There is a growing need to provide for secure commerce on computer networks, which does not require costly non-scalable computational resources. Corporations now have critical needs for ensuring the security of data that traverses their networks. Information Systems (IS) managers have attempted to cope with those needs by installing and managing expensive hardware to provide protection of data. In the case where data must be transferred between sites, IS managers can dictate their security needs to the telephone companies who manage the transfer of data between multiple sites. However, there are several problems limiting the transfer of data networking. Such concerns are as follows:
Network Availability (also known as uptime);
Network bandwidth (the amount of data that the overall network can handle over a particular time slice);
Quality of Service: ensuring that pre-determined service levels, such as bandwidth congestion allowances and network latency, are consistently met for all hosts connected to the network;
Security: ensuring that sensitive data are protected as it traverses the network and those unauthorized parties do not compromise that data or the network itself.
Monitoring/Auditing (the capability to verify that the above needs are being met and the ability to instantly detect and react to any deviation from preset expectations)
When considering a new technology that will impact a network, an IS manager must address the foregoing issues. After these requirements are met, factors of cost and scalability must be considered. IS managers are constantly looking for ways to meet the above requirements while reducing the cost of supporting their network. Managing the cost of expanding a network to address increased bandwidth requirements of users is a major problem for IS managers today.
Point-to-Point Encryption
Point-to-point link level encryption has a disadvantage in that it is not scaleable. For example, there is a dramatic and non-linear cost difference in installing and maintaining a 128 k Frame Relay link versus a 1.544M Frame Relay link. The cost problem is not limited to bandwidth, but rather is also greatly affected by the addition of new groups of hosts as additional connection points. Related equipment also must be installed and maintained. Point-to-point encryption also has cost disadvantages. Point-to-point link level encryption is usually all or none meaning that all data both public and private are encrypted over this link. This additional overhead is acceptable in some cases but undesirable in others.
Since link level encryption requires static routes to be created it does not integrate easily into the Internet paradigm, which requires packets to be dynamically routed from point to point. A network layer (or higher) encryption solution is required in order to fit easily into the framework of routable IP packets. Currently there exists a transport level security mechanism for application programs using SSLv3 (secure sockets layer). SSL was developed in 1995 when a universally recognized security mechanism at the IP layer did not exist. This has been the most commonly used protocol for providing secure applications.
The three protocol capabilities of SSL include authentication, encryption and key exchange. In IPSec these are provided as separate protocols (AH, ESP and IKE).
In SSL most of the communications protocol data is passed in plaintext, only the application header and actual data sent to the application is cryptographically protected. The encryption and integrity protection for the data and not the communications as in IPSec, which protects both, are handled by the record protocol. The negotiation of new crypto algorithms and keys is handled by the handshake protocol. Finally, any errors that have occurred are handled by the alert protocol. SSL maintains its security state based on the session associated with a particular set of host addresses and ports.
SSL sessions are established in four steps. In Step 1 the sender sends a hello message to the receiver containing random data. In Step 2 the receiver sends the sender his/her public key embedded in a signed certificate. In step 3 the sender encrypts a shared secret key and a change cipher spec switch (to determine the proper cipher to use) with the receiver's public key and sends it to the receiver. In step 4 the receiver sends a reply using the shared secret key (after decrypting the info in step 3 with his private key) and a “finished” message. Both sides now can begin communications. Using the record protocol, all data that passes between the two parties are encrypted and hashed and the recipient checks this hash upon decryption to make sure that the data have not been modified in transit.
The newest version of SSL (3.0) supports RSA key exchange, Diffie-Hellman anonymous or signed (the most common implementation is SKIP) and Fortezza using SKIPJACK. TLS (Transport Level Security) and PCT (Private Communication Technology) by Microsoft are both variations on SSL that are vying for standards approval by the IETF. A major disadvantage of all versions of SSL is that SSL is ineffective against many of the newer communications level (below transport level) attacks, which are technically called SYN Flooding, Buffer Overruns and Traffic Analysis.
IPSec
IPSec is a conventional protocol for securing IP traffic as it traverses the Internet, an Extranet or any IP based local, metropolitan or wide area network. IPSec can be incorporated with IPv4 to provide security for host to host, host to subnet and subnet to subnet communications, which are not available with SSL.
The objective for securing large corporate networks is to allow the proper insiders or outsiders to access corporate data transparently while keeping unintended parties from accessing the same data or denying service to those who should be accessing the data. In the past, Firewalls have been used as a means for filtering incoming and outgoing traffic. Firewalls have been combined with access servers to authenticate parties before they are allowed access to any resource inside or outside the firewall.
Firewalls have evolved to include new protocols that allow them to safely transfer data between themselves and another party over the Internet. This function is known as creating a virtual private network (a private network over the public Internet).
The IPSec protocol uses two underlying protocols to send data securely. IPSec adds two additional packet headers to a packet to handle each of the two protocols. The headers both contain a numerical value known as the SPI (security parameters index) to identify the crypto keys and procedures to use with it. The first header, AH (authentication header), provides integrity checking and keying information to keep attackers from computing alternate checksums that check correctly. The second header, ESP, encrypts the contents of the remainder of the packet.
IPSec supports a number of algorithms for authentication and encryption. Examples are KeyedMD5 and SHA-1 (for AH), DES, Triple DES, and RC4 (for ESP). In addition to this, IPSec automatically handles the creation of security associations between hosts through key management.
Manual keys can be used which allow hosts to be configured manually with the proper shared secret keys. More common is the use of Simple Key Interchange Protocol (SKIP) which negotiates and exchanges session keys between IPSec hosts. ISKAMP (Internet Security Association and Key Management Protocol) is a general purpose protocol intended to manage security associations and manage key exchanges using Oakley or IKE. Tunneling is also used. In tunnel mode the final destination IP header is encrypted and a gateway IP header is added to allow router to route the packet to the gateway server. In transport mode the IP header is not encrypted.
IPSec is meant to protect traffic between hosts. However, with the wide range of applications currently in use (email, browsers, file transfer, remote terminal access, multimedia, database and so on) it becomes cumbersome to implement.
Although IPSec provides automatic protection between hosts, it is not at the discretion of the user as in SSL. Most organizations prefer not to make individual users decide whether traffic should be protected since users do not have sufficient training or applying cryptographic protection.
IPSec provides an advantage over SSL because it can protect against the newer protocol attacks such as SYN flooding and buffer overruns. In the SYN flooding attack mentioned above IPSec would block illegitimate SYN messages because they require a valid AH with a valid cryptographic checksum. Attackers cannot generate numerous requests from random hosts because they cannot generate a valid AH for every such host. In the buffer overrun attack, the destination host will discard any IP packets which are not properly formatted for IPSec. That is, packets must come from a valid host and be properly formatted for TCP before TCP processes them, thereby protecting the host from this type of attack.
Although SSL and IPSec can be combined to gain added protection and flexibility, these systems fail to address the problems of increased cost of implementation and scalability. Another major problem not addressed by SSL and IPSec is managing the cost of expanding a network to address increased bandwidth requirements of users.
The introduction of constantly changing standards and encryption/decryption schemes has greatly increased the burden on computer resources to provide secure communication. The computational demands are currently being addressed with the addition of special encryption/decryption ASICs (Application Specific Integrated Circuits) or hardware. However, as hosts are doubled, a doubling of hardware must be added to meet demands from both source and sink ends.
A conventional attempt to address the above deficiencies includes the use of hardware to handle encryption and decryption of data traffic. However, this is expensive and slow in that it increases the computational burden on the CPU when encrypting and decrypting data. The hardware approach also has a disadvantage in that it is not scaleable.
Other problems not addressed by existing security systems are prioritizing security associations between hosts, authenticating host machines and preventing traffic analysis attacks that occur when all users of the public networks converge on a bottleneck. That is, even in tunneled situations, traffic must be directed to a particular gateway which can give rise to a breach in security.
Alternative software architectures have been tried and discarded. The conventional software point to point client server model cannot scale adequately. Increased demand for secure sessions can lead to system failure as processing resources become unavailable on either side. Employing a central server model has been tried and found inadequate. The central gateway server in a distributed system environment becomes saturated with increased demand for decryption services. Tests were done to compare the performance of a conventional centralized server architecture model, as in FIG. 1, against an invention architecture topology in FIG. 2. These configuration performance tests and results are discussed below.
Conventional distributed architecture is unable to manage the increase in secure session demand due to instability arising from uneven processor computational loads, propagation delays and computer or network latency, all of which cause loss in synchronicity with collective processors. For these reasons current solutions are inadequate to overcome the barriers mentioned above.
Therefore, what is needed is a new method for encryption/decryption which is infinitely scaleable in the number of simultaneous sessions capable of being processed by a server.
What is also needed is an encryption/decryption system which is infinitely scaleable in terms of bandwidth between clients and servers.
What is also needed is an easily implemented software solution which provides end-to-end encryption/decryption in a distributed network while increasing processing power which eliminates latency as bandwidth increases.