247 lines
12 KiB

Introduction to Securing Data in Transit
Jennifer Vesperman
Revision History
Revision 0.1 2002-02-17 Revised by: MEG
Converted from text file. Modified wording.
Revision 0.2 2002-02-23 Revised by: MEG
Incorporated Jenn's comments.
Revision 0.3 2002-02-24 Revised by: MEG
Conforming to LDP standards. Added abstract.
This article discusses ways to keep the transmission of data over the
Internet private. In particular, authentication and encryption are covered.
Table of Contents
1. Introduction
1.1. Copyright Information
1.2. Overview
2. Authentication
3. Encryption
3.1. Private key encryption
3.2. Public Key encryption
3.3. Limitations of encryption
4. Secure HTTP
5. Secure Email
6. Secure Shell
7. Other Data Transfer
8. Final words
1. Introduction
1.1. Copyright Information
Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed
only subject to the terms and conditions set forth in the Open Publication
License, v0.4 or later (the latest version is presently available at [http://
www.opencontent.org/openpub/] http://www.opencontent.org/openpub/).
1.2. Overview
The secure transmission of data in transit relies on both encryption and
authentication - on both the hiding or concealment of the data itself, and on
ensuring that the computers at each end are the computers they say they are.
2. Authentication
Authentication is a difficult task - computers have no way of knowing that
they are 'the computer that sits next to the printer on the third floor' or
'the computer that runs the sales for www.dotcom.com'. And those are the
matters which are important to humans - humans don't care if the computer is
'', which is what the computers know.
However, if the computer can trust the human to tell it which computer
address to look for - either in the numeric or the name form - the computers
can then verify that each other is, in fact, the computer at that address.
It's similar to using the post office - we want to know if 100 Somewhere
Street is where our friend Sally is, but the post office just wants to know
where to send the parcel.
The simplest form of authentication is to exchange secret information the
first time the two computers communicate and check it on each subsequent
connection. Most exchanges between computers take place over a long period of
time, in computer terms, so they tend to do this in a small way for the
duration of each connection - as if you were checking, each time you spoke in
a phone call, that the person you were talking to was still that person.
(Sally, is that you? Yeah. Good, now I was telling you about the kids .. is
that still you?)
It may sound paranoid, but this sort of verification system can inhibit what
is called a 'man in the middle' attack - where a third party tries to 'catch'
the connection and insert their own information. Of course, this relies on
the first communication not being intercepted.
Public key encryption (see below) is the other common means of
authentication. It doesn't authenticate the sender, but it does authenticate
the receiver - and if both parties exchange public keys, and verify by some
independant means that the key they have is the key of the party they wish to
send to, it authenticates both.
3. Encryption
Encryption is the process of changing text so that it is no longer easy to
read. A very simple example is the following sentence:
Guvf vf n fvzcyr fhofgvghgvba pvcure.
Commercial encryption uses methods which are a lot more secure than the one I
used to produce that example. Almost all modern encryption methods rely on a
key - a particular number or string of characters which are used to encrypt,
decrypt, or both.
In the next sections, common encryption methods are presented. To illustrate
how they work, ficticious characters named Bob and Alice will be introduced.
Private key encryption and public key encryption are discussed, as are their
3.1. Private key encryption
Private key encryption is the standard form. Both parties share an encryption
key, and the encryption key is also the one used to decrypt the message. The
difficulty is sharing the key before you start encrypting the message - how
do you safely transmit it?
Many private key encryption methods use public key encryption to transmit the
private key for each data transfer session.
If Bob and Alice want to use private key encryption to share a secret
message, they would each use a copy of the same key. Bob writes his message
to Alice and uses their shared private key to encrypt the message. The
message is then sent to Alice. Alice uses her copy of the private key to
decrypt the message. Private key encryption is like making copies of a key.
Anyone with a copy can open the lock. In the case of Bob and Alice, their
keys would be guarded closely because they can both encrypt and decrypt
3.2. Public Key encryption
Public key encryption uses two keys - one to encrypt, and one to decrypt. The
sender asks the receiver for the encryption key, encrypts the message, and
sends the encrypted message to the receiver. Only the receiver can then
decrypt the message - even the sender cannot read the encrypted message.
When Bob wants to share a secret with Alice using public key encryption, he
first asks Alice for her public key. Next, Bob uses Alice's public key to
encrypt the message. In public key encryption, only Alice's private key can
unlock the message encrypted with her public key. Bob sends his message to
Alice. Alice uses her private key to decrypt Bob's message.
The things that make public key encryption work is that Alice very closely
guards her private key and freely distributes her public key. She knows that
it will unlock any message encrypted with her public key.
3.3. Limitations of encryption
Cryptanalysis, or the process of attempting to read the encrypted message
without the key, is very much easier with modern computers than it has ever
been before. Modern computers are fast enough to allow for 'brute force'
methods of cryptanalysis - or using every possible key in turn until the
'plain text' version of the message is found.
The longer the key, the longer it takes to use the 'brute force' method of
cryptanalysis - but it also makes the process of encrypting and decrypting
the message slower. Key length is very important to the security of the
encryption method - but the 'safe' key length changes every time CPU
manufacturers bring out a new processor.
Encryption does not make your data secure. Not using encryption, however,
means that any data in transit is as easy to read as the contents of a
postcard, sent in regular mail. Encryption at least ensures that anyone who
does read your messages has worked hard at it.
4. Secure HTTP
Modern graphical browsers usually have a small 'key' or 'padlock' symbol at
the bottom right or bottom left of the screen. When the 'lock' is closed or
the 'key' is whole, the browser is encrypting the information and has
exchanged basic authentication information with the other computer.
You can also check whether a browser is encrypting information by checking
the URL at the top of the screen - any URL which uses 'https://' instead of
'http://' is using Secure HTTP. Unlike the locks and keys, the presence of
'https' does not mean that all your information is being sent encrypted,
merely that it might be.
5. Secure Email
Most of the secure email programs use public key encryption. The receiver
posts their encryption key somewhere public, somewhere that potential senders
can locate it. The sender uses that key to encrypt the message, thus ensuring
that only the receiver can decrypt it.
This works fairly well, but has the disadvantage that if your receiver isn't
using a secure email program, or doesn't have a posted public key, you can't
send encrypted mail to them.
Authentication is not a problem for secure email - provided the receiver has
kept their private key secure, noone can easily decrypt the transmission.
6. Secure Shell
Networks often need remote system management, where the admin is in one
building and the computer which needs attention is in another. Or programmers
might work from home, using a remote access tool to use resources on the
computers at work. The traditional tool which allowed these functions was a
program called 'telnet', which gave access to a command line interface on the
remote system.
The problem with telnet was that it sent everything using plain text. The
modern version is SSH, which uses any of several encryption options and has a
variety of ways to tell whether the user is authorised to connect to the host
system. SSH stands for Secure SHell. "Shell" is a common term for the human/
computer interface.
The SSH protocol has been used to provide secure ways to perform other common
tasks. Different operating systems may have different tools, but common
functions like copying or file management can often be done using tools which
run over an encrypted SSH link.
SSH authenticates the computers on the first connection between each pair of
computers - the two computers swap public keys, and on each subsequent
connection check that the computers can decrypt a message. On the first
connection, SSH depends on the user to verify that they have reached the
correct computer. On subsequent connections, SSH will warn the user if it is
uncertain of the remote computer's identity. Authentication security from
that point is up to the user, though SSH will continue to encrypt traffic
passing through it.
7. Other Data Transfer
FTP, IRC, ICQ and other systems are often used to transfer information around
computers. If your program doesn't have an option to encrypt the data, assume
that it is sent as plain text.
8. Final words
Secure data transfer methods are important, but the security can be broken
without cryptanalysis if the computer at either end is insecure. Ensure that
your computers and internal networks are secured.
Cryptanalysis can read most encryption methods, if the analyser is determined
enough and wealthy enough to buy enough fancy hardware. If your information
is worth enough, the most secure method of transfer might be 'sneaker-net' -
a person with a floppy disk. If your information is that valuable, however,
it's worth hiring a security expert to secure your networks. Take their