Beruflich Dokumente
Kultur Dokumente
1
Basic Concepts
Security Attacks
2
• Interruption:
S D
¾Attack on availability
S D
• Interception:
¾Attack on
confidentiality I
S D
• Modification:
¾Attack on integrity
I
S D
• Fabrication:
¾Attack on
authenticity I
3
Passive and Active Attacks
• Passive attacks
¾Obtain information that is being
transmitted (eavesdropping).
¾Two types:
Release of message contents.
Traffic analysis.
¾Very difficult to detect.
• Active attacks
¾Involve some modification of the data
stream or the creation of a false stream.
¾Four categories:
Masquerade:- One entity pretends to be
a different entity.
Replay:- Passive capture of a transaction
and subsequent replay.
4
Modification:- Some portion of a
message is altered on its way.
Denial of service:- Prevents access to
resources.
Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (parties cannot later deny)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
¾ Denial of Service Attacks
¾ Virus that deletes files
5
Network Access Security Model
Internal
Network
G
Opponent: A Computers
Human T
ACCESS CHANNEL E Software
Virus
W resources
Worm
A Databases
Y
Security
Control
Cryptography Terminologies
6
Introduction
Typical Flow
Trusted Third
Party
SENDER RECEIVER
Intruder
7
Symmetric Key Cryptography
8
Illustration
EA DA
Ciphertext
Plaintext Plaintext
C
P P
B E
C D
9
Classical Techniques
A Simple Example
10
¾We can generalize the idea by replacing
each letter by the kth following letter.
¾If we assign a number to each letter
(A=1, B=2, etc), then
C = E (P) = (P + k – 1) % 26 + 1
P = D (C) = (C – k + 25) % 26 + 1
¾ Drawback:
Brute force attack is easy
Try out all the 25 possible keys
Mono-alphabetic Cipher:
¾Allow any arbitrary substitution.
¾There can be 26! or 4x1026 possible keys.
¾A typical key may be:
(ZAQWSXCDERFVBGTYHNMJUIKLOP)
¾Drawbacks:
We can make guesses by observing the
relative frequency of letters, digrams, and
trigrams in the text.
Easy to break in general.
11
Transposition Ciphers
Key: 4 3 1 2 5 6 7
w e a r e a t
t e n d i n g
o n e c o n f
e r e n c e a
t I I T K h a
r a g p u r -
C: aneeIg rdcnTp eenrIa wtoetr eiocKu annehr tgfaa-
12
¾Drawbacks:
The ciphertext has the same letter
frequency as the original plaintext.
Guessing the number of columns
and some probable words in the
plaintext holds the key.
13
Practical Algorithms
14
General Schematic of DES
P (64-bit) K (56-bit)
IP PC 1
K1
Round 1 PC 2 LCS
K2
Round 2 PC 2 LCS
K16
Round 16 PC 2 LCS
DES
15
Triple DES
K1 K2 K3
P E D E C
X Y
K3 K2 K1
C D E D P
Y X
16
Need for a new standard
17
SOLUTIONS TO QUIZ
QUESTIONS ON
LECTURE 31
18
Quiz Solutions on Lecture 31
19
Quiz Solutions on Lecture 31
20
QUIZ QUESTIONS ON
LECTURE 32
21
Quiz Questions on Lecture 32
22