bt0088 cryptography and network security1
DESCRIPTION
Cryptography and Network Security1TRANSCRIPT
Cryptography and Network
Security1
1. Explain the need for network security.
Computer security is required because many organizations will be
damaged by hostile software or intruders. There may be several forms of
damage which are obviously interrelated.
These include:
Damage or destruction of computer systems.
Damage or destruction of internal data.
Loss of sensitive information to hostile parties.
Use of sensitive information to steal elements of monitary value.
Use of sensitive information against the customers which may result in legal
action by customers against the organization and loss of customers.
Damage to the reputation of an organization.
Monitory damage, due to loss of sensitive information, destruction of data,
hostile use of sensitive data, or damage to the reputation of the
organization. The methods used to accomplish these unscrupulous
objectives are many and varied depending on the circumstances.
2. What is security attack? Explain with examples.
Any action that compromises the security of information owned by an
organization is called security attack. Those who execute such actions, or
cause them to be executed, are called attackers or opponents. Computer-
based system has three interrelated and valuable components namely,
hardware, software, and data. Each of these assets offers value to
different members of the community affected by the system. To analyze
security, we can brainstorm about the ways in which the system or its
information can experience some kind of loss or harm
Vulnerability is a weakness in the security system, For
example, you can
see certain system does not verify a user's identity or password before
allowing them to access the data.
A threat to a computing system is a set of
circumstances that has the
potential to cause loss or harm. The threats to computing system would be
either human-initiated or computer-initiated. A human who exploits the
vulnerability perpetrates an attack on the system. An attack can also be
launched by another system, as when one system sends an overwhelming
set of messages to another, virtually shutting down the second system's
ability to function. we have seen this type of attack frequently, as
denial-of-service attacks flood servers with more messages than they can
handle.
3. What is the difference between substitution and transposition
techniques?
Substitutions are the simple form of encryption in which one letter is
exchanged for another. A substitution is an acceptable way of encrypting
text. Here is few examples.The Caesar cipher has an important place in
history. Julius Caesar is said to have been the first to use this scheme, in
which each letter is translated to a letter a fixed number of places after it in
the alphabet. Caesar used a shift of 3, so that plaintext letter pi was
enciphered as ciphertext letter ci by the rule .A one-time pad is sometimes
considered the perfect cipher. The name comes from an encryption method
in which a large, nonrepeating set of keys is written on sheets of paper,
glued together into a pad. The Vernam Cipher is a type of one-time pad
devised by Gilbert Vernam for AT&T. The Vernam cipher is immune to most
cryptanalytic attacks. The basic encryption involves an arbitrarily long
nonrepeating sequence of
numbers that are combined with the plaintext. Vernam's invention used an
arbitrarily long punched paper tape that fed into a teletype machine. The
tape contained random numbers that were combined with characters typed
into the teletype. The sequence of random numbers had no repeats, and
each tape was used only once. As long as the key tape does not repeat or is
not reused, this type of cipher is immune to cryptanalytic attack because
the available ciphertext does not display the pattern of the key
.Example:
transposition techniques
The goal of substitution is confusion; the encryption method is
an attempt to
make it difficult for a cryptanalyst or intruder to determine how a message
and key were transformed into cipher-text. A transposition is an
encryption in which the letters of the message are rearranged. With
transposition, the cryptography aims for diffusion, widely spreading the
information from the message or the key across the ciphertext.
Transpositions try to break established patterns. Because a transposition is
a rearrangement of the symbols of a message, it is also known as a
permutation.
A simplest transposition technique is Columnar Transpositions. The columnar
transposition is a rearrangement of the characters of the plaintext into
columns.
The following set of characters is a five-column transposition. The plaintext
characters are written in rows of five and arranged one row after another, as
shown here.
c1 c2 C3 c4 c5
c6 c7 C8 c9 c10
c11 c12 etc.
You form the resulting ciphertext by reading down the columns
Encipherment / Decipherment Complexity
This type is again arranging the letters and reading them off again.
Therefore, the algorithm requires a constant amount of work per character,
and the time needed to apply the algorithm is proportional to the length of
the message.
Digrams, Trigrams, and Other Patterns
Just as there are characteristic letter frequencies, there are also characteristic
patterns of pairs of adjacent letters, called digrams. Letter pairs such as -
re-, -th-, -en-, and -ed- appear very frequently
4. Using Caesar Cipher encrypt the plaintext “Sikkim Manipal
University” using key value
Plaintext ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ciphertext d e f g h i j k l m n o p q r s t u v w x y z a b c
SIKKIM MANIPAL UNIVERSITY
would be encoded as
SIKKIM MANIPAL UNIVERSITY
vl nnl p pd qls do x q ly huv lwb
5. Explain different characteristics that identify a good encryption
technique.
1. The implementation of the process should be as simple as possible.
Principle 3 was formulated with hand implementation in mind: A
complicated algorithm is prone to error or likely to be forgotten. With the
development and popularity of digital computers, algorithms far too
complex for hand implementation became feasible. Still, the issue of
complexity is important. People will avoid an encryption algorithm whose
implementation process severely hinders message transmission, thereby
undermining security. And a complex algorithm is more likely to be
programmed incorrectly
2. The enciphering algorithm and set of keys used should be less complex.
This principle implies that we should restrict neither the choice of keys
nor the types of plaintext on which the algorithm can work. For instance,
an algorithm that works only on plaintext having an equal number of As
and Es is useless. Similarly, it would be difficult to select keys such that
the sum of the values of the letters of the key is a prime number.
Restrictions such as these make the use of the encipherment prohibitively
complex. If the process is too complex, it will not be used. Furthermore,
the key must be transmitted, stored, and remembered, so
it must be short.
3. The amount of secrecy needed should determine the amount of labor
appropriate for the encryption and decryption. Principle 1 is a reiteration
of the principle of timeliness and of the earlier observation that even a
simple cipher may be strong enough to deter the casual interceptor or to
hold off any interceptor for a short time.
4. Errors in ciphering should not propagate and cause corruption of further
information in the message. Principle 4 acknowledges that humans make
errors in their use of enciphering algorithms. One error early in the
process should not throw off the entire remaining ciphertext.
5. The size of the original message and that of enciphered text should be at
most same.
6. Compare Symmetric and Asymmetric Encryption Systems.
The two basic kinds of encryption systems are key based and
block based.
Key based encryption is based on either single key or multiple keys. Block
based encryption is based on either stream or block of characters We have
two types of encryptions based on keys they are symmetric (also called
"secret key") and asymmetric (also called "public key"). Symmetric
algorithms use one key, which works for both encryption and decryption.
Usually, the decryption algorithm is closely related to the encryption one The
symmetric system means both encryption and the decryption are performed
using the same key. They provide a two-way channel to their users: A and B
share a secret key, and they can both encrypt information to send to the
other as well as decrypt information from the other. As long as
the key remains secret, the system also provides authentication, proof that a
message received was not fabricated by someone other than the declared
sender. Authenticity is ensured because only the legitimate sender can
produce a message that will decrypt properly with the shared key.
Public key systems, on the other hand, excel at key
management. By the nature of the public key approach, you can send a
public key in an e-mai message or post it in a public directory. Only the
corresponding private key, which presumably is kept private, can decrypt
what has been encrypted with the public key.
For both kinds of encryption, a key must be kept well secured.
Once the
symmetric or private key is known by an outsider, all messages written
previously or in the future can be decrypted (and hence read or modified)
by the outsider. So, for all encryption algorithms, key management is a
major issue. It involves storing, safeguarding, and activating keys
7. Give the Overview of DES Algorithm.
The most widely used encryption scheme is based on Data
Encryption
standard. Data Encryption Standard (DES), a system developed for the U.S.
government, was intended for use by the general public The Data
Encryption Standard (DES) specifies an
algorithm to be implemented in electronic hardware devices and used for the
cryptographic protection of computer data ... Encrypting data converts it to
an unintelligible form called
cipher. Decrypting cipher converts the data back to its original form. The
algorithm... specifies both enciphering and deciphering operations which
are based on a binary number called a key … Data can be recovered from
cipher only by using exactly the same key used
to encipher it.
The Data Encryption algorithm is a combination of both substitution as
well
as transposition technique. The strength of DES technique is improved when
it uses both the techniques together. It uses both the technique repeatedly
i.e., one on the top of other for a total of 16 cycles. The sheer complexity of
tracing a single bit through 16 iterations of substitutions and transpositions
has so far stopped researchers in the public from identifying
more than a handful of general properties of the algorithm. The algorithm
begins by encrypting the plaintext as blocks of 64 bits. The key is 64 bits
long, but in fact it can be any 56-bit number. (The extra 8 bits are often
used as check digits and do not affect encryption in normal
implementations.) The user can change the key at will any time there is
uncertainty about the security of the old key.
The iterative substitutions and permutations are performed as outlined in
Figure
DES uses only standard arithmetic and logical operations on numbers up to
64 bits long, so it is suitable for implementation in software on most current
computers. Although complex, the algorithm is repetitive, making it suitable
for implementation on a single-purpose chip.
8. Explain RSA technique with an example.
RSA stands for Rivest, Shamir, and Adleman, the people who invented the
algorithm at MIT in 1978 which uses two keys: a private key and a public
key. Typically, private key algorithms such as DES can't protect against
fraud by the sender or the receiver of a message
RSA is an exponentiation cipher. You have to follow the following two steps.
1. Choose two large prime numbers p and q, and let n = pq. The totient Ø(n)
of n is the number of numbers less than n with no factors in common with n.
Example: Let n = 10. The numbers that are less than 10 and are relatively
prime to (have no factors in common with) n are 1, 3, 7, and 9. Hence, Ø
(10) = 4. Similarly, if n = 21, the numbers that are relatively prime to n are
1, 2, 4, 5, 8, 10, 11, 13, 16, 17, 19, and 20. So Ø(21) = 12.
2. Choose an integer e < n that is relatively prime to Ø(n). Find a second
integer d such that ed mod Ø(n) = 1. The public key is (e, n), and the
private key is d.
Let m be a message. Then:
c = me mod n
and
m = cd mod n.
Example: Let p = 7 and q = 11. Then n = 77 and Ø(n) = 60. Alice chooses e =
17, so her private key is d = 53. In this cryptosystem, each plaintext
character is represented by a number between 00 (A) and 25 (Z); 26
represents a blank. Bob wants to send Alice the message "HELLO WORLD."
Using the representation above, the plaintext is 07 04 11 11 14
26 22 14 17 11 03. Using Alice's public key, the ciphertext is
0717 mod 77 = 28
0417 mod 77 = 16
1117 mod 77 = 44
...
0317 mod 77 = 75
or 28 16 44 44 42 38 22 42 19 44 75.
RSA can provide data and origin authentication. If Alice
enciphers her message using her private key, anyone can read it, but if
anyone alters it, the (altered) ciphertext cannot be deciphered correctly.
Example: Suppose Alice wishes to send Bob the message "HELLO WORLD"
in such a way that Bob will be sure that Alice sent it. She enciphers the
message with her private key and sends it to Bob. As indicated above, the
plaintext is represented as 07 04 11 11 14 26 22 14 17
11 03.
Using Alice's private key, the ciphertext is
0753 mod 77 = 35
0453 mod 77 = 09
1153 mod 77 = 44
...
0353 mod 77 = 05
or 35 09 44 44 93 12 24 94 04 05. In addition to origin authenticity, Bob can
be sure that no letters were altered.
9. Explain different approaches used in judging the quality of security.
"secure”, it means that security implies
some degree of trust that the program enforces expected confidentiality,
integrity, and availability
Fixing Faults
One approach to judge quality in security is fixing faults. You might argue that
a module in which 100 faults were discovered and fixed is better than
another in which only 20 faults were discovered and fixed, suggesting that
more rigorous analysis and testing had led to the finding of the larger
number of faults. Early work in computer security was based on the
paradigm of "penetrate and patch," in which analysts searched for and
repaired faults. Often, a top-quality "tiger team" would be convened to test
a system's security by attempting to cause it to fail. The test was
considered to be a "proof" of security; if the system withstood the attacks, it
was considered secure. Unfortunately, far too often the proof became a
counterexample, in which not just one but several serious security problems
were uncovered. The problem discovery in turn led to a rapid effort to
"patch" the system to repair or restore the security. However, the patch
efforts were largely useless, making the system less secure rather than
more secure because they frequently introduced new faults. There are three
reasons why.
The fault often had non-obvious side effects in places other than the
immediate area of the fault.
The system functionality or performance would be affected if faults needs
to be detected properly.
The pressure to repair a specific problem encouraged a narrow focus on
the fault itself and not on its context. In particular, the analysts paid
attention to the immediate cause of the failure and not to the underlying
design or requirements faults.
Unexpected Behavior
The inadequacies of penetrate-and-patch led researchers to seek a better way
to be confident that code meets its security requirements. One way to do
that is to compare the requirements with the behavior. That is, to
understand program security, we can examine programs to see whether
they behave as their designers intended or users expected. We call such
unexpected behavior a program security flaw; it is inappropriate program
behavior caused by a program vulnerability. There is no direct mapping of
the terms "vulnerability" and "flaw" into the characterization of faults and
failures. A flaw can be either a fault or failure, and a vulnerability usually
describes a class of flaws, such as a buffer overflow. In spite of the
inconsistency, it is important for us to remember that we must view
vulnerabilities and flaws from two perspectives, cause and effect, so that we
see what fault caused the problem and what failure (if any) is visible to the
user
10. What are the different ways in which an operating system can
assist or offer protection?
Separating one user’s object from the other is the basic way of protection.
Separation in an operating system can occur in several ways.
Logical separation:
In which users operate under the illusion that no other processes exist, as
when an operating system constrains a program's accesses so that the
program cannot access objects outside its permitted domain
Physical separation:
Each and every process has its own physical objects, such as separate
printers for output requiring different levels of security.
Cryptographic separation:
Each process will protect their data and computations in such a way that
they are unintelligible to outside processes
Temporal separation:
In which processes having different security requirements are executed at
different times
There are several ways an operating system can assist,
offering protection at any of several levels.
Do not protect. Operating systems with no protection are appropriate when
sensitive procedures are being run at separate times.
Isolate. An operating system providing Isolation feature allow different
processes to run concurrently and are unaware of the presence of the each
other. Each process has its own address space, files, and other objects. The
operating system must confine each process somehow, so that the objects
of the other processes are completely concealed.
Share all or nothing. Each user declare its objects either to be public or
private. There by it will be either available to all users or only to the
owners respectively.
Share via access limitation. With protection by access limitation, the
operating system checks the allowability of each user's potential access to
an object. That is, access control is implemented for a specific user and a
specific object. Lists of acceptable actions guide the operating system in
determining whether a particular user should have access to a
particular object. In some sense, the operating system acts as a guard
between users and objects, ensuring that only authorized accesses occur.
Share by capabilities. An extension of limited access sharing, this form of
protection allows dynamic creation of sharing rights for objects. The
degree of sharing can depend on the owner or the subject, on the context
of the computation, or on the object itself.
Limit use of an object. This form of protection limits not just the access to
an object but the use made of that object after it has been accessed. For
example, a user may be allowed to view a sensitive document, but not to
print a copy of it. More powerfully, a user may be allowed access to data in
a database to derive statistical summaries (such as average salary at
a particular grade level), but not to determine specific data values (salaries
of individuals).