IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
Confidentiality
As the messages are to be encrypted, one or more encryption algorithms must
be implemented. On account of the higher performance that they offer,
symmetrical procedures tend to suggest themselves.
Key management
- Creation: the keys for the symmetrical procedure must be generated by a
suitable (random) process in such a way that guessing or predicting further
keys is practically impossible, even if some of the preceding keys are
known.
- Key agreement/exchange: as the central provision of keys by means of
symmetrical procedures is out of the question in the Internet simply
because of the sheer mass of potential communications partners, the use of
asymmetrical procedures for key agreement and key exchange is
imperative.
Authenticity
As an asymmetrical procedure is implemented anyway because of the
requirements relating to key management (and non-repudiation may be
required), a digital signature is used for this purpose. Signature keys should be
used solely for the purpose of attaching signatures. In this connection, as is
always the case when using public key techniques, the problem of the
authenticity of public keys has to be solved.
Non-repudiation
Non-repudiation requires a public key infrastructure (PKI: registration of users
and certification of public keys by a trustworthy third party, including rules of
use). At present, however, there is no such thing as a global PKI, and it is
therefore difficult to obtain a non-repudiated proof of origin for e-mails from
previously unknown users. In a local network a suitable PKI would have to be
created for this purpose.
Conformity with standards
For reasons of interoperability and to protect investment, it makes sense to use
Internet standards which are as widespread and broadly accepted as possible.
Both S/MIME and PGP are still at the standardisation stage.
Example 3: Secure voice and data communications over ISDN network
connections
The following example of application looks at communication via ISDN. The
applications to be protected are speech traffic and video conferences, together
with data traffic between computer networks. The aim is to ensure the
effective protection of confidential information and non-repudiated personal
data transferred via the connections. It is assumed that all information that is
to be transmitted is available in digital form (PCM code) and that the voice
compression commonly used in corporate networks and PBXs can be
deactivated for encrypted applications so that the user information channels (B
channels) can be encrypted.
To achieve this, an ISDN security component is to be used to protect an S0
connection with two 64 kbit/s channels. It is of no consequence whether
individual ISDN terminal devices (telephone, fax, PC with plug-in ISDN card
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000