Professional Documents
Culture Documents
The time required to break the cipher exceeds the useful lifetime of the information
Cryptography: a word with Greek origins, means “secret writing.” However, we use the term to
refer to the science and art of transforming messages to make them secure and immune to
attacks.
Cryptanalysis: Techniques for deciphering a message without any knowledge of enciphering
details.
Cryptology: Cryptography + Cryptanalysis
1.Confidentiality:
Data confidentiality: Assures that private or confidential information is not made available or
disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information related to them may be
collected and stored and by whom and to whom that information may be disclosed.
2. Integrity::
Data integrity: Assures that information and programs are changed only in a specified and
authorized manner.
System integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
3.Availability: Assures that systems work promptly and service is not denied to authorized
users.
These three concepts form what is often referred to as the CIA triad as shown in fig.1.1. The
three concepts embody the fundamental security objectives for both data and for information
and computing services.
2
Fig1.1Security Requirement Triad
OSI SECURITY ARCHITECTURE:
The Open Systems Interconnection (OSI) security architecture provides a systematic
framework for defining security attacks, mechanisms, and services.
Security attacks are classified as either passive attacks, which include unauthorized
reading of a message of file and traffic analysis or active attacks, such as modification of
messages or files, and denial of service.
A security mechanism is any process that is designed to detect, prevent, or recover from
a security attack.
Examples of mechanisms are encryption algorithms, digital signatures, and
authentication protocols.
Security services include authentication, access control, data confidentiality, data
integrity, nonrepudiation, and availability.
To assess effectively the security needs of an organization and to evaluate and choose various
security products and policies, the manager responsible for security needs some systematic
way of defining the requirements for security and characterizing the approaches to satisfying
those requirements. This is difficult enough in a centralized data processing environment; with
the use of local and wide area networks, the problems are compounded.
The OSI security architecture focuses on security attacks, mechanisms, and services. These
can be defined briefly as
• Security attack: Any action that compromises the security of information owned by an
organization.
• Security mechanism: A process (or a device incorporating such a process) that is designed
to detect, prevent, or recover from a security attack.
• Security service: A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization. The services are
intended to counter security attacks, and they make use of one or more security mechanisms to
provide the service.
3
SECURITY PROBLEMS IN COMPUTING
Security is not as simple as it might first appear to the novice. The requirements seem
to be straightforward; indeed, most of the major requirements for security services can
be given self-explanatory, one-word labels: confidentiality, authentication, non
repudiation, or integrity. But the mechanisms used to meet those requirements can be
quite complex.
The procedures used to provide particular services are often counter intuitive. Typically,
a security mechanism is complex, and it is not obvious from the statement of a particular
requirement that such elaborate measures are needed. It is only when the various
aspects of the threat are considered that elaborate security mechanisms make sense.
Security mechanisms typically involve more than a particular algorithm or protocol. They
also require that participants be in possession of some secret information (e.g., an
encryption key), which raises questions about the creation, distribution, and protection of
that secret information. There also may be a reliance on communications protocols
whose behavior may complicate the task of developing the security mechanism. For
example, if the proper functioning of the security mechanism requires setting time limits
on the transit time of a message from sender to receiver, then any protocol or network
that introduces variable, unpredictable delays may render such time limits meaningless.
Computer and network security is essentially a battle of wits between a perpetrator who
tries to find holes and the designer or administrator who tries to close them. The great
advantage that the attacker has is that he or she need only find a single weakness, while
the designer must find and eliminate all weaknesses to achieve perfect security.
There is a natural tendency on the part of users and system managers to perceive little
benefit from security investment until a security failure occurs.
Security requires regular, even constant,monitoring, and this is difficult in today’s short-
term, overloaded environment.
4
Security is still too often an afterthought to be incorporated into a system after the design
is complete rather than being an integral part of the design process.
Many users and even security administrators view strong security as an imped iment to
efficient and user-friendly operation of an information system or use of information.
To assess effectively the security needs of an organization and to evaluate and choose
various security products and policies, the manager responsible for security needs some
systematic way of defining the requirements for security and characterizing the
approaches to satisfying those requirements. This is difficult enough in a centralized
data processing environment; with the use of local and wide area networks, the
problems are compounded.
The OSI security architecture focuses on security attacks, mechanisms, and services. These
can be defined briefly as
• Security attack: Any action that compromises the security of information owned by an
organization.
• Security mechanism: A process (or a device incorporating such a process) that is designed
to detect, prevent, or recover from a security attack.
• Security service: A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization. The services are
intended to counter security attacks, and they make use of one or more security mechanisms to
provide the service.
Threat
A potential for violation of security, which exists when there is a circumstance, capability, action,
or event that could breach security and cause harm. A threat is a possible danger that might
exploit a vulnerability.
SECURITY SERVICES:
A processing service or communication service that enhances the security of the data
processing systems and the information transfers of an organization. The services are
intended to counter security attacks, and they make use of one or more security
mechanisms to provide the service. X.800 divides these services into five categories and
fourteen specific services. That are,
6
ii. Nonrepudiation, Destination: Proof that the message was received by the
specified party.
SECURITY ATTACKS:
Passive attacks
Active attacks
PASSIVE ATTACKS
A passive attack attempts to learn or make use of information from the system but does
not affect system resources. The goal of the opponent is to obtain information that is
being transmitted. Two types of passive attacks are,
Traffic Analysis: The opponent could determine the location and identity of
communicating hosts and could observe the frequency and length of messages being
exchanged but could not extract the information available in the message. The
determined information might be useful in guessing the nature of the communication that
was taking place as shown in fig.1.3 .
7
Fig.1.3 Traffic Analysis
ACTIVE ATTACKS
Active attacks involve some modification of the data stream or the creation of a false
stream and can be subdivided into four categories that are,
Masquerade,
Replay,
Modification of messages
Denial of service.
Masquerade: A masquerade takes place when one entity pretends to be a different entity as
shown in figure 1.4. Authentication sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling an authorized entity with few privileges
to obtain extra privileges
Fig.1.4 Masquerade
Replay: involves the passive capture of a data unit and its subsequent retransmission to
8
produce an unauthorized effect as shown in figure 1.5
Fig.1.5 Replay
Modification of messages simply means that some portion of a legitimate message is altered,
or that messages are delayed or reordered, to produce an unauthorized effect as shown in
figure 1.6.
SECURITY MECHANISM
Specific Security Mechanisms: May be incorporated into the appropriate protocol layer in
order to provide some of the OSI security services. It may be,
Pervasive Security Mechanisms: Mechanisms those are not specific to any particular OSI
security service or protocol layer. It may be,
A message is to be transferred from one party to another across some sort of Internet service.
The two parties, who are the principals in the transaction, must cooperate for the exchange to
take place. A logical information channel is established by defining a route through the Internet
from source to destination and by the cooperative use of communication protocols (e.g.,TCP/IP)
by the two principals. Security aspects come into play when it is necessary or desirable to
protect the information transmission from an opponent who may present a threat to
confidentiality, authenticity etc.
11
A trusted third party may be needed to achieve secure transmission. For example, a third party
may be responsible for distributing the secret information to the two principals while keeping it
from any opponent. Or a third party may be needed to arbitrate disputes between the two
principals concerning the authenticity of a message transmission.
Fig.1.8 shows that there are four basic tasks in designing a particular security service:
A message is to be transferred from one party to another across some sort of Internet service.
The two parties, who are the principals in the transaction, must cooperate for the exchange to
take place. A logical information channel is established by defining a route through the Internet
from source to destination and by the cooperative use of communication protocols (e.g.,TCP/IP)
by the two principals. Security aspects come into play when it is necessary or desirable to
protect the information transmission from an opponent who may present a threat to
confidentiality, authenticity etc.
12
A security-related transformation on the information to be sent. Examples include the
encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be
used to verify the identity of the sender.
Some secret information shared by the two principals and, it is hoped, unknown to the
opponent. An example is an encryption key used in conjunction with the transformation to
scramble the message before transmission and unscramble it on reception.
A trusted third party may be needed to achieve secure transmission. For example, a third party
may be responsible for distributing the secret information to the two principals while keeping it
from any opponent. Or a third party may be needed to arbitrate disputes between the two
principals concerning the authenticity of a message transmission.
The general model shows that there are four basic tasks in designing a particular security
service:
A general model of the other situations is illustrated in figure1.9 which reflects a concern
for protecting an information system from unwanted access. The hacker can be someone who,
with no malignintent, simply gets satisfaction from breaking and entering a computer system.
Or, the intruder can be a disgruntled employee who wishes to do damage, or a criminal who
seeks to exploit computer assets for financial gain (e.g., obtaining credit card numbers or
performing illegal money transfers).
.
Fig.1.9 Network Access Security Model
13
Another type of unwanted access is the placement in a computer system of logic that exploits
vulnerabilities in the system and that can affect application programs as well as utility programs,
such as editors and compilers. Programs can present two kinds of threats:
Information access threats intercept or modify data on behalf of users who should not
have access to that data.
Service threats exploit service flaws in computers to inhibit use by legitimate users.
Viruses and worms are two examples of software attacks. Such attacks can be introduced
into a system by means of a disk that contains the unwanted logic concealed in otherwise useful
software. They can also be inserted into a system across a network; this latter mechanism is of
more concern in network security.
The security mechanisms needed to cope with unwanted access fall into two broad categories.
The first category might be termed a gatekeeper function. It includes password-based login
procedures that are designed to deny access to all but authorized users and screening logic that
is designed to detect and reject worms, viruses, and other similar attacks. Once either an
unwanted user or unwanted software gains access, the second line of defense consists of a
variety of internal controls that monitor activity and analyze stored information in an attempt to
detect the presence of unwanted intruders.
In some situations it is required that a communication signal be difficult to detect, and difficult
to demodulate even when detected. In other situations a signal is required that is difficult to
interfere with, or ‘jam’. The ‘spread spectrum’ signal has properties which help to achieve these
ends. Spread spectrum signals may be divided into two main groups - Direct sequence spread
spectrum (DSSS), and frequency hopping spread spectrum (FHSS).
The direct sequence (DS) (or pseudo noise—PN) is an averaging type system where the
reduction of interference takes place because the interference can be averaged over a large
time interval. The frequency-hopping (FH) and time-hopping (TH) systems are avoidance
systems. Here, the reduction in interference occurs because the signal is made to avoid the
interference a large fraction of the time.
14
Fig.1.10 Block diagram of DSSS Transmitter
The information signal, b(t) [with symbol rate 1/T], is multiplied by a unique, high-rate
digital spreading code, c(t), that has many [~100] zero crossings per symbol/bit interval
The Spreading Code, c(t), is periodic with a period of T sec. [the source symbol period]
Bandwidth spread by code bits (called Chips) before transmission
The transmitted signal, b(t)c(t) is wideband and has the bandwidth of the spreading code
At the transmitter (eg, a cellular Base Station), Multiple Signals are combined on to
oneradio frequency channel
In IS-95: Only transmit rf bits when there is active speech
One of the common methods to spread the transmission spectrum of a data signal is to
(pseudo) randomly hop the data signal over different carrier frequencies. This spreading
method is called frequency hop spread spectrum (FH-SS). Usually, the available band is
divided into non-overlapping frequency bins. The data signal occupies one and only one
bin for a duration Tc and hops to another bin afterward. When the hopping rate is faster
than the symbol rate, the FH scheme is referred to as fast hopping. Otherwise, it is
referred to as slow hopping.
Frequency hopping entails the transmission carrier frequency hopping between available
channels within the spread-spectrum band. A narrow spectral band and an individual
carrier frequency at the center of the band define each transmitted channel. Successive
carrier frequencies are chosen in accordance with the pseudo-random phases of the
spreading code sequence.
(1) Fast frequency hopping where one complete, or a fraction of the data symbol, is
transmitted within the duration between carrier hops. Consequently, for a binary system,
the frequency hopping rate may exceed the data bit rate.
(2) On the other hand, in a slow frequency hopping system, more than one symbol is
transmitted in the interim time between frequency hops. Figures illustrate how the carrier
frequency hops with time. Let time duration between hops be T h and data bit duration be
denoted by Tb, then:
16
Fig.1.12 Slow Frequency Hop Spread Spectrum Using MFSK (M=4, k=2)
Fig.1.13 Fast Frequency Hop Spread Spectrum Using MFSK (M=4, k=2)
The basic FH modulation system, depicted in figure1.14 comprises a digital phase or frequency
shift keying modulator and a frequency synthesizer. The latter generates carrier frequencies
according to the pseudo-random phases of the spreading code sequence that is then mixed
with the data carrier to originate the FH signal.
17
Fig.1.14 Frequency Hopping Spread Spectrum System (Transmitter)
In the basic FH receiver, shown in Figure 1.15, the received FH signal is first filtered using a
wideband band pass filter and then mixed with a replica of the FH carrier. The mixer output is
applied to the appropriate demodulator. A coherent demodulator may be used when a PSK
carrier is received. The incoming signal is multiplied by the signal from the PN generator
identical to the one at the transmitter. Resulting signal from the mixer is a binary FSK, which is
then demodulated in a "regular" way. Error correction is then applied in order to recover the
original signal. The timing synchronization is accomplished through the use of early-late gates,
which control the clock frequency.
18
CODE DIVISION MULTIPLE ACCESS
As shown in fig.1.16 in DS-CDMA, each of N user groups is given its own code, gi(t),
where i=1,2,3,…N. The user codes are approximately orthogonal, so that the cross
correlation of two different codes is near zero. Fig1.9 shows a DS/CDMA. The first block
shows the data modulation of a carrier A Cos ω ct. The output of the data modulator
belonging to a user from group 1 is A1 Cos (ωct+ø1)
Fig.1.16 DS/CDMA
The next block, the data modulated signal is multiplied by the spreading signal belonging
to user group 1, and the resulting signal is transmitted over the channel. Simultaneously,
users from group 2 through N multiply their signals by their own code functions.
Frequently, each ode function is kept secret, and its use is restricted to the community of
authorized users. The signal present at the receiver is the linear combination of the
received signals from N users. The first stage of the receiver multiples the incoming
signals by g1(t) [for user 1]. The output of the multiplier will yield the signal,
If the code functions are g1(t) chosen with orthogonal properties, the desired signals
19
undesired signals are easily rejected, since
RAKE RECEIVER
In CDMA spread spectrum systems, CDMA spreading codes are designed to provide
very low correlation between successive chips, propagation delay spread in the radio
channel provides multiple version of the transmitted signal at the receiver. Delaying
multipath components by more than chip duration will appear like uncorrelated noise at a
CDMA receiver. CDMA receiver may combine the time delayed versions of the original
signal to improve the signal to noise ratio at the receiver. RAKE receiver collects the
time shifted versions of the original signal by providing a separate correlation receiver for
M strongest multipath components. Outputs of each correlator are weighted to provide a
better estimate of the transmitted signal than provided by a single component.
Demodulation and bit decisions are based on the weighted output of the correlators.
Schematic of a RAKE receiver is shown in figure 1.17
20