security lessons from bletchley park and enigma
TRANSCRIPT
Franklin Heath Ltd
Security Lessons from Bletchley Park and Enigma
09 Dec 2014
Image: Bletchley Park Mansion by Antoine Taveneaux
CC BY 3.0
Topics
Why we should remember Bletchley Park
Where the German cipher bureau went wrong
Similar mistakes that are still made today
How we might avoid these mistakes in future
09 Dec 2014 2 © Franklin Heath Ltd
CC BY 3.0
Why We Should Remember Bletchley Park (and Enigma)
09 Dec 2014 3 © Franklin Heath Ltd
“… the greatest achievement of Britain during 1939-45 …” – George Steiner, 1983 “Those who cannot remember the past are condemned to repeat it.” – George Santayana, 1906
CC BY 3.0
Enigma and the Bombe
09 Dec 2014 4 © Franklin Heath Ltd
Image Credit: Antoine Taveneaux Image Credit: Greg Goebel
CC BY 3.0
Cryptanalytic Heroes – Enigma
09 Dec 2014 5 © Franklin Heath Ltd
Rejewski, Różycki &
Zygalski
John Herivel
Alan Turing
Gordon Welchman
“Dilly” Knox
Mavis Lever
CC BY 3.0
Lorenz and Colossus
09 Dec 2014 6 © Franklin Heath Ltd
Image Credit: Adam Foster Image Credit: Robin Zebrowski
CC BY 3.0
Cryptanalytic Heroes – Lorenz
09 Dec 2014 7 © Franklin Heath Ltd
John Tiltman
Bill Tutte
Max Newman
Tommy Flowers
CC BY 3.0
Lesson 1. Metadata Matters
09 Dec 2014 8 © Franklin Heath Ltd
Image Credit: John McCafferty
CC BY 3.0
2. Detect Compromise and Respond to it
09 Dec 2014 9 © Franklin Heath Ltd
HMS Gleaner 12 Feb 1940 HMS Griffin 26 Apr 1940
HMS Somali 04 Mar 1941 & 07 May 1941 HMS Bulldog 09 May 1941
HMS Tartar 28 Jun 1941 HMS Petard 24 Oct 1942
CC BY 3.0
3. Don’t Ask for Too Much from Users
09 Dec 2014 10 © Franklin Heath Ltd
Image Credit: Helge Fykse
CC BY 3.0
4. Be Properly Random
09 Dec 2014 11 © Franklin Heath Ltd
CC BY 3.0
5. Don’t Underestimate Your Adversaries
09 Dec 2014 12 © Franklin Heath Ltd
CC BY 3.0
How We Still Make the Same Types of Mistake
Insecure metadata Document info, call records, HTTPS routing …
Undetected compromise e.g. Oct 2014 White House security breach … or unable to respond “Class breaks”, hardcoded keys, non-upgradable algorithms …
Relying on users passwords, insecure defaults, security prompts …
Poor randomness Flaws in PRNGs for key generation
Underestimating Adversaries Rainbow tables, GPUs, weak copy protection …
09 Dec 2014 13 © Franklin Heath Ltd
CC BY 3.0
How Can We Avoid Such Mistakes in Future?
Don’t be dazzled by the new and shiny
Use sound Information Theory and Computer Science e.g. Saltzer & Schroeder’s principles (1975):
Economy of Mechanism Fail-safe Defaults Complete Mediation Open Design (c.f. Kerckhoff’s Principle, 1883) Separation of Privilege (c.f. Defence in Depth) Least Privilege Least Common Mechanism Psychological Acceptability
09 Dec 2014 14 © Franklin Heath Ltd
CC BY 3.0
Summary
09 Dec 2014 15 © Franklin Heath Ltd
Enigma, although theoretically strong, was undermined by poor operating procedures and traffic analysis
Five specific lessons: Metadata Matters Detect Compromise and Respond to it Don’t Ask for Too Much from Users Be Properly Random Don’t Underestimate Your Adversaries
Good information security then = good cybersecurity now
Come and visit Bletchley Park!