RSS
Dutch Fiasco Demonstrates Futility Of Security Through Obscurity
from the no-secret-algorithms dept
Recent research on the security vulnerabilities of a new Dutch fare card system offers important lessons for computer security. The Dutch government spent $2 billion on the system, which has now been demonstrated to have fatal flaws. The researchers disassembled the smart cards used by the system and took high-resolution photographs of the circuitry. This allowed them to reverse-engineer the encryption algorithms being used by the system. As Felten points out, this wouldn't have been a problem if the Dutch had used an open crypto algorithm that has been widely tested and found to be secure. But because the system relied on algorithmic secrecy for security, this could be catastrophic. The algorithm uses a relatively short 48-bit key. This means that once the algorithm is known, it becomes possible to perform a brute-force attack, simply trying all 281 trillion possible keys in parallel until the correct one is found. That requires a non-trivial amount of computing power, but it's well within the capabilities of modern computer hardware. Indeed, this is precisely the approach taken by a Johns Hopkins research group three years ago when they cracked the encryption on the Exxon Mobil Speedpass, which used a 40-bit key. Brute forcing the 40-bit algorithm reportedly took the Hopkins team about 20 minutes, which suggests that -- even ignoring improvements in hardware -- it should be possible to brute force a 48-bit key in under a week. Since they're just deploying the system now and are presumably planning to use it for a decade or more, 48 bits is woefully inadequate. They ought to have used a standard, widely-tested cryptographic algorithm with a significantly longer key size, in order to make brute force attacks impractical.
5 Comments | Leave a Comment..
- Trustwave Admits It Issued A Certificate To Allow Company To Run Man-In-The-Middle Attacks
- Senator Leahy Hopes To Rush Through PIPA By Promising To Study DNS Blocking... Later?!?
- Leaked Memo Confirms Apple, Nokia & RIM Gave Indian Gov't Backdoors
- Co-Chair Of Congressional Cybersecurity Caucus Says SOPA Would Interfere With Online Security
- 'Nerds' Finally Get Their SOPA Hearings Over Technical Impact... But Not At The Judiciary Committee
Reader Comments (rss)
(Flattened / Threaded)
People aren't willing to treat government agencies like real businesses. They view it as something sacred. To me, sure the government shouldn't be arbitrarily changed. But you're talking about the AGENCIES and stuff that aren't stipulated in the Constitution. Which is why you get redundant crap like "Homeland Security".
But all well, I've become cynical enough to just give up on humanity at this point.
[ reply to this | link to this | view in thread ]
It'd be worse if...
...a country actually made this same, classic mistake while trying to implement a system to do something critically important, like, oh...hmmm...let me think...voting?
[ reply to this | link to this | view in thread ]
Re:
The thing is they have the money to pay permanent staff however in my experience they'd much rather piss that money away on overpaid contractors and consultants.
The reality is paying £900 per day for someone won't guarantee they're actually any good at their job and in many cases they may even be a graduate with little to ZERO experience. I know when I graduated and worked for a large IT consultancy on massive public sector projects my charge out rate was nearly £700 per day!
[ reply to this | link to this | view in thread ]
Why amateurs should not do crypto.
Maybe the point you were trying to make is simply that the Dutch used a key that was too small. Perhaps, you meant that they thought they could get away with a shorter key because they thought their algorithm was secret, but you didn't make that point.
The rational argument against a proprietary crypto algorithm is that absent expert peer review of the details, it is likely that the algorithm can be broken without having to do a brute force attack.
[ reply to this | link to this | view in thread ]
Re: Why amateurs should not do crypto.
[ reply to this | link to this | view in thread ]
Add Your Comment