The term "vulnerability landscape" was popularized
by Bruce Schneier's book, Secrets and Lies (New York: John
Wiley & Sons, 2000). "There is a lot more to a countermeasure
than simply throwing a piece of technology at the problem." Schneier's
Chapter 18 with wit and incisiveness provides a quick course in
humility for anyone who presumes to have THE solution to
any security problem. In this context, let's look at vulnerability
to attack -- the ways that an adversary can exploit weakness in
a Pryvit defense of confidentiality.
Pryvit is new. In other product areas,
that might be good; not so in cryptography. The only way a security
method gains credibility is through long-term public scrutiny
and "tire-kicking" by experts. Is there some glaring weakness
in Pryvit that its inventor does not see? Quite possibly. Let's
find out! That's why Pryvit is being made so very public immediately
after approval of the patent.
Pryvit is a prevention-only mechanism.
It seeks to protect confidentiality of data. Used alone as a defense,
it neither senses that an attacker is trying to get at your data,
nor does it alert anyone or take other action in response to an
attack. In other words, as it stands, Pryvit has neither a detection
component nor a reaction component. Prevention-only mechanisms
are by their nature vulnerable because they set no time limit
on attempts to subvert the protection.
Pryvit shares weaknesses of most cryptographic
methods. Here are a few examples:
Subversion of authentication through a
Trojan horse program that captures keystrokes and reports identifiers
and pass phrases back to an adversary;
Interfacing a relatively well protected
network to other networks or computers that are poorly defended
(such as virus-laden laptops without firewalls);
Poor implementation of a technique ...
[Software firms: Be extremely cautious in attempting changes
to the underlying fragmentation and reconstitution processes
in Pryvit];
Invincible users ... People who display
passwords on post-it notes on their computers, or who leave
reconstitution files in plain sight together with the composite
files that make up a privacy-protected archive;
The time-honored rubber hose technique
... brute force against a person, maintained until key information
is yielded.
"The problem [in cryptography] is distributing
the keys." (Schneier, page 89) Handling of the reconstitution
file is perhaps the most serious vulnerability of Pryvit.
Whether a reconstitution file is a key, or a recipe, or a formula
is a nice point for debate, but the practical reality is that
this little file warrants careful security precautions. "It isn't
enough to disseminate these keys securely: They have to be stored
securely, used securely, and then destroyed securely." (Schneier,
page 89, last line)
Pryvit relies on random tables. Computers
are deterministic devices; they are inherently incapable of true
randomness. The significance in this fact is that failures in
randomness cause patterns to emerge. While Pryvit uses micro-fragmentation,
cutting files into fragments only 1 to 16 bytes in length and
using typically two or more disguising techniques for each fragment,
it is nonetheless conceivable that application of heavy computing
power over a prolonged period of time could cause patterns to
emerge through brute force analysis.
In other words, Pryvit does not cure cancer,
shine shoes, or offer 100 percent protection of confidentiality
against all possible attackers. It has limits. Having recognized
these vulnerabilities, there are nonetheless ways to achieve higher
levels of security when they are needed.
