title: How much is security worth

How much is security worth?

An interesting advertisement passed my way the other day. A company is now offering to "recover" a Windows NT administrator's password upon request. They offer "standard service" (48 hour turnaround) for $990, "overnight service" (24 hour turnaround) for $1890, and "emergency service" (4 hour turnaround) for $4490. What is interesting is not, as the saying goes, that the bear can dance well but that the can bear dance at all. If I were consigning my corporate secrets to a Windows NT machine this ad would not make me sleep better knowing that someone with some expertise and "four Pentium Pro-200 boxes" (as the ad puts it) can break the security on the system. I'm sure that this company (http://www.ntsecurity.com/) is honest and would not help you break into my machine but they do guarantee "complete confidentiality".

In a related topic researchers at AT&T have shown that with the right resources it is quite easy to break 56-bit U.S Data Encryption Standard (DES) keys and almost trivial to break the export-legal 40-bit encryption keys. The paper (ftp://ftp.research.att.com/dist/mab/keylength.txt) shows how someone with an investment of a less than a million dollars can build a hardware DES key-cracking machine capable of breaking DES keys in less than a day. For an investment of a few hundred thousand, an organization could build a device that could break 40 bit keys in less than a minute. An organization with greater resources, an espionage agency for example, could get the key-breaking time down to less than a tenth of a second for 40-bit keys and a few tens of minutes for DES keys. The NSA claims that it is not quite so easy and has published a rebuttal of sorts (ftp://ftp.research.att.com/dist/mab/keylength.nsa). Even if the NSA is right and the cost is quite a bit higher today, the cost is bound to come down as processing speeds increase. In any case protecting corporate secrets (such as expansion plans) which might be worth hundreds of millions of dollars to investors or competitors with simple DES keys seems to be a real bad idea today and close to negligent in the near future.

There are many encryption algorithms which are far harder to break. The best known example is RSA. Estimates have been made that with current technology it would take longer than the current understanding of the lifetime of the universe to break a 1024-bit RSA key. If you are in the U.S. you can get a copy of Pretty Good Privacy (PGP) which uses RSA to protect email exchanges by filling out the form at http://bs.mit.edu:8001/pgp-form.html.

You do not need to always use longer keys. In triple-DES the text to be protected is encrypted using one DES key, the output is then reencrypted using a second DES key and the output of that operation is encrypted in a third DES key. The results are very hard to break.

Bottom line: don't use two-bit encryption to protect the formula for Coca-Cola.

PGP Key fingerprint: E9 B0 99 A3 B3 3E BC EB 23 8C 72 87 0E 3F B1 05

disclaimer: There ain't nothing two bit about Harvard (especially Harvard's opinion of Harvard) but the above worries are mine.