As an increasing number of companies are connecting to networks and in particular to Internet, security on computer networks becomes an important issue at the dawn of the twenty-first century. Many problems arise in companies and other organizations. These problems are usually referred to under the term of computer hacking; the people who are responsible for this are referred to as hackers.
This computer hacking has several facets. For example, it may be performed from outside or from the inside of ‘the company’, this term ‘company’ referring to a firm of an industrial or commercial nature, a government organization or any other association of interests. Further it may have different goals: alter, suppress, peruse data (read, change or delete); or prevent the computer network from operating properly (notably by remotely impairing the operation of the essential computers).
Before continuing, hacking methods shall have to be discussed, those that may be described as physical methods because they are based on physical characteristics of the computer systems.
The first and the most simple of these physical methods is what is called in computers, ‘sniffing’. This corresponds to physical spying of connection cables. The hacker may thereby capture all the information which transits within this network. The hacker may obtain vital information: confidential information of any nature, network user passwords. He may also alter or delete these data.
A second method of physical hacking requires very considerable means. It is based on intercepting electromagnetic waves emitted by a computer screen (or emitted by any component of the computer system). Another physical hacking method consists in perusing typed texts by simple observation while it is being typed on the keyboard or during its display on the screen. (Direct or indirect observation of the user).
These physical methods are undetectable for the computer system and are independent of this system.
Except for these physical methods, computer hacking may also be based on methods which will be termed as logical methods. These methods directly tackle the computer system's logic.
Generally they make use of the weak points of this logic. Most of these methods frequently use what is called a trap, i.e. a loophole in an operating system or in another software package. These traps are entry points in a computer system which pass over the normal security measures. This may be a concealed program inside the computer system or an electronic component which makes the protection system inefficient. Further, the trap is often enabled by an event or a “normal” action. The trap may also be a voluntary loophole in the security system. In this case, the traps are not always harmful: certain operating systems have user accounts with high privileges for facilitating the work of maintenance technicians.
In order to understand these logical methods, it should be brought to mind that every time a user makes a request in order to access a file or more generally a computer resource, the operating system decides whether this user is authorized or not to access this file. The operating system makes this decision according to several criteria such as the owner of the file, the identification of the person who is requesting access to it, the access authorizations which have been determined by the owner. Therefore, the hacker must deceive the computer system in order to obtain the desired information by interfering with its logic.
It is practically unfeasible to create an exhaustive list of the methods used for hacking computer data or a network as these methods are so numerous. However, it should be stressed that they include common points after all and more particularly a common logic. General methods may thereby be established for opposing these hackers.
A first known method for defeating logical hacking consists in asking the user to provide a password in order to access data, a password which is acknowledged by the operating system. This password is a numerical value. Today, this remains the keystone of all security systems. Now, this is also its primary weak point: a hacker which knows the password of a user may access to this user's private data and may also impersonate this user which is far worst. Any action, error, mistake thereby committed by the hacker will therefore be wrongly ascribed to the hacked user.
Another known method for defeating hacking consists in encrypting data. This method is often considered as sufficient. This enciphering is presently carried out with software packages or electronic cards. The enciphering is based on using an encipherment key. This encipherment key is one of the weak points of this method. With this method, when two computers want to communicate which each other, they must first be authenticated one by the other, i.e., use a common encipherment key. Presently this authentication process is numerical and is based either on a code typed in by the user or on a code logically generated by both computers. In this second case, unfortunately, both computers have to exchange a sequence of information until they mutually authenticate each other. It follows that a third computer entering and hacking this system may locate the generated code by perusing over this exchange of information. By doing this, it may have access to the transmitted data and may even usurp the identity of these hacked machines.
Data encryption is also used for making information contained on a computer data medium incomprehensible. In this case, the enciphering keys are generated in the same way as for encipherment of transmissions.
All enciphering methods presently used are based on mathematical algorithms. There are two encipherment algorithm classes: symmetrical algorithms and asymmetrical algorithms.
The symmetrical algorithm only uses one single enciphering key which therefore serves both for encrypting and decrypting data at the same time. Conversely, the asymmetrical algorithm uses two keys: a public key and a private key. In this second enciphering method, each user has two keys: a private key and a public key. His public key is known to all the other users. With it, the message may be encrypted but not decrypted. His private key is only known to him exclusively, and is unknown to the other users. With it, the enciphered message may be decrypted.
An asymmetrical system may be used for a key exchange protocol, i.e., a protocol enabling two users to agree on a symmetrical encipherment key to be used for the actual encipherment.
An example of such a protocol is detailed in U.S. Pat. No. 4,200,770 et CA-1121480. As an example, and for a better understanding of the present document, this asymmetrical algorithm is described hereafter.
In the rest of the present document, the notation g^a[N] represents g to the power of a, modulo N.
Let A et B be two users of the algorithm. Each user has a confidential private key, for example ‘a’ for A et ‘b’ for B. The numbers g^a [N] and g^b[N] are known to all. Numbers g et N are fixed and chosen once and for all by A and B, in such a way that the multiplicative group for the successive powers of g modulo N has a large number of elements. Practically, N is chosen to be a very large prime number with for example about a hundred of decimal figures and such that (N−1)/2 is prime, and that g is a primitive root modulo N, i.e. a generator for the multiplicative modulo N group.
When A wants to communicates with B in such a way as to be only understood by B, A takes the public key of B: g^b and raises it to the power of ‘a’ (always modulo N) which gives g^(ba) and thus provides the encipherment key for a symmetric algorithm. B is the only one able to understand the message by doing (g^a)^b=g^(ab)=g^(ba) [N].
This method works because there is no known algorithm for solving within a reasonable time, the ‘x’ equation: g^x=d [N] if N is very large.
Private keys ‘a’ and ‘b’ of A and B are usually generated by random number generators upon first communication between the two speakers. As these numbers are not always stored, they must now be regenerated regularly.
The encipherment algorithms presently used are very efficient. However, user authentication is not fully satisfying. In the case of direct authentication between two encipherment devices (therefore without any human intervention), a third encipherment device may manage to impersonate one of the other two devices and may thus access data on the other computer, as already mentioned. If the authentication requires that a code be typed in by the user on the keyboard of his computer, this code may be intercepted by a hacker or may be directly observed when it is typed in on the keyboard.
There is a third known method against hacking. This method is related to the protection of internal networks. In order to prevent intruders from penetrating into an internal network, several companies have introduced on the market, locks (more commonly called “firewalls” by computer specialists). This is a logical barrier between the company's network and a network which has not been made secure (for example, Internet). A lock is a device placed on a specific computer which prevents unauthorized accesses to information resources of the internal network. In other words, a lock operates like a gateway by monitoring information flowing in both directions. It is able to prevent certain external users from accessing certain data or software resources of the internal network. Thus, security problems of the internal network with regards to the outside world, are normally confined in one single point of the network: the lock.
This lock, if it is properly used (alas, this is the case very rarely), is logically impenetrable. So, one will have to resort to another approach: for instance, the hacker will prevent the computer hosting the lock from properly operating by saturating it with messages sent to it profusely which will force this computer to exceed its information processing capabilities. If this computer is no longer running, the hacker may then penetrate into the network which is no longer made secure by the lock.
Further, a lock is no protection against a possible hacker directly working within the network. Unfortunately, this case is not an exception and according to the FBI, more than 80% of the hackings would be due to a person having an internal access to the network.
In order to defeat computer hacking in addition to the aforementioned prevention techniques, an attempt may also be made to find out who the author of this hacking is. It is possible to make use of the computer traces left behind him: opening of files, connections with servers . . . indeed, most computer handling operations leave digital traces in the operating systems. Unfortunately, it is rather easy to conceal these traces: usurping somebody's identity by using his password, borrowing a workstation so as to have someone else accused, are standard hacker techniques and are very easily implemented. Indeed today, user authentication is performed through his digital identifier but not by recognizing the physical person. As a result, one can never be absolutely certain of the identity of the user of a computer.
In order to increase the level of user authentication, several companies use bank authentication techniques: chip cards. New physical authentication methods like examining the retina or the finger prints of the user, exist but are still not very used because their reliability is still relatively unknown.
To summarize, it may be stated that the present methods for making a computer network safe have definite drawbacks. Indeed, they are based on operating systems having security loopholes, on imperfect authentication of the users. Furthermore, although security problems from outside the companies or the computerized organizations are feared essentially, it should also be considered, unfortunately, that very often these problems have an internal cause. A satisfactory method for making a computer network secure must therefore protect this network both from external and internal hacking.