Quality of cryptographic mechanisms

The difference between good and bad cryptography is not just key length.
Any function is useful only if it performs its task effectively and correctly. Quality requirements are particularly stringent for those mechanisms, on which the security of an IT system depends. While this is not always fully appreciated, it becomes obvious whenever security violations become a subject of attention by insurance companies, jurisdiction or members of the press.

In such cases, questions usually focus on the actual strength of security mechanisms and on the reliability of the evidence that is produced by them. It is often only at this point that the difficulty of assessing and communicating the quality of security mechanisms in general and cryptographic mechanisms in particular is painfully noticed.

To date, cases of unauthorised uses of bank cards and PINs have served as the best-known examples of disputes involving the quality of cryptographic mechanisms. With the predicted increase in electronic financial transactions and the wider use of digital signatures, the issue of quality regarding cryptographic mechanisms can be expected to become more pronounced in the future.

So much has been said and written about key length, that it sometimes appears to be the sole parameter to mark the distinction between good and bad cryptography. This is, of course, a dangerous oversimplification, as there are several other criteria that need to be addressed.

The following paragraphs highlight some of the characteristics that have to be addressed in assessing the quality of cryptographic mechanisms.

Security concept
The selection of security mechanisms is based on requirements that result from a positive understanding of the relevant risks. The security concept explains what security mechanisms are needed and how they work together to meet the requirements.

It is very important to thoroughly check the appropriateness of the security concept at this stage, because the focus will inevitably move to the details of individual mechanisms as the project progresses.

Design of cryptographic mechanisms
Security mechanisms come in variants and contain parameters that are determined during the design phase. The sound design of cryptographic mechanisms involves much attention to detail and familiarity with their sometimes subtle features. Sensitive issues in this area include fragmentation and padding of data before encryption or signing, the sequence of cryptographic operations and the use of random numbers. Many security flaws had their roots in an ill-advised attempt to optimise the performance of cryptographic mechanisms during the design phase.

The final design of cryptographic mechanisms should, therefore, be carefully checked by someone with profound knowledge and experience in cryptography.

Implementation of cryptographic mechanisms
Quality of implementation is primarily an issue of correctness and completeness. It is normally checked through extensive testing. Due to the necessarily huge number of cases involved, it is, however, impossible to sufficiently test implementations of cryptographic mechanisms.

It is, therefore, compulsory to supplement the testing of cryptographic mechanisms by in-depths reviews.

The possibility of introducing undocumented functions that can be used to compromise security (so-called back-doors) is always a serious consideration. In principle, back-doors can be hidden in any part of the system.

Cryptographic mechanisms are, however, a prime target for manipulation and should be checked in the first place and with special care.

Operation of cryptographic mechanisms
The efficacy of security mechanisms must rely on certain assumptions about their proper use. Comprehensive quality control, therefore, has to include configuration and operation. Regular audits help to build and maintain the necessary trust in the appropriate configuration of the system, the physical security of its environment and the conformance of administrational procedures.

With respect to cryptographic mechanisms key management must be the auditors' prime concern.