cryptography and data security long term challenges
Download
Skip this Video
Download Presentation
Cryptography and Data Security: Long-Term Challenges

Loading in 2 Seconds...

play fullscreen
1 / 12

Cryptography and Data Security: Long-Term Challenges - PowerPoint PPT Presentation


  • 51 Views
  • Uploaded on

Cryptography and Data Security: Long-Term Challenges. Burt Kaliski, RSA Security Northeastern University CCIS M ini Symposium on Information Security November 9, 2004. Approach. Looking toward future generations of information technology – 30-year timeframe

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Cryptography and Data Security: Long-Term Challenges' - kylie-adkins


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
cryptography and data security long term challenges

Cryptography and Data Security:Long-Term Challenges

Burt Kaliski, RSA SecurityNortheastern University CCIS Mini Symposium on Information SecurityNovember 9, 2004

approach
Approach
  • Looking toward future generations of information technology – 30-year timeframe
  • Cryptography, network security grow in importance as essential building blocks
  • Challenges lie ahead – what can we do?
  • Two kinds of solution to consider:
    • “Easy”: apply current knowledge to alleviate problems
    • “Better”: discover new knowledge that overcomes them
challenge 1 no algorithm is safe
Challenge #1: No Algorithm Is Safe
  • Today’s algorithms remain secure for 30+ years against known attacks on classical computers, with sufficiently large keys
  • The risk: unknown attacks and quantum computers
    • Quantum computers would break today’s number-theoretic public-key cryptography; halve effective key size of secret-key algorithms
    • Unknown attacks could have equally dramatic effect
  • Key problem: With a few exceptions, no algorithms are proven secure unconditionally
algorithm directions easy
Algorithm Directions: “Easy”
  • Employ multiple algorithms based on different hard problems
    • Presumably less likely all to fall at once
  • Deploy secret-key-only architectures where feasible
  • Adopt Merkle hash signatures
    • (2.) and (3.) reduce the dependence on number-theoretic public-key cryptography, which is riskiest against quantum computers
    • However, no assurance that specific secret-key algorithms and hash functions resist specific quantum (or classical) attacks
  • Introduce quantum cryptography as an extra layer of protection
    • But limited to link encryption with photon transmission
algorithm directions better
Algorithm Directions: “Better”
  • Develop alternative algorithms based on different hard problems
    • A broader portfolio against attack
    • But involves a long testing process – few hard problems have survived last 30 years
  • Find new algorithms that are provably resistant to attack – or fully prove strength of existing ones
    • Requires major breakthroughs in computational complexity theory
      • e.g., lower bounds for integer factoring
  • Invent quantum or other form of cryptography that isn’t limited to photon transmission, e.g., “RF quantum”?
    • Assumes new results in physics
challenge 2 no data is safe
Challenge #2: No Data Is Safe
  • Data and keys can be reasonably well protected today against compromise with trusted hardware, software
  • The risk: Attacks are becoming more sophisticated, and usability competes with security
    • Side-channel analysis can expose keys in many implementations
    • Availability requirements often encourage multiple copies of data
  • Key problem: Security architectures today generally based around explicit data and keys
    • Each instance an opportunity for compromise
data protection directions easy
Data Protection Directions: “Easy”
  • Build implementations of existing algorithms to address side-channel attacks — not just for speed & space
  • Employ architectures based on implicit data and keys:
    • Secret splitting: Data stored in n shares, k required to reconstruct
    • Distributed cryptography and secure multi-party computation: Keys stored and used in shares – never explicitly reconstructed
  • Adopt techniques that “heal” the effects of compromise:
    • Proactive security: Shares are periodically refreshed
    • Forward security: Keys are updated regularly such that past keys cannot be computed from current ones
data protection directions better
Data Protection Directions: “Better”
  • Design new algorithms that are provably less vulnerable to side-channel attacks and other compromises
    • “physically observable cryptography” (Micali, Reyzin)
    • potentially a difficult tradeoff versus conventional attacks
  • Develop new, practical data protection techniques based on other hard problems
    • e.g., only on hash functions
  • Invent something physics-based, e.g., “quantum secret-splitting”?
and that s just the data
And That’s Just the Data …
  • Future networks, with numerous mobile components in ad hoc configurations, will also be at risk to a host of new attacks, e.g.:
    • Routing table corruption, leading to network partition, traffic analysis
    • “Selfish” nodes that expend others’ resources but do not contribute their own
  • Countermeasures here involve a new way of viewing networks, where trust is earned, not assumed (Jakobsson et al.):
    • “Micropayments” as network diagnostics
    • Reputation management
    • Game theory
summary
Summary
  • Today’s cryptography and data protection are reasonably strong, but 30 years is a long time
  • Better long-term assurance requires new techniques and methods of analysis
    • An architecture of implicit data built on a foundation of provable algorithms
  • Research challenge is the same as for networks: a roadmap from today’s “gigabit security” into terabits and beyond
contact information
Contact Information
  • Burt KaliskiVP Research, RSA SecurityChief Scientist, RSA [email protected]://www.rsasecurity.com/
ad