Methods for evaluating cryptographic strength

Let’s now focus on evaluating the cryptographic strength of today’s cryptographic algorithms. Let’s start with a description of the secret key opening model. The model is based on the following assumptions.
Moore’s law, according to which the computing performance of microprocessors increases 2 times every 18 months or, what is the same, about 100 times every 10 years. In 2005, a typical personal computer connected to the Internet has a performance of about 1000 MIPS (1 MIPS refers to the performance of the old DEC VAX11/780 computer). Therefore, the average PC performance in 2010 will be 10,000 MIPS.
Estimates of the number of computers in the world show that in 2005, the number of computers is 300 million. The growth rate of the number of computers is 10 times in 10 years. In other words, in 2010, the number of computers will be equal to 1 billion. According to experts, 0.3% of all computers connected to the Internet can be involved in a crypto attack (such attacks are classified as Open Project and are more calculated on public opinion than really aimed at compromising the secret key). It is assumed that in the future, the percentage of computers that can be involved in a crypto attack will be 0.1%.

In addition to attacks belonging to the Open Project class, there are attacks belonging to the Covert Project class, the essence of which is that underused cycles of corporate computing systems are used. For example, the computing power of a computer system from Sun Microsystems alone was 100,000 MIPS in 2000. Thus, already in 2010, the computing power intended for the Covert Attack class will be 100 million MIPS.

It is assumed that the reasonable time allowed for a crypto attack is one year.
The table below shows the available computing power, expressed in MY (1 MY = MIPS x 1 year).
Table B2
Estimation of the computing power available for conducting a cryptographic attack

Year Covert Attack Open Project
2005 3106 3108
2010 108 1010
2020 1011 1013

Data on the cryptographic strength of symmetric encryption algorithms and the RSA algorithm.
Cryptographic security of encryption algorithms

Secret key length, bit Length of the RSA key module, bit cryptographic Strength,
64 512 z-U4
80 768 2-108
90 1024 z-Y11
98 1280 1014
106 1536 z-U16
120 2048 z-Y20

The table shows that in 2005, the symmetric algorithms with a key length of at least 90 bits and the RSA algorithm with a module length of at least 1024 bits are stable.
The fact that the computing power that can be used for cryptographic attacks has grown 1000 times over 10 years means that the minimum size of the symmetric key and the asymmetric key must be increased by about 10 and 20 bits, respectively, over the same period of time.
Key management systems
With the advent of a large number of cryptosystems based on the use of encryption standards accepted in the world, a new and equally important problem arose: for the exchange of encrypted messages between two participants in the cryptosystem, it is necessary that both participants in the exchange were previously delivered carefully kept secret keys for encrypting and decrypting messages.
This problem becomes more complex the more users want to exchange encrypted messages among themselves. So, for a network of N users, you must have N(N – 1)/2 different keys in action at the same time. Then at N = 1000 the number of necessary keys will be close to half a million. Since for security reasons, secret keys for encryption must be changed as often as possible, the production, packaging and distribution of them with reliable couriers from a certain absolutely reliable center (as is usually done in existing systems of “closed communication”), becomes an almost insoluble task.
An attempt to solve the problem of key distribution by traditional methods adopted back in the 1980s usually leads to so many violations by users of the requirements of controlling services that almost all information protection in such systems is at best a waste of money.
The solution to the key distribution problem was found using the public Key Infrastructure (PKI) technology. The essence of this technology is that users independently and independently generate their individual keys, which they keep secret from everyone on their individual media (a floppy disk, a special magnetic or microprocessor card, a tablet of non-volatile memory Touch Memory, etc.). Then, each user calculates their so-called “public key” using a well-known procedure. a block of information that it makes publicly available to anyone with whom it would like to exchange confidential messages.
Users can exchange public keys with each other immediately before sending encrypted messages. Another easier alternative from an organizational point of view is to assign a third party to collect all users ‘ public keys into a single directory. The directory administrator must certify users ‘ public keys with their signature and send this directory to all other exchange participants. Today, public key administration services are commonly referred to as certificate authorities (CA).
The X. 500 Protocol can be used as a standard for a single key catalog.
Public keys certified by the CA are called certificates. A public key certificate is an object that binds a user to their key. The certificate is used for verifying the digital signature.
Certificates are usually stored as single directory service objects on dedicated servers. If the key is compromised or the certificate data is changed, the certificates must be revoked. To do this, they are entered in the Certificate Revocation List (CRL) maintained by the CA.
The ANSI X. 509 specification is widely used as a standard describing the format of public key certificates.Most of the known open protocols that protect data from unauthorized access, such as SET, SSL, S-HTTP, and others, use X. 509 certificates. Today, the third version of the X. 509 standard is used.
The main task of the certificate is to establish a match between the user and his public key. The fields of the certificate of the X. 509 standard include:

version number of the X. 509 standard;
certificate number;
ID of the EDS algorithm;
ID of the certification service that issued the certificate;
ID of the certificate owner;
the validity of the certificate;
certified public key;
certificate signature made by the CA.

The most widely used technology in the world for public key distribution for encrypting confidential messages is in corporate telecommunications networks and public electronic data exchange networks, primarily the Internet. American programmer Philip Zimmerman (Zimmerman) even wrote a public software package for e-mail messaging, called PGP (Pretty Good Privacy).
The PGP package successfully combines the ability to encrypt messages using symmetric block algorithms, distribute symmetric keys using the RSA asymmetric encryption algorithm, and create electronic signatures for messages. The PGP package provided even people who had never met before with a convenient means to exchange information.
In addition to PGP, there are other key management systems. The Kerberos Protocol developed at the Massachusetts Institute of technology is quite popular. The Protocol implements several functions. One of them is storing private keys in a secure database. The key is only known to Kerberos and its owner. Another feature is a trusted intermediary between two subscribers who want to exchange private keys. The Kerberos Protocol also provides user authentication and key distribution services.
The SKIP (Simple Key Management for Internet Protocols) Protocol is also known. This is a key management Protocol developed by SUN Microsystems. SKIP is easy to implement. It describes how to calculate a key based on public key certificates. However, using SKIP imposes certain restrictions on the choice of encryption and hashing algorithms.

The SKIP Protocol is declared as an optional component of the IPSec (Internet Protocol Security) specification.
In addition to the listed protocols, the Diffie-Hellman and KEA (Key Exchange Algorithm) algorithms are used for key management.
PKI infrastructures are currently implemented on the basis of specialized products, such as RSA KEON (RSA Security), UniCERT (Baltimore), Notary-PRO (Signal-COM), CryptoPro CSP (Crypto-PRO), and others.

Security of authorization of smart card holders during online transactions
MasterCard UCAF and EMV smart cards guarantee secure online payments.

Market needs
Today, new channels for providing services to clients are becoming more and more relevant in banking. The development of the Internet and the popularity of mobile phones and other wireless devices require MasterCard and its member banks to be able to make payments through these channels in a reliable and secure manner. Regardless of whether the payment is made using a mobile phone, set-top box, pocket or laptop computer, MasterCard is committed to ensuring that transactions are processed in a fast, reliable and secure manner.
The main tasks of merchants, issuers and acquirers are to ensure the security of remote channels and authorization of the cardholder. In e-Commerce and mobile Commerce, there are no checks that the customer signs to confirm the transaction. As a result, the costs of merchants and banks associated with returning online transactions are increasing. In fact, 84% of all refunds in e-Commerce are related to “cardholder authorization rejection” (refund code 37) 1.1 INET Reports, 4th quarter 2000.

Taking these factors into account, MasterCard has developed the UCAF (Universal Cardholder Authentication Field) technology as a standard for a global method of collecting data about cardholders required for authorization at points of interaction of remote channels, including the Internet and mobile devices.
UCAF standardizes the way data is transmitted between all participants in a transaction: the cardholder, Issuer, merchant, and acquirer. This data allows you to compare information about the cardholder and a specific transaction, providing the merchant with evidence that the purchase was authorized by the cardholder.
CHIP + UCAF = online security and payment guarantee
Major global markets are gradually switching to chip technology. This is already happening in Europe, Central Asia, Africa, Latin America, and the Asia-Pacific region. Thanks to the latest developments of MasterCard, financial enterprises can offer a single solution for authorization of EMV smart cards using UCAF, which allows providing a new level of security to participating banks.
Sharing EMV cards and UCAF generates a cryptographic signature for all transaction data. Thus, by investing in the transition to chip technologies, banks simultaneously increase the security of using cards in electronic and mobile environments.
In addition to authorization, this MasterCard solution allows cardholders to perform transactions that are important to Them, and allows banks to verify them. From a financial point of view, banks now have the ability to distribute initial investments between several services, thus increasing the efficiency of their business.
When using smart cards as a means of secure authorization, the key issue is choosing a reader. There are a number of such devices-from simple and cheap models to high-tech platforms. Choice of language-
the ROI is determined in accordance with the set of services required for the client. Each device structure has its own advantages. Accordingly, the choice is determined by the Bank’s strategy and the services it plans to provide.
The installation and risk management of connected readers are subject to stricter requirements, even though they allow for more services to be provided.
Non-connected readers are smaller and cheaper. The choice of architecture/structure is a compromise between portability, security, cost, and a set of services.
E-Commerce security
Online shopping is becoming a part of everyday life, but the share of electronic transactions in the total volume of transactions remains quite low.
The main obstacle to the development of e-Commerce for banks is the complexity of conducting transactions using remote access and high return risks associated with fraudulent actions.
To solve these problems, you can use chip cards in conjunction with UCAF. This will allow you to authorize the cardholder at the time of the transaction, and important data will be protected by a cryptographic signature.
The MasterCard solution combines the capabilities of smart cards and UCAF. The smart card allows you to establish the authenticity of the card holder, and UCAF provides secure transmission of authorization confirmation to the Issuer.
In order to make a payment, the holder must insert the card into the reader and enter the PIN code, without having to remember additional passwords or codes. When processing the transaction, the PIN is checked and the card is authorized. A request for authorization via the UCAF infrastructure is sent to the Issuer along with a unique password that is generated by the card itself when it is passed through the reader.
Mobile commerce
The share of mobile Commerce in the total volume of operations is small.
In the future, the development of payment services will be a decisive factor.
One of the most promising areas in the field of mobile Commerce is the replenishment of mobile phone bills.
In Europe, by the end of 2000, 50% of all mobile phone owners used the eMarketer service. The MasterCard solution, which combines a chip and a UCAF standard (an unconnected reader and an EMV card), is designed specifically for this business sector.
This solution for mobile Commerce is similar to the solution for e-Commerce and differs only in the following parameters:
works when using an unconnected reader;
the user interface is a mobile phone keyboard.
In addition, this solution can be used for initial secure authorization of access to any remote service. In fact, the smart card provides security and authorization, allowing banks to offer additional services.
Partnership development
MasterCard actively collaborates with its partners in evaluating potential architectures/structures in order to identify and offer solutions that are relevant to the needs of banks and meet our requirements and standards.
Secure remote access
Today, many banks use password-based secure access mechanisms that are less secure than smart cards. In addition, EMV-based solutions have the advantage of reducing customer service costs.
Currently, at the level of banks in different countries, new slots are being developed to provide additional security using smart card technology. Organizations refuse to implement CVM – the method Of confirming the Authenticity of the Cardholder-and expect to reduce marketing and organizational costs in this regard.
In the solution offered by MasterCard, the access mechanism is as simple as for ATMs. The holder inserts the card into the reader and enters the PIN code. no other passwords or codes are required.
When processing the transaction, the PIN code is checked and then a request for card authorization is sent.
The reader generates an active password that is provided to the cardholder. This password does not represent any value and does not carry secret information. It can only be used by the issuing Bank.

Chip-based authorization is beneficial for all participants in the payment process.
Advantages for issuers:
Improving the effectiveness of current or future EMV investments.
A single global solution that guarantees secure access in a virtual environment.
Security of e-Commerce and mobile Commerce, increases the effectiveness of UCAF.
A basic solution that can be used to access other services, such as the Issuer’s server.
Secure access to remote channels.
It is based on a well-known and proven standard.
Implementation of the system is possible in a short time.
Does not require additional actions from the cardholder.
Advantages for trade organizations:
Using a reliable MasterCard payment model on the Internet.
Increased investment in IT.
Improving the effectiveness of UCAF.
Advantages for cardholders:
A single way to access all banking services.
Does not change the usual behavior when using the card.
The familiar mechanism of action (as in ATMs).
Confidence in the security of the payment.
For more information, contact your MasterCard representative in your area or send an email request [email protected]
I MasterCard PayPass
A simple and easy method of payment