Boost PC performance: How more available memory can improve productivity
Security Systems for Digital Data - Paper
1. Bernhard Hofer CIST 3100 03/10/08
University of Nebraska at Omaha
Management Information Systems
Spring 2008
Bernhard Hofer
Individual Presentation – Security Systems for Digital Data
CIST 3100 – Organizations, Applications & Technology
Instructor: Victoria Badura
Date: 03/10/08
Presentation Assignment Page 1 of 17
2. Bernhard Hofer CIST 3100 03/10/08
Table of Contents
Introduction .................................................................................................................... 3
A Brief history about cryptography ................................................................................. 4
Terminology of cryptography.......................................................................................... 6
Encrypting Digital Data................................................................................................... 7
General Information .................................................................................................... 7
Symmetric key system (private key)............................................................................ 8
Block ciphers........................................................................................................... 8
Stream cipher .......................................................................................................... 9
Asymmetric key system (public key)......................................................................... 10
Problems with one way asymmetric encryption ..................................................... 11
The solution .......................................................................................................... 11
The Internet – Big Brother is watching YOU................................................................. 13
Requirements for secure interaction........................................................................... 14
Useful applications.................................................................................................... 15
Protect Your Password .............................................................................................. 16
The Future: Quantum Cryptography.............................................................................. 16
Presentation Assignment Page 2 of 17
3. Bernhard Hofer CIST 3100 03/10/08
Introduction
Nowadays, nobody would send important information over the Internet without securing
them properly. Nobody? That is the big question of this paper. The Internet is grown to
the largest information network in the world and that nearly over night, in the last
century. A lot of people use it and don’t think about the consequences it has to send
important and/or confidential information over the public network Internet. This paper
and the corresponding slides should give an insight into how data could be secured, in
particular, how data could be encrypted to use the Internet as an information channel for
important data.
This document is a combination of the slides and a description of the mentioned topics in
more detail. Every information provided in this document is related to a slide of the
presentation to show the connection. Furthermore, this presentation is not held for IT
specialists and contains no detailed information about the algorithms and background
knowledge about ciphering systems. Again, the main purpose of this document is to give
an overview of the bandwidth of the field cryptography and how everybody, even for
private purposes, could use technology to secure data. To take a single example, the goal
is to tell people how to send an encrypted email to other people. By this way, I hope I
could galvanize the audience and give some basic information about the most common
cipher methods used in the modern information world, the Internet.
Presentation Assignment Page 3 of 17
4. Bernhard Hofer CIST 3100 03/10/08
A Brief history about cryptography
From the beginning people always want to share information private. Ronald Rivest, the
founder of RSA, describes it that way “Encryption is the standard means of rendering a
communication private” (R. Rivest, A. Shamir, L. Adleman. A Method for Obtaining
Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, Vol. 21
(2), pp.120–126. 1978). This matter of fact has not changed over the times. One of the
first documented use of a form of cryptography was in Egypt’s Old Kingdom over 4.500
years ago. It was a very easy system, but definitely efficient. They used non-standard
hieroglyphs to communicate in privacy with each other. As nearly every technological
development was made by the military, also this method was used for military purposes.
The Greeks of Classical times enhanced cryptography and were the first people, who
used a key to encrypt and decrypt messages also known as transcription cipher
(Wikipedia, http://en.wikipedia.org/wiki/Transposition_cipher, 03/10/08 9:45am). They
Presentation Assignment Page 4 of 17
5. Bernhard Hofer CIST 3100 03/10/08
had a wood stock and wrapped a piece of paper around it. Then a message was written on
this piece of paper and after unwrapping it, the message was delivered to the receiver.
The receiver had the same wood stick and by wrapping the piece of paper on his stick, the
receiver could decrypt the message.
The important thing is the usage of a key, which produces a message, which is not
readable for anybody without the key. The key in this case is the diameter of the wood
stick.
Another common technique was to replace a text letter by letter with some fixed number
of positions further down the alphabet. This method was called Caesar cipher, because
the emperor used it so sent encrypted messages to his generals on the battlefield. For
instance, if there is the world “hello”, Caesar replaced each letter with three further down
the alphabet. “hello” becomes “khoor” (regarding David Kahn, The Codebreakers — The
Story of Secret Writing, 1967).
After this early development the next big steps were done during World War I and World
War II. Cryptography became a hard science and a lot of new technologies got
developed. For example the Enigma machine of the Germans, which was an elaborate
system to encrypt and decrypt messages. But the big problem with all these developments
was that if the adversary gets the wood stick, knows the number of shifts in the alphabet
or has an Enigma machine every message could be decrypted and, of course, wrong
messages can be encrypted to confuse the other party.
It was not until 1976, however, that in a groundbreaking paper, Whitfield Diffie and
Martin Hellman proposed the notion of public-key (also, more generally, called
asymmetric key) cryptography in which two different but mathematically related keys are
used — a public key and a private key. From this time on, the world of cryptography
changed a lot from it’s beginnings and opened the door for a whole bunch of new
technologies (Whitfield Diffie and Martin Hellman, “Multi-user cryptographic
techniques", AFIPS Proceedings 45, pp109–112, 1976).
Presentation Assignment Page 5 of 17
6. Bernhard Hofer CIST 3100 03/10/08
Terminology of cryptography
The word cryptography or cryptology derived from Greek κρύπτω kryptó "hidden" and
the verb γράφω gráfo "to write" or λέγειν legein "to speak". Which has a combined
meaning of “secret writing” (Liddell and Scott's Greek-English Lexicon, Oxford
University Press, 1984).
There are some other important terms provided on this slide above. “Until modern times,
cryptography referred almost exclusively to encryption, the process of converting
ordinary information (plaintext) into unintelligible gibberish (ciphertext)” (David Kahn,
The Codebreakers — The Story of Secret Writing, 1967). Decryption is the reverse,
moving from unintelligible ciphertext to plaintext. A cipher is a pair of algorithms, which
creates the encryption and the reversing decryption. The detailed operation of a cipher is
controlled both by the algorithm and, in each instance, by a key. This is a secret
parameter (ideally, known only to the communicants) for a specific message exchange
Presentation Assignment Page 6 of 17
7. Bernhard Hofer CIST 3100 03/10/08
context. Keys are important, as ciphers without variable keys are trivially breakable and
therefore less than useful for most purposes. Historically, ciphers were often used directly
for encryption or decryption, without additional procedures such as authentication or
integrity checks (regarding Wikipedia, http://en.wikipedia.org/wiki/Cryptography,
03/10/08 10:23am).
Encrypting Digital Data
General Information
Again I would like to cite Ronald Rivest, who said that “Cryptography is about
communication in the presence of adversaries” (Ronald Rivest, "Cryptography" From the
Handbook of Theoretical Computer Science, edited by J. van Leeuwen, Elsevier Science
Publishers B.V., 1990).
Modern cryptography is spliced into two big parts of how to encrypt data. At the one
hand there are symmetric methods. By this method both, the sender and the receiver,
share the same key to encrypt and decrypt a message. “This was the only kind of
encryption publicly known until June 1976” (Whitfield Diffie and Martin Hellman, "New
Directions in Cryptography", IEEE Transactions on Information Theory, vol. IT-22, Nov.
1976, pp: 644–654). On the other hand there are the asymmetric methods, which consists
of two different keys. These two different keys are mathematically related to each other,
but you can’t encrypt and decrypt a message with only one of them. On the following
pages, these two methods are described in more detail.
Presentation Assignment Page 7 of 17
8. Bernhard Hofer CIST 3100 03/10/08
Symmetric key system (private key)
As mentioned before, the sender and the receiver share the same key. The big advantage
of this method is that it is very fast and don’t need a lot of hardware resources. On the
other side the really big disadvantage is that if the key get lost or fall into the wrong
hands, this method is not secure any more.
There are two methods how to encrypt/decrypt a message with symmetric key systems, in
particular block and stream ciphers.
Block ciphers
A block cipher is a symmetric key cipher, which operates on fixed-length groups of bits,
with an unvarying transformation. When encrypting, a block cipher might take a (for
instance) 128-bit block of plaintext as input, and output a corresponding 128-bit block of
Presentation Assignment Page 8 of 17
9. Bernhard Hofer CIST 3100 03/10/08
cipher text. The exact transformation is controlled using a second input — the secret key.
The decryption process is similar, the decryption algorithm takes, in this example, a 128-
bit block of cipher text together with the secret key, and yields the original 128-bit block
of plaintext. To encrypt messages longer than the block size (128 bits in the above
example), a mode of operation is used (regarding Wikipedia,
http://en.wikipedia.org/wiki/Block_ciphers, 03/10/08 11:43am).
The most common block cipher systems are DES, AES, IDEA, Camellia and Twofish.
Stream cipher
A stream cipher is a symmetric cipher where plaintext bits are combined with a
pseudorandom cipher bit stream (keystream), typically by an exclusive-or (xor)
operation. In a stream cipher the plaintext digits are encrypted one at a time, and the
transformation of successive digits varies during the encryption. An alternative name is a
state cipher, as the encryption of each digit is dependent on the current state. In practice,
the digits are typically single bits or bytes (regarding Wikipedia,
http://en.wikipedia.org/wiki/Stream_cipher, 03/10/08 11:43am).
An example is the following:
Plaintext: Hello
Cipher: cist
Cipher text: Kne fr
The really big problem with stream cipher is that if you have the plaintext and the cipher
text it is very easy to find out the cipher algorithm and/or the key, which is used. This
problem is very relevant on WEP encryption standard for Wireless LAN.
The most common stream cipher systems are RC4, SEAL, A5 and Bluetooth-Standard
E0.
Presentation Assignment Page 9 of 17
10. Bernhard Hofer CIST 3100 03/10/08
Asymmetric key system (public key)
As mentioned before, the Asymmetric key system was founded by Diffie and Hellman in
1976 an opened a completely knew understanding how to encrypt data. This system uses
two different keys, which are mathematically related to each other. There is the so-called
public key and the private key. This method is deeply based on mathematic and needs a
lot of more hardware resources than the symmetric key system. By this matter of fact,
asymmetric key systems are very slow in comparison to symmetric key systems.
There are two ways how a message could be encrypted. On the one hand the sender could
encrypt the message with his private key and the receiver decrypt the message with the
public key of the sender. Or on the other hand, the sender encrypt the message with the
public key of the receiver and the receiver decrypt the message with his private key.
Presentation Assignment Page 10 of 17
11. Bernhard Hofer CIST 3100 03/10/08
Problems with one way asymmetric encryption
There is one big problem for each of the mentioned methods how to encrypt data with an
asymmetric system above. Firstly there is a confidentiality problem, because everybody
with the public key of the sender could encrypt the message. The receiver knows who
sent the message, because just the sender could have the private key. But for the sender it
is not really secure. Secondly there is an authentication problem, because the sender
encrypts the message with the public key of the receiver and so the receiver doesn’t
exactly know, from whom the message is. It is guaranteed that the message could just
read by the receiver, but the problem here lies in the hands of the receiver, because there
is no authentication of the sender possible.
The solution
Presentation Assignment Page 11 of 17
12. Bernhard Hofer CIST 3100 03/10/08
If the process is repeated twice, every disadvantage of each run could be suspended by
the other run. Which means that the sender and the receiver use a double handshake
process to verify their authentications and, of course, the confidentiality of their
messages.
In practical use now message is encrypted by asymmetric systems, because it takes too
long and the process needs too much hardware resources as well. The logical solution is
that the asymmetric system is used to share a symmetric key between the sender and the
receiver. If both know the key, they could communicate secure with a symmetric system.
The big problem of symmetric key methods is to share the key, which is eliminated by
using the asymmetric key system to share just the symmetric key.
A really good example for this combination of the two methods is the Secure Socket
Layer (or SSL) protocol, which is used over the Internet to guarantee secure data
exchange. The browser and the server, for example of a on-line banking system,
exchange a symmetric key by using an asymmetric key system. This happens every day
in hour life in the background and works very well.
Presentation Assignment Page 12 of 17
13. Bernhard Hofer CIST 3100 03/10/08
The Internet – Big Brother is watching YOU
Know the only question is, why are this encryption technologies so important for
everybody? The answer is very easy, because the Internet is a big public and local
structure. With other words, the Internet is a none secure and open information system for
everybody like private people, the public authorities and, of course, economic player.
Cryptography is the only way for privacy and protection of personal data over the World
Wide Web. This matter of fact makes the whole encryption topic so important for
everybody of us.
Presentation Assignment Page 13 of 17
14. Bernhard Hofer CIST 3100 03/10/08
Requirements for secure interaction
This slide shows the five big points of the prerequisites, which must be accomplished for
a secure interaction (Andreas Pfitzmann, “Security in IT Networks: Multilateral Security
in Distributed and by Distributed Systems”, 2001).
Presentation Assignment Page 14 of 17
15. Bernhard Hofer CIST 3100 03/10/08
Useful applications
This is just a short overview of technologies, which enables us to communicate secure
over the Internet. One of the most common applications is PGP, which was founded by
Phil Zimmermann in 1991. PGP stands for Pretty Good Privacy (Zimmerman, Phil,
“Why I Wrote PGP”, 1991). One of the advantages of PGP is that it encrypts emails
automatically and shares a key with the receiver of the message. It uses an asymmetric
key system (RSA and IDEA) and is also very common for the usage of Digital Signature.
Digital Signature is nothing else than a certificate, which guarantees the receiver of a
message that the message was sent from the person he expects. It is also part of an
asymmetric system. The Secure Socket Layer (SSL) protocol mentioned before one of
the big applications, which helps us to communicate in a secure way over unsecured
networks as well.
Presentation Assignment Page 15 of 17
16. Bernhard Hofer CIST 3100 03/10/08
Protect Your Password
The biggest problem is not to hack an encryption method; it is that people use very easy
passwords, which are wide opened for Brute-Force-Attacks. There is a whole bunch of
other methods to steal passwords from people, which would break the mold of this paper.
Just to mention a few of them like Fishing, Sniffing, Cross Side Attacks, etc.
The Future: Quantum Cryptography
I would like to give a short overview about the upcoming technologies in this area. One
of the biggest developments was the use of quantum physics to encrypt data. Basically
Quantum cryptography, or quantum key distribution (QKD), uses quantum mechanics to
guarantee secure communication. It enables two parties to produce a shared random bit
string known only to them, which can be used as a key to encrypt and decrypt messages
(H. Chau, Physical Review A 66, 60302, 2002).
Presentation Assignment Page 16 of 17
17. Bernhard Hofer CIST 3100 03/10/08
The really cool thing is that if somebody interferes or tries to wiretap the encrypted
message, the message itself get destroyed or modified so that the receiver of a message
knows, if somebody tried to read it.
The Austrian researcher Anton Zeilinger first implemented this technology between BA
CA bank and the Vienna City-Hall over a 1,500m FDDA cable in April 2004. This
experiment first showed the versatility of this technology in the daily business life and
was a forecast for future developments (Will Knight, “Entangled photons secure money
transfer”, NewScientist, April 2004).
Presentation Assignment Page 17 of 17