Steganography
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Steganography as PDF for free.
More details
- Words: 1,501
- Pages: 6
Steganography: 1. Steganography is the process of hiding one message in another. In theory, doing this prevents analysts from detecting the real message. 2. You could encode your message in another file or message and use that file to hide your message. 3. This type of encryption can be somewhat harder to detect, but it’s still breakable. 4. Consider the following message: “Meet the mini me that ate later.” The real message is every third word: “Meet me later.” 5. Steganography is also called electronic watermarking. HASHING: 1. Hashing refers to performing a calculation on a message and converting it into a numeric hash value. 2. The hash value of the example in Figure 7.2 is computed by multiplying each character by 2, adding those results together, and then dividing the sum by 10.
3. As you can see, this hash value is a single number. The hash value can’t be used to derive the meaning of the message. The number is transmitted with the message to the receiver, and the receiving end uses the same hash function to determine that the message is authentic. 4. If the hash value is different, the message has been altered in some way. 5. This process is also known as performing a checksum. This type of hashing is called a one-way process. 6. There is no way to reverse the hash and turn the number back into the original message. This method of hashing is used to verify message authenticity, and it may be used in conjunction with one of the other encryption methods previously defined. 7. It’s important to note that a one-way hash can’t be used to decrypt a message that is used primarily for authenticity verification.
8. Nevertheless, it’s considered an encryption process, used primarily to verify the integrity of the message. 9. As you can imagine, calculating all the numbers in a larger, more complicated message by hand would be cumbersome and time consuming. Computers make hashing a very fast process. Hashing is used extensively in computer programming. Many early random access file methods used hashing to locate records in a data file. Digital Signatures A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Figure 7.8 illustrates this concept.
Let’s say that the sender in Figure 7.8 wants to send a message to the receiver. It’s important that this message not be altered. The sender uses the receiver’s public key to create a hash value that is stored in the message digest. The sender then sends the message to the receiver. The receiver can use their private key and compare the value of the message digest. If the message value from the private key is the same as the message digest sent with the message, the receiver knows the message is authentic. The digital signature is derived from a hash process known only by the originator. The receiver uses a key provided by the sender or a key that will provide the same result. The receiver compares the signature area referred to as a message digest in the message with the calculated value. If the values match, the message hasn’t been tampered with and the originator is verified as the person they claim to be. This process provides both message integrity and authentication.
Centralized Key Generation Centralized key generation allows the key-generating process to take advantage of large-scale system resources. Key-generating algorithms tend to be extremely processor intensive. Using a centralized server, this process can be managed with a large single system. However, problems arise when the key is distributed. How can it be transported to end users without compromising security? Figure 7.23 shows a centralized generation process. In this example, all the physical resources are in a single location, under centralized management control. Centralized generation has the advantage of allowing additional management functions to be centralized. A major disadvantage is that the key archival and storage process may be vulnerable to an attack against a single point instead of a network. Reliability, security, and archiving can be addressed if the proper systems, procedures, and policies are put into place and followed.
Decentralized Key Generation Decentralized key generation allows the key-generating process to be pushed out into the organization or environment. The advantage of this method is that it allows work to be decentralized and any risks to be spread. This system isn’t vulnerable to a single-point failure or attack. Decentralized generation addresses the distribution issue, but it creates a storage and management issue. Figure 7.24 demonstrates a decentralized system. In this situation, the loss of any single
key-generating system doesn’t disrupt the entire network. The RA in the figure refers to a registration authority, and the CA refers to a certificate authority.
KEY ESCROW 1. A key escrow system stores keys for the purpose of law enforcement
2. 3. 4. 5.
6. 7. 8.
9.
access. If a criminal investigation is under way, law enforcement agents with a search warrant have the right to access and search records within the scope of the warrant. In general, the key archival system will provide the access needed. Key escrow is listed separately because the usage is important to a law enforcement investigation. One of the proposed methods of dealing with key escrow involves the storage of key information with a third party, referred to as a key escrow agency. This agency would provide key information only when ordered by a court. In general, key escrow is handled by the key archival system. Key escrow systems can also be a part of the key recovery process. Several government agencies are attempting to implement regulations requiring mandated key escrow. Mandated key escrow would allow law enforcement agencies to investigate a key escrow user without their knowledge. Many individuals and organizations view this as an invasion of their privacy, and they’re fighting the use of mandated key escrow on the basis that it violates personal freedom.
PUBLIC KEY INFRASTRUCTURE:
The Public Key Infrastructure (PKI) is a first attempt to provide all the aspects of security to messages and transactions that have been previously discussed. The need for universal systems to support e-commerce, secure transactions, and information privacy is one aspect of the issues being addressed with PKI. PKI is a two-key—asymmetric—system with four key components: Certificate Authority (CA), Registration Authority (RA), RSA, and digital certificates. Messages are encrypted with a public key and decrypted with a private key. As an example, take the following scenario: 1. You want to send an encrypted message to Jordan, so you request his public key. 2. Jordan responds by sending you that key. 3. You use the public key he sends you to encrypt the message. 4. You send the message to him. 5. Jordan uses his private key to decrypt the message. The main goal of PKI is to define an infrastructure that should work across multiple vendors, systems, and networks. It’s important to emphasize that PKI is a framework and not a specific technology. Implementations of PKI are dependent on the perspective of the software manufacturers that implement it. This has been one of the major difficulties with PKI: Each vendor can interpret the documents about this infrastructure and implement it however they choose. Many of the existing PKI implementations aren’t compatible with each other; however, this situation should change over the next few years because customers expect compatibility.
E-Mail Issues
If malware is one of your biggest security concerns (as it should be), then you need to consider e-mail. It’s the most common delivery mechanism used to deposit malware into your secured environment. E-mail is also often the bearer of hoaxes, spam, phishing, and social engineering attacks. Unfortunately, Internet-based e-mail will always be subject to attack (as well as a means to wage attacks). Internet e-mail delivery is performed in clear text with few means to prevent eavesdropping, alterations, delay, interceptions, and so forth. Currently, the only option is to use a client-side encryption scheme, such as PGP and S/MIME. But they offer security only for messages between other users of the same tool. Thus, most messages are still sent in the clear without any form of protection. E-mail security is a product of reducing its functionality and user behavior modification. As for functionality, secure e-mail is e-mail that does not execute mobile code, nor does it interpret and display HTML. Consider not allowing attachments to reach your clients; strip
them off at the firewall. However, this will greatly reduce the ease of data exchange many rely on daily. Spam filtering services should be added to your e-mail delivery system, if they are not already part of your antivirus solution and your ISP’s e-mail services. All inbound e-mail should be quarantined until scanned. E-mail servers should be deployed as separate systems from all other services on the LAN.
3. As you can see, this hash value is a single number. The hash value can’t be used to derive the meaning of the message. The number is transmitted with the message to the receiver, and the receiving end uses the same hash function to determine that the message is authentic. 4. If the hash value is different, the message has been altered in some way. 5. This process is also known as performing a checksum. This type of hashing is called a one-way process. 6. There is no way to reverse the hash and turn the number back into the original message. This method of hashing is used to verify message authenticity, and it may be used in conjunction with one of the other encryption methods previously defined. 7. It’s important to note that a one-way hash can’t be used to decrypt a message that is used primarily for authenticity verification.
8. Nevertheless, it’s considered an encryption process, used primarily to verify the integrity of the message. 9. As you can imagine, calculating all the numbers in a larger, more complicated message by hand would be cumbersome and time consuming. Computers make hashing a very fast process. Hashing is used extensively in computer programming. Many early random access file methods used hashing to locate records in a data file. Digital Signatures A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Figure 7.8 illustrates this concept.
Let’s say that the sender in Figure 7.8 wants to send a message to the receiver. It’s important that this message not be altered. The sender uses the receiver’s public key to create a hash value that is stored in the message digest. The sender then sends the message to the receiver. The receiver can use their private key and compare the value of the message digest. If the message value from the private key is the same as the message digest sent with the message, the receiver knows the message is authentic. The digital signature is derived from a hash process known only by the originator. The receiver uses a key provided by the sender or a key that will provide the same result. The receiver compares the signature area referred to as a message digest in the message with the calculated value. If the values match, the message hasn’t been tampered with and the originator is verified as the person they claim to be. This process provides both message integrity and authentication.
Centralized Key Generation Centralized key generation allows the key-generating process to take advantage of large-scale system resources. Key-generating algorithms tend to be extremely processor intensive. Using a centralized server, this process can be managed with a large single system. However, problems arise when the key is distributed. How can it be transported to end users without compromising security? Figure 7.23 shows a centralized generation process. In this example, all the physical resources are in a single location, under centralized management control. Centralized generation has the advantage of allowing additional management functions to be centralized. A major disadvantage is that the key archival and storage process may be vulnerable to an attack against a single point instead of a network. Reliability, security, and archiving can be addressed if the proper systems, procedures, and policies are put into place and followed.
Decentralized Key Generation Decentralized key generation allows the key-generating process to be pushed out into the organization or environment. The advantage of this method is that it allows work to be decentralized and any risks to be spread. This system isn’t vulnerable to a single-point failure or attack. Decentralized generation addresses the distribution issue, but it creates a storage and management issue. Figure 7.24 demonstrates a decentralized system. In this situation, the loss of any single
key-generating system doesn’t disrupt the entire network. The RA in the figure refers to a registration authority, and the CA refers to a certificate authority.
KEY ESCROW 1. A key escrow system stores keys for the purpose of law enforcement
2. 3. 4. 5.
6. 7. 8.
9.
access. If a criminal investigation is under way, law enforcement agents with a search warrant have the right to access and search records within the scope of the warrant. In general, the key archival system will provide the access needed. Key escrow is listed separately because the usage is important to a law enforcement investigation. One of the proposed methods of dealing with key escrow involves the storage of key information with a third party, referred to as a key escrow agency. This agency would provide key information only when ordered by a court. In general, key escrow is handled by the key archival system. Key escrow systems can also be a part of the key recovery process. Several government agencies are attempting to implement regulations requiring mandated key escrow. Mandated key escrow would allow law enforcement agencies to investigate a key escrow user without their knowledge. Many individuals and organizations view this as an invasion of their privacy, and they’re fighting the use of mandated key escrow on the basis that it violates personal freedom.
PUBLIC KEY INFRASTRUCTURE:
The Public Key Infrastructure (PKI) is a first attempt to provide all the aspects of security to messages and transactions that have been previously discussed. The need for universal systems to support e-commerce, secure transactions, and information privacy is one aspect of the issues being addressed with PKI. PKI is a two-key—asymmetric—system with four key components: Certificate Authority (CA), Registration Authority (RA), RSA, and digital certificates. Messages are encrypted with a public key and decrypted with a private key. As an example, take the following scenario: 1. You want to send an encrypted message to Jordan, so you request his public key. 2. Jordan responds by sending you that key. 3. You use the public key he sends you to encrypt the message. 4. You send the message to him. 5. Jordan uses his private key to decrypt the message. The main goal of PKI is to define an infrastructure that should work across multiple vendors, systems, and networks. It’s important to emphasize that PKI is a framework and not a specific technology. Implementations of PKI are dependent on the perspective of the software manufacturers that implement it. This has been one of the major difficulties with PKI: Each vendor can interpret the documents about this infrastructure and implement it however they choose. Many of the existing PKI implementations aren’t compatible with each other; however, this situation should change over the next few years because customers expect compatibility.
E-Mail Issues
If malware is one of your biggest security concerns (as it should be), then you need to consider e-mail. It’s the most common delivery mechanism used to deposit malware into your secured environment. E-mail is also often the bearer of hoaxes, spam, phishing, and social engineering attacks. Unfortunately, Internet-based e-mail will always be subject to attack (as well as a means to wage attacks). Internet e-mail delivery is performed in clear text with few means to prevent eavesdropping, alterations, delay, interceptions, and so forth. Currently, the only option is to use a client-side encryption scheme, such as PGP and S/MIME. But they offer security only for messages between other users of the same tool. Thus, most messages are still sent in the clear without any form of protection. E-mail security is a product of reducing its functionality and user behavior modification. As for functionality, secure e-mail is e-mail that does not execute mobile code, nor does it interpret and display HTML. Consider not allowing attachments to reach your clients; strip
them off at the firewall. However, this will greatly reduce the ease of data exchange many rely on daily. Spam filtering services should be added to your e-mail delivery system, if they are not already part of your antivirus solution and your ISP’s e-mail services. All inbound e-mail should be quarantined until scanned. E-mail servers should be deployed as separate systems from all other services on the LAN.
Related Documents
Steganography
April 2020 15
Steganography
June 2020 17
Steganography
May 2020 16
Steganography
May 2020 20
Steganography
May 2020 13