Skip to main content

Currently Skimming:

Cryptography: Roles, Market, and Infrastructure
Pages 51-78

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.


From page 51...
... Among them are safeguarding physical assets from damage or destruction and ensuring that resources such as computer time, network connections, and access to databases are available only to individuals -- or to other systems or even software processes -- authorized to have them.1 Overall information security is dependent on many factors, including various technical safeguards, trustworthy and capable personnel, high degrees of physical security, competent administrative oversight, and good operational procedures. Of the avail 1The term "information security" and shortened versions such as INFOSEC, COMPSEC, and NETSEC are also in use.
From page 52...
... Today, users of computer systems can be connected with one another worldwide, through the public switched telecommunications network, a local area network, satellites, microwave towers, and radio transmitters. Operationally, an individual or a software process in one place can request service from a system or a software process in a far distant place.
From page 53...
... Such a scheme, in which both communicating parties must have a common key, is now called symmetric cryptography or secret-key cryptography; it is the kind that has been used for centuries and written about widely.5 It has the property, usually an operational disadvantage, of requiring a safe method of distributing keys to relevant parties (key distribution or key management)
From page 54...
... However, in a well-designed public-key system, it is computationally infeasible in any reasonable length of time to derive the private key from knowledge of the public key. A significant operational difference between symmetric and asymmetric cryptography is that with asymmetric cryptography anyone who knows a given person's public key can send a secure message to that person.
From page 55...
... with the private key of the signer. Anyone can verify the signature of the message or file by decrypting the signature using the public key of the sender.
From page 56...
... Authentication mechanisms can also be used to generate an audit trail identifying those who have accessed particular data, thus facilitating a search for those known to have compromised confidential data. In the event that access controls are successfully bypassed, the use of encryption on data stored and communicated in a system provides an extra layer of protection.
From page 57...
... More discussion of cryptography can be found in Appendix C 2.3 HOW CRYPTOGRAPHY FITS INTO THE BIG SECURITY PICTURE In the context of confidentiality, the essence of information security is a battle between information protectors and information interceptors.
From page 58...
... . 2.3.1 Factors Inhibiting Access to Information12 Compared to the task of tapping an analog telephone line, obtaining access to the content of a digital information stream can be quite difficult.
From page 59...
... For the most part, intercepted communications are worthless if the identity of the communicating parties is not known. In telephony, call forwarding and pager callbacks from pay telephones have sometimes frustrated the efforts of law enforcement officials conducting wiretaps.
From page 60...
... As the telecommunications industry becomes increasingly heterogeneous, law enforcement authorities may well be uncertain about what company to approach about implementing a wiretap request. 2.3.2 Factors Facilitating Access to Information System or Product Design Unauthorized access to protected information can inadvertently be facilitated by product or system features that are intended to provide legitimate access but instead create unintentional loopholes or weaknesses that can be exploited by an interceptor.
From page 61...
... Since it is impossible to ensure that a radio broadcast reaches only its intended receiver(s) , communications carried over wireless links -- such as those involving cellular telephones and personal pagers -- are vulnerable to interception by unauthorized parties.
From page 62...
... Successful cryptanalysis can be the result of: -- Inadequately sized keys. A product with encryption capabilities that implements a strong cryptographic algorithm with an inadequately sized key is vulnerable to a "brute-force" attack.18 Box 2.2 provides more detail.
From page 63...
... ; known shortcut attacks would allow such numbers to be factored in approximately 265 operations, a number on the order of that required to undertake a brute-force exhaustive search of a message encrypted with a 64-bit sym metric cryptographic system. While symmetric 64-bit systems are considered rela tively safe, fear of future breakthroughs in cryptanalyzing public-key systems has led many cryptographers to suggest a minimum key size of 1,024 bits for public-key systems, thereby providing in key length a factor-of-two safety margin over the safety afforded by 512-bit keys.
From page 64...
... For example, a virus may infect it, making a clandestine change. A message or a file can be sent to an unwary recipient who activates a hidden program when the message is read or the file is opened; such a program, once active, can record the keystrokes of the person at the keyboard, scan the mass storage media for sensitive data and transmit it, or make clandestine alterations to stored data.
From page 65...
... products in which cryptographic functions have been incorporated into some software or hardware application package as part of its overall functionality. An integrated product is designed to provide a capability that is useful in its own right, as well as encryption capabilities that a user may or may not use.
From page 66...
... For example, a PC card may integrate cryptographic functionality for secure authentication and for encryption onto the same piece of hardware, even though the user may choose to invoke these functions independently. A groupware program for remote collaboration may implement cryptography for confidentiality (by encrypting messages sent between users)
From page 67...
... Many international business users are concerned that their international business communications are being monitored, and indeed such concerns motivate a considerable amount of today's demand for secure communications. It is true that the content of the vast majority of telephone communications in the United States (e.g., making a dinner date, taking an ordi 23A case in point is that the officers charged in the Rodney King beating used their electronic communications system as though it were a private telephone line, even though they had been warned that all traffic over that system was recorded.
From page 68...
... A secure telephone is not of much use if only one person has it. Ensuring that communications are secure requires collective action -- some critical mass of interoperable devices is necessary in order to stimulate demand for secure communications.
From page 69...
... A user that initially deploys a system without security features and subsequently wants to add them can be faced with a very high cost barrier, and consequently there is a limited market for add-on security products. On the other hand, the marginal cost of implementing cryptographic capabilities in software at the outset is rapidly becoming a minor part of the overall cost, and so cryptographic capabilities are likely to appear in all manner and types of integrated software products where there might be a need.
From page 70...
... In some instances, the implementation of cryptography can affect the compatibility of systems that may have interoperated even though they did not conform strictly to interoperability standards. In other instances, the specific cryptographic algorithm used is yet another function that must be standardized in order for two products to interoperate.
From page 71...
... , the hardware must know what part of the bit stream represents information useful to the ultimate receiver and what part represents information useful to the carrier. A communications protocol is an agreed-upon convention about how to interpret any given bit stream and includes the specification of any encryption algorithm that may be used as part of that protocol.
From page 72...
... • The skill to implement basic knowledge of cryptography. A product with encryption capabilities involves much more than a cryptographic algorithm.
From page 73...
... Even a product that implements a strong cryptographic algorithm in a competent manner is not valuable if the product is unusable in other ways. For integrated products with encryption capabilities, the noncryptographic functions of the product are central, because the primary purpose of an integrated product is to provide some useful capability to the user (e.g., word processing, database management, communications)
From page 74...
... 2.5 INFRASTRUCTURE FOR WIDESPREAD USE OF CRYPTOGRAPHY The widespread use of cryptography requires a support infrastructure that can service organizational or individual user needs with regard to cryptographic keys. 2.5.1 Key Management Infrastructure In general, to enable use of cryptography across an enterprise, there must be a mechanism that: • Periodically supplies all participating locations with keys (typically designated for use during a given calendar or time period -- the crypto-period)
From page 75...
... In all cases, however, the handling of private keys is the same for symmetric and asymmetric systems; they must be guarded with the highest levels of security. Although public keys need not be kept secret, their integrity and association with a given user are extremely important and should also be supported with extremely robust measures.
From page 76...
... A number of private certificate authorities, such as VeriSign, have also begun operation to service secure mass-market software products, such as the Netscape Navigator Web browser. Among personal acquaintances validation of public keys can be passed along from person to person or organization to organization, thus creating a web of trust in which the entire ensemble is considered to be trusted based on many individual instances of trust.
From page 77...
... In order to preserve information security, attention must be given to all of these factors. Moreover, people can use cryptography only to the extent that it is incorporated into real products and systems; unimplemented cryptographic algorithms cannot contribute to information security.
From page 78...
... , depends on the existence of a substantial supporting infrastructure, the deployment of which raises a different set of problems and issues.


This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.