PTTP Systems

Here are some thoughts on cryptographic New Year’s resolutions for your consideration. 

I UNDERSTAND 

• Encryption by itself is not the answer to confidential communications. We have seen EPIC FAIL in Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). There are readily available aids to break both:

  • http://wepcrack.sourceforge.net/
  • http://www.wpacracker.com/

• I fear that cryptography at its worst can turn my system into a brick. This is not something I want to happen in my systems.

• Cryptography as often implemented ends up as data obfuscation rather than data confidentiality. Generating, protecting, and managing my keys well is the answer. Federal Information Processing Standard 140-2 provides guidelines that I can follow and behaviors I should  look for in systems that I buy.

• Key generation is a solved problem. Encryption is easy. Key management (aka Public Key Infrastructure) is hard and costs money, time, and effort, but it’s worth it.Happy New Year!

I RESOLVE

• To use WPA2 or better in my wireless networks. I will upgrade my wireless routers and access points where needed – my network will be more secure. Besides, the improved range and bandwidth of Wireless-N might increase productivity. 

• To study Federal Information Processing Standard 140-2 enough to understand how the standard should be adopted in my environment.

• To master Public Key Infrastructure because proper key management will keep me from bricking my systems and help me keep my data confidential.

Happy new year!

-Eric