Encryption and the CIA Triad
Photo credit ia.acs.org.au
Author: Siggi Bjarnason
Encryption is a type of technology that is embedded in all online activities these days and is the fundamental aspect of all privacy and confidentiality in today's computerized and electronic society. Without encryption we have no privacy nor confidentiality, so to say that it is extremely important is a gross understatement. The equivalence of having no encryption in our electronic world would be like having no locks on anything in the physical world. No door locks, no safes, no pad locks, etc. So, you can see why it matters and just how critical strong encryption is.
Just like safes and locks in the physical world, encryption along with something called access control list and authentication, keep people out of places they aren’t supposed to be and keep them from having access to documents and other data they aren’t supposed to have access to or even know existing while allow access to those that have a need to know. The base concept of all forms of encryption is to apply a formula of some sort to the text to render it unreadable until you reverse the formula. These formulas are called ciphers and can be very simplistic or a highly complex mathematical formula that takes immense computational power to solve. The more complex the formula the more secure the encryption is. In other words, the complexity of the cipher the stronger the lock. Just like physical locks, ciphers take a key to lock and unlock. These locks can be simple or complex, just like physical keys. More on this later.
Before we dive further into encryption let's touch on something called the CIA triad which is the base concept for all online access models these days.
The CIA triad
No, the CIA triad has nothing to do with the USA Central Intelligence Agency. Here it stands for Confidentiality, Integrity and Availability. For any document to be secure and useful it needs to be accessible to those that have the right to use it when they need it and in its original form. If you burn a document, it is very secure, no unauthorized people can read it, neither can authorized people. By burning the document, you ensured confidentiality of the document but eliminated both the integrity and the availability of the document.
Let’s break this down.
Can it only be viewed by those that should be viewing it? It’s locked in the safe, so only those who have the combination to the safe can read it.
Maintaining the integrity of a document is of course always of paramount importance. If you put a document in a safe, and when you go get it again it is all moldy and unusable then it has lost all integrity. If the document has no integrity, you might as well burn it and save you the trouble. In the electronic world, unauthorized changes to a data file violate the integrity of the file.
Can the file be accessed by those that have the right to access it when they need it? Someone puts a document in a safe in a locked room. They give the safe combination to folks that need access to that document, but not everyone has a key to the room. In this case the availability is degraded.
The very first known form of encryption is traced back to Julius Caesar, where he used what we now refer to as the Caesar Cipher to secure his correspondence with his army. The basis of this cipher is to shift each letter by a certain number of positions in the alphabet. To encrypt using the Caesar Cipher using a key of “right 3” you would substitute every A with a D, E with an H, and so on. For example, “RETURN TO ROME” would become “UHWXUA WR URPH.” Knowing that that was encrypted using the Caesar Cipher using a key of “right 3” makes reversing the encryption easy.
If you don’t know what cipher was used or the key, you will need to do some analysis and try to figure that out. This is referred to as cracking the encryption. First you need to figure out what cipher was used, then you need to figure out the key. Knowing “UHWXUA WR URPH” was encrypted with Ceaser Cipher doesn’t do you much good until you figure out what the key was. This often is a matter of trial and error or educated guesses. For example the fact that the string seems to be broken into words can lead you to surmize that this is a Ceaser Cipher, so you look at the two letter word and start trial and error because there aren’t that many two letter words. You will also note that W and R are 5 positions a part, and you realize that T and O are also 5 positions a part and T and W are 3 position a part. So you conclude that this was Ceaser Cipher right 3 and you apply that to the string and get the origional text.
People skilled in this area can crack a Caesar Cipher in their head in a matter of minutes if not seconds; modern computers can crack it in a fraction of millisecond. So obviously we need something stronger and harder to crack.
Modern encryption is based on elliptical curve mathematics, which mathematicians tell me is very complex and hard to solve. All I know is that sort of mathematics is way above my head. As I said above, the more complex the key is the more secure the lock is. These days the key is a random string of characters, usually thousands of characters long. Kind of like a really long and complex password.
No lock is uncrackable, but the stronger the lock the longer it takes to pick it. For modern encryption with a suitable long key, it could take the fastest computer dozens if not hundreds of years to crack it and this is typically more time than most criminals are willing to put into the effort.
Encryption Types and Categories
Encryption falls into one of two types: synchronous and asynchronous encryption. Each of those can be in one of two categories. Those categories are encrypting a file or files (aka a thing) or encrypting a connection. Let me dive in and explain further.
Synchronous encryption is identical to your average physical lock. You have a key to a lock, and you use the same key to lock it and to open it. So, if you have the same key or an exact duplication of the key that controls the lock, you can unlock it.
The basic concept of asynchronous encryption is a bit more difficult to explain in simple terms as there is no direct equivalent in the physical world, so a certain amount of imagination is going to be required for this. Picture this: someone invented a lock that requires two keys to operate. One key can lock the lock; the other key can only open the lock. The key that locked the lock is not able to unlock it and vice versa. Now let’s call the key that locks the safe, the public key and the key that opens the safe, the private key. Since the public key is only able to lock the safe, you can hand that key out freely to everyone. You could even open a network of stores where you can go and pick up a copy of “Joe’s Public Key.” For this analogy to work for those who are more detail-focused, a little suspension of disbelief is needed. Also imagine, if you will, that this imaginary lock I am talking about is in an unlocked state, and it will accept any public key. Once it is locked with a specific public key, only the corresponding private key will open it. That is in essence how asynchronous (or public/private key) encryption works. Just so you know, private and public keys are the actual technical terms in the world of encryption for asynchronous encryption keys. Asynchronous encryption is kind of like a re-useable inter-office envelope. Once it is sealed, it can only be opened by the recipient; once it has been opened, it can be re-used again, and you can put it in the bin of re-usable secure envelopes for anyone to use.
If you are encrypting something, you are locking up and making private something on your computer. This could be an entire drive, a folder on the drive, a document, etc. If you don’t know what a drive is, think of it as a storage container on your computer where you store your pictures and documents. You can organize the items on your drive into folders. The analogy here is that the drive is a filing cabinet in your office, and that filing cabinet has hanging folders in it.
You open a drawer in the filing cabinet, pick a folder and either get a piece of paper out or put one in. Whether this drive is built into your computer or a thumb drive is irrelevant. You can also encrypt a USB thumb drive. A USB thumb drive is a little stick you can insert into your computer’s USB port and put documents and pictures on it. If you need the contents of that stick to be private and secret, you need to encrypt it, which will turn that stick into a tiny portable document safe. Encrypting something typically uses synchronous encryption; as the user who encrypted the content is typically the user who un-encrypts it, key exchange isn’t an issue.
The skillset needed to encrypt documents and other items is beyond the skillset I expect the readers of this article to have, so I’m not going to go any deeper into this aspect of encryption. If you have an interest in it or need to use it, you know it exists and can seek training in how to use it.
Before I can explain what an encrypted connection is, I need to explain what a connection is, along with a discussion of what happens when you are using the internet. There is a great free movie on YouTube called “Warriors of the Net” that gives a high-level overview. So, if you’re up for some extra credit work, go check it out. Here is the direct link (http://www.youtube.com/watch?v=PBWhzz_Gn10). Please note that this was made in the ’90s and is fairly dated, with some terminology that’s a bit off, but none of that interferes with the explanation of the high-level concepts involved.
Here are the basic concepts in simple terms. The internet is sometimes called the worldwide web because in essence every computer is connected together like one big spiderweb. You purchase your internet service from an internet provider or local phone company, such as Comcast, CenturyLink, AT&T, Cox, Wave, etc. They connect your computer to their computers, which in turn are connected to hundreds of other computers and so on. Another way to think of this is that it is similar to the road system in your location. All roads are ultimately connected. If you need to drive from your house in Seattle WA to some house in Atlanta, GA, you need to figure out which roads connect to the roads that will ultimately get you to GA and to that house in Atlanta.
The internet works in a similar fashion; you need to know your originating address and your destination address, then you figure out the best way to get there. Now let’s get a bit more abstract and change the metaphor a bit. Let’s imagine that instead of wanting to travel to that house in Atlanta, you just want to correspond with them using old-fashioned letters you send through the postal service. You don’t care how the letter gets to Atlanta—you just need to get it there.
So, you write your letter, address it, give it to the postal worker, and cross your fingers that the letter gets to its destination. Now let’s imagine that you are writing a really long letter, but to keep the size of the envelopes small, you only put a couple of pages into each envelope and split the letter into multiple envelopes. To help the recipient put everything together in the right order, you put page numbers on each page.
This is pretty much how the internet works at a very simplified level. If you want to read the news from your favorite news site, you pull up that site in your web browser. What happens in the background is that you are in a way sending that site, a short letter asking them to send you a list of today’s articles. You will then receive in return a long letter split up among multiple envelopes listing the articles available. You read through that list, pick out an article of interest, and send them another short letter saying, “Please send me article X,” back and forth like that.
This back and forth is called a connection. If a postal worker can pick up one of those envelopes, open it up, and read it, that is called an unsecured connection. If you are just reading the news, who cares, right? However, what if you were doing online banking and one of those letters contained all of your checking account transactions? You might not want some random person who works at the post office to read that. This is where a secure or encrypted connection comes into play.
For an encrypted connection, each one of those envelopes is placed into its own super-secure micro safe before it is packaged, addressed, and given to the post office. Now, unless you know how to unlock that safe, you can’t see what is in it. So, each one of these imaginary envelopes becomes a thing you encrypt. In other words, securing a connection is nothing more than a long string of things that are encrypted in an automated and invisible way. Now the question becomes: do you use synchronous or asynchronous encryption? Either will technically work. Let’s look at the pros and cons of each approach.
Synchronous encryption is fine for a stationary safe example or any case where you can easily and securely exchange the key. If you tried to use synchronous encryption to secure a connection, you would quickly run into the key exchange catch-22 problem. You can’t include the key in your box because what’s the point of locking the lock if you leave your key in the lock? Putting the key in a separate unsecure envelope doesn’t make sense either, because someone could easily steal the key. So how can you get a key to someone securely without being able to lock it? Therefore, asynchronous encryption is the go-to method for securing a connection. This is because anyone can lock one of those asynchronous locks, needing only your public key, which is freely available. You are the only one who can open it, so no need to exchange keys like in the synchronous case.
You could make synchronous encryption work for a connection between, say, Seattle and Atlanta if you had a secure way to do the key exchange. Let’s say the Seattle person and the Atlanta person meet in Dallas and exchange keys in person. Then they go back to their respective locations and now they can securely use synchronous encryption to exchange information long distance, say over the internet. The technical term for this scenario is pre-shared key scenario. For most scenarios, the pre-shared key is not practical, which is why asynchronous encryption is more prevalent for encrypted connections.
There are cases where there is a hybrid implementation. In the hybrid scenario, one of the endpoints randomly generates a long, complex, and secure password that they share with the other party over an asynchronously encrypted connection. Then after they have securely exchanged the key, they will establish a new encrypted connection using synchronous encryption, encrypted with the key shared over the asynchronously encrypted connection.