So, I read this post.
“Encryption only provides confidentiality between the point of encryption and the point of decryption.”
I know it’s a “duh” but it appears that many organizations aren’t actually considering this truism when putting together their encryption strategies.
This brought to mind an old diagram by Shannon in Communication Theory of Secrecy Systems published back in the 1930’s or so.
Also, it reminded me of when companies claim that the information I provide to them is “secured using SSL encryption” when SSL/TLS is only being used to establish an encrypted and MAC’d communications channel between the company’s web site and myself. Granting a secured channel between the company and myself (and this can be a big thing to grant, especially as phishing attacks improve – for example, there are many people working on how to make a web browser help people understand when they are securely communicating with a legimate web site), what happens to the information once it reaches the company and exits this secured channel? What mechanisms are in place to provide CIA then?
For a simple example, there was a small retail business that took customer orders (e.g., name, address, item info, payment info) through its web site over an SSL/TLS session and really pushed “SSL encryption” as showing their commitment to security; however, upon receipt of an order through the web site, they immediately and automatically sent an email message containing the order’s information in the clear out over the Internet to an AOL email address for processing when the owner checked their email.
Update: A post/survey that is related to this post.
[...] (Obviously, these settings also do nothing against someone that can grab the data before it enters, or after it exits, the SSL/TLS session. For example, spyware can grab sensitive credentials off your machine, rendering SSL/TLS moot. That is neither here nor there for this post though – see “yeah right, crypto this” or pretty pictures.) [...]