In this post, we will cover information related to cryptography technology that you need to understand as a system engineer to carry out cybersecurity work. This post explains the concepts of symmetric and asymmetric key encryption, Hash, digital signature, MAC, and TRNG.
Basic concepts of cyber security cryptography
Encryption is a technology used to keep information safe and involves converting data into ciphertext. The mathematical calculations used in this process change bits of data, rendering the original data unrecognizable. Decryption refers to the reverse process of converting this ciphertext back into the original plaintext.
Encrypt
- Definition: The process of changing normal data entered by the user into unrecognizable data.
- Purpose: Ensures confidentiality of data and prevents unauthorized persons from reading the data.
Decrypt
- Definition: The process of converting encrypted data back into normal data.
- Purpose: To make encrypted data usable normally.
One-way encryption (hash)
1. Definition and functions of hash algorithm
- Hash algorithm is a function that converts data into a hash value of a unique, fixed size. This hash value acts like a fingerprint representing the original data, and even if there is a very small change in the original data, the hash value is output completely differently. This characteristic makes it very useful for verifying the integrity of data.
2. Integrity Verification
- Integrity refers to the characteristic of data remaining accurate and complete. Hash algorithms are used to determine whether data has been corrupted or manipulated during storage or transmission. For example, passwords are converted into hash values and stored in the database, and user authentication is performed by comparing the hash value of the password entered at login with the stored hash value.
3. Representative hash algorithms
- SHA Series: SHA (Secure Hash Algorithm) started with SHA-0 and has evolved into SHA-1, SHA-2, SHA-3, etc. Each version has a different security level and hash value size, and SHA-2 and SHA-3 are currently the most widely used algorithms.
- MD5 (Message-Digest Algorithm 5): MD5 generates a 128-bit hash value, but due to security vulnerabilities discovered, it is currently used for less important purposes than integrity verification.
4. Use cases of hash algorithm
- Data Integrity Verification: Compares the hash value of the original file to determine if the software or file was corrupted during download.
- Secure password storage: Hashes the password and stores it in the database, preventing the actual password from being exposed.
- System log verification: By periodically generating a hash value of the system log, you can check whether the log has been changed.
The hash algorithm is a very important tool in ensuring the integrity of data because it cannot decrypt data by itself. These algorithms are essential in the information security field and play a significant role in strengthening the cybersecurity environment.
Two-way encryption
- Feature: Encrypted data can be decrypted and returned to the original data.
- Purpose: Used to maintain data confidentiality and access control. Protects the content of messages in email and messaging systems, or encrypts information stored in databases to prevent information from being exposed in the event of a data leak.
- Example: RSA, AES
Symmetric key and non-matching encryption method
Encryption technologies are broadly divided into two main types: symmetric key encryption and asymmetric key encryption. Each encryption method has different methods of protecting data and the scenarios in which it is used. Let’s look at the basic concepts and differences between these two methods, as well as the pros and cons of each method.
Symmetric Key Encryption
Symmetric key encryption is an encryption method that uses the same key during the encryption and decryption process. In this method, a single secret key is shared between the sending and receiving sides of the data, and this key is used to encrypt and decrypt the data.
1. Advantages
- Speed: Symmetric key encryption requires less complex calculations compared to asymmetric key encryption, resulting in faster processing speed.
- Efficiency: It can quickly encrypt large data, making it suitable for processing large amounts of data.
2. disadvantage
- Key Management: It is difficult to securely exchange and manage keys. If your keys are leaked, the security of your encrypted data is at risk.
- Scalability: A separate key must be used for each communication, which makes key management complicated for communication between a large number of users.
3. Technical Example
- AES (Advanced Encryption Standard):
- It is currently the most widely used symmetric key encryption algorithm.
- Depending on the key size, there are variations such as AES-128, AES-192, and AES-256.
- Because of its high security and efficiency, it is used by governments and many companies to protect data.
- DES (Data Encryption Standard):
- Older standard encryption method, using 56-bit keys.
- Although it has now largely been replaced by the more secure AES, it has great historical significance.
- 3DES (Triple DES):
- To strengthen the security of DES, data is encrypted three times.
- It is more secure than DES, but slower than AES and is increasingly less used in newer systems.
- Blowfish and Twofish:
- Blowfish provides fast and efficient encryption, but has evolved into the more secure Twofish.
- Twofish was one of the finalists in the AES selection process.
4. Use Case
- Used for large file transfer, database security, internal network security, etc.
Asymmetric Key Encryption
Asymmetric key encryption is an encryption method that uses two keys, one is a public key and the other is a private key. The public key is accessible to everyone, but only the owner has the private key. You use a public key to encrypt data, and a private key to decrypt it.
1. Advantages
- Key Exchange: Public keys can be shared securely, and private keys cannot be leaked. This allows you to exchange keys securely.
- Digital Signature: Asymmetric keys can be used to create digital signatures that verify the origin and integrity of data.
2. disadvantage
- Speed and Resources: Asymmetric key encryption is computationally more complex and consumes more resources than symmetric key encryption, resulting in slower processing speed.
- Suitable data size: Mainly used for small data or key exchange, ineffective for encrypting large amounts of data.
3. Technical Example
- RSA (Rivest-Shamir-Adleman):
- It is one of the most widely known asymmetric key encryption algorithms.
- Used for encryption and digital signature of data.
- It is based on the prime factorization problem of large integers, so it is very safe when the key size is large.
- ECC (Elliptic Curve Cryptography):
- Uses an elliptic curve to provide high security even with shorter key lengths.
- Preferred in environments with limited processing power, such as mobile devices.
- Diffie-Hellman key exchange:
- Rather than being used to encrypt data, it is used to exchange keys over a secure communication channel.
- Keys exchanged in this way can be used for symmetric key encryption.
- DSA (Digital Signature Algorithm):
- This is an algorithm mainly used to create digital signatures.
- Provides secure digital signatures, similar to RSA, but does not provide encryption.
4. Use Case
- Used for web communication security (SSL/TLS), email security (PGP), blockchain technology, etc.
Each encryption method should be selected based on the specific situation and requirements, and often a combination of both methods is used to increase security. For example, SSL/TLS protocols use asymmetric keys for key exchange and symmetric keys for data transmission.
Digital Signature
Digital signatures play an important role in ensuring the authenticity, integrity, and non-repudiation of information in digital form, such as messages or documents. This ensures reliability in digital communications. There are many different ways to use digital signature technology, and you can select and use technologies that are suitable for different purposes and environments. Here we will explain in detail the main features of digital signatures and the technologies that implement them.
Key features of digital signatures
1. Authenticity
- An digital signature guarantees that a message or document was created by a specific person or entity. This is possible because the private key used in the signing process is known only to the signer.
2. Integrity
- You can confirm that the message or document being transmitted has not been changed. By creating a hash for the message and signing it, the recipient can detect any changes by comparing the hashes.
3. Non-repudiation
- By signing a message or document, the signer cannot later repudiate his or her actions. It clarifies the responsibilities and obligations of signatories in legal documents or important transactions.
Technologies for implementing digital signatures
1. Public Key Cryptography
- It is the most widely used digital signature technology.
- During the signing process, the signer’s private key is used to encrypt the hash of the message, and the recipient uses its public key to decrypt the hash to verify its integrity.
- Representative algorithms include RSA, DSA, and ECC.
2. Biometrics
- Signatures are performed using personal biometric information such as fingerprint, iris, and facial recognition.
- It can provide a high level of security because it uses biometric information unique to each individual.
3. Blockchain Technology
- Execute digital signatures and record transaction details using the immutability of blockchain.
- Each transaction is recorded in a block, and integrity is guaranteed by connected blocks forming an immutable chain.
Digital signatures are an essential means of securing reliability in the digital environment, and security is being strengthened through various technological approaches. Each technology must be selected according to its characteristics and requirements, and application of appropriate digital signature technology is essential, especially when it comes to important transactions or data protection.
MAC (Message Authentication Code)
Message Authentication Code (MAC) is an important network security tool that simultaneously ensures data integrity and authentication. It is particularly used in data transmission over networks to verify the identity of the sender and ensure that the transmitted message has not been altered en route. MAC is based on symmetric key cryptography and is calculated using a secret key shared by the sender and receiver. Here we will explain in detail how MAC works, common use cases, and applications in the automotive industry.
How MAC works
1. Creation process:
- The sender calculates the MAC value using the secret key shared with the message to be transmitted.
- An encryption function or hash function is usually used for this calculation.
- The calculated MAC value is attached to the message and sent to the recipient.
2. Verification Process:
- The recipient independently calculates the MAC value using the same secret key and the received message.
- The receiver compares the MAC value it calculated with the MAC value received along with the message.
- If the two MAC values match, the message has not been altered and the sender’s identity has been verified.
Typical types of MAC
1. HMAC (Hash-based Message Authentication Code):
- MAC based on hash function, provides data integrity and authentication.
- Increase security by using hash algorithms such as SHA and MD5.
2. CMAC (Cipher-based Message Authentication Code):
- Generates MAC using a symmetric key encryption algorithm.
- It is based on a block cipher such as AES and is calculated using an encryption function.
3. GMAC (Galois Message Authentication Code):
- Used as part of Galois/Counter Mode (GCM) and utilizes block cipher technology.
- It is characterized by high-speed processing and high security.
Applications in the automotive industry
1. Secure Boot:
- When the battlefield controller starts up, it uses MAC to verify the integrity of the firmware.
- Checks whether the software loaded during the booting process is legitimate and prevents the execution of malicious code.
2. SecOC (Secure Onboard Communication):
- MAC is used to protect data communication on in-vehicle networks such as CAN (Controller Area Network) or Ethernet.
- Protects vehicles from external attacks by ensuring the integrity of data transmission and authentication of each device.
MAC ensures the safety of data and is used as an important security element in various industries. The automobile industry is actively introducing MAC, especially in areas directly related to vehicle safety, to build more reliable vehicle systems.
True Random Number Generator (TRNG)
TRNG is an essential technology for a variety of applications that require a high level of security. This device generates completely unpredictable random numbers, strengthening the encryption process and minimizing security vulnerabilities. Let’s take a closer look at TRNG principles and key use cases.
How TRNG works
TRNG utilizes randomness based on physical phenomena to generate numbers. These physical phenomena include inherently unpredictable natural phenomena such as electronic noise, radioactive decay, and the behavior of photons. These physical elements are not affected by the external environment and cannot be artificially manipulated, providing a high level of security.
Key use cases for TRNG
1. Generating the secret key of the encryption algorithm:
- To build a strong encryption system, TRNG is used to generate secret keys. The secret key must be generated based on randomness, which greatly improves the security of the cryptographic algorithm.
2. Generate Session ID and Transaction ID:
- In online communications and financial transactions, session IDs and transaction IDs must be unique and unpredictable. By using TRNG, these identifiers can be generated completely randomly, increasing security.
3. DPA Defense:
- DPA (Differential Power Analysis) attacks infer encryption keys by analyzing changes in power consumption occurring in encryption devices. Random masking values generated using TRNG are effective in preventing these attacks.
4. Create OTP (One Time Password):
- The OTP system requires a new password for each login attempt. OTP generated through TRNG can greatly increase resistance to hacking attacks.
Advantages of TRNG
- Unpredictability: TRNG generates completely random numbers, making them very difficult to predict or manipulate from the outside.
- Enhanced Security: By ensuring the randomness of important security elements such as encryption keys, the overall system security can be strengthened.
- Versatility: Can be used in a variety of security applications and protocols, enabling application in a wide range of fields.
The use of TRNG is one of the core elements of cybersecurity, and is an essential technology for privacy and data security. As the importance of data protection continues to increase in the digital age, the role and importance of TRNG technology is also becoming more prominent.
This concludes the post on the concepts of symmetric and asymmetric key encryption, Hash, digital signature, MAC, and TRNG. If you have a conceptual understanding of the relevant technologies, you as a system engineer will have no difficulty adding security-related content to the OEM’s security requirements or system architecture.
From the next post, I will explain the technologies actually applied to achieve automotive cyber security one by one.
If you are interested in other articles about Cyber Security Series, please refer to the links below!
[Cyber Security] 1. ISO/SAE 21434 Basic
[Cyber Security] 4. External, internal communication security and GATEWAY security
[Cyber Security] 5. Security Controls : Diagnostic Security Features
[Cyber Security] 6. Access Control : Diagnostic Security Features
[Cyber Security] 7. Security Updates : Diagnostic Security Features
[Cyber Security] 8. Secure Boot, Secure Debug, Secure Storage