At main problems of cryptology is that the community

At first, the
author states that one of the main problems of cryptology is that the community
suffers from the lack of feedback about previous failures. In this way,
cryptosystem designers make the same mistakes over and over again and they continue
their work in the wrong way. He compares cryptography with aeronautical
engineering to support this statement. Also, he presents some examples of UK
banks’ cases of phantom withdrawals. In most of them there is injustice due to
the approach that UK banks adopt over this kind of cases. They claim that their
systems are not susceptible to frauds and that it is the clients’ fault; unless
it is proven otherwise. Next, the author presents some ATM and banking systems’
frauds. From the examples presented, the author tries to convince the reader
that insider jobs, bad implementation and programming techniques, and poor key
management processes are usually the reason for the emergence of security
threats, contrary to cryptanalyst attacks and attacks targeting to the
algorithms themselves, which are rarely the cause for system failures. The
increasing complexity of the security products led to security failures due to implementation
and management errors. Subsequently, the author presents one of the main reasons
that caused the threat model (in the financial industry) to fail; that was the equipment
vendors overestimated the level of expertise and knowledge of their customers’
staff in installing, designing and maintaining cryptographic products. Companies
seem to not have given the appropriate attention when they staffed their
security teams. In fact, many organizations’ teams were nonexistent and if they
existed they were limited. In addition, the level of technical expertise of the
criminals was overestimated as well. Finally, the author believes that a shift in
the traditional approach of computer security is necessary by importing models
from more mature fields and questions whether the security process should be
automated and whether it should continue to be managed in the traditional centralized
model.

 

 

 

 

Q2

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

a) An example
presented in the article of an algorithm whose weakness could cause failure of
a cryptosystem is the DES algorithm. According to the author DES was used
during the PIN generation process, to produce the “natural PIN” using as inputs
the account number and the PIN key. The reason why DES is considered insecure
is because of its small key size which makes it vulnerable and easy target to
brute force attacks.

b) The author
of the article gives the example of a bank’s ATM system bad implementation.
More specifically, when a telephone card was entered at an ATM, it believed
that the previous card was inserted again. The attack was simple: attackers
waited in line, observing customers’ PINs. This shows how a bad implementation
could lead to disastrous results.

c) The author
gives a branch level of poor key management. Theoretically, terminal master key
is split in two components, each of them is distributed to two bank employees
and each of them has to type in the correspondent key component. This master
key is used to encrypt the PIN key. After it is encrypted, the PIN key is,
then, sent to the ATM during the first service transaction after maintenance.
The maintenance engineer is able to decrypt the PIN key provided that he knows
both the key components. Unfortunately, the branch managers who have knowledge
of the key components are usually more than willing to give them both to the
maintenance engineer, in order to avoid “losing their time” while the machine
is serviced and using a keyboard which could be thought as degradation of their
dignity.

d) The actions of one maintenance engineer of a Scottish
bank are used as an example from the author to indicate how the human factor
can lead to a cryptosystem failure. The engineer stole customers’ PINs and
account numbers with the usage of a handheld computer fitted in an ATM and
created copies of cards and stole clients’ money. Of course, the bank’s
attitude towards customers who complained helped the engineer achieve his goal.

 

 

 

Q3

a) One such
fact is the feedback problem from previous cryptosystem failures. The author
highlights as problems of cryptology the lack of public feedback about how
cryptosystems fail and the lack of the ability to learn from mistakes made in
the past. By 1994 (the year the article was published) cryptography’s use was
limited, primarily, to the government and financial sector. So, feedback from
failures of cryptosystems implemented in these sectors was not released
publicly and the causes were wrapped in a veil of secrecy. Nowadays,
cryptography is literally everywhere, as it is used in the vast majority of the
applications people use on a daily basis. So, news of almost every major
failure of a cryptosystem are spread throughout the world, since so many people
will be directly affected by this failure. Examples of such failures could be a
poor implementation of a cryptographic protocol (Heartbleed) or the appearance
of a weakness in a cryptographic algorithm (RC4). In addition, the reasons
behind failures will become publicly known, providing, in this way, the
desirable feedback.

Nowadays
DES is considered highly insecure mainly due to the size of its key. A brute
force attack on the key of this algorithm has become very easy and fast as the technology
proceeds and the machines are becoming more and more powerful. In 1994, DES was
not yet considered insecure (although the weakness was known) and was still
widely used, as the brute force attacks on the key were possible only when
performed by expensive and specialized machines. DES is replaced in most cases
in the financial sector by triple DES.

b) As stated in
question 1, one of the main findings of the article is the fact that the main
reason for cryptographic failures is bad implementations of algorithms. It is
remarkable that this fact continues to be one of the primary reasons for failures
in security systems, even after so many years. It seems that implementing a
cryptographic protocol (or algorithm) is one of the most challenging parts in a
cryptosystem’s life cycle, as it is this part that the most mistakes are being
made. There are many examples nowadays of poor cryptosystem implementations
that led to major data breaches. All cryptographic algorithms and protocols are
being thoroughly tested and cryptanalyzed by researchers and the cryptographic
community before (and after) they become standards. So, there is no chance a
weak algorithm becomes a standard, and, consequently, widely used. That is the
reason why cryptosystems’ failures are rarely caused by weaknesses found in
algorithms. However, when it comes to implementing algorithms, it is up to the
software engineers to implement it right and carefully and not hastily, to
avoid mistakes. Most people would think that after so many attacks caused by
poor implementation, developers and organizations would have been more careful
concerning the information security aspects of their systems. On the contrary,
they keep making serious mistakes, mainly due to the high competition in the industry,
which forces the organizations to deliver software as fast as possible, ignoring
important aspects such as security.

Another
fact that the author highlights in the article is the lack of learning
mechanisms in the cryptographic community. Until 1994, cryptography was mainly
used in financial and government applications, which resulted in limited (or
none) feedback about how security failures have occurred. Now, 25 years later,
the need for confidentiality, integrity and authentication has made
cryptography an integral part of our lives as it is used in the vast majorities
of the applications we use. So, as stated in Q3/a), every cryptographic failure
that affects a lot of people and the reasons that caused it, eventually become
publicly known, providing the cryptographic community with the feedback they
need in order to make the appropriate improvements and to learn from the mistakes
made. However, there are cases where organizations try to hide the failure for
financial or reputational reasons, or they disclose the failure a long time
after it has occurred.

The limited
number of security staff or the complete absence of it was according to the
author one of the main reasons that the threat model failed. Indeed, the
security vendors wrongly assumed that their customers would have the knowledge and
expertise to install, configure and manage the security products. As a result,
the products were not used properly and efficiently, leading to vulnerable
systems. Nowadays, organizations are aware of the significance of a cyber
security team and the devastating consequences a cyber-attack can have, since
data breaches are announced almost every week. So, they try to staff their
teams with highly trained security experts. However, there are still some few
examples of organizations that do not give the appropriate attention to this
matter. And even if the team is highly qualified there is always the chance of
(human) mistakes that can make an attack possible. To conclude, there is definitely
a lot of improvement, despite the fact that there are still big organizations
with limited security teams.

 

 

 

Q4

a) The three
digits on the back of the card are called Card Verification Value (CVV) and they
are a tool to manage risk and fraud. The personal account number (PAN), the
4-digit card expiration date, the 3-digit card service code and the pair of
encryption keys (CVKs) are typically included in the computation of the CVV.
The first three elements are stored on the magnetic stripe card and the last
one (the pair of keys) are only known by the issuer. The CVV results from the
encryption of these elements using the triple DES algorithm, an operation that
is often performed by hardware security modules (HSM).

b) CVV, as mentioned above, is a tool to manage risk and
fraud. It is used for transactions where the cardholder cannot physically present
the card for the merchant to examine it, e.g. transactions over telephone or Internet
(“card-not-present” transactions). This code is considered as a proof that a
customer actually holds the physical credit/debit card when the transaction is
being made and helps to keep both the merchant and the customer safe by
reducing fraud. CVV is not stored on the magnetic stripe, but it is printed on
the back of the card, which means it cannot be stolen by devices masquerading as
fake cards readers that skim entire magnetic stripes. In addition, the
merchants are not allowed to store the CVV after a transaction; only
information included in the magnetic stripe such as the account number and the
card’s expiration date. So, if for example, a database containing information
about customers’ cards has been compromised, the attacker will not obtain the
CVVs and, consequently, the stolen information will be less useful, as “card-not-present”
transactions won’t be possible. This constraint of not storing the CVV protects
against insiders (such as employees that have access to the web-based payment interfaces)
as well. However, if the card is stolen or if the attacker has seen somehow the
CVV, fraud could be performed against the victim and make unauthorized
transactions masquerading a legitimate cardholder. Another case where the CVV
cannot protect the cardholder is against phishing attacks. The cardholder might
be tricked into giving up card information including the CVV, making it
possible for the attacker to conduct fraudulent transactions. To conclude, CVV’s
primary goal is to make sure that the transaction is made by a user that
physically has the card and to protect from the case where someone has acquired
other card information (e.g. account number and expiration date) in a non-legitimate
way and tries to make unauthorized transactions using this information.   

 

 

 

Q5

In
general, the vast majority of cryptocurrencies require non-repudiation of
transactions, integrity of the entire transaction data set and pseudonymity of
transactions (there are few cryptocurrencies, e.g. Monero and Zcash, that
require privacy as well). So, this is where cryptography comes in. In order to
achieve non-repudiation and integrity of the transactions, digital signatures
and cryptographic hash functions are used. More specifically, for a successful transaction
the payer must generate a signature/verification key pair which will be used to
prove that the payer is authorized to make a payment from the associated
address and prevents the payer from later denying they were responsible for the
transaction, i.e. they authorized the spending of the specific amount of
cryptocurrency. The signature keys play a very significant role as without them
users cannot make payments; if a user’s signature key gets lost, so is the
cryptocurrency of this user. So, in this case key management, and especially
key storage, is a major issue. A scheme which combines public key cryptography
and a SHA-2 function is usually applied when implementing digital signatures. Bitcoin
and Ethereum rely on the ECDSA (elliptic curve algorithm for digital
signatures) scheme.

Another
aspect of cryptocurrency that utilizes cryptography is the mining process, a key feature in many cryptocurrencies. Hashing is used to generate math puzzles that make “block
mining” possible. Mining basically involves an exhaustive search of a hash
function and it relies on the difficulty of overcoming the set preimage
resistance of a hash function. The hash function is used as a proof of work and
validation because it is practically impossible to find the outcome of input. The aim of mining is to use your computer to guess until it comes up
with a hash value that is less than whatever the target may be. In other words, the hard problem miners are challenged to solve is given
a set of potential hash function outputs, find an input which hashes to one output
of the set. This set of hash outputs is defined to be the set of hash outputs
smaller than a particular target hash function output. So, it’s all about
guessing. Whoever does this first (normally this takes millions and billions of
computer generated guesses from around the world) is rewarded with
cryptocurrency.

To conclude, cryptocurrencies rely on cryptography in order to maintain
the structure of blockchain data, validate the transactions and make sure the
transactions are made by the authorized payer only. Mining is also a process of
cryptocurrency systems that is based on cryptographic hash function and on solving
hard “mathematical” problems concerning hash functions. Also, hashing is often used to encode people’s account
addresses.