bibliography: We need Assurance (SNOW) (1999-2008)

19 May 2013

Text Size

Expert Opinions

"There is a good chance that large quantum computers can be built within the next 20 years. This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt
"The security of the digital world has become a fundamental stake for the citizen with respect to his individual freedom ..., for the company with respect to the protection of its computerized industrial assets, ..., and for the state with respect to the reliability of operations and the reduction in the vulnerability of large and critical infrastructures ...”
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
"In the medium term, we need to be prepared for the eventuality that large quantum computers could be built: this would require an upgrade of most symmetric cryptographic algorithms and a completely new generation of public-key algorithms."

SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
"Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are sufficiently powerful to implement Shor’s ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.”

Prof Seth Lloyd of MIT, MIT Review 2008
Florence Luy asks the question: "Is the writing on the wall for 1024-bit (RSA) encryption?"
Dutch mathematician Hendrik Willem Lenstra: "The answer to that question is an unqualified yes."

Florence Luy, Hendrik Lenstra, “A mighty number falls”, 21 May 2007, École Polytechnicque Fédérale de Lausanne
Public key crypto key exchanges (RSA, D&H, ECC) would be ‘flat-lined’ under a quantum computer attack … "Open Problem”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006
"First and foremost, there is no proper excuse for continued use of a broken cryptographic primitive (MD5) when sufficiently strong alternatives are readily available, for example SHA-2. Secondly, there is no substitute for security awareness." ... "Advice from experts should be taken seriously and early in the process. In this case, MD5 should have been phased out soon after 2004."

Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
“The software security industry today is at about the same stage as the auto industry was in 1930" ... "it looks fast, goes nice but in an accident you die.” ... "The major shortfall is absence of assurance (or safety) mechanisms in software. If my car crashed as often as my computer does, I would be dead by now."

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008
“So the threat to cryptography is well understood due to work by Peter Shor and others. A symmetric algorithm like AES or others standard crypto processes is cut (of) key-size in half, which is a dramatic reduction. ... For key management purposes, against the RSA and the Diffie-Hellman and stuff, they flat-line under a quantum computer.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006
"Dropping support for a broken crypto primitive is hard in practice
- but crypto can be broken overnight
- what do we do if SHA-1 or RSA falls tomorrow?"

Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
"Given their power to intercept and disrupt secret communications, it is not surprising that quantum computers have the attention of various U.S. government agencies. The National Security Agency, which supports research in quantum computing, candidly declares that given its interest in keeping U.S. government communications secure, it is loath to see quantum computers built. On the other hand, if they can be built, then it wants to have the first one.”

Prof Seth Lloyd of MIT, MIT Review 2008
“New concepts for quantum computer implementations, algorithms, and advances in the theoretical understanding of the physics requirements for quantum computers appear almost weekly in the scientific literature.”

ARDA, Report of the Quantum Information Science and Technology Experts Panel
"History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did."

Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997
“We are a cyber nation. The U.S. information infrastructure--including telecommunications and computer networks and systems and the data that reside on them--is critical to virtually every aspect of modern life. This information infrastructure is increasingly vulnerable to exploitation, disruption, and destruction by a growing array of adversaries.”

The National Coordination Office (NCO) for Networking Information Technology Research and Development (NITRD), Federal Register: December 30, 2008 (Volume 73, Number 250).
“The time needed to factor an RSA integer is the same order as the time needed to use that same integer as modulus for a single RSA encryption. In other words, it takes no more time to break RSA on a quantum computer (up to a multiplicative constant) than to use it legitimately on a classical computer.”

Professor Gilles Brassard, "Quantum Information Processing: The Good, the Bad and the Ugly", 1997
"One often hears recommendations for key-sizes of public-key cryptosystems needed to obtain security for 30 years and even 50 years. Anyone wanting a real security of this magnitude should probably take the construction of the quantum computer into consideration."

ECRYPT, “D.PROVI.3 – First Summary Report on Unconditionally Secure Protocols”, January 2005
“Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software. If my car crashed as often as my computer does, I’d be dead by now.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008
"But conventional security is not enough. The complexity of today's operational environment means organisations must embrace a level of business resilience that is normally associated with the protection of critical national infrastructure."

Detica, a BAE Systems Company
“a significant breakthrough in quantum computation would spell doom for all these systems (ECC-192 or RSA-2048).”

European Network of Excellence for Cryptography, "D.AZTEC.2 Alternatives to RSA", July 2005
“Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

Resources

Security bibliography

Information assurance

bibliography: We need Assurance (SNOW) (1999-2008)

Group Title:	We Need Assurance!
Authors:	Brian Snow
Organisation:	Former Technical Director of the US National Security Agency (NSA)
Date:
Keywords:	information assurance
Electronic Publication:	Online Paper in PDF (2005) Online Slide show presentation in PDF AusCERT ’08, ITRadio, MP3 Audio Streaming video of this presentation in 2008
Abstract:	Today’s commercial cryptographic products have sufficient functionality, plenty of performance, but not enough assurance. Further, in the near term future, I see little chance of improvement in assurance, hence little improvement in true security offered by industry. The malicious environment in which security systems must function absolutely requires the use of strong assurance techniques. Most attacks today result from failures of assurance, not function. Am I depressed? Yes, I am. The scene I see is products and services sufficiently robust to counter many (but not all) of the “hacker” attacks we hear so much about today, but not adequate against the more serious but real attacks mounted by economic adversaries and nation states. We will be in a truly dangerous stance: we will think we are secure (and act accordingly) when in fact we are not secure. Assurance techniques (barely) adequate for a benign environment simply will not hold up in a malicious environment. Despite the real need for additional research in assurance technology, we fail to fully use that which we already have in hand! We need to better use those assurance techniques we have, and continue research and development efforts to improve them and find others. Recall that assurance are confidence-building activities demonstrating that system functions meet a desired set of properties and only those properties, that the functions are implemented correctly, and that the assurances hold up through manufacturing, delivery, and life-cycle of the system. Assurance is provided through structured design processes, documentation, and testing,with greater assurance coming through more extensive processes, documentation, and testing. All this leads to increased cost and delayed time-to-market - a severe one-two punch in today’s marketplace. I will briefly discuss assurance features appropriate in each of the following five areas: operating systems, software modules, hardware features, third party testing, and legal constraints. Each of us should leave today with a stronger commitment to quality research in assurance techniques with strong emphasis on transferring the technology to industry.It is not adequate to have the technique; it must be used. We have our work cut out for us; let’s go do it. (1999)
Citation:	Brian Snow, "We Need Assurance", Lecture Notes In Computer Science; Vol. 1717, Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems, 1999, ISBN:3-540-66646-X (LINK) Brian Snow, "We need assurance! [assurance of computing quality, reliability, and safety]", Computer Security Applications Conference, 21st Annual, 2005,
Related work:

Last Updated on Monday, 20 August 2012 14:06

This website uses cookies to manage authentication, navigation, and to provide you with a better and more personal service. By continuing to use this website, you are consenting to this use. Find out more here.

"Synaptic Laboratories is a rare company; they tackle the hard problems! Their basic approach is directly relevant to Governments and/or any commercial companies that deploy products that must function correctly in high-risk environments. They differ from most competitors in that not only do they work hard to get the concepts right, they also work very hard to assure the implementation is correct and robust as well."

Brian Snow - Member, National Academy of Sciences Committee on Future Research Goals and Directions for Foundational Science in Cybersecurity

Former Technical Director, Information Assurance Directorate, US National Security Agency

Expert Opinions

Related Items