Finding the right lock for cryptographic keys

R.A. Hettinga rah at shipwright.com
Wed Jul 18 11:14:09 PDT 2007 

<http://www.theinquirer.net/print.aspx?article=41087&print=1>

The Inquirer

Finding the right lock for cryptographic keys

Speakers' Corner

Nicko van Someren, nCipher

By: Wendy M. Grossman Wednesday 18 July 2007, 14:37

"AS WE SEE IT," says Nicko van Someren, chief technology officer for
nCipher, "the big cloud on the horizon for computer security is how to deal
with the ever-expanding number of cryptographic keys that are vital to
computer security."

Cambridge-based nCipher got its start in 1996, when van Someren and his
brother, Alex, needed to incorporate cryptography into the Web browser they
were providing for Oracle's network computer.

"We thought of buying it in," says van Someren, "but it was all
export-controlled. So we thought we'd build our own - and then started
thinking there might be a market for doing crypto outside the US where it
wasn't confounded by US export controls."

Van Someren discovered computer science as a Cambridge undergraduate. Alex
went straight to work for Acorn computers and then set up a consultancy
business.

"I went to university for the both of us," says van Someren, who spent a
year between degrees interning at Xerox EuroPARC, helping his brother, and
designing networking equipment for his father's company. In 1994, just as
van Someren was finishing his dissertation (on video image processing), he
discovered the Web.

"So I wrote a Web browser," he says. "I called it Fresco, as a play on
Mosaic." Shortly afterwards Netscape launched. Fresco lives on as an
embedded browser in hotel room video front ends.

The complication in managing cryptography keys is the conflict between
ensuring both that keys are not misused by people who are not supposed to
have access to them and, simultaneously, that the keys are available to the
people who need them. The added complication is that increasingly
cryptography is being used to secure data itself, not just protect it in
transmission, which means many more endpoints.

Ten years ago, when nCipher started building the hardware to do that, you
were talking about modestly sized clusters. Now, a large enterprise may
have thousands of desktop machines and a server farm with hundreds of
virtual Web servers, and key management is a major issue. "You can set a
policy, for example, that require a weekly update in organisations where
highly paid personnel can cost hundreds of dollars to change a key on a
single server. If you can automate that you can save hundreds of dollars
times thousands of servers. If it takes a few hours of someone's time to do
each server you can't change keys more than once a year. If it takes a few
milliseconds, you can do it every day, so there's a qualitative improvement
in security into the bargain."

Take, says Van Someren, automated teller machines, which use cryptographic
keys in the process of veryifying ATM cards. Because ATMs still use
symmetric cryptography (where the same key both encrypts and decrypts),
there is a lot of concern about the keys getting lost or cracked. So, to
change the keys on one of these machines, each of two guys is given a
printout of half the key. They're sent out in separate vans, and on arrival
each types his half into the machine to gain access.

"If one fails to show, the other one can't do anything. It's a precarious
problem. Rekeying ATMs costs many hundreds of dollars, and they're supposed
to do it once a year, but they don't because it's too expensive."

The US stopped restricting cryptography in the late 1990s, but the second
significant battle fought over it persists: law enforcement access to
encrypted data. Under Part III of the Regulation of Investigatory Powers
Act (2000) cryptography users must disclose those keys if required to do so
by law enforcement. However, Part III still hasn't come into force, in part
because of concerns about how law enforcement should handle the keys they
acquire. A code of practice is now being laid before Parliament; van
Someren describes it as "a huge step in the right direction".

He says, "They have finally realised, I think, that the value of the data
they're going to get in the evidence room is just about the most valuable
thing they're ever going to have - it could easily be worth more than a ton
of coke." 5


 




-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

More information about the cypherpunks-legacy mailing list