• Categories

  • Archives

Why Are One-Time Pads Perfectly Secure?

First, I describe how an xor-based one-time pad (OTP) cipher works. Then, I show why xor-based OTPs are perfectly secure against ciphertext-only cryptanalysis.
What is a One-Time Pad?
A one-time pad is a very simple yet completely unbreakable symmetric cipher. “Symmetric” means it uses the same key for encryption as for decryption. As with all symmetric ciphers, the sender must transmit the key to the recipient via some secure and tamperproof channel, otherwise the recipient won’t be able to decrypt the ciphertext.
The key for a one-time pad cipher is a string of random bits, usually generated by a cryptographically strong pseudo-random number generator (CSPRNG). For more information, see David Deley’s Computer Generated Random Numbers. It is better to generate the key using the natural randomness of quantum mechanical events (such as those detected by a Geiger counter), since quantum events are believed by many to be the only source of truly random information in the universe. One-time pads that use CSPRNGs are open to attacks which attempt to compute part or all of the key.
With a one-time pad, there are as many bits in the key as in the plaintext. This is the primary drawback of a one-time pad, but it is also the source of its perfect security (see below). It is essential that no portion of the key ever be reused for another encryption (hence the name “one-time pad”), otherwise cryptanalysis can break the cipher.
The cipher itself is exceedlingly simple. To encrypt plaintext, P, with a key, K, producing ciphertext, C, simply compute the bitwise exclusive-or of the key and the plaintext:
C = K^P
To decrypt ciphertext, C, the recipient computes
P = K^C
It’s that simple, and it’s perfectly secure, as long as the key is random and is not compromised.

Why Are One-Time Pads Perfectly Secure?
If the key is truly random, an xor-based one-time pad is perfectly secure against ciphertext-only cryptanalysis. This means an attacker can’t compute the plaintext from the ciphertext without knowlege of the key, even via a brute force search of the space of all keys! Trying all possible keys doesn’t help you at all, because all possible plaintexts are equally likely decryptions of the ciphertext.
This result is true regardless of how few bits the key has or how much you know about the structure of the plaintext. To see this, suppose you intercept a very small, 8-bit, ciphertext. You know it is either the ASCII character ‘S’ or the ASCII character ‘A’ encrypted with a one-time pad. You also know that if it’s ‘S’, the enemy will attack by sea, and if it’s ‘A’, the enemy will attack by air. That’s a lot to know. All you are missing is the key, a silly little 8-bit one-time pad.
You assign your crack staff of cryptanalysts to try all 256 8-bit one-time pads. This is a brute force search of the keyspace.
The results of the brute force search of the keyspace is that your staff finds one 8-bit key that decrypts the ciphertext to ‘S’ and one that decrypts it to ‘A’. And you still don’t know which one is the actual plaintext.
This argument is easilly generalized to keys (and plaintexts) of arbitrary length.

by Francis Litterio


How a Google Search Can Become a Security Threat

When Ralph Nader wrote “Unsafe at Any Speed” in 1965, he exposed how certain design decisions had made some automobiles inherently unsafe. Much the same can be said for Web sites these days. Many sites contain inherent design flaws that leave them ripe for exploitation. Unlike lack of seat belts in
cars, these flaws are not immediately obvious and the fixes are not simple. One widespread vulnerability can be exploited through a practice that has come to be known as Google hacking. The term refers to the use of an Internet search site — Yahoo, Ask, Google or any other — to uncover useful and compromising information that has been inadvertently left on a Web site.
“Some Web site owners may simply not understand that their sites aren’t as secure as they think,” said Jeff Williams, chief executive of a Columbia, Md., consulting company, Aspect Security. Mr. Williams is also the chairman of the Open Web Application Security Project, a Web site that describes many of the vulnerabilities and provides tips on how to prevent or fix them. Examples of the material that can be uncovered include the locations of Web security cameras, administrator passwords for applications like payroll or other personnel matters, private phone numbers for company executives and even the contents of Internet commerce transactions. In most cases, intruders can enter sites and extract data without leaving a trace because the information is
already indexed and stored on the servers of various Internet search sites. These hacks require no special tools and little skill. All that is needed is a Web-connectedPC and a few keywords to look for, like “filetype:sql password” or “index.of.pass word.”  “There is a lot of privileged information that wasn’t supposed to be played out in the public that is available with these sorts of attacks,” said Jeff Pettorino, a senior consultant in the Global Security Consulting
department of VeriSign and a former police officer in Colorado.
Much of the data indexed by the search sites can be used for nefarious means, and site owners may not realize that sensitive or confidential information is so readily available as part of a search index. “If you are dealing with sensitive data or data that you care about, you have to think about these exploits,”
said Michael Howard, a senior security program manager at Microsoft in Redmond, Wash. As more businesses put up Web sites, the chances increase that more of this information is available. “A business owner has risks even if they aren’t doing e-commerce and if they just have a Web site,” said Shena Crowe, an agent in the F.B.I.’s San Francisco field office who has helped prosecute cybercriminals who used Google hacks and other techniques. “Once you are plugged into the Web, your backyard can become open, and it is easy to have your information taken from you.” While it isn’t the only way Web sites are exposed, it is one of the easiest and most common methods to gain unauthorized information. “At any given time, you can find thousands of sites that are subject to Google hacks,” says Howard Schmidt, a former White House cybersecurity adviser and now a private security consultant in Issaquah, Wash.
Johnny Long, a security researcher with the Computer Sciences Corporation in El Segundo, Calif., said he had found vulnerabilities “in every Web site and application I have audited.” Mr. Long, who maintains a Web site cataloging Web security vulnerabilities,, added, “Some Google hacking style vulnerabilities are more revealing than others, but it is a pervasive threat.” Google acknowledges that its index can be misused. “Search engines reflect what is on the Web,” said Barry Schnitt, a Google spokesman. “We still work to try to prevent and stop exploits and encourage Webmasters to employ best practices and effective security for their Web sites.” On Google’s site you can find tips on how to remove sensitive data from its index, for example.
Law enforcement is just stepping up to the challenges presented by search-based Web site intrusions. “This is very underreported,” says Kevin Patten, network services manager with the Florida Department of Law Enforcement in Tallahassee. “There are far more site breaches that take place than are actually reported. It is an embarrassing incident, and to report it could be monetarily devastating for a company.” Google hacks are an issue for both large and small businesses, but for different reasons. Smaller companies generally have simpler sites but may be less sophisticated when it comes to auditing their
software. And smaller businesses often rely on independent Web contractors that may not have the ability to build secure applications. Larger companies usually have better security practices, but they use hundreds or even thousands of Web  applications, which must be maintained by more people — some of whom may try to get at sensitive information they shouldn’t see.
“Google hacking can find application vulnerabilities in many applications at once, so it works better as a shotgun than a rifle,” Mr. Williams of Aspect Security said. “These vulnerabilities can be found and exploited with a minimum of effort by relatively unskilled attackers.” One way for businesses to protect themselves is to try the Google hacking methods themselves, using tips at and on the sites. There are also free scanning tools that are available from numerous sites, including, and The tools check for open ports that allow outside communication with particular software programs or points of entry that could be used to compromise a Web site. But using scanners is just the first step. Business owners need to specifically address the security audits and testing services when they hire outside programmers to build their sites.
“What you have to get across,” said Mr. Schmidt the security consultant, “is that ‘I am not buying a service, I am buying a secure service.’ ” The Owasp site, he said, offers boilerplate contract language that can be used in dealing with programmers. And the vigilance must be continuous. “It is always an arms race between security professionals and cybercriminals,” said Scott Larson, a former F.B.I. computer intrusion manager who now works at Stroz Friedberg, a technical services firm in New York. Even after “Unsafe at Any Speed” shook up the automobile industry, it took a while for Detroit to make safety a priority in designing cars. “And it’s going to take years for the software industry to start building applications that adequately address security,” said Mr. Williams of Aspect Security. For wary business owners, it’s time to buckle up.

Copyright 2006 The New York Times Company

An Introduction to Computer Security: The NIST Handbook – Part IV


People, who are all fallible, are usually recognized as one of the weakest links in securing systems. The purpose of computer security awareness, training, and education is to enhance security by:
– improving awareness of the need to protect system resources;

– developing skills and knowledge so computer users can perform their jobs more securely; and
– building in-depth knowledge, as needed, to design, implement, or operate security programs for organizations and systems.
Making computer system users aware of their security responsibilities and teaching them correct practices helps users change their behavior. It also supports individual accountability, which is one of the most important ways to improve computer security. Without knowing the necessary security measures (and to how to use them), users cannot be truly accountable for their actions. The importance of this training is emphasized in the Computer Security Act, which requires training for those involved with the management, use, and operation of federal computer systems.
This chapter first discusses the two overriding benefits of awareness, training, and education, namely: (1) improving employee behavior and (2) increasing the ability to hold employees accountable for their actions. Next, awareness, training, and education are discussed separately, with techniques used for each. Finally, the chapter presents one approach for developing a computer security awareness and training program.

Computer support and operations refers to everything done to run a computer system. This includes both system administration and tasks external to the system that support its operation (e.g., maintaining documentation). It does not include system planning or design. The support and operation of any computer system, from a three-person local area network to a worldwide application serving thousands of users, is critical to maintaining the security of a system. Support and operations are routine activities that enable computer systems to function correctly. These include fixing software or hardware problems, loading and maintaining software, and helping users resolve problems.
The failure to consider security as part of the support and operations of computer systems is, for many organizations, their Achilles heel. Computer security system literature includes many examples of how organizations undermined their often expensive security measures because of poor documentation, old user accounts, conflicting software, or poor control of maintenance accounts. Also, an organization’s policies and procedures often fail to address many of these important issues.
The important security considerations within some of the major categories of support and operations are:
– user support,
– software support,
– configuration management,
– backups,
– media controls,
– documentation, and
– maintenance.
Some special considerations are noted for larger or smaller systems. This chapter addresses the support and operations activities directly related to security. Every control discussed in this handbook relies, in one way or another, on computer system support and operations. This chapter, however, focuses on areas not covered in other chapters. For example, operations personnel normally create user accounts on the system. This topic is covered in the Identification and Authentication chapter, so it is not discussed here. Similarly, the input from support and operations staff to the security awareness and training program is covered in the Security Awareness, Training, and Education chapter.


The term physical and environmental security, as used in this chapter, refers to measures taken to protect systems, buildings, and related supporting infrastructure against threats associated with their physical environment. Physical and environmental security controls include the following three broad areas:
1. The physical facility is usually the building, other structure, or vehicle housing the system and network components. Systems can be characterized, based upon their operating location, as static, mobile, or portable. Static systems are installed in structures at fixed locations. Mobile systems are installed in vehicles that perform the function of a structure, but not at a fixed location. Portable systems are not installed in fixed operating locations. They may be operated in wide variety of locations, including buildings or vehicles, or in the open. The physical characteristics of these structures and vehicles determine the level of such physical threats as fire, roof leaks, or unauthorized access.
2. The facility’s general geographic operating location determines the characteristics of natural threats, which include earthquakes and flooding; man-made threats such as burglary, civil disorders, or interception of transmissions and emanations; and damaging nearby activities, including toxic chemical spills, explosions, fires, and electromagnetic interference from emitters, such as radars.
3. Supporting facilities are those services (both technical and human) that underpin the operation of the system. The system’s operation usually depends on supporting facilities such as electric power, heating and air conditioning, and telecommunications. The failure or substandard performance of these facilities may interrupt operation of the system and may cause physical damage to system hardware or stored data.
This chapter first discusses the benefits of physical security measures, and then presents an overview of common physical and environmental security controls. Physical and environmental security measures result in many benefits, such as protecting employees.

For most systems, identification and authentication (I&A) is the first line of defense. I&A is a technical measure that prevents unauthorized people (or unauthorized processes) from entering a computer system. I&A is a critical building block of computer security since it is the basis for most types of access
control and for establishing user accountability.107 Access control often requires that the system be able to identify and differentiate among users. For example, access control is often based on least privilege, which refers to the granting to users of only those accesses required to perform their duties. User accountability requires the linking of activities on a computer system to specific individuals and, therefore, requires the system to identify users.
Identification is the means by which a user provides a claimed identity to the system. Authentication108 is the means of establishing the validity of this claim.
This chapter discusses the basic means of identification and authentication, the current technology used to provide I&A, and some important implementation issues. Computer systems recognize people based on the authentication data the systems receive. Authentication presents several challenges: collecting authentication data, transmitting the data securely, and knowing whether the person who was originally authenticated is still the person using the computer system. For example, a user may walk away from a terminal while still logged on, and another person may start using it.
There are three means of authenticating a user’s identity which can be used alone or in combination:
– something the individual knows (a secret e.g., a password, Personal Identification Number (PIN), or cryptographic key);
– something the individual possesses (a token e.g., an ATM card or a smart card); and
– something the individual is (a biometric e.g., such characteristics as a voice pattern, handwriting dynamics, or a fingerprint).
While it may appear that any of these means could provide strong authentication, there are problems associated with each. If people wanted to pretend to be someone else on a computer system, they can guess or learn that individual’s password; they can also steal or fabricate tokens. Each method also has drawbacks for legitimate users and system administrators: users forget passwords and may lose tokens, and administrative overhead for keeping track of I&A data and tokens can be substantial. Biometric systems have significant technical, user acceptance, and cost problems as well. This section explains current I&A technologies and their benefits and drawbacks as they relate to the three means of authentication.


On many multiuser systems, requirements for using (and prohibitions against the use of) various computer resources vary considerably. Typically, for example, some information must be accessible to all users, some may be needed by several groups or departments, and some should be accessed by only a few individuals.  While it is obvious that users must have access to the information they need to do their jobs, it may also be required to deny access to non-job-related information. It may also be important to control the kind of access that is afforded (e.g., the ability for the average user to execute, but not change, system programs). These types of access restrictions enforce policy and help ensure that unauthorized actions are not taken.
Access is the ability to do something with a computer resource (e.g., use, change, or view). Access control is the means by which the ability is explicitly enabled or restricted in some way (usually through physical and system-based controls). Computer-based access controls are called logical access controls. Logical access controls can prescribe not only who or what (e.g., in the case of a process) is to have access to a specific system resource but also the type of access that is permitted. These controls may be built into the operating system, may be incorporated into applications programs or major utilities (e.g., database management systems or communications systems), or may be implemented through add-on security packages. Logical access controls may be implemented internally to the computer system being protected or may be implemented in external devices.
Logical access controls can help protect:
– operating systems and other system software from unauthorized modification or manipulation (and thereby help ensure the system’s integrity and availability);
– the integrity and availability of information by restricting the number of users and processes with access; and
– confidential information from being disclosed to unauthorized individuals.
This chapter first discusses basic criteria that can be used to decide whether a particular user should be granted access to a particular system resource. It then reviews the use of these criteria by those who set policy (usually system-specific policy), commonly used technical mechanisms for implementing logical access control, and issues related to administration of access controls.


Audit trails maintain a record of system activity both by system and application processes and by user activity of systems and applications. In conjunction with appropriate tools and procedures, audit trails can assist in detecting security violations, performance problems, and flaws in applications.
Audit trails may be used as either a support for regular system operations or a kind of insurance policy or as both of these. As insurance, audit trails are maintained but are not used unless needed, such as after a system outage. As a support for operations, audit trails are used to help system administrators ensure that the system or resources have not been harmed by hackers, insiders, or technical problems.
This chapter focuses on audit trails as a technical control, rather than the process of security auditing, which is a review and analysis of the security of a system as discussed in Chapter 9. This chapter discusses the benefits and objectives of audit trails, the types of audit trails, and some common implementation issues.


Cryptography is a branch of mathematics based on the transformation of data. It provides an important tool for protecting information and is used in many aspects of computer security. For example, cryptography can help provide data confidentiality, integrity, electronic signatures, and advanced user authentication. Although modern cryptography relies upon advanced mathematics, users can reap its benefits without understanding its mathematical underpinnings.
This chapter describes cryptography as a tool for satisfying a wide spectrum of computer  security needs and requirements. It describes fundamental aspects of the basic cryptographic technologies and some specific ways cryptography can be applied to improve security. The chapter also explores some of the important issues that should be considered when incorporating cryptography into computer systems.


This chapter illustrates how a hypothetical government agency (HGA) deals with computer security issues in its operating environment. It follows the evolution of HGA’s initiation of an assessment of the threats to its computer security system all the way through to HGA’s recommendations for mitigating those risks. In the real world, many solutions exist for computer security problems. No single solution can solve similar security problems in all environments. Likewise, the solutions presented in this example may not be appropriate for all environments.
This case study is provided for illustrative purposes only, and should not be construed as guidance or specific recommendations to solving specific security issues. Because a comprehensive example attempting to illustrate all handbook topics would be inordinately long, this example necessarily simplifies the issues presented and omits many details. For instance, to highlight the similarities and differences among controls in the different processing environments, it addresses some of the major types of processing platforms linked together in a distributed system: personal computers, local-area networks, wide-area networks, and mainframes; it does not show how to secure these platforms.
This section also highlights the importance of management’s acceptance of a particular level of risk—this will, of course, vary from organization to organization. It is management’s prerogative to decide what level of risk is appropriate, given operating and budget environments and other applicable factors.

An Introduction to Computer Security: The NIST Handbook – Part III


Like other aspects of information processing systems, security is most effective and efficient if planned and managed throughout a computer system’s life cycle, from initial planning, through design, implementation, and operation, to disposal.65 Many security-relevant events and analyses occur during a system’s life. This chapter explains the relationship among them and how they fit together.66 It also discusses the important role of security planning in helping to ensure that security issues are addressed comprehensively.
This chapter examines:
– system security plans,
– the components of the computer system life cycle,
– the benefits of integrating security into the computer system life cycle, and
– techniques for addressing security in the life cycle.


Computer security assurance is the degree of confidence one has that the security measures, both technical and operational, work as intended to protect the system and the information it processes. Assurance is not, however, an absolute guarantee that the measures work as intended. Like the closely related areas of reliability and quality, assurance can be difficult to analyze; however, it is something people expect and obtain (though often without realizing it). For example, people may routinely get product recommendations from colleagues but may not consider such recommendations as providing assurance. Assurance is a degree of confidence, not a true measure of how secure the system actually is. This distinction is necessary because it is extremely difficult — and in many cases virtually impossible — to know exactly how secure a system is.
Assurance is a challenging subject because it is difficult to describe and even more difficult to quantify. Because of this, many people refer to assurance as a “warm fuzzy feeling” that controls work as intended. However, it is possible to apply a more rigorous approach by knowing two things: (1) who needs to be assured and (2) what types of assurance can be obtained. The person who needs to be assured is the management official who is ultimately responsible for the security of the system. Within the federal government, this person is the authorizing or accrediting official. There are many methods and tools for obtaining assurance. For discussion purposes, this chapter categorizes assurance in terms of a general system life cycle. The chapter first discusses planning for assurance and then presents the two categories of assurance methods and tools: (1) design and implementation assurance and (2) operational assurance. Operational assurance is further categorized into audits and monitoring.
The division between design and implementation assurance and operational assurance can be fuzzy. While such issues as configuration management or audits are discussed under operational assurance, they may also be vital during a system’s development. The discussion tends to focus more on technical issues during design and implementation assurance and to be a mixture of


Many important issues in computer security involve human users, designers, implementors, and managers. A broad range of security issues relate to how these individuals interact with computers and the access and authorities they need to do their job. No computer system can be secured without properly addressing these security issues. This chapter examines issues concerning the staffing of positions that interact with computer systems; the administration of users on a system, including considerations for terminating employee access; and special considerations that may arise when contractors or the public have access to systems.


A computer security contingency is an event with the potential to disrupt computer operations, thereby disrupting critical mission and business functions. Such an event could be a power outage, hardware failure, fire, or storm. If the event is very destructive, it is often called a disaster. To avert potential contingencies and disasters or minimize the damage they cause organizations can take steps early to control the event. Generally called contingency
planning, this activity is closely related to incident handling, which primarily addresses malicious technical threats such as hackers and viruses.
Contingency planning involves more than planning for a move offsite after a disaster destroys a data center. It also addresses how to keep an organization’s critical functions operating in the event of disruptions, both large and small. This broader perspective on contingency planning is based on the distribution of computer support throughout an organization.
This chapter presents the contingency planning process in six steps:
1. Identifying the mission- or business-critical functions.
2. Identifying the resources that support the critical functions.
3. Anticipating potential contingencies or disasters.
4. Selecting contingency planning strategies.
5. Implementing the contingency strategies.
6. Testing and revising the strategy.


Computer systems are subject to a wide range of mishaps from corrupted data files, to viruses, to natural disasters. Some of these mishaps can be fixed through standard operating procedures. For example, frequently occurring events (e.g., a mistakenly deleted file) can usually be readily repaired (e.g., by restoration from the backup file). More severe mishaps, such as outages caused by natural disasters, are normally addressed in an organization’s contingency plan. Other damaging events result from deliberate malicious technical activity (e.g., the creation of viruses or system hacking).
A computer security incident can result from a computer virus, other malicious code, or a system intruder, either an insider or an outsider. It is used in this chapter to broadly refer to those incidents resulting from deliberate malicious technical activity. It can more generally refer to those incidents that, without technically expert response, could result in severe damage. This definition of a computer security incident is somewhat flexible and may vary by organization and computing environment.
Although the threats that hackers and malicious code pose to systems and networks are well known, the occurrence of such harmful events remains unpredictable. Security incidents on larger networks (e.g., the Internet), such as break-ins and service disruptions, have harmed various organizations’ computing capabilities. When initially confronted with such incidents, most organizations respond in an ad hoc manner. However recurrence of similar incidents often makes it cost-beneficial to develop a standing capability for quick discovery of and response to such events. This is especially true, since incidents can often “spread” when left unchecked thus increasing damage and seriously harming an organization.
Incident handling is closely related to contingency planning as well as support and operations. An incident handling capability may be viewed as a component of contingency planning, because it provides the ability to react quickly and efficiently to disruptions in normal processing. Broadly speaking, contingency planning addresses events with the potential to interrupt system operations. Incident handling can be considered that portion of contingency planning that responds tomalicious technical threats. This chapter describes how organizations can address computer security incidents (in the context
of their larger computer security program) by developing a computer security incident handling capability.

An Introduction to Computer Security: The NIST Handbook
Special Publication 800-12

An Introduction to Computer Security: The NIST Handbook – Part II


Computer systems are vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire computer centers. Losses can stem, for example, from the actions of supposedly trusted employees defrauding a system, from outside hackers, or from careless data entry clerks. Precision in estimating computer security-related losses is not possible because many losses are never discovered, and others are “swept under the carpet” to avoid unfavorable publicity. The effects of various threats varies considerably: some affect the confidentiality or integrity of data while others affect the availability of a system.

This chapter presents a broad view of the risky environment in which systems operate today. The threats and associated losses presented in this chapter were selected based on their prevalence and significance in the current computing environment and their expected growth. This list is not exhaustive, and some threats may combine elements from more than one area.19 This overview of many of today’s common threats may prove useful to organizations studying their own threat environments; however, the perspective of this chapter is very broad. Thus, threats against particular systems could be quite different from those discussed here.

To control the risks of operating an information system, managers and users need to know the vulnerabilities of the system and the threats that may exploit them. Knowledge of the threat environment allows the system manager to implement the most cost-effective security measures. In some cases, managers may find it more cost-effective to simply tolerate the expected losses. Such decisions should be based on the results of a risk analysis.


In discussions of computer security, the term policy has more than one meaning. Policy is senior management’s directives to create a computer security program, establish its goals, and assign responsibilities. The term policy is also used to refer to the specific security rules for particular systems.46 Additionally, policy may refer to entirely different matters, such as the specific managerial decisions setting an organization’s e-mail privacy policy or fax security policy.

In this chapter the term computer security policy is defined as the “documentation of computer security decisions” which covers all the types of policy described above. In making these decisions, managers face hard choices involving resource allocation, competing objectives, and organizational strategy related to protecting both technical and information resources as well as guiding employee behavior. Managers at all levels make choices that can result in policy, with the scope of the policy’s applicability varying according to the scope of the manager’s authority. In this chapter we use the term policy in a broad manner to encompass all of the types of policy described above regardless of the level of manager who sets the particular policy.

Managerial decisions on computer security issues vary greatly. To differentiate among various kinds of policy, this chapter categorizes them into three basic types:
– Program policy is used to create an organization’s computer security program.
– Issue-specific policies address specific issues of concern to the organization.
– System-specific policies focus on decisions taken by management to protect a particular system.
Procedures, standards, and guidelines are used to describe how these policies will be implemented within an organization.


Computers and the information they process are critical to many organizations’ ability to perform their mission and business functions. It therefore makes sense that executives view computer security as a management issue and seek to protect their organization’s computer resources as they would any other valuable asset. To do this effectively requires developing of a comprehensive management approach. This chapter presents an organizationwide approach to computer security and discusses its important management function. Because organizations differ vastly in size, complexity, management styles, and culture, it is not possible to describe one ideal computer security program. However, this chapter does describe some of the features and issues common
to many federal organizations.


Risk is the possibility of something adverse happening. Risk management is the process of assessing risk, taking steps to reduce risk to an acceptable level and maintaining that level of risk. Though perhaps not always aware of it, individuals manage risks every day. Actions as routine as buckling a car safety belt, carrying an umbrella when rain is forecast, or writing down a list of things to do rather than trusting to memory fall into the purview of risk management. People recognize various threats to their best interests and take precautions to guard against them or to minimize their effects.
Both government and industry routinely manage a myriad of risks. For example, to maximize the return on their investments, businesses must often decide between aggressive (but high-risk) and slow-growth (but more secure) investment plans. These decisions require analysis of risk, relative to potential benefits, consideration of alternatives, and, finally, implementation of what management determines to be the best course of action. While there are many models and methods for risk management, there are several basic activities and processes that should be performed. In discussing risk management, it is important to recognize its basic, most fundamental assumption: computers cannot ever be fully secured. There is always risk, whether it is from a trusted employee who defrauds the system or a fire that destroys critical resources. Risk management is made up of two primary and one underlying activities; risk
assessment and risk mitigation are the primary activities and uncertainty analysis is the underlying one.
An Introduction to Computer Security: The NIST Handbook
Special Publication 800-12

An Introduction to Computer Security: The NIST Handbook – Part I


This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls. It illustrates the benefits of security controls, the major techniques or approaches for each control, and important related considerations. The handbook provides a broad overview of computer security to help readers understand their
computer security needs and develop a sound approach to the selection of appropriate security controls. It does not describe detailed steps necessary to implement a computer security program, provide detailed implementation procedures for security controls, or give guidance for auditing the security of specific systems. General references are provided at the end of this chapter, and references of “how-to” books and articles are provided at the end of each chapter in Parts II, III and IV.
The purpose of this handbook is not to specify requirements but, rather, to discuss the benefits of various computer security controls and situations in which their application may be appropriate. Some requirements for federal systems2 are noted in the text. This document provides advice and guidance; no penalties are stipulated.


This handbook’s general approach to computer security is based on eight major elements:
1. Computer security should support the mission of the organization.
2. Computer security is an integral element of sound management.
3. Computer security should be cost-effective.
4. Computer security responsibilities and accountability should be made explicit.
5. System owners have computer security responsibilities outside their own organizations.
6. Computer security requires a comprehensive and integrated approach.
7. Computer security should be periodically reassessed.
8. Computer security is constrained by societal factors.
Familiarity with these elements will aid the reader in better understanding how the security controls (discussed in later sections) support the overall computer security program goals.


One fundamental issue that arises in discussions of computer security is: “Whose responsibility is it?” Of course, on a basic level the answer is simple: computer security is the responsibility of everyone who can affect the security of a computer system. However, the specific duties and responsibilities of various individuals and organizational entities vary considerably. This chapter presents a brief overview of roles and responsibilities of the various officials and organizational offices typically involved with computer security. They include the following groups:
– senior management
– program/functional managers/application owners,
– computer security management,
– technology providers,
– supporting organizations, and
– users.
This chapter is intended to give the reader a basic familiarity with the major organizational elements that play a role in computer security. It does not describe all responsibilities of each in detail, nor will this chapter apply uniformly to all organizations. Organizations, like individuals, have unique characteristics, and no single template can apply to all. Smaller organizations, in particular, are not likely to have separate individuals performing many of the functions described in this chapter. Even at some larger organizations, some of the duties described in this chapter may not be staffed with full-time personnel. What is important is that these functions be handled in a manner appropriate for the organization.

An Introduction to Computer Security: The NIST Handbook
Special Publication 800-12

How to Secure Your Computer, Disks, and Portable Drives

Computer security is hard. Software, computer and network security are all ongoing battles between attacker and defender. And in many cases the attacker has an inherent advantage: He only has to find one network flaw, while the defender has to find and fix every flaw.

Cryptography is an exception. As long as you don’t write your own algorithm, secure encryption is easy. And the defender has an inherent mathematical advantage: Longer keys increase the amount of work the
defender has to do linearly, while geometrically increasing the amount of work the attacker has to do.

Unfortunately, cryptography can’t solve most computer-security problems. The one problem cryptography *can* solve is the security of data when it’s not in use. Encrypting files, archives — even entire disks — is easy. All of this makes it even more amazing that Her Majesty’s Revenue & Customs in the United Kingdom lost two disks with personal data on 25 million British citizens, including dates of birth, addresses, bank-account information and national insurance numbers. On the one hand, this is no bigger a deal than any of the thousands of other exposures of personal data we’ve read about in recent years — the U.S. Veteran’s Administration loss of personal data of 26 million American veterans is an obvious similar event. But this has turned into Britain’s privacy Chernobyl.

Perhaps encryption isn’t so easy after all, and some people could use a little primer. This is how I protect my laptop. There are several whole-disk encryption products on the market. I use PGP Disk’s Whole Disk Encryption tool for two reasons. It’s easy, and I trust both the company and the developers to write it securely. (Disclosure: I’m also on PGP Corp.’s Technical Advisory Board.)

Setup only takes a few minutes. After that, the program runs in the background. Everything works like before, and the performance degradation is negligible. Just make sure you choose a secure password
— PGP’s encouragement of passphrases makes this much easier — and you’re secure against leaving your laptop in the airport or having it stolen out of your hotel room.

The reason you encrypt your entire disk, and not just key files, is so you don’t have to worry about swap files, temp files, hibernation files, erased files, browser cookies or whatever. You don’t need to enforce a
complex policy about which files are important enough to be encrypted. And you have an easy answer to your boss or to the press if the computer is stolen: no problem; the laptop is encrypted.

PGP Disk can also encrypt external disks, which means you can also secure that USB memory device you’ve been using to transfer data from computer to computer. When I travel, I use a portable USB drive for
backup. Those devices are getting physically smaller — but larger in capacity — every year, and by encrypting I don’t have to worry about losing them.

I recommend one more complication. Whole-disk encryption means that anyone at your computer has access to everything: someone at your unattended computer, a Trojan that infected your computer and so on. To deal with these and similar threats I recommend a two-tier encryption strategy. Encrypt anything you don’t need access to regularly — archived documents, old e-mail, whatever — separately, with a different password. I like to use PGP Disk’s encrypted zip files, because it also makes secure backup easier (and lets you secure those files before you burn them on a DVD and mail them across the country), but you can also use the program’s virtual-encrypted-disk feature to create a separately encrypted volume. Both options are easy to set up and use.

There are still two scenarios you aren’t secure against, though. You’re not secure against someone snatching your laptop out of your hands as you’re typing away at the local coffee shop. And you’re not secure against the authorities telling you to decrypt your data for them.

The latter threat is becoming more real. I have long been worried that someday, at a border crossing, a customs official will open my laptop and ask me to type in my password. Of course I could refuse, but the
consequences might be severe — and permanent. And some countries — the United Kingdom, Singapore, Malaysia — have passed laws giving police the authority to demand that you divulge your passwords and encryption keys.

To defend against both of these threats, minimize the amount of data on your laptop. Do you really need 10 years of old e-mails? Does everyone in the company really need to carry around the entire customer database? One of the most incredible things about the Revenue & Customs story is that a low-level government employee mailed a copy of the entire national child database to the National Audit Office in London. Did he have to? Doubtful. The best defense against data loss is to not have the data in the first place.

Failing that, you can try to convince the authorities that you don’t have the encryption key. This works better if it’s a zipped archive than the whole disk. You can argue that you’re transporting the files for
your boss, or that you forgot the key long ago. Make sure the time stamp on the files matches your claim, though.

There are other encryption programs out there. If you’re a Windows Vista user, you might consider BitLocker. This program, embedded in the operating system, also encrypts the computer’s entire drive. But it only works on the C: drive, so it won’t help with external disks or USB tokens. And it can’t be used to make encrypted zip files. But it’s easy to use, and it’s free.  And many people like the open-source and free
program, TrueCrypt. I know nothing about it.

Written by Bruce Schneier.

This essay previously appreared on Bruce Schneier’s Cryptogram Newsletter.