the role of cryptography in security for electronic commerce

8/17/2019 The Role of Cryptography in Security for Electronic Commerce

1/31


2/31

ITB Journal

May 2001 Page 21

The Role of Cryptography in Security for Electronic Commerce

Ann Murphy. Dublin Institute of Technology

David Murphy. Institute of Technology Blanchardstown

Abstract

Many businesses and consumers are wary of conducting business over the Internet

due to a perceived lack of security. Electronic business is subject to a variety of

threats such as unauthorised access misappropriation alteration and destruction of

both data and systems. This paper e!plores the major security concerns of businesses

and users and describes the cryptographic techni"ues used to reduce such risks.

Keywords

Internet- 4e* Security- cryptography- hac&ers- pu*lic an# pri"ate &eys- ,8I-

CAs- Client Security- Ser"er Security- !ES- RSA- #igital signature- SS9- SET

Introduction

ost organisations either utilise the Internet for *usiness purposes alrea#y or inten#

#oing so in the "ery near future /Ernst : ;oung- 1


3/31

Ama7on an# e6ay in#icate that security issues must *ecome a primary concern for

e"eryone #oing *usiness on the Internet /cGuire : Roser- 2000)

4hen net%or&e# information systems perform *a#ly or #onDt %or& at all- li"es- li*ertyan# property can *e put at ris&) Interrupting ser"ice can threaten li"es- %hile the

#isclosure or #estruction of information or itDs improper mo#ification can #isrupt the

%or& of go"ernments- corporations an# in#i"i#uals /Schnei#er- 1


4/31

This paper e>amines the ma+or security concerns of *usinesses an# consumers

engaging in electronic commerce an# focuses principally on the role of cryptography

in re#ucing the ris& of con#ucting *usiness on the Internet) The techniBues an#

terminology use# *y cryptologists- inclu#ing pri"ate an# pu*lic &ey encryption an#their use an# a#"antages in securing *oth information an# systems are #escri*e# in

#etail) The issues in"ol"e# in authentication using #igital signatures an# Certification

Authorities are #iscusse#- as are the issues in"ol"e# in &ey management)

The Internet

Brief History

The %e* has emerge# as the most #ynamic force in the Information Technology /IT

in#ustry #uring the past #eca#e) This gro%th has *een facilitate# *y the confluence of

increasingly po%erful an# ine>pensi"e technologies that permitte# large?scale usage

an# the pro"ision of scala*le systems an# applications- allie# %ith the gro%ing

a"aila*ility of telecommunications #ue to #eclining costs an# increasing *an#%i#th

there*y allo%ing the sprea# of #igital information /Salnos&e- 1


5/31

3) Greater amounts of information that can *e accesse# on #eman#

) Customisation in the #eli"ery of ser"ices

/FS !epartment of Commerce- 1


6/31

4e* system infrastructures are compose# of three parts '

Web Client Internet Connection Web Server

Figure 1: Web Infrastructure (Stein, 1!"

1) The 4e* Client1

2) The 4e* Ser"er

3) The Connection *et%een the t%o

Regar#ing security- the entire system is only as strong as the %ea&est lin& in the chain

/6u#ge- 1


7/31

1) The user %ill not attempt to alter the contents of the 4e* site)

2) The user %ill not attempt to *rea& into the Ser"ers Computer system)

3) The user %ill not try to gain access to unauthorise# areas of the site)

) The user %ill not try to crash the ser"er there*y ma&ing it una"aila*le to other users

) That the user is %ho they claim to *e)

From Both $arties "iew#oint

1) That the connection is free from thir# parties listening in on the communications

line)

2) That the information sent *et%een *ro%ser an# ser"er is #eli"ere# intact an# freefrom tampering)

Section #escri*es the role of cryptography in a##ressing some of these issues- in

particular those of information integrity an# user an# ser"er authentication)

Cryptography

The a*ility to con#uct all &in#s of transactions across open information an#

communication net%or&s has le# to increasing concern a*out the security of the

information itself /!TI- 1t of the type of information that %ill *e encrypte# is nee#e#


8/31

*efore the co#es can *e #e"ise# /6ec&ett- 1


9/31

The pro*lem %ith many historical ciphers is that their security relie# on the sen#er an#

recei"er to remem*er the encryption algorithm an# &eep it secret)

Cryptographic !ystems

To#ay- cryptographic metho#s are more sophisticate# an# are use# to support more

than the confi#entiality of the message- they also inclu#e integrity protection-

authentication- non?repu#iation an# #etection of unauthorise# copying /A#ams :

6on#- 2000)

All cryptographic systems- no matter ho% comple> ha"e four *asic parts '

,lainte>t

Algorithm8ey

Cipherte>t

Figure 2 : Basic %ry#togra#$ic Syste&

(lainte!t A message *efore anything has *een #one to it

#ipherte!t Fnrea#a*le ,lainte>t message after it has *een mo#ifie# in some

%ay

$lgorithm athematical operation use# to con"ert plainte>t into cipherte>t an#

"ice "ersa

,ey Secret &ey use# to encrypt an#(or #ecrypt the message) A &ey is a

%or#- phrase- numeric or alphanumeric string %hich %hen use# in

con+unction %ith the algorithm allo%s the plainte>t to *e encrypte#

an# #ecrypte#)

The a#"antage of cryptography is that the cipherte>t can *e transmitte# across

insecure- pu*lic communications channels) E"en if the cipherte>t is intercepte#- it is

useless to anyone %ho #oes not possess the #ecryption &ey /Stein- 1


10/31

security #epen#s completely on the secrecy of the #ecryption &ey- it is not necessary

to &eep the %or&ings of the algorithm secret) This allo%s the same algorithm to

*e reuse# *y many people an# a"oi#s any nee# to protect cryptographic soft%are

/Stein-1t /!eitel et al.-

2001) The only perfect cryptosystem is calle# the -ne Time (ad in %hich the sheets

of paper in a pa# are fille# %ith completely ran#om characters) An e>act copy of the

pa# is ma#e an# han# #eli"ere# to the correspon#ent- the cipherte>t is create# *y

%riting the message *y a##ing the letters pair %ise %here AP1st letter- 6P2n# an# Q

%raps *ac& to A) The process is re"erse# *y the recipient re"ealing the plainte>t) nce


11/31

a sheet of the pa# is use#- it is #estroye#- if the pa# contains truly ran#om letters the

co#e is a*solutely secure /Treese : Ste%art- 1e#?length of

plainte>t into a *loc& of cipherte>t #ata of the same length) 6ecause each *loc& of a

cipher is in#epen#ent- an ea"es#ropper may notice that certain *loc&s are repeate#

in#icating that the plainte>t *loc&s also repeat) A Stream cipher typically operates on

smaller units of plain te>t an# is #esigne# to *e e>ceptionally fast *y using the &ey to

pro#uce a pseu#oran#om &ey stream %hich is then use# to pro#uce the cipherte>t

/Treese : Ste%art- 1


12/31

Since *oth parties must &no% the same &ey- authentication is assure# as %hen the

message arri"es- there is there is only one person that it coul# *e from)

essage inte&rity can *e "erifie# *y the use of a +essa&e -i&est- %hich generates ashort fi>e# length "alue &no%n as a hash) A .ash function is a transformation that

re#uces a large #ata message to one of a more comprehensi*le si7e H any message can

*e re#uce# to a fi>e# length- say 12= *its- using a hash function /Stein- 1


13/31

contents of the pre"ious one /Cipher*loc& Chaining) The message is first re%ritten in

*inary format- then encrypte# using the !ES algorithm) /$I,S J?2- 1t- since a #ifferent &ey is use# an# then encrypte# again using a thir# &ey as

sho%n in $igure )

ther common symmetric encryption algorithms inclu#e the European International

!ata *loc& cipher Encryption Algorithm /I-(A- #e"elope# *y ames assey an#

eu+ia 9ai in 1


14/31

Sender )eceiver

Clearte*t

)e y -

(ncoded )ey - Clearte*t

+essa&e encry#t +essa&e

(ncoded

+essa&edecry#t

)ey B

decry#t-ouble

(ncoded

decry#t

-ouble

(ncoded )ey B

)ey %

encry#t

Transmitted

+essa&e

Tri#le

(ncoded

+

decry#t

)ey %

Figure . : Tri#le /*S /Greenstein : $einman- 2000

Blow/ish is a freely a"aila*le- "aria*le length *loc& cipher #esigne# *y 6ruce

Schneier of Counterpane Systems- /http'((%%%)counterpane)com(*lo%fis h) It is

nearly three times faster than !ES an# is *eing %i#ely use# in ,C file encryption an#

secure tunnelling applications /Treese : Ste%art- 1


15/31

1) eet in ,erson H simplest metho# *ut #oesnDt scale %ell

2) Courier H Can the courier *e truste#- this can *e o"ercome *y splitting the &ey an#

using alternati"e routes to sen# &ey parts3) Telephone- email or letter

The pro*lem %ith &ey #istri*ution- is that anyone %ho intercepts the &ey in transit can

later mo#ify an# forge all information that is encrypte# or authenticate# %ith that &ey)

$ublic'Asymmetric Key (ncry#tion

ne of the main challenges for pri"ate &ey encryption is ena*ling the sen#er an#

recei"er to agree on the secret &ey %ithout anyone else fin#ing out) Another important

pro*lem occurs on the Internet- %here parties often nee# to communicate %ithout

ha"ing pre"iously met) E"en if it %ere possi*le to securely #istri*ute the ser"ers

secret &ey to the thousan#s of users- it %oul# *e impossi*le to &eep the &ey secret for

long /Stein- 1


16/31

) The !iffie?ellman algorithm is use# to calculate a secret &ey correspon#ing to

the &ey pairs /a-6 an# /*-A-

Sender )eceiver

!etermine a

!eri"e an# a&e A ,u*lic

Retrie"e 6 an# compute &eyfrom secret a an# pu*lic 6

!etermine *

!eri"e an# a&e 6 ,u*lic

Retrie"e A an# compute &ey

from secret * an# pu*lic A

a0B Identical Keys 1enerated b0A

Clearte*tTransmitted

+essa&e

Clearte*t

+essa&e encry#t #ecryp t(ncoded

+essa&e

+essa&e

Figure : /iffieell&an Public )ey %ry#togra#$y/Greenstein : $einman- 2000

T%o %ay pu*lic &ey communication using !iffie?ellman cryptography is "ulnera*le

to a man?in?the?mi##le attac& %here a hac&er intercepts *oth the sen#ers an# recei"ers

pu*lic &eys an# replaces them %ith his o%n "alue- then either ren#ers the

communication in#eciphera*le or generates a matching &ey in or#er to alter the

message) .either sen#er nor recei"er realise their message has *een intercepte# or

altere# /Greenstein : $einmann- 2000)

RSA is an asymmetric encryption scheme- %hich %as #e"elope# *y ) i"est- Shamir

an# A#leman in 1


17/31

freely /Treese : Ste%art- 1


18/31

#eco#es the signature using the sen#erDs pu*lic &ey there*y "erifying the message

sen#erDs i#entity)

Figure ! : /igital Signature /,G,- 2001

Rather than creating a #igital signature *y encrypting the entire message using the

sen#erDs pri"ate &ey- a hash of the message can *e encrypte# instea#) This creates a

small fi>e# si7e signature- regar#less of the length of the message) o%e"er- a #igital

signature #oes not pro"e that the authenticate# sen#er actually sent the message- onlythat the computer #i# If the computer %ere inappropriately infecte#- malicious co#e

coul# use the &ey to sign #ocuments %ithout the userDs &no%le#ge or permission)

The legal acceptance of #igital signatures shifts the *ur#en of proof to the negati"e-

that the signature in #ispute %as not signe# rather than %as signe# /Ellison :

Schneier- 2000

-i&ital (nvelo#es and Session Keys

ne of the main #isa#"antages of pu*lic &ey encryption is spee# since pu*lic &ey

encryption is noticea*ly slo%er than pri"ate &ey encryption /Garfin&el- 1


19/31

each e>change /A#ams : 6on#- 2000) This com*ination of pri"ate an# pu*lic is

carrie# out as follo%s'

1) A secret /session &ey is generate# at ran#om2) The message is encrypte# using the session &ey an# the symmetric algorithm

3) The session &ey is then encrypte# %ith the recei"erDs pu*lic &ey H this is &no%n as

the !igital En"elope

) 6oth the encrypte# message an# the #igital en"elope are sent to the recei"er

) The recei"er uses their pri"ate &ey to #ecrypt the #igital en"elope reco"ering the

session &ey %hich is use# to #ecrypt the message /Stein- 1act time of a commercial e"ent can *e

recor#e# /Cross- 1


20/31

secure as access to the machine an# the pass%or# protection mechanisms)

Cryptographic &eys are usually store# in #is& files as they may *e ran#omly generate#

an# are too long to *e use# manually) At present pri"ate &eys are generally store# on

the o%nerDs ,C an# protecte# *y a pass%or#) If the ,C is hac&e# or stolen- the pri"ate&ey coul# *e frau#ulently use#- hence the &eys themsel"es are usually store# in an

encrypte# format)

Smart Cards

A smart car# contains a microprocessor an# storage unit) $eatures such as car# si7e-

contact layout an# electrical characteristics ha"e *een stan#ar#ise# /IS K=1J) Smart

car#s ha"e physical tamper?resistant properties- plus secure storage an# processing

capa*ilities) The mechanism employe# to ensure that the car# is *eing use# *y its

authorise# user is achie"e# *y off?line entry of a ,I. /something you &no%D &no%n

only to the car# an# its rightful hol#er /something you ha"eD /Tras& : eyerstein-

1


21/31

#istri*ute# among a #esignate# set of people %hose cumulati"e information suffices to

#etermine the secret)

Key )ecovery

This term refers to the useful technology that allo%s a &ey to *e re"eale# if a user

acci#entally loses or #eletes the &ey- or if a la% enforcement agency %ants to

ea"es#rop on a suspecte# criminal %ithout the suspectDs &no%le#ge)

Key -estruction

8eys shoul# *e #estroye# after use- as they remain "alua*le after they ha"e *een

replace#) If the attac&er retains the cipherte>t an# the &ey *ecomes a"aila*le- then it

can *e easily #ecrypte#)

"ublic #ey Infrastructure %"#I&

A %ell?#esigne# an# implemente# ,8I is essential to esta*lish maintain trust in #igital

certificates) any stu#ies ha"e sho%n that the full potential of electronic commerce

%ill not *e realise# until pu*lic &ey infrastructures emerge %hich generate sufficient

trust for *usinesses an# in#i"i#uals to commit their information an# transactions to

the emerging pu*lic net%or&s /EC!- 1


22/31

interception of communications un#er the Interception of Communications Act 1


23/31

!ecure !ocets 'ayer %!!'&

SS9 is a non?proprietary protocol- #e"elope# *y .etscape- use# to secure

communication on the Internet) SS9 uses pu*lic?&ey technology an# #igital

certificates to authenticate the ser"er in a transaction an# protects pri"ateinformation as it passes from one party to another) SS9 transactions #o not reBuire

client authentication /!eitel et al.- 2001)

The steps in the process are sho%n in $igure


24/31

13 Client Sen#s #lient/ello Message

Session

23 Ser"er ac&no%le#ges %ith *erver/ello Message

33 Ser"er sen#s its Certificate

S

Server

Server’s

Digital Envelope

3 Client sen#s #lient,eyE!change essage

3 6oth sen# #hange#ipher*pec essages

J3 6oth sen# inished essages

Server’s

Session Key

Figure : SS4 an5s$a6e /Stein- 1ample- cre#it car# num*ers- are store# on the

merchantDs ser"er they are "ulnera*le to *oth outsi#e an# insi#er attac& /!eitel et al.-

2001)

!ecure $lectronic Transactions %!$T&

SET is a specialise# protocol- #e"elope# *y Visa- astercar#- .etscape an#

icrosoft- for safeguar#ing cre#it?car#?*ase# transactions *et%een customers an#

merchants /Stein- 1


25/31

1) ,ro"i#e confi#entiality of information through encryption

2) Ensure payment integrity through #igital signatures an# message #igests

3) Authenticate *oth merchants an# car#hol#ers through the use of #igital signatures

an# certificates) Interoperate %ith other protocols /Greenstein : $einman- 2000)

The SET protocol in"ol"es the car#hol#er- the merchant- the car#?issuing *an& an#

the merchantDs *an& using pu*lic(pri"ate &ey pairs an# signe# certificates to esta*lish

each playerDs i#entity) $igure 10 sho%s ho% SET %or&s)

43 The Customer initiates a #urchase

Customer *ro%ses 4e* Site- fills out or#er form an# ,resses ,ay 6utton- Ser"er

sen#s customers computer a message initiating SET soft%are

2) The Client’s So/tware sends the order and #ayment in/ormation

Clients SET soft%are creates t%o messages- one containing or#er information-

%hich is encrypte# using a ran#om session &ey an# pac&age# into a #igital

en"elope using the erchantDs pu*lic &ey) The other message contains payment

information encrypte# using the erchant 6an&s pu*lic &ey) The soft%arecomputes a hash of the or#er an# payment information an# signs it %ith the

customerDs pri"ate &ey)

3) The +erchant #asses #ayment in/ormation to the ban,

SET soft%are on the erchants ser"er generates an authorisation reBuest-

for%ar#ing the customers encrypte# information to the 6an&- signing the message

%ith its pri"ate &ey to pro"e its i#entity to the 6an&) This reBuest is encrypte# %ith

a ne% ran#om session &ey an# incorporate# into a #igital en"elope using the6an&s pu*lic &ey

) The Ban,s chec,s the validity o/ the card

The 6an& #ecrypts an# "erifies the erchantDs message- then #ecrypts an# "erifies

the customerDs i#entity) It then generates an encrypte# an# #igitally signe#

authorisation reBuest to the CustomerDs *an&

) The Customers Ban, authorises #ayment


26/31

The customerDs *an& confirms the merchantDs *an& i#entity- #ecrypts the

information- chec&s the customer account an# appro"es(re+ects the reBuest *y

#igitally signing an# encrypting it an# returning it to the merchantDs *an&

J) The +erchants Ban, authorises the transactionThe 6an& authorises- signs an# returns the transaction to the erchant

K) The +erchant’s Web Server com#letes the transaction

erchant ac&no%le#ges the confirmation to the customer- "ia a confirmation

page- an# procee#s to transact the or#er

=) The +erchant con/irms the transaction to the Ban,

The erchant confirms the purchase to its *an&- causing the customerDs cre#it

car# to *e #e*ite# an# the merchantDs account to *e cre#ite#)


27/31

In the SET protocol- the merchant ne"er sees the clientDs proprietary information-

consi#era*ly re#ucing the ris& of frau# /!eitel et al.- 2001) SET focuses on

confi#entiality an# authentication an# ensures that not only can thie"es not steal a

cre#it car# num*er *ut pre"ents merchants from seeing the num*er %hile still pro"i#ing assurances that the car# is "ali# /a%&ins et al.- 2000)

4hile SET pro"i#es a high le"el of security- *usiness ha"e *een slo% to em*race

this technology *ecause of the increase# transaction time an# the specialise#

soft%are reBuirement on *oth the client an# ser"er si#es %hich increases transaction

costs /!eitel et al.- 2001)

Summary and Conclusions

!ummary of techni(ues

The applications of cryptography that meet the facilities reBuire# from an Internet

*ase# infrastructure are summarise# in Ta*le 1)

Facilities

)e=uired

+ethod Uni=ue Features %imitations

Con/identiality • Encryption • Scram*les the #ata *efore transmission

• Spee# oftransmission

Inte&rity • Encryption

(!ecryption

• Electronic 8ey reBuire#to open encrypte# #ata

• Fser may loose&ey

• 8ey may fall into%rong han#s

Authentication • !igital Certificateconfirme# *y a CA

• Verifies the authenticityof sen#er

• Alerts recipient if message has *een

altere#

• nly useful ifcompanies use atruste# thir#

party Certificate

Authority• nly "erifies that

the message %assent from theusers computer or pri"ate &ey

2on>

)e#udiation

• !igital Certificate

• Time Stamp from a

CA

• .either sen#er nor recei"er can #enycommunication

Co#y$rotection

• Encryption

• !igital Time Stamp

• ,re"ents the #ata from *eing repro#uce#

• ,ro"es authorship

Table 1 : Internet Security %oonents -55resse5 by %ry#togra#$y


28/31

Security- message integrity an# authentication can *e achie"e# *y using SS9- %hich

ensures secure communication *et%een client an# ser"er *y using pu*lic &ey

technology to encrypt the #ata an# authenticate the ser"er) Although more comple>

an# e>pensi"e to implement- SET enhances SS9 *y pro"i#ing mechanisms to ensureClient Authentication an# the security of financial transactions through the separation

of merchant an# payment information)

Conclusion

This paper has consi#ere# the history an# techniBues of cryptography use# for

securing communications o"er the Internet) The use of pu*lic an# pri"ate &ey

encryption infrastructures- #igital signatures an# time stamping- to ensure

authentication an# non?repu#iation ha"e *een #escri*e#) The significance of &ey

management systems an# the importance of esta*lishing a ,u*lic 8ey Infrastructure

using Truste# Thir# ,arties an# Certification Authorities to esta*lish an# maintain

trust in #igital certificates ha"e *een #iscusse#) etho#s of ensuring secure electronic

communication using SS9 an# safeguar#ing financial transactions using SET ha"e

*een #escri*e#)

In order for companies to be confident that their electronic transactions can be

carried out securely Internet security will always be a never&ending challenge. $s

improvements in protocols authentication integrity access control and

confidentiality occur hacking techni"ues will also improve. The future of Internet

*ecurity will remain in human hands to continually monitor network infrastructures

and to assess and implement hardware and software solutions.

Bibliography

A#ams !) : 6on# R) /2000 Secure E?Commerce H A Competiti"e 4eapon- ElectronicCommerce

Report- F.IC Seminars 9t#)

6ec&ett 6) /1


29/31

!ramatic Increase in Reports to 9a% Enforcementh ttp'(( g oc s i)co m (prelea


30/31

9ee C)- ;eh ;)- Chen !) : 8u 8) /2000 A Share Assignment etho# to a>imise the ,ro*a*ility of

Secret Sharing Reconstruction un#er the Internet) IEICE Transactions on Information Systems E=3!

/2 1


31/31

8ey?Escro% ,roposals) A"aila*le at h ttp'((c % is ) &u * )n l(W f r % (people( & oop s (*i n # ? art) h tm

Accesse# 2

the role of cryptography in security for electronic commerce

Documents