For the first few decades of their existence, computer networks
were primarily used by university researchers for sending e-mail and by
corporate employees for sharing printers. Under these conditions, security did
not get a lot of attention. But now, as millions of ordinary citizens are using
networks for banking, shopping, and filing their tax returns, network security
is looming on the horizon as a potentially massive problem. In this chapter, we
will study network security from several angles, point out numerous pitfalls,
and discuss many algorithms and protocols for making networks more secure.
Security is a broad topic and covers a multitude of sins. In
its simplest form, it is concerned with making sure that nosy people cannot
read, or worse yet, secretly modify messages intended for other recipients. It
is concerned with people trying to access remote services that they are not
authorized to use. It also deals with ways to tell whether that message
purportedly from the IRS saying: Pay by Friday or else is really from the IRS
and not from the Mafia. Security also deals with the problems of legitimate
messages being captured and replayed, and with people trying to deny that they
sent certain messages.
Network security problems can be divided roughly into four closely intertwined
areas: secrecy, authentication, nonrepudiation, and integrity control. Secrecy,
also called confidentiality, has to do with keeping information out of the hands
of unauthorized users. This is what usually comes to mind when people think
about network security. Authentication deals with determining whom you are
talking to before revealing sensitive information or entering into a business
deal. Nonrepudiation deals with signatures: How do you prove that your customer
really placed an electronic order for ten million left-handed doohickeys at 89
cents each when he later claims the price was 69 cents? Or maybe he claims he
never placed any order. Finally, how can you be sure that a message you received
was really the one sent and not something that a malicious adversary modified in
transit or concocted?
All these issues (secrecy, authentication, nonrepudiation, and
integrity control) occur in traditional systems, too, but with some significant
differences. Integrity and secrecy are achieved by using registered mail and
locking documents up. Robbing the mail train is harder now than it was in Jesse
James' day.
Also, people can usually tell the difference between an
original paper document and a photocopy, and it often matters to them. As a
test, make a photocopy of a valid check. Try cashing the original check at your
bank on Monday. Now try cashing the photocopy of the check on Tuesday. Observe
the difference in the bank's behavior. With electronic checks, the original and
the copy are indistinguishable. It may take a while for banks to learn how to
handle this.
PHP Networking Functions
People authenticate other people by recognizing their faces,
voices, and handwriting. Proof of signing is handled by signatures on letterhead
paper, raised seals, and so on. Tampering can usually be detected by
handwriting, ink, and paper experts. None of these options are available
electronically. Clearly, other solutions are needed.
Before getting into the solutions themselves, it is worth
spending a few moments considering where in the protocol stack network security
belongs. There is probably no one single place. Every layer has something to
contribute. In the physical layer, wiretapping can be foiled by enclosing
transmission lines in sealed tubes containing gas at high pressure. Any attempt
to drill into a tube will release some gas, reducing the pressure and triggering
an alarm. Some military systems use this technique.
Introduction to Cryptography
Historically, four groups of people have used and contributed
to the art of cryptography: the military, the diplomatic corps, diarists, and
lovers. Of these, the military has had the most important role and has shaped
the field over the centuries. Within military organizations, the messages to be
encrypted have traditionally been given to poorly-paid, low-level code clerks
for encryption and transmission. The sheer volume of messages prevented this
work from being done by a few elite specialists.
Until the advent of computers, one of the main constraints on
cryptography had been the ability of the code clerk to perform the necessary
transformations, often on a battlefield with little equipment. An additional
constraint has been the difficulty in switching over quickly from one
cryptographic method to another one, since this entails retraining a large
number of people. However, the danger of a code clerk being captured by the
enemy has made it essential to be able to change the cryptographic method
instantly if need be.
The messages to be encrypted, known as the plaintext, are transformed by a function that is
parameterized by a key. The output of the
encryption process, known as the ciphertext, is
then transmitted, often by messenger or radio. We assume that the enemy, or
intruder, hears and accurately copies down the
complete ciphertext. However, unlike the intended recipient, he does not know
what the decryption key is and so cannot decrypt the ciphertext easily.
Sometimes the intruder can not only listen to the communication channel (passive
intruder) but can also record messages and play them back later, inject his own
messages, or modify legitimate messages before they get to the receiver (active
intruder). The art of breaking ciphers, called cryptanalysis, and the art devising them
(cryptography) is collectively known as cryptology.
The nonsecrecy of the algorithm cannot be emphasized enough.
Trying to keep the algorithm secret, known in the trade as security by obscurity, never works. Also, by
publicizing the algorithm, the cryptographer gets free consulting from a large
number of academic cryptologists eager to break the system so they can publish
papers demonstrating how smart they are. If many experts have tried to break the
algorithm for 5 years after its publication and no one has succeeded, it is
probably pretty solid.
Since the real secrecy is in the key, its length is a major
design issue. Consider a simple combination lock. The general principle is that
you enter digits in sequence. Everyone knows this, but the key is secret. A key
length of two digits means that there are 100 possibilities. A key length of
three digits means 1000 possibilities, and a key length of six digits means a
million. The longer the key, the higher the work
factor the cryptanalyst has to deal with. The work factor for breaking
the system by exhaustive search of the key space is exponential in the key
length. Secrecy comes from having a strong (but public) algorithm and a long
key. To prevent your kid brother from reading your e-mail, 64-bit keys will do.
For routine commercial use, at least 128 bits should be used. To keep major
governments at bay, keys of at least 256 bits, preferably more, are needed.
From the cryptanalyst's point of view, the cryptanalysis
problem has three principal variations. When he has a quantity of ciphertext and
no plaintext, he is confronted with the
ciphertext-only problem. The cryptograms that appear
in the puzzle section of newspapers pose this kind of problem. When the
cryptanalyst has some matched ciphertext and plaintext, the problem is called
the
known plaintext problem.
The next improvement is to have each of the symbols in the
plaintext, say, the 26 letters for simplicity, map onto some other letter. For
example,
plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y
z
ciphertext: Q W E R T Y U I O P A S D F G H J K L Z X C V B N
M
The general system of symbol-for-symbol substitution is called
a monoalphabetic substitution, with the key
being the 26-letter string corresponding to the full alphabet. For the key
above, the plaintext attack would be transformed
into the ciphertext QZZQEA.