# How secure is secure?

## Adopting a reliable security standard is essential for most enterprises - and a hardware data encryption system is more reliable...

As data traffic over public and private data networks increases, it becomes increasingly important to protect the privacy of information stored on and exchanged between personal computers.

## 94.4% of cloud apps are not secure enough for enterprises

Access this e-guide with 6 key articles on cloud security and learn how to protect your organisation and its data on the cloud.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

**Authentication**Random numbers are used to authenticate systems with a "challenge" or a piece of unrepeatable and virtually unguessable data to process and return. For example, a simple challenge-response authentication protocol is carried out as follows: A client requests access to password protected information stored on a server The server responds with a random challenge ( a random number, possibly combined with other information The client encrypts the random challenge using its password as a key and then returns the encrypted challenge to the server The server encrypts the same random challenge with the client's password (which the server gets from its own password database) The server compares the two results. If the results match, the server has authenticated the client without the client ever sending its password over the network

**Confidentiality**Confidentiality is provided through data encryption, which is the process of combining plain text input (plain text) with a cryptographic key in a well-defined manner and returning cipher text (encrypted data). In an ideal cryptosystem, it is impossible for anyone to decrypt the cipher text without the decryption key. There are two major types of cryptographic keys: symmetric and asymmetric. Symmetric keys can be used for both encrypting and decrypting data. Asymmetric keys are produced in pairs, each pair consisting of a public key, generally used to encrypt data and a private key, generally used to decrypt data. The strength of a cryptosystem lies in the strength of the key, which is a function of the key length (number of bits) and the randomness of the number used to generate the key. Although it is true that a weak algorithm can leak information that will make it possible to decipher a message, ultimately it is the strength of the secret key that makes an encrypted message impervious to discovery. It is for this reason that sufficiently long, truly random numbers should be used in key generation. "Sufficiently long" in this context means that the number is large enough that it cannot be guessed in the useful lifetime of the encrypted data it protects. For example, some common key lengths in use today are 40 (RC4), 56 (DES), 128 (RC4), and 168 (3-DES) bits.

**Integrity**The integrity of a message sent over a network can be guaranteed through digital signatures and cryptographic hashes. A digital signature is a fixed-length binary string unique to a given message, signed with a private key. The unique string (known as a message digest or cryptographic hash) is similar to a fingerprint ( although the number of possible messages is enormous, the likelihood of any two hashes being the same is miniscule. Because the hash is signed with the originator's private key, anyone with the originator's public key can decrypt the message certain in the knowledge that the owner of the private key originated the message. By generating another hash of the message using the same hashing algorithm as the originator, and comparing the new hash with the signed hash, the recipient can verify that the message did not change after leaving the originator. Random numbers are used in some digital signature generation algorithms to make it difficult for a malicious party to forge the signature. The degree of randomness of the random number has a direct impact on the strength of the signature.

**Random numbers**Random numbers are fundamental to all aspects of data security. The strength of a security mechanism is directly proportional to the randomness of the numbers it uses. As an example, consider the process of encrypting data. Assume for a moment that we are going to encrypt some data using the following simple encryption algorithm: p k c where c = the encrypted ciphertext k = the encryption key (derived from a random number) p = the original message (plaintext) If k = 2 and p = "DOGS HAVE FOUR LEGS", then c = "FQIU JCXG HQWT NGIU"3 (each letter in the plain text is incremented by 2 to generate the ciphertext, so A=C, B=D, etc.). This message looks pretty mixed up, but given the algorithm (most popular algorithms are widely published), it could be decoded in a few seconds even without the use of a computer. Further, if the value of k were fixed (i.e., if the same key were used each time) it would take very little effort to decode subsequent messages, which means that the encryption is compromised. Now consider a slightly stronger algorithm. Assume that there is a different key for each message. For the sake of simplicity, we'll use the original algorithm, p k c. Having already intercepted one message and learned that k (the secret key) = 2, it was easy to decode this message. Now let's look at another message: WXVSRK OICW WIGYVI HEXE. Most people would decipher this message using a "brute force" attack. That is, they would guess a value for k and see if the resulting message made sense. Then they would guess another value, and so on. Here is a brute force attack using sequential values of k , starting at 1: k = 1: VWURQJ NHBV VHFXUH GDWD k = 2: UVTQPI MGAU UGEWTG FCVC k = 3: TUSPOH LFZT TFDVSF EBUB k = 4: STRONG KEYS SECURE DATA You have probably discovered that there is a pattern to the keys. Each new key is equal to the previous key plus two. If you had to decrypt a lot of these messages in your head, it might take you a minute or two each time. A computer could do it almost instantaneously. The encryption is weak because there is a pattern to the keys ( they are not random. Now try decoding the next three messages. HVS GIB WG O MSZZCK GHOF L UHDG D JUHDW ERRN BHVWHUGDB OXKALJ KRJYBOP XOB FJMLOQXKQ A trained cryptographer might use linguistic analysis as a more efficient approach than brute force, but that is beyond the scope of this paper. THE SUN IS A YELLOW STAR (key = 14) I READ A GREAT BOOK YESTERDAY (key = 3) RANDOM NUMBERS ARE IMPORTANT (key = 23) The reason it was harder was that the keys were chosen at random. Unless you detected some pattern, you probably had to use a brute force attack on all three messages. As this example illustrates, using random keys makes decryption much more difficult (unless you already know the key). In this extremely simplistic example, the range of valid keys was 1 - 25.9. In a realistic modern cryptosystem there are typically 2 40 (= 10 12 ) possible 40-bit keys or 2 128 (= 10 38 ) 128-bit keys. It would take a lot of computing power to guess the correct key. If, on the other hand, the keys are not generated at random and one can find a pattern or narrow the range of possible values, finding the real key becomes much easier. In fact, if just one bit of a key can be predicted, the work required to determine the rest of the key is cut in half. To illustrate, assume for a moment that a hypothetical person named Alice is going to encrypt a message using a 4-digit 10 key (which has 10,000 possible values). Imagine that an unknown eavesdropper, Eve, was able to watch Alice select a key. Eve noticed that Alice looked at a digital clock to select the number. Eve could immediately conclude that Alice's key was in the range 0 - 59, greatly simplifying her task of decrypting Alice's message. In fact, if Eve knew what time it was when Alice selected her key, she might be able to narrow the possible range of keys to just 3 or 4 (to account for possible discrepancies between her clock and Alice's). Suddenly Alice's 4-digit key has been effectively reduced to 1 digit and Eve could crack the encrypted message in just 3 or 4 attempts. Alice could strengthen her encryption system by using a hardware RNG. By definition, a random number is unpredictable. It is independent of all other numbers and therefore is not part of any pattern. As a result, a truly random number can be discovered only through a process of trial and error (a.k.a. "brute force"). Utilising a true random number to generate an encryption/decryption key will yield the strongest possible encryption for a given cryptosystem. If a true RNG were used to generate the key in the example above, it would take Eve, on average, 5,000 attempts (half of all possible values) to guess Alice's decryption key. Most modern computer programs use software-generated, pseudo random numbers rather than true random numbers. Pseudo RNGs (PRNGs) require a "seed" which is used as an operand in a mathematical computation to create the pseudo random number. Typical seeds are bits of data collected from various aspects of the computer's internals, including the clock, running processes, status registers, key press timing and mouse movements. Because PRNGs employ a mathematical algorithm for number generation, all PRNGs possess the following properties: A seed value is required to initialise the equation The generated sequence of numbers will eventually repeat Application developers who require non-deterministic output from a PRNG must take pains to provide an unguessable seed value and an algorithm with a period that is sufficiently long. The seed sources mentioned above can be used to incorporate randomness into the seed. However, system interrupt and event handling within different systems have been known to reduce the effective randomness of these sources. In spite of the drawbacks of PRNGs, they are widely used in computer applications. PRNGs are readily available for all types of computer systems today. Because they are implemented in software, PRNGs are easy to add to a system. Most computer applications today use PRNGs to generate the "random" data they require. Many of the better PRNGs produce acceptable output for non-cryptographic applications (such as modeling, gaming, etc.). However, as the power of computing systems increases, cryptographic applications demand a higher degree of randomness than can be provided by a PRNG. Because they are not truly random, pseudo random numbers cannot give the level of cryptographic protection that true random numbers can provide. A hardware RNG is an electronic device that produces genuine random numbers (as opposed to pseudo random numbers). Generally, these devices operate by extracting data from a thermal noise source such as a resistor or a semiconductor diode or from air turbulence within a sealed, dedicated disk drive. Hardware RNGs are non-deterministic by nature ( no algorithm can be used to predetermine subsequent bits. Thus, hardware RNGs are not susceptible to intrusion or exposure by algorithm disassembly or disclosure. The property of non-determinism has been shown to be especially important in specific RNG applications such as certain scientific and financial modeling techniques, government-sponsored lotteries and computer security technology such as cryptography and digital signatures. Hardware RNGs do not require seeds because hardware random numbers are not computed values. They are not derived through a repeatable algorithm. Rather, hardware-generated random numbers are digitised snapshots of naturally occurring thermal noise.

**Compiled by Ajith Ram**

**( Intel 1999**

## CW+

## Features

Enjoy the benefits of CW+ membership, learn more and join.

## Please create a username to comment.