References

Garfinkel and Spafford, Web Security and Commerce, chap. 11, O'Reilly 1997

Roger Clarke - many papers, including Data Transmission Security (or Cryptography in Plain Text)

Tanenbaum 3rd edition section 7.1

Attacks

The effect of attacks on computer networks include:

Tanenbaum fig 7.1Some people who cause security problems and why.

Methods of attack include:

Network Security needs

Confidential transmission, with integrity

Based on encrypting messages.

Key-based cryptography

uses a key and a known method (algorithm)
either or both may be supplied as software or hardware

Historical methods used private keys, simple algorithms.

Modern methods use very complex algorithms.

examples of keys

algorithms:

used in hybrid methods such as

Illustration - fig 10-1 Garfinkel and Spafford

A simple example of encryption and decryption

Strength of an encryption scheme

All encryption schemes can be attacked by cryptographic techniques, ranging from brute force (try every possible key) to subtlety.

The strength of an encryption scheme is a measure of how good it is in resisting attacks.

Strength depends on:

Garfinkel and Spafford p. 195

Security requires that encrypted messages be difficult to break.

Breaking security is possible with sufficient computing resources and sufficient data:
the aim is to make a scheme sufficiently strong at acceptable cost:
i.e. difficult to break, and acceptably easy to encrypt and decrypt.

Illustration: Garfinkel and Spafford fig. 10-2 Key search attack.

Encrypted message transmission

Sender transmits an encrypted message C derived by encrypting method E_method from plain message P and encrypting key E_key

C = E_method ( P, Ekey )

Receiver decodes the message (with a possibly different method and possibly different key)

P' = D_method ( C, D_key )

With correct use of keys and methods P' = P

Security may be based on

Private keys: - methods have straightforward inversion relationship, one (hidden) key is known to both parties.

Public key:- encryption is by a trapdoor function such that even knowledge of the encryption key, plus the encrypted message, and both methods, does not permit easy decryption.
Only the decryption key need be kept hidden (by the receiver);
the receiver can publish the encryption key for all senders to use.

Use of public keys of both sender and receiver can also be the basis of general authentication (see later).

Strength is generally increased by having larger key,
and with algorithm that distributes the effect of small differences in the key across large amounts of the message.

Principles of Data Encryption Standard

DES (Data Encryption Standard) Algorithm is widespread in USA
(prohibited export but re-implemented outside USA).

Dates from 1977 - IBM plus NSA.

• current standard has 56 bit key
  = 2⁵⁶ approx 10¹⁷ different keys - originally hard to guess or search exhaustively ( @ 3000 years at 1000 per second)
  Modern hardware and software make this unsafe
  - need approx 1 month for 140,000 high level home PCs brute force attack (use the Internet to recruit some) .
• DES is a product cipher
  - uses a combination of 19 transposition and substitution stages
  (simple enough stages to implement in hardware for speed)
• a block cipher
  - works on fixed-size blocks of data (64 bits)
  Blocks can be chained for transmission working and authentication (protects against inclusion of extra fake blocks within message).
  by XOR-ing previous block result with next block plain text before starting to encrypt it.

Tanenbaum fig 7-5 The data encryption standard

• commercially available, exports restricted
• has been re-engineered outside USA, substitutes also available.
• secure - enough but for not much longer, and not against Governments.
• currently still used in bank ATM networks
• Triple-DES - 3 keys used in sequence - is much stronger,
  is currently used by financial institutions.

Public key encryption - Trapdoor functions

A public key encryption system has these properties

• D_key ¹ E_key
• E_key (the encrypt key) is public to everyone
• D_key (the decrypt key) is kept private to the receiver only
• D_key = f ( E_key ) - but f is inherently very hard to compute
• the operations of encryption and decryption are relatively cheap
  C = E_method ( P, E_key )
  P' = D_method ( C, D_key )

RSA algorithm [Rivest, Shamir, Adleman: 1978]

1. choose p and q as prime numbers > 10¹⁰⁰ - keep private
2. compute
   • n = p x q - this becomes public, part of the key
   • z = ( p -1 ) x ( q - 1 )
     and choose d relative prime to z
     
     then D_key = d
     
   • choose e such that
     ( e x d ) mod z = 1
     
     then Ekey = e
     
3. the methods for enciphering and deciphering
   are to treat message as a very large precision integer number
   and apply exponentiation to key value, modulo n

• E_method ( P, e, n ) º C = P^e mod n
• D_method ( C, d, n ) º P = C^d mod n

Tanenbaum fig 7-11 An example of the RSA algorithm

This is a toy example : n=33, Ekey=3, Dkey=7, blocksize = 1 character

(additional comments on blocks of characters, lengths of codes etc. not included in overhead notes)

• Difficulty of breaking the RSA encryption is based on the difficulty of factoring large numbers:
  e.g. 32 MIPS-years for a 108 digit number [Richard Brent].
• This encryption method is not cheap to implement.
• is used for short messages to give security to longer ones
  in hybrid encryption schemes: