Passw 5More ophi ticated acce control ibased on uthentication heme. Au­thentication i an encrypted, digital ig­nature that allow two computer (orany two objects to verify th identityof e ch other. Much like having a per-on ign a piece of paper, authenti­

cation allow u to verify the per­on' identity (and thu hold that

per n to any promise he orh ha made): Thi digital

ignature i thu like a very long, verycomplex p word.

One exampl ofauthentication i hav­ing two electronic mail u rs coin­municate. Another i protecting a nam­ing rvice uch ovell' etWare,

actuallyfi rthan

••

can often determined by trying (in or­der) th name of your , your dogand your car. Oft n, h cker can im­ply w Ik by your office and 100 fornote on your tenninal; chance are, it'yourp word.

o • seey to Security

So sWrPass .,W often think of the mainframe in thegl hou providing the ultimatein ecurity. Product uch the Re-mote Acce Control Facilitya(RACF) for IBM mainframe lim-it cce to computing re urce inway that are intended to foil the ef­fons ofeven the most detenninedh ker (or "cracker").

On the other hand, awork tation appears to bea ecurity manager'nightmare. Work tation are often man-ged by inexperienced people working

with e y-to-u operating y ternuch DOS, Macinto h, or even Unix

(th t i , Unix being "e y-to-u "onlyin comparison to MVS).

ee

by Carl

n mo t computer network , de~ r­minin a person' identity i often donethrough p word. But un ncrypt dpa word ar e y prey for peopletryin to bre into your y t m: fore ampl ,pr tocol analyze an vi w

the nren of pack a diagn tic -pability. How v r, aJtemativ to pword e i t offi ring ophi ticat dm thod for comput r to protect theirconv tion from eavesdropping.

Authentication i th proce of n­uring th identity of another obj ctu er, program or computer). For ex­

ample, when cli nt program udi tributed datab rver, it i impor­tant to verify that the client i intend dto have cce to the r que ted data.

in c to data i mo t comm nlyba d on the id ntity of a u er, auth n-

. tic tion protocol provide a ure wayof d termining th t identity, preventingm uerade and other unauthorized ­temp to acce data.

inc p word are a primitive wayof providing auth ntication in thi ar­ticle we 100 at public key cryptog­raphy, a phi ticated way for two com­puter to authenticate each other andthen protect their conversation fromave dropping.

,a InwOIl COIiPUlII' JU E 1" 1

K ys fA a re ult, mo t group tend to u e acombination of public and yrnmetricmethod . In uch cherne, public keycryptognlphy i used to encrypt a DESkey. Th recipient u a ret key todecrypt the credential ,exttacting theDES key. Thi ey i then u d todecrypt th actual me ge. Becau theDES key i randomly generated for eachtran action, and i then encrypted, they tern i quite ure'

The Internet, the worldwi researchnetwork u e an example of thi com­bination of public and ymmetric keymethod . The Internet' new PrivacyEnhanced ail (PEM) tandards it ontop of the regular mail protocol and donot require any chang to the underlyingin tailed base. Public key credential ,available to anybody, are till em­ployed. In addition, h PE user gen-rate and secure an RSA private key.

To nd electronic mail, a DES key isused to ncrypt the tual message. Thepublic key i then u d to encrypt theDES key. Ole that in thi heme bothauthentication and encryption are usedat the same time. Authentication en­cryption to protect the credential t en-uring that the credential remain ate.

Encryption of the tual e rvanother purpose: protecting the eitself from unauthorized viewing.

In addition to me age encryption,

rity. The key in thi heme which canrang up to 512 digi long, can bei nificantly harder to break than key

generated with other he . Forexam­p , one of the public key used by peoplecommunicating with RSA i 301 digitslong, requiring over one trillion ip­years to break, given the current tate ofresearch in number theory.

Public key are tored onname ervers throughout the net­work. Since public k y are not

n itive infonn tion they can befr ely di tributed. Th privatek y i gen rat d on your wor ­tation and tay there' it nevernter the networ . Whil public

k y cryptography i afe, it ialso ornewhat lower than manyother heme: public key en­cryption take loo to 1 000 time

long ymmetric en ryption.If every ingle packet needs to beauth nticated, public y cryp­tography would exact an undueperfonnance burden.

work, acce ible to all other users.To encrypt something, the public key

i used; are then decrypted us­ing private key. Anybody can encrypt ame ge u ing the public ey, but theonly way to read it i with a private key.Public and priv key are the inverse of

h other: anything encrypted with onecan only be decrypted with the other. Amessage encrypted with a public key can­not be decrypted with the same ey; aimilar limitatioo appli to private key.

The value of public key ncryption iin the difficulty of reversing the algo­rithm. Since public key algorithm arebased on t toring, the basic decryptionproblem i how to take a large numberand bre it up into it factor. Thecomputational difficulty of breaking a

ey i typicallyexp in Mip-years:how many years of CPU time would aI-Mip machine take to break a key?

A recent example of key-breakingw conducted by team of re hersled by A. Len tra. The team used an in­geniou algorithm to break one of theimpl t possible 155-digit numbers: twoI' with 153 zeros in the middle. Eventhi " imple" too over 250 Mip­years. More complex I55-digit numberscan e i1y require million or ten ofmillion of Mip-y to be brok n.

Most public-key scheme u an al­gorithm developed by RSA Data Secu-

in re arch n twor ba ed on theTCP/IP protocol . The initi I applica-tion for OSI n twor (which u

.509) and TCP/IP i in el tronic mail.Rather than baring a ingle t key

tw n two , public y ncryptionu two key: public key and a privateey. J= h user receiv a private key. The

publi key is somepl on the net-

where it i important to n ure thcan't each oth' w . Au-thentication protocol can even be uto provide secure voice communicationand font encryption.

Authenti tion heme typically uencryption. Thi conceal data by con­ducting computation again t a key-analphanumeric tring. Encryption algo­rithm range from t t, impl methto more complex operation involvinglong key and difficult computations.

Th re are currently two fonn ofauth ntication in use: ymmetric key andpublic key. Symmetric e, typified bythe MIT-developed Kerbe y tern re­quire two u to hare a key. That keyi then used with me fonn of encryp­tion algorithm, uch the U.S. Go em­ment- pon red DES (the Data Encryp­tion Standard), which i idely imple­mented both in hardware and ftware.

Once two u ers hare ymmebickey, they can encrypt and decrypt traf­fic on the network. In ord r to tartcommunicating, the initiating u erfonn a' ticket: compri ing th u r'cred ntial . A typical tick t h thename of the u er, the date th t the tick-

. t w fonn d and the date that the tic ­et expire. II thi infonnation i en­crypted u ing the ymmetric key and

nt over the network. The program onthe other ide applie the ymmetric keyand d ryp the credential .

Putting time tamps into a credentialprevent a problem known a ionreplay. With replay, an unauthorizeduser pu a protocol analyzer on the net­work and capture th credential . Lat­er, the credential are nt (or replayed)to an un u peeting target allowing thehac er to impersonate 1 gitimate u r.Time tamps make the c ntial worth­Ie after a hort period of time.

The dvantage of ymm tric keycheme like DES i that they are re­

latively t t. But ey di bibution cen­ter are the weak lin in y tem likeKerbe . The key di tribution center ith computer that p out the ey tothe two computer that wi h to com­municate with each other. Thi i thecia ic boot trap problem: If the keydi tribution center i al 0 on the net­work, how do we prot ct th infor­mation it di perse ?

International tandard, uchX.509, u an alternative methodknown public key encryption. Publickey encryption also fonn the emergingtandard for priv y and authentication

JU E"'1 InwOIl (0 , TI , "

Carl Malamud writes professional ref­er, nce books. He can be reached atcarl@malamud.com (Internet) orcnUllamud (MCI Mail).

wid varietyof ituation.Lotu ,for exampl ,utection mechani m in ote, itgroupware oftware for conferencing.Th arne t chnology i al 0 u ed in

ovell' etWare a part of it newnaming rvice.

While ote and etWare are twofairly obviou u e for th RSA prod­uct , th re are ome Ie intuitive ap­plication . Tektronix, for example, upublic key cryptography to pro t fonon their printer . Motorola u e tharne technology to provid ecure

voice communication ,encrypting en­tire conve tion. Even mart cards canu public key cryptography to authen­ticat a card to the d vice that i readingit (and vice ve a).

Companie like RSA are beginningto addre the ecurit infra tructureon network ,m jng large public net­wor like the Internet more ecure.The ame ecurity infrastructure i be­ing u d in di tributed wor group ,with oftware uch a ote and et­Ware. Increa d and improved curi­ty. rather than clo ing off network • imaking them more tru t d and thumore u able.

Authentication make each com-puter parat ecurit re 1m. Fi t,RSA public key crypto raphy Ilowtwo compute to auth nti at h oth­er; th n DES en ryption pre rv theconfidentiality of c mmunication in aparticular ion.

Authentication ba ed on public keycryptography i tarting to get u ed in a

data for th ir cli n ,plu a host of oth­r rvic . Howe er the data that a

eli nt leave on a h t may encryptedo that th erver and it other u r

have no idea hat th data means.Client ,on th other hand can allow

public acc to a few portion of theirlocal file y tem and eal off others.Priv te ey are tored in private

On a centralized, time baring y tern,o you've broken the initial front doory u've gone a long way toward com­promi ing th curity of many otheru e . On a wor tation, you've onlycompromi done u r. If you want toacce another work tation' data, youhav to tart from ratch and b intothe new y tern.

But there' on potential problem inuch a chain. Whil authentication w

between computer • we till need toauth nticate th u r on th fir t com­put r. The current method of doing ithi i a p word.

If p words are going to work on awor tation th work tation mu t bephy ically ured. Th re n to be away to prevent unauthorized u fromwandering around and rebooting work­t tion in uperu er mode, uch a

locking the compu~ r in a room. Phy ­ical curity, mart card ,proper pas ­word admini tration and other man­agement technique are th way tohandle thi problem, di tributing theri of a break-in.

ke around ith them. But ven a martcard t nd to require pe nal id nti­fication num r (equi I nt to a pw rd to n ure gain t 10 .

t-I u ticuth ntication i clearly ben r than

pa ord-b d control alon ,provid­ing a mor ophi ticat d way of han­dling thing than a p word. Think ofthe p word key being nt in un­encrypted form. pas word i typicallyonly eight to 12 characte long, i man­aged by a ingle pe on, and i tran­mitt dover th network wire. In con-

t an RSA public key i vailable toall people while the private ey, equiv­al nt to the p word but mathematical­ly mor ophi ticated i virtually' un­gue ble" and never en~ the network.

In ord r to u auth ntic tion, ho ­ever, you really need a computer.You're not going to rem mber a 512-bitquantity, let alone generate the en­cryption, m age integrity check ,andother a pect of a privacy-enhancedcomputing environment without omcomputational help.

Since people are unabl to remem­ber their private key , mo t y temtor a per on' private key encrypted

by a p word-not the be t Y tern be­cau e th first computer in th chain itill vulnerable to a pa word attac .

Thi proce doe, how ver, prev ntwords from ever bowing up clear

text on the network, which remain oneof the bigge t urity threats. Ofco ,mart card , which place electronically

encod d infonnation on a credit card­ized key, will eventually change thi ,

allowing people to carry their private

the me ag includinfonnation: theCh c IC). The12 -bit quantity ba

10