Strength of the Security Technology Implementation

  • Article

The strength of cryptography-based security depends on the strength of the encryption algorithm and the technology that implements the security. A weak algorithm or a poorly implemented security technology can be exploited to decrypt any ciphertext that it produces. For example, a weak algorithm can produce ciphertext that contains hints or patterns that greatly aid cryptanalysis. A poorly implemented security technology might also provide unintentional backdoors that attackers can discover and exploit. For example, a poorly implemented security technology might provide a way for attackers to obtain secret keys from memory caches.

For maximum protection, encryption keys need to be generated randomly; however, faulty implementations of random generators also can produce keys that are predictable. Furthermore, the implementations of security technologies can be attacked either at the system level or at the application level. An intruder might be able to start a computer from a floppy disk and use low-level disk tools to locate the encryption keys that are stored on the hard disk. If an operating system caches secret keys in memory, attackers might be able to force buffer overflows or core dumps to reveal keys. Attackers also might be able to plant an unauthorized application or virus to modify how an encryption implementation works (for example, to generate random-looking keys that are known to the attacker).

The best implementations of cryptography-based security are generally provided by security products that have been analyzed and tested over time and that have no known significant security flaws or weaknesses. However, no security software is perfect, so it is important to promptly fix significant security holes in products as they are discovered. Many vendors, including Microsoft Corporation, make timely security fixes available for their products when they are needed.

In general, you can reduce the risk from weaknesses in cryptography-based security products by doing the following:

  • Use cryptography-based products that have been thoroughly analyzed and tested over time.

  • Provide adequate system and network security measures, to reduce the potential for exploitation of weaknesses in your cryptography-based security systems. For example, you might protect servers that provide security by configuring the servers for high security and placing them behind firewalls.

  • Update security applications and systems when security patches and fixes become available to correct problems as they are discovered.