Escolar Documentos
Profissional Documentos
Cultura Documentos
Doris Chen, Adolfo Perez, Saowaphak Sasanus, Saurabh S Verma Ru-shuen.Chen@Colorado.EDU, aaperez@colorado.edu, Saowaphak.Sasanus@Colorado.EDU, verma@ucsub.colorado.edu
1. Abstract
This paper examines the technical, policy, and economic aspects of the current encryption systems. The paper starts with an introduction to encryption technology, covering both conventional and public-key encryption. It then covers some of the policy issues concerned with encryption including the impact that the new encryption policy has on export limitations and the way the economy of the country is affected due to the new policy. key escrow is an important issue, which deals with human rights. The paper explains the technical features of key escrow and also discusses the effects of the new policy. Finally the paper compares the encryption algorithms to conclude which solution is the most secure system in the market.
2. Introduction
Internet is a very useful tool to obtain information from around the world. However, most users may not realize that they are leaving a trail behind them. Internet is like a digital video camera, which can record almost everything that people have done while being online, including keywords searched on a search engines, sites visited, e-mail messages exchanged, and even the files downloaded to a local computer. The digital tracks exist on backup tapes that might be kept for years, and in databases that are actively repackaged and sold. Sending messages on a computer without encryption is like putting thoughts on a postcard; everyone can read it. Privacy in the computer age requires coding the transmitted information so that only designated recipients can read it. Cryptography is a science of encryption, which is used to make information transmitted over networks such as Internet, secure and private. Encryption can be used to protect voice communications, ATM transactions, and E-mail, by scrambling signals such that the eavesdroppers cannot understand the content of the message. Internet was originally invented for educational research and collaboration, but it now plays a very important role in personal communications and business, which is being carried out online over an insecure medium that entices criminal activity to the internet. In the age of explosive worldwide growth of electronic data storage and communications, users have expressed increasing concerns and demands for effective protection of information. To address this need, this paper will summarize a number of technological solutions have been introduced to assure internet privacy and confidentiality and describe proposed legislation on encryption and export control.
1
3. Encryption Technologies:
The basic definition of Encryption can be described as the transformation of data into a form that is as practically close to being impossible to read without certain appropriate knowledge. Encryption's purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even if they have access to the encrypted data itself. Decryption is the reverse of encryption i.e. it is the transformation of encrypted data back into an intelligible form [1]. The four basic parts in all cryptographic system [2]:
Fig. 1: Encryption
Plaintext: This is the original message in a readable format. Ciphertext: The plaintext message after being modified or obscured to an unreadable format. Cryptographic algorithm: This is the mathematical operation used for converting plaintext to ciphertext. There are two ways in which plaintext can be processed to form the ciphertext such as stream cipher and block cipher1. Key: This is a key used to encrypt and/or decrypt the message. Different keys transform the same plaintext into different ciphertexts. Only people who know the correct key can decrypt the cipertext accurately. Encryption and decryption generally require the use of some secret information, referred to as a key. For some encryption mechanisms, the same key is used for both encryption and decryption, while for other mechanisms, the keys used for encryption and decryption are different. The encryption methods that use the same key are called conventional (or symmetric) encryption. The key used in conventional encryption is usually referred to as a secret key. The encryption that uses different keys is called public key (or asymmetric) encryption.
1
A stream cipher generates a keystream (a sequence of bits used as a key). Encryption is accomplished by combining the keystream with the plaintext. The block cipher technique involves taking a block of the plaintext (n bits) and converting it into an output block, having same number of bits. Encryption of any particular plaintext with a block cipher will result in the same ciphertext when the same key is used. 2
3.1 Conventional Encryption Conventional encryption employs a single key that is shared by the two users. Thus, the user at the source end encrypts a message using the encryption algorithm and a secret key. The user at the destination end decrypts the message using a decryption algorithm and the same secret key. The encryption algorithms are based on substitution and transposition techniques. The substitution process involves mapping the bits in the plaintext to some other bits. The transposition process involves rearranging the bits in the plaintext. Both transposition and substitution are performed several times before the final encrypted ciphertext is produced.
Several encryption algorithms are currently suggested for AES. The ones that made to the final round include MARS, RC6, Rijndael, Serpent and Twofish. The final decision regarding the selection of one of these will be held 3
the block size can be 32 bits, 64 bits, or 128 bits. International Data Encryption Algorithm (IDEA) is a 128-bit key, block cipher encryption technology and has a block size of 64 bits. Blowfish is another block cipher, and has a key length that can vary from 32 bits to a maximum of 448 bits. DES is the most widely used encryption scheme, especially in financial applications. Several Internet-based applications have adopted triple DES. Amongst the most common ones are PGP and S/MIME3. RC5 is an algorithm with a variable block size, a variable key size, and a variable number of rounds. Such variability provides flexibility at all levels of security and efficiency [3]. IDEA is a symmetric block cipher and is used in PGP, which alone assures widespread use of the algorithm. IDEA uses a 128-bit key to encrypt data in blocks of 64 bits. Blowfish is very fast since it encrypts data on 32-bit microprocessors at a rate of 18 clock cycles per byte, and can run in less than 5K of memory. The variable length key allows a tradeoff between speed and security. Blowfish is one of the most formidable conventional encryption algorithms. 3.2 Public key Encryption Conventional Encryption involved single key called the secret-key. Public-key encryption uses two different keys, which are referred to as public key and "private key. The public key is used for encryption and the private key, which is the one that is kept secret, is used for decryption. Only the matching decryption key can be used to retrieve the original message.
phone system, or some other transmission medium and must prevent disclosure of the secret key. The generation, transmission, and storage of a key is called key management. Since all keys in conventional encryption must remain secret, conventional encryption often has difficulty providing secure key management, especially in open systems with a large number of users. In order to solve the key management problem, Whitfield Diffie and Martin Hellman introduced the concept of public-key cryptography in 1976 [4]. Public-key systems have two primary uses, encryption (for privacy), authentication, and digital signatures (for non-repudiation)4. In their system, each person gets a pair of keys, one called the public key and the other called the private key. The public key is published, while the private key is kept secret. The need for the sender and receiver to share secret information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared. In this system, it is no longer necessary to trust the security of some means of communications. The only requirement is that public keys be associated with their users in a trusted (authenticated) manner (for instance, in a trusted directory). Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. Furthermore, public-key cryptography can be used not only for privacy (encryption), but also for authentication and non-repudiation (digital signatures) and other various techniques. In a public-key system, the private key is always linked mathematically to the public key. Therefore, it is always possible to attack a public-key system by deriving the private key from the public key. Typically, the defense against this is to make the problem of deriving the private key from the public key as difficult as possible. Some examples of the public-key systems include the Rivest-Shamir-Adleman (RSA) scheme that was developed by Ron Rivest, Adi Shamir, and Leonard Adleman, in 1977. Another example is the ElGamal system, which based on the discrete algorithm problem. It consists of both encryption and signature variants. The Merkle-Hellman knapsack is a public-key system first published in 1978. It is commonly referred to as the knapsack cryptosystem. The ChorRivest knapsack system was first published in 1984, followed by a revised version in 1988. LUC is a public-key system developed by a group of researchers in Australia and New Zealand. The cipher implements the analogs of ElGamal, Diffie-Hellman, and RSA over Lucas sequences. LUCELG is the Lucas sequence analog of ElGamal, while LUCDIF and LUCRSA are the Diffie-Hellman and RSA analogs, respectively [5]. The most popular public-key encryption algorithm is the RSA scheme. The algorithm has been employed in the most widely used Internet electronic communications encryption program, Pretty Good Privacy (PGP). It is also employed in both the Netscape Navigator and the Microsoft Explorer web browsing programs in their implementations of the Secure Sockets Layer (SSL), and by Mastercard and VISA in the Secure Electronic Transactions (SET) protocol for credit card transactions.
Authentication is any process through which one proves and verifies certain information. Sometimes one may want to verify the origin of a document, the identity of the sender, the time and date a document was sent and/or signed. A digital signature is a cryptographic means through which many of this may be verified. The digital signature of a document is a piece of information based on both the document and the signers private key. 5
One major advantage of public-key encryption is increased security and convenience, as private keys never need to be transmitted or revealed to anyone. In conventional encryption, by contrast, the secret keys must be transmitted (either manually or through a communication channel). A serious concern is that there may be a chance that an enemy can discover the secret key during transmission. A disadvantage of using public-key encryption is speed. There are many conventional encryption methods that are significantly faster than any currently available publickey encryption method. Nevertheless, public-key encryption can be used with conventional encryption to get the best of both (security advantages of public-key encryption and the speed advantages of conventional encryption).
The four major security functionality are: Confidentiality or Privacy provided by encryption; Authentication provided by certificates; Integrity provided by secure hash functions in association with message digest; and Nonrepudiation provided by digital signatures. 6
Key Leng th
Bloc k S iz e
56 bits
64 bits 64 bits
45 108 23 50
18
64 bits
64 bi ts
policies are known as cryptography policy or encryption policy. However, the effect of the policy has seemed questionable in terms of achieving its initial objectives, and, indeed, it has derived several negative impacts. The issue - whether government should implement any cryptography policies -is, therefore, controversial. According to the U.S. Department of State report in 1996 Country Reports on Human Rights Practices, there were widespread illegal or uncontrolled use of wiretaps by both government and private groups in over 90 countries [6]. This report indicates that the governments have abused their power to invade people's privacy. In some countries, dissidents and human rights organizations under repressive regimes use encryption technologies to share their concerns and transmit sensitive information. Any restrictions on use of encryption would create possibilities for the violation of free expression for individuals in countries where dissent is punished. For two decades, software companies have fought in vain for the right to export encryption products free of stringent licensing requirements. Such worries are decidedly muted on the Clinton Administration new policy, announced on September 16, 1999. This new policy will open the entire commercial sector as a market for strong U.S. encryption products. It will be implemented through regulations to be issued by December 15 [7]. The new policy sets aside years of warnings from law enforcement and defense officials that such a step would endanger national security. With such worries in mind, the administration also announced legislation that would give law enforcement greater resources to combat the use of computers by criminals and terrorists, creating a new FBI unit to focus on cracking codes [8]. In support of human rights, the Cyberspace Electronic Security Act of 1999 ensures that law enforcement maintains its ability to access decryption information stored with third parties, while protecting such information from inappropriate release. It also protects sensitive investigative techniques and industry trade secrets from unnecessary disclosure in litigation or criminal trials involving encryption, consistent with fully protecting defendants rights to a fair trial [9]. In years past, individual shipments of encryption products required federal licenses before export. Under the new policy, companies will need one-time certification for their products. Then they will be free to export as many shipments as they like.
6. Economic Aspects
The objectives of the above polices and encryption technologies are concluded for securing the national security. Although the initial intention may be positive, the result may cause several negative influences that can be categorized into two main aspects: economics and human rights. A study by the Committee to Study National Cryptography Policy has stated that the export control for cryptography creates negative impacts on country's economic development. Consistent with rising emphasis on the international dimensions of business, many U.S. companies must exchange important and sensitive information with their foreign partners or agencies. The restriction policy initially forced the foreign entities to use relative weak cryptography technologies. Under this circumstance, the strength of the U.S. cryptography
8
deployed to protect its data was not meaningful since the information could leak from the foreign side. The intention of the cryptography policy was, therefore, less effective. The present export control regime overcomes the disadvantages of the old one, which caused an impediment to the information security efforts of U.S. corporations competing and operating in world markets. The current regime addresses the globally increasing need for secure communication systems. This was very much needed since even the non-U.S. venders were devoting efforts on developing superior encryption technology and competing with U.S. vendors. Removing the restrictions on the strength of the cryptographic product no longer obstructs the U.S. product's competitiveness, thus enhancing the U.S. firms' competing ability.
role in the still emerging world of cyberspace. No court has considered the issue. The Justice Department's analysis of CESA6 clearly states, "there is no constitutionally protected expectation of privacy in recovery information held by a third party but not under a confidentiality arrangement." Thus, in the Justice Department's view, key recovery agents, in the absence of a contractual confidentiality agreement, could voluntarily disclose keys to the government, and even with such an agreement, the government might be able to compel disclosure of a key with a mere grand jury or administrative subpoena issued without judicial approval and without notice to the person who created the key [12]. CESA seeks to moot the constitutional question by creating a narrow statutory privacy right in escrowed keys, while simultaneously providing a mechanism for the government to get those keys.
As part of its package of encryption policy reforms announced on September 16, the Clinton Administration is transmitting to Congress draft legislation entitled the Cyberspace Electronic Security Act ("CESA"). 10
8. Conclusion
The paper explored the various aspects related to technology, policy, and economics of encryption. The new policy for encryption is good from the economic perspective since it now lets the US companies develop domestic and international products without a limitation on the size of the key, which implies more secured applications. This relaxation of limitation also helps the companies compete in the international market. This policy does decrease the possibility of law-enforcement to invade personal privacy. However, it does not solve the issue of human rights since the keys generated by an entity can be viewed first by the third party recovery agent and secondly by the government which can still have the key issued without judicial approval and without notice to the person who created the key. We would like to recommend that in the upcoming version of the encryption policy, the issue of human rights must be considered in more detail. Also, it was observed that the public key encryption system and the conventional encryption system must be used to complement each other to get the maximum out of both the systems. The most secure and fast conventional encryption algorithm was Blowfish while the best public-key algorithm was RSA. With no more restriction on the key-size for export, more competent, fast, inexpensive, and secured algorithms will constitute the future generation of encryption systems.
11
References
[1] What is cryptography? RSA Laboratories, FAQ can be found at http://www.rsasecurity.com/rsalabs/faq/12.html accessed on November 3, 1999. [2] Web-Security: A Step by Step Reference Guide, chapter 2. Author Lincoln D. Stein, published by Addison Wesley Pub Co, in January 1998. [3] What is RC5? RSA Laboratories, FAQ can be found at http://www.rsasecurity.com/rsalabs/faq/3-6-4.html accessed on November 3, 1999. [4]What is public-key cryptography? RSA Laboratories, FAQ can be found at http://www.rsasecurity.com/rsalabs/ faq/2-1-1.html accessed on November 3, 1999. [5] What are some other public-key cryptosystems? RSA Laboratories, FAQ can be found at http://www. rsasecurity.com/rsalabs/faq/3-6-8.html accessed on November 3, 1999. [6] An international survey of encryption policy, Cryptography and Liberty 1998, can be found at http://www.gilc. org/crypto/crypto-survey.html. Accessed on November 3, 1999. [7] Administration Announces New Approach to Encryption, statement by the press secretary, accessible at the website http://www.bxa.doc.gov/Encryption/whpr99.htm accessed on November 3, 1999. [8] The Washington Post,Curbs on Export of Secrecy Codes Ending by Peter S. Goodman and John Schwardc, Friday, September 17, 1999, accessible at the website http://www.washingtonpost.com/wp-srv/business/daily/ sept99/encryption17.htm [9] Administration Announces New Approach to Encryption, statement by the press secretary, accessible at the website http://www.bxa.doc.gov/Encryption/whpr99.htm accessed on November 3, 1999. [10] Another Whack Against GAK, by J. Orlin Grabbe, dated December 21, 1996. Can be found at the web-site http://www.aci.net/kalliste/gak.htm [11] Draft Software Key Escrow Encryption Export Criteria, dated November 6, 1995 can be accessed at the web-site http://csrc.nist.gov/keyrecovery/criteria.txt [12] Initial CDT Analysis of the Clinton Administration's Proposed Cyberspace Electronic Security Act (CESA): Standards for Government Access to Decryption Keys dated - September 23, 1999. Accessible at the web-site http://www.cdt.org/crypto/CESA/cdtcesaanalysis.shtml [13] D. Bleichenbacher, W. Bosma, and A. Lenstra. Some remarks on Lucas-based cryptosystems. In Advances in Cryptology Crypto '95, pages 386-396, Springer-Verlag, 1995.
12