February 15, 2005
The Weakest Link
Bruce Schneier reports on the principle of the weakest link:
To paraphrase Adi, "[security] is bypassed not attacked."
Posted by iang at February 15, 2005 10:24 AM
I don't fully agree that "security is bypassed, not attacked." To the extent that it is true, it is because security is often implemented very well, because it is part of the system that people study closely. But when security is weak, it is most definitely attacked. Look at DVDs for example. They used a weak cipher, it was attacked, and the movie industry was screwed. Look at WEP. It is weak and there are attacks in the wild. Look at Bluetooth. Same story.
If designers took that maxim seriously, would they stop worrying about making security strong, because attackers aren't going to go at it directly, they're going to go around it? That would be stupid.
The fact is, security is attacked as hard as possible. That's why security designers must take every care possible to make their security bullet proof. Only once they have done so does it become true that successful attacks bypass security. But that's going to be true automatically. If your security is so strong as to prevent attack, then by definition successful attacks will bypass security.
Now, of course I understand there is an important truth here, which is that in desiging a system you need to consider ways that people could go around your security, in addition to how they could attack it directly. But boiling it down to those five words is misleading. In reality, security is both bypassed and attacked, and you have to defend against both. And unfortunately we are not yet at the point where bullet proof security can be taken for granted in deployed systems. Designers still need to work very hard to prevent their security from being attacked head on. They can't just assume that throwing up a facade of security will send attackers elsewhere. That's what the rumors say Skype has done, and it will bite them in the end if it's true.
DVDs were *fundamentally* bad ... they had keys that could be reverse engineered, and it was when the guy got hold of the software copy that he was able to do that. In theory he could have done it with grand crypto as well. WEP - yes, that was weak and broken. Although, to what end? I gather it's really easy to break and hack into - it takes seconds - but we still don't hear of any real attacks. I've seen a lot of 'evil twin' scares but no actual attacks where damage has been done? Bluetooth - does that have any security? Has anyone stolen any money from them yet?
Have a look at that photo - is there any reason to strengthen the bar? No. What needs to be done is to widen the barrier, and that's what the maxim says: don't bother strengthening your crypto if you can be walked around trivially.
Cell phones had big problems with stolen accounts being sold, and the GSM crypto stopped that dead. It was only 40 bits. SSL/TLS is maybe the most reviewed protocol in history, but the first time the phishers came along they walked around and probably didn't even notice it was there. There's still at it, about a $Bil a year.
We'd really like to widen the barrier around SSL, but the problem we have is that the people manning the gate of SSL say it goes up and down perfectly, it doesn't need any fixing. Meanwhile, all those poor users are getting trampled either side in the rush...
If you've got any evidence of any bad guys trying to attack these things, then by all means, bring 'em on. We are *starved* for real attack news.