Cryptography and Information Security Third Edition PHI Learning [civate Linttied Delhi-110092 2019© 350.00 CRYPTOGRAPHY AND INFORMATION SECURITY, Third Eaition VK. Pachghare © 2015 by PHI Leaming Pivato Limited, Del, Al rights reserved. No part of tis book may be reproduced In any form, by mimeograph or any other means, without permission In wring fom the publisher 1SBN-978-81-206-5082-3, “Tho export rights of this book are vested solely with the publcher. ‘Sith Printing (Third Editon) . - August, 2019, Published by Asake K. Ghosh, PH Laaming Private Limited, Rimim House. 111, Patpergen) Industnal Estate, Dal-110C92 and Printed by Mudrak, 30-8, Patpargar), Del-1 10034Contents Preface Acknowledgements . 1. INTRODUCTION. Ll Security 1 1.2 Elements of Information Security 2 12.1 Confidentiality 2 132 Integy 2 1.23 Availability 3 18 Security Poliey 3 14 Security Techniques 4 LB Steps for Better Security 5 LG Category of Computer Security 6 17 The Operational Model of Network Security 7 18 Security Services 3 1.9 Basic Network Socurity Terminology 9 19.1 Cryptography 9 192 Hacking 9 193 Eneryption 9 194 Decryption 10 19.5 Cryptanalysis 10 1.10 Security Attacks 17 1.10.1 Passive Attack 12 1.102 Active Attack 12 1.11 Open Source Tools 14 LILI Nmap 14 L112 Zenmap 15Contents LIL Port Seamer 15 L1L4 Network Scanner 15 L1L5 Wireshark 15 Summary 16 Exercises 16 Multiple Choice Questions — 16 DATA ENCRYPTION TECHNIQUES. 21 Introduction — 18 2.2 Eneryption Methods 19 2.2.1 Symmetric Encryption 19 2 Asymmetric Encryption 20 2.8 Cryptography 21 2.4 Substitution Ciphers 21 24.1 The Caesar Cipher 21 Monoalphabetic Ciphers 29 Playfair Cipher 23 ‘The Hill Cipher 27, Polyalphabetic Ciphars 21 2.4.6 One-time Pad or Vernam Cipher 33 2.5 Transposition Ciphers 34 2.5.1 Single Columnar Transposition 35 2 Double Columnar Tsansposition 36 2.6 Cryptanalysis 37 2.6.1 Enumerate All Shot Keywords 37 2.62 Dictionary Attacks 38 2.7 Steganography 39 7.1 Applications 39 2.7.2 Limitations 40 Solved Probleme 40 Summary 52 Exercises 53 Multiple Choice Questions 34 3. DATA ENCRYPTION STANDARDS. B41 Indroduction 56 3.2 Block Ciphers 56 Block Cipher Modes of Operation _ 57 3.3.1 Electronic Code Book (ECB) Mode 57. 3.32 Cipher Block Chaining (CBC) Mode 59) ‘3.3 Feedback Mode 61 3.3.4 Counter Mode 64 3.4 Feistel Ciphers 66 3.5 Data Encryption Standard 67 3.5.1 Working of DES _ 68 2 Cracking DES 7#Contents vil 3.6 Simplified Data Encryption Standard 74 37 Triple DES 80 3.7.1 Working of Triple DES 80 3.72 Modes of Operation 87 3.8 DES Design Criteria 87 B81 Design of S-box 81 8.9 Other Block Ciphers 82 3.10 Differential Cryptanalysis 82 3.11 Linear Cryptanalysis $2 BLL Steps to Perform Linear Cryptanalvsis 83 3.12 Weak Keys in DES Algorithms 6 Summary 89 Exercises 89 Multiple Choice Questions 90 ADVANCED ENCRYPTION STANDARD... 4.1 Introduction 91 4.2 Advanced Eneryption Standard (AES) 92 43° Overview of Rijndacl 92 44° Key Generation 93 44.1 Round Constant 95 4.5 Eneryption 96 4.5.1 Initial Round 97 4.5.2 Round1 — 98 46 Decryption 103 46.1 Initial Round 103 46.2 Round 1 102 4.7 Galois Field of Multiplication 105 4.8 Advantages of AES 108 4.9 Comparison of AES with Other Ciphers 108 4.10 Simplified AES 109 Solved Problems — 111 Summary — 126 Exercises 126 Multiple Choice Questions 126 SYMMETRIC CIPHERS..... 5.1 Introduction 128 5.2 Dlowfish Encryption Algorithm — 728 5.2.1 Key Expansion 129 5.22 Encryption — 130 5.2.8 Blowfish Architecture 132 5.24 Cryptanalysis of Blowfish 133 5B RCS 138 5.3.1 Characteristics of RCS 184 5.3.2 Parameters 125 5.3.3. Cipher Modes in RCS 136 128-160Contents B4 RCA 137 Design 197 Charaeteristies 137 Algorithms 137 138 Parameters of RC6 139 Basie Operations 139 Working of ROG 140 5.6 Comparison between RC6 and RCS 140 5.7 IDEA 141 5.7.1 Working of IDEA 142 5.7.2 Decryption — 145 5.73 Security 149 Solved Problems 146 Summary 159 Exercises 159 Multiple Choice Questions 160 6. NUMBER THEORY ... 61 Introduction 167 62 Prime Numbers 161 621 Relative Prime Numbers 162 63 Modular Arithmetic 162 6.3.1 Properties 163 64 Fermat's Theorem — 165 6.4.1 An Application of Fermat's Little Theorem and Congruence 167 65 Buler’s Theorem 159 6.5.1 The General Formula to Compute dn) 170 66 Buelidean Algorithm 174 6.6.1 Extended Euclidean Algorithm 176 67 Primality Test 182 67.1 Naive Methods 182 67.2 Probabilistic Tests 182 67.3 Fermat Primality Test 182 674 Miller-Rabin Primality Test 184 67.5 Agrawal, Kayal and Saxena Primality Test (AKS Test) 184 68 Chinese Remainder Theorem 185 6.9 Discrete Logarithms 189 69.1 Index Calculus Algorithm 190 6.10 Primitive Roots 191 Solved Problems 192 Summary — 203 Exercises 208 Multiple Choice Questions 205PUBLIC KEY CRYPTOSYSTEMS. Ta 72 Contents Contents 12.8 ISAKMP Protocol 347 12.8.1 Overview 341 12.8.2 Terms and Definitions 342 12.8.3 Security Association Negotiation 342 12.84 ISAKMP Payloads 342 12.8.5 ISAKMP Exchange Types 346 12.9 OAKLEY Key Determination Protocol 349 12.9.1 Overview 349 12.10 Key Exchange Protocol 350 12.11 Virtual Private Network 351 Summary — 854 Exercises 355 Multiple Choice Questions 355, 13. WEB SECURITY... 18.1 Introduction 357 13.2 Secure Socket Layer 957 13.3 SSL Session and Connection 359 13.4 SSL Record Protocol 350 18.5 ChangeCipher SpeeProtocal 361 13,6 Alert Protocol 361 13.7 Handshake Protocol 361 13,8 Secure Electronic Transactions 364 13.8.1 Importance of SET 365 13.8.2 SET Mechanism 365 13.8.3 Key Elements of SET — 366 13.84 Strengths of SET 367 13.8.5 Weaknesses of SET 368 Summary — 368 Exerciaca 368 Multiple Choice Questions 369 14, INTRUSION. 14.1 Introduction 370 14.2 Intrusion Detection 371 14.3 Intrusion Detection System 372 14.8.1 Need for Intrusion Detection Systems 373 14.3.2 Intrusion Detectio: Method 274 14.4 Anomaly-based Intrusion Detection Systems 375 14.4.1 Statistical Approach — 376 14.42 Immune System Approach 976 14.5 Misuse-based Intrusion Detection Systems 76 14.5.1 Expression Matching 877 14.5.2 State Transition Analysis 377 14.5.3 Genetic Algorithm 377 870-29115. crane Petco primality test, Chinese remainder theorem, and diserete logarithms. Chapter 7 provides an introduction to public key encryption, the RSA algorithm, and timing attacks, besides solved problems on RSA. Chapter 8 focuses on key distribution, the Diffie-Hellman. key exchange, elliptic curve and zero knowledge proof systems, Chapter 9 describes the authentication methods, message digest such as MD4, MD5, RIPEMD, SHA and Kerberos, X.509 authentication service. Digital signatures, algorithms, standards and authentication protocols are taken up in Chapter 10. Chapter 11 introduces the readers to electronic mail security, Pretty Good Privacy (PGP), S/MIME, MIME, and gives a comparison of PGP and S/MIME. Chapter 12 explains IP Security architecture, IPsec, [Pv4, [Pv6, the authentication header (AH) protocol, the encapsulating security payload (ESP) protocol, the ISAKMP protocol, the OAKLEY key determinatior. protocol, and the key exchange protocol. Secure socket layer, SSL session and connection, the SSL record protocol, secure electronic transactions are explained in Chapter 13, Chapter 14 describes intrusion detection system, anomaly detection systems, inisuse detection system, rule-based intrusion detection, distributed intrusion detection, base-rate fallacy, and password management best practices. Different malicious softwares are discussed in Chapter 15. Firewall, types of firewall, firewall architecture, and trusted system are explained in Chapter 16. Chapter 17 discusses about eyber laws. Chapter 18 discusses eompater forensics, computer forensics investigations, the areas in which computer forensics is applied, and its drawbacks. Chapter 19 covers the various vulnerabilities in TCP/IP protocol New to the Third Edition ‘There are continuous innovations and improvements in the field of cryptography and information security. The third edition of the book is fully revised to improve readability to update the coverage of the existing material and to include new material, These changes are more substantial and comprehensive. The major changes in the third edition include: * New chapters on © Cyber Laws ® Vulnerabilities in ‘TCP/IP Model * Introduction to some open source tools like Nmap, Zenmap, port scanner, network scanner and wireshark * Revised section on block cipher modes of operation * Coverage of Simplified Data Encryption Standard (S-DES) and Simplified Advanced Encryption Standard (S-AES) with examples * Elaborated section on Linsar Cryptanalysis and Differential Cryptanalysis + New solved problems and a topic “primitive roots” in number theory * Chapter on public key cryptosystems with various attacks against RSA algorithm * Revised sections on ® Digital signature ® Attacks against digital signature * New topics on Ransomware, Darknet, and Darkweb as per the current academic requirement * Revised chapter on Digital Forensics V.K. PACHGHAREAcknowledgements L express my heartfelt gratitude to my loving and supportive wife, Archana, as always, for her positive attitude, full support, and encouragement in my writing endeavours. ‘Thanks to my lovely daughter Samiksha, for-reading- early-draiteto-ndvise-measand wherneeded: As she was equally instrumental in developing the final text, T would like to share with her the credit for writing this book. T would like to thank Dr. B-e Ahuja (Director CORP), Dr. Mukul Sutaone (Dy. Director COEP), Prof. 4+ Sawant, Dr. Parag Kulkarni, my teachers and mentors: for their help and motivation during this journey. I would like to take this opportunity to thank Rupali Chopade, Shyamel Virnodkar, Bhagyashri Bhirud and Rahul Adhao for providing reviews for this edition. I would acknowledge the support given by my friends and co-workers. This book is the outcome of queries from the students and research in the field of cryptography and information security while teaching Cryptography, Network Security: for more than 15 years. Therefore, I am also thankful to my Institute, College of Engineering Pune (COEP) for giving me opportunities to teach these subjects. I would like to thank innumerable colleagues and students for adopting this book during last 10 years Finally, I also wish to thank the editorial and production staff of PHI Learning for their unstinted support, cooperation and careful processing of this edition. ¥K-PACHGHARE