Electronic Design Electronic Design Europe Microwaves & RF Power Electronics Technology Source ESB Mobile Dev & Design Engineering TV
View this week's entry ad Subscribe Contact Register Sign In
Twitter Logo Facebook logo RSS Feed Logo Newsletter Logo
  • Channels
Part Inventory
Go
 
powered by:

 
  • Quick Poll
What Social Networking site do you use the most?



VOTE VIEW RESULTS
Previous Polls
Top Articles Most Emailed Most Commented
 

  1. What's The Difference Between IPv4 and IPv6
  2. What’s the Difference Between 3G and 4G Cellular Systems?
  3. Behind the Scenes at CES 2012
  4. Understanding Modern Digital Modulation Techniques
  5. Does Wi-Fi Put Danger In Your Pocket?
  6. What’s All This Spicey Stuff, Anyhow? (Part I)
  7. Tools Enable More Analog Innovation In 2012
  8. Automotive ICs Keep Catastrophes At Bay
  9. High-Power LED Modules Demand Specialized Electrical Test Tools and Techniques
  10. Rediscover The Truly Tunable Hall Network

Premium Content

New Signal Chain Technical Papers from Texas Instruments:

 

 

 

The "Keys" To Securing A System

It's not enough to use firewalls or encrypt a couple of data files. Security is only as good as the weakest link.


William Wong

August 27, 2009

Print
Reprints Comment Subscribe

The standalone system has turned into an endangered species, making security an even more pressing issue among developers. This includes cell phones, Wi- Fi-enabled digital picture frames, and just about everything else. And when it comes to security, it helps to start with the basics.

For starters, information can be exchanged as cleartext, authenticated, or encrypted (Fig. 1). Cleartext typically indicates that the information is text and readable, but it’s often used to refer to information that’s neither signed nor encrypted. Authenticated text is digitally signed. Changing the information voids the signature, so it’s possible to tell if the information has changed. The information is still accessible, unlike encrypted information, which is indecipherable without decrypting it first.

Digital signatures essentially use the related information, often called a message, to encrypt a tag, also called a message digest or simply a digest, attached to the information. The tag will not match if the signature is created after changing the information. Discovery of a change doesn’t usually provide information about who, how, or what may have changed.

Digital signatures can utilize encryption, but they often employ a hash function instead. The difference between a hash function and encryption is that hash functions are one-way operations, whereas encryption is usually a two-way process since the original cleartext can be reconstructed with the proper key and algorithm.

In general, hash functions are faster than encryption. They’re used in a range of application areas, from password storage to communication handshaking. For example, Linux stores user names and passwords in the “passwd” file. This is a cleartext file, but having access to it only provides the user name and the hashed password.

A user can be authenticated using this information by generating a new hash value using a password and then comparing the result with the one in the passwd file. Of course, compromising the passwd file opens a security hole. Most Linux implementations actually keep the hashed passwords in the shadow file. The passwd file is a mirror image, minus the hashed passwords.

Encryption normally uses one or two keys. A single key is used in a symmetrical encryption algorithm. The same key is employed for decryption as well as encryption. Symmetrical encryption is often faster than asymmetric or two-key systems. An asymmetric system uses one key for encryption and a related key for decryption. In this two-key case, one key can’t be recreated by using the other key.

Most public key systems employ two keys (one public, one private) with bidirectional data exchange. This means the holder of one key can encrypt information that’s decryptable by the other. A unidirectional system allows one key for encryption and the other for decryption. In a bidirectional system, the same key can’t be used to encrypt and then decrypt the encrypted data. If both keys are kept secret, then keys essentially identify the holders when information is exchanged.

The RSA public-key algorithm was presented in 1978 by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT. It’s based on two large prime numbers and the fact that factoring a large number is very timeconsuming, making brute force attacks difficult. In a public-key environment, one of the keys is normally made available to interested parties. Likewise, each party normally has its own secret key (more on key exchange later).

Some popular hash algorithms include MD4, MD5, SHA-1, and SHA-256. Common encryption systems include DES (Data Encryption Standard), RSA, and AES (Advanced Encryption Standard). The DES encryption key is 56 bits long, and brute force attacks aren’t easy given the current crop of processors. It was considered secure in the 1970s when it was released. Triple DES (3DES) uses the DES algorithm and keys but addresses the shortcomings of DES. It uses three keys, and the data is encrypted three times.

AES keys can be 128, 192, or 256 bits long. AES is standard fare on microcontrollers these days. It’s employed in wireless standards such as ZigBee and used for full-disk encryption and a host of other applications.

Another method, elliptic curve cryptography (ECC), can use a small key to provide security comparable to other techniques using larger keys. This efficient algorithm can be easily implemented in hardware. Security software often supports one or more encryption and hash algorithms. Likewise, many communication standards allow different algorithms and key sizes to be used. These are normally chosen during the initial handshake.

So much for the basics.

SECURE FROM THE START
Security builds from the ground up. If any level is compromised, then the levels above it are typically compromised. This is why security in depth is important. Likewise, partitioning can isolate problems, but only if the partitioning mechanism hasn’t been compromised. Compromising often is accomplished by finding a hole in the security mechanism. This is what happens with worms and viruses that compromise systems by exploiting a defect in an operating system, application, or system configuration.

For most computer systems, physical security and the boot process are the starting point. One approach to securing a system starts with the Trusted Computing Group’s (TCG) Trusted Platform Module (TPM) to boot the system. A TPM contains a secure microcontroller and storage normally found in PCs (Fig. 2). Tamperproof hardware physically protects the device. Breaking open the device results in the loss of stored secure keys.

The TPM checks itself when a system starts and then facilitates the booting of the rest of the system. This can include processing a PIN number entered by a user and authentication of a digitally signed or encrypted boot program normally stored on another device.

Typically, the TPM hands security over to the host, but it can be used for other security related-actions as well. The TPM also contains a unique RSA private key so that a TPM can be identified. And it lets the system digitally sign information, thereby allowing authentication of itself to other systems.

Continue to page 2

Average (0 Ratings):

Subscribe
Subscribe to Electronic Design and start receiving more articles like this one
Filed Under:

Check for price and availability on Source ESB:

Go
powered by  
Comments
Add A Comment
Electronic Design
    There are no comments to display. Be the first one!
You must log on before posting a comment.

Are you a new visitor? Register Here
Acceptable Use Policy

Sponsored Links