




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
These lecture notes cover the basics of network security, including attacks on computers, cryptography, and security services. the need for security measures in the age of electronic connectivity and provides examples of threats to assets. It also covers the different types of attacks, such as interception and modification, and the security services that protect against them.
Typology: Lecture notes
1 / 184
This page cannot be seen from the preview
Don't miss anything!





























































































Attacks on Computers and Computer Security: Introduction, The need of Security, Security approaches, Principles of Security, Types of Security Attacks, Security Services, Security Mechanisms, A model for Network Security. Cryptography: Concepts and Techniques: Introduction, Plain text and Cipher Text, Substitution Techniques, Transposition Techniques, Encryption and Decryption, Symmetric and Asymmetric Cryptography, Steganography, Key Range and Key Size, Possible types of Attacks.
This is the age of universal electronic connectivity, where the activities like hacking, viruses, electronic fraud are very common. Unless security measures are taken, a network conversation or a distributed application can be compromised easily.
Some simple examples are: i. Online purchases using a credit/debit card. ii. A customer unknowingly being directed to a false website. iii. A hacker sending a message to person pretending to be someone else. Network Security has been affected by two major developments over the last several decades. First one is introduction of computers into organizations and the second one being introduction of distributed systems and the use of networks and communication facilities for carrying data between users & computers. These two developments lead to ‘computer security’ and ‘network security’, where the computer security deals with collection of tools designed to protect data and to thwart hackers. Network security measures are needed to protect data during transmission. But keep in mind that, it is the information and our ability to access that information that we are really trying to protect and not the computers and networks.
Because there are threats: Threats A threat is an object, person, or other entity that represents a constant danger to an asset The 2007 CSI survey 494 computer security practitioners 46% suffered security incidents 29% reported to law enforcement Average annual loss $350,
which consists of measures to deter, prevent, detect, and correct security violations that involve the transmission & storage of information
consider 3 aspects of information security:
Security Attack Security Mechanism Security Service
any action that compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems often threat & attack used to mean same thing have a wide range of attacks can focus of generic types of attacks Passive Active
Passive Attack
Active Attack
Interruption An asset of the system is destroyed or becomes unavailable or unusable. It is an attack on availability. Examples:
Destruction of some hardware Jamming wireless signals Disabling file management systems Interception An unauthorized party gains access to an asset. Attack on confidentiality.
Examples : Wire tapping to capture data in a network. Illicitly copying data or programs Eavesdropping Modification
The other aspect of confidentiality is the protection of traffic flow from analysis. Ex: A credit card number has to be secured during online transaction.
Authentication
This service assures that a communication is authentic. For a single message transmission, its function is to assure the recipient that the message is from intended source. For an ongoing interaction two aspects are involved. First, during connection initiation the service assures the authenticity of both parties. Second, the connection between the two hosts is not interfered allowing a third party to masquerade as one of the two parties. Two specific authentication services defines in X.800 are
Peer entity authentication: Verifies the identities of the peer entities involved in communication. Provides use at time of Mediaconnectionestblishment and during data transmission. Provides confidence against a masquera or replay attack Data origin authentication: Assumes the authenticity of source of data unit, but does not provide protection against duplication or modification of data units. Supports applications like electronic mail, where no prior interactions take place between communicating entities. Integrity
Integrity means that data cannot be modified without authorization. Like confidentiality, it can be applied to a stream of messages, a single message or selected fields within a message. Two types of integrity services are available. They are:
Connection-Oriented Integrity Service: This service deals with a stream of messages, assures that messages are received as sent, with no duplication, insertion, modification, reordering or replays. Destruction of data is also covered here. Hence, it attends to both message stream modification and denial of service. Connectionless-Oriented Integrity Service: It deals with individual messages regardless of larger context, providing protection against message modification only.
An integrity service can be applied with or without recovery. Because it is related to active attacks, major concern will be detection rather than prevention. If a violation is
detected and the service reports it, either human intervention or automated recovery machines are required to recover. Non-repudiation
Non-repudiation prevents either sender or receiver from denying a transmitted message. This capability is crucial to e-commerce. Without it an individual or entity can deny that he, she or it is responsible for a transaction, therefore not financially liable. Access Control This refers to the ability to control the level of access that individuals or entities have to a network or system and how much information they can receive. It is the ability to limit and control the access to host systems and applications via communication links. For this, each entity trying to gain access must first be identified or authenticated, so that access rights can be tailored to the individuals. Availability
It is defined to be the property of a systemMediaorasystemresource being accessible
and usable upon demand by an authorized system entity. The v ilability can significantly be
affected by a variety of attacks, some amenable to automated counter measures i.e
authentication and encryption and others need some sort of physical action to prevent or
recover from loss of availability of elements of distributed system.
According to X.800, the sec rity mechanisms are divided into those implemented in a specific protocol layer and those that are not specific to any particular protocol layer or security service. X.800 also differentiates reversible & irreversible encipherment mechanisms. A reversible encipherment mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted, whereas irreversible encipherment include hash algorithms and message authentication codes used in digital signature and message authentication applications Specific Security Mechanisms Incorporated into the appropriate protocol layer in order to provide some of the OSI security services, Encipherment: It refers to the process of applying mathematical algorithms for converting data into a form that is not intelligible. This depends on algorithm used and encryption keys.
Digital Signature: The appended data or a cryptographic transformation applied to any data unit allowing to prove the source and integrity of the data unit and protect against forgery.
Data is transmitted over network between two communicating parties, who must cooperate for the exchange to take place. A logical information channel is established by defining a route through the internet from source to destination by use of communication protocols by the two parties. Whenever an opponent presents a threat to confidentiality, authenticity of information, security aspects come into play. Two components are present in almost all the security providing techniques. A security-related transformation on the information to be sent making it unreadable
by the opponent, and the addition of a code based on the contents of the message, used to verify the identity of sender. Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception A trusted third party may be needed to achieve secure transmission. It is responsible for distributing the secret information to the two parties, while keeping it away from any opponent. It also may be needed to settle disputes between the two parties regarding authenticity of a message transmission. The general model shows that there are four basic tasks in designing a particular security service:
Cryptographic systems are generally classified along 3 independent dimensions: Type of operations used for transforming plain text to cipher text: All the encryption algorithms are a based on two general principles: substitution , in which each element in the plaintext is mapped into another element, and transposition , in which elements in the plaintext are rearranged.
This cryptosystem is generally referred to as the Shift Cipher. The concept is to replace each alphabet by another alphabet which is ‘shifted’ by some fixed number between 0 and 25.
For this type of scheme, both sender and receiver agree on a ‘secret shift number’ for shifting the alphabet. This number which is between 0 and 25 becomes the key of encryption.
The name ‘Caesar Cipher’ is occasionally used to describe the Shift Cipher when the ‘shift of three’ is used.
Process of Shift Cipher
In order to encrypt a plaintext letter, the sender positions the sliding ruler underneath the first set of plaintext letters and slides it to LEFT by the number of positions of the secret shift. The plaintext letter is then encrypted to the cipher text letter on the sliding ruler underneath. The result of this process is depicted in the following illustration for an agreed shift of three positions. In this case, the plaintext ‘tutorial’ is encrypted to the cipher text ‘WXWRULDO’. Here is the cipher text alphabet for a Shift of 3 −
On receiving the cipher text, the receiver who also knows the secret shift, positions his sliding ruler underneath the cipher text alphabet and slides it to RIGHT by the agreed shift number, 3 in this case. He then replaces the cipher text letter by the plaintext letter on the sliding ruler underneath. Hence the cipher text ‘WXWRULDO’ is decrypted to ‘tutorial’. To decrypt a message encoded with a Shift of 3, generate the plaintext alphabet using a shift of ‘-3’ as shown below −
Security Value
Caesar Cipher is not a secure cryptosystem because there are only 26 possible keys to try out. An attacker can carry out an exhaustive key search with available limited computing resources.
Simple Substitution Cipher
It is an improvement to the Caesar Cipher. Instead of shifting the alphabets by some number, this scheme uses some permutation of the letters in alphabet.
For example, A.B…..Y.Z and Z.Y……B.A are two obvious permutation of all the letters in alphabet. Permutation is nothing but a jumbled up set of alphabets.
With 26 letters in alphabet, the possible permutations are 26! (Factorial of 26) which is equal to 4x10^26. The sender and the receiver may choose any one of these possible permutation as a cipher text alphabet. This permutation is the secret key of the scheme.
Process of Simple Substitution Cipher
Write the alphabets A, B, C,...,Z in the natural order. The sender and the receiver decide on a randomly selected permutation of the letters of the alphabet. Underneath the natural order alphabets, write out the chosen permutation of the letters of the alphabet. For encryption, sender replaces each plaintext letters by substituting the permutation letter that is directly beneath it in the table. This process is shown in the following illustration. In this example, the chosen permutation is K, D, G, O. The plaintext ‘point’ is encrypted to ‘MJBXZ’.
Here is a jumbled Cipher text alphabet, where the order of the cipher text letters is a key.
On receiving the ciphertext, the receiver, who also knows the randomly chosen permutation, replaces each ciphertext letter on the bottom row with the corresponding plaintext letter in the top row. The ciphertext ‘MJBXZ’ is decrypted to ‘point’.
Security Value
Simple Substitution Cipher is a considerable improvement over the Caesar Cipher. The possible number of keys is large (26!) and even the modern computing systems are not yet powerful enough to comfortably launch a brute force attack to break the system. However, the Simple Substitution Cipher has a simple design and it is prone to design flaws, say choosing obvious permutation, this cryptosystem can be easily broken.
Monoalphabetic and Polyalphabetic Cipher
Monoalphabetic cipher is a substitution cipher in which for a given key, the cipher alphabet for each plain alphabet is fixed throughout the encryption process. For example, if ‘A’ is encrypted as ‘D’, for any number of occurrence in that plaintext, ‘A’ will always get encrypted to ‘D’.
All of the substitution ciphers we have discussed earlier in this chapter are monoalphabetic; these ciphers are highly susceptible to cryptanalysis.
Polyalphabetic Cipher is a substitution cipher in which the cipher alphabet for the plain alphabet may be different at different places during the encryption process. The next two examples, playfair and Vigenere Cipher are polyalphabetic ciphers.
Playfair Cipher
In this scheme, pairs of letters are encrypted, instead of single letters as in the case of simple substitution cipher.
In playfair cipher, initially a key table is created. The key table is a 5×5 grid of alphabets that acts as the key for encrypting the plaintext. Each of the 25 alphabets must be unique and one letter of the alphabet (usually J) is omitted from the table as we need only 25 alphabets instead of 26. If the plaintext contains J, then it is replaced by I.
Using these rules, the result of the encryption of ‘hide money’ with the key of ‘tutorials’ would be −
QC EF NU MF ZV
Decrypting the Playfair cipher is as simple as doing the same process in reverse. Receiver has the same key and can create the same key table, and then decrypt any messages made using that key.
Security Value
It is also a substitution cipher and is difficult to break compared to the simple substitution cipher. As in case of substitution cipher, cryptanalysis is possible on the Playfair cipher as well, however it would be against 625 possible pairs of letters (25x25 alphabets) instead of 26 different possible alphabets.
The Playfair cipher was used mainly to protect important, yet non-critical secrets, as it is quick to use and requires no special equipment.
Vigenere Cipher
This scheme of cipher uses a text string (say, a word) as a key, which is then used for doing a number of shifts on the plaintext.
For example, let’s assume the key is ‘point’. Each alphabet of the key is converted to its respective numeric value: In this case,
p → 16, o → 15, i → 9, n → 14, and t → 20.
Thus, the key is: 16 15 9 14 20.
Process of Vigenere Cipher
The sender and the receiver decide on a key. Say ‘point’ is the key. Numeric representation of this key is ‘16 15 9 14 20’. The sender wants to encrypt the message, say ‘attack from south east’. He will arrange plaintext and numeric key as follows −
He now shifts each plaintext alphabet by the number written below it to create ciphertext as shown below −
Here, each plaintext character has been shifted by a different amount – and that amount is determined by the key. The key must be less than or equal to the size of the message. For decryption, the receiver uses the same key and shifts received ciphertext in reverse order to obtain the plaintext.
Security Value
Vigenere Cipher was designed by tweaking the standard Caesar cipher to reduce the effectiveness of cryptanalysis on the ciphertext and make a cryptosystem more robust. It is significantly more secure than a regular Caesar Cipher.
In the history, it was regularly used for protecting sensitive political and military information. It was referred to as the unbreakable cipher due to the difficulty it posed to the cryptanalysis.
Variants of Vigenere Cipher
There are two special cases of Vigenere cipher −
The keyword length is same as plaintext message. This case is called Vernam Cipher. It is more secure than typical Vigenere cipher. Vigenere cipher becomes a cryptosystem with perfect secrecy, which is called One-time pad.
One-Time Pad
The circumstances are −
The length of the keyword is same as the length of the plaintext. The keyword is a randomly generated string of alphabets. The keyword is used only once.
A pure transposition cipher is easily recognized because it has the same letter frequencies as the original plaintext. The transposition cipher can be made significantly more secure by performing more than one stage of transposition. The result is more complex permutation that is not easily reconstructed.
A plaintext message may be hidden in any one of the two ways. The methods of steganography conceal the existence of the message, whereas the methods of cryptography render the message unintelligible to outsiders by various transformations of the text. A simple form of steganography, but one that is time consuming to construct is one in which an arrangement of words or letters within an apparently innocuous text spells out the real message. e.g., (i) the sequence of first letters of each word of the overall message spells out the real (hidden) message. (ii) Subset of the words of the overall message is used to convey the hidden message. Various other techniques have been used historically, some of them are:
Character marking – selected letters of printed or typewritten text are overwritten in pencil. The marks are ordinarily not visible unless the paper is held to an angle to bright light. Invisible ink – a number of substances can be used for writing but leave no visible trace until heat or some chemical is applied to the paper. Pin punctures – small pin punctures on selected letters are ordinarily not visible unless the paper is held in front of the light. Typewritten correction ribbon – used between the lines typed with a black ribbon, the results of typing with the correction tape are visible only under a strong light.
Requires a lot of overhead to hide a relatively few bits of information. Once the system is discovered, it becomes virtually worthless.
Symmetric Key Ciphers: Block Cipher Principles and Algorithms (DES, AES, and Blowfish), Differential and Linear Cryptanalysis, Block Cipher Modes of Operations, Stream Ciphers, RC4, Location and Placement of encryption function, Key Distribution. Asymmetric Key Ciphers: Principles of Public Key Cryptosystems, Algorithms (RSA, Diffie- Hellman, ECC), Key Distribution.
A Conventional/Symmetric encryption scheme has five ingredients: