KEM The ost Security Architecture ¢ The international telecommunication union telecommunication standardization sector recommendation X.800 security architecture for OSL It is useful to managers as a way of organizing the task of providing security * To assess effectively the security needs of an organization and to evaluate and choose various security products and policies, we need some systematic way of defining the requirements for security and characterizing the approaches to Satisfying those requirements. The OSI security architecture focuses on three ‘essential parts : Security attacks, security mechanisms and security services. ‘© It focuses on security attacks, mechanisms and services. These can be defined below 1, Security attack owned by a Any action that compromises the security of information organization, 2. Security mechanism : A process that is designed to detect. prevent or recover from a security attack 3. Security service : A processing or communication service that enhances the security of the data processing, systems and the information transfers of an organization,Computer Security Concepts SA The history of information security begins with computer security Network security, to protect networking components, connections and contents Information security to protect the confidentiality, integrity and availability of information assets, whether in storage, processing oF transmission. Physical security consists of all mechanisms used to ensure that physical access to the computer systems and networks is restricted to only authorize users Data security is the science and study of methods of protecting data from unauthorized disclosure and modification. TECHNICAL PUBLICATIONS® - an upthrst for krowedge Information Secunty 1-3 Introduction to Information Security Data and information security is about enabling collaboration while managing risk with an approach that balances availability: versus the confidentiality: of data, Security is required because the widespread use of data processing equipment, the security of information felt to be valuable to an_ oF primarily by physical and administrative means. inization was provided Network security measures are needed to protect data during their transmission. Following are the examples of security violations. 1. User A transmits a sensitive information file to user B. The unauthorized user C is able to monitor the transmission and capture a copy of the file during its transmission A message is sent from a customer to a stockbroker with instructions for Various transactions. Subsequently, the investments lose value and the customer denies sending the message. fen two users, the unauthorised user 3. While transmitting the message be intercepts the message, alters its contents to add or delete entries and then forwards the message to destination user.Security Services '* X80 defines a security service as a service provided by a protocol layer of of the systems communicating open systems, which ensures adequate see of data transfers. '* X.800 divides security services into five different categories 1. Authentication 2. Access control 3. Data confidentiality 4. Data int ity 5. Nonrepusdiat 1. Authentication '* Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In public and private computer network, authentication is commonly done through the use of login passwords. TECHNICAL PUBLICATIONS - an upsthust for krowiede Informaton Secunty Introducton to Information Secunty ‘¢ Two specific auth tication services are defined in X.800 a. Peer entity authentication b. Data origin authenticat ‘+ Peer entity authentication used in association with a logical connection to provide confidence in the lenlity of the entities connected. '* Data origin outhentication enables the recepient to verify that the message have not been tempered in transit (data integrity) and they originally from expected sender (authenticity). ‘¢ Data origin authentication does not provide protection against the duplic modification of data units. This type of service supports applications like electronic ‘mail where there are no prior interact ins between the communicating ent 2. Access control ‘* It is the ability to limit and control the access to host systems and applications via communications links ‘© This service controls who can have access to a resource. 3. Data confidentiality ‘© Confidentiality is the concealment of information or resources. It is the protection transmitted data from passiv lacks, ‘© Confidentiality is classified into, 1. Connection confidentiality : The protection of all user data on a connection, 2. Connectionless confides block, jality : The protection of all user data in a single data 3. Selective field confidentiality : The confidentiality of selected fields within the user data on a connection or ina single data block: 4. Traffic flow confidentiality : The protection of the information that might be derived fra observation of traffic flows. 4, Data integrity ‘© Integrity can apply to a stream of messages a single message or selected fields within a message, # Modif In causes loss of message integrity ‘© Data integrity can be classified as 1. Connection integrity with recovery 2. Connection integrity without recovery 3 Jective field connection integrityDifference between Passive and Active Attack Sr. Passive attacks ‘Active attacks No. 1. Passive attacks are in the nature of Active attacks involve some modification of eavesdropping on or monitoring of, the data stream or the creation of a false transmissions stream, 2 Types : Release of message contents and ‘Types : Masquerade, replay, modification, tratfic analysis cof message and denial of service. 3. Very difficult to detect Easy to detect. 4. The emphasis in dealing with passive It is quite difficult to prevent active attacks attacks is on prevention rather than absolutely. detection, 5. It does not affect the system. It affects the system.Playfair Ciph ‘+ The playfair algorithm is based on the use of a 5 x 5 matrix of letters constructed using a keyword TECHNICAL PUBLICATIONS® - an upthrust for knowledge Information Secunty au ‘Symmetnc Key Cryptography ‘* For example : Monarchy is the keyword. uypo[u]ale ec/uly|s|o elri[eci|m|« L ep |o | s|t ulvi[wixlz ‘The matrix is constructed by filling in the letters of the keyword from left to right and from top to bottom and then filling in the remainder of the matrix with the remaining letters in alphabetic order. © The letters I and J count as one letter. Hill Cipher + The encryption algorithm takes m successive plaintext letters and substitutor for them m ciphertext letters. © The substitution is determined by m linear equations in which each character is assigned a numerical value (a = 0, b = 1, ¢ = 2, .. 2 = 25), the system can be described as follows : Cy = (Ky Py + Kyz Py + Kis Pp) mod 26 = (Ky, Py + Koy Py + Kyy Py) mod 26 (Ky ‘© This can be expressed in term of column vectors and matrices : 22 Py + Kyp Py + Kys Py) mod 26 Gi) (Ku Ke Kn (Pi C2] =|Ku Kaz Ka || Pz |mod 26 C3 {Ks Kn Ky || Ps or © = KP mod 26 Where C and P are column vectors of length 3, representing the plaintext and ciphertext. ‘+ Kis a3 3 matrix, representing the encrypting key. ‘+ For example : Plaintext = Paymoremoney ay dy! S Key (K) = | 21 18 21 2219‘The first three letters of the plaintext are represented by the vector. C = KP mod 26 717: 5 15 (375 iW «|S man{ 486, {1s For plaintext pay, ciphertext is LNS. ‘The entire ciphertext is LNSHDLEWMTRW * Decryption requires using the inverse of the matrix K. * The general terms in Hill cipher is Cipher C = E(K, P) = KP mod 26 Plaintext P= D(K, P) = KC mod 26 = K" KP =P Advantages 1, It completely hides single letter frequency. 2. Hill cipher is strong against a ciphertext only attack. 3. By using larger matrix, more frequency information hiding is possible. Disadvantage 1. Easily broken with a known plaintext attack.Types of attacks on encrypted messages : Sr. No. Type of attack Known to cryptanalyst 1. Ciphertext only 1. Encryption algorithm 2. Ciphertext 2 Known plaintext 1. Encryption algorithm 2. Ciphertext 3. One or more plaintext ciphertext pairs formed with the secret key. 3 Chosen plaintext 1. Encryption algorithm 2. Ciphertext 3. Plaintext message chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key. 4. Chosen ciphertext 1, Encryption algorithm 2. Ciphertext 3, Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secrete key. 5. Chosen text 1. Encryption algorithm 2. Ciphertext 3. Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key. 4. Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key.Cryptography ‘* Cryptography is the practice and study of techniques for secure communication in the presence of third parties © Cryptography is the se of writing in secret code and is an ancient art. ‘* Cryptography is not only protects data from theft or alteration, but can also be types of cryptographic schemes typically used to accomplish these goals + Secret key cryptography, public-key eryptog used for user authentication, The e are, in general, thre: aphy, and hash functions. Characteristics of cryptography : 1. The type of operations used for transforming plaintext to ciphertext 2. The number of keys used. 3. The way in which the plaintext is processed. Cryptanalysis : © The process of tryi y cipher text messaye to obtain the original plaintext message itself is called ay eryptanalysis. ‘© Cryptanalysis is the breaking of codes. The person attempting a cryptanalysis is called as a eryptanalyst ‘© Brute force attack : The attacker tries every possible key on a piece of cipher text until an intelligible translation into plaintext is obtained.Differential Cryptanalysis Differential cryptanalysis is an approach to cryptanalysis whereby differences in inputs are mapped to differences in outputs and patterns in the mappings of plaintext edits to ciphertext variation are used to reverse engineer a key Differential cryptanalysis aims to map bitwise differences in inputs to differences in the output in order to reverse engineer the action of the encryption algorithm, It is again aiming to approximate the encryption algorithm looking to find a maximum likelihood estimator of the true encryption action by altering plaintexts and analyzing the impact of changes to the plaintext to the resulting ciphertext Differential cryptanalysis is therefore a chosen plaintext attack The main difference from linear attack is that differential attack involves comparing the XOR of two inputs to the XOR of the corresponding output. Differential attack is a chosen-plaintext attack. This is a chosen plaintext attack, assumes than an attacker knows (plaintext, ciphertext) pairs Difference AP = P, @ Py, AC =C,@C> Distribution of AC's given AP may reveal information about the key c brute-force for the rest of the bits to find the key Alter finding several bits, Surprisingly ...DES was resistant to differential cryptanalysis. AL the time DES was designed, the authors knew about differential cryptanalysis. S-boxes were designed to resist differential cryptanalysis. Against 8-round DES, attack requires 2° known plaintext-ciphertext pai Against 16-round DES, attack required 2*” chosen plaintexts.Comparison between Stream and Block Cipher Stream cipher lock cipher plaintext, | 2. Faster than block cipher. Slower than stream cipher. 3. Stream cipher processes the input element Block cipher processes the input one block continuously producing output one clement of element at a time, producing an output ata time. block for each input Block. [4 equines tess code, Roquires more code [5 Only one time of key use Reuse of hey is possible. 6 Ex. - One time pad Bx - DES 7. Application - SSL (ecure connections on Application - Database, ile encryption. the web) Stream cipher is more suitable for Easier to implement in software, hardware implementation, TECHNICAL PUBLICATIONS® «9 wp-trust fr krowndge Information Secunty 29 Substitution Techniqi A substitution cipher changes chara A substitution techni other letters s in the pl bby numbers or symbols, I the plaintext is viewed as a seque plainte bit patterns with ciphertext bit patterns Caesar Cipher ‘List of all possible combination of letters. Poin 2 boc de f gh i j k 1 mano p Caesar ciph 1a message is replaced by an alphabet three places down the line k. Caesar cipher is susceptible to a s ciphertext only For example, Plaintext—_hellow world Giphertext__ KHOOR ZRUOG lext to produce to ciphertext is one in which the letters of plaintext are replaced by fs a special case of substitution techniques wherein each alphabet in ai ed Cpr DRE FGHTJKLMNOPQRSTUVY below abedetehijkimnoparstuvwrye O12 FAS CTHYMUNRGNB ET BMAD AB ©The algorithm can be expressed as follows. For each plaintext letter P, substitute the ciphertext letter C © = FG, P)= (P+ 3) mod 26 © A shift may be of any amount, so that the general Caesar algorithm is © = FIK, P) = (P+ k) mod 26 where K = Values from 1 to. 1. Stream ciphers operate on smaller units of Block ciphers operate on larger block of | ata, Symmetnc Key Cryptography ce of bits, then substitution involves replacing,