SAN FRANCISCO–In the current climate of continuous attacks and intrusions by APT crews, government-sponsored groups and others organizations, cryptography is becoming less and less important and defenders need to start thinking about new ways to protect data on systems that they assume are compromised, one of the fathers of public-key cryptography said Tuesday. Adi Shamir, who helped design the original RSA algorithm, said that security experts should be preparing for a “post-cryptography” world.
“I definitely believe that cryptography is becoming less important. In effect, even the most secure computer systems in the most isolated locations have been penetrated over the last couple of years by a series of APTs and other advanced attacks,” Shamir, of the Weizmann Institute of Science in Israel, said during the Cryptographers’ Panel session at the RSA Conference here today.
“We should rethink how we protect ourselves. Traditionally we have thought about two lines of defense. The first was to prevent the insertion of the APT with antivirus and other defenses. The second was to detect the activity of the APT once it’s there. But recent history has shown us that the APT can survive both of these defenses and operate for several years.”
Shamir, who shared the panel with Ron Rivest of MIT, Dan Boneh of Stanford University, Whitfield Diffie of ICANN and Ari Juels of RSA Labs, said that the continued assaults on corporate and government networks by sophisticated attackers in recent years has become the most important development in the security world. The time, he said, has come for security researchers and others involved in defending networks to look for methods other than cryptography that are capable of securing their sensitive data.
“It’s very hard to use cryptography effectively if you assume an APT is watching everything on a system,” Shamir said. “We need to think about security in a post-cryptography world.”
One way to help shore up defenses would be to improve–or replace–the existing certificate authority infrastructure, the panelists said. The recent spate of attacks on CAs such as Comodo, DigiNotar and others has shown the inherent weaknesses in that system and there needs to be some serious work done on what can be done to fix it, they said.
“We need a PKI where people can specify who they want to trust, and we don’t have that,” said Rivest, another of the co-authors of the RSA algorithm. “We really need a PKI that not only is flexible in the sense that the relying party specifies what they trust but also in the sense of being able to tolerate failures, or perhaps government-mandated failures. We still have a very fragile and pollyanna-ish approach to PKI. We need to have a more robust outlook on that.”
Shamir pointed to the incident recently in which TurkTrust, a Turkish CA, was found to have issued subordinate certificates for Google domains to two separate parties, one of which was a Turkish government contractor. He said he wouldn’t be surprised to see other such incidents crop up.
“I think you will see more and more events like this, where a CA under pressure from a government will behave in strange ways,” he said. “It brings into question whether the basis of security, the PKI infrastructure, is under severe strain.”
If anything, CRYPTO becomes MORE IMPORTANT. …statist toolbag!
What does APT mean?
You would have had a more readable article if you explained what “APT” is supposed to mean somewhere.
APT – Anal Probe Technology
APT – Acronyms Per Ton
It would be no harm to decode some of the acronyms in this article!
Nice article. Thank you.
Perhaps the idea of what we are doing ought to catch up with the facts. Computing resources, connections, and information are on the way to becoming universally available in unlimited quatity at very nearly instant speed at very nearly zero cost. The whole idea that anyone has any ownership or control over anything but their own next action is dead as a dodo, it’s just proped up by our previous experiences that to some extent we used to be able to will such thinhgs as property, security, and law into existence. Not any more. Get over it.
Shamir is a brilliant man whose influence on the technology of the modern world is extraordinary, but he is not an application security analyst.
Crypto is more important, not less.
Looking at the increasing web app, mobile, and the continued expansion of the usage of wifi and other wireless protocols security wise… crypto is one of the main bulwarks there. More sites are moving to SSL, browsers and servers have strongly tightened security on SSL implementation and this closes down an enormous number of bugs.
MiTM in the wired world is hard, was hard… MiTM in the wireless world is extremely easy. (Yes, wireless has long been around, but it is now very major and increasingly growing with the explosion of smart phones and tablets.)
A lot of web app attacks depend on non-SSL sites. Certs increase strongly domain security. (Certs and the strenghening of security in modern browsers by forced exposure of weaknesses through apps like FireSheep.)
Anyone who doesn’t know what APT means, why are you reading a specialist security-related site in the first place? You sound like people reading a knitting journal who complain they don’t know what casting-off means.
Fact : Bytes stored are acessible and read and write form everywhere.
Conclusion : Make these bytes cryptographed,they can copied but they can´t be understood.
So, why Mr.Shamir advocates less use of crypotgraphy ?
If your reading this shouldn’t you know what APT is anyways!
Gotta go way back for some of the answers. Can anyone remember “Read Only Chips” ? Read only chips can not be altered, once in place in key security points of a CPU that’s it, no changes unless the chip is physically removed and replaced. R.O.C. can guard incoming and outgoing data on a machine and start a process of copying incoming or outgoing data for review. Firewalls have become so complicated in recent years that they have far too many potential vulnerabilities. Reminds me of another acronym; Keep it Simple…
Right now there are malware creations out there that keep changing their names as they propagate, definitions are slowly becoming useless, & as this story suggests; encryption is almost useless as well, anything can be cracked or recorded through keylogging etc.
Some older CPUs can be updated with a RAM that includes a security section of ROC, no CPU will function if it’s RAM shuts down.
The average home computer user has no idea if they are infected, they have an antivirus and malware program & think all is well, even as their computer slows down and participates in a denial of service attack. The most terrible home user is the one that leaves their system running 24/7. Quickest way to slow malware & virus distribution and associated attacks is for home users to know they should cut power to their PC and/or modem when not in use. Second step for right now, is to limit continuous time online for home users. A lot of damage can be done in an hour, but if the user shuts down their PC for a minute, every hour, some of the more sophisticated attacks can stumble. We gotta think outside of the box and remember to think inside the box as well. Physical blocks inside a machine are just as effective as security programing code, & if combined the 2 will make CrackerHacks very bored.
Typical statements from a PR conference.
Crypto is less important for security, but not because it doesn’t matter.
If the channels were insecure, if there were no TLS, people would say “endpoint security doesn’t matter, we cannot even talk securely!!”. The reason why crypto “does not matter” in system security is because the secure channel is largely solved, and we have libraries today that abstract most of the really hard stuff away. Apart from channels, encryption and signing, there are not many other relevant applications. Hence, the security issues in real world come from building too complex systems that nobody really understands. The software consists 90% of bugs, the information flow within systems is not analyzed and crypto is deployed more or less randomly to “protect” something, somewhere.
The problem today is not if you use AES-CBC-128 or AES-OCB-256. The problem is what you encrypt, where the key is coming from and what the rest of your system is doing before and after encryption. Still, without that AES-XY, you wouldn’t even get that far.
To all the people moaning about the failure of the author to spell out to you what APT means… Its a pretty well known term and dare i say it a BUZZ word at the moment with the reports on APT1 in China being released. I would say the author thought that the Acronym would be similar to that of ATM, or SSL or HTTP and did not require a justification seeing as the target audience is meant to be IT Security people.
As for the person touting fifth grade english and acronyms… If you cant keep up with the content, just head back to cnn.com where the language is kept very simple and all acronyms are defined as they target their articles for reading by a 12 year old.
Good article Dennis, looking forward to hearing what a post Crypto world looks like.
To all the people moaning about the failure of the author to spell out to you what APT means… Its a pretty well known term and dare i say it a BUZZ word at the moment with the reports on APT1 in China being released. I would say the author thought that the Acronym would be similar to that of ATM, or SSL or HTTP and did not require a justification seeing as the target audience is meant to be IT Security people.
As for the person touting fifth grade english and acronyms… If you cant keep up with the content, just head back to cnn.com where the language is kept very simple and all acronyms are defined as they target their articles for reading by a 12 year old.
Good article Dennis, looking forward to hearing what a post Crypto world looks like.
Let’s not forget about Moxie Marlinspike’s Convergence. This provides us with the option for who (CA) to trust.
Also, Dan K’s DNSSEC is worth mentioning.
APT: Advanced Packaging Tool
APT: Advanced Packaging Tool
50% of the problem, to my mind, is the open-loop architecture of the net. That was a big mistake. Part of growing up is learning that nothing can be trusted without authentication (and even then..). An open-loop architecture makes that impossible.
Its the Kaspersky News Service, they live in acronyms. IERFB
Advanced persistent threat (APT) usually refers to a group, such as a foreign government, with both the capability and the intent to persistently and effectively target a specific entity.(wiki)
If you don’t known what APT means, then you’ll also have difficulty understanding this article. And if you don’t know how to use Wikipedia or Google, then you’re allready lost.
APT: Advanced Packaging Tool
APT Advanced Packaging Tool
Didn’t Moxie Marlinspike propose a form of federated SSL in the form of Convergence?
If you can’t spell already, you are probably a douche.
Making important files 1TB in size and obfuscating filenames is considered security? I guess the old guard crypto guys are officially out of ideas.
“Advanced Persistent Threat” but I like your “Acronyms Per Ton” better!
I was wondering the same thing. How do “journalists” not know basic English? If you use an acronym you must define it in its first use. Rule number one when using acronyms. Freakin’ fifth grade English for crying out loud!
Advanced Persistent Threat
Yes, I don’t agree with the article either.
So it seems to suggest that, because it’s becoming more difficult to protect our data, we simply shouldn’t bother?
Would this logic apply to e-commerce too? Simply get rid of encrypted credit card transfers entirely?
Yes, VERY sloppy writing on the part of Dennis Fisher.
thanks!
Nothing at all anymore. It used to be a nation state actor (aka China), but now it means nothing since people like this just co-opt any term to sell their ineffective technology solutions
Said a guy who should be selling insurance and not in the tech management field at all.
It captures the Zeitgeist perfectly. Always be afraid. Of an unknown threat (opaque acronym).
What they’re saying is that crypto alone is not enough. States are becoming able to crack security and steal private keys, and also undermine the certificate authority structure.
What they managed to say without saying is that things need to move to a web-of-trust or P2P model, like Bitcoin, where states have no way of attacking the infrastructure itself.
>What does APT mean? It’s a codeword meaning “China”.
Advanced persistent threat (APT) usually refers to a group, such as a foreign government, with both the capability and the intent to persistently and effectively target a specific entity. (wiki)
that’s retarded – good writing is good writing so defining an acronym is a 5th grade skill as someone mentioned. I have worked on a number of security initiatives but did not know what APT meant…
Unless of course you’re Chinese or Iranian in which case it’s a codeword meaning “USA”
In a public-key cryptography system, the private key is kept SECRET by the owner, who then publishes his public key through a certificate authority (CA). The CA essentially provides (identity, public key) pairs, where this value is signed with the private key of the CA, and can be checked using the “well-known” corresponding CA public key. To look up someone’s public key, I send the CA a request, which he answers with a signed message, which I then check the signature on.
This reasoning indicates at least two weaknesses centered on the comprimisability of the CA: