282 Chapter 13 E-commerce Security Issues A good guideline for writing your security policy is that it’s like writing a set of func- tional requirements for software.The policy shouldn’t talk about specific implementa- tions or solutions, but instead about the goals and security requirements in your environ- ment. It shouldn’t need to be updated very often. You should keep a separate document that sets out guidelines for how the require- ments of the security policy are met in a particular environment.You can have different guidelines for different parts of your organization.This is more along the lines of a design document or a procedure manual that documents what is actually done in order to ensure the level of security that you require. Authentication Principles Authentication attempts to prove that somebody is actually who she claims to be.There are many possible ways to provide authentication, but as with many security measures, the more secure methods are more troublesome to use. Authentication techniques include passwords, digital signatures, biometric measures such as fingerprint scans, and measures involving hardware such as smart cards. Only two are in common use on the Web: passwords and digital signatures. Biometric measures and most hardware solutions involve special input devices and would limit authorized users to specific machines with these attached.This might be acceptable, or even desirable, for access to an organization’s internal systems, but takes away much of the advantage of making a system available over the Web. Passwords are simple to implement, simple to use, and require no special input devices.They provide some level of authentication, but might be not be appropriate on their own for high security systems. A password is a simple concept.You and the system know your password. If a visitor claims to be you, and knows your password, the system has reason to believe he is you. As long as nobody else knows or can guess the password, this is secure. Passwords on their own have a number of potential weaknesses and do not provide strong authentica- tion. Many passwords are easily guessed. If left to choose their own passwords, around 50% of users will choose an easily guessed password. Common passwords that fit this descrip- tion include dictionary words or the username for the account. At the expense of usabil- ity, you can force users to include numbers or punctuation in their passwords, but this will cause some users to have difficulty remembering their passwords. Educating users to choose better passwords can help, but even when educated, around 25% of users will still choose an easily guessed password.You could enforce password policies that stop users from choosing easily guessed combinations by checking new passwords against a diction- ary, or requiring some numbers or punctuation symbols or a mixture of uppercase and lowercase letters. One danger is that strict password rules will lead to passwords that many legitimate users will not be able to remember. 17 525x ch13 1/24/03 3:37 PM Page 282 283 Using Authentication Hard to remember passwords increase the likelihood that users will do something unsecure such as write “username fred password rover” on a note taped to their moni- tors. Users need to be educated not to write down their passwords or to do other silly things like give them to people over the phone who ring up claiming to be working on the system. Passwords can also be captured electronically. By running a program to capture key- strokes at a terminal or using a packet sniffer to capture network traffic, crackers can— and do—capture useable pairs of login names and passwords.You can limit the opportu- nities to capture passwords by encrypting network traffic. For all their potential flaws, passwords are a simple and relatively effective way of authenticating your users.They provide a level of secrecy that might not be appropriate for national security, but is ideal for checking on the delivery status of a customer’s order. Using Authentication Authentication mechanisms are built in to the most popular Web browsers and Web servers.Web servers might require a username and password for people requesting files from particular directories on the server. When challenged for a login name and password, your browser will present a dialog box looking something like the one shown in Figure 13.2. Figure 13.2 Web browsers prompt users for authentication when they attempt to visit a restricted directory on a Web server. Both the Apache Web server and Microsoft’s IIS enable you to very easily protect all or part of a site in this way. Using PHP or MySQL, there are many other ways we can achieve the same effect. Using MySQL is faster than the built-in authentication. Using PHP, we can provide more flexible authentication or present the request in a more attractive way. We will see some authentication examples in Chapter 14,“Implementing Authentication with PHP and MySQL.” 17 525x ch13 1/24/03 3:37 PM Page 283 284 Chapter 13 E-commerce Security Issues Encryption Basics An encryption algorithm is a mathematical process to transform information into a seem- ingly random string of data. The data that you start with is often called plain text, although it is not important to the process what the information represents—whether it is actually text, or some other sort of data. Similarly, the encrypted information is called ciphertext,but rarely looks any- thing like text. Figure 13.3 shows the encryption process as a simple flowchart.The plain text is fed to an encryption engine, which might have been a mechanical device, such as a World War II Engima machine, once upon a time, but is now nearly always a computer program.The engine produces the ciphertext. Plain Tex t Cipher Tex t Encryption Algorithm Figure 13.3 Encryption takes plain text and transforms it into seemingly random ciphertext. To create the protected directory whose authentication prompt is shown in Figure 13.2, we used Apache’s most basic type of authentication. (You’ll see how to use this in the next chapter.) This encrypts passwords before storing them.We created a user with the password password.This was encrypted and stored as aWDuA3X3H.mc2.You can see that the plain text and ciphertext bear no obvious resemblance to each other. This particular encryption method is not reversible. Many passwords are stored using a one-way encryption algorithm. In order to see whether an attempt at entering a pass- word is correct, we do not need to decrypt the stored password.We can instead encrypt the attempt and compare that to the stored version. Many, but not all encryption processes can be reversed.The reverse process is called decryption. Figure 13.4 shows a two-way encryption process. Plain Tex t Cipher Tex t Key Encryption Algorithm Plain Tex t Decryption Algorithm Figure 13.4 Encryption takes plain text and transforms it into seemingly random ciphertext. Decryption takes the ciphertext and transforms it back into plain text. 17 525x ch13 1/24/03 3:37 PM Page 284 285 Public Key Encryption Cryptography is nearly 4000 years old, but came of age in World War II. Its growth since then has followed a similar pattern to the adoption of computer networks, initially only being used by military and finance corporations, being more widely used by companies starting in the 1970s, and becoming ubiquitous in the 1990s. In the last few years, encryption has gone from a concept that ordinary people only saw in World War II movies and spy thrillers to something that they read about in newspapers and use every time they purchase something with their Web browsers. Many different encryption algorithms are available. Some, like DES, use a secret or private key; some, like RSA, use a public key and a separate private key. Private Key Encryption Private key encryption relies on authorized people knowing or having access to a key. This key must be kept secret. If the key falls into the wrong hands, unauthorized people can also read your encrypted messages. As shown in Figure 13.4, both the sender (who encrypts the message) and the recipient (who decrypts the message) have the same key. The most widely used secret key algorithm is the Data Encryption Standard (DES). This scheme was developed by IBM in the 1970s and adopted as the American standard for commercial and unclassified government communications. Computing speeds are orders of magnitudes faster now than in 1970, and DES has been obsolete since at least 1998. Other well-known secret key systems include RC2, RC4, RC5, triple DES, and IDEA.Triple DES is fairly secure. 2 It uses the same algorithm as DES, applied three times with up to three different keys. A plain text message is encrypted with key one, decrypted with key two, and then encrypted with key three. One obvious flaw of secret key encryption is that, in order to send somebody a secure message, you need a secure way to get the secret key to him. If you have a secure way to deliver a key, why not just deliver the message that way? Fortunately, there was a breakthrough in 1976, when Diffie and Hellman published the first public key scheme. Public Key Encryption Public key encryption relies on two different keys, a public key and a private key.As shown in Figure 13.5, the public key is used to encrypt messages, and the private key to decrypt them. The advantage to this system is that the public key, as its name suggests, can be dis- tributed publicly.Anybody to whom you give your public key can send you a secure message. As long as only you have your private key, then only you can decrypt the mes- sage. 2 Somewhat paradoxically, triple DES is twice as secure as DES. If you needed something three times as strong, you could write a program to implement a quintuple DES algorithm. 17 525x ch13 1/24/03 3:37 PM Page 285 286 Chapter 13 E-commerce Security Issues Figure 13.5 Public key encryption uses separate keys for encryption and decryption. The most common public key algorithm is RSA, developed by Rivest, Shamir, and Adelman at MIT and published in 1978. RSA was a proprietary system, but the patent expired in September 2000. The capability to transmit a public key in the clear and not need to worry about it being seen by a third party is a huge advantage, but secret key systems are still in com- mon use. Often, a hybrid system is used. A public key system is used to transmit the key for a secret key system that will be used for the remainder of a session’s communication. This added complexity is tolerated because secret key systems are around 1000 times faster than public key systems. Digital Signatures Digital signatures are related to public key cryptography, but reverse the role of public and private keys.A sender can encrypt and digitally sign a message with her secret key. When the message is received, the recipient can decrypt it with the sender’s public key. As the sender is the only person with access to the secret key, the recipient can be fairly certain from whom the message came and that it has not been altered. Digital signatures can be really useful.They let the recipient be sure that the message has not been tampered with, and they make it difficult for the sender to repudiate, or deny sending, the message. It is important to note though that although the message has been encrypted, it can be read by anybody who has the public key.Although the same techniques and keys are used, the purpose of encryption here is to prevent tampering and repudiation, not to prevent reading. As public key encryption is fairly slow for large messages, another type of algorithm, called a hash function, is usually used to improve efficiency. The hash function calculates a message digest or hash value for any message it is given. It is not important what value the algorithm produces. It is important that the output is deterministic, that is, that the output is the same each time a particular input is used, that the output is small, and that the algorithm is fast. The most common hash functions are MD5 and SHA. Plain Tex t Public Key Private Key Cipher Tex t Encryption Algorithm Plain Tex t Decryption Algorithm 17 525x ch13 1/24/03 3:37 PM Page 286 . popular Web browsers and Web servers .Web servers might require a username and password for people requesting files from particular directories on the server. When challenged for a login name and. of a site in this way. Using PHP or MySQL, there are many other ways we can achieve the same effect. Using MySQL is faster than the built-in authentication. Using PHP, we can provide more flexible. measures such as fingerprint scans, and measures involving hardware such as smart cards. Only two are in common use on the Web: passwords and digital signatures. Biometric measures and most hardware solutions