Secure Communications in Computer Networks – Cryptography Basic Principles

Content: This article explains the fundamental cryptographic principles required to ensure secure communication of two entities in a computer network. After that, part II discusses cryptographic algorithms in more detailed.

Time to read: 10 minutes

Audience: IT security staff, cryptographer – entry level

The article does not cover:

• Definition of terms like cyber security, IT security, information security
• Secure networking protocols like WPA2, IPSec, TLS, SSH
• Operational security: Firewalls, Intrusion Prevention/Detection Systems

As exhaustive books on IT security have hundreds of pages, a LinkedIn article on secure communications in computer networks has to be clear-cut to avoid overloading and to be worth reading. Hence, part I of this two-part article explains the big picture and examines how fundamental cryptographic principles can be used to enable secure communications in computer networks. Part II specifies these principles by discussing cryptographic algorithms.

The Big Picture - Information Security Requirements

Security in computer networks is ensured by a variety of protocols and techniques (e.g. IPSec, SSL/TLS, VPN, https, SSH, and many more). These protocols use fundamental cryptographic principles, thus making cryptography a cornerstone of network security. However, to discuss these cryptographic principles, we first have to take a look at the requirements deriving from information security (InfoSec). InfoSec defines fundamental security goals to protect information, e.g.:

• Confidentiality is the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes (ISO 27001).
• Integrity: accuracy and completeness of data is maintained; data cannot be modified in an unauthorized or undetected manner; data is not altered in transit.
• Authentication confirms the identity or verifies the authenticity. Both the sender and receiver confirm that the other party is indeed who or what they claim to be.
• Availability: systems and information are available when needed or are even available at all times (thus resisting DoS-attacks, power outages, hardware failure etc.).
• Non-repudiation: receiving and sending of data can be undeniable assigned to a party; integrity and origin of data are proofed (hence integrity and authenticity are pre-requisites for non-repudiation).

Several more terms have been proposed or discussed and can be found in literature. The classic InfoSec triad consists of confidentiality, integrity, and availability (CIA). As availability is mainly about operational security, it is replaced with authentication (which is a prerequisite for secure communication in computer networks) in this article. In network security, techniques for providing confidentiality, authentication, and integrity are all based on cryptographic fundamentals.

Let’s introduce two entities, Alice and Bob, which would like to have a confidential discussion and thus want to communicate securely (think of Alice and Bob as persons, web servers, routers etc.). What does “securely” mean in the context of the just defined security goals? Firstly, Alice and Bob would like their conversation to remain secret even though they could be chatting over an insecure medium where an intruder may intercept all messages (confidentiality). Secondly, Alice and Bob both wants to make sure that they are indeed communicating with each other (authentication). Thirdly, the content of their messages should not be altered in transit (integrity). Next, the three parts of CIA are discussed in more detail.

Confidentiality

The use of cryptography in providing confidentiality is self-evident. A plaintext (or cleartext) is encrypted using an encryption algorithm resulting in a ciphertext (the encrypted message) that looks unintelligible to an intruder. As the encryption and decryption technique itself is known and published, a secret information is needed: a key. Thus, the encryption algorithm takes the plaintext and the key as input and produces a ciphertext as output. Mainly, there are two different key systems: public and symmetric.

Symmetric Key Systems

The key of a symmetric key system is the same for encryption and decryption. It represents a shared secret between the two communicating entities. This requires that both parties have access to the shared secret, which can be a hurdle in practice (how is the initial key exchange secured?).

Public Key Systems

Unlike as with symmetric key systems, public key systems use two different keys for encryption and decryption. So in public key systems, a pair of keys is used. One key is known only to the owner (private key) and another key is publicly available (public key). A plaintext that is encrypted with the public key can only be decrypted with the private key and vice versa. This means that Alice can use Bob’s public key to encrypt a message that can only be read by Bob (who is the owner of his private key) without the need to exchange a shared secret with Bob.

Session Keys

Because of the required computational power, symmetric key algorithms are several hundred times faster in software and thousands of times faster in hardware compared to public key algorithms. In practice, the two systems are often combined as follows: a public key system is used to exchange symmetric session keys, which are then used to exchange large amounts of encrypted data. For example, Alice would choose a symmetric session key, encrypt it with Bob’s public key and send it over to Bob. Bob then decrypts the message with his private key and obtains the session key. This approach solves the key exchange problem for symmetric key encryption and keeps the amount of data exchanged with public key encryption at a minimum.

Integrity

When Bob receives a message from Alice (no matter if it is encrypted or in plaintext) he wants to be sure that the message was not tampered on its way: the integrity of the message must be preserved. This can be achieved with two different approaches: digital signatures and message authentication codes. For both of them we need cryptographic hash functions.

Cryptographic Hash Functions

A hash function takes an input message and computes a fixed-size output (the hash, hash value, or message digest). For example, the MD5 algorithm creates a 128-bit hash and SHA-1 produces a 160-bit hash (try it out on http://onlinemd5.com). In addition, a cryptographic hash function also ensures that it is computationally infeasible to find another input message that creates the same hash value (collision resistance). Let’s see how we can use hash functions to ensure message integrity.

Message Authentication Code

Let’s assume that Alice wants to send a message to Bob that should not be altered in transit. Again, Alice and Bob need a shared secret to generate a message authentication code (MAC). The shared secret (a string of bits) is added to the input message. A hash value (the MAC) is generated from this concatenation (input message + shared secret). Alice sends the original message along with the MAC to Bob. Bob receives the extended message and – knowing the shared secret – calculates the MAC. If the calculated MAC matches the MAC sent by Alice, everything is fine.

Note that message integrity with MAC does not require any encryption techniques. However, the distribution of the shared secret to the communicating entities is the same issue as with the initial key exchange in symmetric key systems.

Digital Signatures

Again, let’s assume that Alice wants to send a message to Bob, but instead of a MAC, she wants to use her digital signature to guarantee message integrity. Therefore, Alice calculates the hash value of her message (which is of fixed length) and encrypts this hash with her private key (PrivA). The result is the digital signature for this message. She then sends her message as well as the digital signature to Bob. Bob also calculates the hash value of the message and decrypts the hash value sent by Alice with her public key (PubA). If the two hash values are identical, he knows that the message has not been altered in transit.

Authentication

When communicating, people authenticate each other by recognizing the visual appearance, the voice etc. In a computer network, a nonce can be used for end-point authentication. A nonce is a number that is only used once (and will never be used again). Let’s assume that Alice wants to authenticate herself to Bob and that they already have a shared secret (symmetric key). She sends Bob a message stating that she is Alice. Bob replies with a nonce. Alice encrypts the nonce and sends it back to Bob. Bob decrypts the nonce and checks if it equals the nonce he sent to Alice. Alice is then authenticated live.

What does live authentication mean? In fact, to prove that a message came from Alice, a digital signature as discussed above is already sufficient. However, the digital signature only proves that a certain message came from a certain sender at some point in the past. In contrast, the nonce ensures that Alice is live.

The Tip Of The Iceberg

It was shown how fundamental security goals deriving from information security requirements are implemented with cryptographic principles to ensure secure communication in computer networks. These cryptographic principles are actually used and combined in many network security protocols. For example, SSL/TLS enhances TCP with confidentiality, data integrity, server authentication, and client authentication (if required). It does so by using nonces, encryption/decryption algorithms, MACs, public/private key pairs, session keys etc. All of these terms have been covered in this article. However, this is just the tip of the iceberg and several open points remain:

• Where do the keys come from that are used in cryptographic algorithms? How are they generated? Keys should be selected randomly and uniformly. But what is randomness? A good requirement for randomness is unpredictability. So an attacker who knows some parts of a key can only guess the next part with the same probability as he would just be guessing by chance. Unpredictability requires physically random events. While key presses or mouse moves made by a user are perhaps not random (humans tend to patterns; Linux machine user may take a look in the /dev/random folder), the count of radioactive decay or the measurement of thermal noise could produce randomness. When weak keys are used, the encryption system is not broken, but it does not work well. Anyway, a cryptographically secure random number generator should be used.
• Another big issue not covered herein are certificates. In the two examples above, public key encryption is used to exchange session keys and to “sign” a digital signature. However, in both cases you can think of an intruder who uses his own public/private key pair but pretends to be Bob or Alice. So before Alice uses Bob’s public key she has to be sure that it is indeed Bob’s and vice versa. A public key infrastructure (PKI) with certification authorities (CA) is needed for public key certification.
• Hash functions have been shortly introduced above. But how do hash algorithms actually work? What are initialization vector, padding, and one-way compression functions? How do they ensure strong collision resistance (see birthday attack)? In short, MD5 and SHA-1 are vulnerable to collisions. More advanced hash algorithms should be used instead. Hash functions are no further considered in this article series.

In this article, it was shown that confidentiality, integrity, and authentication are a prerequisite for secure communication in computer networks. Furthermore, the discussion revealed that cryptographic techniques are inextricably woven into confidentiality, integrity, and authentication.

Symmetric key algorithms like DES, AES, or RC4, block and stream ciphers, public key algorithms like RSA, attacks on encryption algorithms, proper key length, and examples are discussed in part II.