> -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On > Behalf Of Hal Merritt > Sent: Thursday, January 18, 2007 10:49 AM > To: IBM-MAIN@BAMA.UA.EDU > Subject: Decoding the encryption puzzle > > There I was, looking into the teeth of a serious ice storm, any my > company laptop dies. I have a generator and satellite telecom so that > part was covered. But the laptop was a single point of failure between > me working from home or risking life and limb having to go out in the > storm. The prospect of driving over roads covered with ice and idiots > gives me gas. > > The failure was in the encryption software. > > The techs tell me the encryption software has been almost trouble free. > Almost. And failures are rare. But they happen. When there is a failure, > they can almost always recover the data. Almost. > > I don't have any numbers, but my sense is that only one of a hundred > laptops have suffered data loss. One percent. > > Now, laptops pose an extraordinary level of risk and some hard nosed > encryption is arguably mandatory. That is not the point of this rant. > > Is it possible that mainframe encryption can guarantee perfection? Or > will we see about the same thing: loss of one percent of the most > mission critical data in the shop? Or one in a hundred critical > datasets? Is the mitigated risk worth the loss? > > Gives this old sysprog pause. /snip/ Encryption software "failing" is somewhat vague. Did the software generate incorrect cipher text? Did the software incorrectly decipher the data using the correct key? Was the key lost or stolen or exposed or improperly expired?
Symmetric (secret) key encryption, like DES or AES, is very reliable with respect to correct encipher/decipher operation. The main issue is key management: How to generate strong keys, securely store those keys, and associating the keys with the protected data? It all boils down to having a clear master key somewhere that unlocks all of the other keys. Even the IBM hardware encryption with tamper-resistant master key protection needs to be reset sometimes. That means the master key (or the pass phase used to generate a master key) must be written down somewhere (and physically protected) so that the security administrator can re-enter it into the hardware. Without the central master key, all other keys are inaccessible (not decipherable) and thus the encrypted data is unavailable. Asymmetric (public/private) key encryption is only viable for exchanging encrypted symmetric keys, because the algorithm is computationally intensive and far too expensive for high volume encryption traffic. Physical deterioration of encryption silicon may occur over time, just like deterioration and failure of main memory or logic circuits or hard drives. That's why encryption devices self-test with known answers and internally check their results. I've heard that some hardware encryption devices may perform the encryption 3 times per block of data and compare the results for a perfect match. The process is repeated until a perfect match of the 3 results or until a time-out occurs (machine check interrupt). A properly designed encryption device will detect bad results and not expose incorrect results outside of its secure boundary. I don't worry about the bitwise accuracy of encrypt/decrypt results. I worry about key management, because it's the central point of failure. If your keystore is on a harddrive that fails, then all data encrypted by those lost keys is inaccessible. Jeffrey D. Smith Principal Product Architect Farsight Systems Corporation 700 KEN PRATT BLVD. #204-159 LONGMONT, CO 80501-6452 303-774-9381 direct 303-484-6170 FAX http://www.farsight-systems.com/ see my résumé at my website ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
