faq: Why do we need a new security ecosystem? (Quantum Focus)

18 May 2013

Text Size

Expert Opinions

“Consider the use of smart cards ... for especially critical functions. Although more costly than software, when properly implemented the assurance gain is great. The form-factor is not as important as the existence of an isolated processor and address space for assured operations – an ‘Island of Security,’ if you will. Such devices can communicate with each other through secure protocols and provide a web of security connecting secure nodes located across a sea of insecurity in the global net.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008
"Many crypto-systems considered robust have been broken after a certain amount of time (between 10-20 years). ... We need to build crypto-systems that offer long term security, for example for protecting financial and medical information (medical information such as our DNA may be sensitive information with impact on our children, our grandchildren and beyond)."
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
"Security and dependability issues typically go along with the life cycle of a technology. The trend to first deploy a technology and later fix its problems – typically driven by economic motives – is gradually making way for security by design, resulting in improved security at the beginning of the life cycle."
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
Florence Luy asks the question: "Is the writing on the wall for 1024-bit (RSA) encryption?"
Dutch mathematician Hendrik Willem Lenstra: "The answer to that question is an unqualified yes."

Florence Luy, Hendrik Lenstra, “A mighty number falls”, 21 May 2007, École Polytechnicque Fédérale de Lausanne
“Build-in Security: Ensure that security is considered and built into the design of new infrastructure, so that our critical assets are protected from the start and more resilient to naturally-occurring and deliberate threats throughout their life-cycle."

Obama-Biden Plan, Agenda: Homeland Security, December 2008
"Today’s systems must anticipate future attacks. Any comprehensive system – whether for authenticated communications, secure data storage, or electronic commerce – is likely to remain in use for five years or more. It must be able to withstand the future: smarter attackers, more computational power, and greater incentives to subvert a widespread system. There won’t be time to upgrade it in the field."

Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997
"First and foremost, there is no proper excuse for continued use of a broken cryptographic primitive (MD5) when sufficiently strong alternatives are readily available, for example SHA-2. Secondly, there is no substitute for security awareness." ... "Advice from experts should be taken seriously and early in the process. In this case, MD5 should have been phased out soon after 2004."

Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
“Advances have often been done in steps, and beyond approximately 10 years into the future, the general feeling among ECRYPT partners is that recommendations made today should be assigned a rather small confidence level, perhaps in particular for asymmetric primitives.”

European ECRYPT Network of Excellence, “Yearly Report on Algorithms and Key Lengths (2007-2008)", 2008
"The future ability of quantum computers might be a decade or two away, their future ability to break public-key cryptography has important implications for the encryption of highly sensitive information today. For these applications, we must already design new public-key cryptosystems and one-way functions that are immune to quantum cryptanalysis."

ARDA, Report of the Quantum Information Science and Technology Experts Panel, 2004
“Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software. If my car crashed as often as my computer does, I’d be dead by now.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008
“Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008
"One should not assume that stakeholders do not care about their security merely because they do not understand the consequences of certain actions. The perception of risk can vary significantly from actual risk and, in the short term, convenience may lead some early adopters to make hazardous decisions."
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
"Many applications stay in use for much longer than anticipated, but during the extended lifetime they will be functioning in an environment for which they have not been designed, resulting in completely new vulnerabilities and risks."
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
"Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are sufficiently powerful to implement Shor’s ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.”

Prof Seth Lloyd of MIT, MIT Review 2008
“In the next five years we will counter many 'hacker' attacks but we will not be safe from Nation States and other large entities”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008
“New concepts for quantum computer implementations, algorithms, and advances in the theoretical understanding of the physics requirements for quantum computers appear almost weekly in the scientific literature.”

ARDA, Report of the Quantum Information Science and Technology Experts Panel
"But conventional security is not enough. The complexity of today's operational environment means organisations must embrace a level of business resilience that is normally associated with the protection of critical national infrastructure."

Detica, a BAE Systems Company
"History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did."

Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997
“When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005
"In the medium term, we need to be prepared for the eventuality that large quantum computers could be built: this would require an upgrade of most symmetric cryptographic algorithms and a completely new generation of public-key algorithms."

SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007

Resources

Frequently asked questions

Synaptic security ecosystem

faq: Why do we need a new security ecosystem? (Quantum Focus)

Synaptic Facts and FAQs - Synaptic security ecosystem

We need a new security ecosystem for many reasons.

The interdependent web of our critical infrastructures and information systems undergirding the global village are fundamentally insecure on account of poorly designed systems, poor integration of cryptographic and security functions, a low assurance development model and the choice of marginally secure cryptographic primitives. Many of our critical global communications networks offer little to no security against targeted malice. Complex interdependent systems are designed with single points of failure that can impact millions of people. The entire system must be systematically hardened.

In particular it is recognised that one of the cornerstones of modern cryptography is at risk of abrupt and catastrophic failure with the arrival of code-breaking quantum computers.

Cryptographic primitives such as block ciphers, stream ciphers, hash functions, key exchanges and digital signatures are the fundamental building blocks which modern computer security is built from. A secure cryptographic primitive on its own cannot guarantee security. Conversely a weak cipher offers no security or worse, the illusion of security.

Cryptographic security has always been a moving target. Cryptographic security is influenced by advances in cryptanalysis (mathematical attacks against ciphers), advances in computing power and advances in our understanding of physics. Today we are entering into the next great shift in cryptography. To quote an official publication advising on the strength of different cryptographic primitives by the European Network of Excellence for Cryptology (ECRYPT), a European FP7 program that coordinates over 32 organisations including Ericsson AB (Sweden), France Telecom, Gemalto, IBM Research GmbH (Switzerland), MasterCard Europe sprl (Belgium), Vodafone Group Services Ltd (UK) and over 20 leading European universities:

Advances have often been done in steps, and beyond approximately 10 years into the future, the general feeling among ECRYPT partners is that recommendations made today should be assigned a rather small confidence level, perhaps in particular for asymmetric primitives. ... For instance, signing a message both with RSA and discrete logarithm technology does not offer any additional security if quantum computers become a reality.

European ECRYPT Network of Excellence, “Yearly Report on Algorithms and Key Lengths (2007-2008)", 2008

The ECYPT report places an unprecedented umbrella disclaimer over all its recommendations for modern asymmetric and symmetric primitives by stating:

The recommendations in this report assumes (large) quantum computers do not become a reality in the near future.

Today a vast array of important data is secured by at-risk public key algorithms. This data has been and continues to be recorded. The longer the at-risk systems are used the more data we ultimately are providing to the attackers for eventual decryption and exploitation. It can take more than a decade to migrate to a post quantum secure cryptographic ecosystem and so if a code breaking quantum computer is created 'by the wrong people' for example in five years, and no attempt has been made to begin a migration, then a complete rip and replace exercise becomes mandatory at incalculable cost and effort.

Every year that we delay a migration the larger and more complex the global community and its transactions become. The cost to begin to migrate a global system in 5 years from now will be exponentially more expensive given the speed with which major populations such as China, India and South America and also under developed nations are entering the global economic village.

Click here to learn about the quantum computing advances that are leading to greater discomfort and uncertainty in the global cryptographic community.

Click here to learn more about the conservative security strategy Synaptic proposes to comprehensively manage these known risks on the event horizon.

This website uses cookies to manage authentication, navigation, and to provide you with a better and more personal service. By continuing to use this website, you are consenting to this use. Find out more here.

"Synaptic Laboratories is a rare company; they tackle the hard problems! Their basic approach is directly relevant to Governments and/or any commercial companies that deploy products that must function correctly in high-risk environments. They differ from most competitors in that not only do they work hard to get the concepts right, they also work very hard to assure the implementation is correct and robust as well."

Brian Snow - Member, National Academy of Sciences Committee on Future Research Goals and Directions for Foundational Science in Cybersecurity

Former Technical Director, Information Assurance Directorate, US National Security Agency

Expert Opinions

Related Items