Security

Candidates should be able to:

3.5.1 Asymmetric keys and encryption methods
• show understanding of the terms: public key, private key, plain
text, cipher text, encryption and asymmetric key cryptography
• show understanding of how the keys can be used to send a
private message from the public to an individual/organisation
• show understanding of how the keys can be used to send a
verified message to the public
3.5.2 Digital signatures and digital certificates
• show understanding of how a digital certificate is acquired
• show understanding of how a digital certificate is used to
produce digital signatures
 Candidates should be able to:
3.5.3 Encryption protocols
• show awareness of the purpose of Secure Socket Layer
(SSL)/Transport Layer Security (TLS)
• show awareness of the use of SSL/TLS in client-server communication
• show awareness of situations where the use of SSL/TLS would be
appropriate
3.5.4 Malware
• show understanding of malware: viruses, spyware, worms, phishing,
pharming
• describe vulnerabilities that the various types of malware can exploit
• describe methods that can be used to restrict the effect of malware
 Encryption

Encryption is the process of scrambling data so

that it cannot be understood by another person
unless they know the encryption method and key
used. Decryption is the process of turning the
scrambled data back into data that can be
understood. Data is encrypted before it is
transmitted and decrypted when it is received.
Therefore encryption keeps data secure during
transmission.
 Encryption basics
All encryption works on the basis of turning plaintext into
ciphertext
 Security concerns
There are a number of security concerns relating to a transmission:
Confidentiality:
Only the intended recipient should be able to decrypt the ciphertext.
Authenticity:
The receiver must be certain who sent the ciphertext.
Integrity:
The ciphertext must not be modified during transmission.
Non-repudiation:
Neither sender nor receiver should be able to deny involvement in the transmission.
Availability:
Nothing should happen to prevent the receiver from receiving the transmission.
 Security concerns
In symmetric key encryption there is just one key which is used to
encrypt and then to decrypt. This key is a secret shared by the sender
and the receiver of a message. In asymmetric key encryption two
different keys are used, one for encryption and a different one for
decryption. Only one of these is a secret.

The sender has a key which is used to encrypt some plaintext and the
ciphertext produced is transmitted
to the receiver. If symmetric key encryption is used, there needs to be a
secure method for the sender and receiver to be provided with the
secret key.
 Security concerns
When using asymmetric key encryption, the process starts with the receiver. The
receiver must be in possession of two keys. A public key which is not secret and a
private key which is secret and known only to the receiver. The receiver can send
the public key to a sender, who uses the public key for encryption and sends the
ciphertext to the receiver. The receiver is the only person who can decrypt the
message because the private and public keys are a matched pair. The public key
can be provided to any number of different people allowing the receiver to receive a
private message from any of them.

If two individuals require two-way communication, both communicators need a

private key and must send the matching public key to the other person.
 Security concerns
Wiktor is an employee of a travel agent. He uses asymmetric encryption to send
confidential information to his manager.

Fill in the spaces with an appropriate term to complete the descriptions.

Asymmetric encryption uses different ……………………………. for encrypting

and decrypting data. When Wiktor sends a message to his manager, the message is
encrypted into ……………………………. using his manager’s
……………………………. key. When the manager receives the message, it is
decrypted using her ……………………………. key. When the manager replies,
the message is encrypted using Wiktor’s ……………………………. key, and when
Wiktor receives the message, it is decrypted into …………………………….
using his ……………………………. key. [5]
 Digital signatures and digital certificates

A digital certificate is needed to authenticate a sender. This can be achieved though

the use of asymmetric key encryption but used the other way round where one can
encrypt a message using her private key and the receiver would decrypt the
message using a public key. This method would work if the message is being sent to
many people and the people open using the public key. This approach would not
work if the message is private as anyone with the matching public key would be able
to open the message but this is useful to verify if the message is authentic.

This way of creating a digital signature has a disadvantage of encrypting the whole
message as a way of authenticating a message which in the end slows down the
process of data transmission.
 One way Hash function - Sending

An alternative is to use a cryptographic one-way hash function which

creates from the message a number, uniquely defined for the particular
message, called a 'digest'. The private key is used as a signature for
this digest. This speeds up the process of confirming the sender's
identity.
 One way Hash function - Receiving

The same public hash key function is used that was used by the sender so the same
digest is produced if the message has been transmitted without alteration. The
decryption of the digital signature produces an identical digest if the message was
genuinely sent by the original owner of the public key that the receiver has used.
This approach has allowed the receiver to be confident that the message is both
authentic and unaltered.

unfortunately this approach does not consider the

fact that someone might forge a public key and
pretend to be someone else. Therefore, there
is a need for a more rigorous means of
ensuring authentication. This can be provided by a
Certification Authority (CA) provided as part of a
Public Key Infrastructure (PKI).
 Using a digital certificate

• An individual (person A) who is a would-be receiver and has a public-private key

pair Certification contacts a local CA.
• The CA confirms the identity of person A.
• The CA creates a public-key certificate (a digital certificate) and writes person A's
public key into this document.
• The CA uses encryption with the CA's private key to add a digital signature to this
document.
• The digital certificate is given to person A.
• Person A posts the digital certificate on a website.
 Using a digital certificate

The certificate typically contains the name of the organisation,

their domain and server name and a serial number which is
registered with a Certification Authority who issues the
certificates.
 SSL and TLS
Secure Socket Layer (SSL) and Transport Layer Security (TLS) are two closely related protocols
providing security in using the Internet. TLS is a slightly modified version of SSL.

SSL is a client-server application. The interface between an application and TCP uses a port number.
In the absence of a security protocol, TCP services an application using the port number. The
combination of an IP address and a port number is called a 'socket'. When the Secure Socket Layer
protocol is implemented it functions as an additional layer between TCP in the transport layer and the
application layer. When the SSL protocol is in place, the application protocol HTTP becomes HTTPS.

SSL is not actually a protocol it is a protocol suite made up of

• Handshake protocol (layer)
• Session layer
• Record layer
 SSL and TLS
The Handshake Protocol from the SSP suite is used to create a session
to allow the client and the server to communicate. Once the session has
been established, the client and server can agree which encryption
algorithms are to be used and can define the values for the session
keys that are to be used. This interchange may involve checking digital
certificates. For the transmission, SSL provides encryption, compression
of the data and integrity checking. When the transmission is complete
the session is closed and all records of the encryption disappear.
 Malware
Types of malware
Malware is the colloquial name for malicious software. Malicious software is software
that is introduced into a system for a harmful purpose.

Types of malware-containing program code are:

• virus: tries to replicate itself inside other executable code
• worm: runs independently and propagates to other network hosts
• logic bomb: lies dormant until some condition is met
• Trojan horse: replaces all or part of a previously useful program
• spyware: collects information and transmits it to another system
• bot: takes control of another computer and uses it to launch attacks.
 Malware
Malware can also be classified in terms of the activity involved:
• phishing: sending an email or electronic message from an
apparently legitimate source requesting confidential
information
• pharming: setting up a bogus website which appears to be a
legitimate site
• keylogger: recording keyboard usage by the legitimate user
of the system.
 System vulnerabilities
Malware can be introduced inadvertently by the user in a number of
ways:
• attaching a portable storage device
• opening an email attachment
• accessing a website
• downloading a file from the Internet.
Alternatively, a legitimate user with a grievance might introduce malware
deliberately.
 System vulnerabilities
Other vulnerabilities are indirectly associated with the activities of legitimate users.
By far the most significant is the use of weak passwords and particularly those which
have a direct connection to the user. A poor choice of password gives the would-be
hacker a strong chance of being able to gain unauthorised access. Other examples
include a legitimate user not recognising a phishing or pharming attack and, as a
result, disclosing sensitive information.

Systems inherently lack optimum security. Operating systems are notorious for
lacking good security. There is a tendency for operating systems to increase in
complexity which tends to offer the potential for more insecurity. The regular updates
are often required because of a newly discovered security vulnerability.

An out of limit bound is an example of a software vulnerability which can be taken

advantage of.
 Textbook questions
1 a When transmitting data across a network three concerns relate to: confidentiality, authenticity and integrity.
Explain each of these terms. [4]
b Encryption and decryption can be carried out using a symmetric or an asymmetric key method.
Explain how keys are used in each of these methods. You are not required to describe the algorithms used.
Your account must include reference to a public key, a private key and a secret key. [6]

c Digital signatures and digital certificates are used in message transmission.

Give an explanation of t heir use. [5]

2 Malware is a serious concern for computer system users.

a Give the names of two types of malware which involve some malicious code being input into a system. [2]
b Explain the difference between the two types of code. [3]
c Identify and explain two approaches for preventing malicious code from entering a computer system. [4]
d Explain the terms 'phishing' and 'pharming’. [3]
e Identify one possible policy for reducing the threat from phishing or pharming. [2]