Maximizing Payment Card Industry (PCI) & Cryptographic System Security

This article talks about how different factors and controls can affect the strength and effectiveness of a cryptographic system's security. It gives particular consideration to the requirements of the Payment Card Industry (PCI).

The effectiveness of a cryptographic system depends on many factors

There are a number of things that can determine the strength of a cryptographic system. If any one of these factors is neglected, it will drastically lower the protection capability of the system, even though all other factors are operating at full strength. For example, an organization can employ a best-in-class key management system but choose to use the wrong type of key as they install a cryptographic system in their facility.

Understanding the purpose of a cryptographic system

The PCI DSS Requirement 3, “Protect stored cardholder data.” requires cardholder data to be protected at all levels; Cryptography is one important pillar to accomplishing this task. Cryptography can be defined as the means to protect stored and transferred data from unauthorized access, and to ensure that such data is protected with appropriate encryption methods (which can only be decrypted by authorized users). Encryption and decryption involve the use of a key (or keys) to transform data between readable and unreadable states.

Although cryptography can be considered the primary means of protecting data in computer networks, it is only a part of a company's overall system security. PCI DSS (Payment Card Industry Data Security Standard) requires a set of additional methods to achieve a suitable level of security (the PCI term is “control objectives”), including

• Secure networks (i.e. through firewalls and suitable passwords)
• Vulnerability management programs (with regularly updated anti-virus software)
• Strong access control ( with unique ID numbers and restricted access to cardholder data)
• Regular monitoring and testing of the networks
• Security Policies
  
  

Strong Cryptography

To be considered "strong cryptography", a cryptographic system must be based on industry-tested and accepted algorithms, along with appropriate key lengths. An up-to-date key management system should be installed, which is designed to handle all the tasks involved in cryptographic key usage, according to the key management policy and type of technology being used.

Commonly used examples of standard cryptographic algorithms and their minimum recommended key lengths are as follows:

• AES (128 bits and higher)
• TDES (minimum triple-length keys)
• ECC (160 bits and higher)
• RSA (2048 bits and higher)
• ElGamal (2048 bits and higher)

For more information on acceptable cryptographic algorithms, and key strengths, see NIST Special Publication 800-57 Part 1.

Hashing functions can also provide stronger protection and ensure that no part of the data has been modified from the original (the hashed form of data is not reversible. It is used to verify data by comparing it to decrypt data that has been hashed.)

The dependence of cryptographic strength on individual factors

Ultimately, the protection level provided by a cryptographic system depends directly on the strength of the keys, the effectiveness of algorithms, mechanisms, and protocols associated with keys, and the keys' protection. These measures relate to the effectiveness of the key management system, and its ability to operate in accordance with the key management policies of an organization. The level of security for an entire computer network is no greater than the weakest of any of these factors.

Controls for added protection in a cryptographic system

Cryptographic systems containing keys and cryptographic functions require additional controls to protect critical information from unauthorized disclosure and modification. Below, we'll talk about three types of controls and how they can be used to give more protection.

• Accountability - The minimum requirement for accountability is to provide the means to account for every person who is able to view a copy of a cryptographic key. More advanced accountability systems can identify all individuals or entities that have access to, or control, cryptographic keys over their entire life span. This can be accomplished by keeping a chronological record of all activities related to key usage. This information provides the necessary clues to efficiently recover from a key compromise or disclosure. By using this control method, unauthorized use of a key can be prevented. If any such use is detected, it provides the means to pinpoint the exact time the compromise occurred, the data that was compromised, the person responsible, and whether or not any other keys were affected. So if any evidence of compromise is detected, the system can determine who, when, where, and what went wrong.
  
  
• Audit - Auditing should be performed periodically on a cryptographic system to ensure it is up-to-date and provides a sufficient level of security according to the KMS policy. The auditing control for key management systems can be divided into three categories:
  
  
  • Policy support - A control should be set up to periodically audit the security plan and the procedures that are developed to support the plan. The key management policy should specify the roles, responsibilities, facilities, and procedures for routinely auditing the keying material and related records to ensure that they continue to support the policy.
    
    
  • New developments - As new technology is developed and new types of attacks are discovered, the cryptographic functions and other protective mechanisms should be periodically reassessed in their ability to provide the present and expected future levels of security. Any action taken in this section must continue to support the fundamental management policy.
    
    
  • Human Use - Anyone that uses, operates, or maintains a cryptographic system has the potential for human error that may cause disruption in the system. Any action by a human on the system should be logged and periodically reviewed to ensure that the appropriate procedures are followed. Any unusual activity can be deemed as an indicator of an attempted attack.

Conditions and procedures should also be set up for unscheduled audits that can be triggered whenever a suspected compromise by an unauthorized user is suspected.

• Survivability - Sometimes, there are so many keys involved in encrypting and decrypting a message that the intended recipient isn't able to view the message because of the high level of security or some error in accessing a key or related material. Depending on whether the error is related to key access problems or some other type of failure occurs in the system, there are two potential data recovery methods:
  
  
  • Backup keys - If there is a possibility of error in accessing a key, backups should be maintained of all the keys involved in encrypting and decrypting a message, and any other related keying material
  • System redundancy - It may become impossible for a recipient to decode a message if some part of the cryptographic mechanism fails unless some form of contingency planning is made. Some types of failures include lost key cards or tokens, forgotten passwords, hardware failure, power loss, memory corruption, etc. A backup procedure or method should be developed for these situations to recover any lost data or communication capability. The contingency planning should also address these two issues:
    • The restoration or accessing mechanisms
    • Restoring critical processes while maintaining integrity protection and confidentiality for authorization and authentication.

The recovery process and damage assessment in these types of failures are much more difficult if it involves a key that is used to share information with a large number of users. Additionally, a large number of related keys may be affected. These tasks are made much simpler if the key can only be used between two users, for example. Therefore, the number of users that have any kind of access to a given key should be kept to a minimum. The issue of Survivability is covered in detail in the blog article: “Ensuring the Survivability of a Cryptographic System”.

References and further reading

• Payment Card Industry (PCI) - Requirements and Security Assessment Procedures - Version 3.0 (2013) from the PCI Security Standards Council
• Payment Card Industry (PCI) Data Security Standard Glossary, Abbreviations and Acronyms (2016) PCI Security Standards Council
• Recommendation for Key Management – Part 1: General (2007) Elaine Barker, William Barker, William Burr, William Polk, and Miles Smid
• Strong Cryptography Definition (2015) by Margaret Rouse

Image: "-Secure Data-Cyber security-", courtesy of www.bluecoat.com, Flickr (CC BY 2.0)