Sie sind auf Seite 1von 23

PRESENTATIONS IN NETWORK SECURITY

Principles of Information Security


Saad Haj Bakry, PhD, CEng, FIEE

Saad Haj Bakry, PhD, CEng, FIEE 1

Principles of Information Security

Objectives / Contents

Information Processing Error / Volume Control Steganography Hash Function Symmetric (Private Key) Encryption Asymmetric (Public Key) Encryption Cryptanalysis

Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Information Processing (1)


Coding signal in digital form. Source Encoding Compression Reduction of transmission bandwidth. Error Control Detection (and correction) of communication errors (noise). Testing traffic volume (volume Traffic confidentiality) Padding
Saad Haj Bakry, PhD, CEng, FIEE 3

Principles of Information Security

Information Processing (2)


Steganography Hiding Information within other
Hash Function Encryption
informatiom. Message summary to test integrity. Using encoding (encryption / enciphering) as means for protecting data from interception by unauthorized parties Breaking (cracking) encryption.
4

Cryptanalysis
Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Error Control (1)


PRINCIPLE:
Redundant Information to Detect / Correct Errors

FORWARD ERROR CORRECTION:


Hamming Reed-Solomon Codes Bose Chaudhuri Hocquenhem Codes
IT Security

ACKNOWLEDGEMENTS:
Echo Checking: Send Back

ARQ: Automatic Repeat Request


Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Error Control (2)


BYTE PARITY CHECK
BIT No. BITS

1 2 3

4 5 6 7

1
8 0

ODD PARITY

1 0 0 1 1 0 1

EVEN PARITY

Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Error Control (3)


BIT No. BITS

1 2 3

4 5 6 7

8 1

PARITY

1 0 0 1 1 0 1

BLOCK

BLOCK CHECKING

PARITY
Saad Haj Bakry, PhD, CEng, FIEE 7

Principles of Information Security

Traffic Padding METHOD:

OBJECTIVES:
CONFIDENTIALITY
FOR THE

VOLUME OF TRAFFIC
Saad Haj Bakry, PhD, CEng, FIEE

Filling idle periods with meaningless data (packets) that can be detected by the receiver. (Volume Testing & Control)
8

Principles of Information Security

Steganography (Hiding Information)


Objective: To hide information within other information
Examples:

Proof of Ownership:
Music recorded with frequencies not audible to humans

Message: David Owen Hidden Message: DO Watermarks


bank notes / papers /

Digital Watermark: Adobe PhotoShop


Saad Haj Bakry, PhD, CEng, FIEE

Solutions www.digimark.com www.conginity.com


9

www.adobe.com

Principles of Information Security

The Hash Function


Objective: Checking Message Integrity
Mathematical Function Applied to the Message Contents Message Message Digest

Hash Value Simple Function: adding up the 1s of the message

Hash Function

Collision: Messages with the same hash value Chance of Collision: Statistically insignificant
Messages can be checked but not reconstructed from their hash value
Saad Haj Bakry, PhD, CEng, FIEE 10

Principles of Information Security

Old Cryptographic Ciphers


Cipher
Substitution

Algorithm
Replacing a by b b by c c by d. of letters to become: odd followed by even

Example
information security becomes jogpsnbujpo tfdvsjuz information security becomes ifrain-nomto scrt-euiy information security becomes jgsbjo-opnup tdsu-fvjz
11

Transposition Changing the sequence

Both

Substitution and transposition together (see above)

Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Encryption: Basic Data Security Terms


Term
Plaintext
Cryptography

Definition
Source text / Unencrypted data Transforming plaintext to cipher text (encrypted text) using a cipher and a key Encrypted text / Incomprehensible data
A technique / A procedure / An algorithm (a computer science term) for encrypting data / messages

Cipher text
Cipher / Cryptosystem

A Key
Cryptanalysis

A string of digits used to encrypt data (like a password) / Longer keys lead to stronger encryption Breaking / cracking encryption
12

Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Secret-Key Cryptography (1)


Receiver Sender Plain Text

Symmetric Key Encrypt / Decrypt


Cipher Text

Communication Network Cipher Text Encrypt / Decrypt


Saad Haj Bakry, PhD, CEng, FIEE

Symmetric Key

Plain Text

Sender Receiver
13

Principles of Information Security

Secret-Key Cryptography (2)


Symmetric: Sender / Receiver Less Sophisticated: Relative to Public-Key More Efficient: Sending Large Amounts of Data

Problem (1): S-R Key Exchange


Problem (2): Many Keys One for Each Receiver
Saad Haj Bakry, PhD, CEng, FIEE 14

Principles of Information Security

Asymmetric Keys
Public
Transmission

Private
PUBLIC KEY
Transmission

PRIVATE KEY

Man y
to

One

PRIVATE KEY

to
Man y Public
Reception

PUBLIC KEY
15

One Private
Reception
Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Public-Key Cryptography (1/2)


Asymmetric: Sender / Receiver
Public Key:
Distributed Freely Started at the MIT in 1976 by: Whitfield Diffe Martin Hellman
Saad Haj Bakry, PhD, CEng, FIEE

Private Key:
Kept by the Owner

RSA P-K Algorithm:


Rivest / Shamir / Adleman, MIT 1977, RSA Inc. 1982 Used by Fortune 1000 e-Commerce Transactions
16

Principles of Information Security

Public-Key Cryptography (2/2)


Secret Key Exchange
Not Needed

The Two Keys are


Mathematically Related,
BUT Computationally

Infeasible to Deduce
Private Key from the Public Key

Per Organization:
One Public Key OnePrivate Key Not One Secret Key

Problem:
Requires high computer power / Not efficient for data volumes / Performance: Slower
17

per receiver.
Saad Haj Bakry, PhD, CEng, FIEE

Principles of Information Security

Public-Key: Case / Problem (1)


Customer
Organization Customer

Public Key

Problem:
Validation of customers

Customer

Networ k
Organization
Saad Haj Bakry, PhD, CEng, FIEE

identity

Organization

Private Key
18

Principles of Information Security

Public-Key: Case / Problem (2)


Customer
Customer Private Key

Problem:
Proving the

Networ k
Organization
Saad Haj Bakry, PhD, CEng, FIEE

identity
of the receiving organizations
19

Customer Public Key

Principles of Information Security

Public-Key: Combination / Solution


Customer
Organization

Public Key

Customer Private Key

Identities of both partners are authenticated


Organization
Saad Haj Bakry, PhD, CEng, FIEE

Networ k
Customer Public Key
20

Organization

Private Key

Principles of Information Security

Cryptanalysis
Objectives:

Attack to break key Test key strength

Key / Cipher-text Relationship:

Statistical nature

Plain-text knowledge

How: Analysis of encryption algorithm to find relations


between bits of encryption key and bits of cipher-text in order to determine key
Saad Haj Bakry, PhD, CEng, FIEE 21

Principles of Information Security

Remarks / Understanding

Error Control: against noise. Traffic padding: volume control. Steganography: hiding information.

Hash Function: measure of message integrity. Cryptography: confidential information


Key: length leads to strength. Symmetric: problems (key exchange / 1 key per receiver) Asymmetric: problems (processing / proof of identity) Cryptanalysis: key breaking.

Saad Haj Bakry, PhD, CEng, FIEE

22

Principles of Information Security

References

B.R. Elbert, Private Telecommunication Networks, Artech House, US, 1989. Telecommunications Management: Network Security, The National Computer Centre Limited, UK, 1992 K.H. Rosen, Elementary Number Theory and its Applications, 4th Edition, Addison Wesley / Longman, 1999. ISO Dictionary of Computer Science: The Standardized Vocabulary (23882), ISO, 1997. F. Botto, Dictionary of e-Business, Wiley (UK), 2000. H.M. Deitel, P.J. Deitel, K. Steinbuhler, e-Business and e-Commerce for Managers, Prentice-Hall (USA), 2001

Saad Haj Bakry, PhD, CEng, FIEE

23