RAGHU ENGINEERING COLLEGE

(Autonomous)

CRYPTOGRAPHY AND NETWORK SECURITY

UNIT-I

By
Mr. V.TATA RAO
Assistant Professor,
Dept of CSE
 CONTEXT SETTING:
INTRODUCTION
SECURITY GOALS
SECURITY ATTACKS
SECURITY SERVICES
SECURITY MECHANISMS,
SYMMETRIC CIPHER MODEL,
SUBSTITUTION TECHNIQUES,
TRANSPORTATION TECHNIQUES,
CYBER THREATS AND THEIR DEFENSE
 VULNERABILITIES
TCP SESSION HIJACKING
 UDP HIJACKING
 INTRODUCTION:

PROTOCOLS(SNA,OSI,TCP/IP,SNMP)
TRANSMISSION.
INFORMATION SECURITY
COMPUTER SECURITY
NETWORK SECURITY
INTERNET SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
HOW CAN WE PROVIDE NETWORK SECURITY?
WHY DO WE NEED A NETWORK SECURITY?
INTRODUCTION:
INTRODUCTION:
SECURITY ATTACKS
SECURITY ATTACKS
SECURITY ATTACKS
SECURITY SERVICES
 SECURITY SERVICES
Confidentiality (or Secrecy)(or privacy):
•Stored or transmitted information is accessible (even travel over
insecure links) only authorized parties; it doesn’t accessible to
unauthorized parties.
•Only sender and, intended receiver should “understand“ message
content
• sender encrypts the message
• receiver decrypts the message
•Confidentiality has been designed to prevent interception(such as
snooping and traffic analysis)
• It is used for sensitive fields such as government and industry
• It is important security service in information security
• Confidentiality uses the encipherment, routing control security
mechanisms.
 SECURITY SERVICES
Authentication: (who created or sent the data):
•In authentication both sender and receiver should be able
to confirm the proof identity for talking (communication)
each other
• Authentication is first step in any network security
solution.
• Authentication has been designed to prevent fabrication
(such as spoofing and replaying) attacks.
• authentication uses the encipherment, digital signature
security mechanisms
 SECURITY SERVICES

Data integrity (or message authentication):

•Integrity prevention of unauthorized party modification of information
• Integrity can apply to stream of messages.
• Integrity includes both content of information and source of data
• Integrity has been designed to prevent the modification security attack.
• Integrity uses the encipherment, digital signature, data integrity security
mechanisms

Non-repudiation:
•Non-repudiation service is protection against denial by one of the
parties(sender, receiver) in a communication
• In this case the sender and receiver can keep proofs to avoid repudiation.
• Non-repudiation has been designed to prevent the repudiation security attack.
• Non-repudiation uses the digital signature, data integrity, notarization security
mechanisms
 SECURITY SERVICES
Availability:
•The data must be available to the authorized parties when they required to
access them is called availability
• Availability has been designed to prevent the Denial of Service security attack.
• It is also prevent Virus that deletes files
• Availability uses data integrity, authentication exchange security mechanisms

Access control:
•Access control prevention of the unauthorized use of a resource means the
host systems and applications are limited to access by the communication links
and any unauthorized part Can’t access then.
2.Access control uses the access control security mechanisms
SECURITY MECHANISM
 SECURITY MECHANISM
Encipherment: Encipherment is a security mechanism (or cryptography
algorithms) to transform intelligible data into an unintelligible form.
The transformation and subsequent recovery of the data depend on an algorithm
and zero or more encryption keys.

Digital signature: A digital signature is a means by which the sender can

electronically sign the data and the receiver can electronically verify the
signature.

Data integrity: The data integrity mechanism appends to the data a short check
value that has been created by a sender specific process from the data itself. The
receiver receives the data and the check value. He creates a new check value
from the received data and compares the newly created check value with the
received one. If the two are the same, the integrity of data has been preserved.
 SECURITY MECHANISM
Authentication exchange: Check values In Authentication exchange, the two
entities some message to prove their identity to each other. The authentication
can be one-way authentication or two-way authentication.

Traffic padding: Traffic padding means inserting some bogus data into the
original data to prevent the traffic analysis attempts

Routing control: Routing control means selection and continuously changing

different available routes between the sender and receiver prevent the opponent
from eavesdropping (secretly listen) on the particular root

Notarization: Notarization means selecting third trusted party to control the

communication between two entities. This can be done, for example, to prevent
repudiation. The receiver can involve a trusted party to store the sender request
in order to prevent the sender from later denying that she has made such request.

Access control: Access control uses methods to prove that a user has access
right to the data or resource owned by a system.
SECURITY GOALS
TECHNIQUES OF CRYPTOGRAPHY

SUBSTITUTION TECHNIQUES
CAESAR CIPHER
MONOALPHABATIC CIPHER
PLAYFAIR CIPHRE
POLY ALPHABATIC CIPHER

TRANSPOSITION TECHNIQUES
RAIL FENCE CIPHER
VERNAM CIPHER(ONE TIME PADS)
SIMPLE COLUMNAR CIPHER
 TECHNIQUES OF CRYPTOGRAPHY

SUBSTITUTION TECHNIQUES
A substitution technique is one in which the letters of
plaintext are replaced by other letters or by numbers or
symbols. If the plaintext is viewed as a sequence of
bits, then substitution involves replacing plaintext bit
patterns with cipher text bit patterns.
TRANSPOSITION TECHNIQUES
Transposition technique involves performing some
sort of permutation on the plaintext letters. This
technique is also referred as transposition cipher.
 SUBSTITUTION TECHNIQUES
CAESAR CIPHER: The Caesar cipher involves replacing each letter of
the alphabet with the letter standing three places further down the
alphabet. For example,
Eg: plain: meet me after the toga party
cipher: PHHW PH DIWHU WKH WRJD SDUWB

MONOALPHABATIC CIPHER:Rather than just shifting the alphabet

Could shuffle (jumble) the letters arbitrarily
Each plaintext letter maps to a different random cipher text letter
hence key is 26 letters long

Eg:Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: if we wish to replace letters
Cipher text: WIRFRWAJUHYFTSDVFSFUUFYA
 SUBSTITUTION TECHNIQUES
PLAYFAIR CIPHER: The best-known multiple-letter encryption cipher
is the Playfair, which treats digrams in the plaintext as single units and
translates these units into ciphertext digrams. c h a r l
Eg:Key:CHARLES e s b d f
Plaintext: meet me at the bridge. g i/j k m n
me et me at th eb ri dg ex o p q t u
Ciphertext: gd do gd rq pr sd hm em bv
v w x y z
POLY ALPHABATIC CIPHER: The set of related monoalphabetic
substitution rules consists of the 26 Caesar ciphers, with shifts from 0 to
25. Each cipher is denoted by a key letter, which is the cipher text letter
that substitutes for the plaintext letter a. Thus, a Caesar cipher with a
shift 3 is denoted by the key value d.
Eg:Key: dec e p t i v e de c e p t i ve d e c e p t i v e
Plaintext: wea r e d i s c ov e r e d s av e y o u r s e l f
Ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
 SUBSTITUTION TECHNIQUES
 Hill cipher is a polygraphic substitution cipher based on linear algebra.Each
letter is represented by a number modulo 26. Often the simple scheme A = 0,
B = 1, …, Z = 25 is used, but this is not an essential feature of the cipher. To
encrypt a message, each block of n letters (considered as an n-component
vector) is multiplied by an invertible n × n matrix, against modulus 26. To
decrypt the message, each block is multiplied by the inverse of the matrix
used for encryption.
The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).

Eg: Plaintext: ACT Key: GYBNQKURP Ciphertext: POH

Eg: Plaintext: GFG Key: HILLMAGIC Ciphertext: SWK

 TRANSPOSITION TECHNIQUES
RAIL FENCE TECHNIQUE: In this technique, the plaintext is written
down as a sequence of diagonals and then read off as a sequence of
rows.
For example, if the message is “GeeksforGeeks” and the number of rails
= 3 then cipher is prepared as:

VERNAM CIPHER:
Each plain text character from a message is mixed with one character from a
key stream.
Plaintext XOR key=Cipher text
Cipher text XOR key= Plaintext
Eg: Plaintext=00011 Key=11001 Cipher text=11010
Cipher text= 00011 11001=11010 Plain text=1101011001=00011
Eg: Plaintext=HELLO KEY=AXHJB Cipher text=KMIVE
 TRANSPOSITION TECHNIQUES

SIMPLE COLUMN CIPHER

The key for the columnar transposition cipher is a keyword e.g. GERMAN The
row length that is used is the same as the length of the keyword. To encrypt a
piece of text.
Plain text: defend the east wall of the castle
Cipher text= nalcxehwttdttfseeleedsoaxfeahl
3 2 6 4 1 5
G E R M A N
d e f e n d
t h e e a s
t w a l l o
f t h e c a
s t l e x x
 CYBER THREATS AND THEIR DEFENSE

A cyber security threat refers to any possible malicious attack that

seeks to unlawfully access data, problem digital operations or
damage information.
Cyber threats can originate from various actors, including corporate
spies, hackers, terrorist groups, hostile nation-states, criminal
organizations, lone hackers and disgruntled employees.
Phishing
Mailers
Collectors
Cashers
Web based attack
SQL Injection
 CYBER THREATS AND THEIR
DEFENSE
Phishing: Phishing is a type of social engineering attack often used
to steal user data, including login credentials and credit card numbers. It
occurs when an attacker, masquerading as a trusted entity, dupes a
victim into opening an email, instant message, or text message. The
most common form of phishing attacks includes three components, such
as the lure, hook and catch.

Mailers :Mailers are spammers or hackers who have the ability to

send out a large number of fraudulent emails. This is generally done
through bot-nets. Bot-net consists of a large numbers-often in the
thousands- of computers that have been compromised, and which can
be controlled by the mailer.
 CYBER THREATS AND THEIR
DEFENSE
Collectors :Collectors are hackers who have set up the fraudulent
websites to which users are directed by the fraudulent spam, and which
actively prompt users to provide confidential information such as their
usernames, passwords, and credit card numbers. These websites are
generally hosted on compromised machines on the internet.

Cashers :Cashers take the confidential information collected by the

collectors, and use it to achieve a pay-out. This can be done in several
manners, from creating fraudulent credit cards and bank cards which are
used to directly withdraw money from automated teller machines to the
purchase and sale of goods. Cashiers are known to either pay collectors
directly for the personal information corresponding to users or charge
commission rates, where they receive a certain percentage of any funds
 CYBER THREATS AND THEIR
DEFENSE
Web based attacks :Web based attacks are considered by security experts to
be greatest and often times the least understood of all risks related to
confidentiality, availability, and integrity. The purpose of a web based attack is
significantly different than other attacks: in most traditional penetration testing
exercises a network or host is the target of attack. Web based attacks focus on an
application itself and functions on layer 7 of the OSI (Application Layer).

SQL Injection:A cyber security threat refers to any possible malicious attack
that seeks to unlawfully access data, disrupt digital operations or damage
information. Cyber threats can originate from various actors, including corporate
spies, hacktivists, terrorist groups, hostile nation-states, criminal organizations,
lone hackers and disgruntled employees.
Browser sends malicious input to server
Bad input checking leads to malicious SQL query
 Vulnerability
Vulnerability is a security exposure in an operating system or other system
software or application software component. There are two types of
vulnerabilities
Buffer overflow vulnerability
Format string vulnerability.
 Vulnerability
-Buffer overflow vulnerability: Buffers are data storage areas that generally
hold a predefined amount of finite data.Buffer overflow is a situation that occurs
when the amount of data that is placed in the memory is greater than the amount
of storage space actually allocated. Buffer overflow vulnerabilities are one of the
among the most widespread of security problems.
Heap-based
Stack-based
 Vulnerability
-Format string vulnerability: In the “C” programming language there are
number of library functions which accept a format string as an argument. A
format string is an ASCII string that contains text and format parameters.
Denial of service
Reading Memory
Writing in Memory
 TCP SESSION HIJACKING
TCP session hijacking is taking control over a TCP session between
two machines by an intruder. Since most authentications occur only at
the start of a TCP session, which allows the hacker(intruder) to gain
access to a machine.
Another definition of “TCP session hijacking”: is a technique that
involves intercepting a TCP session initiated between two machines in
order to hijack it.

MAN-IN-THE-MIDDLE (MITM):

BLIND HIJACK:
 TCP SESSION HIJACKING
MAN-IN-THE-MIDDLE (MITM):A hacker can also be "inline"
between B and C using a sniffing program to watch the sequence
numbers and acknowledge numbers in the IP packets transmitted
between B and C. And then hijack the connection. This is known as a
"man-in-the-middle attack".

BLIND HIJACK:Blind hijack is implemented when sniffing the

packets is not possible. Blind hijack involves brute forcing 4 billion
combinations of sequence number which will be an unreliable task
 UDP SESSION HIJACKING
UDP does not use packet sequencing and synchronizing; it is easier than TCP to
hijack UDP session. The hijacker has simply to forge a server reply to a client
UDP request before the server can respond. If sniffing is used then it will be
easier to control the traffic generating from the side of the server and thus
restricting server’s reply to the client in the first place.