Key, the better choice is the latter.
As demonstrated by the example situation above, if an organization does not understand its risk, the organization either will not properly protect against it or, even worse, spend its limited time and energy protecting against a different, less significant risk.
KEY RECOVERY METHODS
Since the strength of cipher text is based on the secrecy of the Key, the methods for protecting the Key are of utmost importance. Encryption can be compared to the protection of an expensive item by placing it in a safe with a combination.
Encryption is a “virtual safe,” and the password is the combination that unlocks the Key. Though the strength of the password is not the same as the strength of the Key, if the password is weak and can easily be cracked, the attacker who succeeds in cracking the password has no need to obtain the Key. In most systems, passwords are not very robust. Strong encryption with weak passwords that could lead to the Key provides minimal protection from an attacker. Therefore, if an organization is going to provide hard-disk encryption, it is critical that it deploy multi-factor authentication prior to implementing a data encryption solution.
In an example situation, a large organization wanted to deploy data encryption to all of its systems. Since the organization already had a full Active Directory infrastructure, it decided to integrate the solution directly into its network and rely on each user’s password as the method for unlocking the Key. Now that the organization had all of its data protected with encryption, it saw no need for other protective measures and chose to stop using personal firewalls and other security measures that they had previously implemented.
After a competitor compromised all of the organization’s data, it expressed confusion in regard to what had been its point of security failure. Because the organization had neither proactive nor reactive password checks in place, many of its users, including people with privileged access, had very weak passwords. The organization had lost sight of the reality that if anyone compromised a password, that person could obtain the Key.
When implementing encryption, it is critical to understand the scope of the encryption, and any points of vulnerability that leave the system exposed. The organization must not disregard the fact that any computer that contains encrypted information is self-contained and, as such, everything that is needed to decrypt the information is also present on that computer.
This includes the encrypted information, the algorithm, and the Key required for decryption; if the information and the algorithm are not carefully protected, anyone who gains access to the computer could potentially acquire the Key and decrypt the data.
This vulnerability often becomes a security breach in situations where only certain portions of the hard drive and folders are encrypted. With most encryption programs, a password is used to unlock the private or secret Key used to decrypt the information; however, the password is protected by the processes of the operating system. In many cases, if the operating system is not running, the password and, therefore, the Key are no longer protected.
In an example situation, bootable CDs are now commonly used by attackers. These CDs enable the attacker to “boot into” another operating system that is self-contained on that CD. When the attacker initiates this boot, the hard drive is still accessible, but the base operating system on the hard drive has been bypassed, so none of the normal protections are in place.
Attackers can use this method to easily change any password, including the administrator password, on the computer. Once the attacker has changed the administrator password, he or she removes the CD, booting the system off of the CD-stored operating system. Since the attacker successfully changed the password, he or she can now log on, unlock the Key, and decrypt any of the information on the system.
When considering data security solutions, there is no “silver bullet” or “magic” technology that ensures enterprise-wide information security. An organization will be able to protect is most sensitive information only by providing a comprehensive solution and using defense-in-depth. Encryption can play a major role in protecting the information that resides on laptop computers. However, in order for it to provide proper protection, encryption must be combined with Key management, user awareness, security policy, and proper installation.