
DATA ENCRYPTION
The strength of an encryption algorithm is related to two factors. One is
the strength of the algorithm itself. The second is the size of the key used with the
algorithm. The RC5 algorithm has been extensively examined by RSA Data Security, Inc. as
well as outside consultants. The cryptographic community is confident that RC5 is a secure
algorithm. The only way to break a secure algorithm is to try every possible key on a
sequence of encrypted data.
As the size of the key increases, the time
and effort required to guess the correct key increases. Trying every possible key is known
as a brute force attack. A key 8 bits long contains 256 possible keys. A brute force
attack on this key would be simple. However, the number of possible keys increases
exponentially with key size. A 56bit key contains 256 possible keys. If an
attacker tried one million keys a second, it would take 2285 years to try each one. A
64bit key would take the same attacker 585,000 years. It is estimated that a million
dollar parallel processing computer can crack a 128bit key in 1018 years.
It is important to evaluate the
requirements for encryption. If the data being encrypted is time sensitive, shorter keys
can be used. For example, if you are encrypting details of a planned merger, the data must
be kept secret for a few months. If an attacker manages to decrypt the data 20 years after
the merger is complete, whatever information is gained will be useless.
The RC5 Algorithm
The RC5 algorithm was developed by RSA Data Security, Inc. The
Secure ICA Option Pack uses the RC5 algorithm to encrypt ICA packets. RC5 is a chaining
block cipher. In a chaining block cipher, each block uses a variable size key combined
with the encrypted version of the previous block to encrypt the current block. Rounds
denotes the number of times each block is passed through the encryption algorithm. Secure
ICA uses a 64bit block size, 12 rounds, and a 40, 56, or 128bit key size.
A detailed description of the RSA RC5
algorithm is available from RSA at http://www.rsa.com.
RC5 Keys
The RC5 algorithm is a symmetric key algorithm. One key is used to both encrypt
and decrypt data. The security of the data depends on keeping the key secret. In order to
keep data secure, there must be a method of exchanging the RC5 keys without allowing the
keys themselves to be copied. The DiffieHellman key agreement algorithm generates the
same RC5 key on the ICA client and server without exchanging information that compromises
the security of the key. The Secure ICA Services uses a total of four keys during each
session.
During user logon, Secure ICA uses two
128bit keys for enhanced security. One key is used to encrypt ICA packets the server
sends to the client. The other key is used for client to server communication.
The Secure ICA Option Pack uses two 40, 56,
or 128bit keys to encrypt ICA packets after logon. One key is used when the server is
sending data to the client. The other key is used for clienttoserver communication.
Using two separate keys increases security. The key size to use for the session is
specified by the ICA client.
Generating RC5 Keys
Each time a ICA client connects to a Citrix
server the four RC5 keys are generated.
The DiffieHellman algorithm is used when two
people need to establish secret keys but they cannot securely transmit those keys to each
other. The Citrix server and the ICA Client establish RC5 session keys using the
DiffieHellman key agreement algorithm.
The Citrix server periodically generates two
numbers (A and B) using the Encryption Service installed by the Secure ICA Option Pack.
These numbers are the DiffieHellman parameters.
The Citrix server and client follow the steps
outlined below to establish a 1024bit secret key. This secret key is split into two
128bit keys used during logon and two 128, 56, or 40bit keys used after logon.
The Citrix server generates a private key
K1 each time a ICA client connects.
Using the private key K1 and the
DiffieHellman parameters (A and B), the server generates a public key P1.
The Citrix server sends the ICA client A,
B, and the server's public key P1.
The ICA client generates a private key K2
each time a connection is made to a Citrix server. The client receives A, B, and the
server's public key P1.
Using the private key K2 and the Citrix
server's public key P1, a 1024bit secret key S is generated.
The ICA client generates a public key P2
using its private key K2 and the DiffieHellman parameters (A and B).
The ICA client sends its public key P2 to
the WinFrame server.
The Citrix server receives the
client's public key P2. Using the client's public key P2, the DiffieHellman
parameters (A and B), and the server's private key K1, the Citrix server generates the
secret key S.
The ICA client and Citrix server both have
the same 1024bit secret keys.
The mathematical steps to generate the secret
key are described below.
Server

Generate private key K1

Use two well known values A and B

Generate a public key P1 = AK1 mod B

Send P1, A, and B to the client
Client

Client receives P1, A, and B

Client generates a private key K2

Client uses the public key P1 and its private key K2 to
generate a secret key S using the following algorithm: S = P1K2 mod B

Generate a public key P2 = AK2 mod B

Send P2 to the server
Server
Even if P2, P1, A and B are known by an
intruder, S cannot be derived from that information. The algorithm relies on the
mathematical property that
(AK1 mod B) K2 mod B = AK1K2 mod B
(AK2 mod B) K1 mod B = AK1K2 mod B

What Is Encrypted
Secure ICA encryption is applied to the entire ICA packet. Except
for a small encryption header, all of the ICA commands and data are encrypted, including:

Keystrokes

Mouse data

Graphic information

Client drive data

Client printer data

Client audio data
