home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  


TCP/IP Network Administration

TCP/IP Network AdministrationSearch this book
Previous: 12.5 Access Control Chapter 12
Network Security
Next: 12.7 Firewalls
 

12.6 Encryption

Encryption is a technique for limiting access to the data carried on the network. Encryption encodes the data in a form that can be read only by systems that have the "key" to the encoding scheme. The original text, called the "clear text," is encrypted using an encryption device (hardware or software) and an encryption key. This produces encoded text, which is called the cipher. To recreate the "clear text," the cipher must be decrypted using the same type of encryption device and an appropriate key.

Largely because of spy novels and World War II movies, encryption is one of the first things that people think of when they think of security. However, encryption is not always applicable to network security. Encrypting data for transmission across a network requires that the same encryption equipment, or software, be used at both ends of the data exchange. Unless you control both ends of the network and can ensure that the same encryption device is available, it is difficult to use end-to-end data encryption. For this reason, encryption is most commonly used to exchange data in individual applications where the software at both ends of the network is defined by a single vendor. For example, a Web server and a Web browser from the same vendor use the same encryption. Encrypting all types of data is limited to places where the entire system is under the control of a single authority, such as military networks, private networks, individual systems, or when the individuals at both ends of the communication can reach personal agreement on the encryption technique and key.

What is needed to make encryption truly useful in a global network are universally recognized encryption standards and a trusted infrastructure to support those standards. Public-key encryption is the technology that will make encryption an important security technology for an open global network like the Internet. Public-key systems encode the clear-text with a key that is widely known and publicly available, but the cipher can only be decoded back to clear-text with a secret key. This means that Dan can look up Kristin's public key in a trusted database and use it to encode a message to her that no one else can read. Even though everyone on the Internet has access to the public key, only Kristin can decrypt the message using her secret key. Kristin can then look up Dan's public key to encrypt her reply. This encrypted communication takes place without Dan or Kristin ever divulging their secret keys. However, to ensure that the keys have not been tampered with, public-key cryptography requires a trusted system for distributing public keys. And because the encrypting key is available to everyone, it requires a digital signature system to authenticate that a message is really from whom it purports to be from.

Government and industry are working on the standards and infrastructure for public-key cryptography. The type of encryption used in the examples in this section is symmetric encryption. It requires that the same encryption technique and the same secret key is used for both encrypting and decrypting the message. It does not rely on public keys, digital signatures, or a widely accepted infrastructure, but its usefulness is limited. Truly effective public-key cryptography must wait for the creation of a trusted public-key infrastructure.

12.6.1 When is symmetric encryption useful?

Before using encryption, decide why you want to encrypt the data, whether the data should be protected with encryption, and whether the data should even be stored on a networked computer system.

A few valid reasons for encrypting data are:

  • To prevent casual browsers from viewing sensitive data files

  • To prevent accidental disclosure of sensitive data

  • To prevent privileged users (e.g., system administrators) from viewing private data files

  • To complicate matters for intruders who attempt to search through a system's files

Encryption is not a substitute for good computer security. Encryption can protect sensitive or personal information from casual snooping, but it should never be the sole means of protecting critical information. Encryption systems can be broken, and encrypted data can be deleted or corrupted just like any other data. So don't let encryption lull you into a false sense of security. Some information is so sensitive or critical that it should not be stored on a networked computer system, even if it is encrypted. Encryption is only a small part of a complete security system. To find out more about file encryption, see PGP: Pretty Good Privacy , by Simson Garfinkel (O'Reilly & Associates). It provides a book-length treatment of PGP, an encryption program used for files and electronic mail.