Mohd Nasir Isa [nasiris@petronas.com.my] Universiti Teknologi Malaysia Masters in Computer Science MC 953007
REMOTE ACCESS CONTROL SYSTEM
1. INTRODUCTION
There is a lot of talk about high tech thievery in the 90s. With dozens of entry points into computer networks today the complexity of authentication, authorisation, and network user accounting has become a major issue. The access control problem in a hierarchical organisation consists of the management of information among a number of users who are divided into different security classes according to their suitability in accessing the information. From early history, certain messages are needed to be kept secret. Julius Ceaser used a type of cipher known as Ceaser cipher in the Gallic wars and this is an example of a monoalphabetic cipher. As time evolved, more sophisticated ciphers were designed such as polyalphabetic ciphers. Examples are the Vigenere and Porta Ciphers. Both the monoalphabetic and polyalphabetic ciphers are based on alphabets. Such systems are no longer in use and were proven to be weak. These ciphers can be broken based on the analysis of the statistics of the cryptogram. With the introduction of the computer and electronic communication system, modern cipher systems are needed to be more efficient to keep certain messages that have to be keep secret. To achieve this, the communicants must take steps to conceal and protect the content of the messages and the amount of protection required will vary. Occasionally, it is sufficient to prevent a listener from understanding the message. However, there are certain times when it is crucial that even the most determined interceptor must not deduce it. Upon realizing this, there are so many types of encryption algorithms exist today and being used by most of the government, military, financial institutions and large companies. Cryptography can play at least four roles in protecting the privacy and confidentiality of information:
1. Ensuring that information in transit from terminal to central facility or between central facilities is not understood if intercepted by adversely interested parties.
2. Enforcing access-control and information-flow rules in respect of shared information resources.
3. Implementing communications protocols to authenticate information.
4. Preventing thieves from making use of stolen documents and media.
2. BACKGROUND TO THE PROBLEM
The Network Access Server (or NAS), sometimes called the Communication Server, Remote Access Server or Terminal Server, is a device to accept dial-in access from telephone or ISDN lines through modems or ISDN terminal adapters. The NAS connects dial-in users to the organization's internal network, which is typically a Local Area Network (LAN). Once on the internal network, the dial-in user may be able to access any device that is on the internal network. These include servers, host machines or even other users that are in the internal network. If the internal network is connected to the Internet or some other networks, the dial-in user may also be able to access the Internet or the other networks. So it is very important to provide authentication, authorization and accounting functions at the entry point of the network, that is, inside the NAS. In this way, we can control who can connect to the network, and what they are allowed to do.
2.1 Security Issues For Telecommuting
Telecommuting is the use of telecommunications to create an "office" away from the established (physical) office. The telecommuting office can be in an employee's home, a hotel room or conference center, an employee's travel site, or a telecommuting center. The telecommuter's office may or may not have the full computer functionality of the established office. For example, an employee on travel may read email. On the other side of the spectrum, an employee's home may be equipped with Integrated Services Digital Network (ISDN) access to provide the employee full computer capability at high speeds[4]. Information and telecommunications technologies make telecommuting an option for many organizations and workers. Organizations promote telecommuting to allow their employees to work from home, while on travel, at a client site, or in a telecommuting center. While offering potential benefits, telecommuting introduces new risks to the organization.
2.2 The Risk Of Telecommuting
Telecommuting is becoming accepted as a way to do business. However, opening up an organization's information systems to dial-in and other forms of access presents significant security risks. One risk is that intruders will be able to access corporate systems without having to be on site. Hackers, electronic eavesdroppers at conference sites, or shoulder surfers watching employees enter IDs and passwords, present very real threats. In addition to intruders whose goal may be mischief, hacking is attractive to people trying to steal or misuse corporate information. Electronic access to records may be difficult to trace and thus more appealing than trying to bribe employees or gain physical access. Another risk of telecommuting is that corporate information can be read, and potentially modified, while it is in transit. Telecommuting also presents organizations with more common place risks. These include the risk of losing corporate information and resources when they are outside the protective shell of the organization.
2.3 Security Issues For Protecting Internal Systems
In planning for secure telecommuting, management must first determine what type of access is needed. What systems and data do employees need? What is the sensitivity of these systems and data? Do they need system administrator privileges? Do they need to share files with other employees? Is the data confidential? From a security perspective, the critical determinations are:
What would happen if an intruder gained the same access as the employee?
What would happen if an intruder were able to use the employee's account, but gain more access than authorized for that user?
If these circumstances would result in the loss of organizational resources, managers must take steps to ensure that the integrity of their information systems is not compromised by telecommuting employees of the organization.
3. STATEMENT OF THE PROBLEM
When information is transmitted over a transmission medium, the information can be received by almost anyone. A cipher system must be able to convert plaintext to cryptogram that is not readable to any unauthorized persons and ensure protection from exhaustive keysearch. If subjected to exhaustive keysearch, the system must have a long cover time. Previous works in the area of cryptology have shown that some complex algorithms can be broken. Based on the analysis of the cryptogram, mathematical analysis of the algorithm itself and when the algorithm is subjected to some attacks, it is very important to develop algorithms that provide acceptable security level.
Is the Network Access Server capable of validating any caller who wants to have access to the corporate system or is it capable of defending itself from any intruder who purposely attack the system? A good/secured NAS will be able to to filter out any illegal caller and only authorised caller should get into the system.
4. Purpose of the Study
The purposes of the study are as follows:
1. Define a set of operating conditions for the algorithm. 2. Analyze the algorithm to the requirements in 1. 3. Define a set of protocol to communicate between users in the network 4. Implementation of the system.
4.1 Set of Operating Conditions
The sets of operating conditions are as follows:
1. The number of bits of plaintext to be secured is unlimited depend on the length of the message. 2. Large linear complexity. Based on the test described in the literature review, the linear complexity should be large. 3. Large number of keys. 4. Good statistical property.
4.2 Research Hypothesis
Assumptions :-
There are few alternatives/methods to be considered i.e :-
a) the "mathematical" properties of the cryptography i.e the method to develop cryptographic protocol. b) the types of protocol that are appropriate i.e to define a suitable type of cryptographic protocol. c) ways to validate protocols i.e to have some kind of systems to validate protocols.
The scope of study is on the access of a notebook computer to Network Access Server via telephone or ISDN line. The Network Access Server should be able to know whether the access was made by the right personnel or by an intruder. The study will be focussed on the "mathematical" properties of the encryption algorithm. Password and ID are used by NAS to validate the caller. The research will be based on the mathematical method to encrypt the ID and password using existing DES (Block cypher) and to make it good enough to protect the NAS system which involve calculation and analysis.
As the stream cipher are important for the communicants, research will be done based on the analysis of the existing stream cipher algorithms using known attacks and statistical tests. By doing this, the researcher can decide whether the existing algorithms are good or bad and then develop the protection from the attack. After the analysis is completed, then a decision can be made in terms of the security level and system complexity level.
5. Importance of Study
The importance of this study is as follows:
1. To ensure privacy of communication between individuals. 2. To protect classified information. 3. To prevent unauthorized access of computer networks via telecommuting.
6. Research Design
The research done during the study is as follows:
1. Comparison made to study the differences in the statistical characteristics of various cipher system and immunity to attacks for various algorithms. 2. Determine the relationship/correlation between the security level and complexity of the various algorithms.
7. Scope of Work
The scope of work is as follow :
1. The research is mainly focus on established stream cipher algorithm such as Pless and Improved Geffe systems. 2. Implementation on Wide Area Network.
8. NETWORK ACCESS SERVER ARCHITECTURE
8.1 File Server Requirements
A Netware v4.11 file server must Have at least one hard disk, either internal or external; Have 4 MB of RAM; Contain at least one network board; Be used only as a dedicated file server.
8.2 File Server Specification For The Project :-
Intel Pentium Pro 200MHz microprocessor 32MB RAM 4GB hard disk drive w/ access time not exceeding 14ms Real time clock with lithium battery PCI bus design Video Graphics Color Adapter Video Graphics Color Monitor Dual Serial Port (9 pin D female connector) 1 x 3.5" disk drive - 1.44 MB 1 x quad speed internal CD-ROM drive 1 x 2 button mouse Internal power supply unit Performance upgradable via processor board (up to 2 processor)
8.3 Network Operating System
The Novell Netware operating system enables the file server to regulate communications among the personal computers attached to it and to manage any shared resources such as printers.
NetWare 4.11 is the fifth generation of Novell's NetWare 4 network operating system. It's a high-performance server operating environment that provides a powerful, reliable processing for file, print, directory, security and management services.
Integrated TCP/IP, with options to run IP, IPX, or both protocols on the same network.
New graphical administration tools to better manage network and NDS environments.
Improved recovery and error detection.
The Novell Application Launcher, which works with Novell Directory Services (NDS) to manage desktop applications.
Multiprotocol routing lets you set up a WAN connection to your Internet service provider using leased lines, ISDN or frame relay, eliminating the need for an external router.
The IP-IPX gateway acts as a natural firewall. Because there is only one IP address on the network, at the server, the IPX servers and workstations on the network are invisible to potential intruders.
Novell Directory Services is a distributed database that gives seamless, global access to all network resources, regardless of their physical locations. With NDS, rather than logging in to individual servers, one logs in and enters a password only once to gain access to all the network resources one is authorized to use.
9. Review of Literature
9.1 Introduction
At present time, there are two most common types of cipher algorithms called block cipher and stream cipher. The choice between using a block cipher or stream cipher is greatly affected by its application. The use of block cipher implies error propagation. Thus, block ciphers can only be used when error propagation is either an advantage or, at least, not a handicap. This is usually used for encryption of short message such as for password and ID. The block cipher algorithm is used more in commercial such as banking system. However, in any communication over a noisy channel and large data transmission, an introduction of extra errors because of encryption is unacceptable. Thus, a stream cipher is a better choice than a block cipher.
The characteristics of an ideal cipher system[1][2]:
1) A cryptogram must have random characteristics. 2) A keystream must have high linear complexity.
Modern cipher system should have been able to withstand exhaustive keysearch up to 264. For the block cipher, keysearchers are often required to find the 64 bits key and these are probably sufficient to withstand exhaustive keysearch. As for the stream cipher, the system required a large set of keys and these are discussed throughout the thesis [8]. In general, the security level provided by cipher system should be assessed under a worst case condition and exhaustive key search is possible.
Worst case condition for a cipher system will occur if the interceptor has [1][2]:
A1. Complete knowledge of the cipher system. A2. Considerable amount of ciphertext/cryptogram. A3. Considerable amount of plaintext corresponding to cryptogram.
Condition A1 implies that there is no security in the cipher system itself and that all security must come from the key. Naturally a cryptanalyst's task is considerably harder if a cryptanalyst does not know the system used and it is now possible to conceal this information to a certain extent. For instance, with a modern electronic system, the function used for enciphering and deciphering can conceal in hardware by using microelectronics. It should be clear that condition A2 is a necessary assumption that, with A1, has formed the basis for a cryptanalytic attack. It has to be assumed that, if a cryptanalyst can intercept one communication between two parties, a cryptanalyst is likely to be able to intercept others. Furthermore, a number of these communications may have used the same key. A3 in conjunction with A1 is also the basis of the known plaintext attack that is probably the most important and commonly used method of breaking ciphers. In this case a cryptanalyst has, possibly by guesswork, deduction, or even by 'planting' it in some way, obtained knowledge of some plaintext message prior to its encipherment. So a cryptanalyst already knows the plaintext equivalent of part of the cryptogram.
9.2 Stream Cipher Systems
A stream cipher is a system in which the key is fed to an algorithm that uses the key to generate an infinite sequence. (The algorithm is usually called the sequence generator or keystream generator). In stream ciphers, the plaintext is converted to cryptogram by xoring the plaintext bit by bit with the keystream sequence. In all practical cases of cipher systems, the algorithm is an example of a finite state machine.
It is important to realize that the stream cipher attempts to utilize confusion, but not diffusion. This gives it a major advantage over a block cipher; namely that it is not error propagating. Therefore, stream ciphers probably provide the most important method of modern encipherment. Since the majority of such systems employ electronic techniques, both plaintext and the infinite sequence use a character set which has only two possibilities corresponding to on and off. For convenience these are labeled 1 and 0 known as binary digits or bits and resulting system is called a binary system.
The messages that need to be transmitted employ a larger alphabet. To overcome the problem, each character can be represented by a set of bits. For example, if a message using only the letters of the English alphabet then a character set are 26 elements. If, the sets of bits representing each character must have the same size then each character can represent by at least log2 26 bits.
1) The input sequence must have a guaranteed minimum length for its period. 2) The ciphertext must appear to be randomly generated. 9.3 The Concept Of Randomness The first problem is to decide what is meant by randomness. Before attempting to give formal definition, it is better to decide what the randomness properties to indicate. A sequence is called random if it is generated by a random process, for example coin tossing. In cryptography, what is normally required of the sequence is unpredictability rather than randomness. It is important to know that, if a cryptanalyst intercepts part of the sequence, a cryptanalyst will have no information on how to predict what comes next. Again this is, strictly speaking impossible for any periodic sequence since, when a cryptanalyst knows a complete cycle, the cryptanalyst knows the entire sequence. Nevertheless, it is not unreasonable to try to ensure that, if a segment of ciphertext that is considerably shorter than the period is intercepted, no further information is imparted. Any deterministic sequence satisfying these general properties is normally called a pseudorandom sequence. When considering the cryptanalysis of ciphertext, the aim was to use the statistical information available for ciphertext language. A cryptanalysis was made more difficult when each ciphertext letter appeared almost equally frequent. It was discovered that if each bigram, trigram of ciphertext letter also appeared equally often then the ciphertext would appear to be random and the statistics would be useless. This is another property to include into the idea of randomness. The definition of pseudorandom is not complete without introducing more terminology and defining the statistical concept of an autocorrelation function. If (St) is any binary sequence then a run is a string of consecutive identical elements that is neither preceded nor succeeded by the same symbol. Thus, for example, 00111001 begins with a run of two 0's, contains a run of three 1's and a run of two 0's, and then ends with run of one 1. A run of 0's is called a gap while a run of 1's is a block. Suppose that (St) is a binary sequence of period p. For any fixed G , compare the first p terms of St and its translate (St+G ). If A is the number of positions in which these two sequences agree and D(=p-A) is the number of positions in which the two sequences disagree, then the autocorrelation function C(G ) is defined by: C(G ) = A-D p Clearly C(G +p)=C(G ) for all G , so it suffices to consider only those G satisfying 0 £ G < p. When G =0, that is in phase autocorrelation. In this case, clearly, A=p and D=0, so that C(0)=1. On the other hand, out-of-phase autocorrelation is for G not equal to zero. The following three randomness postulates for a binary sequence of period p was proposed by Golomb [5]. R1. If p is even the cycle of length p shall contain an equal number of 0's and 1's. If p is odd then the number of 0's shall be one more or less than the number of 1's. R2. In the cycle of length p, half the runs have length 1, a quarter have length 2, an eighth have length 3 and, in general, for each i for which there are at least 2i+1 runs, 1/2i of the runs have length i. Moreover, for each of these lengths, there are equally many gaps and blocks. R3. The out-of-phase autocorrelation is a constant. It is observed that, when applied to ciphertext sequences, R1 reflects the property that the input characters occur equally often and R2 says something like bigrams, trigrams and others occur equally often. Obviously R3 says that it is not possible to obtain extra information by comparing the cryptogram with translates of itself. The most familiar example of a random binary sequence arises from tossing an unbiased coin repeatedly and writing 1 when it is head and 0 for tails. In this context Golomb gave the following interpretation of his postulates: 'In flipping a "perfect coin", R1 is the postulate that heads and tails occur equally often, and R2 is the assertion that after a run of n heads (tails) there is a fifty-fifty chance that it will end with the next coin flip. Finally R3 is the notion of independent trials - knowing how the toss came out on a previous trial gives no information for the current trial.' Golomb's postulates can be considered as reasonable requirement for a pseudorandom binary sequence, and call a sequence the G-random; such sequences are often called PN-sequences (PN being the abbreviation for pseudonoise). 9.4 Statistical Tests For Local Randomness If the sequences are to be used as enciphering sequences in a stream cipher system, the sequences must resemble a random sequence. In practice, the sequences used in cipher systems must have large periods. A period less than 1010 is rarely used, and periods as long as 1050 are quite common. Although knowledge of properties of the entire sequence is crucial, but, if an interceptor does obtain some ciphertext, it will almost certainly be a small section. Thus, it is important to apply statistical tests to sections of the sequence and to check whether it is being random. This type of randomness is often referred to as local randomness. The definitions of a G-random sequence have already been discussed. One requirement is that each complete cycle should contain an equal number of 0s and 1s. If a section of the sequence is tested then, clearly, it would be unreasonable to expect a precise fifty-fifty split. However, equally clearly, there is no dominance of either digit. The statistical tests listed in this section can be done to provide a quantitative measure of randomness. All of the tests, in their various ways, measure the relative frequencies of certain pattern of 0s and 1s in a section of the sequence. Once the sequence is measured, it is up to the cryptographer to decide if the sequence is random enough for his purposes. The levels of confidence for the tests have to be determine so that it is easier to decide whether a sequence has passed or failed the test. To do this, the statistical value is established corresponding to truly random sequences and then set a pass mark. As an example, if the pass mark is 95%, this means that a given sequence passes the test if its value lies in the range in which it is expected to find 95% of all truly random sequences. It is usual to denote the pass mark as (100-a )%, where a is called the significance level of the test. In the following sections four statistical tests will be introduced. It will indicate what feature each test is designed to measure and define the statistic used to quantify that feature. It will also give an example of a sequence that passes the given test but still does not appear random. This can occur when a sequence is produced by a nonrandom source. The examples will demonstrate that each test is not sufficient on it own, but must be used in conjunction with the other tests. All of the tests are described for use with binary sequences. 9.5 The Frequency Test The frequency test is designed to compare the number of 0's and the number of 1's in a sequence. Since the sequence should resemble one produced by a binary symmetric source (BSS), it is expected that number of 0's and 1's to be about the same. If n is the length of the sequence, n0 is the number of 0's in the sequence, and n1 is the number of 1's, then the statistic is computed by: X = (n1-n0)2 n where: n = total number of bits in the sequence n0 = number of 0's n1 = number of 1's Clearly if n0 = n1 then X = 0, and the larger the value of X the greater the discrepancy between the observed and the expected frequencies. Since it is expected that the number of 0's and 1's to be approximately the same for a random sequence, large values of X indicate nonrandomness. To decide if the value obtained is good enough for the sequence to pass, just compare the value of X with the table of the c 2-distribution, for one degree of freedom [7]. The value of X from c 2-distribution for 5% significance level is 3.84. So, if the value is not greater than 3.84 then the sequence pass the test. Otherwise, reject the sequence. For the frequency test it is quite simple to find sequences that pass the test easily but do not appear random. Some examples of length 20 are 01010101010101010101 and 00000000001111111111 In both these cases the number of 1's is equal to the number of 0's, but neither sequence looks randomly generated because it is predictable. 9.6 The Serial Test The serial test decides if the number of occurrences of each pair
Mohd Nasir Isa,
----------------------------------------------------------------------
Manager
Information Technology Department
Petronas Gas Bhd
KM 105 Jalan Kuantan/Kuala Terengganu
24300 Kertih
Terengganu
MALAYSIA
Tel: 09-8282098 Fax: 09-8271710
H/p: 019-9561076
Web Site : http://geocities.datacellar.net/ResearchTriangle/7603/
======================================================================
The Best Way To Predict Your Future Is To Create It
----------------------------------------------------------------------
