Secure Communication over the Internet.

On most basic level, we can identify the following desirable properties of secure communication:

* Confidentiality: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message, this necessarily requires that the message be somehow encrypted (it's data disguised) so that an intercepted message cannot be decrypted (understood) by an interceptor. Cryptographic methods are responsible for message encryption & decryption.

* End-point authentication: Both the sender and receiver should be able to confirm the identity of the other party involved in the communication - to confirm that other party is indeed who or what they claim to be. Face-to-face human communication solves this problem easily by visual recognition, over the Internet it's not so simple. Authentication protocols & cryptography are often used for that.

* Message Integrity: Even if the sender and receiver are able to authenticate each other, they also want to ensure that the content of their communication is not altered, either maliciously or by accident, in transmission. Checksumming / Message Authentication Codes such as MD5, are often used to ensure integrity of messages, perhaps with more of Cryptography & other methods.

* Operational security: Security of the infrastructure, hardware & software used in communication, other tools we use & security discipline of people / organizations involved. Firewalls, Intrusion Detection / Prevention Systems, VPN, more or less secure physical communication links, etc... all of this can help to ensure this quality of secure communication, but not only... Security should be adressed as a whole, instead of just putting 'A Metal Vault Door in a Tent', an expensive security toy that covers only part(s) of the security issues. Even most expensive Cipher won't help if people will fail to secure keys or passwords, for example. Or if erroneous software is hacked, for example. If 'the secure physical link' is tapped (bug placed along the line to record the transmission), Cipher can help, but this is still a weakness, a security hole. Ciphers can be attacked if we have samples, especially if both encrypted and decrypted... and there are cases when both unencrypted text and encrypted text are sent... or at least standard parts of messages are transmitted and are easily guessed by cryptographers. (for example: known HTML parts).

See also: Communication via 3 nodes, How to arrange safer route via the Internet?, What is VPN?.

Source: [3], [8], Insights, perhaps more.

No comments:

Post a Comment