Reading: Apply encryption to network and system security

Apply encryption to network and system security

Inside this reading:

What is Encryption?

Encryption Methods

Authentication

Secure Data Transmission

Secure Data Storage

Threats to Encryption Systems

Implementing Encryption Solutions

Summary

What is Encryption?

Encryption is the process of taking some information or data, manipulating or changing its format in a way that stops it from being used or read by unauthorized people or systems. Encryption involves scrambling data so that it needs to be unscrambled, or decrypted, to be read. Encryption can be applied to data in storage (file systems, media, etc) or in transit via network or Internet connections.

Encryption can be useful to achieve appropriate levels of network security required by organisations. For example, an organisation using the Internet to perform financial transactions will want to ensure that details like bank account numbers, passwords, etc are kept secure and only accessed by intended recipients. Encryption can achieve this level of security by ensuring data confidentiality and integrity.

Encryption Methods

Information encrypted needs to be decrypted by authorised systems or people for it to be of any use. To decrypt, the receiver may need some additional information.

For example you are given a coded message on a piece of paper. To read it you need to know how it was coded. It may use a simple method of substituting numbers for letters but to decipher the message you need to know what letter equates to what number. This is the 'key' that will unlock the code.

Computer systems encrypt information the same way but use more sophisticated and complicated codes. Consider the following diagram:

Figure 1: Encryption process

The encryption process requires the following:

  • Original information – This is the data or information prior to being encrypted (may be referred to as plain or clear text)
  • An algorithm – a mathematical formula or process that accepts the input of original information and key data to produce an output or coded information (called cipher text)
  • Key data – data used by an encryption algorithm to encrypt or decrypt information
  • Cipher text – this is the encrypted original information produced by the encryption algorithm and key data.

The algorithm may work in both directions meaning that information can be encrypted and decrypted with the correct keys. Knowing any three items will allow you to derive the fourth. However encryption methods are designed to make discovering keys and algorithms extremely difficult.

Ciphering

Ciphering is the process of how data or the original information is converted into cipher text. The process uses algorithms and encryption processes, but more specifically this refers to how the raw data is managed. There are generally two cipher methods.

  • Stream cipher is a relatively simple method where each bit of data in the original information is sequentially encrypted using one bit of the key. If the key is of a fixed length it may be possible to mathematically deduce the key by analysing the cipher text. Using a variable length key or continually changing the key in the stream cipher process can theoretically produce an unbreakable encryption system. One-Time pad is the process of continually varying the encryption key with random numbers. This method is not commonly used because of overheads and encrypting efficiency.
  • Block cipher encrypts the original information into chunks. Depending upon the encryption system, the size of these chunks or blocks will be fixed. Each block is processed by an algorithm and key to produce blocks of cipher text. These cipher text blocks can be further used with encryption keys to strengthen the encryption. Block cipher processes more data than stream cipher on each pass and is more commonly used today.

Private Key Encryption

Private key encryption is also known as symmetric encryption or single key encryption. This encryption method requires the use of one key to both encrypt and decrypt information. All people and systems accessing the cipher text must use the same key to decipher that was used to encrypt the data.

Figure 2: Private key encryption

The security of data using this method depends upon the security of the key. Only authorised people and systems should have the key. It should be kept private and secret. If anyone else knows the key, the security of the data is compromised and all data should be encrypted using a new key. The new key needs to be distributed to all authorised people and systems. This may present operational difficulties if the locations are geographically diverse, distant and many.

Examples of private key encryption include:

  • Advanced Encryption Standard (AES: Rijndael)
  • International Data Encryption Algorithm (IDEA)
  • Data Encryption Standard (DES)
  • Triple Data Encryption Standard (3DES)
  • HmacSHA1
  • Blowfish
  • HmacMD5
  • TripleDES.

For more information on each of these systems, go online and search for each term through your preferred search engine (such as Google:

Public Key Encryption

Public key encryption, also known as asymmetrical encryption, uses two keys known as a key pair. One key is a private key and it is kept secret, only known to one person or system. A second key, known as the public key, is generated (mathematically derived) from the private key. The public key is not kept secret and is freely distributed to people or systems that wish to use encryption.

Figure 3: Public key encryption

Information encrypted with the public key can only be decrypted using the private key of the key pair. Therefore only the owner of the private key can decipher the information. The public key used to encrypt will not decrypt the cipher text it produces. It's a one way process. Public keys are used to encrypt and private keys are used to decrypt. Information encrypted with the private key can be decrypted using the public key for authentication purposes (using 'digital signatures' - this is discussed later).

This encryption method addresses the problem of distributing keys to people that require them. Public keys do not need to be kept private, so there is no need for special secure delivery methods and they can be made freely available using the internet.

Examples of public key encryption systems include:

  • Diffie-Helman
  • RSA
  • ElGamal
  • Elliptic Curve Encryption.

For more information on each of these systems, go online and search for each term through your preferred search engine (such as Google:

Authentication

If encrypted information is transmitted or stored, how can we be sure that it was sent or stored by a specific person? How can we be certain that the information hasn't been altered, modified or originated from some other source?

We can use a number of methods to authenticate data and information.

Digital Signatures

Using public key or asymmetrical encryption, information such as messages, documents, files etc. are encrypted using a public key and decrypted using the private key of a key pair. The public key is not secret and freely available so anyone could have encrypted the original data or information.

The originator can authenticate their data by using their private key. This is done by using the originator's private key to encrypt information about the original data (usually checksum information). This encrypted information is kept with or appended to the original data. This is known as a digital signature.

This digital signature can only be decrypted using the user's public key. If decryption of the information (the digital signature) is successful and compares correctly with that data being accessed (checksum, etc) we can be reasonably confident of the originator's identity and that the data has not been modified since the digital signature was added. This is most useful when downloading data from the internet.

The purpose of digital signatures is to certify information, not conceal it.

Digital Certificates

Public key encryption works using pairs of keys. Anyone wishing to send an encrypted message must use the recipient's public key to encrypt the message. If the recipient of the message wishes to verify the digital signature they must use the sender's public key. Where do we find these keys and how can we be sure that we are using the correct key of a pair?

Digital Certificates provide a means of identifying and managing public keys. A digital certificate is a password protected and encrypted file that contains information about an individual's identity and their public key.

A certificate server stores digital certificates and is used as a central location for users requiring public keys. This is known as a Certificate Authority (CA) and is a trusted authority providing certified public key information. CA can be setup with in an organisational network or are a service available on the internet. CAs can work in a hierarchy or mesh fashion to provide certificates from other CAs.

Reflect: Australian CAs

What Australian organisations act as Certificate Authorities (CAs)? To find out more, go online and search for the phrase ' Australian Digital Certificate Authority' through your preferred search engine (such as Google: You will find large organisations such as Australia Post and VeriSign Australia act as CAs. What other organisations also act as CAs?

Public Key Infrastructure (PKI)

Public Key Infrastructure provides a means for users of an insecure network to exchange data securely and privately. It is a complete infrastructure using public key encryption to provide the end to end security, confidentiality and accountability required for information exchange. Various vendors provide PKI products and solutions.

A public key infrastructure consists of:

  • A certificate authority (CA) that issues and verifies digital certificates. A certificate includes the public key or information about the public key
  • A registration authority (RA), a network authority that verifies user requests for a digital certificate and tells the certificate authority (CA) to issue it.
  • Locations where the certificates (with their public keys) are held
  • A certificate management system

For an overview of PKI try the Section 6 networks website ( Go to the Tutorials section and search for 'Digital certificates'.

Reflect: PKI users in Australia

Who is using PKI in Australia? To find out more, go online and search for the phrase 'Users of PKI Australia' through your preferred search engine (such as Google:

Kerberos

Kerberos is an authentication protocol that uses secret-key encryption to verify client identity and exchange information securely.

When a user attempts to logon to a server or system, a local agent sends an authentication request to the Kerberos server. The server responds by sending encrypted credentials for the user back to the requesting server or system. These credentials are then decrypted using the user-supplied password. If this is successful, the user is issued Kerberos authentication tickets and a set of cipher keys to encrypt data sessions.

Kerberos is a cross platform system developed by Massachusetts Institute of Technology (MIT) and has been incorporated into numerous products by vendors. See the website: web.mit.edu/kerberos/

Reflect: Kerberos

Find out more about who uses Kerberos. Use your preferred search engine (for example Google: to search for information about which products use Kerebos. Does Windows use it? What about Eudora or SAP?

Secure Data Transmission

There are a number of methods that use encryption to ensure that data transmission on a network is secure.

Internet Protocol Security (IPSec)

This protocol defines encryption, authentication and key management for TCP/IP transmissions. It secures data in transmission by various means at the IP packets level.

The key components of IPSec are:

  • Authentication Header (AH) This component authenticates and validates data packets. Each packet basically contains a digital signature
  • Encapsulation Security Payload (ESP) This component encrypts the data payload of the packet.
  • Internet Key Exchange (IKE) The above components AH and ESP use asymmetric encryption. IKE manages the public/private key exchanges for encryption and decryption.

IPSec can operate in two modes:

  • 'Transport' mode encrypts communications between two hosts.
  • 'Tunnel' mode places an encrypted IP packet into a traditional IP packet to ‘tunnel through' to a destination. This is used to support VPN transmissions.

For more information, go online and search for the term 'IPSec' through your preferred search engine (such as Google: You could also try the NetBSD project website ( - enter 'IPSec' in the search tool and find the 'IPSec FAQ' document).

Point-to-Point Tunnelling Protocol (PPTP)

The original Point-to-Point Protocol (PPP) is an encapsulation protocol for transporting IP traffic over point-to-point connections.

The Point-to-point Tunnelling Protocol (PPTP) is an expansion of the existing Point-to-Point Protocol (PPP). PPTP uses the same principle of encapsulating other protocol packets so that they can be transported via a switched network (the Internet) to a specific destination. The destination receives the PPTP packet and extracts the encapsulated data. PPTP also supports encryption and authentication.

This protocol is a proprietary Microsoft development and is widely used in conjunction with VPN (see below). There are open source alternatives that will also work with PPTP (for example 'PPTP Client' - see the Sourceforge website: pptpclient.sourceforge.net).

Layer 2 Tunnelling Protocol (L2TP)

This protocol is similar to PPTP but developed by a number of industry consortia. This protocol has become the method of choice for Microsoft Windows VPN

L2TP is just a tunnelling protocol. It is generally used with IPSec to provide encryption.

Virtual Private Network (VPN)

Virtual Private Networks are basically a secure connection through a network (Internet, WAN, etc) that connects either computers or networks together. These connections make remote users appear that they are on one single network.

The main functions provided by VPNs are tunneling, data security, data integrity and authentication. This is usually provided by a number of protocols, IPSec, PPTP and L2TP.

Secure Sockets Layer (SSL)

This is a method of encrypting TCP/IP transmissions between hosts. It is used for the encrypt web pages and data on web forms reroute. The encryption method uses public key encryption. It requires Digital Certificates

URLs prefixed with 'HTTPS' initiate an SSL session between the web browser and web server. Most online banking facilities will direct you to a secure site with 'HTTPS' at the beginning of the address.

Secure Shell (SSH)

This provides a secure means of establishing remote connections to a host. It provides authentication via the exchange of digital certificates and uses public key encryption. It is mainly used in Unix/Linux environment and is a means of using insecure protocols (telnet, ftp, etc) in a secure fashion.

Pretty Good Privacy (PGP)

This is one of the most popular encryption programs. This is a public key encryption system that provides authentication and encryption. It is commonly used for email transmissions and supports a wide range of operating systems. Both commercial and open source versions are available.

See the website: for PGP information.

Secure Data Storage

Encryption may be used to protect the confidentiality, integrity and authenticity of data in storage, such as that on a hard disk drive or tape. Encryption methods as discussed previously may be used but careful consideration must be given to the consequence of this.

Encrypting and decrypting data creates a significant overhead in terms of time and effort and will affect the accessibility and management of the data. There may be key management issues – numerous key pairs required, digital signatures and CA (certificate authority) required. Implementation will be determined by the business or organisation needs and requirements.

Most operating systems and storage systems have inbuilt encryption facilities. Implementing these may be more efficient but does place a reliance on the operating system.

Threats to Encryption Systems

The security that an encryption provides may be vulnerable because of possible deficiencies or circumstances.

Deficiencies in human and business processes or procedures

No matter how good an encryption system is it still requires some sort of management. Security relies on keeping private keys secret. If keys are stored or delivered ad hoc there is a good chance that the private keys will be compromised. Management and maintenance processes need to be checked to ensure security.

Users need to be aware of security issues. For example an encryption system may be doing its job well, but if a user leaves a logged on computer unattended the confidentiality of information may be compromised by someone else accessing the logged on computer.

Deficiencies in the cipher algorithm or process

Original data may be deciphered from cipher text by exploiting some weakness in the cipher algorithm. Algorithms that are publicly known, have been available for some period of time and have had public scrutiny have generally proved their security. Systems that are new or rely on secrecy are possibly vulnerable.

Brute force attacks against the key

This is where attempts are made to gain the original text from the cipher text by using every possible combination of the key or password. The longer a key is (i.e. the more bits used in encryption) the more possible combinations there are. The larger the number of keys used to create the cipher text the more number of keys need to be tried.

Brute force attacks will eventually succeed if enough time and resources are used. For example, it took 312 hours using 3,500 computers to find a RC5 key. (RC5 is a block cipher method that uses 64bit symmetric keys) A key is considered strong if the cost of finding the key outweighs the cost of the data being protected.

Implementing Encryption Solutions

Encryption systems can be provided by network operating systems and devices or by third party products and services.