The Chronicler's Web (TCW)

by Dan Calloway, MSIT
Published August 8, 2009 at 7:15pm; www.dancalloway.com

There is much skepticism surrounding cryptography. Fagin et al. (2008) indicates that there is progress being made in this area to remove the skepticism. The National Institute of Standards and Technology (NIST) has joined forces with the National Security Agency (NSA) to form the “Common Criteria” process known as the Common Criteria for Information Technology Security Evaluation 2005 whose aim it is to increase the confidence in cryptographic and information-related security products. Additionally, the Department of Defense (DoD) has enacted policy directives requiring Information Assurance (IA) professionals to receive information security training in addition to basic IA training for all of its DoD employees (Fagin et al.). Fagin et al. further notes that security today requires some level of skepticism and critical thinking.

Bhargav-Spantzel et al. (2007) contends that there is a recent paradigm in identify management called user-centricity identity management. The study conducted by Bhargav-Spantzel et al. differentiated between two predominant notions: relationship-focused and credential-focused identity management. In the former approach, a user only maintains relationships with identity providers (IDPs) and thus every transaction providing identity information is conveyed to the appropriate IDP. In the latter approach, the user must obtain long-term credentials and store them in a local provider database.

Bhargav-Spantzel et al. indicates that the most predominant identity management model on the Internet today is the silo model where users handle their own data and provide it to organizations separately. One solution to this dilemma offered by Bhargav-Spantzel et al. is the centralized federation model, such as Microsoft’s Passport, which removes the inconsistencies and redundancies of the silo model and provides the Web users a seamless experience. Bhargav-Spantzel et al. offers a taxonomy for unifying the relationship-focused and credential-focused identity management, and investigated the idea of a universal user-centric system, which incorporates the current approaches. The open research question offered by Bhargav-Spantzel et al. in their study is the search for a credential-based user-centric system that crosses the boundaries of user-centricity. The study also supports their approach in unifying the notions in user-centricity that could be useful in the field of user-centric federated identity management systems (FIMS).

The study conducted by Bohli et al. (2007) examined popular proof models for group key establishment and the tools offered for analyzing group key establishment protocols in the presence of malicious participants. The framework introduced by Bohli et al. indicates that a protocol proposed by Katz & Yung (2003) offer guarantees of security against a single malicious participant, whereas a proposal offered by Kim, Lee & Lee (2004) fails to do so. Furthermore, Bohli et al. showed that established group key establishment schemes from CRYPTO 2003 and ASIACRYPT 2004 do not fully meet these requirements and proved a variant of the ASIACRYPT2004 group key establishment scheme based on the Computational Diffie-Hellman (CDH) assumption and the Random Oracle Model is secure in the strictest sense.

In the area of wireless security, Tafaroji, & Falahati (2007) proposed a means of improving security of the code division multiple access (CDMA)—one of the most widely used wireless air link interfaces in 3G wireless communication—by applying an encryption algorithm over the spreading codes. In the Tafaroji et al. study the cross-correlation between outputs of encryption algorithm causing multi-user interference was studied thoroughly, since multi-user detection is the inherent characteristic of CDMA. A combination of encrypted and unencrypted M-sequence is used as the spreading code to mitigate system performance. Thus Tafaroji et al. proposed a new method named “hidden direct sequence” to enhance the security of CDMA systems through the application of the cryptographic algorithm in the channelization code. This secure spectrum-spreading method prevents eavesdroppers from hearing an intercepted message, and further prevents them from attempting to decipher the communication using the most powerful means.

In a study conducted by Pistoia, Chandra, Fink, & Yahav (2007), three areas of security vulnerability in software systems were analyzed. These were: access-control, information flow, and application-programming interface conformance. Static analysis techniques were used to analyze two major areas of access-control: stack-based and role-based access control. Static analysis techniques were also used to address integrity violations and confidentiality violations, which comprise information flow. The study also discussed how static analysis could be used to verify the correct usage of security libraries and interfaces for component-based systems.

In the area of chosen ciphertext attacks (CCA), Boneh, Canetti, Halevi, & Katz (2006) proposed a CCA-secure public-key encryption scheme based on identity-based encryption (IBE). These schemes provide for a new paradigm for achieving CCA-security, which avoids “proofs of well-formedness” that was the basis for previous constructions. Furthermore, by instantiating their constructions using known IBE constructions, Boneh et al. was able to obtain CCA-secure public-key encryption schemes whose performance was competitive with other CCA-secure schemes already in existence.

Research conducted by Callas (2007) covered such topics as the social expectations of cryptography, the myth of non-repudiation, the paradox of stronger keys, cryptography and reliability, rights management, privacy enhancing technologies, new cryptographic ciphers, and legal changes regarding cryptography. The future of cryptography is dependent on the way that society uses it. This relies on current laws, customs, regulations, and what we as a society expect cryptography to do. Callas indicates that there are gaps in the research that are left to future researchers to address. Callas points out that the concept that digital signatures, used for signing documents and email, offer the property of non-repudiation—that the signer can’t say they didn’t sign the document—is a myth and they present examples to further explain it. The research goes on to explain that stronger cryptographic keys does not necessarily make the system more secure since stronger cryptography in a chaotic system might actually promote the chaotic state; thus the paradox of stronger keys. Callas differentiates between secure cryptography and reliability in safety systems by noting that security systems protect against intelligent attackers while reliability systems protect against unintelligent attackers. Ensuring the wrong people don’t have the cryptographic keys will ensure a secure cryptographic system while making certain the right people have the keys will ensure a reliable cryptographic system. Callas points out that the future of cryptography is dependent upon a strong key management system that will ensure the right people have the keys and the wrong people don’t gain access to the keys. Furthermore, Callas shows that there is another myth that there needs to be tradeoffs between security and privacy in the use of cryptography. They demonstrate that a cryptosystem can be private while being secure. New ciphers such as elliptic curve, bi-linear, and quantum cryptography are introduced in the study. And, finally, Callas points out that the way people think about data and communications privacy and security is a reflection of changes in the law that have come about by events like the terrorist attacks of September, 2001, and ubiquitous cryptography has played a major role in that shift. As a result, cryptography will play a critical role in protecting information now and in the future.

Walters (2007) proposes a draft IS security curriculum that should be incorporated into the core body of knowledge of the business curriculum, and proposes that additional practical guidance to Accounting Information Security (AIS) educators who would like to incorporate IS security into their existing curriculum needs to be undertaken.

Zanin, Di Pietro, & Mancini (2007) in their study present a new distributed signature protocol based on the RSA cryptographic algorithm, which is suitable for large-scale ad-hoc networks. This signature protocol is shown to be distributed, adaptive, and robust while remaining subject to tight security and architectural constraints. The study reveals that the robustness of this protocol scheme can be enhanced by involving only a fraction of the nodes on the network. Zanin et al. demonstrated that their protocol scheme is correct, because it allows a chosen number of nodes to produce a valid cryptographic signature; it is secure, because an attacker who compromises fewer than the given number of nodes is unable to disrupt the service or produce a bogus signature; and it is efficient, because of the low overhead in comparison to the number of features provided.

Not only is security important in wired networks, but it is an important factor in any network, including wireless networks. Floyd (2006) devised a cryptographic solution to securing mobile ad-hoc networks that are especially vulnerable to malicious attacks since they possess no clear line of defense. This cryptographic system was dubbed, the Mobile Application Security System (MASS). This system was shown to prevent unauthorized modifications of mobile applications by other running applications and other hosts on the wireless network, by ensuring the mobile code was both authentic and authorized.

Employing encryption based on cryptographic algorithms to secure consumer data is of paramount importance today, especially in the area of ecommerce on the Internet. Toubba (2006) stresses the importance of strong encryption key management and granular access control to Web-based applications. Toubba shows that corporations that store, transmit, and use consumer data must take steps to choose strong cryptographic solutions to protect this data, and to employ complementary network security procedures to maximize the overall effectiveness of the encryption product. Strong key management and granular access control are viewed as the complementary network security procedures. Furthermore, in another study conducted by Kodaganallur (2006), it was shown that the use of public key cryptography based on asymmetric key ciphers overcomes the shortcomings of using symmetric key ciphers in isolation by enabling confidentiality, message integrity, and authentication. Klappenecker (2004) further demonstrate the ability to break a cryptosystem and demonstrate that the authentication problem of their protocol that allowed them to break this seemingly “unbreakable data encryption” is fixable.

Limitations in computer platform security in the use of cryptography are demonstrated in the study conducted by (Young, 2004). This study showed the experimental results of launching a crypto-viral payload on the Microsoft Windows platform, specifically on the Microsoft Cryptographic API. The study revealed that using eight types of API calls and 72 lines of C code, the payload was able to hybrid encrypt sensitive data and hold it hostage. The researchers in this study were able to develop a countermeasure to the crypto-viral attack, which forces the API caller to show that an authorized party can successfully recover the asymmetrically encrypted data.

The importance of the use of strong cryptography in voice communication can’t be overstated. In a study conducted by Li., C, Li., S., Zhang, & Chen (2006), a new Voice-Over-Internet Protocol (VOIP) technique with a new hierarchical data security protection (HDSP) scheme was developed using a secret chaotic bit sequence. However, there are limitations in this scheme involving known chosen/plaintext attacks in which only one known chosen/plaintext attack was sufficient to break the secret key. Additionally, brute force attacks against HDSP indicate the security of HDSP to be weak in this regard. The researchers offer suggestions to strengthen HDSP, but cautioned against the use of HDSP in security-sensitive applications, especially if the secret key will be reused to encrypt more than one plaintext.

One means of strengthening data encryption and authentication in cryptosystems on corporate networks is discussed in a study by Hogue et al. in which the feasibility of generating biometric key encryption is presented. Experimental analysis of this study revealed encouraging prospects for its use in modern cryptosystems.

Recent developments have shown that network security, Quality of Service (QoS) and secure data communications over public networks (and the Internet) can benefit from theoretical data-hiding technologies. In their study, Lovoshynovskiy et al. demonstrated that cryptographic techniques for hiding data on heterogeneous public networks was a very cost-effective alternative to other network security measures, which do not require significant upfront investment, protocol modifications, and are totally compatible with existing multimedia compression and communication standards. These data hiding techniques include state-of-the-art watermarking, watermark-assisted multimedia processing, tamper proofing, and secure communications.

Finally, in a study conducted by Schneier (2004), the researchers concluded that the argument that secrecy is good for security is a myth and worthy of rebuttal. They further demonstrated that secrecy is especially not good for security with respect for vulnerability and reliability information. They also show that security that relies totally on secrecy is extremely fragile, and once it is lost, there is no way to regain it. Schneier goes on to make a case that cryptography—since it is based on secret keys that are short, easy to transfer, and easy to change—must rely on one of its basic principles that the cryptographic algorithm be made public if it is to remain strong and offer good security. Using the public key system avoids the fallacy in the argument that secrecy works. Those who oppose secrecy ignore the security value of openness. The only reliable means to improve security is to embrace public scrutiny.

Now that we have analyzed some of the research that has been conducted and reported in scholarly literature, let’s switch our focus and review some of the non-scholarly literature that has been published on this topic as well.

———————-

References:

Bhargav-Spantzel, A., Camenisch, J., Gross, T., & Sommer, D. (2007, October). User centricity: A taxonomy and open issues. Journal of Computer Security, 15(5), 493-527. Retrieved August 2, 2008, from Academic Search Premier database.

Bohli, J., González Vasco, M., & Steinwandt, R. (2007, July). Secure group key establishment revisited. International Journal of Information Security, 6(4), 243-254. Retrieved August 2, 2008, doi:10.1007/s10207-007-0018-x.

Boneh, D., Canetti, R., Halevi, S., & Katz, J. (2006, December). CHOSEN-CIPHERTEXT SECURITY FROM IDENTITY-BASED ENCRYPTION. SIAM Journal on Computing, 36(5), 1301-1328. Retrieved August 2, 2008, doi:10.1137/S009753970544713X.

Callas, J. (2007, January). The Future of Cryptography. Information Systems Security, 16(1), 15-22. Retrieved August 2, 2008, doi:10.1080/10658980601051284.

Fagin, B., Baird, L., Humphries, J., & Schweitzer, D. (2008, January). Skepticism and Cryptography. Knowledge, Technology & Policy, 20(4), 231-242. Retrieved August 2, 2008, doi:10.1007/s12130-007-9030-8.

Floyd, D. (2006, Fall2006). Mobile application security system (MASS). Bell Labs Technical Journal, 11(3), 191-198. Retrieved August 2, 2008, doi:10.1002/bltj.20188.

Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) Advances in Cryptology—CRYPTO’03, Lecture Notes in Computer Science, vol. 2729, pp. 110–125. Springer, Berlin (2003).

Kim, H.J., Lee, S.M., Lee, D.H.: Constant-round authenticated group key exchange for dynamic groups. In: Lee, P.J. (ed.) Advances in Cryptology—ASIACRYPT’04, Lecture Notes in Computer Science, vol. 3329, pp. 245–259. Springer, Berlin (2004).

Klappenecker, A. (2004, December). REMARK ON A NON-BREAKABLE DATA ENCRYPTION SCHEME BY KISH AND SETHURAMAN. Fluctuation & Noise Letters, 4(4), C25-C26. Retrieved August 2, 2008, from Academic Search Premier
database.

Kodaganallur, V. (2006, January). Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle. Information Systems Security, 14(6), 44-52. Retrieved August 2, 2008, from Academic Search Premier database.

Li, C., Li, S., Zhang, D., & Chen, G. (2006, February). Cryptanalysis of a data security protection scheme for VoIP. IEE Proceedings — Vision, Image & Signal Processing, 153(1), 1-10. Retrieved August 2, 2008, doi:10.1049/ip vis:20045234.

Schneier, B. (2004, October). The Nonsecurity of Secrecy. Communications of the ACM, 47(10), 120-120. Retrieved August 2, 2008, from Academic Search Premier database.

Tafaroji, M., & Falahati, A. (2007, June). Improving code division multiple access security by applying encryption methods over the spreading codes. IET Communications, 1(3), 398-404. Retrieved August 2, 2008, doi:10.1049/iet-com:20060295.

Walters, L. (2007, Spring2007). A Draft of an Information Systems Security and Control Course. Journal of Information Systems, 21(1), 123-148. Retrieved August 2, 2008, from Academic Search Premier database.

Young, A. (2006, March). Cryptoviral extortion using Microsoft’s Crypto API. International Journal of Information Security, 5(2), 67-76. Retrieved August 2, 2008, doi:10.1007/s10207-006-0082-7.

Zanin, G., Di Pietro, R., & Mancini, L. (2007, February). Robust RSA distributed signatures for large-scale long-lived ad hoc networks. Journal of Computer Security, 15(1), 171-196. Retrieved August 2, 2008, from Academic Search Premier database.