Basic Security Requirements and Techniques
Just as the threats outlined above can be traced back to a few archetypal forms of attack, basic security properties can also be classified into a few fundamental building blocks. These properties can be combined to satisfy more complex security requirements:
Stored or transmitted information cannot be read or altered by an unauthorized party.
Any alteration of transmitted or stored information can be detected.
The identity of the provider of information (in some cases, the identity of the intended receiver as well) can be proven.
A specified action such as sending, receiving, or deleting of information cannot be denied by any of the parties involved.
These security requirements need to be provided by two basic security elements: encryption (to provide confidentiality) and secure checksums (to provide integrity). Suitable combinations of these two elements may then be used to provide more complex services, such as authenticity and obligation.
The oldest form of encryption is usually termed symmetric encryption , which requires the sender and recipient to agree on a shared secret (i.e., a key or password), which is then used to encrypt and decrypt the information exchanged (see Figure 5-2). A large number of symmetric cryptosystems have been devised over the centuries, but despite their growing strength against cryptanalysis, they share two substantial operational shortcomings. The first ...