Executive Insight: Paul Kocher

Rambus’ cryptography guru talks about new security threats and what will change as more devices are connected.


Paul Kocher, president and chief scientist of Rambus’ Cryptography Research Division, sat down with Semiconductor Engineering to talk about the state of security today and how it will be affected as more devices are connected. What follows are excerpts of that conversation.

SE: The number of vulnerabilities is increasing. Are we making progress?

Kocher: If your metric for progress is the number of bugs caught and fixed, we’re doing pretty well. As an industry, we’re catching more bugs than ever before. But if you look at this from an attacker’s point of view—are they able to get the information they want or are the security systems keeping them out—then from a macro perspective we’re doing pretty poorly. Hackers generally get what they want and they get it fairly quickly. The resources they have to invest are on the order of man-days, man-weeks or man-months, which is far lower than it needs to be. The primary drivers around this come back to complexity. We’re creating systems that are more and more complicated. As you double the number of lines of code in the system, even if you get some of the bugs out you’re very often creating more bugs than you’re fixing. The net risk goes up with the complexity of the system, the number of interactions of the system, and quality hasn’t been able to keep pace with that. As we look forward, I expect these trends are going to continue. We’ll see devices that will get more complicated for as long as Moore’s Law continues. Unless the technology industry hits a brick wall in innovation and the ability to produce complex systems, we’re going to keep having more and more bugs. We’re also going to see larger numbers of devices and more valuable data on those devices. Those also drive attacker behavior. If you have more kinds of devices and more devices in total, that means more targets and more valuable information on those. The attacker reward is going up. The technologies we have for dealing with software security aren’t even able to deal with the problems we had a few years ago, much less the problems today or the ones we’ll have over the next few years.

SE: Does the security threat get worse as more devices are connected?

Kocher: There is a question of what is your security perimeter. Once you have a sense of that, it gives you an idea what are the things you’re dependent on for your security system to function in a way that you want it to. It may be that your perimeter is one tiny bit of hardware, or that it’s a collection of data centers spread across the world and all of the silicon and software inside them. There are a lot of technologies that help you shrink that perimeter. For example, if you encrypt your data as it is being transmitted over fiber-optic cables, that takes those cables out of the security perimeter. So instead of having to worry about every inch of that cable, you can assume that an adversary may have access to that but you don’t have to worry about it. Likewise, there are things you can do in chips where, instead of running your calculation a way that depends upon the entire software installed on a PC or the entire operating system, maybe you find a place where you can do that with a much smaller set of dependencies. If you can shrink that problem down, that starts to make it possible to get a grip on this problem of complexity.

SE: Where have you seen the biggest bang for your buck in security?

Kocher: We’ve got a number of different research projects going on, some of which historically have not ended up leading to good results—software security, for example. The problem becomes intractable once you reach the quantities of software people have produced today. For us there has been an evolution from services to very low level foundational IP, which is where much of our side-channel work exists, toward producing more complete solutions. Those started out with cores that would address specific customer security needs, like anti-counterfeiting and anti-pirating. And now we’re providing ASIC cores that handle a complete set of security needs around key management and debug mode, as well as all of the stuff that goes in the factories to make that work. The evolution we’ve taken is one toward recognizing the foundations that people were working with weren’t going to lead to robust security systems. When you deal with microprocessors produced today, where security depends on huge amounts of software being perfect, you know that’s going to fail simply because we can’t make software of that quality. Our strategy has been to figure out ways to produce components that can provide security with a realistic set of assumptions. That typically involves transferring critical calculations and keys away from the main microprocessor, or to more secure, very small blocks of hardware that sit separately on a chip. That way, even if that software is buggy, the security isn’t necessarily breached. So our little hardware blocks aren’t subject to these rapid, exponential increases in complexity that is challenging the rest of the industry.

SE: Do people understand how to use that? And are we really making a dent in reducing the threat level?

Kocher: There are lots of chips being shipped in the real world that we’re working on. So in terms of making progress for those cases and customers, yes. But if you look at the macro picture of all the things going wrong in computer security, we’re in the middle of a giant ocean. Whatever progress we or others are making is being overwhelmed at the macro level. If you’re a company worried about the particular kind of data you’re working with, it isn’t the macro picture that matters. It’s whether your information successfully withstands the threats it is facing. But if you look at most of the important data in the world, most of it is still on standard processors and at the whim of the bugs in Linux or MacOS or Windows or iOS or any of these extremely complex operating systems. The path from where we are today to solving the world’s security problems is so long and far that I can’t even fathom it. But the path to solving specific customers’ problems is one we’ve traversed many times before.

SE: Nobody ever thought a car would be connected. Now suddenly they’re hackable and connected to other things. How much of the older stuff that’s out there and now connected to other stuff will cause problems forever afterward?

Kocher: If you look at the obsolescence for various products, most cell phones get replaced in two to four years. For durable goods and automobiles, you’re looking at a 20- to 30-year lifespan in many cases. That means whatever technologies get put in, at least from a hardware perspective, cannot be inexpensively changed over that lifespan. And also, the software is not easy to maintain. The development teams and the tools are quite expensive to keep together. So there are a lot of challenges and threats you create when you put a device online. It goes in two directions. One is that your device can be breached from the outside. The other is that your device can pose a threat to other devices on a global network. So when you put a picture frame that has WiFi and cellular activity into your corporate network, that creates risks. Someone can come in through your local network and tap into your corporate network. We don’t really have any sense as an industry of how to produce low-cost consumer products while maintaining security on them over these long lifespans. When you look at Microsoft stopping maintenance on Windows XP, that’s just a single product for huge numbers of users. If Microsoft can’t keep Windows XP going, it’s not clear how a consumer electronics company is going to be able to maintain software support for an electronics device, or even a car. There’s going to be a bumpy road ahead for the Internet of Things and smart cities if we can’t find security solutions. The value proposition for an end user depends on the connected device being better than the non-connected one. So there are a number of benefits to putting your car online. You can see maps online and you can get firmware updates. But you also have a set of risks that you create. Ultimately, if those risks exceed the benefit of connectivity, then the online product is not going to be better than the traditional one.

SE: Are you starting to see a shift toward car companies becoming the hub of their own ecosystem, where they demand security everywhere?

Kocher: In the car space there is a complex interplay from a lot of different companies, from security vendors to chipmakers to companies like Apple and Google and Microsoft. Even the folks who do servicing of cars have a role. Somehow this has to converge on effective solutions.

SE: But if you think about your home network where you have a single service provider, does that model proliferate outward into other markets?

Kocher: In the case of the cable provider, they provide the cable to your house. They may or may not provide the video. In the case of cars, the car companies aren’t likely to be the deliverer of the bits. That will be the cell networks, for a number of reasons ranging from the complication of the network to international complexity of doing that on a global basis. That means the car will have a radio that can transmit or receive data over cell networks. It can’t place any trust in those networks. Generally, whenever people have depended on the networks to be perfect from a security standpoint, that assumption has rapidly proved wrong. The car has to encrypt and secure all of its communications back to the various services it will connect with. It also has to make sure the software inside car cannot be breached by those services if they do something inappropriate. If someone breaks into a server for the entertainment system, you don’t want that to compromise the integrity of the braking system. Some things that are not safety-critical need to be separated from those that are. You don’t want the mapping system to interact with the airbags. That kind of separation, while it sounds like it is easy, is conceptually hard to do when it comes down to the nuts and bolts of engineering because you have pieces that end up crossing these domains. It’s always easy to optimize something by breaking down those separations. We’re also going to have some order-of-magnitude complexity increases whenever driverless vehicles become practical. That will open up a whole bunch of new cans of worms on the security front. People have just started to think of what the problems are with no idea of how to solve many of them.

SE: Where do you see the big threats? Is it for big corporations and military, or is it broader than that?

Kocher: Historically it is a combination of privateers—people going around breaking things for their own purposes—and then this huge investment by governments in offensive tools. We haven’t really started to see the impact yet, but post-Snowden each company that had any kind of offensive capability could step back and see what the U.S. is capable of and what the U.S. considers to be fair game. We’re going to see an increasing rate at which those kinds of capabilities are used. We’re also seeing a trend toward nastier and nastier capabilities being launched. So if you look at the capabilities around ransomware—taking people’s data and holding it ransom until they pay up in bitcoin—that’s gone from something we didn’t see much of a few years ago to it becoming a very large industry for people perpetrating those crimes. I don’t think it’s likely the genie gets put back in the bottle. Once these capabilities start getting used, others start using them. The pressure on defense will grow. And to be candid, I don’t think the security industry can even deal with the current set of problems we’ve got. It’s going to be a messy and rocky process ahead. The one optimistic note is that if you compare the problems we’re going to see relative to the benefits that technology can provide, the benefits of being connected will still outweigh the disadvantages. But those disadvantages will still be substantial.