Application Development - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Application Development


The End-to-End Encryption Trend



 By: Peter Coffee
2003-01-27
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Application Development story.


  Table of Contents:
  1. The End-to-End Encryption Trend
  2. ' Under the Hood '

Rate This Article:
Poor Best
The End-to-End Encryption Trend
( Page 1 of 2 )

Defense in depth might make a system more secure, but it also takes power out of buyers' hands.Frustrated by the challenge of controlling access to enterprise assets, IT architects are embedding encryption at every layer of the stack. Theyre not just encrypting traffic between one perimeter and another but are also encrypting data repositories inside the perimeter—and even encrypting the flows of data between processors and other subsystems.

While we applaud the principle of defense in depth, eWEEK Labs sees more than trace contaminants of vendor self-interest in this trend. The resulting systems may be more secure—the devil, as always, is in the details of implementation—but they also tilt the balance of power from buyers toward closed-system suppliers and from content users toward more powerful providers.

Enterprises must understand the trade-offs thus created and may need to vote loudly—with their wallets and with their input to legislators and industry standards bodies—if they desire continued freedom to find an optimal mix of products in a competitive IT market.

In the second half of this year, as previously reported by eWeek, Transmeta Corp. will release Crusoe-family processors with on-chip accelerators for common encryption algorithms and with facilities for secure on-chip storage of keys and other sensitive data. This opens new doors to partnerships between hardware makers and application developers, along the lines suggested by Microsoft Corp.s Palladium and Intel Corp.s LaGrande initiatives, that could restrict machines to an approved slate of applications and enforce any number of use or access policies.

Its long been axiomatic that a computer is a byte pump: A program is a stream of bytes, decoded as instructions, while data is a stream of bytes that may mean anything at all. Battles royal have been fought over different encoding schemes for instructions, ranging from low-level machine code to the byte codes that are further translated by a "virtual machine" (for example, when programs are written in Smalltalk or Java).

Resource Library:

Other battles have been fought over data representation standards, ranging from ASCII text to the elaborate (and undisclosed) formats used by Autodesk Inc.s AutoCAD or Microsoft Word. Even so, although these schemes often go by the name of "code," that word is used in the sense of representation, not concealment.

In the same way that anyone with a soldering iron could once extend the range of operations performed by a computer, anyone with a debugger or other low-level software tool has been free to examine what one computer—or even one piece of a computer—was saying to another.

But that turns out to be a postulate, not an axiom, as the geometers might say. Just as one can devise geometries with no such thing as parallel lines, one can build computers on which theres no such thing as "free" software (defined by Richard Stallmans "free as in free speech, not as in free beer").

Software that could always be patched at the binary level, or modified in a more maintainable way with access to source code, could be on its way into the history books—along with medicines not approved by the Food and Drug Administration or airplanes not certified by the Federal Aviation Administration, to cite other technologies in which demand for safety took priority—with consequences of higher costs, fewer suppliers and a far more deliberate pace of innovation.

In an essay published last July, software engineer Adam Barr (author of the book "Proudly Serving My Corporate Masters: What I Learned in Ten Years as a Microsoft Programmer") sees the beginning of this path in a worthy goal: the desire to boot a PC securely from a network connection. Working on this problem in 1997, said Barr, he encountered the problem of securing the "boot loader": the first piece of software that a system runs, which must assure the security (by means such as cryptographic "code signing") of all subsequent modules.

"A clever hacker could corrupt the loader as it went by," Barr explained, "then have his modified loader bring up a version of the kernel that did not do the code signing check, and at that point all heck could break loose on the users machine (or, for the quick and dirty version, the corrupted loader could just format the hard drive and then stop)."

It soon became clear that the first secure link in the chain had to be embedded in BIOS hardware, a notion since formalized by Intel as Boot Integrity Services.

On general-purpose computers, that secure chain ends at the operating system, whose job then becomes the loading and execution of whatever applications a user may choose. Theres nothing but custom and expectation, though, to prevent that chain from extending into the domain of applications, as it does on game machines such as Microsofts Xbox or Sony Corp.s PlayStation.

Ironically, that extension of control may merely shift the battleground from the domain of technology to the domain of business process. If an accounting employee is transferred from receivables to payables, and if provisioning systems and procedures fail to revoke former privileges in the process of granting new ones, a classic opportunity for fraud arises—regardless of any restrictions that may exist on the applications that are allowed to run on a machine, or the configurations in which that machine can be placed. But the opportunity for software companies to enter the marketplace with innovations that promote good practices may be materially reduced by the need for a platform imprimatur.

If one is still looking for axioms, eWEEK Labs offers this: The concealment that results from end-to-end encryption, imposed by closed systems that are not subject to peer review, will inevitably be penetrated by attackers—whose attacks will then be camouflaged by that same concealment.

Buyers will pay the price at both ends, in higher costs both for what they buy and for figuring out how to protect what they own.

Technology Editor Peter Coffee can be reached at peter_coffee@ziffdavis.com.





  Reader Comments: The End-to-End Encryption Trend
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Application Development Articles          >>> More By Peter Coffee
 


x}r㶲s\@♵M=ҔlcؖI*%BcdHʶ~b:?qtMZe2{<5D 74Aȅ=!1(ٟ9#ޙ'w>{(ˑԫQ]}nw2'v=7v@\~}@^cFwD%x_'Щ=ѩ€wɔiPلި/3}B}F7\3egb^Q$Ё_ ¢%yCGu)pC(DsXqDǎH;*C'x8ӽi/DeO؀IQIM"x<&j>wn=ݣw2 X]~j4Lߵ!Zpj9:TN`UFfnڭaㅰH A=c9p<^- G,gu'9"QcO$ա%Uq˝LJ^tXF>D>8zvGx09ry j5jfL {n_%z0sw4 .ܺa?uoczV[un'3C27 pW%X䈍YR0wC&>dБԣzr(˺79hen6 u{RM*QR,הb~/^ߛiLTe9z_zJY4E] `|`h-vu]+h5u9듫Χ;yظ}  Vb}" @D%\.fI"0iMmdڽ~H}|T㍒~7jJV4E; Khf1S$!XIcF/XTU![SҺ귮^['7bٚXC ji@e$XYHwE%Ms#gkr>i>;sِlnAZ|YkU[_nG_C"w󁭡<0MߑRMRs~8?w[d[ݏdp"˧S0o-Yn]H.MT|Y|ěy#0ri4(.ߦAfw[ atBjmҔ )B:%ܼNR$9Vϡȟ4R\ 9lb vfyM)o dz!CCZ9nVȨUSA%EI7CD r2#~B(PHQ>z%Kus7p#Kg񇰻fe՜YWa o\zcOgfu^?]z8^%glh|X.B2iK1.PWG5MGRŦcWJPX=*‹JMU~ _1q-~~j0B m]& :V}< |0F;}F{g0PӐ?: M/6G˥qnhj>'ä p;p|g͇v9s a {>0sF}j`I l"v|scм`y&nAܙ@[3衟#]ӽ:?A2/?>fxsO>{0g`sDowiC1QB\jÐx?k1 Tt=JIA }At"BђF 4  gscX"C"' [AXk ab .u@G҅3qjP*kR1eb -x[b~ILg2+Iɴh4Z*ȉ#m"09X ,gZ X%ּ fiZ\OG4MhȄ%Gn]ռs2H`wrPCb;*S::ޟx=n;A뎒:\VM+}t>xFX~G7S ݜ6,hJ"+p5(Bk?fx Q=6`]2'tP:%\wıAsރn5 ~"Wnzfr#ʇ&fy>epGҶLo J% hB=Ss&A|5i!3'Xe onUg plTo-V,~%fsP*oWuR@_F&ۊx A-ژ WZڄ"JMP>L2Cɣ($mU2LkInPx{8`O1k=0\Pe_M }d2waՒhXj|-[Y`B^eܠQ7$XsQ[ ҆aw><:NX%鹞~o0]|m0TN#}0 ;uJkX$ M=̔:Y[ ~2.|N +e@m\:b暺8_, {guaGjJ sսT:㼝 cXA\ @/ /PH+X#±tбթ'6=,.JIڶdzt4}ڣnssQ*rW3 T|OfjZ(T+16DZUT9*J{}|s??=ehČq@˻SM?? L4,}VjzCW>s@W >#]\aQaSF4FX\odHЮ$#SJIz`K ZiA7GGѽWKVG=iv?3>j7j8@V_̡ޭ.F'F6@\=!<voS(0f4sJ[ `sEMz*O1)"_pkx.(``!>ߏz0f&Ш)lTgm/ RU *޵:{oJ.8F2<"C8vl&ZFB-†89k*2N*,E%B(NY HXٌ*r_ kRUG 4ADB#+}t'nPzQ|Z%&jZ|$>rSO(No UbPQKJBЛgaC:/Zha~%36J-ܛ`,@N|KO]kl`\ASf<^ΐےtK3ק~ 6Ft)7 uͫ -A*o@/I6S.:;l4Bޏ.cﻛi4O}ֹKgCA W{$ N޼=2oQP]9Yz$AC~gN~ℜ71n3~k6rO0#ݥoV8i?{޽Ҿ2CWq:i)@^l"$$yUZVU3$]d%FtZx@2M3}ݺJfzӼ2iAxn>7 <}tK7׷bR8A?''w.z@z@pw{Zg%QJ=qM@jjir\"~^YZ䑼DqD%t`5o14L,*z>;l-3hL Z;xhor:? G Ofx՛3\P`-ݺܭ1J "i#ĠHߙssEs _5 4:as*|"ZyVa'8\}5ߊ:"YcCƓdǟ۲cr sf2i TWeTW/__B !]9h3[a@)wCOƥG/>qlĨ`jox?̴afwHv_jcOhGmE᫪RRjX/wuf,[fXT3KA|fqER~!`!,'s CYJ>ӨB+q-/t;H0't,_#wS\>;3r۞>mőwtS3soa' }x0/dvNu+J'Gv_>ULRW\{<9 _a҈<=oK~x c39qf<`Yr'9H*jXr9NN@i戱Bs&"^ n]l+(obIL](@*3%<,X)ǐMe".#_Fo>P0Kw2g@½[= S)V+`jY>Nz](}'I(dLV'@~/n!2!,Qϝ{זּ[YMh4q9rh׆.U+C(*aYf.j9ԏ֙vV{nܷIf+qKMI+fe3&+%KR$]q"q+/.+q=DLnI$}`ʿ┋xNpK+$翴B|kc>6-O&"Eřa3`m'Ƙ <=ea0Dn@yמ9 f09͸VJ̩V7RcQx~4,6o;Id|C4>[xID~+zZU&Mj1ොl !ar237 1+wӣ2`K|J`8fPݑ`NjȈbCJP@ɕCPIԥ5w?AA_nB< zŗTURog2O{)c Q)te#`hJ]=є`>HtS zf_$a {I*NeZq[*+T+RblRhOkSPR+V ,C 0Gp;ep z& o9v^SD_x0HKES$XJNS.9:ט\jNPB%qJDZ8cَKmHJZ>}',S "j>_ݽ>!@mItRg^, t[A[^RK=`u &t@V!@ Hh3E~MB l56v"J+mK6'n CeZ,f'u0C hLȚ,"W@$M+UVBD+[!Q+` FpwR>AU%3t00mL%ɗ:,%-/Sc( N! _Aej&n(w沤%e2(8VQ˜`G/.}m\.k"ݶ"A|nݠD<+K/! h[d^ dcT*jJmI]S/!-l` $lALhD-`f V/}Ez 45^ʖb>V$CҗRoj:LX\C(f>W%NO:uϗԂ |*gT g(7庀ϖ>k#/x6- "2YE}/$'o:q;9c) B"`~bQE1̯L>?Y(i<-IŜŸRDm_J?}U;RMsKЉK7glmҼm*s=FPC_dO_ }4"ۓx[X /.{K'v'S@<2a T&X+]FlÀo9_57/R۠TZ~T+rA_X7UHc-Fj/!ëR(>S0sUJWr+sGkmئ&wI +bZڜpJY(%O^YsLP[R:.`@`hwuXiKg `Mq DwumC_zg(ϝQ/[=w)_uyHwxPS;@;a#X#KVGB7!խ> 6_i.5J]磣 Ү_z-}p0RNgwP}i2d$~㫘ƭF*c,e_m}WN@s륲Yf?QϾȷY]6}>YڰfzeX8سL}t;_k4/f05_2& y3 vF?P"<u8{ (׀ρx4`TJZ) ts6n֐MF~#wet4rW?~ +j;ߚ'a*v2sn=mP!cif5No̰c67{{m_ro6`:lj[VgEQ&z򽧻.L m~[~G̹+fRg&N;)ś@- @ȼ#MlD5:!RJE:`ѿ *,⌱fnmO%s_H4PDWГwuz`{ups'|O /Em/4paoqf0|WKiYɀ{K4=04ŭX,hMVÙBt}ų aɗy}]^f#ag=ⵓ{#L2.NeãEz@9Ъ eCTZWqCZP7 ?5mӐtrC(u8xH]p\dIw'y{DdU',h6W@`iO3/0q_n]| LǔvT{%s:^{5 駠TC)6Ef~]"Vq5/c7q'|s*keevt݁Txul?mLvFX*t`q ᫉Pض48!#9pѰLX8ߋ! Nl?QX2  /(/͛I~o[+Cm.95͂Eom tCs95CS(5u=b?=G/utIjbiA.c2·uuWpkLx[lP:qU3HuPqSѭKUP*$skGg5̈Gbv mz^CFJ;7^b6.W@O[jkwl;inVu&RCKoDN݀3)lV-TsZ.W>sW5Up08F5r7t]ysP=Ӓ"QGlۏTҊj95Y 4h Pу%'XDbb#>(vBAfkɿo)^1G<1m˖C0经UztWcBu6J>☺<.0߻s{IV^ـ96YlnΜWDmJ<\sJ^D/&3B;sl^?qbS{-5r1%'/?̊~%U$x[jhwQf1ʟLAmS? ЁHz.:?K }+6a>k&[Q{Z ;Q A١jrh%6qai< 4qI&ܚ (W' #n%YVmIr .kh>a@{G )( 5 U@D8Ana2Y4V|~1}.MMLSxC7)(ʁޒ_=q48ڀkE~:xd(6ȝc޵OA'_ݿJS 0NꑠvqU@y+DL͂zĂ![C1P/Rjs#s ^6Xh0usXg- .E.[qr~?]: ҁ@ffY p͒w\j:rtT(ʁ2|{C@usKs3RS¤vx7<6' .yHcI ^iN4X+l< hc?ݩ9eO`bJU(IhRW|:P \gޕa)豪֕/7)/ ;ee,K=Mȕ@%ZȘq~/Yw/!= &O=lF(To`9n39\&9nHq;Wuѹ#R֚_ԝNYսn_s3M·_ }mP0mw %U9ũ'\ «X]drxixɎ(bh,.6u{$G0%lyї51o(6uӲr Ϗxu3_L8FyS^ZZ켶A GM&7ba׺hI窕k&5+ۼr((('MfFy;H姀VF l.?eCF?|۹y{syo(dzCL*Ͻ\^Fg(_dm׸̘Ke/e|e~/?_f2>/>/3y*cWSF9gQ~ 0W{s?W0Wׁw2ɐ?/ fGf sA?=/c=/c}~\c}}OY0O(*ɠh& K:ICPfNoT8\8^JeYWa uuQ^ yVV<^`dk < ?3_2 ̭L_ݓir]!,.5PUZk /Y[3ݴ6q c-{}eh}1Ɨ^Z%/ޤWVD=VbMxG,E<mc sbžȾ>s--(s#h60 .Ñp[{?|K2Fs?`fEɀ@' Q?pmঠϻH\-Ak0.: 7Wxӝ&7S-pyk;ُϋGkwյq@5Af_b 9)?'OxVf|4;([ԙq#ޢD)+Fy5baNCF?f(u^LUbm~h|V/O*8uߜ:H4wl} VH&Y$'}p)BcعkjYTWxJ# {4LӍ21vNr|(VT+[-WJr={ 〈2(.#&T$`rXJ D`q9CTx|Femƫ9 C8b{hDŽ[ɖ(=^?FG'&^sou]ŗ1 {7/#^"Uv&Ac(<ǀ)"RK?^*q0 ;(ŻE?0}NF6bЦ!Kva[`Z';=4djy }d)049+hw a z}y<8NjO)Q Lwz\+ lE/QxkCJ,.- ;|9 [-FdXjXEr h;9.ɱF.yyBh`pb)HC~YFF`˫)CO^sE{ǻy1s(5+c]fBnjƍQgϝ{AW~%Znjk)4uH9dϞfAL HQA{=M,'k`Erl9~u ZQ'8݈8sx2&6 _w!9vAR).̅c[: g[=ǙېŚnԙ%O_/I0KJ=v`礷Lx?rcm_ן= %$Imrb{ S΢oY\tEeבe$&J1Z{JF!-?vMhn-< DVX#e 괻dԢԱ"䴻XsܺM;WmEf\|gHa)x܃ARqMa:MgY{6Dπn fyy] ,pd+vO$qަ;P %JvMf*HFSeO@Kx.^| 3+R1=zH|k,XoͨD % !m^Πb_wnԷeE&PL=G)Jqi&ХAXr$nD܅{ ߠ(b<% * >.X"~nyx˖ϩnSC>XnTe]ƌaYѶz S~j^O(Co 珸66x}°҄ΧYpgU6y *>`H&1^<$ޛ[ԘD&+nOvDg>6كl4pM@!(D0-9@/7Ak~ E ϱĥj&\fTjџfѮR@nlPP`Olԙr"0lB eȱ(lyJ6͜GċOgW<2ZP'jŞi3|@ =( oF85`y+@ 4{]r8ǩ3bhup#ƫ1ucB\ (cto@L?Q1?c]'nFQMF.E]hT[)*ʢS6M 9/ߵS3pݼ®,uG؁nl`TLxq;s[_08V0|6,lp/>cwϏq`2[u~g[8K cd.GXI@ qk,Ma4,Lb5"[]QI(VvXW]gY [Rj`Ʉn~ӧ 4pRaL (b[иY;PE"1s1Gg=zLk|XKc.%Ա`=b^8qe Q3|Jj胋IȽgz^4}jsXC *#f"Z*bB؉ZqpR.)C795GBT´#Tx 1L(_X,Yדu!{xZq΋{El>WNENE<<*IDy)V@ O{ |I>":xqea  V\r*z;f?PuY}TO3t[?<;Ooڿ{hT*ቋoZ5'u >͓?\w>^JaE yiAђu:ק4!6OOW񞞽T7v r9F˳`bhP7]ӨZY$IL#;ob[b$- U.IM)V [gv[W(~r[)CU:M\"GZk/%!zRM39Q/;֎Mӝ/2a-dc{͵N_ l9.0(