Snake oil (cryptography)

From Citizendium
Revision as of 23:47, 1 August 2008 by imported>Sandy Harris
Jump to navigation Jump to search

In Cryptography, the term "snake oil" is often used to refer to various products which do not offer anything like the security their marketing claims.

This is, regrettably, remarkably common. The reasons are rather varied:

  • As in any field, marketers exaggerate.
  • Then there is the incurable optimism of programmers. As for databases and real-time programming, cryptography looks deceptively simple. Almost any competent programmer can handle the basics, implement something that copes with the simple cases, fairly easily. However, as in the other areas, almost anyone who tackles difficult cases without both some study of relevant theory and considerable practical experience is almost certain to get it horribly wrong. This is demonstrated far too often.
    • For example, almost every company that implements their own crypto ends up with something easily broken; Microsoft Word and Adobe PDF encryption are the best-known examples, but there are dozens of others. The programmers on their product teams are competent, but they routinely get this wrong.
  • Cryptography in particular and security in general are tricky because you get no direct feedback. If your word processor fails or your bank's web site goes down, you see the results. If your cryptosystem fails, you may not know. If your bank's cryptosystem fails, they may not tell you.
    • In a famous example, the British Ultra project at Bletchley Park read many German codes through most of World War II, and the Germans never realised it.
  • Many purchasers do not know enough to evaluate a cryptosystem. Even experts in other technical areas often do not know this stuff.

Some of these issues are discussed in detail in Ross Anderson's book "Security Engineering". See his home page [1] for information on the second edition and complete text of the first.

Warning signs

A few things are warning signs that a product is bogus, or at least should be treated as suspect. We cover only the most conspicuous here; for more complete lists see the references.

  • Generally extravagant claims — "unbreakable", "revolutionary", "military-grade". "hacker-proof" ...
  • Violations of Kerckhoffs' Principle. If a vendor does not reveal all the internal details of their system so that it can be analysed, then they do not know what they are doing; assume their product is worthless. Any reason they give for not revealing the internals can be ignored.
    • The only exception would be a large government agency who have their own analysts. Even they might get it wrong; Matt Blaze found a flaw [2] in the NSA's Clipper chip withing weeks of its internals becoming public.
  • References to one-time pads

External links

  • Matt Curtin's Snake Oil FAQ [3] is the commonest reference.
Retrieved from "https://citizendium.org/wiki/index.php?title=Snake_oil_(cryptography)&oldid=514880"