[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Attacks on Encryption Code: Questions re Computer Vulnerability
The fact that the following very important article on financial
cryptography and digital commerce contains the Internet Bearer Underwriting
Corporation's very first mention in the press -- in the punchline thereof,
and in the New York Times, no less -- has *nothing*, mind you, absolutely
*nothing*, to do with my shamelessly forwarding it around, so that everyone
who matters can actually see the thing.
I *love* my job.
Yes, Matilda, it's *good* to be king... :-).
--- begin forwarded text
Date: Wed, 05 Jan 2000 09:36:08 -0600
To: [email protected]
From: [email protected]
Subject: IP: Attacks on Encryption Code: Questions re Computer
Sender: [email protected]
Reply-To: [email protected]
Source: New York Times
January 5, 2000
Attacks on Encryption Code Raise Questions About Computer Vulnerability
By PETER WAYNER
M embers of the computer security industry -- the folks who keep credit
card numbers safe from prying eyes on the Internet, among other things --
can be a contentious bunch. Competition, after all, often consists of
trying to break the other guy's code-scrambling technology in order to sell
a fix or alternative product.
But even by those standards, the industry is girding for an especially
nasty fight when the annual RSA conference is held early this month.
RSA, the public key encryption algorithm named for Ronald Rivest, Adi
Shamir, and Leonard Adleman, who invented it in 1978, is the foundation on
which much of the security protecting consumers and merchants on the World
Wide Web has been built.
Those systems are under constant assault by security experts, competitors
and hackers alike.
In recent months, several widely used encryption technologies, including
one used to scramble cell-phone conversations, have been cracked or at
least seriously threatened -- all by security experts in the name of
Among the more interesting recent attacks is one created by nCipher, a
small British company that makes special hardware it says can encrypt
information faster and more securely than a typical computer can. One of
its scientists, Nicko van Someren, recently demonstrated a simple program
that can extract the secret keys locked in a Web server used to process
credit card transactions. It is one of the first practical demonstrations
of a theoretical approach to code breaking that Mr. van Someren developed
about 18 months ago with Mr. Shamir, the Israeli cryptography expert who is
the "S" in RSA.
The attack is cause for concern because someone with a company's secret
keys -- the digital codes that unscramble data -- can use the information
to masquerade as that company and to steal credit card numbers and other
"While the merchants running the servers are the targets, the customers
are the victims," says Alex van Someren, Nicko's brother and the chief
executive of nCipher. "If the Web servers are compromised, ultimately the
financially sensitive information that's going to be lost belongs to a
Indeed, the nCipher attack could hurt small merchants the most because as
a matter of economy, they often share Web servers, the big computers that
operate Web pages, with other merchants.
Until recently, many experts assumed that the casual barriers separating
various companies' Web sites on the same server were more than adequate.
This attack, however, circumvents those barriers by loading a special
version of a program that merchants on the same Web server typically share.
Known as a C.G.I., for "Common Gateway Interface," this program's job is to
record the details of a transaction and send back customized messages to
consumers thanking them for their orders.
Mr. van Someren demonstrated that a C.G.I. could be written in such a way
that it evades the thin walls of security that separate companies on the
same server and identifies secret keys. The attack works against most
operating systems that power Web servers, including the Microsoft
Corporation's Windows NT and Windows 2000 and Sun Microsystems' Solaris.
One of the more novel elements of the attack is the fact that it works
blindly. While the C.G.I. can slip around the barriers and read data stored
in the server's memory, it receives no clues as to what the data means.
So how does it find the secret keys hidden among all the other scrambled
data? Paradoxically, by spotting the very randomness that makes
data-scrambling secure in the first place.
Mr. Van Someren and Mr. Shamir found that the keys are substantially more
random than most other data. Alphanumeric text -- the letters and numerals
consumers give to Web sites, for instance -- is generally repetitious and
rife with patterns. And since text is typically represented by numbers
between 32 and 127, Mr. Someren's program scans the server's memory looking
for data that include all possible numbers with no concentration of any
Not coincidentally, nCipher makes a product that defends against attacks,
so it is in the company's best interest to warn online merchants about the
malicious C.G.I. it created. NCipher also published details of the program,
making it easier for hackers to duplicate -- thus making e-commerce sites
more vulnerable to attack and more likely to buy nCipher's product.
While this kind of activity might be deemed unethical in many other lines
of work, it's considered fair game in the security industry.
"Is it blackmail?" said Alex van Someren. "The key issue here is we have
to break the systems here to make them stronger. You need to understand how
people break in to keep them out."
Besides, he argued, keeping the company's knowledge about the attack a
secret might have been even more unethical. Publishing a general warning,
he noted, at least made it possible for Web masters to defend their sites.
He added that online merchants were free to adopt any number of defenses,
including solutions from nCipher's rivals.
To be sure, nCipher is not the only company that makes specialized
hardware for encrypting and decrypting credit card numbers and other
sensitive information. I.B.M. and other companies specializing in
electronic commerce offer competing products and are constantly engaged in
researching the technology.
And in general, security hardware that is separate from the server
computer offers an advantage because it removes the keys from the scrambled
data, making them unavailable to hackers who find a way around a server's
Peter Neumann, a computer security researcher at SRI International in
Menlo Park, Calif., says that such hardware is a wise investment because
Microsoft and other makers of operating systems have done little to plug
security holes in their products.
"We knew how to solve many of these problems in the 1960's," Mr. Neumann
said, "but we've lost all of that in the mainstream."
Robert Hettinga, chief executive of Internet Bearer Underwriting
Corporation, which employs several kinds of cryptography to protect
Internet transactions, said the best solution might be a sort of cyberspace
isolationism. Computer systems are becoming so cheap, he said, that most
companies should be able to avoid sharing a server.
The C.G.I. attack, Mr. Hettinga said, proves that these days, "sharing a
digital commerce server is like sharing someone's toothbrush."
NOTE: In accordance with Title 17 U.S.C. section 107, this material is
distributed without profit or payment to those who have expressed a prior
interest in receiving this information for non-profit research and
educational purposes only. For more information go to:
To subscribe or unsubscribe, email:
with the message:
(un)subscribe ignition-point [email protected]
--- end forwarded text
R. A. Hettinga <mailto: [email protected]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'