S 5.36 Encryption under Unix and Windows NT

Initiation responsibility: IT Security Management, Administrators

Implementation responsibility: IT users, Administrator

Concerning the transmission of messages through a network, all communication partners should be aware that unencrypted messages might be read, altered or intercepted unnoticed at any point on the transmission route. For this reason, consideration should be given as to whether messages should be encrypted and or signed digitally.

Many Unix systems provide encryption programs like crypt; other systems are stripped of their encryption programmes before export from the USA

Under Windows NT different encryption programmes are available from commercial software providers. Furthermore, many public-domain programmes for MS-DOS and MS-Windows, such as PGP mentioned below, can be installed under Windows NT.

Several public-domain encryption programmes covering different operating systems are available for encrypting messages.

DES is a simple encryption programme based on an algorithm of the same name. To decrypt a message, the recipient must use the same key used by the sender to code the message.

PGP (Pretty Good Privacy) is a common cryptography program. PGP allows, on the one hand, to encrypt messages and, on the other hand, to protect them from changes by means of a digital signature (see also S 5.63 Use of PGP).

Unix sources of PGP can be obtained, for example, from ftp.Germany.EU.net (192.76.144.75) or the mail server archive-server@Germany.EU.net.

The Unix-standard-editors ed, ex and vi can be used in an encryption mode, allowing texts to be encrypted immediately on creation. The crypt encryption programme is generally used here. Note that the key must never be used as an argument for the command invocation, otherwise it could be detected with the ps command, for example.

Many mail programmes also contain options for encrypting messages. Here, a check must be made as to which algorithms are used for encryption. In many cases, the procedures can be deciphered easily. Although the use of such encryption procedures always increases the degree of protection of the message, the use of higher-grade procedures like DES or RSA should be considered here.

The security of the encryption procedure is decisively determined by three factors:

• The encryption algorithm must be designed in such a way that it is impossible to reconstruct the plain text from the encrypted text without knowledge of the relevant key, i.e. the effort required to crack the algorithm or cipher should be much greater than the value of the information obtained as a result.

• A suitable key should be selected. If possible, it should be generated randomly. If a key can be selected like a password, the relevant instructions in S 2.11 Provisions governing the use of passwords must be observed.

• The encryption programme, coded text and keys must not be stored together on one data medium. It is advisable to store the key separately. This can be done by writing it on pasteboard and then keeping it like a credit card in the purse/wallet. If the keys are stored on floppy disks, these should be kept separate from the IT system.

Additional controls:

• Are users trained to use encryption products?

• Which encryption algorithms are used?

• Are the data and keys stored separately?