Re: Examples of lost security when integrating (secure) SW
From: Rick Wash (rick.wash_at_gmail.com)
Date: Wed, 9 Jun 2004 23:30:23 -0400 To: Magnus Therning <email@example.com>
On Tue, 8 Jun 2004 14:10:18 +0200, Magnus Therning
> I just had a discussion with my colleagues regarding problems with
> security in larger systems that are composed by combining
> modules/components that individually are secure. Both my gut and sources
> I have consulted says this is the case. However, I haven't been able to
> find any examples of when this has happened!
> Bruce Schneier spends a few pages in Secrets & Lies on the subject,
> without offering any examples of what can happen. I seem to remember
> some talk on a conference (was it Usenix?) a few years ago__I never
> attended it but I read the abstract of the papers/talks--where a talk on
> security mentioned a case where the combination of two security features
> effectively cancelled each other.
This is an academic example, but I believe the example you are
thinking of is the SDMI watermarking challenge. Rememeber that
paper? It was the one with all the controversy about being published.
One of their results was that two of the methods involved were
opposites, and applying both to the same song cancelled each other
The academic cryptography literature provides more examples of this
type of thing. For example, a recent paper by Yoshi Kohno at UCSD
illustrates that SSH's usage of AES and CBC modes is insecure yet both
of the underlying technologies are secure. This is more of an
example of how difficult it is to get security right than it is
technologies cancelling each other out.