For many years — almost since the beginning of secure internet communications — data security professionals have had to face the challenge of using certificates, the mechanism that forms the basis of Transport Layer Security (TLS) communications. Certificates facilitate secure connections to websites (represented by the “s” in “https”), and are a core component of verifying the identity of servers, machines, internet of things (IoT) devices, users and access points — and that is just the beginning of a long list of occasions where we use and depend on certificates.
Certificates, encryption keys and the algorithms that they employ to protect data are part of a growing area of discussion: cryptographic risk, also known as crypto-risk.
What Is Crypto-Risk?
Crypto-risk is a metric used to represent how well our data is protected by cryptographic means. To put it in context, experts use “data risk” to represent unmanaged or unprotected sensitive data, and they use “platform risk” or “infrastructure risk” to represent the unmanaged vulnerabilities of a computer, the physical location where it resides or the security of its operating system.
In order to evaluate those risk metrics, organizations use a variety of tools to discover everything from unprotected sensitive data, such as Social Security numbers or credit card information, to unpatched vulnerabilities in their operating systems and applications. Many organizations do not, however, have an effective set of tools for measuring how well their data is protected by encryption. In other words, there is not currently an adequate method of measuring crypto-risk.
To move the science of data security forward, it is important to create a standard for determining crypto-risk — one that accounts for all factors that contribute to the vulnerability of encrypted data. This could include a set of criteria based on answers to questions such as:
- What algorithm is used to provide integrity (e.g., MD-5, SHA-1, SHA-236, SHA-3, etc.)?
- What key lengths for encryption are being used to protect your data and is it consistent across your enterprise (e.g., AES-128, AES-256, etc.)?
- What algorithm is used for the digital signature on your company’s PGP keys or certificates (e.g., SHA-1, SHA-256, etc.)?
- When is your certificate due to expire (e.g., December 31 at midnight)?
- Who issued your certificate, how is it being validated and can it be (or has it been) revoked?
- What cryptographic libraries or software are currently installed on your organization’s systems and applications? Are they sufficient to protect the data?
These questions will be numerous — just like the questions about malware and event management — but knowing the answers will help organizations understand how to consistently use and manage their cryptographic assets and continually assess how effective those assets are at protecting the organization’s data.
“The Quantum Computers Are Coming! The Quantum Computers Are Coming!”
The industry is already a step behind when it comes to defining and measuring crypto-risk, but the story doesn’t end there. As we cross a new threshold of computing power, security teams will face greater challenges when it comes to encryption. The quantum age, the next generation of computing, promises to solve problems that cannot realistically be tackled by traditional binary computers.
One of the anticipated capabilities of quantum computers is that they will efficiently implement Shor’s Algorithm and Grover’s Algorithm, which can be used to crack encryption keys in far less time than traditional computing methods. When quantum computers reach the point where they can implement these algorithms and be acquired by consumers for a reasonable price, we will see a rise in malicious actors’ ability to erode the strength of existing symmetric algorithms like AES and effectively nullify existing asymmetric algorithms that are commonly in use today, such as RSA or ECC.
Fortunately, we have not yet reached that critical juncture. In fact, we do not yet have a quantum computer with the strength necessary to nullify even an RSA key. It is hard to say when we will reach that point, though some of our leading researchers believe it could be only two decades away.
The good news is that the National Institute of Standards and Technology (NIST) has already embarked on an effort to introduce new, quantum-resistant encryption algorithms. These post-quantum cryptography (PQC) algorithms promise to be resistant to the power of quantum computers.
IBM is working with NIST on evaluating two algorithms as part of its CRYSTALS project with the hope that we see acceptance and standardization of these new algorithms within just a few, short years. Such a development would give data security professionals new ways to protect our critical data, even archived data, using encryption algorithms that can withstand the power of next-generation computers.
The Crypto-Risks of Today
Even without the risk posed by the advent of quantum computing, other cryptographic risks still exist that need to be addressed immediately. These include those simple but persistent problems of using obsolete encryption algorithms, short encryption keys and certificates that are of unknown origin or pending expiry. If those risks go undetected and unmanaged, they represent an immediate and present threat to the data protection and business continuity of your organization.
Microsoft and Let’s Encrypt recently highlighted how certificate mismanagement can detrimentally impact business continuity. There is no excuse for us to continue to fumble the ball when we know that the problem is only going to get more complicated as we move ahead. Consider the actions taken by Apple to actively block certificate trust for any certificate over a year old, or the attempt by hackers to infect enterprises’ computers through the display of fake certificate security alerts, taking full advantage of organizations’ disorganized certificate management.
These efforts show that mismanagement (or no management) of cryptographic assets, such as certificates, keys, algorithms and libraries, is of critical importance and can not only negatively impact business continuity, but also create opportunities for malicious actors to find ways to compromise enterprise data security.
These threats represent crypto-risk. Crypto-risk is a risk to all enterprises today and it must be addressed.
Strengthen the Data Security Chain
The door is locked and chained on data security, but the lock is old and the chain is rusty — and only as strong as its weakest link. When an enterprise’s data is at risk, it is incumbent on the data security team to measure the strength of each link and take action to fortify the entire chain.
When it comes to encryption, we have many moving parts: algorithms, varying key sizes, certificates, asymmetric key pairs, symmetric keys, key rotation, key derivation — the list goes on. In order to get a handle on crypto-risk, there needs to be a way to show, in a simplified, combined view, the totality of encryption-related risk. Without a way to measure that crypto-risk, there is no way security teams are going to be able to manage it.