Multilevel Security - Some data is more
valuable than other data and therefore it requires higher level of security on
it.
Authentication - to make sure senders of data
are who they say they are.
Integrity - to make sure data remains the
same over time and that the data sent is the data recieved.
Some Things that use Encryption in
Security of Transactions
Encryption itself helps take care of privacy,
anonymity, and multilevel security.
MACs (message authentication codes)- These
help ensure authentication and integrity. It is a number that gets added to a
sent message and they work by using symmetric encryption. If the MAC matches
that of the sender it helps verify the authenticity and integrity of the sent
data. One place they are used is in the IPSec protocol.
Digital Signature Schemes - These also
provide authentication and integrity. They work similar to MACs, but one
advantage they have over MACs is that they also verify authentication and
integrity to a third-party, not just to the sender and reciever.
Protocols - A protocol is a series of
predetermined steps that must be followed to complete some task. Digital
protocols make use of cryptography to keep secrets, authenticate things,
and enforce fairness. E-mail was the first to use cryptography to
send data across the internet. There are two competing e-mail protocols,
OpenPGP (PGP's protocol) and S/MIME. The SSL protocol was invented in the
early days of the internet by Netscape to use for secure electronic commerce
across the internet. It is used by web browsers. The IPSec protocol is used to
ensure IP packet's integrity.
Cracking
Keys
Types of Attacks Against
Algorithms
“There is no secrecy in the algorithm, it’s all in
the key.” - Bruce Schneier, author of Secrets and Lies:
Digital Security in a Networked World . This is because the way the algorithms work can be found
out without too much difficulty. Most are widely studied. The security comes
from the secret keys made with the algorithms that are used to encrypt the
data. The following are some possible attacks:
Ciphertext-only Attack - The attacker takes a
ciphertext and decodes it into plaintext. This is uncommon because modern
cryptography is too good to allow this.
Known-Plaintext Attack- This is more likely
to occur. The attacker takes a copy of ciphertext and has all or part of the
plaintext too. They can then figure out the secret key and then read any
other texts encrypted with the same key. - Example: All MS Word files start
with the same bytes in the header of the file. This can be used with the
ciphertext to decode the rest of the file and find the key. Probable known
plaintexts such as this MS Word file header are called cribs.
Chosen-Plaintext Attack – This can be a
powerful type of attack. The analyst chooses a message that
gets encrypted. The key can be recovered from the chosen encrypted
message and the chosen plaintext.
Brute-force Attack – The attacker tries every
possible key until one works. This can be used on any algorithm. If the key is
n bits long, there are 2 to the n possible keys. Difficulty increases
exponentially with the addition of each bit to the key size. This makes it too
time consuming to be effective on large keys.
Types of Attacks Against
Protocols
Passive Attacks - The attacker just monitors
what is being sent back and forth in the protocol. Good encryption prevents
understanding what is being sent, but the attacker could still see that
something was sent, where it came from, and where it is going.
Active Attacks - These involve actually
changing of the message by inserting or deleting parts of it as it is
being sent. This could have a powerful effect. - Example: Being able to
change messages sent to banks to allow spending money without it being
decremented from your account or being able to add the same money multiple
times.
Man-in-the-middle Attack - The attacker
intercepts the sent data by pretending to be the reciever, decrypts it, keeps
it, and then re-encrypts it and sends it to its intended reciever. This
is also a powerful if it can be done.
Good protocols take steps to prevent these
kinds of attacks from happening, but it is not always known what needs to be
prevented and if the protocol is error free.
