Cryptographic Protocols - Report Example

Cryptographic Protocols Name: Course: College: Tutor: Date: Introduction Cryptographic protocols are methods use to ensure the security of communication systems such as wireless networks and multimedia networks. They protect system owners from hackers and scavengers while on unsecured networks. Cryptographic protocols ensure that there is secrecy and privacy as well as originality in messages sent; the hackers cannot access the messages to distort them hence messages are received in their natural original form (Paulson, 2000). This paper seeks to discuss key criteria in choosing an encryption protocol and how to ascertain the best choice for encryption in a network. To do this, the study will focus on a case study-UoB Manufacturing; the case study networks will be studied and compared against the criteria used in choosing encryption protocols as well as with other methods to confirm whether the network supervisor is doing the right thing. Main Body Key Criteria in choosing encryption in a network As stated above encryption plays a very important in securing personal property and therefore when making a choice of security there are actors to consider ensuring the right encryption is in place for the right system. Some of the factors to consider in choosing an encryption include 1) Form of network-public or private 2) Type of communication network – multimedia/wireless network 3) other security measures in place. The form of communication helps one in deciding how vulnerable a system is to intruders and therefore the choice of encryption. In a public office for instance, where PCs are shared by a number of people, through the same network connections, a public key cryptography is advisable such that many individuals may know the common key to the shared PCs but each individual further accesses private keys to his/ her messages for decryption; this format is know as asymmetrical key encryption scheme. But still one has to be a little more cautious while using public networks so as to avoid sending messages with confidential and sensitive information such as certain financial information-money available in the bank, bank log in information and related private issues. One has to ascertain the security of a public network such as in a cyber café so as to ensure that his/her personal information is not being hacked; some owners of public networks have been reported to be using certain software that record people’s information such as financial and log-in passwords. Networks that have virtual private networks (VPNs)\ incorporated to their systems are more secure since specific the VPN assist in creation of secured specific routes through which specific encrypted data/messages travel. In private offices such as one’s home network, access to one’s messages may not be the priority worry but maybe access to the network itself; an unsecured network that is accessible to a number of people within a certain geographical scale and of course those with hacking knowledge can be able to access private messages on their way to the PC. Most private network owners are not aware they need to turn on their router ship encryptions and instead they think having firewalls and antivirus securities on will prevent their PCs and routers from intrusion; the PCs may be protected but not the networks. Intruders within a certain range would still access the private networks and hence an encryption is necessary (Waring, 1998-2011). To solve such as problem, two types of encryption are available; WPA and WEP. WAP (wireless protected access), takes care of data transmitted between a PC and the router by converting the data into specific codes; it is the newer and most secure encryption method as compared to WEP (wireless encryption protocol) which is a traditional form of encryption with lots of security loopholes commonly known as cracking. Therefore it is advisable to stick to one choice of encryption; if one choose WEP, then it should be used all through the network system and if WPA then let it be the only one, for consistency, easier management and less susceptibility of the system. The type of network is also a actor to consider since for instance wireless networks and multimedia networks require different forms of encryption. Multimedia networks in most cases are a combination of wireless and media networks hence such complexities must be put into consideration when designing encryptions. For instance in multimedia, specific algorithms need to be chosen for specific multimedia applications. Recently there have been wide spread attacks on the content scramble system (CSS) of DVDs and hence most individuals have seen the importance of using other encryptions other than the default securities such as Triple-Des in place of Real-Time Transport Protocol (RTP) to enhance the security at the cipher system (Yu, 2011). Due to advancement in technology, very complex multimedia systems are in place and designing a security system for them may be tedious because they are made of various applications that require transcoding hence different encryptions. Therefore it’s often difficult, expensive and demanding to ensure effective control over multimedia systems especially those involving creation of videos. Therefore clients are advised to take time when choosing security systems being able to match each and every application in the multimedia system with the best suiting encryption and one that is pocket friendly. Utilizing partial encryption systems-those that secure the most sensitive information only- is one way of reducing costs. Encrypting the multimedia proxy will also save the sweat of encrypting each and every application in the system. “Scalable encryption together with a secure proxy design perhaps can provide more adequate solutions for these sets of applications” (Yu, 2011). Further, when choosing an encryption, it is also important to consider other security systems in place so as to ensure the right mixture of securities is in place. For organization and more of public network systems, disjointed security patterns tend to fail but more centralized networks providing centric solutions are more effective (Aruba Networks). It is also important to always upgrade network systems such as routers, to keep pace with ever changing technology and techniques; so that one is not forcing an old system to accept new security systems which the current hardware does not support. The case of UOB Management UOB is a manufacturing company of various engineering products. The company’s manufacturing unit is a network of machinery connected to other departments such as production unit and design office. The unfortunate bit at UoB is that, the production system that carries out major regulatory functions is old and has never been upgraded; machines used in programming new designs are based on very old software such as widows 3.1 among other old aspects. Further UoB has a new network supervisor who has been centrally placed to control the network systems, leaving aside more experienced network personnel who have been in the company for longer periods. Therefore, there is likelihood that there may be great loopholes in the security of the networks, some identified and some may not have been identified. For instance from the case study, it is clear that the wireless network is insecure and was left unencrypted because the network engineer was not able to make the WEP to work. There is also lack of a centralized communication system and the systems in place tends to operate independently because the PBX put in place to coordinate the various systems has never been configured. This section will evaluate the UoB network systems against the key points identified above as being key in choosing an encryption for a network. The new network supervisor happens to recommend Ron Rivests aligorithms as satisfactory to ensure a safe network at UoB. Ron Rivests is a renowned cryptographer and the founder of RSA security systems which are algorithms used for public key encryption; the system involves a public key and a private one. The public key is the encryption key and may be known to everyone but the private keys are restricted and are only used for decryption. The keys are simply integers, specifically prime numbers that are randomly selected and represented in form of functions in a formula. The formula is changed as appropriate in encryption and decryption. At UoB, there is a multimedia network- a network made up of many media of communication such as wireless network, telephone system and a server based communication network. Given the factors discussed earlier on as key in choice of an encryption- form of network, type of network and other securities in place- the new supervisor may be right on one end by choosing to base maintain ace of the network at UoB on Rivests’ work. The public key encryption suits the UoB environment since it is a manufacturing industry that has many departments interconnected and given that UoBs network is being tapped by intruders from the surrounding communities, use of public and private keys is handy because it ensures privacy and authenticity, although often disturbed by hackers with imitation keys, the sytem can be enforced by use o authority certificates and “web of trust” to ensure safety; that the right owner of the keys is the one using them and not any other person. The issue in this case is how well, the network engineers and supervisor match the right algorithm to the various network applications and how secure the encryption systems are based on the algorithms. This can be assumed as probably weak since the network supervisor is new and relies on the help of the network engineer-who may probably be angry at being overlooked, even after applying as the sole internal candidate, in the recruitment exercise for the same post. The wireless network is left unsecured and therefore the system at UoB is susceptible to hackers both at PC and at network level. The same case may be happening with the server systems that are under control of outdated PC applications and routers. Meaning that the network supervisor has the task to put recommend for replacement of hardware and software as well as upgrade of the entire network systems including routers and encryption protocols such as replacement of the non-functional WEP with a more modern and better security system WPA. But this may not be easy since senior personnel who have been at the company for long have not been seeing the need to replace the worn out system applications hence the network supervisor may ace lots of resistance. The cost of maintaining the current system may also be so high because of the decentralized network systems and because of the mixed old and modern systems such that developing encryptions for particular applications/components of the system is expensive. Maybe there is need to decide and have either server or wireless systems or easier management. Centralized systems can reduce expenses by encrypting the proxy only. Although, recent revelations indicate that use of public key encryptions may not make a network 100% secure because of counter-technologies able to detect periods of time taken for known hardware to encrypt plain text hence easier formation of decryption keys. Cracking the keys is also another problem on the rise and hence systems may not be safe by using only one mode of security. Computationally, the public key encryption system require much longer periods of time to change, for instance during an overhaul involving change of keys, it may be difficult to change and let all the people involved informed of the changes within a short duration hence in cases of serious security vulnerabilities that may affect central systems and require emergency changes, it is not an appropriate system to use. UoB is one such industry, it is sensitive in that it deals with manufacturing and competing industries may be more than happy to steal UoBs manufacturing secrets; in case such secrets leak to the public, UoB may need an emergency restructuring, it will be very difficult. Leave alone such emergencies, currently, UoBs network is being used by outsiders and probably some people may try to hack information from the PCs, there is definite need for a better security system that will ensure all the identified loopholes are closed. As much as a better system may be required, not necessarily striking out the public key encryption but maybe improving it by adding better and stronger components and taking out the traditional systems. This is because alternative methods to the public key encryption may be more vulnerable to intruders; for instance the symmetrical key algorithm which uses identical keys for both encryption and decryption may be easier to attack than the asymmetrical system because whoever has access to the encryption key can certainly decrypt information hence lack of privacy and no authenticity. .The method is also not appropriate for a large manufacturing industry such as that of UoB and is therefore not appropriate in this case; may only be appropriate in a small organization for two or three people. Examples of symmetrical algorithms include RC4, Blowfish, Twofish, IDEA, 3DES and serpent. SEAL (Software-optimized Encryption Algorithm) is another algorithm that can be used for encryption; it is generally considered a safe mode-less susceptible to attacks-designed in 1993 by Rogaway and Coppersmith. Seal is cumbersome to design and requires continuous encryption of data. Conclusion Cryptography is a must have for organizations and individuals, otherwise much of the private, confidential and core business and personal information will be stolen and used against the rightful owners. There is need for UoB management to focus its resources on network improvement since communication is a vital aspect of business success; the network system may not be well designed and managed if the organization does not consider organizational restructure and hiring of well educated and exposed expertise. The network supervisor and probably most of the IT staff will have to be exited to give room to more experienced workers. References Aruba Networks. FIPS Validated 802.11i WLAN Meeting Government requirements for secure mobile Data. Retrieved from www.arubanetworks.com/pdf/technology/tb_FIPS Validated.pdf 27 April, 2011 Paulson, C.L. (2000). The Inductive Approach to Verifying Cryptographic Protocols. Retrieved from www.cl.cam.ac.uk/~lp15/papers/Auth/jcs.pdf 27 April, 2011 Waring, B. (1998-2011). How to Secure Your Wireless Network: Following a few easy steps can ensure that no one intercepts your Wi-Fi traffic. Retrieved from www.pcworld.com/.../how_to_secure_your_wireless_network.html 27 April, 2011 Yu, H. (2011). Multimedia Encryption - Streaming Video Encryption, Preserve real time playback and decrease cost via partial encryption. http://encyclopedia.jrank.org/articles/pages/6816/Multimedia-Encryption.html 27 April, 2011 Read More