By Dr. Alan Radley, 25 Aug 2017
Unfortunately, even a single hacked entry-method or exploited attack-surface—can lead to a data-breach that effectively invalidates all the other protective mechanisms. An attacker has to be successful just once (in relation to any number of attacks); whereas a defender must successfully protect datum(s) for each and every attack, or maintain a 100 percent success rate—forever!
Security Best Practice
Of course, all good practice goes right out the window as soon as a trusted insider (like Snowden) goes rogue or is compromised. Two or even three factor authentication—something you know (password), something you have (MAC address, private Key) and/or something you are (finger-prints, retina scan etc)—can also greatly slow-down or prevent unauthorized access.
How might we best summarize and/or develop—optimistically—a philosophy of Absolute Security?
Perhaps we can begin by stating that:
- For two parties to communicate a message (i.e. datum(s)) privately and with guaranteed security
- A means of a communication channel that is in some sense ‘public’; then it is a basic premise that the two parties must (by some method) protect (lock/block/conceal) the message content(s) from access by other (unwarranted) parties;
- And that the protection is performed by means of wholly/partially secret entry-method(s) (including the locking/blocking/concealing of accessibility action(s))—which enables only legitimate parties to unlock the communicated meaning
- Whereby – the protected entry-method(s) must remain (at least partially) private (in terms of form and/or content)
- And typically the protected entry-method(s) consist of some private locking/blocking/concealment: mechanism(s)/ key(s)/algorithm(s)/physical-device(s)/transmission-protocol(s)/ entry-paths/interpretive-method(s) etc.
Ultimately, there is no alternative to the holding (by both parties— or sender/receiver)—of one-or-more—shared wholly secret entry-method(s) and/or partially secret entry-method(s).
Key protection is a classic case of ‘who guards the guards?’ It is possible to build key management processes around the idea of a quorum so that more than one administrator is needed to administer keys. Alternatively, you could use local key storage— and remove all n-th parties from the risk register.
You have to ask yourself two questions: First, is there any chance that we can be more secure than a company that specializes in technology and knows that Information Security is core to its very existence? Second, who would really give a damn about what we hold on our disks and servers anyway?
And best practice security procedures, process and constant vigilance are equally vital, because the security boundaries, vulnerabilities and goal posts will always be shifting. If you don’t keep repairing and fortifying the castle walls or fail to keep an eye out for the latest marauders, eventually you will fall.
Breaking encryption with brute force is all about time and resources. The more time and resources an attacker must devote to their attack, the harder it is for them to succeed. The added “strength” of two layers is that it is already difficult to break one layer of encryption, so breaking two layers will be even more difficult. Remember that encryption is just one (important) link in the security chain. If we apply the “inner fortress” principle, the very hardest encryption or defense layers will be on the inside. The assumption is that attackers are more easily detected (or worn out) as they attempt to penetrate increasingly difficult security perimeters.