DATA ENCRYPTION: APPLICATIONS AND LIMITS
In a recent article,1 Bruce Schneier discussed how the information age practice of encrypting data at rest deviates from the historical use of cryptography for protecting data while it is communicated or in transit. One of Schneier's key points is that for data in motion, encryption keys can be ephemeral, whereas for data at rest, keys must be retained for as long as the stored data is kept encrypted. As Schneier points out, this does not reduce the number of things that must be stored secretly; it just makes those things smaller (the size of a key is far smaller than a typical data file). As Schneier states: "This whole model falls apart on the Internet.
Much of the data stored on the Internet is only peripherally intended for use by people; it's primarily intended for use by other computers. And therein lies the problem. Keys can no longer be stored in people's brains. They need to be stored on the same computer, or at least the network, that the data resides on. And that is much riskier."2 In meeting this challenge, there has been a recent rise in the number of security appliances that are intended to address this and related security implementation issues for data security in clouds.
When you need to use cryptography in your cloud implementation, remember:
Developing cryptographic algorithms is a specialized and difficult challenge.
Correctly implementing cryptography in software is nearly as difficult.
Many products use cryptography in deeply flawed ways.
A single flaw in cryptography undermines security, much as a weak link compromises the integrity of the entire chain.
Many commercial and free cryptographic products have been shown to be insecure. There is a long history of products that do not work as claimed, products that are flawed, and products that use algorithms that have not been subjected to the test of time or the scrutiny of other cryptographers. Based on past experiences, it is wise to be skeptical about claims regarding a new product with a revolutionary or patent-pending cryptographic algorithm or some secret technique. The road to better cryptography is littered with products that failed to meet some or all advertised claims.
Especially to be avoided are products that use secret cryptographic algorithms. Pick a cryptographic solution that is based on a recognized algorithm that has withstood the test of time and whose implementation has been tested by a recognized testing organization.
Pick a known product that uses a thoroughly vetted algorithm and obtain it through secure means—don't download cryptographic or security software from Internet-based servers without the means to verify the content.
To RWatkins, who wrote "The use of standard encryption systems (available to civilians) has been outlawed for military applications requiring any level of security for decades"
On the contrary, the serious encryption is ONLY possible with standard methods that have been vetted thoroughly by professional cryptographers, and which depend on fundamental mathematical principles, not on some secret algorithm. Bruce Schneier put it nicely: "anyone can invent an encryption system that they themselves cannot break".
It is true that there may be a technological or mathematical discovery that breaks the current encryption, but the chance of that is small compared to the chance of leakage of an encryption based on a secret algorithm.
As a student of cryptography since middle-school days, now over 45 years, a lot of what is spouted here is great to protect one from relatively weak decryption attacks or for relatively short periods of time. The use of "standard" encryption systems (available to civilians) has been outlawed for military applications requiring any level of security for decades and for very good reason. Any public/private key system by definition has a mathematical relationship between the public key and the private key. The "back door" is as simple as to derive said relationship. The statements made in this article propagate the wrong attitude that data can be shared in open interfaces and connected to open computational resources that contain decryption software, all safely. To be truly safe, somewhere there must be a proverbial funnel with a check valve to prevent hacking, extraction, or analysis attacks on data.
If your data is time critical and worthless in a matter of hours, all of this may not matter if you keep changing the algorithm, choose a good algorithm and sometimes vary it, and keep the key and algorithm away from prying software. However, if you really want to STORE information or keep information from competitors for longer periods of time, current techniques are a recipe for disaster. This is shown time and again in internet banking transactions where attacks have become increasingly sophisticated and fraud more and more prevalent.
It is very difficult to have a perfect world. So having a perfect Web with no viruses, no spy ware is something we can only hope for. Like all the physical security measures we take : most of them are prone for attack. The automatic teller machines have CCTV cameras to catch a person doing mis-deed. But we have cases where the thieves have covered the cameras with a cloth and stolen the whole machine itself . Combination locks are yet another security measures which can be decoded by a thief with sustained effort and sufficient amount of time.
So in case of data encryption you are never 100% sure that your encryption key code is broken into. The only way I see is to be able to detect that your security has been broken into as early as you can and contain the damage by a scheme of revolving keys, like the frequency hopping techniques used in secure communications
The only way you can control Cloud content and access is to implement a solid series of encrypted techniques throughout the architecture. Single techniques can be broken, but if you use a comprehensive layering approach, you can make it too difficult for the casual vandal to penetrate and you can quickly identify when someone is doing more than just using the system for their legitamate purposes.
Yes you will make it harder and more tedious to access the cloud, but I would bet that every common user would rather go through a little inconvience if they could be ensured of not having their data vandalized or stolen.
Just think of it, a web where we don't get overwhelmed with spam, no viruses, just a clean environment where we can do our work and go about our business without worrying about someone screwing everything up.
Now that would make a very pleasent web indeed.