Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/purvgwtw/public_html/tutorials/common.php on line 7
Evaluation of Crypto Products
Sponsered Links
Categories
Sponsered Links

Evaluation of Crypto Products

 

Cyber Security- A process / technology to protect the computer, network and data from unauthorised access, vulnerabilities and attacks delivered via internet by cyber criminals.

  • Communication Security-   Communication media technology and content.

  • Network security- Network computation, Connection and content.

  • Information Security- System and hardware, store and transmit.

 

Cryptographic Evaluation- It is an uncertain search and test for cryptographic vulnerabilities. It is done to rely (to build their confident) on the strength and quality of the cryptographic security they use to protect official information and system.

 

Modelling and evaluating security in this era cryptographic systems uses three main approaches:-   information theoretic, Computational  and quantum theoretic.

 

Privacy-guidelines-

  • Collection Limitation Principle

  • Data Quality Principle

  • Purpose Specific

  • Use Limitation

  • Security Safeguard

  • Openness

  • Individual should have the right

  • Accountability

 

Tips to protect organisation from cyber attacks-

  • Conduct a cyber security risk assessment

  • Develop a cyber security policy and plan

  • Ensure your computer systems and security systems are up to date.

  • Staff and customer awareness on cyber security best practices.

 

Types of Cyber Attack 

  • Plain-text Based Attacks

  • Known Plaintext.

  • Chosen Plaintext.

  • Adaptive Chosen Plaintext.

  • Cipher text based attack

  • Cipher text only

  • Chosen cipher text

  • Adaptive Chosen cipher text

 

Types of Approval by NSA 

Type-1 is a religious process that include testing and formal analysis of cryptographic security, functional security, tamper resistance, emission security (EMSEC, TEMPEST) and security of the product manufacturing and distributing process.

Type-2 products are classified cryptographic equipments, assemblies or components, endorsed by the NSA.

Type-3 product is a device for use with sensitive, but unclassified information on non-information security system. Approved algorithms include DES, Triple DES and AES.

Type-4 product is an encryption algorithm that has been registered with NIST but is not a Federal Information Processing Standard (FIPS). It may not be used to protect classified information.

Suite-A is used in applications where suite-B may not be appropriate. It is used for the protection of sensitive information. It is a NSA cryptography that contains those algorithms that will not be released.

Suit-B is a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It is to serve as an interoperable cryptographic base for both unclassified information and not classified information.

 

NSA product categories and their examples 

  1. Classified or Sensitive US Government information (TOP Secret)-

It includes algorithms as AES(256), BATON, FIREFLY, HAVEQUICK and SAVILLE, used in a variety of products such as the STU-III secure phone and many military communication products- KG84, KIV-7, KY-57 and KY-99. 

Type-1 products are only used by US government and their contractors. It is also used by NATO.
 

  1. National Security Information- Includes products like CORDOBA, KEA and SKIPJACK used in equipments like the crypto chip and the Fortezza (Plus) crypto cards.

Used for unclassified national Security. Type-2 products are subject to subject to international Traffic in Arms Regulation (ITAR).
     

  1. Unclassified sensitive US Government or Commercial Information-

Used on Non-National Security systems. Approved algorithms include DES, Triple DES, AES, DSA and SHA. One of the best example of Type-3 product is CVAS III secure phone.
 

  1. Unevaluated Commercial cryptographic equipment; not for government usage- The algorithm has been NIST but are not FIPS. They may not be used for classified information.

 

ALGO Suites

  1. Suite-A - Unpublished NSA algorithms intended for highly sensitive communication and critical authentication systems. Generally combination of Type-1 and Type-2 equipments (Techniques).

  2. Suite-B – NSA endorsed cryptographic algorithms for use as an interoperable base for both unclassified and most classified information/data.

 

Hardware Crypt Analysis

  1. NIST test validated by FIPS:-

  • Frequency Test

  • Frequency Test within a block

  • Runs Test

  • Test for the longest run of ones in a block.

  • Binary Matrix Rank Test.

  • Discrete Fourier Transform Test.

  • Non-overlapping Template matching test

  • Overlapping Template matching Test

  • Maurer’s “ Universal Statistical” test

  • Linear Complexity Test

  • Serial Test

  • Approximate entropy Test

  • Cumulative Sum Test

  • Random Excursions Test.

  • Random Excursions variant Test.
     

  1. Crypto Hardware

Crypto hardware’s are:-

  • Disk Imaging

  • Forensic Media Preparation

  • Write Block

  • Mobile Device

  1. Test Methods

  • Identification and Privilege credential management test method

  • 17DHSIPCM  Transportation worker identification credential (TWIC) card –Fixed Reader Conformance Testing

      • Basic cryptographic and Security Testing

      • Cryptographic Algorithm Validation Testing(17 CAV)

      • Cryptographic Hardware Module Testing(17CHM1)

      • Cryptographic Software Module Testing(17CMS1)

 

Note:-  Proficiency Testing for 17DHSIPCM tests will require Proof of the laboratory competence to set up and configure a testing hardware and software.

  1. Equipments Required For Hardware Testing

Hardware

  • At least 1 USB and 1 serial port, available on the test PC.

  • Contact/Contactless smart card reader

  • One or more set of testing cards provided by DHSIPCM program management office.

Software

  • Testing tool provided by DHSIPCM program management office.

 

  1. Tools for Hardware Testing

SMRXTIMING is a loop hardware testing tool for the crypto box.

Five types of functions supported under SMRX timing are:-

  • Login/Logout

  • Memory read/write

  • Rijndael AES Hardware- based encryption.

  • RSA software based encryption with hardware stored keys.

  • RSA hardware-based encryption currently implemented for Win 32/64 platform.

  • USB Dongle with Smart Card.

Sponsered Links
Latest Updates
 
All Content of this site is for learning only. We do not warrant the correctness of its content. The risk from using it lies entirely with the user. While using this site, you agree to have read and accepted our terms of use and privacy policy.
Copyright © 2014 PURVACOMPUTERS.COM All Right Reserved