Introduction

The Security Team:
Mark Bayer - KSG
Raghav Chandra - KSG
Jaime Chambron - FAS
Jamil Ghani - FAS
Nanthikesan - KSG
Angelina Ornelas - KSG
Alex C. Snoeren - MIT

Information Systems Security: Enabling Future Internet Applications through Cryptography

Components of Security

Security has become such an overloaded term that any discussion on the issue merits a brief overview of exactly what is meant by the term. In our view, there are several discrete, yet hopelessly intertwined components of security. While one can present an academic discussion of each separate aspect, any real-world application requires that security be addressed in its entirety, as a compromise at one level may completely negate the security measures of another.

Physical Security

Physical security can be viewed as the foundation upon which all other levels are built. It is often easy to overlook in the electronic world, but even digital information is still vulnerable to physical attack. While information encrypted in transmission may be impossible to steal on the wire, gaining access to the terminal at the other end is a sure way to circumvent such measures.

Physical threats aren't limited to low-tech thuggary, either. One aspect of electronic systems frequently overlooked is the electromagnetic radiation. It is possible to detect the current on a wire without ever actually touching it--merely measuring the induced magnetic fields around the wire will suffice. Similarly, data erased from magnetic media--such as computer discs--may be recovered by carefully examining the residual polarization of the atoms.

While extremely interesting in its own right, the nuances of physical security are beyond the scope of this report. We would note, however, that simple measures such as the ever-popular "turn your computer off when you go to lunch" can do more to insure the security of digital data than any amount of digital security ever will.

Privacy Policies

On the other end of the scale, there are issues of privacy. Even if one assumes away all lower levels of security, what people may do with information in their possession is a very difficult and complex issue to tackle. It is often asserted that social engineering is the most widespread method of information theft in the world today. No matter what levels of security are placed on information in the physical and digital medium, mankind has not yet perfected mind control. Until that day, we can only attempt to set policies and guidelines for proper use of information, and hope the persons in question act appropriately.

As with physical security, privacy is a topic worthy of a lengthy discussion in its own right, and any attempt to provide a thorough treatment of it here would be futile. Instead, given the our Internet-centric context, we chose to narrow our focus on what could be viewed as the intermediate level between physical security and privacy policies: digital security.

Defining Digital Security

In February, 1995, the IITF [Vol. 60 No. 28 of the Federal Register, p. 8100] proposed five tenets of digital security, based on reasonable expectations of what a participant in an electronic transaction on the National Information Infrastructure (NII) could expect:

The ability to control who sees (or cannot see) their information and under what terms.
The ability to know who they are communicating with.
The ability to know that information stored or transmitted is unaltered.
The ability to know when information and communication services will (or will not be) available.
The ability to block unwanted information or intrusions.

With these tenets in mind, we define digital security to be the collection of technologies, policies, and practices that provide for confidentiality, availability, authenticity, integrity, and certifiability of electronic communications sent from one user to another or stored, archived, or processed on computer systems, networks, servers, databases or any other repositories of digital information. This definition is slightly broader than the one proposed by the Organization for Economic Co-operation and Development(OECD) in their 1992 Guidelines for the Security of Information Systems, which included only availability, confidentiality, and integrity.

Each of these terms is explained more fully below, along with associated current technologies and buzzwords.

Confidentiality deals with restricting access to information that is transmitted, stored, or otherwise encoded in digital form to only those parties with appropriate access. This is often (somewhat improperly) equated with the term privacy. Privacy is a larger issue, speaking to the appropriate use of information. We define confidentiality, on the other hand, to be only concerned with limiting access to authorized users. What those users chose to do with the information is another story. It is worth noting our definition differs slightly from the OECD's, which speaks to appropriate use of the information by authorized users. The first IITF tenet can be viewed in either light. Access control, Encryption, cryptography. PGP, SSL, Clipper, Skipjack.

It is important that systems, information, and other services be ready for use in a predictable and controlled fashion. Availability includes limiting the flow of unsolicited information, and speaks directly to the fourth and fifth tenets. Denial of Service Attack, Firewalls.

Integrity assures that digital information is received and viewed in its intended from. Such technologies, policies, procedures, and regulations prevent data from being corrupted, altered, destroyed, or otherwise modified. Error detection/correction. CRC, Encryption.

Separate from issues of integrity, authenticity provides assurance that information originated from a specified source, and was not replicated, delayed, rerouted, or otherwise presented in a fashion not originally intended. Digital Signatures. Public Key Cryptography.

Certifiability ensures that all of the preceding aspects of security can be proven, not only to the parties participating in an information exchange, but possibly to an outside, third party, such as a judge or arbiter. This concept is also commonly referred to as non-refutability in the literature. Digital Certificates.

Importance of Digital Security

With the explosive growth of the Internet, there is great potential for online-commerce, medical consultation, distance learning and other interactions that could greatly improve our quality of life. However, for this potential to be realized, users must have confidence in the security of their communications.

With the surge in on-line interaction comes the possibility of making money in the marketplace. The Software Publishers Association estimates that the foreign market for mass-market software with encryption capabilities is growing at least 20 percent each year, with the potential U.S. share amounting to between $3 and $5 billion a year by 1997. [General Accounting Office Report GAO/OSI-94-2, Communications Privacy: Federal Policy and Actions, November 4, 1993] On-line interactions, then, could spur tremendous economic growth. Again, consumer and user confidence, drawn from digital security, is crucial for realizing this potential.

Cryptography's Role

As with any intangible concept, it is often easier to regulate the particular physical manifestations that currently embody the concept intended to be legislated. Cryptography currently finds itself as an almost unique tool to provide digital security, and hence has born the brunt of recent debate and legislation concerning digital security. Struggling to concretely define ethereal concepts such as confidentiality and authenticity, regulators have relied on the specifics of present cryptographic techniques to spell out their intentions

At its heart, cryptography is basically a set of complicated math tricks. By defining certain problems that are extremely difficult to solve without knowing some secret, cryptography is able to prevent even the most powerful computers from discovering what is immediately obvious with knowledge of some small fact.

The recent popularity of public-key techniques, first discussed by Diffie and Hellman in the late 1970s, has led to a proliferation of techniques to provide encryption, authentication, integrity, and certification, all through the use of a specific key (which plays the part of the secret discussed above). It is then not surprising that the specifics of this key (specifically its length, or complexity), have come under intense scrutiny in policy debates.

Quantifying Digital Security

Measuring digital security is a tricky business. When enforced through cryptography, the cryptographic strength can be measured in bits - the characters (e.g. numbers, letters, symbols) that make up the codes designed to prevent information from being compromised. The more bits, the better the digital security provided, according to some involved in the discussion. Others point to factors such as physical security - whether access to communications is limited to a few trustworthy people, and whether the information is housed in a secure location - as more important when measuring digital security.

Tech Note: Ideally, the security of a cryptosystem is based on the difficulty of finding the appropriate key. Keys are chosen from some key space, the size of which is usually given by the length of the key. A 56-bit key comes from the space of all 56-bit long integers, from 0 to 2⁵⁶. A brute force attack might need to try each of the 72 quadrillion possibilities. Since the key space grows exponentially, a 64-bit key would be 256 times harder to crack.

We take a holistic approach that incorporates technical measurements and physical aspects. For example, if a high-speed computer attempts every possible combination of bits in order to crack a digital security product (a so-called brute force attack), then a product with 128-bits will take longer to compromise than a product with 56-bits. However, if an operator has some information about the product's user it is often possible to guess a password-based key.

Information such as birthdays, anniversaries, street addresses, nicknames, names of pets, etc. are often used in a more targeted search. Such methods can crack keys of any length with equal success. Yet secure passwords with strange, seemingly random strings of characters can be difficult to remember; users sometimes resort to insecure, even careless methods of remembering passwords. Even the most sophisticated security system can be defeated if the password is left on a 3M sticky-note attached to the monitor, key card, or anywhere else immediately accessible to a would-be intruder.

Eric Thompson, president of AccessData Corporation, a company specializing in data recovery and cryptanalysis, reports that 90% of all systems are broken through means other than through the cryptographic machinery. It is therefore crucial to consider the different aspects of digital security discussed above when making measurement decisions.

Determining Available Strengths

The dual nature of digital security, as a set of technologies, policies, and laws fueling the growth of the electronic economy, and as a national security tool, makes the level of security available a contentious topic (See our discussion of export controls in the following section). As described above, reliable and trustworthy digital security could unleash enormous economic and social benefits. However, unbreakable digital security tools in the hands of terrorists and felons could make it possible for lawbreakers to conceal evidence of their crimes. This is particularly true of encryption, a digital security application used to protect the privacy of user communications.

For example, the deputy director of the National Security Agency (NSA) told Members of Congress that "[I]f encryption is used by criminals and other adversaries (e.g. terrorists) to help hide their activities, the public safety of U.S. citizens, and citizens of other countries, may be placed in jeopardy." This view was shared by the members of Committee to Study National Cryptography Policy, who, in their 1996 report Cryptography's Role in Securing the Information Society (CRISIS), suggested that:

Congress should seriously consider legislation that would impose criminal penalties on the use of encrypted communications in interstate commerce with the intent to commit a federal crime.

The CRISIS report did, however, acknowledge that "on balance, the advantages of more widespread use of cryptography outweigh the disadvantages." The difficulty, then, is determining the appropriate levels for both domestic and international use.

Tech Note: In January, 1997, a Berkeley student cracked a 40-bit key in three and a half hours by harnessing the power of 250 networked Sun workstations. Using 3,500 networked systems along with several super computers, a student at the Swiss Federal Institute of Technology was able to crack a 48-bit key in 13 days.

Deputy Director of the NSA, William Crowell, noted that it would have taken the Berkeley machines 9 trillion times the age of the universe (roughly 15 billion years) to break a 128-bit key. Even if all the estimated 260 million computers in the world were set to the task, it would still take roughly 12 million times the age of the universe.

As a result of public safety and national security consequences of encryption usage, Congress and successive Administrations have passed legislation and promulgated regulations placing controls on the export of encryption products. Several encryption-related bills are pending in the current Congress, and the Clinton Administration continues to put forward regulations in this area. As of March 1998, there are regulations limiting the strength (e.g. number of bits) that can be incorporated in encryption products exported from the United States. There are no such limits on encryption items used within the U.S.

How Secure is Secure Enough?

Determining the degree of security needed is a difficult task for users. Of course, traffic containing diplomatic, military and corporate trade secrets should be tightly secured by using robust digital security measures, both technical and physical. For other communications, finding the right level of security can be a challenge. It is, of course, and issue of tradeoffs. In an attempt to be explicit, the OECD Security Guidelines include a proportionality principle, defined as follows:

Security levels, costs, measures, practices and procedures should be appropriate and proportionate to the value of and degree of reliance on the information systems and to the severity, probability and extent of potential harm, as the requirements for security vary depending upon the particular information systems.

As Dorothy Denning, a well-known technical expert, has noted, users sometimes perceive that stronger security is needed than is actually required: "Domestic versions of products often use key lengths far in excess of what is needed to prevent compromise. For example, the domestic version of Netscape's Navigator 3.0 offers 125-bit RC4 and 168-bit Triple-DES. Breaking such keys by brute force is totally infeasible and could remain so forever." More robust technologies often require higher degrees of technical sophistication and take longer to implement than weaker versions. In general, users should take into account the sensitivity of their communications, physical steps they can take to improve the security of their data, cost and ease of use when deciding the level of security to use.

Continue to Current Crisis

Return to the Outline

4/6/98 - Alex C. Snoeren & Mark Bayer