Cryptography 'Becoming Less Important,' Adi Shamir Says 250
Trailrunner7 writes "In the current climate of continuous attacks and intrusions by APT crews, government-sponsored groups and others organizations, cryptography is becoming less and less important, one of the fathers of public-key cryptography said Tuesday. Adi Shamir, who helped design the original RSA algorithm, said that security experts should be preparing for a 'post-cryptography' world. 'I definitely believe that cryptography is becoming less important. In effect, even the most secure computer systems in the most isolated locations have been penetrated over the last couple of years by a series of APTs and other advanced attacks,' Shamir said during the Cryptographers' Panel session at the RSA Conference today. 'We should rethink how we protect ourselves. Traditionally we have thought about two lines of defense. The first was to prevent the insertion of the APT with antivirus and other defenses. The second was to detect the activity of the APT once it's there. But recent history has shown us that the APT can survive both of these defenses and operate for several years.""
He put the S in RSA (Score:5, Interesting)
Without him, it'd just be RA, which isn't even RAD.
The way I do security (Score:5, Interesting)
I have a PC that I use for all of my financial stuff, record keeping, and other critical data. I don't encrypt the hard drive. I don't even password protect files.
You know how I do security for the PC that handles my most critical data?
It's not plugged into the fucking Internet. That's how.
Security was never about encryption (Score:4, Interesting)
The use of encryption is only intended to provide a way for legitimate remote users to gain supervised access to the system without having to hack into it. The real culprit behind bad security is software reliability. Attackers look for and try to exploit the defects in the software. Why is software defective? Because (it's the bugs, stupid!) the Turing/Von Neumann model of computing is inherently insecure and unreliable. Why? Because timing is not an essential part of the model. I predict that this decade will see the end of the Turing madness [blogspot.com] and that the future of computing is non-algorithmic [blogspot.com]. There is no alternative and the sooner, the better.
He's probably just fed up. (Score:5, Interesting)
I suspect he's just fed up with the state of software security, which is appallingly bad. We now have patch-and-release on everything. This turns out to be a failed strategy against competent attackers.
I used to work on secure microkernels in the 1980s. I thought that by now we'd have provably secure microkernels in ROM with a mandatory security model enforced. Systems like that have been built a few times for the three-letter agencies, but never went mainstream. Instead, we have bloated operating systems with a high churn rate, and far too much trusted software per system.
Ballmer used to call this "strategic complexity". As Ballmer once put it, when asked why Microsoft kept adding functions to Windows, "If we stopped adding functions to Windows, it would become a commodity, like a BIOS. And Microsoft is not in the BIOS business".
Most applications should be running with far less privileges than they have. But if they are locked down properly, their ad tracking, update checking, and self-modification won't work. The user would actually be in charge.
Cryptography only provides a secure way to communicate between secure regions. If there are few or no secure regions, it doesn't help much.
Re:no (Score:5, Interesting)
I think the point is no encryption is going to protect you from users installing malware, buggy software, or just plain hand over data unknowingly.
That's a problem of the current day extremely fragile OS design. Stuff a user installs should simply never have the right to do any damage. Just like a HTML app is strictly sandboxed and can't access your whole HDD, so should a native executable. You don't really have to worry about malware when its locked up in a sandbox and can't even modify itself.
To make quick Unix example of how things should work:
Wrong way: sed "s/foo/bar/" file
Right way: cat file | sed "s/foo/bar/"
In the first one 'sed' has all the rights the user has and can do whatever it wants behind the users back. In the second case 'sed' needs absolutely no rights at all aside from being able to read stdin and could be completely sandboxed away. It's 'cat' that has the right to access users files and pass the data down the line to other programs. Thus instead of having dozens or hundreds of apps with file access, you have just one. Similar concepts can be adopted to the GUI easily where the file dialog (the GUIs 'cat' equivalent) becomes part of the OS instead of the application.
Comment removed (Score:5, Interesting)
Re:no (Score:3, Interesting)
First off, any security system designed should account for Dancing Pigs [wikipedia.org] in which security decisions should not be left up to the user because the user will always choose dancing pigs/rabbits/kittens over security basically 100% of the time. (Replace it with whatever - pr0n, pirated programs/apps, "free money", etc).
And anyone who says users should learn everything about computing before allowed in front of one - do you know everything about your car? Do you want your mechanic to be able to fix your car, or to compile and install a new Linux kernel? (Especially on your dime).
Re:no (Score:4, Interesting)
In case you (or someone else) doesn't click it, if you use your UID as the passphrase and "slashdot" as the site tag you get "i0+v+dXNbzPpvpW177NeV9eYnK" at my default settings of 26 characters, upper, lower, numbers and symbols.
For remembering just your UID. How simple is that?
To bump it up and alter the password completely when you change it there is a button that will change "slashdot" to "slashdot:1" - a change that is remembered by your browser, or can be written in a text file as a reminder because that isn't sensitive information.
This is not perfect security but it would go a long way to making identity theft and account hijacking harder if everyone showed their mother and their kids how to use this simple piece of code. They could go on using that one stupid password that is the only thing they can remember but be secure from rainbow tables and GPUs for a few years.
Re:no (Score:4, Interesting)
The problem is most owners have no clue how to do code signing
Paraphrased: "The problem is most owners have no clue how to safely store a gun." Or even: "The problem is most owners have no clue how to do proper parallel parking."
Just because you give everyone access to a tool doesn't mean everyone knows how to use it. That's where education comes into play. The same way we educate individuals how to talk, or behave in society. Education is important, hence, that's why it is mandatory up to a specific level.
I'm not saying everyone needs to know how to do proper code signing, but then again, not everyone knows how to service their car. But just because some people don't know, or don't want to learn doesn't mean that everyone should be banned from servicing their car.
And there is the real problem: we use the excuse that knowledge is optional to impose restrictions on others. You may not know how your door lock works now, but if you were so inclined, you could still replace it with one of your choosing. You could learn about the mechanics and even make your own. Or you could remove it altogether. Why couldn't you do the same with the lock on your computer?