M150 Unit 14 ISBN0749257717 - WordPress.com · cracker term hacker. Hackers and crackers. ......

14 –Hiding data an introduction to security

rjh429

Text Box

Level 3 accessible pdf file This pdf file has been produced by The Open University as part of its work to make course material as accessible as possible within the terms of the Special Educational Needs and Disability Act 2001 (SENDA). The file can be used in conjunction with the Windows Accessibility Control Panel to alter keyboard, sound, display and mouse options. The display options alter the size and colour of the window components of the file. The size, sharpness and rotation of the text can be altered using either Acrobat Reader or Acrobat eBook Reader software. The file is searchable using the Find command and text in the file can be copied and pasted into other text processing software. The file can also be used with screen reader software although the University can make no commitment that the file will be screen readable by every combination of Windows operating system and different versions of different screen reading software.

Copyright ª

1.1

This publication forms part of an Open University course M150 Data, Computing and Information. Details of this and other Open University courses can be obtained from the Course Information and Advice Centre, PO Box 724, The Open University, Milton Keynes MK7 6ZS, United Kingdom: tel. +44 (0)1908 653231, e-mail [email protected]

Alternatively, you may visit the Open University website at http://www.open.ac.uk where you can learn more about the wide range of courses and packs offered at all levels by The Open University.

To purchase a selection of Open University course materials visit the webshop at www.ouw.co.uk, or contact Open University Worldwide, Michael Young Building, Walton Hall, Milton Keynes MK7 6AA, United Kingdom for a brochure. tel. +44 (0)1908 858785; fax +44 (0)1908 858787; e-mail [email protected]

The Open University, Walton Hall, Milton Keynes, MK7 6AA

First published 2004

2004 The Open University

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, transmitted or utilized in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without written permission from the publisher or a licence from the Copyright Licensing Agency Ltd. Details of such licences (for reprographic reproduction) may be obtained from the Copyright Licensing Agency Ltd of 90 Tottenham Court Road, London W1T 4LP.

Edited, designed and typeset by The Open University.

Printed in the United Kingdom by The Alden Group, Oxford.

ISBN 0 7492 5771 7

CONTENTS 1

2

3

Computers and security .................................. 5

1.1 Why is security important? 5

1.2 Some examples of major security breaches 6False authority syndrome 6

Newt Gingrich and list linking 6

Roll your own credit cards 6

A web attack 7

Citibank and the missing $12m 7

The internet worm 7

Cryptography: a technology for security ......... 8

2.1 Terminology 8

2.2 A short history of cryptography 9Encryption in the ancient world 9

The Romans and encryption 11

Hieroglyphs and decryption 12

The one-time pad 13

Enigma 14

Why all this history? 17

2.3 DES: an industrial symmetric cryptography technique 17How DES works 18

The cracking of DES 19

2.4 Asymmetric key cryptography techniques 20

2.5 Summary 22

Security in industry ........................................ 23

3.1 Secure Sockets Layer and the transfer of secure data 23

3.2 Digital signatures 25

3.3 Digital certificates 27

3.4 Web security 28Firewalls 28

The use of SSL 29

SET 29

3.5 Summary 30

3

–Unit 14 Hiding data an introduction to security

4

5

6

The limits of security...................................... 31

4.1 What cryptography can and cannot do 31

4.2 Denial of service attacks 32

4.3 Viruses 33

4.4 Non-technical attacks 34

4.5 The security environment 35

4.6 Summary 37

The single user and security ......................... 38

5.1 The internet and its traffic 38

5.2 Why the internet is not secure 43

5.3 Spammers, scammers, crackers and stalkers 44Spam 44

Scams 45

Privacy violations 45

5.4 Guarding against Armageddon 46

5.5 Summary 49

Unit summary................................................. 50

6.1 Learning outcomes 50Key terms 51

This unit was prepared for the course team by Darrel Ince and Mike Richards.

4

Computers and security

1 Computers and security

This unit changes tack from the first three units in the block in that it is about computer security and, in particular, how information can be hidden and disguised so that prying eyes, often belonging to criminals, are unable to read or change it. This unit concentrates on the technical means that are used to protect data and information, the main one being cryptography: the science of changing data via transformations that make them unreadable (but recoverable in the right hands). The unit concentrates on how both the individual user and large industrial concerns can protect their data.

Before looking at some of the technologies, it is worth looking at some of the ways that security has been compromised in the past in computer systems.

1.1 Why is security important?

Many people have items of information that they wish to keep from others. For example, we consider it essential to control access to data in our bank accounts and our health records. You will have used security technologies such as locks and possibly burglar alarms for your home for some time. In this unit you will study some of the many computer security technologies that are used on a day-to-day basis. Just as locks and burglar alarms can be bypassed, so too can their computer versions be broken or ‘cracked’; in this unit you will study how.

cracker

term hacker

Hackers and crackers The term is used to describe someone who attempts to overcome some security technology, usually for criminal intent. The

is used to describe someone with superior software skills who uses them legally. For example, a hacker may be an expert in building large database programs quickly for an insurance company. The problem is that terminology is fuzzy in this area; for example, newspapers invariably refer to crackers as hackers.

There are also many security breakthroughs which have helped shape the electronic world. After studying this unit you will be familiar with the important techniques used in both the past and present to hide data and protect information.

5


By the end of the unit you should also be aware of some common technologies used to hide information and how you might employ them on your home computer.

1.2 Some examples of major security breaches

Security attacks

email.

A file attachment is a file sent with an

Before studying computer security technologies it is worth describing some examples of incidents which the technologies are intended to guard against. By the end of the unit you will see that they have had some, although not total, success.

False authority syndrome In 2001, members of staff at the Open University received an email from friends or colleagues which warned them that their computer had been infected with a virus which had planted a destructive program in the computer that would cause it to malfunction and that a file had probably been transferred to their computer. The email contained instructions on how to remove the file. The file it referred to was not a rogue file, but was necessary for the operation of the Windows operating system. Those of my colleagues who believed the email and removed their file found that their computer was unable to start up and had to be reloaded with the Windows software again. This form of attack is known as false authority syndrome.

Newt Gingrich and list linking The speaker of the American House of Representatives, Newt Gingrich, was the subject of an attack known as list linking. One of the features of the internet is mailing lists. A mailing list is associated with a particular topic such as angling, Chinese politics or some software technology such as the Windows family of operating systems. An internet user interested in the topic registers with a mailing list and is then sent emails which contain postings from other members of the list or from the organiser of the list, e.g. notifying them of an event that is being held in the near future or a relevant website which has just started up.

Gingrich was registered with a large number of mailing lists by another user, and was sent many emails containing large file attachments. This clogged his mailbox to such an extent that he was unable to read his normal mail under the blizzard of free offers, event notifications, news items and file attachments. This attack is known as a denial of service attack as it denies the user some important service that the computer provides: in this case emailing.

Roll your own credit cards A European bank became the victim of crime when one of its employees responsible for the issue of credit cards issued a number of cards to fictional people at an accommodation address. The employee picked up the cards, all

6

Computers and security

of which had high credit limits, and went on a spending spree which approached £100,000.

A web attack In the late 1990s, eBay, the online auction company, had its website attacked by an intruder, an attack known as a web attack. The intruder wrote a program that delved into the innards of the files which contained customer information. The intruder was able to gain log-in information from the attack which seriously compromised the accounts of eBay users.

Citibank and the missing $12m A Russian cracker infiltrated the computer files of Citibank, a major American bank, and transferred $12m from its accounts. The total cost to Citibank was not known because they also lost a number of high-value accounts from customers who felt that they could not trust the bank to hold their money.

The internet worm In the 1980s when the internet was in its infancy a programmer called Robert Morris wrote a program which moved from computer to computer on the internet. When it entered a computer it spawned a number of copies of itself which dominated the processor of the computer to such an extent that the computer response slowed to the point where it became unusable. This program, generically known as a worm, also sent replicas of itself to any other computer connected to the one it had infected. A worm is a computer program that transfers itself from computer to computer on a network; when it reaches a computer it may carry out some destructive act such as deleting a file and then moves on to another computer.

This unit aims to:

n explain the principles of cryptography and give a short history of cryptographic techniques;

n illustrate how cryptography can aid the security of computer applications;

n show how cryptography allows businesses to complete financial transactions and authenticate users;

n explain the limitations of computer security and how security may be compromised;

n show why information passing over the internet must be secured;

n discuss why security should be a concern for individual users.

eBay

The term ‘worm’ comes from the fact that the program ‘tunnels’ its way into a computer.

7


2 Cryptography: a technology for security

In this section, you will study cryptography and its application in the real world. To do this, you will study many examples of security technologies – some historic, and some modern. The history is not only interesting, but will help describe the techniques which are still in use today.

The section aims to:

n introduce you to the terminology of cryptography;

n show you how cryptography has been used for thousands of years;

n describe single key cryptography;

n describe some asymmetric key cryptography techniques.

2.1 Terminology

Cryptography is the study of secret codes. It involves transforming a document (or, more generally, data) which can be understood by a reader into a document which cannot be understood, while retaining the same information content. The process of transforming the text is known as encryption. Converting an encrypted text back to its original form is known as decryption. The original, understandable text is known as the plain text (sometimes written as plaintext); the transformed text is known as the cipher text (sometimes written as ciphertext).

The transformation of a plain text into a cipher text uses some well-defined set of steps which is varied according to an entity known as a key. For example, a key might be a number which specifies how many places along the alphabet a character in the plain text is to be changed into a character in the cipher text: the key 2 might translate the character ‘a’ to the character ‘c’, ‘b’ to ‘d’, ‘c’ to ‘e’, ‘d’ to ‘f’, and so on.

When the same key is used for encryption and decryption, it is known as symmetric key cryptography. When two different keys are used, one for encryption and another for decryption, it is known as asymmetric key cryptography.

SAQ 2.1

If the text ‘Hello there, I am Richard’ is transformed into ‘Kki89876rtt55%%44’, which is the plain text and which the cipher text?

8

Cryptography: a technology for security

Answer to SAQ 2.1 3

The ‘Hello there, I am Richard’ is the plain text as it is understandable; ‘Kki89876rtt55%%44’ is the cipher text.

2.2 A short history of cryptography

Encryption in the ancient world The first known mention of secret writing occurs in The Histories written by Herodotus. Herodotus was born in Helicarnassus (now in modern Turkey) around the year 490 BC. The Roman writer Cicero called Herodotus ‘The Father of History’ because of his novel approach to writing. Herodotus was the first scholar to separate first-hand experiences from reports and supposition. His history of the Greek Empire of the Mediterranean ran to nine volumes.

Herodotus lived during the conflict between the expanding Greek world and the declining Persian Empire and descriptions of these battles became part of The Histories. In one volume Herodotus tells of Demaratus, a Greek exile in the Persian Empire who had become a confidant of the Persian Emperor Xerxes the Great. Persian plans to invade Greece came to Demaratus’ attention; despite being out of favour in his native country, he was sufficiently concerned to send word to the Greeks:

I will now return to a point in my story where I omitted to mention something. The Spartans were the first to get the news that Xerxes was preparing an expedition against Greece; thereupon they sent to the Delphic oracle and received the answer of which I spoke a little while ago. The way they received the news was very remarkable: Demaratus, the son of Ariston, who was an exile in Persia, was not, I imagine – and as is only natural to suppose – well disposed towards the Spartans; so it is open to question whether what he did was inspired by benevolence or by malicious pleasure. Anyway, as soon as news reached him at Susa that Xerxes had decided upon the invasion of Greece, he felt that he must pass on the information to Sparta. As the danger of discovery was great, there was only one way in which he could contrive to get the message through: this was by scraping the wax off a pair of wooden folding tablets, writing on the wood underneath what Xerxes intended to do, and then covering the message over with wax again. In this way the tablets, being apparently blank, would cause no trouble with the guards along the road. When the message reached its destination, no one was able to guess the secret until, as I understand, Cleomenes’ daughter Gorgo, who was the wife of Leonidas, divined it and told the others that, if they scraped the wax off, they would find something written on the wood underneath. This was done; the message was revealed and

9


read, and afterwards passed on to the other Greeks. That, at any rate, is the story of what happened.

(Herodotus, The Histories, Book Seven, Section 239)

The technique of physically hiding a message inside an innocent-looking document is known as steganography (derived from the Greek word steganos meaning hidden). Technologies such as invisible ink and microdots are more modern forms of steganography.

2

SmartWater SmartWater is a powerful new steganographic method of identifying valuable objects. Many shops sell ultraviolet marker pens that can be useful in recovering stolen objects. However, the ink in these pens is not indelible, the pens cannot be used on many surfaces and museums are reluctant to use chemicals that may react with the object over long periods of time.

SmartWater is a patented product containing up to 30 trace chemicals dissolved in water. The presence or absence of an individual chemical acts very much like a binary 1 or 0. With 30 chemicals to choose from there are over a billion unique combinations (and potentially even more combinations as the manufacturers can choose different chemicals).

The customer paints SmartWater on their objects where it dries leaving no apparent trace. If an object is stolen, or later needs to be identified the SmartWater can be revealed using an ultraviolet light. A swab is then used to remove some of the SmartWater which is analysed in a laboratory to reveal the exact chemical composition of the sample. This is then cross referenced with the SmartWater database and the owner identified.

SmartWater

Steganography can be used to hide data inside picture files. Steganographic software encodes data by very slightly changing the colour values of each pixel. The image appears almost identical to the original and there are no obvious signs that it contains additional data. Steganography can be used where obvious encryption would attract unwanted attention. The image can be sent to a recipient who will use identical software to extract the hidden data. Anyone intercepting the message sees only the image. Even if they suspect there is a message hidden in the image, their inspection can be foiled by encrypting the data.

Analysis shows that steganography has been used on a small percentage of images posted to the internet. It has also been alleged that terrorists and criminals use the technique to communicate with one another.

An important form of steganography is called digital watermarking, which is used to authenticate the ownership of data. It is discussed more fully in Unit 15.

10


AD

–

Invisible ink Many children have enjoyed sending messages to one another using invisible ink, but the technique has been used for centuries to send secret messages. Pliny the Elder wrote of ink derived from plant sap in the first century . Other substances that have been used include milk, lemon and onion juices. In each case the hidden message can be revealed by gently heating the document, because the ink is rich in carbon and chars to leave a black imprint. Other formulas rely on inks containing starch that can be revealed using iodine solutions.

A related technique first described Giovanni Porta in the sixteenth century is to write on the shell of a hard-boiled egg using a solution of one ounce of alum (aluminium potassium sulphate available from a chemist’s shop) dissolved in a pint of vinegar. The solution penetrates the porous shell and reacts with the protein of the egg white. When the shell is broken, the message can be seen on the surface of the white.

More recent invisible inks include the ink used in security marker pens that can be used to help protect expensive items from theft. The ink is almost invisible in normal light but fluoresces blue-violet under ultraviolet light. (Similar chemicals known as optical brighteners are used in laundry detergents to make whites look brighter.)

A February 2002 decision by the US District Court for the District of Columbia ruled that the United States Government did not have to release the formula of the invisible ink used by the CIA. The formula is the oldest piece of classified information held in the National Archives and Records Administration and was originally produced in 1917 from a German formula. The file will now remain closed until at least 2020.

The Romans and encryption The Romans were the first to use encryption as a serious technology in warfare. An early method of encryption is attributed to Julius Caesar by the Roman writer Suetonius; it was certainly used by his armies and became part of standard Roman military doctrine. The Caesar cipher as it came to be known has continued in use through to the present day, although it has lost most of its usefulness. ‘Secret Decoder Rings’ given away with breakfast cereals or comics use the same technique. Caesar shift ciphers can be a lot of fun for children and teach many of the basic concepts behind other encryption techniques.

A Caesar cipher works by replacing each letter in the alphabet with another taken from a fixed distance (the shift) further down the alphabet. An easy way to do this is to allocate a number to each letter from 1 to ‘a’ to 26 to ‘z’, as shown below.

1 2 3 4 ... 22 23 24 25 26

a b c d ... v w x y z

11


key.

The value 3 used to carry out the transformation is known as the

The creator of the cipher then decides the value of the key, i.e. the number of places to shift each letter. Suppose we choose 3 – so that each letter will be replaced by the letter three places down the alphabet (with the alphabet wrapping around to the start). So ‘a’ is shifted three places to ‘d’, ‘b’ to ‘e’, and so on. The following table shows how the Caesar shift cipher for a shift of three works.

a

;

b

;

c

;

d

;

... v

;

w

;

x

;

y

;

z

;

d e f g ... y z a b c

EXERCISE 2.1

Using the Caesar cipher encrypt the message ‘hello there’ with a key of three.

Discussion

The solution is khoor wkhuh.

In the Caesar cipher, each letter in the alphabet can only be substituted by one other letter: this form of cipher is therefore known as a monosubstitution cipher. In modern versions the process used in transforming a text into its encrypted form is much more complicated and leads to polyalphabetic ciphers.

For the Caesar cipher, decryption is achieved by reversing the shift process, converting d back to a, e to b, and so on. Because the keys used to encrypt and decrypt are the same, the Caesar cipher is an example of symmetric key cryptography.

This would of course, require a knowledge of the key.

SAQ 2.2

Why are there only 25 possible Caesar keys?

Answer to SAQ 2.2 3

There are 26 letters in the English alphabet. A Caesar shift of 0 would replace a letter with itself, as would a Caesar shift of 26. A Caesar shift of 27 is equivalent to a Caesar shift of 1, a shift of 28 is equivalent to 2, and so on. The only valid Caesar shifts are with keys of 1 to 25 and there are 25 of them.

Hieroglyphs and decryption The ancient Egyptians used a script known as hieroglyphics to communicate. The last hieroglyphic inscription can be precisely dated to 24 August 394, after that time any knowledge of their meaning was quickly lost. Ancient Egypt remained as a vague memory to the Europeans. It would not be until the seventeenth century that Europeans would risk the wrath of the Mamelukes, the rulers of Egypt, and venture back into the country.

12


The Roman emperors had removed Egyptian monuments to Rome and many other inscribed fragments had also made their way to the West. Written in a beautiful and baffling script, the words of the Egyptians defeated all attempts to translate their meaning. Authorities held that the hieroglyphs contained magical spells, the secrets of alchemy and long-lost ancient knowledge.

Napoleon Bonaparte attempted an invasion of Egypt in 1798. It was a resounding failure. Although the French defeated the Mameluke armies, it was forced to surrender by the British Navy under Nelson. Despite being a military disaster, the expedition was responsible for two major intellectual landmarks. First, French surveyors made the first comprehensive survey of the country in modern times, drawing and recording many ancient monuments (some of which have subsequently been destroyed) – their drawings in Description d’Egypte were the most accurate documents ´

available to generations of scholars. Second, Napoleon’s engineers uncovered the famous Rosetta Stone which would be key to the decryption of hieroglyphs. Effectively, the Rosetta Stone contained both writing which could be understood and the hieroglyph translation of that writing. The stone was given to the British as part of the surrender terms of the French Army in Egypt; it is now housed in the Egyptian Hall of the British Museum. The modern understanding of hieroglyphs was first achieved by the French genius Jean Francois Champollion in the eighteenth century. Much to the disappointment of those who expected to find mystical knowledge, hieroglyphs turned out to be a complex but otherwise ordinary form of writing.

The one-time pad In 1918, Major Joseph Mauborgne, an American Army cryptographer made a major breakthrough in ensuring the security of a message. A profound weakness of many cryptography systems is that they use a meaningful word (or words) to form the key. An enemy might be able to break the encryption by looking for these words in the key. Mauborgne’s first contribution was to use a key comprised of random letters, i.e. with no recognisable words in the key, so that any attempt to break the cipher would require every possibility to be tested.

Mauborgne’s second idea was that the keys would be used once – and then destroyed. Pads were printed, each comprised of many pages containing thousands of random characters. Two copies were made of each pad, one for the sender, the other for the recipient.

When a message is encrypted with a so-called one-time pad, the sender uses the key on the top page of the pad. The sender uses a cipher to encrypt the message before transmitting it to the recipient. The plain text is recovered when the recipient uses their copy of the top page. The recipient then sends confirmation that they have read the message. At this point, both parties destroy the top pages.

It has been proved that one-time pads are absolutely secure – provided the following conditions are met.

13


Nowadays, an electronic variant incorporating this one-time pad is used for secure transmissions across the internet using a technology known as SSL (discussed in Subsection 3.1).

Enigma

n The page is destroyed and never re-used. Encryption is most secure when there is no repetition. If keys are reused, there is a chance of repetition.

n The keys are truly random. Unfortunately, for complex scientific reasons, the generation of truly random values is extraordinarily difficult.

n The pads remain secure and do not fall into the hands of anyone else.

For many reasons, the one-time pad never became a popular choice for encrypting material. It remained largely confined to espionage operations and for ultra-secure communications such as the ‘hotline’ between the Presidents of the United States and of the Soviet Union. A variation of the one-time pad is used for the authorisation keys required to fire nuclear missiles.

Enigma In the period between the First and Second World Wars, Germany invested a huge amount of effort into improving cryptography. This resulted from the ease with which the British had compromised the cryptographic systems used by Germany in the First World War.

The Enigma machine is always associated with the Second World War, but it was originally patented in 1918 and intended for commercial use. Through the high standards of German manufacturing technology a machine of unparalleled sophistication was constructed. The Enigma machine resembles a mechanical typewriter and is relatively portable. It has three main components, a keyboard for entering messages, an illuminated board (or printer) for displaying the encrypted letters, and the encryption device itself.

At the heart of the Enigma machine are three toothed wheels known as rotors. Each rotor is labelled with the letters of the alphabet and can be set in any of 26 positions. The sides of the rotors have electrical contacts – one for each letter, the interior of the rotors is a maze of wiring, joining a letter to be coded to its encrypted version. Pressing ‘a’ on the keyboard could result in the encrypted result ‘t’, while ‘b’ might be encrypted as ‘a’. Each wheel, therefore, acts as a simple monosubstitution cipher, which as we have already seen is not a very secure system of encryption.

However, in the Enigma machine, each key press advances the rotor by one position, so the letter ‘a’ might first be encrypted as ‘t’, but on a second key press ‘a’ could be encrypted as ‘g’. This produces a so-called polyalphabetic cipher in which the encryption process is switched between different characters. Polyalphabetic ciphers are much more difficult to break than monosubstitution alphabets.

EXERCISE 2.2

What would happen in a single rotor Enigma machine if the same key were pressed 26 times?

14


Discussion

The Enigma would appear to produce new encryptions for the first 26 letters as the rotor gradually rotated, creating a new circuit on each key press. However, on the twenty-seventh key press the rotor would have completed one revolution and for the example above, the letter ‘a’ would once again be encrypted as ‘t’, then ‘g’, and so on.

Enigma doesn’t use just one rotor; it uses three. The electrical signal leaving the first rotor enters the second rotor and is further scrambled. The process is repeated in the third rotor. As the first rotor completes one revolution it pushes the second rotor forward by one place, changing the circuit paths and therefore the encryption. After 26 complete revolutions of the first rotor, the second rotor completes one revolution, and the third rotor moves on one place.

EXERCISE 2.3

How many key presses are required to make the third rotor complete a rotation and restore the original order of the wheels?

Discussion

Each rotor has 26 positions, so the original order is restored when 26 6 26 6 26 = 17,576 key presses have occurred.

For additional security, Enigma’s designers made each rotor interchangeable. The rotors can be removed from the Enigma machine and replaced in any order. (Enigma users were also issued with additional rotors and could choose to use any three out of five for the Army, or four out of eight for the Navy.)

An additional feature of the Enigma, which along with all its other features made it the toughest technology to crack, is the plug board. This is a simple electrical circuit which exchanged characters before they entered the rotors, e.g. the letter ‘a’ could be swapped with the letter ‘d’ and vice versa before encryption started.

To use the Enigma machine it was vital for the sender and receiver to agree on which of the rotors they would use, what order the rotors would be placed in the machine, which of the 26 positions each rotor would be initialised to and the plug board connections.

All of this was done using codebooks. German forces were much less concerned with the physical safety of the Enigma machines than they were of the codebooks, they went to great lengths to secure the books, including printing naval codebooks with water-soluble ink that would vanish should a vessel be lost.

The cracking of Enigma was a profound turning point of the Second World War and one of the major contributors to the earlier ending of the conflict. The following were weaknesses in the Enigma system that allowed it to be cracked.

15


Bletchley Park

n The code books had to be distributed to all users. These code books could (and did) fall into enemy hands and could be used to decrypt all of the ciphers. (A system that does not rely on the exchange of code books or keys is much more secure. This was thought to be impossible until the discovery of the RSA cipher, which you will study in Subsection 2.4.)

n The key used to encrypt a particular message should have been randomly chosen. Repetition is always bad in encryption as it raises the possibility that people attempting to break the cipher will find a pattern. In fact, as it is very difficult to create truly random keys, many operators either chose the same letter three times, or reused the same message key over and over again. The British termed these mistakes ‘cillies’.

n The Enigma never encrypted a letter as itself. This made it easier for the British to crack the Enigma code. Modern encryption systems do not have this flaw and do allow for letters to be encrypted as themselves.

n The British knew that German plain text messages often followed a pro forma, perhaps starting ‘An die Gruppe’ (To the group) and could guess some of the content of the message. This guess was called a ‘crib’. The crib was printed onto a strip of paper and laid next to the encrypted message. Since it was known that Enigma could not encrypt a letter as itself, it was a relatively trivial task to try and find a location where no letters in the crib matched the corresponding letter in the text. The crib was moved left and right in the hope of finding a suitable location. If one was found, the potential relationships could be investigated further.

The German military relied on Enigma for the vast majority of their battlefield communications. They had almost complete confidence that the encryption system could not be broken and continued to use it, despite suspicions in German counter-intelligence that the British were reading at least some Enigma traffic. Because they continued to use a flawed system and insisted on the users following methods that provided insights into the workings of Enigma, the British were able to read their communications, with disastrous consequences for the German military.

The battle against Enigma was conducted using espionage and military actions including the recovery of Enigma machines and codebooks from German ships and submarines. The Battle of the Atlantic was directly influenced by the success of the Allies’ Project Ultra to decode German and Japanese communications. Britain’s very survival was dependent on imports of food and crude oil from the United States and Canada; had the German U-boat fleet cut that lifeline, Britain would have not been able to continue to fight the war.

Cracking Enigma did not contribute greatly to the first two years of the War. The U-boats were virtually unstoppable, in 1940, between March and May, over 300 Allied ships, amounting to 1.5 million tons were sunk. Up to the middle of 1941 the German submarines had sunk an average of 280,000 tons of shipping every month. As Project Ultra made progress with decrypting the signals this declined to 62,000 tons by the end of November, when U-boats were temporarily withdrawn from the North Atlantic.

16


U-boats re-entered the Atlantic war in 1942, equipped with a new 4-rotor Enigma system known to the British as Shark. With no access to Enigma codes, the Allies were unable to divert shipping from the waiting U-boats, losses mounted rapidly culminating in November when over 720,000 tons of shipping was destroyed. The breaking of Shark and new anti-submarine warfare technology thereafter reversed the trend with the U-boat essentially defeated by the middle of 1943.

Military specialists cannot be certain of the consequences of the decryption of Enigma, but they are sure that it contributed greatly to the earlier end of the war. Without Enigma intelligence it is likely that the British would not have won the battles of North Africa, that the Allied invasion of Normandy would have been delayed at least until 1945 and that the war might have ended as late as 1948 with countless additional millions dead.

Why all this history? You could be forgiven for asking why we have devoted some pages detailing the history of cryptography. The answer is much of what we have detailed can be found in modern cryptographic technology. For example, the processing of characters within Enigma in order to encrypt them is similar to that used in a modern technology such as DES (described in Subsection 2.3) and one-time pads are used in the SSL technology used to send encrypted data across the internet (see Subsection 3.1). The history of cryptography has allowed us to introduce many concepts relatively easily.

2.3 DES: an industrial symmetriccryptography technique

Over the last two decades one of the most important cryptography methods has been the Data Encryption Standard (DES). This is an encryption standard which was developed by IBM for the American government and adopted in 1976. The standard was developed in conjunction with an organisation known as the National Security Agency, a governmental body responsible for US state security. When developed it was hoped it would provide as much as 30 years of freedom against it being broken.

DES uses cryptography for the bulk transfer of data. You will study it in this unit for a number of reasons:

n it has been the most popular method for encrypting and decrypting data used over the last two decades;

n it uses the concepts that are the basis of many other techniques;

n it has given rise to a number of concerns related to privacy.

History has shown weaknesses in forms of encryption – the relative ease with which encryption can be broken, shortcomings in the techniques themselves, the problem of keys falling into the wrong hands and an over-reliance on the security of encryption itself. All of these problems must be addressed by the developers and users of modern encryption systems.

Some issues about privacy are dealt with in Unit 15.

17


both

DES and privacy In mid 1975 the computing community was informed that the American government was to promote and make mandatory the use of the DES technique for government software applications. What this meant was that it would become the de facto standard for governmental bodies and non-governmental bodies in the United States since many companies have business connections with the American government.

DES uses a 56-bit key. At the time, many cryptographers criticised the use of a 56-bit key since they felt that it made DES crackable and so they unsuccessfully lobbied for the key size to be increased. Indeed many of them felt that the decision to go for a small key was based on the fact that DES could be easily cracked by the American government. The debate over this has carried on for a quarter of a century without any resolution. What can be said, though, is that as computers became more and more powerful in the 1990s DES did become crackable and has been superseded by the much stronger AES standard.

You do not lose any characters in permutation.

How DES works One party creates a key which is shared with a second party and this key is used to encrypt messages. Of course, how the key is shared provides potential security risks.

The technical aspect of DES involves a combination of permutation, swapping and a technique known as function application, with the details of the combinations controlled by a key.

Permutation involves moving around the characters within a message. A simple example of permutation might involve moving each character one place forward with the last character being placed as the first character, so that, for instance, the word ‘hello’ would be permuted to ‘elloh’. DES uses much more complex types of permutation.

DES also uses the swapping of text. This might involve, for example, taking a chunk of data and swapping its first half with the second half. So if the word ‘random’ was processed in this way it would be transformed to ‘domran’. (This process is also known as transposition.)

The third transformation applied by DES is that of function application. This is a mathematical transformation which changes a message based on a key. A simple example of a function application was the Caesar cipher.

DES applies a large number of complex permutations, function applications and some swapping to transform a plain text into a cipher text. Because, for a computer, permutation, swapping and function application can be programmed to work efficiently, DES is fast. Indeed it is often done using special purpose hardware, which applies a transformation, passes the output of the transformation along to another transformation, and so on.

18


SAQ 2.3

What does swapping do?

Answer to SAQ 2.3 3

It takes two collections of characters and exchanges the first collection with the second.

SAQ 2.4

What does permutation do?

Answer to SAQ 2.4 3

It shuffles the characters in a message so that although the same characters appear, they appear in different positions.

The cracking of DES By 1997 a number of researchers had designed special purpose computers which could crack DES in a comparatively short time by what is known as a brute force method. A brute force attack on a cryptographic method involves feeding the encrypted text into a computer which tries every possible key, checking that the output from the decryption makes sense. For example, it could find that the output contained words which were found in a dictionary. In 1997 special purpose computers could crack DES in six hours.

Another interesting attempt at cracking DES was made by a large number of volunteers using the internet. RSA Laboratories, a company involved in the development of DES and other cryptography-based products offered a $10,000 reward to anyone who could crack DES. A group of volunteers, using the internet as a communication medium, utilised spare resources on their PCs to crack the code, again using brute force. When a volunteer signed onto the project they were given a program which applied a series of keys to the text and a portion of the overall collection of keys that could be applied. The project finished in 96 days when the code was cracked after about a quarter of all possible keys had been examined.

Mass computing

problems.

19

Mass computing and the internet The cracking of DES by a group of volunteers is an example of something known as mass computing: the effort of a number of volunteers to utilise their PCs and the internet to solve a problem which requires considerable computational power. There are a number of these projects currently running on the internet. They include the SETI project which analyses radio transmissions from regions of space in order to determine whether there is any pattern in the data that indicates that extra-terrestrial life exists outside our solar system; projects which attempt to find large numbers which have certain mathematical properties; and other cryptographic

2.4

–

Asymmetric key cryptography techniques

Unit 14 Hiding data an introduction to security

One of the problems with symmetric key cryptography is that the key which is used to determine the permutation, swapping and function application used must be distributed to any recipient of a coded message. If there are a large number of parties sending and receiving messages using a key, then the probability of its being disclosed becomes higher as more and more senders and recipients start using it.

In order to get over this problem asymmetric key cryptography was developed. It is radically different from symmetric key cryptography because two different keys are used, one for encryption, another for decryption and so the technique is called asymmetric.

Asymmetric key cryptography has the following very important property – a plain text encrypted with a public key can only be decrypted with the corresponding private key. (In fact, the reverse is also true: a private key encrypted plain text can only be decrypted with the corresponding public key. You will study an important use of this in Section 3.)

In asymmetric key encryption, two people (A and B) who wish to communicate would do the following.

A and B both generate two keys: a public key and a private key that will be used in the encryption and decryption of messages.

A and B both publish their public key, e.g. on their websites. Their other keys (the private keys) are kept secret.

If A wants to send a message to B, A encrypts the message using B’s public key.

When B receives the message, B decrypts it using their private key.

Because B’s private key is known only to B but public keys can be known to anyone, this means that cryptography can be achieved without having to distribute keys. This makes asymmetric key cryptography much more secure than symmetric key cryptography.

The relationship between a public and a private key is beyond the scope of this course.

SAQ 2.5

If B’s private key is known by a third party, does this compromise the sending of secret messages from A to B?

Answer to SAQ 2.5 3

Yes, the third party can then read the messages sent by A, encrypted using B’s public key.

20


The secret history of cryptography It is a common belief, even today, that asymmetric key cryptography is an American invention and that Whitfield Diffie and Martin Hellman were the inventors. The technique was in fact devised by James Ellis, a government scientist working for the United Kingdom’s Communications Electronics Security Group in Cheltenham. Because his work involved cryptography and he was a government employee, Ellis was not able to publish his work externally until 1987. What can be said though of Diffie and Hellman is that they made the technique a practical proposition.

RSA is the most popular of the small number of asymmetric key techniques that are available to computer users. RSA takes its name from its inventors – Ron Rivest, Len Adleman and Adi Shamir.

There is a major drawback to RSA (and to other asymmetric key cryptography techniques): they are computationally very time consuming. This is in contrast to DES or other symmetric techniques which can be made very fast.

RSA

SAQ 2.6

Which technique would you use to encrypt a large collection of web pages that are to securely be sent over the internet, RSA or DES?

Answer to SAQ 2.6 3

You would use DES. Web pages contain many characters of text and it would be inefficient to send them using RSA because it is so time consuming.

EXERCISE 2.4

In Subsection 1.2 we described an incident where an internal credit card fraud meant that a bank lost a considerable amount of money. Would DES or RSA have helped here?

Discussion

No, it would not have helped at all. No transfer of data occurred; it was just an internal bank fraud.

In Section 3, you will study some of the industrial uses of asymmetric methods such as RSA, some of which are used in conjunction with symmetric techniques. However, it is worth saying at this point that there are a number of uses of cryptography. We have concentrated on its use in hiding data that is sent over communication lines. Another important use is encrypting files so that they cannot be read by anyone who does not possess a key.

21

–

ACTIVITY 2.1


This activity asks you to write a short article on cryptography.

2.5 Summary

This section has described the process of modifying text in order to hide it: a technique known as cryptography. It introduced a number of the techniques used in cryptography by placing them in a historical context. Two types of cryptography were described: symmetric key cryptography where the same key is used to encrypt and decrypt and asymmetric key cryptography where two keys – a public key and a private key – are used.

22

Security in industry

3 Security in industry

So far in this unit you have studied the main principles of cryptography and looked in detail at two industrial cryptographic methods. The aim of this section is to:

n show how data can be transferred securely using SSL;

n describe digital signatures and explain how they can prove that a certain person sent a particular message;

n explain how digital certificates can be used for verification purposes;

n outline how all these technologies can be used to make the web secure.

3.1 Secure Sockets Layer (SSL) andthe transfer of secure data

When you transfer data across the internet there is a major security problem: the communication lines that connect computers on the internet are public, so someone who has the technological means could read the data that is sent. Because it might contain health records or credit card details there is a need to somehow keep the data secure.

Secure Sockets Layer (SSL) is currently the most popular way of ensuring that data is sent securely from one computer on a network to another.

once.

SSL is somewhat similar to the use of one-time pads in that keys are created just

EXERCISE 3.1

One way of sending large files of encrypted data is to use asymmetric key cryptography: computer A creates a private key and a public key, and sends the public key to a second computer B from which it wishes to receive a message. Computer B encrypts the message using the public key and computer A decrypts the message using the private key.

What is the main advantage of this and what is the main disadvantage? You may want to read the subsection on asymmetric key cryptography again before answering this question.

23


Discussion

The advantage is that because the private key is stored on just one computer there are no security worries about private keys being sent to the other computer. The main disadvantage is that asymmetric techniques such as RSA are very inefficient in terms of processing time.

Exercise 3.1 described an excellent way of transferring data between computers: it used a highly secure technique and the private key was not distributed over insecure communication lines. However, it suffered from an efficiency problem. SSL is a technology which improves the efficiency of this process.

There are a number of steps involved in the transfer of data such as collections of credit card details, using SSL. They are outlined below (with some of the details which might cloud your understanding omitted).

1 Two computers A and B exchange information about the encryption and decryption methods they are going to use.

2 Computer A generates a key for sending bulk data to the computer B using a symmetric key cryptography technique, such as DES.

3 Computer A encrypts the symmetric key using the public key of computer B and sends it to computer B.

4 Computer B receives the encrypted symmetric key and decrypts it using its own private key. At this point both computers know the symmetric key.

5 Computer A sends data to computer B using the symmetric key.

6 When computer B receives the data, it can decrypt it using the symmetric key.

This is obviously a simplification. For example, we have omitted any discussion of how the computers identify and authenticate each other. It is worth pointing out that the symmetric key that is generated (it is known as a one-time key) will vary each time a data transfer takes place between two computers: the same key is not reused. So, for example, if I communicated my credit card details to an e-commerce site, moved my browser to another site and then sent the credit card details again, a different symmetric key would be used.

EXERCISE 3.2

In Subsection 2.3 we described one-time pads. What aspect of one-time pads is used in SSL?

Discussion

SSL uses a one-time key, i.e. a key that is destroyed, once it has been used; it is never used again.

24

EXERCISE 3.3


SSL has become very popular and is the major technology for sending data across insecure networks such as the internet. Why do you think this is so?

Discussion

First, SSL is efficient: it uses symmetric cryptography for bulk data transfer. Second, SSL creates a key for each data transfer; because there is no single key that is used time and time again, there are no problems with key security. Third, SSL uses a highly secure way of transferring secure keys: asymmetric key cryptography.

SSL is used on most e-commerce websites and is supported by all modern web browsers. SSL sites can be distinguished from ordinary sites in a number of ways.

n Their addresses begin with https:// rather than http://. The extra s stands for ‘secure’.

n A small closed padlock is displayed in the border of the browser window.

n The browser may warn the user that they are going to a secure site (this warning is optional and can be disabled).

3.2

authentication (the

and non-repudiation

, a

Digital signatures

When two parties wish to communicate using a network (such as the internet) a number of problems can occur. Let us say party A sends a message to party B. Party B may forge a different message and claim that it came from A, or A can deny that the message was ever sent. A computer system that prevents this enforces two properties: receiver knows that a particular message originated from a certain user)

(a sender cannot deny sending a message). These are important properties, for example when a stock-broker receives by email an instruction from a customer to buy a large number of shares and the customer later denies that he or she made the instruction the broker should be able to prove that the email originated with the customer. Similarly the customer placing an order for 100 shares does not want the broker to claim that he or she was instructed to buy 10,000 shares.

One way to overcome this problem is to use a digital signaturetechnique which again uses asymmetric key cryptography. It employs a

Digital signatures

Documents can be signed to prove their authenticity and to deter thieves from passing work off as their own. Unlike digital watermarks (discussed in Subsection 2.2), digital signatures do not alter the contents of the file. Many software applications allow authors to ‘sign’ their creations, as do some professional digital cameras.

number known as a message digest. A message digest is simply a number calculated from a message. Message digest algorithms are complex but are chosen so that two different messages are exceptionally unlikely to have the same message digest. This means that, for instance, changes in a message can be detected by comparing the message digests of the original and changed versions.

25


For example, let us assume that the lower-case alphabetic characters ‘a’ to ‘z’ are stored in the computer as the numbers 1 to 26, the upper-case characters are stored as numbers 27 to 52 and spaces are stored as 53. Now suppose the message digest algorithm is that we take the sum of the number values in a message so that, for example, the message ‘Hello there’ would have the sum 34 + 5 + 12 + 12 + 15 + 53 + 20 + 8 + 5 + 18 + 5 = 187.

The message digest is then encrypted using the sender’s private key to produce a digital signature which is sent together with an encrypted version of the message using a symmetric key cryptographic method. Any (intentional or unintentional) changes to the message can be detected by recalculating the message digest and comparing it with the digital signature sent with the message. If any changes have been made, the message digest will be different.

EXERCISE 3.4

If the sender of the message denies it was ever sent, how would a digital signature prove that it was?

Discussion

The receiver would decrypt the message using the symmetric key, calculate the message digest from this decrypted message, and then compare it with the original message digest, decrypted with the sender’s public key. If they are the same then the message was sent by the person who is associated with the public key.

Digital signatures are extensively used for authentication and non-repudiation and lie at the heart of a trust technology known as digital certificates which are described in Subsection 3.3.

26

Message digests and viruses A virus is a program that enters a computer system and carries out some destructive act such as destroying important files. A virus can be transferred by email or by exploiting a weakness in the network software of a computer. Some of the most sophisticated viruses masquerade as a normal program or as part of a normal program which would reside on some permanent storage medium. They often have the same name and the same file size as the program they pretend to be.

Anti-virus software is used to discover these viruses. One way that such software works is to calculate the message digest of every program in the computer and compare it with what it should be. If the value is different from the message digest of the program they are masquerading as, the anti-virus software will warn the user. For this to work the anti-virus software requires that the message digests of all the programs in the system are stored in a secure file.

3.3 Digital certificates

One of the problems with asymmetric key cryptography is that there is no simple way that you can verify that the publisher of a public key is who they say they are. For example a criminal could set up a website which used the

Digital certificates


logos and design of a banking site, publish a public key and then do business using that key.

Digital certificates have been developed in order to overcome this problem. They require the involvement of an organisation known as a certificate authority: an organisation which can be trusted, perhaps by having some sort of national or official role. A postal authority may be a good choice for a certificate authority.

The certificate authority keeps a database of digital certificates. Each certificate will contain the following.

n The name of the authority that issued the certificate.

n The name of the user associated with this certificate.

n The public key of the user together with some description of the asymmetric cryptography method that the user employs.

n A digital signature. This is the contents of the certificate encrypted by the private key of the certificate authority.

Let us say that a customer wishes to do business with a company. The customer would look up the company’s digital certificate in the certificate store maintained by a certificate authority. In order to confirm that the certificate is in fact from the certificate authority the customer would use the public key associated with the certificate authority to decrypt the digital signature. This could then be compared with the contents of the certificate. If they match, then the certificate was issued by the certificate authority. The customer can then use the public key to decrypt messages from the company that is described by the digital certificate.

There are two questions begged by the description above: first, how is this verification carried out? And, second, how does the customer find the public key of the certification authority?

The answer to the first question is that everything can be done automatically by the software that the customer is using. For example, if the customer is communicating with an e-commerce site using a browser, it is the browser that will carry out all the checking. The customer does not have to do anything (or even be aware that anything is happening!).

The answer to the second question is that the public keys of any certificate authorities that a program trusts will be pre-loaded into a browser or any other program used for e-commerce, or an easy mechanism exists for the user of the program to add a public key.

27

3.4

–

Web security


Until now we have looked at individual security technologies. The aim of this subsection is to look at how each of these is used on a website, together with two other ways of ensuring security: firewalls and secure electronic transactions (or SETs). As the topic of web security is large, in this subsection you will only study the essential parts of it – those that give the big picture.

Firewalls A firewall is a software or hardware barrier which prevents an intruder from accessing a web server. Figure 3.1 shows an example of a typical firewall configuration. This is just one type of firewall architecture; there are many others.

web server

screening router

firewall

bastion host

internal network

the internet

You will study routers in more detail in Subsection 5.2.

Figure 3.1 A typical firewall configuration

The firewall provides two levels of protection for a web server. The first level is implemented by a hardware device known as a screening router (often just called a router). The screening router looks at all the packets of data which enter a protected private network. It can detect which ones can be allowed through and which ones have to be rejected on security grounds. For example, it would normally let email and web server requests from browsers through but would reject a request for a file held in the private network.

The second level, when web page access is required, is known as a bastion host (often known as a proxy gateway). This server is used to store web pages which are requested by users. If a page is requested and it is not stored on the bastion host, then the bastion host forwards the request to the real web server used by the enterprise that runs the private network. This server then passes the web page to the bastion host which then dispenses it to the browser that requested it. If an intruder manages to get past the router – the first level of security – then all he or she would find are temporary pages in transit to browsers in the internal network.

28


SAQ 3.1

How does a bastion host prevent an intruder accessing a company web server?

Answer to SAQ 3.1 3

It acts as a front-end to the web server. A cracker would have to infiltrate the bastion host before infiltrating the web server.

The use of SSL SSL is also used with web servers. For example, an e-commerce web server which validates a credit card before carrying out a transaction might need to access a server on a computer which can only be accessed through the internet. In this case SSL would be used for the transfer of the request and the sensitive data that is sent back. When we discussed SSL earlier we omitted one detail and that was that the parties to the transfer can authenticate each other by exchanging their digital certificates.

SET SET stands for Secure Electronic Transaction which is a security standard that protects credit card transactions on the internet. It was developed by a number of companies including IBM, Microsoft, Netscape and Verisoft. The key features of SET are as follows.

n Security of data. Cardholder and payment information is kept secret by encrypting the data using DES.

n Integrity of data. SET uses message digests to ensure that the data that has been sent has not been altered in transit.

n Cardholder authentication. SET uses digital certificates to validate that a cardholder is a legitimate user of a valid account number.

n Merchant authentication. Digital certificates are used to validate a merchant to check that they can accept credit card transactions.

ACTIVITY 3.1

This activity asks you to examine the security settings on your browser.

29

3.5

–

Summary


In this section, you have studied how the cryptography idea described in Section 2 is implemented for use on the internet. It has described technologies such as digital certificates and message digests that enable data to be sent and stored on the internet in such a way that the normal user can be confident the data cannot be accessed or changed.

The section also discussed how a computer system can employ routers and bastion hosts to provide a firewall which prevents access to outsiders. In the next section, you will study some of the limits to security technologies.

30

The limits of security

4 The limits of security

After studying the previous section, which described how hardware and software could be used to defeat attacks on a modern computing system, you will be forgiven for thinking that all the problems of security in a network, such as the internet, have been solved. This section aims to:

n outline the limits of cryptography;

n describe technical attacks on computers;

n describe non-technical attacks on computers;

n explain what human beings can do to keep their computers safe.

4.1 What cryptography can and cannot do

So far in this unit you have studied the main technology that is used for security: cryptography. However, cryptography is not a panacea. It is worth starting this section with a quotation from Bruce Schneier, a leading cryptographer, security consultant and author of the book Secrets and Lies. In the following quotation he mentions mathematics; this is a reference to the rather deep and complicated mathematics that is used to derive and analyse cryptographic methods.

Since writing this book I have made my living as a cryptography consultant; designing and analysing security systems. To my initial surprise I found that the weak points had nothing to do with the mathematics. They were in the hardware, the software, the networks, and the people. Beautiful pieces of mathematics were made irrelevant through bad programming, a lousy operating system, or someone’s bad password choice. I learned to look beyond cryptography, at the entire system, to find weaknesses. I started repeating a couple of sentiments you’ll find throughout this book: ‘security is a chain; it’s only as secure as the weakest link’; ‘security is a process, not a product’.

EXERCISE 4.1

What do you think the sentiment security is a chain; it’s only as secure as the weakest link means?

31


Discussion

It means that security consists of the application of a number of technologies such as bastion hosts, cryptography and SET and that security can be compromised when one of the links is weak. For example, security could be compromised by a weakness in the procedure for dispensing keys to users.

It is worth returning to the examples at the beginning of the unit, which detail some incidents where criminal acts were carried out.

EXERCISE 4.2

Which of the incidents given in Subsection 1.2 could have been avoided using cryptography?

Discussion

The web attack and the Citibank incident were both examples which would have benefited from the application of cryptographic methods. If the files were encrypted and the keys kept secure then the intruders would not have had access to them.

The other incidents would not have been helped by cryptography; for example, the incident where a member of staff created a large number of false credit cards could not have been prevented by this technology.

EXERCISE 4.3

How would you have ensured that the credit card crime in Subsection 1.2 could not have happened?

Discussion

A system of dual checking where one member of staff checked the work of another member and carried out random checks (such as ringing the phone number of an applicant or visiting their address) might have prevented this problem.

In the remainder of this section we shall be looking at some of the attacksthat can be made on a computer system which cryptography does not help.

4.2 Denial of service attacks

A denial of service attack is an attack on a computer which disables the computer to such an extent that normal work cannot be carried out on it. For example, the internet worm incident mentioned at the beginning of this unit resulted in a large number of programs executing simultaneously on

32


each infected computer and so slowing down other programs to the point where useful results could not be obtained from them.

There are a number of ways that denial of service attacks can be made. First, a program can be inserted into a computer which consumes large amounts of some resource. This program could, for example, be an attachment to an email; it could masquerade as a software update issued by the supplier of some software resident on the computer or it could enter the computer because of a weakness in the software that controls the computer. These types of attack are relatively easy to guard against.

Second, the attack can be one in which the perpetrator does not insert a program into a computer, but makes massive demands on some service that the computer provides. For example, during the NATO action against Serbia, Serbian crackers developed a program which sent large amounts of email to the main NATO computer, resulting in the computer being so overwhelmed that normal mail was rejected. These attacks cannot be so easily prevented.

4.3

Exploiting weaknesses in software Here are two infamous denial of service attacks which exploit insecurities in the software used to administer the internet. The Ping of Death involved the perpetrator sending packets of data larger than the maximum of 65,536 bytes which are allowed by the internet data transfer software. When a computer receives such a packet it will often crash. Happily, the major vendors have issued software patches which have made the Ping of Death obsolete.

A more recent denial of service attack is the Teardrop Attack. In the internet, messages are sent in packets which are reassembled in the right order at the recipient computer. The Teardrop Attack produces packets which contain contradictory information about how the whole collection of packets should be reassembled. Faced with this contradictory information, many computers crash when attempting to reassemble the packets into the original message.

Viruses

A virus is a program that upsets the correct functioning of a computer. For example, a virus might delete some important system files which are required for the correct functioning of a computer. There are three main types of virus: executable viruses, data viruses and start-up viruses.

An executable virus carries out some processing which is illegal. For example, a virus that reads the files in a computer, encrypts them and issues a ransom note in which the key is divulged for money is an executable virus.

A data virus alters some data in a computer. For example, a data virus which reads the password files in a computer and alters them so that a

33


Viruses

malicious user can enter the computer masquerading as another user is an example of a data virus.

A start-up file virus alters the contents of a start-up file. Such a file contains programs which are executed when a computer starts up and will set up the basic information about the computer and the user, such as a user’s name and password. A start-up file virus may, for example, introduce a program which runs in the background while a user is interacting with the computer, copy a user’s log-in password, and send it to a third party.

The family and friends virus, a typical virus One of the most popular ways of spreading a virus is via the address book of an email program. Such a virus when it enters a computer will look at the entries in the user’s address book for sending email. It will then send emails to everyone on the list containing an attachment which is a program. The email would contain some message such as: ‘I think that my computer has got a virus and has infected yours; happily I have managed to find a program which will remove it before it carries out any damage. You just need to run the program.’

When the receiver runs the program it will first send the email on to those people who are listed in the address book on that computer and then carry out some act such as deleting important files. This is a particularly nasty form of virus since it uses the fact that an email from a friend may arouse no suspicion at all.

Viruses are now prevalent on the internet, many of them carry out denial of service attacks, for example by deleting important files which prevent the user from using the computer: sadly, there are a number of kits freely available on the internet for developing them.

However, there are now some sophisticated anti-virus software products which can be used to identify viruses and delete them. These, combined with vigilance from the user (e.g. not opening attachments in emails from people you do not know), will often be sufficient to secure a computer from attack.

4.4 Non-technical attacks

A non-technical attack is an attack on a computer system which does not require any technological tools such as special software, high-power computer hardware or special purpose hardware such as that for reading the data passing through a network.

A good example of this type of attack is password guessing. In the 1970s some studies of passwords chosen by users of a network were carried out. The consistent message from these studies was that people chose passwords which were easy to guess. For example, quite a few users chose the word ‘system’ or their first name, surname, or the first name of their partner. It was found that, on average, 70 per cent of the passwords could have been guessed easily by an intruder after five or six attempts at logging in.

34


Dumpster diving Another popular non-technical attack which aims to find out information stored in a computer is to rummage through the waste bins (known in America as dumpsters) outside a company where printouts and used magnetic media such as floppy disks containing sensitive information are disposed of. There are a number of incidents where sensitive data such as hospital records have been obtained by criminals who have just rummaged in the bins or posed as refuse disposal workers.

Usually non-technical attacks are handled by having simple standards and procedures which govern the day-to-day behaviour of staff. The cracker Kevin Mitnick testified to the American Congress in the late 1990s that he could often obtain passwords by phoning a company and pretending to be an employee who was working in the field. The response to this type of attack is that employees of a company should provide some personal information which no other employee can know when they are hired. If an employee phones with an information request, then that request is only granted when they provide the additional information.

EXERCISE 4.4

Why is dumpster diving an example of a non-technical attack?

Discussion

Because it uses no technology – hardware or software – to violate security.

4.5 The security environment

The previous subsection has shown that security is not just a matter of using cryptography and devices such as digital certificates and SSL to ensure that the security of data in a computer network cannot be compromised; it requires measures which impinge on the working practices of a company. This means that conventional security measures must be used in conjunction with technical measures. Some examples are listed below.

n Physical methods of ensuring that access to buildings and rooms is suitably restricted. For example, ensuring that entrance to an area of a computer containing very sensitive data is restricted to members of staff wearing ID badges, with visitors being accompanied by an employee.

n Making sure that any process which could result in the change of data or reading of data which should remain secure is double checked.

n Securing any waste product that contains sensitive material: ensuring, for example, that printouts are shredded.

35


n Insisting that all passwords used by staff are secure. This means that a trusted member of staff should periodically examine the passwords of users in order to ensure that they would not be broken by password guessing, for instance.

n Making sure that communication hardware cannot be tampered with and that all external maintenance workers are authorised. This guards against such workers planting hardware devices – known as sniffers – that can read the data passing between computers carried in communication lines.

include:

n

n

n

n –

n

Passwords Password checkers

These are computer programs which automatically read the files containing password details of the users of a computer system. The checker will flag any passwords it thinks are easily guessable.

Choosing a password

There are a number of rules about choosing a password. These

do not make it some information which others know about you (such as the name of your dog);

make the password as long as possible: as a password gets bigger and bigger it gets more difficult to crack;

include non alphabetic characters in the password, for example the password ‘F1ngels$Cave’ is very much more difficult to crack than ‘Fingels Cave’;

do not make passwords so obscure that you need to write them down. The password ‘£34jam$98d0ughnut&67’ is very secure but could you remember it?

change your password regularly; many security administrators instruct an operating system such as Windows NT to force the user to change their password fairly frequently, say every two months.

EXERCISE 4.5

Some security administrators use a program known as a password dispenser to provide passwords for staff, for example when researching this unit we used a password dispenser which created passwords such as ‘dd**j7yHHtrewese""8’. Is there a disadvantage to using such a program?

Discussion

The main disadvantage is that such programs can produce passwords which are very difficult to remember. When this happens, users of a computer system will often write their passwords down, e.g. under their mouse mat, and hence compromise security.

36


4.6 Summary

In this section you have studied attacks that cannot be guarded against by the use of cryptography. Many of the attacks that have been described in this section are based on human frailty and can normally be foiled using care and common sense.

37


5 The single user and security

Your studies in this unit have concentrated so far on security and on how companies or enterprises can guard against security breaches. The aim of this section is to:

n broaden the discussion to deal with all activities which can adversely affect the user of a computer, not just those which are security breaches;

n focus the discussion to deal with the single user who might employ a single PC at home to interact with other computers using the internet.

5.1 The internet and its traffic

Before studying personal security it is worth revising how the internet works. The internet is not a single entity with a single owner; instead it is comprised of a hierarchy of individual networks that have been connected to one another. These networks range from local area networks (LANs) that can be found in many businesses and universities to the telephone and data networks that link cities and countries by fibre-optic cables and satellite links.

Your connection to your internet service provider (ISP) forms the lowest part of the internet. In turn your ISP may be connected to another larger network through a network access point (NAP); above that, the NAP is connected to the internet backbone which is the hierarchy of trans-national fibre-optic cables capable of carrying vast amounts of information.

38

CERT CERT stands for the Computer Emergency Response Team. This is an organisation funded by a number of American governmental and non-governmental bodies which monitors security and other problems on the internet and issues full or partial solutions to them. It is based at Carnegie-Mellon University. It issues bulletins known as CERT advisories which contain information about security incidents and how the user can respond to them. An example of a CERT advisory is shown in Figure 5.1. It describes a vulnerability in a Microsoft server product. It is highly technical so we do not expect you to understand it.


Figure 5.1 An example of a CERT advisory

(This particular CERT is at www.cert.org/advisories/CA-2002-09.html (accessed 27.2.2004).)

Two key factors in the design of the internet were the following.

n The network would not have a central controlling computer. Each computer on the network would be assumed to have the same authority.

n The network should be able to deliver information between any two computers on the network even if some of the machines in the network had failed. There would be a large number of alternative routes through the network, so it was not necessary for information to travel by the most direct route, instead it could travel in a roundabout route, avoiding any damaged parts of the network.

computer

link

Figure 5.2 A simple model of the internet

A simple model of a portion of the internet is shown as Figure 5.2. It will allow us to illustrate these principles when the network is in operation.

This portion of the internet is a basic internet-style network of six computers linked together (the lines in the figure). Note that each computer in the network is linked to at least two other computers. Each of these

39


computers is known as a node. None of these computers needs to be close to one another – they might be in the same building or in completely different cities.

The internet itself is composed of several hierarchies of networks. There is a central ‘backbone’ network that is dedicated to moving information at very high speed across large distances. Below this level are various other slower networks that serve smaller geographical areas and are themselves parents to even more local networks such as those in offices or universities. However, all these networks use a standard form of communication so information from one network can be passed across to another network without difficulty.

person B (recipient)

person A (sender)

Figure 5.3 Sending data using the internet

For instance, in Figure 5.3 person A (at the bottom left of the network) wants to send a message to person B (at the top left).The arrows in the diagram indicate the route taken by the message. The transmission of information across the internet is not like the system used for making a telephone call. In a voice call, a dedicated circuit is used for the duration of the call. If there is some failure in the network during your call, the connection is lost and the call ends. The internet was designed to avoid this type of failure. Instead of using a dedicated circuit for all of the information, internet traffic is split up and may take any route through the network. In this way, internet traffic is very much like sending an item through the postal service.

Imagine that you have some sections of a loose-leaf document that you want to post to a friend, but you only have small envelopes. One way to mail the document is to separate it into smaller sections, placing each section in a different envelope. Each envelope is addressed to the recipient. It makes sense to label each envelope with a number to tell your friend where the pages belong in the whole document. When the envelopes are put in the postal system they may all travel through the same sorting offices and arrive on the same day, or they might take different routes and arrive on different days. However, your friend should be able to recreate the document when all the envelopes are received.

40


The internet uses a similar system known as packets. A file is broken up into packets, each corresponding to an envelope. Each packet is labelled with the sender and recipient’s addresses, a unique number, a date stamp and some error correction information.

Packets allow many users to send their information through the same physical network without worrying about the information being scrambled en route.

In Figure 5.3, the packets followed the most direct route between the two computers (but notice that they travel through a computer, which has nothing to do with A or B).


person A (sender)

Figure 5.4 Sending data using an indirect route on the internet

Not all the packets in the information need travel by the same route; indeed, it is quite possible for them to take completely different paths through the network as shown in Figure 5.4. Here, some packets have taken a less direct route from A to B. However, they should all eventually reach their destination and can be recombined into the original message. These are just a couple of the possible routes a message could take through this (simple) network, any route that begins with the sender and ends with the recipient could be used. Name servers and routers determine the choice of the actual route.

Name servers, (as the term suggests) issue correct addresses for destination computers. The addresses used by humans (such as open.ac.uk) are purely for our convenience, computers use numeric addresses (known as Internet Protocol (IP) numbers) for communication; the name server translates the name typed in by a person into a suitable IP address. Every computer on the internet can be associated with a unique IP number corresponding to an internet address. An IP number consists of four numbers (each known as an octet) separated by full stops; the number below belongs to a web server at the OU:

194.66.147.8

41


As an example, we will track a packet being sent to Bob who works in the coffee bar at Big University in America. Bob’s address is [email protected]). The address is sorted from the most general part of the address to the most specific. First of all, the name server on the sender’s network makes a request across the internet to a so-called root domain name server. These computers store the IP numbers of all the name servers belonging to the root domains (.com, .mil, .edu, and so on). The root domain name server returns the IP number of the .edu domain name server which holds the IP numbers of all American universities. The sender’s name server then requests the .edu name server to provide the IP number of big.edu’s own name server.

The sender’s machine then uses that IP number to make a link to the name server at Big University and requests the IP number of the coffee shop computer used by Bob. The big.edu name server will then respond with the address of the coffee shop. The packets of the message can then all be addressed correctly and sent into the network.

Information is moved around the internet by means of specialised computers known as routers. Each network has at least one router, which is connected to two networks (the local one and an adjoining network). Information is directed to its destination using specialised routing tables. The routing table is maintained by the router and is constantly updated to accommodate the most frequently used addresses and to reflect information about changes in the external network. As well as ensuring information goes to the correct location, routers confine packets to the appropriate parts of the network.

Routers perform more sophisticated tasks; they are constantly updating one another about the amount of traffic being passed between routers and of problems on those connections. In the event of congestion or a problematic link, routers can choose alternative paths for their packets around the trouble to ensure to ensure delivery of the whole message. Figure 5.5 shows an example of data being rerouted when a computer is taken out of service.


person A (sender)

Figure 5.5 Rerouting data using the internet

42


Routers work in the following way: first of all, the router opens a packet to determine if the packet is being sent to another machine on its own network; if it is, then the router sends it straight to the destination computer. If the packet is being sent to another network, the router must consult the destination address of the packet to work out what to do next.

If the address of a packet appears in the routing table, the router allocates the full path from the source to the destination and places the packet on the external network for delivery. If the destination address is not in the table, the router is programmed to pass the packet to another router at a higher level in the network. This router will then consult its routing table for the destination; if the address is there, the packet is sent on, if it is not, the router sends the packet to an even higher level router.

If, for any reason packets cannot be passed on from one computer to another, the packets can either be stored or passed to another router by means of a different path in the network.

If the packets are stored, the router will make an attempt later to send the information. Packets have an expiry date beyond which no further attempt is made to transmit them. When a packet expires, it is returned to the sender along with an explanation of why the message was not delivered – such as the destination computer had failed or that the original destination was incorrect.

The real power of the internet is its ability to reroute packets. They can be rerouted either because a link has failed or to relieve congestion on a part of the link. As Figure 5.5 shows, it is still possible for A and B to exchange information even with the complete loss of one of the computers in this network. In the case of the internet, many of the nodes in the network could be lost with minimal disruption to traffic.

5.2 Why the internet is not secure

Internet routers are designed to move packets to their destination; they have been programmed with strategies to overcome problems such as congestion or the failure of a part of the network. These strategies involve rerouting packets via alternative paths.

Because of this, it is impossible to state which route will be taken by a packet travelling outside a local network. The packet may travel directly, or more probably travel through several routers located anywhere in the world. These routers will most probably not belong to either the sender or the recipient, but to a third party. In most cases this will not matter, but it is entirely possible for a router to belong to a malicious third party and hence for data to be read by that third person.

43


investigators.

Packet sniffers Software that examines, displays and keeps a log of all packets passing through a machine are known as packet sniffers, Packet sniffers can be used by system administrators to monitor the network’s performance and to locate faults in it. Some corporations use sniffers to maintain logs of their employee’s internet connections. However, packet sniffers can be used for criminal purposes, such as intercepting passwords. Packet sniffers can be programmed to intercept all traffic, or to intercept only traffic meeting certain criteria (i.e. between certain computers or between certain users). Packet sniffers may also keep copies of all the packets for later analysis. The most (in)famous packet sniffer is Carnivore, developed by the FBI for the investigation of criminal activities. A dedicated Carnivore computer would be installed at the suspect’s ISP. The computer is programmed to intercept all the packets originating from and destined for the suspect’s computer. The packets are copied to a removable disk and continue on their way without apparent interference. The disk can be retrieved and examined by

There is another security problem, and that concerns the public accessibility of data and specifications of internet components. The internet is a public medium and hence anyone should be able to develop software for it. This means that specifications for the architecture of the internet are freely available and can be used to develop software that can be employed to read data passing through a computer on the internet.

5.3 Spammers, scammers, crackers and stalkers

Spam

In this subsection you will study some of the ‘attacks’ which could affect the single user who regularly accesses the internet. Subsection 5.4 gives some of the ways in which these attacks can be guarded against.

Spam Spam is the term given to unwanted email. Because email is now the main medium of communication on the internet, spam has reached almost epidemic proportions. Spam is a nuisance: it takes time to read and wastes valuable time when the email containing the spam is downloaded from the internet. Spammers get your email address from a number of sources: from bulletin boards maintained by internet service providers, from newsgroups, from monitoring chat rooms or from your listing in an internet service provider’s user directory. Spammers can also use programs known as address harvesters which read the contents of web pages; if the developer of the web page has included their email address on the page, an address harvester will detect it and place it in a database which will be sold to spammers.

44

EXERCISE 5.1


If you are a user of a newsgroup which requires you to identify yourself with an email, how do you think you can avoid spam?

Discussion

Arrange to have two email accounts each with a different email address. The first account is the one you would use to send emails to colleagues and friends. The second one would be the email address that you use to access the newsgroup. You would never read the emails sent to that address. Any spam sent to that address would be stored by the supplier of the address (usually your ISP) and eventually it would be deleted without you reading it.

Scams Scams have been in existence since before the internet (or even the computer) was invented. However, the internet has provided criminals with a fast way of connecting to a very large number of potential victims.

One of the most prevalent internet scams is the pyramid scheme where victims recruit more victims who, in turn, recruit more victims who then recruit more victims, and so on. A once popular example of this type of scheme is the chain letter scam. Here you receive an email which contains the name and addresses of five people. The email asks you to send some money to the first person on the list, remove their name and add your name to the end. After this you send the email to 10 or more friends.

This seems to promise huge wealth. In practice the chains break down very quickly and usually the only person to benefit is the person at the top of the list (the fraudster).

Another type of scheme is known as a Ponzi scheme named after the nineteenth century criminal Charles Ponzi. Here a fraudster elicits money from their victims promising very large returns. Initially the perpetrator of this scam does pay back some of the returns, usually monthly and word of mouth means that more victims are attracted to the scam; eventually, however, the returns dry up and the fraudster disappears. What they have done is to pay out good returns on the investment from some of the money sent in by the victims and then when enough investors have paid in they disappear with the residue.

Privacy violations There are a number of sites on the internet which will tell you how much information can be gained from your access to a web server.

Figure 5.6 shows the start of a very long web page which was sent back by one of these sites. This figure contains only a fraction of the material that is on the web page. When I accessed this website, it managed to display the contents of the clipboard used to store temporary information which is to be pasted. In this case the clipboard contained an email message that I was

Internet scams

45


Figure 5.6 Information about your computer

pasting into a text document. It could have held anything – even my credit card details!

Not only can information about your computer, operating system and other technical details be obtained easily, your personal information can be obtained as well; for example, there are a number of people-finding sites which specialise in finding the email address of an internet user. All you have to do is to visit the site, provide a surname and a first name and the site will provide you with any matches.

5.4 Guarding against Armageddon

Given the large number of threats that the internet contains how do you minimise the possibility that you will be a victim? The list of precautions here comes from the excellent book Web Psychos, Stalkers and Pranksters by M.Banks.

Email is not a secure medium, it can be read quite easily as it passes around the internet. If you are worried about prying eyes reading your messages, then encrypt the messages.

If you do not want to be contacted by other users of the internet – for example spammers – then there are a number of precautions you can take.

n When you send an email you will often see the text of the email preceded by what is known as a message header. An example is shown below.

From: [email protected]

To: [email protected]

Sent: Tuesday, February 26, 2002 5:44 PM

Subject: News about Lara

You can change the options of an email program or a browser used to send email so that this information is not displayed to the user who you sent the message to.

46


n Do not publish your email address on the web if you do not want to receive spam. If you do then, eventually, you may receive email that is wasteful of your time, even offensive.

n Use a number of email addresses. Keep one for your own use in contacting friends and colleagues. If you are contributing to a mailing list then use one of the other email addresses (known as a throwaway address) and never read their contents. After a while the mailbox associated with that address will fill up and the internet service provider who has provided the mail facility will delete old emails.

n If you really want to be anonymous when sending emails then use one of the anonymous email sites that can be found on the web.

n If you do not want to other users of the internet to know about your ISP, computer, operating system and details such as your email address use a proxy server or an anonymiser service. Probably the best known of these is www.anonymizer.com. This website has a very simple front-end which allows you to jump to sites on the internet without divulging any of your details.

n Beware of executing programs which are not well known or not written by you. Such programs can be transferred to your computer by a number of means such as an attachment to an email, a piece of shareware or freeware which is available from the web. In the last five years a host of viruses have been spread as attachments so be particularly vigilant of emails with attachments.

n Only share confidential information – such as credit card details – with secure sites. There are a number of ways of finding this out. Many sites now display a padlock symbol in the browser window. This means that the site uses secure technology such as SSL for the transfer of data. Such sites may also have been verified to be secure by some independent body such as the American company VeriSign.

n Invest in anti-virus software. This software uses a database of common virus footprints and scans your computer warning you of possible virus infections.

n Don’t send your credit card details by email. Email should be regarded as being an insecure method of sending information. Additionally email is often held on servers for extended periods of time where other users could read it. The British Labour Party online shop made a serious error when it requested that shoppers send their credit card details by email. The error was quickly remedied.

n Do not fill in a web form that is not on a secure server. The form where you enter your credit card details should be on an SSL page, usually identified by a padlock displayed in the web browser window.

n Keep a record of all transactions. Print out your completed order form (but not the page containing your credit card details) before submitting your order and keep it in a secure location. You can also save copies of the page to your hard disk. Most large sites also allow you to check the status of your current order and any previous orders.

Shopping on the internet

47


ScamWatch

Security services There are a large number of websites which keep information about security violations and scams on the internet. Not only will some of these keep the information in a structured way that is easily accessible but they will provide online advice and also pass on any information to the relevant authorities. One of the best examples of this is the site. Although this site is American it contains much useful information for the European web surfer. Figure 5.7 shows a page from the site detailing some of the most popular internet scams

Figure 5.7 A page from the ScamWatch site

Security services

EXERCISE 5.2

What is the disadvantage of hiding your identity?

Discussion

It means that the person that you send the email to cannot reply. This is all right if you want to post anonymously to a bulletin board but a major disadvantage if you want to carry on a normal email conversation.

EXERCISE 5.3

Can you think of a way of publishing your email address in such a way that programs which scan web pages will not recognise it as an email address?

Discussion

Address harvesters, the programs which pick up email addresses on the web, look for strings such as [email protected] that match many email addresses. You could fool such programs by describing your email address along the following lines: ‘My email name is d.r.rowlandson

48


and I am registered with the ISP ukhit in the United Kingdom. I use co rather than com.’ This would fool any address harvester since they are based on very simple pattern matching methods.

5.5

ACTIVITY 5.1

This activity asks you to comment on spam.

Summary

This section has concentrated on your security as a user of the internet. It described those features of the internet that compromise privacy, and showed how you can protect yourself against problems such as spam and privacy violations.

49


6 Unit summary

In this unit, you have studied the security of data. While other units have looked at the nature of data, how data is to be displayed and how it is to be transferred, this unit has looked at how data can be hidden from prying eyes. This data can be data flowing down a communication line in a network such as the internet or personal data which you store that you do not wish anyone else to look at.

We examined the main technology that can be used for ensuring security: cryptography. We described how cryptography has been used since ancient times and the main principles behind the technique.

We then described the two main cryptographic techniques: symmetric key cryptography and asymmetric key cryptography and showed how they were used in industry. The unit concluded with a discussion of security and other issues such as privacy in terms of how it affected the single user who sometimes connect to the internet.

6.1 Learning outcomes

Having studied this unit, you should have achieved the following learning outcomes.

n Differentiate plain text from cipher text. (SAQ 2.1)

n Apply simple ciphers to a short piece of text. (Exercise 2.1)

n Criticise a simple cipher. (SAQ 2.2)

n Discuss what happens when repetitive actions are applied to a cryptographic method. (Exercises 2.2, 2.3)

n Describe the simple operations which make up a cryptographic method. (SAQs 2.3, 2.4)

n Discuss the safety of public key cryptography. (SAQ 2.5)

n Distinguish between symmetric and public key cryptography. (SAQ 2.6; Activity 2.1)

n Discuss the advantages and disadvantages of public and symmetric cryptography. (Exercises 2.4, 3.1)

n Describe the similarities between historical methods of cryptography and current methods. (Exercise 3.2)

n Describe why SSL has become popular. (Exercise 3.3)

50

Unit summary

n Describe the usefulness of digital signatures. (Exercise 3.4)

n Describe how firewalls work. (SAQ 3.1)

n Explain statements about security technologies. (Exercise 4.1)

n Describe whether a particular security incident could have been prevented using technological or non-technological means and differentiate between technological and non-technological attack. (Exercises 4.2, 4.3, 4.4)

n Evaluate password selection strategies. (Exercise 4.5)

n Describe methods for eliminating spam. (Exercise 5.1; Activity 5.1)

n Explain how to hide or disguise your identity. (Exercises 5.2, 5.3)

n Describe some of the disadvantages of adopting security procedures on the internet.

Key terms

You should be able to define the following terms in your own words.

address harvester

anonymiser service

asymmetric key cryptography

authentication

bastion host

brute force method

certificate authority

cipher text

cracking

cryptography

data virus

decryption

denial of service attack

DES

digital certificate

digital signature

encryption

executable virus

false authority syndrome

firewall

function application

key

list linking

message digest

monosubstitution cipher

name server

non-repudiation

non-technical attack

one-time key

packet

password guessing

permutation

plain text

polyalphabetic cipher

private key

proxy gateway

proxy server

public key

root domain name server

router

routing table

RSA

screening router

secure electronic transaction (SET)

spam

SSL (Secure Sockets Layer)

start-up file virus

steganography

swapping

symmetric key cryptography

virus

web attack

worm

51

M150 Unit 14 ISBN0749257717 - WordPress.com · cracker term hacker. Hackers and crackers. ......

Documents

Transcript of M150 Unit 14 ISBN0749257717 - WordPress.com · cracker term hacker. Hackers and crackers. ......