Position Paper

Importance of strong cryptography as a security mechanism on the networks.

Provides Confidentiality & Authentication

Public Key Cryptography has two main functions: confidentiality (encryption) and authentication.

That is, it keeps your data private, and helps verify that it originated from you. It is a swift, powerful, portable method of high-level computer security. This has applications in fields as diverse as email and electronic commerce.

Encryption is the transformation of data into some unreadable form. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. Decryption is the reverse of encryption ; it is the transformation of encrypted data back into some intelligible form.

Encryption and decryption require the use of some secret information, usually referred to as a key. Thus, you can keep your data private if you encrypt it, as only somebody who has the key will be able to decrypt it. You can then send your message over a public channel, such as the internet, in the confidence that only your recepient will see the actual message. However, this requires that the recepient has the key too. And if you send the key over a public channel, this defeats the purpose of security.

The concept of Public Key Cryptography was introduced in 1976 by Whitfield Diffie and Martin Hellman to address this problem. In this, encryption / decryption is performed using two keys instead of one. This is known as a public key / private key pair. These two are mathematically related, such that data encrypted with one key can only be decrypted by the other. In addition, it is computationally infeasible for an opponent to try and deduce a private key from a public key. Therefore, the problem of key management has been elegantly addressed. All one needs to do is make available one's public key to all and sundry, using any source available to you. People who then want to send you information in a secure fashion only have to encrypt it using your public key. It can then be decrypted only by you, using your private key. Thus, even if the encrypted message falls into the hands of some opponent in transit, your data is still secure.

Public Key Cryptography has yet another application, however. That of authentication. How it works is like this: You take a message which you want to tag as having come from you, and only you. The message is then put through a computation which produces a unique value called a message digest. The message digest is then encrypted with your PRIVATE key, and appended to the message. This is called a DIGITAL SIGNATURE. When the message reaches the recepient, he performs the same computation on the message to get the digest. He then decrypts the digital si gnature, using your PUBLIC key, (which you have made available) and compares the two. If they match, he then knows two things:

• the message has come from you, and only you.
• it has not been altered in transit.

The message has thus been authenticated.

The combination of these two (security and authentication) ensure that cryptography can lay the foundation of an e-commerce infrastructure.

ECommerce

already addressed above.

Access Policies

Secure Sessions

VPNs

Cryptography can be used to regulate access to corporate networks which contain confidential, business-critical data. It is critical that businesses have confidence in the technology involved, that they are sure their data (which is the lifeblood of their enterprise) will not be intercepted by rivals. And unless ubiquitous use of strong cryptography by corporates is encouraged, they will have no incentive to provide it also to their end users.

Importance of encouraging casual use of crypto.

Virus Protection

Network Intrusion

Spoofing

Network Fraud

In addition to the above points, casual and ubiquitous use of strong crypto has the happy effects of helping to protect against virus attacks, networks intrusion, spoofing (unauthorised access by somebody claiming to be an authorised user) etc. This is accomplished by the authentication features explained above.

Flaws in Indian Government 40-bit encryption policy

Encryption is a process that scrambles information such that it cannot easily be read by people who do not have the right mathematical "key" to unscramble it. It is also the basis of digital signatures, so if the encryption used in digital signatures is broken, anyone can fake a digital signature and use someone else's ATM, or Internet banking (among other things).

The level of security any given method of encryption provides depends primarily on the length of the keys used by that process.

The maximum permissible length of encryption keys in India is currently a matter of dispute between the technology industry and the government. Although it seems arcane and technical, this dispute has serious implications for commerce, law, intellectual property protection and civil liberties in India.

In the Indian Government's "Guidelines and General Information for Setting up of International Gateways for the Internet" and other documents, there is a clause saying "encryption upto 40-bit key length in the RSA algorithms or its equivalent in other algorithms can be used without having to obtain permission [from the government]. If encryption equipments higher than this limit are to be deployed, it needs permission of the Telecom Authority and deposit the decryption key, split into two parts, with the Telecom Authority."

What that means is that anyone can use encryption keys up to 40 bits in length without government permission. If you want to use encryption keys that are longer (and more secure) than that, you have to get government permission and deposit a copy of the key with the government so that they (and anyone who can hack into the government archive) can break your encryption at will.

The main problem here is that 40-bit encryption is absurdly easy to crack - a schoolchild could do it on a laptop. In fact, no encryption product has ever used 40-bit RSA encryption - it's considered too unsafe. So the government has put the Indian public between a rock and a hard place. Either we use encryption that is so easy to crack that it isn't worth using, or we give the government a backdoor key to everything we encrypt. In effect that means if we want to use encryption, we have to give the government the encryption key.

Even if we trust the government not to misuse the encryption keys lodged with it, the creation of a master database of encryption keys is a security nightmare waiting to happen. All it takes is one hacker to break into the government database of encryption keys and steal it. He can then sell the encryption keys of millions of Indians on the Internet, giving the highest bidder the ability to snoop on people's communications, use their online banking, ATMs, and sign fake cheques using digital signatures. In any case, the government does not have (and has no experience of creating) a database to securely hold billions of encryption keys. No country in the world has ever created such a system.

There are also practical issues in complying with governmental policy. In other words, it is impossible to do so. Whenever you access secure websites (such as Hotmail/Gmail/Yahoo Mail) using Firefox or Internet Explorer, high-grade encryption exceeding the 40-bit limit is automatically used. As a result, millions of Indians routinely breach government policy and nothing can be done to stop this, because it is not possible to downgrade the encryption used in browsers or to isolate and hand over the keys used.

Also, it is easy to disguise encrypted messages and hide them (inside digital photograph or MP3 data for example) such that no one can tell that encryption is being used or that a secret message is being transmitted. Criminals and terrorists can easily avoid government interception of their communications by doing this, or by simply failing to hand over their encryption keys to the government.

In practice, only law-abiding citizens are affected by these regulations, which create a lot of hassle for citizens, a massive new database prone to security vulnerabilities, and do not help the cause of national security at all.

These regulations were not enforced for a long time, until recently when the Government decided to enforce them against Research In Motion, the Canadian company that makes Blackberry email devices. RIM and the Government are now in secret negotiations to resolve this issue, but an issue of such importance to tens of millions of Internet users in India should be debated and decided in the open air.

The US government made similar proposals in the early to mid 1990s, before finally accepting that it was not feasible or desirable to try and control encryption keys in this manner. One can only hope that the Indian Government learns from experience instead of making mistakes others have already made.

Deep Crack (cracks 56-bit keys in under a day.)

Security Agencies with specialized cryptanalysis hardware.

DES, which is an outdated encryption standard which has now been phased out, uses 56-bit keys. (note that this is not a public key algorithm, and thus a 56-bit key is roughly equivalent to a 512-bit key of an RSA public-key algorithm.)

Previously, due to restrictions imposed by the US government, only versions of DES that used 40-bit keys were exportable outside the US.

However, there is evidence that even 56-bit keys can be broken quite easily. To prove the insecurity of DES, the Electronic Frontier Foundation (EFF) built the first unclassified hardware for cracking messages encoded with it. On Wednesday, July 17, 1998 the EFF DES Cracker, which was built for less than $250,000, easily won RSA Laboratory's "DES Challenge II" contest and a $10,000 cash prize. It took the machine less than 3 days to complete the challenge, shattering the previous record of 39 days set by a massive network of tens of thousands of computers.

Further information about this is available at http://www.eff.org/descracker/

In addition to this, it is certain that security agencies, including those of unfriendly governments, possess specialised hardware that is capable of cracking such insecure ciphers in fractions of a second.

Impossibility of restricting/controlling use by outlaws.

• Among other things, it's impossible to identify the size of the cryptographic key or the cipher by looking at data packets. Though, a plaintext identifier algorithm is possible for known ciphers.)

Steganography

Out of Band communications

Anonymizer, Remailers (digital mixes)

Sophisticated cryptographic algorithms, and software implementations of these algorithms, are available at thousands of sites on the internet, on servers which are physically located in various countries. It is thus infeasible to attempt to control access to these by outlaws. Therefore, restricting access to strong cryptography by law-abiding individuals will have the result of decreasing security of the system as a whole, making it vulnerable to atack by busines rivals, thieves and foreign powers.

Key-escrow as a security threat # - Centralized key archives provide a single point of attack. # - http://www.eff.org/pub/Privacy/Key_escrow/

Key-escrow as a bottleneck

Session Keys

Unknown/unregistered algorithms

One Time Passwords

State of cryptography on the Internet.

HTTPS -- (Basic mechanism for securing Web transactions)

Apache-SSL (server) and Netscape (client). (free software)

SSH -- Remote login, used ubiqitously on the Internet.

PGP, GPG -- Email encryption

GPG was given a development grant of 80K USD by the German Govt.

One Time Passwords

Cite important free cryptography software (munitions.vipul.net).

-- 23 Jun 2008