CASE STUDY

OF

CRYPTOGRAPHY

AND

FIREWALL
Introduction to Cryptography
Cryptography is "the art of writing in secret characters".
Encrypting is the act of translating a 'normal message' to a
message written with 'secret characters' (also known as the
encrypted message). Decrypting is the act of translating a
message written with 'secret characters' into a readable
message (the unencrypted message). It is, by far, one of the
most important areas in computer security, since modern
encryption algorithms can ensure all three pillars of a
secure conversation: privacy, integrity, and authentication

Key-based algorithms
In the previous page we saw a rather simple encryption
algorithm which simply substituted each letter in a message
by the next one in the alphabet. The decryption algorithm
was, of course, substituting each letter in the encrypted
message with the previous letter in the alphabet. These kind
of algorithms, based on the substitution of letters, are easily
broken. Most modern algorithms, however, are key-based.
A key-based algorithm uses an encryption key to encrypt
the message. This means that the encrypted message is
generated using not only the message, but also using a
'key':
Key-based encryption

The receiver can then use a decryption key to decrypt the

message. Again, this means that the decryption algorithm
doesn't rely only on the encrypted message. It also needs a
'key':
Key-based decryption

Some algorithms use the same key to encrypt and decrypt,

and some do not. However, we'll look into this in more
detail in the next page.
Let's take a look at a simple example. To make things
simpler, let's suppose we're not transmitting alphanumerical
characters, only numerical characters. For example, we
might be interested in transmitting the following message:
1 2 3 4 5 6 5 4 3 2 1

We will now choose a key which will be used to encrypt

the message. Let's suppose the key is "4232". To encrypt
the message, we'll repeat the key as many times as
necessary to 'cover' the whole message:
1 2 3 4 5 6 5 4 3 2 1

4 2 3 2 4 2 3 2 4 2 3
Now, we arrive at the encrypted message by adding both
numbers:
1 2 3 4 5 6 5 4 3 2 1

+ 4 2 3 2 4 2 3 2 4 2 3
---------------------
5 4 6 6 9 8 8 6 7 4 4

The resulting message (54669886744) is the encrypted

message. We can decrypt following the inverse process:
Repeating the key as many time as necessary to cover the
message, and then subtract the key character by character:
5 4 6 6 9 8 8 6 7 4 4

- 4 2 3 2 4 2 3 2 4 2 3
---------------------
1 2 3 4 5 6 5 4 3 2 1

Voilà! We're back at the unencrypted message! Notice how

it is absolutely necessary to have the decryption key (in this
case, the same as the encryption key) to be able to decrypt
the message. This means that a malicious user would need
both the message and the key to eavesdrop on our
conversation.
Please note that this is a very trivial example. Current key-
based algorithms are much more sophisticated (for starters,
keys are much longer, and the encryption process is not as
simple as 'adding the message and the key').
Symmetric and asymmetric key-based algorithms
The example algorithm we've just seen falls into the
category of symmetric algorithms. These type of algorithm
uses the same key for encryption and decryption:
Key-based symmetric algorithm

Although this type of algorithms are generally very fast and

simple to implement, they also have several drawbacks.
The main drawback is that they only guarantee privacy
(integrity and authentication would have the be done some
other way). Another drawback is that both the sender and
the receiver need to agree on the key they will use
throughout the secure conversation (this is not a trivial
problem)..
Key-based asymmetric algorithm

Secure systems nowadays tend to use asymmetric

algorithms, where a different key is used to encrypt and
decrypt the message. Public-key algorithms, which are
introduced in the next section, are the most commonly used
type of asymmetric algorithms
Single-key Cryptography
Single-key cryptography is limited in practice by what is
known as the key distribution problem. Since all
participants must possess the same secret key, if they are
physically separated—as is usually the case—there is the
problem of how they get the key in the first place.
Diplomatic and military organizations traditionally use
couriers to distribute keys for the highest-level
communications systems, which are then used to
superencrypt and distribute keys for lower-level systems.
This is impractical, though, for most business and private
needs. In addition, key holders are compelled to trust each
other unconditionally to protect the keys in their possession
and not to misuse them. Again, while this may be a
tolerable condition in diplomatic and military
organizations, it is almost never acceptable in the
commercial realm.
Another key distribution problem is the sheer number of
keys required for flexible, secure communications among
even a modest number of users. While only a single key is
needed for secure communication between two parties,
every potential pair of participants in a larger group needs a
unique key. To illustrate this point, consider an
organization with only 1,000 users: each individual would
need a different private key for each of the other 999 users.
Such a system would require 499,500 different keys in all,
with each user having to protect 999 keys.
The number of different keys increases in proportion to the
square of the number of users. Secure distribution for so
many keys is simply insolvable, as are the demands on the
users for the secure storage of their keys. In other words,
symmetric key cryptography is impractical in a network in
which all participants are equals in all respects. One
“solution” is to create a trusted authority—unconditionally
trusted by all users—with whom each user can
communicate securely to generate and distribute temporary
session keys as needed. Each user then has only to protect
one key, while the burden for the protection of all of the
keys in the network is shifted to the central authority.
Public-key cryptography
In 1976, in one of the most inspired insights in the history
of cryptology, Sun Microsystems, Inc., computer engineer
Whitfield Diffie and Stanford University electrical engineer
Martin Hellman realized that the key distribution problem
could be almost completely solved if a cryptosystemIn this
system, ciphers created with a secret key can be decrypted
by anyone using the corresponding public key—thereby
providing a means to identify the originator at the expense
of completely giving up secrecy. Ciphers generated using
the public key can only be decrypted by users holding the
secret key, not by others holding the public key—however,
the secret-key holder receives no information concerning
the sender. In other words, the system provides secrecy at
the expense of completely giving up any capability of
authentication. What Diffie and Hellman had done was to
separate the secrecy channel from the authentication
channel—a striking example of the sum of the parts being
greater than the whole. Single-key cryptography is called
symmetric for obvious reasons. A cryptosystem satisfying
conditions 1–4 above is called asymmetric for equally
obvious reasons. There are symmetric cryptosystems in
which the encryption and decryption keys are not the same
—for example, matrix transforms of the text in which one
key is a nonsingular (invertible) matrix and the other its
inverse. Even though this is a two-key cryptosystem, since
it is easy to calculate the inverse to a non-singular matrix
Digital signature
A digital signature or digital signature scheme is a type
of asymmetric cryptography. For messages sent through an
insecure channel, a properly implemented digital signature
gives the receiver reason to believe the message was sent
by the claimed sender. Digital signatures are equivalent to
traditional handwritten signatures in many respects;
properly implemented digital signatures are more difficult
to forge than the handwritten type. Digital signature
schemes in the sense used here are cryptographically based,
and must be implemented properly to be effective. Digital
signatures can also provide non-repudiation, meaning that
the signer cannot successfully claim they did not sign a
message, while also claiming their private key remains
secret; further, some non-repudiation schemes offer a time
stamp for the digital signature, so that even if the private
key is exposed, the signature is valid nonetheless. Digitally
signed messages may be anything representable as a
bitstring: examples include electronic mail, contracts, or a
message sent via some other cryptographic protocol.
Digital signatures are often used to implement electronic
signatures, a broader term that refers to any electronic data
that carries the intent of a signature,[1] but not all electronic
signatures use digital signatures.[2][3][4] In some countries,
including the United States, and in the European Union,
electronic signatures have legal significance.
A digital signature scheme typically consists of three
algorithms:
• A key generation algorithm that selects a private key
uniformly at random from a set of possible private
keys. The algorithm outputs the private key and a
corresponding public key.
• A signing algorithm which, given a message and a
private key, produces a signature.
• A signature verifying algorithm which given a
message, public key and a signature, either accepts or
rejects.
Two main properties are required. First, a signature
generated from a fixed message and fixed private key
should verify on that message and the corresponding public
key. Secondly, it should be computationally infeasible to
generate a valid signature for a party who does not possess
the private key.
Benefits of digital signatures
Below are some common reasons for applying a digital
signature to communications:
Authentication
Although messages may often include information about
the entity sending a message, that information may not be
accurate. Digital signatures can be used to authenticate the
source of messages. When ownership of a digital signature
secret key is bound to a specific user, a valid signature
shows that the message was sent by that user. The
importance of high confidence in sender authenticity is
especially obvious in a financial context. For example,
suppose a bank's branch office sends instructions to the
central office requesting a change in the balance of an
account. If the central office is not convinced that such a
message is truly sent from an authorized source, acting on
such a request could be a grave mistake.
Integrity
In many scenarios, the sender and receiver of a message
may have a need for confidence that the message has not
been altered during transmission. Although encryption
hides the contents of a message, it may be possible to
change an encrypted message without understanding it.
However, if a message is digitally signed, any change in the
message will invalidate the signature.
Drawbacks of digital signatures
Despite their usefulness, digital signatures alone do not
solve the following problems:
Association of digital signatures and trusted time
stamping
Digital signature algorithms and protocols do not inherently
provide certainty about the date and time at which the
underlying document was signed. The signer might have
included a time stamp with the signature, or the document
itself might have a date mentioned on it. Regardless of the
document's contents, a reader cannot be certain the signer
did not, for example, backdate the date or time of the
signature. Such misuse can be made impracticable by using
trusted time stamping in addition to digital signatures.

Non-repudiation
In a cryptographic context, the word repudiation refers to
any act of disclaiming responsibility for a message. A
message's recipient may insist the sender attach a signature
in order to make later repudiation more difficult, since the
recipient can show the signed message to a third party (e.g.,
a court) to reinforce a claim as to its signatories and
integrity. However, loss of control over a user's private key
will mean that all digital signatures using that key, and so
ostensibly 'from' that user, are suspect.
Nonetheless, a user cannot repudiate a signed message
without repudiating their signature key. This is aggravated
by the fact there is no trusted time stamp, so new
documents (after the key compromise) cannot be separated
from old ones, further complicating signature key
invalidation. A non-repudiation service requires the
existence of a public key infrastructure (PKI) which is
complex to establish and operate. The Certificate
authorities in a PKI usually maintain a public repository of
public keys so the associated private key is certified and
signatures cannot be repudiated. Expired certificates are
normally removed from the repository. It is a matter for the
security policy and the responsibility of the authority to
keep old certificates for a period of time if non-repudiation
of data service is provided.
WYSIWYS
Technically speaking, a digital signature applies to a string
of bits, whereas humans and applications "believe" that
they sign the semantic interpretation of those bits. In order
to be semantically interpreted the bit string must be
transformed into a form that is meaningful for humans and
applications, and this is done through a combination of
hardware and software based processes on a computer
system. The problem is that the semantic interpretation of
bits can change as a function of the processes used to
transform the bits into semantic content.
 It is relatively easy to change the interpretation of a digital
document by implementing changes on the computer
system where the document is being processed. From a
semantic perspective this creates uncertainty about what
exactly has been signed. WYSIWYS (What You See Is
What You Sign) [13] means that the semantic interpretation
of a signed message can not be changed. In particular this
also means that a message can not contain hidden info that
the signer is unaware of, and that can be revealed after the
signature has been applied. WYSIWYS is a desirable
property of digital signatures that is difficult to guarantee
because of the increasing complexity of modern computer
systems.
Additional security precautions
Putting the private key on a smart card
All public key / private key cryptosystems depend entirely
on keeping the private key secret. A private key can be
stored on a user's computer, and protected by a local
password, but this has two disadvantages:
• the user can only sign documents on that particular
computer
• the security of the private key depends entirely on the
security of the computer
A more secure alternative is to store the private key on a
smart card. Many smart cards are designed to be tamper-
resistant (although some designs have been broken, notably
by Ross Anderson and his students). In a typical digital
signature implementation, the hash calculated from the
document is sent to the smart card, whose CPU encrypts
the hash using the stored private key of the user, and then
returns the encrypted hash. Typically, a user must activate
his smart card by entering a personal identification number
or PIN code (thus providing two-factor authentication). It
can be arranged that the private key never leaves the smart
card, although this is not always implemented. If the smart
card is stolen, the thief will still need the PIN code to
generate a digital signature. This reduces the security of the
scheme to that of the PIN system, although it still requires
an attacker to possess the card. A mitigating factor is that
private keys, if generated and stored on smart cards, are
usually regarded as difficult to copy, and are assumed to
exist in exactly one copy. Thus, the loss of the smart card
may be detected by the owner and the corresponding
certificate can be immediately revoked. Private keys that
are protected by software only may be easier to copy, and
such compromises are far more difficult to detect.
Using smart card readers with a separate keyboard
Entering a PIN code to activate the smart card commonly
requires a numeric keypad. Some card readers have their
own numeric keypad. This is safer than using a card reader
integrated into a PC, and then entering the PIN using that
computer's keyboard. Readers with a numeric keypad are
meant to circumvent the eavesdropping threat where the
computer might be running a keystroke logger, potentially
compromising the PIN code. Specialized card readers are
also less vulnerable to tampering with their software or
hardware and are often EAL3 certified.
Other smart card designs
Smart card design is an active field, and there are smart
card schemes which are intended to avoid these particular
problems, though so far with little security proofs.
Using digital signatures only with trusted applications
One of the main differences between a digital signature and
a written signature is that the user does not "see" what he
signs. The user application presents a hash code to be
encrypted by the digital signing algorithm using the private
key. An attacker who gains control of the user's PC can
possibly replace the user application with a foreign
substitute, in effect replacing the user's own
communications with those of the attacker. This could
allow a malicious application to trick a user into signing
any document by displaying the user's original on-screen.
To protect against this scenario, an authentication system
can be set up between the user's application (word
processor, email client, etc.) and the signing application.
The general idea is to provide some means for both the user
app and signing app to verify each other's integrity. For
example, the signing application may require all requests to
come from digitally-signed binaries.
Hashing
Digitally signing a message is a more complex operation
and requires a cryptosecure “hashing” function. This is a
publicly known function that maps any message into a
smaller message—called a digest—in which each bit of the
digest is dependent on every bit of the message in such a
way that changing even one bit in the message is apt to
change, in a cryptosecure way, half of the bits in the digest.
By cryptosecure is meant that it is computationally
infeasible for anyone to find a message that will produce a
preassigned digest and equally hard to find another
message with the same digest as a known one. To sign a
message—which may not even need to be kept secret—A
encrypts the digest with the secret e, which he appends to
the message. Anyone can then decrypt the message using
the public key d to recover the digest, which he can also
compute independently from the message. If the two agree,
he must conclude that A originated the cipher, since only A
knew e and hence could have encrypted the message.
Thus far, all proposed two-key cryptosystems exact a very
high price for the separation of the privacy or secrecy
channel from the authentication or signature channel. The
greatly increased amount of computation involved in the
asymmetric encryption/decryption process significantly
cuts the channel capacity (bits per second of message
information communicated). For roughly 20 years, for
comparably secure systems, it has been possible to achieve
a throughput 1,000 to 10,000 times higher for single-key
than for two-key algorithms. As a result, the main
application of two-key cryptography is in hybrid systems.
In such a system a two-key algorithm is used for
authentication and digital signatures or to exchange a
randomly generated session key to be used with a single-
key algorithm at high speed for the main communication.
At the end of the session this key is discarded.
What is a message digest?

Message digest, also known as the hash of a message, is a

small piece of data that results from performing a particular
mathematical calculation (hashing function) on the message
during encryption. Two properties of message digests to
note: (i) a small alteration in the original message would
cause a big change in the message digest; (ii) derivation of
the original message is not possible from the message
digest. It acts as a "fingerprint" of the message and is used
to ensure data integrity.

In cryptography, RSA is an algorithm for public-key

cryptography. It is the first algorithm known to be suitable
for signing as well as encryption, and one of the first great
advances in public key cryptography. RSA is widely used
in electronic commerce protocols, and is believed to be
secure given sufficiently long keys and the use of up-to-
date
FIREWALL
Controlling access to information systems became
profoundly more difficult with the spread of wide area
networks (WANs) and the Internet. Users, as well as
interlopers, may access systems from any unattended
computer within an organization or from virtually
anywhere over the Internet. One security measure is to
require some form of physical authentication, such as an
object (a key or a smart card) or a personal characteristic
(fingerprint, retinal pattern, hand geometry, or signature).
Another common security measure is to assign a unique
password to each legitimate user. Many systems combine
these types of measures—such as automatic teller
machines, which rely on a combination of a personal
identification number (PIN) and a magnetic-strip
identification card. Security measures placed between an
organization's internal network and the Internet are known
as firewalls.

Types of Firewall
Packet filter: Looks at each packet entering or leaving
the network and accepts or rejects it based on user-
defined rules. Packet filtering is fairly effective and
transparent to users, but it is difficult to configure.

Application gateway: Applies security mechanisms to

specific applications, such as FTP and Telnet servers.
This is very effective, but can impose a performance
degradation.

Circuit-level gateway: Applies security mechanisms

when a TCP or UDP connection is established. Once the
connection has been made, packets can flow between the
hosts without further checking.

Proxy server: Intercepts all messages entering and

leaving the network. The proxy server effectively hides
the true network addresses.

Hardware Firewall

Hardware firewalls can be effective with little or no

configuration, and they can protect every machine on a
local network. Most hardware firewalls will have a
minimum of four network ports to connect other
computers, but for larger networks, business networking
firewall solutions are available. A hardware firewall
uses packet filtering to examine the header of a packet to
determine its source and destination.

Software Firewall

The most popular firewall choice is a software firewall.A

software firewall will protect your computer from
outside attempts to control or gain access your
computer.The downside to software firewalls is that they
will only protect the computer they are installed on, not a
network, so each computer will need to have a software
firewall installed on it.A good software firewall will run
in the background on your system and use only a small
amount of system resources.

Single Firewall

Single Network Firewall is a comprehensive proxy

firewall suite that ensures the security of vital
information entering and leaving a network. "Snort"
and "Prelude" Intrusion Detection Systems alert you to
network attacks and take action against hostile intruders.
Bastille is a powerful "hardening" system that provides
extra protection against IP Spoofing attacks.Filtering
rules can be created at the user level or by department to
control information entering and leaving a network or
network subgroup.
Distributed Firewalls
A distributed firewall is a mechanism
that enforces a centralized rule policy but
pushes the enforcement of it toward the
edges [Ioannidis et al., 2000]. In current
implementations
of the distributed firewall, access is
controlled by machine identification. It is up to
the host machine to fetch the security policy
from
a repository when an alarm is triggered. There
is no way to automatically propagate the policy
through the system or even to guarantee that
a
host has to update its policy on a regular basis.
Machines are identified a via cryptographic
certificate and are allowed to join the network
based on this identification [Bellovin, 1999].
Local hosts download the security policy. When
a connection is established, the policy daemon
will screen the incoming traffic. If it is
approved,
the policy daemon will inform the kernel to
proceed with the connection. If the daemon
will try to establish validity through outside
sources before, if needed, ultimately denying
the
connection.