Cryptography
Cryptography
SYLLABUS
-
it-1
unreadable ,
text that encrypted
be
can
only
-
.
key
↑
What is
Cryptography ? ↑
It is a technique of securing communication by converting plain text into unintelligible L
cipher
>
text. It deals with developing and analyzing protocols that prevent malicious third parties from
retrieving information being shared between two entities thereby following the various aspects
of computer and information security.
It involves various algorithms and protocols to ensure data con dentiality, integrity,
authentication and non-repudiation.
- decryption key
"Hello"
jemopon
encryption
=
kng
f
ciphertext
pecryption
"Helld
Network
--
and Internet
↳
securely &
d ·
er C
prevent Ccorrect
securely
--
· -
the transmission
of information
-
confidentiality integrity
DATA
· and se
Security
Computer 5 &
Ste
NIS) detention Availability
-
“The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability and con dentiality of information system
resources”
includes
telecommunications
>
- -
&
L ↳
information
hardware
software firmware data
Objectives
- - -
Ent
Confidentiality egrity Availability
ata
↑ contentiality >
-
- -integrity
Dala -
·
eidential .
#III
find ·
serirce is not denied to
authorized
-
manner
individuals info 3 authorized users
Programs
-Rivacy i
Dala
-
,
L what
or
individual
controls
gets
or
influence
collected
stored by whom
integrity
-tem
intended function
and to whom it
⑰
performs
gets in
disclosed unimpaired manner
framdeliberate
eerr
·
fi
computer security Challenges
1. [Complexity of Security]: Security is a complex issue that requires specialized knowledge
and expertise.
2. [Anticipating Attacks]: It's important to consider potential attacks on security features and
plan accordingly.
3. [Unintuitive Procedures]: Sometimes, effective security procedures may not seem logical
or user-friendly.
4. [Choosing Security Mechanisms]: Deciding where and when to use different security
mechanisms is a critical task.
5. [Constant Vigilance]: Continuous monitoring is essential to detect and respond to security
threats.
6. [Prioritizing Security]: Security should be considered from the start, not as an
afterthought.
7. [Multi-faceted Security]: Security involves more than just technical solutions, such as
algorithms and protocols.
8. [Ongoing Battle]: Security is an ongoing battle between those trying to protect systems
and those trying to exploit them.
9. [Investing in Security]: The importance of investing in security may not be appreciated
until a security breach occurs.
10. [Balancing Security and User Experience]: Strong security measures should not hinder
ef ciency or user-friendliness.
Security tecture
.
Security Attack
I - d
aproc
e
emie
S any
action that
compromises the
security of information
security Mechanism
owned
by an
organization &
enhancesthe
data
security of
processing systems and
information transfers of an
security service
organization
fi
Threat
violation system security
An assaulton
A potential for X
that derives from
threat ; that is , an
an
unintelligent
of security when
,
there is a
-
circu
unintelligable
act that is a deliberate
mstance ,
capability achor or event
, , attempt
that could breach
security and
to evade security services and
violate the security
cause .
harm policy of
system
a .
~ W
M
1
tie
-
Pauwe
involves attacker
actively disrupti
>
-
-involves attacker
observing
monitoring system network noaltering system network
-
or or , or
,
device
..
acurly without
-
acurly
*
or device
- -
-
&
it
disruptionratherthan
a
.
going
,
.
causing damage or disruption That their
data/g is being modified
>
-
sender and receiver have by intruder
.
↓ d L
no clue
of the intruder .
attacker sends a
attackerpretendsto ·
modifies
· -
delays
·
Darge volcune
be authenticsender
. replays or
later time transmitted of traffic
M it at msg
Traffic
a
Eavesdropping
analysis Internet or other comm ·
facility
facility -
LICE
Al
BOB
-
~
BOB ALICE
DARTH
DARTH
fi
Security Mechanisms
● Built to identify any breach of security or attack on the organisation.
● Responsible for protecting a system, network or device against unauthorised access,
tampering, or other security threats.
● Can be implemented at different levels within a system or network.
● Divided into:
Pervasive security
Security
Specific
Mechanisms Mechanisms
maybe incorporated specific to any particular
·
·
f
into the not
>
-
OSL
appropriate protocol layer in order to security service or protocol
provide some of the OSI security
-
layer .
services Y
Encipherment Functionality
Isted
-
gitat
signature The marking bound to a resource that names or
Involves the use of cryptographic techniques designates the security attributes of that
to create a unique,veri able identi er for a resource.
digital document or message. Detection
ent
Access Control
- -
Detection of security-relevant events.
Enforce access rights to resources.
security
Audit Trail
ta
↳
Integrity Data collected and potentially used to facilitate a
Used to assure the integrity of a data unit or security audit, which is an independent review
stream of data units. and examination of system records and
entication
Exchange activities.
Intended to ensure identity of an entity by curity
Recovery
means of information exchange. Deals with requests from mechanisms such as
event handling and management functions, and
takes recovery actions.
fi
fi
Padding
Traffic
Insertion of bits into gaps in a data stream.
Helps to thwart traffic analysis attempts
ting
Control
Enables selection of particular physically secure
routes for certain data transmission and allows
routing changes,especially when a breach occurs.
Notarization
Use of trusted third party to assure certain property
of a data exchange.
security services
Refer to different services available for maintaining the security and safety of an organisation.
Help in preventing any potential risks to security.
Divided into ve types:
patadentiality I
epe
↳-Greg
e
I5selectivee e I
>
- Connection
, >
-
Data-Origin
Connectionless
-connection
>
-
(without
Recovery)
> seclective-field
-
↳ connectioner
selective-field
Connectionless
fi
AVAILABILITY OF SERVICE
● The security incident(the goal of the attack)——> root node of the tree
● Ways that an attacker could reach that goal——> branches and sub-nodes of the tree
● Different ways to initiate an attack——> nal nodes on the paths outward from the root
● Motivation behind this is to effectively exploit the information available on attack patters.
The root of the tree is the objective of the attacker, which is to compromise a user’s account.
The shaded boxes on the tree are the leaf nodes, which represent events that comprise the
attacks. Note that in this tree, all the nodes other than leaf nodes are OR-nodes.
The analysis to generate this tree considered the three components involved in
authentication:
■ User terminal and user (UT/U): These attacks target the user equipment,
including the tokens that may be involved, such as smartcards or other password
generators, as well as the actions of the user.
■ Communications channel (CC): This type of attack focuses on communication
links.
■ Internet banking server (IBS): These types of attacks are of ine attacks against
the servers that host the Internet banking application.
Five overall attack strategies can be identi ed, each of which exploits one or
more of the three components. The ve strategies are as follows:
■ User credential compromise: This strategy can be used against many elements
of the attack surface. There are procedural attacks, such as monitoring
a user’s action to observe a PIN or other credential, or theft of the user’s
token or handwritten notes. An adversary may also compromise token
information using a variety of token attack tools, such as hacking the smartcard
or using a brute force approach to guess the PIN. Another possible
fi
fi
fi
strategy is to embed malicious software to compromise the user’s login and
password. An adversary may also attempt to obtain credential information
via the communication channel (snif ng). Finally, an adversary may use
various means to engage in communication with the target user.
■ Injection of commands: In this type of attack, the attacker is able to intercept
communication between the UT and the IBS. Various schemes can be used
to be able to impersonate the valid user and so gain access to the banking
system.
■ User credential guessing: It is reported in [HILT06] that brute force attacks
against some banking authentication schemes are feasible by sending random
usernames and passwords. The attack mechanism is based on distributed
zombie personal computers, hosting automated programs for username- or
password-based calculation.
■ Security policy violation: For example, violating the bank’s security policy
in combination with weak access control and logging mechanisms, an employee
may cause an internal security incident and expose a customer’s
account.
■ Use of known authenticated session: This type of attack persuades or forces
the user to connect to the IBS with a preset session ID. Once the user authenticates
to the server, the attacker may utilize the known session ID to send
packets to the IBS, spoo ng the user’s identity.
fi
fi
A message is to be transferred from one party to another across some sort of Internet
service. The two parties, who are the principals in this transaction, must cooperate for the
exchange to take place. A logical information channel is established by de ning a route
through the Internet from source to destination and by the cooperative use of communication
protocols (e.g., TCP/IP) by the two principals.
Security aspects come into play when it is necessary or desirable to protect the
information transmission from an opponent who may present a threat to con dentiality,
authenticity, and so on. All the techniques for providing security have two components:
This general model shows that there are four basic tasks in designing a particular
security service:
1. Design an algorithm for performing the security-related transformation. The algorithm
should be such that an opponent cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security
algorithm and the secret information to achieve a particular security service.
There are other security-related situations of interest that do not neatly t in the model for
network security but are considered important . A general model of these other situations is
illustrated in Figure 1.6, which re ects a concern for protecting an information system from
unwanted access. Most readers are familiar with the concerns caused by the existence of
hackers, who attempt to penetrate systems that can be accessed over a network.
The hacker can be someone who, with no malign intent, simply gets satisfaction from
breaking and entering a computer system. The intruder can be a disgruntled employee who
wishes to do damage or a criminal who seeks to exploit computer assets for nancial gain
(e.g., obtaining credit card numbers or performing illegal money transfers).
Viruses and worms are two examples of software attacks. Such attacks can be introduced
into a system by means of a disk that contains the unwanted logic concealed in otherwise
useful software. They can also be inserted into a system across a network; this latter
mechanism is of more concern in network security.
fl
The security mechanisms needed to cope with unwanted access fall into
two broad categories (see Figure 1.6).
The rst category might be termed a gatekeeper function. It includes password-based login
procedures that are designed to deny access to all but authorized users and screening logic
that is designed to detect and reject worms, viruses, and other similar attacks.
Once either an unwanted user or unwanted software gains access, the second line of
defence consists of a variety of internal controls that monitor activity and analyze stored
information in an attempt to detect the presence of unwanted intruders.
fi
TERMINOLOGY ↑
& I
E SECURITY -
& -
cryptology
/ -
L >
Cryptography Cryplanaties
-
L ↳
symmetric
↓ at
d ↓ -d
social
Implementation Engineering
Assymmetric clarucal
·
attacks attacks
Key L ↳
Hashing Brute-force
-O
Analytical
● Involves usage of one secret key along with encryption and deccryption algorithms which
help in securing of the contents of the message.
● Strength depends on number of key bits.
● Faster than asymmetric key cryptography.
● Arises a key distribution problem as the key has to be transferred from sender to receiver
through a secure channel.
Secret key shared sect key shared
by sender and recipient by
sender and recipient
K K
Transmitted
X ciphertext
-
- -
-
Encryption Decryption S =
> > Algorithm
- -
X = D(K, Y)
-
--
algorithm y = E(k , X) (reverse of encryp
-
Plaintext (e g AES)
. . tion algorithm) Plaintext
input output
simplified model of
Symmetric Encryption
Asymmetric Rey Cryptography
● Also known as Public-Key Cryptography
● Involves usage of a public-key along with a secret key.
● Solves problem of key distribution as both parties use different keys of encryption/
decryption.
● Not feasible to use for decrypting bulk messages
● Very slow compared to symmetric key cryptography.
Public Private
key key
K
*
K
Transmitted
ciphertext
-
- -
Encryption Decryption
-
S
-
Plaintext Plaintext
input output
simplified model of Asymmetric Encryption
Hashing
-
● Involves taking plain text and converting it to hash value of xed size by a hash function.
● Ensures integrity of message as hash value on both sides should match if message is
unaltered.
>
-
Of Cryptography
History
Krypto graphene ↓ d d
werling
-
hidden
-
Clanical
Cryptography .
Roots are
found in Roman & Egyptian Civilizations
1)
>
-
Hieroglyphs
earliest known
Cryptography
me
of Cryptography
Heiroglyphs communication
>
-
was a sect
form of
2)
>
-
Cassar
Cipher
each character in a word is
replaced by a fixed number
of poulous
---
>
-
Ka shift cipher
also
3) Vigenere cipher
designed by rigene
>
-
entire
message
cipher text is generated by addingthe message character
>
-
>
-
embedded in the
singlerotor used is where secret key
>
-
is
and the
rolling dire
&
table
-
ciphertext out
to the
=
key
each pless from
Keyboard
rated
5) Enigma Machine
>
- -
combination
a electro-mechanical of subsystems
>
-
consisted of 3-5 rotors
broken Poland
by
>
-
ed on the
spindle and accordingly the key was
scrambled to
something one
.
Data Encryption
created
Standard
by IBM
>
-
used
for encryption of electronic data
>
-
>
- >
- >
- .
>
-
broken exhaustive search attack in 1997
was
by an .
1dvance
-
Encryption
kind
Standard
of block cipher
Rinda
a citer
a new see
-
>
-
based substitution
permutation network
>
-
on -
sub-set
>
-
of Rindael
>
-
family of ciphers with different key and block sizes
.
>
-
block size-128 bits or 16 characters
128 bit , 192 bit & 256 bit
different key sizes -
>
-
3 >
What is
Cryptanalyses?
Study of Cryptographic algorithm and the breaking of secret codes developed under proess
of cryptography.
Person practicing cryptanalysis is called a Cryptanalyst.
Classical Attacks
1) Cryptanalytic Attacks
It’s a type of attack that takes advantage of structural aws in a speci c algorithm.
& Relies on the nature of algorithm plus some knowledge of the general characteristics of
plaintext or even some sample plaintext - cipher text pairs.
>
- Exploits the characteristics of algorithm to attempt to deduce a speci c plaintext or to deduce
the key being used.
2) Brute-force Attacks
>
-
Attackers tries all potential keys in order to gure out the key.
>
-
Longer the key, longer the time to execute the attack.
>
-
Run the encryption algorithms for all possible cases of the keys until a match is found.
>
- Encryption algorithm is treated as a black box.
Social
>
-
Engineering Attack
Something that is dependent on the human factor.
>
-
Tricking someone to reveal their passwords to the attacker or allowing access to restricetd
area comes under this attack.
- People should be cautious when revealing their passwords to any third party which is not
trusted.
Implementation Attack
Attacks such as side-channel analysis can be used to obtain a secret key.
fi
fl
Based amouninformation
on know Crystone
to a
--
(easier to
defend)
(rarely used)
parely used)
- should
1) Encryption algo be
strong
2) key shared by sender and receiver should be
secret
.
Let
plaintextsKX
=
<X, X2 ,
--
- XM)
key ,
=
/K1 , K2
, -.., kj ]
ciphertext , Y =
/ X1 ,
X2
, -. ., YN]
then , y= Encryption argo. --
A-B share
& same
key
process a block
at a time
E
output block
for each input
block
process infest
continuously
E
E
produce output
one element
↳ A-B at time
use
diff a
- keys .
basic
reqG
,
no
intolast
Unconditionally secure
·
if
enough information to determine
uniquely corresponding
plaintext
Except One time pad encryption algorithm
>
-
,
no is urcon-
ditionally secure
>
-
All users
of an
encryption algorithm can strive for is
both of
following criteria :
I
an
algo . That meets one or
2) Computationally secure
the above criteria met.
Ifeitherdifficult ente
>
-
to are
-
a
amountof effecte o
Substitution Techniques letters
One in which letters
of plaintext are
replaced by other
or numbers or symbols
.
↳Plaintest
-a Selene beh
of t bit
see
pas
Cassar Cipher
replace each letter
of alphabet with letter
standing 3
>
-
g,
plaintext
>
-
///
meet at
/I party
ILL
ciphertext >
- PHHW DW SDUWB
substitution
different keys- -
different
>
-
>
b = 10 so on,
-
a= 0
Mathematically starting from
-
>
-
-
S ,
eller
: >
-
= p + k) mod (26)
E(p)
D(C) (C K) mod (26)
= -
↳
ciphertext
for e .
g., M =
E(M) =
(12+ 3) Mode6 =
15 + P
(15 3) modes 12 =
m
DIP)
=
= -
This
cipher be broken
>
- :-
can
d
one
plaintext-ciphertext -y applying brute
force
attack
Pair is known
.
-
Encryption decryption algos are
-
know
Easy to implement
>
-
>
-
vulnerable to Brute-force attack
recognizable
a c substitution
M enoalphabetig Litter
Unlike Caesar ,
permutation
*
random
cipher any
>
- is
. ,
of alternative keys !
26
possible
>
- =
no .
impractical
D
Brute attack is
>
-
force
>
-
Human languages are
redundant-fact can be exploited
be used to
table
of frequency of letters list
>
- - can
Engesch canguage
-
>
-
- most common 2 letter combination
>
th in ev re 2 an
for e g .
- -
, ,
.
,
combination
Trigrams most common 3 letter
>
- -
- -
Homophonic
- -
Polygram -
letters are
groups of
>
-
or
different p can be represented
by same C . >
- broken
using
fore g.
world >
-
DTTHE plaintext attacks of
brute force attacks
>
- can be broken using
wordpatterns
a
Po Iyalphabetic Substitution either
mapping blw PC C changes over the course
of message
-
.
multiple one-character keys
>
-
uses
one-letter keys
period of cipher- of
>
-
no
>
-
for key letter p4 plantext letter q
titled
cipher text letter intersection
eow
of
>
-
p6
column filled
9
size
size of key of plaintext
>
- =
Hello
for
>
-
e .
.
g P
=
↳= bur "
Vignore
I
-
·
apher
-
>
-
for g.
e .
plantext "
Ciphertext "ZICUTWQNG
RIGUTM =
>
-
Ci (Pi + Kimodm) mod (26)
=
key letter-identifies
·
↳
E
the row
plaintext letter at
top of column
of keyword
Vernam either
system works binary data (bit) rather
>
-
on than
letters -
Encryption
--
ith binary
of cibhertext
&
O
Ci =
Pi ④ >
- ith
binary digit of key
T
- -
(substract I
XOR
is
Ci Ki tp
he
Decryption Pi =
- -
construction
of this is
of key
-
essence means
of
for Plaintext - OAK
- >
e
.,
g
-
SON
key
>
-
O =>> 14 =
0 ///0
8 = > 18 = 10010
XOR-11110 =
28 = 28 26 -
= 2 = C
can be broken with a
very long ciphertext or known
>
-
plaintent as the
key is repeated
.
One-time Pad
updation of Vernam apher
·
>
-
>
-
key used to encrypt as decrypt a single menage
then descarded
-
M
each new
menage requires key
>
-
a new
> size /key) size
(msg)
- =
>
- scheme is unbreakable (i .e
.
., unconditionally secure)
>
-
produces random output that bears no statistical
relationships to plaintext
I
>
-
security-randomness of key
>
-
offers &
perfect secrecy-nocomputational o
potter ocanguesorbtain
ane
ciphertext or
>
-
One time pad has 2 fundamental
difficulties :-
E -
>
making of large no of
distribution
key a
protection
random keys
>
- can be used
for low bandwidth channels for e g
.
military use
Playfavs either
-
>
-
kla playfair square or Wheatstone Playfair Cipher
also .
>
-
multiple letter encryption cipher
5x5 matrix constructed
using a keyword (for e g,
>
- .
>
-
MONAMarniie
Rules
ame rectangle
↓
Repeating ro
·
Digrams me H
filler wrap
H
wrap around
1>
Trap/
around
It
Plaintext-attack = at to ck
forg
-
.
Mp Su de
>
-
same key is used
for encryption & decryption
possible digrams 262
- >
-
Pros Cons
cons
>
-
harder to bleak >
-
substitution is self-inverse
>
-
more cipher text AB-URBA =
RU
req .
fore g
. s
:
to crack
encryption >
-
uses cipheries
symmetric
same key used for ECeD -
Hill ce cher -
multi-letter
apher
>
-
>
-
polygraph
>
-
Rey 2x2, 3x3 , or nXW
:
Based on linear
-
algebra
↳ matrix arithmetic modulo 26
↳ matrix
square
↳ determinant
↳
multiplicative inverse
Hill Algorithm
>
-
c =
E(k , p) =
(P x k) mod (26)
P =
D(K , c)
=
<k
+
mod26 =
(Pxkxk ) mod (26)
G =
(P, K 11 + P2R21 +
P3K31) mod 26
+
C2= (P , R12 P2K22+ P2Koz) mod 26
C3 =
(P3K 13 + P3K23 + P3R
33) mod 26
15
& <24 glYs4 &Y -Y
-for g. , ng
e .
=
It itsa
k =
emo
my
I
mor
P pay
Pay => 15 0 24 17 5
17
21 18 21
2 2 19
c =
O
-
Decryption
Decryption requires K" inverse matrix K
>
-
,
adj(k)
+
K =
1
(k) (k) =
/ K/ mod26
number
of rows, then read cipher
off row
by row
.
>
-
for e .
:
g
"meet me
after party"
there deftione
mat Upaty
>
me
-
=>
mcmatratetefepry
keyword required
>
-
vary easy as no
for dept B
>
- -
=
Met me f epr
I
= mutactefepryeast
Row Column
Transposition
complex scheme
>
-
a more
a receiver
rectangle-depending upon sender
>
-
>
- write
read :
: row
by
column
row
colum
by
order 34521
key :
of the column
Patie
for e .
-
g
.
"
"kill her at two am
plet
=
Ur 3 ; Nc= =
5
k
LOVED
=
B 45
C =
Cityltmkecirolaa >
- this
give as input to a
sect
Steganography
art
of hiding secret data in plain-sight
.
>
-
>
- conceal the the existence of message
>
-
not an
encryption scheme
>
-
for e .
g. f
Simplyencrypt
b ce
reading exactly tre
correct
g e C r f t
-
overhead hide
a
rela
requires
atot
-
to a
-
a
①
few bet
the discovered is it becomes
system
>
-
-
once
-
virtually worthless