Is end-point to end-point encryption the ultimate solution to IT security ?

The National Institute of Standards and Technology (NIST) defined Information Technology (IT) Security or Computer Security as “The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)” (NIST, 1995). […]

The National Institute of Standards and Technology (NIST) defined Information Technology (IT) Security or Computer Security as “The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)” (NIST, 1995). From this definition, providing an absolute solution to Computer Security implies to guarantee the confidentiality, the integrity, the availability and the Authenticity of the data, services and resources (Stallings and Brown, 2008). In the security IT industry, it is a race against vulnerabilities; security breaches are discovered every day and Security professionals take actions to fix or mitigate the risk. That situation is mainly caused by the open nature of some technologies like the Internet and by the fact that many protocols and technologies on which we entirely rely today were designed decades ago without any security thought in mind – a notable example is the whole protocol IPv4. An added layer of complexity and risk is brought through software. Applications and systems that we use today are the result of thousands and thousands of lines of code. Such a big number of human generated lines of code are naturally prone to errors and vulnerabilities.

Digital Encryption

Encryption is the process of transforming information – data – using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key (Wikipedia, 2011). Encryption is about securing the communications between endpoints, and it uses a combination of Keys and Algorithms to achieve that goal. In cryptography, the security of the encryption scheme must depend only on the secrecy the Key/Keys (used to encrypt/decrypt) and not on the secrecy of the algorithms – The Kirchhoff’s Principle (Ferguson & Schneier, 2003). Two basic techniques for encryption exist: The symmetric encryption and the asymmetric encryption. In symmetric encryption, a secret key is applied to the data to change its content. Also both the sender and the receiver know the key, they can encrypt and decrypt the data using the same key – examples of symmetric algorithm are DES, Triple-DES (3DES), IDEA, CAST5, BLOWFISH, and TWOFISH. However asymmetric encryption uses a set of two keys: the public key and the private key. The public key is made freely available to anyone who might want to send you a message. The private key is kept secret to each participant. The data is then encrypted by using the public key and can only be decrypted by applying the same algorithm, but by using the matching private key. Any data that is encrypted by using the private key can only be decrypted by using the matching publics key – Examples of asymmetric algorithm are RSA, DSA, and ELGAMAL. To use asymmetric encryption, there must be a way for participants to discover others public keys. The typical technique is to use digital certificates. A certificate is a package of information that identifies a participant (Microsoft article 246071, 2007; Graff, 2001).

The problem with symmetric encryption is the fact that secret keys are exchanged, therefore raising the risk of being intercepted. Thus, unlike symmetric key algorithms, asymmetric key algorithm does not require a secure initial exchange of one or more secret keys between the sender and receiver. However, asymmetric encryption requires significant computational resources. The right middle was found Zimmerman with his ‘Pretty Good Privacy (PGP)’ technique. The PGP consist of firstly encrypting the data a symmetric cipher then re-encrypt the output with the Public Key of the target participant (Hancok Lecture, 2011).

Off-line and Online encryption

Independently of the algorithm and the type of keys, encryption can be performed at two communications levels: end-to-end encryption (off-line encryption) and link encryption (online encryption). Link encryption code – encrypt – the message each time it passed through a network node while end-to-end encryption code the message when it is transmitted and decrypted when it is received; the message remains encrypted through the entire communication process. End-to-end encryption has the advantage that it protects the data from start to finish through the entire network (Lebtinen & all, 2006). From a pure security point of view end-to-end encryption is more efficient since data is code directly at the source and decode only at the destination.

In real life, end-to-end encryption has many implementations ranging from the well know Kerberos – authentication protocol – to the Message Security Protocol (MSP) via other systems like the free PGP, SESAME (Secure European System for Application in a Multivendor Environment), PEM (Privacy-Enhanced Mail), Smart Cards and so on. Universal Electronic Payment System (UEPS) is a smart card system that provides a secure debit card for regions where poor telephone service makes on-line verification impossible. With the UEPS, customers use their cards to transfer money to merchants. Merchants can then take their cards to a telephone and have money moved onto their card. When the customer starts the transaction, he is given a key pair from the bank; only the merchant card will later be able to decrypt the customer key. This system uses DES algorithm with 56 bits of ciphertext to encrypt messages. Something particular about this protocol is that encryption keys for each message depends on the previous message. Therefore someone cannot replay an old message; the receiver will not be able to decrypt it (Schneier, 1996). End-to-end encryption is also use in internet security by implementing secure connections with SSL (Secure Socket Layers) to protect against sidejacking attacks (See June Post).

End-to-end encryption protects communications and stored data from unauthorized access, thus guarantying the confidentiality of data. In addition to providing confidentiality, encryption also offer Authentication, Integrity and Nonrepudiation – A sender should not be able to falsely denied later that he has sent the message (Schneier, 1996).  However, end-to-end encryption does not guarantee one characteristic of a secure system that is the ‘availability of data and communications’. From that perspective, end-to-end encryption plays a major part on solving insecurity in IT systems though cannot be considered as an ultimate solution.