10 Summary
10.2 Summary of Sections 6–9
Integrity relates to assurances that a message has not been tampered with in any unauthorised way. A method of providing this assurance is to create a message digest, which gives a concise identity of the original message, and append it to the message. The message digest of the received message can then be calculated and checked for discrepancies against the digest sent. A message digest takes the form of a small fixed-length block of data known as a hash value. A hash value created by a one-way hash function is relatively easy to compute but difficult to reverse.
Time stamps, sequence numbers and nonces are used to provide assurances about the freshness of a message and help to prevent replay attacks.
Message authentication can be provided by including a digest of the message encrypted by the sender's private key. The encrypted digest is known as a digital signature. The recipient decrypts the digest using the sender's public key, computes a new digest of the received message and compares the results. A certification authority is a trusted third party that is able to validate public keys by issuing a digital certificate that binds the identity of the user with the key.
The most common ways of controlling access to communication networks are restricting mechanical access and implementing password schemes and firewalls. Strong passwords can be generated provided that they contain no recognisable structure. Such passwords should be capable of withstanding, at least for a useful period of time, brute force and other computer-assisted discovery techniques. However, such passwords are difficult to remember and human factors become critical.
Firewalls are implemented to control traffic at the borders of protected networks. Three approaches are based on packet-filtering rules (packet-filtering router), application type and content (application level gateway) and validity of transport connection (circuit level gateway). These approaches in varying combinations can provide firewalls appropriate to the level of perceived threat, but sufficiently non-restricting to legitimate users of the protected networks.