From an information security point of view, cryptographic keys are critical data. If earlier, in order to rob a company, malefactors had to enter its territory, open premises and safes, now it is enough to steal a token with a cryptographic key and make a transfer via the Client-Bank Internet system. The foundation of ensuring security using cryptographic information protection systems (CIPS) is maintaining the confidentiality of cryptographic keys.
How do you ensure the confidentiality of something that you don't know exists? To put a token with a key in the safe, you need to know about the existence of the token and the safe. As paradoxical as it sounds, very few companies have an idea of the exact number of key documents they use. This can happen for a number of reasons, for example, underestimation of information security threats, lack of well-established business processes, insufficient personnel qualifications in security issues, etc. This task is usually remembered after incidents such as this one.
This article will describe the first step towards improving information security using cryptographic means, or, more precisely, we will consider one of the approaches to auditing cryptographic information protection tools and crypto keys. The narration will be carried out on behalf of an information security specialist, while we will assume that the work is being carried out from scratch.
Terms and Definitions
At the beginning of the article, in order not to frighten the unprepared reader with complex definitions, we widely used the terms cryptographic key or cryptokey, now it is time to improve our conceptual apparatus and bring it into line with current legislation. This is a very important step as it will effectively structure the information obtained from the audit.
- Cryptographic key (cryptokey)- a set of data that allows the selection of one specific cryptographic transformation from among all possible in a given cryptographic system (definition from the “pink instructions - Order of FAPSI No. 152 dated June 13, 2001, hereinafter referred to as FAPSI 152).
- Key information- a specially organized set of crypto keys designed to implement cryptographic protection of information within a certain period [FAPSI 152].
You can understand the fundamental difference between a crypto key and key information using the following example. When organizing HTTPS, a public and private key pair is generated, and a certificate is obtained from the public key and additional information. So, in this scheme, the combination of a certificate and a private key form key information, and each of them individually is a crypto key. Here you can be guided by the following simple rule - end users, when working with cryptographic data protection tools, use key information, and crypto keys usually use cryptographic data protection tools inside themselves. At the same time, it is important to understand that key information can consist of one crypto key. - Key documents- electronic documents in any media, as well as documents in paper media containing key information of limited access for cryptographic transformation of information using algorithms for cryptographic transformation of information (cryptographic key) in encryption (cryptographic) means. (definition from the Government Decision No. 313 of April 16, 2012, hereinafter - PP-313)
In simple terms, a key document is key information recorded on a medium. When analyzing key information and key documents, it is necessary to highlight what is used (that is, used for cryptographic transformations - encryption, electronic signature, etc.) key information, and key documents containing it are transferred to employees. - Cryptographic information protection tools (CIPF)- means of encryption, means of imitation protection, means of electronic signature, means of coding, means of production of key documents, key documents, hardware encryption (cryptographic) means, software and hardware encryption (cryptographic) means. [PP-313]
When analyzing this definition, you can find in it the presence of the term key documents. The term is given in the Government Decree and we have no right to change it. At the same time, further description will be carried out on the basis that only means of carrying out cryptographic transformations will be related to CIPF). This approach will simplify the audit, but at the same time will not affect its quality, since we will still take into account the key documents, but in our section and using our own methods.
Audit methodology and expected results
The main features of the audit methodology proposed in this article are the postulates that:
- not a single employee of the company can accurately answer the questions asked during the audit;
- existing data sources (lists, registers, etc.) are inaccurate or poorly structured.
Here are the main dependencies that will help us with this:
- If there is a cryptographic information protection tool, then there is also key information.
- If there is an electronic document flow (including with counterparties and regulators), then most likely it uses an electronic signature and, as a result, cryptographic information protection tools and key information.
- Electronic document flow in this context should be understood broadly, that is, it will include both the direct exchange of legally significant electronic documents and the submission of reports, and work in payment or trading systems, and so on. The list and forms of electronic document management are determined by the company's business processes, as well as by current legislation.
- If an employee is involved in electronic document management, then most likely he has key documents.
- When organizing electronic document flow with counterparties, organizational and administrative documents (orders) on the appointment of responsible persons are usually issued.
- If information is transmitted over the Internet (or other public networks), then most likely it is encrypted. This primarily applies to VPN and various remote access systems.
- If protocols are found in network traffic that transmit traffic in an encrypted form, then cryptographic information protection tools and key information are used.
- If settlements were made with counterparties involved in: the supply of information security products, telecommunication devices, the provision of services for the transfer of puffiness, services of certification centers, then with this interaction, cryptographic information protection tools or key documents could be purchased.
- Key documents can be either on alienable media (floppy disks, flash drives, tokens, ...), or recorded inside computers and hardware cryptographic information security tools.
- When using virtualization tools, key documents can be stored both inside virtual machines and mounted to virtual machines using a hypervisor.
- Hardware cryptographic information protection tools can be installed in server rooms and be unavailable for analysis over the network.
- Some electronic document management systems may be inactive or inactive, but at the same time contain active key information and cryptographic information protection tools.
- Internal regulatory and organizational and administrative documentation may contain information about electronic document management systems, CIPF and key documents.
- interview employees;
- analyze the company's documentation, including internal regulatory and administrative documents, as well as outgoing payment orders;
- carry out a visual analysis of server rooms and communication cabinets;
- conduct technical analysis of the content of automated workstations (AWS), servers and virtualization tools.
List of SKZI:
- CIPF model... For example, CIPF Crypto CSP 3.9, or OpenSSL 1.0.1
- CIPF instance identifier... For example, serial, license (or registration according to PKZ-2005) SKZI number
- Information about the certificate of the FSB of Russia for the CIPF, including number and start and end dates of validity.
- Information about the place of operation of the SKZI... For example, the name of the computer on which the software SKZI is installed, or the name of the technical means or premises where the hardware SKZI is installed.
- Manage vulnerabilities in cryptographic information protection systems, that is, quickly detect and fix them.
- Track the validity period of certificates for cryptographic information protection tools, as well as check whether a certified cryptographic information protection tool is used in accordance with the rules established by the documentation or not.
- Plan the cost of cryptographic information protection, knowing how much is already in operation and how much more consolidated funds are available.
- Generate regulatory reporting.
For each element of the list, we record the following data:
- Name or identifier of key information... For example, “Qualified ES key. Serial number of the certificate is 31: 2D: AF ", and the identifier should be selected in such a way that it would be possible to find the key by it. For example, certification authorities, when they send notifications, usually identify keys by certificate numbers.
- Key System Control Center (CMC) issuer of this key information. This can be the organization that issued the key, for example, a certification authority.
- Individual, in whose name key information has been issued. This information can be retrieved from the CN fields of X.509 certificates
- Key information format... For example, CryptoPRO CIP, Verba-OW CIP, X.509, etc. (or in other words, for use with which CIP this key information is intended).
- Assigning key information... For example, "Participation in auctions on the Sberbank AST site", "Qualified electronic signature for filing reports", etc. From a technical point of view, in this field, you can fix the limitations fixed by the extended key usage fields and other X.509 certificates.
- The beginning and the end of the validity of key information.
- Key information reissue procedure... That is, knowledge of what to do and how to reissue key information. At the very least, it is advisable to record the contacts of the officials of the CMC that issued the key information.
- The list of information systems, services or business processes within which key information is used... For example, "System of remote banking services Internet Client-Bank".
- Track the expiration dates of key information.
- Reissue key information quickly if necessary. This may be needed for both planned and unscheduled re-releases.
- Block the use of key information, upon dismissal of an employee, to whom it was released.
- Investigate information security incidents by answering the questions: "Who had the keys to make payments?" and etc.
For each element of the list, we record the following data:
- Key information contained in the key document.
- Key information carrier, on which the key information is recorded.
- Face responsible for the safety of the key document and the confidentiality of the key information contained in it.
- Reissue key information in cases of: dismissal of employees who have key documents, as well as in case of compromise of media.
- Ensure the confidentiality of key information by taking an inventory of the carriers containing it.
Audit plan
Now is the time to consider the practical features of the audit. Let's do this using the example of a credit and financial organization, or in other words, using the example of a bank. This example was not chosen by chance. Banks use a fairly large number of diverse cryptographic protection systems that are involved in a huge number of business processes, and besides, almost all banks are licensed by the FSB of Russia in cryptography. Further in the article, an audit plan for cryptographic information protection tools and cryptokeys will be presented in relation to the Bank. At the same time, this plan can be taken as a basis when conducting an audit of almost any company. For ease of perception, the plan is divided into stages, which, in turn, are folded into spoliers.
Stage 1. Collecting data from the infrastructure departments of the company
| № | Action | |
| Source - all employees of the company | ||
| 1 | We send a corporate mailing to all employees of the company with a request to inform the information security service about all the cryptographic keys they use | We receive emails, on the basis of which we form a list of key information and a list of key documents |
| Source - Head of Information Technology Service | ||
| 1 | We request a list of key information and key documents | With some probability, the IT Service maintains such documents, we will use them to form and clarify lists of key information, key documents and cryptographic information protection tools |
| 2 | Requesting a list of cryptographic information resources | |
| 3 | We request the register of software installed on servers and workstations | In this registry, we are looking for software cryptographic tools and their components. For example, CryptoPRO CSP, Verba-OW, Signal-COM CSP, Signature, PGP, ruToken, eToken, KritoARM, etc. On the basis of these data, we form a list of cryptographic information protection tools. |
| 4 | We ask for a list of employees (probably technical support) helping users to use cryptographic information protection tools and re-release of key information. | We ask these persons for the same information as system administrators |
| Source - Information Technology Service System Administrators | ||
| 1 | We request a list of domestic crypto gateways (VIPNET, Continent, S-terra, etc.) | In cases where the company does not implement regular IT and information security management business processes, such questions can help system administrators to remember the existence of a particular device or software. We use this information to obtain a list of cryptographic information protection tools. |
| 2 | We are asking for a list of domestic software cryptographic tools (cryptographic information protection tools MagPro CryptoPacket, VIPNET CSP, CryptonDisk, SecretDisk, ...) | |
| 3 | We request a list of routers that implement VPN for: a) communications between the offices of the company; b) interaction with contractors and partners. |
|
| 4 | We request a list of information services published on the Internet (accessible from the Internet). They can include: a) corporate email; b) instant messaging systems; c) corporate websites; d) services for the exchange of information with partners and contractors (extranet); e) systems of remote banking services (if the company is a Bank); f) systems of remote access to the company's network. To check the completeness of the information provided, we check it against the list of Portforwarding rules for border firewalls. |
Analyzing the information received, with a high probability, you can find the use of cryptographic information protection tools and crypto keys. We use the obtained data to form a list of cryptographic information protection tools and key information. |
| 5 | We request a list of information systems used for reporting (Taxcom, Kontur, etc.) | These systems use the keys of a qualified electronic signature and SKZI. Through this list, we form a list of cryptographic data protection tools, a list of key information, and also find out the employees who use these systems to form a list of key documents. |
| 6 | We request a list of internal electronic document management systems (Lotus, DIRECTUM, 1C: Document management, etc.), as well as a list of their users. | Within the framework of internal electronic document management systems, electronic signature keys may be encountered. Based on the information received, we form a list of key information and a list of key documents. |
| 7 | We are asking for a list of internal certification centers. | The funds used for the organization of certification centers are recorded in the list of cryptographic information protection tools. In the future, we will analyze the contents of the databases of certification centers to identify key information. |
| 8 | We request information about the use of technologies: IEEE 802.1x, WiFiWPA2 Enterprise and IP video surveillance systems | In the case of using these technologies, we can find key documents in the devices involved. |
| Source - Head of Human Resources | ||
| 1 | Please describe the process of hiring and firing employees. We focus on the question of who takes the key documents from leaving workers | We analyze documents (bypass sheets) for the presence of information systems in which the cryptographic information protection system can be used. |
Stage 2. Collecting data from business units of the company (on the example of the Bank)
| № | Action | Expected Output and Usage |
| Source - Head of Settlement Service (Correspondent Relations) | ||
| 1 | Please provide a scheme for organizing interaction with the Bank of Russia payment system. In particular, this will be relevant for Banks that have a developed branch network, in which branches can connect the Central Bank to the payment system directly | Based on the data received, we determine the location of the payment gateways (AWP KBR, UTA) and the list of involved users. We use the obtained information to form a list of cryptographic information protection tools, key information and key documents. |
| 2 | We ask for a list of Banks with which direct correspondent relations have been established, and also ask to tell who is involved in making transfers and what technical means are used. | |
| 3 | We request a list of payment systems in which the Bank participates (SWIFT, VISA, MasterCard, NSPK, etc.), as well as the location of terminals for communication | The same as for the payment system of the Bank of Russia |
| Source - Head of Division responsible for the provision of remote banking services | ||
| 1 | We are asking for a list of remote banking systems. | In these systems, we analyze the use of cryptographic information protection tools and key information. Based on the data received, we form a list of cryptographic information protection tools and key information and key documents. |
| Source - Head of the department responsible for the functioning of payment card processing | ||
| 1 | Query the HSM registry | Based on the information received, we form a list of cryptographic information protection tools, key information and key documents. |
| 2 | Requesting the roster of security officers | |
| 4 | Requesting information about LMK HSM components | |
| 5 | We request information about the organization of systems such as 3D-Secure and the organization of personalization of payment cards | |
| Source - Heads of departments performing functions of treasury and depository | ||
| 1 | List of banks with which correspondent relations have been established and which participate in interbank lending. | We use the information received to clarify previously received data from the settlement service, as well as record information about interaction with exchanges and depositories. Based on the information received, we form a list of cryptographic information protection tools and key information. |
| 2 | List of exchanges and specialized depositories with which the Bank works | |
| Source - Heads of financial monitoring services and departments responsible for submitting reports to the Bank of Russia | ||
| 1 | We request information on how they send information and receive information from the Central Bank. List of involved persons and technical means. | Information interaction with the Bank of Russia is strictly regulated by relevant documents, for example, 2332-U, 321-I and many others, we check compliance with these documents and form lists of cryptographic information protection tools, key information and key documents. |
| Source - Chief Accountant and accountants who pay bills for internal bank needs | ||
| 1 | We ask for information on how the preparation and submission of reports to tax inspectorates and the Bank of Russia | We clarify the previously obtained information |
| 2 | We request a register of payment documents to pay for internal bank needs | In this registry, we will look for documents where: 1) Certification centers, specialized telecom operators, manufacturers of cryptographic information protection tools, suppliers of telecommunications equipment are indicated as recipients of payments. The names of these companies can be obtained from the Register of certified cryptographic information protection systems of the FSB of Russia, the list of accredited certification centers of the Ministry of Telecom and Mass Communications and other sources. 2) as a decryption of the payment, the words are present: "CIPF", "signature", "token", "key", "BKI", etc. |
| Source - Heads of Arrears and Risk Management | ||
| 1 | We request a list of credit bureaus and collection agencies with which the Bank works. | Together with the IT service, we analyze the data obtained in order to clarify the organization of electronic document management, on the basis of which we clarify the lists of cryptographic information protection tools, key information and key documents. |
| Source - Heads of Document Management, Internal Control and Internal Audit Services | ||
| 1 | We request a register of internal organizational and administrative documents (orders). | In these documents, we are looking for documents related to cryptographic information protection. To do this, we analyze the presence of the keywords "security", "person in charge", "administrator", "electronic signature", "ES", "EDS", "EDO", "ASP", "SKZI" and their derivatives. Then we identify the list of Bank employees recorded in these documents. We conduct interviews with employees on the topic of their use of crypto-tools. We reflect the information received in the lists of cryptographic information protection tools, key information and key documents. |
| 2 | We request lists of contracts with counterparties | We are trying to identify agreements on electronic document management, as well as agreements with companies that supply information security tools or provide services in this area, as well as companies that provide services of certification centers and services for submitting reports via the Internet. |
| 3 | We analyze the technology of storing documents of the day in electronic form | When implementing the storage of documents of the day in electronic form, cryptographic information protection tools are required |
Stage 3. Technical audit
| № | Action | Expected Output and Usage |
| 1 | We carry out a technical inventory of the software installed on computers. For this we use: · Analytical capabilities of corporate anti-virus protection systems (for example, Kaspersky Anti-Virus can build such a registry). · WMI scripts for polling Windows computers; · Possibilities of package managers for polling * nix systems; · Specialized software for inventory. |
Among the installed software, we are looking for software SKZI, drivers for hardware SKZI and key carriers. On the basis of the information received, we update the list of CIPFs. |
| 2 | We search for key documents on servers and workstations. For this · Logon-scripts poll AWP in the domain for the presence of certificates with private keys in user profiles and computer profiles. On all computers, file servers, hypervisors, we are looking for files with the extensions: crt, cer, key, pfx, p12, pem, pse, jks, etc. · On the hypervisors of virtualization systems, we are looking for mounted floppy drives and diskette images. |
Very often, key documents are presented in the form of file key containers, as well as containers stored in the registries of computers running Windows. We record the found key documents in the list of key documents, and the key information contained in them in the list of key information. |
| 3 | We analyze the content of the databases of certification centers | Databases of certification authorities usually contain information about certificates issued by these authorities. We enter the information received into the list of key information and the list of key documents. |
| 4 | We conduct a visual inspection of server rooms and wiring closets, look for cryptographic information protection tools and hardware key carriers (tokens, disk drives) | In some cases, it is impossible to conduct an inventory of cryptographic information protection tools and key documents over the network. Systems may be on isolated network segments or have no network connections at all. To do this, we conduct a visual inspection, in the results of which the names and purpose of all equipment presented in the server rooms should be established. We enter the information received into the list of cryptographic information protection tools and key documents. |
| 5 | We analyze network traffic in order to identify information flows using encrypted exchange | Encrypted protocols - HTTPS, SSH, etc. will allow us to identify network nodes on which cryptographic transformations are performed, and as a result, containing cryptographic information protection tools and key documents. |
Conclusion
In this article, we examined the theory and practice of auditing cryptographic information protection tools and crypto keys. As you have seen, this procedure is rather complicated and time-consuming, but if it is correctly approached, it is quite feasible. We hope this article will help you in real life. Thank you for your attention, we are waiting for your comments.Tags:
- skzy
- cryptography
- electronic signature
- audit
- management
Confidentiality of information is characterized by such seemingly opposite indicators as availability and secrecy. Methods to make information available to users are discussed in section 9.4.1. In this section, we will consider ways to ensure the secrecy of information. This property of information is characterized by the degree of masking of information and reflects its ability to resist disclosing the meaning of information arrays, determining the structure of the stored information array or carrier (carrier signal) of the transmitted information array and establishing the fact of transmission of the information array through communication channels. In this case, the optimality criteria are, as a rule,:
minimizing the likelihood of overcoming ("breaking") protection;
maximizing the expected safe time before "breaking" the protection subsystem;
minimization of total losses from protection "hacking" and costs of development and operation of the corresponding elements of the information control and protection subsystem, etc.
In general, the confidentiality of information between subscribers can be ensured in one of three ways:
create an absolutely reliable communication channel between subscribers inaccessible to others;
use a public communication channel, but hide the very fact of information transfer;
use a public communication channel, but transmit information through it in a transformed form, and it must be transformed so that only the addressee can restore it.
The first option is practically unrealizable due to the high material costs for creating such a channel between remote subscribers.
One of the ways to ensure the confidentiality of information transfer is steganography... At present, it represents one of the promising directions for ensuring the confidentiality of stored or transmitted information in computer systems by masking classified information in open files, primarily multimedia.
He is engaged in the development of methods for transforming (encrypting) information in order to protect it from illegal users. cryptography.
Cryptography (sometimes the term cryptology is used) is a field of knowledge that studies cryptography (cryptography) and methods of its disclosure (cryptanalysis). Cryptography is considered a branch of mathematics.
Until recently, all research in this area was only closed, but in the past few years, more and more publications in the open press have begun to appear. In part, the softening of secrecy is due to the fact that it has become impossible to hide the accumulated amount of information. On the other hand, cryptography is increasingly used in civilian industries, which requires disclosure.
9.6.1. Principles of cryptography. The purpose of a cryptographic system is to encrypt a meaningful source text (also called clear text), resulting in a completely meaningless cipher text (ciphertext, cryptogram) as a result. The intended recipient must be able to decrypt (they also say "decrypt") this ciphertext, thus recovering the corresponding plaintext. In this case, the adversary (also called a cryptanalyst) must be unable to reveal the original text. There is an important difference between decrypting (decrypting) and revealing ciphertext.
Cryptographic methods and ways of transforming information are called ciphers... The disclosure of a cryptosystem (cipher) is the result of the work of a cryptanalyst, leading to the possibility of effective disclosure of any plain text encrypted with the help of this cryptosystem. The degree of inability of a cryptosystem to disclose is called its strength.
The issue of the reliability of information security systems is very complex. The fact is that there are no reliable tests to make sure that information is protected reliably enough. Firstly, cryptography has the peculiarity that it often takes several orders of magnitude more money to "break" a cipher than to create it. Consequently, testing a cryptographic protection system is not always possible. Secondly, repeated unsuccessful attempts to overcome the defense does not mean at all that the next attempt will not be successful. The case is not excluded when professionals fought over the cipher for a long time but unsuccessfully, and a newcomer applied a non-standard approach - and the cipher was easy for him.
As a result of such poor provability of the reliability of information security tools, there are a lot of products on the market, the reliability of which cannot be reliably judged. Naturally, their developers praise their work in every way, but they cannot prove its quality, and often this is impossible in principle. As a rule, the unprovability of reliability is also accompanied by the fact that the encryption algorithm is kept secret.
At first glance, the secrecy of the algorithm serves as an additional guarantee of the reliability of the cipher. This is an argument aimed at amateurs. In fact, once an algorithm is known to the developers, it can no longer be considered secret, unless the user and the developer are the same person. In addition, if, due to the incompetence or mistakes of the developer, the algorithm turns out to be unstable, its secrecy will not allow independent experts to check it. The instability of the algorithm will be revealed only when it is already hacked, or even not found at all, because the enemy is in no hurry to brag about his successes.
Therefore, the cryptographer should be guided by the rule first formulated by the Dutchman O. Kerkhoffs: the strength of the cipher should be determined only by the secrecy of the key. In other words, the rule of O. Kerckhoffs is that the entire encryption mechanism, except for the value of the secret key, is a priori considered known to the enemy.
Another thing is that a method of protecting information is possible (strictly speaking, not related to cryptography), when it is not the encryption algorithm that is hidden, but the very fact that the message contains encrypted (hidden in it) information. It is more correct to call such a technique information masking. It will be discussed separately.
The history of cryptography goes back several thousand years. The need to hide what was written appeared in a person almost immediately, as soon as he learned to write. A well-known historical example of a cryptosystem is the so-called Caesar cipher, which is the simple replacement of each letter of the plaintext with the third letter of the alphabet following it (with cyclic hyphenation when necessary). For example, A was replaced by D,B on E,Z on C.
Despite the significant advances in mathematics over the centuries that have passed since the time of Caesar, cryptography did not make significant steps forward until the middle of the 20th century. It had an amateurish, speculative, unscientific approach.
For example, in the XX century, professionals widely used "book" ciphers, in which any mass print edition was used as a key. Needless to say, how easily such ciphers were revealed! Of course, from a theoretical point of view, the "book" cipher looks quite reliable, since the set of it is impossible to sort out manually. However, the slightest a priori information sharply narrows this choice.
By the way, about a priori information. During the Great Patriotic War, as you know, the Soviet Union paid considerable attention to the organization of the partisan movement. Almost every detachment behind enemy lines had a radio station, as well as some kind of communication with the "mainland". The ciphers that the partisans had were extremely unstable - the German decoders deciphered them quickly enough. And this, as you know, resulted in combat defeats and losses. The guerrillas proved to be cunning and resourceful in this area too. The trick was extremely simple. In the original text of the message, a large number of grammatical errors were made, for example, they wrote: "Send three echelon with tons". With the correct decoding, everything was clear for a Russian person. But the cryptanalysts of the enemy turned out to be powerless in front of such a technique: looking over the possible options, they encountered the combination "tnk", which was impossible for the Russian language, and rejected this option as knowingly incorrect.
This seemingly homebrew trick is actually very effective and is often used even now. Random sequences of characters are substituted into the original text of the message in order to confuse brute-force cryptanalytic programs or to change the statistical patterns of the cipher code, which can also provide useful information to the enemy. But on the whole, we can still say that pre-war cryptography was extremely weak and could not claim to be a serious science.
However, the harsh military necessity soon forced scientists to come to grips with the problems of cryptography and cryptanalysis. One of the first significant advances in this area was the German Enigma typewriter, which was actually a mechanical encoder and decoder with a fairly high durability.
At the same time, during the Second World War, the first professional decryption services appeared. The most famous of these is Bletchley Park, a branch of the British intelligence service MI5.
9.6.2. Types of ciphers. All encryption methods can be divided into two groups: secret key ciphers and public key ciphers. The former are characterized by the presence of some information (secret key), the possession of which makes it possible to both encrypt and decrypt messages. Therefore, they are also referred to as single-key. Public key ciphers require two keys to decrypt messages. These ciphers are also called two-key ciphers.
The encryption rule cannot be arbitrary. It must be such that it is possible to unambiguously recover an open message from the ciphertext using the decryption rule. Encryption rules of the same type can be combined into classes. Inside the class, the rules differ among themselves by the values of some parameter, which can be a number, a table, etc. In cryptography, the specific value of such a parameter is usually called key.
Essentially, the key selects a specific encryption rule from a given class of rules. This allows, firstly, when using special devices for encryption, to change the value of the device parameters so that the encrypted message cannot be decrypted even by persons who have exactly the same device, but do not know the selected parameter value, and secondly, it allows you to change the encryption rule in a timely manner , since the repeated use of the same encryption rule for plain texts creates the prerequisites for receiving open messages by encrypted ones.
Using the concept of a key, the encryption process can be described as a ratio:
where A- open message; B- encrypted message; f- encryption rule; α - the selected key, known to the sender and the addressee.
For each key α
cipher conversion 
must be reversible, that is, there must be a reverse transformation 
, which for the selected key α
uniquely identifies an open message A by encrypted message B:
(9.0)
Set of transformations 
and the set of keys they match is called cipher... Among all ciphers, two large classes can be distinguished: replacement ciphers and permutation ciphers. Currently, electronic encryption devices are widely used to protect information in automated systems. An important characteristic of such devices is not only the strength of the implemented cipher, but also the high speed of the encryption and decryption process.
Sometimes two concepts are confused: encryption and coding... Unlike encryption, for which you need to know the cipher and the secret key, there is nothing secret during encryption, there is only a certain replacement of letters or words with predefined symbols. Encoding methods are aimed not at hiding an open message, but at presenting it in a more convenient form for transmission via technical means of communication, to reduce the message length, protect distortions, etc.
Secret key ciphers... This type of cipher implies the presence of some information (key), the possession of which allows both encryption and decryption of the message.
On the one hand, such a scheme has the disadvantages that, in addition to an open channel for transmitting a cipher code, it is necessary to also have a secret channel for transmitting a key; moreover, if information about a key is leaked, it is impossible to prove from which of the two correspondents the leak occurred.
On the other hand, among the ciphers of this particular group, there is the only encryption scheme in the world that possesses absolute theoretical strength. All others can be deciphered at least in principle. Such a scheme is the usual encryption (for example, the XOR operation) with a key the length of which is equal to the length of the message. In this case, the key should only be used once. Any attempts to decipher such a message are useless, even if there is a priori information about the message text. By selecting a key, you can get any message as a result.
Public key ciphers... This type of cipher implies the presence of two keys - public and private; one is used to encrypt, the other to decrypt messages. The public key is published - it is brought to the attention of everyone, while the secret key is kept by its owner and is a guarantee of the secrecy of messages. The essence of the method is that what is encrypted with a secret key can only be decrypted with a public one and vice versa. These keys are generated in pairs and have a one-to-one correspondence to each other. Moreover, it is impossible to calculate the other from one key.
A characteristic feature of ciphers of this type, which favorably distinguishes them from ciphers with a secret key, is that the secret key is known here only to one person, while in the first scheme it must be known to at least two people. This gives the following advantages:
no secure channel is required to send the secret key;
all communication is carried out via an open channel;
the presence of a single copy of the key reduces the possibility of its loss and makes it possible to establish clear personal responsibility for maintaining secrecy;
the presence of two keys allows this encryption system to be used in two modes - secret communication and digital signature.
The simplest example of the considered encryption algorithms is the RSA algorithm. All other algorithms of this class differ from it not fundamentally. We can say that, by and large, RSA is the only public key algorithm.
9.6.3. Algorithm RSA. RSA (named for its authors - Rivest, Shamir and Alderman) is a public key algorithm for both encryption and authentication (digital signature). This algorithm was developed in 1977 and is based on the decomposition of large integers into prime factors (factorization).
RSA is a very slow algorithm. In comparison, at the software level, DES is at least 100 times faster than RSA; on the hardware - by 1,000-10,000 times, depending on the implementation.
The RSA algorithm is as follows. Takes two very large primes p and q... Determined n as a result of multiplication p on q(n=p q). A large random integer is selected d coprime with m, where 
... Such a number is determined e, what 
... Let's call the public key e and n, and the secret key is the numbers d and n.
Now, to encrypt data using a known key ( e,n), you need to do the following:
split the encrypted text into blocks, each of which can be represented as a number M(i)=0,1,…,n-1;
encrypt text treated as a sequence of numbers M(i) according to the formula C(i)=(M(i)) mod n;
to decrypt this data using the secret key ( d,n), it is necessary to perform the following calculations M(i)=(C(i)) mod n.
The result will be a set of numbers M(i), which represent the original text.
Example. Let's consider the application of the RSA method to encrypt the message: "computer". For simplicity, we will use very small numbers (in practice, much larger numbers are used - from 200 and above).
Let's choose p= 3 and q= 11. We define n= 3 × 11 = 33.
Find ( p-1) × ( q-1) = 20. Therefore, as d choose any number that is coprime with 20, for example d=3.
Let's choose a number e... As such a number, any number can be taken for which the relation ( e× 3) mod 20 = 1, for example, 7.
Let's represent the encrypted message as a sequence of integers in the range 1 ... 32. Let the letter "E" be represented by the number 30, the letter "B" by the number 3, and the letter "M" by the number 13. Then the original message can be represented as a sequence of numbers (30 03 13).
Let's encrypt the message using the key (7.33).
C1 = (307) mod 33 = 21870000000 mod 33 = 24,
C2 = (37) mod 33 = 2187 mod 33 = 9,
C3 = (137) mod 33 = 62748517 mod 33 = 7.
Thus, the encrypted message looks like (24 09 07).
Let's solve the inverse problem. Let's decrypt the message (24 09 07), received as a result of encryption using a known key, based on the secret key (3.33):
М1 = (24 3) mod 33 = 13824 mod 33 = 30,
M2 = (9 3) mod 33 = 739 mod 33 = 9,
М3 = (7 3) mod33 = 343 mod33 = 13 .
Thus, as a result of the decryption of the message, the original message "computer" was received.
The cryptographic strength of the RSA algorithm is based on the assumption that it is extremely difficult to determine the secret key from the known one, since for this it is necessary to solve the problem of the existence of integer divisors. This problem is NP-complete and, as a consequence of this fact, does not currently admit an effective (polynomial) solution. Moreover, the very question of the existence of efficient algorithms for solving NP-complete problems is still open. In this regard, for numbers consisting of 200 digits (and it is these numbers that are recommended to be used), traditional methods require a huge number of operations (about 1023).
The RSA algorithm (Figure 9.2) is patented in the USA. Its use by other persons is not allowed (if the key length is more than 56 bits). True, the validity of such an establishment can be called into question: how can ordinary exponentiation be patented? However, RSA is protected by copyright laws.
Rice. 9.2. Encryption scheme
A message encrypted with the public key of a subscriber can only be decrypted by himself, since only he has the secret key. Thus, to send a private message, you must take the recipient's public key and encrypt the message on it. After that, even you yourself will not be able to decipher it.
9.6.4. Electronic signature. When we act the other way around, that is, we encrypt a message using a secret key, then anyone can decrypt it (taking your public key). But the very fact that the message was encrypted with your private key confirms that it came from you - the only owner of the secret key in the world. This mode of use of the algorithm is called digital signature.
From the point of view of technology, an electronic digital signature is a software-cryptographic (that is, appropriately encrypted) means that allows you to confirm that the signature on a particular electronic document was put by its author, and not by any other person. An electronic digital signature is a set of characters generated according to an algorithm defined by GOST R 34.0-94 and GOST R 34.-94. At the same time, an electronic digital signature allows you to make sure that the information signed by the electronic digital signature method was not changed during the transfer and was signed by the sender exactly in the form in which you received it.
The process of electronically signing a document (Fig. 9.3) is quite simple: the array of information that needs to be signed is processed by special software using the so-called private key. Then the encrypted array is sent by e-mail and, upon receipt, is verified with the corresponding public key. The public key allows you to check the safety of the array and verify the authenticity of the sender's electronic digital signature. This technology is believed to be 100% tamper-proof.
Rice. 9.3. Diagram of the process of electronic signing of a document
The secret key (code) is held by each person who has the authority to sign, and can be stored on a floppy disk or smart card. The public key is used by recipients of the document to verify the authenticity of the electronic digital signature. Using an electronic digital signature, you can sign individual files or fragments of databases.
In the latter case, the software that implements the electronic digital signature must be embedded in the applied automated systems.
According to the new law, the procedure for certification of electronic digital signatures and certification of the signature itself is clearly regulated.
This means that the authorized government body must confirm that this or that software for generating an electronic digital signature really produces (or verifies) only an electronic digital signature and nothing else; that the corresponding programs do not contain viruses, do not download information from contractors, do not contain bugs and guarantee against hacking. Certification of the signature itself means that the relevant organization - the certification authority - confirms that this key belongs to this particular person.
You can sign documents without the specified certificate, but in the event of a trial, it will be difficult to prove anything. In this case, the certificate is irreplaceable, since the signature itself does not contain data about its owner.
For example, a citizen A and citizen V concluded an agreement in the amount of 10,000 rubles and certified the agreement with their EDS. Citizen A did not fulfill his obligation. Offended citizen V, who is accustomed to acting within the framework of the legal field, goes to court, where the authenticity of the signature is confirmed (the correspondence of the public key to the private one). However, the citizen A states that the private key is not his at all. In the event of such a precedent with an ordinary signature, a graphological examination is carried out, but in the case of an EDS, a third party or document is needed with which it is possible to confirm that the signature really belongs to this person. This is what a public key certificate is for.
Today, one of the most popular software tools that implement the main functions of an electronic digital signature are the Verba and CryptoPRO CSP systems.
9.6.5. Hash function. As shown above, a public key cipher can be used in two modes: encryption and digital signature. In the second case, it makes no sense to encrypt the entire text (data) using a secret key. The text is left open, and a certain "checksum" of this text is encrypted, as a result of which a data block is formed, which is a digital signature, which is added to the end of the text or attached to it in a separate file.
The aforementioned "checksum" of the data, which is "signed" instead of the entire text, must be calculated from the entire text so that a change in any letter is reflected on it. Secondly, the specified function must be one-way, that is, computable only "in one direction". This is necessary so that the enemy could not purposefully change the text, adjusting it to the existing digital signature.
This function is called Hash function, which, like cryptoalgorithms, is subject to standardization and certification. In our country, it is regulated by GOST R-3411. Hash function- a function that hashes an array of data by mapping values from a (very) large set of values to a (significantly) smaller set of values. In addition to digital signatures, hash functions are used in other applications. For example, when exchanging messages between remote computers, when user authentication is required, a method based on a hash function can be used.
Let be Hash code created by function N:
,
where M is a message of arbitrary length and h is a fixed length hash code.
Consider the requirements that a hash function must meet in order for it to be used as a message authenticator. Let's take a look at a very simple hash function example. Then we will analyze several approaches to building a hash function.
Hash function N used to authenticate messages must have the following properties:
N(M) must be applied to a data block of any length;
N(M) create a fixed length output;
N(M) is relatively easy (in polynomial time) calculated for any value M;
for any given hash code value h impossible to find M such that N(M) =h;
for any given NS computationally impossible to find y≠x, what H(y) =H(x);
it is computationally impossible to find an arbitrary pair ( NS,y) such that H(y) =H(x).
The first three properties require the hash function to generate a hash code for any message.
The fourth property defines the requirement of one-way hash function: it is easy to create a hash code from a given message, but it is impossible to recover a message from a given hash code. This property is important if hash authentication includes a secret value. The secret value itself may not be sent, however, if the hash function is not one-way, the adversary can easily reveal the secret value as follows.
The fifth property ensures that no other message can be found whose hash value matches the hash value of this message. This prevents the authenticator from being tampered with when using an encrypted hash code. In this case, the adversary can read the message and, therefore, generate its hash code. But since the adversary does not own the secret key, he cannot change the message so that the recipient does not discover it. If this property is not met, the attacker can perform the following sequence of actions: intercept the message and its encrypted hash code, calculate the message hash code, create an alternative message with the same hash code, replace the original message with a fake one. Since the hash codes of these messages are the same, the recipient will not detect the spoofing.
A hash function that satisfies the first five properties is called simple or weak hash function. If, in addition, the sixth property is satisfied, then such a function is called strong hash function. The sixth property protects against a class of attacks known as the birthday attack.
All hash functions are performed as follows. An input value (message, file, etc.) is treated as a sequence n-bit blocks. The input value is processed sequentially block by block, and created m- the bit value of the hash code.
One of the simplest examples of a hash function is the bitwise XOR of each block:
WITH i = b i 1 XOR b i2 XOR. ... ... XOR b ik ,
where WITH i – i th bit of the hash code, i = 1, …, n;
k- number n- bit input blocks;
b ij –i th bit in j th block.
The result is a hash code of length n known as longitudinal overcontrol. This is effective for random failures to check the integrity of the data.
9.6.6. DES AND GOST-28147. DES (Data Encryption Standard) is a symmetric key algorithm, i.e. one key is used for both encryption and decryption of messages. Developed by IBM and approved by the US government in 1977 as the official standard for protecting non-government secrets.
DES has 64-bit blocks, is based on 16-fold data permutation, uses a 56-bit key for encryption. There are several DES modes, such as Electronic Code Book (ECB) and Cipher Block Chaining (CBC). 56 bits are 8 seven-bit ASCII characters, i.e. the password cannot be more than 8 letters. If, in addition, only letters and numbers are used, then the number of possible options will be significantly less than the maximum possible 256.
One of the steps of the DES algorithm... The input data block is halved by the left ( L ") and right ( R ") parts. After that, the output array is formed so that its left side L "" represented by the right side R " input, and right R "" formed as a sum L " and R " XOR operations. Further, the output array is encrypted by permutation and replacement. You can make sure that all performed operations can be reversed and decryption is carried out in a number of operations linearly dependent on the block size. The algorithm is shown schematically in Fig. 9.4.
Rice. 9.4. DES algorithm diagram
After several such transformations, we can assume that each bit of the output cipher block can depend on each bit of the message.
In Russia, there is an analogue of the DES algorithm, which works on the same principle of a secret key. GOST 28147 was developed 12 years later than DES and has a higher degree of protection. Their comparative characteristics are presented in table. 9.3.
Table 9.3
9.6.7. Steganography. Steganography- This is a method of organizing a connection, which actually hides the very existence of a connection. Unlike cryptography, where the enemy can accurately determine whether the transmitted message is cipher text, steganography methods allow embedding secret messages in harmless messages so that it would be impossible to suspect the existence of an embedded secret message.
The word "steganography" in translation from Greek literally means "secret writing" (steganos - secret, secret; graphy - record). It includes a huge variety of secret communications, such as invisible ink, photomicrographs, conventional arrangement of signs, secret channels and means of communication on floating frequencies, etc.
Steganography occupies its own niche in security: it does not replace, but complements cryptography. Hiding a message by steganography methods significantly reduces the likelihood of detecting the very fact of a message transmission. And if this message is also encrypted, then it has one more, additional, level of protection.
Currently, in connection with the rapid development of computer technology and new channels of information transmission, new steganographic methods have appeared, which are based on the peculiarities of the presentation of information in computer files, computer networks, etc. This gives us the opportunity to talk about the formation of a new direction - computer steganography ...
Despite the fact that steganography as a method of hiding secret data has been known for thousands of years, computer steganography is a young and developing direction.
Steganographic system or stegosystem- a set of tools and methods that are used to form a covert information transmission channel.
When building a stegosystem, the following provisions should be taken into account:
The enemy has a complete understanding of the steganographic system and the details of its implementation. The only information that remains unknown to a potential adversary is the key, with the help of which only its holder can establish the fact of the presence and content of the hidden message.
If the adversary somehow learns about the existence of a hidden message, this should not allow him to extract similar messages in other data as long as the key is kept secret.
A potential adversary should be deprived of any technical or other advantages in recognizing or disclosing the content of secret messages.
The generalized stegosystem model is shown in Fig. 9.5.
Rice. 9.5. Generalized stegosystem model
As data any information can be used: text, message, image, etc.
In the general case, it is advisable to use the word "message", since a message can be either text or an image, or, for example, audio data. In what follows, we will use the term message to denote hidden information.
Container- any information designed to hide secret messages.
Stegkey or just a key - a secret key needed to hide information. Depending on the number of levels of protection (for example, embedding a pre-encrypted message) in the stegosystem, there may be one or several stegokeys.
By analogy with cryptography, stegosystems can be divided into two types by the type of stegkey:
with a secret key;
with a public key.
In a stegosystem with a secret key, one key is used, which must be determined either before the beginning of the exchange of secret messages, or transmitted over a secure channel.
A public-key stegosystem uses different keys to embed and retrieve a message, which differ in such a way that it is impossible to compute one key from another. Therefore, one key (public) can be transferred freely over an unsecured communication channel. In addition, this scheme works well with mutual mistrust between the sender and the recipient.
Currently, it is possible to distinguish three the directions of steganography applications closely related to each other and having the same roots: hiding data(messages), digital watermarks and headlines.
Concealment of embedded data, which in most cases have a large volume, makes serious demands on the container: the size of the container must be several times larger than the size of the embedded data.
Digital watermarks are used to protect copyright or property rights in digital images, photographs, or other digitized works of art. The main requirements for such embedded data are reliability and robustness. Digital watermarks are small, however, given the above requirements, more sophisticated methods are used to embed them than to embed just messages or headers.
Headings are mainly used for marking images in large electronic repositories (libraries) of digital images, audio and video files. In this case, steganographic methods are used not only to embed the identifying header, but also other individual attributes of the file. Embedded titles are small in size, and the requirements for them are minimal: titles should introduce minor distortions and be resistant to basic geometric transformations.
Computer cryptography is based on several principles:
The message can be sent using noise coding. It will be difficult to detect in the presence of hardware noise on the telephone line or network cables.
The message can be placed in the voids of files or disk without losing their functionality. Executable files have a multi-segment structure of executable code; a bunch of bytes can be inserted between the voids of the segments. This is how the WinCIH virus hides its body. A file always occupies an integer number of clusters on disk, so the physical and logical file lengths rarely match. In this interval, you can also write something. You can format an intermediate track on a disc and put a message on it. There is an easier way, which is that at the end of a line of HTML or text file, you can add a certain number of spaces that carry informational load.
The human senses are unable to distinguish small changes in color, image or sound. This applies to data that carries redundant information. For example, 16-bit audio or 24-bit images. Changing the bit values for the color of a pixel will not change the color noticeably. This also includes the method of hidden typefaces. Subtle distortions are made in the outlines of the letters, which will carry a semantic load. In a Microsoft Word document, you can insert similar characters containing a hidden message.
The most widespread and one of the best steganography software products is S-Tools (freeware status). It allows you to hide any files in GIF, BMP and WAV files. Performs adjustable compression (archiving) data. In addition, it performs encryption using algorithms MCD, DES, triple-DES, IDEA (optional). The graphic file remains without visible changes, only the shades change. The sound also remains unchanged. Even if suspicions arise, it is impossible to establish the fact of using S-Tools without knowing the password.
9.6.8. Cryptosystems certification and standardization. All states pay close attention to cryptography issues. There are constant attempts to impose certain limits, bans and other restrictions on the production, use and export of cryptographic tools. For example, in Russia, the import and export of information security means, in particular, cryptographic means, is licensed in accordance with the Decree of the President of the Russian Federation dated April 3, 1995 No. 334 and the decree of the Government of the Russian Federation dated April 15, 1994 No. 331.
As already mentioned, a cryptosystem cannot be considered reliable if the algorithm of its operation is not fully known. Only knowing the algorithm can you check if the protection is stable. However, only a specialist can check this, and even then such a check is often so complicated that it is economically inexpedient. How can an ordinary user who does not know mathematics make sure of the reliability of the cryptosystem, which he is offered to use?
For a layman, the proof of reliability can be the opinion of competent independent experts. Hence the certification system arose. All information security systems are subject to it, so that enterprises and institutions can officially use them. It is not forbidden to use uncertified systems, but in this case you assume the entire risk that it will not be reliable enough or will have “back doors”. But in order to sell information security products, certification is necessary. Such provisions are valid in Russia and in most countries.
Our only body authorized to carry out certification is the Federal Agency for Government Communications and Information under the President of the Russian Federation (FAPSI). This body approaches certification issues very carefully. Very few developments of third-party firms were able to obtain the FAPSI certificate.
In addition, FAPSI licenses the activities of enterprises related to the development, production, sale and operation of encryption tools, as well as secure technical means of storing, processing and transmitting information, providing services in the field of information encryption (Decree of the President of the Russian Federation dated 03.04.95 No. measures to comply with the rule of law in the development of production, sale and operation of encryption tools, as well as the provision of services in the field of information encryption "; and the Law of the Russian Federation" On Federal Bodies of Government Communications and Information ").
For certification, a prerequisite is compliance with standards in the development of information security systems. Standards serve a similar function. They allow, without carrying out complex, expensive and even not always possible research, to get confidence that the given algorithm provides protection of a sufficient degree of reliability.
9.6.9. Encrypted archives. Many software applications include an encryption function. Let's give examples of some software tools with encryption capabilities.
Archiving programs (for example, WinZip) have the option to encrypt the archived information. It can be used for not very important information. Firstly, the encryption methods used there are not very reliable (subject to official export restrictions), and secondly, they are not described in detail. All this does not allow us to seriously count on such protection. Archives with a password can only be used for "regular" users or non-critical information.
On some sites on the Internet, you can find programs to open encrypted archives. For example, a ZIP archive can be opened on a good computer in a few minutes, and no special qualifications are required from the user.
Note. Programs for guessing passwords: Ultra Zip Password Cracker 1.00 - Fast program for guessing passwords for encrypted archives. Russian / English interface. Win "95/98 / NT. (Developer -" m53group "). Advanced ZIP Password Recovery 2.2 - Powerful program for guessing passwords to ZIP archives. High speed, graphical interface, additional functions. OS: Windows95 / 98 / NT. Development company - "Elcom Ltd.", shareware.
Encryption in MS Word and MS Excel... Microsoft has included some semblance of crypto protection in its products. But this defense is very fragile. In addition, the encryption algorithm is not described, which is an indicator of unreliability. In addition, there is evidence that Microsoft leaves a "back door" in the crypto algorithms used. If you need to decrypt a file, the password for which has been lost, you can contact the company. Upon an official request, with sufficient grounds, they decrypt MS Word and MS Excel files. By the way, some other software vendors do this as well.
Encrypted disks (directories)... Encryption is a fairly reliable method of protecting information on a hard drive. However, if the amount of information to be closed is not limited to two or three files, then it is quite difficult to work with it: each time the files will need to be decrypted, and after editing, they will be encrypted back. At the same time, backup copies of files that many editors create may remain on the disk. Therefore, it is convenient to use special programs (drivers) that automatically encrypt and decrypt all information when it is written to disk and read from disk.
In conclusion, we note that a security policy is defined as a set of documented management decisions aimed at protecting information and associated resources. When developing and implementing it, it is advisable to be guided by the following basic principles:
Inability to bypass protective equipment... All information flows to and from the protected network must pass through the means of protection. There should be no secret modem inputs or test lines that bypass protection.
Strengthening the weakest link... The reliability of any protection is determined by the weakest link, since attackers hack it. Often the weakest link is not a computer or a program, but a person, and then the problem of ensuring information security becomes non-technical in nature.
Inability to transition to an unsafe state... The principle of the impossibility of transition to an unsafe state means that under any circumstances, including abnormal, the protective device either fully fulfills its functions or completely blocks access.
Minimizing privileges... The principle of minimizing privileges dictates that you give users and administrators only those access rights that are necessary for them to perform their official duties.
Segregation of duties... The principle of separation of duties assumes such a distribution of roles and responsibilities in which one person cannot disrupt a process that is critical for the organization.
Defense echelon... The principle of separation of defense prescribes not to rely on one defense line. A layered defense can at least delay an attacker and make it much more difficult for malicious actions to be carried out unnoticed.
Variety of protective equipment... The principle of a variety of protective equipment recommends organizing defensive lines of different nature so that a potential attacker is required to master a variety of, if possible, incompatible skills.
Simplicity and manageability of the information system... The principle of simplicity and manageability states that only in a simple and manageable system can you check the consistency of the configuration of different components and carry out centralized administration.
Ensuring universal support for security measures... The principle of universal support for security measures is non-technical. If users and / or system administrators consider information security to be something superfluous or hostile, then a security mode cannot be created deliberately. A set of measures should be envisaged from the very beginning aimed at ensuring the loyalty of personnel, for continuous theoretical and practical training.
In this article you will learn what a cryptographic information protection tool is and what it is for. This definition relates to cryptography - the protection and storage of data. The protection of information in electronic form can be done in any way - even by disconnecting the computer from the network and installing armed guards with dogs near it. But it is much easier to accomplish this using crypto-security tools. Let's see what it is and how it is implemented in practice.
The main goals of cryptography
Decryption of CIPF sounds like a "cryptographic information protection system". In cryptography, the communication channel can be completely accessible to attackers. But all data is confidential and very well encrypted. Therefore, despite the openness of the channels, cybercriminals cannot obtain information.
Modern cryptographic information protection tools consist of a software and computer complex. With its help, information protection is provided for the most important parameters, which we will consider further.
Confidentiality
It is impossible to read the information if you do not have permission to do so. What is cryptographic information protection tool and how does it encrypt data? The main component of the system is the electronic key. It is a combination of letters and numbers. Only by entering this key can you get to the desired section on which the protection is installed.
Integrity and Authentication
This is an important parameter that determines the possibility of unauthorized changes to data. If there is no key, then the information cannot be edited or deleted.
Authentication is a procedure for verifying the authenticity of information that is recorded on a key carrier. The key must correspond to the machine on which the information is decrypted.
Authorship
This is a confirmation of the user's actions and the impossibility of refusing them. The most common type of confirmation is EDS (electronic digital signature). It contains two algorithms - one creates a signature, the second verifies it.
Please note that all transactions that are carried out with electronic signatures are processed by certified centers (independent). For this reason, authorship cannot be counterfeited.
Basic data encryption algorithms
Today, many CIPF certificates are widespread; different keys are used for encryption - both symmetric and asymmetric. And the keys are long enough to provide the required cryptographic complexity.
The most popular algorithms used in crypto protection:
- Symmetric key - DES, AES, RC4, Russian Р-28147.89.
- With hash functions - for example, SHA-1/2, MD4 / 5/6, R-34.11.94.
- Asymmetric key - RSA.
Many countries have their own standards for encryption algorithms. For example, in the United States, modified AES encryption is used, the key can be 128 to 256 bits long.
The Russian Federation has its own algorithm - R-34.10.2001 and R-28147.89, in which a 256-bit key is used. Please note that there are elements in national cryptographic systems that are prohibited from exporting to other countries. All activities related to the development of cryptographic information protection tools require mandatory licensing.
Hardware crypto protection
When installing CIPF tachographs, you can ensure maximum protection of the information stored in the device. All this is implemented both at the software and hardware levels.
The hardware type of cryptographic information protection system is a device that contains special programs that provide reliable data encryption. Also with their help, information is stored, recorded and transmitted.
The encryption device is performed in the form of an encryptor connected to the USB ports. There are also devices that are installed on PC motherboards. Even specialized switches and crypto-protected network cards can be used to work with data.
Hardware types of cryptographic information protection devices are installed rather quickly and are capable of exchanging information at high speed. But the disadvantage is the rather high cost, as well as the limited possibility of modernization.
Software crypto protection
This is a complex of programs that allows you to encrypt information that is stored on various media (flash drives, hard and optical disks, etc.). Also, if there is a license for cryptographic information protection devices of this type, you can encrypt data when transmitting them over the Internet (for example, via e-mail or chat).
There are a large number of protection programs, and there are even free ones - such as DiskCryptor. The software type of CIPF is also virtual networks that allow the exchange of information "over the Internet". These are VPNs known to many. This type of protection includes the HTTP protocol, which supports SSL and HTTPS encryption.
CIPF software is mostly used when working on the Internet, as well as on home PCs. In other words, only in those areas where there are no serious requirements for the stability and functionality of the system.
Hardware-software type of crypto protection
Now you know what CIPF is, how it works and where it is used. It is also necessary to single out one type - software and hardware, in which all the best properties of both types of systems are collected. This method of information processing is the most reliable and secure today. Moreover, the user can be identified in various ways - both hardware (by installing a flash drive or floppy disk), and standard (by entering a login / password pair).
All encryption algorithms that exist today are supported by hardware and software systems. Please note that the SKZI installation should be performed only by qualified personnel of the complex developer. It is clear that such a cryptographic information protection tool should not be installed on computers that do not process confidential information.
Listen ... can you, for our common benefit, every letter that arrives at your post office, incoming and outgoing, you know, print a little and read it: does it contain some kind of report or just correspondence ... ...
N.V. Gogol "The Inspector General"
Ideally, only two people should be able to read a confidential letter: the sender and the person to whom it is addressed. The wording of such a seemingly very simple thing was the starting point of crypto protection systems. The development of mathematics gave impetus to the development of such systems.
Already in the XVII-XVIII centuries, ciphers in Russia were quite sophisticated and resistant to breaking. Many Russian mathematicians worked on the creation or improvement of encryption systems and at the same time tried to find the keys to the ciphers of other systems. At present, several Russian encryption systems can be noted, such as Lexicon Verba, Secret Net, DALLAS LOCK, Secret Disk, the Akkord product family, and others. complexes of crypto protection, learn about their capabilities, strengths and weaknesses. We hope this article will help you choose a crypto protection system.
Introduction
Are you worried that important information from your computer might end up in the wrong hands? This information can be used by competitors, regulatory authorities, and simply ill-wishers. Obviously, doing this can cause you significant damage. What to do? In order to protect your information from strangers, you need to install one of the data encryption programs. Our review is devoted to the analysis of encryption systems for desktop systems. It should be noted that the use of foreign encryption systems on the territory of Russia is very limited for a number of reasons, therefore government organizations and large domestic companies are forced to use Russian developments. However, medium and small companies, as well as individuals, sometimes prefer foreign systems.
For the uninitiated, encrypting information looks like black magic. Indeed, encrypting messages to hide their content from outsiders is a complex mathematical task. In addition, the cipher must be selected in such a way that it is practically impossible to open it without a key, and quickly and easily with a key. Many companies and organizations find it very difficult to make the best choice when installing encryption software. The matter is further complicated by the fact that absolutely secure computers and absolutely reliable encryption systems do not exist. However, there are still enough ways by which it is possible to repel almost all attempts to disclose encrypted information.
What do encryption programs have inside
The encryption programs differ from each other in the encryption algorithm. After encrypting the file, you can write it to a floppy disk, send it by e-mail, or put it on a server on your local network. The recipient of your encryption must have the same encryption program in order to read the contents of the file.
If you want to send an encrypted message to several users at the same time, then your information for each recipient can be encrypted using his own key or a shared key for all users (including the author of the message).
The encryption system uses a secret code to turn your information into a meaningless, pseudo-random set of characters. With a good encryption algorithm, it is almost impossible to decrypt a message without knowing the secret code used for encryption. Such algorithms are called symmetric key algorithms because the same key is used to encrypt and decrypt information.
To protect your data, the encryption program generates a secret key based on your password. You just need to set a long password that no one can guess. However, if you want someone else to read the file, you will need to provide that person with the secret key (or the password it was created from). You can be sure that even a simple encryption algorithm will protect your data from a common user, say, from a work colleague. However, professionals have a number of ways to decrypt a message without knowing the secret code.
Without special knowledge, you will not be able to independently check how reliable your encryption algorithm is. But you can rely on the opinion of the professionals. Several encryption algorithms, such as Triple DES (Data Encryption Standard), have been tested for years. According to the results of the verification, this algorithm has performed well, and cryptographers believe that it can be trusted. Most of the new algorithms are also carefully studied, and the results are published in specialized literature.
If the algorithm of the program has not been openly reviewed and discussed by professionals, if it does not have certificates and other official papers, this is a reason to doubt its reliability and refuse to use such a program.
Another type of encryption system is public key systems. For such a system to work, there is no need to tell the addressee the secret key (or the password on the basis of which it was created). These encryption systems generate two digital keys for each user: one is used to encrypt data, the other is used to decrypt it. The first key (called the public) can be published and the second kept secret. After that, anyone can encrypt the information using the public key, and only the one who has the corresponding secret key can decrypt it.
Some encryption programs contain another important security feature - a digital signature. A digital signature certifies that the file has not been changed since it was signed and gives the recipient information about who signed the file. The algorithm for creating a digital signature is based on calculating a checksum - the so-called hash-sum, or message digest. The algorithms used ensure that it is impossible to find two different files whose hashes would be the same.
When the recipient receives a digitally signed file, their encryption software recalculates the hash for the file. The recipient then recovers the digital signature using the public key published by the sender. If the result matches the value calculated for the file, then the recipient can be sure that the text of the message has not been changed (if this happened, the hash sum would have turned out to be different), and the signature belongs to the person who has access to the sender's secret key.
Protecting sensitive or confidential information requires more than just a good encryption program. There are a number of measures you need to take to ensure your information security. If your password is not strong (experts recommend that you specify it with eight or more characters) or if an unencrypted copy of confidential information is stored on your computer, then even the best encryption system will be powerless.
System "Lexicon-Verba"
The Lexicon-Verba system is a means of organizing a secure electronic document flow both within the corporate network and between different organizations. Two modifications of the cryptography system are used in Lexicon-Verba: the Verba-W system is intended for government agencies (protection of confidential information, in particular chipboard; signature keys - public, encryption keys - private), the Verba-OW system - for commercial organizations (protection of commercial secrets; signature and encryption keys are public).
There are quite a few world encryption standards, but only a small part of them are certified by the Federal Agency for Government Communications and Information (FAPSI), which makes it impossible to use uncertified solutions on the territory of Russia. The Verba-W system has a FAPSI certificate No. SF / 114-0176. Verba-ОW system - FAPSI certificate No. СФ / 114-0174.
Lexicon-Verba provides encryption and electronic digital signatures in accordance with the requirements of GOST 28147-89 “Information processing systems. Cryptographic protection "and GOST R34.10-94" Information technology. Cryptographic information protection. Procedures for the Generation and Verification of an Electronic Digital Signature Based on an Asymmetric Cryptographic Algorithm ".
The program is certified by the State Technical Commission under the President of the Russian Federation. In July, it is expected to receive a certificate from the Russian Ministry of Defense.
Crypto protection of the system is based on the method of encryption with a public key. Each key that identifies a user consists of two parts: a public key and a private key. The public key can be distributed freely and is used to encrypt the information of a given user. To decrypt a document, the user who encrypted it must have your public key and, when encrypted, indicate you as having access to the document.
To decrypt the document, you need to use the private key. The private key has two parts, one of which is stored on a smart card or touch-memory and the other on your computer's hard drive. Thus, neither the loss of a smart card nor unauthorized access to a computer give, each individually, the ability to decrypt documents.
The initial key set, which includes complete information about the user's public and private keys, is created at a specially equipped secure workplace. A diskette with key information is used only at the stage of preparing the user's workplace.
The Lexicon-Verba system can be used within the framework of two main systems for organizing secure document flow:
- as an independent solution. If the organization has a local network, the system can be installed not on all computers, but only on those where you need to work with confidential documents. This means that a subnet for the exchange of closed information appears within the corporate network. At the same time, participants in the closed part of the system can exchange open documents with other employees;
- as an integral part of the workflow. "Lexicon-Verba" has standard interfaces for connecting external functions to perform operations of opening, saving, closing and sending documents, which makes it easy to integrate this system into both existing and newly developed document management systems.
It should be noted that the properties of the Lexicon-Verba system make it not only a means of ensuring information protection against external intrusions, but also a means of increasing intracorporate confidentiality and sharing access.
One of the important additional resources for increasing the level of information security control is the ability to maintain an "event log" for any document. The document history capture function can be enabled or disabled only when the system is installed; when enabled, this log will be kept regardless of the user's wishes.
The main advantage and distinctive feature of the system is a simple and intuitive implementation of information security functions while maintaining the user's work environment traditional for word processors.
The cryptography unit performs encryption, as well as installation and removal of electronic digital signatures (EDS) of documents.
Auxiliary functions of the unit - loading a secret key, exporting and importing public keys, setting up and maintaining a directory of system subscribers' keys.
Thus, each of those who have access to the document can only put their signature, but remove - any of the previously supplied.
This reflects the accepted procedure for office work, when, as the document goes through the approval, it can be revised at different stages, but after that the document must be re-approved.
If you try to make changes to the document by means other than Lexicon-Verba, the EDS is damaged, as a result, the message “Damaged” will appear in the “Signature Status” field.
Office
With an increase in the number of users of the system, it becomes difficult to enter each public key on each computer. Therefore, to organize the work of the office, centralized administration of the public key directory is organized. This is done as follows:
1) "Lexicon-Verba" is installed on the administrator's computer in local mode. At the same time, a directory of public keys is created, to which the administrator adds each key used in the office;
2) on all other computers, the system is installed in the network mode. In this mode, the directory of public keys located on the administrator's computer is used;
3) each new user entered by the administrator into the directory becomes "visible" to all users connected to the directory. From that moment, they get the opportunity to transmit encrypted documents to him.
Directory administration becomes centralized, but this does not affect the level of system security, since providing access to public keys is a kind of "acquaintance" of users, but it does not give access to any documents. For a user to be able to decrypt a document, it is necessary that his public key is not only in the reference book, but also explicitly indicated as having access to the document.
The main tasks of protecting information during its storage, processing and transmission through communication channels and on various media, solved with the help of cryptographic information protection tools, are: 1.Ensuring the secrecy (confidentiality) of information. 2.
Ensuring the integrity of information. 3.
Confirmation of the authenticity of information (documents). To solve these problems, it is necessary to implement the following
processes: 1.
Implementation of the actual information protection functions, including:
encryption / decryption; EDS creation / verification; creation / verification of an imitation insert. 2.
Monitoring the status and managing the operation of the KZI (in the system):
state control: detection and registration of cases of malfunctioning of the KZZ facilities, attempts of unauthorized access, cases of compromised keys;
operation management: taking measures in case of the listed deviations from the normal functioning of the KZZ facilities. 3.
Maintenance of KZZ facilities: implementation of key management;
implementation of procedures related to the connection of new network subscribers and / or the exclusion of dropped subscribers; elimination of the identified shortcomings of the CIPF; introduction of new versions of the cryptographic information protection software;
modernization and replacement of technical means of cryptographic information protection system for more advanced and / or replacement of means, the resource of which is depleted.
Key management is one of the most important functions of cryptographic information protection and consists in the implementation of the following main functions:
key generation: defines a mechanism for generating keys or key pairs with a guarantee of their cryptographic qualities;
key distribution: defines the mechanism by which keys are reliably and securely delivered to subscribers;
key storage: defines the mechanism by which keys are safely and securely stored for future use;
key recovery: defines the mechanism for recovering one of the keys (replacement with a new key);
key destruction: defines the mechanism by which obsolete keys are reliably destroyed;
key archive: a mechanism by which keys can be safely stored for their further notarized recovery in conflict situations.
In general, for the implementation of the listed functions of cryptographic protection of information, it is necessary to create a system of cryptographic protection of information, combining the actual means of KZI, service personnel, premises, office equipment, various documentation (technical, regulatory and administrative), etc.
As already noted, in order to obtain guarantees of information protection, it is necessary to use certified KZZ tools.
Currently, the most widespread issue is the protection of confidential information. To resolve this issue, under the auspices of the FAPSI, a functionally complete complex of cryptographic protection of confidential information has been developed, which allows solving the listed tasks of protecting information for a wide variety of applications and conditions of use.
This complex is based on the "Verba" (asymmetric key system) and "Verba-O" (symmetric key system) cryptographic kernels. These cryptokernels provide data encryption procedures in accordance with the requirements of GOST 28147-89 "Information processing systems. Cryptographic protection" and digital signatures in accordance with the requirements of GOST R34.10-94 "Information technology. Cryptographic information protection. Procedures for generating and verifying electronic digital signatures based on an asymmetric cryptographic algorithm ".
The means included in the CIPF complex allow protecting electronic documents and information flows using certified encryption and electronic signature mechanisms in almost all modern information technologies, including allowing: use of CIPF in an offline mode;
secure information exchange in off-line mode; secure information exchange in on-line mode; protected heterogeneous, i.e. mixed information exchange.
To solve systemic issues of the use of cryptographic information protection devices under the leadership of D.A. in the process of creating a document, when the document itself is protected.
In addition, within the framework of the general Vityaz technology, a simplified technology, easily accessible to users, is provided for embedding licensed cryptographic information protection tools into various application systems, which makes a very wide range of use of these cryptographic information resources.
Below is a description of the means and methods of protection for each of the listed modes.
The use of cryptographic information protection tools in offline mode.
During autonomous work with cryptographic data protection tools, the following types of cryptographic information protection can be implemented: creation of a secure document; file protection;
creating a secure file system; creating a protected logical disk. At the request of the user, the following types of cryptographic protection of documents (files) can be implemented:
encryption of a document (file), which makes its content inaccessible both during the storage of the document (file) and during its transmission via communication channels or by courier;
development of an imitation insert, which ensures control of the integrity of the document (file);
formation of an EDS, which ensures control of the integrity of the document (file) and authentication of the person who signed the document (file).
As a result, the protected document (file) turns into an encrypted file containing, if necessary, an EDS. EDS, depending on the organization of the information processing process, can be presented as a separate file from the signed document. Further, this file can be displayed on a floppy disk or other medium, for delivery by courier, or sent by any available e-mail, for example, over the Internet.
Accordingly, upon receipt of an encrypted file by e-mail or on a particular medium, the performed actions for cryptographic protection are performed in the reverse order (decryption, verification of the imitation insert, verification of the EDS).
The following certified tools can be used to carry out autonomous work with CIPF:
the text editor "Leksikon-Verba", implemented on the basis of the CIPF "Verba-O" and the CIPF "Verba";
the software complex of the CIPF "Autonomous work place", implemented on the basis of the CIPF "Verba" and "Verba-O" for the OS Windows 95/98 / NT;
PTS "DiskGuard" cryptographic disk driver.
Protected word processor "Lexicon-Verba".
The "Lexicon-Verba" system is a full-featured text editor with support for document encryption and electronic digital signatures. For the protection of documents, it uses the "Verba" and "Verba-O" cryptographic systems. The uniqueness of this product lies in the fact that the functions of encryption and text signing are simply included in the functions of a modern text editor. In this case, encryption and signature of a document turn from special processes into standard actions when working with a document.
In this case, the "Lexicon-Verba" system looks like a regular text editor. Text formatting capabilities include full customization of document fonts and paragraphs; tables and lists; headers and footers, footnotes, sidebars; use of styles and many other functions of a text editor that meets modern requirements. "Lexicon-Verba" allows you to create and edit documents in the formats Lexicon, RTF, MS Word 6/95/97, MS Write.
Autonomous workplace.
The CIPF "Autonomous workplace" is implemented on the basis of the CIPF "Verba" and "Verba-O" for Windows 95/98 / NT and allows the user to perform the following functions in an interactive mode:
encryption / decryption of files on keys; encryption / decryption of files with a password; affixing / removing / checking electronic digital signatures (EDS) under the files;
scanning of encrypted files;
EDS affixing + encryption (in one action) of files; decryption + removal of EDS (in one action) under the files;
calculating a hash file.
CIPF "Autonomous workplace" is advisable to use for the daily work of employees who need to provide:
transmission of confidential information in electronic form by courier or courier;
sending confidential information over the public network, including the Internet;
protection from unauthorized access to confidential information on personal computers of employees.
