Two months ago, Debora Plunkett director of the Information Assurance Directorate (IAD) at the U.S. National Security Agency (NSA), made headlines when she told attendees at a cyber security forum that there is "no such thing as 'secure' anymore."
What Plunkett meant, according to Dickie George, technical director of the NSA's IAD, is that there has been a paradigm shift in network and computer security: rather than focusing all efforts on keeping intruders out, the reality of today's world forces security teams to assume that adversaries can and do access their networks.
While keeping intruders out is still the primary objective, George said during the annual Cryptographers' Panel at the RSA Conference 2011 in San Francisco, monitoring today's networks requires keeping a vigilant eye out within for uncharacteristic or "inappropriate" behavior.
"If you assume they haven't been [inside your network], you are setting yourself up for a shock," George said.
George and fellow panelists, including Ronald Rivest, the Viterbi professor of electrical engineering and computer science at MIT, said cryptography remains the best tool available for ensuring network security. But they noted that cryptography has its limitations.
"Cryptography provides the tools, but I think the problem we are facing is the rash of technology development," Rivest said. "We keep building fences, but the universe keeps growing."
Adi Shamir, professor of computer science at Israel's Weizmann Institute of Science, noted that the two biggest network security issues of the past year—the WikiLeaks controversy and the Stuxnet computer worm attack that reportedly damaged as many as one fifth of Iran's nuclear centrifuges—could not have been prevented with cryptography.
"It's interesting to me that the two biggest attacks of the last year had nothing to do with cryptography," Shamir said.
But though they acknowledged that cryptographer has its limitations, panelists—pioneers in field—also emphasized that ongoing cryptography research is still of great value.
Martin Hellman, professor emeritus of electrical engineer at Stanford University, pointed to the work done by security technology firm Cryptography Research Inc. in identifying the threat of differential power analysis attacks as an example of the tangible value of ongoing research in the field.
"There are attacks yet to be found," Dickie said.
Whitfield Diffie, a visiting professor at the University of London's Royal Holloway College and a visiting scholar at Stanford, defined the first phase of cryptography's existence as the period between roughly 1915 when the first Enigma machine was created until the February 2005 release of the NSA's Suite B set of cryptographic algorithms. The application of secure computing only existed for about half of that roughly 90-year period, Diffie noted, suggesting that there is plenty of room for continued research.
Despite the gravity of the topic, the panelists found time for a few laughs. In a separate Q&A session held after the Cryptographers' Panel, Shamir added that he was not convinced that embedding cryptographic elements within semiconductors is the solution to the security issue.
"I'm not convinced that a security mechanism embedded on chips is going to make the situation much better," Shamir said, adding that a Trojan horse that makes it onto a computer is going to record keystrokes regardless of whether the security is in the hardware, the software, or both.
"My only hope is that the Russian Trojans on my computer and the Chinese Trojans on my computer will fight each other and block each other [from a successful attack]," Shamir joked.
Most of the focus has been on the Chinese and the Russians, but this is also a great leveler for the 2nd-tier countries. You don't need a great deal of infrastructure to start an attack on this playing field, and many of the developed countries are to varying degrees vulnerable. This is going to be a great growth area for the next few years on all sides.
It seems ludicrous to resign oneself to the assumption that nothing is secure anymore. That would be scary, indeed. Of course there should be monitoring and multiple layers, and of course continued research is needed to stay one step ahead. However, such a statement seems hyper-pessimistic, in my estimation.
I agree with you Nic. There is a lot of scary stuff. Stuxnet is scary. Symantec CEO Enrique Salem yesterday at the conference described it as the first time they've seen a worm go beyond espionage to the realm of sabotage. And he suggested the possibility of future attacks that could create explosions, etc. Scary indeed.
Hey, it ain't just about the "Russian" and the "Chinese" trojans anymore. It's more global and it's more scary. An NYT article details how the Egypt government was able to pull the plug on the Internet in their country en masse. That's what happens where the government controls all. And there are plenty of countries in the world where that is the case.
The NYT article is here: http://www.nytimes.com/2011/02/16/technology/16internet.html
David Patterson, known for his pioneering research that led to RAID, clusters and more, is part of a team at UC Berkeley that recently made its RISC-V processor architecture an open source hardware offering. We talk with Patterson and one of his colleagues behind the effort about the opportunities they see, what new kinds of designs they hope to enable and what it means for today’s commercial processor giants such as Intel, ARM and Imagination Technologies.