Question

Why should you periodically change the key used to encrypt messages? What attack is more likely to succeed if a key has been used frequently? How frequently should the key be changed?

Answer 1

We are now dependent more than ever on technology to safeguard our personal, confidential and financial information online. This has left us vulnerable to threats online which could compromise our privacy and sensitive data that is transmitted over the internet such as e-mails, credit card details etc. Encryption is a method of changing this transmitted information in a garbled or unintelligible manner so that it is rendered useless for unauthorized users. However for an authorize user with the key, this message can be decrypted back to its original form. Encryption can be very effective when the key is longer because the amount of effort it takes to break a code which would have a key combination of 2 to the nth power is overwhelming. Using Brute force attack the hacker could try every possible key if it is a lower bit encryption like an 8 bit key (256 combinations) or a 16 bit key (65536 combinations), However breaking a 56 bit (4 quadrillion combinations) or a 128 bit key involves extreme effort and so on. We now have latest SHA-1 (160 bit), SHA-2 (available in 224, 256, 384,616,680 and 512-bit variants). Prudent security practice dictates that you periodically change encryption keys. Rotating or changing the key periodically ensures an additional layer of protection for the data. The reasons to change the key could be varied, below are some of the reasons:

1. The longer the key used, the greater are the chances that it is compromised.

2. It is easier to perform cryptanalysis on a larger volume of cipher text using the same key and also the vulnerability to attack the data is higher.

3. To avoid key tampering with public key cryptography

4. The master key is suspected to be compromised.

5. The person having access to the master key leaves the organization

6. Some periodic updates in the organizations need the keys to be changed or the organization policy requires the change periodically.

Encryption can be used to ensure secrecy, but other techniques are still needed to make communications secure, particularly to verify the integrity and authenticity of a message. There are several attacks that can be anticipated if the keys are not changed regularly. Some of the major attacks are listed below

1. Brute force attacks: This involves traversing the entire search space for all possible combinations of the password until a match is found. Hence it is recommended to use a strong password with combinations of numbers, special characters and alphabets.

2. Man in the middle attack: This is a type of eavesdropping where an unauthorized party monitors the interactions and communications between two users. The hacker can substitute his own public key to both parties and creates a web of trust thus interpreting all messages between the two parties.

3. Related-key attack: In this type of attack where the analyst has accessinformation on the cipher text using keys which are related to the target key. This is possible even when a part of the key is known.

4. Adaptive and Chosen plain text attack: In these types of attacks the attacker has an arbitrary or a sequence of cipher text and the resulting plain text using which he gathers more information on the keys used.

The rule of thumb is to have a relatively short span for the keys and it should also depend on the criticality of data that is encrypted. If the keys are changed too often the attacker will have a small amount of data to traverse and break into the system. In applications I have worked on the keys have been changed once a year and in some cases once in 6 months. It is beneficial to have a passphrase and a private key for conformation of identities and digital certificates.