Tag Archive for AP

Encryption: panacea or just an expensive “do something”?

Once in a while we see a common cyber call to arms: “Let’s use data encryption and, voila, our problems will be over.” A typical example of this is the AP article http://cnsnews.com/news/article/no-encryption-standard-raises-health-care-privacy-questions.
This is a very common misconception. Encryption per se does not protect against hacking. Surely, encrypted files look impressive, with their very long strings of seemingly random characters. It must be mindboggling for a casual observer to imagine that anyone can actually decipher that without the secret key.
However, the reality is vastly different.
Strength of encryption is based on two main ingredients – the encryption algorithm and the secret key. Most encryption algorithms, and certainly all commercially available algorithms, are well known. They have been researched, and solutions—the ability to decrypt them without the secret key—have been found for most of them. The only undefeated algorithm so far remains the so-called “one time pad,” where the key is used only once. But even that algorithm’s strength rests on the quality and security of the key — issues that are far from trivial.
However, the main practical problem with encryption is the distribution system for the key. As in the example of a health system cited above, we are talking about a massive database with many millions of records. Sure, it’s not too difficult to encrypt all that data. But then what? The database has many legitimate users, sometimes thousands, and each one of them must have the secret key. It’s not difficult to obtain the key, one way or another, from at least one of them. Such a single breach would defeat the whole encryption scheme. I’ve often heard someone proudly declaring at a party, “I encrypt all data files in my computer.” Sometimes I will casually ask, “But where do you keep your key?” The answer invariably is, “In the computer.” Usually that person doesn’t understand that the key in his computer is also available to anyone who bothers to hack into his computer.
All in all, data encryption is a good concept, but the practicality of its deployment in databases with many users can only protect against middleschoolers. It would have marginal protection against smart highschoolers, and it would certainly be fruitless against professional cyber attackers.
Encryption per se would be just another expensive exercise in wishful thinking. It should be clearly understood: ENCRYPTION PER SE DOESNOT PROTECT AGAINST HACKING.