Читать книгу You CAN Stop Stupid - Ira Winkler - Страница 60

It is critical to understand the importance of time in a security program. When author Ira Winkler worked at the NSA, he learned that any encryption algorithm will inevitably by cracked. Given sufficient time and resources, an attacker can eventually crack an algorithm. However, you can endeavor to use encryption that is strong enough to prevent the code from being cracked for as long as the data is valuable.

For example, a commander in battle has to give tactical commands to troops in the field. Knowledge of the individual commands becomes worthless at the end of the battle in most cases. In this case, very low-grade encryption can be used. However, if you consider a military communications satellite that may be in orbit for a decade, you need to employ encryption that will not likely be cracked for much more than a decade. You cannot just upgrade the encryption hardware. The encryption does not just have to be strong enough to withstand current attacks but to withstand anticipated improvements in technology and the changing attacks that will occur over that time period.

Similarly, when you consider a physical safe that contains valuables, the security can potentially be compromised. A safe is intended to be heavy so that it isn't easy to physically remove. The removal of the safe will take time, and the expectation is that by the time the safe can be removed, police or other responders will arrive to stop the theft. Likewise, if someone intends to crack the safe, the time it takes to crack the safe should be long enough for responders to arrive.