Applying Cryptographic Security Services - a NIST summary

This article summarizes the basic cryptographic security services described in NIST Special Publication 800-57 (1, rev.4) for Key Management that can be used to protect information (or as a supporting protective mechanism) against attacks.

The publication describes the following basic security services as confidentiality, integrity, authentication, source authentication, authorization and non-repudiation.

A range of cryptographic and non-cryptographic tools may be used to support these services. While a single cryptographic mechanism could provide more than one service, it cannot provide all services.

Confidentiality

The property of confidentiality is required when preventing the disclosure of information to unauthorized parties is required. Cryptography is used to encrypt information, rendering it incomprehensible to all but those who are authorized to view it. To provide confidentiality, the cryptographic algorithm and mode of operation needs to be designed and implemented in such a way that an unauthorized party will be unable to determine the keys that have been associated with the encryption or have the ability to derive the information without using the correct keys.

Data Integrity

Data integrity provides assurance that data has not been modified in an unauthorized manner after it was created, transmitted or stored. This means that there has been no insertion, deletion or substitution done with the data. Digital signatures or message authentication codes are cryptographic mechanisms that can be used to detect both accidental modifications that might occur because of hardware failure or transmission issues and deliberate modifications that might be performed by an adversary. While non-cryptographic mechanisms can be used to detect accidental modifications, they are not reliable
for detecting deliberate modifications.

Authentication

Cryptography can provide two types of authentication services:

1. Integrity authentication can be used to verify that non-modification has occurred to the data.
2. Source authentication can be used to verify the identity of who created the information, such as the user or system.

Digital signatures or message authentication codes are used most often to provide authentication services. Key-agreement techniques might also be used to provide this service.

Authorization

Authorization provides permission to perform a security function or activity. This security service is often supported by a cryptographic service. Authorization is generally granted after the successful execution of a source authentication service.

Non-Repudiation

In key management, the term non-repudiation refers to the binding of a certificate subject through the use of digital signature keys and digital certificates to a public key. When non-repudiation is required for a digital signature key, it means that the signature that has been created by that key has the support of both the integrity and source authentication services of a digital signature. The digital signature may also indicate a commitment by way of the certificate subject in the same manner that a document with a handwritten signature would. However, here are many aspects to be considered in making a legal decision regarding non-repudiation and this cryptographic mechanism is considered only one element to be used in that decision.

Support Services

Supporting services are often required for the above basic cryptographic security services. As an example, a cryptographic service will often require services for key establishment and random number generation as well as protection of the cryptographic keys themselves.

Combining Services

Combination of the above six security services is strongly advised. When designing a secure system, designers usually begin by determining which security systems are required to protect the information that will be contained and processed by the system. Once the services have been determined, the mechanisms that will best provide these services are considered.

Some of the mechanisms chosen might not be cryptographic in nature. For example, physical security measures, such as identification badges or biometric identification devices may be used to limit access to certain data for confidentiality purposes. However, cryptographic mechanisms that include algorithms, keys or other key material are generally the most cost-effective methods for keeping information secure.

Managing the keys

The correct management of cryptographic keys is essential to the level of security which might be achieved in a system through cryptography. This achievable security depends on various factors such as the architecture of the cryptographic system or the applied mix of mechanisms and their intrinsic robustness against attacks.

So what is the relation between the security level of a system, cryptographic keys and cryptographic mechanisms? Simply put, all encrypted information in a system is protected by cryptographic keys. This protection remains operational as long as the cryptographic keys have not been compromised. In other words: to protect the basic security services provided by cryptography, we need to do everything necessary to ensure that the protective mechanisms for managing the keys securely do not fail.

References and Further Reading

• NIST Special Publication 800-57 Part 1 Revision 4 Recommendation for Key Management Part 1: General (2016), by Elaine Barker, Computer Security Division Information Technology Laboratory, National Institute of Standards and Technology
• Predictions 2017: Customer-Obsessed Enterprises Launch Cloud’s Second Decade (November 2016)
• Selected articles on Key Management (2012-16), by Ashiq JA, Chuck Easttom, Dawn M. Turner, Guillaume Forget, James H. Reinholm, Matt Landrock, Peter Landrock, Steve Marshall, Torben Pedersen, Maria Stokes, John Trankenschuh and more  
• “Cybersecurity Incidents What Happened.” (2016), the United States Office of Personnel Management.

Image: "Security", courtesy of SmartSign, (CC BY 2.0)