Karlin Lillington reports from San Francisco on a recent encryption conference
Programming Satan’s computer – that’s how United States cryptography expert Bruce Schneier describes creating encryption software, programs that use mathematics to encode digital information such as e-mail messages, credit card numbers or computer files.
”Most engineers are used to making things work,” he says. ”Security software is … not about making things work. It’s about making sure things do not fail.”
If anyone understands encryption’s ins and outs, it’s the laconic, long-haired Schneier. His 1994 textbook, Applied Cryptography, graces the shelves of everyone from the hard-core ”crackers” who try to attack computer systems, to college students, security software CEOs, miscellaneous programmers and government agents trying to keep up with the crackers, or who argue that, for security reasons, people shouldn’t have access to the forms of encryption Schneier describes.
Schneier has designed an encryption algorithm named, cryptically, Blowfish, which remains uncracked after years of ”cryptanalysis”, and has co-authored a new algorithm named Twofish. To polish off his geek credentials, he’s a contributing editor to the granddaddy of computer publications, Dr Dobb’s Journal, where he edited a column called Algorithm Alley.
Paradoxically, says Schneier, it’s impossible to guarantee that security systems won’t fail, no matter how thoroughly encryption software designers gird their products against attackers. ”It’s not the attacks you know, it’s the attacks you never thought of,” he says.
Cryptography is essential for a secure computer system, but does not automatically make a system secure. That insight led Schneier to take a topsy-turvy approach to received encryption wisdom. He’s embraced a doctrine of fallibility – a perspective that surprised many encryption specialists last week at the world’s largest gathering of cryptography aficionados, the annual RSA Data Security Conference in San Jos, California.
Arguing that cryptography doesn’t have to be perfect but does need to manage risk, Schneier proposed to a packed conference session that cryptography shift from a focus on fraud prevention to fraud detection. His pointed questioning of traditional approaches contrasted with conference speakers elsewhere, who extolled the virtues of preventative security software methods such as public key infrastructure, or PKI, this year’s hot acronym. PKI is a complex system in which people encode and decode information sent across a computer network using mathematical ”keys”, all of which are managed through a network of ”certification authorities” which verify the keys, and ”verification authorities”, which vouch for the certification authorities.
Detection is not only easier than prevention, says Schneier, it’s more productive. He insists it’s a myth that society prevents crime. Instead, ”we detect crime after the fact, and through that detection you have a kind of backchannel for future prevention”.
What security software should do, he believes, is to audit break-ins in such a way that the software can provide evidence that can be used in court against crackers.
He has discussed the creation of software which will achieve that in a paper co- authored with John Kelsey, a cryptographer with Schneier’s Minnesota- based encryption software company, Counterpane Systems. Schneier says a successful program would detect any modifications made to a system or its contents by a break-in, log those modifications and use encryption to make those logs unreadable to a cracker.
To do this, Schneier and Kelsey worked out a system utilising ”hash chains”. A hash is a condensed, mathematical version of a text – the end product of an encryption method in which text is processed by an algorithm, or set of mathematical steps needed to complete a task.
As a computer system runs, any modification to it is logged, and the log is turned into an encrypted hash. The next modification is logged, placed with the first hash, and a new hash of the two events is created. Hashing previous hashes, one after another, makes it impossible for a cracker to remove logs from the system – thus covering tracks – without creating a noticeable gap in the hash chain. ”Attackers can’t generate new entries or change the old ones,” Schneier says.
He finished with a comment he attributed to Microsoft’s Cambridge Research Laboratory director Roger Needham: ”If you think cryptography can solve your problem, then you don’t understand your problem and you don’t understand cryptography.”