The Limitations of Modern Cryptography

Individuals now own multiple electronic devices - from Smartphones, to tablets, to laptops and more. They often bring these items into the workplace, or use them to work from a remote location. Increased threats to a company’s important and confidential information are more prevalent than ever.Protection of this information is crucial - as information can travel across the world in mere seconds. Cryptography provides protection and plays an integral part in against fraud in electronic transactions and anything that involves important financial information. Cryptography can verify and individuals identity and keep someone anonymous. Used on a company web page, it can prevent vandals from making unwanted and unauthorized changes and can also keep competing companies from reading confidential information.As communications continues to move away from humans and more towards machines, cryptography becomes more vital. However, as crucial and necessary as cryptography is and as much protection as it can provide, it's not without limitations.Unfortunately, many cryptography products available in today’s market do not provide nearly the level of security necessary to keep confidential information where it needs to be. The reason is most cryptography products were designed by engineers, as just another component of engineering. Yet, cryptography is its own entity and needs to be treated as such.Companies spend billions of dollars on cryptography tools that are insecure and weak, but have not been broken into, as they are still new. Once they become available and widely used, they'll become vulnerable to cyber threats and attacks.Electronic attacks and vandalism are becoming increasingly serious. Widely publicized attacks include hackers altering the CIAs web page, Internet providers being mail bombed and a data breach that affected thousands of holiday shoppers at Target. Present-day cryptography systems are just ‘good enough’ and then huge breach occurs.How can companies cope with the limitations of cryptography and develop a strong system to safeguard their vital information? First and foremost, a strong design begins with a threat model. The threat model takes the following factors into account:

• What and who is the system designed to protect?
• For how long?
• Who will use the system?
• How will it be used?
• What are some things that are tempting to attackers?

Using the threat model, both product designers as well as consumers determine the necessary security measures. An experienced cryptographer will be able to design a system that creates a good balance between accessibility, privacy, accountability and anonymity.Want to learn more about cryptographic tools and threats to cryptography? Find these courses and other free cybersecurity training with us!