The Naked Scientists

The Naked Scientists Forum

Author Topic: design question - secure systems communication  (Read 3158 times)

Offline latebind

  • Sr. Member
  • ****
  • Posts: 248
  • Hello World
    • View Profile
design question - secure systems communication
« on: 15/06/2009 22:46:46 »
I have a few distributed systems that need to communicate securely. The encryption is triple DES.
What is the best way to give each system access to the key?

Maybe I am not thinking about this the right way? What I know is that each system needs the same key in order to be able to encrypt outbound data and decrypt inbound data.

This poses the problem I have, how do you make sure that the key is secure when so many systems need to use it? Do you allow each system to have a local copy(which doesnt sound right to me) or do you make them ask a remote server for the key? And if they need to ask a remote server then they need a password kept locally which takes me back to square one and I want to pull all my hair out!!

Thanks!!!€


 

Offline LeeE

  • Neilep Level Member
  • ******
  • Posts: 3382
    • View Profile
    • Spatial
design question - secure systems communication
« Reply #1 on: 15/06/2009 23:55:53 »
You only need a private key to sign something; the public key is all that's required to read something that's been signed, and of course, this doesn't need to be secured.  If each system needs to be able to sign stuff, they should each have their own private key, which should not be transferred between systems.

Each system then, should have it's own private key, which it keeps secure, and a public key, which it can distribute to anyone that needs to read it's signed messages.  As long as each system has the public keys from all the other systems, all of the systems will be able to read stuff from the others.
 

Offline latebind

  • Sr. Member
  • ****
  • Posts: 248
  • Hello World
    • View Profile
design question - secure systems communication
« Reply #2 on: 16/06/2009 00:45:30 »
allright, that makes sense.

Does that apply to triple DES? (sorry for my ignorance but I am very new to cryptography)

another potential problem, is what if our system was breached and an attacker got hold of the public key, he could then read any intercepted data transmissions?

« Last Edit: 16/06/2009 00:54:54 by latebind »
 

Offline LeeE

  • Neilep Level Member
  • ******
  • Posts: 3382
    • View Profile
    • Spatial
design question - secure systems communication
« Reply #3 on: 16/06/2009 18:49:58 »
Afaik, DES uses 56 bit key-sets and in triple DES three such key-sets are used to provide an effective key length of 168 bits (depending on whether each 56 bit sub-key is unique - there are options within triple DES to use three identical keys, which reduces the effective key length back down to 56 bits, or to use two unique sub-keys, with the third being the same as one of the others, which reduces the effective key length to 112 bits).

In the end, I don't think that using triple DES will make a difference as the individual sub-keys are combined - I'm not a cryptography scientist though, so you should probably bite the bullet and rtfm.

If you need this cryptography for data transmission only, and not for encryption of stored data, you could generate a new key pair for each specific transmission.

Really though, if you're doing this on a professional basis, you should have a good read-up of some proper documentation and then perhaps get your company to pay for some consultancy (do your swatting up before you get the consultant in, so you know what they're talking about without having to pay for their time to teach you first).

Like I said, I'm not a cryptography scientist, and considering that this seems like a professional/commercial a security issue, you shouldn't just rely upon things said in a general science forum, except to get a rough understanding of what's required.
 

lyner

  • Guest
design question - secure systems communication
« Reply #4 on: 17/06/2009 14:17:33 »
Any encryption system is crackable, given sufficient time and processor power.  (Except, I think, for systems using a 'one time pad' which has a private key which is only used once.) It is interesting to note that the DES was invented by the US and was made just hard enough to crack in a reasonable time by the best computers of the time. It was, I believe, in response to the Russians cleaning up on the US grain market by hacking the data. They needed a day or two of defence against this hacking and I believe it did the job. Things are sure to have changed since the  eighties(?) when it was born.

What system you choose will depend upon how long you need your data to be secure and how much it may be worth to the competitors to get a bigger computer Quint.
 

Offline techmind

  • Hero Member
  • *****
  • Posts: 934
  • Un-obfuscated
    • View Profile
    • techmind.org
design question - secure systems communication
« Reply #5 on: 08/07/2009 21:50:19 »
"Public key" aka "asymmetric key" cryptography can often be used to solve the key-exhange problem. Public-key cryptography is very computationally intensive so is normally used just to facilitate key-exchange prior to a much faster symmetric-key encryption step for the payload data (where you may use a random, different, symmetric key for each communication).

Also are you looking at one-to-many comms, or many-to-many? Are you prepared to have a system which maintains a record of individual encryption-keys for each box?


It's always wise however to consider what the threat-model is. Are you looking to ensure integrity of data (guard against corruption of any kind (and/or authenticity of sender) - in which case 'hashing' and signing may be sufficient), or secrecy? And even if you communicate encrypted, presumably the non-encrypted data exists on the devices ... are these physically secure, or prone to the installation of other malicious software which might subsequently 'leak' the data?


Within the "Security Now" series of podcasts, there are a number of episodes which deal with the concepts and applications of encryption which you might find useful - though if you found the right book that'd probably be quicker! You might try listening to some of episodes 29-37. Transcripts are also available.

http://www.grc.com/securitynow.htm
« Last Edit: 08/07/2009 21:57:03 by techmind »
 

Offline MonikaS

  • Sr. Member
  • ****
  • Posts: 279
    • View Profile
design question - secure systems communication
« Reply #6 on: 13/07/2009 20:22:30 »
"Security Now" is a great podcast! It gives you great insights into all sorts of security related concepts.

Latebind, you wrote the computers need to communicate securely, have you looked into Ipsec? That would prevent eavesdropping. Like techmind wrote, the data needs to be protected not only during transit over the wire, but as well on the computer itself. You might need to look into setting up a Public Key Infrastructure.

3DES is a symmetric encryption method, so it's fast and reasonably secure, as long as you use good randomly generated keys. So you can use those keys to encrypt the payload. You then encrypt the 3DES key with the public key of the person who needs to read the payload. Only the private key of that person is able the decrypt the 3DES key and can thus read the payload. If more than one person needs to read the payload, those persons public keys need to be used as well.
You now only need to make sure that each persons public key really is their public key and that the private keys of those persons are stored securely, perharps on smart cards.

Keeping data secure can be very costly, extra servers, extra people to maintain those servers, etc. So you need evaluate the threats carefully to see how much money you are willing to throw at it.
 

The Naked Scientists Forum

design question - secure systems communication
« Reply #6 on: 13/07/2009 20:22:30 »

 

SMF 2.0.10 | SMF © 2015, Simple Machines
SMFAds for Free Forums