"Encryption Code Cracked in Record Time"
Headlines like that pop up every so often, and point to the fact that as faster processors are developed, encryption tools that rely on "short" keys -- those less than 128 bits in length -- will always be somewhat vulnerable.
The speedy cracking of one common, US government-supported encryption algorithm by the Electronic Frontier Foundation provided a recent, and dramatic, example. The EFF took three days to find a 56-bit key that had previously taken 39 days to detect.
But even with longer keys, cryptographers accept that almost all encryption is imperfect. Because of its mathematical roots, the technology's algorithms -- the formulas used to generate the "ciphertext" used to represent the text of the message -- can be reverse-engineered.
There is, however, one form of encryption that all cryptographers acknowledge is impossible to reverse engineer: "one-time pad" encryption.
"One-time pad is the only provable mechanism for perfect security and, properly implemented, is perfectly secure," observed British crypto-watcher Sam Simpson.
The latest company to attempt to turn one-time pad encryption into a commercial product is the Austin, Texas, startup Ultimate Privacy. The company's software for corporate networks represents "true one-time pad encryption of email," said Rudy Rouhana, company director of applied technology and security. Ultimate Privacy is applying for patents on what it believes to be the first sound method of one-time pad encryption.
The name one-time pad derives from pads delivered to spies, used just "one time." The pad provided the spy with the completely unique, random code borrowed from a particular "stream" of characters -- words from a popular paperback novel, for example. The randomness of the code, which was not derived by mathematical calculation, was the cornerstone of its security, posing an impossible foil to cracking efforts.
With one-time pad, "there's no possible way to tell which key is correct," explained security expert Bruce Schneier. No mathematical "cryptanalysis" can be applied, because no mathematical formula is used to scramble the message, just a random data stream called a key pad.
Spies could use their key pads only once as reuse would have destroyed the keys' essential random nature.
When it comes to commercializing pad, there's one big catch: Along with each new message, a new key must be generated and sent. How to do this securely represents a confounding paradox to implementing the one known form of unbreakable encryption.
In pre-network days, a wartime technique was to have the key pad delivered inside locked briefcases handcuffed to the wrists of diplomats.
These factors introduce major "key management" issues into any software implementation of one-time pad, as keys must be distributed to decode each message. For large-scale use in email communication among many senders and recipients, the secure transmission of the key becomes as important as sending the message itself.
It is one of the reasons companies have steered clear of one-time pad-based products, and Ultimate Privacy may have trouble trying to convince network managers that the one-time promise is as strong as the company claims.
Ultimate Privacy's solution comes in the form of "dynamic key updating," which "basically eliminates the problem of key distribution," said Rouhana.
On the surface, he acknowledges, the solution looks like a weakness as the company's software distributes keys over the network. But he says the redundancies of the security used makes Ultimate Privacy's compromise a sound one.
The server-based encryption package (Ultimate Privacy Enterprise Edition) distributes keys -- "keypad updates" in one-time pad terminology -- electronically over the network using conventional encryption methods.
To enhance security, the fragmented key is sent out of order. Even if the transmission and encryption of the key itself is somehow intercepted and cracked, an intruder must reassemble all the decoded packets in the proper order.
Rouhana considers the chances of doing so extremely remote. "Even with all the logging, the breaking of the [key] session, the reassembly of the keypad material, all you will have is a single email message that you're not even sure is the one that contains any worthwhile data," he concluded.
Other encryption companies remain skeptical. Philip Deck, CEO of elliptic curve encryption company Certicom, isn't satisfied with the Ultimate Privacy approach to key management.
"There is no problem with the encryption part [of one-time pad], just the key management part. What [Ultimate Privacy] has done is tried to solve the part that doesn't need solving -- the encryption part," he said.
It is part of the reason Deck remains convinced that public key systems like his own elliptic curve encryption products represent the future of commercial encryption.
Rouhana has another explanation for that view: "Public key is simple and public key is accepted, so why break the norm?"
Deck also takes issue with the notion that reassembling the disordered packets of the one-time pad keys is so difficult. "I am always suspicious of someone who says reassembling packets is hard, since everyone who has a network does it all day long."
If this key distribution system is so secure, Deck asks, why not use it for the data itself and circumvent one-time pad altogether?
Simple, counters Rouhana. "If we used the encryption method that we use for key updates for the email itself, should the encryption be compromised at that point the message would be readable.
"With our system, all key update material and outgoing email on the network will have to be sniffed and logged. This is a tremendous, if not impossible, feat for any reasonable period of time."
Ultimate Privacy is filing for international and US patents on its underlying one-time pad methodology. And Rouhana thinks the encryption system itself of one-time pad may live or die with the company and these patents.
"If our company fails, no one will have a chance at true, enterprise-wide, one-time pad encryption for 17 years because our patents will fall with us."
