Professional Documents
Culture Documents
UNIT I Introduction
Session Meta Data
Author R. Kishore
Reviewer
Version Number 1
2 v1
Revision History
3 v1
Session Objectives
• Introduce basic concepts of cryptography and network
security
• Study classical encryption techniques and foundations of
modern cryptography
4 v1
Session Outcomes
• At the end of this session, students will be able to
– Will be able to appreciate the requirements of cryptography and
network security
– Understand the fundamentals of networks security, security
architecture, threats and vulnerabilities
5 v1
Agenda
• Security Trends
• Introduction to Cryptography & Network Security
• Need for security
• Security attacks, services and mechanisms
• OSI security architecture
• Classical encryption techniques
• Foundations of modern cryptography
6 v1
Background
• Information Security requirements have changed in
recent times
• traditionally provided by physical and administrative
mechanisms
• computer use requires automated tools to protect files
and other stored information
• use of networks and communications links requires
measures to protect data during transmission
7 v1
Definitions
• Computer Security - generic name for the collection of
tools designed to protect data and to thwart hackers
• Network Security - measures to protect data during their
transmission
• Internet Security - measures to protect data during their
transmission over a collection of interconnected
networks
8 v1
Definitions
• Three key objectives that are at the heart of computer
security
• Confidentiality: This term covers two related concepts
– Data confidentiality: Assures that private or confidential
information is not made available or disclosed to unauthorized
individuals.
– Privacy: Assures that individuals control or influence what
information related to them may be collected and stored and by
whom and to whom that information may be disclosed.
• Integrity: This term covers two related concepts
– Data integrity: Assures that information and programs are
changed only in a specified and authorized manner.
– System integrity: Assures that a system performs its intended
function in an unimpaired manner, free from deliberate or
inadvertent unauthorized manipulation of the system.
• Availability: Assures that systems work promptly and
9
service is not denied to authorized
v1
users.
Security Requirements Triad
10 v1
Security Requirements Triad
• Definitions
– Confidentiality: Preserving authorized restrictions on
information access and disclosure, including means for
protecting personal privacy and proprietary information. A loss of
confidentiality is the unauthorized disclosure of information.
– Integrity: Guarding against improper information modification or
destruction, including ensuring information nonrepudiation and
authenticity. A loss of integrity is the unauthorized modification or
destruction of information.
– Availability: Ensuring timely and reliable access to and use of
information. A loss of availability is the disruption of access to or
use of information or an information system.
11 v1
Security Requirements Triad
• Additional concepts are needed to present a complete
picture
– Authenticity: The property of being genuine and being able to
be verified and trusted; confidence in the validity of a
transmission, a message, or message originator. This means
verifying that users are who they say they are and that each
input arriving at the system came from a trusted source.
– Accountability: The security goal that generates the
requirement for actions of an entity to be traced uniquely to that
entity. This supports nonrepudiation, deterrence, fault isolation,
intrusion detection and prevention, and after-action recovery and
legal action. Because truly secure systems are not yet an
achievable goal, we must be able to trace a security breach to a
responsible party. Systems must keep records of their activities
to permit later forensic analysis to trace security breaches or to
aid in transaction disputes.
12 v1
Security Trends
• Focus is on Security Issues which consists of measures
to deter, prevent, detect, and correct security violations
that involve the transmission & storage of information
13 v1
Security Trends
• Computer Emergency
Response Team
(CERT) Coordination
Center (CERT/CC)
– The trend in Internet-
related vulnerabilities
reported to CERT over
a 10-year period.
– These include security
weaknesses in the
operating systems of
attached computers
(e.g., Windows, Linux)
as well as
– vulnerabilities in
Internet routers and
other network devices.
14 v1
Security Trends
• Number of security
related incidents reported
to CERT
– Includes denial of service
attacks; IP spoofing
– Intruders create packets
with false IP addresses and
exploit applications that use
authentication based on IP;
and various forms of
eavesdropping and packet
sniffing, in which attackers
read transmitted info.,
including logon information
and database contents.
15 v1
Security Trends
16 v1
Services, Mechanisms & Attacks
• need systematic way to define requirements
• consider three aspects of information security:
– security attack
– security mechanism
– security service
• consider in reverse order
17 v1
Security Service
• is something that enhances the security of the data
processing systems and the information transfers of an
organization
• intended to counter security attacks
• make use of one or more security mechanisms to
provide the service
• replicate functions normally associated with physical
documents
– eg. have signatures, dates; need protection from disclosure,
tampering, or destruction; be notarized or witnessed; be
recorded or licensed
18 v1
Security Mechanism
• a mechanism that is designed to detect, prevent, or
recover from a security attack
• no single mechanism that will support all functions
required
• however one particular element underlies many of the
security mechanisms in use: cryptographic techniques
• hence our focus on this area
19 v1
Security Attacks
• any action that compromises the security of information
owned by an organization
• information security is about how to prevent attacks, or
failing that, to detect attacks on information-based
systems
• have a wide range of attacks
• can focus on generic types of attacks
• note: often threat & attack mean same
20 v1
OSI Security Architecture
• ITU-T X.800 Security Architecture for OSI
• defines a systematic way of defining and providing
security requirements
• for us it provides a useful, if abstract, overview of
concepts we will study
21 v1
Aspects of Security
• consider 3 aspects of information security:
– security attack
– security mechanism
– security service
22 v1
Security Attack
• Often threat & attack used to mean same thing
– Threat
• A potential for violation of security, which exists when there is a
circumstance, capability, action, or event that could breach security
and cause harm. That is, a threat is a possible danger that might
exploit a vulnerability.
– Attack
• An assault on system security that derives from an intelligent threat;
that is, an intelligent act that is a deliberate attempt (especially in
the sense of a method or technique) to evade security services and
violate the security policy of a system.
• generic types of attacks
– passive
– active
23 v1
Security Attack Classification
• passive attacks - eavesdropping on, or monitoring of,
transmissions to:
– obtain message contents, or
– monitor traffic flows
• active attacks – modification of data stream to:
– masquerade of one entity as some other
– replay previous messages
– modify messages in transit
– denial of service
24 v1
Passive attacks
25 v1
Passive Attacks
• Traffic analysis
26 v1
Active attacks
• Masquerade
27 v1
Active attacks
• Replay
28 v1
Active attacks
• Denial of Service (DoS)
29 v1
Active attacks
• Modification of messages
30 v1
Security Services
• X.800 defines it as: a service provided by a protocol
layer of communicating open systems, which ensures
adequate security of the systems or of data transfers
• RFC 2828 defines it as: a processing or communication
service provided by a system to give a specific kind of
protection to system resources
• X.800 defines it in 5 major categories
31 v1
Security Services (X.800)
• Authentication - assurance that the communicating entity
is the one claimed
• Access Control - prevention of the unauthorized use of a
resource
• Data Confidentiality –protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is as sent
by an authorized entity
• Non-Repudiation - protection against denial by one of
the parties in a communication
32 v1
Security Services (X.800)
33 v1
Security Mechanisms (X.800)
• specific security mechanisms:
– encipherment, digital signatures, access controls, data integrity,
authentication exchange, traffic padding, routing control,
notarization
• pervasive security mechanisms:
– trusted functionality, security labels, event detection, security
audit trails, security recovery
34 v1
Security Mechanisms (X.800)
35 v1
Relationship between security services & mechanisms
36 v1
Model for Network Security
37 v1
Model for Network Security
• using this model requires us to:
– design a suitable algorithm for the security transformation
– generate the secret information (keys) used by the algorithm
– develop methods to distribute and share the secret information
– specify a protocol enabling the principals to use the
transformation and secret information for a security service
38 v1
Model for Network Access Security
39 v1
Model for Network Access Security
• using this model requires us to:
– select appropriate gatekeeper functions to identify users
– implement security controls to ensure only authorised users
access designated information or resources
• trusted computer systems can be used to implement this
model
40 v1
Classical Encryption Techniques
• Symmetric Encryption
– or conventional / private-key / single-key
– sender and recipient share a common key
– all classical encryption algorithms are private-key
– was only type prior to invention of public-key in 1970’s
– and by far most widely used
41 v1
Basic Terminology
• plaintext - the original message
• ciphertext - the coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - the study of principles/
methods of deciphering ciphertext without knowing key
• cryptology - the field of both cryptography and
cryptanalysis
42 v1
Symmetric Cipher Model
43 v1
Model of Symmetric Cryptosystem
44 v1
Requirements
• two requirements for secure use of symmetric
encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
• Y = EK(X)
• X = DK(Y)
• assume encryption algorithm is known
• implies a secure channel to distribute key
45 v1
Cryptography
• characterize cryptographic system by:
– type of encryption operations used
• substitution / transposition / product
– number of keys used
• single-key or private / two-key or public
– way in which plaintext is processed
• block / stream
46 v1
Cryptanalysis
• objective to recover key not just message
– general approaches:
• cryptanalytic attack
• brute-force attack
47 v1
Types of Cryptanalytic Attacks
• ciphertext only
– only know algorithm / ciphertext, statistical, can identify plaintext
• known plaintext
– know/suspect plaintext & ciphertext to attack cipher
• chosen plaintext
– select plaintext and obtain ciphertext to attack cipher
• chosen ciphertext
– select ciphertext and obtain plaintext to attack cipher
• chosen text
– select either plaintext or ciphertext to en/decrypt to attack cipher
48 v1
Types of attacks on encrypted messages
49 v1
More Definitions
• unconditional security
– no matter how much computer power or time is available, the
cipher cannot be broken since the ciphertext provides insufficient
information to uniquely determine the corresponding plaintext
• computational security
– given limited computing resources (eg time needed for
calculations is greater than age of universe), the cipher cannot
be broken
50 v1
Brute Force Search
• always possible to simply try every key
• most basic attack, proportional to key size
• assume either know / recognise plaintext
51 v1
Classical Substitution Ciphers
• where letters of plaintext are replaced by other letters or
by numbers or symbols
• or if plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns with
ciphertext bit patterns
52 v1
Caesar Cipher
• earliest known substitution cipher
• by Julius Caesar
• first attested use in military affairs
• replaces each letter by 3rd letter
• example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
53 v1
Caesar Cipher
• can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
• mathematically give each letter a number
a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
• then have Caesar cipher as:
C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)
54 v1
Caesar Cipher
55 v1
Cryptanalysis to Caesar cipher
• only have 26 possible ciphers
– A maps to A,B,..Z
• could simply try each in turn
• a brute force search
• given ciphertext, just try all shifts of letters
• do need to recognize when have plaintext
• eg. break ciphertext "PHHW PH DIWHU WKH WRJD SDUWB"
56 v1
Cryptanalysis to Caesar cipher
57 v1
Monoalphabetic Cipher
• rather than just shifting the alphabet
• could shuffle (jumble) the letters arbitrarily
• each plaintext letter maps to a different random
ciphertext letter
• hence key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
58 v1
Monoalphabetic Cipher
59 v1
Monoalphabetic Cipher
60 v1
Monoalphabetic Cipher Security
• now have a total of 26! = 4 x 10^26 keys
• with so many keys, might think is secure
• but would be !!!WRONG!!!
• problem is language characteristics
61 v1
Language Redundancy and Cryptanalysis
• human languages are redundant
• eg "th lrd s m shphrd shll nt wnt"
• letters are not equally commonly used
• in English E is by far the most common letter
– followed by T,R,N,I,O,A,S
• other letters like Z,J,K,Q,X are fairly rare
• have tables of single, double & triple letter
frequencies for various languages
62 v1
English letter frequencies
63 v1
Frequencies of letters in ciphertext
64 v1
Comparing the frequencies of occurrences
• Comparing, it can be predicted that cipher letters P and
Z are the equivalents of plain letters e and t, but it is not
certain which is which
• The letters S, U, O, M, and H are all of relatively high
frequency and probably correspond to plain letters from
the set {a, h, i, n, o, r, s}.
• The letters with the lowest frequencies (namely, A, B, G,
Y, I, J) are likely included in the set {b, j, k, q, v, x, z}.
65 v1
Example Cryptanalysis
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• count relative letter frequencies (see text)
• guess P & Z are e and t
• guess ZW is th and hence ZWP is the
67 v1
Playfair cipher matrix
• a 5X5 matrix of letters based on a keyword
• fill in letters of keyword (sans duplicates)
• fill rest of matrix with other letters
• eg. using the keyword MONARCHY
– The matrix is constructed by filling in the letters of the keyword
(minus duplicates) from left to right and from top to bottom, and
then filling in the remainder of the matrix with the remaining
letters in alphabetic order. The letters I and J count as one letter.
68 v1
Playfair cipher encryption
• Plaintext is encrypted two letters at a time, according to
the following rules:
– Repeating plaintext letters that are in the same pair are
separated with a filler letter, such as x, so that balloon would be
treated as ba lx lo on.
– Two plaintext letters that fall in the same row of the matrix are
each replaced by the letter to the right, with the first element of
the row circularly following the last. For example, ar is encrypted
as RM.
– Two plaintext letters that fall in the same column are each
replaced by the letter beneath, with the top element of the
column circularly following the last. For example, mu is
encrypted as CM.
– Otherwise, each plaintext letter in a pair is replaced by the letter
that lies in its own row and the column occupied by the other
plaintext letter. Thus, hs becomes BP and ea becomes IM (or
69 JM, as the encipherer wishes).
v1
Security of Playfair Cipher
• security much improved over monoalphabetic
• since have 26 x 26 = 676 digrams
• would need a 676 entry frequency table to analyse
(verses 26 for a monoalphabetic)
• and correspondingly more ciphertext
• was widely used for many years (eg. US & British
military in WW1)
• it can be broken, given a few hundred letters
• since still has much of plaintext structure
70 v1
Polyalphabetic substitution ciphers
• another approach to improving security is to use multiple
cipher alphabets
• called polyalphabetic substitution ciphers
• makes cryptanalysis harder with more alphabets to
guess and flatter frequency distribution
• use a key to select which alphabet is used for each letter
of the message
• use each alphabet in turn
• repeat from start after end of key is reached
71 v1
Vigenère Cipher
• simplest polyalphabetic substitution cipher
• effectively multiple caesar ciphers
• key is multiple letters long K = k1 k2 ... kd
• ith letter specifies ith alphabet to use
• use each alphabet in turn
• repeat from start after d letters in message
• decryption simply works in reverse
72 v1
Vigenère Cipher
73 v1
Vigenère Cipher
74 v1
Vigenère Cipher
• write the plaintext out
• write the keyword repeated above it
• use each key letter as a caesar cipher key
• encrypt the corresponding plaintext letter
• eg using keyword deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
75 v1
Security of Vigenère Ciphers
• have multiple ciphertext letters for each plaintext letter
• hence letter frequencies are obscured
• but not totally lost
76 v1
One-Time Pad
• The One-Time Pad is an evolution of the Vernham
cipher, which was invented by Gilbert Vernham in 1918,
and used a long tape of random letters to encrypt the
message.
– An Army Signal Corp officer, Joseph Mauborgne, proposed an
improvement using a random key that was truly as long as the
message, with no repetitions, which thus totally obscures the
original message.
– It produces random output that bears no statistical relationship to
the plaintext.
– Because the ciphertext contains no information whatsoever
about the plaintext, there is simply no way to break the code,
since any plaintext can be mapped to any ciphertext given some
key.
77 v1
Difficulties with one-time pad
• The one-time pad offers complete security but, in
practice, has two fundamental difficulties:
– There is the practical problem of making large quantities of
random keys.
– And the problem of key distribution and protection, where for
every message to be sent, a key of equal length is needed by
both sender and receiver.
• Because of these difficulties, the one-time pad is of
limited utility, and is useful primarily for low-bandwidth
channels requiring very high security.
78 v1
Transposition Ciphers
• now consider classical transposition or permutation
ciphers
• these hide the message by rearranging the letter order
• without altering the actual letters used
• can recognise these since have the same frequency
distribution as the original text
79 v1
Transposition Ciphers
80 v1
Rail Fence cipher
• write message letters out diagonally over a number of
rows
• then read off cipher row by row
• eg. write message out as:
m e m a t r h t g p r y
e t e f e t e o a a t
• giving ciphertext
MEMATRHTGPRYETEFETEOAAT
81 v1
Row Transposition Ciphers
• a more complex scheme
• write letters of message out in rows over a specified
number of columns
• then reorder the columns according to some key before
reading off the rows
Key: 3 4 2 1 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
82 v1
Product Ciphers
• ciphers using substitutions or transpositions are not
secure because of language characteristics
• hence consider using several ciphers in succession to
make harder, but:
– two substitutions make a more complex substitution
– two transpositions make more complex transposition
– but a substitution followed by a transposition makes a new much
harder cipher
• this is bridge from classical to modern ciphers
83 v1
P Box
84 v1
S - box
85 v1
Product block
86 v1
Product Ciphers
• ciphers using substitutions or transpositions are not
secure because of language characteristics
• hence consider using several ciphers in succession to
make harder, but:
– two substitutions make a more complex substitution
– two transpositions make more complex transposition
– but a substitution followed by a transposition makes a new much
harder cipher
• this is bridge from classical to modern ciphers
87 v1
Rotor Machines
• before modern ciphers, rotor machines were most
common product cipher
• were widely used in WW2
– German Enigma, Allied Hagelin, Japanese Purple
• implemented a very complex, varying substitution cipher
• used a series of cylinders, each giving one substitution,
which rotated and changed after each letter was
encrypted
• with 3 cylinders have 26^3=17576 alphabets
88 v1
Rotor Machines
• The basic principle of the rotor machine is illustrated in
Figure.
– The machine consists of a set of independently rotating cylinders
through which electrical pulses can flow.
– Each cylinder has 26 input pins and 26 output pins, with internal
wiring that connects each input pin to a unique output pin.
– For simplicity, only three of the internal connections in each
cylinder are shown.
89 v1
Rotor Machines
90 v1
Rotor Machines
• If we associate each input and output pin with a letter of
the alphabet, then a single cylinder defines a
monoalphabetic substitution
– For example, in Figure if an operator depresses the key for the
letter A, an electric signal is applied to the first pin of the first
cylinder and flows through the internal connection to the twenty-
fifth output pin.
– A single-cylinder system is trivial and does not present a
formidable cryptanalytic task.
– The power of the rotor machine is in the use of multiple
cylinders, in which the output pins of one cylinder are connected
to the input pins of the next.
– Figure shows a three-cylinder system. The left half of the figure
shows a position in which the input from the operator to the first
pin (plaintext letter a) is routed through the three cylinders to
appear at the output of the second pin (ciphertext letter B).
91 v1
Rotor Machines
• With multiple cylinders,
– the one closest to the operator input rotates one pin position with
each keystroke.
– The right half of Figure shows the system’s configuration after a
single keystroke.
– For every complete rotation of the inner cylinder, the middle
cylinder rotates one pin position.
– Finally, for every complete rotation of the middle cylinder, the
outer cylinder rotates one pin position.
– This is the same type of operation seen with an odometer. The
result is that there are 26 * 26 * 26 = 17,576 different substitution
alphabets used before the system repeats.
– The addition of fourth and fifth rotors results in periods of
456,976 and 11,881,376 letters, respectively, referred to as five-
rotor machine
92 v1
Rotor Machines
Hagelin Rotor Machine
93 v1
Steganography
• an alternative to encryption
• hides existence of message
– using only a subset of letters/words in a longer message marked
in some way
– using invisible ink
– hiding in LSB in graphic image or sound file
• has drawbacks
– high overhead to hide relatively few info bits
94 v1
Steganography
• Various other techniques have been used historically;
some examples are the following:
– Character marking: Selected letters of printed or typewritten
text are over-written in pencil. The marks are ordinarily not
visible unless the paper is held at an angle to bright light.
– Invisible ink: A number of substances can be used for writing
but leave no visible trace until heat or some chemical is applied
to the paper.
– Pin punctures: Small pin punctures on selected letters are
ordinarily not visible unless the paper is held up in front of a light.
– Typewriter correction ribbon: Used between lines typed with a
black ribbon, the results of typing with the correction tape are
visible only under a strong light.
95 v1
Steganography
96 v1
Summary
• Discussed
– Need for security
– Model for network security
– Classical encryption techniques
– Foundations of modern cryptography
97 v1
Test your understanding
1. Discuss few important security requirements
2. Point out how the security requirements are satisfied by
encryption and decryption techniques
98 v1
References
• William Stallings, Cryptography and Network Security: Principles and Practice, PHI 3rd Edition,
2006.
99 v1