Crypto-Visionen –ist IT-Sicherheit überhaupt zukunftsicher? Burt Kaliski, RSA Laboratories NetworkWorld Security-Tage München, 04. Dezember 2002
Overview • Thinking about cryptography over the next several decades • Is IT-Security safe for the future?
Key Size and Space Travel • Today, 80-bit minimum (= 1024-bit RSA, 160-bit ECC) • NIST proposes 128-bit minimum (3072-bit RSA, 256-bit ECC) for protecting data beyond the year 2035 • But research could change future comparisons dramatically • Like travel to nearby stars BSI Empfehlung: “Geeignete Krythoalgorithmen” *Anf. § 17 Absatz 1 SigG v. 22.Mai 2001 1024-bit bis zum Jahr 2006 2048-bit ab dem Jahr 2006
The Quantum Effect • Theoretically, a quantum computer can break most if not all PKC, halve symmetric key sizes • Shor’s, Grover’s algorithms • Practically, decades away (?), and incrementally visible • Economic model is uncertain • Yet quantum mechanics surely has other surprises
A World without PKC? • Mental exercise: What if PKC hadn’t been invented? • What if PKC as we know it were broken? • Symmetric cryptography, hash functions still available • Merkle hash-tree signatures a good backup • Quantum cryptography ready for point-to-point
It’s All about Trust • Alice and Bob traditionally have keys • But so far, people don’t do crypto • In practice, computers have our keys • We trust computers to use our keys properly • With enough assurance, symmetric cryptography is sufficient
Proxies Near and Far • Devices are just proxies for user crypto operations • User authenticates, instructs • Device verifies, follows • System trusts based on assurance • PC, PDA, mobile phones, smart card are local proxies, network services are remote • What’s the difference?
Device Security • Physical threats make it harder to trust devices • Secure implementation a major area of crypto research • New paradigms gaining importance: forward security, distributed cryptography
Beyond the Basics • Traditional cryptography has focused on keeping data safe • Emerging cryptography will focus on keeping processes safe • Examples: • Data mining without seeing the data • Auctions without a broker
Safe Utility • Security must be easy to use • Passwords, biometrics, “remote controls” will be essential tools for the user • Focus on safety in general, as in other consumer products. Not just security • Sicher = safe, secure, certain
The Weakest Link • Not key size, quantum, … • People! • IT is an amazing tool for expressing human creativity, and malice • Which will we encourage?
Conclusions • Is IT-Security safe for the future? • As sure as anything else people will do • Cryptography has much more to offer IT • How will you use it?
Contact Information • Burt KaliskiDirector, RSA Laboratoriesbkaliski@rsasecurity.comhttp://www.rsasecurity.com/