WP Cloud WIBU WhitePaper Licensing in the cloud EN | Page 7

W hit e Pape r
Security
Of course, keeping something as precious as a software license in the cloud will scare some people: this
is only natural. But consider the financial value of people engaged in their day-to-day web banking and
purchasing activities. Amazon alone makes hundreds of billions of US dollars a year from its activities, and
that is just a single (albeit large) company. Now consider the sheer amount of data being held in cloud
services by companies such as Google and Dropbox.
Certificate chains are used to establish trust in the cloud environment. When set up correctly, a client
is able to ensure that the web service it is communicating with really is the correct and genuine service
and not an imposter. CodeMeter Cloud makes use of a sophisticated certificate chain to help protect the
integrity of the entire service.
It is widely agreed that one of the most efficient ways to crack a certificate using a 2048-bit RSA 1 key
would be to use a technique known as the number field sieve 2 . This is considered a much better means
than brute force, but it would still take something like 6.4 million billion years to succeed with a regular
desktop computer. It’s worth remembering here that the age of the universe is less than 14 billion years -
considerably less time than the PC would need. So, if a hacker was able to grab a PC and travel back in time
to the very start of the universe, he’d need to have the computer running until the present day and then
do the same thing another half a million times to eventually crack the key.
By that time, the hard disk would likely have packed up.
The biggest threat to cloud storage is actually the people who access it. If enough people know a password,
sooner or later it will be compromised. Indeed, if a human is able to generate their own password, it will
typically be a 6-character word. This is why many websites now enforce minimum password standards, but
user passwords are often inadequate even then. CodeMeter Cloud works diligently to reduce this threat.
super-
computer
1
2
Crack a password
with 8 characters
Crack a password
with 16 characters
CodeMeter Cloud actually uses EdDSA. This is considered to be as secure, but more efficient than RSA.
http://eprint.iacr.org/2010/006.pdf
7