Todays Lecture

Introduction to Computer
Security

Intro. to Comp. Sec.

Introduction to the Module

Tom Chothia

Ciphers
Frequency analysis
One Time Pads
AES

What Does Computer Security

Protect?
McCumber
Cube

Confidentiality: attacker cant read

your data

A framework for
thinking about
computer security

Integrity: The data I receive is genuine.

Availability: I can get my data when I
need it.
source:wikipedia

A Threat/Attacker Model
What are we trying to keep our assets
safe from?
Before building a security system you
must state your assumption about what
the attacker might try.

Standard Network Attacker

Model
We normally assume that the attacker is
as strong as possible, but cannot break
our crypto.
The attacker owns the network
But

This is known as a threat model or an

attacker model.

Most attackers are much weaker than this.

Bad crypto can be broken.

Attackers
Lone Hackers, script
kiddies.
Probably run known attacks
using scripts.

Professional Criminal
gangs:
Take control of 100,000s
of computers via bugs in
web-browsers
Spam, phishing attacks.
DoS attacks

VM based exercises

Governments:
Unbelievable computing
power
Wiretaps
Lawyers

ISPs, Service providers

Dont break laws.
Do spy on you.
May sell/loose your data

Insiders.

Lab Sessions
From week 2, on Wednesday from
10-12 there will be a lab session.

Web Page
http://www.cs.bham.ac.uk/internal/courses/comp-sec/
Lecture slides.

Lab sessions are a chance to get hands

on help and try out demos you have
seen in the lectures.

N.B. You will need to use a

laptop to run the VM.

Live Demos
These lectures will include lots of live
demos.
All live demos are risky, some will go
wrong, e.g.,
Dropped network connections
Crashed program.

If you want to be shown how to do a demo

yourself, see me or a tutor during a lab
session.

Exercises.
A Facebook group for questions and discussion:
IntroCompSec2015
https://www.facebook.com/groups/1538774439706261/

Further reading.

DO NOT TRY OUT ANYTHING

ON COMPUTERS YOU DONT
OWN
It is illegal to access computers without the
owners permission.
Most access is logged, and its easy to get
caught.
Trying something just for fun could get
you kicked out of the University.

Should you take this module?

Should you take this module?

This module is about how systems fail.
So, you need a good understanding of
how systems work.
Java, Jar files,
Websites: HTML, JavaScript, SQL, HTTP,..
Good mathematics (modulo arithmetic,
power laws)

Codes vs. Ciphers

A code is any way to represent data. E.g.

Codes vs Cipher
What is 27 in binary?

Morse Code, ASCII, Hex, Base64, Binary,

A cipher is a code that it designed to be

hard to read.
Almost always uses a key.

a) 00011011
b) 0010 0111
c) 00110010 00110111
d) 00100111
e) All of the above.

Hex
0 = 0000
1 = 0001
2 = 0010
3 = 0011
4 = 0100
5 = 0101
6 = 0110
7 = 0111

8 = 1000
9 = 1001
A = 1010
B = 1011
C = 1100
D = 1101
E = 1110
F = 1111

Characters 0 to F
encode 4 bits.
Easiest way to write
down binary as text.
27 = 0010 0111

Base64

Caesar Cipher
Shortest way
to write binary
as printable
characters.
Common for
keys & crypto
This module
will use hex

Using a Key

One of the first codes was used by Julius

Caesar."
The Caesar Cipher replaces each letter of the
alphabet with one three to the right, i.e.
a becomes d,
b becomes e,
....
z becomes c.

Using a Key

These ciphers are easy to break because

as soon as you know the scheme you
can decrypt the message.
Kerckhoffs's principle: A cipher should
be secure even if the attacker knows
everything about it apart from the key.

For instance, we can use the Caesar cipher

rotating n rotations.
But only 26 possible keys so you can just try
them all (breaking the cipher is 26 times
harder without the key).
A better scheme replaces each letter with
another letter. Here there are 26! 4 x 1026
possible keys.

Frequency Analysis
While hard to break by brute force,
replacing each letter with another is
easy to break using frequency analysis.
Frequency analysis counts the number
of times
each symbol occurs
each pair of symbols
etc.

and tries to draw conclusions from this.

source:wikipedia

Frequency Analysis

One Time Pads

Perfect encryption
Needs a key as long as the message.
XOR/add the key and the message:
Plain Text

Message: HELLOALICE
Key:
SGFKPQYEIJ
Cipher text: ALRWERKNLO
Cipher Text
picture for wikipedia GNU

One Time Pads

One Time Pads

Perfect encryption
Needs a key as long as the message.
XOR/add the key and the message:

Perfect encryption
Needs a key as long as the message.
XOR/add the key and the message:

Cipher text ALRWERKNLO

Key:
SGFKPQYEIJ
Message: HELLOALICE

Cipher text ALRWERKNLO

Key:
TWCSCTFLWM
Message: GOODBYEBOB

(M

Xor

k) k

=M

0 xor 0 = 0
1 xor 0 = 1
0 xor 1 = 1
1 xor 1 = 0

ascii

Hello Alice
Key
11001011 01001101 11110001

01011001 01100101 01110011

One Time Pads

Problem
The key needs to be as long as the
message.

Russia during and after W.W.2

Reused the key material
Broken by the Venona project.

10010010 00101000 10000010

Block Ciphers
Modern ciphers work on blocks of plain text,
not just a single symbol.
They are made up of a series of
permutations and substitutions repeated
on each block.
The key controls the exact nature of the
permutations and substitutions.

Modulo Arithmetic
Arithmetic modulo n means that you count
up to n-1 then loop back to 0
i.e., 0,1,2,...,n-1,0,1,2,...,n-1,0,1,2,...
a mod b = r
for largest whole number k
such that a = b.k + r

Advanced Encryption
Standard ( AES )
AES is a state-of-the-art block cipher.
It works on blocks of 128-bits.
It generates 10 round keys from a single 128bit key.
In uses one permutation: ShiftRows and three
substitutions SubBytes, MixColumns,
AddRoundKey.

SubBytes: S-box
a0,0 a0,1 a0,2 a0,3

b0,0 b0,1 b0,2 b0,3

a1,0 a1,1 a1,2 a1,3

b1,0 b1,1 bb1,2

b1,3
1,2

a2,0 a2,1 a2,2 a2,3

b2,0 b2,1 b2,2 b2,3

a3,0 a3,1 a3,2 a3,3

b3,0 b3,1 b3,2 b3,3

The SubByte is a fixed substitution

based on matrix multiplication, one byte
at a type.

e.g. 9 mod 4 = 1 because 9 = 2.4 +1

ShiftRows
a0,0 a0,1 a0,2 a0,3
a1,0 a1,1 a1,2 a1,3
a2,0 a2,1 a2,2 a2,3
a3,0 a3,1 a3,2 a3,3

no change
1 to the left
2 to the left
3 to the left

MixColumn

b0,0 a
a
b0,1 a
b0,2 a
b0,3

a0,0 a0,1 a0,2 a0,3

b0,0 b0,1 b0,2

0,2 b0,3

b1,1
a
b1,2
b1,3
b1,0
1,0 a
1,1 a
1,2 a
1,3

a1,0 a1,1 a1,2 a1,3

b1,0 b1,1 b1,2 b1,3

b2,2
a
b2,3
b2,0
b2,1
2,0 a
2,1 a
2,2 a
2,3

a2,0 a2,1 a2,2 a2,3

b2,0 b2,1 b
b2,2
2,2 b2,3

b3,3
a
b3,0
b3,1
b3,2
3,0 a
3,1 a
3,2 a
3,3

a3,0 a3,1 a
a3,3
3,2

b3,0 b3,1 b
b3,2 b3,3
3,2

ShiftRows moves the

2nd row one byte to the left,
the 3rd row two bytes
and the 4th row 3 bytes.

MixColumn is a substitution of each column

such that:
(a0.x3 +a1.x2 + a2.x + a3) x (a0.x3+a1.x2+a2.x+a3)
mod (x4+1) = ( b0.x3 + b1.x2 + b2.x + b3 )

AddRoundKey
a0,0 a0,1 a0,2 a0,3

b0,0 b0,1 b0,2 b0,3

a1,0 a1,1 a1,2 a1,3 xor with key

b1,0 b1,1 b1,2 b1,3

a2,0 a2,1 a2,2 a2,3

b2,0 b2,1 b2,2 b2,3

a3,0 a3,1 a3,2 a3,3

b3,0 b3,1 b3,2 b3,3

AddRoundKey xors the block with the 128bit round key (which was generated from the
main key).
bi,j = ai,j xor ki,j

AES

AES encrypts data by first generating the

round keys from the main key
Then 9 rounds of:
1.
2.
3.
4.

SubBytes
ShiftRows
MixColumns
AddRoundKey

Finally:
1. SubBytes
2. ShiftRows
3. AddRoundKey

Tomorrows Lecture:
Modern Block Ciphers
AES, DES and 3-DES

How to encrypt more than one block

Block cipher modes
ECB, CBC, CTR