This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Alexander NTOKO, Project Manager, ITU Electronic CommerceITU Telecommunication Development Bureau (BDT)Email: [email protected] Web: http://www.itu.int/ecdc
In electronic commerce, the parties do not meet physically to perform a transaction.Technology needs to provide mechanisms for the establishment of the identities of the parties in a transaction.
Authentication involves the use of digital signatures based on Public Key encryption algorithms and digital certificates to establish the identities of the parties involved in an electronic transaction.
ITU-T X.509 digital certificate standard provides a format for binding the physical identity of the party to be authenticated with their public key. The binding of a public key to an identity is done by a Trusted Third Party (TTP) or a Certification Authority through ITU-T X.509 Digital Certificate.
To authenticate the sender of a message, the electronic document (message) is hashed, then digitally signed using the private key of the sender (digital signature) and sent together with the clear text version.
To verify that the message is from the intended sender, the recipient performs the reverse function (hashes the clear-text message, and compares it with the decrypted version of the hashed messages). If the hashes match, then the message was sent by the intended sender.
The possible misuse of valuable financial and personal data as it transits via public networks (like the Internet) and stored in computers and routers emphasizes the need for providing mechanisms for scrambling data during transmission.
In electronic commerce, the potential for fraud increases this need and makes encryption a basic tool for all electronic commerce systems.
Encryption is a process that involves disguising a message such that only the intended recipient can understand the contents of the message. The message is scrambled using a KEY (encryption process) and the recipient needs a KEY to unscramble the message (decryption process).
There are two main types of encryption systems: Public Key Cryptography and Private Key Cryptography. Details on how both work will be provided in the session on encryption.
Encryption algorithms form the basic technology used in electronic commerce systems (for transaction and payment processing) and also for hosts, applications and networks security systems.
Various combinations of encryption and decryption are used for providing the basic technological solutions for electronic commerce transactions.
Imagine an electronic commerce transaction that requests the transfer of USD 1000 to a bank account. What happens if this data could be modified to USD 10000?
Data Integrity means making sure that data is not modified in a electronic transaction. If any such modification takes place, it is detected and the data is rejected.
One-Way Message Digest function in combination with Digital signatures provide the solutions to check the integrity of data in electronic commerce transactions.
A cryptographically strong digest algorithm should be impossible to invert, and resistant to collision. Such a digest is referred to as a Hash Function.
To send a message and be sure of the integrity, the data is hashed and then digitally signed. It is then attached to the clear-text message. The recipient checks the origin and that the data was not modified in transit.
Hash functions (unlike encryption) provide a one-way encryption of the data and and are much faster than encryption algorithms because they are used on small pieces of data where the integrity is vital.
Commonly used Hash Functions include: Secure Hash Algorithm (SHA) and Message Digest 5 (MD5).
Electronic commerce involves transactions conducted over public or private networks. This means the parties do not meet physically. After a transaction is concluded, can one party deny or repute the transaction ?
An electronic commerce system MUST provide mechanisms for transactions conducted to be binding (as is the case with transactions conducted using traditional means).
Non-repudiation is the non-deniability of electronic commerce transactions. Digital signatures provide the mechanism for binding transactions.
Both parties to a transaction digitally sign the document using their private keys. Only the owner of a private key has access to this key. Hence a document digitally signed attests to the authenticity of the signer.
To be sure that the private key used to sign the document belongs to the legitimate party, Trusted Third Parties provide services to bind the corresponding public key of the signer to their identity.
The session on encryption, digital signatures and has functions will explain in detail how this process works.
The sale of digital content implies strict access control to the valuable resources being sold.
After identifying the party to the transaction (authentication), it is necessary to provide a mechanism to control access based on pre-defined conditions.
Access control means providing access only to those who are authorized (such as clients who have already paid for a resource). This involves blocking access to the resource and only releasing it to authorized parties.
Access control could be implemented at the level of individual users, groups of users, organizations or companies. The type of service provided determines the level of access control.
On the Internet, access control mechanisms include username/password, IP and domain name control, client certificates, encrypted state objects, virtual private networks, PKI infrastructure and other security mechanisms.
Besides determining the identity of the party accessing the resource, access control involves other factors such as when can the resource be access (day, time) and the duration of the authorization.
There must be ways of maintaining and updating the access control lists or authorization databases.
o Encryption (symmetric and public key)o One-way hash functionso Digital signatureso Digital certificates, CAs, ITU X.509o Secure Sockets Layer (SSL)o Secure Electronic Transaction (SET)o Client security
“One of the most common assumptions about the digital world is that it isn't a safe place. True? False. The virtual world is a far safer, more private, and less dangerous place than the real world. Note, I didn't say better. When people tell me they would never type their credit card number into the Internet, I try to suppress a laugh. These same people gleefully recite it over the telephone or hand their credit card to a lascivious-looking waiter, who disappears with it for a few minutes.”
Nicholas Negroponte, MIT Media Laboratory, Forbes Magazine
o Confidentiality Encryptiono Who am I dealing with? Authenticationo Message integrity Message Digesto Non-repudiation Digital Signatureo Third party evidence of authenticity Certificateo Trusted certificate Certification Authoritieso Secure communication sessions SSLo Secure payment systems SSL-based, SET, …
o Concept introduced in 1976 by Diffie and Hellman
o RSA, the most popular, was invented in 1977 by Rivest, Shamir, and Adleman
o RSA (www.rsa.com) was founded in 1982
o Everyone has a private key and a public keyo Sender uses the receiver’s public key to encrypt
messageo Only receiver’s private key can decrypt messageo Discovering private key kept by one person is
more difficult than discovering shared secret key
Public key encryption system
Each user has 2 keys: what one key encrypts,only the other key in the pair can decrypt.Public key can be sent in the open.Private key is never transmitted or shared.
o Authentication of senderSigner’s public key decrypts digest sent and decrypted digest matches computed digest
o Non-repudiationOnly signer’s private key can encrypt digest that is decrypted by his/her public key and matches the computed digest. Non-repudiation prevents reneging on an agreement by denying a transaction.
o Standard certificate virtually everyone useso Includes: serial number, name of individual
or system (X.500 name - e.g., CN=John Smith, OU=Sales,
O=XYZ, C=US), issuer (X.500 name of CA), validity period, public key, cryptographic algorithm used, CA digital signature, etc., plus flexible extensions in Version 3
o Certificate is signed by the issuer to authenticate the binding between the subject name and the related public key
o Version 3 standard extensions include subject and issuer attributes, certification policy information, key usage restrictions, e-mail address, DNS name, etc.
o Example of special extensions: account number, postal address, telephone number, photograph (image data), birthday to block users younger than specified age to access certain contents of a Web server, preferred language, etc.
o Developed by Netscape, widely usedo Security just above Network layer o Authentication via X.509 Certificates o Provides encrypted channel for sending
Browsers (e.g., Netscape Navigator and Microsoft Explorer) include embedded Certificates (Digital IDs) for leading Certificate Authorities (e.g., VeriSign). As new CAs come online, their Certificates are also embedded. These embedded certificates allow the browsers to verify the legitimacy of arbitrary servers. Browsers that do not implement support for HTTP over SSL will naturally not be able to access "https" URLs.
o Announce by Visa, MasterCard and partners in January 1996 as a unified card-based network payment protocol for electronic commerce and has gained industry support.
o Enables the authentication of cardholder, merchant and bank for all transactions.
o Uses strong encryption and cardholder certificates for authentication, data integrity and digital signatures.
o Merchant cannot see cardholder financial details and bank does not see item details.
o Compromise solution announced in May 1999 to allow SSL-based client-merchant transactions to be accepted as SET transactions.
Public and private key encryption systems, digital certificates, digital signatures, certificate authorities, secure communication protocols (e.g., SSL) provide scaleable and high-level security within the enterprise, throughout the Internet, and ultimately throughout the society as a whole, enhancing trust on E-commerce.
o Secure protocol to communicate over untrusted channels is not enough
o Trusted code is necessary at the end pointso Security on user’s PCs is now insufficiento Simple problem: keeping private key privateo Security must take people into accounto Cryptographically secure checksums of the PC
executable and other files (self-healing)?o Microsoft Authenticode?, … , NT 5.0?,
o Keys with 128 bits will probably remain unbreakable by brute force for the foreseeable future. Brute force attack takes 2128 encryptions. If 1 billion keys were tried per chip and one billion chips were used, it will take 1013 years. Longer than the age of the universe to break!
o For keys longer that 128-bits, we will encounter a limit where the energy consumed by the computation (using the minimum energy of a quantum mechanic operation for the energy of one step) will exceed the energy of the mass of the sun or even of the universe.
o Keys with 128 bits will probably remain unbreakable by brute force for the foreseeable future. Brute force attack takes 2128 encryptions. If 1 billion keys were tried per chip and one billion chips were used, it will take 1013 years. Longer than the age of the universe to break!
o For keys longer that 128-bits, we will encounter a limit where the energy consumed by the computation (using the minimum energy of a quantum mechanic operation for the energy of one step) will exceed the energy of the mass of the sun or even of the universe.
The set of hardware, software, people and procedures needed to create, manage, store, distribute and revoke certificates based on public-key cryptography.
• Public-Key Virtual Private Networks
• ITU-T X.509 Digital (Identity) Certificates
• Strong Software and Hardware Authentication
• Certification and Registration Authorities
• Attribute Certificates linked to Identity Certificates