- Email: [email protected]
Managing network security: Time-based security
October
Network Security
Managing Network Security: Time-Based Security Fred Cohen Over the last few years, computing has changed to an almost purely networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. This series of articles takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.
Wmn’s new book
l
I just got a chance to read the draft version of Winn Schwartau’s new book entitled Time-Based Securityand I thought it would be worthwhile reviewing the book and discussing some of the issues he covers.
It’s a first for me to put a book review into one of these articles, but I think it’s a good starting point for this issue. First and foremost, in my personal view, Winn has out-done all of his previous books and articles and other publications and presentations combined with this new one. While it still has all the quirks that make it a Winn-er, his book has five winning qualities. anyone
The notion of time-based security is basically right.
10
l
There are a lot of examples that make the points clearer. A lot of seemingly unrelated security issues are discussed and clarified.
Having given you the good points, it’s only fair to mention a few limitations:
A book review
It’s easy for understand.
l
Winn tells tt like he sees it and we need more of that.
to
Winn keeps saying he has a new way of doing things, but he keeps citing historical examples that prove him wrong. The field of time-based security has been here for a long time and there are far more sophisticated ways of looking at the issues than the way Winn looks at it. Winn takes a lot of credit for things - and he deserves a lot of credit for bringing out these ideas and pulling together a lot of examples, but not as much credit as he takes.
7 998
Winn acknowledges some of the sources of the ideas he discusses, but he often cites secondary and tertiary sources instead of the original works - failing to credit many who deserve it. I have noticed a lot of this in today’s literature, especially in the information security field, and Winn cannot be blamed for the general lack of giving credit where it is due. He tells us to do a lot of things that are good to do, but if you tried to do it all you would find the ‘how’ part lacking. There is an old saying about 10% inspiration and 90% perspiration. Winn has been Inspired and his book is Inspiring, but we need to perspire a bit more to really address the issues he brings up. He gives simple mathematics that convey his basic message, but things are really a lot more complex than that. A lot of people have been trying to put mathematics to information protection over the last few years, and few have had much in the way of success. Winn rightly points out the lack of adequate metrics in the field, but naively claims that time is the metric. It is certainly a fundamental issue, but not the only one by far. From this, it would seem that my opinion is 50-50 on the book, but it’s not. It’s 80-20.. .In my view 80% of everything Winn says in his book is on the mark.. . and the 20% that isn’t isn’t the important part for the non-technical reader, Anybody In information security would be well advised to read this book (and so would anyone
0 1998 Elsevier Science Ltd
October
7 998
in management) eye.
with a critical
Fred’s content summary Several people I have talked to indicated to me that Winn’s book could be summarized in about 5 10 pages without loss of content. If we ignore the examples (a foolish thing to do), we can probably get it down to one page - as I have done here. And now for my summary (-) and critique (+) of the book: Real security comes from the combination of prevention (P), detection (D) and response (R). I agree that these are key elements - but only in one dimension and Winn agrees too. Prevention is effective only if Tp>Td+Tr -Time till prevention fails is less than Time till detection and response can be completed. I think things are a lot more complicated than this - but time is clearly a very key issue in information protection and this is a good starting point for discussion. Management and technical people can both understand the issues of time, I think this may be a bit too simplistic - bit it’s basically true. Time is the metric we have been looking for to evaluate information security. It’s certainly one of them.
0 1998 Elsevier Science Ltd
Network Security
Protection must be prioritized based on the value of what is being protected. Core to understanding risk management - but more complex than it sounds. The skills of the attacker lead to the time required to defeat prevention. I agree, but wish to strengthen it - the threats must drive the key protection decisions along with the vulnerabilities and the consequences and time is clearly a key element in each of these areas. Things change with time and you need to adapt to them over time. Prevention tends to get weaker with time. Detection and response can be strengthened with time. I don’t think this has to be true, but it certainly seems to be true in today’s lowest timeto-market item situation. If quality starts to become an issue in buying decisions - this may well change. Nothing in the book is sacrosanct - they are just ideas that you should use if they help you meet the needs. I strongly agree and this perspective is one of the reasons I strongly recommend the book. Technology is a tool - people are the way the tools gets used - improve your people. You’re preaching to the choir - amen.
Time is fundamental In a course I was giving on strategic gaming for information security, I told the participants that time was a key issue in the particular scenario. I heard what to me was a strange question from one of the participants She asked: “What do you mean, time is the key?” or some such thing. It was strange to me because - as my answer reflected - time is fundamental. In fact, time is so fundamental that we often ignore it in our teachings and publications on information protection. It is almost too obvious to say - and that’s why we don’t say it often enough. Imagine how information security would be if there was never a rush about anything. Someone breaks into your network, but since time is not important, we’ll just ignore it till we have the time to deal with it. It would be a simple and cost effective matter to ignore everything forever because time didn’t matter. And for the attacker, the same thing is true. Suppose you can guess authentication codes forever and never caught. get Eventually, you will come across any authentication code ever used and be able to do anything any authorized user could do. Getting back to the course, I explained to the participant and the rest of the group that in the particular scenario, time was everything. The losses were piling up at a rate of $100 million per day, so playing for time while losses were temporarily stopped was a very good idea. More time means more of a chance to mitigate the harm. Less time for the attacker means that it’s harder for them to get their job
11
October
Network Security
the intrusion detection flaws are related to issues of time and as one of the 50 ways cites: -Type very slowly’ defeats modern intrusion detection systems - all a matter of time.
done. I expanded on the point by noting that - as is well known in the military - if you can get inside the opponent’s decision cycle, they will be making decisions about what you did yesterday, not what you are doing now. l
In thinking about Winn’s book, I thought it would be worth reviewing the previous articles In this series that referred to issues of time - just to demonstrate how much time plays a part in things. September 1998 - What Should I Report to Whom? into the Time plays implications of reporting and who gets contacted when is key to success. May 1998 - Risk Staging. Risk staging is ail about when to do what based on the losses sustained and the costs incurred from different delays. It even includes a chart demonstrating the time effect of protection investment for a particular example. It also deals with the detection and reaction cycle and relates it to prevention. 1998 The April Unpredictability Defence. In this article we talk about how the attacker’s workload is increased and the time to detect and respond is decreased through the use of deception by defenders. Workload translates into time based on the available effort. January 1998 Y2K Alternative Solutions. This clearly about time - and more particularly calendars. December 1997 - 50 Ways to intrusion Your Defeat Detection System. Many of
12
September 1997 - Change Your Password - Doe See Doe. This article is about how often you should, or should not, . change your password and is clearly a time-based security perspective on the issue.
I don’t want to go all the way back - but I think the point is made. Time issues are a common thread throughout the security trade and issues that we deal with constantly. in some sense, Winn has done us all a big favour by bringing them together in his book because it may help many of us think about it more clearly.
Understanding issues of time Time is money - so the saying goes. The question is, how much money does how much time cost or benefit in different sltuations. The connection between time and money in network security is very non-linear and very situation-dependent. For that reason, when we make diagrams of security situations for the purpose of analysis we often use graph structures (i.e. pictures with nodes and links between the nodes). Nodes denote the different situations (often called states) while links denote the different things that attackers and defenders can do in each situation (often called moves). As the situation changes, the financial value of moves change. At a strategic level, defenders try to design defences so that under
7 998
the attack strategies and tactics anticipated for the threat profiles that are of concern, the return on investment in protection is optimized. We can use local optimization the most common analytical method - or global optimization - which is quite complex and difficult to do. At a tactical level. defenders normally try to make moves that will optimlze their moment-tomoment performance - even though these moves may be more harmful in the long run than other moves that would be indicated by global optimization. Attacker strategies tend to concentrate on how they will try to traverse the graph. Sophisticated attackers will likely have an attack graph planned out with options for different situations and an over-riding objective. Less sophisticated attackers simply try moves until they find something that seems to work and see what they get and where they can go from there. Tactics for the sophisticated attacker include stealth, taking advantage of normal responses of the defenders, and so forth. Tactics for the less sophisticated attacker consist of trying things that have worked before. The notion of prevention, detection and response is particularly useful when considered in terms of time issues. In the graph model we can think of preventlon as a method for stopping attackers from making transitions in the attack graph - in other words from changing from one situation to another. Detection can be considered In terms of noticing that the situation has changes (i.e. transitions in the graph or the situation being in a particular
0 1998 Elsevier Science Ltd
October
Network Security
7998
node). Response can be thought of as a process of changing the sltuation to a more desirable one (i.e. forcing o desired state transition). Time in this model acts to change the situation. For example, if an attacker has induced a situation where information is being corrupted, time will tend to cause the corruption to be more complete and the loss to be worse In the case of denial-ofservice, the longer the service is denied, the greater the loss, and thus the situation goes from bad to worse - perhaps eventuolly getting to the point where it no longer matters. If information is being leaked, time causes more and more to be leaked and less and less held in confidence. Time can also act for the defender. If an attacker spends time attacking and fails to reach a desired state, it costs the attacker time and money while the defender prevents a loss. Slowing down the attacker and speeding up the defences both give advantage to the defender. Even if the attacker reaches a state where there is a loss, the defender who is able to detect and react quickly may mitigate most of the loss. If we look at the costs of prevention, detection and response, one of the most noticeable things we find is that preventing all of the state transitions is very expensive and when we try to do it the resulting inhibition of legltlmate business function becomes oppressive. Detection has its own problems, the chief one being that detection can never be done perfectly in practice. There are always false positives and false negatives and detection takes time. Even if we had perfect and
0 1998 Elsevier Science
Ltd
instantaneous detection, our ability to effectively respond is limited by the fact that we don’t know how to do appropriate response based on the situation and response itself takes time. It seems clear that if we are to measure time in terms of money, we need financial models of situations. This in turn requires a system of modelling in which the model changes as dynamically as the environment it models. The model must be fed financial and security information on an ongoing basis and the set of prevention, detection and response capabilities must be adapted with time to meet the changing business environment.
We’re not up to it. . . yet... As much as I would like to see this happen, I fear that the security community is not yet up to the task at hand. We don’t have the time or money to build accurate models of situations and adapt them with time to determine what optimal set of prevention, detection and response capabilities to place where. Even if we had the modelling capabllity - something I have been working on a lot lately we don’t yet have good detection capabilities - in fact, many of our current capabilities are laughable. But even if we did have better detection capabilities our ability to respond today is extremely limited - not by the lack of technologies, but by our lack of understanding in how to use them. While we lack understanding today, I don’t think this will last very long. There are research teams throughout the world that have been looking at mese issues
for the past several years and journal and conference papers on these Issues have started to appear. The understanding we are now forming for information protection appears to be solid and is based on many years of work understanding physical security - which deals largely with the same combination of prevention, detection and response. I am fairly confident that we will have the theoretical means to analyse these situations in the near future, and we have them to some extent today. But it is not the theory that will be the real barrier. The real barrier will be our ability to apply the theory to the rapidly changing environment that makes up the face of computing today. It is my feeling that the time has just about passed when large corporations will continue to buy poor quality computerized solutions that have to be replaced every year or two. In the security game, enough major companies have invested in poor technology that they are starting to become properly sceptical. But until the rapid pace of changes in the computing industry slows, I find it hard to believe that we will be able to do the necessary security engineering to constantly change our protection to reflect the daily changes in the computing environment and do so efficiently and with a proper mix of prevention, detection and response. Having shown my sceptical side, I want to end on an up beat. The next wave of automated defensive tools for networks is about to show up - and it looks a whole lot different from the current face of things. It is based
13
October 7998
Network Security
on fully distributed automated response systems that detect attempted intrusions and act to mitlgate their effects in real-time. The effect on performance of networked systems is nominal, the installation is simple and quick, and the defences are very inexpensive to implement and operate. Unlike the fortresses of old, they allow completely open environments, and unlike the
fortresses of old, they are not intended to stop anything from ever happening to your networks. Rather, they are designed for a running battle in which attackers have their successes and defenders have theirs as well. Under this new wave of defences, we no longer have a hard outer shell and a gooey centre in our network defences. Instead, it’s land mines and snipers through and through. You enter at your own risk, and
The Elliptic Curve Cryptosystem: A Synopsis Marie A. Wright There are three types of public key cryptographic systems that are currently considered both secure and efficient. These cryptographic systems, classified according to the mathematical problems upon which they are based, are: the Integer Factorization Systems (of which the RSA algorithm is the most well known example), the Discrete logarithm Systems (such as the US Government’s Digital Signature Algorithm), and the Elliptic Curve Cryptosystem (ECC).’ Although much has been written about the RSA algorithm and the Digital Signature Algorithm (DSA); little about the ECC appears in the literature written for information systems security practitioners. This is perhaps because the ECC, since its introduction in 1985, has been a subject of interest to more mathematicians than security professionals. Crucial to the adoption of any cryptographic system is the evolution of standards. Several ECC standards initiatives are currently under development. (Standard P1363 IEEE Specifications for Public Key includes Cryptography) encryption, digital signature and cryptographic key agreement mechanisms using the ECC.1 The
14
ECC also is being drafted into two work items by the American National Standards Institute: ANSI X9.62 (the Elliptic Curve Digital Signature Algorithm) and ANSI X9.63 (Elliptic Curve Key Agreement and Transport Protocols).1 These initiatives are likely to promote the use of the ECC as a secure and efficient public key cryptosystem, and
even the insider doesn’t know what’s safe and what’s not.
Roll-up Time-based security has been here since security was here and will likely be here for as long as security is a field. There is little here we have not seen before, but as a collection taken in a new light, there is real value in this perspective.
encourage its adoption organizations worldwide.1
by
This article presents a synopsis of the ECC. The article begins with an overview of the matherfatical structure of elliptic curves. Next, it describes the process by which cryptographic keys are generated, and digital signatures are created and verified. Then, comparisons of the security of cryptographic systems based upon the integer factorization problem, the discrete logarithm problem modulo n, and the elliptic curve discrete logarithm problem are presented. The article concludes with an identification of ECC applications.
Mathematical structure Modular arithmetic plays a central role in the implementation of the ECC. Modular addition and modular multiplication modulo n work like addition and ordinary multiplication, except that the answer to the calculation is reduced to its remainder on division by n.1 For example, 2 x 4 = 3 (mod 5) because 8 has a remalnder of 3 when divided by 5.
0 1998 Elsevier Science Ltd
Network Security
Managing Network Security: Time-Based Security Fred Cohen Over the last few years, computing has changed to an almost purely networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. This series of articles takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.
Wmn’s new book
l
I just got a chance to read the draft version of Winn Schwartau’s new book entitled Time-Based Securityand I thought it would be worthwhile reviewing the book and discussing some of the issues he covers.
It’s a first for me to put a book review into one of these articles, but I think it’s a good starting point for this issue. First and foremost, in my personal view, Winn has out-done all of his previous books and articles and other publications and presentations combined with this new one. While it still has all the quirks that make it a Winn-er, his book has five winning qualities. anyone
The notion of time-based security is basically right.
10
l
There are a lot of examples that make the points clearer. A lot of seemingly unrelated security issues are discussed and clarified.
Having given you the good points, it’s only fair to mention a few limitations:
A book review
It’s easy for understand.
l
Winn tells tt like he sees it and we need more of that.
to
Winn keeps saying he has a new way of doing things, but he keeps citing historical examples that prove him wrong. The field of time-based security has been here for a long time and there are far more sophisticated ways of looking at the issues than the way Winn looks at it. Winn takes a lot of credit for things - and he deserves a lot of credit for bringing out these ideas and pulling together a lot of examples, but not as much credit as he takes.
7 998
Winn acknowledges some of the sources of the ideas he discusses, but he often cites secondary and tertiary sources instead of the original works - failing to credit many who deserve it. I have noticed a lot of this in today’s literature, especially in the information security field, and Winn cannot be blamed for the general lack of giving credit where it is due. He tells us to do a lot of things that are good to do, but if you tried to do it all you would find the ‘how’ part lacking. There is an old saying about 10% inspiration and 90% perspiration. Winn has been Inspired and his book is Inspiring, but we need to perspire a bit more to really address the issues he brings up. He gives simple mathematics that convey his basic message, but things are really a lot more complex than that. A lot of people have been trying to put mathematics to information protection over the last few years, and few have had much in the way of success. Winn rightly points out the lack of adequate metrics in the field, but naively claims that time is the metric. It is certainly a fundamental issue, but not the only one by far. From this, it would seem that my opinion is 50-50 on the book, but it’s not. It’s 80-20.. .In my view 80% of everything Winn says in his book is on the mark.. . and the 20% that isn’t isn’t the important part for the non-technical reader, Anybody In information security would be well advised to read this book (and so would anyone
0 1998 Elsevier Science Ltd
October
7 998
in management) eye.
with a critical
Fred’s content summary Several people I have talked to indicated to me that Winn’s book could be summarized in about 5 10 pages without loss of content. If we ignore the examples (a foolish thing to do), we can probably get it down to one page - as I have done here. And now for my summary (-) and critique (+) of the book: Real security comes from the combination of prevention (P), detection (D) and response (R). I agree that these are key elements - but only in one dimension and Winn agrees too. Prevention is effective only if Tp>Td+Tr -Time till prevention fails is less than Time till detection and response can be completed. I think things are a lot more complicated than this - but time is clearly a very key issue in information protection and this is a good starting point for discussion. Management and technical people can both understand the issues of time, I think this may be a bit too simplistic - bit it’s basically true. Time is the metric we have been looking for to evaluate information security. It’s certainly one of them.
0 1998 Elsevier Science Ltd
Network Security
Protection must be prioritized based on the value of what is being protected. Core to understanding risk management - but more complex than it sounds. The skills of the attacker lead to the time required to defeat prevention. I agree, but wish to strengthen it - the threats must drive the key protection decisions along with the vulnerabilities and the consequences and time is clearly a key element in each of these areas. Things change with time and you need to adapt to them over time. Prevention tends to get weaker with time. Detection and response can be strengthened with time. I don’t think this has to be true, but it certainly seems to be true in today’s lowest timeto-market item situation. If quality starts to become an issue in buying decisions - this may well change. Nothing in the book is sacrosanct - they are just ideas that you should use if they help you meet the needs. I strongly agree and this perspective is one of the reasons I strongly recommend the book. Technology is a tool - people are the way the tools gets used - improve your people. You’re preaching to the choir - amen.
Time is fundamental In a course I was giving on strategic gaming for information security, I told the participants that time was a key issue in the particular scenario. I heard what to me was a strange question from one of the participants She asked: “What do you mean, time is the key?” or some such thing. It was strange to me because - as my answer reflected - time is fundamental. In fact, time is so fundamental that we often ignore it in our teachings and publications on information protection. It is almost too obvious to say - and that’s why we don’t say it often enough. Imagine how information security would be if there was never a rush about anything. Someone breaks into your network, but since time is not important, we’ll just ignore it till we have the time to deal with it. It would be a simple and cost effective matter to ignore everything forever because time didn’t matter. And for the attacker, the same thing is true. Suppose you can guess authentication codes forever and never caught. get Eventually, you will come across any authentication code ever used and be able to do anything any authorized user could do. Getting back to the course, I explained to the participant and the rest of the group that in the particular scenario, time was everything. The losses were piling up at a rate of $100 million per day, so playing for time while losses were temporarily stopped was a very good idea. More time means more of a chance to mitigate the harm. Less time for the attacker means that it’s harder for them to get their job
11
October
Network Security
the intrusion detection flaws are related to issues of time and as one of the 50 ways cites: -Type very slowly’ defeats modern intrusion detection systems - all a matter of time.
done. I expanded on the point by noting that - as is well known in the military - if you can get inside the opponent’s decision cycle, they will be making decisions about what you did yesterday, not what you are doing now. l
In thinking about Winn’s book, I thought it would be worth reviewing the previous articles In this series that referred to issues of time - just to demonstrate how much time plays a part in things. September 1998 - What Should I Report to Whom? into the Time plays implications of reporting and who gets contacted when is key to success. May 1998 - Risk Staging. Risk staging is ail about when to do what based on the losses sustained and the costs incurred from different delays. It even includes a chart demonstrating the time effect of protection investment for a particular example. It also deals with the detection and reaction cycle and relates it to prevention. 1998 The April Unpredictability Defence. In this article we talk about how the attacker’s workload is increased and the time to detect and respond is decreased through the use of deception by defenders. Workload translates into time based on the available effort. January 1998 Y2K Alternative Solutions. This clearly about time - and more particularly calendars. December 1997 - 50 Ways to intrusion Your Defeat Detection System. Many of
12
September 1997 - Change Your Password - Doe See Doe. This article is about how often you should, or should not, . change your password and is clearly a time-based security perspective on the issue.
I don’t want to go all the way back - but I think the point is made. Time issues are a common thread throughout the security trade and issues that we deal with constantly. in some sense, Winn has done us all a big favour by bringing them together in his book because it may help many of us think about it more clearly.
Understanding issues of time Time is money - so the saying goes. The question is, how much money does how much time cost or benefit in different sltuations. The connection between time and money in network security is very non-linear and very situation-dependent. For that reason, when we make diagrams of security situations for the purpose of analysis we often use graph structures (i.e. pictures with nodes and links between the nodes). Nodes denote the different situations (often called states) while links denote the different things that attackers and defenders can do in each situation (often called moves). As the situation changes, the financial value of moves change. At a strategic level, defenders try to design defences so that under
7 998
the attack strategies and tactics anticipated for the threat profiles that are of concern, the return on investment in protection is optimized. We can use local optimization the most common analytical method - or global optimization - which is quite complex and difficult to do. At a tactical level. defenders normally try to make moves that will optimlze their moment-tomoment performance - even though these moves may be more harmful in the long run than other moves that would be indicated by global optimization. Attacker strategies tend to concentrate on how they will try to traverse the graph. Sophisticated attackers will likely have an attack graph planned out with options for different situations and an over-riding objective. Less sophisticated attackers simply try moves until they find something that seems to work and see what they get and where they can go from there. Tactics for the sophisticated attacker include stealth, taking advantage of normal responses of the defenders, and so forth. Tactics for the less sophisticated attacker consist of trying things that have worked before. The notion of prevention, detection and response is particularly useful when considered in terms of time issues. In the graph model we can think of preventlon as a method for stopping attackers from making transitions in the attack graph - in other words from changing from one situation to another. Detection can be considered In terms of noticing that the situation has changes (i.e. transitions in the graph or the situation being in a particular
0 1998 Elsevier Science Ltd
October
Network Security
7998
node). Response can be thought of as a process of changing the sltuation to a more desirable one (i.e. forcing o desired state transition). Time in this model acts to change the situation. For example, if an attacker has induced a situation where information is being corrupted, time will tend to cause the corruption to be more complete and the loss to be worse In the case of denial-ofservice, the longer the service is denied, the greater the loss, and thus the situation goes from bad to worse - perhaps eventuolly getting to the point where it no longer matters. If information is being leaked, time causes more and more to be leaked and less and less held in confidence. Time can also act for the defender. If an attacker spends time attacking and fails to reach a desired state, it costs the attacker time and money while the defender prevents a loss. Slowing down the attacker and speeding up the defences both give advantage to the defender. Even if the attacker reaches a state where there is a loss, the defender who is able to detect and react quickly may mitigate most of the loss. If we look at the costs of prevention, detection and response, one of the most noticeable things we find is that preventing all of the state transitions is very expensive and when we try to do it the resulting inhibition of legltlmate business function becomes oppressive. Detection has its own problems, the chief one being that detection can never be done perfectly in practice. There are always false positives and false negatives and detection takes time. Even if we had perfect and
0 1998 Elsevier Science
Ltd
instantaneous detection, our ability to effectively respond is limited by the fact that we don’t know how to do appropriate response based on the situation and response itself takes time. It seems clear that if we are to measure time in terms of money, we need financial models of situations. This in turn requires a system of modelling in which the model changes as dynamically as the environment it models. The model must be fed financial and security information on an ongoing basis and the set of prevention, detection and response capabilities must be adapted with time to meet the changing business environment.
We’re not up to it. . . yet... As much as I would like to see this happen, I fear that the security community is not yet up to the task at hand. We don’t have the time or money to build accurate models of situations and adapt them with time to determine what optimal set of prevention, detection and response capabilities to place where. Even if we had the modelling capabllity - something I have been working on a lot lately we don’t yet have good detection capabilities - in fact, many of our current capabilities are laughable. But even if we did have better detection capabilities our ability to respond today is extremely limited - not by the lack of technologies, but by our lack of understanding in how to use them. While we lack understanding today, I don’t think this will last very long. There are research teams throughout the world that have been looking at mese issues
for the past several years and journal and conference papers on these Issues have started to appear. The understanding we are now forming for information protection appears to be solid and is based on many years of work understanding physical security - which deals largely with the same combination of prevention, detection and response. I am fairly confident that we will have the theoretical means to analyse these situations in the near future, and we have them to some extent today. But it is not the theory that will be the real barrier. The real barrier will be our ability to apply the theory to the rapidly changing environment that makes up the face of computing today. It is my feeling that the time has just about passed when large corporations will continue to buy poor quality computerized solutions that have to be replaced every year or two. In the security game, enough major companies have invested in poor technology that they are starting to become properly sceptical. But until the rapid pace of changes in the computing industry slows, I find it hard to believe that we will be able to do the necessary security engineering to constantly change our protection to reflect the daily changes in the computing environment and do so efficiently and with a proper mix of prevention, detection and response. Having shown my sceptical side, I want to end on an up beat. The next wave of automated defensive tools for networks is about to show up - and it looks a whole lot different from the current face of things. It is based
13
October 7998
Network Security
on fully distributed automated response systems that detect attempted intrusions and act to mitlgate their effects in real-time. The effect on performance of networked systems is nominal, the installation is simple and quick, and the defences are very inexpensive to implement and operate. Unlike the fortresses of old, they allow completely open environments, and unlike the
fortresses of old, they are not intended to stop anything from ever happening to your networks. Rather, they are designed for a running battle in which attackers have their successes and defenders have theirs as well. Under this new wave of defences, we no longer have a hard outer shell and a gooey centre in our network defences. Instead, it’s land mines and snipers through and through. You enter at your own risk, and
The Elliptic Curve Cryptosystem: A Synopsis Marie A. Wright There are three types of public key cryptographic systems that are currently considered both secure and efficient. These cryptographic systems, classified according to the mathematical problems upon which they are based, are: the Integer Factorization Systems (of which the RSA algorithm is the most well known example), the Discrete logarithm Systems (such as the US Government’s Digital Signature Algorithm), and the Elliptic Curve Cryptosystem (ECC).’ Although much has been written about the RSA algorithm and the Digital Signature Algorithm (DSA); little about the ECC appears in the literature written for information systems security practitioners. This is perhaps because the ECC, since its introduction in 1985, has been a subject of interest to more mathematicians than security professionals. Crucial to the adoption of any cryptographic system is the evolution of standards. Several ECC standards initiatives are currently under development. (Standard P1363 IEEE Specifications for Public Key includes Cryptography) encryption, digital signature and cryptographic key agreement mechanisms using the ECC.1 The
14
ECC also is being drafted into two work items by the American National Standards Institute: ANSI X9.62 (the Elliptic Curve Digital Signature Algorithm) and ANSI X9.63 (Elliptic Curve Key Agreement and Transport Protocols).1 These initiatives are likely to promote the use of the ECC as a secure and efficient public key cryptosystem, and
even the insider doesn’t know what’s safe and what’s not.
Roll-up Time-based security has been here since security was here and will likely be here for as long as security is a field. There is little here we have not seen before, but as a collection taken in a new light, there is real value in this perspective.
encourage its adoption organizations worldwide.1
by
This article presents a synopsis of the ECC. The article begins with an overview of the matherfatical structure of elliptic curves. Next, it describes the process by which cryptographic keys are generated, and digital signatures are created and verified. Then, comparisons of the security of cryptographic systems based upon the integer factorization problem, the discrete logarithm problem modulo n, and the elliptic curve discrete logarithm problem are presented. The article concludes with an identification of ECC applications.
Mathematical structure Modular arithmetic plays a central role in the implementation of the ECC. Modular addition and modular multiplication modulo n work like addition and ordinary multiplication, except that the answer to the calculation is reduced to its remainder on division by n.1 For example, 2 x 4 = 3 (mod 5) because 8 has a remalnder of 3 when divided by 5.
0 1998 Elsevier Science Ltd