By Andy Dornan ,
In a paper published last week, two cryptographers contend the long keys used by "strong" encryption programs are easier for intruders to find, and a new generation of computer virus is tailored to locate them on hard drives.
Adi Shamir of the Weizmann Science Institute, in Rehovot, Israel, and Nicko van Someron of NCipher, Cambridge, U.K., said it's all too easy for viruses to take advantage of a key's randomness, the very feature that is supposed to make it hard to crack.
Encryption keys consist of 40 to 2,048 bits of random data. These have to be stored on a computer's hard drive, where everything else is filed in a very logical, ordered way. Theresult is chunks of randomness stand out, making them easy for a malicious program to track down. Even keys that have been erased can often be found, since only deleted files are removed from a PC's filing system, leaving the actual data stored on the disk until it's overwritten.
Loading a key into memory also can leave a permanent imprint.
The authors recommend network managers store keys only on smart cards and securely delete them every time they are used. For further security, encryption programs can spread a key among different memory locations, or all data can be encrypted so the entire hard drive appears to be random.
The paper, "Playing Hide and Seek With Stored Keys," is available at www.ncipher.com/products/files/papers/anguilla/keyhide2.pdf.
Try TechWeb's RSS Feed!Broadcom seeking Sr Staff Business Analyst in San Jose, CA
CAST Software, Inc. seeking Sr Post Sales Engineer in New York, NY
Tower Hill insurance Group, Inc. seeking Programmer in Gainesville, FL
ISES, Inc. seeking C # Engineer in Bridgewater, NJ
Dell, Inc. seeking Counsel, Distribution Law, Channel Sales Division in Austin, TX
For more great jobs, career-related news, features and services, please visit our Career Center.
TechWeb's FREE e-mail newsletters deliver the news you need to come out on top.
Get definitions for more than 20,000 IT terms.
Editorial and vendor perspectives
