Technologies for Trust-How does Cryptography Fit the Bill?


Published on

On an abstract level the notion of 'trust' is pretty clear e.g.: "The extent to which someone who relies on a system can have confidence that the system meets its specifications" (RFC 2828). Obviously, trustworthiness is a property that we'd expect from IT-systems we depend on.
As a matter of fact, IT-systems are designed to be capable to create and process arbitrary patterns of binary information. This fundamental property does include the ability to manipulate data objects, return improper function call results, and exchange faked data packets or messages.
Thus, how to establish confidence in services provided by operating systems as well as local or remote computing resources? How to trust received IP packets, E-Mail messages, or HTTP responses? In essence: how to bootstrap the property of trust in systems that rely on the processing of binary information while being able to manipulate any binary information?
This presentation investigates base technologies for trust enhancing. It examines the role of cryptography as a trust facilitator for IT-systems: the merits of cryptographic technologies with respect to trust enhancement are identified; the relevance of recent technology initiatives in the world of XML (e.g. Liberty Alliance, SAML, WS-Security, XACML, XKMS, XML-Encryption, and XML-Signature) is analyzed.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Technologies for Trust-How does Cryptography Fit the Bill?

  1. 1. Dr. Oliver Pfaff Siemens AG Technologies for Trust – How does Cryptography Fit the Bill?
  2. 2. What is Cryptography? <ul><li>Cryptography - as a notion - originates from the Greek words krypt ó s (hidden) and gr á phein (to write): </li></ul><ul><ul><li>Cryptography is the study of techniques by which information may be protected against adversaries. </li></ul></ul><ul><ul><li>Remark: </li></ul></ul><ul><ul><ul><li>Cryptoanalysis is the study of techniques to defeat cryptographic techniques. </li></ul></ul></ul><ul><ul><ul><li>Cryptology comprises cryptography and cryptoanalysis. </li></ul></ul></ul>
  3. 3. What is Trust? <ul><li>On an abstract level the notion of 'trust' is pretty clear. E.g.: RFC 2828 defines trust as: </li></ul><ul><li>The extent to which someone who relies on a system can have confidence that the system meets its specifications. </li></ul>
  4. 4. The Issue of Trust in IT-Systems <ul><li>IT-systems rely on the binary representation of information: </li></ul><ul><ul><li>Status as well as operations are represented by binary information. </li></ul></ul><ul><ul><li>Arbitrary patterns of binary information may be created and processed. </li></ul></ul><ul><li>This has proved to be very efficient, but there is a fundamental dilemma: </li></ul><ul><ul><li>How to distinguish original binary quantities from copies? </li></ul></ul><ul><ul><li>How to detect manipulations? </li></ul></ul><ul><ul><li>How to determine the actual source of information? </li></ul></ul><ul><ul><li>How to distinguish wanted from unwanted operations? </li></ul></ul><ul><ul><li>... </li></ul></ul>
  5. 5. A Little Experiment <ul><li>Let us transfer information between two peers in the audience: </li></ul><ul><ul><li>Originator </li></ul></ul><ul><ul><ul><li>Create a bit (binary information of value 0 or 1) </li></ul></ul></ul><ul><ul><ul><li>Hand it over to speaker for data transfer (not a high bandwidth solution) </li></ul></ul></ul><ul><ul><li>Recipient </li></ul></ul><ul><ul><ul><li>Receive the bit </li></ul></ul></ul><ul><ul><ul><li>Assess the bit: can its content be confirmed; do you trust this information? </li></ul></ul></ul><ul><ul><li>Rule </li></ul></ul><ul><ul><ul><li>The only communication channel between originator and recipient: speaker transfers bits between originator and recipient </li></ul></ul></ul>
  6. 6. What is Needed for Trust? <ul><li>Ability to determine the source of information as well as its integrity. </li></ul><ul><li>This property is called authentication. The need for authentication is ubiquitous in IT: </li></ul><ul><ul><li>All kinds of IT-systems do have some inherent understanding of authentication. </li></ul></ul><ul><ul><li>Quite often this is as simple as: </li></ul></ul><ul><ul><ul><li>...we believe anything coming across this interface to be authentic (automatically)... </li></ul></ul></ul><ul><ul><ul><li>I.e. authentication might be defined by a condition that is always true ( really have to have confidence in such systems). </li></ul></ul></ul>
  7. 7. How to Advance Authentication? <ul><li>Out-of-band; supplementary information via secondary communication channel </li></ul><ul><ul><li>Employed in various scenarios, but no generic option due to issues in availability, cost, handling. </li></ul></ul><ul><li>In-band; supplementary information attached </li></ul><ul><ul><li>Non-cryptographic means: </li></ul></ul><ul><ul><ul><li>Biometrics Provide authentication of human beings, but do not authenticate IT-systems or electronic documents. </li></ul></ul></ul><ul><ul><ul><li>Classical codes (e.g. cyclic redundancy checks) Provide protection against accidental changes and transmission errors, but not against intentional attacks. </li></ul></ul></ul><ul><ul><ul><li>Shared secrets: passwords, PINs, TANs Provide origin authentication, but do not bind exchanged information. </li></ul></ul></ul><ul><ul><ul><li>... </li></ul></ul></ul><ul><ul><li>Cryptographic means Keyed checksums provide supplementary information allowing to verify the integrity of messages and to determine the source of information based on keying associations. </li></ul></ul>
  8. 8. Remark: Encryption vs. Authentication <ul><li>As a technology, cryptography facilitates multiple uses including: </li></ul><ul><ul><li>Authentication </li></ul></ul><ul><ul><li>Encryption </li></ul></ul><ul><li>Attention: there appears to be a public misconception considering cryptography and encryption to be synonymous: </li></ul><ul><ul><li>Encryption is important in many applications to achieve e.g. privacy. </li></ul></ul><ul><ul><li>But from an overall perspective, authentication is the far more relevant cryptographic security service. </li></ul></ul>
  9. 9. Authentication-Enabled Services Authentication Encryption Thwart active attacks Single-Sign-On Transfer authentication Access control Determine authorization Non-repudiation Validate and interpret evidence Privacy Enforce policies Digital rights management Control content distribution
  10. 10. Related Initiatives in XML-Security XML Encryption XML Signature WS-Security Liberty Alliance SAML XACML XAdES ODRL XrML P3P Encryption Single-Sign-On Access control Non-repudiation Privacy Digital rights management Authentication
  11. 11. So What? <ul><li>How does cryptography fit the bill? </li></ul><ul><ul><li>Authentication is a key service in trustworthy computing </li></ul></ul><ul><ul><li>Cryptography is a key technique for authentication </li></ul></ul><ul><li>Why are advanced authentication techniques still rare? </li></ul><ul><ul><li>Are there technical issues? There are some (e.g. complex, non-intuitive model of protection), but they do not appear to represent the actual barrier. </li></ul></ul><ul><ul><li>Is it about market acceptance, business development? That‘s my guess: authentication contributes an abstract value. What is the customers‘ willingness to pay for it? </li></ul></ul><ul><li>Siemens‘ position: </li></ul><ul><ul><li>We are committed to invest in trusted-enhancing technologies and esp. sound authentication techniques. </li></ul></ul><ul><ul><li>Our efforts need to meet corresponding demands in our markets. </li></ul></ul>
  12. 12. Author Information <ul><li>Dr. Oliver Pfaff </li></ul><ul><li>Siemens AG </li></ul><ul><li>Information and Communication Networks </li></ul><ul><li>Charles-De-Gaulle-Str. 2 </li></ul><ul><li>D-81730 Munich </li></ul><ul><li>E-Mail: </li></ul><ul><li>Office: +49.89.722.53227 </li></ul><ul><li>Mobile: +49.172.8250805 </li></ul>