Copyright © William G. Cafiero, 2001 GE Global eXchange Services Page 1 A Review of Security Concerns, Techniques and Methodologies <Bills_Info> <Name>Bill Cafiero</Name> <Phone>972-231-2180</Phone> <e-mail>[email protected]</e-mail> </Bills_Info>
Dec 25, 2015
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 1
A Review of Security Concerns,
Techniques and Methodologies
A Review of Security Concerns,
Techniques and Methodologies
<Bills_Info> <Name>Bill Cafiero</Name> <Phone>972-231-2180</Phone> <e-mail>[email protected]</e-mail></Bills_Info>
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 2
Dot-Com is fast becoming DOW-Com
The Internet is going to be about a lot more than the ability to call up stock quotes. It will really explode for us when broadband arrives.Disney CEO Michael Eisner
As highlighted in the now-famous destroyyourbusiness.com speech, old-line companies have to think in radically new ways. GE Chief Jack Welch
Évery dealer in this country has about 70 days of supply. In simple truth, there's tremendous waste in that.GM CEO Jack Smith
Honeywell intends to use the Internet to cut costs by $500M-$1B no later than 2005. Chairman Lawrence Bossidy
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 3
Strengths Become Weaknesses
• Access points become International
• Partners Can Now Collaborate
• You’ll have access to your partners (and they’ll have access to you)
• Employees can work from home, at night, over the weekends, and on holiday
• Application servers can support entire divisions
• Every internal modem is now a gateway into a network of networks
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 4
A New Focus Is Needed
Source: Forrester Research, Inc.
Access is granted to employees only
Applications and data are centralized in fortified IT
bunkers
Security manager decides who gets
access
Internal focus
Centralized assets
The goal of security is to protect against
confidentiality breaches
Prevent losses
IT control
Yesterday
Suppliers, customers, and prospects all need some form of access
Applications and data are distributed across
servers, locations, and business units
The goal of security is to enable eCommerce
Business units want the authority to grant
access
External focus
Distributed assets
Generate revenue
Business control
Today
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 5
But there are security challenges
• Electronic Business Is a Priority
– “Time to market” will always win over security if you are not careful
• Dynamic Networks and Security Confusion
– Who owns security? Who knows about new projects, new networks, new connections?
• Limited Security Resources and Expertise– Security administrators in California earn an unburdened
average of $73,863 (SANS 2000 salary survey)
– Average turnover is 24 months.
• Security Management Is Too Complex
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 6
…and more security challenges
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 8
Sources inside the credit-card industry told ZDNet News that Egghead may warn up to 3.7 million credit-cards holders that their card numbers had been stolen.
We can only guess what this breach cost Egghead in terms of downtime, audit, negative PR, and lost business.
Credit Card Data
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 9
Clay Shirky, a well-known open source pundit and partner with New York investment firm Accelerator Group, is thrilled by all this network openness. "I'm not worried about security, because security and convenience are always a tradeoff," he
explains.
New technology is cool, but hardly ever secure
"We walked around the Financial District with a laptop and an antenna, and we could pick up about six networks per block," says Matt Peterson, a network engineer
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 13
Consequences
• Lack of consumer confidence
• Exposure to Legal Liability
• Decreased Stockholder Equity
• Damaged Image - 30 Seconds on CNN
• Decreased Employee Productivity
• Loss of Intellectual Property & Assets
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 14
The Issues
The rest of this presentation deals with message security:
• What are our security needs?
• Just how do cryptographic security techniques work?
• In other words - a primer on authentication, encryption, digital signatures and key management
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 15
Alice and Bob are planning a merger
ConfidentialityConfidentiality
What are the Security Needs?
Now I have the details on the merger
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 16
AuthenticationAuthentication
I will convince Bob that I am Alice
What are the Security Needs?
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 17
IntegrityIntegrity
I’ll just change this a bit. Bob will never notice
What are the Security Needs?
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 18
Non-repudiationNon-repudiation
Neither can you Alice
You can’t deny your role in this transaction Bob
What are the Security Needs?
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 19
Encrypt Decrypt
PlainText CipherText PlainText
qazws ed ty xedcr dcrfv ui rgbth thn olputui n loijg frt ugd iopyt nuytrbyi
Basics of Encryption
Encryption satisfies two of our needs:• Confidentiality - Original data is completely private• Integrity - Data has not been altered
Plus encryption provides an additional feature:• Access Control - Only those who have the right keys
can decrypt the CipherText
Encryption satisfies two of our needs:• Confidentiality - Original data is completely private• Integrity - Data has not been altered
Plus encryption provides an additional feature:• Access Control - Only those who have the right keys
can decrypt the CipherText
This is plain text. It can be read by anyone.
This is plain text. It can be read by anyone.
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 20
Encryption
There are two types of algorithms
• Symmetric (or Private Key) algorithms
• Asymmetric (or Public Key) algorithms
Both types of algorithms have advantages and disadvantages
Both types of algorithms have advantages and disadvantages
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 21
Private Key Encryption
Encrypt Decrypt
Shared Key
PlainText CipherText PlainText
Symmetric Encryption• Ex: Data Encryption Standard (DES)
Symmetric Encryption• Ex: Data Encryption Standard (DES)
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 22
Encrypt Decrypt
Bob’s Public Key
Bob’s Private Key
PlainText CipherText PlainText
Public Key Encryption
Asymmetric Key Encryption
• Ex: Rivest Shamir Adleman (RSA)
Asymmetric Key Encryption
• Ex: Rivest Shamir Adleman (RSA)
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 23
Bob’s Public Key
• Made publicly available to others
• Used by others to encrypt message for Bob; or…
• Used by others to verify Bob’s digital signature
Bob’s Private Key
• Kept secret and secure by Bob
• Used by Bob to decrypt messages from others; or…
• Used by Bob to generate his digital signature
Public Key Encryption
Knowing the public key, it is not possible to deduce the private key
Knowing the public key, it is not possible to deduce the private key
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 24
Sign Verify
PlainText Signed PlainText
Basics of Digital Signature
Digital Signatures satisfy the last two needs:• Authentication - The originator’s signature is on the file• Non-repudiation - The originator cannot deny signing the file
Digital Signatures satisfy the last two needs:• Authentication - The originator’s signature is on the file• Non-repudiation - The originator cannot deny signing the file
This is plain text. It can be read by anyone.
This is plain text. It can be read by anyone.
tybs58bdn6
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 25
Alice’s Signing Process
Calculate hash
Encrypt hash with Alice’s private key
Bob’s Verification Process
Compare decrypted hash with fresh hash
Calculate fresh hash
= ?
How a Digital Signature Works
Signed PlainText
Decrypt original hash with Alice’s public key
This is plain text. It can be read by anyone.
tybs58bdn6
nh9ft4mjae
This is plain text. It can be read by anyone.
This is plain text. It can be read by anyone.
tybs58bdn6
tybs58bdn6tybs58bdn6
nh9ft4mjae
nh9ft4mjaetybs58bdn6
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 26
Encrypt and Sign
Decrypt and Verify
PlainText
Signed CipherText
Putting it All Together
PlainText
• Confidentiality• Authentication• Integrity• Non-repudiationand• Access control
• Confidentiality• Authentication• Integrity• Non-repudiationand• Access control
Verify Hash
This is plain text. It can be read by anyone.
This is plain text. It can be read by anyone.
tybs58bdn6
qazws ed ty xedcr dcrfv ui rgbth thn olputui n loijg frt ugd iopyt nuytrbyi
Are we done yet?Are we done yet?
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 27
Another Issue
I’ll just substitute my public key for what Alice thinks is Bob’s public key
Encrypt Decrypt
Bob’s Private Key
PlainText PlainText
Decrypt
Interloper’s Private Key
Encrypt
Interloper uses Bob’s Public Key
Public Key Substitution RiskPublic Key Substitution Risk
CipherText
Alter
Interloper’s Public Key Masquerading as Bob’s Public Key
It’s a valid message from Alice
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 28
Certificate Issuance
Binds a key to its owner
Digitally signed by a “certification authority”
• Guarantees integrity
• Authenticates the owner
Prevents masquerading
Establishes trust
An electronic version of a “notary public”
Bob
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 29
Key Expiry and Update
Public key expiry date defined in certificate
• Set by security officer
Key update
• Automatic
• Transparent
• Different rules for encryption and digital signature key pairs
Key histories
• Easily decrypt data protected with “old” keys
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 30
Third Party Trust
Alice Bob
Certification Authority
Third Party TrustThird Party Trust
Trust Trust
Trust
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 31
Cross Certification
Carol Ted
Certification Authority
Trust Trust
Trust
Alice Bob
Certification Authority
Trust Trust
Trust
Cross Certify
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 32
The Real Issues
Cryptographic algorithms are not the problem
The problems are:
• Large scale key management
•Establishing and maintaining third party trust
•Corporate control of information
• Making cryptography accessible to everyone, across applications
•Security has to be easy to use
Key management issues...Key management issues...
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 33
Key Management
The most difficult security problem
• Generating keys
• Keeping backup keys
• Delivering keys
• Dealing with compromised keys
• Changing keys
• Destroying old keys
The Public Key advantageThe Public Key advantage
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 34
Key Management Lifecycle
Bob
Bob
Key Generation
Certificate Issuance
Key Usage
Key Expiry
Key Update
Copyright © William G. Cafiero, 2001
GE Global eXchange Services
Page 35
Summary
Five key security requirements• Confidentiality - Encryption• Integrity - Encryption• Authentication - Digital signature• Non-repudiation - Digital signature• Access Control - Encryption
Two types of algorithms• Private Key - Symmetric• Public Key - Asymmetric
Importance of key management
Certification of public keys
Make security easy to use and implement it across all of your important applications
Make security easy to use and implement it across all of your important applications