Documente Academic
Documente Profesional
Documente Cultură
Page |1
Page |2
could end up giving her information to an imposter. Message integrity is achieved by sending a message digest along with the encrypted message. A message digest is a fixed-length representation of a message. Think of it as a fingerprint of the original message. (GeoCerts, 2012) Laura says to Facebook, "I'm going to send you an encrypted message. So that you know my message to you hasn't been intercepted and altered along the way, I'm also sending a fingerprint of my original message. Please check the fingerprint to see if it matches when you receive my message." (GeoCerts, 2012) Lauras message to Facebook is encrypted for privacy, and fingerprinted for message integrity, but how does Laura know that she is really sending the message to Facebook? Laura needs to authenticate Facebook, to make sure they're really Facebook and not someone else. Authentication is achieved by digital certificates. When Laura and Facebook first negotiate their SSL session, Facebook sends Laura a copy of their digital certificate. A digital certificate is an electronic document. Inside that certificate is a copy of Facebook's public key and information about its owner (domain name, organization name, location). Because the SSL certificate is verified or "signed" by a trusted third party Certificate Authority, such as McAfee. The trusted Certificate Authority's job is to verify Facebooks application for a digital SSL certificate. The authentication process can range from verifying that Facebook has authoritative control of his domain to requiring Facebook to submit legal documents that verify Facebook's business or organization is real. Once Facebook's identity has been verified he will be issued a digital SSL certificate. All of these concepts- privacy by encryption, integrity by message digests (fingerprinting), and authentication by digital SSL certificates- are integrated into the SSL protocol to allow Laura and Facebook to communicate securely.
Page |3
Page |4
for email includes Pretty Good Privacy (PGP) and Privacy Enhanced Mail. Software that is used to manage network are Simple Network Management Protocol version 4 (SNMPv3) and for web access we have secure HTTP and Secure Sockets Layer. An application of Internet Security version 4 enhances security in electronic commerce applications and its use in intranets and extranets to secure communications within and with other organizations. The benefits of Internet Protocol are strong security features that can be implemented in a firewall and transparency to applications and end-users as well as security for intranets and offline applications.
Page |5
However, it offers a number of benefits, which include: automatic negotiation and authentication and anti-replay services. It also offers certification authority (CA) support as well as the ability to change encryption keys during an IPsec session.
Page |6
4. The smart phone user would place an order over a Web page by phone or by an online service. 5. The smart phones browser receives and confirms from the merchants certificate that the merchant is valid 6. When the browser sends the order information the message is encrypted with the merchants public key, the payment information, which is encrypted with the bank's public key (which can't be read by the merchant), and information that ensures the payment can only be used with this particular order. 7. The merchant then verifies the smart phones user by checking the digital signature on their certificate. This can be done by referring the certificate to the band or to a third-party verifier. 8. Then merchant sends the order message to the bank. This includes the banks public key and the customers payment information which the merchant cant decode as well as the merchants certificate. 9. The bank then verifies the merchant and the message. The bank then uses the digital signature on the certificate with the message and verifies the payment part of the message. 10. Then the bank digitally signs and sends the authorization to the merchant who then can fill the order.
Page |7
Cryptographic Accelerators
In computer security, a cryptographic accelerator is a form of a co-processor that performs computationally intensive encoding and decoding of information while freeing the host Computer Processor Unit to perform other tasks. When there is a large proportion of the system load of either encryption or decryption of data the overall system performance can be improved when a cryptographic accelerator is used. They are typically available as an expansion card on the system motherboard. Several operating systems provide some support for cryptographic hardware. The BSD family of systems has the OpenBSD Cryptographic Framework (OCF), and Linux systems have the Crypto API. Microsoft Windows has the Microsoft CryptoAPI. (Wikipedia, 2012)
Page |8
A public key infrastructure consists of: A certificate authority (CA) that issues and verifies digital certificate. A certificate includes the public key or information about the public key A registration authority (RA) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor One or more directories where the certificates (with their public keys) are held A certificate management system (Rouse, 2006)
Public key cryptography works using a public and private key and is created simultaneously using the same algorithm (a popular one is known as RSA) by a certificate authority (CA). The private key is only provided by the sender to the requesting party and the public key is made publicly available (as part of a digital certificate) in a directory that all parties can access. The private key is never used by anyone except the requesting party. It is used to decrypt text that has been encrypted with the public key by someone else who is able to find your public key in a public directory. Due to this if Laura sends Facebook a message I can find out your public key but not your private key from the central administrator and encrypt a message to you using your public key.
When it is received it is decrypted using your private key. Your private key also allows you to authenticate yourself to the one sending the message so they know its really you who sent the message. Since a private key is used to encrypt a digital
Page |9
certificate. When it is received, I can use your public key to decrypt it. Here's a table that restates it:
(Rouse, 2006)
Several products are offered that enable a company or group of companies to use Public Key Infrastructure. Due to the acceleration of e-commerce and business-to-business commerce over the Internet has increased the demand for Public Key Infrastructure solutions.
Related ideas are the virtual private network (VPN) and the IP Security (IPsec) standard. Among PKI leaders are: RSA, which has developed the main algorithms used by PKI vendors Verisign, which acts as a certificate authority and sells software that allows a company to create its own certificate authorities
P a g e | 10
GTE CyberTrust, which provides a PKI implementation methodology and consultation service that it plans to vend to other companies for a fixed price Xcert, whose Web Sentry product that checks the revocation status of certificates on a server, using the Online Certificate Status Protocol (OCSP) Netscape, whose Directory Server product is said to support 50 million objects and process 5,000 queries a second; Secure ECommerce, which allows a company or extranet manager to manage digital certificates; and Meta-Directory, which can connect all corporate directories into a single directory for security management (Rouse, 2006)
When using e-mail the Pretty Good Privacy (PGP) product allows you to encrypt a message to anyone who has a public key. It is encrypted with your private key and they decrypt it with their public key. Users of Pretty Good Privacy users share a directory of public keys that is called a key ring. Unless you are sending a message to someone who has access to the key ring they cant receive an encrypted message. If you dont like the first option Pretty Good Privacy lets you sign your note with a digital signature using your private key. However, the recipient still needs access to your public key on the key ring and decrypt your signature to see whether it was really you who sent the message.
P a g e | 11
In order for IPSec to handle Security Policies, Security Associations and Databases it is equipped with a flexible, powerful way of specifying how different types of datagrams should be handled. In order to understand how this works, two logical concepts must be defined. First is Security Policies, a security policy can be defined as a rule that is programmed into the IPSec implementation that tells it how to process different datagrams received by the device. An example of this is security policies that are used to decide if a particular packet needs to be processed by IPSec or not; those that do not bypass AH and ESP entirely. If security is required, the security policy provides general guidelines for how it should be provided, and if necessary, links to more specific detail. The security policies for a device are stored in the devices security policy database (SPD). Security Associations also abbreviated as (SA) is a Set of security information that describes a particular kind of secure connection between one device and another. It can be considered a "contract", that specifies the particular security mechanisms that are used for secure communications between the two. The devices security associations are contained in its Security Association Database (SAD). It is usually hard to distinguish the security policy database and the security association database since they have similar concepts.
The main difference between security policy database and Security Association Database is that security policies are general while security associations are more specific. In order to determine what to do with a particular datagram, the device
P a g e | 12
first checks the security policy database. The security policies in the security policy database reference particular security associations in the security association database. Therefore if the device looks up that security association it will use it for processing the datagram.
One thing that needs to be explained is how a device determines what policies or security associations to use for a specific datagram. Internet Protocol Security defines a very flexible system that lets each security association define a set of rules for choosing datagrams that the security association applies to. Each rule in this system is called a selector. One example is a selector might be defined that says that a particular range of values in the Source Address of a datagram, combined with another value in the Destination Address, means a specific security association must be used for the datagram. Security Associations are very important in Internet Protocol Security.
Each of the secure communications that a device makes to another requires that the security association be established. Security associations are one-directional each one only handles either inbound or outbound traffic for a particular device. It allows different levels of security to be implemented in flow from device A to device B, then traffic that arrives from device B to device A. With two-directional communications of this nature, both A and B would have two security associations. A would have two security associations for this example we will call them "SAdeviceBin" and "SAdeviceBout". Device B would have two security associations "SAdeviceAin" and "SAdeviceAout".
P a g e | 13
Security associations dont have names however they are defined by a set of three parameters called a triple. The security parameter index is a 32-bit number that is chosen to uniquely identify a particular security association for any connected device. The security perimeter index is placed in AH or ESP datagrams and thus links each secure datagram to the security association. It is used by the recipient of a transmission so it knows what security association governs the datagram. Internet Protocol Destination Address is the address of the device for who the security association is established. The Security Protocol Identifier specifies whether or not this association is for AH or ESP.
The two security protocols AH and ESP are dependent on their security associations and policies as well as the various databases that control their operation. The up keep of these databases are important. Security associations can either be set up manually which means extra work or they can be set up with an automated system which can be deployed using a protocol like IKE.
P a g e | 14
The data fields for authentication in the AH and ESP headers are fields with variable-lengths, each of these contains an Integrity Check Value (ICV). The field varies in length to accommodate variations from the Integrity Check Value algorithms, and the length is specified by the selected function. This field is optional and it is only included when an authentication service is being used for the security association that corresponds to the header, and information about the integrity check value function in use is maintained along with the rest of the security association data. The integrity check value calculation is tricky because some of the data being authenticated may be modified in route, one example is the Internet Protocol header hop counts. According to RFC 2402 the AH ICV is computed on the IP header fields that either don't change in transit or whose values on arrival can be predicted, the AH header itself (though the Authentication Data field is set to zero for the calculation), and the upper-level protocol data that is being authenticated (this is assumed to be unchanged in transit). The ESP ICV, according to RFC 2406, is computed on the entire ESP packet, excluding the Authentication Data field. This includes the SPI, Sequence Number, Payload Data, Padding (if present), Pad Length, and Next Header; the last four fields will be in ciphertext form, since encryption is performed prior to authentication. (daddy, 2012)
P a g e | 15
Message Authentication Codes (MACs), the results of which are then encrypted with an appropriate symmetric encryption algorithm (for example, AES)
Secure hash functions, such as MD5 or SHA-1 (an updated version of SHA)
To comply with the standard, implementations must support MD5 and SHA-1 keyed hashing, at least. (daddy, 2012)
P a g e | 16
References GeoCerts. (2012). How ssl works. Retrieved from http://www.geocerts.com/ssl/how_ssl_works Paull, O. (n.d.). What is internet protocol security. Retrieved from http://www.ehow.com/about_6571067_internet-protocolsecurity_.html Rouse, M. (2009, March). Internet key exchange. Retrieved from http://searchsecurity.techtarget.com/definition/Interne t-Key-Exchange Rouse, M. (2008, January). Secure electronic transaction (set). Retrieved from http://searchfinancialsecurity.techtarget.com/definitio n/Secure-Electronic-Transaction Wikipedia. (2012, June 10 ). Cryptographic accelerator. Retrieved from http://en.wikipedia.org/wiki/Cryptographic_accelerator Rouse, M. (2006, October). Pki (public key infrastructure). Retrieved from http://searchsecurity.techtarget.com/definition/PKI Kozierok, C. (2005, September 20). Ipsec and security associations. Retrieved from http://www.tcpipguide.com daddy, S. (2012). Calculating the integrity check value (icv). Retrieved from http://sourcedaddy.com/networking/calculating-theintegrity-check-value-icv.html
P a g e | 17