Hackers focus on stealing keys, not breaking encryption, says Ncipher

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Hackers focus on stealing keys, not breaking encryption, says Ncipher

San Jose (CA) – A strong encryption of data is commonly considered as secure solution to withstand brute force attack. In fact, encryption has become strong enough to convince many hackers to look for a weaker target, says British security company Ncipher. That target is increasingly the location where cryptographic keys are stored – usually in memory or on hard drives.

“Why break the encryption when you can steal the keys,” asks Richard Moulds, vice president of Marketing for Ncipher. He claims that instead of spending trillions of computer cycles to break encryption, hackers now try to steal a company’s private keys that is the basis for the encryption.

Encryption keys typically reside in a hard drive and are temporarily transferred to the system memory during a transaction. Moulds told us that this process exposes the key to a “core dump” or “hard drive imager”. While some may think that finding the key may be as unlikely as finding a needle in a haystack, Moulds says it’s not as tough as it appears. “The very randomness of the key gives it away,” he said. “The more random the number, the easier it is to find.” In fact, there are toold which search for obvious random patterns in hard drives and memory.

“What would have been a billion year attack not too long ago,” Moulds said, “has now turned into a twenty minute key finding attack. Some call it the lunchtime attack because you can finish it in about the same time it takes to eat lunch.”

Ncipher believes that the threat of such an attack can be avoided by storing keys somewhere else than in memory or on a hard drive. The company offers a PCI board that is designed to work as a hardware lockbox, which the company claims, is tamper resistant. The system can be set up so the keys are only divulged when a smart card is placed near an nCipher smart card reader connected to a terminal.

For extremely security conscious companies, like a certificate authority or a bank, Ncipher offers another level of security. Mould calls it the “nuclear bomb option”, which requires multiple people to place their smart cards in readers before keys can be accessed. “You can push these readers to the four corners of the globe and require 9 out of 17 directors to insert their smart cards and put in passphrases,” said Moulds.