[Cryptography] The Laws (was the principles) of secure information systems design

Michael Kjörling michael at kjorling.se
Sat Jul 16 09:01:13 EDT 2016


On 15 Jul 2016 19:36 +0100, from peter at m-o-o-t.org (Peter Fairbrother):
> Data security is not "a sliding scale of tradeoffs towards .."
> 
> Data security is "can I, and nobody else I don't want to, get my data
> when I want it?".

**...and can I be certain that nobody has tampered with the data in
the meantime?**

Your variant covers confidentiality and availability, which are only
two sides (albeit very relevant ones) of the security triangle; there
is also authenticity.

The extreme example, of course, is again the one-time pad: textbook
OTPs, if done right, provide confidentiality and availability, but not
authenticity. For that you need something like an OTP plus MAC.


> And that's why security is a Boolean; not a process, not a set of
> compromises.

So how about, instead of "security is a boolean", chalk it down to the
slightly longer but IMO much more descriptive: **If you think that the
answer to "is it secure?" is "yes", then the correct answer most
likely is "no".**

Based on the reasoning that an _unqualified_ "yes" answer to an
_unqualified_ "is it secure?" is virtually guaranteed to be wrong,
based on the idea that there is some attack vector you are not
considering or not fully defending against or which is outside of the
scope of the system under consideration. A "no" answer, on the other
hand, allows for (and even points at the likelihood of) the
possibility of there being _any_ attack vector that you are not (a)
considering or (b) properly protecting against within the scope of the
system.

Even if that attack vector is something mundane such as rubber hose
cryptanalysis or denial of service.

Someone who is willing to spend the time to determine what might be a
reasonable threat model won't be asking an unqualified "is it
secure?", but rather a qualified "given this threat model, is this
system secure against this threat?". The answer to _that_ might very
well legitimately be "yes". _For example_, I could very likely
legitimately answer "is the data stored well-encrypted on magnetic
HDDs where the FDE metadata has been overwritten by random data,
secure against disclosure from decommissioned drives sent in for
electronics recycling to within a budget of $10,000?" with an actual
"yes", because any remnants of data will be random-looking garbage,
encrypted but where the decryption key has been thrown away.

-- 
Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
                 “People who think they know everything really annoy
                 those of us who know we don’t.” (Bjarne Stroustrup)


More information about the cryptography mailing list