CYBER SECURITY

Unit-1
Introduction:
Computer data often travels from one computer to another, leaving the safety of its
protected physical surroundings. Once the data is out of hand, people with bad intention could
modify or forge your data, either for amusement or for their own benefit.
Cryptography can reformat and transform our data, making it safer on its trip between
computers. The technology is based on the essentials of secret codes, augmented by modern
mathematics that protects our data in powerful ways.
Cyber Security is a process that's designed to protect networks and devices from external
threats. Businesses typically employ Cyber Security professionals to protect their confidential
information, maintain employee productivity, and enhance customer confidence in products
and services. Cyber security is the protection of Internet-connected systems, including
hardware, software, and data from cyber-attacks.

 It is made up of two words one is cyber and other is security.

 Cyber is related to the technology which contains systems, network and programs or
data.
 Whereas security related to the protection which includes systems security, network
security and application and information security.

1.2 Need of Cyber Security

 Cyber security becomes so important in our predominant digital world
 Cyber-attacks can be extremely expensive for businesses to endure.

Computer Security - generic name for the collection of tools designed to protect data and to
thwart hackers
Network Security - measures to protect data during their transmission
Internet Security - measures to protect data during their transmission over a collection of
interconnected networks.
Security Attacks/Cyber Attacks
To assess the security needs of an organization effectively, the manager responsible for
security needs some systematic way of defining the requirements for security and
characterization of approaches to satisfy those requirements. One approach is to consider three
aspects of information security:
Security attack – Any action that compromises the security of information owned by
an organization.
Types of Cyber Attacks
A cyber-attack is an exploitation of computer systems and networks. It uses malicious
code to alter computer code, logic or data and lead to cybercrimes, such as information and
identity theft.
Cyber-attacks can be classified into the following categories:

1) Web-based attacks 2) System-based attacks

Web-based attacks
These are the attacks which occur on a website or web applications. Some of the
important web-based attacks are as follows-
1. Injection attacks

It is the attack in which some data will be injected into a web application to manipulate
the application and fetch the required information.
Example- SQL Injection, code Injection, log Injection, XML Injection etc.

2. DNS Spoofing
DNS Spoofing is a type of computer security hacking. Whereby a data is introduced into a
DNS resolver's cache causing the name server to return an incorrect IP address, diverting
traffic to the attackers computer or any other computer. The DNS spoofing attacks can go
on for a long period of time without being detected and can cause serious security issues.
3. Session Hijacking
It is a security attack on a user session over a protected network. Web applications
create cookies to store the state and user sessions. By stealing the cookies, an attacker can
have access to all of the user data.
4. Phishing
Phishing is a type of attack which attempts to steal sensitive information like user
login credentials and credit card number. It occurs when an attacker is masquerading as a
trustworthy entity in electronic communication.

5. Brute force
It is a type of attack which uses a trial and error method. This attack generates a large
number of guesses and validates them to obtain actual data like user password and personal
identification number. This attack may be used by criminals to crack encrypted data, or by
security, analysts to test an organization's network security.

6. Denial of Service
It is an attack which meant to make a server or network resource unavailable to the
users. It accomplishes this by flooding the target with traffic or sending it information that
triggers a crash. It uses the single system and single internet connection to attack a server. It
can be classified into the following-

Volume-based attacks- Its goal is to saturate the bandwidth of the attacked site, and is
measured in bit per second.
Protocol attacks- It consumes actual server resources, and is measured in a packet.

Application layer attacks- Its goal is to crash the web server and is measured in request per
second.

7. Dictionary attacks
This type of attack stored the list of a commonly used password and validated them to
get original password.

8. URL Interpretation
It is a type of attack where we can change the certain parts of a URL, and one can make
a web server to deliver web pages for which he is not authorized to browse.
9. File Inclusion attacks
It is a type of attack that allows an attacker to access unauthorized or essential files
which is available on the web server or to execute malicious files on the web server by
making use of the include functionality.
10. Man in the middle attacks
It is a type of attack that allows an attacker to intercepts the connection between client
and server and acts as a bridge between them. Due to this, an attacker will be able to read,
insert and modify the data in the intercepted connection.

System-based attacks
These are the attacks which are intended to compromise a computer or a computer
network. Some of the important system-based attacks are as follows-

1. Virus
It is a type of malicious software program that spread throughout the computer files
without the knowledge of a user. It is a self-replicating malicious computer program that
replicates by inserting copies of itself into other computer programs when executed. It can
also execute instructions that cause harm to the system.

2. Worm
It is a type of malware whose primary function is to replicate itself to spread to
uninfected computers. It works same as the computer virus. Worms often originate from
email attachments that appear to be from trusted senders.
3. Trojan horse
It is a malicious program that occurs unexpected changes to computer setting and
unusual activity, even when the computer should be idle. It misleads the user of its true intent.
It appears to be a normal application but when opened/executed some malicious code will
run in the background.
4. Backdoors
It is a method that bypasses the normal authentication process. A developer may create
a backdoor so that an application or operating system can be accessed for troubleshooting or
other purposes.
5. Bots
A bot (short for "robot") is an automated process that interacts with other network
services. Some bots program run automatically, while others only execute commands when
they receive specific input. Common examples of bots program are the crawler, chatroom
bots, and malicious bots.
Chinese Remainder Theorem

The Chinese Remainder Theorem is applied in secret sharing, which is an important

topic of cryptography. The Chinese Remainder Theorem itself is a secret sharing scheme
without any modification. Let mi, m2,…….,mt be t pairwise relatively prime positive integers.

This theorem has this name because it is a theorem about remainders and was first
discovered in the 3rd century AD by the Chinese mathematician Sunzi in Sunzi Suanjing.

The Chinese remainder theorem is a theorem of number theory, which states that, if
one knows the remainders of the division of an integer n by several integers, then one can
determine uniquely the remainder of the division of n by the product of these integers, under
the condition that the divisors are pairwise coprime.

The Chinese remainder theorem is widely used for computing with large integers, as it
allows replacing a computation for which one knows a bound on the size of the result by
several similar computations on small integers.

10.2. Theorem Statement

Let n1, ..., nk be integers greater than 1, which are often called moduli or divisors. Let us denote
by N the product of the ni.
The Chinese remainder theorem asserts that if the ni are pairwise coprime, and if a1, ..., ak
are integers such that 0 ≤ ai < nifor every i, then there is one and only one integer x, such
that 0 ≤ x < N and the remainder of the Euclidean division of x by niis ai for every i.

This may be restated as follows in term of congruences: If the ni are pairwise coprime,
and if a1, ..., ak are any integers, then there exists an integer x such that

and any two such x are congruent modulo N.

In abstract algebra, the theorem is often restated as: if the ni are pairwise coprime, the map

defines a ring isomorphism.

between the ring of integers modulo N and the direct product of the rings of integers modulo
the ni. This means that for doing a sequence of arithmetic operations in one may do the
same computation independently in each and then get the result by applying the
isomorphism (from the right to the left). This may be much faster than the direct computation
if Nand the number of operations are large. This is widely used, under the name multi-
modular computation, for linear algebraover the integers or the rational numbers.

The theorem can also be restated in the language of combinatorics as the fact that the
infinite arithmetic progressions of integers form a Helly family.

CRT – Problem

An old woman goes to market and a horse steps on her basket and crushes the eggs. The
rider offers to pay for the damages and asks her how many eggs she had brought. She does not
remember the exact number, but when she had taken them out two at a time, there was one
egg left. The same happened when she picked them out three, four, five, and six at a time, but
when she took them seven at a time they came out even. What is the smallest number of eggs
she could have had?

This problem can be expressed as a system of congruences

x≡2(mod3)
x≡3(mod5)
x≡2(mod7)
What does (mod n) mean?
x ≡ a1 ( mod m1 )
The Chinese remainder theorem states the above equations have a unique solution if the
moduli are relatively prime.

Example:

The following is an example of a set of equations with different moduli:

X≡ 2 (mod 3)

X≡ 3 (mod 5)

X≡ 2 (mod 7)

The solution to this set of equations is given in the next section; for the moment, note that the
answer to this set of equations is x = 23. This value satisfies all equations: 23 ≡ 2 (mod 3), 23
≡ 3 (mod 5), and 23 ≡ 2 (mod 7).

Solution To Chinese Remainder Theorem

1. Find M = m1 × m2 × … × mk. This is the common modulus.

2. Find M1 = M/m1, M2 = M/m2, …, Mk = M/mk.

3. Find the multiplicative inverse of M1, M2, …, Mk using the corresponding moduli
(m1, m2, …, mk). Call the inverses M1−1, M2−1, …, Mk −1.

4. The solution to the simultaneous equations is

 1 1
x (a1 M1 M1 a2 M2 M2 ... ak Mk Mk 1)modM
Note that the set of equations can have a solution even if the moduli are not relatively prime
but meet other condition. However , in cryptography only interested in solving equations with
coprime moduli.

Example
Find the solution to the simultaneous equations:

solution

We follow the four steps.

X≡ 2 (mod 3)
X≡ 3 (mod 5)
X≡ 2 (mod 7)

1. M = 3 × 5 × 7 = 105

2. M1 = 105 / 3 = 35, M2 = 105 / 5 = 21, M3 = 105 / 7 = 15

3. The inverses are M1−1 = 2, M2−1 = 1, M3 −1 = 1

4. x = (2 × 35 × 2 + 3 × 21 × 1 + 2 × 15 × 1) mod 105 = 23 mod 105

Solution for Egg Problem

To solve for x, let M=3 57=105

M1=35

M2=21

M3=15

Here we see that 2 is an inverse of M1=35 modulo 3 because 35 2≡22≡1(mod3);

 1 is an inverse of M2=21 modulo 5, because 21≡1(mod5);
and 1 is an inverse of M3=15(mod7), because 15≡1(mod7)
The solution to this system are those x such that
x =2 35 2+3 21 1+2 151

=233≡23(mod105)

The answer is 23 eggs.

10.4. The Proof

Let s and t be positive integers with gcd(s, t) = 1 S and t are therefore coprime Prove that
there exists an integer w such that sw == 1 (mod t)

For each k, let Mi = m/mk where m = m1m2m3…mk (product of mods) Prove that the
greatest common denominator of Mi & mi = 1 Or, that Mi and mi are coprime

Prove that there is an integer xi such that mi xi == 1(mod mi) and ai mi xi == ai (mod mi )
Let x == a1m1x1 + a2m2x2 + … + anmnxn Prove that x == ai (mod mi)

10.5. Application

In coding theory, detection and correction of errors is done by adding redundancy to data
that is sent via a noisy channel or in a computer.

The CRT remainder techniques are useful in developing code that detects errors.

In cryptography, the CRT is used in secret sharing through error-correcting code.

The CRT is itself a secret-sharing scheme without any need for modification

Public key cryptography and RSA

Public-key cryptography is also known as asymmetric-key cryptography, to distinguish it from
the symmetric-key cryptography we have studied thus far.

 Encryption and decryption are carried out using two different keys. The two keys in
such a key pair are referred to as the public key and the private key.
  With public key cryptography, all parties interested in secure communications publish
their public keys.

As we will see, this solves one of the most vexing problems associated with symmetric-key
cryptography — the problem of key distribution.

 Party A, if wanting to communicate confidentially with party B, can encrypt a message

using B’s publicly available key. Such a communication would only be decipherable by
B as only B would have access to the corresponding private key. This is illustrated by
the top communication link in Figure 1.
 Party A, if wanting to send an authenticated message to party B, would encrypt the
message with A’s own private key. Since this message would only be decipherable with
A’s public key, that would establish the authenticity of the message — meaning that A
was indeed the source of the message. This is illustrated by the middle communication
link in Figure 1.The communication link at the bottom of Figure 1 shows how public-
key encryption can be used to provide both confidentiality and authentication at the
same time. Note again that confidentiality means that we want to protect a message from
eavesdroppers and authentication means that the recipient needs a guarantee as to the
identity of the sender.
 In Figure 1, A’s public and private keys are designated P UA and P RA. B’s public and
private keys are designated P UB and P RB.
 As shown at the bottom of Figure 1, let’s say that Party A wants to send a message to
Party B
Why Does RSA Work?

RSA encryption/decryption appears rather magical. Why should it be that by applying

the encryption algorithm and then the decryption algorithm, one recovers the original
message? In order to understand why RSA works, again denote n = pq, where p and q are the
large prime numbers used in the RSA algorithm.

Recall that, under RSA encryption, a message (uniquely represented by an integer), m,

is exponentiated to the power e using modulo-n arithmetic, that is,

c = me mod n

Decryption is performed by raising this value to the power d, again using modulo-n arithmetic.
The result of an encryption step followed by a decryption step is thus (me mod n)d mod n .
Let’s now see what we can say about this quantity. As mentioned earlier, one important
property of modulo arithmetic is (a mod n)d mod n = ad mod n for any values a, n, and d.
Thus, using a = me in this property, we have
 (me mod n)d mod n = med mod n

It therefore remains to show that med mod n = m. Although we’re trying to remove some of
the magic about why RSA works, to establish this, we’ll need to use a rather magical result
from number theory here. Specifically, we’ll need the result that says if p and q are prime, n =
pq, and z = (p – 1)(q – 1), then xy mod n is the same as x(y mod z) mod n [Kaufman 1995].
Applying this result with x = m and y = ed we have

med mod n = m(ed mod z) mod n

But remember that we have chosen e and d such that ed mod z = 1. This gives us

med mod n = m1 mod n = m

which is exactly the result we are looking for! By first exponentiating to the power of e (that
is, encrypting) and then exponentiating to the power of d (that is, decrypting), we obtain the
original value, m. Even more wonderful is the fact that if we first exponentiate to the power of
d and then exponentiate to the power of e—that is, we reverse the order of encryption and
decryption, performing the decryption operation first and then applying the encryption
operation—we also obtain the original value, m. This wonderful result follows immediately
from the modular arithmetic:

(md mod n)e mod n = med mod n = med mod n = (me mod n)d mod n

The security of RSA relies on the fact that there are no known algorithms for quickly factoring
a number, in this case the public value n, into the primes p and q. If one knew p and q, then
given the public value e, one could easily compute the secret key, d. On the other hand, it is
not known whether or not there exist fast algorithms for factoring a number, and in this sense,
the security of RSA is not guaranteed.

Another popular public-key encryption algorithm is the Diffie-Hellman algorithm,

which we will briefly explore in the homework problems. Diffie-Hellman is not as versatile as
RSA in that it cannot be used to encrypt messages of arbitrary length; it can be used, however,
to establish a symmetric session key, which is in turn used to encrypt messages.