13.5 Data Encryption

Data encryption, once the exclusive concern of the defense community and financial institutions, is now a widely deployed tool, especially as more enterprise applications have migrated to the global Internet and wireless networks. But encryption is also widely used to protect databases. In the encryption process, the data is manipulated in such a way as to make it unintelligible to all but the designated recipient on a network or user of a database. If the encryption key is 128 bits or higher, even the most technically savvy hacker will not be able to make sense of the data easily.

Initially a complicated and difficult-to-use tool, encryption is now easy to set up by system administrators and users through a GUI. It runs as a background process and, in many cases, users may not even know it is there. This transparency has spurred new interest among large enterprises and small companies alike to use data encryption as a means to protect sensitive information that is accessible through their networks.

Data encryption, a method of scrambling information to disguise its original meaning, provides an effective and practical means of protecting information transmitted over dispersed communications networks. Since intruders cannot read encrypted data, the information is not vulnerable to passive or active attack. When implemented along with error detection and correction, encryption offers a highly effective and inexpensive way to secure a communications link. For example, file encryption with decryption at the user workstation adds security to both the file server and the transmission medium. The decryption key can be a string of characters known only to the user. The data are secure from other workstations, illegal taps, and interception of spurious electromagnetic radiation.

Either the hardware or software can perform encryption, but hardware-based encryption provides more speed and security, since an intruder who is skilled in programming will not usually be able to interfere with the encryption hardware.

Online encryption requires installation of encryption and decryption units at both ends of the communications link.

Cryptographic methods involve the use of an encryption key, which is a string of characters used in conjunction with an algorithm to scramble and unscramble messages. Cryptographic methods are designed so that even if intruders know the algorithm (a mathematical formula stored in electronic circuitry), they will not be able to decode the scrambled information unless they also have the specific encryption key. The more characters the key contains, the more difficulty an intruder will encounter when attempting to breach security. The strength of a cryptographic system lies in the quality and secrecy of the keys selected.

13.5.1 Symmetric Versus Asymmetric

Encryption systems are either symmetric or asymmetric. Symmetric crypto systems use the same key (the secret key) to encrypt and decrypt a message, while asymmetric crypto systems use one key (the public key) to encrypt a message and a different key (the private key) to decrypt it. Asymmetric crypto systems are also called public key crypto systems. Symmetric crypto systems have a problem: How can the secret key safely be transported from the sender to the recipient? If the secret key could be sent securely, there would be no need for the symmetric crypto system in the first place because the same secure channel could be used to send messages. Bonded couriers are used as a solution to this problem.

Another, more efficient and reliable solution is a public key crypto system. Such systems use a two-part key structure to eliminate the problem of sharing a single encryption/decryption key. This technology permits users to encode data files with a public key that is associated with a specific user. The public key can encrypt, but not decrypt, a file. A private key, associated with each set of public keys, enables users to decrypt files that have been encrypted using this technique. The key used to decrypt a file is associated with, and available to, only a single user; this minimizes the likelihood of a key being copied or discovered by unauthorized users. Furthermore, because the decryption key is valid for only one user, it cannot be used to decrypt files intended for a different user. There is no need to keep the public keys secret or to risk compromising private keys by transmitting them between various users.

13.5.2 Digital Encryption Standard

One of the most thoroughly tested cryptographic algorithms available is the DES, developed by IBM and adopted in 1977 as a federal standard by the U.S. National Bureau of Standards, now known as the National Institute of Standards and Technology (NIST), a unit of the Department of Commerce. DES is one of the most important cryptographic algorithms because it—and its successor, 3DES—is the basis for hundreds of security products in widespread use today.

DES-based encryption software uses an algorithm that encodes 64-bit blocks of data and uses a 56-bit key; the length of the key imposes a difficult decoding barrier to would-be intruders because 72 quadrillion (72,000,000,000,000,000) keys are possible. The DES offers four different encryption modes. Direct mode is the easiest to implement but provides the least security because it allows independent coding of each of the blocks of a message. Independently coded blocks can develop coding patterns in lengthy transmissions; such patterns can make the encryption technique vulnerable to unauthorized access. In the other three modes, coding of each data block varies depending on the coding of one or more previous blocks, reducing the risk of revealing a pattern in encoding that could provide clues to the decryption key.

Despite its 20-year performance of foiling decodes, DES was finally broken in 1998 by the Electronic Frontier Foundation, which managed to break the algorithm in less than 3 days at a cost of less than $250,000. The encryption chip that powered the so-called DES Cracker was capable of processing 88 billion keys per second. In addition, it was shown that for a cost of $1 million, a dedicated hardware device can be built that can search all possible DES keys in about 3.5 hours.

Since 1998, DES has been replaced with 3DES, which is based on the DES algorithm, making it very easy to modify existing software to accommodate the new standard. It also has the advantage of proven reliability and a longer key length that eliminates many of the shortcut attacks that can be used to reduce the amount of time it takes to break DES. Even this more powerful version of DES has a limited life span, due to the increasing processing power of today’s computers to break ever larger keys, and is being replaced by the Advanced Encryption Standard (AES).

In December 2001, NIST announced approval of the AES, which specifies the Rijndael symmetric encryption algorithm developed by two Belgian cryptographers. Experts claim that the algorithm is small, fast, and very hard to crack, estimating that it would take 149 trillion years to crack a single 128-bit AES key using today’s computers. Corporations using 3DES technologies will have to wait until low-cost AES implementations become available before a migration to the new standard makes sense from a price perspective.

13.5.3 Recommendations for Implementing Encryption

Encryption is one of the simplest and least-expensive ways to protect sensitive information. It is most effective when combined with other security methods that restrict access during the network logon process. Applying multiple layers of security disheartens even seasoned hackers, who will be more inclined to look elsewhere for easier pickings.

Implement WEP on Wireless Nets

As noted in Chapter 6, there has been a lot of controversy about the shortcomings of the first iteration of WEP, an encryption scheme for wireless networks operating in the unlicensed 2.4-GHz frequency band. These shortcomings make wireless networks vulnerable to hackers who know how to break the keys. However, WEP is still useful for hardening wireless networks and should not be dismissed entirely because key handling has been improved in newer products. Although many of these improvements are proprietary, they also contribute to security. RSA Security, Inc., the originator of the RC4 algorithm on which WEP is based, has even come up with a WEP fix that entails encrypting every packet with a distinct key, rather than reusing the same key information repeatedly, which makes it vulnerable to hackers. Although this capability represents an important development in security over the original WEP scheme, it should be noted that it is not part of any 802.11 specification at this writing, and its use would require that all users on the network use the same RSA Security, Inc software to realize the benefit of enhanced security.

Safeguard Encryption Keys

It is common to assign encryption keys, which are then stored either on the client’s disk or, in the case of wireless networks, in the memory of the notebook or PDA adapter. Wireless networks are particularly challenging because all the client devices associated with the same wireless access point must use the same encryption key to allow communication between all interconnected devices. If that key is compromised, all devices on that segment could be exposed to an attack or used as a gateway into the corporate network.

If the device is stolen or lost, anyone in possession of the client device has access to the MAC address and encryption key and can use them to gain access to corporate resources. It is virtually impossible for security management personnel to detect a security breach that results from misuse of the MAC address and encryption key until the owner reports it. Then the security scheme must be changed to render the MAC address and encryption key useless. This involves changing the encryption keys on all client devices that use the same keys as the lost or stolen device. The greater the number of devices, the larger the reprogramming task.

To deal with the ramifications of lost or stolen client devices, a more stringent security scheme must be implemented that incorporates device-independent user name and password for authentication. This not only grants users access to the network regardless of the client devices they may be using at any given time, but since they are device-independent, the user name and password are not stored in the device where non-employees can find them.

Use Dynamic Encryption Keys

Instead of assigning static encryption keys, which are typically stored in the client device, keys should be generated dynamically upon successful user authentication. This takes responsibility for key management away from users, who may grow lax about security over time. It also simplifies the job of IT staff charged with the responsibility for key management.

Issue Session Keys

Encryption keys should not only be generated dynamically, they should be good for only as long as the session. When the user logs off and then back onto the network later in the day, a new session key should be issued, giving hackers less time to capture enough data with which to search for patterns that can lead to breaking keys by brute-force methods.

Retire Encryption Keys

In addition, keys should not merely be recycled among different users’ sessions but should be made to expire permanently after a reasonable period. This practice would ensure that employees who leave the organization, for example, cannot use their old keys to indefinitely access corporate resources.

Implement Key Management

Key management should be implemented as well. This refers to the generation, distribution, updating, and revoking of the keys used to encrypt and/or digitally sign information. The trouble with any security system that uses encryption keys is that the keys are susceptible to compromise by hackers, user carelessness, or deliberate disclosure by disgruntled present or former employees. Good key management addresses these issues in a variety of ways, including the following:

• Changing the keys at specific intervals;

• Protecting the manner in which keys are distributed—never distribute in clear text via e-mail, for example;

• Revoking the keys of personnel who have resigned, been laid off, or dismissed even before they turn in their notebook computers or PDAs;

• Maintaining certificate revocation lists of keys known to be compromised or expired so they will not be accidentally used.

These management practices are important because even if only one copy of a key is found or captured, the entire security system could be compromised.

Automate Key Management Deploy a policy manager to automate key management. Key management, normally a time-consuming chore that requires continuous attention, can be expedited with a policy manager that automates many aspects of key management. The policy manager is an application that helps security administrators implement key management on a global or “policy” basis, rather than on an individual basis, making it as easy to assign or change encryption keys for 10,000 clients as it is for 10 clients.

Select Security Products with Care Vendors are becoming more attuned to the burdens of security management and are equipping their enterprise-level access points with automatic encryption key generation and distribution capabilities. Agere Systems, for example, offers the AP-2000 wireless access point that creates unique RC4 keys on a per-user, per-session basis.

Other vendors like Netlock Technologies offer an authentication step that is used to negotiate encryption keys to unambiguously establish the correctness of the network addresses of the two systems. Because of this, hackers cannot successfully tamper with data packets to impersonate one system when it is sending packets to the other. This not only prevents such attacks, but any packet tampering will be detected by the Netlock Agents and a security alarm will be issued to the management system where it is logged for review by the security administrator.

When evaluating new security products, it is recommended that ease of key management be elevated to a high priority in the purchase decision. The ease of key management can save time and money for IT departments and users by eliminating the need for manual intervention. More importantly, if encryption keys are easy to manage, there will be less chance that this administrative chore will lapse over time due to inattention and be the cause of security breaches down the road.

Use Hacker Tools to Assess Network Vulnerability

Decryption tools for hackers are freely available on the Internet, many with GUIs, instructions for use, and help files. Security administrators should have a collection of these tools on hand and use them periodically against the corporate network to test for vulnerabilities. Awareness of what vulnerabilities exist allows corrective action to be taken. These tools are becoming very sophisticated, and this is one way security administrators can stay a step ahead of the growing hacker population. Tools such as APSniff (see Figure 13.3) allow hackers to see critical network settings in a wireless network, even if WEP has been enabled.

Figure 13.3: Hackers can use a tool like APSniff to discover essential information about wireless access points, which enables them to more easily break into corporate networks.

Test Security with Social Engineering Techniques

Often, corporate employees are the weak link in any security system. There have been cases where employees have been tricked into giving out encryption keys over the phone to hackers posing as IT administrators. The hacker claims to be working on a problem involving the user’s equipment, but to gain access and fix the problem, all he or she needs is the encryption key to see if the problem is affecting data transmission. The request sounds legitimate, and the user is stepped through the process of finding the encryption key stored in the computer or network adapter. Security administrators can use this technique within their own company to determine the need for security training.

Educate Employees

Even the best encryption key management tools can be rendered useless by employees who do not understand security issues and the harm their carelessness can cause to their company. Employees must be made aware of their responsibilities through training sessions. They should not be allowed to reveal passwords, MAC or IP addresses, or encryption keys even to fellow employees—above all, not to anyone over the phone or through e-mail. They also should not be allowed to have hacker tools installed on their computers. This can be readily determined with periodic scans of client software by the asset management application that runs on a server.

Hold Employees Accountable

A security policy should be put in writing and each employee should be required to sign it. Any action that results in a security breach or increases the vulnerability of the network should result in a warning that becomes part of that person’s personnel file. Willful or repeated actions should result in termination of employment.

13.5.4 Encryption Deployment Issues

The advantages of data encryption are clear: protection of messages, documents, files, and databases from unauthorized access. But there are also risks and challenges associated with data encryption, including the increased latency in performance due to encrypt-decrypt processing, which especially affects Internet and wireless connections, and the restricted ability to look inside encrypted packets for routing and switching above Layer 2. Beyond these issues, there are others to be aware of, including the following.

Improper Configuration

Internet appliances and wireless devices must be properly configured for encryption. Although many types of equipment come with default settings from the factory so they can be deployed right out of the box, this equipment must be staged at a central location so default settings can be changed and encryption set up and tested before the devices are sent to their installation locations. Failure to take this precaution can result in a network that is easy prey for hackers.

Weak Encryption Keys

Several encryption schemes use the RC4 stream cipher developed by RSA Security, Inc. But the way some vendors’ products handle the RC4 keys for encrypting the 802.11 wireless Ethernet payloads compromises security. There is nothing wrong with the RC4 algorithm used for encryption; RC4 is the popular algorithm protecting millions of users who access secure Web pages and send data via the SSL protocol. This protocol is secure, and RC4 in SSL has never been broken. However, the way WEP handles the RC4 keys weakens the security of wireless networks. A sequential number that is repeated at specific intervals is used to help produce the RC4 keys. The repeated value allows hackers to compare different encrypted payloads and with enough sample data, the full RC4 key can be derived—all without having to test every possible 40/64- or 128-bit key. In fact, there are now tools readily available on the Internet that permit even novice users to successfully crack WEP keys without having significant skills or equipment.

To improve security, the IEEE is developing the 802.11i standard that will include Wi-Fi protected access (WPA), which, among other things, generates a new key periodically during transmission. While WEP uses fixed keys that are easy to attain via commonly available software such as Netstumbler, WPA uses the Temporal Key Integrity Protocol (TKIP) to generate a new key for every 10-KB of data transmitted over the network.

The way WPA will work in the enterprise environment is similar to the setup of any 802.1X authentication system. The clients and access points must have WPA enabled for encryption to and from an 802.1X-capable authentication server, such as a remote-access dial-in user service (RADIUS) server, with centralized access management. Once the server authenticates the user, the access point will let that user onto the wired network. Up to that point, the client had only talked to the server.

Eventually, AES will be incorporated into the IEEE 802.11 standard to make the encryption key unbreakable. One of the reasons for its delay is that AES requires a hardware upgrade and most users will not be able to take advantage of it with existing equipment.

Potential VPN Vulnerability

VPNs use tunneling protocols that, among other things, encrypt data so it can travel safely through the otherwise insecure public Internet. VPNs can even be extended to the homes of telecommuters so they can have secure access to corporate resources over their cable or DSL connection. But if the telecommuter has set up a wireless network in the home for sharing files, printers, and even the Internet access connection, the RF signals can be picked up by hackers riding by outside, allowing them to gain entry to the corporate network through the VPN. To prevent this from happening, either corporate security staff must get involved in helping telecommuters set up encryption or there must be corporate policy against telecommuters using wireless technology as a condition for being allowed to work out of the home.

Security Among Multiple Companies

It is common today for multiple companies to enter into strategic partnerships where sensitive information must be shared between them. Encryption can be used to safeguard this information, but each company must assure to the others that they take security as seriously as they do. If one party in the relationship is lax about managing encryption keys, for example, this could compromise security for everyone else. One way to demonstrate that security is a high priority is to implement a key management system.

Security Entails Extra Costs

Implementing security measures such as encryption adds to the cost of doing business and, like insurance, is often not appreciated until an emergency arises. However, the cost of such measures as key management solutions must be weighed against the damage that could result if a hacker breaks into the network and steals sensitive information like medical records, credit card numbers, and other types of customer information. The damage can come in many forms, including lawsuits, bad publicity, customer distrust, loss of market share, erosion of investor confidence, and deterioration of partner relationships. Compared to these calamities, the cost of implementing security precautions such as encryption becomes a non-issue.