Once again the importance of sound key management has been brought into sharp focus. The Heartbleed bug found in OpenSSL, one of the most common means of encrypting data on the internet and internal networks, provides a way for attackers to potentially access private keys. In the context of SSL/TLS, stealing the private key enables the attacker to decrypt traffic or spoof the site and yet seem legitimate. In this case, attackers could have been doing it since 2011 and can continue to do it until the software is patched and keys and certificates are remediated. Unfortunately, replacing keys and certs is expensive and time-consuming. How can we stop this from happening again?
Before getting into solutions, it's important to understand what we're dealing with. I'm biased, but keys really are special. They may be just ones and zeros, but they're not just regular data. Keys represent trust, and their secrecy and integrity determine whether that trust can be relied upon. Think of keys as the anchor points for reputation, confidence and value. If those anchors prove to be weak, the implications can be enormous. Now, most people tend to think about keys and cryptography as being very logical, very binary – data is either encrypted or it is not, digital signatures either validate or they do not and certificates can be trusted or not; there's no middle ground. That's why encryption is such a convenient, and therefore common, safe harbor in data breach disclosure laws – if the data is encrypted it doesn't matter that it was lost. In reality this is a dangerous simplification. There are many shades of grey when it comes to crypto and most of them revolve around key management.
Attacks against keys are some of the most insidious attacks there are and the impact can be devastating. Key theft, such as that made possible by Heartbleed, may go undetected for months or years and allow attackers to exploit keys at their leisure to unpick historic as well as future data until those keys are replaced. If stealing data such as credit card details or passwords is the equivalent of stealing money, stealing keys is the equivalent of stealing the machine that makes the money. Stealing keys is quite literally the attack that keeps on giving. And, it's not just a concern over data loss. The theft, or even suspected theft of keys used as part of a trust infrastructure, for example a PKI, has immediate and painful implications. Attacks against root keys, the keys used to issue employee smart cards, application ID certificates and device credentials bring the trustworthiness of the entire system into doubt and may force all credentials to be replaced, taking the systems and devices that rely on them offline until the process is completed.
The good news is that protecting keys from theft is a solvable problem; in fact if you have a smartphone or laptop you already carry around technology that was designed to do just that. What started as a technology to protect keys in ATMs and retail point-of-sale devices as well as military encryption systems is well established as a way to harden crypto systems in general. By adding layers of protection to prevent physical tampering and to insulate against attack by malicious software or even unscrupulous insiders, the keys and the software processes that use them (like encryption) can be made considerably more secure.
Of course, protecting phones and laptops is important, but servers are where the money is. Whether we're talking about eCommerce websites, payment processing services, data analytics, records management, PKI or a host of other services, these server based applications need protection. As a result, thousands of organizations already take the step of using crypto devices known as hardware security modules (HSMs) to protect keys and ensure that they can't be easily stolen, modified or misused even if the attacker has access to the host machine. Research firm Gartner recently gave this advice to organizations considering either deploying or revamping their PKI certificate authority (CA) “Key management and storage for the CA itself should be implemented using an HSM capable of protecting against logical and physical attacks on the key store. Such devices should be appropriately accredited to standards such as FIPS 140-2 or other national equivalent.”
Attacks such as Heartbleed and recent disclosures by Edward Snowden have caused some to question the value of encryption as a core technology. Nothing could be further from the truth. Cryptography is the mainstay of trust in a digital world. Without it, privacy and our journey to the cloud would be nothing more than pipedreams. In reality, what we are witnessing is the exploitation of poor implementations of crypto systems and weak key management rather than the discovery of fundamental flaws.