The encryption algorithms DES and 3DES are no longer regarded as secure and should not be used where possible. The use of AES encryption algorithms is recommended as an alternative.
Asymmetrical encryption
In asymmetrical encryption, data is encrypted with one key and decrypted with a second key. Both keys are suitable for encryption and decryption. One of the keys is kept secret by its owner (private key), while the other is made available to the public (public key), i.e., to potential communication partners.
A message encrypted with the public key can only be decrypted and read by a recipient in possession of the associated private key. A message encrypted with the private key can be decrypted by any recipient in possession of the associated public key. Encryption using the private key shows that the message actually originated from the owner of the associated public key. Therefore, the expression “digital signature” is also often used.
However, asymmetrical encryption methods such as RSA are both slow and susceptible to certain types of attack. As a result, they are often combined with some form of symmetrical encryption (“Symmetrical encryption” on page 452). On the other hand, concepts are available enabling the complex additional administration of symmetrical keys to be avoided.
DES/3DES
|
The encryption algorithms DES and 3DES are no longer regarded as secure and should not be used where possible. The use of AES encryption algorithms is recommended as an alternative. |
For reasons of backwards compatibility, the DES and 3DES encryption algorithms can continue to be used. For more information, see “Using secure encryption and hash algorithms” on page 21.
This symmetrical encryption algorithm (“Symmetrical encryption” on page 452) was developed by IBM and checked by the NSA. DES was specified in 1977 by the American National Bureau of Standards (the predecessor of the National Institute of Standards and Technology (NIST)) as the standard for American governmental institutions. As this was the very first standardized encryption algorithm, it quickly won acceptance in industrial circles, both inside and outside America.
DES uses a 56-bit key length, which is no longer considered secure as the available processing power of computers has greatly increased since 1977.
3DES is a version of DES. It uses keys that are three times as long, i.e., 168 bits in length. Still considered to be secure today, 3DES is included in the IPsec standard, for example.
AES
AES (Advanced Encryption Standard) has been developed by NIST (National Institute of Standards and Technology) over the course of many years of cooperation with industry. This symmetrical encryption standard has been developed to replace the earlier DES standard. AES specifies three different key lengths (128, 192, and 256 bits).
In 1997, NIST started the AES initiative and published its conditions for the algorithm. From the many proposed encryption algorithms, NIST selected a total of five algorithms for closer examination – MARS, RC6, Rijndael, Serpent, and Twofish. In October 2000, the Rijndael algorithm was adopted as the encryption algorithm.
How trustworthy is a certificate and the issuing CA (certification authority)? ( “X.509 certificate” on page 451) A CA certificate can be consulted in order to check a certificate bearing this CA's signature. This check only makes sense if there is little doubt that the CA certificate originates from an authentic source (i.e., is authentic). In the event of doubt, the CA certificate itself can be checked. If (as is usually the case) the certificate is a sub-CA certificate (i.e., a CA certificate issued by a sub-certification authority), then the CA certificate of the superordinate CA can be used to check the CA certificate of the subordinate instance. If a superordinate CA certificate is in turn subordinate to another superordinate CA, then its CA certificate can be used to check the CA certificate of the subordinate instance, etc. This “chain of trust” continues down to the root instance (the root CA or certification authority). The root CA's CA file is necessarily self-signed, since this instance is the highest available and is ultimately the basis of trust. No-one else can certify that this instance is actually the instance in question. A root CA therefore is a state or a state-controlled organization.
The mGuard can use its imported CA certificates to check the authenticity of certificates shown by peers. In the case of VPN connections, for example, peers can only be authenticated using CA certificates. This requires all CA certificates to be installed on the mGuard in order to form a chain with the certificate shown by the peer. In addition to the CA certificate from the CA whose signature appears on the certificate shown by the VPN partner to be checked, this also includes the CA certificate of the superordinate CA, and so forth, up to the root certificate. The more meticulously this “chain of trust” is checked in order to authenticate a peer, the higher the level of security will be.
Client/server
In a client/server environment, a server is a program or computer which accepts and responds to queries from client programs or client computers.
In data communication, the computer establishing a connection to a server (or host) is also called a client. In other words, the client is the calling computer and the server (or host) is the computer called.
In IP transmission protocols, data is sent in the form of data packets. These are known as IP datagrams. An IP datagram is structured as follows
|
IP header |
TCP, UDP, ESP, etc. header |
Data (payload) |
The IP header contains:
–The IP address of the sender (source IP address)
–The IP address of the recipient (destination IP address)
–The protocol number of the protocol on the superordinate protocol layer (according to the OSI layer model)
–The IP header checksum used to check the integrity of the received header
The TCP/UDP header contains the following information:
–The port of the sender (source port)
–The port of the recipient (destination port)
–A checksum covering the TCP header and some information from the IP header (including source and destination IP address)
Default route
If a computer is connected to a network, the operating system creates a routing table internally. The table lists the IP addresses that the operating system has identified based on the connected computers and the routes available at that time. Accordingly, the routing table contains the possible routes (destinations) for sending IP packets. If IP packets are to be sent, the computer's operating system compares the IP addresses stated in the IP packets with the entries in the routing table in order to determine the correct route.
If a router is connected to the computer and its internal IP address (i.e., the IP address of the router's LAN port) has been relayed to the operating system as the default gateway (in the network card's TCP/IP configuration), then this IP address is used as the destination if all other IP addresses in the routing table are not suitable. In this case, the IP address of the router specifies the default route because all IP packets whose IP address has no counterpart in the routing table (i.e., cannot find a route) are directed to this gateway.
DynDNS provider
Also known as Dynamic DNS provider. Every computer connected to the Internet has an IP address (IP = Internet Protocol). If the computer accesses the Internet via a dial-up modem, ISDN or ADSL, its Internet service provider will assign it a dynamic IP address. In other words, the address changes for each online session. Even if a computer is online 24 hours a day without interruption (e.g., flat-rate), the IP address will change during the session.
If this computer needs to be accessible via the Internet, it must have an address that is known to the remote peer. This is the only way to establish a connection to the computer. However, if the address of the computer changes constantly, this will not be possible. This problem can be avoided if the operator of the computer has an account with a DynDNS provider (DNS = Domain Name Server).
In this case, the operator can set a host name with this provider via which the computer should be accessible, e.g., www.example.com. The DynDNS provider also provides a small program that must be installed and run on the computer concerned. Every time a new Internet session is launched on the local computer, this tool sends the IP address used by the computer to the DynDNS provider. The domain name server registers the current assignment of the host name to the IP address and also informs the other domain name servers on the Internet accordingly.
If a remote computer now wishes to establish a connection to a computer that is registered with the DynDNS provider, then the remote computer can use the host name of the computer as the address. This establishes a connection to the responsible DNS in order to look up the IP address that is currently registered for this host name. The corresponding IP address is sent back from the DNS to the remote computer, which can then use it as the destination address. This now leads directly to the desired computer.
In principle, all Internet addresses are based on this procedure: first, a connection to a DNS is established in order to determine the IP address assigned to the host name. Once this has been accomplished, the “looked up” IP address is used to set up a connection to the required peer, which could be any site on the Internet.
IP address
Every host or router on the Internet/Intranet has its own unique IP address (IP = Internet Protocol). An IP address is 32 bits (4 bytes) long and is written as four numbers (each between 0 and 255), which are separated by a dot.
An IP address consists of two parts: the network address and the host address.
|
Network address |
Host address |
All network hosts have the same network address, but different host addresses. The two parts of the address differ in length depending on the size of the respective network (networks are categorized as Class A, B or C).
|
|
Byte 1 |
Byte 2 |
Byte 3 |
Byte 4 |
|
Class A |
Network address |
Host address |
||
|
Class B |
Network address |
Host address |
||
|
Class C |
Network address |
Host address |
||
The first byte of the IP address determines whether the IP address of a network device belongs to Class A, B or C. The following is specified:
|
|
Value of byte 1 |
Bytes for the network address |
Bytes for the host address |
|
Class A |
1 - 126 |
1 |
3 |
|
Class B |
128 - 191 |
2 |
2 |
|
Class C |
192 - 223 |
3 |
1 |
Based on the above figures, the number of Class A networks worldwide is limited to 126. Each of these networks can have a maximum of 256 x 256 x 256 hosts (3 bytes of address area). There can be 64 x 256 Class B networks and each of these networks can have up to 65,536 hosts (2 bytes of address area: 256 x 256). There can be 32 x 256 x 256 Class C networks and each of these networks can have up to 256 hosts (1 byte of address area).
Subnet mask
Normally, a company network with access to the Internet is only officially assigned a single IP address, e.g., 128.111.10.21. The first byte of this example address indicates that this company network is a Class B network; in other words, the last two bytes are free to be used for host addressing. Accordingly, an address area for up to 65,536 possible hosts (256 x 256) can be computed.
Such a huge network is not practical and generates a need for subnetworks to be built. The subnet mask is used here. Like an IP address, the mask is 4 bytes long. The bytes representing the network address are each assigned the value 255. The primary purpose of doing this is to enable a portion of the host address area to be “borrowed” and used for addressing subnetworks. For example, if the subnet mask 255.255.255.0 is used on a Class B network (2 bytes for the network address, 2 bytes for the host address), the third byte, which was actually intended for host addressing, can now be used for subnetwork addressing. This computes to potential support for 256 subnetworks, each with 256 hosts.
IPsec
IP security (IPsec) is a standard that uses encryption to verify the authenticity of the sender and to ensure the confidentiality and integrity of the data in IP datagrams (“Datagram” on page 446). The components of IPsec are the Authentication Header (AH), the Encapsulating Security Payload (ESP), the Security Association (SA), and the Internet Key Exchange (IKE).
At the start of the session, the systems involved in communication must determine which technique should be used and the implications of this choice, e.g., Transport Mode or Tunnel Mode.
In Transport Mode, an IPsec header is inserted between the IP header and the TCP or UDP header respectively in each IP datagram. Since the IP header remains unchanged, this mode is only suitable for host-to-host connections.
In Tunnel mode, an IPsec header and a new IP header are prefixed to the entire IP datagram. This means the original datagram is encrypted in its entirety and stored in the payload of the new datagram.
Tunnel Mode is used in VPN applications: the devices at the ends of the tunnel ensure that the datagrams are encrypted/decrypted along the tunnel; in other words, the actual datagrams are completely protected during transfer over a public network.
In a certificate, confirmation is provided by a certification authority (CA) that the certificate does actually belong to its owner. This is done by confirming specific owner properties. Furthermore, the certificate owner must possess the private key that matches the public key in the certificate. ( “X.509 certificate” on page 451).
Example
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=XY, ST=Austria, L=Graz, O=TrustMe Ltd, OU=Certificate Authority, CN=CA/Email=ca@trustme.dom
Validity
Not Before: Oct 29 17:39:10 2000 GMT
Subject: CN=anywhere.com,E=doctrans.de,C=DE,ST=Hamburg,L=Hamburg,O=Phoenix Contact,OU=Security
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c4:40:4c:6e:14:1b:61:36:84:24:b2:61:c0:b5:
d7:e4:7a:a5:4b:94:ef:d9:5e:43:7f:c1:64:80:fd:
9f:50:41:6b:70:73:80:48:90:f3:58:bf:f0:4c:b9:
90:32:81:59:18:16:3f:19:f4:5f:11:68:36:85:f6:
1c:a9:af:fa:a9:a8:7b:44:85:79:b5:f1:20:d3:25:
7d:1c:de:68:15:0c:b6:bc:59:46:0a:d8:99:4e:07:
50:0a:5d:83:61:d4:db:c9:7d:c3:2e:eb:0a:8f:62:
8f:7e:00:e1:37:67:3f:36:d5:04:38:44:44:77:e9:
f0:b4:95:f5:f9:34:9f:f8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
email:xyz@anywhere.com
Netscape Comment:
mod_ssl generated test server certificate
Netscape Cert Type:
SSL Server
Signature Algorithm: md5WithRSAEncryption
12:ed:f7:b3:5e:a0:93:3f:a0:1d:60:cb:47:19:7d:15:59:9b:
3b:2c:a8:a3:6a:03:43:d0:85:d3:86:86:2f:e3:aa:79:39:e7:
82:20:ed:f4:11:85:a3:41:5e:5c:8d:36:a2:71:b6:6a:08:f9:
cc:1e:da:c4:78:05:75:8f:9b:10:f0:15:f0:9e:67:a0:4e:a1:
4d:3f:16:4c:9b:19:56:6a:f2:af:89:54:52:4a:06:34:42:0d:
d5:40:25:6b:b0:c0:a2:03:18:cd:d1:07:20:b6:e5:c5:1e:21:
44:e7:c5:09:d2:d5:94:9d:6c:13:07:2f:3b:7c:4c:64:90:bf:
ff:8e
The subject distinguished name (or subject for short) uniquely identifies the certificate owner. The entry consists of several components. These are called attributes (see the example certificate above). The following table contains a list of possible attributes. The sequence of attributes in an X.509 certificate can vary.
|
Abbreviation |
Name |
Explanation |
|---|---|---|
|
CN |
Common name |
Identifies the person or object to whom or which the certificate belongs. Example: CN=server1 |
|
E |
E-mail address |
Specifies the e-mail address of the certificate owner. |
|
OU |
Organizational unit |
Specifies the department within an organization or company. Example: OU=Development |
|
O |
Organization |
Indicates the organization or company. Example: O=Phoenix Contact |
|
L |
Locality |
Indicates the location Example: L=Hamburg |
|
ST |
State |
Specifies the state or county. Example: ST=Bavaria |
|
C |
Country |
Two-letter code that specifies the country. (Germany=DE) Example: C=DE |
A filter can be set for the subject (i.e., the certificate owner) during VPN connections and remote service access to the mGuard using SSH or HTTPS. This would ensure that only certificates from peers that have certain attributes in the subject line are accepted.
NAT (Network Address Translation)
Network Address Translation (NAT) (also known as IP masquerading) “hides” an entire network behind a single device, known as a NAT router. If you communicate externally via a NAT router, the internal computers in the local network and their IP addresses remain hidden. The remote communication partner will only see the NAT router with its IP address.
In order to allow internal computers to communicate directly with external computers (on the Internet), the NAT router must modify the IP datagrams that are sent from internal computers to remote partners and received by internal computers from remote partners.
If an IP datagram is sent from the internal network to a remote partner, the NAT router modifies the UDP and TCP headers of the datagram, replacing the source IP address and source port with its own official IP address and a previously unused port. For this purpose, the NAT router uses a table in which the original values are listed together with the corresponding new ones.
When a response datagram is received, the NAT router uses the specified destination port to recognize that the datagram is intended for an internal computer. Using the table, the NAT router replaces the destination IP address and port before forwarding the datagram via the internal network.
Port number
A port number is assigned to each device in UDP and TCP protocol-based communication. This number makes it possible to differentiate between multiple UDP or TCP connections between two computers and use them simultaneously.
Certain port numbers are reserved for specific purposes. For example, HTTP connections are usually assigned to TCP port 80 and POP3 connections to TCP port 110.
Proxy
A proxy is an intermediary service. A web proxy (e.g., Squid) is often connected upstream of a large network. For example, if 100 employees access a certain website frequently over a web proxy, then the proxy only loads the relevant web pages from the server once and then distributes them as needed among the employees. Remote web traffic is reduced, which saves money.
PPPoE
Acronym for Point-to-Point Protocol over Ethernet. A protocol based on the PPP and Ethernet standards. PPPoE is a specification defining how to connect users to the Internet via Ethernet using a shared broadband medium such as DSL, wireless LAN or a cable modem.
PPTP
Acronym for Point-to-Point Tunneling Protocol. This protocol was developed by Microsoft and U.S. Robotics, among others, for secure data transfer between two VPN nodes ( VPN) via a public network.
Router
A router is a device that is connected to different IP networks and communicates between them. To do this, the router has an interface for each network connected to it. A router must find the correct path to the destination for incoming data and define the appropriate interface for forwarding it. To do this, it takes data from a local routing table listing assignments between available networks and router connections (or intermediate stations).
Trap
SNMP (Simple Network Management Protocol) is often used alongside other protocols, in particular on large networks. This UDP-based protocol is used for central administration of network devices. For example, the configuration of a device can be requested using the GET command and changed using the SET command; the requested network device must simply be SNMP-compatible.
An SNMP-compatible device can also send SNMP messages (e.g., should unexpected events occur). Messages of this type are known as SNMP traps.
A type of “seal” that certifies the authenticity of a public key ( asymmetrical encryption) and the associated data.
It is possible to use certification to enable the user of the public key (used to encrypt the data) to ensure that the received public key is indeed from its actual issuer (and thus from the instance that should later receive the data). A certification authority (CA) certifies the authenticity of the public key and the associated link between the identity of the issuer and its key. The certification authority verifies authenticity in accordance with its rules (for example, it may require the issuer of the public key to appear before it in person). After successful authentication, the CA adds its (digital) signature to the public key. This results in a certificate.
An X.509(v3) certificate thus consists of a public key, information about the key owner (the Distinguished Name (DN)), authorized use, etc., and the signature of the CA ( Subject, certificate).
The signature is created as follows: the CA creates an individual bitstring from the bitstring of the public key, owner information, and other data. This bitstring can be up to 160 bits in length and is known as the HASH value. The CA then encrypts this with its own private key and then adds it to the certificate. The encryption with the CA's private key proves the authenticity of the certificate (i.e., the encrypted HASH string is the CA's digital signature). If the certificate data is tampered with, then this HASH value will no longer be correct and the certificate will be rendered worthless.
The HASH value is also known as the fingerprint. Since it is encrypted with the CA's private key, anyone who has the corresponding public key can decrypt the bitstring and thus verify the authenticity of the fingerprint or signature.
The involvement of a certification authority means that it is not necessary for key owners to know each other. They only need to know the certification authority involved in the process. The additional key information also simplifies administration of the key.
X.509 certificates are used for e-mail encryption with S/MIME or IPsec, for example.
Protocol, transmission protocol
Devices that communicate with each other must follow the same rules. They have to “speak the same language”. Rules and standards of this kind are called protocols or transmission protocols. Some of the more frequently used protocols are IP, TCP, PPP, HTTP, and SMTP.
Service provider
Service providers are companies or institutions that enable users to access the Internet or online services.
Spoofing, anti-spoofing
In Internet terminology, spoofing means supplying a false address. Using this false Internet address, a user can create the illusion of being an authorized user.
Anti-spoofing is the term for mechanisms that detect or prevent spoofing.
In symmetrical encryption, the same key is used to encrypt and decrypt data. Two examples of symmetrical encryption algorithms are DES and AES. They are fast, but also increasingly difficult to administrate as the number of users increases.
TCP/IP (Transmission Control Protocol/Internet Protocol)
Network protocols used to connect two computers on the Internet.
IP is the base protocol.
UDP is based on IP and sends individual packets. The packets may reach the recipient in a different order than that in which they were sent or they may even be lost.
TCP is used for connection security and ensures, for example, that data packets are forwarded to the application in the correct order.
UDP and TCP add port numbers between 1 and 65535 to the IP addresses. These distinguish the various services offered by the protocols.
A number of additional protocols are based on UDP and TCP. These include HTTP (Hyper Text Transfer Protocol), HTTPS (Secure Hyper Text Transfer Protocol), SMTP (Simple Mail Transfer Protocol), POP3 (Post Office Protocol, Version 3), and DNS (Domain Name Service).
ICMP is based on IP and contains control messages.
SMTP is an e-mail protocol based on TCP.
IKE is an IPsec protocol based on UDP.
ESP is an IPsec protocol based on IP.
On a Windows PC, the WINSOCK.DLL (or WSOCK32.DLL) handles the processing of both protocols.
A VLAN (Virtual Local Area Network) divides a physical network into several independent logical networks, which exist in parallel.
Devices on different VLANs can only access devices within their own VLAN. Accordingly, assignment to a VLAN is no longer defined by the network topology alone, but also by the configured VLAN ID.
VLAN settings can be used as optional settings for each IP. A VLAN is identified by its VLAN ID (1-4094). All devices with the same VLAN ID belong to the same VLAN and can communicate with one another.
The Ethernet packet for a VLAN (according to IEEE 802.1Q) is extended by 4 bytes, with 12 bits available for recording the VLAN ID. VLAN IDs “0” and “4095” are reserved and cannot be used for VLAN identification.
VPN (Virtual Private Network)
A Virtual Private Network (VPN) connects several separate private networks (subnetworks) via a public network (e.g., the Internet) to form a single common network. A cryptographic protocol is used to ensure confidentiality and authenticity. A VPN is therefore an inexpensive alternative to using permanent lines for building a nationwide company network.