In this article we look at some common cryptography pitfalls relating to the management of keys and other related issues. Some cryptography fundamentals have been listed below for purposes of clarity.
- Encryption
A cryptographic operation that transforms meaningful data to encrypted data using an encryption algorithm. Encryption can be symmetric or asymmetric.
Symmetric encryption uses the same key to encrypt and decrypt data. Some examples of symmetric encryption systems are Data Encryption Standard (DES), Triple DES and Advanced Encryption System
Asymmetric encryption uses a public key to encrypt information and a private key to decrypt information. The most common asymmetric encryption system is the RSA.
Cryptographic protocols such as SSL use a combination of symmetric and asymmetric encryption.
- Tokenization
A reversible operation that substitutes meaningful data to meaningless plaintext. For e.g. sensitive information such as credit card numbers can be tokenized –converted to a random sequence of numbers and then accessed by applications. This will minimize the risk of using sensitive data by multiple applications.
- Hashing
An irreversible cryptographic operation that transforms data to an illegible message-digest (hash). Hashing is used to ensure data integrity during data transfer. A message hash is computed before and after data is transmitted and the results are compared to ensure that data has not been changed during transfer.
- Key Management
All operations associated with the secure creation, use, management, distribution and destruction of cryptographic keys.
Common cryptography blunders
a. Storing encryption keys ‘somewhere in the system’ this could be a file, registry entry or database record.
b. Using password based encryption but storing the password in a file.
c. Compiling keys into the program-decompliers can be used to obtain the password
d. Backing up the key with the cipher text
e. Using a single key to encrypt all data. Cryptanalysts can use patterns in cipher text to detect encryption keys
f. Managing key rotation-Key rotation is mandated by legislation such as PCI-DSS to overcome potential pitfalls mentioned in the previous point. However planning key rotation is critical as it is an extremely time consuming activity that could result in prolonged downtime to complete the rotation.
g. Using cryptography algorithms that are dependent on the application as a consequence when algorithms become redundant or are no longer secure then each application would have to be amended to incorporate a new algorithm.
h. Using encryption at the wrong layer of the stack. Encryption should be built in at the application level instead of the database, network or server. Building encryption at the lower levels of the stack is considered easier than building in encryption at the application level. So for example if you have implemented a full disk encryption to encrypt data, then once data is decrypted then the data is available for all applications accessing the data including attack applications.
Some common solutions
a. Eliminate sensitive data if not required by business processes. If you don’t have the data you can eliminate the risk.
b. Minimize the use of business sensitive by limiting the number of applications accessing this data. Tokenizing data is an effective of using sensitive data across applications.
c. Further build encryption into the applications accessing sensitive data.
d. Abstract cryptography out of the application by building encryption as a centralized service to which applications make calls to decrypt data. This will ensure that you can build the application without impacting the underlying encryption and vice-versa
e. Using cryptographic hardware modules as these are harder to compromise than software based encryption.
f. Use industry standard tools and guidelines for algorithms.
g. Use specialized encryption tools instead of customized solutions
Comments are closed.