19EAC401- Introduction to Cybersecurity

For EAC Students

Slide number 53 to 103 are added for your better understanding of Classical Encryption
technique and for the laboratory purposes.
All the remaining slides are prepared from the text book
“Security in computing” Fifth edition by Charles P. PFleeger, Shari Lawrence Pfleeger,
Jonathan Margulies

8/10/2022 1
 Course objectives and outcomes

8/10/2022 2
 Course Syllabus

8/10/2022 3
 Text book / References and Tentative Evaluation Pattern

8/10/2022 4
 Chapter 1 - Introduction
Objectives:
 Define computer security as well as basic computer
security terms
 Introduce the C-I-A Triad.
 Introduce basic access control terminology.
 Explain basic threats, vulnerabilities, and attacks.
 Show how controls map to threats.
8/10/2022 5
 Introduction – Computer Security
The protection of the assets of a computer
system
1. Hardware
2. Software
3. Data

8/10/2022 6
 The Items You Value - Assets

8/10/2022 7
 Value of Assets

8/10/2022 8
 Basic Terms
• Vulnerability
• Threat
• Attack
• Countermeasure or control

8/10/2022 9
 Vulnerabilities
• Vulnerability is a weakness in the security
system
(i.e., in procedures, design, or implementation),
that might be exploited to cause loss or harm.

8/10/2022 10
 Threats
• Threat to a computing system is a set of
circumstances that has the potential to cause
loss or harm.
• a potential violation of security

8/10/2022 11
 Attacks
• A human (criminal) who exploits a
vulnerability perpetrates an attack on the
system.

8/10/2022 12
 Controls
How do we address these problems?
• We use a control as a protective measure.
• That is, a control is an action, device,
procedure, or technique that removes or
reduces a vulnerability.

8/10/2022 13
 Relationship among threats, controls, and vulnerabilities:
• A threat is blocked by control of a vulnerability.
• To devise controls, we must know as much about threats as possible.
• The fact that the violation might occur means that the actions that might cause it should be guarder
against.

• The water is the threat, the crack the vulnerability, and the finger the control (for now).

8/10/2022 14
 C-I-A Triad Confidentiality Integrity Availability

• Sometimes two other desirable characteristics:

• Authentication: the process or action of proving or
showing something to be true, genuine, or valid.
• Nonrepudiation is the assurance that someone cannot
deny something. i.e. nonrepudiation refers to the
ability to ensure that a party to a contract or a
communication cannot deny the authenticity of their
signature on a document or the sending of a message
that they originated
8/10/2022 15
 Types of Harm

8/10/2022 16
 Threats
• In an interception means that some unauthorized party
has gained access to an asset.
• In an interruption, an asset of the system becomes lost,
unavailable, or unusable.
• If an unauthorized party not only accesses but tampers
(forges) with an asset, the threat is a modification.
• Finally, an unauthorized party might create a
fabrication of counterfeit objects on a computing
system.
8/10/2022 17
 Confidentiality
• Some properties that could mean a failure of data
confidentiality:
– An unauthorized person accesses a data item.
– An unauthorized process or program accesses a data item.
– A person authorized to access certain data accesses other data
not authorized.
– An unauthorized person accesses an approximate data value.
– An unauthorized person learns the existence of a piece of data.

8/10/2022 18
 Integrity
• Integrity of an item can be preserved by following
conditions:
– Precise
– Accurate
– Unmodified
– Modified only in acceptable ways
– Modified only by authorized people
– Modified only by authorized processes
– Consistent
– Internally consistent
– Meaningful and usable

8/10/2022 19
 Integrity
• Integrity can also mean two or more of these
properties .
• Welke and Mayfield recognize three particular
aspects of integrity:
– Authorized actions
– Separation and protection of resources
– Error detection and correction.
8/10/2022 20
 Availability
• An object or service is thought to be available
if the following are true:
– It is present in a usable form
– It has enough capacity to meet the service’s needs.
– It is making clear progress, and, if in waiting mode,
it has a bounded waiting time.
– The service is completed in an acceptable period
of time.
8/10/2022 21
 Availability
• We can construct an overall description of availability by
combining these goals. Following are some criteria to define
availability:
– There is a timely response to our request.
– Resources are allocated fairly so that some requesters are not
favoured over others.
– Concurrency is controlled; that is, simultaneous access, deadlock
management, and exclusive access are supported as required.
– The service or system follows fault tolerance.
– The service or system can be used easily and in the way it was
intended to be used.

8/10/2022 22
 Availability

8/10/2022 23
 Security Goals
• When we talk about computer security, we mean that we are addressing
three important aspects of any computer-related system: confidentiality,
integrity, & availability (CIA)
• Confidentiality ensures that computer-related assets are accessed only by
authorized parties.
• i.e. reading, viewing, printing, or even knowing their existence
• Secrecy or privacy
• Integrity means that assets can be modified only by authorized parties or
only in authorized ways.
• i.e. writing, changing, deleting, creating.
• Availability means that assets are accessible to authorized parties at
appropriate times.
• i.e. often, availability is known by its opposite, denial of service.

8/10/2022 24
8/10/2022 25
 Goals of Security
Prevention :
• Prevent attackers from violating security policy
Detection :
• Detect attackers’ violation of security policy
Recovery :
• Stop attack, assess and repair damage
• Continue to function correctly even if attack succeeds

8/10/2022 26
 Trust and Assumptions
• Trust underlies all aspects of security
• Policies
– Unambiguously partition system states
– Correctly capture security requirements
• Mechanisms
– Assumed to enforce policy
– Support mechanisms work correctly
8/10/2022 27
 Access Control

8/10/2022 28
 Types of Threat
• We call a potential cause of harm a threat.
• Harm can be caused by either non human events or
humans.
• Examples of non human threats include natural
disasters like fires or floods; loss of electrical power;
failure of a component such as a communication cable,
processor chip or disk drive or attack by a wild boar.
• “Threats are caused both by human and other
sources.”
8/10/2022 29
 Human Threats
• Human threats can be either benign or
malicious
• Benign:-
– include someone’s accidentally spilling a soft drink
on a laptop,
– Inadvertently sending an email message to the
wrong person,
– Carelessly typing “12” instead of “21”. Etc.,
8/10/2022 30
 Malicious threat
• Malicious attacks can be random or directed.
• In a random attack the attacker wants to harm
any computer or user; such an attack is
analogous .
– Example: malicious code posted on a website that
could be visited by anybody.

8/10/2022 31
 Types of Threat

8/10/2022 32
 Advanced Persistent Threat (APT)
• Organized
• Directed
• Well financed
• Patient
• Silent
• APT is a special type of threat that has only been taken
seriously by the broad security community over the past
decade.
• In general, security experts believe that no one who
becomes a high-priority target can truly be safe from APT.

8/10/2022 33
 Types of Attackers
• Who are attackers? Their motivations range
from “chance to a specific target”
• What does a cyber criminal look like?
– Attackers look just like anybody in a crowd.
– No one pattern matches all attackers.

8/10/2022 34
 Types of Attackers

8/10/2022 35
 Types of attackers
• Individuals: Originally, computer attackers were individuals, acting with motives of fun,
challenge or revenge.
• Organized crime groups are discovering that computers crime can be lucrative. Eg.,
fraud, extortion, money laundering, and drug trafficking.
• Loosely connected groups of criminals all over the world work together to break into
the systems and steal and sell information, such as credit card numbers.
• Terrorists: Link between computer security and terrorism is quite evident we see
terrorists using computers in four ways:
– Computer as target of attack
– Computer as method of attack
– Computer as enabler of attack
– Computer as enhancer of attack.

8/10/2022 36
 Method – Opportunity- Motive
A malicious attacker must have three things (MOM):
• method: the skills, knowledge, tools, and other things with which
to be able to pull off the attack Knowledge of systems are widely
available
• opportunity: the time and access to accomplish the attack
Systems available to the public are accessible to them
• motive: a reason to want to perform this attack against this system
• Method, opportunity and motive are all necessary for an attack
to succeed; deny any of these and the attack will fail.

8/10/2022 37
 Method – Opportunity- Motive

8/10/2022 38
 Controls
• This representation shows the three dimensions by which a control can be categorized.
• Thinking about controls in this way enables you to easily map the controls against the threats they
help address.

8/10/2022 39
 Different types of controls
• In this simple representation of a networked system, it is easy to see all the touch points where
controls can be placed, as well as some different types of controls, including deterrence,
deflection, response, prevention, and preemption.

8/10/2022 40
 Controls Available
• Encryption
We take data in their normal, unscrambled state, called:
• cleartext or plaintext, and transform them so that they are
unintelligible to the outside observer; the transformed data
are called enciphered text or ciphertext.
• Encryption clearly addresses the need for confidentiality of
data.
• Additionally, it can be used to ensure integrity;
data that cannot be read generally cannot easily be changed
in a meaningful manner.

8/10/2022 41
 Controls Available
• Encryption does not solve all computer security problems,
and other tools must complement its use.
– if encryption is not used properly, it may have no effect on
security or could even degrade the performance of the entire
system.
• Weak encryption can actually be worse than no encryption
at all,
– because it gives users an unwarranted sense of protection.
• Therefore, we must understand those situations in which
encryption is most useful as well as ways to use it effectively.

8/10/2022 42
 Controls Available
• Software/Program Controls
• Programs must be secure enough to prevent outside attack
• They must also be developed and maintained so that we can be confident of the
programs' dependability.
Program controls include the following:
• Internal program controls: parts of the program that enforce security restrictions,
– i.e. access limitations in a database management program
• Operating system and network system controls: limitations enforced by the operating
system or network to protect each user from all other users
– i.e. chmod on UNIX: (Read, Write, Execute) vs. (Owner, Group, Other)
• Independent control programs: application programs,
– i.e. password checkers, intrusion detection utilities, or virus scanners, that protect against
certain types of vulnerabilities

8/10/2022 43
 Controls Available
• Development controls:

• quality standards under which a program is designed, coded (implementation), tested,

and maintained to prevent software faults from becoming exploitable vulnerabilities
– i.e. Penetration testing (pen testing or ethical hacking), is the practice of testing a
computer system, network or web application to find security vulnerabilities that an
attacker could exploit.
• Software controls frequently affect users directly ?
• i.e. when the user is interrupted and asked for a password before being given access to
a program or data.
• Because they influence the usability of the system, software controls must be carefully
designed.
• Ease of use and capabilities are often competing goals in the design of a collection of
software controls.

8/10/2022 44
 Controls Available
• Hardware Controls
• Numerous hardware devices have been created to
assist in providing computer security. These devices
include a variety of means, such as
– hardware or smart card implementations of encryption
– locks or cables limiting access or deterring theft
– devices to verify users' identities
– Firewalls
– intrusion detection systems
– circuit boards that control access to storage media
8/10/2022 45
 Controls Available
• Policies and Procedures

Sometimes, we can rely on agreed-on procedures or policies among users

rather than enforcing security through hardware or software means
– i.e. frequent changes of passwords
• We must not forget the value of community standards and expectations
when we consider how to enforce security.
• Physical Controls
• i.e. locks on doors,
• guards at entry points,
• backup copies of important software and data, and
• physical site planning that reduces the risk of natural disasters.

8/10/2022 46
 Effectiveness of Controls
• Awareness of Problem
• People using controls must be convinced of
the need for security. That is, people will
willingly cooperate with security requirements
only if they understand
– why security is appropriate in a given situation.

8/10/2022 47
 Effectiveness of Controls
• Likelihood of Use
• Of course, no control is effective unless it is used.

• Principle of Effectiveness:
• Controls must be used properly to be effective.
• They must be efficient, easy to use, and appropriate.
• This principle implies that computer security controls
– must be efficient enough, in terms of time, memory space, human activity, or
other resources used,
– using the control does not seriously affect the task being protected.
– Controls should be selective so that they do not exclude legitimate accesses.

8/10/2022 48
 Effectiveness of Controls
• Overlapping Controls
• Several different controls may apply to address a single
vulnerability.

• Periodic Review
• Just when the security specialist finds a way to secure assets
against certain kinds of attacks, the opposition doubles its efforts
in an attempt to defeat the security mechanisms.
• Thus, judging the effectiveness of a control is an ongoing task.

8/10/2022 49
 Principle of Weakest Link
• Security can be no stronger than its weakest
link !!!
– Whether it is the power supply that powers the firewall or
the operating system under the security application or the
human who plans, implements, and administers controls, a
failure of any control can lead to a security failure.

8/10/2022 50
 Summary
• Vulnerabilities are weaknesses in a system;

– threats exploit those weaknesses;

– controls protect those weaknesses from exploitation
• Confidentiality, integrity, and availability are the three basic
security primitives
• Different attackers pose different kinds of threats based on
their capabilities and motivations
• Different controls address different threats; controls come in
many flavors and can exist at various points in the system
8/10/2022 51
 Classical Encryption Techniques

• Basic Terminology
• Plaintext - the original message
• Cipher text - the coded message
• Cipher - algorithm for transforming plaintext to cipher text
• Key - info used in cipher known only to sender/receiver
• Encipher (encrypt) - converting plaintext to cipher text
• Decipher (decrypt) - recovering cipher text from plaintext
• Cryptography - study of encryption principles/methods
• Cryptanalysis (code breaking) - the study of principles/ methods of
deciphering cipher text without knowing key

8/10/2022
• Cryptology - the field of both cryptography and cryptanalysis 52
 Schematic Representation of a Cryptosystem

• Cryptography can be characterized by:

– type of encryption operations used

• substitution / transposition / product

– number of keys used

• single-key or private / two-key or public

– way in which plaintext is processed

8/10/2022
• block / stream 53
 Cryptanalysis and Brute-force attack

• Two general attacks on conventional

encryption
– Cryptanalytic attacks rely on the nature of the algorithm plus some
knowledge of the general characteristics of the plaintext or even some
sample plaintext–ciphertext pairs.

– This type of attack exploits the characteristics of the algorithm to

attempt to deduce a specific plaintext or to deduce the key being
used.

– Brute-force attack: The attacker tries every possible key on a piece of

cipher text until an intelligible translation into plaintext is obtained.
On average, half of all possible keys must be tried to achieve success.
8/10/2022 54
 Types of Cryptanalytic Attacks
• Cipher text only
– Only knows the algorithm, cipher text, and statistics
– can identify plaintext
• Known plaintext
– Knows algorithm, One or more plaintext–cipher text pairs formed with the
secret key, cipher text
• Chosen plaintext
– Knows algorithm, Plaintext message chosen by cryptanalyst, together with its
corresponding cipher text generated with the secret key, cipher text
• Chosen cipher text
– Knows algorithm; cipher text; Cipher text chosen by cryptanalyst, together
with its corresponding decrypted plaintext generated with the secret key
• Chosen text
– Knows algorithm; cipher text; select either plaintext or cipher text to encrypt
or decrypt
8/10/2022 55
 Security of Cryptography

• Unconditional security
– no matter how much computer power is available, the cipher cannot
be broken since the ciphertext provides insufficient information to
uniquely determine the corresponding plaintext
• Computational security
– given limited computing resources (e.g. time needed for calculations
is greater than age of universe), the cipher cannot be broken
– No encryption algorithm is unconditionally secure, hence the users of
the algorithm shall check for the following criteria to be satisfied
• Cost of breaking the cipher exceeds the value of the encrypted information
• Time required to break the cipher exceeds the useful lifetime of the
information

8/10/2022 56
 Cryptographic Methods

Asymmetric Key
Symmetric Key –
(Public Key )–
Encryption
Encryption

RSA Public -Key

Block Ciphers Stream Ciphers

Elliptic Curve Cryptography

Transposition Cipher
Diffie-Hellman Key
Substitution Cipher Exchange

Poly-alphabetic Substitution

Mono-alphabetic Substitution

8/10/2022 57
 Block Ciphers
• transforms a fixed-length block of plaintext data into a block of
cipher text data of the same length
• transformation takes place under the action of a user-provided
secret key
• decryption is performed by applying the reverse transformation to
the cipher text block using the same secret key
• the fixed length is called the block size, and for many block ciphers,
the block size is 64 bits
• most modern ciphers are of this form e.g. DES, 3-DES, IDEA, AES, and
Blowfish
M1 M2 M3 Mn

E E E ... E

8/10/2022 C1 C2 C3 Cn 58
 Substitution Ciphers

• units of plaintext are substituted with cipher text according to a

regular system
• "units" may be single letters (the most common), pairs of letters,
triplets of letters, mixtures of the above, and so forth
• receiver deciphers the text by performing an inverse substitution

Substitution Ciphers

Mono-alphabetic substitution

Polygram - Substitution

Homophonic Substitution

8/10/2022 59
 Substitution Ciphers

• Ciphertext and plaintext character sets are the same.

• Let m  m1m2 m3 ..... be the plaintext message and the alphabet
  { A, B,..., Z}

• The substitution employs a permutation e over A

• Example: Shift cipher (Caesar – Cipher)
– Alphabetic shift through k characters for some fixed k
– More precisely, if   s and plaintext mi is associated with
the integer value p, 0<=p<=s-1,
A B C …. Z
– then
– And the decryption mapping is defined by
D E F …. C
8/10/2022 – Caesar used k = 3 60
 Classical Substitution Ciphers

• where letters of plaintext are replaced by other letters or by

numbers or symbols
• or if plaintext is viewed as a sequence of bits, then substitution
involves replacing plaintext bit patterns with cipher text bit patterns
• earliest known substitution cipher is Caesar Cipher
• Developed by Julius Caesar
• first attested use in military affairs
• replaces each letter by 3rd letter on
• example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
8/10/2022 61
 Caesar Cipher

• can define transformation as:

a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

• mathematically give each letter a number

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25

• then have Caesar cipher as:

C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)
8/10/2022 62
 Cryptanalysis of Caesar Cipher

• only have 26 possible ciphers

– A maps to A,B,..Z
• could simply try each in turn
• a brute force search
• given cipher text, just try all shifts of letters
• do need to recognize when have plaintext
• eg. break cipher text "GCUA VQ DTGCM"
8/10/2022 63
 Mono alphabetic Cipher
• rather than just shifting the alphabet
• could shuffle (jumble) the letters arbitrarily
• each plaintext letter maps to a different random cipher text letter
• hence key is 26 letters long
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
• Security of Monoalphabetic Cipher
– now have a total of 26! = 4 x 1026 keys
– with so many keys, might think is secure
– but would be !!!WRONG!!!
– problem is language characteristics
8/10/2022 64
 Language Redundancy and
Cryptanalysis
• human languages are redundant
• eg "th lrd s m shphrd shll nt wnt"
• letters are not equally commonly used
• in English E is by far the most common letter
• then T,A,O,I,N,S,H
• other letters are fairly rare
• cf. Z,J,K,Q,X
• have tables of single, double & triple letter
frequencies
8/10/2022 65
 English Letter Frequencies

8/10/2022 66
 Sorted frequencies of letters in English
Sorted Frequencies of Letters in English

14

12

10

0
e t a o i n s h r d l c u m w f g y p b v k j x q z

8/10/2022 67
 Use in Cryptanalysis
 key concept - monoalphabetic substitution ciphers do not change
relative letter frequencies
 discovered by Arabian scientists in 9th century
 calculate letter frequencies for ciphertext
 compare counts/plots against known values
 if caesar cipher look for common peaks/troughs
peaks at: A-E-I triple, N-O pair, R-S-T triple
troughs at: J-K, U-V-W-X-Y-Z
 for monoalphabetic must identify each letter
tables of common double/triple letters help
– (digrams and trigrams)
 amount of ciphertext is important – statistics!
8/10/2022 68
 Example Cryptanalysis
given ciphertext:
– UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
– VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
– EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

count relative letter frequencies (see text)

8/10/2022 69
 Example Cryptanalysis
 given ciphertext:
– UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
– VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
– EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

 guess P & Z are e and t

 guess ZW is th and hence ZWP is “the”
 proceeding with trial and error finally get:
– it was disclosed yesterday that several informal but
– direct contacts have been made with political
– representatives of the viet cong in moscow

8/10/2022 70
 Substitution Ciphers – Polygram

• Involves groups of characters being substituted by other groups of

characters

• Sequences of two plaintext characters (digrams) may be replaced by

other digrams

• Same may done with trigrams, generally n-grams

• key space is extremely large: in full digram substitution over an

alphabet of 26 characters, there are 262 ! possible keys

• first practical historical use in 1854 by Sir Charles Wheatstone

8/10/2022
 Playfair - Cipher 71
 Playfair - Cipher

• usual form with 5 by 5 table and a key word or phrase

• Fill in the spaces in the table with the letters of the key; duplicate
letters are dropped; I = J; fill the remaining spaces
• 4 rules to encrypt each pair of letters:
– if letters of a pair are both the same, add an X after the first letter,
encrypt new pairs
– If letters appear on the same row, replace them with the letters to
their immediate right (with wrapping)
– If letters appear on the same column, replace them with the letters
immediately below (also with wrapping)
– If letters are not on the same row or column, replace them with the
letters on the same row respectively but at the other pair of corners of
the rectangle by the original pair
8/10/2022 72
 Playfair – Cipher (2)

• E xa m p l e : Ke y - Wo rd C R Y P TO G R A P H Y C L A S S S P R I N G

Rule 2: letters on same line

C R Y P T
RT  YC
O G A H L
Rule 3: letters on same column
S I N B D
AK  NW
E F K M Q
Rule 4: letters form rectangle
U V W X Z
GQ  LF

8/10/2022 73
 Security of the Playfair Cipher
• Security much improved over mono alphabetic
• Since have 26 x 26 = 676 digrams
• would need a 676 entry frequency table to analyse (verses 26 for a
mono alphabetic) and correspondingly more cipher text
• was widely used for many years (eg. US & British military in WW1)
• It can be broken, given a few hundred letters
• Since still has much of plaintext structure

8/10/2022 74
 Cryptanalysis of Playfair
• Identification:
– Cipher message contains an even number of letters
– Only 25 letters present

• Attack:
– Ultimate goal: recover the 5 x 5 matrix  general structure is
known
– Known Plaintext: probable words lead to partial decryption
– Digram frequency count:
TH 3.15 % ER 1.54 % EA 1.31 %
HE 2.51 % RE 1.48 % TI 1.28 %
AN 1.72 % ES 1.45 % AT 1.24 %
8/10/2022 IN 1.69 % ON 1.45 % ST 1.21 % 75
 Hill Cipher
• Another interesting multiletter cipher, developed by the
mathematician Lester Hill in 1929.

‘m’ ‘m’
Encryption
successive ciphertext
Algorithm
plaintext

• The substitution is determined by ‘m’ linear equations in which each

character is assigned a numerical value (a=0, b=1,…z=25). For m=3,
8/10/2022 the system can be described as follows: 76
 c1 = (k11p1 + k12p2 + k13p3) mod 26
c2 = (k21p1 + k22p2 + k23p3) mod 26
c3 = (k31p1 + k32p2 + k33p3) mod 26
• Expressed in term of column vectors and matrices:
C1 k11 k12 k13 p1
C2 =k21 k22 k23 p2 mod 26
C3 k31 k32 k33 p3

(or)
C = KP mod 26
• Where C & P are column vectors of length 3, representing the
plaintext and ciphertext, and K is a 3 x 3 matrix – encryption key

8/10/2022 77
 • Consider the plaintext “pay mor emo ney”

• K= 17 17 5
21 18 21
2 2 19

• The first 3 letters of the plaintext “PAY” are represented by the

vector
15
0
24

15 375 11
• Then C 0 = 819 mod 26 = 13 = LNS
24 486 18
8/10/2022 78
 • Decryption requires using the inverse of the matrix K.
• Whether inverse of a matrix exist for all?
• In this case, the inverse is

4 9 15
K-1= 15 17 6
24 0 17

• This is demonstrated as follows:

17 17 5 4 9 15 443 442 442 100

858 495 780 010
mod 2621=18 21 15 17 6
494 52 365 001
2 2 19 24 0 17
8/10/2022
= 79
 • In general terms, the Hill Cipher can be written as follows:

C = E(K,P) = KP mod 26  Encryption Algorithm

-1 -1
P = D(K,P) = K C mod 26 = K KP = P  Decryption Algorithm

8/10/2022 80
 Polyalphabetic Ciphers
• Another approach to improving security is to use multiple cipher
alphabets
• called polyalphabetic substitution ciphers
• makes cryptanalysis harder with more alphabets to guess and flatter
frequency distribution
• use a key to select which alphabet is used for each letter of the
message
• use each alphabet in turn
• repeat from start after end of key is reached

8/10/2022 81
 Vigenère Cipher
• simplest poly alphabetic substitution cipher is the Vigenère Cipher
• effectively multiple caesar ciphers
• key is multiple letters long K = k1 k2 ... kd
• ith letter specifies ith alphabet to use
• use each alphabet in turn
• repeat from start after d letters in message
• decryption simply works in reverse
• In the simplest case, the different alphabets are used sequentially
and repeated
• Position of plaintext character determines which mapping is applied
 the same plaintext character is encrypted to different ciphertext
characters
8/10/2022 82
 Example
• write the plaintext out
• write the keyword repeated above it
• use each key letter as a caesar cipher key
• encrypt the corresponding plaintext letter
• eg using keyword deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

8/10/2022 83
8/10/2022 84
 Security of Vigenère
Ciphers
• have multiple ciphertext letters for each plaintext letter
• hence letter frequencies are obscured, but not totally lost
• a considerable frequency information remains
• First suppose that the opponent believes that the cipher
text was encrypted using either monoalphabetic
substitution or a Vignere cipher.
• If it is monoalphabetic substitution, then the statistical
properties of the cipher text should be the same as that of
the plain text.

8/10/2022 85
 • On the other hand, if a Vignere cipher is suspected, then
- determine the length of the keyword – how the length is
found?
- the important insight is,
if 2 identical sequences of plain text letters occur at a
distance that is an integer multiple of the keyword length,
they will generate identical cipher text sequences.
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself

8/10/2022 86
 • What an analyst will do now?
• Detect the repeated sequences at a displacement of 9 and make the
assumption that the keyword is either 3 or 9 letters in length.
• If the message is long enough , there will be a number of such
repeated cipher text sequences.
• By looking for common factors in the displacements of the various
sequences, the analyst should be able to make a good guess of the
keyword length.
• With the keyword DECEPTIVE, the letters in positions 1, 10, 19, and
so on are all encrypted with the same mono-alphabetic cipher.
• Thus known frequency characteristics of the plain text language to
attack is used.
• How to find a solution?
8/10/2022 87
 • Periodic nature of the keyword can be eliminated by using a non
repeating keyword that is as long as the message itself.
• Vignere proposed an autokey system , in which a keyword is
concatenated with the plain text itself to provide a running key.

Key: deceptivewearediscoveredsav
Plain text: wearediscoveredsaveyourself
Ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
• Even this scheme is vulnerable to cryptanalysis. Because the key and
the plaintext share the same frequency distribution of letters. For
eg: e encrypted by e, etc.
• These regularities can be exploited to achieve successful
8/10/2022 88
cryptanalysis.
 One Time Pad
• Proposed by Joseph Mauborgne
• Suggested using random key that is as
long as the message. So that the key
need not be repeated.
• Key is used to Encrypt and decrypt a
single message and then discarded.
• Each new message requires a new key
of same length as the new message.
• Such a scheme, known as a one-time
pad.
8/10/2022 89
 One Time Pad

8/10/2022 90
 Security of One Time pad
• Entirely due to the randomness of the key.
• If the stream of characters that constitute the key
is truly random, then the stream of characters that
constitute the Ciphertext will be truly random.
• Thus, there are no patterns or regularities that a
cryptanalyst can use to attack the cipher text.

8/10/2022 91
 Limitations of one time Pad
• In Practice, 2 fundamental difficulties are.
1) Making large quantities of random keys.
2) Even more daunting is the problem of key
distribution and protection.
Hence, it is of limited utility and is useful primarily for
low bandwidth channels requiring very high security.
Onetime pad Cryptosystem - “Perfect secrecy”
8/10/2022 92
8/10/2022 93
8/10/2022 94
8/10/2022 95
8/10/2022 96
 Rotor Machines

8/10/2022 97
8/10/2022 98
8/10/2022 99
8/10/2022 100
8/10/2022 101
8/10/2022 102
 Steganographic Techniques

8/10/2022 103
 Chapter 2: Toolbox: Authentication,
Access Control, and Cryptography

8/10/2022 104
 Objectives for Chapter 2
• Survey authentication mechanisms
• List available access control implementation options
• Explain the problems encryption is designed to solve
• Understand the various categories of encryption tools
as well as the strengths, weaknesses, and applications
of each
• Learn about certificates and certificate authorities

8/10/2022 105
 Authentication
• The act of proving that a user is who she says she is
• Methods:
– Something the user knows
– Something the user is
– Something user has

8/10/2022 106
 Something You Know
• Passwords
• Security questions
• Attacks on “something you know”:
– Dictionary attacks
– Inferring likely passwords/answers
– Guessing
– Defeating concealment
– Exhaustive or brute-force attack
– Rainbow tables

8/10/2022 107
 Distribution of Password Types
One character
0%
Other good Two characters
passwords 2%
14% Three characters
14%

Words in
dictionaries or
lists of names Four characters,
15% all letters
14%

Six letters,
lowercase Five letters,
19% all same case
22%
8/10/2022 108
 Password Storage

Plaintext Concealed

8/10/2022 109
 Biometrics: Something You Are

8/10/2022 110
 Problems with Biometrics
• Intrusive
• Expensive
• Single point of failure
• Sampling error
• False readings
• Speed
• Forgery

8/10/2022 111
 Tokens: Something You Have
Time-Based Token Authentication

Login: mcollings
Passcode: 2468159759
PASSCODE = PIN + TOKENCODE
Token code: Clock
Changes every synchronized to
60 seconds UCT
Unique seed
8/10/2022 112
 Federated Identity Management
Identity Manager
User (performs Authenticated
authentication) Identity

Application Application
(no authentication) (no authentication)
Application
(no authentication)

8/10/2022 113
 Single Sign-On
User Single Sign-On Identification and
Shell Authentication
Credentials

Password Token

Authentication Authentication Authentication

Application Application
Application

8/10/2022 114
 Access Control

8/10/2022 115
 Access Policies
• Goals:
– Check every access
– Enforce least privilege
– Verify acceptable usage
• Track users’ access
• Enforce at appropriate granularity
• Use audit logging to track accesses
8/10/2022 116
 Implementing Access Control
• Reference monitor
• Access control directory
• Access control matrix
• Access control list
• Privilege list
• Capability
• Procedure-oriented access control
• Role-based access control
8/10/2022 117
 Reference Monitor

8/10/2022 118
 Access Control Directory
User A Directory Files User B Directory
Access File Access File
File Name Rights Pointer File Name Rights Pointer

PROG1. C ORW BIBLIOG R

PROG1.EXE OX TEST.TMP OX

BIBLIOG ORW PRIVATE ORW

HELP.TXT R HELP.TXT R

TEMP ORW

8/10/2022 119
 Access Control Matrix

8/10/2022 120
 Access Control List
Directory Access Lists Files
Access List Access
File Pointer User Rights
BIBLIOG
BIBLIOG USER_A ORW

TEMP USER_B R

USER_S RW
F TEMP

HELP.TXT USER_A ORW

F
USER_A ORW

USER_S R

USER_A R HELP.TXT

USER_B R

USER_S R

USER_T R

SYSMGR RW

USER_SVCS O
8/10/2022 121
 Problems Addressed by Encryption
• Suppose a sender wants to send a message to a recipient. An attacker
may attempt to
– Block the message
– Intercept the message
– Modify the message
– Fabricate an authentic-looking alternate message

8/10/2022 122
 Encryption Terminology
• Sender
• Recipient
• Transmission medium
• Interceptor/intruder
• Encrypt, encode, or encipher
• Decrypt, decode, or decipher
• Cryptosystem
• Plaintext
• Ciphertext
8/10/2022 123
 Encryption/Decryption Process

Key Key
(Optional) (Optional)

Original
Plaintext Encryption Ciphertext Decryption
Plaintext

8/10/2022 124
 Symmetric vs. Asymmetric
Key

Original
Plaintext Encryption Ciphertext Decryption
Plaintext

(a) Symmetric Cryptosystem

Encryption Decryption
Key Key

Original
Plaintext Encryption Ciphertext Decryption
Plaintext

(b) Asymmetric Cryptosystem

8/10/2022 125
 Stream Ciphers
Key
(Optional)

…ISSOPMI wdhuw…
Plaintext Encryption Ciphertext

8/10/2022 126
 Block Ciphers
Key
(Optional)
.. XN OI TP ES

Plaintext IH Ciphertext
Encryption

po
ba
qc
kd
em
8/10/2022 .. 127
 Stream vs. Block
Stream Block
Advantages  Speed of  High diffusion
transformation  Immunity to
 Low error insertion of
propagation symbol

Disadvantages  Low diffusion  Slowness of

 Susceptibility to encryption
malicious  Padding
insertions and  Error
modifications propagation

8/10/2022 128
 DES: The Data Encryption Standard
• Symmetric block cipher
• Developed in 1976 by IBM for the
US National Institute of Standards
and Technology (NIST)

8/10/2022 129
 AES: Advanced Encryption System
• Symmetric
block cipher
• Developed in
1999 by
independent
Dutch
cryptographers
• Still in common
use
8/10/2022 130
 DES vs. AES

8/10/2022 131
 Public Key (Asymmetric) Cryptography
• Instead of two users sharing one secret key, each user has two
keys: one public and one private
• Messages encrypted using the user’s public key can only be
decrypted using the user’s private key, and vice versa

8/10/2022 132
 Secret Key vs. Public Key Encryption

8/10/2022 133
 Public Key to Exchange Secret Keys

1 .,
4. , 5
a bc 6
de
f

4h

a
2
g

b
c
i
7r
pq
7

5k l
j

3d e f
8

s
pq r s
tu v 9
wxyz

8uv
t

6
mn
o
w
x
9y z
1 Bill, give me your public key

Here is my key, Amy 2

3 Here is a symmetric key we can use

8/10/2022 134
 Key Exchange Man in the Middle

1,
4

.
., 5
ab c 6d

2
ef

4g

ab
h

c
i
7q
p

5j k l

3 de f
7

rs
pq r
s
8
t uv
w 9

8t u
xy z

m
6o
v

n
w
9x y
z
Bill, give me
1
your public key

1a No, give it to me

Here is my key, Amy 2

Here is the middle’s key 2a

3 Here is the symmetric k ey

3a Here is another symmetric k ey

8/10/2022 135
 Error Detecting Codes
• Demonstrates that a block of data has been modified
• Simple error detecting codes:
– Parity checks
– Cyclic redundancy checks
• Cryptographic error detecting codes:
– One-way hash functions
– Cryptographic checksums
– Digital signatures
8/10/2022 136
 Parity Check

8/10/2022 137
 One-Way Hash Function

M
Encrypted for
authenticity

Hash
function

Message
digest

8/10/2022 138
 Digital Signature

Mark only Mark fixed

the sender to
can make document

Authentic Unforgeable

8/10/2022 139
 Certificates: Trustable Identities and
Public Keys
• A certificate is a public key and an identity
bound together and signed by a certificate
authority.
• A certificate authority is an authority that
users trust to accurately verify identities
before generating certificates that bind those
identities to keys.

8/10/2022 140
 Certificate Signing and Hierarchy
To create Diana’s certificate: To create Delwyn’s certificate:
Diana creates and delivers to Edward: Delwyn creates and delivers to Diana:
Name: Diana Name: Delwyn
Position: Division Manager Position: Dept Manager
Public key: 17EF83CA ... Public key: 3AB3882C ...

Edward adds: Diana adds:

Name: Diana hash value Name: Delwyn hash value
Position: Division Manager 128C4 Position: Dept Manager 48CFA
Public key: 17EF83CA ... Public key: 3AB3882C ...

Edward signs with his private key: Diana signs with her private key:
Name: Diana hash value Name: Delwyn hash value
Position: Division Manager 128C4 Position: Dept Manager 48CFA
Public key: 17EF83CA ... Public key: 3AB3882C ...

Which is Diana’s ce rtificate. And appends her certificate:

Name: Delwyn hash value
Position: Dept Manager 48CFA
Public key: 3AB3882C ...
Name: Diana hash value
Position: Division Manager 128C4
Public key: 17EF83CA ...

Which is Delwyn’s certificate.

8/10/2022 141
 Cryptographic Tool Summary

8/10/2022 142
 Summary
• Users can authenticate using something they know,
something they are, or something they have
• Systems may use a variety of mechanisms to
implement access control
• Encryption helps prevent attackers from revealing,
modifying, or fabricating messages
• Symmetric and asymmetric encryption have
complementary strengths and weaknesses
• Certificates bind identities to digital signatures
8/10/2022 143
 Chapter 3: Programs and
Programming

8/10/2022 144
 Objectives for Chapter 3
• Learn about memory organization, buffer overflows, and relevant
countermeasures
• Common programming bugs, such as off-by-one errors, race
conditions, and incomplete mediation
• Survey of past malware and malware capabilities
• Virus detection
• Tips for programmers on writing code for security

8/10/2022 145
 Memory Allocation
High addresses
Stack

Heap

Static data

Code
Low addresses
8/10/2022 146
 Data vs. Instructions

8/10/2022 147
 Buffer Overflows
• Occur when data is written beyond the space allocated
for it, such as a 10th byte in a 9-byte array
• In a typical exploitable buffer overflow, an attacker’s
inputs are expected to go into regions of memory
allocated for data, but those inputs are instead allowed
to overwrite memory holding executable code
• The trick for an attacker is finding buffer overflow
opportunities that lead to overwritten memory being
executed, and finding the right code to input
8/10/2022 148
 How Buffer Overflows Happen
char sample[10];

int i;

for (i=0; i<=9; i++)

sample[i] = ‘A’;

sample[10] = ‘B’;
8/10/2022 149
 Memory Organization
High addresses
Stack

Heap

Local Data

Program Code

System Data

System Code
Low addresses
8/10/2022 150
 Where a Buffer Can Overflow

8/10/2022 151
 The Stack
Stack
P3
P2
Direction of
growth P1
Prog Ctr
Stack Ptr
8/10/2022 152
 The Stack after Procedure Calls
Procedure B

Stack
Procedure A P3 call C
P2
call B P1
Prog Ctr
Stack Ptr Procedure C
P2
P1
Prog Ctr
Stack Ptr
8/10/2022 153
 Compromised Stack
Procedure B

Stack
Procedure A P3 call C
P2
call B P1
Prog Ctr
Stack Ptr Procedure C
code
code
Prog Ctr
Stack Ptr
8/10/2022 154
 Overwriting Memory for Execution
• Overwrite the program counter stored in the stack
• Overwrite part of the code in low memory, substituting new
instructions
• Overwrite the program counter and data in the stack so that
the program counter points to the stack

8/10/2022 155
 Harm from Buffer Overflows
• Overwrite:
– Another piece of your program’s data
– An instruction in your program
– Data or code belonging to another program
– Data or code belonging to the operating system
• Overwriting a program’s instructions gives attackers
that program’s execution privileges
• Overwriting operating system instructions gives
attackers the operating system’s execution privileges
8/10/2022 156
 Overflow Countermeasures
• Staying within bounds
– Check lengths before writing
– Confirm that array subscripts are within limits
– Double-check boundary condition code for off-by-one errors
– Limit input to the number of acceptable characters
– Limit programs’ privileges to reduce potential harm
• Many languages have overflow protections
• Code analyzers can identify many overflow vulnerabilities
• Canary values in stack to signal modification

8/10/2022 157
 Incomplete Mediation
• Mediation: Verifying that the subject is authorized to perform
the operation on an object
• Preventing incomplete mediation:
– Validate all input
– Limit users’ access to sensitive data and functions
– Complete mediation using a reference monitor

8/10/2022 158
 Time-of-Check to Time-of-Use
• Mediation performed with a “bait and switch” in
the middle
File: Action:
my_file Change byte 4 to A

File: Action:
your_file Delete file

8/10/2022 159
 Race Conditions
A Seat available? Book seat
Yes

Reservation system

B Seat available? No

Time
8/10/2022 160
 Race Conditions
A Seat available? Book seat
Yes

Reservation system

B Seat available? Book seat

Yes

Time
8/10/2022 161
 Other Programming Oversights
• Undocumented access points (backdoors)
• Off-by-one errors
• Integer overflows
• Unterminated null-terminated string
• Parameter length, type, or number errors
• Unsafe utility libraries
8/10/2022 162
 Malware
• Programs planted by an agent with malicious intent to cause
unanticipated or undesired effects
• Virus
– A program that can replicate itself and pass on malicious code to
other nonmalicious programs by modifying them
• Worm
– A program that spreads copies of itself through a network
• Trojan horse
– Code that, in addition to its stated effect, has a second,
nonobvious, malicious effect
8/10/2022 163
 Types of Malware

8/10/2022 164
 Types of Malware (cont.)

8/10/2022 165
 History of Malware

8/10/2022 166
 History of Malware (cont.)

8/10/2022 167
 Harm from Malicious Code
• Harm to users and systems:
– Sending email to user contacts
– Deleting or encrypting files
– Modifying system information, such as the Windows registry
– Stealing sensitive information, such as passwords
– Attaching to critical system files
– Hide copies of malware in multiple complementary locations
• Harm to the world:
– Some malware has been known to infect millions of systems, growing at
a geometric rate
– Infected systems often become staging areas for new infections

8/10/2022 168
 Transmission and Propagation
• Setup and installer program
• Attached file
• Document viruses
• Autorun
• Using nonmalicious programs:
– Appended viruses
– Viruses that surround a program
– Integrated viruses and replacements

8/10/2022 169
 Malware Activation
• One-time execution (implanting)
• Boot sector viruses
• Memory-resident viruses
• Application files
• Code libraries

8/10/2022 170
 Virus Effects
· Virus Effect How It Is Caused
Attach to executable · Modify file directory
program · Write to executable program file
Attach to data or · Modify directory
control file · Rewrite data
· Append to data
· Append data to self
Remain in memory · Intercept interrupt by modifying interrupt
handler address table
· Load self in non-transient memory area
Infect disks · Intercept interrupt
· Intercept operating system call (to format
disk, for example)
· Modify system file
· Modify ordinary executable program
Conceal self · Intercept system calls that would reveal
self and falsify result
· Classify self as “hidden” file
Spread infection · Infect boot sector
· Infect systems program
· Infect ordinary program
· Infect data ordinary program reads to
control its execution
Prevent deactivation · Activate before deactivating program and
block deactivation
· Store copy to reinfect after deactivation
8/10/2022 171
 Countermeasures for Users
• Use software acquired from reliable sources
• Test software in an isolated environment
• Only open attachments when you know them
to be safe
• Treat every website as potentially harmful
• Create and maintain backups
8/10/2022 172
 Virus Detection
• Virus scanners look for signs of malicious code infection
using signatures in program files and memory
• Traditional virus scanners have trouble keeping up with
new malware—detect about 45% of infections
• Detection mechanisms:
– Known string patterns in files or memory
– Execution patterns
– Storage patterns
8/10/2022 173
 Virus Signatures
IF (--)
Attached Recognizable
JUMP
Virus Code signature elements

Original
Program
Original
Program

Separate
Virus
Module
8/10/2022 174
 Countermeasures for Developers
• Modular code: Each code module should be
– Single-purpose
– Small
– Simple
– Independent
• Encapsulation
• Information hiding
• Mutual Suspicion
• Confinement
• Genetic diversity

8/10/2022 175
 Code Testing
• Unit testing
• Integration testing
• Function testing
• Performance testing
• Acceptance testing
• Installation testing
• Regression testing
• Penetration testing
8/10/2022 176
 Design Principles for Security
• Least privilege
• Economy of mechanism
• Open design
• Complete mediation
• Permission based
• Separation of privilege
• Least common mechanism
• Ease of use
8/10/2022 177
 Other Countermeasures
• Good
– Proofs of program correctness—where possible
– Defensive programming
– Design by contract
• Bad
– Penetrate-and-patch
– Security by obscurity
8/10/2022 178
 Summary
• Buffer overflow attacks can take advantage of the fact that code
and data are stored in the same memory in order to maliciously
modify executing programs
• Programs can have a number of other types of vulnerabilities,
including off-by-one errors, incomplete mediation, and race
conditions
• Malware can have a variety of harmful effects depending on its
characteristics, including resource usage, infection vector, and
payload
• Developers can use a variety of techniques for writing and testing
code for security

8/10/2022 179