S 4.34 Using encryption, checksums, or digital signatures
Initiation responsibility: IT Security Officer
Implementation responsibility: User
If confidential information or information with high integrity requirements is transmitted and if there is a possibility that this data could be disclosed to unauthorised parties, manipulated by these parties or changed due to technical failures, then the use of a cryptographic method should be considered to protect the data intended for transfer or transmission.
Protecting confidentiality using encryption
Confidential information needs to be encrypted before transmission. The decisive feature of any encryption method is the quality of the algorithm and the selected keys. An approved algorithm that has proven adequate for normal protection requirements is the Triple DES algorithm, which is based on the Data Encryption Standard (DES). It is easy to program, especially since the sample source code in the C programming language is available in many technical books on this subject. Another approved algorithm is the Advanced Encryption Standard (AES).
In order to meet the confidentiality requirements of the information to be transmitted, the recipient's and the sender's IT systems must provide sufficient access protection for the encryption program. If necessary, this program should be stored on a removable data medium, which is then stored under lock and key, and only be installed or used when needed.
Protecting integrity using checksums, encryption, or digital signatures
When only the integrity of the data to be transferred needs to be protected during the exchange, you must decide if protection should only be provided against accidental changes, i.e. due to transmission errors, or against intentional manipulation as well. If only accidental changes need to be detected, then checksum procedures (e.g. cyclic redundancy checks) or error-correcting codes can be used. Protection against manipulation is also provided by the methods that create a Message Authentication Code (MAC) from the information to be transmitted using a symmetric encryption algorithm (e.g. DES). Other methods use an asymmetric encryption algorithm (e.g. RSA) combined with a hash function to create a digital signature. The "fingerprints" (checksums, error correction codes, MACs, digital signatures) produced are transmitted together with the data to the recipient, who can then check the fingerprints.
For information on how to transmit or exchange the keys, if necessary, please refer to safeguard S 2.46 Appropriate key management. Additional information on the use of cryptographic methods and products can be found in module 3.7 Crypto-concept.
Review questions:
- Is the encryption program protected against unauthorised access?
- Is an encryption algorithm used to transmit confidential information and does this algorithm meet the current state of the art?
- Is a method to protect the information against accidental or intentional changes used to transmit information with high integrity requirements and does this method meet the current state of the art?
- Is there a basis on which the encryption, checksum and digital signature procedures are trusted?