As the security landscape continues to shift our security defenses must evolve too. Traditional and static systems are inherently insecure and become less secure every day; the same is true for cryptography.
Developed centuries ago, cryptography is perhaps one of the earliest security defenses. The application of cryptography for government secrets protection has evolved through wars and global innovation. Today, cryptography is used to protect many of the routine activities we take for granted, like bank transactions and online shopping.
In business environments, cryptography is used to protect and authenticate applications and IoT devices, however the onset of quantum computing means that today’s cryptographic algorithms will become ineffective and obsolete. Our reliance on hardware and software in traditional IT environments and IoT ecosystems makes the potential fallout from broken cryptographic algorithms highly concerning.
Cryptography is an effective defense against cybercriminals targeting devices and systems, however evolving computing power will ultimately erode cryptography’s defenses. Many active and deployed IoT devices have lifespans that will exceed the effectiveness of the cryptographic keys assigned to them, making crypto-agility more critical for risk management and mitigation.
Swapping out encryption keys, upgrading crypto libraries or re-issuing digital identities is common practice in response to a critical security threat, but new and emerging threats are generating new consequences that can lead to business disruption or worse, a significant breach event.
Here are 5 increasingly common examples of cryptographic key risk:
- Compromise or breach of root – When a Root of Trust (RoT) is breached, all trust is lost. In the case of a certificate authority issuing certificates, a breach renders the chain of trust and all public and private keypairs moot, or even dangerous, as they can be issued and used maliciously. The immediate replacement of that RoT is required, along with the updating of all certificates and keys used by devices.
- Algorithm depreciation – Similar to a compromised RoT, a complete replacement is required in the event of algorithm depreciation. Any keys using the affected algorithm are insecure, raising the risk of rogue actors breaking encryption and rendering communication insecure while making data readily accessible.
- Crypto library bug – Discovery of a bug inside crypto libraries may require the generation of new keys and certificate reissuance according to the technology used in patching or replacing it.
- Quantum computing – According to Gartner analysts Mark Horvath and David Anthony Mahdi, most public-key algorithms in use today will be susceptible to attack by quantum computing processors within the next five to eight years.
- Certificate expiration – Certificate expiration is an important mechanism to ensure certificates are regularly refreshed. It offers a check and balance system, in the form of workflow and approvals, to verify authenticity and integrity. With the shift to one-year SSL/TLS certificate lifespans introduced in 2020, the need for automated renewal has reached an all-time high.
Crypto-Agility is Key to Mitigating Cryptography Risk
The greatest challenge in crypto management is that cryptography exists everywhere – it’s diverse, hidden and divided across services, PCs, firewalls and devices. Having a strategy and automated tools that permit agility and the ability to change out algorithms is essential. When developing or augmenting a business’ crypto strategy, the following seven steps can help IT teams get ahead of potential disruptions, respond to high-level crypto risk, strengthen cryptographic defense and act before threats become serious:
- Conduct an audit to understand how many digital certificates the organization has.
- Build an inventory to identify where they live and what they’re used for.
- Document the hash algorithm they use and their overall health.
- Flag certificate expiration dates.
- Assign or note who owns every certificate.
- Map the methods used to protect valuable code-signing certificates.
- Ensure a centralized method is used to securely update every certificate.
Many experts believe that quantum computing will pose a legitimate threat somewhere between 2025 and 2035. When it does, today’s cryptographic algorithms such as RSA and ECC will become easily breakable. While 2025 may seem like a long way off, many systems being designed and deployed today will still be around then – especially “long-life” cryptographic systems such as industrial-focused IoT devices, cryptocurrencies, and Public Key Infrastructure (PKI), making the practice of cryptography paramount to getting it right.
CTO
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.