CHAPTER 4

Security and Encryption

 E-commerce Security Environment
• Symantec: Over 50 overall attacks a day
against business firms between July 2004–
June 2005
• 2005 Computer Security Institute survey
– 56% of respondents had detected
breaches of computer security within last
12 months and 91% of these suffered
financial loss as a result
– Over 35% experienced denial of service
attacks, and Over 75% detected virus
attacks
Good E-commerce Security
Dimensions of E-commerce Security
• Integrity: the ability to ensure that
information being displayed on a web site
or transmitted or received over the Internet,
has not been altered in any way by an
unauthorized party
• Non-repudiation: the ability to ensure that
e-commerce participants do not deny their
online actions
• Confidentiality: ability to ensure that
messages and data are available only to
those who are authorized
Dimensions of E-commerce Security
• Authenticity: ability to identify the identity
of a person or entity with whom you are
dealing with on the Internet
• Privacy: the ability to control the use of
information a customer provides about
himself or herself to an e-commerce
merchant
• Availability: the ability to ensure that an
e-commerce site continues to function as
intended
 Tension: Security Vs Other Values
• Security adds overhead and expense to
businesses
• There is tension between security and
ease of use
– The more security features added to a
system the more difficult it is to use and
the slower the site would become
• Security vs. desire of individuals to act
anonymously
 Security Threats
• Three key points of vulnerability, from the
technology perspective are:
– The client,
– The server,
– The communications pipeline
• Different types of security threats can
occur to any of them
– Malicious code, Phishing, hacking and
cybervandalism, credit card fraud / theft,
spoofing, denial of service, sniffing and
insider jobs, poor software
 Malicious code / malware
• Virus: a computer program that has ability
to replicate or make copies of itself, and
spread to other files
• Most common ones are macro viruses,
which are application specific
– Affects the application, by copying it self to
a template
• File infecting viruses usually infect
program files – (.com, .exe, .drv, .dll files)
 Malicious code / malware
• Script viruses are written in script
programming languages such as VBscript,
javascript
– Similarly with applets and ActiveX
• Worm: a malware that is designed to
spread from computer to computer
– A worm does not need to be activated in
order to replicate itself
• Trojan horse: appears to be harmless, but
then does something other than expected
 Impact of Malware
• Server level malicious code attacks could
bring down an entire web site
– At the client, the amount of damage is
limited to a single computer
• It is a threat to integrity and continued
operations, as it often change how a
system functions or altering documents
created on the system
• In some cases the user is unaware of the
attack give it time to damage systems
 Hacking and Cybervandalism
• Hacker: individual who intends to gain
unauthorized access to a computer
system
– Cracker: a hacker with criminal intent
• Most of them get excited just by the
challenge of breaking into corporate and
government web sites
• Some of them have malicious intensions
and commit cybervandalism:
 Phishing
• Any deceptive, online attempt by a third
party to obtain confidential information for
financial gain
– Most popular type: e-mail scam letter
– One of fastest growing forms of e-
commerce crime
• Threatens: privacy, confidentiality
• Poorly designed server and client software:
Increase in complexity of software programs
has contributed to an increase is
vulnerabilities
 Types of Hackers
• Tiger team: group of hackers employed by
corporate security departments to test their
own security measures.
• White hats: good hackers that help
organizations locate and fix security flaws
• Black hats: hackers who act with intention
of causing harm, reveal confidential
information
• Gray hats: break in and reveling system
flaws
 Credit card fraud
• Theft of credit card data is one of the most
feared occurrence for e-commerce, which
prevent users from making online
purchases
• Credit card files are a major target of web
site hackers
• E-commerce sites are good source of
personal information
– Name, address, credit card no, etc
– Criminals can assume new identity using
this personal information
 Spoofing (pharming)
• To misrepresent oneself by using fake e-
mail addresses or masquerading
(pretending) as someone else
– Can also involve Site masquerading –
• Threatens the integrity of a site, stealing
business from true sites, or altering orders
– Also threatens authenticity by making it
difficult to distinguish the true sender of
message.
 Denial of Service Attacks
• Denial of Service (DoS) attack: flooding a
web site with useless traffic to inundate
and overwhelm the network
– Distributed-Dos (dDoS): when the attack
is from numerous points
• DoS attacks may cause a network to shut
down, making it impossible for users to
access the site.
– Threatens the system’s continuing
operations
 Sniffing
• A type of eavesdropping program that
monitors information traveling over a
network
– Used legitimately to identify potential
network trouble spots
• Sniffers enable hackers to steal
proprietary information from anywhere on
the network
• The threat of sniffing: confidential or
personal information will be made public
 Insider Jobs
• The largest financial threat to business
institutions come from stealing by insiders
• For e-commerce: some of the largest
disruption of services, destruction of sites,
and diversion of customer credit data and
personal information have come from
insiders
– Employees have access to privileged
information roaming thought secure
system is easier for employees
Tools available to achieve site security
 Encryption
• The process of transforming plain text or
data into cipher text that cannot be read
by anyone outside of the sender and the
receiver
– Key (cipher): is any method for
transforming plain text to encrypt text.
key key

Plaint Text Encrypt A@%5UO)# Decrypt Plaint Text

Cipher Text
• Purpose of encryption
– To secure stored information and
– To secure information transmission
 Encryption & security dimensions
• Message integrity: provides assurance
that the message has not been altered
• Non-repudiation: prevents the user from
denying of messages he/she sent
• Authentication: provides verification of
the identity of the person sending the
message
• Confidentiality: gives assurance that the
message was not read by others
 Classic Encryptions
• Encryption have been practiced early
Egyptian and Phoenician commercial
records about 2000 years ago:
• Substitution cipher: every occurrence of a
given letter is replaced systematically by
another letter – (Hello to Jgnnq)
– substituting the letter of the alphabet n
places ahead of the current letter
 Classic Encryptions
• Transposition cipher: the ordering of the
letters in each word is changed in some
systematic way – (Hello to Olleh)
• In Double Transposition first write the
plaintext into an array of a given size and
then transpose the rows and columns
according to specified transpositions.
– Key contains the size of matrix & row and
column transposition (permutation)

Crypto CRY PTO OPT Optycr

PTO CRY YCR
 Classic Encryptions
• A more complicated cipher:
– Break all words into two words
– Spell the first word with every other letter
of second piece beginning with the first
letter of the first piece
– Then spell the second word with all the
remaining letters.
– Example: Hello ---> Hel lo ----> HLO EL
• Problem: Computers are so powerful and
fast that these ancient means of encryption
can be broken quickly
 Symmetric Key Encryption
• Symmetric key encryption (secret key
encryption): both the sender and the receiver
use the same key to encrypt and decrypt the
message
– Both parties must share the same key using
some secure media
• Problems
• Key may be stolen
• In commercial use, you would need a secret
key for each of the parties with whom you
transact
 Digital Encryption Systems
• Modern encryption system are digital. The
cipher or key used to transform plain text are
digital strings
– Example: Multiplying string by some bits
• The more bits used in the key the stronger
the encryption would be
– Using 8-bit key, would have only 256
possibilities, which is easier for computers
• Modern digital encryption system use keys
with 56, 128, 256 or 512 binary digits
Digital Encryption Systems example
• Data Encryption Standard (DES): the most
widely used symmetric key encryption,
developed by the National Security Agency
and IBM, which uses 56 bit key
– Triple DES: encrypting the message three
times to cope with fast computers
 Public Key Encryption
• Two mathematically related digital keys
are used:
– A Public key: which is widely disseminated
– A Private key: is kept secret by the owner
• Both keys can be used to encrypt and
decrypt a message
– Once the keys are used to encrypt a
message, that same key cannot be used
to decrypt the message – Uses One way
functions
 One way functions
• Public key cryptography is based on the
idea of irreversible mathematical
functions.
• One way functions: irreversible functions
in which once the algorithm is applied, the
input cannot be derived from the output,
Like that of most recipes
– Keys are long enough (128+ bits), it is
hard to derive other keys from one key
Public Key Cryptography - A Simple
Case
 Issues of the simple case
• Message confidentiality is assured
• But recipient cannot be sure of the sender,
as the recipient’s public key is available
for everyone.
• The sender can deny sending the
message – repudiation
• There is no guarantee that the message
was not altered in transit ---- Lack of
integrity
 Public Key Cryptography with Digital
Signatures
• Hash function: an algorithm that produces
a fixed-length number called a hash or
message digest
• Digital signature: “signed” cipher text that
can be sent over the Internet
– It is unique as the private key is possessed
by only one person
• The recipient will apply the same hash
function to receive the message and check
the same result is produced.
 Issues of the Digital Signature
• The result of a hash function are sent to the
recipient - Encrypted by recipients public key
• Sender re-encrypt the message one more
time using his private key – results in digital
signature
• Integrity is ensured by the use of hash
functions and the digital signature ensures
authenticity … hence non repudiation
– Including the issue of digital certificate
 Creating a Digital Envelope
• Digital Envelope: a technique that uses
symmetric encryption for large documents,
but public key encryption to encrypt and
send the symmetric key
– This increases performance as it is
compared to using public key encryption
with digital signature for larger size
documents
– The Symmetric key sharing can be done
through a more secure means public key
cryptography
 Creating a Digital Envelope
• Document is encrypted using a symmetric
key
• The symmetric key itself will be encrypted
using the recipient's public key
A key within a key = digital envelope
• The recipient first uses his private key to
decrypt the symmetric key
• Then recipient uses the symmetric key to
decrypt the document
 Digital Certificates and Public Key
Infrastructure (PKI)
• Digital Certificate a digital document
issued by a certification authority
• Public Key Infrastructure (PKI) are
certification authorities and digital
certificate procedures that are accepted
by all parties
 To create a digital Certificate
• User generates public/private key pair and send
request for certification to a CA with public key
• CA issues certificate containing the user’s
public key and other related information
• CA creates a message digest from the
certificate itself and signs it with CA’s private
key
– The signed digest is called signed certificate
• A customer can request the signed digital
certificate of the merchant and decrypt it using
merchant’s public key to obtain both the
message and digest and the certificate
 Securing Channels of Communications
• Secure Sockets Layer (SSL) is the most
common form of securing channels
• Establishes secure negotiated session: a client-
server session in which the URL of the
requested document, along with the contents,
the contents of forms, and the cookies
exchanged, are encrypted
• Uses a session key: a unique symmetric key
chosen for a single secure session,
• Created after a number of communications
– Involves identification, exchange of certificates,
and negotiated of strong form of encryption
 Securing Channels of Communications
• SSL provides data encryption, server
authentication, optional client authentication
and message integrity for TCP/IP connections
• S-HTTP: a secure message oriented
communication protocol designed for use in
conjunction with HTTP
– Designed to send each message securely
– Cannot be used on non http messages
• Virtual Private Networks: allow remote users
to securely access internal networks via the
Internet, using a Point-to-Point Tunneling
Protocol (PPTP)
 Point-to-Point Tunneling Protocol
• PPTP: is an encoding mechanism that allows
one local network to connect to another using
the Internet as a conduit
• A remote user dials in to a local ISP
• PPTP makes the connection from the ISP to
the corporate network, as if the user dialed in to
the corporate network
• PPTP creates a private connection by adding
an invisible wrapper around the message to
hide its content.
• The process of connecting one protocol (such
as PPTP) through another (such as IP) is called
tunneling
 Protecting Networks
• Firewall and proxy servers are used
• Firewalls are software applications that act as a
filter between a company’s private network and
the Internet
– Prevent remote client machines from attaching
to your internal network
– Monitor and validate all incoming and outgoing
communications
• Two methods used by firewalls for filtering:
– Packet filtering
– Application Filtering
Firewalls
 Proxy Server
• A software server that handles all
communications originating from or being sent
to the Internet,
– Acting as a spokesperson or bodyguard for the
organization
– Primarily meant to limit access of internal clients
to external Internet servers
• Given a name = dual home systems because:
– To internal servers proxy servers are called
gateway,
– To external machines mail servers / numeric
servers
Proxy Servers
 Protecting Servers and Clients
• Operating system controls allow for the
authentication of the user and access controls
to files, directories, and network paths
• Anti-virus software is the easiest and least
expensive way to prevent threats to system
integrity
– Destroy the most common types of viruses
as they enter a computer or from the hard
disk
– Need to be updated routinely
• Intrusion detection: trigger alarms when
sense hacker attacks