The transmission of information from a source to a destination is essential for communication.
But, the dependability of the means of exchange is called into doubt. Certain information is critical and must be kept confidential in order for the operations to proceed successfully. The military and other huge government entities, such as banking institutions, are examples (Conklin). As a result, message authentication and encryption technology has been developed to protect the information conveyed.
The first asset is a backup tape or USB stick for securely storing data and sending it to the future.
The second asset is a secret key with a verification algorithm that establishes a secure communication channel between the initiator and the responder thereby preventing access to third parties (Huang).
Threats
Secrecy is a potential threat to the free exchange of information between the initiator and the responder (Dodd). Extreme security systems would be required to burr the third party from accessing the timings and size of the files in each message, however for civilian applications, some of the measures are not acceptable.
Traffic analysis is also a potential problem since the third party can identify the source and the destination of the messages, the file sizes transmitted, and the timings for each message.
Weaknesses
Weak encryption schemes, which exist in the system itself render authentication as a first choice response insecure (Huang). Underlying encryption schemes also exist which are insecure when use for communication in an encrypt-and-authenticate approach.
Potential defenses
Defense options include message numbers, which are a source for the encryption algorithm. Message numbers enable the responder to reject replayed messages within a narrow database by following the approach that each new message received should have a larger number than the previous (Cuzzocrea).
Encryption is another defense option. It handles the nonce internally thereby denying any third parties from accessing the information or modifying it.
Evaluation of the system
The above association to do not provide for means to an effective and fully reliable system but rather an opportunity to handle the challenges and nuance through the establishment of a secure communication channel. The first algorithm involved is that of setting the secret keys and assigning numbers to each message (Dodd). The secret keys include encryption and authentication keys to send messages in both ways. The responder to a message must have the same additional data to check the encryption that the initiator employed. The responder must ensure that the message numbers they receive are strictly incompliance with the incremental order of the preceding messages. This process ensures message validity in that no any message is accepted twice thereby an indication of leaked data and the necessity to employ further corrective measures or terminate the communication channel (Dodd). Establishing such a security channel can be a challenge especially in embedded hardware; as a result, advances in technology have led to the creation of dedicated block cipher modes, which provide simultaneous authentication and privacy to a communication channel. The cipher nodes generally take a single message and key as the input, a nonce, and additional data for authentication.
assert £(t) :::: 36i ll t +- tK +- KEyRECENCk +- EK(O II i II 0) II EK(1 11 i II 0) II . . .m II a +- t EB FIRST-£(t)-BYTES(k)a' +- HMAC-SHA-256(KEYREcAuTH, i II £(x) II x II m)if a' =f:. a thendestroy k, mreturn AUTHENTlCATlON FAILUREelse if i :s MSCCNTREC thendestroy k, mreturn MESSACEORDERERRORfiMSCCNTREC +- ireturn m
The values for the length of the spring are compute d as
ai= MAC(i II C(xi) II Xi II mi)
in authentication with 32-bit unsigned integers of a string data. The C (xi) that the string uniquely is passed to its field. In encryption, the block counters are limited to 32-bits and consist of bytes k0, k1..With nonce i, defining the stream as ka . . . kz36-1 := E (K, O II i II 0) II E (K, l II i II 0) II . . . II E (K, 232 - 1 II i II 0)
consisting of 32-bit message, 32-bit block number, and 64 zero bits (Huang). The C (xi) is the only used term since the function gives a long string.
A security system CCTV uses a cable network system to transfer the recorded data to a memory location. The memory location is a potential threat to security since it is a hardware device. The cable connectivity can also be intercepted leaking confidential recorded information (Huang). However, the system provides a reliable means to provide records of past events.
Eve can learn about the timings on which the messages are sent and the respective file size for each message. Situations in which information exposure is a serious problem include the plans for critical military peacekeeping operations in which case the enemy may compromise the response action necessary to establishing peace.
The wiping state is a software security installation that generally wipes any information as long as it is no longer needed. The software configuration is based on object-oriented programming.
A swap file allows the virtual storage of data during running a program (Huang). The swap file can however be written on the disk in the event of a system crash.
Caches hold temporary memory in a memory hardware location; however, the information is not entirely deleted. In the event of a cache overload, the memory is written on the hardware memory location, which sometimes includes secret data.
Data retention by memory is stored in the static hardware location (Huang). Access by others involves accessing the hardware memory of the computer and creating a read or read/write copy of the original data.
To handle the transient secrets, modifications need be implemented in the original program files. The modifications ought to be carefully conducted since the main programs also contain confidential data files.
System complexity is undesired for a security system design. A simple memory system does not allow data encryption without authentication, or data authentication without encryption. A simple system eliminates the need for multiple cipher suites and operation modes thereby saving on memory while enhancing security.
Work Cited
Conklin, Wm. Arthur et al. Principles of Computer Security. 1st ed, 2011. Print.
Huang, Yueh-Min Ray et al. Advanced Technologies, Embedded And Multimedia For Human-Centric Computing. 1st ed, 2010. Print.
Dodd, Annabel Z. The Essential Guide to Telecommunications. 1st ed. Upper Saddle River, NJ: Prentice Hall, 2012. Print.
Cuzzocrea, Alfredo. Security Engineering and Intelligence Informatics. 1st ed, 2012. Print.
