NETWORK SECURITY MODEL:

A message is to be transferred from one party to another across some sort of Internet service. The two
parties, who are the principals in this transaction, must cooperate for the exchange to take place. A
logical information channel is established by defining a route through the Internet from source to
destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals.

Security aspects come into play when it is necessary or desirable to protect the information transmission
from an opponent who may present a threat to confidentiality, authenticity, and so on. All the
techniques for providing security have two components:

• A security-related transformation on the information to be sent. Examples include the encryption of

the message, which scrambles the message so that it is unreadable by the opponent, and the addition of
a code based on the contents of the message, which can be used to verify the identity of the sender.

• Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An
example is an encryption key used in conjunction with the transformation to scramble the message
before transmission and unscramble it on reception.

A trusted third party may be needed to achieve secure transmission. For example, a third party may be
responsible for distributing the secret information to the two principals while keeping it from any
opponent. Or a third party may be needed to arbitrate disputes between the two principals concerning
the authenticity of a message transmission.

Network Security Model

This general model shows that there are four basic tasks in designing a particular security service:

1. Design an algorithm for performing the security-related transformation. The algorithm should be such
that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.

3. Develop methods for the distribution and sharing of the secret information.

4. Specify a protocol to be used by the two principals that makes use of the security algorithm and the
secret information to achieve a particular security service.

However, there are other security-related situations of interest that do not neatly fit this model but are
considered. A general model of these other situations is illustrated below, which reflects a concern for
protecting an information system from unwanted access.

Network Access Security Model

Another type of unwanted access is the placement in a computer system of logic that exploits
vulnerabilities in the system and that can affect application programs as well as utility programs, such as
editors and compilers. Programs can present two kinds of threats:

Information access threats: Intercept or modify data on behalf of users who should not have access to
that data.

Service threats: Exploit service flaws in computers to inhibit use by legitimate users.

STEGANOGRAPHY:

 Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message
in order to avoid detection; the secret data is then extracted at its destination.
 The use of steganography can be combined with encryption as an extra step for hiding or protecting
data.
 It stems from two Greek words, which are steganos, means covered and graphia, means writing

Examples,

1. Playing an audio track backwards to reveal a secret message

2. Playing a video at a faster frame rate (FPS) to reveal a hidden image

3. Embedding a message in the red, green, or blue channel of an RGB image

4. Hiding information within a file header or metadata

5. Embedding an image or message

As the image depicts, both cover file(X) and secret message(M) are fed into steganographic encoder as
input.

• Steganographic Encoder function, f(X,M,K) embeds the secret message into a cover file.

• Resulting Stego Object looks very similar to your cover file, with no visible changes.

• This completes encoding. To retrieve the secret message, Stego Object is fed into Steganographic
Decoder.

Steganography Techniques

 Depending on the nature of the cover object (actual object in which secret data is embedded),
steganography can be divided into five types:
1. Text Steganography
2. Image Steganography
3. Video Steganography
4. Audio Steganography
5. Network Steganography
Example:
(i) the sequence of first letters of each word of the overall message spells out the real (hidden)
message.
(ii) Subset of the words of the overall message is used to convey the hidden message
Various other techniques have been used historically, some of them are:

Character marking – selected letters of printed or typewritten text are overwritten in pencil. The marks
are ordinarily not visible unless the paper is held to an angle to bright light.

Invisible ink – a number of substances can be used for writing but leave no visible trace until heat or
some chemical is applied to the paper.

Pin punctures – small pin punctures on selected letters are ordinarily not visible unless the paper is held
in front of the light.

Typewritten correction ribbon – used between the lines typed with a black ribbon, the results of typing
with the correction tape are visible only under a strong light.

Drawbacks of steganography

Requires a lot of overhead to hide a relatively few bits of information.

Once the system is discovered, it becomes virtually worthless.

BLOCK CIPHER PRINCIPLES

 Virtually, all symmetric block encryption algorithms in current use are based on a structure referred to
as Fiestel block cipher. For that reason, it is important to examine the design principles of the Fiestel
cipher. We begin with a comparison of stream cipher with block cipher.

 A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. E.g, vigenere
cipher. A block cipher is one in which a block of plaintext is treated as a whole and used to produce a
cipher text block of equal length. Typically a block size of 64 or 128 bits is used.

 Block cipher principles

most symmetric block ciphers are based on a Feistel Cipher Structure

needed since must be able to decrypt ciphertext to recover messages efficiently
block ciphers look like an extremely large substitution
would need table of 264 entries for a 64-bit block
instead create from smaller building blocks
using idea of a product cipher in 1949 Claude Shannon introduced idea of substitution-permutation
(S-P) networks called modern substitution-transposition product cipher these form the basis of
modern block ciphers
S-P networks are based on the two primitive cryptographic operations we have seen before:
substitution  (S-box)

permutation  (P-box)
provide confusion and diffusion of message
diffusion – dissipates statistical structure of plaintext over bulk of ciphertext
confusion – makes relationship between ciphertext and key as complex as possible