Professional Documents
Culture Documents
DRPLecture 1234
DRPLecture 1234
(July-Nov 2013)
Lecture#1,#2,#3
1
The Great Cipher Mightier Than the
Sword: Example from 17th century France
3
Stuxnet – Stealthy disruption
without physical movement
• sometime between November 2009 and late
January 2010
• sabotage of the uranium enrichment facility at
Natanz – where the centrifuge operational
capacity has dropped over the past year by 30
percent
• The workers had been replacing the units at an
incredible rate — later estimates would indicate
around 1,000 centrifuges were swapped out
over a few months (unusual rate)
4
2002
5
Centrifuges – Fuel Enrichment
6
Stuxnet attack
• The Stuxnet worm
• its main target industrial control systems
• goal of modifying the code running in
Programmable Logic Controllers (PLCs)
• in order to make them deviate from their
expected behavior
7
Stuxnet attack
• Malicious stealthy code - designed to force
a change in the centrifuge’s rotor speed,
first raising the speed and then lowering it,
likely with the intention of inducing
excessive vibrations or distortions that
would destroy the centrifuge
• set back Iran’s progress in operating the
Fuel Enrichment Plant
8
Security in Digital world:
What it is about?
• Information Security
• Computer Security
• Network Security
• Systems Security
• Cryptography
• e-Commerce
• Virus/Worm/Malware
• Hacking
• Firewalls
• CIP – Critical Infrastructure Protection
9
Any thing…. Any where…..
Convergence…
Usable Apps – attack targets
•
Course Overview
• Curriculum/Structure
• Books
• Attendance policy
• Grading policy (relative grading)
• Exams – no open notes? open books?
• Course home page (google site)
16
Systems security
• Systems – Server, Ports, OS, Applications, Web,
Mail, DNS
• Cloud ??? Mobile ??? GPS???
• CIA
• Confidentiality – ciphers (e.g. AES)
• Integrity – hash functions (e.g. SHA3)
• Authentication – RBAC, Digital Certificate
• ACL – Access Control List
• Virus/Worm/Malware
• Security is a process not a product!
17
Network Security
• Firewalls, DMZ
• IPSEC, SSL
• Secure channel
• Security Associations
• Encrypted payload
• Secure Routing
• Intrusion Detection System (IDS)
• Intrusion Prevention System (IPS)
18
Attitudes of Cryptography
• 1976 - Cryptography - Black Art
• Today - It's a Popular Science
• 1976 - DES - details secret, strict export control
• 2001 - AES - through public scrutiny, freely
available strong Crypto
• Early attention –
• bigger problem was key establishment
channel <secure>
• Breaking algorithms
19
Ancient attackers…
Modern….
Traditional Security – Perimeter Defense
22
Fuel Transport,
Shipping
Power for
Switches
Power for storage and
SCADA
Fuel for Generators,
control system
Communicat
ion
Lubricants
Shipping
Telecom
SCADA SCADA
Communication Communication
Electricity
Other dependant Services
Fuel transport,
Oil & Gas Fuel for Shipping Government
Generators
Fuels, Lubricants Health
Fuel, Household Food/Water
services
Critical Infrastructure Dependency 23
Attacks on ICT: Motivation
• Theft of sensitive info.
• Disruption of service
• Illegal access to resources
24
Attacks – on confidentiality, integrity,
masquerading, non-repudiation, replay, <example
movie Cinema>
25
Classical Cryptography
• Classical Cryptography had only one
objective: Confidentiality keep
information (and communication) secret
• Kings’ secret message services
• two basic components of classical ciphers:
substitution (letters are replaced by other
letters)
• and transposition (hide the message
contents by rearranging the order of the
letters)
26
Classical Ciphers
• classical ciphers -- illustrate important basic
principles and common pitfalls
• Ciphers are further classified as:
• monoalphabetic - only one substitution/ transposition
is used
• polyalphabetic - where several substitutions/
transpositions are used
• several such ciphers may be concatenated together
to form a product cipher
• Steganography (hiding / concealing information)
• Machine ciphers (Rotor machines)
27
Transposition Cipher – Example 1
(Rail fence)
• Text is written down as a sequence of
diagonals (Rail fence) and then read of as a
sequence of rows.
• Plain text: Meet at five pm behind P lab.
• Written as Rail fence of depth 2:
M R P A T E L
O T R C V G N
33
Substitution Ciphers
• Symbols of the text are substituted with
another symbols of the same alphabet.
• DHIREN
• FJKTGP
34
Cryptosystem: generic
Definition
A CRYPTOSYSTEM is a 5-tuple (P,C,K ,E,D)
satisfying
36
Shift Cipher - revisited
37
Breaking simple Substitution ciphers
Mono-alphabetic substitution
• letters of the plain text alphabet are mapped on to
unique letters throughout the entire message text
40
Playfair cipher
• By Sir Charles Wheatstone in 1854 (named for his
friend B. Playfair)
42
Playfair – Encryption Rules
• Adjacent plaintext characters are paired (p1,p2).
p1 c3, p2 c4; pair (c3,c4) is defining cipher text
• Rule 1: If p1 and p2 are in distinct rows and columns, they
define the corners of a sub-matrix, with the remaining corners c3
and c4, c3 is the character in the same row as p1.
44
Playfair cipher - variant
• Another example of designing a Playfair cipher for
26-alphabet and 10 numerals, we can use 6 x 6
matrix that can accommodate all 36 symbols (without
equating I and J)
• Take a key phrase: Course No 821 Winter 2K05 Sem 7
Inf Sec and Cry by Patel H9
46
Hill cipher - Example
• Encrypt “Meet B” using a 2 X 2 Hill Cipher
• with the keys k = and decryption key k-1 =
47
Hill Cipher Example (Decryption)
• Decryption key K-1 =
48
Hill cipher ..
• Implementation issues
• Key generation and distribution
• Matrix and its inverse (elements (integer))
• Matrix Calculator (open source/on-line)
49
Polygram ciphers (attacks)
• polygram substitution ciphers (Playfair, Hill) are linear
transformation, and fall under known-plaintext attack.
• Frequency analysis (digrams)
51
Polyalphabetic substitution
• Key is taken from some known text (with
corresponding character value (0 to 25))
defining the shifting of underlying m.
52
Vigenère cipher - Vigenère table
• the Each of the 26 shift ciphers is laid out horizontally, with the
key letter for each cipher to its left.
• Plain text runs across the top.
• The cipher text is at the intersection of the row labeled key
letter “k” and the column labeled text letter “p”.
• Eg. Plain text “baby” – encrypted using key “abcd” bbdb
53
Vigenère cipher
• To encrypt a message, a key is needed that is as
long as the message. Usually the key is a repeating
keyword.
• To decrypt the cipher text, the key letter again
defines the row, and the position of ciphertext letter
in that row determines the column. The top letter on
that column is decrypted letter.
• E.g. Plain text: Meet at five pm behind P lab.
• Keyword phrase: confidential
54
Breaking Vigenère cipher
• The cryptanalyst looking only at the ciphertext
would detect the repeated sequences of
common digrams and trigrams, devise
common factors in the displacements of the
various sequences, and make good guess of
the keyword length.
• If the keyword is of length N, then the cipher
is consisting N mono-alphabetic substitution
ciphers.
• One can use the known frequency
characteristics of a plain text language to
attack each of the mono-alphabetic ciphers
separately.
• Refinement leads to eliminate periodic nature
of the keyword (very long keyword would
help).
55
Vigenère cipher
• Running-key Vigenère
If the key stream ki of a simple Vigenère is as long
as the plaintext, the cipher is called a running-key
cipher. For example, the key may be meaningful text
from a known book (properly synchronized).
• If the key has redundancy – cryptanalyst can exploit
statistical imbalances;
• E.g., when encrypting plaintext English characters
using a meaningful text as a running key,
cryptanalysis is possible based on the observation
that a significant proportion of ciphertext characters
results from the encryption of high-frequency running
text characters with high-frequency plaintext
characters. (unigram frequency analysis)
56
Vernam Cipher
• The system can be expressed as:
ci = mi ki – Encryption
mi = ci ki – Decryption
• where, mi = ith binary digit of plain text
• ki = ith binary digit of key material
• ci = ith binary digit of cipher text
• = exclusive-or (XOR) operation
59
Security of OTP
• A random key sequence “added” to a
nonrandom plaintext message produces a
completely random cipher-text message and no
amount of computing power can break that.
• Conditional security v/s un-conditional security
60
Machine ciphers (Mechanical)
• The Jefferson cylinder implements a poly-alphabetic
substitution cipher while avoiding complex
machinery, extensive user computations, and
Vigenère table.
61
Jefferson Cylinder
• On each disk, the letters A–Z are inscribed in a
(different) random ordering.
64
Rotor machines
• provide polyalphabetic substitution
• Internal cross-connections, providing a substitution using a
continuously changing alphabet
• The cipher key is defined by the fixed wheel wirings and initial
rotor positions
• Two properties desirable for security are: (1) long periods; and
(2) state changes (concerns the motion of rotors relative to each
other).
65
Rotor Machines
1. In indicating machines, ciphertext output
characters are indicated by means such as
lighted lamps or displayed characters in output
apertures.
2. In printing machines, ciphertext is printed or
typewritten onto an output medium such as
paper.
3. With on-line machines, output characters are
produced in electronic form suitable for direct
transmission over telecommunications media.
66
Enigma and M209 Cipher
67
Pocket code breaker
(with Morse code)
68
Steganography: Information Hiding
• Steganography hides the existence of a
message by transmitting information through
various carriers. Its goal is to prevent the
detection of a secret message.
69
The word steganography
• is of Greek origin and means "concealed
writing" from the Greek
words steganos meaning "covered or
protected", and graphein meaning "to write".
• Cryptography
– Conceals the meaning of message
• Steganography
– Conceals the existence of messages
70
Steganography: Classical example
• Prisoners used a ―tap code‖ to communicate
• Tap instruments…
• Availability in cell
• Tumbler
• Whistling
• Spoon (on anything)
• Fingers (on wall, on tumbler)
• Feet (on floor)
• Head (on wall)
72
Example – Spy message
• Apparently neutral’s protest is thoroughly
discounted and ignored. Isman hard hit.
Blockade issue affects pretext for embargo
on byproducts, ejecting suets and
vegetable oils.
• pershingsailsfromnyjunei
• pershing sails from ny june i
• Pershing sails from NY June 1 74
More classical techniques
• Pin puncture,
• over written characters,
• writing using invisible ink,
• Modified alphabet
75
Modern Steganography
• In a digital message, the secret information is inserted or
"hidden" into the ―container data‖ <any type of digital
data file>
• It doesn’t appear to be anything other than what it is eg.
A picture or music file.
• An encrypted file on the other hand cries out ‘I contain
sensitive information!!!’
• Computer files (images, sounds recordings, even disks)
contain unused or insignificant areas of data.
• Steganography takes advantage of these areas,
replacing them with information.
76
More techniques
• Holography
• IR controls
• Pagers
• Colored glasses to filter wavelengths
• Inks – magnetic, thermo-chromic, photo-
cromic
• Jargon speak
• Blank areas on Memory
• HTML code
77
Modern Techniques
• Least Significant Bit
• Low-Bit Encoding (image)
• Spread Spectrum
• Echo Data Hiding (audio)
• Perceptual Masking (audio–differential sounds)
• Discrete Cosine Transform (video)
• Textual steganography (spacing, coding)
• unused space in the packet headers
78
79
Demo
ABCD EFG HIJ
WZXY
IIT GN
Columbus
Pretoria
WiFi
Crisp Air
Wireless Communications
Robert
6453420002 USD
A6
BMW T4
A380
80
Digital Watermarking
• Steganography can also be used to place
a hidden "trademark" in images, music,
and software
• Using a variety of techniques -
images, music, movies can be imprinted
with digital watermarks.
• Digital watermarks - used as a means of
preventing modification
81
Digital Watermarking
• Method of embedding information into a digital
signal in a way that is difficult to remove.
• Visible Watermarking: Information is Visible
e.g. Company logo embedded in an image.
82
Invisible Watermarking
• Information is added as a digital data in an
audio, picture or video that cannot be
perceived as such
• Applications….
• Protection of Data alteration.
• Access Control System for digital content
Distribution
• E.g. apple music store
83
Security: Looking back
• The historical focus has been to try to
build a ―wall of protection‖ around the
system or network to protect it from
external threats
• this approach worked when organizations
were more centralized
• Today – highly connected world!!!!!
84