Skzy - what is it? means of cryptographic information protection. Certified means of cryptographic information protection (cryptographic information protection). purpose and areas of application of cryptographic information

Cryptography as a means of protecting (closing) information is becoming increasingly important in the world of commercial activity.

Cryptography has a fairly long history. At first it was used mainly in the field of military and diplomatic communications. Now it is necessary in industrial and commercial activities. Considering that today hundreds of millions of messages are transmitted through encrypted communication channels in our country alone, telephone conversations, huge volumes of computer and telemetric data, and all this, as they say, is not for prying eyes and ears, it becomes clear: maintaining the secrecy of this correspondence is extremely necessary.

What is cryptography? It includes several sections of modern mathematics, as well as special branches of physics, radio electronics, communications and some other related fields. Its task is to transform mathematical methods secret message transmitted over communication channels, telephone conversation or computer data in such a way that it becomes completely incomprehensible to unauthorized persons. That is, cryptography must provide such protection for secret (or any other) information that even if it is intercepted by strangers and processing by any means using the fastest computers and the latest achievements of science and technology, it should not be deciphered for several decades. For such transformation of information, various encryption tools are used, such as document encryption tools, including portable ones, speech encryption tools (telephone and radio conversations), telegraph message encryption tools and data transmission.

General technology encryption

The original information that is transmitted over communication channels can be speech, data, video signals, called unencrypted messages P (Fig. 16).

Rice. 16. Model of a cryptographic system

In an encryption device, message P is encrypted (converted into message C) and transmitted over an “unclosed” communication channel. At the receiving end, message C is decrypted to restore the original meaning of message P.

A parameter that can be used to retrieve specific information is called a key.

In modern cryptography, two types of cryptographic algorithms (keys) are considered. This classical cryptographic algorithms, based on the use of secret keys, and new cryptographic algorithms with a public key, based on the use of two types of keys: secret (private) and public.

In public key cryptography, there are at least two keys, one of which cannot be deduced from the other. If the decryption key cannot be obtained by computational methods from the encryption key, then the secrecy of information encrypted using an unclassified (public) key will be ensured. However, this key must be protected from substitution or modification. The decryption key must also be secret and protected from substitution or modification.

If, on the contrary, it is impossible to obtain the encryption key from the decryption key by computational methods, then the decryption key may not be secret.

Separating encryption and decryption functions by splitting into two parts additional information required to perform operations is the valuable idea behind public key cryptography.

Speech encryption technology

The most common way to encrypt an analog speech signal is to split it into parts.

In this case, the input speech signal enters bandpass filters to select bands of the encrypted spectrum. The output signal of each filter during the encryption process is subjected to either frequency reversal, spectrum inversion (inversion), or both simultaneously. The complete encryption output signal is then synthesized.

It works on this principle systemAVPS (AnalogVoicePrivedSystem) -speech encoder (scrambler), which rearranges individual “clippings” input signal using a bandpass filter - analyzer. The system has 12 encryption keys, determined by possible permutations, which ensures the reliability of the method used.

The AVPS system is used in real time with any unified phones. The quality of speech encryption is high, and subscriber recognition is preserved.

Find very wide distribution digital systems encryption of speech signals. These systems provide highly secure encryption.

Data encryption systems mainly use two elementary systems:

1. Permutation (bits or sub-blocks within each block of input data are rearranged).

2. Replacement (bits or subblocks within each block of input data are replaced).

A large number of encryption algorithms have been developed. Among the most effective are DES algorithm(Data Encryption Standard) – data encryption standard. The American National Bureau of Standards (NBS) has legitimized the DES algorithm as a standard for communications systems. The encryption mechanism in this algorithm is based on the use of a 56-bit key.

To protect industrial and commercial information on the international and domestic market, various technical devices and sets of professional equipment for encryption and cryptographic protection of telephone and radio communications, business correspondence etc.

Scramblers and maskers replacing the speech signal have become widespread digital transmission data. Security products for teletypes, telexes and faxes are produced. For these purposes, encryptors are used in the form individual devices, in the form of attachments to devices or built into the design of telephones, fax modems and other communication devices (radio stations, etc.).

The prevalence of encryption as a means of ensuring security by one means or another can be characterized by the following data (Fig. 17).

Rice. 17. Prevalence of encryption as a security tool

Hardware, software, firmware and cryptographic tools implement certain services information security various information protection mechanisms ensuring compliance with confidentiality, integrity, completeness and availability.

Engineering and technical protection information uses physical, hardware, software and cryptographic means.

Conclusions

Comprehensive security of information resources is achieved using legal acts at the state and departmental level, organizational measures and technical means protecting information from various internal and external threats.

Legal measures to ensure the security and protection of information are the basis for the activities and behavior of employees at all levels and the degree of their responsibility for violating established standards.

In this article you will learn what CIPF is and why it is needed. This definition refers to cryptography - the protection and storage of data. Information protection in electronic form can be done in any way - even by disconnecting the computer from the network and installing armed guards with dogs near it. But it is much easier to do this using cryptographic protection tools. Let's figure out what it is and how it is implemented in practice.

Main Goals of Cryptography

The decryption of CIPF sounds like “system cryptographic protection information." In cryptography, the information transmission channel can be completely accessible to attackers. But all data is confidential and very well encrypted. Therefore, despite the openness of the channels, attackers cannot obtain information.

Modern CIPF means consist of a software and computer complex. With its help, information is protected according to the most important parameters, which we will consider further.

Confidentiality

It is impossible to read the information if you do not have access rights to do so. What is CIPF and how does it encrypt data? The main component of the system is electronic key. It is a combination of letters and numbers. Only by entering this key can you get to the desired section on which the protection is installed.

Integrity and Authentication

This important parameter, which determines the possibility of unauthorized changes to data. If there is no key, then you cannot edit or delete information.

Authentication is a procedure for verifying the authenticity of information that is recorded on a key medium. The key must match the machine on which the information is decrypted.

Authorship

This is confirmation of the user’s actions and the impossibility of refusing them. The most common type of confirmation is an EDS (electronic digital signature). It contains two algorithms - one creates a signature, the second verifies it.

Please note that all operations performed with electronic signatures are processed by certified (independent) centers. For this reason, it is impossible to fake authorship.

Basic data encryption algorithms

Today, many CIPF certificates are widespread; different encryption keys are used - both symmetric and asymmetric. And the keys are long enough to provide the required cryptographic complexity.

The most popular algorithms used in cryptographic protection:

1. Symmetric key - DES, AES, RC4, Russian R-28147.89.
2. With hash functions - for example, SHA-1/2, MD4/5/6, R-34.11.94.
3. Asymmetric key - RSA.

Many countries have their own standards for encryption algorithms. For example, in the United States they use modified AES encryption; the key can be from 128 to 256 bits long.

IN Russian Federation there is its own algorithm - R-34.10.2001 and R-28147.89, which uses a 256-bit key. Please note that there are elements in national cryptographic systems that are prohibited from being exported to other countries. All activities related to the development of CIPF require mandatory licensing.

Hardware crypto protection

When installing tachographs, CIPS can be provided maximum protection information stored in the device. All this is implemented both at the software and hardware levels.

CIPF hardware type are devices that contain special programs, providing reliable data encryption. They also help to store information, record it and transmit it.

The encryption device is made in the form of an encoder connected to USB ports. There are also devices that are installed on motherboards PC. Even specialized switches and network cards with cryptographic protection can be used to work with data.

Hardware types of CIPF are installed quite quickly and are capable of exchanging information at high speed. But the disadvantage is the rather high cost, as well as limited opportunity modernization.

Software cryptographic protection

This is a set of programs that allows you to encrypt information stored on various media (flash drives, hard drives and optical disks, etc.). Also, if you have a license for CIPF of this type, you can encrypt data when transmitting it over the Internet (for example, via email or chat).

Protection programs large number, and there are even free ones - these include DiskCryptor. The software type of CIPF is also virtual networks, allowing the exchange of information “over the Internet”. These are VPN networks known to many. This type of protection also includes the HTTP protocol, which supports SSL and HTTPS encryption.

CIPF software is mostly used when working on the Internet, as well as on home PCs. In other words, exclusively in those areas where there are no serious requirements for the durability and functionality of the system.

Software and hardware type of cryptographic protection

Now you know what CIPF is, how it works and where it is used. It is also necessary to highlight one type - hardware and software, which combines all the best properties of both types of systems. This method of processing information is by far the most reliable and secure. Moreover, you can identify the user in various ways- both hardware (by installing a flash drive or floppy disk) and standard (by entering a login/password pair).

Hardware and software systems support all encryption algorithms that exist today. Please note that the installation of CIPF should only be carried out by qualified personnel of the complex developer. It is clear that such CIPF should not be installed on computers that do not process confidential information.

Cryptographic information protection - protection of information using its cryptographic transformation.

Cryptographic methods are currently basic to ensure reliable authentication of the parties to information exchange, protection.

TO means of cryptographic information protection(CIPF) include hardware, software and hardware and software, implementing cryptographic algorithms for converting information with the purpose of:

Protection of information during its processing, storage and transmission;

Ensuring the reliability and integrity of information (including using algorithms digital signature) during its processing, storage and transfer;

Generating information used to identify and authenticate subjects, users and devices;

Generation of information used to protect the authenticating elements of a protected AS during their generation, storage, processing and transmission.

Cryptographic methods provide encryption and encoding of information. There are two main encryption methods: symmetric and asymmetric. In the first of them, the same key (kept secret) is used to both encrypt and decrypt data.

Very effective (fast and reliable) symmetric encryption methods have been developed. There is also a national standard for such methods - GOST 28147-89 “Information processing systems. Cryptographic protection. Cryptographic conversion algorithm."

Asymmetric methods use two keys. One of them, unclassified (it can be published along with other public information about the user), is used for encryption, the other (secret, known only to the recipient) is used for decryption. The most popular of the asymmetric ones is the RSA method, based on operations with large (100-digit) prime numbers and their works.

Cryptographic methods make it possible to reliably control the integrity of both individual pieces of data and their sets (such as a message flow); determine the authenticity of the data source; guarantee the impossibility of refusing actions taken (“non-repudiation”).

Cryptographic integrity control is based on two concepts:

Electronic signature (ES).

A hash function is a hard-to-reversible data transformation (one-way function), implemented, as a rule, by means of symmetric encryption with block linking. The result of encryption of the last block (depending on all previous ones) serves as the result of the hash function.

Cryptography as a means of protecting (closing) information is becoming increasingly important in commercial activities.

To transform information, various encryption tools are used: document encryption tools, including portable ones, speech encryption tools (telephone and radio conversations), telegraph message encryption tools and data transmission.

To protect trade secrets, various technical devices and sets of professional equipment for encryption and cryptographic protection of telephone and radio conversations, business correspondence, etc. are offered on the international and domestic markets.

Scramblers and maskers are widely used, replacing the speech signal with digital data transmission. Security products for teletypewriters, telexes and faxes are produced. For these purposes, encryptors are used, made in the form of separate devices, in the form of attachments to devices, or built into the design of telephones, fax modems and other communication devices (radio stations and others). To ensure the reliability of transmitted emails Electronic digital signature is widely used.

Cryptology (from Greek. cryptos -"secret" and logos -"message") is formed by two directions - cryptography and cryptanalysis. Cryptography ensures the secrecy (confidentiality) and authenticity (authenticity) of transmitted messages, cryptanalysis solves the opposite problem to cryptography - “hacking” the security system.

In cryptographic protection of messages, two inextricably linked concepts are used - “encryption algorithm” or “cipher” and “key”.

Cipher(cryptographic algorithm). Introduced in 1990, "GOST 28147 89 Information processing systems. Cryptographic protection. Cryptographic transformation algorithm" under the concept of "cipher" or "cryptographic transformation algorithm" defines "a set of reversible transformations of a set of open data into a set of encrypted data, specified by a key and a cryptographic transformation algorithm ".

Keys are used in conjunction with an encryption algorithm to encrypt and decrypt a message.

A key is a sequence of numeric, alphabetic, or alphanumeric characters. The key is a parameter that selects a specific transformation. Different keys can be used for encryption and decryption. Consider accordingly encryption keys And decryption keys.

The concept of “key” in the GOST standard 28147-89 is defined as follows: “A specific secret state of some parameters of a cryptographic transformation algorithm, ensuring the selection of one transformation from a set of possible ones for of this algorithm transformations."

The principle of cryptographic information protection

This subparagraph uses the following concepts:

• original or plaintext - the text of the message before encryption. Further denoted by the symbol M(from English, message -"message");
• ciphertext - text obtained from the original text of the message after encryption. Further denoted by the symbol WITH(from English, cipher text"cryptotext");
• encryption key and decryption key K 2
• encryption algorithm Eki, used in conjunction with the /C key to encrypt a message. Further denoted by the symbol E(from English encryption"coding, encryption");
• decryption algorithm Dk 2, used in conjunction with a key K 2 to decrypt the ciphertext. Further denoted by the symbol D(from English, decryption -"decryption")

Let us consider the principle of cryptographic information protection in the following diagram:

• 1) the sender of the information forms the plaintext of the original message M:
• 2) to hide this message when transmitted over open communication channels, the sender encrypts it using the /C key and transformation El,. The result is a ciphertext:

• 3) the ciphertext is sent to the recipient of the message. Recipient after receiving ciphertext WITH decrypts it using the key K 2 and algorithm £)* 2 ;
• 4) as a result, the recipient receives the original message M:

If the same key is used for encryption and decryption K=K ( = K 2 The same algorithm is used for both encryption and decryption, i.e. E k1= £)* 2 , then the cryptosystem is called symmetric. Otherwise, a two-key asymmetric cryptosystem is used.

In an asymmetric system, two conditions must be met simultaneously. First, the decryption function ABOUT must comply with the encryption function E. Secondly, the decryption key K 2 must match the encryption key K x.

Cryptographic strength the main characteristic of encryption algorithms and indicates the degree of difficulty in obtaining the original text from a ciphertext without a key K 2.

Introduction

1.Excursion into the history of electronic cryptography

1.1 Main tasks of cryptography

1.2 Cryptography today

2. Basic concepts

2.1 Cryptography

2.2 Privacy

2.3 Integrity

2.4 Authentication

2.5 Digital signature

3. Cryptographic means protection

3.1 Cryptosystems

3.2 Principles of operation of the Cryptosystem

3.2.1 Key methodology

3.2.1.1 Symmetrical (secret methodology)

3.2.1.2 Asymmetric (open methodology)

3.3 Key distribution

3.4 Encryption algorithms

3.4.1 Symmetric algorithms

3.4.2 Asymmetric algorithms

3.5 Hash functions

3.6 Authentication mechanisms

3.7 Electronic signatures and timestamps

3.8 Cipher strength

Conclusion

References

Introduction

Cryptography is the science of protecting information from being read by strangers. Protection is achieved by encryption, i.e. transformations that make protected input data difficult to discover from the input data without knowledge of special key information - the key. The key is understood as an easily changeable part of the cryptosystem, kept secret and determining which of the possible encryption transformations is performed in a given case. A cryptosystem is a family of key-selectable, reversible transformations that transform the protected plaintext into a ciphertext and back.

It is desirable that encryption methods have at least two properties:

The legitimate recipient will be able to do the reverse translation and decrypt the message;

An adversary cryptanalyst who has intercepted a message will not be able to reconstruct the original message from it without an investment of time and money that would make this work impractical.

Target course work: get acquainted with the basics of cryptographic information protection. To achieve this goal, the work considers:

1. history of cryptography, which includes the main tasks of cryptography;

2. basic concepts of cryptography (confidentiality, integrity, authentication, digital signature);

3. cryptographic means of protection (cryptosystems, principles of operation of the cryptosystem, distribution of keys, encryption algorithms, etc.).

1.Excursion into the history of electronic cryptography

The appearance of the first electronic computers in the mid-twentieth century radically changed the situation in the field of encryption (cryptography). With the penetration of computers into various spheres of life, a fundamentally new industry arose - the information industry. In the 60s and partly in the 70s, the problem of information security was solved quite effectively by using mainly organizational measures. These included, first of all, security measures, security, alarms and simple information security software. The efficiency of using these tools was achieved by concentrating information on computer centers, usually autonomous, which helped ensure protection with relatively small means. “Dispersal” of information in places where it is stored and processed, which was greatly facilitated by the appearance in huge quantities of cheap personal computers and local and global national and transnational computer networks built on their basis, using satellite communication channels, the creation of highly efficient systems for reconnaissance and information extraction has aggravated the situation with information security.

The problem of ensuring the required level of information protection turned out to be (and this has been substantively confirmed by both theoretical research and experience in practical solutions) very complex, requiring for its solution not just the implementation of a certain set of scientific, scientific-technical and organizational activities and the use of specific tools and methods, but creation of an integral system of organizational measures and the use of specific means and methods for information protection.

The volume of information circulating in society is steadily increasing. The popularity of the World Wide Web in recent years has contributed to the doubling of information every year. In fact, on the threshold of the new millennium, humanity has created an information civilization in which the well-being and even survival of humanity in its current quality depends on the successful operation of information processing tools. The changes that occurred during this period can be characterized as follows:

The volume of information processed has increased by several orders of magnitude over half a century;

Access to certain data allows you to control significant material and financial values;

Information has acquired a value that can even be calculated;

The nature of the data processed has become extremely diverse and is no longer limited to exclusively textual data;

The information has been completely “depersonalized”, i.e. the peculiarities of its material representation have lost their meaning - compare the letter of the last century and the modern e-mail message;

The nature of information interactions has become extremely complicated, and along with the classic task of protecting transmitted text messages from unauthorized reading and distortion, new problems in the field of information security have arisen that were previously faced and solved within the framework of the “paper” technologies used - for example, signing an electronic document and delivering an electronic document " against receipt" - talk about such "new" problems of cryptography is still ahead;

Subjects information processes now not only people, but also those created by them automatic systems, operating according to the program laid down in them;

The computing “capabilities” of modern computers have raised to a completely new level both the ability to implement ciphers, previously unthinkable due to their high complexity, and the ability of analysts to break them. The changes listed above led to the fact that very quickly after the spread of computers in the business sphere, practical cryptography made a huge leap in its development, and in several directions at once:

Firstly, strong block keys with a secret key were developed, designed to solve the classical problem of ensuring the secrecy and integrity of transmitted or stored data; they still remain the “workhorse” of cryptography, the most commonly used means of cryptographic protection;

Secondly, methods have been created for solving new, non-traditional problems in the field of information security, the most famous of which are the signature problem digital document and public key distribution. In the modern world information resource has become one of the most powerful levers of economic development. Possession of information of the required quality in right time and in the right place is the key to success in any type of business activity. Monopoly possession of certain information often turns out to be a decisive advantage in competition and thereby predetermines the high price of the “information factor.”

Widespread implementation personal computers brought the level of “informatization” of business life to a qualitatively new level. Nowadays it is difficult to imagine a company or enterprise (including the smallest) that would not be armed modern means processing and transmission of information. In computers, significant amounts of information are accumulated on data carriers, often containing confidential nature or of great value to its owner.

1.1. Basic tasks of cryptography.

The problem of cryptography, i.e. secret transfer occurs only for information that needs protection. In such cases, they say that the information contains a secret or is protected, private, confidential, secret. For the most typical, frequently encountered situations of this type, even special concepts have been introduced:

State secret;

Military secret;

Trade secret;

Legal confidentiality;

1. there is a certain circle of legitimate users who have the right to own this information;

2. there are illegal users who seek to acquire this information in order to turn it to their benefit and to the harm of legitimate users.

1.2. Cryptography today

Cryptography is the science of ensuring data security. She is looking for solutions to four important security problems - confidentiality, authentication, integrity and participant control. Encryption is the transformation of data into an unreadable form using encryption-decryption keys. Encryption allows you to ensure confidentiality by keeping information secret from those to whom it is not intended.

2. Basic concepts.

The purpose of this section is to define the basic concepts of cryptography.

2.1. Cryptography.

Translated from Greek the word cryptography means secret writing. The meaning of this term expresses the main purpose of cryptography - to protect or keep necessary information secret.

Cryptography provides a means to protect information and is therefore part of information security activities.

There are various methods information protection. It is possible, for example, to physically restrict access to information by storing it in a secure safe or a strictly guarded room. This method is convenient when storing information, but when transmitting it you have to use other means.

You can use one of the well-known methods of hiding information:

· hide the information transmission channel using a non-standard method of message transmission;

· disguise the channel for transmitting classified information in an open communication channel, for example, by hiding information in a harmless “container” using certain shorthand methods or exchanging open messages, the meaning of which has been agreed upon in advance;

· significantly complicate the possibility of an enemy intercepting transmitted messages, using special methods of transmitting a signal under a noise level over broadband channels, or using “jumping” carrier frequencies, etc.

Unlike the listed methods, cryptography does not “hide” transmitted messages, but transforms them into a form inaccessible to the enemy’s understanding. In this case, they usually proceed from the assumption that the enemy has complete control of the communication channel. This means that an adversary can not only passively intercept transmitted messages for subsequent analysis, but also actively modify them, as well as send fake messages on behalf of one of the subscribers.

There are also other problems with protecting transmitted information. For example, with a completely open exchange, the problem of the reliability of the information received arises. To solve it it is necessary to ensure:

· checking and confirming the authenticity of the content of the message source;

· prevention and detection of deception and other intentional violations on the part of the participants in the information exchange themselves.

To solve this problem, conventional means used in constructing information transmission systems are not always suitable. It is cryptography that provides the means to detect fraud in the form of forgery or refusal of previously committed actions, as well as other illegal actions.

Therefore, modern cryptography is an area of ​​knowledge related to solving information security problems such as confidentiality, integrity, authentication and the impossibility of non-repudiation of authorship by parties. Achieving these requirements constitutes the main goals of cryptography.

Security privacy– solving the problem of protecting information from familiarization with its contents by persons who do not have the right to access it.

Security integrity– guaranteeing the impossibility of unauthorized changes to information. To guarantee integrity, a simple and reliable criterion for detecting any data manipulation is required. Data manipulation includes insertion, deletion, and replacement.

Security authentication-development of methods for confirming the authenticity of the parties (identification) and the information itself in the process of information interaction. Information transmitted over a communication channel must be authenticated by source, time of creation, data content, time of transmission, etc.

2.2 Privacy

The traditional task of cryptography is the problem of ensuring the confidentiality of information when transmitting messages over an enemy-controlled communication channel. In the simplest case, this task is described by the interaction of three subjects (parties). The owner of the information, usually called sender, transforms the original ( open) information (the conversion process itself is called encryption) in the form of transmitted recipient By open channel communications encrypted messages in order to protect it from the enemy.

Rice . 1. Transmission of encrypted information

Sender Opponent Recipient

Under enemy means any subject who does not have the right to familiarize himself with the content of the transmitted information. Can act as an enemy cryptanalyst, who knows how to solve ciphers. The legal recipient of the information carries out decryption received messages. The adversary is trying to take possession of protected information (his actions are usually called attacks). At the same time, he can perform both passive and active actions. Passive attacks are related to eavesdropping, traffic analysis, interception, recording of transmitted encrypted messages, decryption, i.e. attempts to “hack” the security in order to obtain information.

When conducting active attacks, the enemy can interrupt the message transmission process, create fake (fabricated) or modify transmitted encrypted messages. These active actions are called imitation And substitution respectively.

Under code usually refers to a family of invertible transformations, each of which is determined by some parameter, called a key, as well as the order in which this transformation is applied, called conversion mode. The formal definition of the cipher will be given below.

Key- This essential component cipher, responsible for choosing the transformation used to encrypt a particular message. Typically the key is some alphabetic or numeric sequence. This sequence “sets up” the encryption algorithm.

Each transformation is uniquely determined by a key and described by some cryptographic algorithm. The same cryptographic algorithm can be used for encryption in different modes. Thus, various encryption methods are implemented (simple replacement, gamma, etc.). Each encryption mode has both its advantages and disadvantages. Therefore, the choice of mode depends on the specific situation. Decryption uses a cryptographic algorithm, which in general may differ from the algorithm used to encrypt the message. Accordingly, encryption and decryption keys can be distinguished. A pair of encryption and decryption algorithms is usually called encryption system, and the devices that implement them are encryption technology.

2.3. Integrity

Along with confidentiality, an equally important task is to ensure the integrity of information, in other words, its immutability during transmission or storage. The solution to this problem involves the development of means that make it possible to detect not so much random distortions (coding theory methods with error detection and correction are quite suitable for this purpose), but rather the targeted imposition of false information by the enemy. To achieve this, redundancy is introduced into the transmitted information. As a rule, this is achieved by adding to the message some verification combination, calculated using a special algorithm and playing the role of a checksum to verify the integrity of the received message. The main difference between this method and the methods of coding theory is that the algorithm for generating a verification combination is “cryptographic,” that is, dependent on the secret key. Without knowledge of the secret key, the likelihood of an adversary successfully imposing distorted or false information is low. This probability serves as a measure imitation resistance cipher, that is, the ability of the cipher itself to withstand active attacks from the enemy.

2.4. Authentication

Authentication - establishing authenticity. In general, this term can refer to all aspects of information interaction: communication session, parties, transmitted messages, etc.

Authentication (that is, verification and confirmation) of all aspects of information interaction is an important part of the problem of ensuring the reliability of the information received. This problem is especially acute in the case of parties that do not trust each other, when the source of threats can be not only a third party (enemy), but also the party with whom the interaction is carried out.

Let's consider these questions.

In relation to a communication session (transaction), authentication means checking: the integrity of the connection, the impossibility of repeated transmission of data by the enemy, and the timeliness of data transmission. For this, as a rule, they use additional options, allowing you to “link” the transmitted data into an easily verifiable sequence. This is achieved, for example, by inserting some special numbers or timestamps. They allow you to prevent attempts to retransmit, change the order or send back part of the transmitted messages. At the same time, such insertions in the transmitted message must be protected (for example, using encryption) from possible forgeries and distortions.

When applied to parties to an interaction, authentication means verifying by one of the parties that the interacting party is who it claims to be. Party authentication is often also called identification.

The main means of identification are identification protocols, allowing identification (and authentication) of each of the parties participating in the interaction and not trusting each other. Distinguish one-way protocols And mutual identification.

Protocol is a distributed algorithm that determines the sequence of actions of each party. During the execution of the identification protocol, each party does not transmit any information about its secret key, but stores it and uses it to generate response messages to requests received during the execution of the protocol.

Finally, in relation to the information itself, authentication means verifying that the information transmitted over a channel is genuine in content, source, time of creation, time of transmission, etc.

Verifying the authenticity of the content of information comes down, in essence, to checking its immutability (from the moment of creation) during transmission or storage, that is, checking its integrity.

Data Source Authentication means confirmation that the original document was created by the stated source.

Note that if the parties trust each other and have a shared secret key, then authentication of the parties can be ensured by using an authentication code. Indeed, every message successfully decorated by the recipient can only be created by the sender, since only he knows their common secret key. For parties that do not trust each other, solving such problems using a shared secret key becomes impossible. Therefore, when authenticating a data source, a digital signature mechanism is needed, which will be discussed below.

In general, data source authentication serves the same role as an identification protocol. The only difference is that in the first case there is some transmitted information, the authorship of which needs to be established, and in the second it is simply necessary to establish the party with whom the interaction is taking place.

2.5. Digital signature

In some situations, for example due to changed circumstances, individuals may deviate from previously accepted circumstances. In this regard, some mechanism is needed to prevent such attempts.

Since in this situation it is assumed that the parties do not trust each other, the use of a shared secret key to solve the problem becomes impossible. The sender can deny the fact that the message was transmitted, claiming that the recipient himself created it ( disclaimer). The recipient can easily modify, replace, or create a new message and then claim that it came from the sender ( attribution of authorship). It is clear that in such a situation the arbitrator, when resolving the dispute, will not have the opportunity to establish the truth.

The main mechanism for solving this problem is the so-called digital signature.

Digital signature scheme includes two algorithms, one for calculation and the second for signature verification. Signature computation can only be performed by the signature author. The verification algorithm must be publicly available so that everyone can verify the correctness of the signature.

Symmetric cipher systems can be used to create a digital signature scheme. In this case, the message itself, encrypted with a secret key, can serve as a signature. However, the main disadvantage of such signatures is that they are one-time: after each verification, the secret key becomes known. The only way out of this situation within the framework of the use of symmetric cipher systems is the introduction of a trusted third party, acting as an intermediary who is trusted by both parties. In this case, all information is sent through an intermediary, who re-encrypts messages from the key of one of the subscribers to the key of another. Naturally, this scheme is extremely inconvenient.

Two approaches to building a digital signature system when using public key cipher systems:

1. In converting the message into a form from which you can reconstruct the message itself and thereby verify the correctness of the “signature”. In this case, the signed message has the same length as the original message. To create such a “signed message,” you can, for example, encrypt the original message using the private key of the signer. Then anyone can verify the validity of the signature by decrypting the signed message using the signer's public key;

2. The signature is calculated and transmitted along with the original message. Calculating a signature consists of converting the original message into some digital combination (which is the signature). The signature calculation algorithm must depend on the user's private key. This is necessary so that only the owner of the key can use the signature. In turn, the algorithm for verifying the correctness of the signature should be available to everyone. Therefore, this algorithm depends on the user's public key. In this case, the length of the signature does not depend on the length of the message being signed.

With the problem of digital signature arose the problem of building keyless cryptographic hash functions. The fact is that when calculating a digital signature, it turns out to be more convenient to first implement hash functions, that is, folding the text into some combination of a fixed length, and then sign the resulting combination using a secret key. In this case, the hashing function, although independent of the key and open, must be “cryptographic”. This means the property one-sidedness this function: based on the value of the convolution combination, no one should be able to select the corresponding message.

Currently, there are standards for cryptographic hash functions that are approved independently of the standards for cryptographic algorithms and digital signature schemes.

3. Cryptographic security measures.

Cryptographic security measures are called special means and methods of transforming information, as a result of which its content is masked. The main types of cryptographic closure are encryption and encoding of the protected data. At the same time, encryption is a type of closure in which each symbol of the data being closed is subject to independent transformation; When encoding, the protected data is divided into blocks that have a semantic meaning, and each such block is replaced with a digital, alphabetic or combined code. This uses several various systems encryption: replacement, rearrangement, gamma, analytical transformation of encrypted data. Combination ciphers have become widespread, when the source text is sequentially transformed using two or even three different ciphers.

3.1 Cryptosystems

The cryptosystem works according to a certain methodology (procedure). It consists of:

ü one or more encryption algorithms (mathematical formulas);

ü the keys used by these encryption algorithms;

ü key management systems;

ü unencrypted text;

ü and ciphertext (ciphertext).

Key Key

Text algorithm ciphertext algorithm Text

encryption decryption

Methodology

According to the methodology, an encryption algorithm and a key are first applied to the text to obtain a ciphertext from it. The ciphertext is then transmitted to its destination, where the same algorithm is used to decrypt it to produce the text again. The methodology also includes key generation and distribution procedures (not shown in the figure).

3.2 Principles of operation of the Cryptosystem.

A typical example of a situation in which a cryptography (encryption) problem arises is shown in Fig. 1:

In Fig.2. A and B are legitimate users of protected information and want to exchange information over a public communication channel. P - illegal user ( enemy, hacker), who wants to intercept messages transmitted over a communication channel and try to extract information from them that is interesting to him. This simple diagram can be considered a model of a typical situation in which cryptographic methods of information protection or simply encryption are used. Historically, some military words have been entrenched in cryptography (enemy, attack on cipher, etc.). They most accurately reflect the meaning of the corresponding cryptographic concepts. At the same time, well-known military terminology based on the concept of code (naval codes, General Staff codes, code books, code designations, etc.) is no longer used in theoretical cryptography. The fact is that over the past decades a coding theory- big scientific direction, which develops and studies methods for protecting information from random distortions in communication channels.

Cryptography deals with methods of transforming information that would prevent an adversary from extracting it from intercepted messages. In this case, it is no longer the protected information itself that is transmitted through the communication channel, but the result of its transformation using a cipher, and the enemy faces the difficult task of breaking the cipher. Opening(hacking) cipher- the process of obtaining protected information from an encrypted message without knowing the cipher used.

An adversary may not attempt to obtain, but to destroy or modify protected information during its transmission. This is a completely different type of threat to information, different from interception and breaking of the code. To protect against such threats, specific methods are being developed.

Therefore, as information travels from one legitimate user to another, it must be protected in a variety of ways to counteract different threats. A situation arises of a chain of different types of links that protects information. Naturally, the enemy will strive to find the weakest link in order to get to the information at the lowest cost. This means that legitimate users must take this circumstance into account in their protection strategy: it makes no sense to make some link very strong if there is obviously more weak links(“principle of equal strength of protection”).

Coming up with a good cipher is a labor-intensive task. Therefore, it is advisable to increase the lifetime of a good cipher and use it for encryption as much as possible. more messages. But this creates a danger that the enemy has already solved (opened) the code and is reading the protected information. If the network cipher has a replaceable key, then by replacing the key, you can make it so that the methods developed by the enemy no longer have an effect.

3.2.1 Key methodology

In this methodology, an encryption algorithm combines a key with text to create a ciphertext. The security of this type of encryption system depends on the confidentiality of the key used in the encryption algorithm, rather than on keeping the algorithm itself secret. Many encryption algorithms are publicly available and have been well tested due to this (eg DES). But the main problem with this methodology is how to generate and securely transmit keys to the participants in the interaction. How to establish a secure channel for transmitting information between participants before transferring keys?

Another issue is authentication. There are two serious problems with this:

· The message is encrypted by someone who has the key in at the moment. This may be the owner of the key;

· But if the system is compromised, it could be another person.

· When participants in an interaction receive keys, how can they know that those keys actually were

· created and sent by an authorized person?

There are two key methodologies - symmetric (private key) and asymmetric (public key). Each methodology uses its own procedures, key distribution methods, key types, and key encryption and decryption algorithms. Since the terminology used by these methodologies may seem confusing, let's define the main terms:

3.2.1.1 Symmetric (secret) methodology

In this methodology, both the sender and recipient use the same key for both encryption and decryption, which they agreed to use before the interaction began. If the key has not been compromised, decryption automatically authenticates the sender, since only the sender has the key with which to encrypt the information, and only the recipient has the key with which to decrypt the information. Since the sender and recipient are the only people who know this symmetric key, if the key is compromised, only the interaction between these two users will be compromised. A problem that will be relevant for other cryptosystems is the question of how to securely distribute symmetric (secret) keys. Symmetric encryption algorithms use keys that are not very long and can quickly encrypt large amounts of data.

How to use systems with symmetric keys:

1. A symmetric secret key is securely generated, distributed, and stored.

2. The sender creates an electronic signature by calculating a hash function for the text and appending the resulting string to the text.

3. The sender uses fast symmetric algorithm encryption-decryption together with a secret symmetric key to the received packet (text along with the attached electronic signature) to obtain the ciphertext. Implicitly, this provides authentication, since only the sender knows the symmetric secret key and can encrypt the packet.

4. Only the recipient knows the symmetric secret key and can decrypt this packet.

5. The sender transmits the encrypted text. A symmetric secret key is never transmitted over unsecured communication channels.

6. The recipient uses the same symmetric encryption-decryption algorithm along with the same symmetric key (which the recipient already has) to the ciphertext to recover the original text and electronic signature. Its successful recovery authenticates someone who knows the private key.

7. The recipient separates the electronic signature from the text.

8. The recipient creates another electronic signature by calculating a hash function for the received text.

9. The recipient compares these two electronic signatures to verify the integrity of the message (that it has not been tampered with).

Tools available today that use symmetric methodology are:

· Kerberos, which was designed to authenticate access to resources on a network, rather than to verify data. It uses a central database that stores copies of all users' private keys.

· ATM Banking Networks. These systems are original developments of the banks that own them and are not for sale. They also use symmetric methodologies.

3.2.1.2 Asymmetric (open) methodology

In this methodology, the encryption and decryption keys are different, although they are created together. One key is made known to everyone, and the other is kept secret. Although you can encrypt and decrypt with both keys, data encrypted with one key can only be decrypted with the other key. All asymmetric cryptosystems are subject to brute force attacks and must therefore use much longer keys than those used in symmetric cryptosystems to provide an equivalent level of security. This has an immediate impact on the computational resources required for encryption, although elliptic curve encryption algorithms can mitigate this problem.

Bruce Schneier in the book "Applied Cryptography: Protocols, Algorithms and Source Code in C" provides the following data on equivalent key lengths.

In order to avoid the low speed of asymmetric encryption algorithms, a temporary symmetric key is generated for each message and only this is encrypted with asymmetric algorithms. The message itself is encrypted using this temporary session key and the encryption/decryption algorithm described in clause 2.2.1.1. This session key is then encrypted using the recipient's asymmetric public key and asymmetric algorithm encryption. This encrypted session key, along with the encrypted message, is then sent to the recipient. The recipient uses the same asymmetric encryption algorithm and their secret key to decrypt the session key, and the resulting session key is used to decrypt the message itself. In asymmetric cryptosystems, it is important that session and asymmetric keys are comparable in terms of the level of security they provide. If a short session key is used (for example, 40-bit DES), then it does not matter how large the asymmetric keys are. Hackers will not attack them, but session keys. Asymmetric public keys are vulnerable to brute-force attacks, in part because they are difficult to replace. If an attacker learns the secret asymmetric key, not only the current one will be compromised, but also all subsequent interactions between the sender and the recipient.

How to use systems with asymmetric keys:

1. Asymmetric public and private keys are securely generated and distributed (see section 2.2 below). The private asymmetric key is transferred to its owner. The asymmetric public key is stored in an X.500 database and is administered by a certificate authority (in English - Certification Authority or CA). The implication is that users must trust that such a system produces safe creation, distribution and administration of keys. Moreover, if the creator of the keys and the person or system administering them are not the same, then end user must believe that the creator of the keys actually destroyed a copy of them.

2. An electronic signature of the text is created by calculating its hash function. The received value is encrypted using the sender's asymmetric private key, and then the resulting string of characters is added to the transmitted text (only the sender can create an electronic signature).

3. A secret symmetric key is created that will be used to encrypt only this message or interaction session (session key), then using a symmetric encryption/decryption algorithm and this key, the original text is encrypted along with the electronic signature added to it - the ciphertext is obtained (cipher -text).

4. Now we need to solve the problem of transferring the session key to the message recipient.

5. The sender must have an asymmetric certificate authority (CA) public key. Intercepting unencrypted requests for this public key is a common form of attack. May exist the whole system certificates confirming the authenticity of the CA's public key. The X.509 standard describes a number of methods for users to obtain CA public keys, but none of them can completely protect against CA public key spoofing, which clearly shows that there is no system in which the authenticity of the CA public key can be guaranteed.

6. The sender requests the asymmetric public key of the message recipient from the CA. This process is vulnerable to an attack in which the attacker interferes with the communication between the sender and recipient and can modify the traffic sent between them. Therefore, the recipient's asymmetric public key is "signed" by the CA. This means that the CA used its asymmetric private key to encrypt the recipient's asymmetric public key. Only the CA knows the CA's asymmetric private key, so there is a guarantee that the recipient's asymmetric public key came from the CA.

7. Once received, the recipient's asymmetric public key is decrypted using the CA's asymmetric public key and the asymmetric encryption/decryption algorithm. Naturally, this assumes that the CA has not been compromised. If it turns out to be compromised, then this disables the entire network of its users. Therefore, you can encrypt the public keys of other users yourself, but where is the confidence that they are not compromised?

8. The session key is now encrypted using an asymmetric encryption-decryption algorithm and the recipient's asymmetric key (obtained from the CA and decrypted).

9. The encrypted session key is appended to the ciphertext (which also includes the electronic signature added earlier).

10. The entire received data package (ciphered text, which includes, in addition to the original text, its electronic signature, and the encrypted session key) is transferred to the recipient. Since the encrypted session key is transmitted over an unsecured network, it is an obvious target for various attacks.

11. The recipient extracts the encrypted session key from the received packet.

12. Now the recipient needs to solve the problem of decrypting the session key.

13. The recipient must have an asymmetric certificate authority (CA) public key.

14. Using his private asymmetric key and the same asymmetric encryption algorithm, the recipient decrypts the session key.

15. The recipient applies the same symmetric encryption-decryption algorithm and the decrypted symmetric (session) key to the ciphertext and receives the original text along with the electronic signature.

16. The recipient separates the electronic signature from the original text.

17. The recipient requests the sender's asymmetric public key from the CA.

18. Once this key is received, the recipient decrypts it using the CA's public key and the corresponding asymmetric encryption-decryption algorithm.

19. The hash function of the text is then decrypted using the sender's public key and an asymmetric encryption-decryption algorithm.

20. The hash function of the resulting source text is recalculated.

21. These two hash functions are compared to verify that the text has not been modified.

3.3 Key distribution

It is clear that both cryptosystems need to solve the problem of key distribution.

In symmetric methodologies, this problem is more acute and therefore explicitly defines how to pass keys between participants before the interaction begins. The specific way to do this depends on the level of security required. If a high level of security is not required, then the keys can be distributed using some delivery mechanism (for example, using snail mail or a courier service). Banks, for example, use mail to send out PIN codes. To provide more high level For security purposes, it is more appropriate for the keys to be manually delivered by the people responsible for this, perhaps in parts by several people.

Asymmetric methodologies try to get around this problem by encrypting a symmetric key and attaching it as such to the encrypted data. And they use key certification authorities to distribute the public asymmetric keys used to encrypt the symmetric key. The CAs, in turn, sign these public keys with the CA's private asymmetric key. Users of such a system must have a copy of the CA's public key. In theory, this means that participants in an interaction do not need to know each other's keys before establishing a secure interaction.

Proponents of asymmetric systems believe that such a mechanism is sufficient to ensure the authenticity of interaction subscribers. But the problem still remains. An asymmetric key pair must be created jointly. Both keys, whether publicly accessible or not, must be sent securely to the key owner as well as to the key certification authority. The only way to do this is to use some kind of delivery method with low security requirements, and deliver them manually with high security requirements.

The problem with key distribution in asymmetric systems is:

· X.509 implies that keys are distributed securely and does not describe a way to solve this problem - it only indicates that the problem exists. There are no standards to address this. For security, keys must be delivered manually (regardless of whether they are symmetrical or asymmetrical).

· There is no reliable way to check which computers are communicating between them. There is a type of attack in which the attacker disguises himself as a CA and receives data transmitted during the interaction. To do this, an attacker simply needs to intercept a request to a key certification authority and replace its keys with their own. This attack can continue successfully for a long time.

· Electronic signing of keys by a key certification center does not always guarantee their authenticity, since the key of the CA itself may be compromised. X.509 describes the method electronic signature CA keys are keyed by higher-level key certificate authorities and call it a "certification path". X.509 addresses the problems associated with verifying the correctness of a public key, suggesting that this problem can only be solved if there is no break in the chain of trusted places in the distributed directory of users' public keys. There's no way around this.

· X.509 assumes that the user already has access to the CA's public key. How this is accomplished is not specified.

· Compromise of the key certification authority is very real threat. CA compromise means. That all users of this system will be compromised. And no one will know about it. X.509 assumes that all keys, including those of the CA itself, are stored in a secure location. Implementing the X.509 directory system (where keys are stored) is quite complex, and is vulnerable to configuration errors. Currently, too few people have the technical knowledge required to properly administer such systems. Moreover, it is understandable that pressure may be exerted on people occupying such important positions.

· CAs may be a bottleneck. To provide fault tolerance, X.509 suggests that the CA database be replicated using standard means X.500; this will significantly increase the cost of the cryptosystem. And when masquerading as a CA, it will be difficult to determine which system was attacked. Moreover, all data from the CA database must be sent over communication channels in some way.

· The X.500 directory system is complex to install, configure, and administer. Access to this directory must be provided either through an additional subscription service, or the organization will have to organize it itself. An X.509 certificate assumes that each person has a unique name. Allocating names to people is the job of another trusted service, the naming service.

· Session keys, despite the fact that they are encrypted, are still transmitted over unsecured communication channels.

Despite all these serious disadvantages, the user must implicitly trust the asymmetric cryptosystem.

Key management refers to their distribution, authentication and regulation of the order of use. Regardless of the type of cryptosystem used, keys must be managed. Safe methods key management is very important because many attacks on cryptosystems target key management procedures.