Encryption and Data Security

1
Encryption and Data Security
Jungles, Towers, Monkeys, Locks and Keys.
2
4 ?????? ????? ?????? ???????
Confidentiality - ??????
Integrity - ?????
Interception
Modification
Is my communication private?
Has my communication been altered?
Authentication - ??????
Non-repudiation - ????? ???????
?
Claims
NotSent
NotReceived
Fabrication
Who am I dealing with?
Who sent/received it and when?
3
Agenda

• What are EC Security Threats and Issues
• Web server and Database Security
• Crypto-Basics
• Network Encryption
• SSL/PCT

4
Agenda (2)

• Main concepts Physical vs. Logical
  protectionsSymmetric vs. Public Key
  encryptionPrivacy, Integrity, Repudiation,
• Hash, Digital signature, Certification
• Security vs. Privacy as public interest
  concernsDES, SSL

5
Security - The Business Challenge
Whos the bad guy? Competitors, foreign
governments, network hackers, disgruntled
ex-employees, news and media, unauthorized
customers, employees, etc?
How do I protect my information from the bad
guys, without making employees and authorized
users less productive?
Outsiders
20
Insiders
80
How can I administer security consistently,
reliably, and cost effectively across all of my
distributed information resources ?
Studies show 80 of real security problems are
caused by authorized users
6
Security Threats in Electronic Commerce

• Client/server security
• ensuring that only the right people are accessing
  the network resources or content on Web servers.
  
• This includes password protection, encrypted
  smart cards, biometrics, and firewalls.
• Data and transaction security
• ensuring the privacy and confidentiality in
  electronic messages and data packets.
• This includes data encryption using various
  cryptographic methods.

7
Todays Client-Server Environment

• Introduces new network security vulnerabilities
• password/datastream snooping
• datastream modification
• Potential user population becomes much bigger
• User and host identification more difficult
• Physical security no longer enough

Server
EnterpriseNetwork
Host-basedSystem
Clients
8
TEMPEST, Echelon, Carnivore

• Transient Electromagnetic Pulse Emanation
  Standard
• FBIs Carnivore

9
Menwith Hill in the UK Alleged to be part of
Echelon
10
?????? ?????? ?????? ?? ?????? ??????

• ?????? ????? ?????
• ????? ????? ????
• ?????? ????? ????, ?????
• ????? ??????? ????? ?????

My Signature Date
11
User Identification Authentication

• choices for user authentication
• Using passwords
• Using Biometric devices or tokens
• Single Sign-On for host-based systems
• Single Sign-On Integration for network-based
  distributed security frameworks

12
Access Controls

• Object privileges implements need to know
  security
• Views extend object security to row, column level
  based on content or context
• Stored procedures, packages and functions support
  execute only privileges on well-formed
  transactions
• Roles provide privilege management

13
Auditing Accountability
Hold Users Responsible by...

• Audit Flexibility and Granularity
• Audit objects, users, operations, privileges...
• Securely Analyze Audit Information using SQL
• Database triggers enable context-sensitive
  auditing

14
Crypto Basics
15
The Internet And Security

• Internet is open
• Anyone can listen, modify,or repudiate
  transactions
• Security needs are verydifferent than
  traditional LANs
• No a priori information about users
• Large scale - millions versus thousands
• Completely decentralizedsecurity infrastructure
  
• Executable content

16
Users Security Needs

• Communicate privately
• Transmit confidential, personal information
• Verify identity of other parties
• Authenticate Web servers, clients
• Control access to information, resources
• Distribute private, paid-for information
• Create virtual private networks
• Conduct secure transactions
• Assure safety of order, payment information
• Ensure software authenticity
• Download trusted code from Internet

17
Need for Secure Communications

• Secure Web Channels needs to provide access to
  servers with
• Privacy packets cant be snooped
• Integrity packets cant be altered
• Authentication no TCP/DNS spoofing
• Certification
• Blinding
• Key Exchange

STANDARDS?
18
The basis of cryptography
Plain text Cipher text
Blah Blah Blah Blah Blah Blah Blah Blah Blah Blah
Blah Blah Blah Blah Blah Blah Blah Blah Blah Blah
Blah Blah Blah Blah
xdffhliouse345 fjged09e5fjsks qwfnxpdifuw0 awdbczo
ksrya aaksjhaswe4u fdnaweaa2wfs awrkjsfya38yf kpo8
0sdw304v
Key
Encryption Decryption
The key uses a mathematical algorithm to
transform plaintext into ciphertext and back
again
19
Symmetric Key Encryption
Plain-text input
Plain-text output
Cipher-text
The quick brown fox jumps over the lazy dog
The quick brown fox jumps over the lazy dog
AxCv5bmEseTfid3)fGsmWe4,sdgfMwir3dkJeTsY8R\s_at_
!q3
Encryption
Decryption
Same key (shared secret)
20
Symmetric encryption

• ROT13 - no better than decoder rings, Ceasars
  code, AT-BaSh
• Application embedded (see accessdata.com)
• DES US Govmnt. standard. 16 reshuffles of 64 bit
  data chunks. Relatively short (56 bit) key.
  Efficient! Can be broken, with long hours use of
  brute force. No practical attack published yet.
  Key choice is a vulnerability.

21
Symmetric encryption (2)

• Triple DES (3DES) Applees DES three times. Can
  get encryption with up to 168 or 112 bit key.
  Not restricted by patents.
• IDEA (International Data Encryption Algorithm)
  shuffles 64 bits at a time, like DES. 128 bit
  key, which is long enough to resist brute force
  keyspace search.

22
Public Key Encryption
Clear-text input
Clear-text output
Cipher-text
The quick brown fox jumps over the lazy dog
The quick brown fox jumps over the lazy dog
Py75cbn)9fDebDFaqxzjFr_at_g5nmdFg5knvMdrkv
egMs
Encryption
Decryption
Different keys
Recipients public key
Recipients private key
23
Public Key Pairs
Public and private keys are always generated as a
matched pair
Keys are mathematically related but it is
computationally infeasible to deduce a private
key from its public key Private keys are kept
secret - preferably by being stored in a
tamper-resistant chip
Public keys are just that - public!
24
Key Management

• Key Management is THE problem/opportunity
• Public and private keys are always generated as a
  pair at the users machine
• Public key can be openly shared
• Private key is always kept private(it never
  leaves the machine where it was generated)

25
Key Pair Use

• Recipients public key is used to send a
  randomly chosen communication key
• Senders private signing key is used in digital
  signature operations
• Recipient verifies signature using senders
  public signing key

26
Why Use PublicKey Authentication

• Better security than passwords
• Better scalability than passwords
• No need to distributepassword databases
• Builds to emerging technologies
• SmartCards
• Crypto accelerators

27
Why Use PublicKey Authentication
CONTAINMENT dealing with the outcome of a breach
in security.

• Key distribution how keys are created and moved
  to where they will be used.
• Key revocation how compromised keys are
  recovered or at least invalidated.

28
Why Use PublicKey Authentication

• The cost of key distribution plus the cost of key
  revocation is a constant.
• As a result, secret (symmetric) key systems have
  high distribution costs but low revocation costs.
  Public key systems have low distribution costs
  and high revocation costs.

29
Secure Communication

• Symmetric encryption for data
• Public key too slow for bulk data encryption
• Export restrictions dont allow bulk encryption
  using public key
• Uses key-exchange key pair
• Public key exchange key of recipient is used to
  privately share the symmetric key

30
Secure Communication
(1) Sender generates a random symmetric session
key
A03DB982402C23F
Encryption
Decryption
(3) Recipient uses its private key to decrypt
session key
(2) Sender encrypts session key using recipients
public key
31
Digital Signature

• Used like a handwritten signature
• Verifies the identity of the signer
• Guarantees the document has not been modified
  since signed
• Basis for non-repudiation
• Uses a separate signature key pair
• Document hash encrypted with signers private
  signature key

32
?? ?? HASH ? ????? ?? ????? ???? ?????? ????? ?.?

• ???? ????? ????? ????? ?- 8 ????? ????? ??????.
• ???? ????? ???? ??????? ??? ????? HASH ?? ????
  ?.?.
• ???? ????? ???? ???????
• 2 5 7 4 5 7 3 0 - ????? ??? ???? ??????
• 2 1 2 1 2 1 2 1- ???????? ?- Hash
• 4 5 5 4 1 7 6 0
• ?????? ?? ???? ?????? gt 32
• ?????? ?????? ?? ??????? ?- HASH ??? ???? ??????
  ????? ????? ??? (?????? ??? ?- 40), ????? ??
  ???? ??????? - ????? 8.
• ?????, ?? ????? ????? ????, ????? ??????
  03754752-8

?? ?????? ????? ????? ?- 9, ?????? ?? ????
??????, ???? 1427, ???? ????? ?????? ??? 514
33
????? ???????? ?? ????
Only Private Key holder can sign
34
????? ?? ????? ????????
?????, ???? ???? ?????? ??? ?????? ?- HASH ??
????? ?? ????? ????? ???? ?? ???? ????
Anyone can verify
35
Digital Signature
Priv
key
Originaldoc
One-way hash
Signed document
SHA
36
Certificates

• Digitally signed document
• Associates identity with public key(s)
• Signed by a trusted certifying authority
• Identity proved by ability to encryptusing
  associated private key

37
Certificates
The authenticity of the certificate is guaranteed
by the digital signature generated using the CAs
private key
Certificate binds a name to public key(s)
Credential expiration
38
Certificates

• Certifying authority
• Binds name to certificate
• Can be multiple CAs in a hierarchy
• Certification can be delegated...
• Trust can form a Web
• More than one party can certify an entity

39
Establishing Trust
(1) Verify digital signatureon document
Hash 1
COMPARE?
Hash 2
Signed Document
This document is signed by Barbara
(2) Verify the digital signatureon Barbaras
affidavit by checking it against Steves public
key(found in Steves affidavit)
This is Barbaras affidavit, which is signed by
Steve
(3) Verify the digital signatureon Steves
affidavit by checking it against the trusted root
public key
This is Steves affidavit, which is signed bythe
trusted root
The trusted roots public key is hardcoded in the
software or a self-signed certificate is in the
registry
40
Encryptionon the Network
41
Network Encryption (VPN)
NETWORK

• Network Encryption provides
• privacy confidentiality for all data, commands,
  passwords, etc. passing over the network
• integrity sealing / tamper proofing for all data
• Encryption keys are generated and managed
  automatically - on a per-session basis

42
Network Encryption Protocols
Integrity Algorithms
Confidentiality Algorithms
128-bit, 56-bit, and 40-bit RC4 DES and
DES40 Fortezza SHA
Fortezza SHA
Secure Automatic Key Management using
Diffie-Hellman
seedABCD
Key Generator
Key Generator
seed 5678

• Algorithm choice negotiated at connection time

43
Secure Connection onthe World Wide WebSSL/PCT
protocol information
44
SSL 3.0 Handshake
ClientHello
ServerHello Certificate CertificateRequest
ServerKeyExchange
ClientKeyExchange Certificate
CertificateVerify Changecipherspec Finished
Changecipherspec Finished
Indicates optional or situational-dependentmess
ages that are not always sent
45
Secure Connection Features

• Secures socket connection
• Quick reconnect
• Provides encryption andmessage authentication
• Public-key-based key exchange
• Authenticates serverand (optionally) client

46
Privacy vs. Accountability

• Small towns are wonderful places, because you
  know everybody.
• Small towns are awful places, because everyone
  knows you.

47
Privacy vs. Accountability

• Liberty vs. Civil order

Benjamin Franklin Those who would trade Liberty
for Security deserve neither.
Thomas Paine The price of Freedom is eternal
Vigilance.
48
Privacy vs. Accountability

• Liberty vs. Civil order

Esther Dyson Encryption is a powerful defensive
weapon for free people. It offers a technical
guarantee of pivacy regardless of who is running
the government. Its hard to think of a more
powerful, less dangerous tool for liberty.
49
Privacy vs. Accountability

• Liberty vs. Civil order

Simson Garfinkel Privacy could be the crowbar
that finally splits the classes apart for good.
We already have the financially rich and
financially poor, and the information-rich and
information-poor. But we may soon add the
privacy-rich and privacy-poor. And that could be
the biggest threat to democracy yet.
50
PGP, created by Phil Zimmermann, is a good
example of public key cryptography It gives you
privacy by allowing you to encrypt your files
and email so that nobody can read them except
the people you choose PGP allows you to
create a digital signature on your files and
email
51
PGP is basically used for 3 things 1. Encrypting
a message or file so that only the recipient
can decrypt and read it The sender, by
signing, guarantees to the recipient, that
the message or file must have come from the
sender and not an impostor 2. Clear signing a
plain text message guarantees that it can only
have come from the sender and not an impostor
In a plain text message, text is readable by
anyone, but a PGP signature is attached
52
3. Encrypting computer files so that they can't
be decrypted by anyone other than the person
who encrypted them PGP uses public and private
keys Public keys are kept in individual key
certificates These include the owners user
ID (the persons name), a timestamp of when
the key pair was generated, and the actual
key certificate
53
Agenda (summary)

• Main concepts Physical vs. Logical
  protectionsSymmetric vs. Public Key
  encryptionPrivacy, Integrity, Repudiation,
  CertificationSecurity vs. Privacy as public
  interest concernsDES, SSL

54
(No Transcript)