In our next Single Points of Failure (SPoF) blog post, Chief Strategy Officer Vince Berk tackles asymmetric key encryption systems and breaks down the concept of provably secure symmetric encryption.
Asymmetric key technology relies on mathematical problems that are easy to compute one way, but difficult in reverse. It’s simple and straightforward to multiply two numbers. But when we take a number and ask: which numbers do we need to multiply to make this number? That is a much harder task, often relying on trial and error to find the factors that went into the product we have in front of us. Because of this asymmetry, encryption key systems like RSA work where a key is split in two constituent parts and one is used to encrypt, while the other can be used to decrypt.
The rub is that for most asymmetric problems we cannot conclusively prove that no easy way exists to reverse the problem. Put another way, there’s no guarantee that there isn’t an algorithm out there that can quickly break a big number down into individual factors. This leaves us with an uncomfortable reality: if such an algorithm were discovered, a lot of cryptography would tumble in an instant. And although I picked the RSA algorithm as my example, the same is true for other asymmetric key cryptography systems. This uncomfortable fact that no proof exists, or can ever be found, creates another SPoF in cryptography.
Symmetric key technology, on the other hand, relies on both sides of the communication having the same key, and this (when done right) can be proven to be unbreakable. However, doing it right has its caveats. Take for example the concept of the one-time pad, used by spies for ages. The pad is simple character mapping, where each position has a new and completely random mapping. Both sides have the same pad (hence the ‘symmetric’ nomenclature), and pads are never reused. This has some profound implications, each character of a plaintext has essentially a new code table, so any knowledge of the key up until now is useless for the next character. Secondarily, it also means the key becomes as long as the plaintext that we are encrypting. And finally, we need a new one-time pad (as the name implies) for each message we want to send.
For a symmetric cipher like AES-256 that would mean a fresh key is needed every 32 bytes, which is impractical. Still, frequent key changes get us theoretically closer to the one-time pad and this makes logical sense. The shorter the block that is encrypted with the same key, the harder it is for an attacker to see they have guessed the right key during brute-forcing. After all, you only know you’ve cracked the key when the outcome of the decryption looks like plaintext. An attacker tries millions of different keys until the outcome of the decryption process looks like a message. The shorter the block, the smaller the chance this is obviously spotted.
Because of this, keys must be rotated as frequently as possible. But, how do we do this in a way that provides perfect-forward secrecy (PFS) or temporary private key exchanges between clients and servers. Imagine an eavesdropper figured out the key we are currently using. How do we send a new key to the other side, without the eavesdropper seeing that key too? Obviously we cannot use the same channel. Out-of-band key exchange is an absolute necessity when aiming for an unbreakable symmetric key cryptographic channel.
How do we then secure this out-of-band key exchange channel? This is where we get into a bit of recursion. We would need a different symmetric key, which must also frequently be rotated, and would need once again its own out-of-band channel for exchange. All this leads us to an infinite heap of out-of-band channels protecting out-of-band channels. Thankfully, we get a bit of help from the concept of risk diversification. If we use a few out-of-band paths, each employing different cryptographic algorithms we can ensure that an adversary has an exponentially hard time cracking the key. Using multiple channels, and randomizing which way keys travel, an adversary would be forced to brute-force every single out-of-band channel to ultimately get to the key that encrypted the plaintext.
By carefully bringing symmetric keys out-of-band, for frequent rotation, and diversifying the cryptographic algorithms employed, we can get as close as possible to the ideal scenario of using a one-time pad, while remaining in the realm of the practical where very large volumes of data are transferred!
Want to read more? Check out our first blog in the series Single Points of Failure Debut Post: Public Handshake & Key Derivation
