After Marcus J. Ranum <mjr @
>> I don't work for Security Dynamics or Digital Pathways
>>but I get irritated when I see people who don't understand their
>>products posting ignorance about how "there might be a hole in
>>the algorithms" or some such nonsense.
Frank O'Dwyer <fod @
ie> ignited his flame thrower:
>Your irritation, your condescension, and your warrantless insults are
>no substitute for a reasoned rebuttal.
>No one has insinuated that those vendor's products have a hole in the
Actually, Mr. Tynan (apparently inadvertently) and Mr. Vincenzetti
(from the lofty perch of the Italian CERT) suggested just that. With no
apparent evidence beyond the inevitable vague and untracable rumors.
and no one has said that hiding the key alone is security
Actually, there have been repeated assertions in this thread that
secrecy (any secrecy) is "obscurity" -- and thus that all secrecy in IS
authentication systems (i.e. "hiding the key") is "secrecy through
Maybe you didn't see the earlier comments in these threads?
>Your mouth is full of straw.
Oooooh, Mano e mano! Jeeeze!
>What _has_ been
>suggested is that a cryptographic product that depends on the secrecy
>of an _algorithm_ (with or without key) depends upon security through
>obscurity. _Good_ algorithms depend on the secrecy of the key _only_.
Even by my definition of STO -- secrecy defending a fundamental
structural flaw, the revelation of which would undermine a whole class of
security or control systems, a la 2600 hertz -- I think you are right. In
fact, I think I have repeatedly said the same thing. In fact, I know SDI
has published several papers over the years which conceed/assert the same
thing (since they commissioned me to write them.)
SDI has always said that the secrecy of its proprietary algorithm
is a marketing feature, and that any serious evaluation of the integrity of
its system must concede that an attacker has obtained both the algorithm
and a record of a specific SecurID's past card-codes. This is standard for
any cryptographic evaluation.
This whole array of threads was spawned by Mr. Tynan's reaction to
a published comment by Mr. Ranum that a well-designed and solid security
system doesn't suffer any _loss_ of security if a layer of secrecy
("obscurity") is _added to_ that secure design. He said attackers may
pause before tackling a (firewall) system they don't recognize.
That said, let me say I agree with you that any security system
deserves more confidence when it has benefited from the open review of its
internals by capable and interested professionals. And yes, the SDI keyed
hash algorithm would too.
At the moment, that seems not to be in the cards. SDI is perhaps
the most successful firm selling computer security; they certainly have the
largest dedicated sales staff (150+) selling computer security world wide;
and their marketing program (with never an ad) has become a textbook model.
Their marketing execs come at this issue from a slightly different angle
than you and I, and the difference has long intrigued me.
In SDI's judgement, purchase of their ACE/SecurID authentication
system is what salemen call a "higher order sale." The purchase decision
is rarely left to corporate security mavens; often it's not even left to IS
staff. Security guys rarely have experience handing budget items this
large, salesmen tell me, and they get all bent out of shape trying to save
pennies. Senior executives see the purchase decision differently; and they
make a buy decision as much on a business rationale (dependability and
reliability of the vendor; support; etc.) as on technical features. And,
SDI salesmen say, these buyers (particularly in financial services, for
whatever reason) _like_ the fact that the algorithm is secret, given that
they also have evidence of its security.
The idea seems to be that keeping the algorithm a trade secret is
one more protective barrier protecting an already secure system, and the
rationale is much like mjr noted for firewalls.
In the judgement of SDI's very successful marketeers -- given who
makes the decision to actually purchase their products -- the lack of a
cyberpunk free-for-all doesn't hurt their case. Quite the contrary, I
think. (Cryptographic evaluations are inherently messy: no one can say an
algorithm is "secure," instead the best you get is a concession that they
haven't broken it yet;-)
Instead, SDI offers a notebook full of positive evaluations from US
and European government agencies, a bunch of commissioned technical reports
on the security of the algorithm from top independent cryptogrphers, and a
Fortune 500 customer list that implies widespread acceptance and trust in
the integity of their system among firms known to have impressive
cryptographic and security design savvy.
It's been a very successful approach. SDI is estimated to have 80+
percent of the large (<1,500-token) installations and 100 percent of the
market for authentication tokens in client/server networks.
Vin McLellan +The Privacy Guild+ <vin @
53 Nichols St., Chelsea, Ma., USA Tel: (617) 884-5548