Data Security and Cryptography

1
Data Security and Cryptography

• Legal data protection
• Risk analysis and IT Baseline Protection
• Data security
• Cryptography
• Smart card

2
Data Security and Cryptography

• Data protection, Privacy (legal)
• Protection of personal data
• Protection of persons against not authorized
  processing of data concerning that person
• Data Security (technical)
• Protection against
• Loss, dammage
• Not authorised reading, changing

3
Data protection

• Legal data protection
• interdiction with conditionally allowance
• German Data Protection Act
• Federal State Data Protection Act
• special Data Protection Act
• Gesundheitsstrukturgesetz (health structure act)
• Personalvertretungsgesetz (staff / workers
  council Data Protection Act )

4
(No Transcript)
5
(No Transcript)
6
(No Transcript)
7

• Privacy failure - an example
• The Hampshire hospital system provides a good
  example of the failure to fully address privacy
  issues raised by information technology in the
  National Health Service (NHS). Because the then
  health minister held the constituency of
  Winchester (in Hampshire), new information
  technology systems were implemented more quickly
  there than elsewhere. These new systems had the
  feature that all laboratory tests ordered by
  general practitioners were entered into a
  hospital information system, which made them
  available to all staff on the wards and to
  consultants in the outpatient department. The
  stated goal was to cut down on duplicate testing
  but the effect was that even highly sensitive
  matters such as HIV and pregnancy test results
  were no longer restricted to a handful of people
  (the general practitioner, practice secretary,
  the pathologist and the lab technician), but were
  widely available.
• As with the London Ambulance Service, a timely
  warning of impending disaster was ignored, and
  the system duly went live on schedule. A nurse
  who had had a test done by her general
  practitioner complained to him after she found
  the result on the hospital system at Basingstoke
  where she worked this caused outrage among local
  general practitioners and other medical staff,
  and may have contributed to the health minister's
  loss of his seat at the 1997 general election.
  The eventual outcome was that the relevant parts
  of the system were turned off at some hospitals.

8
Data Security safety requirements

• Reproduction of destroyed data
• complete, fast, consistent
• Substitution of destroyed processes
• Backup of destroyed hardware
• Backup of programs
• Protection of the communication
• Not authorised reading, changing

9
IT Baseline Protection Federal Office for
Information Security

• http//www.bsi.de/
• Consulting of Federal- State- and Local
  authorities
• http//www.bsi.de/english/index.htm
• http//www.bsi.de/english/gstool/index.htm

10
Uninterruptable Power supply (UPS)

• Which devices shall be supplied?
• Server
• Disks
• Clients
• Network
• How long ?
• Only for shutdown
• Continue the appliations

11
emergency power supply
http//www.kabel-vereinigung.at/musterhaus/notstro
m.htm
Stationärer Stromerzeuger 800 kVAFür die
Notstromversorgung eines Krankenhauses
http//www.bas-aggregate.de/FrameProdukte.htm
http//www.energiesparendes-krankenhaus.de/index.p
hp?id115
http//www.evk-mettmann.de/index.php?section21
12
Our UPS

• Server Monitor 1kW
• Disks 31.5 kW
• USV ca. 7 kW for 15 Minutes
• At a power failure the UPS signals an interrupt
  to the CPU which shuts down
• UPS must support the operating system!

13
Downtime

• 24 hours operation on 7 days means

14
Causes of failure
15
attacks on the communication

• Man-in-the-middle
• the attacker makes independent connections with
  the victims and relays messages between them,
  making them believe that they are talking
  directly to each other over a private connection
  when in fact the entire conversation is
  controlled by the attacker.
• Spoofing-Attacke
• a situation in which one person or program
  successfully masquerades as another by falsifying
  data and thereby gaining an illegitimate
  advantage
• Denial-of-Service
• make a computer resource unavailable to its
  intended users
• Replay
• data transmission is maliciously or fraudulently
  repeated or delayed
• Combination of attacks

16
Protection against attacks

• Firewall
• Encryption
• Authentication
• non-repudiation
• Reception control

17
Firewall

• Computer between the internet and the local
  network. It analyses the data stream and locks or
  opens the passage depending on the services,
  addressee and sender.

18
Firewall
Local network
Internet
e.g. department No access allowed
e.g. library All access allowed
firewall
local Web Server
e.g. department certain access allowed
19
encryption

• Cryptology
• Science of coding messages
• Cryptography
• Mapping a message on an incomprehensible text
• Cryptoanalysis
• Decryption of an incomprehensible text
• Steganography
• Hiding a message in a harmless text

20
(No Transcript)
21
Skytale
D I N
A N D
S D E
G E R
O T H
L S O
D I E
B C H
E H L
F I E
N I D D N A E D S R E G H T O O S L E I D H C B
L H E E I F
22
Cäsar Chiffre
DERSCHATZLIEGTINEINEMEISENKASTEN
ABCDEFGHIJKLMNOPQRSTUVWXYZ
ABCDEFGHIJKLMNOPQRSTUVWXYZ
FGTUEJCVBNKGVKPGKGOGKUGPMCUVGP
23
Cäsar Chiffre

• Decoding by counting the frequency of letters
  DERSCHATZLIEGTINEINEMEISENKASTEN

FGTUEJCVBNKGVKPGKGOGKUGPMCUVGP
24
Frequency of letters
25
Cipheringsymmetric key
Exchange of keys
Key
Key
Decryption
Encryption
plain text
Cipher text
plain text
26
Cipheringasymmetric key
Certificate Authorities Public key
Alice
Bob
Pub Bob
Private key P Alice
Private key P Bob
Pub Alice Pub
Pub Bob
P Bob
Pub Alice
Decryption
Encryption
G(
Plain Text
Cipher text
Plain Text
Plain Text
27
RSA-CIPHERRivest Shamir Aldeman

• required two prime numbers p,q
• gt Public key (encrypt)
• n pq
• e relatively prime with (p-1)(q-1)
• Private Key
• d with de 1 mod(p-1)(q-1)
• encrypt c me mod n
• decrypt m cd mod n

28
RSA-Example

• p 47 q 59 pq n 2773
• (p-1) (q-1) 4658 2668
• ed 1 mod 2668 ltgt (ed) / 2668 Rest 1
• n 2773 e 17 d 157
• HALLO ... gt 080112121500...
• 080117 mod 2773 2480
• 121217 mod 2773 2345
• 2480157 mod 2773 801
• 2345157 mod 2773 1212

29
RSA-CIPHER time to decipher
The RSA Factoring Challenge
30
Pretty Good Privacysending
Public key of receiver
Private key of sender
Symmetric key
Random number
message
checksum
Encrypted Random number
Digital Signatur
Encrypted message
31
Pretty Good Privacyreceiving
Private key of receiver
Public key of sender
Encrypted Random number
Digitale Signatur
Symmetric key
Random number
Encrypted message
checksum
?
message
checksum
32
Digital Signaturprocedure
Document
Storage
Document
Document
Hashfunktion
Hashfunktion
Checksum
Checksum
?
Checksum
Signatur
Public key
Private key
Signatur
Signatur
33
Roles of a Signature

• Closing
• Identity
• Authenticity
• Evidence
• Inhibition threshold

34
Regulation concerning Digital Signatur
(Signaturverordnung -
SigV)

• 16 Anforderungen an die technischen Komponenten
• (1) Die zur Erzeugung von Signaturschlüsseln
  erforderlichen technischen Komponenten müssen so
  beschaffen sein, daß ein Schlüssel mit an
  Sicherheit grenzender Wahrscheinlichkeit nur
  einmal vorkommt und aus dem öffentlichen
  Schlüssel nicht der private Schlüssel errechnet
  werden kann. Die Geheimhaltung des privaten
  Schlüssels muß gewährleistet sein und er darf
  nicht dupliziert werden können.
  Sicherheitstechnische Veränderungen an den
  technischen Komponenten müssen für den Nutzer
  erkennbar werden.

35
Regulation concerning Digital Signatur

• The technical components which are necessary for
  the production of signature keys must be in a
  condition that a key will appear only once and
  that a private key can not be calculated from the
  public key. The privacy of the private key must
  be ensured and it should be not possible to
  dublicate the key. Safety-relevant changes in the
  technical components must become recognizable for
  the user.

36
Realisation of SigG, SigV und SigRL

• Linking the public key to its owner
• Safe storage of the private key
• Building of the digital signature in a safe
  environment
• uniqueness of the key
• 
  http//www.bsi.bund.de/esig/index.htm

37
certificate

• A certificate links a public key to a specific
  person
• A reliable third party (Certification Authority
  - CA) signs these data
• The public key of the CA is known

38
Certification Authority

• Die Erteilung von Genehmigungen und die
  Ausstellung von Zertifikaten, die zum Signieren
  von Zertifikaten eingesetzt werden, sowie die
  Überwachung der Einhaltung dieses Gesetzes und
  der Rechtsverordnung nach 16 obliegen der
  Behörde nach 66 des Telekommunikationsgesetzes
• Bundesnetzagentur
• http//www.nrca-ds.de/

39
Kinds of digital signaturesSimple Signature

• Sign under the document
• scanned signature
• elektronic business card
• Uncontrolled use,
• no authenticity

40
Kinds of digital signatures advanced Signature

• exclusively related to the key owner
• Permits the identification of the key owner
• Is generated under the exclusive control of the
  key owner
• Is related to the signed data in that kind that
  subsequent change of the data can be detected
• examples PGP, Verisign, Sphinx
• May be used inhouse

41
Kinds of digital signatures Qualified
Signaturewithout accreditation of provider

• advanced Signature with
• A certificate which is valide at the time of
  signature
• Created with a safe program to create signature
  keys
• The provider registers at Bundesnetzagentur, but
  will not be reviewed periodically

http//www.bundesnetzagentur.de/enid/2.html
42
Kinds of digital signatures Qualified
Signaturewithout accreditation of provider

• Qualified Signature
• The provider will be checked by Bundesnetzagentur
  
• Longterm reliability is ensured
• The signature is equivalent to a signature by
  hand and the opponent must prove that it is forged

43
Smart card for the Digital Signatur

• tamper-proof and confidential storage
• security relevant operations are executed on the
  smart card
• Simple transport and high availability
• Highly accepted

44
Smart card Mikrocontroller

• CPU Co-Prozessor (Crypto-Unit)
• RAM (2k), ROM (32k) und EEPROM (32k .. 64k)
• I/O

RAM
Crypto Unit
ROM
CPU
EEPROM
I/O System
45
Data Security and Cryptography

• Legal data protection
• IT Baseline Protection
• attacks on the communication
• Symmetric - asymmetric encryption
• Digital signature
• Smart cards