-5

There are many aspects to computer security and many threats to address: poisoned DNS, worms, trojans, viruses, rootkits, firmware malware, etc. One of the biggest software vulnerabilities is buffer overruns, another is execution of user code.

Encryption does not directly address any of those threats. Encryption is a tool that hides information, which can also sometimes be used to establish trusted identities, but that is all. Indeed, if the OS you are using to encrypt a message is breached, then the message is no longer safe, no matter what encryption strength is used. As another example, if an encrypted disk contains an OS, and the OS is breached, the encryption is irrelevant and the data is breached as well.

Based on industry-standard threat models and frequency of various kinds of attacks, which is a greater risk: loss of channel security for an un-encrypted channel or loss of OS integrity due to security vulnerabilities and thus loss of encryption keys?

If a compromised OS is the OS of a server, then there is necessarily loss of channel security for the channels passing through that server. Does a secure system require both encryption and OS security of the end-points?

This question seems highly connected to vulnerabilities in Apple's FileVault. See the discussion: Potential FileVault problems in my setup

Community
  • 1
Brent Kirkpatrick
  • 940
  • 4
  • 19
  • 3
    Nice question, agent Kirkpatrick. – Adi Mar 12 '16 at 18:53
  • 2
    @Adi - that's Special Agent Kirkpatrick, thank you very much. – Deer Hunter Mar 12 '16 at 19:19
  • To censorship team: I think that this question is a right one. I see too many CIO who think that once they have settled a VPN security is granted. – dan Mar 13 '16 at 08:47
  • 1
    May I suggest a slightly different tittle: "Is encryption a risk when used on vulnerable OSes?" ---- Here I think to our typical ennemy: the feature which looks like security, but isn't. What I call "the empty extinguisher". – dan Mar 13 '16 at 08:51
  • 1
    @danielAzuelos - that's not what the OP asked. Feel free to edit, and the OP may or may not agree with you. Like locks and keys are fundamental for physical security, encryption is fundamental for information security - as a cost-raising factor to deter wrongdoers. – Deer Hunter Mar 13 '16 at 10:26
  • Where is the **weakest point** of a Windows connected to a company through a VPN on Tor? – dan Mar 13 '16 at 10:26
  • → Deer Hunter: thank you, fully agreed. I didn't feel legitimate to touch a well redacted question on a real world problem. – dan Mar 13 '16 at 10:32
  • Encryption solves a problem that cannot be solved any other way. I can have the world's most secure, reliable OS, and take every precaution to avoid malware, but I cannot guarantee that my computer won't be stolen. With encryption I know that if my computer is stolen, the data is safe. – user1751825 Mar 13 '16 at 10:58
  • → user1751825: "With encryption I know that if my computer is stolen, the data is safe", **if** your computer is completely shutdown **and** if your computer wasn't compromised **before** this event **and** if your encryption key isn't stolen (befoer or after this event) through another methodn. ---- 2 of these **if** have a very low probability in RL. – dan Mar 13 '16 at 23:39

6 Answers6

6

Encryption isn't viewed as a magic security solution by cryptographers nor info sec professionals.

Encryption is used for a very specific purpose. To prevent people from reading data sent between two people.

In this case we have a specific threat model we are working with. We are assuming Alice and Bob are trying to talk to each other privately while Eve is attempting to read this information. Eve has full access to anything sent between Alive and Bob.

In this threat model, Eve does not have access to either machine. Thus, OS security is out of scope.

IRL situations of course heavily depend on the security of the OS and hardware you are using. But it's also much easier to sniff data on the wire than it is to pwn a particular box. That's why we still heavily value encryption.

d1str0
  • 2,348
  • 14
  • 24
  • My professionnal analysisis is that real world risks are in this decreasing order today: Wi-Fi sniffing, any OS phishing, direct Windows attack, badly configured web server attack, direct appliance with default password attack (a stack of other risks I am not able to classify on a linear scale) and finally Internet sniffing... computer emissions (TEMPEST) sniffing.... ---- Encryption is a **right answer** to the **Internet sniffing risk**. – dan Mar 13 '16 at 10:20
  • 2
    Short and to the target answer. Most notably, 4th § is a key! – dan Mar 13 '16 at 11:45
4

Virtually all situations where we do computer security, it involves the transfer of information. If nothing else, information is transferred from a screen to the eyeballs of the user.

You are correct that, if an adversary has access to the information, they have access to the information. If you dig an exploit deep into someone's computer, you can get access to everything that computer has access to. This is one reason why physical security is a big deal for groups who are concerned with security.

However, we often want to transfer information quickly. The old approach of tatooing a message onto a slave's shaved head, then letting him grow his hair out is just too slow in this era.

Encryption is a way to put the information out in a less-secured place, such as the wires of your ISP, in a way that makes it hard for someone to get access to the data without having already compromised a more secure place, like one of your endpoints.

As an example, consider TOR. The whole point of TOR is that you are passing every bit of data through the hands of an unspecified number of people, all of whom are the kind of people who appreciate the anonymitiy TOR serves. Certainly within that group there are those who appreciate said anonymity for reasons which do not have your best interests in mind, yet you feel comfortable handing them the data freely. Why? Because they are not an endpoint. Your endpoints are "higher security," and encryption permits them to communicate through a "lower security" connection because it is considered mathematically challenging for anyone to decrypt your data.

In this day and age, encryption gets a lot of attention because we do a lot over very insecure internet connections. However, you will find that no actual security expert assumes "encryption means I'm secure." At the absolute most, they might assume "encryption means the entire system is as secure as the nodes which have the encryption keys."

Cort Ammon
  • 9,206
  • 3
  • 25
  • 26
2

"As another example, if an OS is encrypted on a disk, but the OS is breached, the encryption is irrelevant and the data is breached as well" -- that's not necessarily true. In the first place you'd need to breach the loader, you certainly cannot breach the OS as long as it's encrypted. Then, even a tampered loader would avail you nothing until the user entered his pass phrase, unless the encryption is weakly implemented in the first place. A tampered loader would only allow you to circumvent anti-bruteforce restrictions, as in the recent Apple iOS case. In this case we can only say that physical security trumps encryption. A hardware keylogger hidden in the keyboard would also negate most encryption schemes just as easily.

That said, I'd venture encryption is usually more important than OS security (which is still very far from irrelevant!), because encryption protects your data even when your OS isn't there: e.g. USB keys, hard disks, SD cards and so on. It protects communications against eavesdropping. What use is a solid and uncompromise client/server setup between Alice and Bob when Eve can snoop authentication tokens and impersonate both?

When we're in OS land, the roles are reversed: a tampered-with OS or rogue application can easily nullify encryption by waiting until I've unlocked the hard disk before transmitting its contents elsewhere.

If your attack surface only extends over the workplace (i.e., you don't have to worry about pilfered hard disks, stolen laptops or wandering USB keys, and communications are either absent or otherwise secured), then yes, encryption would turn out to be far less important than OS (and physical) security. But IMHO it greatly depends on the attack surface we're looking at.

LSerni
  • 22,521
  • 4
  • 51
  • 60
  • 2
    I would assume that OP means that the OS is breached while running. So if someone connects to your system from remove while it's running and thus not encrypted at that point in time, they could read data, even though it's encrypted if the system is shut down. – tim Mar 12 '16 at 18:13
  • There is always somewhere that the data has to exist in a plaintext state. Encryption is an attempt to reduce that state to a bare minimum. The attack points shift from being able to read the drive on a system (by either drive removal or booting alternate OS) to needing the system to be up and running (OS drive level encryption) and finally the software being up and running (Application/Database level encryption). What encryption protects shifts. So an OS Level encryption can be bypassed by attacking the operating system, Application level by attacking the application. – Fiasco Labs Mar 12 '16 at 18:27
1

Encryption isn't related to OS security: it's related to communications security. Viruses, Trojans, etc all take effect once they're on your computer/device. They can also interfere with communications (e.g. if a gateway has a virus on it).

However, if your communications are encrypted, two things happen: (1) that data stream can only be tampered with by somebody with the key (or else you'll know); and (2) potentially-sensitive data cannot be leaked as the data passes through foreign, possibly virus-ridden, devices.

Note that physical transport of media is also communication - a body of data is being transmitted and somebody along the way may want to tamper with it or access it.

iAdjunct
  • 1,710
  • 10
  • 15
1

Philosophical indeed. Without an absolute answer, here is my point of view. TL;DR: crypto is by far the single most powerful tool WHEN USED CORRECTLY, but it's just a building block. A lot of non-cryptographic variables can break any value of crypto.

First of all, I'd like to break one of your preconceptions. Despite its name, modern day crypto doesn't just "hide information". It enables a huge range of functionality that otherwise would be too hard or impossible to achieve. Strong authentication, integrity verification, privacy preserving computation, and so on.

The main virtue of crypto is that it's based on math. The main obstacle of crypto is that it's based on math. The definitions and threat models for cryptographic primitives, protocols and adversaries are strictly modeled and proven: given some preconditions, it is very clear what crypto can offer. On the other hard, cryptography exhibits a huge learning curve. The level of abstraction and difficulty of the most essential concepts is such that even well meaning skilled professionals can mess it up in a big way. Hell, even the most popular crypto libraries have subtle unintentional bugs introduced by their most dedicated programmers. And bad crypto is worse than no crypto.

But good crypto is stronger than any non-crypto alternative, in most cases. Imagine the information within a hard drive. To prevent access to the data you would need OS level access control, physical security on different levels, network security design, and so on. And the failure of just one of them could create vulnerabilities both at an immediate and a long term level. If you implement full disk encryption properly, some problems disappear, and some others become much more treatable.

There are also some functionalities that are just unthinkable without cryptographic tools in between: online banking, private communication, secure VPNs, and so on. And, in more polemic applications, cryptocurrencies, anonymous browsing and internet voting.

Of course, cryptography relies in other areas of security to be fully useful. If your disk is fully encrypted, but all the files are exposed through a public server, it is not encryption's fault. If you write your password in a post-it, no encryption scheme will save you. If you download the attachment from the hot girls in the area that want to meet you, cryptography will be unable to help.

A heavy deadbolt will make your door harder to be lockpicked. But if the door is made out of thin glass, it's usefulness is limited.

Sergio A. Figueroa
  • 281
  • 1
  • 10
0

Because good encryption is much stronger than good security. Programmers are humans and humans make mistakes or they forget things. No one will never ever program that super-awesome secure program because the more advanced the security becomes the more advanced the hackers become. I mean let's look at the hieroglyphic characters, they are thousands of years old but nobody was able to decrypt Understand them until they have found the key, so if nobody knows the key to decrypt your data so it's secure. I don't mean by encryption using caesar cipher only. you can use keys generated using polynomial functions and then encoded into Base64 and nobody will be able to crack it!.

Oh!, I forgot. do you that Germans in the WWII used a type of encryption and the key kept changing everyday, but the Alliance were able to know the key and decrypt German messages because all of their messages ended or started by Hail Hitler so as long as nobody could guess what's and where is the information might be or at least a bit of it he wont be able to crack your encryption unless it's use a basic key.

adib
  • 17
  • 3
  • Also, some times you deal with situations where data should be sent a cross multiple servers which don't have good security thus it could be interrupted, that's why encryptions comes handy in these situations – adib Mar 12 '16 at 18:18