Are cloud communication protocols secure?

Dear Control Engineering: I was reading the article about networking protocols, and there is a statement that Skype, and by implication, other cloud technologies, are secure. Is this true?

Yes, it is if you are specific about what means exactly. Let’s digress for a moment and consider a historical parallel. Back during WWII, the German armed services used a device called an Enigma machine that encrypted messages sent by radio using Morse code. While the allies were able to intercept the radio traffic, without breaking the code, they were unable to understand the messages. So, there were enormous efforts to find ways to break the process. Those stories are fascinating and you can read them elsewhere, but successes usually came as a result of sloppy radio operators or largely brute force methods to simply try every possible key using early electro-mechanical computers.

Modern encryption is far more complex. The AES (advanced encryption standard) used with most communication on the Internet can employ a 256-bit key which would require 2²⁰⁰ operations to break by brute force. So it isn’t possible to decode the information by intercepting the transmission. That doesn’t mean it is secure necessarily. A determined hacker will simply find another way, and that probably means getting the message by going after one of the people that is sending or receiving. Even if the code is unbreakable, if someone breaks into my computer from outside, he or she can likely see the same information I can. My security depends on how well I protect the information once it is decoded. Using my earlier analogy, it would be like looking over the radio operator’s shoulder and seeing the message in plain text before it’s encoded.

Peter Welander, pwelander@cfemedia.com

Do you have experience and expertise with the topics mentioned in this content? You should consider contributing to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.