Chapter 4 Security, Privacy, and Anonymity

I. Threats to Information (p.125)

• Disasters• Employees and Consultants• Business Partners• Outsiders• Virus

II. Security Controls1. Confidentiality (against eavesdropping)• Eavesdropping: packet sniffing on net, in which

attackers read transmitted information, including logon information and database contents.

• Brute Force attack (P.135)• 1975 US National Bureau of Standard (NBS): Data

Encryption Standard (DES) – a 56-bit key is no longer considered to be very secure.

• 2001 US National Bureau of Standard (NBS): Advanced Encryption Standard (AES) – a choice of key length of 128, 192, or 256 bits.

• Single-Key (conventional) and Dual-Key (public-key) Encryption Algorithms

– Single-key encryption is faster but key-distribution is difficult.

– Dual-key encryption is slower but key-distribution is easy.

– One common solution is to use the dual-key encryption for key-distribution and authentication while the single-key encryption is used to encrypt message.

2. Access Control (p.133) (Password, read, write, execute, and delete)

How does an attacker learn your password?• Try default passwords• Exhaustively try all short passwords• Try words in system’s online dictionary or a list of

likely passwords.• Collect information about user.• Try user’s phone number.• Try user’s license plate numbers.• Use a Trojan horse.• Tap the line between a remote user and the host

system.* W. Stallings, 2000, Network Security Essentials, NJ: Prentice Hall.

3. Integrity, Non-repudiation and Digital SignatureIntegrity: prevent user’s data and message from being modified.

Non-repudiation: prevent either sender or receiver from denying a transmitted message.

How can dual-key encryption be used to authenticate a message?

• Digital signature is based on public-key cryptographic algorithm.

• A one-way hash function takes a message and returns a small fixed-length string (hash value). The hash value is encrypted with

sender’s private key that can be verified by recipient using the sender’s public key. Therefore, the recipient is certain that the message is indeed from the sender.

• The hash value is also used to verify that the message was not altered in transit.

4. Authentication (Identity and Certificate)If you buy books from Amazon.com, we want to know whether the Web site you are dealing with is really Amazon. You want Amazon Web server to authenticate itself to you and Amazon may want you to authenticate yourself to Amazon.

What is the secure socket layer (SSL) protocol?

The SSL security protocol provides data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection. An SSL-enabled Web server can be linked with a URL starting with https (port 443) instead of http (port 80). Netscape patented SSL in 1997.

* http://home.netscape.com/security/techbriefs/ssl.html

How does an SSL-enabled browser authenticate the server?

• An SSL-enabled Web server should be certified by a trusted third party - Certifying Authority (CA p.138).

• An SSL-enabled browser maintains a list of trusted CAs along with the public keys of the CAs.

• When a client browser wants to communicate with an SSL-enabled Web server, the browser obtains the server’s certificate. The certificate is issued by a CA and digitally signed with this CA’s private key.

• If the CA is in the browser’s list, the signature can be verified with this CA’s public key. If not, client’s browser issues a security alert.

What are principle differences between SET and SSL?

The secure electronic transaction (SET) is a protocol specifically designed to secure payment-card transactions over Internet. The principle differences are

• The SET is designed to encrypt specific kinds of payment-related messages. It cannot be used to encrypt arbitrary data as can SSL.

• The SET protocol involves all three players on Internet, namely, the customer, the merchant, and the merchant’s bank. All sensitive information sent between the three parties is encrypted.

• The SET requires all three players to have certificates. The customer’s and merchant’s certificates must be issued by their bank, thereby assuring that these players are permitted to make and receive payment-card purchases.

What are … ?

• Carnivore (p. 139): special software installed at an ISP to capture all Internet traffic from a specified person.

• Echelon (p.139): an international system that intercepts a variety of communications, including faxes, email messages, international phone calls, and cellular phones in several nations.

• Escrow Keys (p.140): Every encryption device can be broken with two special numbers (keys) that are held in escrow by judicial or governmental agencies.

What are … ?

• Firewall (p.141): a router that examines each data packet passing through it and block certain types to limit the interaction of the company network with the Internet.

• Cookie (p.144): a cookie is a small text file that the server asks the browser to store on the user’s computer. Whenever the browser requests another page from that server, it returns the cookie file.