Professional Documents
Culture Documents
1
Suvarna Chaure
Roadmap
• Security Goals,
• Services,
• Mechanisms and attacks,
• The OSI security architecture,
• Network security model,
• Classical Encryption techniques,
• Symmetric cipher model,
• mono-alphabetic and poly-alphabetic substitution techniques:
Vigenere cipher, playfair cipher, Hill cipher,
• transposition techniques: keyed and keyless transposition ciphers,
• steganography.
Suvarna Chaure
1-1 SECURITY GOALS
Security Attacks
14
Suvarna Chaure
1.2.4 Passive Versus Active Attacks
Suvarna Chaure
Traffic Analysis Attack
17
Suvarna Chaure
Active Attacks
Suvarna Chaure
Active Attacks
(b)Replay
Suvarna Chaure
Suvarna Chaure
Suvarna Chaure
1-3 SERVICES AND MECHANISMS
Digital
Signatur Access Data Authentication Traffic Routing Notariza
Service Encipherment e Control Integrity Exchange Padding Control tion
Peer Entity
Authentication
Data Origin
Authentication
Access Control
Confidentiality
Traffic Flow
Confidentiality
Data Integrity
Nonrepudiation
Suvarna Chaure
Availability
Mechanism
Notariza
Service Encipherment Signature Control Integrity Exchange Padding Control tion
Peer Entity
Authentication Y Y Y
Data Origin
Authentication Y Y
Access Control Y
Confidentiality Y Y
Traffic Flow
Confidentiality Y Y Y
Data Integrity Y Y Y
Nonrepudiation Y Y Y
Suvarna Chaure
Availability Y Y
Attack
Peer Entity Y
Authentication
Data Origin Y
Authentication
Y
Access Control
Confidentiality Y
Traffic Flow Y
Confidentiality
Data Integrity Y Y
Y
Nonrepudiation
Suvarna Chaure
Attack
Encipherment
Digital Signature
Access Control
Data Integrity
Authentication
Exchange
Traffic Padding
Routing Control
Suvarna Chaure
Notarization
Attack
Encipherment
Y
Digital Signature Y Y Y
Access Control Y Y Y Y Y
Data Integrity Y Y
Authentication
Exchange Y Y Y Y
Traffic Padding Y
Routing Control Y Y Y
Suvarna Chaure
Notarization Y Y y
1-4 TECHNIQUES
Suvarna Chaure
3. An organization has a server in which some manual are
kept. It also provides some applications. The organization
wants the manuals to be viewed by all the employees
whenever required by them. However project managers
can modify the contents of the manuals. For this they must
first request the admin. If the admin is confirmed that it is
only the concerned project manager making a request he
grants permission to make changes to the concerned
manual. What type of security services must be present to
enable these activities in the organization?
Suvarna Chaure
4. Consider an implanted medical device that monitors
and records data about a patient’s health and stores
the information locally. To access the data, authorized
personnel must transmit a PIN to the implanted
device, and once authorized, electronically request
specific portions of the data. Give examples of
confidentiality, integrity and availability requirements
associated with the system, and in each indicate the
degree of importance of the requirement.
Suvarna Chaure
Model for Network Security
Suvarna Chaure
Model for Network Security
Suvarna Chaure
Traditional Symmetric key ciphers
Figure shows the general idea behind a symmetric-key cipher. The original
message from Alice to Bob is called plaintext; the message that is sent through
the channel is called the ciphertext. To create the ciphertext from the plaintext,
Alice uses an encryption algorithm and a shared secret key. To create the
plaintext from ciphertext, Bob uses a decryption algorithm and the same secret
key.
As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of
breaking those codes.
Note
Note
Example 3.1
The following shows a plaintext and its corresponding
ciphertext. The cipher is probably monoalphabetic because both
l’s (els) are encrypted as O’s.
Example 3.2
The following shows a plaintext and its corresponding
ciphertext. The cipher is not monoalphabetic because each l (el)
is encrypted by a different character.
Plaintext: hello Ciphertext: ABNZF
Suvarna Chaure
3.2.1 Continued
Additive Cipher
Note
Solution
Solution
Note
Example 3.7
What is the key domain for any multiplicative cipher?
Solution
Example 3.09
The affine cipher uses a pair of keys in which the first key is
from Z26* and the second is from Z26. The size of the key
domain is
26 × 12 = 312.
Example 3.10
Use an affine cipher to encrypt the message “hello” with the key
pair (7, 2).
Example 3.11
Use the affine cipher to decrypt the message “ZEBBW” with the
key pair (7, 2) in modulus 26.
Solution
Example 3.12
The additive cipher is a special case of an affine cipher in which
k1 = 1. The multiplicative cipher is a special case of affine cipher
in which k2 = 0.
3.65 Suvarna Chaure
3.2.1 Continued
Monoalphabetic Substitution Cipher
Example 3.13
We can use the key in Figure 3.12 to encrypt the message
The ciphertext is
Autokey Cipher
Example 3.15
Let us encrypt the plaintext “hello” using the key in Figure 3.13.
Example
G U I/J D A
N C E B F
H K L M O
P Q R S T
V W X Y Z
Example
1. Construct a playfair matrix with the key “largest”
2. Construct a playfair matrix with the key “occurrence”
O C U R E
N A B D
Example 3.16
We can encrypt the message “She is listening” using the 6-
character keyword “PASCAL”.
PT l i f e i s f u l l
P’s 11 8 5 4 8 18 5 20 11 11
Val
Key 7 4 0 11 7
C’s
Val
CT
kshum ENGG2013 78
Hill cipher
kshum ENGG2013 79
Hill cipher
kshum ENGG2013 80
Hill cipher
kshum ENGG2013 81
Hill cipher
kshum ENGG2013 82
Hill cipher
kshum ENGG2013 83
Hill cipher
kshum ENGG2013 84
Hill cipher
kshum ENGG2013 85
Hill cipher
Answer
kshum ENGG2013 86
Hill cipher
kshum ENGG2013 87
Hill cipher
Encrypt the plaintext “ hello” using given key
= ??
kshum ENGG2013 88
Hill cipher
Find inverse matrix of given matrix, also find the value of
determinant
kshum ENGG2013 89
Hill cipher
Multiplicative Inverse of 17 is 23
kshum ENGG2013 90
Hill cipher
kshum ENGG2013 91
Hill cipher
Example:
Use Hill cipher to encipher the message “We live in an
insecure world”. Use following key
kshum ENGG2013 92
3-3 TRANSPOSITION CIPHERS
A transposition cipher does not substitute one symbol for another, instead
it changes the location of the symbols.
Note
A transposition cipher reorders symbols.
Simple transposition ciphers, which were used in the past, are keyless.
Example 3.22
A good example of a keyless cipher using the first method is the
rail fence cipher. The ciphertext is created reading the pattern
row by row. For example, to send the message “Meet me at the
park” to Bob, Alice writes
Alice and Bob can agree on the number of columns and use the
second method. Alice writes the same plaintext, row by row, in
a table of four columns.
Example 3.26
Figure 3.21
Example 3.27
Call the plaintext stream P, the ciphertext stream C, and the key stream K.
Example 3.30
Additive ciphers can be categorized as stream ciphers in which
the key stream is the repeated value of the key. In other words,
the key stream is considered as a predetermined stream of
keys or K = (k, k, …, k).
In this cipher, however, each character in the ciphertext
depends only on the corresponding character in the plaintext,
because the key stream is generated independently.
Example 3.31
The monoalphabetic substitution ciphers discussed in this
chapter are also stream ciphers. However, each value of the
key stream in this case is the mapping of the current plaintext
character to the corresponding ciphertext character in the
mapping table.
3.108 Suvarna Chaure
3.4.1 Continued
Example 3.32
Vigenere ciphers are also stream ciphers according to the
definition. In this case, the key stream is a repetition of m
values, where m is the size of the keyword. In other words,
Example 3.33
We can establish a criterion to divide stream ciphers based on
their key streams. We can say that a stream cipher is a
monoalphabetic cipher if the value of ki does not depend on the
position of the plaintext character in the plaintext stream;
otherwise, the cipher is polyalphabetic.
3.109 Suvarna Chaure
3.4.1 Continued
Example 3.33 (Continued)
Example 3.34
Playfair ciphers are block ciphers. The size of the block is m =
2. Two characters are encrypted together.
Example 3.35
Hill ciphers are block ciphers. A block of plaintext, of size 2 or
more is encrypted together using a single key (a matrix). In
these ciphers, the value of each character in the ciphertext
depends on
all the values of the characters in the plaintext. Although the key
is made of m × m values, it is considered as a single key.
Example 3.36
From the definition of the block cipher, it is clear that every
block cipher is a polyalphabetic cipher because each character
in a ciphertext block depends on all characters in the plaintext
block. 3.112 Suvarna Chaure
3.4.3 Combination
1. William Stallings - Cryptography and Network Security: Principles and Practice, Prentice Hall, 5th
edition, 2010.
Reference Book:
1. Behrouz A. Forouzan and Debdeep Mukhopadhyay - Cryptography and Network Security, McGraw
Hill, 2nd Edition, 2008.
Suvarna Chaure
Thank You!
(suvarnac@sies.edu.in)
116
Suvarna Chaure