Page 79 - CDM-Cyber-Warnings-March-2014
P. 79
You also need to apply ‘best practices’ to how your encrypted data is handled. Is there a single product which can actually prove itself to be backdoor proof? No, but if you insist on these practices for handling the key then you can consider any backdoor a moot point as you are then truly the only person who can access the key to the door. In order to ensure there is no backdoor to your encrypted data you need to rely on a simple three step process: 1. Your cryptographic algorithm needs to be bullet proof. Pick a good one. There are many to choose from and it should not be terribly challenging to find one that would stand up to any attack currently possible by either a nation state or a very well funded criminal organization. 2. Your cryptographic key should, generally speaking, rely on true random number generation. The key is crucial and in order to ensure the key cannot be guessed you need to begin with a ‘seed’ number that is random or the guessing is trivial. 3. Put that key in a safe place. Encryption and the assurance of no ‘backdoor’ requires a process and not a single product. Is your data safe? It’s entirely up to you. When you approach the conundrum of the elusive ‘No Backdoor’ question with this methodology you can put concerns of a backdoor to rest. Author: Mike Skurko, Director, Partner Sales at Utimaco Inc. Author Bio: Mike has well over a decade of hands-on experience working with leading IT Security firms globally. His experience ranges from security consulting while working for Cable & Wireless in the United States to both software and hardware security solutions. Mike is currently a director at the U.S. offices of Utimaco, Inc., a German manufacturer of Hardware Security Modules. Prior to working with Utimaco, Mike was a manager of security solutions for Coverity, a software company based in San Francisco that finds and fixes errors in code through static analysis. He has also provided security solutions to the banking industry and for government while at SSH of Finland. Mike has a B.A. in English Literature from Pitzer College, and is fluent in Japanese. " # % " $ " # ! !
