DCOM Explained
by Rosemary Rock-Evans
Digital Press
ISBN: 1555582168   Pub Date: 09/01/98

Previous Table of Contents Next


Clearly, this last point is important. The last thing you want to do is have the secret keys themselves downloaded over the line to the person, as you have no way of protecting them while you are doing this. By using public key encryption, you avoid having to do this and are able to open up access to previously unknown users—if this is what you want to do. This means that a company can, for example, accept orders from customers who have not registered as users with it (but who can be authenticated using a TTP and the person’s public key), and those orders can be encrypted as they pass over the network. This means that the person can place credit card information or other sensitive data on the order and know it is being transported confidentially.

There are, however, some problems with public keys. Public key algorithms are slow—at least a thousand times slower than the symmetric algorithms used in secret key cryptography and, as we saw, are quite difficult to administer, needing a secure up-to-date Directory accessible by the sender and recipient.

Some well-known public key algorithms in use today include:

  RSA-Invented by Ron Rivest, Adi Shamar, and Leonard Adleman at MIT. The algorithm is now in widespread use under license. Export of products containing RSA for authentication purposes is allowed, but export for encryption purposes is restricted to a key size of 512 bits or less. Both keys used are functions of a pair of very large prime numbers.
  DSA (Digital Signature Algorithm)-Developed by David Kravitz at the NSA. It has been selected by NIST for the U.S. Government’s Digital Signature Standard (DSS).
  Diffie-Hellman-This algorithm can be used for key distribution but not for encryption. It was invented by Whitfield Diffie and Martin Hellman in the mid-’70s.

Secret key-In this approach each party to the conversation has access to the same secret key, which is used to both encrypt and decrypt the message. A message from a sender is encrypted using the secret key and the encryption algorithm. The message is then decrypted by the receiver using the decryption algorithm and the same secret key. The algorithms are freely available, in that they can be obtained from third-party vendors or standards bodies.

The secret key is thus the most important part of the process, as it is the secret key that the two parties have agreed upon that determines how secure the message actually is. Usually, what determines the degree of security offered is the length of the key. The longer the key, the more difficult it is to crack by an intruder—hence the arguments over 40 bit and 56 bit keys. The main symmetric algorithms used today in security products include:

  DES (Data Encryption Standard)-a block cipher of 64 bit blocks with a 56 bit key length (depending on where you are in the world this may be less—because of the export rules).
  Triple DES-the DES algorithm is applied three times in succession.
  RC5-a block cipher invented by Ron Rivest, cofounder of RSA Data Security. It has variable parameters.
  IDEA-a block cipher of 64 bit blocks with a 128 bit key (again this may change depending on location). It was invented by Xuejia Lai and James Massey.
  RC4-a variable key size stream cipher developed by Ron Rivest for RSA Data Security. It was granted a special export status when the key length was limited to 40 bits or under.

Work is also underway in the U.S. Department of Commerce to produce, through NIST, an Advanced Encryption Standard (AES), which will be a publicly available symmetric block cipher with a key length that can be increased when needed. One of the more interesting pieces of information is that the RC5 algorithm used with a key length of 40 bits has been broken in 3.5 hours, whereas RC5 with a key length of 48 bits was broken after only 13 days. Size in this case clearly matters!

Integrity checking

One of the most frequently used methods of checking integrity is the check sum—the contents are summed using a specific algorithm on sending the message and the check sum is added to the message. On receipt, the message is again summed using the same algorithm to see if the check sum on the message and that obtained is the same.

Another way of checking integrity is to apply a hash function. In this case, a variable length input string (the message) is converted by the hashing algorithm to a fixed length (and smaller!) output string. Both sender and receiver create the hash value. The check on integrity value can be achieved either by sending the hash value with the message (the normal approach) or by the sender and receiver comparing hash values.

You will notice in the table that straightforward integrity checking using these two approaches can be used to ensure the message has not been inadvertently corrupted en route, but to ensure it is not tampered with, both integrity checking and encryption may need to be used. If the hashing total or check sum are passed over the network with the message and the interloper has access to the hashing or check sum algorithm, he or she can tamper with the message and then recompute the check sum or hash figure. If, however, both message and check sum are encrypted, the interloper cannot tamper with the message—as he or she is unable to decipher it.

Two commonly used hashing algorithms are MD4 and MD5 (Message Digest), which produce 128 bit hashes of the input message. These are supplied by RSA Data security. Another well-known hashing algorithm is SHA (Secure Hashing Algorithm), which comes in various versions. SHA-1, for example, uses 160 bit hashes of data.


Previous Table of Contents Next