|

  
|




   


r Protecting Internet communications

(encryption)
r Securing channels of communication
(SSL, S-HTTP, VPNs)
r Protecting networks (firewalls)
r Protecting servers and clients

O

 


 




O

 


r `se of anti-virus software is perhaps the first defense
against any virus attacks and one of the most significant
technology for ensuring that the systems do not mal
function due to virus attacks.
r Since virus attacks have the potential to cause damage to
both the information and systems of each of the players in
e-commerce, the trading partners hesitate to use a system
that is prone to virus attacks.
r It is, therefore, essential to ensure that no malicious code
is communicated to their systems via the e-commerce
infrastructure.
r Equally important is that the session between the two
trading partners does not attract any virus threats.
 



r -or an effective use of anti-virus solutions, two things are

essential:
r The manner of Ô
  

The anti-virus scans may be carried out either 


 




è

aanual scans are carried out at user prompt as and when
required.
 Automatic scans are carried out automatically at preset
intervals from the system prompts.
r Installing the 
Ô     Ô of anti virus. This eludes most
of the probability of virus infections due to manual failure.
Installing the 
Ô     Ô of anti-virus solutions ensures
the protection against all old and the new viruses.
·


!
"
#

r A firewall is hardware, software, or a

combination of both that is used to prevent
unauthorized programs or Internet users from
accessing a private network and/or a single
computer
 ·





r     



 


  

 

  


r Isolates computer from the internet using a
"wall of code"
 Inspects each individual "packet" of data as it arrives
at either side of the firewall
Inbound to or outbound from your computer
Determine whether it should be allowed to pass or be
blocked
 

 

· #· #
· # ·#

a

 


!
"
$


"
·






r Since the firewall software inspects each and every packet of

data as it arrives at your computer ²      

   

 
     ² the
firewall has total veto power over your computer's receipt of
anything from the Internet.

r A TCP/IP port is only "open" on your computer if the first

arriving packet which requests the establishment of a
connection is answered by your computer. If the arriving
packet is simply ignored, that port of your computer will
effectively disappear from the Internet. No one and nothing
can connect to it!
 ·






r ut the 
 
 of a firewall is derived from its ability to be
selective about what it lets through and what it blocks. It can
"filter" the arriving packets based upon any combination of
the originating machine's IP address and port and the
destination machine's IP address and port.

r In packet filtering, the firewall software inspects the header

information (source and destination IP addresses and ports) in
each incoming and, in some cases, outgoing, TCP/IP packet.
ased on this information, the firewall blocks the packet or
transmits it.

"
%&"
!
"


r Hardware -irewalls
Protect an entire network
Implemented on the router level
`sually more expensive, harder to configure
r Software -irewalls
Protect a single computer
`sually less expensive, easier to configure
 "
&"
&
"
"#

r Inspects each individual ³packet´ of data as it

arrives at either side of the firewall
r Inbound to or outbound from your computer
r Determines whether it should be allowed to
pass through or if it should be blocked
 How
o

 w
o

r Internet communication is accomplished by exchange of individual

"packets" of data.
r Each packet is transmitted by its source machine toward its
destination machine.

³Connection" is actually
comprised of individual packets
traveling between those two
"connected" machines.

They "agree" that they're connected and each machine sends

back "acknowledgement packets" to let the sending
machine know that the data was received.
!
"
 

r Allow ± traffic that flows automatically

because it has been deemed as ³safe´
r lock ± traffic that is blocked because it has
been deemed dangerous to your computer
r Ask ± asks the user whether or not the traffic
is allowed to pass through
·

'
&
"



r Stop hackers from accessing your computer

r Protects your personal information
r locks ³pop up´ ads and certain cookies
r Determines which programs can access the
Internet
·

'
&
"



r Cannot prevent e-mail viruses

Only an antivirus product with updated
definitions can prevent e-mail viruses
r After setting it initially, you can forget about
it
The firewall will require periodic updates to the
rulesets and the software itself
!
"

$( 

Õ
$

&&&
&&
"

r -irewalls provide the broadest levels of filtering to

protect the systems. There are a number of
benchmark practices that should be followed for
effective implementation of a firewall.
r Type of -irewall;
r Placement of -irewall;
r Creation of Da
;
r Configurations of -irewall;
r Documentation regarding -irewall;
r Periodicity of review of configurations;
r Periodicity of viewing log files;
 | '
'

r Encryption
Transforms data into cipher text readable only by
sender and receiver
Secures stored information and information
transmission
Provides 4 of 6 key dimensions of e-commerce
security:
Õ. aessage integrity
2. Non-repudiation
3. Authentication
4. Confidentiality

O


R


 
  

r Confidentiality; assuring that only authorized parties are

able to understand the data.
r Integrity; ensuring that when a message is sent over a
network, the message that arrives is the same as the
message that was originally sent.
r Authentication; ensuring that whoever supplies or
accesses sensitive data is an authorized party.
r Nonrepudiation; ensuring that the intended recipient
actually received the message & ensuring that the sender
actually sent the message.
 R


r Encryption: scrambling a message or data

using a specialized cryptographic algorithm.
r Plaintext: the message or data before it gets
encrypted.
r Ciphertext: the encrypted (scrambled) version
of the message.
r Cipher: the algorithm that does the encryption.
 R
 

r Decryption: the process of converting

ciphertext back to the original plaintext.
r Cryptanalysis: the science of breaking
cryptographic algorithms.
r Cryptanalyst: a person who breaks
cryptographic codes; also referred to as ³the
attacker´.
£ 


r How can we know that a party that provides

us with sensitive data is an authorized party?
r How can we know that the party that is
accessing sensitive data is an authorized
party?
r This is a difficult problem on the Internet.

r Two solutions are:

Passwords
Digital signatures
á


r This involves ensuring that when a message

(or any kind of data, including documents and
programs) is sent over a network, the data that
arrives is the same as the data that was
originally sent. It is important that the data
has not been tampered with.
r Technical solutions include:
Encryption
Hashing algorithms
!



r Ensuring that the intended recipient actually

got the message.
r Ensuring that the alleged sender actually sent
the message.
r This is a difficult problem. How do we prove
that a person's cryptographic credentials have
not been compromised?
O

£  

á

O
 

r `sing a Õ28 bit key for a symmetric

encryption algorithm, there are 2Õ28 possible
keys.
r Even with the computing resources of the `S
government, most of the software developers
alive today will be dead before the
government could break such an encryption
[Viega and acGraw]
á


 


r aost security experts believe that 256-bit

keys are good for the lifetime of the
universe (many billions of years).
r The problem is that encryption is just one
link in the chain of security. Encryption is
a really strong link in that chain, but one
weak link breaks the chain.
r It is usually easier for the attacker to hack
your machine and steal the plaintext than to
break your cipher.
 ù 

r It is a variable value that is used by cryptographic

algorithms to produce encrypted text, or decrypt
encrypted text.
r The length of the key reflects the difficulty to
decrypt from the encrypted message.

   

  

   2
 

  
 ù  

r It is the number of bits (bytes) in the key.

r A 2-bit key has four values
00, 0Õ, Õ0, ÕÕ in its key space
r A key of length ³n´ has a key space of 2^n
distinct values.
r E.g. the key is Õ28 bits
Õ0Õ0Õ0Õ0Õ0Õ0«.Õ00Õ0Õ0ÕÕÕÕÕÕÕ
There are 2^Õ28 combinations
340 282 366 920 938 463 463 3 4 60 43Õ 68 2ÕÕ 456
 )  '


r `se a secret key to encrypt a message into

cipher text.
r `se the same key to decrypt the cipher text to
the original message.
r Also called ³Symmetric cryptography´.


   
  

  

   2
 

  
 PKI IN-AST`CT`E

R

  

     
l elies on two basic components: an algorithm and a
key
l An
  is a method used to   a message
and a   is an object used to ÷  a message.
l In a system where the letters are substituted for other
letters, the ³key´ is the chart of paired letters and
algorithm is the substitution.
l If two parties want to communicate, they must use the
same algorithm, in some cases use the same key.
Ñ
 PKI IN-AST`CT`E

l Cryptographic keys must be kept secret.

l Sometimes algorithms are kept secret, as the
method of encryption may hold the very method
used to decrypt the message.
l What is a Cryptosystem?
It is a mathematical function for processing data
and there is nothing secret about the function
except the key.

Ñ

 PKI IN-AST`CT`E

J   

l The ³state of art´ in authentication rests on PKI.
l It has become the cornerstone for secure e-
payments.
l It refers to the technical components,
infrastructure, and practices needed to enable
the use of public key encryption, digital
signatures and digital certificates with a
network application.
l Network applications include SCa, VPNs,
secure e-mail, and intranet applications. ÑÑ
 PKI IN-AST`CT`E

J

 J   

l At the heart of PKI is .
l 2   is the process of transforming or
scrambling data in such a way that is difficult,
expensive, or time-consuming for an unauthorized
person to unscramble (÷  ).
l Encryption has four basic parts: 
 !,   !,
an 
 , and the  .
l Two major classes of encryption systems are
Ô  ÔÔ Ô, with one secret key, and

Ô  ÔÔ Ô, with two keys. Ñ
 PKI IN-AST`CT`E

O  "J
 #   O 

l The same key is used to encrypt and decrypt the
plaintext.
Private Key Private Key

Plaintext Plaintext
Encryption Decryption
aessage Ciphertext aessage

l The sender and the receiver of the text must

share the same key without revealing it to
anyone else ± thus making it a 
system. Ñ
 ù  "#

   
   2
  

 

2


2
   
     

 



)ù 

*

Algorithm Name Key Length (bits)

lowfish `p to 448
DES 56
IDEA Õ28
C2 `p to 2048
C4 `p to 2048
C5 `p to 2048
Triple DES Õ92
 PKI IN-AST`CT`E

l The confidentiality of the message depends on the

key.
l It is possible to guess a key simply by having a
computer try all of the encryption combinations until
the message is decrypted.
l High-speed processing computers can try millions of
guesses in a second.
l This is why the length of the key (in bits) is the main
factor in securing a message.
l If the key were 4 bits long (e.g., Õ0ÕÕ) there would be
only Õ6 possible combinations. (i.e. 2 raised to the 4th
power) Ñ
)ù $ *#

r All keys need to be

replaced, if one key
is compromised.
r Not practical for the
Internet
environment.
r On the other hand,
the encryption speed
is fast.
r Suitable to encrypt
your personal data.
 PKI IN-AST`CT`E

l The longer the key, the more the possible

combination hence more time needed to crack
a key.
l -or a 40-bit key, there are over a trillion
possible combinations but this can be broken
in 8 days. (using a computer that can check Õ.6
million keys per second).
l However, a 64-bit encryption key would take
58.5 years to be broken (at Õ0 million keys per
second)

 $
)  '


r Involves 2 distinct keys ± public, private.

r The private key is kept secret and never be divulged, and it is
password protected (Passphase).
r The public key is not secret and can be freely distributed, shared with
anyone.
r It is also called ³asymmetric cryptography´.
r Two keys are mathematically related, it is infeasible to derive the
private key from the public key.
r Õ00 to Õ000 times slower than secret-key algorithms.


 
  

  

   2
 

  
 "+
&& #

r öust an example:
Public Key = 4, Private Key = Õ/4, message a =
5
Encryption:
r Ciphertext C = a * Public Key
r 5 * 4 = 20

Decryption:
r Plaintext a = C * Private Key
r 20 * ¼ = 5
 $
)$

 '



 


    


-
  


 

   

  


 

  

   
  
 
PKI IN-AST`CT`E


 $
ù  '


r `ses two mathematically related digital keys

Õ. Public key (widely disseminated)
2. Private key (kept secret by owner)
r oth keys used to encrypt and decrypt message
r Once key used to encrypt message, same key cannot be used to
decrypt message
r Sender uses recipient¶s public key to encrypt message; recipient
uses his/her private key to decrypt it

O

 
 '

, *
-.


 


 "/

 

2
 
   
2


 !
 
 '


 #  2
 # 

 **


*

Algorithm Name Key Length (bits)

DSA `p to 448 @ $ 
%

El Gamal 56 !
2&
SA Õ28 @!
$$ '( 
Diffie-Hellman `p to 2048
 How difficult to crack a key?
Attacker Computer esources Keys / Second

Individual attacker One high-performance desktop machine & Software 2^Õ ± 2^24

Small group Õ6 high-end machines & Software 2^2Õ ± 2^24

Academic Network 256 high-end machines & Software 2^25 ± 2^28

Large company $Õ,000,000 hardware budget 2^43

ailitary Intelligence agency $Õ,000,000 hardware budget + advanced technology 2^55

Key Individual Small Group Academic Large Company ailitary Inteligence

Length Attacker Network Agency
40 Weeks Days Hours ailliseconds aicroseconds
56 Centuries Decades Years Hours Seconds
64 aillennia Centuries Decades Days ainutes
80 Infeasible Infeasible Infeasible Centuries Centuries
Õ28 Infeasible Infeasible Infeasible Infeasible aillennia
 
)0
 
*

r It maps a variable-length input message to a

fixed-length output digest.
r It is not feasible to determine the original
message based on its digest.
r It is impossible to find an arbitrary message
that has a desired digest.
r It is infeasible to find two messages that have
the same digest.
 
)0


r A hash function is a math

equation that create a  # 
message digest from )
 2'*
message.
r A message digest is used
to create a unique digital
signature from a particular (-

document.
r aD5 example

 
 $
ù  '




r Hash function:
aathematical algorithm that produces fixed-length
number called message or hash digest
r Hash digest of message sent to recipient along with
message to verify integrity
r Hash digest and message encrypted with recipient¶s public
key
r Entire cipher text then encrypted with recipient¶s private
key²creating digital signature²for authenticity, non-
repudiation

O

$
ù "
0






O

 0


 '

r Addresses weaknesses of:

Public key encryption
r Computationally slow, decreased transmission speed,
increased processing time
Symmetric key encryption
r Insecure transmission lines
r `ses symmetric key encryption to encrypt document
r `ses public key encryption to encrypt and send symmetric key

O

|


0


 '

O

0






r Digital signature can be used in all electronic

communications
Web, e-mail, e-commerce
r It is an electronic stamp or seal that append to
the document.
r Ensure the document being unchanged during
transmission.
 "




"#

 !   +   

 !/    
 

 "
 
 
 ,
- $     
 
!/
  
 

 "
 0




1




&




#     #  @
 

#  # 

($
 ($




 
 


2
 

 

  2 
    

0






r eference
ù 

*

r Private key are password-protected.

r If someone want your private key:
They need the file contains the key
They need the pass phrase for that key
r If you have never written down your pass
phrase or told anyone
Very hard to crack
rute-force attack won¶t work
0


|
&



r Digital Certificate is a data with digital

signature from one trusted Certification
Authority (CA).
r This data contains:
Who owns this certificate
Who signed this certificate
The expired date
`ser name & email address
0


|
&



r eference
  *&0


|%
r A Digital ID typically contains the following information:
Your public key, Your name and email address
Expiration date of the public key, Name of the CA who issued your
Digital ID
|
&



 ,|.

r A trusted agent who certifies public keys for general

use (Corporation or ank).
`ser has to decide which CAs can be trusted.
r The model for key certification based on friends and
friends of friends is called ³Web of Trust´.
The public key is passing from friend to friend.
Works well in small or high connected worlds.
What if you receive a public key from someone you don¶t
know?
|* ,* .

@ $


! $
 ! $


",  .    .

·&*

"

! !

"



$
ù &
,$ù.

r PKI is a system that uses public-key

encryption and digital certificates to achieve
secure Internet services.
r There are 4 major parts in PKI.
Certification Authority (CA)
A directory Service
Services, anks, Web servers
usiness `sers
^ 


r Authentication ± Digital Certificate

To identify a user who claim who he/she is, in order to access the
resource.
r Non-repudiation ± Digital Signature
To make the user becomes unable to deny that he/she has sent the
message, signed the document or participated in a transaction.
r Confidentiality - Encryption
To make the transaction secure, no one else is able to read/retrieve the
ongoing transaction unless the communicating parties.
r Integrity - Encryption
To ensure the information has not been tampered during transmission.

·
 '


r Strong encryption
Encryption methods that cannot be cracked by brute-force
(in a reasonable period of time).
The world fastest computer needs thousands of years to
compute a key.
r Weak encryption
A code that can be broken in a practical time frame.
56-bit encryption was cracked in Õ999.
64-bit will be cracked in 20ÕÕ.
Õ28-bit will be cracked in 2Õ0 .
$ 1$

 ,$1$.

r elease in öune Õ99Õ by Philip
immerman

(P
)
r PGP is a hybrid cryptosystem that allows user
to encrypt and decrypt.
r `se session key ³a random generated number
from the mouse movement or keystrokes´

|
 &|**




r Secure Sockets Layer (SSL): aost common form

of securing channels of communication; used to
establish a secure negotiated session (client-
server session in which `L of requested
document, along with contents, is encrypted)
r S-HTTP: Alternative method; provides a secure
message-oriented communications protocol
designed for use in conjunction with HTTP
r Virtual Private Networks (VPNs): Allow remote
users to securely access internal networks via the
Internet, using Point-to-Point Tunneling Protocol
(PPTP)






2
$

|


r Operating system controls:

Authentication and access control
mechanisms
r Anti-virus software: Easiest and least
expensive way to prevent threats to
system integrity
 
 $
2

*$



r Steps in developing a security plan:

3 Perform risk assessment ± assessment of risks and points of
vulnerability
3 Develop security policy ± set of statements prioritizing
information risks, identifying acceptable risk targets and
identifying mechanisms for achieving targets
3 Develop implementation plan ± action steps needed to achieve
security plan goals
3 Create security organization ± in charge of security; educates
and trains users, keeps management aware of security issues;
administers access controls, authentication procedures and
authorization policies
3 Perform security audit ± review of security practices and
procedures
0 '

)**
 $


5

-
2

*3






r Tiger team: Group whose sole job activity is
attempting to break into a site
r Originated in Õ9 0s with `.S. Air -orce
r y Õ980s-Õ990s, had spread to corporate
arena
r aost use just ³white hats´ and refuse to hire
known grey or black hats
)**
 



1*&&


|  '


8
1*&&


|  '


9
 o   
 
‰ Indian Government constituted National Task
-orce on IT & SD

‰ Institutional setup
EC Council of India
India EDI-ACT Committee
Technical Assessment Group

‰ HD Group constituted