11/09/13

www.darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161

KeepCalm,KeepEncryptingWithAFewCaveats
TheNSA'ssystematiccryptocrackingandothertacticshavechangedthedataprotection gameforenterprises
ByKellyJacksonHiggins,DarkReading September10,2013 URL:http://www.darkreading.com/authentication/keepcalmkeepencryptingwithafew/240161105

EncryptionremainsakeysecuritytooldespitenewlyleakeddocumentsrevealingtheNationalSecurity Agency'seffortstobendcryptoandsoftwaretoitswillinordertoeaseitsintelligencegathering capabilities,expertsay.ButtheselatestNSArevelationsserveasachillingwakeupcallforenterprises torethinkhowtheylockdowntheirdata. "ThebottomlineiswhatBruceSchneiersaid:Forallofthese[NSA]revelations,usersarebetteroff usingencryptionthannotusingencryption,"saysRobinWilton,technicaloutreachdirectorofthe InternetSociety."Butifyou'reabank[orotherfinancialinstitution],andyourelyontheintegrityof yourtransactions,whatareyousupposedtobedoingnow?Areyoucompromised?" TheNewYorkTimes,TheGuardian,andProPublicalatelastweekreportedonanotherwaveofleaked NSAdocumentsprovidedbyformerNSAcontractorEdwardSnowden.Theyrevealedthattheagency hasbeenaggressivelycrackingencryptionalgorithmsandevenurgingsoftwarecompaniestoleave backdoorsandvulnerabilitiesinplaceintheirproductsfortheNSA'suse.Thepotentialexposureof encryptedemail,onlinechats,phonecalls,andothertransmissionshasleftmanyorganizationsreeling overwhattodonowtokeeptheirdataprivate. [Concernsoverbackdoorsandcrackedcryptoexecutedbythespyagencyispromptingcallsfornew moresecureInternetprotocolsandtheIETFwilladdresstheselatestdevelopmentsatitsNovember meeting.SeeLatestNSACryptoRevelationsCouldSpurInternetMakeover.] [UPDATE:9/11/13,7:30am:TheNewYorkTimesreportedlastnightthattheSnowdendocuments "suggest"theNSA"generatedoneoftherandomnumbergeneratorsusedina2006N.I.S.T.standard calledtheDualECDRBGstandardwhichcontainsabackdoorfortheN.S.A."] Stillamysteryiswhich,andifany,encryptionspecificationswereactuallyweakenedunderpressureof theNSA,andwhichvendorproductsmayhavebeenbackdoored.TheNationalInstituteofStandards andTechnology(NIST),whichheadsupcryptostandardsefforts,todayissuedastatementinresponse toquestionsraisedabouttheencryptionstandardsprocessatNISTinthewakeofthelatestNSA programrevelations:"NISTwouldnotdeliberatelyweakenacryptographicstandard.Wewillcontinue inourmissiontoworkwiththecryptographiccommunitytocreatethestrongestpossibleencryption standardsfortheU.S.governmentandindustryatlarge." NISTreiterateditsmissiontodevelopstandardsandthatitworkswithcryptoexpertsfromaroundthe worldincludingexpertsfromtheNSA."TheNationalSecurityAgency(NSA)participatesinthe

darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161105?p

1/4

11/09/13

www.darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161

NISTcryptographydevelopmentprocessbecauseofitsrecognizedexpertise.NISTisalsorequiredby statutetoconsultwiththeNSA,"NISTsaidinitsstatement. TheagencyalsoannouncedtodaythatithasreopenedpubliccommentsforSpecialPublication800 90AanddraftSpecialPublications80090Band80090Cspecsthatcoverrandombitgeneration methods.ThesespecificationshavebeenundersuspicionbysomeexpertsbecausetheNSAwas involvedintheirdevelopment,andNISTsaysifanyvulnerabilitiesarefoundinthespecs,itwillfix them. ThechillingprospectoftheNSAbuildingordemandingbackdoorsinencryptionmethods,software products,orInternetservicesismagnifiedbyconcernsthatwouldalsogivenationstatesand cybercriminalspredrilledholestoinfiltrate. "There'sastrongtechnologicalargumentthatputtingbackdoorsinencryptionisjustafoolishthingto do.Becauseifyoudothat,it'sjustopentoabuse"bymultipleactors,saysStephenCobb,security evangelistforESET."Thismakesitverycomplicatedforbusinesses.IwouldnotwanttobeaCSOor CIOatafinancialinstitutionrightnow." SohowcanbusinesseswardofftheNSA,Chinaandothernationstates,orEasternEuropean cybercriminalsifcryptoandbackdoorsareonthetable? 1.Useencryption. Encryptionisstillverymuchaviableoption,especiallyifit'sstrongencryption,suchasthe128bit AdvancedEncryptionStandard(AES)."Don'tstopusingencryption,reviewtheencryptionyou're using,andpotentiallychangethewayyou'redoingit.Ifyou'vegotaWindowslaptopwithprotected healthinformation,atleastbeusingBitLocker,"forexample,saysStephenCobb,securityevangelistfor ESET. DavidFrymier,CISOandvicepresidentatUnisys,sayseventheNSAwouldbehardpressedtobreak strongencryption,sousingstrongencryptionisthebestbet.EvenSnowdensaidthat,Frymiersays. StilluncleariswhethertheactualalgorithmstheNSAhascrackedwillberevealedpublicly. "Mostalgorithmsareactuallysafe,"saysTatuYlonen,creatoroftheSSHprotocolandCEOand founderofSSHCommunicationsSecurity. 2.Beefupyourencryptionkeymanagement. DavidFrymier,CISOandvicepresidentatUnisys,isskepticaloftheclaimsthattheNSAworkedto weakenanyencryptionspecifications."Ijustdon'tfindthat[argument]compelling.Allofthese algorithmsarebasicallypublishedinthepublicdomain,andtheyarereviewedby[variousparties],"he says. Evenso,themostimportantfactorishowthekeysaremanaged:howcompaniesdeploythetechnology, storetheirkeys,andallowaccesstothem,expertssay.Thesecurityoftheserversrunningandstoring thatcodeisalsocrucial,especiallysincetheNSAisreportedlytakingadvantageofvulnerabilitiesmuch inthewayhackersdo,expertsnote. DaveAnderson,aseniordirectorwithVoltageSecurity,saysit'spossiblefortheNSAtodecrypta financialtransaction,butprobablyonlyifthecryptowasn'timplementedcorrectlyortherekeysweren't

darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161105?p

2/4

11/09/13

www.darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161

properlymanaged."AmorelikelywaythattheNSAisreadingInternetcommunicationsisthrough exploitingaweaknessinkeymanagement.Thatcouldbeaweaknessinthewaythatkeysare generated,oritcouldbeaweaknessinthewaythatkeysarestored,"Andersonsays."Andbecause manyofthestepsinthelifecycleofakeyofteninvolveahumanuser,thisintroducesthepotentialfor humanerror,makingkeylifecyclemanagementneverassecureastheprotectionprovidedbythe encryptionitself." Keepyourserversuptodatewithpatches,too,becauseweaknessesintheoperatingsystemorother softwarerunningontheserversthatsupportthecryptosoftwareareotherpossibleentrywaysfor intrudersorspies. Oneofthemostcommonmistakes:notrestrictingorknowingwhohasaccesstotheserverstoring cryptokeys,when,andfromwhere,accordingtoSSH'sYlonen."Andthatperson'saccessmustbe properlyterminatedwhenit'snolongerneeded,"hesays."Idon'tthinkthisproblemisencryption:Itis overallsecurity." Ylonensaysit'salsoawakeupcallfortakingbettercareandmanagementofendpoints. Nothavingproperkeymanagementisdangerous,hesays.OneofSSHCommunications'bank customershadmorethan1.5millionkeysforaccessingitsproductionservers,butthebankdidn'tknow whohadcontroloverthekeys,hesays. "Therearetwokindsofkeyskeysforencryptionandkeysforgainingaccessthatcangiveyou furtheraccesstoencryptionkeys,"hesays.Andaccessgrantingkeysareoftentheworstmanaged,he says."Someoftheleadingorganizationsdon'tknowwhohasaccesstothekeystothesesystems,"he says. "Ifyougettheencryptionkeys,youcanread[encrypteddata].Ifyougettheaccesskeys,youcanread thedata,andyoucanmodifythesystem...ordestroythedata,"hesays. ConductariskanalysisonwhatinformationtheNSA,theChinese,orotherswouldbeinterested in. Onceyou'vefiguredoutwhatdatawouldbejuicyfortargeting,doubledowntoprotectit. "Whateverthatis,protectitusingmodern,strongencryption,whereyoucontroltheendpointsandyou controlthekeys.Ifyoudothat,youcanbereasonablyassuredyourinformationwillbesafe,"Unisys' Frymiersays. Intheend,cryptocrackingandpilferedkeysaremerelyweaponsincyberspyingandcyberwarfare, expertssay. "TheNSAwantsaccesstodata...theywantaccesstopasswordsandcredentialstoaccessthesystem soitcanbeusedforoffensivepurposesiftheneedarises,orfordatacollection,"Ylonensays."They wantaccesstomodernsoftwareandapplicationssotheyarelaterguaranteedaccesstoothersystems." Haveacommentonthisstory?Pleaseclick"AddYourComment"below.Ifyou'dliketocontactDark Reading'seditorsdirectly,sendusamessage.

darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161105?p

3/4

11/09/13

www.darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161

Copyright2013UBMLLC,Allrightsreserved.

darkreading.com/authentication/keep-calm-keep-encrypting-with-a-few/240161105?p

4/4