Key Management in the Multi-Platform EnvironmentDownload the white paper "Key Management in the Multi-Platform Environment" |
We've seen experts hack into the Department of Defense (DOD) mainframe in 60 seconds, intelligence agencies decrypt hard drives in just mere hours, and teenagers preventing dark conspiracies from their satellite enabled phone. Hollywood gives us a lot of exciting stories that at times make it seem like there is almost nothing we can do to protect our sensitive data from being stolen. But it is important to remember that movie makers need to embellish details and add certain amount of artistic license to tell a more intriguing story. It is good from time to time to separate fact from fiction.
I'm not saying everything we see in movies about information protection is wrong, in fact when considered at it's most basic it's all actually rather accurate. People do walk out of businesses with hard drives jam-packed with sensitive information. There are super computers that can crack non-standard encryption, and hackers are getting more resourceful and more daring every day.
We've seen a lot of stories this year about passwords being hacked, both where the users simply were not using strong passwords and where companies failed to correctly protect the data either as it traveled or at its rest.
Let's review some data breaches from the movies and see if they could happen in reality:
In the movie Swordfish, the protagonist is tasked to infiltrate a network encrypted with a 512-bit cipher. I won't even go into the fact that they are talking about a one-time pad. A 128-bit cipher is already a very safe encryption standard, but it is theorized that it could be cracked by a brute force attack, or exhaustive key search, by a special built computer in a matter of days. However, a 256-bit key would require 2128 times more computational power and a 512-bit key 2384 times more computational power. Assuming that the encryption key was generated properly using truly random and unique characters, it makes cracking them virtually impossible. Our protagonist would not have been able to do this in just a couple of days, no matter his skills or the technology at his disposal.
Another example is one where a secret agent like James Bond recovers a hard drive from a villain and his Quartermaster decrypts it and recovers the secret information. This scenario is actually not too far from what happens in reality. There are even commercially available software packages that can help you decrypt a hard drive, but the only ways they can do that is by first searching for and recovering the encryption key stored on that hard drive. If the key is stored with the encrypted data, then anyone can steal that information in a minimal amount of time. Once they find the key they can just use any decryption program and extract the plain text. But if the key is stored apart from the encrypted disk, or data, we are back to dealing with the constraints of trying to break a strong cipher like my first example.
So when you are looking at protecting your data, don't fret after watching Hackers, but choose the right tools for the job. Use an encryption key manager that uses a solid random approach and store your encryption keys separate from anything you are encrypting. Alliance Key Manager, our encryption key manager, does both.