chapter:1 introduction
DESCRIPTION
Chapter:1 Introduction. Rachana Y. Patil. What is “Security”. Freedom from risk or danger; safety. - Freedom from doubt, anxiety, or fear; confidence. Something that gives or assures safety, etc…. Why do we need security?. - PowerPoint PPT PresentationTRANSCRIPT
Rachana Y. Patil
1
– Freedom from risk or danger; safety.
- Freedom from doubt, anxiety, or fear;
confidence.
– Something that gives or assures safety, etc…..
2
• Protect vital information while still allowing access to those who need it– Trade secrets, medical records, etc.
• Provide authentication and access control for resources
• Guarantee availability of resources
3
Integrity
Confidentiality
Avalaibility
Secure
4
Alice Bob
Goal: Keep the contents of communication or data on storage secret
Example: Alice and Bob want their communications to be secret from Eve
5
Changes need to be done only by authorized entities and through authorized mechanisms
6
• The information created and stored by an organization needs to be available to authorized entities
7
8
9
In general, two types of attack threaten the confidentiality of information:
Snooping :- refers to unauthorized access to or interception of data.
Traffic analysis :- refers to obtaining some other type of information by monitoring online traffic.
Modification : the attacker intercepts the message and changes it.
Masquerading or spoofing happens when the attacker impersonates somebody else.Replaying : the attacker obtains a copy of a message sent by a user and later tries to replay it.
Repudiation : the sender of the message might later deny that she has sent the message;
the receiver of the message might later deny that he has received the message.
10
Denial of service (DoS) attacks may slow down or totally interrupt the service of a system.
The attacker can use several strategies to achieve this. They might make the system so busy that it collapses,
or
They might intercept messages sent in one direction and make the sending system believe that one of the parties involved in the communication or message has lost the message and that it should be resent
11
12
Standards have been defined for security services to achieve security goals and prevent security attacks.
13
14
The actual implementation of security goals needs some help from mathematics. Two techniques are prevalent today: one is very general—cryptography—and one is specific—steganography.
Cryptography
Some security services can be implemented using cryptography. Cryptography, a word with Greek origins, means “secret writing”.
SteganographyThe word steganography, with its origin in Greek, means “covered writing”, in contrast to cryptography, which means“secret writing”.
Imagine two people wanting to communicate with each other secretly .
Alice want to send a message to bob that no body else can read
Alice
Bob
Meet meAt
noon
Alice must somehow transform her message called plaintextso that an adversary can not read it 15
BobAlice
EncryptMeet me At noon
Alice uses an encryption algorithm to transform her plaintext Message into cipher text.
Cipher text is a scramble form of her original message that hopefully prevents an adversary from eavesdropping.
16
BobAlice
EncryptMeet me At noon
Key
Phhw ph dw qrrq
In order to encrypt the message, the encryption algorithmTakes as input both the plaintext of the original message, plus a key that tells the algorithm how to “scramble” the plaintext into cipher text
17
BobAlice
EncryptMeet me At noon
Key
Phhw ph dw qrrq
There is just one problem .the message has been encrypted to prevent adversaries from evesdroping,but now bob can’t read the message. what we need is a way to retrieve the original plaintext message from the cipher text
18
Bob Alice
Encrypt
Meet me At noon
Key
Phhw ph dw qrrq Decryp
t
Meet me At noon
Key
Both Alice and Bob use the same algorithm to encrypt and decrypt. They both use a key, that must be kept secrate,to transform their communication.
If any one else discovers the key, their communications would be compromised.
19
• Cryptography – The art or science encompassing the principles and methods of
transforming message an intelligible into one that is unintelligible, and then retransforming that message back to its original form
• Plaintext
– The original intelligible message
• Ciphertext – The transformed message
• Cipher – An algorithm for transforming an intelligible message into one
that is unintelligible by transposition and/or substitution methods
• Key – Some critical information used by the cipher, known only to the
sender & receiver
20
• Encipher (encode) – Process of converting plaintext to ciphertext using a cipher
and a key
• Decipher (decode) – The process of converting ciphertext back into plaintext using
a cipher and a key
• Cryptanalysis (code breaking) – The study of principles and methods of transforming an
unintelligible message back into an intelligible message without knowledge of the key.
• Cryptology – The field encompassing both cryptography and cryptanalysis
21
• Encryption– The mathematical function mapping plaintext to
ciphertext using the specified key:Y = EK(X) or E(K, X)
• Decryption– The mathematical function mapping ciphertext to
plaintext using the specified key:X = DK(Y) or D(K, X) = EK
-1(Y)
22
General idea of symmetric-key cipher
Symmetric Key Cipher
Continued
If P is the plaintext, C is the ciphertext, and K is the key, If P is the plaintext, C is the ciphertext, and K is the key,
We assume that Bob creates PWe assume that Bob creates P11; we prove that P; we prove that P11 = P: = P:
Locking and unlocking with the same key
Continued
Kerckhoff’s Principle
Based on Kerckhoff’s principle, one should always assume that the adversary, Eve, knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key.
Cryptanalysis
As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking those codes.
Cryptanalysis attacks
Continued
Ciphertext-only attack
Ciphertext-Only Attack
16.29
Ciphertext-Only Attack
Brute force
Statistical attack
Pattern attack
16.30
16.31
By letter By frequency
Letter Frequency Letter Frequency
a 0.08167 e 0.12702
b 0.01492 t 0.09056
c 0.02782 a 0.08167
d 0.04253 o 0.07507
e 0.12702 i 0.06966
f 0.02228 n 0.06749
g 0.02015 s 0.06327
h 0.06094 h 0.06094
i 0.06966 r 0.05987
j 0.00153 d 0.04253
k 0.00772 l 0.04025
l 0.04025 c 0.02782
m 0.02406 u 0.02758
n 0.06749 m 0.02406
o 0.07507 w 0.02360
p 0.01929 f 0.02228
q 0.00095 g 0.02015
r 0.05987 y 0.01974
s 0.06327 p 0.01929
t 0.09056 b 0.01492
u 0.02758 v 0.00978
v 0.00978 k 0.00772
w 0.02360 j 0.00153
x 0.00150 x 0.00150
y 0.01974 q 0.00095
z 0.00074 z 0.00074
3.32
Continued
Known-plaintext attack
Known-Plaintext Attack
3.33
Continued
Chosen-plaintext attack
Chosen-Plaintext Attack
3.34
Continued
Chosen-ciphertext attack
Chosen-Ciphertext Attack
• Substitution Cipher– Replace one symbol with another
• Transposition Cipher– Reorders Symbols
35
• Mono-alphabetic Substitution– The relationship between symbols in plain text to
a symbols In cipher text is always one to one
• Poly-alphabetic substitution cipher– Each occurrence of a character may have
different substitution
– The relationship between symbols in plain text to a symbols In cipher text is always one to many
36
• Additive Cipher• Multiplicative Cipher• Affine Cipher• Monoaplhabetic Substitution Cipher
37
Bob Alice
C=(P+K) mod
26
PlaintextP
Key k
Cipher text C
P=(C-K) mod 26
PlaintextP
Key K
a b c d e f g h i j k l m n o p q r s t u v w x y z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z0 1 2 3 4 5 6 7 8 9 1
011
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Encryption Decryption
38
o EXAMPLE
Plaintext = apple Key = 5Ciphertext=?
Plaintext a 00 Encryption(00+05) mod 26 Ciphertext: 05 FPlaintext p 15 Encryption(15+05) mod 26 Ciphertext: 20
UPlaintext p 15 Encryption(15+05) mod 26 Ciphertext: 20
UPlaintext l 11 Encryption(11+05) mod 26 Ciphertext: 15 PPlaintext e 04 Encryption(04+05) mod 26 Ciphertext: 09 J
Ciphertext = FUUPJ 39
o EXAMPLE
Ciphertext = FUUPJKey = 5Plaintext=?
o EXAMPLE
Plaintext = helloKey = 15Ciphertext=?
40
Bob Alice
C=(P*K) mod 26
PlaintextP
Key k
Cipher text C
P=(C*K-
1) mod 26
PlaintextP
Key K
Encryption Decryption
41
Bob
Alice
C=(P*K1) mod
26
PlaintextP
Key k1
T P=(C+K2) mod
26Ciphertext
C
Key K2
Encryption
Decryption
C=(P*K-1) mod 26
P=(C-K2)
mod 26
Key k1
Key K2
PlaintextP
42
o EXAMPLE
plaintext = helloKey pair = (7,2)Ciphertext=?
43
• The shift pattern could be random assignment of characters for each alphabet
EX.
• This would also give 26! possibilities
44
• AutoKey Cipher
• Playfair Cipher
• Vigenere Cipher
45
• In this cipher the key is a stream of subkeys,in which each sub key is use to encrypt the corresponding character in the plaintext
• The first sub key is predetermined value secretly agreed upon by Alice and Bob.
• The second sub key is the value of first plaintext character
P=P1P2p3……. C=C1C2C3…….. K=(K1,P1,P2,…..)
Encryption : Ci = (Pi+Ki) mod 26 Decryption : Pi = (Ci-Ki)mod 26
46
• Best-known multiple-letter substitution cipher
• Digram cipher (digram to digram, i.e., E(pipi+1) = cici+1 through keyword-based 5x5 transformation table)
• Great advance over simple monoalphabetic cipher (26 letters 26x26=676 digrams)
47
• Before encryption ,if two letters in the pair are same, a bogus letter is inserted to separate them
• After inserting a bogus letter if the number of character in the plaintext is odd, one extra bogus character is added at the end of the string
• The cipher uses three rules for encryption
If the two letter in the pair are located in same row of the key, then The corresponding encrypted character for each letter is the next letter to the right in the same row
48
If two letter in the pair are in the same column of the key ,the corresponding encrypted character for each letter is the letter beneathIf two letter in the pair are are not in the same row or column of the key ,the corresponding encrypted character for each letter is the letter that is in it’s own row but in the same column as the other letter.
49
o EXAMPLE
plaintext = helloCipher text=?
Key=
Plaintext : helloAdd bogus character
helxlo
he lx lo
he EC
lx QZ
lo BX
Ciphertext : ECQZBX 50
• The key stream is a repetition of an initial secret key stream of length m.
• Initially the secret key should be agreed by Alice and Bob
P=P1P2p3……. C=C1C2C3……..
K=((K1,K2...,Km),(K1,K2,…,Km),….)
Encryption : Ci = (Pi+Ki) Decryption : Pi = (Ci-Ki)
Vigenere key stream does not depend on the plaintext characters
51
o EXAMPLE
plaintext = she is listeningCipher text=?Key= PASCAL
s h e i s l i s t e n i n g
18 07 04 08 18 11 08 18 19 04 13 08 13 06
P A S C A L P A S C A L P A
15 00 18 02 00 11 15 00 18 02 00 11 15 00
07 07 22 10 18 22 23 18 11 6 13 19 02 06
H H W K S W X S L G N T C G
Plaintext
P’s Value
Key
Key’s value
C’s value
ciphertextCiphertext : HHWKSWXSLGNTCG
52
Vigenere cipher can be seen as combinations of m additive ciphers.
Example
16.53
• Keyless Transposition Cipher
• Keyed Transposition Cipher
• Combination of two
54
Keyless Transposition Ciphers
Simple transposition ciphers, which were used in the past, are keyless.
A good example of a keyless cipher using the first method is the rail fence cipher. The ciphertext is created reading the pattern row by row. For example, to send the message “Meet me at the park” to Bob, Alice writes
Example
She then creates the ciphertext “MEMATEAKETETHPR”.16.55
Rearrange letters in plaintext to produce ciphertext (also called permutation)
Example (Rail-Fence Cipher)
16.56
Transposition Technique
• Rail fence• Example-
• Come home tomorrow– C m h m t m r o– o e o e o o r w
• Cmhmtmrooeoeoorw
57
Figure: Columnar Transposition.
58
• Ex- come home tomorrow
C O M E H O
M E T O M O
R R O w - -
1 2 3 4 5 6
Order 4,6,1,2,5,3
Eowoo-cmroerhm-mto59
• The keyless ciphers permute the characters by using writing plaintext in one way and reading it in another way
• The permutation is done on the whole plaintext to create the whole ciphertext.
• Another method is to divide the plaintext into groups of predetermined size, called blocks, and then use a key to permute the characters in each block separately.
60
Alice needs to send the message “Enemy attacks tonight” to Bob..
Example
The key used for encryption and decryption is a permutation key, which shows how the character are permuted.
The permutation yields
Example
62
Encryption/decryption keys in transpositional ciphers
ContinuedKeys
In previous Example, a single key was used in two directions for the column exchange: downward for encryption, upward for decryption. It is customary to create two keys.
63
64
The literature divides the symmetric ciphers into two broad The literature divides the symmetric ciphers into two broad categories: stream ciphers and block ciphers. Although the categories: stream ciphers and block ciphers. Although the definitions are normally applied to modern ciphers, this definitions are normally applied to modern ciphers, this categorization also applies to traditional cipherscategorization also applies to traditional ciphers..
1. Stream Ciphers2. Block Ciphers3. Combination
65
Call the plaintext stream P, the ciphertext stream C, and the key stream K.
Stream cipher
66
Additive ciphers can be categorized as stream ciphers in which the key stream is the repeated value of the key. In other words, the key stream is considered as a predetermined as a stream of keys K = (k, k, …, k).
The monoalphabetic substitution ciphers discussed previously are also stream ciphers. However, each value of the key stream in this case is the mapping of the current plaintext character to the corresponding ciphertext character in the mapping table.
Example of stream cipher
67
In a block cipher, a group of plaintext symbols of size m (m > 1) are encrypted together creating a group of ciphertext of the same size. A single key is used to encrypt the whole block even if the key is made of multiple values.
68