Fundamentals of Security 01 14 19 Mohamed Khalil Ph D 1 Security Attacks Passive Attacks 01 14 19 Active Attacks Mohamed Khalil Ph D 2 Passive Attacks Interception confidentiality 01 14 19 Mohamed Khalil Ph D 3 Interception Traffic Analysis Release Of Message Contents learn sensitive information Determine the identity and location of the host 01 14 19 Mohamed Khalil Ph D 4 Active Attacks Interruption Modification Fabrication availability integrity authenticity 01 14 19 Mohamed Khalil Ph D 5 Modification integrity Modify the contents of the message or a file It is an attack on integrity 01 14 19 Mohamed Khalil Ph D 6 Interruption availability Try to break the system to make out of service It is an attack on Availability 01 14 19 Mohamed Khalil Ph D 7 Fabrication Authenticity Insert messages to system or object to files Try to fool the system It is attack on authenticity 01 14 19 Mohamed Khalil Ph D 8 Security Service Confidentiality Authentication Nonrepudiation 01 14 19 Mohamed Khalil Ph D Integrity Aviliability 9 Confidentiality 444 21 8888 444 21 8888 Is the protection of transmission from passive attacks 01 14 19 Mohamed Khalil Ph D 10 Authentication I am friend Ok let us talk The authentication service assures that the recipient receive information from reliable source 01 14 19 Mohamed Khalil Ph D 11 Integrity He She Broker Buy 1000 stocks Buy 1000 stocks Buy 1000 stocks Make sure that the message is received as it is sent without modification duplication insertion reordering or reply 01 14 19 Mohamed Khalil Ph D 12 Nonrepudiation He She Broker You are not john I can t do that I am John buy 1000 stocks Nonrepudiation prevents either sender or receiver from denying a transaction 01 14 19 Mohamed Khalil Ph D 13 Availability Protect against Denial Of Service attacks 01 14 19 Mohamed Khalil Ph D 14 Cryptography Definition A process associated with scrambling plaintext ordinary text or clear text into cipher text a process called encryption then back again known as decryption Cryptography concerns itself with four objectives 1 Confidentiality the information cannot be understood by anyone for whom it was unintended 2 Integrity the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected 3 Non repudiation the creator sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information 4 Authentication the sender and receiver can confirm each other s identity and the origin destination of the information Procedures and protocols that meet some or all of the above criteria are known as cryptosystems 01 14 19 Mohamed Khalil Ph D 15 Encryption Model cryptanalyst X Plain Text Encryption Algorithm Y X K Decryption Algorithm X Plain Text Cipher Text Key 01 14 19 Secure Channel Mohamed Khalil Ph D 16 Cryptography Classification Cryptographic systems are generally classified along three independent dimensions The type of operation used for transforming plaintext to ciphertext all encryption algorithms are based on two general principles 1 Substitution in which each element in the plain text bit letter group of bits or letters is mapped into another elements 2 Transposition in which elements in the plaintext are rearranged The fundamental requirements that all operations must be reversible Most system involves multiple stages of substitution and transposition The number of keys used 1 Symmetric If both sender and receiver use the same key the system referred to be symmetric single key secret key or conventional encryption 2 Asymmetric if both sender and receiver each uses a different key the system is referred to be as asymmetric two key or public key encryption The way in which the plaintext is processed 1 2 Block ciphering processes the input one block of elements at a time producing an output block for each input block Stream ciphering processes the input elements continuously producing output one elements at a time 01 14 19 Mohamed Khalil Ph D 17 Encryption techniques Caesar Cipher Substitution cipher Plain meet me after the party Cipher PHHW PH DIWHU WKH SDUMB C E p p 3 26 p D C C 3 26 01 14 19 Mohamed Khalil Ph D 18 Encryption techniques Caesar Cipher Cryptanalysis p D C C i 26 Try all the different 25 keys 01 14 19 Mohamed Khalil Ph D 19 Encryption techniques Mono alphabetic Cipher Substitution cipher Plain a b c d e f g h I j k l m n o p q r s t u v w x y z Cipher D E F G H I J K L M N O P Q R S T U V W X Y Z A B C The cipher line could be any permutation of the 26 characters so there are 26 Or greater than 4 x 1026 Possible keys 01 14 19 Mohamed Khalil Ph D 20 Encryption techniques Mono alphabetic Cipher Cryptanalysis Construct a table of frequency of one two etc letters in a very long English text Construct another table of frequency of one two etc letters based on the encrypted text From the relationship of both tables we can figure out the encryption key 01 14 19 Mohamed Khalil Ph D 21 Encryption techniques Hill Cipher Substitution cipher The encryption algorithm takes m successive plaintext letters and substitutes for them m ciphertext letters The substitution is determined by m linear equations in which each character is assigned a numerical determined by m linear equations in which each character is assigned a numerical a 0 b 1 z 25 For m 3 the system can be described as follows C1 k11 p1 k12 p2 k13 p3 mod 26 C2 k 21 p1 k 22 p2 k32 p3 mod 26 C3 k31 p1 k32 p2 k33 p3 mod 26 01 14 19 Mohamed Khalil Ph D 22 Encryption techniques Hill Cipher C 1 k11 k12 k13 p1 C k k k p 2 21 22 23 2 C3 k31 k32 k33 p3 C Ek P KP 1 1 P Dk C K C K KP P 01 14 19 Mohamed Khalil Ph D 23 Encryption Techniques Public Key Secret Key 01 14 19 Mohamed Khalil Ph D 24 Block Cipher Modes of Operations The Electronic Code Mode ECB The Cipher Block Chaining Mode CBC The Cipher Feedback Mode CFB The Output Feedback Mode OFB The Counter Mode CTR 01 14 19 Mohamed Khalil Ph D 25 Electronic Code Mode ECB ECB Encryption ECB Decryption PLAINTEXT CIPHERTEXT INPUT BLOCK INPUT BLOCK CIPHk CIPH 1k OUTPUT BLOCK OUTPUT BLOCK CIPHERTEXT PLAINTEXT ECB Encryption C j CIPH k Pj for j 1 n ECB Decryption Pj CIPH k 1 C j for j 1 n 01 14 19 Mohamed Khalil Ph D 26 Cipher Block Chaining Mode CBC ECB Decryption ECB Encryption IV IV PLAINTEXT1 PLAINTEXTn INPUT BLOCK1 INPUT BLOCK2 INPUT BLOCKn CIPHk CIPHk CIPHk OUTPUT BLOCK1 OUTPUT BLOCK2 OUTPUT BLOCKn CIPHERTEXT1 CIPHERTEXT2 CIPHERTEXTn CIPHERTEXT1 CIPHERTEXT2
View Full Document
Unlocking...