Future-Proofing Passwords 4
There are many different types of passwords. Some are for a financial institution and others are for blog comment websites and others are for your email accounts. Not all of these need to be 100% secure, but it would be easier if they were. If someone gets into a blog or forum account, so what, provided you have different passwords for each login. Good password management works. OTOH, if they get into your primary email account, that will provide access to almost every other account, including financial ones, with just a little effort. It would be best if there aren’t any breaches for these sensitive accounts – either through password cracking or other back-end cracks that we hear about weekly. That’s the ideal world. Reality is a little different.
The problem isn’t just about cracking your passwords today. The smarter cracker will retain your encrypted data/packets so they might be decrypted/cracked in the future. Yes, we need to protect our sensitive data not just for today, but for the next 20-40 years when 256-bit encryption will be trivial to crack. Perhaps protecting it for our lifetime is the best practice?
So, what can we do to minimize the future risks?
Password Managers
I love KeePassX and the cross-platform versions of this password manager, so I try to always use a long, complex, random, generated password for most of my needs. Sometimes a website limits the complexity to only 20 characters or just letters and numbers, significantly reducing the strength of the crypto alphabet. To counter act those limitations, I’ll try to use a nonsensical userid too. There are lots of other uses for a password manager that might be useful.
All this is stored inside a KeePassX database and automatically replicated to 4-10 different systems daily. The actual number changes since not all of them are always available. It is also backed up on many of these systems daily with 30 or 90 or 365 day versions available. The DB will not be lost. I would be sad if it became corrupted on my main system that I consider read-write, but any of the read-only versions are good enough too, if something bad happens.
High Value Targets
With all this data stored inside a file, that means my cracking just that 1 file, everything important to me can be known. It is a very high-value target. Lots of people do this with their password databases too. They trust the strength of the encryption as the only protection.
Future Cracking
That is a false sense of security. Here’s why. Just because some encryption cannot be cracked today, that doesn’t mean it can’t be cracked in 5 or 10 or 15 or 30 years. Anyone with a copy of the old file can crack it years later and gain access to sensitive data or passwords. It has been reported that the NSA has been recording SSL data packets on the internet for years – not because they can crack the crypto today, but for when they can crack it, then all that traffic will become available.
Keeping It Safe
There is no way to keep the data safe once it gets out, even if encrypted. At some point in the future, our 4096 AES encrypted data will be as easy to crack as anything encrypted with ROT13 is today. The point is that any current encryption will be trivial to crack in the future. Count on that. Here are a few steps to limit your exposure. You’ve probably heard most of them before:
- Use the strongest encryption possible.
- Use the longest keys/passwords possible, everywhere, not just for important data.
- Change your high-value passwords periodically, annually is probably often enough, unless there is a breach.
- Follow good password creation practices – which has been written about everywhere recently. There is no substitute for length.
- Try to prevent leaks of your passwords and password manager DB – don’t tempt fate.
- Other Techniques for Secure Passwords
About Future Cracking
Any encrypted packet, file, whatever-data, is only as secure as the crypto, passphrase, AND lack of access to the raw data can make it for your lifetime. In the future, we must assume that all our current state-of-the-art encryption will be cracked and the currently protected content will be available.
I use to offer my KeePass-database to anyone to show how confident I was in the crypto. That was stupid. Fortunately, nobody ever took a copy … unless it was on a USB flash drive I was sharing and they grabbed it without my knowledge. I can’t think of any of those people who are likely to spend more than a few hours on the file before deleting it. I could be wrong.
The file was also stored on a smart phone that was brazenly stolen during a recent trip overseas. It is out there now and forever. The smart phone had been reset to factory settings the day before the theft, SIM removed and the external SDHC memory was removed, my google account was not connected to the phone, but doing all that doesn’t remove all the data stored on the internal SDHC media. Some data is left behind, including my KeePassX database and a few photos. Of course, I had a strong passphrase on the DB, the phone was locked, but still, the general data on the device, not encrypted, could be recovered. I am not panicked about this, but I will be changing all the passwords over the next few months just to be certain. Obviously, the passphrase for KeePass has been changed too.
Hey JD,
There is no such thing as 4096 AES. The standard (PDF link) describes 128, 192 and 256-bit key sizes, although the Rijndael library also supports 160 and 224 bit keys.
RSA is able to use 4096-bit keys though, although 2048 is more typical, and will be unbreakable for many more years to come.
The rest of your article is great advice, though. Excellent as always.
First, you are correct. As I wrote that, I was still jet lagged a little and not thinking straight, if I ever knew better at all. ;) Had a fantastic time across the pond. Did multiple countries much too quickly. I could easily spend 6 months in each and still want to stay longer. The snow in Prague was unexpected, but created a nice photo.
That photo was taken below the Petřín Hill Lookout tower. I forgot to turn off the flash and it captured the snowflakes. The tower was closed when we got there, so we didn’t get to see the fantastic Prague city views. OTOH, the view from my 3rd floor hotel suite at the u-turn to the Prague Castle off Nerudova (just across from the Absinth Shop) was fantastic. I did get extra special airport screening leaving Prague. Hummmm. Also the phone in the room was set to auto-answer … without any rings – which seemed strange. It almost reminded me of the old days with Soviet control.
I use 4096-bit RSA keys in my GPG, encrypted email, communications. Not because anything I’m saying is critical or questionable, but because it isn’t anyone else’s business what I encrypt and I don’t need any reason to do this. Freedom is good.
I am concerned that 2048-bit SSL is being listed as good for many more years to come, since that’s the hole point of the article. If it isn’t known to be good for the next 40 years, then it isn’t strong enough for my needs. 20 yrs isn’t long enough. I suspect many readers need to look for 60+ yrs of encryption safety to be happy.
The amount of time that any encryption is considered safe is the point of the article.
Just to clarify, there are asymmetric and symmetric encryption methods used today. Things like HTTPS transactions are symmetric and things where stronger encryption is required, like TrueCrypt file storage are usually asymmetrically encrypted – at least according to my reading. Microsoft has a nice article explaining this. which was near the top of my search results. More reading at wikipedia:
Those guys can certainly be a bit unfriendly. I’ve been given special attention once when I was in The States. We went to California and toured around in one of those classic surfing vans. It looked like this.
Along our trip we came across the Petrified Forest NP and I bought a souvenir at the gift shop: a small fossil log.
When we wanted to catch our flight back home, the log, which was neatly wrapped in plastic, along with some paper and one of those air tight zip bags, was in my bag. When we got to security all or our bags got turned upside down. When they found out there was really nothing there (after a solid 45 minutes) they let us run to catch our flight. Luckily nothing bad happened.
Anyway back to crypto. I hate to do this, but TrueCrypt uses either AES, Serpent, Twofish or a stack of those algorithms, all of which are block ciphers. These use symmetric keys, per definition, at least according to the respective Wikipedia article.
I guess because it is more efficient, albeit less secure, to use symmetric keys instead of public keys, as those use prime number fracturing. I’ve Googled around a fair bit, but I cannot find a block cipher that uses asymmetric keys.
By the way, I am writing an article for my personal website that details the current best practices of password security. Would you mind if I took the general point of this article, along with some specific tips and mixed them into my essay? I will contact some large blogs about reposting it, if I think I have a chance, but it will not be a commercial work.
Today it was announced that password crackers have made a huge leap forward. 14 character passwords are not safe enough for normal use anymore.
Future proofing passwords means going big, since we really lack any other easy to implement and secure method today that doesn’t require extra hardware.