® Encryption for Data Security
MESSAGE AUTHENTICATION
Authentication of the veracity and source of digitally transmitted and stored messages is important in applications where legally binding agreements are made or funds disbursed through the use of communications systems.
Electronic funds transfer (EFT) systems and various interbank clearinghouse activities are examples. Recent advances in developing one-way and trapdoor functions have brought the achievement of such message authentication capa-bility much closer to reality [13, 26, 27, 28, 29, 30].
In one-way functions, it is easy to apply the function to some variables but very difficult to apply the inverse of the function to the result in order to recover the original variables or find the inverse function. For example, it is easy to compute the sum of a given set of integers, but, given the sum, it is virtually impossible to determine what the original numbers were because there are so many numbers that can add up to the given value. Finding the roots of a very high order polynomial is another example. The first sugges-tions for the use of one-way funcsugges-tions were for secure storage of passwords in computer memory [28]. Instead of passwords themselves, the results of trans-forming the password by a function (F) were stored. Each time a password was submitted, F was evaluated and compared with the stored value. If they agreed, a correct password was used. Because the inverse F-l is very difficult to compute, it did not matter if anyone gained access to the list of transformed passwords in the computer memory.
Functions in which both F and F-l are easy to apply but F-l is very difficult to fmd even ifF is known have additional applications. An individual (X) can generate such a pair, Fx and Fx- 1, and make Fx public while keeping sole possession of its inverse Fx- 1. Then, anyone can send X a message by using F for encryption, but only X can decrypt it. A digital signature feature can now be implemented as follows. When X sends a mes-sage to party Y and wants to verify that it came from no one else, X first applies to message Mx the inverse transformation Fx- 1: Ex
=
Fx-1(Mx).The receiver Y now applies the publicly available transformation Fx to re-cover Mx(Fx(Fx-1[Mx])
=
Mx). This message must be authentic because only X could have applied the first transformation, that is, FX-l. For added security, X could also use Y's transformation, Fy, to encrypt Ex.One class of such functions uses the difficulty level in factoring very large numbers (100 digits or more) into prime factors [26]. Its generation, however, is too complex for discusson in this chapter. Its primary disadvantage is that many multiplications are required because it involves representing M as an integer and raising it to a power that is at least a l00-digit number.
A function based on the so-called knapsack-packing algorithm has been developed. Because only addition and multiplication are involved in its use, the signature generation process is greatly accelerated. As with many ideas that are just beginning to emerge, no proof of the security or insecurity of the proposed signature functions has been produced.
CONCLUSION
Encryption is an effective security technique for data cornmunications systems; its use has been greatly facilitated by the availability of the government-approved Data Encryption Standard. Current research in message
authentication techniques may provide additional safeguards for the transmis-sion of data. Accompanying the interest in developing new data encryption methods, however, is an almost certain equal interest in developing new ways to break them.
1. i'arl<er, D.B. Crime by Cmnputer. New York: Charles Scribner's Sons, 1976.
2. Allen, B. "Embezzler's Guide to the Computer." Harvard Business &view (July-August 1975) 79-89.
3. Linde, R.R. "Operating System Penetmtion." Proceedings of the 1975 NCC, 1975.
4. "Taps to Steal Data." Secvrity World (December 1972) 4546.
5. Canoll, J.M., and Reeves, P. "Security and Data Communications: A Realization of Piggy-Back Infiltration." Infor (October 1973) 226-231.
6. Courtney, R.H., Jr. "Security Risk Assessment in Electronic Data Pmcessing Systems." Proceedings of the 1977 NCC, 1977.
7. Reed, S.K. AMlomatic Data Processing Risk As.es.ment. NBSIR 77-1228. Washington DC: National Bureau of StandanIs, March 1977.
8. 01aseman, S., Turn, R., and Gaines, R.S. "Pmblem A ... in Computer Security Assessment." Proceeding. of the 1977 NCC, 1977.
9. Kahn, D. The Codebreakers. New York: Macmillan, 1967.
10. Shannon, C. "Communications Theory of Secrecy Systems." BeU Sy.tem Technical Journal (October 1949) 654-715.
II. Tuckerman, B. A Study of Vigenere-V.17IIJI1I Single tmd Multiple Loop Enciphering Systems. RC 2879. yorktown Hts NY:
mM Thomas Watson Research Center, 1970.
12. DoItJ Encryption Sf4ndard. FIPS PUB 46. Washington DC: National Bureau of Standards, Janwuy 1977.
13. Diffie, W., and Hellman, M.E. "New Directions in Cryptngrspby." IEEE Transactions on InjomuJlion Theory (November 1976) 644-654.
14. Diffie, W., and Hellman, M.E. "Cryptanalysis of the NBS Data Encl)'plion Standard." Cmnputer (June 1977) 74-84.
15. CmnputerSecvrltytmdtheDoltJEncryptionSttmdard. Edited bY D. Bmnstad. SP 500-27. Washington DC: National Bureau of Standards, Febrwuy 1978.
16. Kent, S.T. "Network Security: A Topdown View Shows Pmblem." DoItJ Communications (June 1978) 57-75.
17. Oaines, H.F. Cryptanalysis. New York: Dover Publications Inc, 1956.
18. Turn, R. "Privacy Tmnsformstions for Databank Systems." Proceedings of the 1973 NCC, 1973.
19. Tuchman, W.L., and Meyer, C.H. "Efficacy of the Data Encryption Standard in Data Pmcessing." ProceetJjngs of 1978 FaU COMPCON, 1978.
20. Schmid, P .E. "Review of Ciphering Methods to Achieve Communk:ation Security in Data Tmnsmission Networks."
Proceedings of the 1976 ICC, 1976.
21. Shankar, K.S., and Cbanderaekaran, C.S. "Tbe Impact of Security on Network Requirements." Symposium Proceedings:
Trends tmd Applications 1977 Cmnputer Security tmd Integrity. IEEE, 1977.
22. Bmnstad, D. "Enctyption Pmtection in Computer Data Communications." Proceedings of the Fourth Data Communica-tions Symposium. Quebec, Canada, 1975.
23. Heinricb, F. The Networic Security Center: A Sy.tem Level Approach to Cmnputer Networic Security. SP 500-21, Vol. 2.
Washington DC: National Bureau of Standards, Febrwuy 1978.
24. "Cryptography," IBM Systems JoumDl, No.2, 1978.
25. Everton, J.K. "A Hierarchical Basis for Bnctyption Key Management in a Computer Commnnication Network." Proceed-ing. of the 1978 International Communications Conference, Toronto, Canada, 1978.
26. Merkle, R.C. "Secure Commnnications in Insecure Channels." Communications on the ACM (April 1978) 294-299.
27. Merkle, R.C., and Hellman, M.E. "Hiding Information and Signatures in Trapdoor Knapsacks." IEEE Transactions on InjormlJlion Theory (September 1978) 525-530.
28. Punly, O.B. "A Higb-Security Log-In Procedure." Communications of the ACM (August 1974) 442445.
29. Rivest, R.L., Sbamir, A., and AdIeman, L. "A Method fot Obtaining Digits! Signatures and Public Key Cryptosystems."
Communications of tire ACM (February 1978) 120-126.
30. Sbamir, A. A Fast Signature Scheme. Department of Mathematics, Mnssacbusetts Institute ofTecbnolngy, Cambridge MA, May 1978.
Blbllograpby
Bmnstad, D., Gait, J., and Katzke, S. Repon of the Worlcshop on Cryptography in Suppon of Computer Security. NBSIR 77-1291. Washington DC: National Bu","" of Standanls, September 1977.
Borris, H.R. "Computer Network Cryptograpby Engineering." Proceeding. of the 1976 NCC, 1976.
Sinknv, A. Elementary Cryptanolysis-A Mathematical Approach. New York: Random House, 1968.