Security risks of outdated encryption: Is your data really secure? – Security Boulevard

Introduction

They say that those who fail to learn history are doomed to repeat it. A salient factor in the defeat of Austria by Prussia in the 1866 Austro-Prussian war was the Prussian armys standardization of the (then) modern, rapid firing, bolt-action Dreyse needle-gun. In contrast, the Austrian army persisted with the use of outdated (slow-loading) muzzle-loading rifles. And so, Austria was out-gunned, leading to a disastrous battlefield performance. This is an important lesson in not adapting to modern technological improvements and one that is pertinent to encryption applications.

Its well-known that encryption algorithms rarely stand the test of time. This is partly because such algorithms are devised against a knowledge of the methods of attack and cryptanalysis that either exist or are envisaged at the time the algorithm is written. And so, as novel methods of attack are uncovered, hardware processing speeds increase and cryptanalysis develops, so too do encryption algorithms fall prey to new vulnerabilities.

There are many examples of outdated encryption algorithms, now considered dangerously obsolete. Some common examples are discussed here.

An algorithm is only as good as the testing it goes through in the field. It is often that insecurities inherent in an algorithm only become apparent after many years of use. Lets look at some examples.

Hashing is an umbrella term that encompasses methods used to encrypt data in a manner that cannot be reversed. Data passed through a hash algorithm produces a fixed size sequence of bytes, which should be unique for any data input. However, hashing is an insecure method.

Invented in 1991 by the famous cryptographer Ron Rivest, the hash algorithm MD5 was considered secure enough for most cryptographic purposes throughout the early 90s. Later, however, it was discovered to be totally (Read more...)

Read more:
Security risks of outdated encryption: Is your data really secure? - Security Boulevard

Related Posts
This entry was posted in $1$s. Bookmark the permalink.