Introduction, Basics of Cryptography, Secret Key Cryptography
Introduction, Basics of Cryptography, Secret Key Cryptography
Introduction, Basics of Cryptography, Secret Key Cryptography
com
Network Security & Cryptography Module 1
MODULE 1
Introduction, Basics of Cryptography, Secret Key
Cryptography
Computer security is all about studying cyber attacks with a view to defending against them.
The attacks include pharming and phishing attacks together with assorted malware and denial
of service attacks.
Understanding what makes systems vulnerable to these attacks is an important first step in
avoiding or preventing them.
There are different classes of vulnerabilities including those caused by poorly written or
configured software.
There are diverse defence strategies such as Access control, authentication, and data
protection techniques are introduced.
1.1 Cyber Attacks
1.1.1Motives
Year Event
1988 Robert Morrisa 23-year-old Cornell graduate student, released a worm that over an
2. Disruption of service.
Interruption or disruption of service is launched against an organization's servers so they
are made unavailable or inaccessible.
In recent times, there have been unconfirmed reports of such attacks being launched by
business rivals of e-commerce websites.
The goal here appears to be "my competitor's loss is my gain." In 2001, there were a
series of such attacks that targeted the websites of Yahoo, Microsoft, etc. in a short span
of time.
They were meant to alert corporates and others of the dangers of this class of attacks.
3. Illegal access to or use of resources.
The goal here is to obtain free access or service to paid services.
Examples of this include free access to online digital products such as magazine or
journal articles, free talk time on someone else's account, free use of computing power on
a supercomputer, etc.
In each case, the attacker is able to circumvent controls that permit access to only paid
subscribers of such services.
1.1.2 Common Attacks
Some of the common attacks are :
1. Phishing
2. Pharming
3. Dictionary attacks
4. Denial of Service (dos)
5. Trojan
6. Spyware
1. Phishing:
One set of attacks are those that attempt to retrieve personal information from an
individual.
It provokes the victims to a fake website — an on-line bank, for example.
The fake site has the look and feel of the authentic bank with which the victim has an
account.
The victim is then asked to enter sensitive information such as his/her login name and
password, which are then passed on to the fake website.
Personal information may also be leaked out from credit cards, smart cards, and ATM
cards through a variety of skimming attacks.
2. Pharming:
It attempts to deduce sensitive information from lost or stolen smart cards through
advanced power and timing measurements conducted on them.
Finally, leakage of information may also take place through eavesdropping or
snooping on the link between two communicating parties.
3. Dictionary attacks :
One means of intruding into a computer system is through password-guessing attacks.
The ultimate goal of the attacker is to impersonate his/her victim.
The attacker can then perform unauthorized logins (break-ins), make on-line purchases,
initiate banking transactions, etc., all under the assumed identity of the victim.
1.1.3 Vulnerabilities
Behind every attack is a vulnerability of some type or the other.
Definition:A vulnerability is a weakness in a procedure, protocol, hardware, or software
within an organization that has the potential to cause damage.
There are at least four important vulnerability classes in the domain of security:
1. Human Vulnerabilities:
These are vulnerabilities caused by human behaviour or action.
For example, the user clicks on a link in an e-mail message received from a
questionable source. By so doing, the user can be directed to a site controlled by the
attacker as in a phishing attack or a cross-site scripting attack.
Similarly clicking on an e-mail attachment may open up a document causing a macro
to be executed.
The macro may be designed to infect other files on the system and/or spread the
infected e-mail to other e-mail addresses harvested from the victim's inbox.
Once an attack or infection has been detected, response measures should be taken .
These include shutting down all or part of the system.
Many intrusion attempts leave information
Cyber forensics is an emerging discipline with a set of tools that help trace back the
perpetrators of cyber crime.
Table 1.2 defines some of the most widely used terms in cyber security parlance.
1.3GUIDING PRINCIPLES
1. Security is as much (or more) a human problem than a technological problem and must be
addressed at different levels.
At the highest level, security should be addressed by top-level management in
large organizations.
Robust security policies should be formulated and a comprehensive
implementation strategy outlined by a dedicated team of security specialists,
possibly headed by a Chief Information Security Officer (CISO).
Some of the mechanisms used to implement high-level policies are in the realm
of technology.
Security engineers have a key role to play in designing techniques and products to
protect organizations from the various cyber attacks.
System administrators handle day-to-day operations.
They should be proactive in crucial security practices such as patch application.
One of the key tasks of a system administrator is to configure systems and
applications. Their job also involves setting user/group permissions to various
system resources such as files, configuring firewalls, sifting through system logs
for signs of an intrusion, and processing alerts.
The final link in the security chain is the rank and file within an organization.
The employees within an organization should be educated on various do's and
don'ts through periodically updated security awareness programs.
In summary, a healthy combination of enlightened security policy and
procedures, backed by enforcement, aided by technology, coupled with diligent
There have been a number of cryptographic algorithms proposed which was made
mandatory in newly standardized protocols, but their details were not made public.
The flaws are exposed over time after the protocols have been widely deployed,
attracting closer attention from the hacker community.
There are ethical hackers whose goal is to break software/ protocols/algorithms so that
they can be fixed before things get out of hand.
It is the ethical hacker community at least, if not the public at large, who should be
able to study new protocols and algorithms prior to widespread adoption.
One such example was the procedure followed for selecting an algorithm in the late
1990s for the new secret key cryptography standard — AES was finally chosen after
much public scrutiny and debate. As another example, open source software is usually
freely available. Public review of its security features can make or break its reputation.
4. Always consider the "Default Deny" policy for adoption in access control.
The subjects in an access control policy could be people, network packets, operating
system processes or even user input.
One policy is the "Default Permit," i.e., grant the subject's request unless the subject is
on a blacklist or it has certain blacklisted attributes.
The dual of this policy is the "Default Deny" policy. In this case, the subject's request
is denied unless it is on a whitelist.
Clearly, whitelisting is the more conservative approach.
With whitelisting, the access controller may reject a legitimate subject whose name
has been mistakenly excluded from the whitelist but that is the price to be paid for
greater security.
Blacklisting, on the other hand, may accept a bad guy because his name or attributes
were mistakenly excluded from the blacklist.
The tradeoffs between blacklisting and whitelisting should be carefully examined (see
Principle 8). However, in general, prudent security design should seriously consider
adoption of the "Default Deny" policy.
They may, and typically do, have some overlapping functionality. Because of differences
in the hardware/software design and in configuration, what escapes Firewall 1 may be
caught by Firewall 2 and vice versa.
Basics of Cryptography
PRELIMINARIES
Cryptography is the science of disguising messages so that only the intended recipient can
decipher the received message.
Cryptography is the lynchpin of data security — besides providing for message
confidentiality, it also helps in providing message integrity, authentication, and digital
signatures.
The original message or document to be transferred is called plaintext
The plaintext which is encrypted is called ciphertext.
The process of converting the original plaintext to ciphertext is called encryption
The process of recovering the original plaintext from the ciphertext is called decryption.
Encryption involves the use of an encryption function or algorithm, denoted by E, and an
encryption key, e.
Decryption involves the use of a decryption function denoted by D, and a decryption key, d.
These operations are summarized below.
c = Ee(p)
p = Dd(c)
Here, p denotes a block of plaintext. It is encrypted by the sender to produce ciphertext
denoted by c.
Decryption operation is performed by the receiver on the ciphertext to recover the plaintext.
Kerckhoff's Principle: The secrecy should be in the key used for decryption, not in the
decryption or encryption algorithms.
In secret key cryptography, both sender In public key cryptography, two distinct keys
and receiver share a common secret - the forming a key pair are used –
same secret key is used for encryption as I. the encryption key or public key and
well as decryption. So e = d , this form of II. the decryption key or private key.
cryptography is also referred to as The public key of a user(receiver) is used to
symmetric key cryptography. encrypt messages to that user.
It is the private key of the recipient that is used to
decrypt the message.
Because the public and private keys are distinct,
this form of cryptography is also referred to as
asymmetric key cryptography.
If Alka and Brijesh share a secret key, k, Assuming that Brijesh has a public key-private
then she encrypts the message using the key pair, she would encrypt her message using his
common secret. public key , B.pu.
The encrypted message received by Brijesh Brijesh then decrypts the message using the
is decrypted using the same secret. corresponding private key, B.pr.
The secret key operations are summarized Assuming that Brijesh keeps his private key
below. securely, he and only he can decrypt the message
Operation performed by Alka received from Alka.
c = Ek(p) The public key-private key operations are
Operation performed by Brijesh: summarized below.
p = Dk(c) Operation performed by Alka:
c = E B.pu(p)
Operation performed by Brijesh:
p=D B.pr(c)
EX:Data Encryption Standard, Advanced RSA, Elliptic Curve Cryptography (ECC).
Encryption Standard (AES)
He would then look for patterns in the ciphertext in an attempt to reconstruct some
plaintext and/or deduce the key. Such an attack which exclusively uses ciphertext is
referred to as a "known ciphertext" attack.
Occasionally, all or part of some plaintext blocks are predictable or may be guessed.
A cryptanalyst may then build a list of corresponding plaintext, ciphertext pairs with the
intention of deducing the key. Such an attack is referred to as a "known plaintext"
attack.
It may even be possible for a shrewd attacker to carefully choose pieces of plaintext and
then induce the sender to encrypt such text.
An attack on a cryptographic scheme which makes use of pairs of attacker-chosen
plaintext and the corresponding ciphertext is referred to as a "chosen plaintext" attack.
The most obvious, though compute-intensive, attack with known plaintext is a brute
force attempt at obtaining the key by trying all possible key values.
Let (p1,c1) , (p2,c2) , (p3,c3) be plaintext—ciphertext pairs.
E for B,
A for X,
B for Y, etc.
Such a scheme is referred to as a Caesar cipher.
A sample plaintext and the corresponding ciphertext for k= 3 is
In substitution ciphers, like the Caesar cipher, each letter is always substituted for another
unique letter. Such ciphers are said to be monoalphabetic.
4.2.2 Polyalphabetic Ciphers
In a polyalphabetic cipher, the ciphertext corresponding to a particular character in the
plaintext is not fixed. It may depend on, for example, its position in the block.
We next study two examples of such ciphers.
a. The Vigenere Cipher
The Vigenere cipher is a polyalphabetic cipher that uses a multi-digit key k1, k2, k3, k4…
km
Here , k1, k2, k3, k4… km are each integers.
The plaintext is split into non-overlapping blocks, each containing m consecutive
characters.
Then the first letter of each block is replaced by the letter k1 positions to its right the
second letter of each block is replaced by the letter k2 positions to its right, and soon.
Plain W I S H I N G Y O U S U C C E S S
text
Key: 04 19 03 22 07 12 05 11 04 19 03 22 07 12 05 11 4
Ciphertext: A B V D P Y L J S N P Q J T X F G V H O Z
The first letter in the above text is W. The corresponding key value is 04.
This means that the ciphertext is the letter 4 positions ahead (in the modulo 26 sense).
The key length = 8, i.e., the keystring repeats after every 8 characters.
There are four occurrences of the letter "s" in the above text
However, each occurrence of "s" is encrypted as a different character in the ciphertext - "
V", "X", "O," and "Z".
Unlike the Caesar and Vigenere ciphers, each character in the ciphertext is a function of all
the characters in that block.
Let p1,, p2, . . . pm„, be the numeric representation of the characters in the plaintext and
let c1,c2,c3,…cm represent the corresponding characters in the ciphertext.
To compute the ciphertext, we map each alphabet to an integer.
We use the mapping,
A 0
B 1
C 2
D 3
E 4
F 5
c.One—time Pad
To perform theone time pad cipher encryption operation, the pad values are added to
numeric values that represent the plaintext that needs to be encrypted.
Each character of the plaintext is turned into a number and a pad value for that position is
added to it.
The resulting sum for that character is then converted back to a ciphertext letter for
transmission.
ATNOTIARGIEBONONPEON
To decrypt the message, the recipient would have to cast the cipher text in a 5 x 4 matrix,
reverse the column shuffles, and then reverse the row shuffles.
For example, with a combination of guesswork, luck, and limited prior information, a spy
might be able to deduce that the planned start time of an attack is 11:15 pm upon receiving
the following ciphertext.
11KC TA TAMMO CPM51CENE
This is the ciphertext using the row and column shuffling as in the example above.
The corresponding plaintext is
Commence Attack 11 15 pm
In 1949, Claude Shannon first proposed the ideas of confusion and diffusion in the operation
of a cipher.
Confusion is the property of a cipher whereby it provides no clue regarding the relationship
between the ciphertext and the key.
Given plaintext p, a sequence of keys k1, k2, . . . ki and the corresponding ciphertexts are
obtained using this encryption Ek1(p), Ek2(p), Ek3(p),………. Eki(p),
It is nearly impossible to deduce the value of a new, arbitrarily chosen key kj used to create
the ciphertext,Ekj(p).
Confusion reigns supreme with a cipher if , for any plaintext,p if even a single bit in a key k
is changed to produce k’, then roughly half the bits in the ciphertexts Ek(p) and Ek’(p) are
different.
While confusion is concerned with the relationship between the key and the ciphertext,
Diffusion is concerned with the relationship between the plaintext and the corresponding
ciphertext.
Block Ciphers
With block ciphers, the plaintext is split into fixed size chunks called blocks, and each
block is encrypted separately.
Typically all blocks in the plaintext are encrypted using the same key.
Block ciphers include DES, AES, RSA, and ECC.
Block sizes used in secret key cryptography are usually smaller — 64 bits in DES and
128 bits in AES.
The block size in RSA is much larger — 768 or more bits, while the block size in ECC is
about 200 bits.
If two blocks of plaintext within a message are identical, their corresponding ciphertexts
are identical. This statement, however, is only partially true.
Stream cipher
Modern day secret-key ciphers are typically synthesized using the Substitution Box (S-Box)
and the Permutation Box (P-Box).
Substitution Box (S-Box)
An S-box is a device that takes as input a (binary) string of length m and returns a
(binary) string 1 of length n. While it is often the case that m = n, this need not
always be so.
m
An S-box is implemented using a table (or array) of 2 rows with each row
containing an n-bit value.
The input to the S-box is used to index the table which returns the n-bit output of the
S-Box.
Permutation Box (P-Box).
The three operations that take place in sequence as shown in Fig. 5.1:
For a block size of 64, the use of eight S-boxes (each with 8 inputs) would bring down the
storage requirements to about 16,000 bits.
Usage of s box injects non-linearity into the design of the cipher.
Non-linearity implies the absence of a linear relationship between any subset of bits in the
plaintext, cipher text, and key.
Finally, the third step in each round or iteration is a permutation.
A P-Box re-orders the inputs that it receives. it diffuses or spreads contiguous bits of the
input across the entire block.
Without the P-Box, the first b/s bits of the output would be a function of the first b/s bits of
the input, the second b/s bits of the output would be a function of the second b/s bits of the
input and so on.
DES is the successor to a cipher called Lucifer designed by cryptographers at IBM in the
1960's.
It was first published in March 1975 and was chosen by the U.S. National Bureau of
Standards or NBS (later re-named National Institute of Standards and Technology or NIST)
as the standard cipher for secret key cryptography in January 1977.
Figure:DES encryption
Two bits of the i-th chunk serve as a row index (i5,i0)into the i-th table (Fig. 5.3) and the
remaining four bits serve as a column index(i4,i3,i2,i1).
The output of the S-box is simply the 4-bit string pointed to by the row and column indices.
i5 i4 i3 i2 i1 i0
S BOX
o3 o2 o1 o0
column 0 to column 15
Row 0
Row 1
Row 2
Row 3
Figure s box implementation using array size 4X16
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner
download from vtuloop.com
Scanned by CamScanner