Cryptography, Network Security and Cyber Laws Notes 2019-2020
Cryptography, Network Security and Cyber Laws Notes 2019-2020
By ,
Swetha K H
Asst. professor
Dept. Of ISE
MODULE-1
Chapter-1
Introduction
CYBER ATTACKS
Computer security is all about studying cyber attacks and to defend against them.
3) Illegal access to or use of resources: The goal here is to obtain free access or service to paid
services.
Ex: Free access to online digital products such as magazine or journal articles, free use of
computing power on super computers.
Common Attacks
There are two best known attacks in this category, they are:
2) Pharming attack- involves modifying DNS entries, which causes users to be directed to
the wrong website when they visit a certain web address.
Other attacks which comes under personal information retrieval attacks are:
Phishing, pharming, skimming, eavesdropping, password guessing all these are called
identity theft.
b) Denial of service(DOS):
• Attack that interrupts or disrupts computing services of the victim are called as denial of
service.
• These attacks exhaust the computing power, memory capacity or communication
bandwidth of their targets.
1) Worms & viruses- are the malware that replicate themselves. A virus infects a file,
spreads from one to another file. A worm is stand-alone program that infects a computer,
spreads from one computer to another. Examples like spread through email, internet
messages, Bluetooth etc.
2) Trojan- malware that masquerades as a utility but has other insidious goals such as
modification of files, data theft etc.
3) Spyware- installed on a machine, can be used to monitor user activity and as a key
logger to recover valuable information such as passwords from user keystrokes.
Vulnerabilities
2)Data protection: The data in transit or in storage need to be protected. There are 2
dimensions to it.
1. Data confidentiality: The data should not be readable by an intruder.
2. Data integrity: Data in transit should not be tampered with or modified.
Cryptographic techniques are among the best known ways to protect both, the confidentiality and
integrity of data.
3)Prevention and detection: Access control and message encryption are preventive
strategies. Cryptographic checksum, detects tampering of messages. code testing is used to detect
vulnerabilities.Intrusion prevention may not always be practical or affordable. So we need
intrusion detection.
4)Response, recovery and forensics: Once an attack or infection has been detected, response
measures should be taken. It includes shutting down all or part of the system. Infected part of the
system should be quarantined and necessary patches applied.
Cyber forensics is an emerging discipline with a set of tools that help trace back the perpetrators
of cyber crime.
GUIDING PRINCIPLES
1) Security is as much a human problem than a technological problem and must be
addressed at different levels:
- Robust security policies should be formulated.
- Security engineers have a key role to play in designing techniques and products to protect
organizations from cyber attacks.
- System admins should be proactive in crucial security practices.
- Employees within an organization should be educated on do’s and dont’s through
security awareness programs.
- Security should be factored in early on during the design phase of a new product and then
carried forward through implementation and testing.
4) Always consider the default deny policy for adoption in access control:
The subject in an access control policy could be people, packets or user inputs.
- The best policy is the ‘default deny’ in which subject’s request is denied if it is not in
whitelist.
Chapter 2
Mathematical Background for cryptography
MODULO ARITHMETIC:
• Let d be an integer, n a positive integer, q is quotient and r is remainder from dividing d
by n. The relationship b/w d, n, q, r is given by,
d=n*q + r , 0<=r<n
• d is equal to r modulo n, expressed as,
d ≡ r (mod n)
• If two integers are congruent modulo n, then they differ by a integral multiple of n.
Algebraically expressed as,
If a mod n= r and b mod n =r
Then,
a=n*q1 + r and b=n*q2 + r
a-b=n*(q1-q2)
Note:
If a=n*q1 + r1 and b=n*q2 + r2
Then,
(a*b) mod n = (r1*r2) mod n
Example:
2,3 and 6 are common divisors of both 24 and 78. The largest integer that divides both is 6, so
gcd(24,78)=6.
Euclid’s Algorithm
Step 1: 161=112*1 + 49
Step 2: 112= 49*2 + 14
Step 3: 49= 14*3+ 7
Step 4: 14= 7*2 + 0
The process of division continues until a remainder of 0 is encountered.
So, 7 is the gcd(161, 112)
GCD theorem: Given 2 integers b and c, there exist 2 integers x and y such that,
b*x + c*y=gcd(b, c)
Rewrite
7= 49-14*3
161=112*1 +49
49=161-112*1
7=(161-112*1)*7 + 112*(-3)
7=161*7 + 112*(-10)
161*7 + 112*(-10)=7
X=7, y=-10
(its lengthy, same can be solved using Extended euclid’s algorithm easily)
Corollary of GCD theorem: if b and c are relatively prime, then there exist integers x and y
such that,
b*x + c*y=1
• Multiplicative inverse modulo a prime number is often need to be computed in
cryptography. This inverse can be obtained using extended euclid’s algorithm.
• c*y≡1 (mod b) if this holds, then y is the multiplicative inverse of c mod b
computeInverse(b, c)
{
Old1=1 new1=0
Old2=0 new2=1
b’=b c’=c
r=2
While(r>1)
{
q=b’/c’
r=b’%c’
temp1= old1-new1*q
Old1=new1
new1=temp1
Temp2=old2-new2*q
Old2=new2
New2=temp2
b’=c’
c’=r
// at this point new1*b + new2 * c= r
}
return new2
}
- 79 12 - 2 1 0 0 1 -
1 12 7 6 7 0 1 1 -6 7
2 7 5 1 5 1 -1 -6 7 5
3 5 2 1 2 -1 2 7 -13 2
4 2 1 2 1 2 -5 -13 33 1
Groups:
• Groups are also required in cryptography.
• A group is a pair <G,*>, where G is a set and * is a binary operation such that, the
following hold
closure: if a and b are elements of G, then so is a*b.
Associativity: if a, b and c are elements of G then a*(b*c)=(a*b)*c
Identity element: there exists an element I in G such that for all b in G,
I*b=b=b*I
Inverse: For each element b in G, there exists exactly one element c in G such that b*c=c*b=I
Sub-group: <G’,*> is a sub-group of <G,*> if <G’,*> satisfies the group properties enumerated
earlier and G’ is a subset of G.
Note:
• If m and are relatively prime, mφ(n) mod n=1.
• Let p be prime and let m be a non zero integer that is not a multiple of p. Then, mp-1 mod
p=1
• A group <G,*> is cyclic if there is atleast one element g in it such that <g> is <G,*>.
Then g is called generator of <G,*>
Note:
• The group <z*p,*p>, where p is prime is cyclic.
• The number of generators in <z* p,*p> is φ(p-1).
• Let p be prime and let p1,p2,…pk be the distinct prime factors of p-1. Then, g is a
generator of <z*p,*p> if and only if, g(p-1)/pi ≠ 1 mod p for all pi, 1<=i<=k
Rings
• A ring is a triplet <R,+,*> , where + and * are binary operations and R is a set satisfying
the following properties:
1) <R,+>, is a commutative group. The additive identity is designated as 0.
2) For all x, y and z in R,
- x*y is also in R.( R is closed under *)
- x*(y*z)=(x*y)*z. (* is an associative operation)
- x*(y+z)=x*y+x*z= (y+z)*x. (* distributes over +)
Polynomial Rings
Fields
Ex: The set of all real numbers with regular addition and multiplication is an infinite field.
Ex: <Zn, +n,*n> is a field iff ‘n’ is prime.
Note:
How to solve for X by Chinese remainder theorem?
X=(x1.a1.α1 + x2.a2. α2+....+ xm.am. αm) mod N
xi=remainder
ai= N/ni
αi=inverse of ai mod ni (ai-1 mod ni) (can be obtained by applying extended euclid’s algorithm)
3) Problem: Apply chinese remainder theorem to find square roots of 3 modulo 143.
Chapter 3
Basics Of Cryptography
PRELIMINARIES
Cryptography: is the science of disguising messages so that only the intended recipient can
decipher the received message.
• Cryptography maintains confidentiality, integrity of messages. It provides message
authentication and digital signatures.
• Useful in e-banking, e-commerce, e-trading.
Types of cryptography
There are 2 types of cryptography:
Secret Key Cryptography: both sender and receiver share a common secret key. So
e=d. It is also called as symmetric key cryptography.
Public key Cryptography: Two distinct keys forming a key pair are used. Encryption
key is called as public key and decryption key is called as private key. It is also called as
Asymmetric key cryptography.
1) RSA and
2) ECC (Elliptic curve cryptography)
• Ease of implementation
• Hardware requirements
• Performance characteristics
• Security
Types of Attacks
Cryptographic algorithm is secure if a cryptanalyst is unable to,
1) Known cipher text attack: Attacker accumulates lot of ciphertexts. Then looks for
patterns in the cipher text to reconstruct some plaintext or to deduce the key.
2) Known plain text attack: All or part of some plaintext blocks are predictable.
Cryptanalyst builds a collection of corresponding plaintext, ciphertext pairs to deduce
key.
Known plaintext attack is a brute force attempt at obtaining key by trying all possible key
values.
1)Monoalphabetic ciphers
2) Polyalphabetic ciphers
1)Monoalphabetic ciphers:
Let Σ denote the set of alphabets {A,B,.....Z}. A monoalphabetic substitution cipher defines a
permutation of the elements in Σ .
•
The simplest substitution cipher is one that replaces each alphabet in a text by the
alphabet k positions away.
• Ex: k=3
The substitutions are D for A, E for B etc.
This scheme is also called as caesar cipher.
Ex:
Plaintext: wishing you much success
Key: 4 19 3 22 7 12 5 11 4 19 3 22 7 12 5 11 4 19 3 22 7
Ciphertext: A B V D P Y L JS N PQJ T XFGVHOZ
C1=p1*k11+p2*k21+....+pmkm1 mod 26
C2=p1*k12+p2*k22+....+pmkm2 mod 26
.
.
Cm=p1*k1m+p2*k2m+....+pmkmm mod 26
C=Pk
P=Ck-1
iii) One time pad: The most secure cipher is a one time pad.
• Encryption is similar to vigenere cipher technique, but in one time pad, key size will be
same as plaintext size.
• There is no repeating of keys.
• Each character is encrypted with a random key.
ATNOTIARGIEBONONPEON
To decrypt the message, cast the cipher text in a 5 x 4 matrix, reverse the column shuffles and
then reverse the row shuffles.
• Diffussion is concerned with the relationship between the plaintext and the corresponding
ciphertext. Block of plaintext scattered across the block of cipher text.
2) Block ciphers and stream ciphers: in block ciphers plaintext is split into fixed size
chunks called blocks and each block is encrypted separately.
• Examples for block ciphers are: DES,AES,RSA and ECC
• Block cipher size are: 64 bits in DES, 128 bits in AES, 768 or more bits in RSA, 200 bits
in ECC.
• Stream ciphers operate on bits. They generate pseudo random keystream and a per
message bit string.
• Ex: One time pad, RC4
• Stream ciphers are vulnerable to attacks.
Chapter 4
Secret Key Cryptography
PRODUCT CIPHERS
• A cipher which is obtained by cascading S-boxes and P-boxes alternately is called as
product cipher.
• There are three operations that takes place in sequence,
1) An operation involving a function of the encryption key.
2) Substitution and
3) Permutation.
• The first operation involves ⨁ (XOR) ing input of that round (iteration) and the round
key. The round key is function of bits in encryption key.
• If the block size of cipher is b, the size of table that implements b x b s-box is b x 2b bits.
• To save table space, single s-box is broken into multiple s-boxes.
• If ‘s’ is the number of s-boxes, the number of inputs to each s-box is ‘b/s’. So the
corresponding table will be of size b/s x 2b/s bits.
• S-box injects non linearity.
DES CONSTRUCTION
• DES is the successor to lucifer cipher, Lucifer cipher was designed by IBM in 1960s.
Fiestal structure:
1) An initial permutation
2) 16 rounds of a given function.
3) A 32-bit left –right swap and
4) A final permutation.
DES operations
• The decryption involves obtaining Li-1 and Ri-1 from Li and Ri. It proceeds from bottom to
top.
Ri-1 = Li
Li-1 = Ri f(Li , Ki)
• The function ‘f’ in DES does not have to be invertible (f-1) to decrypt.
• The cipher having such non-invertible structure is called as fiestel cipher.
Round Function:
MODULE 1 Completed