has no user identification or authorization, and anyone who sits down has full

access and control over the machine.

o Level C1 includes user identification and authorization, and some means of
controlling what users are allowed to access what files. It is designed for use by a
group of mostly cooperating users, and describes most common UNIX systems.
o Level C2 adds individual-level control and monitoring. For example file access
control can be allowed or denied on a per-individual basis, and the system
administrator can monitor and log the activities of specific individuals. Another
restriction is that when one user uses a system resource and then returns it back to
the system, another user who uses the same resource later cannot read any of the
information that the first user stored there. (I.e. buffers, etc. are wiped out
between users, and are not left full of old contents.) Some special secure versions
of UNIX have been certified for C2 security levels, such as SCO.
o Level B adds sensitivity labels on each object in the system, such as "secret", "top
secret", and "confidential". Individual users have different clearance levels, which
controls which objects they are able to access. All human-readable documents are
labeled at both the top and bottom with the sensitivity level of the file.
o Level B2 extends sensitivity labels to all system resources, including devices. B2
also supports covert channels and the auditing of events that could exploit covert
channels.
o B3 allows creation of access-control lists that denote users NOT given access to
specific objects.
o Class A is the highest level of security. Architecturally it is the same as B3, but it
is developed using formal methods which can be used to prove that the system
meets all requirements and cannot have any possible bugs or other vulnerabilities.
Systems in class A and higher may be developed by trusted personnel in secure
facilities.
o These classifications determine what a system can implement, but it is up to
security policy to determine how they are implemented in practice. These systems
and policies can be reviewed and certified by trusted organizations, such as the
National Computer Security Centre. Other standards may dictate physical
protections and other issues.

An Example: Windows XP
 Windows XP is a general purpose OS designed to support a wide variety of security
features and methods. It is based on user accounts which can be grouped in any manner.
 When a user logs on, a security access token is issued that includes the security ID for
the user, security IDs for any groups of which the user is a member, and a list of any
special privileges the user has, such as performing backups, shutting down the system,
and changing the system clock.
 Every process running on behalf of a user gets a copy of the user’s security token, which
determines the privileges of that process running on behalf of that user.
 Authentication is normally done via passwords, but the modular design of XP allows for
alternative authentication such as retinal scans or fingerprint readers.
 Windows XP includes built-in auditing that allows many common security threats to be
monitored, such as successful and unsuccessful logins, logouts, attempts to write to
executable files, and access to certain sensitive files.

196
  Security attributes of objects are described by security descriptors, which include the ID
of the owner, group ownership for POSIX subsystems only, a discretionary access-
control list describing exactly what permissions each user or group on the system has for
this particular object, and auditing control information.
 The access control lists include for each specified user or group either Access Allowed or
Access Denied for the following types of actions: Read Data, Write Data, Append Data,
Execute, Read Attributes, Write Attributes, ReadExtendedAttribute, and
WriteExtendedAttribute.
 Container objects such as directories can logically contain other objects. When a new
object is created in a container or copied into a container, by default it inherits the
permissions of the new container. No container objects inherit any other permission. If
the permissions of the container are changed later, that does not affect the permissions of
the contained objects.
 Although Windows XP is capable of supporting a secure system, many of the security
features are not enabled by default, resulting in a fair number of security breaches on XP
systems. There are also a large number of system daemons and other programs that start
automatically at start-up, whether the system administrator has thought about them or not.
(My system currently has 54 processes running, most of which I did not deliberately start
and which have short cryptic names which makes it hard to divine exactly what they do
or why. Faced with this situation, most users and administrators will simply leave alone
anything they don't understand. )

5.3 Security
The Security Problem

 Protection dealt with protecting files and other resources from accidental misuse by
cooperating users sharing a system, generally using the computer for normal purposes.
 Security deals with protecting systems from deliberate attacks, either internal or external,
from individuals intentionally attempting to steal information, damage information, or
otherwise deliberately wreak havoc in some manner.
 Some of the most common types of violations include:
o Breach of Confidentiality - Theft of private or confidential information, such as
credit-card numbers, trade secrets, patents, secret formulas, manufacturing
procedures, medical information, financial information, etc.
o Breach of Integrity - Unauthorized modification of data, which may have serious
indirect consequences. For example a popular game or other program's source
code could be modified to open up security holes on users systems before being
released to the public.
o Breach of Availability - Unauthorized destruction of data, often just for the "fun"
of causing havoc and for bragging rites. Vandalism of web sites is a common
form of this violation.
o Theft of Service - Unauthorized use of resources, such as theft of CPU cycles,
installation of daemons running an unauthorized file server, or tapping into the
target's telephone or networking services.
o Denial of Service, DOS - Preventing legitimate users from using the system, often
by overloading and overwhelming the system with an excess of requests for
service.

197
 One common attack is masquerading, in which the attacker pretends to be a trusted third
party. A variation of this is the man-in-the-middle, in which the attacker masquerades as
both ends of the conversation to two targets.
 A replay attack involves repeating a valid transmission. Sometimes this can be the entire
attack, (such as repeating a request for a money transfer), or other times the content of the
original message is replaced

with malicious content.

Figure - Standard security attacks.

 There are four levels at which a system must be protected:

1. Physical - The easiest way to steal data is to pocket the backup tapes. Also,
access to the root console will often give the user special privileges, such as
rebooting the system as root from removable media. Even general access to
terminals in a computer room offers some opportunities for an attacker, although
today's modern high-speed networking environment provides more and more
opportunities for remote attacks.
2. Human - There is some concern that the humans who are allowed access to a
system be trustworthy, and that they cannot be coerced into breaching security.
However more and more attacks today are made via social engineering, which
basically means fooling trustworthy people into accidentally breaching security.

198
  Phishing involves sending an innocent-looking e-mail or web site
designed to fool people into revealing confidential information. E.g. spam
e-mails pretending to be from e-Bay, PayPal, or any of a number of banks
or credit-card companies.
 Dumpster Diving involves searching the trash or other locations for
passwords that are written down. (Note: Passwords that are too hard to
remember, or which must be changed frequently are more likely to be
written down somewhere close to the user's station.)
 Password Cracking involves divining user’s passwords, either by
watching them type in their passwords, knowing something about them
like their pet's names, or simply trying all words in common dictionaries.
(Note: "Good" passwords should involve a minimum number of
characters, include non-alphabetical characters, and not appear in any
dictionary (in any language), and should be changed frequently. Note also
that it is proper etiquette to look away from the keyboard while someone
else is entering their password. )
3. Operating System - The OS must protect itself from security breaches, such as
runaway processes (denial of service), memory-access violations, stack overflow
violations, the launching of programs with excessive privileges, and many others.
4. Network - As network communications become ever more important and
pervasive in modern computing environments, it becomes ever more important to
protect this area of the system. (Both protecting the network itself from attack,
and protecting the local system from attacks coming in through the network.) This
is a growing area of concern as wireless communications and portable devices
become more and more prevalent.

Program Threats
 There are many common threats to modern systems. Only a few are discussed here.

Trojan Horse

 A Trojan Horse is a program that secretly performs some maliciousness in addition to its
visible actions.
 Some Trojan horses are deliberately written as such, and others are the result of
legitimate programs that have become infected with viruses, (see below.)
 One dangerous opening for Trojan horses is long search paths, and in particular paths
which include the current directory (“.”) as part of the path. If a dangerous program
having the same name as a legitimate program (or a common mis-spelling, such as "sl"
instead of "ls”) is placed anywhere on the path, then an unsuspecting user may be fooled
into running the wrong program by mistake.
 Another classic Trojan Horse is a login emulator, which records a users account name
and password, issues a "password incorrect" message, and then logs off the system. The
user then tries again (with a proper login prompt), logs in successfully, and doesn't realize
that their information has been stolen.
 Two solutions to Trojan Horses are to have the system print usage statistics on logouts,
and to require the typing of non-trappable key sequences such as Control-Alt-Delete in
order to log in. (This is why modern Windows systems require the Control-Alt-Delete

199
 sequence to commence logging in, which cannot be emulated or caught by ordinary
programs. I.e. that key sequence always transfers control over to the operating system. )
 Spy ware is a version of a Trojan Horse that is often included in "free" software
downloaded off the Internet. Spy ware programs generate pop-up browser windows, and
may also accumulate information about the user and deliver it to some central site. (This
is an example of covert channels, in which surreptitious communications occur.) Another
common task of spyware is to send out spam e-mail messages, which then purportedly
come from the infected user.

Trap Door

 A Trap Door is when a designer or a programmer (or hacker) deliberately

inserts a security hole that they can use later to access the system.
 Because of the possibility of trap doors, once a system has been in an
untrustworthy state, that system can never be trusted again. Even the backup
tapes may contain a copy of some cleverly hidden back door.
 A clever trap door could be inserted into a compiler, so that any programs
compiled with that compiler would contain a security hole. This is especially
dangerous, because inspection of the code being compiled would not reveal any
problems.

Logic Bomb

 A Logic Bomb is code that is not designed to cause havoc all the time, but only
when a certain set of circumstances occurs, such as when a particular date or
time is reached or some other noticeable event.
 A classic example is the Dead-Man Switch, which is designed to check
whether a certain person (e.g. the author) is logging in every day, and if they
don't log in for a long time (presumably because they've been fired), then the
logic bomb goes off and either opens up security holes or causes other
problems.

Stack and Buffer Overflow

 This is a classic method of attack, which exploits bugs in system code that
allows buffers to overflow. Consider what happens in the following code, for
example, if argv[ 1 ] exceeds 256 characters:
o The strcpy command will overflow the buffer, overwriting
adjacent areas of memory.
o (The problem could be avoided using strncpy, with a limit of 255
characters copied plus room for the null byte.)

200
 #include
#define BUFFER_SIZE 256

int main( int argc, char * argv[ ] )

{
char buffer[ BUFFER_SIZE ];

if( argc < 2 )

return -1;
else {
strcpy( buffer, argv[ 1 ] );
return 0;
}
}

Figure - C program with buffer-overflow condition.

 So how does overflowing the buffer cause a security breach? Well the first step is to
understand the structure of the stack in memory:
o The "bottom" of the stack is actually at a high memory address, and the
stack grows towards lower addresses.
o However the address of an array is the lowest address of the array, and
higher array elements extend to higher addresses. (I.e. an array "grows"
towards the bottom of the stack.
o In particular, writing past the top of an array, as occurs when a buffer
overflows with too much input data, can eventually overwrite the return
address, effectively changing where the program jumps to when it returns.

Figure- The layout for a typical stack frame.

 Now that we know how to change where the program returns to by overflowing the
buffer, the second step is to insert some nefarious code, and then get the program to jump
to our inserted code.
 Our only opportunity to enter code is via the input into the buffer, which means there isn't
room for very much. One of the simplest and most obvious approaches is to insert the
code for "exec (/bin/sh)". To do this requires compiling a program that contains this
instruction, and then using an assembler or debugging tool to extract the minimum extent
that includes the necessary instructions.

201
  The bad code is then padded with as many extra bytes as are needed to overflow the
buffer to the correct extent, and the address of the buffer inserted into the return address
location. (Note, however, that neither the bad code nor the padding can contain null
bytes, which would terminate the strcpy.)
 The resulting block of information is provided as "input", copied into the buffer by the
original program, and then the return statement causes control to jump to the location of
the buffer and start executing the code to launch a shell.

Figure - Hypothetical stack frame for Figure 15.2, (a) before and (b) after.

 Unfortunately famous hacks such as the buffer overflow attack are well published and
well known, and it doesn't take a lot of skill to follow the instructions and start attacking
lots of systems until the law of averages eventually works out. (Script Kiddies are those
hackers with only rudimentary skills of their own but the ability to copy the efforts of
others.)
 Fortunately modern hardware now includes a bit in the page tables to mark certain pages
as non-executable. In this case the buffer-overflow attack would work up to a point, but
as soon as it "returns" to an address in the data space and tries executing statements there,
an exception would be thrown crashing the program.

Viruses
 A virus is a fragment of code embedded in an otherwise legitimate program, designed to
replicate itself (by infecting other programs), and (eventually) wreaking havoc.
 Viruses are more likely to infect PCs than UNIX or other multi-user systems, because
programs in the latter systems have limited authority to modify other programs or to
access critical system structures (such as the boot block.)
 Viruses are delivered to systems in a virus dropper, usually some form of a Trojan Horse,
and usually via e-mail or unsafe downloads.
 Viruses take many forms (see below.) Figure 15.5 shows typical operation of a boot
sector virus:

202
 Figure - A boot-sector computer virus.

 Some of the forms of viruses include:

o File - A file virus attaches itself to an executable file, causing it to run the
virus code first and then jump to the start of the original program. These
viruses are termed parasitic, because they do not leave any new files on
the system, and the original program is still fully functional.
o Boot - A boot virus occupies the boot sector, and runs before the OS is
loaded. These are also known as memory viruses, because in operation
they reside in memory, and do not appear in the file system.
o Macro - These viruses exist as a macro (script) that is run automatically
by certain macro-capable programs such as MS Word or Excel. These
viruses can exist in word processing documents or spreadsheet files.
o Source code viruses look for source code and infect it in order to spread.
o Polymorphic viruses change every time they spread - Not their underlying
functionality, but just their signature, by which virus checkers recognize
them.
o Encrypted viruses travel in encrypted form to escape detection. In
practice they are self-decrypting, which then allows them to infect other
files.
o Stealth viruses try to avoid detection by modifying parts of the system
that could be used to detect it. For example the read ( ) system call could
be modified so that if an infected file is read the infected part gets skipped
and the reader would see the original unadulterated file.

203
 o Tunneling viruses attempt to avoid detection by inserting themselves into
the interrupt handler chain, or into device drivers.
o Multipartite viruses attack multiple parts of the system, such as files,
boot sector, and memory.
o Armoured viruses are coded to make them hard for anti-virus researchers
to decode and understand. In addition many files associated with viruses
are hidden, protected, or given innocuous looking names such as "...".
 In 2004 a virus exploited three bugs in Microsoft products to infect hundreds of Windows
servers ( including many trusted sites ) running Microsoft Internet Information Server,
which in turn infected any Microsoft Internet Explorer web browser that visited any of
the infected server sites. One of the back-door programs it installed was a keystroke
logger, which records user’s keystrokes, including passwords and other sensitive
information.
 There is some debate in the computing community as to whether a monoculture, in
which nearly all systems run the same hardware, operating system, and applications,
increases the threat of viruses and the potential for harm caused by them.

System and Network Threats

 Most of the threats described above are termed program threats, because they attack
specific programs or are carried and distributed in programs. The threats in this section
attack the operating system or the network itself, or leverage those systems to launch
their attacks.

Worms
 A worm is a process that uses the fork / spawns process to make copies of itself in order
to wreak havoc on a system. Worms consume system resources, often blocking out other,
legitimate processes. Worms that propagate over networks can be especially problematic,
as they can tie up vast amounts of network resources and bring down large-scale systems.
 One of the most well-known worms was launched by Robert Morris, a graduate student
at Cornell, in November 1988. Targeting Sun and VAX computers running BSD UNIX
version 4, the worm spanned the Internet in a matter of a few hours, and consumed
enough resources to bring down many systems.
 This worm consisted of two parts:

3. A small program called a grappling hook, which was deposited on the

target system through one of three vulnerabilities, and
4. The main worm program, which was transferred onto the target system
and launched by the grappling hook program.

204
 Figure - The Morris Internet worm.

 The three vulnerabilities exploited by the Morris Internet worm were as follows:

7. rsh (remote shell) is a utility that was in common use at that time for
accessing remote systems without having to provide a password. If a user
had an account on two different computers (with the same account name
on both systems), then the system could be configured to allow that user to
remotely connect from one system to the other without having to provide a
password. Many systems were configured so that any user (except root) on
system A could access the same account on system B without providing a
password.
8. finger is a utility that allows one to remotely query a user database, to find
the true name and other information for a given account name on a given
system. For example "finger [email protected]" would access
the finger daemon at somemachine.edu and return information regarding
joeUser. Unfortunately the finger daemon (which ran with system
privileges) had the buffer overflow problem, so by sending a special 536-
character user name the worm was able to fork a shell on the remote
system running with root privileges.
9. send mail is a routine for sending and forwarding mail that also included a
debugging option for verifying and testing the system. The debug feature
was convenient for administrators, and was often left turned on. The
Morris worm exploited the debugger to mail and executes a copy of the
grappling hook program on the remote system.

 Once in place, the worm undertook systematic attacks to discover user passwords:

10. First it would check for accounts for which the account name and the
password were the same, such as "guest", "guest".
11. Then it would try an internal dictionary of 432 favorite password choices.
(I’m sure "password", "pass", and blank passwords were all on the list.)
12. Finally it would try every word in the standard UNIX on-line dictionary to
try and break into user accounts.

205
  Once it had gotten access to one or more user accounts, then it would attempt to use those
accounts to rsh to other systems, and continue the process.
 With each new access the worm would check for already running copies of itself, and 6
out of 7 times if it found one it would stop. (The seventh was to prevent the worm from
being stopped by fake copies.)
 Fortunately the same rapid network connectivity that allowed the worm to propagate so
quickly also quickly led to its demise - Within 24 hours remedies for stopping the worm
propagated through the Internet from administrator to administrator, and the worm was
quickly shut down.
 There is some debate about whether Mr. Morris's actions were a harmless prank or
research project that got out of hand or a deliberate and malicious attack on the Internet.
However the court system convicted him, and penalized him heavy fines and court costs.
 There have since been many other worm attacks, including the W32.Sobig.F@mm attack
which infected hundreds of thousands of computers and an estimated 1 in 17 e-mails in
August 2003. This worm made detection difficult by varying the subject line of the
infection-carrying mail message, including "Thank You!", "Your details", and "Re:
Approved".

Port Scanning
 Port Scanning is technically not an attack, but rather a search for vulnerabilities to
attack. The basic idea is to systematically attempt to connect to every known (or common
or possible) network port on some remote machine, and to attempt to make contact. Once
it is determined that a particular computer is listening to a particular port, then the next
step is to determine what daemon is listening, and whether or not it is a version
containing a known security flaw that can be exploited.
 Because port scanning is easily detected and traced, it is usually launched from zombie
systems, i.e. previously hacked systems that are being used without the knowledge or
permission of their rightful owner. For this reason it is important to protect "innocuous"
systems and accounts as well as those that contain sensitive information or special
privileges.
 There are also port scanners available that administrators can use to check their own
systems, which report any weaknesses found but which do not exploit the weaknesses or
cause any problems. Two such systems are nmap ( http://www.insecure.org/nmap )
and nessus ( http://www.nessus.org ). The former identifies what OS is found, what
firewalls are in place, and what services are listening to what ports. The latter also
contains a database of known security holes, and identifies any that it finds.

Denial of Service
 Denial of Service ( DOS ) attacks do not attempt to actually access or damage systems,
but merely to clog them up so badly that they cannot be used for any useful work. Tight
loops that repeatedly request system services are an obvious form of this attack.
 DOS attacks can also involve social engineering, such as the Internet chain letters that
say "send this immediately to 10 of your friends, and then go to a certain URL", which
clogs up not only the Internet mail system but also the web server to which everyone is
directed. ( Note: Sending a "reply all" to such a message notifying everyone that it was

206
 just a hoax also clogs up the Internet mail service, just as effectively as if you had
forwarded the thing. )
 Security systems that lock accounts after a certain number of failed login attempts are
subject to DOS attacks which repeatedly attempt logins to all accounts with invalid
passwords strictly in order to lock up all accounts.
 Sometimes DOS is not the result of deliberate maliciousness. Consider for example:

o A web site that sees a huge volume of hits as a result of a successful

advertising campaign.
o CNN.com occasionally gets overwhelmed on big news days, such as Sept
11, 2001.
o CS students given their first programming assignment involving fork( )
often quickly fill up process tables or otherwise completely consume
system resources. :-)
o ( Please use ipcs and ipcrm when working on the inter-process
communications assignment ! )

Cryptography as a Security Tool

 Within a given computer the transmittal of messages is safe, reliable and secure, because
the OS knows exactly where each one is coming from and where it is going.
 On a network, however, things aren't so straightforward - A rogue computer ( or e-mail
sender ) may spoof their identity, and outgoing packets are delivered to a lot of other
computers besides their ( intended ) final destination, which brings up two big questions
of security:
o Trust - How can the system be sure that the messages received are really from the
source that they say they are, and can that source be trusted?
o Confidentiality - How can one ensure that the messages one is sending are
received only by the intended recipient?
 Cryptography can help with both of these problems, through a system
of secrets and keys. In the former case, the key is held by the sender, so that the recipient
knows that only the authentic author could have sent the message; In the latter, the key is
held by the recipient, so that only the intended recipient can receive the message
accurately.
 Keys are designed so that they cannot be divined from any public information, and must
be guarded carefully. ( Asymmetric encryption involves both a public and a private
key. )

Encryption

 The basic idea of encryption is to encode a message so that only the desired recipient can
decode and read it. Encryption has been around since before the days of Caesar, and is an
entire field of study in itself. Only some of the more significant computer encryption
schemes will be covered here.
 The basic process of encryption is shown in Figure 15.7, and will form the basis of most
of our discussion on encryption. The steps in the procedure and some of the key
terminology are as follows:

207
 8. The sender first creates a message, m in plaintext.
9. The message is then entered into an encryption algorithm, E, along with
the encryption key, Ke.
10. The encryption algorithm generates the cipher text, c, = E(Ke)(m). For
any key k, E(k) is an algorithm for generating cipher text from a message,
and both E and E(k) should be efficiently computable functions.
11. The cipher text can then be sent over an unsecured network, where it may
be received by attackers.
12. The recipient enters the cipher text into a decryption algorithm, D, along
with the decryption key, Kd.
13. The decryption algorithm re-generates the plaintext message, m, =
D(Kd)(c). For any key k, D(k) is an algorithm for generating a clear text
message from a cipher text, and both D and D(k) should be efficiently
computable functions.
14. The algorithms described here must have this important property: Given a
cipher text c, a computer can only compute a message m such that c =
E(k)(m) if it possesses D(k). ( In other words, the messages can't be
decoded unless you have the decryption algorithm and the decryption key.
)

Figure - A secure communication over an insecure medium.

Symmetric Encryption

 With symmetric encryption the same key is used for both encryption and decryption, and
must be safely guarded. There are a number of well-known symmetric encryption
algorithms that have been used for computer security:

208
 o The Data-Encryption Standard, DES, developed by the National
Institute of Standards, NIST, has been a standard civilian
encryption standard for over 20 years. Messages are broken down
into 64-bit chunks, each of which is encrypted using a 56-bit key
through a series of substitutions and transformations. Some of the
transformations are hidden ( black boxes ), and are classified by
the U.S. government.
o DES is known as a block cipher, because it works on blocks of
data at a time. Unfortunately this is vulnerability if the same key is
used for an extended amount of data. Therefore an enhancement is
to not only encrypt each block, but also to XOR it with the
previous block, in a technique known as cipher-block chaining.
o As modern computers become faster and faster, the security of
DES has decreased, to where it is now considered insecure because
its keys can be exhaustively searched within a reasonable amount
of computer time. An enhancement called triple DES encrypts the
data three times using three separate keys ( actually two
encryptions and one decryption ) for an effective key length of 168
bits. Triple DES is in widespread use today.
o The Advanced Encryption Standard, AES, developed by NIST in
2001 to replace DES uses key lengths of 128, 192, or 256 bits, and
encrypts in blocks of 128 bits using 10 to 14 rounds of
transformations on a matrix formed from the block.
o The two fish algorithm, uses variable key lengths up to 256 bits
and works on 128 bit blocks.
o RC5 can vary in key length, block size, and the number of
transformations, and runs on a wide variety of CPUs using only
basic computations.
o RC4 is a stream cipher, meaning it acts on a stream of data rather
than blocks. The key is used to seed a pseudo-random number
generator, which generates a key stream of keys. RC4 is used
in WEP, but has been found to be breakable in a reasonable
amount of computer time.

Asymmetric Encryption

 With asymmetric encryption, the decryption key, Kd, is not the same as the encryption
key, Ke, and more importantly cannot be derived from it, which means the encryption
key can be made publicly available, and only the decryption key needs to be kept secret. (
or vice-versa, depending on the application. )
 One of the most widely used asymmetric encryption algorithms is RSA, named after its
developers - Rivest, Shamir, and Adleman.
 RSA is based on two large prime numbers, p and q, ( on the order of 512 bits each ), and
their product N.

o Ke and Kd must satisfy the relationship:

( Ke * Kd ) % [ ( p - 1 ) * ( q - 1 ) ] = = 1
o The encryption algorithm is:
c = E(Ke)(m) = m^Ke % N

209
 o The decryption algorithm is:
m = D(Kd)(c) = c^Kd % N
 An example using small numbers:
o p=7
o q = 13
o N = 7 * 13 = 91
o ( p - 1 ) * ( q - 1 ) = 6 * 12 = 72
o Select Ke < 72 and relatively prime to 72, say 5
o Now select Kd, such that ( Ke * Kd ) % 72 = = 1, say 29
o The public key is now ( 5, 91 ) and the private key is ( 29, 91 )
o Let the message, m = 42
o Encrypt: c = 42^5 % 91 = 35
o Decrypt: m = 35^29 % 91 = 42

Figure - Encryption and decryption using RSA asymmetric cryptography

 Note that asymmetric encryption is much more computationally expensive

than symmetric encryption, and as such it is not normally used for large
transmissions. Asymmetric encryption is suitable for small messages,
authentication, and key distribution, as covered in the following sections.

Authentication

 Authentication involves verifying the identity of the entity that transmitted a message.

210