Beruflich Dokumente
Kultur Dokumente
Network Security
Protecting data that are stored on or that travel over a network (against either
accidental and intentional unauthorized disclosure or modification)
Then what do you mean by privacy?
Privacy is the need to restrict access to data (unauthorized access). Security is
what we do to ensure privacy
Network Security is having three main goals:
Confidentiality -: Ensuring that data that must be kept private, stay private
Integrity -: Ensuring that data are accurate (unauthorized modification or
destruction)
Availability -: Ensure that data are accessible whenever needed by the
organization
Key Points
The OSI (open systems interconnection) security architecture provides a
systematic framework for defining security attacks, mechanisms, and services
Security attacks are classified as either passive attacks, which include
unauthorized reading of a message of file and traffic analysis; and active
attacks, such as modification of messages or files, and denial of service
A security mechanism is any process (or a device incorporating such a
process) that is designed to detect, prevent, or recover from a security attack.
Examples of mechanisms are encryption algorithms, digital signatures, and
authentication protocols
Security services include authentication, access control, data confidentiality,
data integrity, non repudiation, and availability
The generic name for the collection of tools designed to protect data and to
thwart hackers is computer security
Security Attacks
Passive Attack
Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions. The goal of the opponent is to obtain information
that is being transmitted
Two types of passive attacks are release of message contents and traffic
analysis
Security Attacks
Security Attacks
Security Attacks
Security Attacks
Note:
Passive attacks are very difficult to detect because they do not involve any
alteration of the data. Typically, the message traffic is sent and received in
an apparently normal fashion and neither the sender nor receiver is aware
that a third party has read the messages or observed the traffic pattern.
However, it is feasible to prevent the success of these attacks, usually by
means of encryption. Thus, the emphasis in dealing with passive attacks is
on prevention rather than detection.
Security Attacks
Active Attacks
Active attacks involve some modification of the data stream or the creation
of a false stream and can be subdivided into four categories:
Masquerade : One entity pretends to be a different entity
Replay : The passive capture of a data unit and its subsequent
transmission to produce an unauthorized effect
Modification of messages : The portion of the legitimate message is
altered
Denial of service : Preventing or inhibiting the normal use or
management of communications facilities
General categories of
security attacks
Interruption: An asset of the system is destroyed or becomes unavailable
or unusable - attack on availability
Interception: An unauthorized party gains access to an asset attack on
confidentiality
Modification: An unauthorized party not only gains access to but tampers
with an asset attack on integrity
Fabrication: An unauthorized party inserts counterfeit objects into the
system attack on authenticity
Security Services
Security Services
Security Services
DATA INTEGRITY -: The assurance that data received are exactly as sent
by an authorized entity (i.e., contain no modification, insertion, deletion, or
replay)
Connection Integrity with Recovery -: Provides for the integrity of
all user data on a connection and detects any modification, insertion,
deletion, or replay of any data within an entire data sequence, with
recovery attempted
Connection Integrity without Recovery -: As above, but provides
only detection without recovery
Security Services
SECURITY MECHANISMS
SECURITY MECHANISMS
Authentication Exchange -: A mechanism intended to ensure the identity
of an entity by means of information exchange
Traffic Padding -: The insertion of bits into gaps in a data stream to
frustrate traffic analysis attempts
Routing Control -: Enables selection of particular physically secure routes
for certain data and allows routing changes, especially when a breach of
security is suspected
Notarization -: The use of a trusted third party to assure certain properties
of a data exchange
Classical Encryption
Techniques
Symmetric Encryption
encryption)
(conventional
encryption
or
single-key
The many schemes used for encryption constitute the area of study known
as cryptography. Such a scheme is known as a cryptographic system or
a cipher
Symmetric Encryption
Plaintext: This is the original intelligible message or data that is fed into
the algorithm as input
Secret key: The secret key is also input to the encryption algorithm. The
key is a value independent of the plaintext and of the algorithm. The
algorithm will produce a different output depending on the specific key
being used at the time. The exact substitutions and transformations
performed by the algorithm depend on the key
Symmetric Encryption
Cryptographic Systems
Cryptographic systems are characterized along three independent
dimensions:
The type of operations used for transforming plaintext to ciphertext
All encryption algorithms are based on two general principles:
Substitution: in which each element in the plaintext (bit, letter, group of
bits or letters) is mapped into another element
Transposition: in which elements in the plaintext are rearranged
Product systems
The number of keys used
If both sender and receiver use the same key, the system is referred to as
symmetric, single-key, secret-key, or conventional encryption
If the sender and receiver use different keys, the system is referred to as
asymmetric, two-key, or public-key encryption
Cryptographic Systems
Cryptanalysis
Objective of attack?
Cryptanalysis
Cryptanalytic attacks rely on the nature of the algorithm plus perhaps
some knowledge of the general characteristics of the plaintext or even
some sample plaintext-ciphertext pairs
Exploits the characteristics of the algorithm to deduce the key or
plaintext
Brute-force attack
The attacker tries every possible key on a piece of ciphertext until an
intelligible translation into plaintext is obtained
Types of cryptanalytic
attacks
Ciphertext-only attack
The cryptanalyst does not know any of the underlying plaintext
A basic assumption is that ciphertext is always available to an attacker
Known-plaintext attack
The attacker is having the ciphertext and as well as some of the
corresponding plaintext (One or more plaintext-ciphertext pairs formed
with the secret key)
Types of cryptanalytic
attacks
Chosen plaintext attack
cryptanalyst can encrypt a plaintext of his choosing and study the
resulting ciphertext
This is most common against asymmetric cryptography, where a
cryptanalyst has access to a public key
Chosen ciphertext attack
cryptanalyst chooses a ciphertext and attempts to find a matching
plaintext
This can be done with a decryption oracle (a machine that decrypts
without exposing the key)
Unconditionally Secured
encryption scheme
If the ciphertext generated by the scheme doesnt contain enough information
to determine uniquely the corresponding plain text and no matter that how
much ciphertext is available
The encryption algorithm should meet one or both of the following
criteria:
The cost of breaking the cipher exceeds the value of the encrypted
information
The time required to break the cipher exceeds the useful lifetime of the
information
If both the above criteria are met, such an encryption scheme is said to be
computationally secure
Substitution Ciphers
1) Caesar cipher
Caesar cipher involves replacing each letter of the alphabet with the letter
standing three places further down the alphabet
d e f
3 4 5
p q
15 16
g h i
6 7 8
r s
17 18
j k l m
9 10 11 12
t u v w x y Z
19 20 21 22 23 24 25
Substitution Ciphers
Substitution Ciphers
2) Monoalphabetic Cipher (26! Key combinations)
Uses a KEY, which is the rearrangement of the letters of the alphabet
These different keys are then substituted for the letters in the plaintext to
create a ciphertext
The key is needed to decipher the secret message
Encrypt the message "meet me at school", by using a key : REMAINDER
P
T
P
T
W X
Substitution Ciphers
CIPHERTEXT : JIITJIRTSMBLLH
Monoalphabetic encryption is very easy to break, for two main reasons :
require only 26! decipherments
words with repeated letters like "meet" in the example show that
repetition in the ciphertext (frequency of the appearance of letters)
Countermeasure
- Provide multiple substitutes, known as homophones
Substitution Ciphers
3) Homophonic Cipher
Replacing each letter with a variety of substitutes
The letter 'a' accounts for roughly 8% of all letters in English, so we assign
8 symbols to represent it
The letter 'b' accounts for 2% of all letters and so we assign 2 symbols to
represent it
At the end of encipherment (after encrypting) each symbol will constitute
roughly 1% of the ciphertext.
Substitution Ciphers
Enciphering a Message
"In wartime, truth is so precious
But before we do, we should count the letters to see how they correspond
with the "standard" frequency count.
Substitution Ciphers
4) Playfair Cipher
Substitution Ciphers
The 'key' for a playfair
cipher is generally a word,
for the sake of example we
will choose 'monarchy'.
This is then used to
generate a 'key square', e.g.
Playfair Cipher
Substitution Ciphers
Exercise 2
Substitution Ciphers
5) Polyalphabetic Cipher
4. Then find the column of your plaintext letter (for example, 'w', so the
twenty-third column).
5. Finally, trace down that column until you reach the row you found before
and write down the letter in the cell where they intersect
Exercise 3
Substitution Ciphers
6) Hill Cipher
Understand by Example
Substitution Ciphers
Chose a random key matrix. This key matrix consists of size nxn order
Multiply both the Matrix (i.e. Key Matrix & Plaintext Matrix)
Now compute a mod 26 value of the above resultant matrix. That is,
take reminder after dividing the above matrix values by 26. That is:
Substitution Ciphers
=>
C = KP mod 26
Substitution Ciphers
Exercise 4
Encrypt the following by using Hill Cipher and then decipher it.
dad by using key ANOTHERBZ
Transposition Ciphers
th
position of
Transposition Ciphers
1) Rail Fence Technique
Rail Fence technique involves writing plain text message as a sequence of
diagonals and then reading it row-by-row to produce cipher text
Encryption Algorithm: Write down the plain text message as a sequence of diagonals
Read the Plain text Row-by-Row and write down left to right then top
to bottom
Example
Original Plain text massage: Come Home Tomorrow
After we arrange the plaintext message as a sequence of diagonals, it look
like follows
Now read the text row-by-row, and write it sequentially. Thus we have:
CMHMTMROOEOEOORW as the cipher text
Transposition Ciphers
2) Simple Columnar Transposition Technique
Simple columnar transposition technique simply arranges the plaintext as a
sequence of rows of a rectangle that are read in columns randomly
Write the plain text message row-by-row in a rectangle of a pre-defined size
Read the message column-by-column. However it need not be in order of
columns 1, 2, 3 etc. it can be in any order such as 2, 3, 1 etc
The message thus obtained is the cipher text message
Example
Original Plain text massage: Come Home Tomorrow
Let us consider a rectangle with six columns. Therefore, when we write the
message in the rectangle row-by-row suppressing spaces
Now , let us decide the order of columns as some random order, say 4, 6, 1, 2,
5 & 3. Then read the text in the order of these columns
The ciphertext thus obtained would be EOWOOCMROEHMMTO
Transposition Ciphers
3) Simple Columnar Transposition Technique with multiple Rounds
To improve the basic simple columnar, we can introduce more complexity
Use the same basic operation of simple columnar technique, but do it more
than once
Algorithm:
Write the plain text message row-by-row in a rectangle of a pre-defined
size
Read the message column-by-column. However, it need not to be in
order of column 1, 2, 3 etc. it can be any random order such as 2, 3, 1 etc
The message thus obtained is the cipher text message of round 1
Repeat steps 1to 3 as many times as desired
Transposition Ciphers
4) Vernam Cipher (One - time pad)
It is implemented using a random set of characters as the key
Main point is that once a key text for transposition is used, it is never used
again for any other message. So it is called One-Time
Length of the key text is equal to the length of the original plain text
Algorithm
Translate each plain text alphabet in to corresponding Number (i.e. A=0,
B=1,,Z=25)
Do the same for each character key text
Add each number corresponding to the plain text alphabet to the
corresponding key text alphabet number
If the sum thus produced is greater than 26, subtract 26 from it
Translate each number of the sum back to the corresponding alphabet. This
gives the output ciphertext
Transposition Ciphers
Example
Plain text message: HOW ARE YOU
One-time pad (KEY TEXT) : NCBTZQARX
Overview
We can express the encryption algorithm as a
composition function:
IP-1fk2 SW fk1 IP
OR ;
Ciphertext=IP-1(fk2(SW(fk1(IP(plaintext)))))
Where,
K1=P8(shift(P10(key)))
K2 =P8 (shift(shift(P10(key))))
The decryption algorithm is:
Plaintext=IP-1 (fk1(SW(fk2(IP(Ciphertext)))))
10
10
Continue
Then perform again 2 bit circular shift left on
each of the five bits:
(00001)(11000)(00100)(00011)
Finally apply again P8:
Then K2=(01000011)
S-DES Encryption
S-DES Encryption
The i/p 8-bit block plaintext is first permuted using the
IP function:
IP
2
IP-1(IP(X))=X;
Ex: IP{(10110101)}=(01111100)
IP-1 {01111100}=(10110101)
The Function fk
Let L and R be the left most 4 bits and
rightmost 4 bits of the 8 bits input
fk (L, R)=(LF(R,SK),R)
Where SK is a sub key and the is bit-by-bit
XOR function.
Ex: if the o/p of the IP is (10111101) and
F(1101,SK)=(1110) for some SK then
fk(10111101)=(1011) (1110)=(0101)
Continue
Recall the first operation is an expansion and permutation to first
4 bits as follows:
E/P
4
n1
n2
n3
n2
n3
n4
n1
n1+ K12
n2 +K13
n3 +K14
n2 +K15
n3 +K16
n4 +K17
n1 +K18
Continue
Let us rename these bits:
P0,0
P0,1
P0,2
P0,3
P1,0
P1,1
P1,2
P1,3
The first row of the matrix 4 bits are fed into the Sbox S0 to produce 2 bit o/p and the remaining 2 bits
are fed to S1 to produce another 2 bits
S-Box
The s-box operates as follows: (P0,0,P0,3 ) determine the
row of the S0 matrix and (P0,1,P0,2 )determine the column:
1
3
S0
0
0 3 2
2 1 0
, S1
2 1 3
1 3 2
0 1 2 3
2 0 1 3
3 0 1 0
2 1 0 3
DES History
then redeveloped as a commercial cipher with input from NSA and others
in 1973 NBS issued request for proposals for a national cipher standard
IBM submitted their revised Lucifer which was eventually accepted as the
DES
subsequent events and public analysis show in fact design was appropriate
DES Encryption
Initial Permutation IP
Substitution Boxes S
consists of:
initial permutation of the key (PC1) which selects 56-bits in two 28-bit
halves
16 stages consisting of:
selecting 24-bits from each half
permuting them by PC2 for use in function f,
rotating each half separately either 1 or 2 places depending on the
key rotation schedule K
DES Decryption
decrypt must unwind steps of data computation
with Feistel design, do encryption steps again
using subkeys in reverse order (SK16 SK1)
note that IP undoes final FP step of encryption
1st round with SK16 undoes 16th encrypt round
.
16th round with SK1 undoes 1st encrypt round
then final FP undoes initial encryption IP
thus recovering original data value
Avalanche Effect
where a change of one input or key bit results in changing approx half
output bits
include
differential cryptanalysis
linear cryptanalysis
related key attacks
Differential Cryptanalysis
used to analyse most current block ciphers with varying degrees of success
Differential Cryptanalysis
design of S-P networks has output of function f influenced by both input &
key
hence cannot trace values back through cipher without knowing values of
the key
Differential Cryptanalysis
Compares Pairs of Encryptions
with a known difference in the input
searching for a known difference in output
when same subkeys are used
Differential Cryptanalysis
have some input difference giving some output difference with probability
p
then must iterate process over many rounds (with decreasing probabilities)
Differential Cryptanalysis
Differential Cryptanalysis
perform attack by repeatedly encrypting plaintext pairs with known input XOR until
obtain desired output XOR
when found
if intermediate rounds match required XOR have a right pair
if not then have a wrong pair, relative ratio is S/N for attack
can then deduce keys values for the rounds
right pairs suggest same key bits
wrong pairs give random values
for large numbers of rounds, probability is so low that more pairs are required than exist
with 64-bit inputs
Biham and Shamir have shown how a 13-round iterated characteristic can break the full
16-round DES
Linear Cryptanalysis
can attack DES with 247 known plaintexts, still in practise infeasible
Linear Cryptanalysis
number of rounds
more is better, exhaustive search best attack
function f:
provides confusion, is nonlinear, avalanche
key schedule
complex subkey creation, key avalanche
Modes of Operation
block ciphers encrypt fixed size blocks
eg. DES encrypts 64-bit blocks, with 56-bit key
need way to use in practise, given usually have arbitrary amount of
information to encrypt
four were defined for DES in ANSI standard ANSI X3.106-1983 Modes of
Use
subsequently now have 5 for DES and AES
have block and stream modes
each previous cipher blocks is chained with current plaintext block, hence
name
thus a change in the message affects all ciphertext blocks after the change as well
as the original block
note that the block cipher is used in encryption mode at both ends
Counter (CTR)
similar to OFB but encrypts counter value rather than any feedback value
must have a different key & counter value for every plaintext block (never
reused)
Ci = Pi XOR Oi
Oi = DESK1(i)
Counter (CTR)
efficiency
can do parallel encryptions
in advance of need
good for bursty high speed links
but must ensure never reuse key/counter values, otherwise could break (cf
OFB)