project report.doc - Student Web Sites

Document Sample
project report.doc - Student Web Sites Powered By Docstoc
					                                CSC4490
                    Computing Complementary Studies B

           ENCRYPTED DATABASE INTEGRITY

                                                           Page No.
1. INTRODUCTION                                               2

2. SIGNIFICANCE DATABASE SECURITY                               3
              2.1 Database Insecurity                           3
              2.2 Database Security Issues: Inference           3
              2.3 Database Security (Common-sense Principles)   3
              2.4 Basic Security Structure                      3
              2.5 Server Security                               4
                     2.5.1 Trusted IP addresses                 5
                     2.5.2 Database Connections                 5
                     2.5.3 Table Access Control                 5
                     2.5.4 Restricting Database Access          6

3 DATABASE ENCRYPTION                                           8
             3.1 Internet, E-mail and E-Commerce                9
             3.2 WHY ENCRYPT DATA                               9
             3.3 How to Encrypt Database Data                   10

4 ENCRYPTION METHODS USED IN DATABASE SECURITY                  11
             4.1 Authentication                                 11
             4.2 Access Control                                 11
5 SIGNIFICANCE OF CRYPTOGRAPHY                                  12
             5.1 Symmetric key                                  12
             5.2 In PUBLIC KEY CRYPTOSYSTEM                     13

6 PROBLEM IN CRYPTOGRAPHY                                       17
             6.1 Public Key vs. Private Key Encryption          17

7 EXISTING APPROACHES                                           18

8 THERE ARE MANY ALGORITHMS WE CAN USE FOR
  CRYPTOGRAPHY LIKE                                             19
             8.1 Hash Functions                                 19
             8.2 DSA                                            19
             8.3 MD5                                            19
             8.4 SHA-1                                          20
             8.5 Modern Methods:                                20

9 CONCLUSION                                                    21
10 REFERENCE:                                                   21




                    Student Name: Prasanna Puranik                    Pg.1
                            Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

1. INTRODUCTION:

Database-encryption technology isn't new. Recently, database encryption wasn't right
for most enterprises. With the Health Insurance Portability and Accountability Act
(HIPAA) now a reality, though, the stakes are higher than ever when it comes to
compromised customer and employee data, and many organizations are taking a
second look at encrypting their databases.

But we can't encrypt everything in our database. Indexed fields, for example, can't be
encrypted because our database-management software will sort the encrypted strings
in hexadecimal values, which won't match the real, unencrypted form. So our index,
which is supposed to speed access to the data by pre-ordering it, won't work. Even if
we could relate the encrypted index field to the original data, the collation order
wouldn't match. Until databases support encryption natively, encrypted indices will be
a problem.

The Encryption allows us to encrypt the data that resides within our database. The
database encryption allows us to specify the encryption of data at the schema, table, or
column levels. Along with database encryption, with advanced security and auditing
functions built on the foundation of dependable encryption techniques - an intuitive
interface to Oracle’s own certified DBMS.

This research report is on How to provide Encryption to a Database. This explains
many aspects, that is encryption and decryption of the data and how to give the
maximum security to the data base. Basically database security can be broken down
into the following key points of interest.
     Server Security
     Database Connections
     Table Access Control
     Restricting Database Access

The most important in database is the Security, many database services provides
different options to allow user to perform database operation securely. The security
features includes

      Standard login authentication: The server does UNIX style login and allow
       multi-level access control settings. Each operation is validated against the user
       assigned rights.
      SSL Support: The server support standard SSL 3.0. All data sent to user is
       encrypted using public/private keys when enabled. The server also uses SSL to
       communicate among Dynamic Server Group (DSG).
      Data Encryption using secret keys: The server can also use secret key when
       communicate within a DSG




                         Student Name: Prasanna Puranik                            Pg.2
                                 Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B

2. SIGNIFICANCE DATABASE SECURITY

2.1 Database Insecurity
With the holidays rapidly approaching, online commerce transaction totals are
reaching all-time highs. Are you doing your gift shopping online this year? If so,
have you stopped to consider where your credit card information is actually going?
Sure, there's that reassuring lock on the bottom of your browser window. That means
everything is safe and secure, right?

Not always. That lock icon indicates that your credit card number is being encrypted
while in transit over the Internet and decrypted on the other side. The merchant then
usually stores your credit card number in an order processing database -- sometimes
without appropriate levels of encryption or other security measures.

2.2 Database Security Issues: Inference
Databases introduce a number of unique security requirements for their users and
administrators. On one hand, databases are designed to promote open and flexible
access to data. On the other hand, it’s this same open access that makes databases
vulnerable to many kinds of malicious activity. This article is the first in a series that
will look at a number of database-specific security concerns and guide you as you
attempt to steer your databases clear of these obstacles.

One of the main issues faced by database security professionals is avoiding inference
capabilities. Basically, inference occurs when users are able to piece together
information at one security level to determine a fact that should be protected at a
higher security level.

2.3 Database Security (Principles)
Database security issues have been flooding the media and Internet news-wires. First
with the Slammer worm and most recently criminals accessing over 8 million credit
card numbers. (By Blake Wiedman)

As the internet has boomed and we've increased our reliance on the convenience and
relative low cost of web-enabled information systems, we have become lazy in our
implementation of basic security practices.

2.4 Basic Security Structure
To often system administrators are left to their own accord, managing the security of
their systems with little or no oversight by a higher security administrator. This raises
the following questions:

      Who ensures system administrators are following security guide-lines?
      How does an organization ensure all system administrators are applying the
       latest patches?
      What organization ensures that the latest patches have been tested to ensure
       they do not cause additional system faults


                          Student Name: Prasanna Puranik                             Pg.3
                                  Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

Who performs security audits on the corporation as a whole?




An example of a good clean and effective network security organization.



Without a proper structure you begin to get chaos when it comes to such an important
topic as security, chaos could be cataclysmic. For example:

‘A’ of the East Coast Office has all of his patches up to date, but he has an insecure
link with ‘B’ on the west-coast, who has failed to properly configure his firewall. This
situation would allow for a full system compromise.

Some technical look at database security.

2.5 Database Vulnerabilities
Basically database security can be broken down into the following key points of
interest.

      Server Security
      Database Connections
      Table Access Control
      Restricting Database Access

2.5.1 Server Security
Server security is the process of limiting actual access to the database server itself,
and it’s most important angle is security and should be carefully planned. The basic
idea is this, "User can't access what they can't see". Why in the name of the Almighty
(or whoever else you believe in, or if we are an Atheist, substitute our own name here)
would we let our database server be visible to the world. This is not a web server here,
there should be no such thing as an anonymous connection. Now some people would
say, "Well, what if our database server is supplying information to dynamic web
pages?", "Our database back end should never be on the same machine as your web
server, not just for security, but for performance!" If our database server is supplying
information to a web server then it should be configure to allow connections only
from that web server. Now that bring mess to the next point of discussion:


                         Student Name: Prasanna Puranik                            Pg.4
                                 Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B




Here Trusted IP Access has limited the database server to only answering information
requests from the known IP of the web server.

2.5.2 Trusted IP addresses
Every server, should be configured to only allow trusted IP addresses. We don't allow
just anyone to come into our house and talk to our children. In the same respect we
should know exactly who should be allowed to "talk" to our database server.
If it's a back end for a web server, then only that web server's address should be
allowed to access that database server. If the database server is supplying information
to a home grown application that is running on the internal network, then it should
only answer to addresses from within the internal network

Also please none of this cheap mentality of hosting our web databases on the same
server that houses internal database information. Why would we have internal
information out in the DMZ, its not called the DMZ for nothing.

2.5.3 Database Connections
These days with the number of Dynamic Applications it becomes tempting to allow
immediate unauthenticated updates to a database. If we are going to allow users to
make updates to a database via a web page, ensure that we validate all updates to
ensure that all updates are warranted and safe. For example ensure that we are
removing any possible SQL code from a user supplied input. If a normal user should
never be inputting it don't allow the data to ever be submitted.

If we are one of those administrators that feels the need to use ODBC connections
ensure that every connection uses it's own unique user to access the shared data. It
personally makes our skin crawl when we see the user account "sa" used for every
connection and data source on the server.

2.5.4 Table Access Control
Table access control is probably one of the most overlooked forms of database
security because of the inherent difficult in applying it. Properly using Table access
control will require the collaboration of both system administrator and database
developer, and we all know that "collaboration" is a foreign word in the IT industry.



                         Student Name: Prasanna Puranik                            Pg.5
                                 Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B

An example would be allowing read access to user imputed information to the public.
If a user just imputed the information whey would they have to look at it within the
same session. Or, if a table is just used for system reference why should it have any
other permissions beside read available?

Unfortunately table structure and proper relational database structure and
development is a little out of the scope of this article. But, keep a look out for it in my
upcoming articles.

2.5.5 Restricting Database Access
Mainly into the network access of the system Specifically targeting Internet based
databases, since they have been the most recent targets of attacks. All web-enabled
applications have ports that they listen to ( we know this is pretty basic to most of you
but, it needs to be said for the beginners!).

Most cyber criminals ( we always refrain from the media sensationalized term
"Hackers" or "Crackers") are going to do a simple "port scan" to look for ports that
are open that popular database systems use by default. Now we say by default,
because you can change the ports a service listens on, which I personally feel is a
great way to throw off a criminal.

First they will attempt to determine if a machine is even at a specific address. They
will do this by pinging the system. This is done by simply opening up a command line
and typing "ping".

C:\ ping 127.0.0.1
or
root@localhost: ~$: ping 127.0.0.1
The response should look like this:
Pinging 127.0.0.1 with 32 bytes of data:
Reply        from       127.0.0.1:       bytes=32            time<10ms          TTL=128
Reply        from       127.0.0.1:       bytes=32            time<10ms          TTL=128
Reply        from       127.0.0.1:       bytes=32            time<10ms          TTL=128
Reply from 127.0.0.1: bytes=32 time<10ms TTL=128

Ping statistics for 127.0.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0%
Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms,
Average = 0ms




An example of the ping command being used on a windows box.

                          Student Name: Prasanna Puranik                              Pg.6
                                  Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B


The criminal now knows there is a system answering at this address. First thing to
prevent this is to disable any ICMP packets. This will prevent ping requests from
being replied to.

There are many ways to prevent open access from the Internet and each database
system has it's own set of unique features as well as each OS.

      Trusted IP addresses - UNIX servers are configured to answer only pings
       from a list of trusted hosts. In UNIX, this is accomplished by configuring the
       rhosts file, which restricts server access to a list of specific users.
      Server account disabling- If you suspend the server ID after three password
       attempts, attackers are thwarted. Without user ID suspension, an attacker can
       run a program that generates millions of passwords until it guesses the user ID
       and password combination.
      Special tools -Products such as RealSecure by ISS send an alert when an
       external server is attempting to breach your system's security.

Oracle has a wealth of authentication methods:

      Kerberos security- This popular "ticket"-based authentication system
       sidesteps several security risks.
      Virtual private databases- VPD technology can restrict access to selected
       rows of tables.
      Role-based security- Object privileges can be grouped into roles, which can
       then be assigned to specific users.
      Grant-execute security- Execution privileges on procedures can be tightly
       coupled to users. When a user executes the procedures, they gain database
       access, but only within the scope of the procedure.
      Authentication servers-Secure authentication servers provide positive
       identification for external users.
      Port access security - All Oracle applications are directed to listen at a
       specific port number on the server. Like any standard HTTP server, the Oracle
       Web Listener can be configured to restrict access.

Database Security, and quite possibly helped eliminate or at least lower the threat of
criminals looking for the "easy kill". (By Blake Wiedman)




                        Student Name: Prasanna Puranik                           Pg.7
                                Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B

3. DATABASE ENCRYPTION
In the context of this paper, we will classify encryption in two forms - encryption of
data-at-rest and encryption of data-in-motion. Data-at-rest is data residing in the
database. Information stored in table. Data-in-motion is data as it is communicated
over the network. Data-in-motion has a short life time. Data-at-rest has a much longer
lifetime. Was does this mean? Just that data-at-rest is much more likely to be attacked.
This is in fact the case we see in the real world. Hacks occur on a database that is
sitting with data-at-rest in it. Very rarely is data compromised as it crosses the
network. The vast majority of attacks such as theft of credit cards from databases are
the result of compromising the database at the source where it exists as data-at-rest.
There is very little evidence of theft resulting from data-in-motion.

This is ironic because we most often today see encryption of data-in-motion. For
instance, most web applications do support SSL encryption. This encrypts the
network traffic between the client and the server and is very secure. The only problem
is that it’s not protecting a whole lot. It’s actually serving as a way to protect attacks
from being detected because the attack is encryption as it goes to the web application.

Encryption is the transformation of data into a form that is as close to impossible as
possible to read without the appropriate knowledge (a key). Its purpose is to ensure
privacy by keeping information hidden from anyone for whom it is not intended, even
those who have access to the encrypted data. Decryption is the reverse of encryption;
it is the transformation of encrypted data back into an intelligible form.

In a typical cryptographic transaction the sender and receiver choose a cryptographic
system and, at some time before the message is to be sent, the sender chooses the key.
The key is then sent to the receiver by some safe path. Upon obtaining the key the
receiver determines which transformation of the system is to be used to decrypt the
message.
Plain      Encryption        Cipher text
Text



SENDER
                                       Network /
                                        Internet          Cipher text         Decryption


INTRUDER trying to retrieve
Information gets only unreadable cipher text                             Plain Text
                                                                         RECEIVER

Encryption and decryption generally require the use of some secret information,
referred to as a key. There are two types of cryptosystems: secret-key and public-key
cryptography. In secret-key cryptography, also referred to as symmetric cryptography,
the same key is used for both encryption and decryption. Example Data Encryption
Standard (DES).In public-key cryptography, each user has a public key and a private
key. The public key is made public while the private key remains secret. Encryption is

                         Student Name: Prasanna Puranik                              Pg.8
                                 Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

performed with the public key while decryption is done with the private key.
Example RSA public-key cryptosystem.

3.1 Internet, E-mail and E-Commerce:
The Internet, comprised of millions of interconnected computers, the World
Wide Web is used for online business, data distribution, marketing, research,
learning, and a myriad of other activities. Cryptography makes secure web sites
and electronic safe transmissions possible. For a web site to be secure all of the
data transmitted between the computers where the data is kept and where it is
received must be encrypted. This allows people to do online banking, online
trading, and make online purchases with their credit cards, without worrying
that any of their account information is being compromised. Cryptography is
very important to the continued growth of the Internet and electronic
commerce. E-commerce is increasing at a very rapid rate and this activity could
not be supported without cryptographic security. People use e-mail to conduct
personal and business matters on a daily basis. E-mail has no physical form and
may exist electronically in more than one place at a time. This poses a potential
problem as it increases the opportunity for an eavesdropper to get a hold of the
transmission. Encryption protects e-mail by rendering it very difficult to read
by any unintended party.


3.2 WHY ENCRYPT DATA
Organizations have traditionally protected their computers using perimeter security.
Unfortunately, in an ever-changing world, perimeter security has failed to provide
adequate protection. Modern networks are too complex to expect perimeter security to
hold up. As users are frequently required to open up their networks to business
partners, employees, and customers, varied and often unsupervised access to the
network itself makes perimeter security obsolete.

Database encryption solves these problems by protecting information at the source.
By locking data where it sits, database encryption provides the most cost effective
security. The database is where the most valuable information is stored, and
protecting the data at the database level is the most logical way to prevent security
breaches.

Databases are the holders of massive amounts of data. As the world becomes
increasingly digital, the data held in those databases become more and more valuable.
In most large companies, their most valuable assets are stored in databases. These
assets can include customer lists, proprietary information, trade secrets, literally any
form of data. Is encryption meant to replace access control? Is it meant to replace
auditing? No! Encryption is a way of providing a final line of defence. A method of
saying, even if an intruder breaks through all my other defences or is authorized full
control over the system, they will be unable to “read” or “steal” critical data. Does
encrypt stop data from being modified or destroyed? No, encryption is not meant to
do so. Encryption is only meant to protect the information from being “read”.
Encryption can be designed to tell you when data has been tampered with but can not

                         Student Name: Prasanna Puranik                            Pg.9
                                 Std No.: W0005423
                                   CSC4490
                       Computing Complementary Studies B

stop it from being tampered with. To stop data from being tampered with, access
controls should be used.



3.3 How to Encrypt Database Data

   1. Determine what to encrypt. Keep the list short, encrypting only those fields
      with sensitive data. Once fields are encrypted, indices generated from them
      will be invalid.
   2. Decide where to handle encryption and decryption for your database. The
      most secure place is on the client--but the client needs this capability built in.
      If that doesn't work, the database will have to do, possibly with a third-party
      encryption tool.
   3. Protect your keys. Oracle recommends storing them in a table in encrypted
      form, then accessing them with a stored procedure that decrypts them, gets the
      data requested, decrypts it with the unencrypted key and returns the resulting
      data set. Or store them on a disk, and give only the database rights needed to
      access the key file; this works if you can secure the file.
   4. Implement, or get access to, a secure key-generation system. Oracle bundles a
      secure key generator with 9i. Other vendors have their own tools.
   5. Know how much disk space you need for larger fields. This varies from
      solution to solution.
   6. Keep two live copies of the table for each field you encrypt. Or stream it out to
      disk so you can reimport it later. Check with your encryption vendor to ensure
      that the fields are large enough to hold the encrypted data. Don't forget to
      delete the extra table when all is OK.
   7. Use encryption vendor's tool to copy the unencrypted data and then encrypt it.
      Place the encrypted data into the new field you created.




                        Student Name: Prasanna Puranik                            Pg.10
                                Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

4. ENCRYPTION METHODS USED IN DATABASE SECURITY

Cryptography has its own significance in secure communication. Aside from
confidentiality, cryptography can also be used for:

Privacy                : Keep people from reading sensitive email.
Commerce               : Keep credit card information and other sensitive
                         financial information private to prevent fraud.
Security               : Keep confidential information confidential and private.
Authentication         : Make sure files are from who they claim to be.
Integrity              : Also cryptography can be used to ensure that files retain
                         their integrity after being transferred.
Non-repudiation        : The sender cannot deny that he/she sent the message

4.1 Authentication
In some cases cryptography allows you to have more confidence in your electronic
transactions than you do in real life transactions. In the electronic world falsification
of signatures is made difficult because of the usage of cryptography, the digital
signatures that are built using the contents of the document being signed. Digital
signatures can also be used to authenticate the origin and the content of the message.

4.2 Access Control
Cryptography is also used to regulate access to satellite and cable TV. Cable
TV is set up so people can watch only the channels they pay for. The
transmission of the movie in the channel is decrypted so that it need to be
encrypted to view the picture. If the subscriber wants that particular movie
payment has to be done and in return, the Cable Company sends out a signal to
the subscriber's cable box, which unscrambles (decrypts) the requested movie.
In the same way Satellite TV works, the company do not have a direct
connection to each individual subscriber. So each subscriber is given a
receiver; the satellite transmits signals that can only be unscrambled by such a
receiver.

As seen, cryptography is widely used. Not only is it used over the Internet, but
also it is used in phones, televisions, and a variety of other common household
items. Without cryptography, hackers could get into our e-mail, listen in on
our phone conversations, tap into our cable companies and acquire free cable
service, or break into our bank/brokerage accounts.

Most database-encryption mechanisms present encrypted data as characters one
character per hexadecimal digit. That's a big increase: When encrypted, a 4-byte
integer becomes an 8-byte character string. Most encryption algorithms use 64-bit
DES, so our 4-byte (32-bit) integer becomes a string of 16 encrypted characters.
Bottom line: When building our disk capacity for database encryption, anticipate that
our data will triple or quadruple in size. In addition, make sure we have sufficient
logical-memory space.



                         Student Name: Prasanna Puranik                              Pg.11
                                 Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

Encryption is the process of disguising a plain text message in such a way as to
obscure its meaning. The encrypted message is called cipher text. The reverse process
of reconstructing the information from a cipher text is called decryption. Encryption
and decryption algorithms are based on mathematical functions. A key is a randomly
generated string of numbers of specified length that is held as secret. The security of a
cryptographic algorithm relies entirely on the key. The term cryptosystem refers to an
encryption algorithm, the corresponding decryption algorithm and a set of possible
keys that can be used with these algorithms. Based on the way in which keys are
generated and used, cryptosystems are classified as

1. Symmetric key cryptosystem
2. Public key cryptosystems



5. SIGNIFICANCE OF CRYPTOGRAPHY:
5.1 Symmetric key cryptosystems make use of the same key for encryption and
decryption. These cryptosystems require that the sender and receiver of the plaintext
share a secret key. For example if ‘A’ wants to securely send ‘B’ a message m, ‘A’
and ‘B’ must have already shared a key that is not divulged to anyone else. ‘A’ can
then encrypt the message with symmetric key algorithm and send it to ‘B’, which ‘B’
can decrypt. The message remains a secret only as long as the key remains secret
since anyone who has access to the key can decrypt the message.

Symmetric Key algorithms are further classified into
    Stream Algorithms/ Stream Ciphers: These algorithms operate on the plaintext
     one bit (or byte) at a time.
    Block Algorithms/ Block Ciphers: They operate on a group of bits at a time.
     Most common block size is 64 bits.

The merits of symmetric key cryptosystems are

   1. Since nobody else is supposed to know the key other than the participating
      entities, the length of the key can be around 128/256 bits.

   2. As a side effect of the above advantage, the symmetric key cryptosystems
      offer better performance than their public key counterparts.

   3. Since the security of the algorithm depends on the secrecy of the keys, each
      pair of communicating parties must have a secret key. For example, if ‘A’
      wants to communicate securely with ‘B’, ‘O’ and ‘M he/she has to have 3
      keys one for each of them.

The drawback is that the key exchange is very difficult. If A and B are geographically
apart, they need to have access to a secure communication medium in which they
could exchange the keys.

A typical example of symmetric key cryptosystem is the Data Encryption Standard
(DES). DES is a block cipher of block length 64 bits. That is, it takes plaintext of 64
bits and transforms it into 64 bits cipher text. The key length is 56 bits. DES performs

                         Student Name: Prasanna Puranik                            Pg.12
                                 Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B

encryption in 16 iterations (rounds). For each iteration, a sub key of 48 bits called
round key is generated and XORed with the plain text block. This transformed block
is the subject to a substitution (adding confusion) and then to a permutation (adding
diffusion). The repetitive nature of the algorithm makes it sufficiently impenetrable to
cryptanalytic attacks.

5.2 In PUBLIC KEY CRYPTOSYSTEM the keys used in the encryption and
decryption algorithms are distinct. The encryption key can be made public and the
decryption key must be held secret. The decryption key cannot be calculated from the
public key. Moreover, the mathematical relation between the keys makes each key
pair (encryption and decryption keys) unique. For example if ‘A’ uses PKC, he/she
can generate a pair of keys and publish the encryption key. ‘B’ who wishes to send
‘A’ a message can now encrypt the message with ‘A’ public key and send it to ‘A’
who alone can decrypt it.


The process of PKC:
    The PKC solves the key exchange problem confronted by symmetric key
       algorithm. Since ‘A’ can make his/her encryption key public the need for a
       secure channel to communicate the key is obviated.
    Also, ‘O’ and ‘M’ can communicate with ‘A’ using the same public key.

The cons:
    Since the encryption key is made public, it would be possible for an adversary
       to use brute force to identify the decryption key from the set of possible keys.
       In order to eliminate this possibility, the key length should be at least 1024 bits
       and the key should be truly random This makes key generation an expensive
       operation.
    As a side effect of the above requirement, PKC tend to be slower than
       symmetric key cryptosystems.

Commonly used technique is to employ PKC for key exchange in Symmetric
cryptosystems.

Typical encryption techniques use mathematical operations to transform a message
(represented as a number or a series of numbers) into a cipher text. Mathematical
operations called one way functions are particularly suited to this task. A one way
function is one which is comparatively easy to do in one direction but much harder to
do in reverse. As an example, it is comparatively easy to square a two digit number;
with a little concentration, many people can probably multiply 24 by 24 without using
a pencil and paper. One the other hand, calculating the square root of the number 576
is much harder, even with a pencil and paper.

The RSA system uses one way functions of a more complex nature. Specifically, the
system uses modular arithmetic to transform a message (or pieces of the message, one
piece at a time) into unreadable cipher text. Modular arithmetic is often called "clock"
arithmetic, because addition, subtraction, and the like, work like telling time. In a 12-
hour system, four hours after 10:00 is not 14:00 (10 + 4 is not equal to 14); it is 2:00.



                         Student Name: Prasanna Puranik                            Pg.13
                                 Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

This is because we subtract out 12 (or any multiples of 12) after doing the addition. In
modular arithmetic notation, the operation might look like this:

                                 2 = (10+4) mod 12
                                   2 = 14 mod 12
One can do multiplication in modular arithmetic much the same way addition is done
in the above example:
                                  2 = (7*2) mod 12
                                   2 = 14 mod 12
This process is sometimes called modular reduction. By subtracting out the modulus
(and all multiples of the modulus) a number is "reduced" to a much smaller number.
When the number 14 is "reduced" to the number 2 in the above example, one can say
that "14 is reduced modulo 12."

Instead of multiplying one number by a different number (as (7) is multiplied by (2)
in the above example), The RSA system multiplies one number (called the base) by
itself a number of times. The number of times a base is multiplied by itself is called
the exponent:

                                  16 = 2*2*2*2
                                      16 = 24
In this example, the number (2) is the base, and is multiplied by itself four times,
making the exponent the number (4).

Encryption formula, the message (represented by a number M) is multiplied by itself
(e) times (called "raising (M) to the power (e)"), and the product is then divided by a
modulus (n), leaving the remainder as a cipher text

The RSA method of encrypting the text involves enormous prime integers (100 to 200
digits in length) and falls in the category of 'public key' methods. These methods
allow the public access to parts of the key and the secret portion of the key cannot be
calculated by the public and so the message is safe. The numeric keys are so large that
breaking the cipher is not possible by conventional means.

      Encryption functions E_K
      Decryption functions D_K
      Then D_K(E_K(P)) = P Plain text.

In a public-key cryptosystem, E_K can be easily computed from some ``public key'' X
which in turn is computed from K. X is published, so that anyone can encrypt
messages. If decryption D_K cannot be easily computed from public key X without
knowledge of private key K, but readily with knowledge of K, then only the person
who generated K can decrypt messages.




                         Student Name: Prasanna Puranik                           Pg.14
                                 Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

For RSA method the mathematical procedure followed is as shown below.

   1. First two prime integers p and q are generated.
   2. Then multiply p and q, putting the product in a variable n. n must not be easily
      factorised then the message is considered to be not safe. This is the reason for
      the 100 to 200 digit numbers - they are not factorable.
   3. Next, the Euler phi function of n called as phi is computed. Since the factors
      of n are already known phi is calculated; it is (p-1) * (q-1). This number
      represents the quantity of numbers less than or equal to n that are co prime to
      n. By co prime, it is meant that the number is not a multiple of either factor of
      n.
   4. Then number e that is co prime to phi.
   5. Then another number d is selected in such a way that
                                         i. [(e*d) mod phi] = 1.
   6. All the components are now available for encrypting the text. The text is
      converted into a numeric counterpart, M. ASCII values are used and each part
      is stored separately.

Quite an assortment of variables has been used and they are p, q, n, phi, e, d, M.

                Variable                    Definition
              p, q           large random prime numbers
              n              product of p and q
              phi            quantity co prime to n -> (p-1)(q-1)
              e              any prime not a divisor of phi
              d              number such that [(d*e)mod(phi)]=1
              M              character representation

Once all these values are determined, n and e can be made public while holding d
safe. The value of d is the key to your cipher and though p, q, and phi are no longer
needed they must remain unknown since they could be used to calculate d.

      Represents the plaintext message as a positive integer M.
      N is a product of p and q.
      To Encrypt the text, calculate C using the formula below.
      C = M^e mod n.

C is the cipher text. Due to the size of e, calculating Me is not feasible. The
following routine can be used to find C:

         C    = M mod n
         Do I = 2, e
         C    = C*M
         C    = M mod n
         End do

                         Student Name: Prasanna Puranik                              Pg.15
                                 Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B

To decrypt the code, use the secret key d and calculate D as shown below

       D = Cd mod n.

The number that results from this calculation can be converted back into the character
set.

The encryption for the letter “ @ ” is as solved as an example below.
Assume p and q ( here it is taken as small numbers but in real time very large
numbers are used)

          Let p = 7 and q = 11

Calculate n
        n = p * q = 77

Calculate phi
        phi = (p-1)(q-1) = 60

Get the number e which is not a divisor of phi;
         e = 13
         d = 37 since (13*37 ) mod 60 = 1

Encrypt the letter “ @ “ (ASCII value 64) then M = 64
        C = Me mod n = 36
        C = 36

Decryption

          D = Cd mod n = 64
          ASCII 64 is “ @ ”

Thus the plain text is got after decryption.

Secret Key Cryptosystems:
Single key or conventional or secret key encryption algorithm uses same key for both
encryption and decryption and the key is kept secret.




                          Student Name: Prasanna Puranik                        Pg.16
                                  Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B

6. PROBLEM IN CRYPTOGRAPHY:
One of the hardest problems in cryptography is the creation of the keys themselves, a
process which usually requires a good random number source. High quality random
numbers are surprisingly hard to come by on computer systems, which are almost
completely deterministic by nature.

When the message is encrypted it can be decrypted using a public key (which is
known to all). And by using different messages, the corresponding secret key can be
interpreted. The sender using secret key do not actually know whether the secret key
is still secret or it has been detected by some one.
If the information is to be transferred is to be a secret, then there must be a key
between the receiver and sender. And both need to agree on the key and use it
encode/decode messages. But you don't want to keep using the same key, or you will
make it easier and easier for others to crack your cipher. But it's also a pain to get
keys to others whom you wish to transfer a secret message.

Underlying every cryptographic system is a set of practical problems and questions
involving privacy, security, and overall confidence in the underlying confidentiality
features of the system. In principle, the techniques of asymmetric and symmetric
cryptography are sufficient to resolve the security questions and properties described
above. For example, today's Web browsers use the public key of a Web site in order
to send credit card numbers over the Web; similarly, one can protect access to files
and data using a private symmetric key to scramble the information before saving it.

However, in practice, each of these problems requires a "certified" public key in order
to operate correctly without third parties being able to interfere. This leads to a second
set of questions; for example:


"How can I be sure that the public key that my browser uses to send credit card
information is in fact the right one for that Web site, and not a bogus one?"

"How can I reliably communicate my public keys to my correspondents so that they
can rely on it to send me encrypted communications?"


What's needed in order to address such concerns is the notion of a "secure binding"
between a given entity that participates in a transaction and the public key that is used
to bootstrap secure communication with that entity using asymmetric public key
cryptography. The next section describes how a combination of digital signatures and
X.509 digital certificates (which employ digital signatures), including SSL
certificates, fulfills this role in e-commerce trust systems.



6.1 Public Key vs. Private Key Encryption
Keep in mind, if configuring for time-sensitive data, the computation required for
public key cryptography requires more CPU overhead than the private (secret) key
shared cryptography. The length of the key can also play a part in the

                         Student Name: Prasanna Puranik                             Pg.17
                                 Std No.: W0005423
                                   CSC4490
                       Computing Complementary Studies B

encryption/decryption time. With the shared private keys, if a key is compromised,
both sending and receiving data can be decrypted. If a public key is compromised,
only the data going one way can be decrypted

7. Existing Approaches:
There are different ways in encrypt/decrypt messages. There are lot of algorithms
which are user to develop the encryption/decryption methods. The different method of
forming encrypted message and their algorithm are give as below.

                           Algorithms for development

      Hash Functions               - HAVAL, MD2, MD4, MD5, SHA-1
      Public-Key Encryption        – ElGamal, RSA
      Private-key Encryption       - RC2, RC5, RC6

   1. In case of message digest Secured Hash Algorithm (SHA) – 1 is most widely
      used. The message digest produced is 160 bit and hence they are found to be
      more secured. The SHA-1 is called secure because it is computationally
      infeasible to find a message which corresponds to a given message digest, or
      to find two different messages which produce the same message digest. Any
      change to a message in transit will, with very high probability, result in a
      different message digest, and the signature will fail to verify.
   2. The public-Key encryption widely used is RSA. RSA is a Encryption Scheme
      - Optimal Asymmetric Encryption Padding) is a public-key encryption scheme
      combining the RSA algorithm with the OAEP method.
   3. Private-Key Encryption technique uses RC6 algorithm, which is the latest and
      the most popularly used algorithm for Private-Key Encryption.

   4. Other public key systems include knapsack ciphers (largely broken) and
      elliptic curve cryptosystems (not widely used).




                        Student Name: Prasanna Puranik                        Pg.18
                                Std No.: W0005423
                                    CSC4490
                        Computing Complementary Studies B

8. THERE ARE MANY                    ALGORITHMS           WE      CAN      USE     FOR
CRYPTOGRAPHY LIKE:

8.1 Hash Functions
While cryptosystems help provide confidentiality of data, hash functions offer
integrity assurance. Hash functions are based on the mathematical concept of one-way
functions i.e., given f(), it is very easy to compute f(m) where m is any message. On
the other hand it is computationally infeasible to compute the message m given f() and
f(m).

A hash function h also has the following traits:
   1. Compression: A hash function must compress the input given to it. If m is a n
       bit message, h(m) has bit length less than n.
   2. Preimage Resistance: Given h() and the value h(m) on a message ‘m’ it
       should be computationally infeasible to find m.
   3. Second Preimage Resistance: Given h() and a value h(m) on a message ‘m’ it
       should be computationally infeasible to find an m’ such that m≠m’ but h(m) =
       h(m’).
   4. Collision resistance: Given h() it should be computationally hard to find a pair
       m and m’ such that m ≠ m’ and h(m) = h(m’).

A hash function that satisfies the above requirements can be used to guarantee data
integrity. For instance, let m be the data whose integrity needs to be preserved and
verified. ‘A’ can compute h(m) and store it securely. If m is changed to m’ by an
adversary, the value of h(m’) ≠ h(m) and ‘A’ can know that the data has been
tampered. In this case h() is an un keyed hash function hence the hash value has to be
kept secure.

Hash functions can also be keyed. A key is a string of random number of specified
length that is kept secret. Thus if ‘A’ and ‘B’ share a secret key K, and if ‘A’ wants to
send a message m to ‘B’ she can compute the hash of m using the keyed hash function
hk(m) and send both m and hk(m) to ‘B’. ‘B’ on the receiving end can receive the
message and compute hk(m) independently and check if it matches the value received
from ‘A’. If Eve decides to change ‘A’’s message from m to m’ she can do so but
cannot modify the value of hk(m) to hk(m’) because she does not know the secret key.
So ‘B’ on the receiving end will compute hk(m’) and reject the message as hk(m’) ≠
hk(m).This usage of hash function is called Message Authentication Codes (MACs).

8.2 DSA
DSA stands for Digital Signature Algorithm. It is actually combination of DSA and
SHA-1. We can use any key size from 512 to1024 bits, in 64-bit increment. The
signature size depends on the key size.

8.3 MD5
MD5 stands for message digest it produce 128 bit message digest value. It is updated
version of MD4, an earlier algorithm.




                         Student Name: Prasanna Puranik                            Pg.19
                                 Std No.: W0005423
                                   CSC4490
                       Computing Complementary Studies B

8.4 SHA-1
SHA-1 is stands for secure hash Algorithm. Like MD5, SHA-1 is based on MD4.
SHA-1 produce a message digest value this is 160 bit long which increases its
resistance to attack. This algorithm is often called SHA. SHA -1 are now used to
mean the same thing.

8.5 Modern Methods:

In fact, a combination of both public-key and traditional symmetric cryptography is
used in modern cryptographic systems. The reason for this is that public-key
encryption schemes are computationally intensive versus their symmetric key
counterparts. Because symmetric key cryptography is much faster for encrypting bulk
data, modern cryptography systems typically use public-key cryptography to solve the
key distribution problem first, then symmetric key cryptography is used to encrypt the
bulk data.

Most common uses of public key technology is in the Secure Sockets Layer (SSL)
protocol, used by Netscape Navigator and other web browsers for secure
communications over the internet. Secure sockets allows the user -- typically an
individual working from a personal computer at home (called the client) -- to
communicate with a web site computer (called the server). The server might be
operated by a merchant and the user might wish to have the client computer send a
credit card number to the server to order goods. The secure sockets protocol uses
public key techniques to encrypt the credit card number so that the number is not sent
in plaintext over the internet. Such a scheme is used by today's SSL protocol for
securing Web transactions, as well as by secure e-mail schemes such as S/MIME that
are built into such products as Netscape Communicator and the Microsoft Internet
Explorer. See "IV. SSL Server Certificates" below for more on SSL.

Today's cryptography is more than encryption and decryption. A digital signature
binds a document to the possessor of a particular key, while a digital timestamp binds
a document to its creation at a particular time.

Cryptanalysis is the study of how to break cryptographic mechanisms and cryptology
(In Greek means “hidden word”) is the discipline of cryptography and cryptanalysis
combined. Cryptology is the study of both cryptography and cryptanalysis.

These cryptographic mechanisms can be used to control access to a shared disk drive,
a high security installation, or a pay-per-view TV channel.




                        Student Name: Prasanna Puranik                          Pg.20
                                Std No.: W0005423
                                     CSC4490
                         Computing Complementary Studies B


9. CONCLUSION:

Database encryption is a necessary component of layer security, however it should be
understood how encryption is to be used. Specifically if encryption is used
incorrectly, in can create more problems then it solves. Encryption is not a
replacement for the other layers in the security stack – it is a complement to the
existing pieces.


Encryption carries with it complications. The conclusion from this paper is that
encrypting our databases can be a useful tactic, but only if used in conjunction with a
well balanced security plan. Encryption is a single layer of defence in database
security. If it is not use conjunction with auditing, intrusion protection, vulnerability
assessment, and database integrity solutions then we are not providing a solid security
solution. As we work out our use of encryption, give ourself the ability to provide
effective and holistic security by incorporating all the different layers.




                          Student Name: Prasanna Puranik                           Pg.21
                                  Std No.: W0005423
                                   CSC4490
                       Computing Complementary Studies B




Reference:
  1. Applied Cryptography by Bruce Schneier
  2. Handbook of Applied Cryptography by Alfred J Menenzes, Paul C. Van
     Oorschot, Scott A.Vanstone
  3. Security in Computing (Second Edition) Charles P PFleeger
  4. The Codebreakers: by David Kahn
  5. Total Application Security with the SecureSphere Dynamic Profiling
     Firewall White Paper
  6. http://www.rsasecurity.com/
  7. http://www.comsoc.org/livepubs/ci1/public/anniv/hellman.html
  8. http://databases.about.com
  9. http://www.governmentsecurity.org/articles/DatabaseSecurityCommon-
     sensePrinciples.php
  10. http://www.relationalwizards.com/index.html
  11. http://www.appsecinc.com/presentations/Encryption_of_Data_at_Rest.pdf
  12. http://www.securitypipeline.com/showArticle.jhtml?articleId=16600160&pgno=2
  13. http://www.cyberlaw.com/rsa.html




                        Student Name: Prasanna Puranik                              Pg.22
                                Std No.: W0005423

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:1
posted:12/28/2012
language:English
pages:22