background image

10 #3577  ©2003 

IDC 

Public key encryption is based on the idea that some mathematical operations are 
easy to do — but hard to undo. A simple example is a square versus a square root. If 
you already have the square root of three (which, although approximately 
1.73205080756888, has no finite answer), multiplying it by itself easily yields three, 
but trying to find the root given only the number three is a lot more difficult. The 
essence of the RSA algorithm is the same: Two large prime numbers are easily 
multiplied, but factoring the result to find the original numbers is extremely difficult. 
Asymmetric encryption starts with two randomly chosen 100-digit prime numbers. The 
sender "knows" them or at least has possession and usage of them. They are 
multiplied together, and the product becomes one of the two elements in both the 
keys. For the other two elements (one each for the public and private keys), one is 
chosen from a restricted set that relates to the first two and the other is derived 
algorithmically from the product of the first two and the third (the one just chosen). 
These four numbers (three, really, since one is shared) are the kernels for RSA 
asymmetric encryption. If the public key pair is used to transform clear text via 
complex mathematics, then only the private pair can be used to decrypt, via a similar 
set of calculations. By the same logic, if the private key pair is used to encode the 
clear text, only the public key can be used to decipher it. Although the two key pairs 
are interrelated, neither can be derived from the other.  

The strength of public key encryption is that it is fantastically robust. Anyone can send 
a message encrypted with a public key, but only the holder of the associated private 
key can decrypt it. The weakness of asymmetric cryptography is that it is 
computationally intensive and would slow down data traffic unacceptably if it were 
applied promiscuously. So, as previously mentioned, in practical circumstances it is 
used only to encode the symmetric key (i.e., the AES key) used for bulk data 
encryption. The result of encoding the symmetric key with an asymmetric public key is 
called a "digital envelope," and the process is referred to as "PKI key exchange." 

I D E N T IF Y I N G   T H E   S E N D E R   A N D   G U A R A N T E E I N G   D A T A   I N T E G R I T Y  

We now have an infrastructure robust enough to guarantee the identity of the sender. 
The sender is fairly confident of the recipient because only the proper recipient has 
the correct private key pair and can turn the message back into clear text. But a 
trusted third party (sometimes called the "certificate authority") is required as well — 
one that knows all participants and guarantees the identity of the sender. Everybody 
has access to the authority's public key pair. Once the sender has proven his or her 
identity (through, for example, a handwritten signature, iris scan, voiceprint, or 
fingerprint), the authority is able to return a copy of the sender's public key, "signed" 
with the authority's private key, and the sender can include this "certificate" in his or 
her outgoing message. Thus, you are proven to be you for the purposes of ebusiness. 

The signature is simply a secure one-way "hash" of the message itself, encrypted 
with a sender's private key. Analogous to a Cyclic Redundancy Check (CRC), the 
hash is produced by reducing the message through an algorithm to a "digest," a string 
of between 64 and 256 bits. The original message cannot be reconstructed from the 
hash by any means because most of the information has been destroyed in the 
hashing process. However, the hash is uniquely related to the original message 
mathematically. As with the AES algorithm, changing a single bit in the message will 
change half the bits in the hash. The hash, encrypted with the sender's private key, is 
attached to the message, and at the recipient end, the same math is performed on 
the message itself. The recipient decrypts the signature with the sender's public key 
and compares the result to the local hash of the message. If the two strings match 
perfectly, then the recipient is sure that the sender is authentic and that the message 
has not been altered during transmission. Thus, data integrity is assured. 

 

Summary of Contents for Desktop

Page 1: ... sophisticated organizations are vulnerable In one incident widely reported in the press that had an impact of major but unknown proportions the degree of penetration was difficult to assess a hacker from St Petersburg the intellectual seat of the old Soviet Union broke into Microsoft s network and absconded with a large number of important files including purportedly an unknown quantity of Window...

Page 2: ...ugh IBM acted unilaterally to design and implement its hardware solution key players in the industry have acknowledged the design point The TCPA was inaugurated with IBM Hewlett Packard Compaq Intel and Microsoft as founding members Since its inception in October 1999 more than 190 firms have signed up including Dell TCPA wants its security technology to be universal in the computing industry and ...

Page 3: ...issues How the PC client can be the weak point in the security perimeter The rise in the value of data stored in insecure computing systems The scope of security measures Security history and current technology Client security implementations The advantages of IBM s hardware security implementation The evolution of industry standards for client security U S A G E L A G S B E H I N D T E C H N O L ...

Page 4: ... to the corporation financial personnel and proprietary technical data whether it lies in the mainframe on the network or in clients at the low level of client protection most of the focus has shifted to ensuring that the cordon sanitaire is unbroken at the access point and that user files are secured Good mainframe security implementations particularly at the procedural level have been in place f...

Page 5: ...ter more now than it has in the past Until recently few organizations had a need for systematic data security Banks and other financial institutions had to ensure end to end security for storing and moving money around over wires Certain government agencies could only operate in an impregnable data fortress But the volume of valuable data being stored and transmitted by most firms was relatively l...

Page 6: ...ted But until that moment they had been engaged in an operation that had hacked into banks and ecommerce sites and extorted the operators for money with the promise of not revealing the hacks to the public Sometimes the value of reputation damage is difficult to assess but it may represent the entire value of the business Another Russian hacker was monitored for years as he downloaded millions of ...

Page 7: ...ublic key encryption and its associated infrastructure address the issue of trust at the global level Of the many elements that make up a total security solution however PKI is the most dependent on completeness that is any two parties participating in secure transactions must both agree to rely on a third party a trusted authority sometimes called a certificate authority It is because of the comp...

Page 8: ... break this code without the key a decipherer has to try 2 56 or 72 057 594 037 927 936 combinations 72 quadrillion for those intimidated by the sight of large numerals and because of the dynamism of the DES algorithm it is extremely difficult to reduce the size of the search space search space reduction being one of the more important techniques at the disposal of decipherers other than by luck U...

Page 9: ...atter of jargon a one time key is called ephemeral The more robust method used to encode the AES keys is called asymmetric or public key cryptography The asymmetry refers to the fact that mathematically related but different keys are used for encoding and decoding When the private key is used to encrypt a message only the associated public key can be used to decrypt it When the public key is used ...

Page 10: ... encode the symmetric key i e the AES key used for bulk data encryption The result of encoding the symmetric key with an asymmetric public key is called a digital envelope and the process is referred to as PKI key exchange IDENTIFYING THE SENDER AND GUARANTEEING DATA INTEGRITY We now have an infrastructure robust enough to guarantee the identity of the sender The sender is fairly confident of the ...

Page 11: ...we utilize this powerful math C L I E N T S E C U R I T Y I M P L E M E N T A T I O N S Because of the unresolved procedural issues involved with implementing a fully secure infrastructure some of the grander visions of secure computing have been scaled back at least in the short term Companies need not wait until all parties agree on all aspects in order to shore up their security perimeters Even...

Page 12: ...o commandeer a PC will let the intruder scan the contents of main memory and find the user s private key Back Orifice is good at masking itself encrypts its own outgoing traffic and was released in source code about two years ago at a hackers conference The nCipher program can find a 1 024 bit private key the best in commercial use And if a malicious hacker can get your private key he can get your...

Page 13: ...he authorized user and that his or her local data is protected from intruders A HIERARCHY OF KEYS One of the greatest strengths of hardware security architecture is the hierarchical nature of its key management system The first key pair generated is used to protect another key pair called the platform identity key pair This key pair is created under the system owner s control and can be used by th...

Page 14: ...st a virus that can wipe the hard disk clean Firewalls and antivirus software are required for that type of defense The chip just keeps data private and confidential and provides for PKI operations IBM and other vendors offer suites of interrelated security products to create a fully secure environment For example IPSec protects communications links by securing the Ethernet controller Another key ...

Page 15: ...code named Palladium now being created by Microsoft Palladium which will incorporate TCPA s work will handle a wide variety of content and client security functions including many such as digital rights management for copyrighted material outside the scope of the TCPA specification Version 1 2 will be implemented in conjunction with future processor and chipset families from Intel and others and w...

Page 16: ... user chooses Wireless Application Protocol WAP encryption the Wireless Transport Layer Security WTLS protocol which is a derivative of Secure Sockets Layer SSL is invoked This protocol begins with a secure certificate exchange between wireless nodes Within a single node the chip can be used at will for individual local file and folder encryption Files and folders can also be encrypted or decrypte...

Reviews: