IFT 503A Information Assurance and Security

College of Computers ‫تابسالحا ةيلك‬
and Information Technology ‫تامولعلما ةينقتو‬
General
objective
 The course is deigned to provide the students with
the fundamental concepts and techniques of
computer systems security.
Objectives
Course CO1: Introduce essential knowledge and techniques for
Objectives computer systems security.
CO2: Present fundamental ciphering approaches for

securing data.
CO3: Provide essentials for proxy firewalls and intrusion

detection for assuring network security.
Prof. Mostafa Nofal

On Successful completion of this course, the student will has:

CLO1: Ability to appreciate the security problem of
computer systems in today’s hostile world.
CLO2: Ability to design a secure computer system.
CLO3: Ability to develop efficient encryption techniques.

Learning CLO4: Ability to get insight into methods of network
security.
Outcomes
Prof. Mostafa Nofal

Chapter 1: Introduction
 Facets of the security problem of computer systems.
 Potential vulnerabilities of computer systems security.
 Meaning of Computer Systems Security.
 Importance of Computer Systems Security.
 Categories of Attackers.
 History of Computer System Security.
Course  Goals of System Security.
Topics  Security Domains.
Prof. Mostafa Nofal

Chapter 2: Design of Secured Computer

Systems
 Security attacks
 Security threats
 Security services
 Secure system design
Chapter 3: Physical Security
Course
 Physical security threats
Topics  Physical and Environmental Security
 Physical Access Controls
 Fire Security and Safety
 Biometrics
Prof. Mostafa Nofal

Chapter 4: Cryptography
 Conventional encryption
 Character-level cryptography
 Bit-level cryptography
 Conventional algorithm DES
 Public-key encryption
Course  RSA algorithm

 Hash function
Topics
Prof. Mostafa Nofal

Chapter 5: Security
Services
 Key management
 Authentication
 Digital signature
 Data Integrity
Course Chapter 6: Essentials of Network

Topics Security
 Proxy server
 Firewalls
 Intrusion detection
 Malicious programs
Prof. Mostafa Nofal

INTRODUCTION TO
COMPUTER SYSTEMS
SECURITY
 Facets of the security problem of computer systems.
 Vulnerabilities of computer systems security.
 Meaning of Computer Systems Security.
 Importance of Computer Systems Security.
 Categories of Attackers.
Chapter 1  History of Computer System Security.

 Goals of System Security.
 Security Domains.
CLO1
Prof. Mostafa Nofal

Objectives of Chapter
1
By the end of this chapter, the student will be able to:
 Understand the meaning of computer systems
security.
 Trace the history of security industry.
 Identify the main goals of computer systems
security.
 Appreciate the need for security in today’s
Chapter 1 hostile
world.
CLO1
Prof. Mostafa Nofal

Facets of the Security

Problem
Elements of the Computer System
 Stand alone computer with: HW, SW, OS and data.
 Networked facilities to the Internet.
Data Message transaction
SW
OS
HW
Stand alone computer Internet
Prof. Mostafa Nofal


Problem
Early days
 Few decades ago, computer security was mainly concerned
with the physical devices that made up the computer.
 Now, the high-value item is not the machine, but the
information that it stores and processes.
 This changed the focus of computer
systems security. Data
SW
Data may be OS
disclosed, abused, HW
modified or damaged.
Stand alone computer
l
College of Computers
and Information Technology

Problem
Networked world
 In today's world, no computer can stand alone as an island.
 The mantra of networking is "anything, anytime, anywhere".
 This also makes networks attractive to attackers.
 The Internet forms a massive distributed environment.
 Malware can steal control of computers on Internet, direct
attacks at servers, or pose as someone to intercept data.
 Networks are the most vulnerable component of a system
configuration.
Prof. Mostafa Nofal


Problem
Electronic business
 In the past, no business is conducted across the Internet.
 Today, people perform online transactions every day.
 Companies rely on Internet to conduct business.
 This also encourages others to take advantage of the
environment to conduct fraud or theft.
 Encryption is a very important part of network
security.
 More recently, skillful intruders are attacking computers
with criminal or military goals in mind.
 They may outwit even sophisticated security systems.
Prof. Mostafa Nofal
The Holistic Scene of Security
Problem Data may be disclosed,
abused, modified or
damaged.
Intrusion may be performed

SW
OS
HW

message may be
intercepted, modified
Hardware may be destructed
or fabricated.
Malware may
infect the system.
Prof. Mostafa Nofal

Potential
Vulnerabilities
Categories of security weakness
Physical Technology Policy Configuration Human

weakness weakness weakness weakness weakness
1 Physical weakness
 The buildings and equipment rooms are vulnerable.
 Intruders can break into the server room, and sabotage as well as
vandalize the system equipment.
 They can also steal backup media and printouts, or obtain information that
will allow them to more easily hack their way in at a later time.
 Locks, guards, and biometric devices provide an important first defense
against break-ins.
Prof. Mostafa Nofal

College of Computers
and Information Technology
Potential
Vulnerabilities
Physical Technology Policy Configuration Human

weakness weakness weakness weakness weakness
2- Technology weakness
 Every technology has some known or unknown inherent weaknesses, or
vulnerabilities that can be exploited by attackers.
 Among others, we can mention some:
1 Internet protocols were not designed for security.

2 Computer and network operating systems has vulnerabilities
3 Network equipments, such as routers, firewalls, and switches,
have security weaknesses that must be recognized and protected
against.
Prof. Mostafa Nofal

Potential
Vulnerabilities
Physical
Technology Policy Configuration Human
weakness
weakness weakness weakness weakness
3- Policy weakness
 Security policy weakness is a catchall phrase for company policies, or a
lack of policies, that inadvertently lead to security threats.
 The following policy issues that can negatively impact a computer
system:
1 No written security policy.
2 Lack of a disaster recover plan.
3 No policy for software and hardware additions or changes.
4 Lack of security monitoring.
5 Employment policies.
6 Internal policies.
Prof. Mostafa Nofal
Potential
Vulnerabilities
Physical
weakness
4- Configuration weakness
 Many network devices have default settings that ease of installation
without regard for security issues.
 Installation without correcting these settings may result in
problems.
 Network administrators need reconfigure the computing devices.
 Some common configuration issues include the following:
1 Ineffective access control lists failing to block intended traffic
2 Default, missing, or old passwords
3 Unneeded ports or services left active
4 User IDs and passwords exchanged in clear text
5 Weak or unprotected remote access through the Internet.
Prof. Mostafa Nofal
Potential
Vulnerabilities
Physical
weakness
5- Human weakness
 The people who administer and use the computer system represent the
greatest vulnerability of all.
 Human stupidity, carelessness, laziness, greed, and anger represent the
greatest threats to computer system security.
 Human vulnerabilities are the most difficult to defend against.
 If the administrator is poorly trained, or decides to take to a life of crime,
the system is in grave peril.
 Staff people can also be bribed or coerced into giving away passwords,
opening doors, or otherwise jeopardizing security in the system.
Prof. Mostafa Nofal

Meaning of Computer Systems

Security
Definition of Security
 It refers to the protection of computing assets and
computer network communication assets against:
1 abuse,
2 unauthorized use,
3 unavailability through intentional or
unintentional actions,
4 protection against undesired information
disclosure,
alteration, or misinformation.
Prof. Mostafa Nofal


Security
Fields of Computer Systems Security
 Computer systems security covers a lot of territory:
1 locking the computer room and the machine,
2 protecting login accounts with passwords,
3 using file protection to keep data from being destroyed,
4 encrypting network communications lines, and
5 using special shields to keep electromagnetic emanations
from leaking out of the computer.
Prof. Mostafa Nofal


Security
Interchangeable Terms
 The terms information or data security, computer systems
security and network security are used interchangeably.
 However, there are some subtle differences between
them. Data may be disclosed, abused, modified or damaged.
Intrusion may be performed
SW
OS
HW
message may be intercepted, modified or fabricated.

Hardware may be destructed
Malware may infect the system.
Prof. Mostafa Nofal


Security
 The differences lie in the approach to the subject, the
methodologies used and the areas of concentration.
Information or data security Computer system security
 It means protecting information  It can focus on ensuring the
and information systems from availability and correct operation

unauthorized access, use, of a computer system without
disclosure, disruption, concern for the information stored
modification, perusal, inspection, or processed.
recording or destruction.  It is the generic name for tools
 It is concerned with the designed to protect the processed
confidentiality, integrity and and stored data and to thwart
availability of data. hackers.
Prof. Mostafa Nofal


Security
 The differences lie in the approach to the subject, the
methodologies used and the areas of concentration.
Internet security
 In connection with the Internet,
Network security the term internet security is often

 It is the generic name for the used.
collection of tools designed to  It is the generic name for the
protect data during their collection of tools designed to

transmission. protect the resources of a private
network from users of other
networks.
Prof. Mostafa Nofal


Security Methods of providing security
System Data System

access System design
access control administration
control
1 System access control

 It refers to the process of ensuring that unauthorized users don't get into
the system, and forcing authorized users to be security-conscious.
 For example, changing their passwords on a regular basis.
 The system also protects password data and keeps track of who's doing
what in the system, especially if what they're doing is security-related
such as logging in, trying to open a file, using special privileges.
Prof. Mostafa Nofal


System Data System

control
2- Data access control

 It implies monitoring who can access what data, and for what purpose.
 The system might support discretionary access controls to determine
whether other people can read or change the respective data.
 The system might also support mandatory access controls.
 This allows the system to determine access rules based on the security
levels of the people, the files, and the other objects in the system.
Prof. Mostafa Nofal


System Data System

control
3- System and security administration

 This imposes performing the offline procedures that make or break a
secure system by clearly delineating system administrator responsibilities,
by training users appropriately, and by monitoring users to make sure that
security policies are observed.
 This also involves more global security management by figuring out what
security threats face the system and the cost to protect against them.
Prof. Mostafa Nofal


System Data System

control
4- System design
 This can be accomplished by taking advantage of basic hardware and
software security characteristics.
 For example, using a system architecture that is able to segment memory,
thus isolating privileged processes from non-privileged processes.
Prof. Mostafa Nofal

Importance of Computer
Security
1 To Avoid Malware's Damage
 The viruses and worms are the most common problem that
an organization faces.
 The organization may be exposed to viruses and worms as a
result of employees not following procedures.
 Viruses and worms generally are non-discriminating threats
that are released without targeting a specific organization.
Prof. Mostafa Nofal

Security
2- To Prevent Hacker's Sabotage
 The hackers deliberately access computer systems and
networks without authorization.
 The term hacking also applies to the act of exceeding
one’s
authority in a system.
 The process to gain access to a system takes
persistence
and dogged determination.
 The type of attackers has evolved over the years.
 The automated tools allow even novice attackers to
exploit Prof. Mostafa Nofal
Security
3- To Save Information Infrastructure
 Nations have increasingly become dependent on computer
systems and networks.
 This information infrastructure might be targeted by
terrorist organizations.
 Information may also be used as a weapon.
 This threat is characterized by longer period of
preparation,
financial backing, and organized group of attackers.
 The threat may include attempts not only to subvert
insiders but also to plant individuals inside of a
potential Prof. Mostafa Nofal
Security
4- To Combat Electronic Crimes and Fraud
 In a networked world, new generation of vandals and data
thugs do not need to have physical contact with the victim.
 Data can be easily copied, transmitted, modified or
destroyed.
 Thus, the scene of crime is a particularly difficult one.
 There are no traces, identification of the culprits is nearly
impossible, apprehension even more so and the legal
framework does not make adequate provision for justice in
this kind of crime.
Prof. Mostafa Nofal

Security
5- To Clear Responsibility
 Computer security is a multibillion dollar industry that
addresses a threat that now impacts everyone.
 If you use a computer of any kind, anywhere,
computer
security not only affects you, it is your responsibility.
 If your device is compromised, you could be an
unwitting
partner in crime, or at least a source of
inconvenience.
 you need to worry about power failures, natural disasters,
backups. Prof. Mostafa Nofal
Categories of
Attackers
Categories of attackers
Based on attacker's location Based on attacker's aim Based on attacker's skill
Insider Outsider
Professionals Armatures
Criminals Information warfare
Prof. Mostafa Nofal

Categories of
Attackers
1 Insiders
 An Insider is a legitimate user, but
2- Outsiders
 An outsider has no authorized access
attempts to obtain unauthorized
and wishes to enter into that network
access to data, system resources and
using security holes.
services or misuses authorized data.
 Those attackers can be further divided
 They are disgruntled or dishonest
into hackers and crackers.
employees or former employees.
 A hacker is a person with good IT
 They can do great damage due to
skills that can find security holes of
their internal access permissions and
the designed systems.
knowledge of corporate systems.
 A cracker can defeat anti-piracy
 Companies that experience incidents
protections and uses knowledge in an
of theft, or sabotage often find that
unethical way.
their own employees are the
culprits.
Prof. Mostafa Nofal
Categories of
Attackers
1 Wizard professional hackers 2- Amateurs

 They are top computer specialists and  Most hackers are amateurs with
highly skilled wizard Internet hackers. modest computer and net skills.
 They use sophisticated tools and  However, they are dangerous because
superb knowledge of networks to log they use automated attack programs

into specialized resources on written by wizard hackers.
corporate computers illegally.  They carry out less dangerous attacks
 They read sensitive files, steal than professionals do.

important information, or simply  They are called scriptkiddies as their
vandalize systems. attacks exploit the scripts containing

 They generate dangerous the codes aimed at misusing the
attacks for vulnerabilities of the systems.
the computer systems and
networks.
Prof. Mostafa Nofal
Categories of
Attackers
1 Criminals and espionage

 Criminal attackers steal credit card
2- Information warfare and
numbers, trade secretes, and other
cyberterrorism
important information for profit.
 They either sell this information or try
 Internet can be used for information
warfare by using computers instead of
to extort money from the victim.
 They include criminals working alone,
missiles to bomb enemy's crucial
information technology infrastructure.
members of organized crime gangs,
 Terrorists are likely to use the same
and industrial espionage spices who
type of attacks.
specialize in stealing high-value trade
 Amateur cyberterrorists may soon
secretes from corporations.
 Governments too engage in industrial
approach the damage levels of
information warfare.
espionage to help their industries.
Prof. Mostafa Nofal

History of Computer Security

System
Early days
Networked
systems
Prof. Mostafa Nofal

Goals of the Security

System
Aims of Attackers
 In today’s environment, the computer system encompasses
HW, SW, information, operations, peripherals, tx media,
people, and networks.
 The computer system attack may aim at three goals:
1 to theft of or damage to the hardware,
2 to theft of or damage to the information, or
3 to disrupt the service.
Prof. Mostafa Nofal


SystemGoals of the security system
Prevention of Detection of Containment Recovery from

the attack the attack of the Attack the Attack
1 Prevention of the attack

 Preventing the attack aims at getting that an attack being failed.
 Prevention involves implementation of mechanisms that users cannot
override.
 Preventative mechanisms often are very cumbersome and interfere
with
system use to the point that they hinder normal use of the system.
 But some simple preventative mechanisms, such as passwords, have
become widely accepted.
 Prevention mechanisms can prevent compromise of parts of the
system.
Prof. Mostafa Nofal


2- Detection of the attack

 Detecting an attack is most useful when an attack cannot be prevented.
 Detection mechanisms accept that an attack will occur; the goal is to
determine that an attack is underway, or has occurred, and report it.
 The attack may be monitored to provide data about its nature, severity,
and results.
 Detection mechanisms do not prevent compromise of parts of the system,
which is a serious drawback.
Prof. Mostafa Nofal



3- Containment of the attack

 It is not always possible to prevent attacks altogether.
 Thus, it is important to deploy mechanisms that help the administrator
manage or contain attacks while they are in progress.
 On the Internet, malicious traffic needs to be treated as a fact of life,
instead of as an error or exceptional condition.
 In the interim, the administrator needs to contain damage that can impact
the normal operation of the network.
Prof. Mostafa Nofal



4- Recovery from the attack

 The recovery from an attack may have two forms.
 The first is to stop an attack and to assess and repair the damage.
 As an example, if the attacker deletes a file, it should be recovered.
 Recovery is far more complex as the nature of each attack is unique.
 In some cases, retaliation is part of recovery.
 Recovery requires resumption of correct operation of the system.
 The second form of recovery is to keep the system functioning correctly
while an attack is underway.
Prof. Mostafa Nofal

Security
Domains
Security domains
Physical Operational Personal System Network

security security security security security
1 Physical security
 The Physical security is the protection of physical computer equipment
from damage by natural disasters and intruders.
 Physical security methods include old-fashioned locks and keys, as well as
more advanced technologies such as smart cards and biometric devices.
 It, therefore, ensures controlling the comings and goings of people and
materials.
Prof. Mostafa Nofal

Security
Domains
Security domains

2- Personal security
 It is important for organizations to have policies in place relative to their
employees.
 This encompasses hiring employees, background screening, training,
security briefings, monitoring, and handling departures.
 The organization needs to make sure that it hires individuals who can be
trusted with the organization’s data and that of its clients.
 Finally, policies must be developed to address the inevitable point in the
future when an employee leaves the organization.
Prof. Mostafa Nofal

Security
Domains
Security domains

3- System security
 This includes the following:
1 user access and authentication controls,
2 assignment of privilege,
3 maintaining file and file-system integrity,
4 backups, monitoring processes,
5 log-keeping, and
6 auditing.
Prof. Mostafa Nofal

Security
Domains
Security domains

4- Network security
 This ensures the following:
1 protecting network and telecommunications equipment,
2 protecting network servers and transmissions,
3 combating eavesdropping,
4 controlling access from untrusted networks,
5 firewalls, and
6 detecting intrusions.
Prof. Mostafa Nofal

Security
Domains
Security domains

5- Operational/procedural security
 This ensures covering everything from managerial policy decisions to
reporting hierarchies.
 Policies are high-level statements created by management that lay
out the
organization’s positions on particular issues.
 Policies describe mandatory activities but are not specific in their
details.
 Policies are focused on the result, not the methods for achieving it.
 Procedures are step-by step instructions that prescribe exactly how
employees act in a given situation or to accomplish a specific task.
Prof. Mostafa Nofal
DESIGN OF A
SECURE COMPUTER
SYSTEM
 Security Attacks
 Security Threats
Chapter 2  Security Services

 Design of a secure computer system.
CLO2
Prof. Mostafa Nofal

2
 Understand the security attacks and threats.
 Identify the main security services.
 Design a secure computer system.
Chapter 2
CLO2
Prof. Mostafa Nofal

Security
Attacks
Categories of security attacks
Interruption Interception Modification Fabrication
1 Interruption
 This is an attack on the availability of
system resources such as:
1 Server resources
2 Database and information
resources Information
Information Information
3 Local resources Source Destination
4 Network resources
 An asset of the system is destroyed or
becomes unusable.
Prof. Mostafa Nofal
Security
Attacks
Interruption
 Examples include:
1 destruction of a piece of hardware
such as a hard disk,
2 cutting the communication line, or Information
Information
Information
3 disabling the file management system. Source Destination
4 denial of service.
Prof. Mostafa Nofal

Security
Attacks
2- Interception
 This is an attack on confidentiality.
 Unauthorized party (person, program) Information
gains access to an asset. Source Destination
1 wiretapping to capture data

in a network, and
2 unauthorized copying of files Unauthorized
or programs. Party
Prof. Mostafa Nofal

Security
Attacks
Interception
 There are three routes of data Information
interception: Source Destination
1 Direct observation of display screens
or removing Information on USB
memory.
2 Interception of data transmissions. Unauthorized
3 Electromagnetic interception. Party
Prof. Mostafa Nofal

Security
Attacks
Interruption
Modification Fabrication
Interception
3- Modification
 This is an attack on data integrity. Information Information
 Unauthorized party gains access and Information Information

tampers with an asset. Source Destination
1 changing values in data files,

2 altering a program so that it
performs differently and Unauthorized
Party
3 modifying the content of
messages being transmitted in a
Prof. Mostafa Nofal
Security
Attacks
4- Fabrication
 This is an attack on authenticity. Information
 Unauthorized party inserts counterfeit Information Information

Source
objects into system. Destination
1 insertion of spurious messages

in a network or
2 addition of records to a file. Unauthorized
Party
Prof. Mostafa Nofal

Security Attacks and

Threats
Attacks and Threats
 A threat is a potential violation of security.
 The violation need not actually occur to be a threat.
 The fact that the violation might occur means that those
actions should be prevented or guarded against.
 Those actions are called attacks.
 Those who execute such actions are called attackers.
 Security services counter threats to the security of a
system.
Prof. Mostafa Nofal

Security
Threats
Categories of security threats
Passive Active
threats threats
Passive threats
 The attacker goal is just to obtain information and does not modify
data or harm the system.

 Passive attacks are in the nature of eavesdropping or monitoring of
transmissions
 A passive attacker only threatens the confidentiality of data.
 Passive attacks are very difficult to detect because they do not affect
the system or involve any alteration of data.

 It is feasible to prevent the success of these attacks.
Prof. Mostafa Nofal

Security
Threats
Passive Active
threats threats
Eavesdropping Traffic analysis
Prof. Mostafa Nofal

Security
Threats
1 Eavesdropping
 Network communications occur in an
unsecured, which allows an attacker

to read data.
 Eavesdropping may include stealing
e-mail messages, files, passwords,

and other information.
 Without strong encryption, data can
be read by others as it traverses the

network.
Prof. Mostafa Nofal

Security
Threats
2- Traffic analysis
 Examining messages may deduce
information from communication

patterns.
 It can be performed even when the
messages are encrypted.

 It provides information about location
and identity of hosts and observation

of frequency and length of messages.
 This may be useful in guessing the
nature of the communication.
Prof. Mostafa Nofal

Security
Threats
Passive Active
threats threats
Active threats
 Active attacks employ more overt actions on the network or system.
 They attempt to alter system resources or affect their operation.
 The adversary attempts to delete, add or alter transmission on channel.
 An active attacker threatens data integrity and authentication as well
as confidentiality.
 It is quite difficult to prevent active attacks absolutely.
 They can be easier to detect, but they can be much more devastating to
a network.
Prof. Mostafa Nofal

Security
Threats
Passive Active
1- Spoofing (mastqh ureea rtsade) threats
attacks
 It means one entity pretends to be a
different entity to gain access to masquerade Replay modification
system or to gain greater privileges. Denial of service Main in the

Persistent
middle
 A host (or a program or application)
Others
assumes the identity of a legitimate
network device (a host).
 A hacker will manipulate legitimate
data.
Prof. Mostafa Nofal

Security
Threats
Passive Active
2- Replay attacksthreats threats
 A valid data transmission is maliciously
or fraudulently repeated or delayed. masquerade Replay modification

 This is carried out either by the
Main in the
Denial of service Persistent
originator or by an adversary. middle
 This occurs after a hacker Others
captured
and altered a key part of a
message.
 By resending this message, a hacker
can often obtain valuable information,

or gain access to a system. Prof. Mostafa Nofal
Security
Threats
Passive Active
threats threats
3- Modification
masquerade Replay modification
 Modification of messages simply
Main in the
means that some portion of a Denial of service
middle Persistent
legitimate message is altered, or that Others
messages are delayed or reordered,

to produce an unauthorized effect.
Prof. Mostafa Nofal

Security
Threats
4- Denial-of- Active
servi
 TheyPcaessadesigne
are ivtetacks
tdhrteoatss hut threats
down or render inoperable a

system. masquerade Replay modification
 They occur when another program or
Main in the
Denial of service Persistent
node uses all its resources. middle
 It can crash the entire system. Others
 Mail bombing attack occurs if a user
receives a massive amount of e-mail.

 A SYN flood initiates but does not
complete the establishment of TCP.

 R. M. Worm invaded platforms, slowed
them and denied access. Prof. Mostafa Nofal

Security
Threats
Passive Active
threats threats
5- M a n in the middle attack
 An intruder intercepts connection masquerade Replay modification
between two parties, usually an end Main in the

Denial of service
middle Persistent
user and a website.
Others
 The attacker can use the information
accessed to commit identity theft or

other types of fraud.
Prof. Mostafa Nofal

Security
Threats
P a s s iv e Active
6- Advanced persthreats
i ste nt threats
threat
 An unauthorized person gains access
to a network and stays there masquerade Replay modification
undetected for a long period of time.
Main in the
 Its intention is to steal data rather
Denial of service
middle Persistent
than cause damage. Others
 Those attackers target high-value
information sectors as national

defense, manufacturing and financial
industry.
Prof. Mostafa Nofal

Security
Threats
7- Other threats Passive Active

threats
 There are othertmhreualttsiple threats
along many avenues of attack,
masquerade Replay modification
including:
 Social engineering to gain access Denial of service Main in the
Persistent
middle
through social means. Others

 War dialing uses a computer that
provide a path to corporate

network.
 Password guessing
 New threats are developed every time
as viruses, worms, Trojan horses, trap

Prof. Mostafa Nofal
Security
Services
Categories of security services
Confidentiality Authentication Integrity Nonrepudiation Access control Availability Accountability
1 Confidentiality (Privacy)
 It is the protection of the stored, processed or transmitted data from passive
attacks.
 It refers to the ability to keep things private/confidential.
Attacks threatening confidentiality

2 Spooning refers to unauthorized access to or interception of data.
3 Traffic analysis by monitoring online traffic to guess the nature of
transaction.
Prof. Mostafa Nofal

Security
Services
Confidentiality (Privacy)
 Classification of Information
 Organizations deal with many types of information of different importance.
 Factors that affect the classification of specific information include: 1- its value
to the organization, 2- its age, and 3- regulations govern protection.

 Information can be classified into: Confidential, Secret, and Top Secret.
 Businesses use categories such as: Publicly Releasable, Proprietary, Company
Confidential, and For Internal Use Only.

 A policy should describe how data be protected, who may access to it, who has
can release it, and how and when it should be destroyed.
Prof. Mostafa Nofal

Security
Services
Approaches to guarantee confidentiality

 Encryption
 Discretionary and mandatory access control techniques that identify

who may access to what resources and for what purpose.
 Public key cryptography and digital signatures.
Prof. Mostafa Nofal

Security
Services
2- Authentication
 It assures that a communication is authentic.
 First, at connection initiation, the service assures that two entities are
authentic.
 Second, the service must assure that the connection is not interfered with a
third party that masquerade as one of the two legitimate parties..

Attacks threatening authentication
 Masquerading or spoofing by impersonating somebody else.
 As example, attacker may steal card bank and PIN and pretends a customer.
Prof. Mostafa Nofal

Security
Services
Accomplishing authentication
 Authentication can be accomplished by telling the system who you are, and
the system proves that you are (or you aren't) who you claim to be.
 In security terms, this process is called identification and authentication.
 Identification is the way you tell the system who you are.
 Authentication is the way you prove to system that you are who you say.
 In any multi-user system, you must identify yourself, and the system must
authenticate your identity, before you can use the system.
Prof. Mostafa Nofal

Security
Services
Approaches to provide authentication

C on Nonrepudiation Access control Availability Accountability
1 -
 The most familiar example is a password.
fi d en ti a li ty
 The
Au t he n tic a ti
S o mtheory
e t h isingthat
yoif you
u k know
n o the
w secret password for an account, you must be
on Integrity
the owner of that account.
2- Something you have
 Examples of this approach are keys, tokens, badges, and smart cards you must
have to "unlock" your terminal or your account.

The theory is that if you have the key or equivalent, you must be the owner of
it. 3- Something you are

 Examples are physiological or behavioral traits, such as your fingerprint,
handprint, retina pattern, voice, signature, or keystroke pattern.

 Biometric systems can be used for checking.
Prof. Mostafa Nofal

Security
Services
3- Integrity (or accuracy)

 The term can be used either for the data or the system functioning as follows:
For Information or data:
 It means the ability to protect information, or data from unauthorized,
uncontrolled, or accidental alterations.

 It assures that messages are received as sent, with no duplication,
insertion,
modification, reordering, or replays.
 In addition, what is retrieved should be identical to what was stored.
 If a violation of integrity is detected, then the service could report this
violation.
 Intervention is required to recover from the violation.. Prof. Mostafa Nofal
Security
Services
Integrity (or accuracy)

 The term can be used either for the data or the system functioning as follows:
Integrity for functioning of a system:
 Integrity refers to the proper functioning of a system, or application.
 It ensures that the system behaves according to design, specifications, and
expectations even under adverse circumstances such as an attack or disaster.

 System integrity remains high under duress.
Prof. Mostafa Nofal

Security
Services
Attacks threatening integrity

1 Modification of data to benefit himself by deleting, delaying or changing
the contents of the message.
2 Replaying by sending a message again later to result in an unauthorized
effect.
Measures to assure data integrity
3 Backing up data is the most important step in preventing data loss.
4 For very important data, Redundant Array of Inexpensive Disks (RAID)
systems are used.
5 Virus protection should be used as no system is completely safe from viruses.
6 Public key cryptography and digital signatures are also crucial.
Prof. Mostafa Nofal
Security
Services
4- Non-repudiation
 It refers to ability to prevent individuals from denying that information, data, or
files were sent or received or accessed or altered, when in fact they were.
 When a message is sent, the receiver can prove that the message was in fact sent
by the alleged sender.

 Similarly, when a message is received, the sender can prove that the message
was received by the alleged receiver.

 This capability is crucial to e-commerce for example.
 Without it an individual or entity can deny that he is responsible for a transaction
and that he is, therefore, not financially liable.
Prof. Mostafa Nofal

Security
Services
Attacks threatening nonrepudiation

1 Repudiation of origin; an entity denied sending or creating a message.
2 Denial of receipt; an entity denied receiving a message.
Measures to assure non-repudiation
• This can implemented by adopting public key cryptography and digital signatures.
Prof. Mostafa Nofal

Security
Services
5- Access control
 This refers to the ability to control the level of access that individuals or entities
have to a network or system and how much information they can receive.
 Level of authorization determines what you're allowed to do once you are
authenticated and allowed access to a system, or information.
 It is the determination of the level of authorization to a system, or
information.
 To achieve this control, each entity trying to gain access must first be identified,
or authenticated.
 Access rights can be tailored to the individual.
Prof. Mostafa Nofal

Security
Services
Attacks threatening access control

1 Unauthorized access to data.
 This involves reading, writing, modifying, executing programs and so on.
Measures to provide access control

• An access control list (ACL) defines access privileges for a system.
• Discretionary access control (DAC),
• Mandatory access control (MAC),
• Role-based access control (RBAC),
• Rule-based access control (RBAC).
Prof. Mostafa Nofal

Security
Services
6- Availability
 System resources need to be available to authorized entities at legal times.
 Availability means that computer system's hardware and software keeps working
efficiently and that the system is able to recover quickly if a disaster occurs.
 The opposite of availability is denial of service where the users are unable to get
the system resources they need.

 The computer may have crashed.
 Needed disks, tapes, or printers may not be available.
 The unavailability of information is harmful as the lack of confidentiality or
integrity. Imagine customers could not access their accounts.
Prof. Mostafa Nofal

Security
Services
Attacks threatening availability

1 Denial of service may slow or totally interrupt the service.
 This can be achieved by sending so many bogus requests to crash the server.
 Attacker also might delete server response making client to believe that the
server is not responding.
Prof. Mostafa Nofal

Security
Services
7- Accountability
 This refers to the ability to track or audit what an individual or entity is doing on
a network or system.
 This allows the system to maintain a record of functions performed, files
accessed, and information altered.
Prof. Mostafa Nofal

Design of a Secure Computer

System
Secure computer system
Elements of a Secure system
The security system is designed so The secure system must comprise the
that it should be:
following:
1 An attack prevention system in
1 Physical security to prevent damage
order to block:
or theft.
a. Hacking the servers
2 Firewall to stop illicit messages.
b. Hacking the clients
3 Intrusion detection software.
c. Denial of service attacks
4 Password authentication.
d. Malicious content attacks
5 Discretionary access control.
e.Scanning attacks to get
6 Encryption of messages.
information about potential victims
7 Digital signature and hashing.
2 A secure communication system to
8 Antivirus software to
prevent interceptor from reading the
countermeasure malware.
transmitted messages.
Prof. Mostafa Nofal

Design of a Secure Computer

System
Digital
Firewall signature
Access
control
Data
SW
OS Encrypted
HW messages
Intrusion
Antivirus detection Internet
software
Password authentication
Physical security
Prof. Mostafa Nofal

PHYSICAL SECURITY
OF COMPUTER
SYSTEMS
 Physical Security Threats
 Physical and Environmental Security
 Physical Access Controls
Chapter 3  Fire Security and Safety

 Biometrics
CLO2
Prof. Mostafa Nofal

3
 Define the interrelation between physical security
and technology-oriented security.
 Appreciate the physical security threats.
 Implement the key physical security mechanisms.
 Compare between different physical access controls.
 Discuss the main principles and techniques of
Chapter 3 biometric systems.
CLO2
Prof. Mostafa Nofal

Computer Systems
Security
Computer systems security
Physical security Technology-based security
Physical environmental Encryption

Security
Firewall and proxy

Physical Access Control
Intrusion detection
Fire fighting
Antivirus
Biometrics
Authentication and
access control
Prof. Mostafa Nofal

Physical
Security
Relation between physical and technology-based security
 Computer systems security requires protection of both
logical and physical assets.
 Physical security protects physical resources as
people,
hardware, data transmission, storage, and processing.
 Most technology-based controls can be circumvented
if
attacker gains physical access to devices being
controlled.
 Physical security is just as important as logical security
to the computer system. Prof. Mostafa Nofal
Safety mechanisms Security mechanisms

Safety mechanisms deal Security mechanisms
with the protection of life address vandalism, theft,
and assets against fire, Physical and attacks by individuals.
natural disasters, and Security
devastating accidents.
1 Physical & environment

security
2 Physical access control
3 Fire Security and Safety
4 Biometrics
Prof. Mostafa Nofal
Physical Security
Threats
Examples of physical security threats
1 Exposing the system to extreme temperature conditions.
2 Exposing the system to war gases, commercial vapors, humid
or dry air, suspended particles, water, and chemicals.
3 Natural environmental threats such as floods, earthquakes,
storms and tornadoes.
4 Environmental anomalies as electrical surge or failure,
magnetism, static electricity, and aging circuitry.
5 Man-made threats as unauthorized access, explosions, damage,
errors, vandalism, fraud, theft, stealing equipment,
credentials, passwords, and laptops.
6 A competitor sneaking into a facility with a camera.
7 Physical attacks on individuals or property.
Prof. Mostafa Nofal

Physical Security
Responsibility
Responsible organization’s communities
Responsible communities
General Information Information

management technology management security management
1 General management
 General management is responsible for:
2 the security of the facility in which the organization is housed.

3 the policies and standards for secure operation.
 This includes:
4 exterior security,
5 fire protection,
6 building access,
7 other controls such as guard dogs and door locks.
Prof. Mostafa Nofal

Physical Security
Responsibility

2- Information technology management

 Information technology management and professionals are responsible for
environmental and access security in technology equipment locations, and
for the policies and standards that govern secure equipment operation.
 This includes:
1 access to server rooms,

2 power conditioning and server room temperature and humidity controls,
3 more specialized controls like static and dust contamination equipment.
Prof. Mostafa Nofal

Physical Security
Responsibility

3- Information security management

Information security management and professionals are responsible for:
1 risk assessments
2 reviewing the physical security controls implemented by the other
two groups.
Prof. Mostafa Nofal

Physical and Environmental

Security
Areas of physical and environmental security controls
Physical facility Operating location Supporting facilities
1 The physical facility

 The physical facility is usually the building, other structure, or vehicle housing
the system and network components.
 Systems can be characterized, based upon their operating location, as static,
mobile, or portable.
 Static systems are installed in structures at fixed locations.
 Mobile systems are installed in vehicles that perform the function of a
structure, but not at a fixed location.

 Portable systems are not installed in fixed operating locations.
 The physical characteristics of these structures and vehicles determine the
level of such physical threats as fire, roof leaks, or unauthorized access.
Prof. Mostafa Nofal


Security
Areas of physical and environmental security controls
Physical facility Operating location Supporting facilities
3- The supporting facilities

2- The geographic operating location  Supporting facilities are those
 The facility's general geographic
technical and human services that
operating location determines the
underpin the operation of the system.
characteristics of natural threats.  The system's operation depends on
 These may include natural disasters,
supporting facilities as electric power,
man-made threats such as burglary or
heating and air conditioning, and
interception of transmissions; and
communications.
damaging nearby activities, including  The failure of these facilities may
toxic chemical spills, explosions, fires,
interrupt system operation and cause
and electromagnetic interference.
physical damage to hardware or
data.
Prof. Mostafa Nofal
Physical Access
Control
Why physical access control?
 It aims at restricting entry and exit of personnel, equipment
and media from an area such as an office, data center, or
server room.
 It can include controlled areas, barriers that isolate each
area, entry points in barriers, and screening measures at
entry points.
 Staff members serve an important role in providing physical
security as they can challenge people they do not recognize.
Prof. Mostafa Nofal

Physical Access
Control
Physical access controls
Walls, fencing, and gates Dogs Guards Locks and keys
Identification cards and badges Electronic monitoring Alarm systems
Manual Programmable Electronic Biometric
Prof. Mostafa Nofal

Physical Access
Control
1 Walls, fencing, and gates
 The first line of defense is perimeter control at the site
location to prevent unauthorized access to the facility.
 Some of the oldest and most reliable elements of
physical
security are walls, fencing, and gates.
 Walls and fences with suitable gates are essential to
control
access of employees require to physical locations.
 These types of controls vary widely in appearance and
function to fulfill the security goals and proper image.
Prof. Mostafa Nofal
Physical Access
Control
Prof. Mostafa Nofal

Physical Access
Control
2- Guards
 Controls like fences and walls with gates are static, and are
therefore unresponsive to actions.
 Some are programmed to respond with specific actions to
specific stimuli, as opening for person who has correct key.
 Guards can evaluate each situation as it arises and make
reasoned responses.
 Most guards have clear standard operating procedures that
help them to act decisively in unfamiliar situations.
Prof. Mostafa Nofal

Physical Access
Control
3- Dogs
 Dogs are valuable part of physical security if they are
integrated into the plan and managed properly.
 Guard dogs are useful because their keen sense of
smell and
hearing can detect intrusions that human guards cannot.
 They can be placed in harm’s way when necessary to avoid
risking the life of a person.
 Security dogs go through intensive training to respond to a
wide range of commands and to perform many tasks.
 Dogs can hold an intruder smell smoke to alert others.
Prof. Mostafa Nofal
Physical Access
Control
4- Identification cards and badges
 An ID is typically concealed, whereas a name badge is visible.
 Both devices can serve a number of purposes:
1 they serve to authenticate access to the facility.
2 the IDs with magnetic strip can be read by automated
control devices to restrict access to sensitive areas.
 However, they are not foolproof and can be easily duplicated,
stolen, or modified.
 Because of this inherent weakness, such devices should not be
used as the only means of controlling access to restricted
areas.
Prof. Mostafa Nofal
Physical Access
Control
5- Locks and keys
 Locks are inexpensive access control mechanisms that are
widely accepted and used.
 They are considered delaying devices to intruders.
 There are two types of lock mechanisms: mechanical and
electromechanical.
 The mechanical lock may rely on a key or a dial.
 Electromechanical locks can accept a variety of inputs as
keys.
 This includes magnetic strips on IDs, radio signals from badges,
personal numbers typed to activate the locking mechanism.
Prof. Mostafa Nofal

Physical Access
Control
5- Locks may fail
 Sometimes locks fail, and thus facilities need to have
alternative procedures in place for controlling
access.
 These procedures must take into account that locks fail in one
of two ways: the door lock fails and the door becomes
unlocked.
Prof. Mostafa Nofal

Physical Access
Control
5- Categories of Locks
1 Manual locks are often preset by the manufacturer
and therefore unchangeable.
2 Programmable locks can be changed to allow key
changes.
3 Electronic locks can be integrated into alarm systems
and sensors to create various combinations of locking
behavior.
4 Biometric locks such as finger, palm, and hand readers,
iris and retina scanners, and voice and signature readers.
Prof. Mostafa Nofal

Physical Access
Control
5- Electronic monitoring
 Monitoring equipment can be used to record events in areas
where other types of physical controls are not practical.
 It includes closed-circuit television (CCT) systems that collect
constant video feeds, while others rotate input from a number
of cameras, sampling each area in turn.
 These video monitoring systems have some drawbacks:
1 they are passive and do not prevent access or activity.
2 there are no intelligent systems capable of reliably
evaluating a video feed.
Prof. Mostafa Nofal

Physical Access
Control
5- Electronic
monitoring
Prof. Mostafa Nofal

Physical Access
Control
5- Electronic monitoring
 To determine if unauthorized activities have occurred, a
security staff must:
1 constantly review the information in real time,
2 or review the information collected in video recordings.
 For this reason, CCT is most often used as an evidence
collection device rather than as a detection
instrument.
 In high-security areas such as banks, casinos, and shopping
centers, security personnel monitor CCT systems constantly.
Prof. Mostafa Nofal

Fire Security and

Safety
Fire fighting system
 The most important security concern is the safety of the people
present in an organization’s physical space.
 The most serious threat to that safety is fire.
 Fires account for more property damage, personal injury, and
death than any other threat to physical security.
 It is imperative to detect and respond to fires and fire
hazards.
 Fire suppression systems are installed and maintained to
detect and respond to a fire.
 Before a fire can be suppressed, however, it must be
detected.
Prof. Mostafa Nofal
Fire Security and

Safety
Fire fighting
system
Fire safety system
Fire detection system Fire suppression system

(automatic and manual) (portable, manual or automatic)
Thermal detector Smoke detector Flame detector
Fixed-temperature sensor Rate of rise sensor
Prof. Mostafa Nofal

Fire Security and

Safety
1 Fire detection
 Proper security remains in place until all employees and
visitors have been cleared from building.
 During the chaos of a fire evacuation, an attacker can
easily
slip into offices and obtain sensitive information.
 To prevent intrusions, fire safety programs often designate an
individual from each office area to serve as a floor monitor.
 Fire detection systems may be manual and automatic.
 Manual systems include human responses, such as calling the
fire department, as well as manually activated alarms.
Prof. Mostafa Nofal

Fire Security and

Safety
Three fire detection systems
1 Thermal detection systems
 These systems contain a heat sensor that operates in one of
the following two ways:
i. Fixed temperature sensors detect when the ambient
temperature in an area reaches a predetermined
level.
ii. Rate-of-rise sensors detect an unusually rapid increase in
the area temperature within a relatively short period of time.
 In either case, if the criteria are met, the alarm and
suppression systems are activated.
Prof. Mostafa Nofal
Fire Security and

Safety
Advantages of thermal detection systems
 The thermal detection systems are inexpensive and easy to
maintain.
Disadvantages of thermal detection systems
 Thermal detectors usually don’t catch a problem until it is
already in progress, as in a full-blown fire.
 Thermal detection systems are not a sufficient means of fire
protection in areas where human safety could be at risk.
 They are also not recommended for areas with high value
items.
Prof. Mostafa Nofal

Fire Security and

Safety
2- Smoke detection systems
 These systems are the most common means of detecting a
potentially dangerous fire.
 They are required by building codes in most residential
dwellings and commercial buildings.
Prof. Mostafa Nofal

Fire Security and

Safety
3- Flame detector
 The flame detector detects the infrared or ultraviolet light
produced by an open flame.
 It compares a scanned area’s light signature to a database of
known flame light signatures to determine whether or not
to
activate the alarm and suppression systems.
Prof. Mostafa Nofal

Fire Security and

Safety
Advantages of flame detector
 It is highly sensitive.
Disadvantages of flame detector
 It is expensive and must be installed where it can scan all
areas of the protected space.
 It is not typically used in areas with human lives at stake.
 Usage of flame detector
 It is quite suitable for chemical storage areas where normal
chemical emissions might activate smoke detectors.
Prof. Mostafa Nofal

Fire Security and

Safety
2- Fire suppression systems
 Fire suppression systems can consist of portable, manual, or
automatic apparatus.
 Portable extinguishers are used where direct application of
suppression is preferred, or fixed apparatus is impractical.
 Portable extinguishers are efficient for smaller fires as triggering
an entire building’s sprinkler systems can do a lot of damage.
 It is important to know the different types of fires and what should
be done to properly suppress them.
 Each fire type has a rating that indicates what materials are
burning and their suppression methods.
Prof. Mostafa Nofal

Fire Security and

Safety
Prof. Mostafa Nofal

Fire Security and

Safety
Prof. Mostafa Nofal

BIOMETRIC
S
Prof. Mostafa Nofal

Biometric
s
Biometric authentication
 It refers to the identification of humans by their characteristics
or traits.
 It is used as a form of identification and access control as well
as to identify individuals in groups that are under surveillance.
 Biometric identifiers are the distinctive, measurable
characteristics used to label and describe individuals.
 As biometric identifiers are unique to individuals, they are
more reliable in verifying identity than token-based methods.
 Biometrics verifies an individual’s identity by analyzing a
unique personal attribute or behavior.
Prof. Mostafa Nofal

SecurityCategories of biometric identifiers
physiological characteristics Behavioral characteristics
1 Physiological characteristics
 Physiological characteristics are 2- Behavioral characteristics
related to the shape of the body.  Behavioral characteristics are related
 Examples include, but are not limited to the pattern of behavior of a person,
to fingerprint, face recognition, DNA, including but not limited to typing
palm print, hand geometry, iris rhythm, gait, and voice.
recognition, retina and odour or sent.  Behavioral is “what you do”.
 Physiological is “what you are”.
Prof. Mostafa Nofal

Biometric
s
Criteria for choosing biometrics
 Many different aspects of human physiology, chemistry or
behavior can be used for biometric authentication.
 The selection of a particular biometric for use in a specific
application involves a weighting of several factors.
 Seven factors can be used when assessing the suitability of any
trait for use in biometric authentication.
Prof. Mostafa Nofal

Biometric
s
1 Universality
 It means that every person using a system should possess the
trait.
2- Uniqueness
 It means the trait should be different for individuals in relevant
population so that they can be distinguished from one
another.
3- Permanence
 A trait with 'good' permanence will be reasonably invariant
over time with respect to the specific matching
algorithm. Prof. Mostafa Nofal
Biometric
s
4- Measurability (collectability)
 It relates to the ease of acquisition or measurement of the
trait.
5- Performance
 It relates to the accuracy, speed, and robustness of technology
used.
6- Acceptability
 It relates to how well individuals accept the technology such
that their biometric trait captured and assessed.
Prof. Mostafa Nofal

Biometric
s
7- Circumvention
 It relates to the ease with which a trait might be imitated using
an artifact or substitute.
Prof. Mostafa Nofal

Biometric
s
Advantages of biometrics
1 Accuracy
 Biometrics is one of the most effective and accurate methods
of verifying identification.
 Two assumptions underlie this belief:
2 Biometric device is accurate in the environment in which it
is used.
3 The transmission from the biometric device to the
computer's analysis process is tamperproof.
2- Ease of use
Prof. Mostafa Nofal

Biometric
s
Disadvantages of biometrics
1 Expensive
 Biometrics is the most expensive method of verifying a
person’s identity.
2- Unacceptability
 People reject them as being intrusive, time-consuming, or even
dangerous as retina identification.
3- Time inadaptable
 Biometrics depends upon unique traits of living things there
are notorious for not remaining the same.
Prof. Mostafa Nofal

Biometric
s
Rank of biometrics based on
effectiveness
 Retina pattern
 Fingerprint
 Handprint
 Voice pattern
 Keystroke pattern
 Signature
Prof. Mostafa Nofal

Biometric
s
Rank of Biometrics based on social
acceptance
 Keystroke pattern
 Signature
 Voice pattern
 Handprint
 Fingerprint
 Retina pattern
Prof. Mostafa Nofal

Biometric
1 Fingerprint
Systems
 Everybody has a unique set of fingerprints.
 Fingerprint verification systems examine unique characteristics
of the fingerprints to determine whether or not to allow access.
 The detailed features of the print are called minutiae.
 It is the distinctiveness of these minutiae that gives each
individual a unique fingerprint.
 A person places one finger on a glass plate.
 Light flashes inside the machine, reflects off the
fingerprint,
and is captured by a scanner.
 System allows access only if fingerprint matches the
template. Prof. Mostafa Nofal
Biometric
Systems
1-
Fingerprint
Prof. Mostafa Nofal

Biometric
Systems
1 Fingerprint
 Because, the cameras needed to optically scan the fingerprints are
bulky, another approach can be used.
 A capacitative technique uses differences in electrical charges of
the whorls on the finger to detect those parts of the finger
touching a chip and those raised.
 The data is converted into a graph.
 At this point, determining matches becomes a problem of graph
matching.
Prof. Mostafa Nofal

Biometric
Systems
1 Fingerprint
 A sophisticated system performs a 3D analysis of the fingerprint
including infrared mechanisms for ensuring that a pulse is
present.
 This means that an intruder can't gain entry by presenting a mold
of an authorized user's finger.
 Fingerprint systems are accepted by users in criminal justice
organizations, military, high-security organizations and
banks.
Prof. Mostafa Nofal

Biometric
Systems
Disadvantages of fingerprints
1 They are slower than certain other types of biometric systems.
2 Their ability to work properly depends on the condition of the
fingers being presented (burns, dust, grease, glue).
3 Gelatin coatings can allow someone to "forge" a fingerprint.
Prof. Mostafa Nofal

Biometric
Systems
2- Retina pattern
 Everybody has a unique retinal vascular pattern in the backside
of the eyeball.
 Retina pattern verification systems examine the unique
characteristics of an individual's retina.
Prof. Mostafa Nofal

Biometric
Systems
2- Retina pattern
 A system uses an IR beam to scan the retina, measuring the
intensity of light reflected and producing a digital profile of
the blood vessel patterns in the retina.
 Retina systems are very reliable as it is affected only by very
serious injuries and a few rare diseases.
 They have been used in national labs, office buildings, and
prisons, but they are not well-accepted as access
devices.
 Retina systems seem to be the most threatening.
Prof. Mostafa Nofal

Biometric
Systems
3- Iris scan
 Iris scan looks at the colored part of the front of the eye that
surrounds the pupil.
 The iris has unique patterns, rifts, colors, rings, coronas, and
furrows.
 The uniqueness of these characteristics is captured.
Prof. Mostafa Nofal

Biometric
Systems
3- Iris scan
 Iris scans are the most accurate.
 The iris remains constant through adulthood, which reduces
errors that can happen during the authentication process.
 Sampling the iris offers more reference coordinates than any
other type of biometric.
 Iris is much easier to image.
 Iris scans may provide a feasible biometric where retina scans
still meet resistance.
Prof. Mostafa Nofal

Biometric
Systems
4- Palm scan
 The palm has many aspects that are used to identify an
individual.
 The palm has creases, ridges, and grooves throughout
that are
unique to a specific person.
 The palm scan also includes the fingerprints of each
finger.
 An individual places his hand on the biometric device, which
scans and captures this information.
Prof. Mostafa Nofal

Biometric
Systems
4- Palm
scan
Prof. Mostafa Nofal

Biometric
s
5- Handprint (geometry and topology)
 Everybody has a unique handprint or hand geometry.
 The shape of a person’s hand (the length and width of the hand
and fingers) defines hand geometry.
 A person places his hand on a device that has grooves for each
finger with glass between.
Prof. Mostafa Nofal

Biometric
s
5- Handprint
 A sensor beneath the plate scans the fingers, recording light
intensity from an overhead light, and measuring fingers
from tip to palm.
 The information is digitized and compared against a handprint
template stored in the system.
 The system compares the geometry of each finger, and the
hand as a whole, to the reference information to verify identity.
Prof. Mostafa Nofal

Biometric
s
5- Handprint
 Also, hand topology looks at the different peaks and valleys of
the hand, along with its overall shape and curvature.
 This attribute is not unique enough to authenticate individuals
by itself and is used in conjunction with hand geometry.
Prof. Mostafa Nofal

Biometric
s
5- Handprint
 The older handprint systems examined finger length and the
thickness and curve of the webbing between fingers.
 The newer systems examine a whole set of topographical
characteristics, such as the depth of skin creases in the
palm.
 The technology is accepted because it's not considered to be as
intrusive as other types of biometric systems.
 Handprint systems are less reliable than fingerprint systems.
 Like fingerprint systems, their ability to work properly depends
on the physical condition of the hand.
Prof. Mostafa Nofal

Biometric
s
6- Facial scan
 People have different bone structures, nose ridges, eye widths,
forehead sizes, and chin shapes.
 These are all captured during a facial scan and compared to an
earlier captured scan held within a reference record.
 If the information is a match, the person is positively
identified.
 The correlation is affected by the differences in the lighting, by
distortion, by "noise," and by the view of the face.
Prof. Mostafa Nofal

Biometric
s
7- Voiceprint
 Voice verification systems examine the unique characteristics
of individual's voiceprint.
 Some systems also examine phonetic and linguistic patterns.
 With a voice verification system, the individual speaks a
particular phrase.
 The system converts the acoustic strength of a speaker's voice
into component frequencies and analyzes their
distributions.
Prof. Mostafa Nofal

Biometric
s
7- Voiceprint
 Voice systems are accepted in banks (particularly vaults),
credit card authorization centers, and certain ATMs.
 Their ability to work properly depends to some extent on
the
physical condition of the larynx.
 Respiratory diseases, injuries, stress, and background noises
may affect the system's ability to match a voiceprint.
Prof. Mostafa Nofal

Biometric
s
8- Signature dynamics
 When a person signs a signature, usually they do so in the
same manner and speed each time.
 Signing a signature produces electrical signals that can be
captured by a biometric system.
 The physical motions performed when someone is signing a
document create these electrical signals.
 The signals provide unique characteristics that can be used to
distinguish one individual from another.
Prof. Mostafa Nofal

Biometric
s
 Signature verification systems examine unique characteristics
of individuals signature, and the way of writing their
signature.
 With a signature verification system, the individual signs his
name using a biometric pen attached to a workstation.
 The pen or the pad converts the signature into a set of
electrical signals that store the dynamics of the signing process.
Prof. Mostafa Nofal

Biometric
s
 It may also analyze various timing characteristics, such as pen-
in-air movements, that are unique to the individual.
 Signature dynamics provides more information than a static
signature.
 Signature dynamics is different from a digitized signature.
 Signature systems are accepted because people are
accustomed to having their signatures
scrutinized.
 Such systems are also much cheaper than others.
Prof. Mostafa Nofal

Biometric
s
9- Keystroke dynamics
 Keyboard dynamics captures electrical signals when a person
types a certain phrase.
 As a person types a specified phrase, the biometric system
captures the speed and motions of this action.
 Each individual has a certain style and speed, which translate
into unique signals.
 This type of authentication is more effective than typing in a
password, because a password is easily obtainable.
 It is much harder to repeat a person’s typing style.
Prof. Mostafa Nofal

Biometric
9- Keystroke dynamics
s
 The system requires a signature based on keystroke intervals,
pressure, duration, and where the key is struck.
 This signature is unique as written signatures.
 Keystroke recognition can be both static and dynamic.
 Static recognition is done once, at authentication time, and
usually involves typing of a fixed or known string.
 Dynamic recognition is done throughout the session, so the
aforementioned attack is not feasible.
 Keystroke doesn't require a separate verification cycle and it
wins wide acceptance.
Prof. Mostafa Nofal
CRYPTOGRAPH
Y
 Conventional encryption methods
 Character-level encryption
 Bit-level encryption
 Conventional encryption algorithm (DES)
Chapter 4  Public-key encryption

 RSA algorithm
CLO3
Prof. Mostafa Nofal

4
 Differentiate between ciphering approaches.
 Encipher data using character-level conventional
encryption.
 Understand the operation of bit-level ciphering.
 Explain the operation of DES algorithm.
 Understand the operation of public-key
Chapter 4 ciphering.
 Apply RSA algorithm for data ciphering.
 Specify the main features and types of hash
CLO functions.
3
Prof. Mostafa Nofal
Cryptography system Conventional

Cryptography
Data security techniques
Steganography Character-level encryption
Security model Cryptography Bit-level encryption
Types of Cryptography Conventional algorithms
Crypt analysis
Public-key
cryptography
RSA
Hash function
Prof. Mostafa Nofal

Data Security
Techniques
Data security techniques
Cryptography Steganography
Cryptography Steganography
 Cryptography means secrete writing.  Steganography means covered
 It refers to the art of transforming writing.
messages to make them secure and  It refers to concealing the message
immune to attacks. itself by covering it with something

 It involves three distinct mechanisms: else.
symmetric-key encipherment,  It is possible to insert secrete binary
asymmetric-key encipherment, and information into data during

hashing. digitization process.
Prof. Mostafa Nofal

Steganography
Objective of Steganography
 It hides information either for secrecy or to protect
copyright, prevent tampering or add extra information.
Text Cover
 We can use single space between words to represent bit
0 and double space to represent bit 1.
Example:
 Consider the ASCII code of letter A: 01000001.
 Thiscourseisintendedtoprovidedatasecuritybasics.
 0 1 0 0 0 0 0 1
Prof. Mostafa Nofal

Steganography
Image Cover
 Secrete data can be covered under a color image.
 Images are made of pixels, each of 3 bytes.
 In LSB method, LSBs are set to 0s.
 The ASCII code of the character is inserted in LSBs.
Example:
 Consider the ASCII code of letter M: 01001101.
 This can be hide in 3 pixels.
 01010011 10111100 01010101 01100101 10111100
01011110 00010101 01001010 01111110
Prof. Mostafa Nofal

A Model for a Data Security

System
Trusted Third Party
e.g., Distributor of secret
information
Principal Principal
Message Message
Security Security
related Channel related
transformation transformation
Secret Secret
information information
Opponent
Prof. Mostafa Nofal


System
Security System
 The two parties (principals) must cooperate for the
exchange of the message.
 A channel is established by the two principals.
 It is desirable to protect the information transmission from
an opponent who may present a threat.
 All the techniques for providing security have
three
components.
Prof. Mostafa Nofal


System
Three Components of the Security System
1 A security-related transformation of information to be sent.
 Encryption of message to be unreadable by opponent.
Addition of a code to verify the identity of the
sender. 2- Some secret information shared by the two
principals and
unknown to the opponent.
 An example is an encryption key.
3- A trusted third party for distributing secret information to
the two principals.
Prof. Mostafa Nofal

System
Four Basic Security Tasks
1 Design an algorithm for performing the security-related
transformation.
2 Generate the secret information to be used with the
algorithm.
3 Develop methods for the distribution and sharing of the
secret information.
4 Specify a protocol for principals to use security algorithm
and secret information to achieve security service.
Prof. Mostafa Nofal

Cryptography
Cryptography
Arrangement
Ke Kd
Encryption Network Decryption Receiver

Sender Algorithm Algorithm
Plaintext Plaintext
Network
Ciphertext
Prof. Mostafa Nofal

Categories of
Cryptography
Encryption/Decryption
Conventional methods Public-key methods
Character-level Bit-level
encryption encryption
Prof. Mostafa Nofal

Conventional
Cryptography
Secrete key shared by
sender and recipient
Encryption Network Decryption

Sender Algorithm Algorithm Receiver
Plaintext Transmitted Plaintext

Input Ciphertext Output
Prof. Mostafa Nofal

Conventional
Cryptography
Ingredients of Conventional Cryptography
1 Plaintext
The original message that is fed into the algorithm as
input. 2- Encryption algorithm
It transforms the plaintext to a
ciphertext. 3- Secret key
 Transformations performed depend on
that key.
4- Ciphertext
It is the scrambled message produced as
output. 5- Decryption algorithm
 It is the encryption algorithm run in reverse to produce
plaintext from the ciphertext.
Prof. Mostafa Nofal
Conventional
Cryptography
Properties
1 It was the only type of encryption in use till the late 1970s.
2 The encryption and decryption keys (Ke), (Kd) are the same and
should be kept secrete.
3 It is also referred to as symmetric encryption, secret-key,
or single-key encryption.
4 The Decryption algorithm is the inverse of the Encryption
algorithm.
5 Any one who knows the encryption algorithm and key
can deduce the decryption algorithm.
6 For m users, the number of required keys is [m×(m-1)]/2.
Prof. Mostafa Nofal
Conventional
Cryptography
Methods of exchanging the key
1 The two principals can meet once and exchange the key
face-to-face.
2 They can trust a third party to give them the same key.
3 They can create a temporary secrete key using asymmetric
key cipher.
Prof. Mostafa Nofal

Conventional
Cryptography
Requirements for secure encryption
1 We need a strong encryption algorithm.
 An opponent who knows the algorithm and ciphertext
should not deduce the key or decipher the ciphertext.
2- Sender and receiver must have copies of the secret key in a
secure fashion and must keep the key secure.
Prof. Mostafa Nofal

Kerckhoff’s
Principle
States that
 We do not need to keep the algorithm secret; we need to
keep only the key secret.
 The strength of the cipher to attack must be based only
on
the secrecy of the key.
 The key domain should be so large to make guessing the
key is so difficult.
Prof. Mostafa Nofal

System
Security
The security of the system should depend entirely on:
1 Keeping the key secrete.
2 The length (in bits) of the key itself.
It is usually a good indicator of the work factor required to
crack the ciphertext by trying every possible key in turn
"called an exhaustive search or brute force attack".
Prof. Mostafa Nofal

Cryptanalysi
s
Meaning of Cryptanalysis
 Cryptanalysis is the science and art of breaking the ciphers.
 It refers to the process of attempting to discover the
plaintext or key.
 The strategy of cryptanalysis depends on the encryption
scheme and the information available to the cryptanalyst.
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
Cryptanalysis attacks
Ciphertext-only Known plaintext Chosen plaintext Chosen ciphertext
Brute-force attack Statistical attack Pattern attack
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
1 Ciphertext-only attack
 Attacker has access only to some ciphertext.
 He tries to find the key and the plaintext.
User A User B
Plaintext
Attacker
Analyze
Ciphertext
Ciphertext Ciphertext
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
b. Ciphertext-only Statistical attack

a. Ciphertext-only Brute-force attack  It can benefit from statistical
 It is also called exhaustive-key-
characteristics of language.
search attack.  For example, the most-used
 Attacker tries to use all possible
character in ciphertext is
keys until the plaintext make
assumed as E.
sense.  To prevent it, the cipher should
 To prevent it, the number of
hide the characteristics of the
possible keys must be very large.
language.
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
c. Ciphertext-only Pattern attack

 It can benefit from the patterns
created in ciphertext.
 These patterns can be used to
break the cipher.

 To prevent it, the cipher should
look as random as possible.
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
2- Known Plaintext Attack
 Attacker has access to some plaintext/ciphertext pairs in
addition to ciphertext he wants to break.
User A Previous pair User B
Plaintext
Plaintext
Attacker
Analyze
Ciphertext
Ciphertext
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
2- Known Plaintext Attack
 Attacker uses the relationship between the previous pair
to analyze the current ciphertext assuming that the key
has not been changed.
 It is less likely to happed because the key is usually
changed.
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
3- Chosen Plaintext Attack
 Attacker has access to A’s computer and choose some
plaintext and intercept the created ciphertext.
User A
Plaintext
Plaintext
User B
Attacker
Ciphertext
Analyze
Pair created
from chosen Ciphertext
ciphertext
Prof. Mostafa Nofal

4 Cryptanalysis
Methods
4- Chosen Ciphertext Attack
 Attacker chooses some plaintext and decrypts it to form a
ciphertext/plaintext pair by access to B’s computer
User A Plaintext User B
Plaintext
Attacker
Ciphertext
Analyze
Pair created
Ciphertext from chosen
ciphertext
Prof. Mostafa Nofal

Strength of
Cryptosystem
Measure of Strength of Cryptosystem
 An encryption scheme is computationally secure if the
ciphertext meets one or both of the following criteria:
1 The cost of breaking the cipher exceeds the
value of
the encrypted information.
2 The time required to break the cipher exceeds
the
useful lifetime of the information.
Prof. Mostafa Nofal

Conventional
Cryptography
Conventional Encryption
Character-level encryption Bit-level encryption
Substitutional Transpositional Encoding/decoding
Permutation
Mono-alphabetic Exclusive OR
Rotation
Poly-alphabetic
Prof. Mostafa Nofal

Conventional
Cryptography
2- Bit-level encryption
1 Character-level encryption
 In this method, the data as text,
 In this method, encryption is
graphics, audio, or video are first
done at character level.
divided into blocks of bits.
 There are two general methods
 Then bits are altered by
for character-level encryption:
encoding/decoding, permutation,
substitutional and
substitution, exclusive OR,
transpositional.
rotation, and so on.
Prof. Mostafa Nofal

CHARACTER -LEVEL
ENCRYPTION
Prof. Mostafa Nofal

Substitutional
Ciphering
 This is the simplest and oldest technique.
 Each character in the message is replaced by another using
some rule.
 In monoalphabetic substitution, each character is replaced
by another character in the set.
 The elation between letters in plaintext and ciphertext is
one-to-one.
Prof. Mostafa Nofal

Substitutional
Ciphering
Simple Monoalphabetic Encryption
 The encryption algorithm simply adds a number to the
ASCII code of the character.
 The decryption algorithm simply subtracts the same number
from the ASCII code.
 K e and K d are the same and define the added or subtracted value.
 If letters of the alphabet were shifted by 3 positions, hence
A becomes D, B becomes E, etc.
 If the substituted character is beyond the last character
(Z), we wrap it around.
Prof. Mostafa Nofal

Substitutional
Ciphering
Example of Simple Monoalphabetic
Encryption
Ke=3 Kd=3
Decryption Encryption
Algorithm Algorithm
Source Destination
Add Ke Subtract Kd
Plaintext Input Transmitted Ciphertext Plaintext Input
DEAR DEAR FRIEND GHDU GHDU IULHQG DEAR DEAR FRIEND
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
Numerical Monoalphabetic Encryption
 To be able to apply mathematical operations, we assign a
numerical value to each letter.
a b c d e f g h i j k l m n o p q r s t u v w x y z
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Types of Monoalphabetic Ciphers
Additive Cipher Multiplicative Cipher Affine Cipher mapping Cipher
Prof. Mostafa Nofal

Monoalphabetic
1 Additive CipherCiphers
 It is the simplest.
 It is also called a shift cipher or Caesar cipher.
User A User B
Plaintext
Plaintext
P P
K K
C = (P + k) mod 26 P = (C - k) mod 26
C
C
Encryption
C
Decryption
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
1 Additive Cipher: Example 1
 Use the additive cipher with K=15 to encrypt “hello”.
Plaintext Operation Ciphertext

h  07 (07+15) mod 26 22  W
e  04 (04+15) mod 26 19  T
l  11 (11+15) mod 26 00  A
l  11 (11+15) mod 26 00  A
o  14 (14+15) mod 26 03  D
 The result is “WTAAD”
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
1 Additive Cipher: Example 2
 Use the additive cipher with K=15 to decrypt “WTAAD”.
Ciphertext Operation Plaintext
W  22 (22-15) mod 26 07  h
T  19 (19-15) mod 26 04  e
A  00 (00-15) mod 26 11  l
A  00 (00-15) mod 26 11  l
D  03 (03-15) mod 26 14  o
 The result is “hello”.

 Note that: Operation is in modulo 26: (-15 becomes 11).
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
2- Multiplicative Cipher
 It is also called a shift cipher or Caesar cipher.
User A User B
Plaintext Plaintext
P P
K K
C = (P × k) mod 26 P = (C / k) mod 26
C
C C
Encryption Decryption
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
2- Multiplicative Cipher: Example 1
 Use the multiplicative cipher with K=7 to encrypt “hello”.

h  07 (07×7) mod 26 23  X
e  04 (04×7) mod 26 02  C
l  11 (11×7) mod 26 25  Z
l  11 (11×7) mod 26 25  Z
o  14 (14×7) mod 26 20  U
 The result is “XCZZU”
Prof. Mostafa Nofal

Monoalphabetic
3- Affine Cipher
Ciphers
 It is a combination of additive ciphers with key K 1 and
multiplicative cipher with key K 2 applied one after another.
User A User B
C = [(P × k1)+ k2] mod 26

Plaintext Plaintext
P P = [(C – k2 )× k1 -1] mod 26
P
K1 K1
T = (P × k1 ) mod T = (P × k1 -1) mod 26
26 K2
C = (T + k 2) mod 26 C = (T - k2) mod 26 K2
C
C C
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
3- Affine Cipher: Example
 Use an affine cipher with K=(7,2) to encrypt “hello”.

h  07 [(07×7)+2] mod 26 25  Z
e  04 [(04×7)+2] mod 26 04  E
l  11 [(11×7)+2] mod 26 01  B
l  11 [(11×7)+2] mod 26 01  B
o  14 [(14×7)+2] mod 26 22  W
 The result is “ZEBBW”
Prof. Mostafa Nofal

Monoalphabetic
Ciphers
4- Random Mapping Cipher
 This cipher creates a mapping between each plaintext
character and the corresponding ciphertext character.
 The two users can agree on a mapping table.
plaintext a b c d e f g h i j k l m n o p q r s t u v w x y z
Ciphertext N K M T R O U C F A X D Q G Y E J H V I B L P Z S W
 He
nc
e,
the
wo Prof. Mostafa Nofal
Monoalphabetic
Ciphers Ciphers
Cryptanalysis of monoalphabetic
 Monoalphabetic substitution is very simple.
 But the code can be broken easily by snoopers because it
cannot hide the natural frequencies of characters.
 In English, the most frequently used characters are E, T,
A.
 Accordingly, this cipher can be broken easily by using
statistical characteristics of the languages as:
 Letter frequencies, Trigrams (eg., the, and) are
common.
 Some words may be more likely in the particular
context. Prof. Mostafa Nofal
Monoalphabetic
Ciphers
Statistical Characteristics of
Letters
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
Statistical Characteristics of Letters
 Each character can have a different substitute.
 The relationship between a character in plaintext to
character in ciphertext is one-to-many.
 It hides the letter frequency of the language.
 Each ciphertext character depends on both the plaintext
character and the position of the character in plaintext.
Types of polyalphabetic Ciphers
Keyless Cipher Autokey Cipher Playfair Cipher Vigenere Cipher
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
1 Keyless Cipher
 This is the simplest polyalphabetic cipher.
 Find the position of the character in plaintext and use that
value as the key.
Ke= position Kd=Position
Decryption Encryption
Algorithm Algorithm
Information
Information
Add Ke Subtract Kd Destination
Source
Plaintext Input Transmitted Ciphertext Plaintext Input
DEAR DEAR FRIEND EGDV JLIA QDVSCT DEAR DEAR FRIEND
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
Security of Keyless Cipher
 The two occurrences of "DEAR" are encrypted differently.
 In this way, the frequencies of the characters are not
preserved and it is more difficult to break the code.
 Polyalphabetic substitution is not very secure either.
 The reason is that the order of characters in "EGDV" and
"JLIA" is still the same.
 The code can easily be broken by a more experienced
snooper.
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
2- AutoKey Cipher
 The key is a stream of subkeys that encrypt characters.
 The first subkey is a predetermined value secretly agreed by
the two parties.
 Second subkey is the value of the first plaintext character.
 Third subkey is the value of the second plaintext character.
P = P 1 P2 P3 … C = C1 C2 C3 … K = K 1 P1 P2 …
Ci = (Pi + Ki ) mod 26 Pi = (Ci - Ki ) mod 26
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
2- AutoKey Cipher: Example
 Use an autokey cipher with initial key K1=12 to encrypt
“Attack is today”.
Plaintext a t t a c k i s t o d a y
P’s Value 00 19 19 00 02 10 08 18 19 14 03 00 24
Key
12 00 19 19 00 02 10 08 18 19 14 03 00
stream
C’s Value 12 19 12 19 02 12 18 00 11 7 17 03 24
Ciphertext M T M T C M S A L H R D Y
 The result is “MTMTCMSALHRDY”
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
3- Playfair Cipher
 It was used by British army during World War I.
 The secrete key is made of 25 alphabet letters arranged in a
(5x5) matrix.
 Different arrangements of letters in a matrix can be
created.
L G D B A
Q M H E C
U R N I/J F
X V S O K
Z Y W T P
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
3- Playfair Cipher
 Plaintext is arranged in two-letters pairs.
 If 2 letters in pair is the same, a bogus letter is inserted.
 If the two letters are located in the same row, the cipher is
the next letter to the right in the same row.
 If the two letters are located in the same column, the cipher
is the letter beneath it the same column.
 If the two letters are not in the same row or column, the
cipher is the letter that is in its row but in the same column
as the other letter.
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
3- Playfair Cipher: Example 1
 Use the key in table to cipher “hello”.
 Group letters in two-character pairs, we get: “he, ll, o”.
 We need to insert an x between the two l’s as: “he, lx, lo”
 Encrypting will give:
 he  EC lx  QZ lo  BX.
 The result is: “ECQZBX”. L G D B A
Q M H E C
U R N I/J F
X V S O K
Z Y W T P
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
3- Playfair Cipher: Example 2
 Encrypt the word “Saudi” with the key:
“College of Computer”.
 Start the table with the key without duplication of
characters and then complete with remaining alphabets.
 Group letters in two-character pairs, we get: “sa, ud, ix”.
 Encrypting will give: C o l e g
 Sa  KH ud ix  NV. f m p u t
 DQ r a b d h
I/J k n q s
 The result is: “KHDQN”.
v w x y z
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
4- Vignere Cipher
 It was invented by sixteenth century French mathematician
Blaise de Vigenere.
 The key stream is a repetition of an initial secrete key
stream of length m.
 Vigenere key stream does not depend on the plaintext
character, it depends only on the position of the character.
 The key stream can be created without knowing what the
plaintext is.
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
4- Vignere Cipher: Example 1
 Use Vigenere cipher to encrypt the message “She is
listening” using keyword “PASCAL”.
 The initial key stream is (15, 00, 18, 02, 00, 11).
Plaintext s h e i s l i s t e n i n g
P’s Value 18 07 04 08 18 11 08 18 19 04 13 08 13 06
Key
15 00 18 02 00 11 15 00 18 02 00 11 15 00
stream
C’s Value 07 07 22 10 18 22 23 18 11 06 13 19 02 06
Ciphertext H H W K S W X S L G N T C G
Ci = (Pi + K i ) mod 26
Prof. Mostafa Nofal

Polyalphabetic
Ciphers
4- Vignere Cipher: Vignere Tabuleau
 Another way of Vigenere cipher is through Vigenere tableau.
Plaintext  a b c d e f g h i j k l m n o p q r s t u v w x y z
A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
Key character
C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D
F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
 Use the word “PASCAL” as a key.

 Find “S” in first row, and “P” in first column gives
“H”.
Prof. Mostafa Nofal
Transpositional
Ciphers
Transpositional Conventional Charater-Level Cryptography
 The characters retain their plaintext form but change their
positions to create the ciphertext.
 The text is organized into a two-dimensional table, and the
columns are interchanged according to a key.
 The key defines which columns should be swapped.
Types of polyalphabetic Ciphers
Keyless Cipher Keyed Cipher Keyed columnar

Cipher
Prof. Mostafa Nofal

Transpositional
Ciphers
1 Keyless Transpositional ciphering
 It has no key.
 The text is written into a table column by column and then
transmitted row by row.
 Or, it may be written into a table row by row and then
transmitted column by column.
Prof. Mostafa Nofal

Transpositional
Ciphers
1 Keyless Transpositional ciphering: Example: Rail fence cipher
 The plaintext is arranged in two lines as a zigzag pattern.
 The ciphertext is created by reading row by row.
 Consider the message: “Meet me at the park”.
m e m a t e a k
e t e t h P R
 The ciphertext is: “MEMATEAKETETHPR”
Prof. Mostafa Nofal

Transpositional
Ciphers
1 Keyless Transpositional ciphering: Example 2
 The users can agree on the number of columns and write

plaintext row by row.
 The ciphertext is created by reading column by column.
 The receiver writes it column by column and reads it row

by row. m e e t
m e a t
t h e p
a r k
 The ciphertext is: “MMTAEEHREAEKTIP”
Prof. Mostafa Nofal

Transpositional
Ciphers
2- Keyed transpositional cipher
 The characters retain their plaintext form but change their
positions to create the ciphertext.
 The text is organized into a two-dimensional table, and the
columns are interchanged according to a key.
 The key defines which columns should be swapped.
Prof. Mostafa Nofal

Transpositional
Ciphers
2- Keyed transpositional cipher: Example
1
1 2 3 4 Ke=Kd
5 6 7 8 9 10 11
6 9 3 10 5 1 2 4 8 7 11
Algorithm Algorithm
Information Transpose Transpose Information

Source Destination
Plaintext Ciphertext Plaintext
1 2 3 4 5 6 7 8 9 10 11 1 2 3 4 5 6 7 8 9 10 11 1 2 3 4 5 6 7 8 9 10 11
A G O O D G O O D D G G O A O O O D A G O O D G O O D
F R I E N D I S D I I N F S R E F R I E N D I S
B E T T E R T H A N R T T E B A H E T N B E T T E R T H A N
A T R E A S U R E A S T U E A E R R A T R E A S U R E
Prof. Mostafa Nofal

Transpositional
Ciphers
2- Keyed transpositional cipher: Example
2
Key=order in
F alphabetic
A N C Y
3 1 4 2 5
Algorithm Algorithm
Information Transpose Transpose Information

Source Destination
Plaintext Ciphertext Plaintext
m e e t m E T M E M m e e t m
e a t n e A N E T E e a t n e
x t m i d T I X M D x t m i d
n i g h t I H N G T n i g h t
Prof. Mostafa Nofal

Transpositional
Ciphers
3- Keyed columnar transposition cipher
 It combine the two approaches to achieve better
scrambling.
 Encryption is done in three steps:
1 The plaintext is written into a table row by row.
2 The permutation (transposition) is done by reordering
the columns.
3 The new table is read column by column.
Prof. Mostafa Nofal

Transpositional
3- Keyed columnarCiphers
transposition cipher:
Example User B
User A
Enemy attacks tonightz Plaintext Enemy attacks tonightz

Write row by row Read row by row
e n e m y e n e m y
a t t a c a t t a c
k s t o n k s t o n
i g h t z i g h t z
1 2 3 4 5
E E M Y N E 2 5 1 3 4
D E E M Y N
T A A C T T A A C T
T K O N S T K O N S
H I T Z G H I T Z G
Read column by column Write column by column
Ciphertext
ETTHEAKIMAOTYCNZNTSG ETTHEAKI
Encryption MAOTYCN
ZNTSG
Decryption
Prof. Mostafa Nofal
Transpositional
Ciphers
Security of transpositional ciphering
 Transpositional encryption is not very secure either.
 The character frequencies are preserved and the snooper
can find the plaintext through trial and error.
 Multi-stage transposition was the basis of the famous
Enigma encryption machine used by German armed force.
 It was famously cracked by the British intelligence service
at Bletchely Park in the second world war.
Prof. Mostafa Nofal

BIT-LEVEL
ENCRYPTION
Prof. Mostafa Nofal

Bit-Level
Ciphering
Bit-level Ciphers
 With the advent of computers, modern ciphers use Bit-level
ciphering.
 This is because we need to encrypt many types of data in
the form of stream of bits.
Bit-level encryption
Encoding/decoding Permutation Exclusive OR Rotation
Prof. Mostafa Nofal

Bit-Level
Ciphering
1 Encoding/decoding
 A decoder changes an input of n bits into an output of 2n bits.
 The output should have only one single 1, located at the
position determined by the input.
 An encoder has 2n inputs and only n outputs.
 The input should have only one single 1.
Input
Input Output Input Input Output
00 0001 0001
01 0010 2x4 Decoder 00 4x2 Encoder
10 0100 0010
11 1000 01
0100
Output 10 Output
1000
11
Prof. Mostafa Nofal
Bit-Level
Ciphering
2- Permutation
 A permutation unit (P-box) parallels transpositional cipher
for characters.
 It can be implemented as a hardware with internal wiring to
perform very quickly.
 P-boxes are keyless with predetermined mapping of bits.
 In hardware, it is prewired.
 In software, a permutation table shows the rules of mapping.
Prof. Mostafa Nofal

Bit-Level
Ciphering
2- Permutation
 There are 3 types of permutation unit P-box.
Input
1- Straight permutation P-box 1 0 0 0 1 1 0 1

v Straight P-box with n inputs and n
outputs.
v It is invertible.
v It can be used in encryption and its
inverse in decryption.
1 0 0 1 0 0 1 1
Output
Prof. Mostafa Nofal

Bit-Level
Ciphering
2- Permutation
Input
1 0 0 0 1 1 0 1
2- Compressed permutation P-box
 Compressed P-box with n inputs and
m outputs; m<n.
 Some inputs are blocked and don’t
reach the output.
 It is used when we need to permute
bits and decrease the number of bits
1 0 1 0 1 1
for the next stage.
Output  It is not invertible.
Prof. Mostafa Nofal

Bit-Level
Ciphering
2- Permutation
Input
3- Expanded permutation P-box
1 0 0 0 1 1 0 1
 expanded P-box with n inputs and m
outputs; m>n.
 Some inputs are connected to more
than one output.
 It is used when we need permute
bits and increase the number of bits
1 1 0 0 1 0 0 1 1 1
for the next stage.
 It is not invertible. Output
Prof. Mostafa Nofal

Bit-Level
Ciphering
3- Exclusive OR
 The result of the exclusive-OR operation on two bits is 0 if
the two bits are the same and 1 if the two bits are different.
 The input data and the key are exclusive ORed together to
create the output ciphertext.
 The exclusive-OR operation is reciprocal.
 This means that the same key can be used with the
ciphertext at the receiver to recreate the original plaintext.
Prof. Mostafa Nofal

Bit-Level
Ciphering
3- Exclusive OR: Example
Synchronization
Cipher key Cipher key

0 1 1 0 0 1 0 0 1 1 0 0 1 0
Data flow Data flow

1 0 1 1 0 0 1 1 0 1 1 0 0 1
Ciphering Deciphering
1 1 0 1 0 1 1
Ciphered data
Prof. Mostafa Nofal

Bit-Level
Ciphering
4- Rotation
 Another way to encrypt a bit pattern is to rotate bits to the
right or to the left.
 The key is the number of bits to be rotated.
Plaintext 0 1 1 0 0 0 1 1 Before
1 0 1 1 0 0 0 1 After one rotation
Ciphertext 1 1 0 1 1 0 0 0 After two rotations
Prof. Mostafa Nofal

Conventional Encryption
Algorithms
 The most commonly used conventional encryption algorithms
are block ciphers.
 It processes the plaintext input into fixed-size blocks and
produces a block of ciphertext of equal size for each block.
 The two most important algorithms are the Data Encryption
Standard (DES) and the Triple Data Encryption Algorithm
(TDEA).
 Other symmetric block ciphers include International Data
Encryption Algorithm (IDEA) developed in 1991,
Blowfish developed in 1993, and RC5 developed in
1994.
Prof. Mostafa Nofal
Data Encryption Standard

(DES)
DES
 The DES was designed by IBM and adopted by the U.S.
government as the standard encryption method for
nonmilitary and non-classified use.
 The algorithm encrypts a 64-bit plaintext using a 56-
bit key.
 The text is put through 19 different and very complex
procedures to create a 64-bit ciphertext.
Prof. Mostafa Nofal


(DES)
Plaintext
1 Transposition
K1
2 Complex
Sub-key
Key
K2
Generator
3 Complex
56 bits
K16 (Each 48b)

17 Complex
18 Swapping
19 Transposition
Ciphertext
Prof. Mostafa Nofal


DES
(DES)
 The first and the last two steps are relatively simple.
 Firstly, the 64-bit plaintext passes through an initial
permutation that rearranges the bits.
 Steps 2 through 17 are complex, each requiring sub-steps
that are combinations of transposition, substitution,
swapping, exclusive OR, and rotation.
 Although steps 2 through 17 are the same, each uses a
different sub-key derived from the original key.
 Additional complexity is achieved by having each step use
the output of the previous step as input.
Prof. Mostafa Nofal

(DES) 56-bit Key
Sub-key Generation of
DES Divide
28 bits 28 bits
Rotate Rotate
28 bits 28 bits
Combine
56-bits
Compressed permutation
48-bit subkey
Prof. Mostafa Nofal


(DES)
One of the 16 steps in 32 bits
32 bits
DES
Expansion permutation
48 bits
From previous step
XOR Subkey Kn
48 bits
64-bit data
Compressed permutation
Divide 32 bits
Permutation
Combine
32 bits
64-bit data
XOR
To next step
32 bits 32 bits
Prof. Mostafa Nofal


(DES)
Decryption of DES
 The process of decryption with DES is essentially the same as
the encryption process.
 The rule is as follows:
 Use the ciphertext as input to the DES algorithm, but
use the keys K i in reverse order.
 That is, use K16 on the first iteration, K15 on the second
iteration, and so on until K 1 is used on the sixteenth and
last iteration.
Prof. Mostafa Nofal

Conventional DES
Algorithm
Problem with DES
 Imagine that a bank wants to give customers remote access
to their accounts using conventional encryption.
 To limit each customer's access to only his own account, the
bank would create millions of encryption algorithms and keys.
 This solution is impractical.
 On the other hand, giving the same encryption algorithm and
key to every customer, will not guarantee the privacy.
Prof. Mostafa Nofal

PUBLIC-KEY
CRYPTOGRAPHY
Prof. Mostafa Nofal

Public-key versus
DES
Need for Public-key cipher
 The solution to this problem is public key encryption.
 Every user has the same encryption algorithm and key.
 The decryption algorithm and key are kept secret.
 Anyone can encrypt information, but only an authorized
receiver can decrypt it.
 Decryption algorithm is not inverse of encryption algorithm.
 In addition, the keys are different.
 Even with the encryption algorithm and encryption key,
an intruder still will be unable to decipher the code.
Prof. Mostafa Nofal

Public-key
Cryptography
Encryption Revolution
 The public-key encryption is first publicly proposed by Diffie
and Hellman in 1976.
 It is the first truly revolutionary advance in encryption.
 The public-key algorithms are based on mathematical
functions rather than on simple operations on bit patterns.
 Public-key cryptography is asymmetric, involving the use of
two separate keys.
 The use of two keys has profound consequences in the
areas of confidentiality, key distribution, and authentication.
Prof. Mostafa Nofal

Public-key
Cryptography
Misconceptions with Public-key
 There are three misconceptions about public-key
cryptography.
Misconception 1: Misconception 2:
 Public-key encryption is more secure  Public-key encryption is a general-
from cryptanalysis than conventional purpose technique that has
encryption. made conventional encryption
Fact obsolete.
The security of any encryption scheme Fact
depends on:  On the contrary, because of the
1 the length of the key. computational overhead of public-key
2 the computational work involved in encryption schemes, there seems no
breaking a cipher. foreseeable likelihood that
conventional encryption will be
abandoned.
Prof. Mostafa Nofal
Public-key
Cryptography
Misconceptions with Public-key
 There are three misconceptions about public-key
cryptography.
Misconception 3:
 The key distribution is trivial when
using public-key encryption, compared
to conventional encryption.
Fact
 Some form of protocol is needed that
is not simpler or more efficient than
those required for conventional
encryption.
Prof. Mostafa Nofal

Public-key
Cryptography
Public-key
algorithm
A's Public
key ring B's private key
B's public key
Plaintext Plaintext
Algorithm Network Algorithm
(RSA)
Input Output
Ciphertext
User A User B
Transmitted
Prof. Mostafa Nofal

Public-key
Cryptography
Ingredients of Public-key system
Plaintext
This is the readable message that is fed into the
algorithm. Encryption algorithm
 It performs various transformations on the plaintext.
Public and private key
 This is a pair of keys if one is used for encryption, the other is used
for decryption.
Ciphertext
This is the scrambled message produced as
output. Decryption algorithm
 This algorithm accepts the ciphertext and the matching key and
produces the original plaintext.
Prof. Mostafa Nofal

Public-key
Cryptography
Basics of Public-key cryptography
 The public key of the pair is made public for others to use.
 The private key is known only to its owner.
 Public-key cryptographic algorithm relies on one key for
encryption and a different but related key for decryption.
Prof. Mostafa Nofal

Public-key
Cryptography
Essential steps of Public-key cryptography
1 Each user generates a pair of keys to be used for the encryption
and decryption of messages.
2 Each user places one key in a public register or other
accessible file. This is the public key. The companion key is kept
private.
3 Each user maintains a collection of public keys obtained
from others.
4 If user A wishes to send a private message to user B, then
user A
encrypts the message using B's public key.
5 When B receives the message, he decrypts it using his own
private key. Prof. Mostafa Nofal
Public-key
Cryptography
Applications of Public-key cryptography
1 Encryption/decryption
Sender encrypts a message with the recipient's public
key. 2- Digital signature
 The sender "signs" a message with his private key.
 Signing is achieved by a cryptographic algorithm applied to
the message or to a small block (digest) of the message.
3- Key exchange
 Two sides cooperate to exchange a session key.
Prof. Mostafa Nofal

Public-key
Cryptography
Requirements of Public-key cryptography
1 It is computationally easy for a party B to generate a pair
(public key KUb, private key KRb).
2 It is computationally easy for a sender A, knowing the
public key and the message, M, to generate the ciphertext.
3 It is computationally easy for the receiver B to decrypt
the ciphertext using the private key to recover the original
message.
4 It is computationally infeasible for an opponent,
knowing the public key, KUb, to determine the private
key, KRb .
Prof. Mostafa Nofal
Public-key
Cryptography
Requirements of Public-key cryptography
5 It is computationally infeasible for an opponent,
knowing the public key, KUb, and a ciphertext, C, to
recover the original message.
6 Either of the two related keys can be used for encryption,
with the other used for decryption.
Prof. Mostafa Nofal

Comparison between
Ciphers
Aspect symmetric Asymmetric
The secrete must be shared
Key secrecy The secrete is personal.
between users
No. of keys One secrete key Two keys: Public + private.
Different keys are used in each
Direction The key is used in both directions
direction
For n users n(n-1)/2 shared secretes n personal secretes
Plaintext and Plaintext and ciphertext are Plaintext and ciphertext are
ciphertext symbols (characters or bits) numbers
Mathematical functions on
Operation Simple operations on bits
numbers
Encryption + authentication +
Applications Encryption
key exchange.
Prof. Mostafa Nofal

Public-key
Cryptography
The function
 A function is a rule that associates (maps) one element in
domain set A to one element in range set B.
y = f(x)
x f y
Set A f -1 Set B
Domain Rang
e
 An invertible function is a function that associates each
element in the range with exactly one element in domain.
Prof. Mostafa Nofal

Public-key
Cryptography
One-way function
1 f is easy to compute: given x, y=f (x) can be easily
computed.
2 f -1 is difficult to compute: given y, it is computationally
infeasible to calculate x=f -1(y).
Trapdoor one-way function
3 Given y and a trapdoor (secrete), x can be computed easily.
y = f(x)
x f y
Set A Set B
f -1
Domain Rang
e
Prof. Mostafa Nofal
The RSA Encryption

Algorithm
Development of RSA
 It was developed in 1977 by Rivest, Shamir, and Adleman at
MIT and first published in 1978.
 The RSA scheme is the most widely accepted and
implemented approach.
 RSA is a block cipher in which the plaintext and ciphertext
are integers between 0 and (n-1) for some n.
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Key generation of RSA
 Select two large prime numbers, p and q.
 The prime number is divisible only by 1 and itself.
 Calculate n = p x q.
 Calculate y = (p-1) x (q-1)
 Select a number that is relatively prime to y and call it e.
 This means that e is not a prime factor of y .
 Determine d such that (d x e) mod y =1.
 The public key used to encrypt is KU={e,n}
 The private key used to decrypt KR={d,n}.
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Encryption/decryption steps of RSA
The encryption algorithm follows these steps:
 Encode the data to be encrypted as a number to create the
plaintext M.
 Calculate the ciphertext C as C=Me mod n.
 Send C as the ciphertext.
The decryption algorithm follows these steps:

 Receive the ciphertext C.
 Calculate the plaintext M=Cd mod n.
 Decode M to the original data.
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Operation of
RSA
Key Generation
Select p, q. p and q are prime
Calculate integers
Calculate n=pxq
Select integer e y=(p-1)(q-1).
Calculate d gcd(y,e)=1
Public key (exd) (mod y)
Private key =1
Encryption Algorithm KU={e,n}
Plaintext MKR={d,n}
Ciphertext C = Me (mod n)
Decryption Algorithm
Ciphertext C
Plaintext M=Cd (mod n)
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Operation of RSA
algorithm KR={d,n}
KU={e,n}
Plaintext
Plaintext
C = Me mod n M =Cd mod n
Algorithm Algorithm
Output
Input
Ciphertext
Transmitted
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Example of RSA algorithm
1 Select two prime numbers, p=7 and q=17.
2 Calculate n = p x q = 7 x 17 = 119.
3 Calculate y = (p-1)(q-1) = 96.
4 Select e such that e is relatively prime to y=96 and less than
y; In this case, e = 5.
5 Determine d such that d x e(mod 96)=1 and d<96.
The correct value is d = 77, because 77 x 5=385=4 x 96 + 1.
6 The resulting public key is KU=(5,119).
7 The resulting private key is KR=(77,119).
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Example of RSA
algorithm
Prof. Mostafa Nofal

The RSA Encryption

Algorithm
Reciprocity of RSA algorithm
 The RSA algorithm is reciprocal.
 This means that user A can use the B'private key to send
a message to user B, and
 User B can decrypt the message using his own public key.
 Therefore, for the RSA cryptosystem, we have:
 M=D(E(M)).
 M=E(D(M)).
Prof. Mostafa Nofal

IFT 503A Information Assurance and Security

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IFT 503A Information Assurance and Security

Uploaded by

Copyright:

Available Formats

College of Computers ‫تابسالحا ةيلك‬

and Information Technology ‫تامولعلما ةينقتو‬

CO2: Present fundamental ciphering approaches for

CO3: Provide essentials for proxy firewalls and intrusion

Prof. Mostafa Nofal

On Successful completion of this course, the student will has:

CLO2: Ability to design a secure computer system.

CLO3: Ability to develop efficient encryption techniques.

Prof. Mostafa Nofal

Prof. Mostafa Nofal

Chapter 2: Design of Secured Computer

Prof. Mostafa Nofal

Course  RSA algorithm

Prof. Mostafa Nofal

Course Chapter 6: Essentials of Network

Prof. Mostafa Nofal

Chapter 1  History of Computer System Security.

Prof. Mostafa Nofal

Prof. Mostafa Nofal

Facets of the Security

Data Message transaction

Stand alone computer Internet

Prof. Mostafa Nofal

Facets of the Security

Stand alone computer

Facets of the Security

Prof. Mostafa Nofal

Facets of the Security

Intrusion may be performed

Data Message transaction

Stand alone computer Internet

Prof. Mostafa Nofal

Physical Technology Policy Configuration Human

Prof. Mostafa Nofal

Physical Technology Policy Configuration Human

1 Internet protocols were not designed for security.

Prof. Mostafa Nofal

Prof. Mostafa Nofal

Meaning of Computer Systems

Prof. Mostafa Nofal

Meaning of Computer Systems

Prof. Mostafa Nofal

Meaning of Computer Systems

Intrusion may be performed

Data Message transaction

Stand alone computer Internet

message may be intercepted, modified or fabricated.

Prof. Mostafa Nofal

Meaning of Computer Systems

and information systems from availability and correct operation

Prof. Mostafa Nofal

Meaning of Computer Systems

Network security the term internet security is often

protect data during their collection of tools designed to

Prof. Mostafa Nofal

Meaning of Computer Systems

System Data System

1 System access control

Prof. Mostafa Nofal

Meaning of Computer Systems

System Data System

2- Data access control

Prof. Mostafa Nofal