A lot of companies think that they can make the full solution from scratch, including all technical mechanisms for security and encryption - including the hardware and the encryption algorithms and implement them in their solutions.
While the company strategists can have a field day of developing their own special market differentiation product, the enterprise customer should tread very lightly when evaluating solutions with custom encryption
The sales pitch
Naturally, when a salesperson gives his "latest and greatest solution" pitch, he'll be sure to include the possible benefits of having a custom encryption solution
- It's much stronger encryption then any on the open market.
- You get the best (insert technology buzz name) for keeping the encryption keys at a very affordable price.
- Nobody knows our algorithm, so it's impossible to hack it.
The risks of choosing a custom solution
While the sales pitch may sound great, let's analyze the actual risks of having a custom encryption solution in your enterprise:
- The custom encryption algorithm is not proven - the sales pitch of nobody knowing the algorithm is stupid. Security by obscurity does not work and that has been proven a lot of times. On the other hand, since nobody knows the algorithm, no independent test of the algorithm has been performed. For all that you know, the algorithm can have enough mathematical flaws to make breaking it a child's play.
- The custom hardware for the encryption keys (if offered) is not tested according to well known standards - the latest and greatest in hardware means very little if not properly implemented. When talking about hardware for storing of encryption keys, there is a well known standard - FIPS 140-2. You should choose only hardware certified at FIPS 140-2 level 3 or 4
- There is a high possibility of backdoors into the encryption - custom solutions can mean that the programmers have left in some backdoor. Having such backdoors is actually quite common, since it makes the programmer's life much easier in supporting the customer. Closed solutions mean that there is no open test to weed out these backdoors - and not too many vendors test their own solutions through independent contractors. Therefore, there is a risk of a disgruntled programmer using this back door to gain personal benefits, or simply to harm his former employer
So when someone offers you a solution with theirs own superstrong encryption - Just walk away
Talkback and comments are most welcome
Hardware Security Module for Dummies