[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)
Perry E. Metzger
perry at piermont.com
Mon Nov 16 13:05:07 EST 2015
On Mon, 16 Nov 2015 11:19:40 -0500 Kyle Rose <krose at krose.org> wrote:
> This guess isn't completely blind, however, and so if you have some
> information that needs to remain secret for 20 years,
Just a slight redirect of the model in your mind. The issue isn't only
keeping information qua information secure for long periods.
SCADA systems and other embedded hardware may need to be kept secure
from tampering for 30 years or longer. This stuff shows up in
surprising places -- people really are doing things like putting
building heating and elevator systems onto the internet now.
The biggest current problem is that generally the engineers building
such systems have no idea how to design them for security, but even if
they did, how do you design a system to remain secure when it might be
in place in forty years because no one wants to replace their elevator
controller since it is still working?
Say you have thousands of such systems or even millions of them out in
the field, all happily dialing home and getting new instructions, all
that protected by an RSA key or an elliptic curve signature key. How
do you keep that safe for a stupid amount of time?
The sad truth is, you probably can't...
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list