Six Lines

▶ The Difference Between Cryptography and Security

Posted by Aaron Massey on 25 Jan 2011.

One of the most common pieces of bad security advice I’ve heard over the years is that we should never, under any circumstances, write our passwords down. This is bad advice for many reasons, but I’ve continued to see it from well-meaning individuals for years. One recent example, is this tweet from TechPolicy:

Saw in store…notebook to keep all of your online usernames/passwords in “one easy, convenient place!” Bad idea.

Be sure to check out the picture that came with the tweet.

People continue to advise against writing down passwords because they do not fully understand the difference between cryptography and security. Cryptography is the only area in computer security where all the numbers and mathematics favor defense over attack, but only under heavily controlled circumstances. The ideal cryptographic scheme requires a completely random, unguessable, long password that’s memorized. Unfortunately, as any computer security expert will tell you, we don’t live in an ideal world. In reality, ideal passwords are hard to remember, and in many circumstances you will dramatically reduce your risk by using a completely random, unguessable, long password that’s written down on a piece of paper you keep in a secure location. As Bruce Schneier said many years ago:

We’re all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet.

There are many more potential attackers that could attack you over the Internet than there are that could have physical access to a secure location in your home. That’s not to say that you’re not increasing your risk in other areas. The vast majority of crimes are perpetrated by people who know their victims, and many of them are immediate family members. These folks may have access to your wallet. Still, if they know you well, and you’re using a password you can easily remember, they would already have a leg up on guessing it simply by knowing you. In fact, many people share passwords with close friends and family members on a regular basis. If it’s easy to remember, whomever you shared your password with will have a good chance of remembering it.

Here’s my advice: Cut out a piece of graph paper and fill a 14 by 14 grid with random letters, numbers, and symbols. The best way to do this is to use a solid random password generator to generate 14 passwords of 14 characters in length. Then choose a column or a row as your password. You can go right to left or left to right (or up to down or down to up). You could even use several of these as different passwords for different things, which defeats another serious problem that results from not writing passwords down: using the same password for every site you visit. Secure this piece of paper in your wallet, and refer to it as needed. Eventually (maybe after some months) you’ll have memorized the password. Then you may be able to secure the paper somewhere safer.

Even if you don’t take that advice, I strongly urge you to use strong passwords and write your passwords down. The notebook that inspired the TechPolicy’s tweet may actually be the best solution if you are confident that you can secure that notebook from anyone who would reasonably be interested in attacking you.

If you still feel uncomfortable writing passwords down or if you would prefer a digital solution, use a program like 1Password. It encrypts all of your online passwords with a single local password. Agile Web Solutions has browser plugins for every major browser that will allow you to automatically fill in extremely long random passwords, a different one for every site, while you only have to use a single password to access them.

If you’re interested in another example of the confusion between cryptography and security, consider another common piece of bad security advice: security through obscurity is not security at all. Essentially, in cryptography, simply creating something that is not obvious, or somehow just ‘obscured,’ doesn’t guarantee that it is secure in a cryptographic sense. This is one of the most important rules behind the mathematics of cryptography. In fact, a truly secure cryptographic system should be so secure that even if an attacker knew the entire algorithm behind it, they would still not be able to break it. Opening the algorithm and eliminating any obscurity about what it does allows cryptographers from all around the world to critique every element of it to ensure that it is computationally infeasible to break it. This is why the best cryptographic algorithms in commercial use have open source implementations.

Still, as Gene Spafford says:

However, the usual intent behind the current use of the phrase “security through obscurity” is not correct. One goal of securing a system is to increase the work factor for the opponent, with a secondary goal of increasing the likelihood of detecting when an attack is undertaken. By that definition, obscurity and secrecy do provide some security because they increase the work factor an opponent must expend to successfully attack your system. The obscurity may also help expose an attacker because it will require some probing to penetrate the obscurity, thus allowing some instrumentation and advanced warning.

In point of fact, most of our current systems have “security through obscurity” and it works! Every potential vulnerability in the codebase that has yet to be discovered by (or revealed to) someone who might exploit it is not yet a realized vulnerability. Thus, our security (protection, actually) is better because of that “obscurity”! In many (most?) cases, there is little or no danger to the general public until some yahoo publishes the vulnerability and an exploit far and wide.

Note his emphasis throughout that security is about increasing or decreasing risk.

Cryptography is critical, and for it to work, cryptographers and security experts must follow certain rules and procedures. However, these rules and procedures do not always make sense to apply directly to real-world security problems. The needle in the haystack is depends entirely on being obscured to remain secure from detection. It’s a lot of work for the average Joe to find a needle in a haystack, but if you knew where it was, you could find it pretty easily. It’s not remotely “secure” in a cryptographic sense because there’s an entire class of devices that would be able to find it without much effort (magnets, metal detectors, etc…). Still, for most people, in most circumstances, finding a needle in a haystack remains as the figure of speech implies: unlikely to be found.

Remember: Cryptography is about mathematics; security is about risk management.