UNIT-6:

Case Studies on Cryptography and Security: Secure Inter Branch Transactions,

CASE STUDIES ON CRYPTOGRAPY AND SECURITY

Secure Inter-branch Payment Transactions

 Points for classroom discussions
1. What is the technology to achieve non-repudiation? How is this guaranteed?
2. How is the problem of key distribution resolved in PKI?
3. Why are cryptographic toolkits required?
4. How can smart cards be used in cryptography?
General Bank Of India (GBI) has implemented an Electronic Payment System called as EPS
in about 1200 branches across the country. This system transfers payment instructions
between two computerized branches of GBI. A central server is maintained at the EPS office
located in Mumbai. The branch offices connect to the Local VSAT of a private network by
using dial-up connection. The local VSAT has a connectivity established with the EPS office.
GBI utilizes its proprietary messaging service called as GBI-Transfer to exchange payment
instructions. Currently, EPS has minimal data security. As the system operates in a closed
network, the current security infrastructure may suffice the need. The data moving across the
network is in encrypted format.
Current EPS Architecture EPS is used to transmit payment details from the payer branch to
the payee branch via the central server in Mumbai which is also described stepby- step.

 A data-entry person in the Payer Branch enters transaction details through the EPS
interface.
 A Bank Officer checks the validity of the transaction through the EPS interface.
 After validating the transaction, the Bank Officer authorizes the transaction.
Authorized transaction is stored in a local Payment Master (PM) database.

 Once the transaction is stored in PM, a copy of the same is encrypted and stored in a
file. This transaction file is stored in OUT directory.

 The GBI-Transfer application looks for any pending transactions (i.e. for the presence
of any files in the OUT directory) by a polling mechanism and if it finds such
 transactions, it sends all these files one-by-one to the EPS central office located in
Mumbai by dialing the local VSAT.

 The local VSAT gets connectivity to the EPS central office and the transaction is
transferred and
stored in the IN directory at the EPS central office.

 The interface program at the EPS central office collects the file pending in the IN
directory and sends it to the PM application at that office.

 In order to send the Credit Request to PM, the transaction headers are changed. The
transaction with changed headers in encrypted format is then placed in OUT directory
of the EPS central office.

 The GBI-Transfer application at the EPS central office collects the transactions
pending in the OUT directory and sends them to the Payee Bank through the VSAT.

 The transaction is transferred and stored in the IN directory of the Payee Branch.

 The interface program at the Payee Branch collects the transaction and posts it in PM.

 PM marks the credit entry and returns back an acknowledgement of the same. The
acknowledgement is placed in OUT directory of the Payee Branch.

 The acknowledgement is picked by GBI-Transfer at the Payee Branch and sent to the
EPS central office through the VSAT.

 The EPS central office receives the credit acknowledgement and forwards it to Payer
Branch.

 The Payer Branch receives the credit acknowledgement receipt. This completes the
transaction.

Requirements to Enhance EPS As GBI is in the process of complete automation and setting
up connectivity over the Internet or a private network, they need to ensure stringent security
measures, which demand the usage of a Public Key Infrastructure (PKI) framework.
As a part of implementing security, GBI wants the following aspects to be ensured:
• Non-repudiation (Digital Signatures)
• Encryption – 128-bit (Upgrade to the current 56-bit encryption)
• Smart card support for storing sensitive data & on-card digital signing
• Closed loop Public Key Infrastructure :
Proposed Solution Since providing cryptographic functionalities require the usage of a
cryptographic toolkit, it is assumed that GBI will implement an appropriate Certification
Authority (CA) infrastructure and a PKI infrastructure offering.
The transaction will be digitally signed and encrypted/decrypted at the Payer and Payee
branches, as well as at the EPS central office. The signing operation can be performed on the
system or on external hardware like a smart card. On the server side, a provision of
automated signing without any manual intervention will be provided.
The transaction flow described earlier would now be split into two legs:
• The payer Leg (Payer Branch to the EPS central office)
• The payee Leg (EPS central office to the Payee Branch)

Cross Site Scripting Vulnerability (CSSV)

Points for classroom discussions
 What is the purpose of scripting technologies on the Internet?
 What can prevent CSSV attacks?
 What sort of testing can the creators of a Web site perform in order to guard against possible
CSSV attacks?
Cross Site Scripting Vulnerability (CSSV) is a relatively new form of attacks that exploits
inadequate validations on the server-side. The term Cross Server Scripting Vulnerability
(CSSV) is actually not completely correct. However, this term was coined when the problem
was not completely understood and has stuck ever since. Cross-site scripting happens when
malicious tags and/or scripts attack a Web browser via another site’s dynamically generated
Web pages. The attacker’s target is not a Website, but rather its users (i.e. clients or
browsers).
The idea of CSSV is quite simple to understand and is based on exploiting the scripting
technologies, such as JavaScript, VBScript or JScript. Let us understand how this works.
Consider the following Web page containing a form as shown in Fig. 10.9, in which the user
is expected to enter her postal address. Suppose that the URL of the site sending this page is
www.test.com and when the user submits this form, it would be processed by a server-side
program called as address.asp.
We would typically expect the user to enter the house number, street name, city, postal code
and country, etc. However, imagine that the user enters the following weird string, instead:

<SCRIPT>Hello World</SCRIPT>
As a result, the URL submitted would be something like www.test.com/address.asp?address=
<SCRIPT>Hello World </SCRIPT>.
Now suppose that the server-side program address.asp does not validate the input sent by the
user and simply sends the value of the field address to the next Web page. What would this
translate to? It would mean that the next Web page would receive the value of address as
<SCRIPT>Hello World</ SCRIPT>.
As we know, this would most likely treat the value of the address field as a script, which
would be executed as if it is written in a scripting language, such as JavaScript etc on the
Web browser. Therefore, the user would get to see Hello World.
Virtual Elections
Points for classroom discussions
 Is it technically possible to have elections on the Internet? How? What sort of
infrastructure would be needed for this?
 What would be the main concerns in such a virtual election?
 What would be the use of digital signatures and encryption in virtual elections?

Another situation where cryptography is useful is virtual elections. Computerized voting

would become quite common in the next few decades. As such, it is important that the
protocol for irtual

Fig. Secret splitting

P Original secret

≈ XOR

R Random Number

S Combined secret

Alice gets only S Bob gets only R

They must come together; combine their

respective secrets (S and R) to generate the
original secret (P).

elections should protect individual privacy and should also disallow cheating. Consider the
following protocol in order that voters can send their votes electronically to the Election
authority (EA).
  Each voter casts the vote and encrypts it with the public key of the EA.

 Each voter sends the encrypted vote to the EA.

 The EA decrypts all the votes to retrieve the original vote, tabulates all
the votesand announces the result of the election.

Is this protocol secure and does it provide comfort both to the voters as well as to
the EA?Not at all!
There are following problems in this scheme:

 The EA does not know whether the authorized voters have voted
or it hasreceived fake (bogus) votes.
 Secondly, there is no mechanism to prevent duplicate voting.
What is the advantage of this protocol? Clearly, no one would be able to change
another voter’s vote, because it is first encrypted with the EA’s public key and is then
sent to the EA.However, if we observe this scheme carefully, an attacker need not
change someone’s vote atall. The attacker can simply send duplicate votes!
How can we improve upon this protocol to make it more robust? Let us rewrite it, as follows:
 Each voter casts the vote and signs it with her private key.
 Each voter then encrypts the signed vote with the public key of the EA.
 Each voter sends the vote to the EA.
 The EA decrypts the voter with its private key and verifies the
signature of thevoter with the help of the voter’s public key.
 The EA then tabulates all the votes and announces the result of the
election. This protocol would now ensure that duplicate voting is disallowed.
Because the voter hassigned the vote (with her private key) in Step 1, this can be
checked. Similarly, no one canchange another voter’s vote. This is because a vote
is digitally signed and any changes to itwill be detected and exposed in the
signature verification process.
Although this protocol is a lot better, the trouble with this scheme is that the EA would
come toknow who voted for whom, leading to privacy concerns. We shall leave it to
the reader to figure out how this problem can be solved.
Secure Multiparty Computation/calculation:
In the last few decades, data privacy and security has become the primary concern to everyone. Due to
the rise in technological advancements and the internet, it has been a challenging task to provide data
security and data privacy of the data, when data is distributed over large distributed networks. As
everyone is now concerned with their data, a lot of research is going on how to provide data security
and privacy to the participants in the network. One of the techniques which provide the solution to the
problems of data security and data privacy is Secure Multiparty Computation.
The secure multiparty computation may be defined as the problem of ‘n’ players to compute jointly on
an agreed function securely on the inputs without revealing them.

History

Secure multiparty computation started early in the 1970s. It was known as multiparty computation at
that time. It does not gain popularity at that time as it was not implemented practically. In the 1982’s
it was introduced as secure two-party multiparty computation. It is used to solve a lot of problems of
computation without revealing the inputs to other parties. Finally, it came with a name as secure
multiparty computation in which the functions of different types are computed, that is the reason it is
sometimes called SFE- Secure Function Evaluation.

1. The secure multiparty computation is used for the utilization of data without compromising
privacy.
2. It is the cryptographic subfield that helps in preserving the privacy of the data.
3. Emerging technologies like blockchain, mobile computing, IoT, cloud computing has resulted
in the rebirth of secure multiparty computation.
4. Secure multiparty computation has become the hot area of research in the last decade due to
the rise of blockchain technology.
1. The researchers are now more interested to implement secure multiparty computation in
distributed systems.
2. Unlike in centralized systems, secure multiparty computation may have better performance in
distributed systems.

Architecture
The secure multiparty computation provides a protocol where no individual can see the other parties
data while distributing the data across multi parties. It enables the data scientists and analysts to
compute privately on the distributed data without exposing it.

Multiparty sharing data among each other with any third party using a specified protocol.

The co-workers want to compute the maximum salary without revealing their individual salary to
others. To perform such a computation, secure multiparty computation is implemented to calculate the
maximum salary. The parties in a distributed manner jointly perform a function to calculate it without
revealing the salary. Data in use is kept in encrypted form, broken up, and distributed across parties,
there are no chances of quantum attacks. It is impossible to have a trusted party in the real world, as
all parties communicate with each other in one or the other way In such a scenario, the parties may get
corrupted. The corrupted parties have behavior like semi-honest and malicious

1. A semi-honest opponent is one who follows the specified protocol but makes the parties
corrupted. The protocol is run honestly, but they try to extract information from the messages
exchanged between parties.
2. A malicious adversary makes an attempt to breach security and does not follow the specified
protocol. The adversary can make the changes during the execution process of the protocol. While
using multiparty computation, we assume the party is honest which follows all the protocols.

Example

Suppose we want to compute the average salary among three employees without revealing the actual
salary, for such problems one can use secure multiparty computation. Let’s take an example-
Example of computing average salary of multiparty using additive sharing.

Mathematical representation of the problem can be given as:

F(A, B, C) = Average (A, B, C)

Sam, Bob, and Cassy want to calculate their average salary.

1. Say Sam’s salary is $40k. Using additive sharing, $40k is split into randomly generated three
pieces $44k, $-11k, and $7k.
2. Sam keeps one of these secret pieces with herself and distributes the other two to each.
3. The same procedure is followed by all three.
4. Secret sharing keeps the data in encrypted form when in use. The procedure is given below-

Sam Bob Cassy

44 -11 7 $40

-6 32 24 $50

20 0 40 $60

$58 $21 $71

Total salary = $150

Average Salary = 150/3

= $50

From the above data shared there is no clue about the actual salary, but the average salary is being
calculated.

Techniques
There are a number of techniques developed for secure multiparty computation protocol construction
having different features. Some techniques used in secure Multiparty computation are listed below:

1. Shamir Secret Sharing: Secret sharing is utilized as the basic tool when there is an honest
majority in secure multiparty computation. A secret sharing scheme is that a secret s is shared
among n parties, such that t+1 or more parties come together to reconstruct the secret. The parties
lesser than t cannot get any information or reconstruct the secret. The scheme which fulfills the
requirements of t+1 out of n is called the threshold secret sharing scheme.
2. Honest Majority MPC: The function can either be represented by Boolean or arithmetic
circuit in an honest majority. For MPC-based secret sharing having the honest majority, there is
finite field Zp with p>n for arithmetic circuit and the circuit is Turing complete.
3. Input sharing: Every party shares the input using the Shamir secret sharing. The circuit is
being provided the input for computation. Every party keeps his input private by adding some
random number to the input and finally, after getting the output the random number is known to
the party is removed, and we get the output.
4. Circuit evaluation: The circuit is evaluated by parties one gate at a time. The gates are
evaluated serially from input to output. The evaluation consists of the computation of addition and
multiplication gates. For inputs a(x) and b(x), the output of addition for the ith party is calculated
as c(i) = a(i) + b(i). Similarly, the output of multiplication for the ith party is calculated as c(i) =
a(i) . b(i).
5. Private set intersection: The private set intersection protocol is very efficient for the two
parties’ problems. Two parties who wish to find the elements of intersection with private set of
inputs without revealing the input, the private set intersection is better approach for both honest
and dishonest adversaries.
6. Threshold cryptography: Threshold cryptography aims to carry out the cryptographic
operations for a set of parties without holding the secret by any of the single party. RSA algorithm
is used for the scheme where the basic function is y=xe mod n. RSA is used for encrypting secrets
or messages.
7. Dishonest majority MPC: In the secure multiparty computation, there can be both honest and
dishonest parties. The secure Multiparty computation is secure as long as there is an honest
majority. If the adversaries are corrupt more than the majority, new approaches are required for
security. For the dishonest majority, there are protocols like GMW oblivious transfer, garbled
circuit, Tiny oz and many more protocols.

Benefits Of Secure Multiparty Computation

Let’s discuss some benefits of secure multiparty computation:

1. Trusted third party: In Secure Multiparty Computation, we can share data in a distributed
manner with different organizations without any third party and even the privacy of data will be
preserved while sharing data.
2. Data Privacy: The private data of organizations can be shared for computation purposes. The
concern of data privacy is provided by using secure multiparty computation, which keeps the data
in use in encrypted form. Thus, the data is not revealed or compromised.
3. High accuracy: Secure Multiparty Computation provides highly accurate results for different
computations using cryptography.
4. Quantum safe: The data shared between parties is safe against quantum attacks, as the data is
broken up and encrypted when distributed among parties for computation.

Limitations Of Secure Multiparty Computation

Secure multiparty computation being used for solving different problems, but there are few limitations.
The main limitations are the computational overhead and high communication costs.

1. Computational overhead: To provide the security we need to generate the random numbers,
the random number generation requires more computation overhead which slows down runtime.
2. High communication costs: Distributing the data to multiple parties for computation over the
networks leads to higher costs of communication.