I hate passwords.
Don’t get me wrong – they are very important in the line of defense to protect mission critical systems and personal information. I just hate them from an encryption security point of view. I especially dislike them when they are used as encryption keys or as the basis for generating encryption keys.
Many zip compression products now offer 256-bit AES encryption to protect data. The fact that you are using AES encryption in your zip archives may give you a false sense of comfort about the data you’ve compressed. Consider this: encryption is only as strong as the encryption key, and the password you use with zip compression is usually the actual encryption key.
It is fairly easy to use brute force to discover passwords used with zip encryption, and therefore to get access to the encrypted contents. Free software is readily available on the Internet to do this automatically. Just recently UK security expert Dave Whitelegg demonstrated this on his blog.
It is possible to create strong passwords. I’m sure you’ve seen the recommendations: Use upper case and lower case letters, intersperse these with numbers and some special characters. Avoid using names and dates. Create passwords longer than 12 characters, and so forth. The problem is, of course, that no one can remember a good password. And so we never use them.
If you are using a zip product with encryption as a part of your backup and archival strategy, now might be a good time to review how you are managing passwords. Better yet, you might want to consider using a commercial product for tape encryption. The best products use strong AES encryption and integrate good key management solutions. You can find good products from multiple vendors, and the price is coming down. On your next system upgrade be sure to work in good backup encryption. Before you purchase any solution, make sure the vendor has certified the encryption (see my previous comments about that).
I know that we are not going to get rid of passwords any time soon. I am just encouraging you to be aware of their limitations and inherent weaknesses. Any time you have a choice, try to use good encryption key management solutions instead of passwords.
Sorry to harp on this – but I predict we will be hearing about data losses where the data was encrypted but the passwords were weak. When it comes to using passwords as encryption keys – just say no.
Patrick
Encryption is hard.
I don’t mean that encryption is hard to deploy in business applications, backup solutions, and on laptops. Software and hardware vendors are making the deployment of encryption easier all of the time.
I mean that as a security vendor getting encryption right in your products is really hard.
Getting encryption right means very diligent and specialized work and extensive testing. It means running perhaps millions of tests over and over. It is time consuming work, and even the slightest change means re-doing all of the tests over again. Then code has to be optimized and re-tested. Now that you’ve got your encryption library in good shape, you have to make it easy to use with a variety of languages and operating systems. This means more development and more testing on a large number of platforms.
Did I mention that encryption is hard? And we are definitely not there yet . . .
Now that you think you’ve got your encryption nailed down, it’s time to get it independently certified. The National Institute of Standards and Technology (NIST) provides a complete certification protocol for AES encryption, and charters independent labs to perform the tests. As a vendor this means signing up and paying the lab to perform the tests. This is expensive and takes more time and engineering resources. If there are any problems, you get to start over from the beginning.
It would be tempting to skip the certification, yes?
Let me tell you why that would be a really bad idea. In an early study of security companies engaging in certification, NIST discovered that nearly half had errors in their encryption software or implementation. These are the vendors who are really serious about security – imagine the error rates in software NOT going through certification. Of course, I’m sure that most of the companies who discovered errors during certification fixed the errors and went on to complete the certification process. But it is really an amazingly high percentage.
Security software vendors are businesses like all others. There is always pressure to get products to the market quickly and with minimal cost. Security vendors live in a competitive world, too. And getting to market later than your competition can be painful. So there are lots of pressures to develop quickly and get to market.
There are lots of encryption products in the market that have not gone through NIST certification.
They scare me, and they should scare you.
There is no good excuse for not certifying an encryption solution. If it is not certified it means the vendor doesn’t really care about security, can’t get a certification because it is not done right, or does not have the technical depth or patience to do the certification. As I said, there are no acceptable excuses for skipping certification.
You are going to pay a bit more for encryption solutions that have NIST certification.
Believe me, it’s worth it.