Notes on chapter 1 “The Context of Cryptography”

Cryptography is both an art and science. It requires a scientific background and a healthy dose of “black magic”. That is, a combination of experience and the right mentality for thinking about security problems.

Chapter 1, p3

This makes me wonder, is everyone able to think about security problems? What kind of security problems are we looking at? During my time studying Political Science and Military Strategic Studies I came across many security related concepts and issues. People that work in security for the government or a company apply their knowledge and expertise in a different way than security experts in cryptography engineering.

But even though the use of their experience and mentality is applied different to tackle security problems, they have at least one thing in common. That is to protect something or someone from something or someone.

Another major difference that I have experienced between a social sciences type of security professional and a cryptography engineering security professional has to do with understanding the adversary. A cryptography engineering security professional is not really interested nor motivated to analyze the intentions or motivations of the adversary. It’s just “Eve” who is eavesdropping. We don’t why, but it happens. Period. Whereas a social sciences security professional will try to analyze motivations, foresee threats, based on politics and international relations, and will then implement security measures (or not).

And of course, another difference relates to the “asset” that needs protection. A government representative will look at its security assets on a much higher level of abstraction in the realm of ideas and social constructs such as, national security or economic security. The security engineer will focus on physical systems comprising hardware components and software containing 0’s and 1’s. The information itself … the security engineer (most of the time) has no actual clue. All that he/she will know is that the information managed on that system must be of extreme value for its users. Else, why bother making secure systems?

Cryptography research contains a wide range of topics, including computer security, higher algebra, economics, quantum physics, civil and criminal law, statistics, chips designs, extreme software optimization, politics, user interface design, and everything in between.

Chapter 1, p3

What I really enjoy about this quote is that it emphasizes that cryptography is an extremely varied field. I can completely get lost in this fascinating and important field because I got to learn about cryptography from such different angles daily since 2016.

So here is your first lesson in cryptography: keep a critical mind

Chapter 1, p4

This first lesson really resonates within me. A fun fact about me. When I was about 18 and started going to University, I created a group on of the first real big social media platform “Hyves” called “Critical Students” :). I know, this made me not so popular. But to me it felt good. Most people do not like to be critical because it makes them “tired” of always thinking about something that can be improved. Also, most people don’t like to be criticized because they take the critic personal. And, of course, most people don’t like to give critical feedback out of fear hurting someone’s feelings. Learning to think critically, giving and receiving critical feedback is not easy but I think it can be very, very valuable. Especially when you are trying to build a secure system that needs to protect valuable assets. This is where the term “professional paranoia” comes in to play.

Cryptography by itself is useless

Chapter 1, p4
Just like putting a lock (or the use of encryption) to protect valuable assets that are inside the tent, cryptography by itself is indeed useless.

The use of cryptography by itself is indeed useless. The adversary can easily open the tent without ever attempting to break the lock (or trying to decrypt). Or what about having a lock, locking it, but keeping the key in the lock or badly hidden underneath the carpet of the front door :).

Furthermore, cryptography is always part of a much larger security system and must be able to distinguish between good and bad access. This is the most difficult part of cryptography. Keeping everyone out of a system is way easier, but, completely useless. Cryptography is only useful if the rest of the system is also sufficiently secure against adversaries. And the rest of the system can contain many, many, different sub-systems (people, procedures, quality assurance, supply-chain, bugs, unknown vulnerabilities, new technologies, law, politics, insider threats, weak design, etc. the list can go on much further). However, once the burglar has the key to your home. He or she can steal anything without leaving traces. Thus, using a strong enough lock (encryption) and safeguarding your (digital) key is very important.

“A security system is only a strong as its weakest link”

No matter how strong parts of a system are designed, if there is one weak link in the system … the attacker will try to attack that part where the system is at its weakest. In order to improve the security of a system, the weakest link needs to be improved first. But finding out which parts are part of the security system and which ones are weak, requires extensive security analyses and in-depth knowledge about the system itself and the type of adversaries that could attack it (more later on this in blogs about Red Teaming).

A simple, yet efficient way to find these weak links can be done using a hierarchical tree structure (an attack tree):

  1. Steal car
    1. Use physical key
      1. Steal key from driver’s house
      2. Steal key from driver
      3. Force driver to hand-over the key
  2. Use cloned digital key
    1. Copy signal from key with electronic device and transceiver
  3. Tow away
    1. Lift car onto a truck without activating the alarm
      1. Disable the alarm
        1. Break the window

Each link (node) can be analyzed and split up until only single components are left. This can be a lot of work for a real security system. Attack trees provide valuable information about possible lines of attack. Securing assets without first doing analysis it not a very good idea and it is likely that the measures taken are only giving its users the feeling that their assets are secured instead of knowing it.

Strictly speaking, strengthening anything but the weakest link is useless

Chapter 1, p7

Engineering security systems must design their systems in the adversarial setting. The adversaries are intelligent, malicious and persistent. They don’t play by the rules and are unpredictable. Playing on the defense is much harder than playing on the offense. A securely designed system from 10 years ago, may not be so secure anymore with current technologies. The attacker only must find one weak link, break into that part of the system to get into the whole system. The defender must take protective measures for all parts of the system. So, there is a fundamental imbalance between the attacker and the defender.

To work in this field, you have to become devious yourself

Chapter 1, p8

The adverserial setting causes a healthy “professional paranoia”. Such a security mindset has benefits. Security problems exist in most systems. And that is alright. There is no such thing as a 100% secure system as I noted before. Discussing attacks on vulnerabilities should always be on something and not specifically on someone (unless a flaw is purposefully designed to exploit the vulnerability i.e. backdoor).

Threat modelling is an important part of designing secure systems. Questions to ask and find answers to should be something like:

  • “What are the assets of value?”
  • “What are the threats?”
  • “What are the motivations?”
  • “Who would be capable and willing to transform these motivations into an actual attack?”

Assessing the security of system needs to be performed with a designated threat model in mind. The persons responsible for establish such a threat model have a big responsibility in order to avoid a painful mismatch with the threat vis a vis the system to be designed, or to be put into operations.

Governmental organizations involved in information security typically use so called Risk Reduction Overview (RRO) methods with benefits such as:

  1. Rethink the design
  2. Optimize the design
  3. Review of risks
  4. Review of measures
  5. Chief Security Officer get lists of residual risks
  6. Review a design after changes to risks
  7. Inspiration for a new design

You should have a look at the post Security Risk Management on this blog for more on the RRO, the tool and an example to encourage thinking (and playing) with risks, measures and residual risks in (socio-technical) systems that secure assets.

Cryptography is not the solution, is very difficult, and is the easy part

Chapter 1, p12-13

With quotes like these … why even bother trying to understand cryptograhpy engineering? Good guestion! Cryptography can be something like voodoo. It’s a feeling … A feeling of security because there is a digital lock on it.

Remember the picture with the lock on a tent? …

Therefore, cryptography is always just a part of the security solutions for a secure system. Cryptography is also difficult because of the weakest-property and the adverserial setting. Furthermore, there is no known one way to test the security of a system.

Still, cryptography is one of the “easy” parts of a secure system because of its well defined boundaries and purpose. Securing an entire system with users, procedures, a supply-chain, poor quality of much software on surrounding components, key management/storage, network security, etc. is much harder.

Then there is the fact that there are generic attacks that no ammount of cryptography can fix. These generic attacks our typically taking place outside the secure system. It is important to realize the possibility of generic attacks, otherwise you might be trying to solve an unsolvable problem. An example, to control copying of digital material on a secure workstation. With a secure system, no file can be copied nor send via e-mail over the internet outside the trusted netwerk. The malicious actor simply takes a photo of the screen …

[to be continued later: 2-4-2020]