 |
 |
 |
|
|
|
 |
France’s traditional cryptographic policy is not a bad idea. France does not like cryptography (1). I am not a French insider, nor am I a Francophile or French pundit. I’m just staying that outlawing encryption opens a lot of options.
Hacker’s in general leave behind footprints. These unique footprints may be used to identify their activities (2). Statistically, these footprints fit within the IA Large Tail (3). All of this activity however is moot if obscured by encryption. Sensors are less burdened when they do not have to decode encrypted traffic.
Sensors monitor various activities and perform different functions. They can range from host based to network based systems. They can be detectors, preventers, or firewalls. They all however are bound by CPU capacity. Quite often, these sensors have their hands full when monitoring standard data streams. For example, special hardware is typically required for monitoring Terabit network connections. Sensors drop data when their CPUs cannot keep up with the data stream. When this happens too often, the sensors are worthless as critical data passes by without them processing the data. Encrypted data must be decrypted for sensors to work.
Data may be encrypted in a variety of different ways and it is everywhere. The latest encryption of interest is full disk encryption with the introduction of Vista’s Bitlocker (4). This is not the first time this type of encryption has been around. PGP has had a full disk solution for quite some time (5). Full disk encryption certainly isn’t the only encryption either. By now, everyone should be familiar with VPNs, encrypted/signed email, and a number of other cryptographic technologies. All of this needs to be decrypted before a sensor can work.
Hence, this is the reason why France might be on to something. Get rid of encryption and you don’t have to worry about decoding it. It is expensive to decrypt information. It is expensive to decrypt information on a small scale. Imagine how much it would cost to decrypt information on a large scale. Why bother with decryption if you can just review everything in the clear?
References:
 |
 |
 |
 |
|
 |