Go To Home

Deception and Kerckhoffs’s Cryptographic Principle

by Smokescreen Team

Conceptually, deception is an incredibly intuitive approach to cybersecurity. The parallels between deception in the real-world, and deception in cyberspace are clear and easy to understand. However, in the digital battlefield it’s far more nuanced — it’s easy to do it badly, and far harder to get it right. Which makes it rather similar to a more traditional security practice — cryptography.

Cryptographers are familiar with a well-known axiom called Kerckhoff’s principle, which states:

A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.

This was famously paraphrased by Claude Shannon in what is known as Shannon’s Maxim:

“The enemy knows the system“, i.e., “one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them“

The applicability to deception is immediately apparent. It should remain effective, even when an attacker:

  • Knows that deception technology is deployed
  • Knows the full capabilities of the specific solution
  • Intuitively understands where the decoys may be deployed (ATM, SWIFT, SCADA, IoT etc.)

However, the exact map of the minefield — the specific placement of decoys, their running services, and their content is not known. This deception map is the equivalent of the secret key in a crypto-system. As long as the map is not known to the attacker, the illusion should still remain extremely effective, despite the attacker having complete visibility into the rest of the system.

At Smokescreen, we are laser focused on making sure deception is ‘done right’ — with the necessary rigour and formal reasoning to hold up in real-world conditions. How do we do this? Our depth of experience in related cybersecurity disciplines is our secret weapon. We apply hard earned knowledge from red-teaming, asymmetric thinking, threat hunting, cryptography and incident response to build the most formidable and effective deception system available.

#deception#industry#philosophy#strategy

Continue Reading

  • You Need Deception Technology. And It’s Not Why You Think

    Deception technology is a different way of thinking about cybersecurity. Without it, attackers have the advantage. You can take that advantage back.
    By Kevin Fiscus
  • 7 Ways to Fail At Implementing Deception Technology

    Since there’s precious little information on how security teams can make deception implementations successful (some folks like to keep it a secret), there’s plenty that can go wrong. Here are 7 ways to completely botch your deployment of deception technology.
    By Smokescreen Team
  • 10 Questions To Ask Deception Technology Vendors

    Deception technology is a major buzzword today. In order for you to cut through the marketing hype, here’s a set of evaluation questions that will help you better understand disparate deception offerings and identify vendors that know what they’re doing.
    By Smokescreen Team
  • Have you tried out IllusionBLACK yet?
    • Detect zero-days, APTs, and insider threats
    • 10x the detection capabilities with 1/2 the team
    • Get started in minutes, fully functional in hours
    Schedule a demo
    Go to home

    Simple solutions for detecting and containing threats. Working with us does not break the bank or your spirit. We’re the company of choice for offensive security teams with a Net Promoter Score of 70+.

    © 2020 Smokescreen. All rights reserved.

    Solutions For
    Web Application AttacksLateral MovementRansomware AttacksTargeted ThreatsSocial EngineeringMalware-less Attacks