CHAPTER 1
INTRODUCTION1.1. Introduetion
‘The introduction of distributed systems, the impact of availability of communication
facilites, and the utility of networks for the transmission of information, brought in a revolution
in the area of network security. Network security deals with the measures that are required to
protect information which is in the process of transmission. As all the organizations dealing with
one activity or the other, interconnect their data processing equipment with a set of
interconnected networks, such a set of networks is known as internet, and the security of
information which is being transmitted by internet is known as Network Security.
Internet security mainly focuses its attention on the measures which are to be taken to
deter, prevent, detect and correct all sorts of security violations that involve the transmission of
information,
In the development of the mechanisms for all these measures, cryptography plays a
prominent role and it acts as the required foundation for the intemet security. Cryptography deals
with the conversion of information from one form to another wherein the latter can be
deciphered only by the person to whom it is intended.
In the last five decades, there is a splendid simultaneous growth in cryptography as well
as in the network security, as the cryptography is found to be an interesting area by itself, and it
has been a strong supporter of network security.
1.2, Basie Concepts of Network Security
‘The basic concepts in the area of network security are:
1. security attacks
2. security mechanisms
3. security services
1.2.1, Security Attacks
In the case of the normal flow of information, information flows from source to
destination. The source can be a file or the content of a region of the main memory of a
‘computer, and the destination can be another file, ora user, or it could be even another computer.
‘The different types of attacks which disruptor alter the normal flow are
a) interruption b) interception
¢) modification d) fabrication
PysWvERSITY >)
2 LIBRARY dalIn the case of interruption, an asset of the system is either destroyed or not available, For
example, the hard disk of the system is destroyed or the file management system is not
functioning properly.
In the case of interception, an unauthorized party gains access to an asset of a computer.
This is an attack on confidentiality and it may lead to copying of files or programs.
In the attack, named, modification, the values of data in a data file are altered or the
program is modified so that it will function in a different manner, This is an attack on integrity of
the information, In the case of fabrication, an unauthorized party may introduce false messages
into a network or add spurious records to a file. This will affect the authenticity of information.
The attacks on the flow of information can be classified into two types
1. passive attacks, and 2. active attacks,
‘The passive attacks are further divided into a) release of message content, and b) traffic
analysis,
In the case of the release of message content, we would like to prevent an opponent from
knowing the contents of the transmitted information, In the traffic analysis, though the opponent
is not able to know the content of the message, (as the message is generally encrypted) he /she
can determine the identity of communication parties and can find the frequency and the length of
the message which is being exchanged.
The active attacks are of four types
a) Masquerade) Replay c) modification of the message d) Denial of service
In the case of the masquerade, a person impersonates some other person and gathers
information which the individual under consideration is not supposed to have, Replay involves
passive capture of data and its transmission at a later time. In the modification of message, only
some portion of the message is altered so that the structure and the tempo are maintained. In the
denial of service, all messages directed to a particular destination are suppressed.
1.2.2, Security Mechanisms
There is no single mechanism for achieving security. However, encryption and
decryption play a major role in providing security, Thus the algorithms of cryptography are to be
designed in an effective manner so that they cannot be broken by any cryptanalytic attack,
1.2.3, Security Services
These services can be classified as follows:confidentiality 2) authentication 3) integrity
4) nonrepudiation 5) access control 6) availability
1.2.3.1, Confidentiality
Confidentiality protects transmitted data from passive attacks. If a person A sends a
message to B, then it will be known only to A and B, and no third party, say C, can have any
access to message, This is known as confidentiality. The other aspect of confidentiality is the
protection of traffic flow. Thus an attacker will not be able to know the related information such
as the source and destination, the frequency and the length of the information.
1.2.3.2, Authentication
Th the case of a message from a single source, authentication ensures that the source is
authentic (genuine). On the other hand, if one party communicating with another party, if both
the parties are authentic and no third party can masquerade as one or the two parties mentioned
earlier, then the service under consideration is known as authentication.
1.2.3.3, Integrity
In the case of any message, if there is no duplication, insertion, modification, reordering,
replay, then the message is said to have integrity.
1.2.3.4, Nonrepudiation
‘Nonrepudiation prevents both the sender and the receiver from denying a transmitted
message. Thus when a message is sent, the receiver can establish that, the message was in fact
sent by the alleged sender. Similarly when a message is received, the sender can prove that the
message was in fact received by the alleged receiver.
1.2.3.5, Access control
The principle of access control determines who should be able to access what. For
instance, we can specify that user A can view the records of a database but he cannot update
them. However, user B might be allowed to update also. An access control mechanism can be set
up to ensure this. Access control mechanism is broadly related to two areas
1) role management and, 2) rule management
Role management focuses its attention on the user, ie., which user can do what. On the
other hand, rule management is concerned with the resource side (Which resource is accessible
‘under what circumstances).12.3.6, Availability
A variety of security attacks can cause loss in the availability of information. Some of
these attacks can be opposed by automated counter measures such as authentication and
encryption, while the other variety of attacks can be counteracted only by physical action. The
principle of availability states that resources should be available to authorized parties at all times.
An example of non availability can be mentioned as follows. Due to intentional or unintentional
action of an unauthorized person or an attacker C, an authorized user A is not able to access a
server, say, S.
1.3, Basie concepts of cryptography
Cryptography is a branch of computer science which deals with the coding of messages
in one form into another form, Here it is to be noted that in the parlance of computer science &
engineering, a message is to be termed as a file wherein the file contains any type of data which
can be converted into binary form. It can be a data file, text file, image file, audio file, video file
ete.,
A message in its original form is called as plaintext, while the message in its coded form
is known as ciphertext, The process of converting the plaintext, into ciphertext is known as
‘encryption, (enciphering), while the process of converting the ciphertext into its corresponding
plaintext is called as decryption or deciphering. A cryptographic system which includes both
encryption and decryption is known as a cipher. Cryptanalysis deals with different techniques for
breaking a cipher. The areas of cryptography and cryptanalysis put together are called
cryptology. In the system of cryptography, key plays a fundamental role. A key is a set of
numbers which is used to transform the plaintext into a corresponding ciphertext. A key is called
as a secret key (symmetric key), public key, or private key depending upon its nature and utility.
In the development of the cryptographic algorithms diffusion and confusion play a vital
role, As a plaintext gets converted into binary bits, if the bits are scattered in all possible
directions (by the operation of the key ot by any operation on the plaintext), then the process is
known as diffusion. In view of this process the statistical properties of the data comprising the
plaintext will be disfigured and scattered significantly.
Confusion arises on account of the transposition of elements of a plaintext in a pell-mell
manner, This phenomenon comes into picture due to mixing of the binary bits or interlacing of
binary strings and relocation of the binary bits occurring in the plaintext or it may arise due to‘any permutation introduced into the cipher or due to a combination of some or all of the
aforementioned features, It can also be visualized as a consequence of substitution of one string
in the place of another string. Thus transposition and substitution play a primary role in creating
confusion and diffusion, and they stand as the fundamental building blocks of cryptography. In
addition to these, iteration (repetition of a process for several times) plays a dominating role in
strengthening a cipher,
In the development of cryptography, all the operations applied in the encryption
algorithm (i.¢., as we proceed from plaintext to ciphertext) must be reversible in the process of
decryption so that we can safely come back from the ciphertext to the plaintext.
All the algorithms in cryptography can be classified into (1) secret key algorithms and (2)
public key algorithms. They may also be termed as symmetric key algorithms and asymmetric
key algorithms respectively.
In the case of secret key algorithms, the key is shared by both the sender and the receiver.
On the other hand, in the public key algorithms, we use a pair of keys- one key for encryption
and the other key for decryption. The secret key algorithms are also classified into stream ciphers
and block ciphers, In a stream cipher, data in a plaintext is encrypted by taking one bit or one
byte (corresponding to a character) at a time, In the block cipher, a block of plaintext is
encrypted as a whole by taking a set of characters at a time.
In all the block ciphers, block size, key size, and the number of iterations (rounds) enrich
the strength of the algorithm.
Cryplanalysis is the most fundamental concept in the area of cryptography. It deals with
analytical techniques which determine whether a cipher can be broken or not. Having no
‘knowledge of the key, and knowing fully the algorithms for encryption and decryption, and
having some idea about plaintext and /or ciphertext or knowledge of pair of plaintext and
ciphertext, an analyst makes an attempt to determine the key (if possible) or at least a portion of
the message with which one can build up the rest, However, knowing the key is a lucky instance
to the analyst in case if he is an attacker,
The different types of elementary cryptanalytic attacks well known in the literature of
cryptography are: 1) ciphertext only attack (2) known plaintext attack (3) chosen plaintext attack
(4) chosen ciphertext attack and (5) chosen text attack. In all these attacks algorithms for
encryption and decryption are known. In the ciphertext only attack, ciphertext is also known.Basing upon the length of plaintext block, a procedure can be developed by exploring all
possible keys. This procedure is known as bruteforce attack. In the case of the known plaintext
attack we have the knowledge of as many plaintext and ciphertext pairs as we require. With the
help of these pairs, we develop a procedure for determining the key. In the case of chosen
plaintext attack, the plaintext is chosen in a special manner. Similarly, in the case of chosen
ciphertext attack, the ciphertext is chosen in specific manner having @ motive to break the cipher.
Tn the case of chosen text both the plaintext and the ciphertext are selected with equal
importance.
Here it is tobe noted that the validity ofa cipher cannot be taken to be granted unless i is
supported by cryptanalysis. However, the literature of cryptography suggests that the strength of
an algorithm can be estimated by examining avalanche effect. In this effect we change one
binary bit in the plaintext or the key and find the corresponding ciphertext. If this change of one
bit leads to a change in large number of bits of the ciphertext, then we can conclude that the
strength of the cipher is quite significant, and hence we can rely upon it.
‘It may be noted here that a cryptographic algorithm is to be designed such that it sustains
at least the ciphertext only attack, and the known plaintext attack (1).
1.4. Mathematical tools in cryptography
The basic concepts of mathematics which are utilized in the area of cryptography and
security are 1) modular arithmetic, 2) finite fields and 3) some principles of number theory. The
basic ideas related to the topics (1) and (2) are used in the development of block ciphers while
those of (3) are applied inthe public key cryptography.
In the present thesis, we have confined our attention to block ciphers, in which we have
made use of modular arithmetic and modular arithmetic inverse. Thus, here we discuss only
these two aspects. In addition to these, we deal with linear congruences which are used in
designing the block ciphers in this thesis,
Modular arithmetic
Ifais any integer and Nis a positive integer then we can form a elation of the form
a=qNtr (14)
where q and r satisfy the relations
la/N|
and0