|
E ver since man started communicating with one another, there has been a need to keep secrets. Cryptography is defined as the principles, means, and methods for rendering information unintelligible, and for restoring the encrypted information back into intelligible form. In other words, cryptography is the science of writing in secret. Examples of cryptography have been discovered in the writings of Egyptians over 4,000 years ago. The ancient Greek, Chinese, and Roman civilizations used surprisingly advanced cryptography techniques. The use of cryptography, and the analysis of cryptography (cryptoanalysis), flourished in the Arab world during the Middle Ages. While lovers and theologians have long made use of secret messages, the overwhelming use of secret writing has historically been in diplomacy and the military.
A contributing factor in the intervention of the United States in World War I was the interception, and partial decryption, of a telegram by British military intelligence. The telegram, referred to as the Zimmerman telegram (Arthur Zimmerman was the German foreign secretary), revealed secret negotiations between Germany and Mexico. In return for naval bases in Mexico, Germany promised the return of American territory after the successful completion of the war.
World War II recorded an increased use of cryptographic and cryptoanalysis techniques. In the late 1930s, Polish military intelligence operatives reproduced a German cryptographic machine called the Enigma. After the outbreak of the war, the machine was passed on to Poland’s French and British allies. The Enigma machine resembled a typewriter, and used a set of encrypting wheels called rotors. Advanced versions of the machine, using additional rotors, were thought to be unbreakable but British military intelligence was able to break the encryption scheme. From 1940 onward, an increasing amount of German naval and military intelligence was available to the Allies.
U.S. military intelligence played a significant role in the pivotal Battle of Midway in June 1942. Under a secret project called PURPLE, the decryption of Japanese communications (called MAGIC) forewarned the U.S. Navy of Japanese intentions to attack Midway Island. This knowledge allowed the U.S. Navy to surprise Admiral Yamamoto’s fleet. The American victory was a turning point in World War II.
The encryption of data is generally considered to be the best method of providing confidentiality for data storage and transmission. Encryption is the transformation of data using an algorithm, from one form to another utilizing one or more encryption keys during the transformation process. The resulting encrypted data that is stored or transmitted is meaningless without using the correct key to decrypt the data. Encryption should be implemented whenever data that must be kept secret is sent over an untrusted network.
Encryption should be applied to data in two general cases. It should be used when secure storage and transmission of information that is considered secret or highly confidential is required. The encryption would be applied to a slice of the transaction message and not align on data field boundaries. On the one hand, the data needs to be protected; on the other, the transaction needs to be protected.
There are two leading approaches to encryption: private key and public key. The private key approach utilizes a shared secret or private key for both encryption and decryption. The public key approach uses a secret or private key for decryption and a different, mathematically paired public key for encryption. Each approach has benefits depending on the specific requirements and implementations.
Private Key Encryption
Private key encryption utilizes a shared secret key between one or more parties. The possession of the key is used to authenticate one party to the other. A common use of private key technology is for the authentication of user passwords. An encrypted version of a user’s password is stored on the computer. The user supplies a user ID and the associated password at login time. The password is encrypted, and if the password matches the stored key for that user ID, the user has been authenticated.
Private key technologies are also used to encrypt data. The key is stored in the encrypted file and must be provided to decrypt the data. The downside to private key encryption is that the key is shared among two parties, the user and the computer. Session keys, which are generated by a computing process, can be used for secure communications using encryption without the user’s participation or knowledge. These can be stored in memory. The keys for the encryption of data that is stored in encrypted format are kept by the user and not by the computer system.
DES Encryption
The most common private key encryption standard that is used is the Data Encryption Standard (DES) developed by IBM in the early 1970s. It is the de facto industry standard for cryptography systems and is the world’s most commonly used encryption mechanism. This private key system is widely deployed in financial networks including automated teller machines and point-of-sale networks. It was adopted as a Federal Information Processing Standard (FIPS PUB 46) in 1977 and as an American National Standard (ANSI X3.92) in 1981. Further clarification on the modes of use of the algorithm is contained in ANSI standard X3.106. The specific application of encryption for a personal identification number (PIN) is addressed in ANSI X9.8 and International Standards Organization (ISO) 9564. The DES algorithm uses a 56-bit private key (plus 8 bits for key integrity checking) and operates on 64-bit blocks of data.
Figure 15.1 illustrates the private key-based encryption process. The client uses a private key and an encryption algorithm to transform a message into something that is not intelligible. The server uses the same private key and the same encryption algorithm to reverse the process and reconstruct the intelligible message. The security in this process depends on keeping the private key secret.
The encryption process can be executed using either a software or hardware process. Several vendors supply encryption products that can be operated on many different platforms. Specialized hardware is also available that is specifically designed to execute the encryption algorithm. A few products will supply the DES encryption capability contained on a Smart card or PCMCIA card. In this manner the algorithm and encryption keys remain on the card and can be transported from place to place. A hardware solution is attractive when speed is important or the required processing power for a software solution is not readily available.
The DES encryption algorithm has yet to be successfully broken, at least to our knowledge. The increase in available computing power, however, may provide the capability to break the algorithm in the future. It has been estimated that a computer capable of one DES encryption per second would take over 2,000 years to break one key. However, DES is showing its age. Theoretical studies have demonstrated that DES may be vulnerable. The ability to break the algorithm is based on the size of the encryption key. The utilization of Triple-DES, using the DES algorithm three times with two keys, will extend the life of the algorithm.
Automated Teller Machines
The majority of automated teller machines (ATMs) that you use to obtain cash and perhaps deposit money into your bank account utilize the DES encryption algorithm to supply the required transaction confidentiality. Parts of the transaction are actually encrypted twice using two different keys, creating confidential information that has yet to be broken. The confidentiality of an ATM transaction becomes more interesting when it has to cross network boundaries. Figure 15.2 represents a typical ATM transaction.
There are two parts of a typical ATM transaction that are considered to be highly confidential. The first is the personal identification number (PIN) the user supplies while using the ATM; the other is the specifics of the transaction itself. The bank card that is inserted into the machine to initiate the transaction provides the required identification. The PIN number the user enters during the transaction provides the basis for authentication. The PIN is encrypted using a key specifically used for PIN, and is inserted into the transaction message.
Parts of this message are then encrypted using a key specifically used for secure transmission of the message. In this manner, the PIN is actually doubly encrypted. When the message reaches the host system, the message is decrypted using the transmission key. If the message has to cross network boundaries, it is decrypted with the originating network transmission key and encrypted with the target network transmission key. This process is generally executed using special function hardware to offload the host from this processing burden as well as providing a secure, tamperproof encryption capability. All of this processing takes place before you get your money from the ATM.
Private Key Considerations
The use of the private key DES algorithm is well entrenched in the financial world. Virtually all of the automated teller machines use DES to protect the data that is transmitted from the machine to the processing centers. The same key is used for both encryption and decryption and must be kept safe from disclosure. A key that is discovered may create a large exposure among all of the locations that utilize the same key. The storage and use of the key must be done in a secure manner.
Key management is a concern with DES encryption because the encryption and decryption keys must be known to both ends of the process. A secure method of changing and storing the keys must be utilized. Computer power is required to execute the encryption process. The larger the amount of data that requires encryption or decryption, the larger the amount of processing power that will be required. The private key approach is well suited to situations where one location requires secure interaction with relatively few other applications or users. The management of the encryption keys can be accomplished in a secure manner and confidentiality of the keys maintained.
Public Key Encryption
A significant event in the history of cryptography occurred in May 1975, with the discovery of public key techniques by Whitfield Diffie and Martin Hellman. Public key encryption, which is also known as asymmetric encryption, uses two separate but mathematically connected keys. Every user has a pair of keys, one of which is kept strictly confidential (the private key) and another that is shared among other users or computers (the public key). The two keys are mathematically related, and both are used in the cryptography process. A message encrypted with the public key can only be decrypted using the private key. The advantage of this method over secret key technology is that the private key is never shared with the other principals. Another benefit of public key technology is that it may be used for the creation of digital signatures. A digital signature is used to verify both the sender and contents of an electronic message.
RSA Public Key
RSA (from Ronald Rivest, Adi Shamir, and Leonard Adleman) is a public key algorithm, based on the algorithm originally developed by Diffie-Hellman. This system uses two related, complementary keys, one of which is kept secret for encryption with the other one publicly available and used for decryption. Only the private key is known for the encryption process and must be kept secret. The use of the RSA algorithm is rapidly growing, particularly in the area of electronic messaging and electronic mail. The downside to this process is that encryption with RSA takes significantly more computer power and is therefore slower than DES.
While the size of the DES encryption key has been fixed at 64 bits, the size of the RSA based key can be variable. The RSA algorithm can use a much longer key than DES (512 bits is common). Because of this, RSA is regarded as being stronger than DES. Even so, the 429 bit (RSA 129) key was broken in April 1994 by a team of hundreds of researchers using many hours of computing time.
The RSA technology can also be used to provide a digital signature for document authentication. A message digest is produced using a hashing function performed on the document which is then encrypted with the private key. This digest is known as the digital signature which is attached to the message. The decryption of the digital signature using the public key and processing with the same hashing function should produce the same result as the message digest. An alternate public key encryption system was proposed in 1985 by ElGamal which built upon the RSA system. This system is being used for authentication and forms the basis of the proposed U.S. Digital Signature Standard (DSS). Figure 15.3 describes the public key encryption process.
In the figure 15.3 the client has two encryption keys, public and private. The public key is also known to the server. A message that is sent to the client is encrypted using the client’s public key. The client then uses the private key to decrypt the message. Using this method, only the client with the private key can successfully decrypt this message.
Secure communications between two parties can be accomplished using an exchange of public keys. For example if Beth wants to send a secure message to Ted and make sure that only Ted can read it, she will encrypt the message using Ted’s public key. Only Ted, using his private key, can decrypt the message. Ted can respond to Beth by encrypting the response with Beth’s public key which Beth will then decrypt using her private key. If Beth wants anyone to read the message, she will encrypt it with her private key, and anyone who knows Beth’s public key can decrypt the message. If Beth wants to prove that only she can have sent a message, she will use her own private key to create a digital signature for the message which will be decrypted by Ted, using Beth’s public key. It can be a little confusing about whose key to use. Care must be taken to make sure the security is maintained in the proper direction.
Considerations of Public Key
The public key encryption algorithms are much more compute intensive than the private key algorithms. The amount of computing power required is based on the size of the encryption key utilized. The larger the key, the less likely it can be broken, but the more processing power is required for the encryption and decryption process. Key management will be an issue if a large number of users require individual keys. Each user location must maintain or have access to a directory of the public keys for the users or applications with which they interact. The public key approach is suited to situations where a user requires secure interaction with several other applications or users. This would be defined as a many to many relationship of users to applications. The public key algorithms generally include a digital signature capability that can be used for nonrepudiation.
Certification Authority
The management of the public keys for hundreds of users can be a significant problem. How can every user know every other user or server with whom they might communicate with? One solution to this problem is the use of certificates managed by a certification authority. A certificate is a signed message specifying a name and a public key. A certification authority is a secure repository of these certificates. A certificate is a data record that typically contains the user’s public key, the type of encryption algorithm used, the name of whose certificate it is, the period of time the certificate is valid, who issued the certificate, and a digital signature to verify the validity of the certificate.
If a user wants to send a message to another user or server using public key encryption and they do not know the public key of their intended destination, they can apply to the certification authority to obtain this key. The user must first know the public key of the certification authority and use it to recover the public key of the user served by that certification authority. The certificate authority can also be used to verify a user’s authentication credentials and may be required to generate authentication certificates for use by the users for other network applications and services.
The certification authority is charged with the responsibility of protecting and managing the certificates including the creation, expiration, and revocation. The predominate standard for certificates and the certification authority process is Open System Interconnect (OSI) standard, X.509. The X.509 authentication framework is a widely accepted standard within the computing industry, not only OSI networks. This standard defines the structure of certificates, the protocol for managing the certificates, and the methods that can be used to provide authentication, including digital signatures.
One major question is: Who will provide the certification authority? Many certification authorities may exist, each covering a different collection of users. One certification authority may apply to another for certificates on behalf of a user. The Internet Request for Comment (RFC) 1422 contains a recommendation on the organization and hierarchy of certification authorities that should be followed. It would seem natural that banks, the post office, and even credit card processors will be vying for the opportunity to operate certification authorities. Telephone companies are starting to announce their positioning for providing network certification authority services.
Encryption Issues
The management of the keys required for the encryption algorithms is one of the complex issues to be addressed when selecting encryption technology. The use of a private key algorithm requires that the same key be securely used and stored at all of the locations that require messages or data to be encrypted or decrypted. Any changes to the private key need to be implemented simultaneously and in a secure manner in all of these locations to maintain the required security of the data. The public key approach requires that individual key pairs be selected and implemented for all of the users of the system. This may result in the requirement for a large number of keys to be generated, assigned, and utilized. The basic problem with public key encryption is the proliferation of the keys. The primary problem with private key encryption is that knowledge of the private key is required.
Encryption Key Management
The management of encryption keys requires that the several specific issues of key management be addressed. Key generation and registration is the ability to bind a key to its intended use. The problem is essentially how to associate the key to a user. Key distribution addresses the secure delivery of the encryption keys to all of the locations where encryption takes place. Key activation/deactivation is the ability to enable or disable keys. Keys may be changed in a specific interval- or time-dependent process. Specific keys may only be used for the secure distribution of changed encryption keys. Key update or replacement is the organized change from one encryption key to another. Key revocation or termination is the ability to mark an encryption key as invalid. This may be required in the case of a suspected compromise of an existing key.
A standard has been defined under the American National Standards Institute (ANSI) to manage the key distribution process in the financial sector. The Financial Institution Key Management (Wholesale) standard, ANSI X9.17, was defined in 1985. Multiple layers of keys are required to provide the secure change of encryption keys. The X9.17 standard defines a protocol for establishing new keys and replacing existing ones.
Another key management issue becomes important when considering the requirement for key escrow. That is the requirement to hold an encryption key in escrow in case it is needed for extraordinary purposes. This may be important in an instance when an employee, who has encrypted corporate data, leaves, and takes the key. Access to this data will not be possible without access to the encryption key. A provision for holding a key in escrow may address this problem. On the other hand, a policy that requires the employee to keep encryption keys secret is also required. The strongest locked door is useless if the key is found hanging on a hook beside the door.
Export Considerations
The encryption technology that is available from the United States is classified as munitions. It is restricted for export outside of North America unless a proper export license can be obtained. The granting of the license is generally dependent on what the encryption algorithm will be utilized for and against what type of data. If the encryption requirement is tied to specific data in a contained environment, the license may be easier to obtain than if the implementation will be available for generalized encryption over nonspecific data. The export license application can take several months from application submission to approval. There are some exemptions to the export restriction for financial institutions.
An export license may be easier to obtain if the application that will execute the encryption algorithm uses the algorithm for predefined functions against predefined data. The export license is much more difficult to obtain if generalized technology used to develop an encryption capability is exported instead of the application. Recent developments have indicated that there are copyright concerns over the distribution and use of some public key technologies. Users of contributed encryption mechanisms, as with any contributed software, should check for copyright or governmental restrictions on its use.
Evaluation Considerations
There are differing performance impacts on computing resources depending on the encryption algorithms selected. The public key algorithms generally require more processing resources than private key algorithms. The utilization of resources is also dependent on the chosen size of the encryption keys for public key encryption. The larger the number of bits in the encryption key, the more secure the encrypted message is, but at an increasing resource utilization expense. The strength of the encryption algorithm is also important and must be considered along with the size of the encryption key.
Access to support for the encryption technology should be available. The ease of use for key generation and assignment will be a factor. The availability of the required key management processes will be another consideration. Key management must itself be able to be handled in a secure manner. The impact on integration of the encryption technology with existing applications and processes should be a consideration. A hardware approach to encryption would be more costly than a software approach in terms of capital expense but may avoid a performance problem. A hardware solution should only be contemplated if a solution is required that is completely outside of the application system.
What Should Be Encrypted?
As mentioned previously, encryption should be applied for two different reasons. The first purpose of encryption is to provide confidentiality for the storage and transmission of authentication or authorization components such as passwords, personal identification numbers (PINs), and any message authentication tokens. The second purpose is for confidentiality of network transmissions.
The variation between a minimum or recommended implementation of encryption services will differ in the amount of information that is encrypted and not on the encryption technology. Encryption should always be used for the secure storage and transmission of logon passwords or other information used for authentication or authorization. It should be used for the secure storage and transmission of customer assigned information such as PINs. Any message authentication codes or digital signatures should be encrypted when included in a transmitted message.
Portions of messages transmitted on a network, especially an untrusted network, should be encrypted. The encrypted data should not be limited to transaction field boundaries and should include portions of fields that are subject to change on every message. This will make it very difficult to predict or replay values from the message. For example, bytes 11 through 27 of every message should be encrypted. This will prevent the ability to use a replay of an intercepted message. Any information that is classified as highly confidential should be encrypted when stored or transmitted.
Impact and Risks
The impact of the implementation of encryption will be most noticeable on the processing resources required to support the encryption algorithms. The algorithm will require CPU cycles to complete the encryption process. The larger the size or number of the data fields where encryption is required, the larger the impact on the CPU resources required to support the encryption. The larger the size of the public key will also increase the processing cycles consumed.
The major risk with the private key encryption approach is the potential for exposure of the encryption key. Secure storage of the encryption keys is required. The exposure can be limited if separate encryption keys are used for each user, but this compounds the key management problem. The impact of the management of the required encryption keys will depend on the number and the required location of the keys. Care must be taken to ensure that the correct encryption key is used.
An alternate approach to providing encryption that does not have an impact on system processing requirements is with the use of hardware encryption devices. The encryption will take place completely outside of the application by specific hardware devices. This approach will secure every transaction between a client and a server if the encryption devices are used in all of the locations. This, however, can introduce significant expense depending on the number of locations and the requirement for support and backup units.
The Clipper Chip
A great deal of controversy and debate has surrounded a proposal by the Clinton administration for a hardware encryption standard. The initiative, which proposes a standard for the digital encryption of messages, is based on an encryption computer chip design called Clipper and an encryption algorithm called Skipjack. The suggested uses of the Clipper chip include its incorporation in computer hardware and wireless digital communications.
Most of the controversy surrounding the chip involves a security backdoor to the chip, which would allow the U.S. government access to its secrets. The backdoor is called the LEAF (Law Enforcement Access Field), whose access requires a series of keys, which would be held by agencies of the U.S. government. The concerns surrounding the Clipper chip include the cost and performance of the chip, fears over invasion of privacy, acceptance of its use outside of the United States, and the subsequent impact on the U.S. computer manufacturing industry and the strength of the LEAF access control mechanism. Suspected weaknesses in the LEAF Escrowed Encryption Standard (EES) [NIST94] algorithm was described in a June 1994 abstract titled "Protocol Failure in the Escrowed Encryption Standard" by Dr. Matt Blaze of AT&T Bell Labs.
Digital Signature
A digital signature is a method of attesting to the origin and contents of an electronic document. Digital signatures are based on the idea that if the entire contents of a document is used as input to an encryption algorithm, then even the smallest changes to the original document will cause significant changes to the encryption output and can be easily detected. The encryption mechanism used for documents is termed a hash algorithm, and the output is called the message digest. What if the hash algorithm also uses an encryption key known only to the sender? The result would be a document where the smallest change to the document is detectable and the originator can be uniquely identified.
The message digest is created with the sender’s private key, which produces a unique digital signature for the original document. The recipient is given the sender’s public key, which is used to verify the digital signature on the document in a process termed signature verification. Figure 15.4 illustrates the use of public key encryption to generate a message digest. This message digest is re-created by the recipient and compared to the digest attached to the message. If they both agreed, then the message came from the sender and has not been altered.
The creation of a message digest whose key is known only to the sender is termed a digital signature. An original copy of the message, along with the message digest, is sent to the recipient of the document. The recipient uses the original document and a similar hash algorithm to create a second message digest. The original message digest is compared to the re-created message digest, and even the smallest change to the signature or data can be detected. Digital signatures are said to provide irrevocable evidence as to the contents and originator of a message. Figure 15.4 outlines the process of protecting a message using a digital signature.
If the original message must be kept private, then it may be encrypted with a secret key unique to the message. The secret key is then encrypted using the recipient’s public key, and may be retrieved by the recipient using their private key. This method seems complex, so why not just encrypt and decrypt the entire message using the public key? The secret key method, such as DES encryption, is used because encrypting and decrypting the document using a public key is orders of magnitude slower than using a secret key.
Recently, the Department of Commerce’s National Institute of Standards and Technology released FIPS Standard 186. This document proposed a new standard for digital signatures, called the Digital Signature Standard (DSS). The DSS uses a new hash algorithm, called the Digital Signature Algorithm (DSA).
The primary uses for digital signatures are for electronic mail, document submission, Electronic commerce over a public network, and electronic data interchange (EDI). Many other uses can be anticipated. Basically, we foresee the technique being used by any application that requires irrevocable authentication of information. This can happen as long as you trust the privacy of the private key. What does it take to convince a court of law?
Summary
Encryption is one of the best ways to provide confidentiality in a computing system. It can also be used as another line of defense if unauthorized access is gained to computer systems and data. Little use of the data can be made if it is encrypted. Encryption is often specified as a requirement in a security solution, perhaps even before the requirements for confidentiality are clearly understood. A thorough understanding of your requirements is recommended before selecting a particular encryption technology. Both the private key and public key approach have their place in providing confidentiality. Public key technology has been recently receiving most of the attention since it provides the capability of supporting many-to-many relationships without adding significant management overhead. Remember that confidentiality is the requirement and encryption is the solution.
Encryption provides a further level of safeguarding corporate information assets beyond the operating system and network controls. With the increased availability of both commercial and contributed solutions, in particular public key technologies, the use of encryption to enhance security will increase. If the problem of key management can be more easily addressed, encryption technology should provide a strong weapon in the war for computing security.
|
REPORTS
ANALYTICS
Follow 
