Cryptography and Network Security Third EditionAbout the Author Atul Kahate has over 17 years of experience in Information Technology in India and abroad in various capacities. He currently works as Adjunet Professor in Computer Science in Pune University and Symbiosis Internation- = eh al University. His last IT employment was as Consulting Practice Director at “s Oracle Financial Services Software Limited (earlier known as i-flex solutions ) limited). He has conducted several training programs/seminars in institutions Ye such as IIT, Symbiosis, Pune University, and many other colleges. A prolific writer, Kahate is also the author of 38 books on Computer Science, Science, Technology, Medicine, Economics, Cricket, Management, and History. Books such as Web Technologies, Cryptography and Network Security, Operating Systems, Data Com- ‘munications and Networks, An Introduction to Database Management Systems are used as texts in several universities in India and many other countries. Some of these have been translated into Chinese. Atul Kahate has won prestigious awards such as Computer Society of India’s award for contribution to IT literacy, Indradhanu’s Yuvonmesh Puraskar, Indira Group’s Excellence Award, Maharashtra Sahitya Parishad’s “Granthakar Puraskar”, and several others. ‘He has appeared on quite a few programmes on TV channels such as Doordarshan’s Sahyadri channel, IBN Lokmat, Star Maza, and Saam TY related to IT, education, and careers. He has also worked as official cricket scorer and statistician in several international cricket matches. Besides these achievements, he has written over 4000 articles and various columns on IT, cricket, science, technology, history, medicine, economics, management, careers in popular newspapers’ magazines such as Loksatta, Sakal, Maharashtra Times, Lokmat, Lokprabha, Saptahik Sakal, Divya Marathi, and others.Cryptography and Network Security Third Edition Atul Kahate Adjunct Professor Pune University and Symbiosis International University Author in Computer Science Luts fete Enns McGraw Hill Education (India) Private Limited NEW DELHI McGraw Hill Education Offices New Delhi NewYork StLouis San Francisco Auckland Bogota Caracas Kuala Lumpur Lisbon London Madrid Mexico City Milan Montreal San Juan Santiago Singapore Sydney Tokyo TorontoJ McGraw Hill Education (India) Private Limited Published by McGraw Hill Education (India) Private Limited P-24, Green Park Extension, New Delhi 110 016 Cryptography and Network Security, 3/e Copyright © 2013, 2008, 2003, by McGraw Hill Education (India) Private Limited \No part of this publication may be reproduced or distributed in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise or stored in a database or retrieval system without the prior written permis- sion of the publishers. The program listings (if any) may be entered, stored and executed in a computer system, but they may not be reproduced for publication. This edition can be exported from India only by the publishers, McGraw Hill Education (India) Private Limited, ISBN 13; 978-1-25-902988-2 ISBN 10; 1-25-902988-3 Vice President and Managing Director: Ajay Shukla Head—Higher Education (Publishing and Marketing); Vibha Mahajan Publishing Manager (SEM & Tech. E4,): Shalini Jha Asst. Sponsoring Editor: Smruti Snigdha Editorial Researcher: Sourabh Maheshwari Manager—Production Systems: Satinder S Baveja ‘Asst, Manager—Editorial Services: Sohini Mukherjee Sr. Production Manager: PL Pandita Asst, General Manager (Marketing)—Higher Education: Vijay Sarathi Sr. Product Specialist (SEM & Tech, Ed.): Tina Jajoriva St. Graphic Designer (Cover): Meenu Raghav General Manager—Production: Rajender P Ghansela Manager—Production: Reji Kumar Information contained in this work has been obtained by McGraw Hill Education (India), from sources believed to be reliable. However, neither McGraw Hill Education (India) nor its authors guarantee the accuracy or completeness of any information published herein, and neither MeGraw Hill Education (India) nor its authors shall be responsible for any errors, omissions, or damages arising out of use of this information. This work is published with the understanding that McGraw Hill Education (India) and its authors are supplying informa- tion but are not attempting to render engineering or other professional services. If such services are required, the assistance of an appropriate professional should be sought. Typeset at The Composers, 260, C.A. Apt., Paschim Vihar, New Delhi 110 063, and printed at SDR Printers, A-28, West Jyoti Nagar, Loni Road, Shadara, Delhi 110 094 Cover: SDR RYZCRRLORQLLDPreface CONTENTS Important Terms and Abbreviations 1. _ Introduction to the Concepts of Security Ll 12 13 14 1s Introduction 1 ‘The Need for Security 2 Security Approaches 6 Principles of Security 8 Types of Attacks 12 Summary 27 Key Terms and Concepts 28 Practice Set 29 2. Cryptography Techniques 2d 22 23 24 25 26 27 28 29 Introduction 32 Plain Text and Cipher Text 33 Substitution Techniques 36 ‘Transposition Techniques 47 Encryption and Decryption 5/ Symmetric and Asymmetric Key Cryptography 53 Steganography 64 Key Range and Key Size 65 Possible Types of Attacks 68 Case Study: Denial of Service (DOS) Attacks 72 Summary 74 Key Terms and Concepts 75 Practice Set. 76 3. Computer-based Symmetric Key Cryptographic Algorithms 3A 32 33 34 Introduction 80 Algorithm Types and Modes 80 An Overview of Symmetric-Key Cryptography 92 Data Encryption Standard (DES) 94 xii 32 80wi Contents 3.5. International Data Encryption Algorithm (IDEA) 08 3.6 RC4 116 3.7 RCS 18 3.8 Blowfish 127 3.9 Advanced Eneryption Standard (AES) 130 Case Study: Secure Multiparty Calculation 47 Summary 142 Key Terms and Concepts 144 Practice Set 145 Computer-based Asymmetric-Key Cryptography Algorithms 4.1 Introduction /48 4.2 Brief History of Asymmetric-Key Cryptography 148 4.3 An Overview of Asymmetric-Key Cryptography 149 44 The RSAAlgorithm /5/ 4.5. ElGamal Cryptography 157 4.6 Symmetric and Asymmetric 4.7 Digital Signatures 162 48 Knapsack Algorithm 193 4.9 ElGamal Digital Signature 194 4.10. Attacks on Digital Signatures 194 4.11 Problems with the Public-Key Exchange 195 Case Study I: Virtwal Elections 197 Case Study 2: Contract e198 Summary 199 Key Terms and Concepts 200 Practice Set 200 Public Key Infrastructure (PKI) 5.1 Introduetion 204 5.2 Digital Certificates 205 5.3 Private-Key Management 234 5.4 The PKIX Model 236 5.5 Public Key Cryptography Standards (PKCS) 238 5.6 XML,PKI and Security 244 Case Study: Cross Site Scripting Vulnerability (CSV) 256 Summary 258 Key Terms and Concepts. 259 Practice Set 260 Key Cryptography 158 Internet-Security Protocols 6.1 Introduction 263 6.2 Basic Concepts 263 6.3 Secure Socket Layer (SSL) 271 6.4 Transport Layer Security (TLS) 282 6.5 Secure Hyper Text Transfer Protocol (SHTTP) 282 6.6 Secure Electronic Transaction (SET) 283 148 204 263Contents 6.7 SSL Versus SET 295 6.8 3-D Secure Protocol 296 6.9 Email Security 299 6.10 Wireless Application Protocol (WAP) Security 319 6.11 Security inGSM 322 6.12 Security in3G 324 6.13 IEEE 802.11 Security 327 6.14 Link Security Versus Network Security 337 Case Study I: Secure Inter-branch Payment Transactions 337 Case Study 2: Cookies and Privacy 335 Summary 336 Key Terms and Concepts 338 Practice Set 339 User-Authentication Mechanisms 7.1 Introduction 342 7.2. Authentication Basies 342 7.3. Passwords 343 74 Authentication Tokens 356 7.5 Certificate-based Authentication 366 7.6 Biometric Authentication 372 7.1 Kerberos 374 78 Key Distribution Center(KDC) 380 7.9. Security Handshake Pitfalls 387 7.10 Single Sign On (SSO) Approaches 390 7.11 Attacks on Authentication Schemes 391 Case Study: Single Sign On (SSO) 392 Summary 395 Key Terms and Concepts. 396 Practice Set 397 Practical Implementations of Cryptography/Security 8.1 Introduction 400 8.2 Cryptographic Solutions using Java 40/ 8.3 Cryptographic Solutions Using Microsoft NET Framework 408 84 Cryptographic Toolkits 4/0 8.5 Web Services Sec 8.6 Cloud Security Summary 414 Key Terms and Concepts 415 Practice Set 416 Network Security, Firewalls, and Virtual Private Networks (VPN) 9.1 Introduction 4/8 9.2. Brief Introduction to TCPAP 4/8 9.3. Firewalls 423 9.4 IP Security 440 vi 342 400 418vil Contents 9.5 Virtual Private Networks (VPN) 458 96 Case Stu Intrusion 461 1:TP Spoofing Attacks 464 Case Study 2: Creating a VPN 466 Summary 467 Key Terms and Concepts 468 Practice Set 469 Appendices A, Mathematical Background B. Number Systems C._ Information Theory D. Reallife Tools FE. Web Resources F. A Brief Introduction to ASN, BER, DER References Index 472 481 486 488 489 492 472 497 499PREFACE This book has already been used by thousands of students, teachers, and IT professionals in its past edition. There is no change in the intended audience for this book. It is aimed at the same audience in the given order. The book can be used for any graduate/postgraduate course involving computer security/eryptography as a subject. It aims to explain the key concepts in cryptography to anyone who has basic understanding in computer science and networking concepts. No other assumptions are made. The new edition is updated to cover certain topics in the syllabi which were found to be covered inadequately in the earlier editions Computer and network security is one of the most crucial areas today. With so many attacks happening on all kinds of computer systems and networks, it is imperative that the subject be understood by stu- dents who are going to be the IT professionals of the future. Consequently, topics such as Cloud secu- rity, and Web services security have been added to this edition. The main focus of the book is to explain every topic in a very lucid fashion with plenty of diagrams. All (echnical terms are explained in detail Ml SALIENT FEATURES ‘© Uses a bottom-up approach: Cryptography —> Network Security —» Case Studies © Inclusion of new topics: IEEE 802.1/Security, Elgamal Cryptography, Cloud Security and Web Services Security © Improved treatment of Ciphers, Digital Signatures, SHA-3 Algorithm ‘© Practical orientation of the subject to help students for real-life implementation of the subject through integrated case studies © Refreshed pedagogy includes m 150 Design/Programming Exercises m 160 Exercises m= 170 Multipl @ 530 Illustrations m 10 Case Studies joice Questionsx Preface CHAPTER ORGANIZATION Mf The organization of the book is as follows Chapter 1 introduces the basic concepts of security. It discusses the need for security, the principles of security and the various types of attacks on computer systems and networks. We discuss both the theoretical concepts behind all these aspects, as well as the practical issues and examples of each one of them. This will cement our understanding of security. Without understanding why security is required, and what is under threat, there is no point in trying to understand how to make computer systems and networks secure. A new section on wireless network attacks has been included. Some obsolete material on cookies and ActiveX controls has been deleted. Chapter 2 introduces the concept of cryptography, the fundamental building block of computer security. Cryptography is achieved by using various algorithms. All these algorithms are based on either substitution of plain text with some cipher text, or by using certain transposition techniques, or a combination of both. The chapter then introduces the important terms of encryption and decryp\ Playfair cipher and Hill cipher are covered in detail. The Diffie-Hellman Key Exchange coverage is expanded, and types of attacks are covered in detail Chapter 3 discusses the various issues involved in computer-based symmetric-key eryptography. We discuss stream and block cipher and the various chaining modes. We also discuss the chief symmetric- key cryptographic algorithms in great detail, such as DES, IDEA, RCS and Blowfish. The Feistel cipher is covered in detail. Discussions related to the security of DES and attacks on the algorithm are expanded. Similarly, the security issues pertaining to AES are also cove Chapter 4 examines the concepts, issues and trends in asymmetric-key eryptography. We go through the history of asymmetric-key cryptography. Later, we discuss the major asymmettic-key cryptograph- ic algorithms, such as RSA, MDS, SHA, and HMAC. We introduce several key terms, such as message digests and digital signatures in this chapter. We also study how best we can combine symmetric- key cryptography with asymmetric-key cryptography. Security issues pertaining to RSA algorithm are included. The ElGamal Cryptography and ElGamal Digital Signature schemes are covered. SHA-3 algorithm is introduced. Issues pertaining to RSA digital signature are covered. Chapter 5 talks about the upcoming popular technology of Public Key Infrastructure (PKI). Here, we discuss what we mean by digital certificates, how they can be created, distributed, maintained and used We discuss the role of Certification Authorities (CA) and Registration Authorities (RA). We also intro- duce the Public Key Cryptography Standards (PKCS). Some obsolete topics such as roaming digital certificates and attribute certificates are removed. Chapter 6 deals with the important security protocols for the Internet. These protocols include SSL, SHTTP, TSP, SET and 3D-Secure. We also discuss how electronic money works, what are the dangers involved therein and how best we can make use of it. An extensive coverage of email security is provided with a detailed discussion of the key email security protocols, such as PGP, PEM and S/MIME. We also discuss wireless security here, The obsolete SET protocol is reduced. Discussion on 3-D Secure is expanded, Electronic money is completely removed. DomainKeys Identified Mail (DKIM) is covered. Security in IEEE 802.11 (WiFi) is discussed in detail Chapter 7 tells us how to authenticate a user. There are various ways to do this. The chapter examines each one of them in significantly great detail and addresses their pros and cons. We discuss password-Preface ai based authentication, authentication based on something derived from the password, authentication tokens, certificate-based authentication, and biomettics, We also study the popular Kerberos protocol. Discussion of biometric techniques is expanded. Attacks on authentication schemes are covered. Chapter 8 deals with the practical issues involved in cryptography. Currently, the three main ways to achieve this is to use the cryptographic mechanisms provided by Sun (in the Java programming lan- guage), Microsoft, and third-party toolkits. We discuss each of these approaches. Operating systems security and database security are removed, Web services security and cloud security are added. Chapter 9 is concemed with network-layer security. Here, we examine firewalls, their types and configurations. Then we go on to IP security, and conclude our discussion with Virtual Private Networks (VPN). Each chapter has an introduction that explains the scope of coverage and a chapter summary at the end, There are multiple-choice and detailed questions to verify the student's understanding. Several case studies are included at appropriate places to give a practical flavor to the subject. Every difficult concept is explained using a diagram. Unnecessary mathematics is avoided wherever possible. M@ ONLINE LEARNING CENTER Mf The OLC for this book can be accessed at hitps:/iwww.mhhe.com/kahate/ens3 and contains the following material: © For the Student Additional programming exercises of varying levels of difficulty m= Cryptography Demos with DES and AES Demo Applets m Web References (Updated with latest links) m Real-Life Case Studies © For the Instructor m= Solutions to exercises (Updated with the new programming exercises solutions) m Sample Question Papers m List of Additional Material added to the text m Web References (Interesting Links) M@ ACKNOWLEDGEMENTS I would like to thank all my family members, colleagues, and friends for their help. Hundreds of stu- dents and professors have appreciated the previous editions of the book, which makes the efforts of coming up with a new edition very enjoyable, More specifically, I would like to thank my ex-students Swapnil Panditrao and Pranav Sorte, who have helped me with the third edition. Mr Nikhil Bhalla pointed out a few errors in the earlier edition, which now stand corrected. A sincere note of appreciation is due to all TMH members—Shalini Jha, Smruti Snigdha, Sourabh Maheshwari, Satinder Singh, Sohini Mukherjee and P L Pandita who helped me during various stages of the publication process.sii Preface I would also like to thank all those reviewers who took out time to review the book and gave useful comments. Their names are given as follows Vrutika Shah LEADS Institute of Technology and Engineering, Ahmedabad, Gujarat ‘Metul Patel Shree Swami Atmanandan College of Engineering, Ahmedabad, Gujarat Amitab Nag Academy of Technology, Kolkata Subhajit Chatterjee Calcutta Institute of Engineering and Management, Kolkata Garimella Rama Murthy International Institute of Information Technology (IIIT), Hyderabad Feedback Readers are welcome to send any feedback/comments on my Website wwwatulkahate.com (in the Testimonials section) or via email at [email protected]. Atul Kahate Publisher's Note Do you have any further request or a suggestion? We are always open to new ideas (the best ones come from you!). You may send your comments to [email protected] Piracy-related issues may also be reported!factor authentication 2-factor authentication 3-D Secure Active attack Algorithm mode Algorithm type Application gateway Asymmetric Key Cryptography Authentication Authentication token Authority Revocation List (ARL) Avalanche effect Availability IMPORTANT TERMS AND ABBREVIATIONS Authentication mechanism, which involves the party to be authenticated concerned with only one factor (e.g. know something). Authentication mechanism, which involves the party to be authenticated concerned with two factors (e.g. know something and have something). Payment mechanism developed by Visa for Web-based transactions. Form of attack on security where the attacker makes attempts to change the contents of the message. Defines the details of a cryptographic algorithm. Defines how much plain text should be encrypted! decrypted at a time, ‘Type of firewall that filters packets at the application layer of TCP/IP stack. Same as Bastion host or Proxy server Cryptographic technique where a key pair is used for encryption and decryption operations. Principle of security, which identifies a user or a compuetr system, so that it can be trusted. Small piece of hardware used in 2-factor authentication mechanisms. List of revoked Certification Authorities (CA). The principle that determines minor changes to plaintext result into what sort of changes to the resulting ciphertext in an encryption algorithm, Principle of security, which ensures that a resource computer system is available to the authorized users.iv Important Terms ond Abbreviations Bastion host Behaviour-blocking software Behavioural techniques Bell-LaPadula model Biometric authentication Block cipher Bucket brigade attack Book Cipher Brute-force attack Caesar Cipher Cardholder Certificate directory Certificate Management Protocol (CMP) ) Certificate Revocation List Certificate Signing Request (CSR) Certificate-based authentication Certification Authority (CA) ‘Type of firewall that filters packets at the application layer of TCP/IP stack. Same as Application gateway or Proxy server. Software that integrates with the operating system of the computer and keeps a watch on virus-like behavior in real time. Biometric authentication techniques that depend on the behavioural characteristics of a human being, A highly trustworthy computer system is designed as a collection of objects and subjects. Objects are passive repositories or destinations for data, such as files, disks, printers, etc. Subjects are active entities, such as users, processes, of threads operating on behalf of those users, Authentication mechanism that depends on the biological characteristics of a user. Encrypts/decrypts a group of characters at a time. ‘A form of attack in which the attacker intercepts the communication between two parties, and fools them to believe that they are communicating with each othe s they actually communicate with the attacker, Same as man-in-the-middle attack. where: Cryptographic technique involving the key selected randomly from a page in a book. Form of attack wherein the attacker tries all possible combinations of the key one after the other in quick succession. Cryptographic technique wherein each plain text character is replaced with an alphabet three places down the line. Customer, who shops online on the Web, and makes payments for the same using a credit/debit card. Pre-specified area containing the list of digital certificates. Protocol used in the requesting of a digital certificate. List of revoked digital certificates. It is an offline certifi- cate checking mechanism, Format used by a user to request for a digital certificate from a CARA. Authentication mechanism wherein the user needs to produce her digital certificate, and also has to provide a proof of possessing that certificate. Authority that can issue digital certificates to users after proper authentication checks.Certification Authority hierarchy Chain of trust Chaining mode Challenge/response token Chosen cipher text attack Chosen-message attack Chosen plain text attack Chosen text attack Cipher Block Chaining (Cl Cipher Feedback (CFB) Cipher text Cipher text only attack Cireuit gateway Clear text Collision Completeness effect Confidentiality Confusion Counter (mode) Important Terms and Abbreviations xy Hierarchy that allows multiple CAs to operate, theyeby taking load off single CA. Mechanism whereby a trust is established from the current CA up to the root CA. Technique of adding complexity to the cipher text, making it harder to crack Type of authentication token. ‘Type of attack where the attacker knows the cipher text to be decrypted, the encryption algorithm that was used to produce this cipher text, and the corresponding plain text block. The attacker's job is to discover the key used for encryption. Atrick where the attacker makes the user believe that she signed a message using RSA, which she did not. Here, the attacker selects a plain text block, and tries to look for the encryption of the same in the cipher text. Here, the attacker is able to choose the messages to encrypt. Based on this, the attacker intentionally picks patterns of cipher text that result in obtaining more information about the key. This is essentially a combination of chosen plain text attack and chosen cipher text attack Mechanism of chaining. Mechanism of chaining. Result of encryption on a plain text message. In this type of attack, the attacker does not have any clue about the plain text. She/he has some or all of the cipher text. Form of application gateway, which creates a connection between itself and the remote host/server. Message in an understandable/readable form, same as Plain text. If two messages yield the same message digest, there is a collision, A principle that demands that every ciphertext bit should depend on more than one plaintext bits. Principle of security, which ensures that only the sender and the recipient of a message come to know about the contents of that message. Performing substitution during encryption. In this algorithm mode, a counter and plain text block are encrypted together, after which the counter is incremented.xvi Inportant arms and Abbreviations Cross-certification Cryptanalysis Cryptanalyst Cryptographic toolkit Cryptography Cryptology Cycling attack Data Encryption Standard (DES) Decryption Demilitarized Zone (DMZ) Denial Of Ser e (DOS) attack Dictionary attack Differential cryptanalysis Diffusion Digital cash Digital certificate Digital envelope Digital Signature Algorithm (DSA) Digital Signature Standard (DSS) DNS spoofing Technology wherein CAs from different domains/loca- tions sign each other’s certificates, for ease of operation. Process of analyzing cipher text. Person who performs cryptanalysis Software that provides cryptographic algorithms/opera- tions for use in applications. Art of codifying messages, so that they become unread- able. Combination of cryptography and cryptanalysis. An attack where the attacker believes that plain text was converted into cipher text using some permutation, which the attacker tries on the cipher text to obtain the original plain text, IBM's popular algorithm for symmetric key encryption, uses 56-bit keys, not used widely of late. Process of transforming cipher text back into plain text- opposite of Encryption. ‘wall configuration that allows an organization to securely host its public servers and also protect its internal network at the same time, An attempt by an attacker to disallow authorized users from accessing a resource/computer system. Attack wherein the attacker tries all the possible words from the dictionary (c.g. as a password). Method of cryptanalysis that looks at pairs of cipher text whose plain texts have particular differences. Performing transposition during encryption. Computer file representing the equivalent of real cash. Bank debits the user's real bank account and issues digital cash, instead, Same as electronic cash, Computer file similar to a paper-based passport, links a user to a particular public key, and also provides other information about the user. Technique wherein the original message is encrypted with ion key, which itself is encrypted with the intended recipient’s public key. Asymmetric key algorithm for performing digital signa- tures. a one-time ses Standard specifing how digital signature should be done, See Pharming.DomainKeys Identified Mail (DKIM) Double DES ‘Dual signature Dynamic packet filter ElGamal Electronie Code Book (ECB) Electronic money Encryption Fabrication Factorization attack Feistel Cipher Firewall Hash Hill Cipher HMAC Homophonie Substitution Cipher Integrity Interception International Data Encryption Algorithm (IDEA) Important Terms and Abbrevictions xi An Internet email scheme where the user's email system digitally signs an email message to confirm that it origi- nated from there. Modified version of DES, involves 128-bit keys. Mechanism used in the Secure Electronic Transaction (SET) protocol whereby the payment details are hidden from the merchant, and the purchase details are hidden from the payment gateway. Type of packet filter, which keeps learning from the current status of the network. A set of schemes for encryption and digital signature. Mechanism of chaining. See Electronic cash. Process of transforming plain text into cipher text- opposite of Decryption. False message created by an attacker to distort the atten- tion of the authorized users. Factorizing a number into its two prime factors is very difficult if the number is large. An attacker would still attempt it to break the security of the RSA algorithm, which is based on this principle. ‘A cryptographic technique that uses substitution and transposition alternatively to produce cipher text. Special type of router, which can perform security checks and allows rule-based filtering, Finger print of a message, same as Message digest. Identifies a message uniquely. Hill cipher works on multiple letters at the same time, Hence, it is a type of polygraphic substitution cipher, Similar to a message digest, HMAC also involves encryption. Technique of encryption in which one plain text character is replaced with one cipher text character, at a time. The cipher text character is not fixed. Principle of security, which specifies that the contents of a message must not be altered during its transmission from the sender to the receiver. Process of an attacker getting hold of a message in transit, before it reaches the intended recipient. ‘A symmetric key encryption algorithm, developed in 1990's.Iportat Terms and Abbreviations Internet Security Association and Key ‘Management Protocol (ISAKMP) Interruption TP Security (IPSec) Issuer Jamming attack Java Cryptography Archit Java Cryptography Extensions (JCE) Kerberos Key Key Distribution Center (KDC) Key-only attack Key wrapping Known plaintext attack Lightweight Directory Access Protocol (LDAP) Linear cryptanalysis Low decryption exponent attack Lucifer Man-in-the-middle attack Masquerade MDs Message Authentication Code (MAC) Protocol used in IPSec for key management. Also called as Oakley. Attacker creating a situation where the availability of a system is in danger. Same as Masquerade Protocol to encrypt messages at the network layer. Bank/financial institution that facilitates a cardholder to make credit card payments on the Internet. A Denial-of-Service attack on wireless networks that introduces unnecessary wireless frames. Java's cryptography mechanism, in the form of APIS. Java's cryptography mechanism, in the form of APIS. Single Sign On (SSO) mechanism, that allows a user to have a single user id and password to access multiple resources/systems ‘The secret information in a cryptographic operation A central authority dealing with keys for individual computers (nodes) in a computer network. Only using a genuine user's public key, the attacker attempts an attack. See Digital envelope. In this case, the attacker knows about some pairs of plain text and corresponding cipher text for those pairs. Using this information, the attacker tries to find other pairs, and therefore, know more and more of the plain text. Protocol that allows easy storage and retrieval of informa- tion at/from a central place, An attack based on linear approximations, If the decryption key value used in RSA is very small, the attacker can guess it better. ‘One symmetric key encryption algorithm, A form of attack in which the attacker intercepts the com- munication between two parties, and fools them to believe that they are communicating with each other, whereas they actually communicate with the attacker. Same as bucket brigade attack. Attacker creating a situation where the availability of a system is in danger. Same as Interruption. Message digest algorithm, now seems vulnerable to attacks, See HMAC.Message digest Microsoft Cryptography Application Programming Interface (MS-CAPI) Modification Mono-alphabetic Cipher Multi-factor authentication Mutual authentication Network level attack ‘Non-repudiation One-Time Pad One-time password One-way authentication Online Certificate Status (ocsP) Output Feedback (OFB) Packet filter Passive attack Password Password policy Person-in-the-middle attack Pharming Phishing Protocol Important Terms and Abbrevctions xix Finger print of a message, same as Hash, Identifies a message uniquely. Microsoft’s eryptography mechanism, in the form of APIS. Attack on a message where its contents are changed. ‘Technique of encryption in which one plain text character is replaced with one cipher text character, at a time, Authentication mechanism, which involves the party to be authenticated concemed with multiple factors (e.g. know something, be something and have something). In mutual authentication, A and B both authenticate each other. Security attacks attempted at the network/hardware level. Provision whereby the sender of a message cannot refuse having sent it, later on, in the case of a dispute. Considered very secure, this method involves the usage of a key, which is used only once and then discarded forever. Technology that authenticates user based on passwords that are generated dynamically, used once, and thet destroyed. In this scheme, if there are two users A and B, B authenti- cates A, but A does not authenticate B. Online protocol to check the status of a digital certificate ‘Mode of chaining. Firewall that filters individual packets based on rules. Works at the network layer. Form of attack on security where the attacker does not make an attempt to change the contents of the message. Authentication mechanism that requires a user to enter a secret piece of information (ie. the password) when challenged. Statement outlining the structure, rules and mechanisms of passwords, in an organization ‘A form of wireless attack, where the attacker plays a role that is quite different from the real identity of the attacker. Modifying the Domain Name System (DNS) so as to direct genuine URLs to false IP addresses of attackers. Technique used by attackers to fool innocent users into providing confidential/personal information.xx___InportantTarms and Abbreviations Physiological techniques Plain text Playfair Cipher Polygram Substitution Cipher Pretty Good Privacy (PGP) Privacy Enhanced Mail (PEM) Proof Of Possession (POP) Proxy server Pseudocollision Psuedo-random number Public Key Cryptography Standards (PKCS) Public Key Infrastructure (PKI) Public Key Infrastructure X.509 (PKIX) Rail Fence Technique RCS Reference monitor Registration Authority (RA) Replay attack Revealed decryption exponent attack Roaming certificate Biometric authentication techniques that depends on the physical characteristics of a human being. Message in an understandable/readable form, same as Clear text. A cryptographic technique that is used for manual encryp- tion of data. This scheme was invented by Charles Wheat- stone in 1854 Technique of encryption where one block of plain text is replaced with another, at a time. Protocol for secure email communications, developed by Phil Zimmerman. Protocol for secure email communications, developed by Internet Architecture Board (IAB). Establishing the proof that a user possesses the private key corresponding to the public key, as specified in the user’s digital certificate. ‘Type of firewall that filters packets at the application layer of TCP/IP stack. Same as Application gateway or Bastion host. Specific case of collision in the MDS algorithm. Random number generated using computers. Standards developed by RSA Security Inc for the Public Key Infrastructure (PKI) technology. Technology for implementing ansymmetric key cryptog- raphy, with the help of message digests, digital signatures, encryption and digital certificates. Model to implement PKI. Example of transposition technique. ‘Symmetric key block encryption algorithm, involving variable length keys. Central entity, which is responsible for all the decisions related to access control of computer systems, Agency that takes some of the jobs of a Certification Authority (CA) on itself, and helps the CA in many ways. Attack on a system wherein the attacker gets hold of a message, and attempts to re-send it, hoping that the receiver does not detect this as a message sent twice. If the attacker can guess the decryption key in RSA, it is called with this name. Digital certificate, which can be cartied along as users move from one computer/location to another.RSA algorithm Running Key Cipher Secure Electronic Transaction (SET) Secure MIME (S/MIME) Secure Socket Layer (SSL) Self-signed certificate SHA Short message attack Simple Certificate Validation protocol (SCVP) Simple Columnar Transposition Technique Simple Columnar Transposition ‘Technique with multiple rounds Single Sign On (SSO) Stream cipher Substitution Cipher Symmetric Key Cryptography Time Stamping Authority (TSA) ‘Time Stamping Protocol (TSP) Important Terms and Abbrevictions xi Asymmetric key algorithm, widely used for encryption and digital signatures. Technique where some portion of text from a book is used as the key. Protocol developed jointly by MasterCard, Visa and many other companies for secure credit card payments on the Internet. Protocol that adds security to the basic Multipurpose Internet Mail Extensions (MIME) protocol. Protocol developed by Netscape Communications for secure exchange of information between a Web browser and a Web server over the Intemet. Digital certificate, wherein the subject name and the issuer name are the same, and is signed by the issuer (which is also the subject). Usually the case only with CA ce Message digest algorithm, now preferred as the standard algorithm of choice. With the assumption that the attacker knows some small part of the plain text, the attack involves comparing this, plain text with small blocks of cipher text to find relation ship between the two. Enhancement of the basic Online Certificate Status Protocol (OCSP). Allows checks other than only the status of the certificate, unlike OCSP. cates. Variation of the basic transposi Fence Technique. jon technique such as Rail Variation of Simple Columnar Transposition Technique Technology providing the users a single user id and password to access multiple systems/applications. Technique of encrypting one bit at a time. Cryptographic technique involving the replacement of plain text characters with other characters. Cryptographic technique where the same key is used for eneryption and decryption operations. Notary-like authority, which can vouch for the availabil- ity/creation of a digital document at a particular point of time, Protocol using which a Time Stamping Authority (TSP) vouces for the availability/creation of a digital document at a particular point of time.xii Important Trms and Abbreviations Time-based token ‘Traffic analysis, Transport Layer Security (TLS) ‘Transposition Cipher ‘Triple DES ‘Trojan horse ‘Trusted system Unconcealed message attack Vernam Cipher Virtual Private Network (VPN) Virus ‘Wireless Equivalent Privacy (WEP) WiFi Protected Access (WPA) Wireless Transport (WTLS) Worm WS-Security X.500 X.509 XML digital signatures Layer Security ‘Type of authentication token Mechanism whereby an attacker examines the packets moving across a network, and uses this information to Taunch an attack. Protocol similar to SSL. Cryptographic technique involving the r plain text characters in some other form. Modified version of DES, involves 128-bit or 168-bit keys. ‘Small program that does not attempt to delete anything on the user’s disk, but instead, replicates itself on the computer/networks. ‘Computer system that can be trusted to a certain extent in terms of implementing the designated security policy In some very rare cases, encrypting plain text gives cipher text that is the same as the original plain text, Since the plain text can thus not be hidden, it is called with this name, See One-time pad. Technology that makes use of the existing Internet as a private network, using cryptographic techniques. Small program that causes harm to a user's computer and performs destructive activities. ‘A weak algorithm that attempts to provide encryption- based security in a wireless network, A wireless secutity scheme that overcomes the drawbacks of WEP and provides for authentication, encryption, and message interity. Layer in WAP for facilitating secure communications between a client and a server. Small program, which does not damage a computer/ network, but consumes resources, slowing it down considerably. Set of standards for protecting Web Services. Standard name for the LDAP technology. Format for digital certificate contents and structure, ‘Technology that allows signing of specific portions of a messageINTRODUCTION TO THE CONCEPTS OF SECURITY @ 1.1 INTRODUCTION # This is a book on network and Internet security, As such, before we embark on our journey of under- standing the various concepts and technical issues related to security (i.e. trying to understand how to protect), itis essential to know what we are trying to protect. What are the various dangers when we use computers, computer networks, and the biggest network of them all, the Internet? What are the likely pitfalls? What can happen if we do not set up the right security policies, framework and technology implementations? This chapter attempts to provide answers to these basic questions. We start with a discussion of the basic question: Why is security required in the first place? People sometimes say that security is like statistics: what it reveals is trivial, what it conceals is vital! In other words, the right security infrastructure opens up just enough doors that are mandatory. It protects everything else. We discuss a few real-life incidents that should prove beyond doubt that security cannot simply be compromised. Especially these days, when serious business and other types of transactions are being conducted over the Internet to such a large extent, that inadequate or improper security mechanisms can bring the whole business down, or play havoc with people’s lives! We then discuss the key principles of security. These principles help us identify the various areas, which are crucial while determining the security threats and possible solutions to tackle them. Since electronic documents and messages are now becoming equivalent to the paper documents in terms of their legal validity and binding, we examine the various implications in this regard. This is followed by a discussion on the types of attacks, There are certain theoretical concepts ated with attacks, and there is a practical side to it as well. We shall discuss all these aspects. Finally, we discuss the outline and scope of the rest of the book. This will pave the way for further discussions of network and Internet security concepts.2 Cryptography and Network Security M@ 1.2 THE NEED FOR SECURITY 1.2.1 Basic Concepts Most previous computer applications had no, or at best, very little security. This continued for a number of years until the importance of data was truly realized. Until then, computer data was considered to be useful, but not something to be protected. When computer applications were developed to handle financial and personal data, the real need for security was felt like never before. People realized that data on computers is an extremely important aspect of modem life. Therefore, various areas in security began to gain prominence. Two typical examples of such security mechanisms were as follows: © Provide a user identification and password to every user, and use that information to authenticate auser. ‘© Encode information stored in the databases in some fashion, so that it is not visible to users who do not have the right permission. Organizations employed their own mechanisms in order to provide for these kinds of basic security mechanisms. As technology improved, the communication infrastructure became extremely mature, and newer applications began to be developed for various user demands and needs. Soon, people real- ized the basic security measures were not quite enough. Furthermore, the Internet took the world by storm. There were many examples of what could happen if there was insufficient security built in applications developed for the Internet. Figure 1.1 shows such an example of what can happen when you use your credit card for making purchases over the Internet. From the user’s computer, the user details such as user id, order details such as order id and item id, Customer Id: 78910 Onder 90 ert tem 198 — creditcard Ninbe: =al 1254887890 =a Issued By: Visa Valid Ti: Jan 2018 Server Database Fig. 141 Example of information traveling from a client oa server over the InternetIntroduction tothe Concepts of Security 3 and payment details such as credit-card information travel across the Internet to the server (je. to the merchant’s computer). The merchant’s server stores these details in its database. There are various security holes here. First of all, an intruder can capture the credit-card details as they travel from the client to the server. If we somehow protect this transit from an intruder’s attack, it still does not solve our problem. Once the merchant computer receives the credit-card details and validates them so as to process the order and later obtain payments, the merchant computer stores the credit-card details into its database. Now, an attacker can simply succeed in accessing this database, and therefore gain access to all the credit-card numbers stored therein! One Russian attacker (called ‘Maxim’) actu- ally managed to intrude into a merchant Internet site and obtained 300,000 credit-card numbers from its database. He then attempted extortion by demanding protection money ($100,000) from the merchant. The merchant refused to oblige. Following this, the attacker published about 25,000 of the credit-card numbers on the Internet! Some banks reissued all the eredit cards at a cost of $20 per card, and others forewarned their customers about unusual entries in their statements. Such attacks could obviously lead to great losses—both in terms of finance and goodwill. Generally, it takes $20 to replace a credit card. Therefore, if'a bank has to replace 3,00,000 such cards, the total cost of such an attack is about $6 million! How helpful would it have been, if the merchant in the example just discussed had employed proper security measures! Of course, this was just one example, Several such cases have been reported in the last few months, and the need for proper security is being felt increasingly with every such attack. In another example of security attack, in 1999, a Swedish hacker broke into Microsoft’s Hotmail Web site, and created a mirror site. This site allowed anyone to enter any Hotmail user’s email id, and read his/her emails! In 1999, two independent surveys were conducted to invite people's opinions about the losses that occur due to successful attacks on security. One survey pegged the losses figuring at an average of $256,296 per incident, and the other one’s average was $759,380 per incident. Next year, this figure rose to $972,857! 1.2.2. Modern Nature of Attacks If we attempt to demystify technology, we would realize that computer-based systems are not all that different from what happens in the real world. Changes in computer-based systems are mainly due to the speed at which things happen and the accuracy that we get, as compared to the traditional world. We can highlight a few salient features of the modern nature of attacks, as follows: 1, Automating Attacks The speed of computers make several attacks worthwhile for miscreants. For example, in the real world, let’s suppose someone manages to create a machine that can produce counterfeit coins. Would that bother authorities? It certainly would. However, producing so many coins on a mass scale may not be that much economical compared to the return on that investment! How many such coins would the attacker be able to get into the market so rapidly? But, the scenario is quite different with comput- ers. They are quite efficient and happy in doing routine, mundane, repetitive tasks. For example, they would excel in somehow stealing a very low amount (say half a dollar or 20 rupees) from a million bank accounts in a matter of a few minutes. This would give the attacker a half million dollars possibly without any major complaints! This is shown in Fig. 1.2.4 Cryptogrephy and Network Security Traditional attack: Produce coins using some machinery and bring them into circulation. a coos Modem attack: Steal half a dollar digitally from a million accounts in a few minutes. ee Fig. 12 The changing nature of attacks ue to automation eoce The morale of the story is: Humans dislike mundane and repetitive tasks. Automating them can cause financial destruction or a security nuisance quite rapidly. 2. Privacy Concerns Collecting information about people and later (mis)using it is turning out to be a huge problem these days. The so-called data mining applications gather, process, and tabulate all sorts of details about individuals. People can then illegally sell this information. For example, companies like Experian (formerly TRW), TransUnion, and Equifax maintain credit history of individuals in the USA. Similar trends are seen in the rest of the world. These companies have volumes of information about a majority of citizens of that country. These companies can collect, collate, polish, and format all sorts of informa tion to whosoever is ready to pay for that data! Examples of information that can come out of this are: which store the person buys more from, which restaurant he/she eats in, where he/she goes for vaca- tions frequently, and so on! Every company (e.g. shopkeepers, banks, airlines, insurers) are collecting and processing a mind-boggling amount of information about us, without us realizing when and how it is going to be used 3. Distance Does not Matter Thieves would earlier attack banks, because banks had money. Banks do not have money today! Mon- ey is in digital form inside computers, and moves around by using computer networks. Therefore, a modern thief would perhaps not like to wear a mask and attempt a robbery! Instead, itis far easier and cheaper to attempt an attack on the computer systems of the bank while sitting at home! It may be farIntroduction tothe Concepts of Security 5 Attacker Digital signal ‘Analog signal Digital signal ‘Analog signal AR ARIARAARARARYS Modem D000 Ss Bank Fig. 13 Attacks can now be launched from a distance more prudent for the attacker to break into the bank’s servers, or steal credit card/ATM information from the comforts of his/her home or place of work. This is illustrated in Fig. 1.3. In 1995, a Russian hacker broke into Citibank’s computers remotely, stealing $12 million. Although the attacker was traced, it was very difficult to get him extradited for the court case.B Cryptography and Network Security @ 1.3. SECURITY APPROACHES 1.3.1. Trusted Systems A trusted system is a computer system that can be trusted to a specified extent to enforce a speci- fied security policy: Trusted systems were initially of primary interest to the military. However, these days, they have spanned across various areas, most prominently in the banking and financial community, but the con- cept never caught on. Trusted systems often use the term reference monitor. This is an entity that is at the logical heart of the computer system. It is mainly responsible for all the decisions related to access controls. Naturally, following are the expectations from the reference monitor: (a) It should be tamper-proof, (b) It should always be invoked. (©) It should be small enough so that it can be tested independently. In their 1983 Orange Book (also called the Trusted Computer System Evaluation Criteria (TCSEC)), the National Security Agency (NSA) of the US Goverment defined a set of evaluation classes. These described the features and assurances that the user could expect from a trusted system, The highest levels of assurance were provided by significant efforts directed towards reduction of the size of the trusted computing base, or TCB. In this context, TCB was defined as a combination of hardware, software, and firmware responsible for enforcing the system’s security policy. The lower the TCB, the higher the assurance, However, this raises an inherent problem (quite similar to the decisions related to the designing of operating systems). If we make the TCB as small as possible, the surround- ing hardware, software, and firmware are likely to be quite big! The mathematical foundation for trusted systems was provided by two relatively independent yet in- terrelated works. In the year 1974, David Bell and Leonard LaPadula of MITRE devised a technique called the Bell-LaPadula model. In this model, a highly trustworthy computer system is designed as a collection of objects and subjects. Objects are passive repositories or destinations for data, such as files, disks, printers, ete. Subjects are active entities, such as users, processes, or threads operating on behalf of those users. Subjects cause information to flow among objects. Around the same time, Dorothy Denning at Purdue University was preparing for her doctorate. It dealt with lattice-based information flows in computer systems. A mathematical lattice is a partially ordered set, in which the relationship between any two vertices either dominates, is dominated by or neither. She devised # generalized notion of Jabels—similar to the full security markings on classified military documents. Examples of this are TOP SECRET Later, Bell and LaPadula integrated Denning’s theory into their MITRE technical report, which was titled Secure Computer System: Unified Exposition and Multics Interpretation. Here, labels attached to objects represented the sensitivity of data contained within the object. Interestingly, the Bell-LaPadula model talks only about confidentiality or secrecy of information. It does not talk about the problem of integrity of information.Introduction tothe Concepts of Security 7 1.3.2 Security Models ‘An organization can take several approaches to implement its security model, Let us summarize these approaches. 1, No Security In this simplest case, the approach could be a decision to implement no security at all. 2. Security through Obscurity In this model, a system is secure simply because nobody knows about its existence and contents. This approach cannot work for too long, as there are many ways an attacker can come to know about it. 3. Host Security In this scheme, the security for each host is enforced individually. This is a very safe approach, but the ‘trouble is that it cannot scale well. The complexity and diversity of modem sites/organizations makes the task even harder 4, Network Security Host security is tough to achieve as organizations grow and become more diverse. In this technique, the focus is to control network access to various hosts and their services, rather than individual host security. This is a very efficient and scalable model 1.3.3 Security-Management Practices Good security-management practices always talk of a security policy being in place. Putting a secu- rity policy in place is actually quite tough. A good security policy and its proper implementation go a Jong way in ensuring adequate security-management practices. A good security policy generally takes care of four key aspects, as follows. © Affordability How much money and effort does this security implementation cost? © Functionality What is the mechanism of providing security? © Culfural Issues Does the policy complement the people’s expectations, working style and beliefs? © Legality Does the policy meet the legal requirements? Once a security policy is in place, the following points should be ensured. (a) Explanation of the policy to all concerned. (b) Outline everybody's responsibilities. (©) Use simple language in all communications. (@) Accountability should be established. (e) Provide for exceptions and periodic reviewsBCryptogrephy and Network Security 1.4 PRINCIPLES OF SECURITY Mf Having discussed some of the attacks that have occurred in real life, let us now classify the principles related to security. This will help us understand the attacks better, and also help us in thinking about the possible solutions to tackle them. We shall take an example to understand these concepts. Let us assume that a person A wants to send a check worth $100 to another person B. Normally, what are the factors that A and B will think of, in such a case? A will write the check for $100, put it inside an envelope, and send it to B. ‘© A.ill like to ensure that no one except B gets the envelope, and even if someone else gets it, he she does not come to know about the details of the check. This is the principle of confidentiality. © Aand B will further like to make sure that no one can tamper with the contents of the check (such as its amount, date, signature, name of the payee, etc.). This is the principle of integrity. © B would like to be assured that the check has indeed come from A, and not from someone else pos- ing as A (as it could be a fake check in that case). This is the principle of authentication, ‘© What will happen tomorrow if B deposits the check in his/her account, the money is transferred from A’s account to B’s account, and then A refuses having written/sent the check? The court of law will use A’s signature to disallow A to refute this claim, and settle the dispute. This is the prin- ciple of non-repudiation, These are the four chief principles of security. There are two more: access control and availability, which are not related to a particular message, but are linked to the overall system as a whole. We shall discuss all these security principles in the next few sections. 1.4.1 Confidentiality The principle of confidentiality specifies that only the sender and the intended recipient(s) should be able to access the contents of a message. Confidentiality gets compromised if an unauthorized person is able to access a message. An example of compromising the confidentiality of a message is shown in Fig. 1.4. Here, the user of computer A sends a message to the user of computer B. (Actually, from here Fig. 1.4 Loss of confidentialityIntroduction tothe Concepts of Security 9 onwards, we shall use the term A to mean the user A, B to mean user B, etc., although we shall just show the computers of users A, B, etc.). Another user C gets access to this message, which is not desired, and therefore defeats the purpose of confidentiality. An example of this could be a confidential email message sent by A to B, which is accessed by C without the permission or knowledge of A and B. This type of attack is called interception. Interception causes loss of message confidentiality 1.4.2. Authentication Authentication mechanisms help establish proof of identities. The authentication process ensures that the origin of an electronic message or document is correctly identified. For instance, suppose that user C sends an electronic document over the Internet to user B. However, the trouble is that user C had posed as user A when he/she sent this document to user B. How would user B know that the message has come from user C, who is posing as user A? A real-life example of this could be the case of a user C, posing as user A, sending a funds transfer request (from A’s account to C’s account) to bank B. The bank might happily transfer the funds from A’s account to C’s account—after all, it would think that user A has requested for the funds transfer! This concept is shown in Fig. 1.5. This type of attack is called fabrication, Fig. 15 Absence of authentication Fabrication is possible in absence of proper authentication mechanisms. 1.4.3 Integrity ‘When the contents of a message are changed after the sender sends it, but before it reaches the intended recipient, we say that the integrity of the message is lost. For example, suppose you write a check for $100 to pay for goods bought from the US. However, when you see your next account statement, you are startled to see that the check resulted in a payment of $1000! This is the case for loss of message integrity. Conceptually, this is shown in Fig. 1.6. Here, user C tampers with a message originally sent by user A, which is actually destined for user B. User C somehow manages to access it, change its contents, and send the changed message to user B. User B has no way of knowing that the contents of10 Cryptography and Network Security deal route of the message SS > |! Transfer S00 See Actual route of he message oe c Fig. 1.6 Loss of integrity the message were changed after user A had sent it. User A also does not know about this change. This type of attack is called modification, Modification causes loss of message integrity. 1.4.4 Non-repudiation There are situations where a user sends a message, and later on refuses that she had sent that message For instance, user A could send a funds transfer request to bank B over the Internet. After the bank per- forms the funds transfer as per A’s instructions, A could claim that he/she never sent the funds transfer instruetion to the bank! Thus, A repudiates, or denies, his/her funds transfer instruction. The principle of non-repudiation defeats such possibilities of denying something after having done it. This is shown in Fig. 1.7. | never sent that message, which you claim to have A received 8 = => =} Fig. 1.7 Establishing nonepudiation Non-repudiation does not allow the sender of a message to refute the claim of not sending that message.Introduction tothe Concepts of Security 1.4.5 Access Control The principle of access control determines who should be able to access what. For instance, we should be able to specify that user A can view the records in a database, but cannot update them. However, user B might be allowed to make updates as well. An access-control mechanism can be set up to ensure this. Access control is broadly related to two areas: role management and rule management, Role manage- ment concentrates on the user side (which user can do what), whereas rule management focuses on the resources side (which resource is accessible, and under what circumstances). Based on the decisions taken here, an access-control matrix is prepared, which lists the users against a list of items they can access (e.g, it can say that user A can write to file X, but can only update files Y and Z). An Access Control List (ACL) is a subset of an access-control matrix. Access control specifies and controls who can access what. 1.4.6 Availability The principle of availability states that resources (i.e. information) should be available to authorized parties at all times. For example, due to the intentional actions of another unauthorized user C, an au- thorized user A may not be able to contact a server computer B, as shown in Fig. 1.8. This would defeat the principle of availability, Such an attack is called interruption, Fig. 1.8 Attack on availabilty Interruption puts the availability of resources in danger. We may be aware of the traditional OSI standard for Network Model (titled OSI Network Model 7498-1), which describes the seven layers of the networking technology (application, presentation, session, transport, network, data link, and physical). A very less known standard on similar lines is the OST standard for Security Model (titled OSI Security Model 7498-2). This also defines seven layers of security in the form of © Authentication © Access control12 Geyptography and Network Security ‘Non-repudiation . © Data integrity © Confidentiality © Assurance or availability © Notarization or signature We shall be touching upon most of these topics in this book. Having discussed the various principles of security, let us now discuss the various types of attacks that are possible, from a technical perspective. 1.4.7. Ethical and Legal Issues Many ethical issues (and legal issues) in computer security systems seem to be in the area of the indi- vidual’s right to privacy versus the greater good of a larger entity (e.g. a company, society, etc.) Some examples are tracking how employees use computers for crowd surveillance, managing customer pro- files, tracking a person’s travel with a passport, so as to spam their cell phone with text-message ad- vertisements), and so on. A key concept in resolving this issue is to find out a person’s expectation of privacy. Classically, the ethical issues in security systems are classified into the following four categories: Privacy This deals with the right of an individual to control personal information. Accuracy This talks about the responsibility for the authenticity, fidelity, and accuracy of informa- tion. Property Here, we find out the owner of the information. We also talk about who controls access. Accessibility This deals with the issue of what information does an organization have the right to collect? And in that situation, it also expects to know what the measures are, which will safeguard against any unforeseen eventualities. Privacy is the protection of personal or sensitive information. Individual privacy is the desire to be left alone as an extension of our personal space and may or may not be supported by local regulations or laws. Privacy is subjective. Different people have different ideas of what privaey is and how much privacy they will rade for safety or convenience. When dealing with legal issues, we need to remember that there is a hierarchy of regulatory bodies that govern the legality of information security. We can roughly classify them as follows. © International, ¢.g. International Cybercrime Treaty © Federal, e.g. FERPA, GLB, HIPAA, DMCA, Teach Act, Patriot Act, Sarbanes-Oxley Act, etc. © ‘State, e.g, UCITA, SB 1386, ete. © Organization, ¢.g. computer use policy ™@ 1.5 TYPES OF ATTACKS We shall classify atta view. ‘ks with respect to two views: the common person’s view and a technologist’sIntroduction tothe Concepts of Security 13 1.5.1 Attacks: A General View From a common person’s point of view, we can classify attacks into three categories, as shown in Fig. 19. ‘Type of attacks as understood by a common person Criminal attacks Publicity attacks Legal attacks Fig. 19 Classification of attacks as understood in general terms Let us now discuss these attacks. 1. Criminal Attacks Criminal attacks are the simplest to understand, Here, the sole aim of the attackers is to maximize fi- nancial gain by attacking computer systems, Table 1.1 lists some forms of criminal attacks. 2. Publicity Attacks Publicity attacks occur because the attackers want to see their names appear on television news chan- nels and newspapers. History suggests that these types of attackers are usually not hardcore criminals. They are people such as students in universities or employees in large organizations, who seek public- ity by adopting a novel approach of attacking computer systems. One form of publicity attacks is to damage (or deface) the Web pages of a site by attacking it, One of the most famous of such attacks occurred on the US Department of Justice’s Web site in 1996. The New York Times home page was also infamously defaced two years later 3. Legal Attacks This form of attack is quite novel and unique. Here, the attacker tries to make the judge or the jury doubtful about the security of a computer system. This works as follows. The attacker attacks the com- puter system, and the attacked party (say a bank or an organization) manages to take the attacker to the court, While the case is being fought, the attacker tries to convince the judge and the jury that there is inherent weakness in the computer system and that she has done nothing wrongful. The aim of the at- tacker is to exploit the weakness of the judge and the jury in technological matters. For example, an attacker may sue a bank for performing an online transaction, which he/she never wanted to perform. In court, the attacker could innocently say something like: The banks Web site asked me to enter a password and that is all that I provided: I do not know what happened thereafter. ‘A judge is unwittingly likely to sympathize with the attacker!Cryptography and Network Security Table 1.1 Types of eiminalatacks Peer Fraud ‘Modem fraud attacks concentrate on manipulating some aspects of electronic currency, credit cards, electronic stock certificates, checks, letters of credit, purchase orders, ATMs, ete Seams ‘Scams come in various forms, some of the most common ones being sale of services, auctions, multilevel marketing schemes, general merchandise, and business opportuni- ties, ete. People are enticed to send money in return of great returns, but end up losing their money. A very common example is the Nigeria scam, where an email from Nigeria (and other African countries) entices people to deposit money into a bank account with a promise of hefty gains. Whosoever gets caught in this scam loses money heavily. Destruction ‘Some sort of grudge is the motive behind such attacks. For example, unhappy employees, attack their own organization, whereas terrorists strike at much bigger levels. For ex= ample, in the year 2000, there was an attack against popular Internet sites such as Yahoo!, NN, eBay, Buy.com, Amazon.com, and e*Trade where authorized users of these sites failed to log in or access these sit Identity theft This is best understood with a quote from Bruce Schneier: Why steal from someone when _you can just become that person? In other words, an attacker does not steal anything from, a legitimate user—he/she becomes that legitimate user! For example, it is much easier to get the password of someone else’s bank account, or to actually be able to get a credit card on someone else’s name, Then that privilege can be misused until it gets detected. Intellectual property | Intellectual property theft ranges from stealing companies’ trade secrets, databases, theft digital music and videos, electronic documents and books, software, and so on. Brand theft Ttis quite easy to set up fake Web sites that look like real Web sites. How would a com- ‘mon user know if he/she is visiting the HDFC Bank site or an attacker’s site? Innocent users end up providing their secrets and personal details on these fake sites to the attack ers. The attackers use these details to then access the real site, causing an identity theft. 1.5.2. Attacks: A Technical Ww From a technical point of view, we can classify the types of attacks on computers and network sys- tems into two categories for better understanding: (a) Theoretical concepts behind these attacks, and (b) Practical approaches used by the attackers. Let us discuss these one by one I. Theoretical Concepts As we discussed earlier, the principles of security face threat from various attacks. These attacks are generally classified into four categories, as mentioned earlier, These are the following Interception It has been discussed in the context of confidentiality earlier. It means that an unau- thorized party has gained access to a resource. The party can be a person, program, or computer-based system. Examples of interception are copying of data or programs, and listening to network traffic. Fabrication Ithas been discussed in the context of authentication earlier. This involves the creation of illegal objects on a computer system, For example, the attacker may add fake records to a database.Introduction tothe Concepts of Security 1S Modification It has been discussed in the context of integrity earlier. Here, the attacker may modify the values in a database. Attacks Interruption It has been discussed in the context of availability earlier. Here, the re~ source becomes unavailable, lost, or unusable. Examples of interruption are causing problems Passive attacks Active attacks to a hardware device, erasing program, data, or operating-system components. Fig, 140 Types of attacks These attacks are further grouped into two types: passive attacks and active attacks, as shown in Fig. 1.10, Let us discuss these two types of attacks now. (a) Passive Attacks Passive attacks are those wherein the attacker indulges in eavesdropping or monitoring of data transmission. In other words, the attacker aims to obtain information that is in transit. The term passive indicates that the attacker does not attempt to perform any modifications to the data, In fuct, this is also why passive attacks are harder to detect, Thus, the general approach to deal with passive attacks is to think about prevention, rather than detection or corrective actions. Passive attacks do not involve any modifications to the contents of an original message. Figure 1.11 shows further classification of passive attacks into two sub-categories. These categories are, namely release of message contents and traffic analysis. Passive attacks (Interception) Release of message contents Traffic analysis Fig. 1.11 Passive attacks Release of message contents is quite simple to understand, When you send a confidential email mes- sage to your friend, you desire that only he/she be able to access it. Otherwise, the contents of the message are released against our wishes to someone else. Using certain security mechanisms, we can prevent the release of message contents. For example, we can encode messages using a code language, so that only the desired parties understand the contents of a message, because only they know the code language. However, if many such messages are passing through, a passive attacker could try to figure out similarities between them to come up with some sort of pattern that provides her some clues regard- ing the communication that is taking place. Such attempts of analyzing (encoded) messages to come up with likely patterns are the work of the traffic-analysis attack.18 Cryptography and Network Security (b) Active Attacks Unlike passive attacks, the active attacks are based on the modification of the original message in some manner, or in the creation of a false message. These attacks cannot be prevented easily. However, they can be detected with some effort, and attempts can be made to recover from them. These attacks can be in the form of interruption, modification and fabrication, In active attacks, the contents of the original message are modified in some way. ‘© Trying to pose as another entity involves masquerade attacks. ‘© Modification attacks can be classified further into replay attacks and alteration of messages. © Fabrication causes Denial Of Service (DOS) attacks. This classification is shown in Fig. 1.12. Active attacks Masquerade Modification Denial Of Service-DOS Replay attacks Alterations Fig. 112 Active attacks Masquerade is caused when an unauthorized entity pretends to be another entity. As we have seen, user CC might pose as user A and send a message to user B. User B might be led to believe that the message indeed came from user A. In masquerade attacks, an entity poses as another entity. In masquerade at- tacks, usually some other forms of active attacks are also embedded. As an instance, the attack may involve capturing the user’s authentication sequence (e.g. user ID and password). Later, those details can be replayed to gain illegal access to the computer system. Ina replay attack, a user captures a sequence of events, or some data units, and re-sends them. For instance, suppose user A wants to transfer some amount to user C’s bank account. Both users A and C have accounts with bank B. User A might send an electronic message to bank B, requesting for the funds transfer. User C could capture this message, and send a second copy of the same to bank B. Bank B would have no idea that this is an unauthorized message, and would treat this as a second, and dif: ferent, funds transfer request from user A. Therefore, user C would get the benefit of the funds transfer ‘twice: once authorized, once through a replay attackIntroduction tothe Concepts of Security 17 Alteration of messages involves some change to the original message. For instance, suppose user A sends an electronic message Transfer $1000 to D's account to bank B, User C might capture this, and change it to Transfer $10000 to C’s account. Note that both the beneficiary and the amount have been changed— instead, only one of these could have also caused alteration of the message. Denial Of Service (DOS) attacks make an attempt to prevent legitimate users from accessing some services, which they are eligible for. For instance, an unauthorized user might send too many login re- quests to a server using random user ids in quick succession, so as to flood the network and deny other legitimate users to use the network facilities. 1.5.3 The Practical Side of Attacks The attacks discussed earlier can come in a number of forms in real life. They can be classified into two broad categories: application-level attacks and network-level attacks, as shown in Fig. 1.13 ‘Security attacks in practice Application-lovel attacks Network-level attacks Fig. 113 Practical side ofatacks Let us discuss these now. 1, Application-level Attacks ‘These attacks happen at an application level in the sense that the attacker attempts to modify, Sa” i of a particular application, or the application itself. of this are trying to obtain someone’s mn the Internet, or changing the ofa ‘message to change the amount in a etc, 2. Network-level Attacks ‘These attacks generally aim at reducing the capabilities of a network by a number of passble means. ‘These attacks generally make an attempt to either or completely bring to halt, a computer network. Note that this automatically can lead to , because once someone is able to nae to a network, usually he/she is able t at least some sensitive infor-18 Cryptography and Network Security ‘These two types of attacks can be attempted by using various mechanisms, as discussed next. We will not classify these attacks into the above two categories, since they can span across application as well as network levels. Security attacks can happen at the application level or the network level. 1.5.4 Programs that Attack Let us now discuss a few programs that attack computer systems to cause some damage or to create confusion, 1, Virus One can launch an application-level attack or a using @ virus. In simple terms, a virus is a piece of program code that attaches itself to :, and runs when the le- gitimate program runs. It can then infect other programs in that computer, or programs that are in other mmputers but on the same network. This is shown in Fig. 1.14. In this example, after deleting all the £0) from the the virus sel propagates by sending its code o all users whose are stored in the current user’s address book. = eee ales nad xtoy ad xtoy Sader Ate rnb Berton Pintvoe {] | rego Perform Class ab Beran Viusob aL | Mra user's era Bart mecaece ™ Return (e)Orginl non code ——«4)Vrusnecadcode—_(0)Vius cove Fig. 1.14 Vitus "Viruses can also be triggered by specific events (e.g: a virus could automatically execute at 12/pam. every day). Usually viruses cause (0 computer and network systems to the extent that they can be repaired, assuming that the organization deploys good backup and recovery procedures. A virus is a computer program that attaches itself to another legitimate program, and causes damage to the computer system or to the network. During its lifetime, a virus goes through four phases: (a) Dormant Phase Here, the virus is ile It gets activated based on a certain detion or event (e.8. the user typing a certain'key or a certain date or time is reached, etc). This is an optional phase. (b) Propagation Phase In this phase, a virus copies itself, and each copy starts creating more copies of itself, thus propagating the virus. (c) Triggering Phase A dormant virus moves into this phase when the aetion/event for which it was waiting is initiated:Introduction tothe Concepts of Security 19 (d) Execution Phase This is the actual work of the virus, which could be harmless (display some message on the screen) or destructive (delete a file on the disk). ‘Viruses can be classified into the following categories: (a) Parasitic Virus This is the most common form of virus. Such a virus’attaches itself to execut- able files and keeps replicating, Whenever the infected file is executed, the virus looks for other execut- able files to attach itself and spread. (b) Memory-resident Virus This type of virus firstattaches itself to an area of the main memory and then infets every executable program that is executed. (c) Boot sector Virus This type of virus infects the F the disk and spreads on the disk when the operating system starts booting the (d) Stealth Virus This virus has intelligence built in, which prevents anti-virus software programs: from detecting it. (e) Polymorphic Virus A virus that keeps changing its signature (.. identity) on every executions making it very difficult to detect, (© Metamorphic Virus _ In addition to changing its signature like a polymorphic virus, this type of virus keeps rewriting itself every time, making its excel There is another popular category of viruses, called the mAera Virus, This virus affects specific appli- cation software, such as Microsoft Word or Microsoft Excel, They affect the documents created by us- ers, and spread quite easily since such documents are very commonly exchanged over email. There is a feature called macro in these application-software programs, which allows users to write small, useful, utility programs within the documents. Viruses attack these macros, and hence the name macro virus. 2. Worm Similar in concept to a virus, a worm is actually ‘A virus modifies a pro- ‘gram (i. itattaches itself to the program under attack). A. jowever, does not modify a program. Instead, and again. This is shown in Fig. 1.15. The replication grows so much that ultimately the computer or the network on which the worm resides, becomes very slOW, ultimately coming to a halt; Thus, the basie purpose of a worm attack is different from that of a Aworm attack attempts to make the computer or the network under attack unusable by eating all its resources. A worm does not perform any destructive actions, and instead, only consumes system resources to bring it down, 3. Trojan Horse A Trojan horse is a hidden piece of code, like a virus. However, the purpose of a Trojan horse is differ- ent, Whereas the main purpose of a virus is to make some sort of modifications to the target computer or network, a Trojan horse attempts to The name (Trojan horse) comes from the epic poem iad. The story says that Greek soldiers hid inside a large hollow horse, which was pulled into the city of Troy by its citizens, unaware of its contents. Once the Greek soldiers entered the city of Troy, they opened the gates for the rest of the Greek soldiers.20 Gryptagrophy and Network Security Replicate itself Perform resource-eating tasks, but no destruc Worm code 8 S Perform resource-eating tasks, but no destruction Replicate itself Perform resource-cating tasks, but no destruction Perform resource-eating tasks, but no destruction Perform resource-eating tasks, but no destruction | Perform resource-eating tasks, but no destruction sy Perform resource-eating tasks, but no destruction Fig. 1.45 Warm Ina similar fashion, a Trojan horse could silently sit in the code for a Login screen by attaching itself to this This is shown in Fig. 1.16. When the user enters the userid and password, the Trojan horse could capture these details, to the attacker without the knowledge of the user who had entered the id and password. The attacker can then merrily misuse the user id and password to gaitt access to the s} Login program User i: 10% User peers LN Login code : : Trojan horse = Login code User le: x Password. yyy Attacker Fig. 1.16 Tojanhorse and ystem,Introduction tothe Concepts of Security 21 A Trojan horse allows an attacker to obtain some confidential information about a computer or a network 1.5.5 Dealing with Viruses Preventing viruses is the best option. However, in today’s world, itis almost impossible to achieve cent per cent security given that the world is connected to the Intemet all the time. We have to accept that viruses will attack, and we would need to find ways to deal with them, Hence, we can attempt to detect, ‘identify, and remove viruses. This is shown in Fig. 1.17. Detection Identify the virus. [ese Removal] mp { Remove all traces, estore order. | ¥ indenttcation | a Fig. 1.17 Virurolimination stops Detection of viruses involves locating the Virus, having known that a virus has attacked. Then we need to identify the specific virus that has attacked. Finally, we need to Femove it. For this, we need to remove all traces of the virus and restore the affected programs/files to their original states. This is done by anti-virus software, Anti-virus software is classified into four generations, as depicted in Fig, 1.18. 1® Generation 2" Generation "S Generation Y 4 Generation | Mp | Full-featured protection Fig. 118 Generations of Anti-virus software22 Cryptogrephy and Network Security Let us summarize the key characteristics of the four generations of antivirus software, 1, First Generation ‘These anti-virus software programs were called simple seanners. They needed a virus signature to identify a virus. A variation of such programs kept a watch on the length of programs and looked for changes so as to possibly identify a virus attack, 2. Second Generation ‘These anti-virus software programs did not rely on simple virus signatures. Rather, they used fieuristié Tales to look for possible virus attacks. The idea was to look for code blocks that were commonly as- sociated with sires For Eeampl such a could look for an encryption key used by a virus, and s, and lc. Another variation of these anti-virus programs used to store some identification about the file (e.g. a message digest, which we shall study later) are also notorious for detecting changes in the contents of the file. 3. Third Generation These anti-virus software programs were memory resident. They watched for viruses based on actions, rather than their structure. Thus, itis not necessary to maintain a Instead the focus isto keep watch on a sinall numberof suspect ations. 4. Fourth Generation These (c.g. scanners, acti ity monitoring). They also contain , thus thwarting the attempts of viruses to infect files. There is a category of software called behavior-blocking software, which integrates with the operat- ing system of the computer and keeps a watch on virus-like behavior in real time, Whenever action is detected, this software blocks it, preventing damages. The actions under watch can be Opening, viewing, modifying, deleting files Network communications . . ‘© Modification of settings such as start-up scripts © Attempts to format disks © Modification of executable files . Scripting of email and instant messaging to send executable content to others ‘The Main advantage of such software programs is that they are more into virus prevention than virus ‘detection. In other words, they stop viruses before they can do any damage, rather than detecting them after an attack.Introduction tothe Cancapts of Security 23 1.5.6 Speci Attacks 1. Sniffing and Spoofing On the Internet, computers exchange messages with each other in the form of small groups of data, called. racket, like a postal envelope contains the and the target these packets, as they travel from the computer to the computer over the Intemet. These attacks take two main forms: (a) Packet sniffing (also called snooping), and (b) Packet spoofing, Since the protocol used in this communication is called Internet Protocol (IP), other names for these two attacks are (a) IP sniffing, and (b) IP spoofing. The meaning remains the same. onan ‘An attacker (ie. sniff) they pass by. that i passing needs to be proteet- Let us discuss these two attacks. (a) Packet Sniffing Packet sniffing is a need but instead, can simpl Clearly, t the ed in some ways. This can be done at The at is traveling can be jin some ways, of (ii) The transmission link itself can be encoded. To t, the somehow needs to access it in the first place. The simplest way to do this is to a computer via which the traffic goes through. Usually, this is a router, However, routers are Therefore, an attacker might not be able to attack it, and instead, on the same path. (b) Packet Spoofing _ In this technique, an When this happens, the receiver (ie. the party who receives these packets containing false addresses) would inadvertently send replies back to this forged address (called spoofed address), and not to the attacker. This can lead to three possible cases: (i) If the attacker is between the and the the attacker can see the reply and use that information for {i The attacker need not see the reply Ifthe attacker's intention was a Denial Of Service (DOS) attack, the attacker need not bother about the reply. [ii] The attacker does not want the reply The could simply be angry with the so it may put that as the and send the to the The attacker a from the as it wants the host with the 8 10, ER and eet 2. Phishing Phishing has become a big problem in recent times. In 2004, the estimated jue to phishing were to the tune of according to Tower Group. Attackers set up , Which look like simple to do so, since creating Web pages involves relatively simple technologies such as , CSS (Cascading Style Sheets), etc. Learning and using these technologies is quite attacker's modus operandi works as follows. @ The decides to create his/her own , Which looks very identical to a . For example, the attacker can eye will not be able to distinguish between the The cloning (Citibank’s) and fake (attacker’s) site.24 Cryptography and Network Security © The attacker can use many techniques to attack the bank's customers. We illustrate the most com- ‘mon one below. ‘The attacker sends an email to the legitimate customers of the bank. The email itself appears to have ‘come from the bank, For ensuring this, the attacker exploits the email system to suggest that the sender of the email is some bank official (c.g. [email protected]). This il wams the user that there has been some sort of and that the ete. For this purpose, the is conceptually shown in Fig. 1.19. is asked to visit a ‘Subject: Verify your e-mail with Citibank This email was sent by the Citibank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM, ‘This is done for your protection since some of our members no longer have access to their email addresses and we must verity it ‘To verify your e-mail address and access your bank account, Click on the link below: hitlps:/web.da-us citibank. com/signi Fig. 119 Attacker sonds a forged email tothe innocent vietin customer) © When the (ie. the victim) is and enter: such as his/her Since the looks exactly like the Sema. the customer provides this ee ma gladly ac- cepts this information and displays a Thank you to the unsuspecting victim. In the meanwhile, the attacker now uses the ¥ietim’s password or PIN to access the bank’s real site and can perform any as if he/she is the vietim! specified in the email, he/she There, the customer is prompted to A real-life example of this kind of attack is reproduced below from the site http://www. fraudwatchin- temational.com. Figure 1.20 shows a fake email sent by an attacker to an authorized PayPal user.Introduction tothe Concapts of Security 25, Bae tee ee fle Edt View Insert Format Tools Actions Help Gener FeRenlytoal GOronad & yr xX @-e-4 OO. From: PayPal [admincepaypal.com] Sent: Thu 19/11/2003 10:27 AM ‘[email protected] Dear PayPal user, PayPal is constantly working to increase security for all of our users. To ensure the integrity of our payment network, we periodically review accounts. ‘Your account will be placed on restricted status. Restricted accounts continue to receive payments, but are limited in their ability to send or withdraw funds. To lif this restriction, you need to complete our credit card verification process. At least one credit card in your account has been unconfirmed. meaning that you may no longer send money with this or any other card until you have completed the credit card confirmation process. To intiate the credit card confirmation, please follow this link and fill all necessary fields: LHovwne pas m/cgi-biniwebscr?emd= Thank you, ‘The PayPal Account Review Department Fig. 1.20 Fake email from the attacker toa PayPal user ‘As we can see, the attacker is trying to fool the PayPal customer to verify his/her credit-card details. Quite clearly, the aim of the attacker is to access the credit-card information of the customer and then misuse it. Figure 1.21 shows the screen that appears when the user clicks on the URL specified in the fake email. Once the user provides these details, the attacker's job is easy! He/she simply uses these credit-card, details to make purchases on behalf of the cheated card holder! 3. Pharming (DNS Spoofing) Another attack, known earlier as DNS spoofing or DNS poisoning, is now called pharming attack. As ‘we know, using the Domain Name System (DNS), people can identify Web sites with human-readable names (such as WWwwW.yahoo.com), and computers can continue to treat them as IP addresses (such as |. For this, a special server computer called a DNS server maintains the between and the corresponding . The DNS server could bi anywhere, Usue ally, it is with the Intemet Service Provider (ISP) of the users. With this background, the DNS spoofing attack works as follows. © Suppose that there is a merchant (BOb) whose site’s ae is wwwbobicom, and the IP address is 100.10.10.20, Therefore, the DNS entry for Bob in all the DNS servers is maintained as follows:121 28 Cryptography and Network Security Omi - O- DR G|Pamd tram @un ©/A-& B- fi 8.799 mea JOe * one Slane | Login| Hele Random Account Verification Secure verfcaton ‘Your credi/debit card information along with your personal information wil be verified instanty ‘Al the data is protected by the industry standard SSL. encryption. Al information i requred and 'tept confsentaln accordance with Payal Pvasy Pl card tye: expiration dates mmiyyyy ey State/Province 2io/rostalcode: ou | Ascuss | Ees | Eiace | Stcute enter | Use aresmet | Davelooes | Refers | Sans Fako PayPal sito asking for usors crodit-card dtailsIntroduction tothe Concapts of Security 27 a, Tey) anon ‘manages to hack and teplace the IP address of Bob with her own (say DSN server maintained by the ISP of a user, say ‘Therefore, the DNS server nts by the ISP of Alice now has the following entry: Thus, the contents of the hypothetical DNS table maintained by the ISP would be changed, A hypotheti- cal portion of this table (before and after the attack) is shown in Fig 1.22 DNS Name IP Address DNS Name IP Address wwwamazon.com —161.20.10.16 | wwwamazon.com —_—_161.20.10.16 www.yahoo.com 121.41.67.89 | www.yahoo.com 121,41,67.89 ‘www. bob.com 7100,10.10.20] | [wwa.bob.com 7100,20.20.20 Before the atiack ‘After the aitack Fig. 1.22 E'foct af the ONS attack © When Alice wants to communicate with Bob’s site, her Web browser queries the DNS server main- tained by her ISP for Bob’s IP address, providing it the domain name (i.e. www:bob.com). Alice gets the replaced (i.e, Trudy’s) IP address, which is, ‘© Now, Alice starts communicating with Trudy, believing that she is communicating with Bob! Such attacks of DNS spoofing are quite common, and cause a lot of havoc. Even worse, the attacker (Trudy) does not have to listen to the conversation on the wire! She has to simply be able to hack the DNS server of the ISP and replace a single IP address with her own! A protocol called DNSSee (Secure DNS) is being used to thwart such attacks. Unfortunately, it is not widely used rf Summary ‘© Network and Internet security has gained immense prominence in the last few years, as conducting business using these technologies have become very crucial. ‘© Automation of attacks, privacy concems, and distance becoming immaterial are some of the key characteristics of modern attacks. © The principles of any security mechanism are confidentiality, authentication, integrity, non-repu- diation, access control, and availability. ‘© Confidentiality specifies that only the sender and the intended recipients should be able to access the contents of a message © Authentication identifies the user of a computer system, and builds a trust with the recipient of a message.a eee eeee Cryptography and Network Security Integrity of a message should be preserved as it travels from the sender to the recipient. It is com- promised if the message is modified during transit. Nonerepudiation ensures that the sender of a message cannot refute the fact of sending that mi sage in case of disputes. Access control specifies what users can do with a network or Internet system. Availabilit users. ensures that computer and network resources are always available to the legitimate Attacks on a system can be classified into interception, fabrication, modification, and interruption. Common way of classifying attacks is to categorize them into criminal, publicity, and legal attacks Attacks can also be classified into passive and active attacks. In passive attacks, the attacker does not modify the contents of a message. Active attacks involve modification of the contents of a message. Release of message contents and traffic analysis are types of passive attacks. Masquerade, replay attacks, alteration of messages and Denial Of Service (DOS) are types of ac~ tive attacks. Another way to classify attacks is application-level attacks and network-level attacks. Viruses, worms, Trojan horses and Java applets, ActiveX controls can practically cause attacks on a computer system. Java offers a high amount of security in programming, if implemented correctly. Sniffing and spoofing cause packet-level attacks. Phishing is a new attack which attempts to fool legitimate users to provide their confidential in- formation to fake sites. DNS spoofing or pharming attack involves changing the DNS entries so that users are redirected to an invalid site, while they keep thinking that they have connected to the right site, @ Key Terms and Concepts . . . . . . . . . . Access Control List (ACL) © Active attack ActiveX control © Alteration of message Application-level attack © Attacker Authentication © Availability Behavior-blocking software © Confidentiality Denial Of Service (DOS) attack © Fabrication Identity theft © Integrity Interception © Interruption Java applet © Masquerade Modification © Network-level attackIntroduction tothe Concepts of Security 281 © Non-repudiation © Passive attack © Phishing © Pharming Release of message contents © Replay attack © Signed Java applet © Traffic analysis @ Trojan horse Virus @ Worm PRACTICE SET @ Multiple-Choice Questions! 1. The principle of ensures 5. The attack is related to confi- that only the sender and the intended re- dentiality. cipients have access to the contents of a (a) interception message. (a) confidentiality (b) authentication (c) integrity (@) access control If the recipient of a message has to be sat- isfied with the identify of the sender, the principle of comes into picture, (a) confidentiality (b) authentication (©) integrity (4) access control If we want to ensure the principle of , the contents of a message must not be modified while in transit, (a) confidentiality (b) authentication (c) integrity (d) access control The principle of the sender of a message cannot later claim that the message was never sent. (a) access control (b) authentication (©) availability (@) nonerepudiation ensures that 6. The 7. The 8. The (b) fabrication (©) modification (@) interruption attack is related to au- thentication. (a) interception (b) fabrication (©) modification (@) interruption attack is related to integ- rity. (a) interception (b) fabrication (©) modification (@) interruption attack is related to avail- ability. (a) interception (b) fabrication (©) modification (d) interruption 9. In attacks, there is no modifi- cation to message contents. (a) passive (b) active (©) both of the above (d)_ none of the above30 10, ul 12 Cryptography and Network Security In attacks, the message con- 13, Virus is a computer tents are modified, (a) file (a) passive (b) program (b) active (©) database (©) both of the above (@) network (@) none of the above 14, Aworm modify a program. Interruption attacks are also called (a) does not attacks. (b) does (@) masquerade (©) may or may not (b) alteratio (@) may (0) denial of service 15. A replicates itself by creating its (@) replay attacks own copies, in order to bring the network DOS attacks are caused by toa halt, (a) authentication (a) virus (b) alteration (b) worm (©) fabrication (©) Trojan horse (A) replay attacks () bomb Mf Exercises wpe s 10. u. 12. 13, 4, 15. Find out more examples of security attacks reported in the last few years. ‘What are the key principles of security? Why is confidentiality an important principle of security? Think about ways of achieving the same, (Hint: Think about the ways in which children use a secret language). Discuss the reasons behind the significance of authentication. Find out the simple mechanisms of authentication. (Hint: What information do you provide when you use a free email service such as Yahoo or Hotmail?) In real life, how is message integrity ensured? (Hint: On what basis is a check honored or dishon- ored?) What is repudiation? How can it be prevented in real life? (Hint: Think what happens if you issue a check, and after the bank debits your account with the amount therein, you complain to the bank that you never issued that check), What is access control? How different is it from availability? Why are some attacks called passive? Why are other attacks called active? Discuss any one passive attack. What is ‘masquerade”? Which principle of security is breached because of that? What are ‘replay attacks"? Give an example of replay attacks, What is ‘denial of service’ attack? ‘What is a ‘worm’? What is the significant difference between a ‘worm’ and a ‘virus’? Discuss the concepts of ‘phishing’ and ‘pharming’. Would message integrity on its own ensure that the contents of a message are not changed during transit? Does something more needs to be done?Introduction tothe Concepts of Security Hf Design/Programming Exercises L. 10. u 12. 13. 14, 15, Write a C program that contains a string (char pointer) with a value ‘Hello World’. The program should XOR each character in this string with 0 and display the result, Repeat the exercise by an XOR operation with 1. Write a C program that contains a string (char pointer) with a value ‘Hello World’. The program should AND, OR and XOR each character in this string with 127 and display the result. Why are these results different? Study ‘phishing’ in more detail. Find out which popular bank sites have been phished and how. Think about offering phishing-prevention techniques. Which ones of them would be most effec- tive, and why? Why is it easier to fall prey to ‘pharming’ than ‘phishing"? Explain in technical terms. Often, it is said that a technology called SSL can prevent ‘phishing’ and ‘pharming’. Is it always true? Why? Write a small viruslike program in plain English language that accepts a file name and changes every character in the file to an asterisk. How is DNS secured? Are standard protocols available? Study what is meant by Nigerian Fraud and how it can be prevented, ‘What is the online lottery seam? How does it work? ‘What tricks do attackers use to hack into online banking accounts? Study what is meant by social engineering and how it works. Who is Kevin Mitnick? Why is he well known? What threats do attacks on social networking sites pose? How can those be prevented? Which tools ate popularly used by attackers to attack Web sites?