S 5.68 Use of encryption procedures for network communications

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

Communication networks transport data between IT systems. The data is rarely transmitted via a dedicated communications line between the parties communicating with each other. Instead, the data is routed via a number of intermediate stations. Depending on the communication medium and the technology used, the data can be intercepted by the intermediate stations without authority, or also by third parties residing in the respective switching network (for example when using the Ethernet protocol without point-to-point networking). As the data being transmitted should not be tapped or modified by unauthorised third parties, nor used by them for subsequent replay into the network, a suitable mechanism must be used to prevent this happening. Encryption of the data with - if necessary - mutual authentication of the communication partners can reduce this risk (depending on the strength of the chosen encryption procedure and the security of the keys used; see also Section 3.7 Crypto concept).

As a rule, applications communicate with each other in order to exchange application-related information. Encryption of the data can then be carried out at several levels:

• At the application level: the communicating applications each have to have the relevant encryption and decryption mechanisms available to them.

• At the operating system level: encryption is performed by the local operating system. All communication via the network is encrypted either automatically or on request.

• At the network switching element level: encryption takes place between the network switching elements (e.g. routers).

The individual mechanisms each have specific advantages and disadvantages. Encryption at the application level has the advantage that encryption is fully subject to the control of the respective application. One disadvantage is that the only partner applications that can be considered for encrypted communication are those that are equipped with the same encryption mechanism. It is also possible to use authentication mechanisms between the two partner applications.

In contrast with this, in the case of encryption at the operating system level encryption takes place transparently for every application. Each application can carry out encrypted communication with every other application, provided the operating system on which the partner application is running has the appropriate encryption mechanism. A drawback in this instance is that, with regard to authentication, only the computers can be authenticated to each other, not the respective partner applications.

Using encrypting network switching elements has the advantage that there do not have to be any encryption mechanisms on the application or computer side; in this case, too, encryption is transparent for the communication partners. Communication on the link as far as the first encrypting network switching element, however, takes place without encryption, and therefore holds a residual risk. Authentication is only possible between the switching elements. The communication partners themselves are not authenticated with this method.

If sensitive data is transmitted via a network (even within an intranet), it is advisable to use encryption mechanisms. If the chosen applications do not have their own encryption mechanisms or if the available procedure is considered to be too weak, use should be made of the possibility of encryption on the operating system side. Procedures such as SSL suggest themselves here, which were designed for transparent encryption at the operating system level. Depending on the security policy it is also possible to use encrypting network switching elements, for example in order to implement a virtual private network (VPN) with a communication partner via the Internet (appropriate software mechanisms are generally also available in firewall systems (see Section 7.3 Firewall)).

Considerable planning within the framework of the security policy of a company or agency is necessary when using encrypted communication and mutual authentication. In the context of the communication encryption methods discussed here, particular attention should be paid to the following points:

• Which procedures are to be used or are offered for encryption (in routers, for example)?

• Do the encryption mechanisms that are employed support or use existing or planned standards (IPSec, IPv4, IPv6, IKE)?

• Have sufficiently strong procedures and correspondingly long keys been chosen, in accordance with the security policy?

• Are the keys held in secure storage?

• Are the keys generated in a secure environment, and do they have a secure route to the place where they are needed (computer, software component)?

• Are key recovery mechanisms required?

If certificates are used for the authentication of communication partners, similar questions have to be considered.