Advertisement

Where Security Began

  • Catherine H. Gebotys
Chapter
Part of the Embedded Systems book series (EMSY)

Abstract

This chapter will briefly introduce important security concepts and terminology. It will also briefly look at the history of security along with the history of the side channel. The security concepts are discussed with respect to Alice and Bob to be consistent with the field of cryptography; however, throughout the remainder of the book we will assume that Alice and Bob can in fact be embedded devices.

The four main security concepts used today are as follows: Confidentiality, integrity, authentication, and nonrepudiation.

We will discuss these concepts using the communication of messages between point A and point B or specifically communications between Alice and Bob on the channel. This will maintain consistency with many other cryptographic texts that use Alice and Bob. The channel, shown in Fig. 1.1a, is a very general concept and could represent a wire (for communication over a wired network) or electromagnetic waves (for wireless communications using cell phones). Security is designed for this channel with Eve in mind. Eve is named after the eavesdropper. However, she is in general an attacker or adversary. As shown in Fig. 1.1b Eve can eavesdrop to see all data on the channel. In Fig. 1.1c Eve can intercept data on the channel, modify it, and send it on to the destination. Finally in Fig. 1.1d Eve can intercept messages and masquerade as Bob without Bob receiving any of his intended messages. Of course, depending upon specifics of the channel some or none of these attacks may be possible. Additionally there may be other attacks such as Eve initiating communication on the channel, or Eve masquerading as both Alice and Bob, in order to attack communications between Alice and Bob, etc.

Keywords

Smart Card Side Channel Message Authentication Code Account Number Side Channel Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. Anderson R (2001) Security engineering. Wiley, New YorkGoogle Scholar
  2. Britannica Web site. History of cryptology – early cryptographic systems and applications. http://www.britannica.com/EBchecked/topic/145058/cryptology/25638/Early-cryptographic-systems-and-applications#ref=ref392544
  3. Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inform Theory IT-22(6):644–654Google Scholar
  4. Kocher P, Jaffe J, Jun N B (1999) Differential power analysis. In: CRYPTO’99. Springer, New York, pp 388–397Google Scholar
  5. Kuhn M, Anderson R (1998) Soft Tempest: hidden data transmission using eelctromagnetic emanations. In: Aucsmith D (ed) Information hiding, second international workshop, IH’98, Portland, OR, April 15–17, 1998, Proceedings, LNCS 1525, Springer, New York, pp 124–142Google Scholar
  6. Mogollon M (2007) Cryptography and security services, Cybertech, Hershey, New YorkGoogle Scholar
  7. McNamara (2004) The complete, unofficial tempest information page. http://www.eskimo.com/~joelm/tempestmisc.html
  8. NSA-Venona Web site. The Venona story, center for cryptologic history. http://www.nsa.gov/about/_files/cryptologic_heritage/publications/coldwar/venona_story.pdf
  9. Siemon (2002) Government levels of security enhanced with TERA cabling system. http://www.siemon.com/us/white_papers/06--03--02-tera-security-government.asp
  10. Simmons D (2009) Discussions with Dave Simmons. July 2009Google Scholar
  11. Singh S (1999) The code book. Anchor Books, Random House, New YorkGoogle Scholar
  12. Tempest-release (2007) TEMPEST: a signal problem. http://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf
  13. Tempest-release (2008) A history of U.S. communications security – the David G. Boak lectures. http://www.nsa.gov/public_info/_files/cryptologic_histories/history_comsec.pdf
  14. VanTilborg HC (2005) Encyclopedia of cryptography and security. Springer, New YorkCrossRefGoogle Scholar
  15. Virtual Exhibition in Informatics. Making cash dispensers safer with DES. Virtual Exhibition in Informatics, Universitat Klagenfurt. http://cs-exhibitions.uni-klu.ac.at/index.php?id=264
  16. Walton J (2009) Authenticated encryption. http://www.codeproject.com/KB/security/Encrypt ThenAuthenticate.aspx
  17. Wolfe HM, Schmidt RP, Thompson TN (1970) Working against the tide, Part 1: COMSEC monitoring and analysis. http://www.nsa.gov/public_info/_files/cryptologic_quarterly/work_against_tide.pdf
  18. Wright P (1987a) Spycatcher – The candid autobiography of a senior intelligence officer. William Heinemann, AustraliaGoogle Scholar
  19. Wright P (1987b) Spycatcher, Penguin Viking, New YorkGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Department of Electrical & Computer EngineeringUniversity of WaterlooWaterlooCanada

Personalised recommendations