July 9, 2008

Missing the point

Benjamin Black has a service called the tls report that grades web sites based on the quality of their SSL configuration: points are taken off for SSL 2 support, support for shorter keys, etc. While I respect the effort and I value the concern for better security, this is just silly. Extending cryptographic key length is the least valuable thing any site can do to improve the security of people's data. Gene Spafford got it right when he said:

Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench.
Worrying about whether the keys are 40-bit, 56-bit, 128-bit, or larger is the equivalent of worrying about whether the armored car guards are carrying revolvers or machine guns: it entirely misses the point. I'm not aware of a single case, ever, where an attacker stole data from a commercial site by cracking an SSL key of any length. Note also that SSL/TLS has mechanisms to prevent an attacker from forcing you to negotiate a lower grade of security than you ask for, so if you turn off 40 bit ciphers in your browser, an attacker cannot force a downgrade (other than by cracking the server's private key), so a site that supports 40-bit keys does you no harm at all. As such, in addition to measuring something not particularly relevant to security, these grades are irrelevant to the security of users paranoid and well-informed enough to know about them and care. If you're concerned about the security of your data, you should be concerned with how a site handles your account password and your data at rest. Of course, this is harder to observe than SSL settings, so Mr. Black appears to fall into a trap that catches a lot of the security community: thinking about problems that are easier to see and measure, even if they're not the truly significant security problems.