Data Security and Cryptology, XIII

Database Security. Newtwork Security

Data Security and Cryptology, XIII

Database Security. Newtwork Security

November 26th, 2014

Valdo Praust 

mois@mois.ee

Lecture Course in Estonian IT CollegeAutumn 2014 

  

November 26th, 2014

Valdo Praust 

mois@mois.ee

Lecture Course in Estonian IT CollegeAutumn 2014 

  

Technical and Legal Views to Digital Signature

 

• Up to present the only known way for giving a legal digital signature is a using of technical digital signature

• Each legal digital signature is (up to present) a technical digital signature. But each technical digital signature isn’t of course a legal digital signature – it needs some authorities called public key infrastructure

A legal digital signature (digitaalallkiri, digiallkiri) is a legal concept which gives the document evidentary value as handwritten signature gives such a value to paper documentA technical digital signature (digitaalsignatuur, sigisignatuur) is a technical or cryptotechnical construction which uses public-key cryptoalgorithm for achieving the integrity

A legal digital signature (digitaalallkiri, digiallkiri) is a legal concept which gives the document evidentary value as handwritten signature gives such a value to paper documentA technical digital signature (digitaalsignatuur, sigisignatuur) is a technical or cryptotechnical construction which uses public-key cryptoalgorithm for achieving the integrity

Essence of (Legal) Digital SignatureEssence of (Legal) Digital Signature

Digital signature uses the methods offered by a public-key cyrpotialgorihm (its use in digital signature or integrity acheiving mode)

(A legal) digital signature (digitaalallkiri, digiallkiri) is an additional data set which is added to signable document (signable data set) and which is created by a signer (allkirjastaja) using both the signable document and a private key of a signer and is performed by mathematical operations

(A legal) digital signature (digitaalallkiri, digiallkiri) is an additional data set which is added to signable document (signable data set) and which is created by a signer (allkirjastaja) using both the signable document and a private key of a signer and is performed by mathematical operations

Giving of a Digital SignatureGiving of a Digital Signature

Verifying of a Digital SignatureVerifying of a Digital Signature

Private Key as a ChipcardPrivate Key as a Chipcard

Such a chip/device, where it’s impossible to read some internal values (keys) from the device, are called non-reverse-engineerable (pöördkonstrueerimatu) device

Such a chip/device, where it’s impossible to read some internal values (keys) from the device, are called non-reverse-engineerable (pöördkonstrueerimatu) device

Principles of CertificationPrinciples of Certification

Certificates are usually issued by a special certificartion authorities (CAs, sertifitseerimiskeskus, sertifitseerimisteenuse osutaja)

Binding of personal idenfication data (name, personal identification number) to public key is called certification (sertifitseerimine)

A result of certification (by the means of digital signature) is a certificate (sertifikaat) which is always a digital document

Binding of personal idenfication data (name, personal identification number) to public key is called certification (sertifitseerimine)

A result of certification (by the means of digital signature) is a certificate (sertifikaat) which is always a digital document

How Certificate(s) ActHow Certificate(s) Act

Certification InfrastructureCertification InfrastructureCertification infrastructure (sertifitseerimise taristu) or public-key infrastructure (PKI, avaliku võtme taristu) consists of five following mandatory components necessary for secure giving and verifying of digital signatures:

•non-reverese-engineerably realized hardware-based public-key container

•certification authority (CA)•validity of approval service (at the CA)• time-stamping authority•organization and coordination of services (usually in national level)

Advantages of Digital Signature, I Advantages of Digital Signature, I

1. If we get a digitally signed document and the signature verifies, then we must always be sure that the author of document has signed it using its real name, not a pseudonyme. Cerificates will be issued only to Estonian residents using their’ real name.

For a paper documents we can successfully sign a document using a pseudonyme. This fact will remain usually unnotable by the receiver of document (we usually don’t verify handwritten signatures)

Advantages of Digital Signature, II Advantages of Digital Signature, II

2. Digitally signed document is certainly signed by the person, which name is included into the signature (certificate). Only exception is the very rare case when the private key hasn’t kept by the signer

For a handwritten signature we can make a fake signatures (handwritten signatures’ verification probability is no more than 99%). Moreover, for each reading of paper document we do not verify (compare) the handwritten signature – we often do not have the necessary comparing material

Advantages of Digital Signature, III Advantages of Digital Signature, III

3. When digital signsature verifies successfully, we must always be sure that the document itself hasn’t changed after the signing process. It is ensured by the mathematical relationships between document, keys and signature. During the document preparation, we can’t think about possible forging methods

In the case of paper document we must always think about the possible forging methods when we prepare the document (especially for a cases of tables, empty boxes etc)

Advantages of Digital Signature, IV Advantages of Digital Signature, IV

4. We can always prove the creating (signing) time of sigitally signed document. It is ensured by a presence of a time-stamp (which also includes the physical time)

For a paper document we can generally include there an arbitrary date (and it is not provable by the facts which are not related to the document content)

Digital Document Must Remain Digital Forever

Digital representation of a document allows to use wider elements of documents as a paper document (hypertext, mutimedia, hypermedia)

If we print out the digitally signed document we always break the relations which give evidentiary value to a document

The printout of digitally signed document must always be considered as a copy, not an original

Problems of Original and Copy of a Document

Problems of Original and Copy of a Document

For a paper documents we distinguish original and copies. There is always a certain (fixed) number of originals

For a paper documents we distinguish original and copies. There is always a certain (fixed) number of originals

For a digital documents (at first sight) we can’t distinguish originals and copies – all entities of file (document) can be coinsidered as originals and their’ number isn’t fixed

Evidentiary Value Problem, IEvidentiary Value Problem, I

Mein difference between paper documents and digital documents: evidentialy value of paper document is based on physical values which remain intact for a long-term perspective. Evidentiary value of digital document is based on mathematical properties of cryptoalgorithms which became breakable for a long-time perspective

Mein difference between paper documents and digital documents: evidentialy value of paper document is based on physical values which remain intact for a long-term perspective. Evidentiary value of digital document is based on mathematical properties of cryptoalgorithms which became breakable for a long-time perspective

It is assumed that Moore’s rule applies at least next 30-50 years

Evidentiary Value Problem, IIEvidentiary Value Problem, II

Problem: the security properties of all contemporary cryptohgraphic algorithms has limited time horizon to apply (practical security). After 20-30 years a lot of them will be probably practically breakable

Problem: the security properties of all contemporary cryptohgraphic algorithms has limited time horizon to apply (practical security). After 20-30 years a lot of them will be probably practically breakable

It is reasonable, that Estonian (legal) digital siginatures, which are given between 2002 and 2011 and which base on RSA-1024 and SHA-1, will be practivally breakable (fakeable) after 20-30 years or even earlier

Solution to Evidentiary Value Problem

Solution to Evidentiary Value Problem

Solution: we must oversign (ülesigneerimine) long-term preserved document before the previous signature will become practically breakable. Resinging must be performed by a new, stronger algorithms, which lasts again 10-30 years (before new oversigning)

Solution: we must oversign (ülesigneerimine) long-term preserved document before the previous signature will become practically breakable. Resinging must be performed by a new, stronger algorithms, which lasts again 10-30 years (before new oversigning)

Probably, the oversigning will be a obligation of a digital archiving instance

Essence of OversigningEssence of OversigningOversiging of a document by a archining instance can be considered as a statement “I saw the document in a verifiable form and the mathematical algorithms of the previous signature are not yet broken. I confirm it by a new digital signature which is based on stronger mathematics”

It creates comparison and verificartion possibilities for the future. The moment of oversigning can be proved by a corresponding time-stamp

Database Security – Source Point

1. It’s assumed that data is represented by a relational database (relatsiooniline andmebaas) - tables, their’ relationships, records, fields etc

2. It’s necessary to achieve a confidentiality separately for a different fields. We must ensure that there can be realized an access for a different subjects to different fields

3. It’s determined outside the database, who (which user groups) can read and create/change different data

Database Security – Source Point

4. It’s necessary to ensure integrity for both the (sometimes multiple-changable) data and the whole database. Sometimes it’s necessary to determine the whole history of data entity (previous forms and all editors)

5. Usually it’s assumed, that different database users having a writing access to the same data

The Simplest Approach: an Application-Software Based

• The storing of different events (data adding, changing etc) will performed by application software

• Users authenticate itself using their’ user names and passwords

• Application software together with database works on server, which is directly accessable only by system administrators

Shortcoming: database is stored (in uncrypted form) to server and administratirs can access (also can change) the data – risks concentration is quite high

Errorness of Application SoftwareErrorness of Application Software

Actually each application software has some errors (vulnerabilities). Sometimes these errors are critical allowing to access or change something by an unauthorized subject

Usually there will issue patches in order to repair these vulnerabilities

Cruel reality: between the publishing of vulnerability and making of a patch the software is often remained unprotected for the corresponding attacks

Cruel reality: between the publishing of vulnerability and making of a patch the software is often remained unprotected for the corresponding attacks

Integrity of Full DatabaseIntegrity of Full Database

There will remain the possibility to erase unauthorizedly and undetectedly the whole records (together with their digital signatures)

Sad reality: if we equip each record (field) of a database with a (legal) digital signature, it ensures the integrity of a record, but doesn’t ensure the integrity of full database

Sad reality: if we equip each record (field) of a database with a (legal) digital signature, it ensures the integrity of a record, but doesn’t ensure the integrity of full database

Integrity versus AccountabilityIntegrity versus Accountability

Integrity (terviklus) means that we must determine the source (creator, creating time) of a data

Accountability (jälitatavus) means that we must know all the history (all previous states, creators, changes, changing times etc) of a certain entity

If there’s allowed the changing of previously stored data, then instead of integrity there’s often used and needed an accountability

If there’s allowed the changing of previously stored data, then instead of integrity there’s often used and needed an accountability

Ensuring the Integrity of Full Database

Ensuring the Integrity of Full Database

This can be done by a queue of cryptographic hash functions (next record must include the hash of the previous record) – so-called “local time-stamp”

In these cases we can’t never erase something from the database

Solution: additionally to digital signatures we must equip a database with the (cryptographical) mechnisms which tie different records to each other and therefore prevent their’ unnoticable erasing

Properties of Hash Queue Ensuring the Integrity

Advantages:• Each erasing of full record will be always

noticable (queue of hashes doesn’t verify)• We can also give the evidentiary value to a

negative query results• The integrity of records itself can be protected by

a digital signature

Disadvantages:

• Needs the implementing of hash (hash queue) and their’ verifiability check in the level of database application software

Ensuring the Confidentiality of a Database

• We cannot encrypt these attributes of a database which must be considered as secondary keys (used a basis for a search)

• These data must be available for a database engine (database environment) as a plaintext

• Ensuring the confidentiality of these data for a database administrators needs a special accessing achitecture or is impossible

Other data (attributes that we don’t consider as secondary keys) can be replaced by a ciphertext (and be made unavailable for a database environment) with the appropriate key distribution system

Most-of-Used Practical Solution to a Database Confidentiality Problem

Principle: data are stored into disk in encrypted form - there is a hardware security module (HSM, riistvaraline turvamoodul) included to database which enables to encipher/decipher and to generate/hold a corresponding key

We can’t read the used key from HSM, we can only generate and use it inside HSM

In these cases there are currently only these data available in non-encrypted which are under processing – temporal isolation. Other data (stored data) are kept in encrypted form and it’s impossible to decrypt them without HSM

HSM can be usually started by a special chipcard (sets of chipcards)

Ensuring the Availability of a Database

The necessary condition: if we use (not enough trustable) third parties for backuping, then it’s reasonable to encrypt and digitally sign the archieved data with creating corresponding key management system

This allows to reduce the confidentiality risk

Usually is ensured by an arhciving or backuping (arhiveerimine, varundamine): we store the same data in many physical places

Basics of “Network“ (Internet)Basics of “Network“ (Internet)

• Contemporary WAN (Wide Area Network) is usually an Internet

• Internet is a network which is based on TCP/IP protocol where all transfered information is divided to (and managed by) certain IP packets which are considered and transferred separately

Each IP packet bears information about:• source (IP address) • destination (IP address) • name of service which part it is

Internet as a Collection of ServicesInternet as a Collection of Services

Examples:• e-mail (e-post, meil) –SMTP protocol• WWW (veeb) – HTTP protocol• FTP (file transfer) –FTP protocol• DNS – associates a name with IP address

Internet consists of a lot of different services (teenused) which determine the type of information transferring principle and to which corresponds different protocols (protokollid)

Internet consists of a lot of different services (teenused) which determine the type of information transferring principle and to which corresponds different protocols (protokollid)

A a lot of services (protocols) are used for a Internet internal management and they are often hidden for a typical end user

Threats from a InternetThreats from a Internet

A symmetry principle: as well as we can access to the Internet (Internet services), as well the user from an Internet can access our computer or local network (services available there)

A symmetry principle: as well as we can access to the Internet (Internet services), as well the user from an Internet can access our computer or local network (services available there)

• An unauthorized access to our computers/network/services

• An eavesdropping of a confidential information - typical Internet-based protocols transfer non-encrypted information)

• Changing of transferred information, so-called man-in-the middle attack (vahemeherünne) - typical Internet-based protocols transfer non-signed information

• Denial-of-service attack, DOS (teenusetõkestusrünne)

Ina typical computer/LAN there operates a couple of services/protocols and some of them are certainly harmable and has some vulnerabilites

Shortcomings of an Open Internet Access

Shortcomings of an Open Internet Access

Paradox: a hacker can easily access to your system or network

It’s inevitable that application software and Internet serfvices has always some weaknesses sand vulnerabilities

It’s inevitable that application software and Internet serfvices has always some weaknesses sand vulnerabilities

• May be both, a hardware device or software product

• As a rule, controls all the traffic between Internet and physically secured computer or local network, allowing only some services/protocols in a pre-defined manner

• For a hardware device (local network separation) uses proxies for services and allows to use independent address space behind the firewall

A Typical Solution: FirewallA Typical Solution: Firewall

A multifunctional firewall: (tulemüür) a special gateway between Internet and your computer or local network)

A multifunctional firewall: (tulemüür) a special gateway between Internet and your computer or local network)

Advantages of a FirewallAdvantages of a Firewall

• Potential attacks are concentrated to one well-protected and well-designed point (firewall) instead of a couple of unsecure services and applications

• Possibility to hide the topology of a local network

• Possibility to save IP addresses (IPv6 alias IPng is not yet everywhere spread, number of “traditional” addresses are quite limited)

• Possibililty to add FTP and/or WWW-server to the firewall (gateway)

Conclusion: it restricts the Internet-related remote access possibilities (virtual office, telecommuting, etc)

Main Shortcoming of a FirewallMain Shortcoming of a FirewallFor an authorized users it hinders to access to the local resources (local network) from the other parts of Internet

For an authorized users it hinders to access to the local resources (local network) from the other parts of Internet

As well as firewall blocks the unauthorized accesses from “big” Intetnet, it also blocks such a trials for an authorized users. A typical (“classical”) firewall is unable to distingush authorized access trials from unauthorized ones

Solution for a Remote Access: Encryption and Signing

Solution for a Remote Access: Encryption and Signing

A sad fact: typical Internet services (protocols) – http, telnet, ftp, nntp, smtp – are not secure, i.e. does not allow secure and authenticated communication. They can be easily both eavesdropped or changed by a classical man-in-the middle attack

A sad fact: typical Internet services (protocols) – http, telnet, ftp, nntp, smtp – are not secure, i.e. does not allow secure and authenticated communication. They can be easily both eavesdropped or changed by a classical man-in-the middle attack

Hint for a secure remorte access: we must use both encryption (protects confidentiality) ja signing (protects integrity)

Firewall + Secure Remote Access ClientFirewall + Secure Remote Access Client

Secure Remote Access Client (turvaline kaugpöördusklient) uses the encryption and signing of transferrable data, ensuring both confidentiality and integrity of communication

Secure Remote Access Client (turvaline kaugpöördusklient) uses the encryption and signing of transferrable data, ensuring both confidentiality and integrity of communication

Is usually realized by TLS (SSL) protocol

A secure remote access (as a connection unattackable by a man-in-.the middle attack) can be securely passed through firewalls

This enables to restore the (secure) remote access for the systems including firewalls

This enables to restore the (secure) remote access for the systems including firewalls

A typical Secure Remote Access Client is a suitable solution when we have one physical (physically protected) local area network and a lot of remote clients in different places (an example – a company and its’ telecommuters)

But there arises another problem – a company with several (physically protected ) local networks in different places which we wish to use as a single system with its’ services, resources etc.

Virtual Private NetworkVirtual Private Network

Solution: a virtual private network (virtuaalne privaatvõrk), which connect different physically secured local networks together into one virtual private network with the united address space. The physical connection between different networks will be performed by using encrypted and signed (usually TLS-protected) data transfer via public Internet

Solution: a virtual private network (virtuaalne privaatvõrk), which connect different physically secured local networks together into one virtual private network with the united address space. The physical connection between different networks will be performed by using encrypted and signed (usually TLS-protected) data transfer via public Internet

This technique allows to connect a couple of different physical networks

Different local networks communicate with other local networks via Internet using special cryptowalls (krüptomüür) which often support TLS-protocol

Virtual Private NetworkVirtual Private Network

For a typical and user all different physical networks together seems to be as one big local network

For a typical and user all different physical networks together seems to be as one big local network

In order to get access to the public Internet, we can add a firewall to VPNs (at least to one of many physical networks):

Virtual Private Network: Different Configurating Possibilities

Virtual Private Network: Different Configurating Possibilities

In these cases all traffic between VPN and “big” Internet will go through the firewall (despite of the physical location of current physical network)

We can also add some firewalls in different networks, additional physical networks etc

We can also add some secure remote acceess clients if it’s necessary

Virtual Private Network: Different Configurating Possibilities

Virtual Private Network: Different Configurating Possibilities

• Firewall (tulemüür) for a secure connection of a local network (single computer) to Internet

• Secure Remote Access Client (turvaline kaugtööklient) which allow a secure connection which may go even through fireewalls etc and enables autehntication of the related parties

• Virtual Private Networks (virtuaalsed privaatvõrgud) which can connect different physically secured networks into one unique virtual network

• A symbiosis of all above-mentioned means and components

Conclusion: Main (Classical) Means of Network Security

Conclusion: Main (Classical) Means of Network Security

• Password management (paroolihaldus): who generates, how stored, how transferred and used etc

• Key management (võtmehaldus): who generates, how stored and kept, their’ relationship with passwords and devices etc

• Authentication means (autentimisvahendid): non-reverse-engineerable chipcards, HSMs, biometrics, passwords, etc

Necessary Additional ComponentsNecessary Additional Components

Remainder: TLS (SSL) needs an additional information (certificate) during handshaking

Remainder: TLS (SSL) needs an additional information (certificate) during handshaking