CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

UNIT I-INTRODUCTION

Basics of Cryptography, Conventional and Public-Key Cryptography, Hash Functions,

Authentication, and Digital Signatures.

 Network security is the control of unwanted intrusion into, use of, or damage to
communications on a computer network. This includes monitoring for abuses, looking for
protocol errors, blocking non approved transmissions, and responding to problems promptly and
accurately.
 Network security is also about supporting essential communication necessary to the
organization’s mission and goals, avoiding the unapproved use of resources, and ensuring the
integrity of the information traversing the network.
 Network security includes elements that prevent unauthorized access and actions while
supporting desirable activities, such as accessing customer records or managing inventory.
 This is hard to do efficiently, cost effectively, and transparently. Efficient network security
provides quick and easy access to resources for users. Cost-effective network security controls
user access to resources and services, as long as the risks justify the control costs.
 Transparent network security supports the mission and goals of the organization through
enforcement of the organization’s network security policies, without unnecessary steps or delay
of valid users performing legitimate tasks.
 Computer networking technology is changing and improving faster today than ever before.
Wireless connectivity is now a realistic option for most organizations and individuals. Malicious
hackers are becoming more adept at using every means available to steal identities, intellectual
property, and money.

1. BASICS OF CRYPTOGRAPHY

What is cryptography?
 Need of cryptography
1. Confidentiality
2. Integrity
3. Authenticity

1
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 Types of cryptography
 Symmetric (or Secret Key) Cryptography
 Asymmetric (or Public Key) Cryptography
 Data Encryption
 Digital Signature

 The word cryptography comes from the Greek words (hidden or secret) and (writing).
 So, cryptography is the art of secret writing. The basic service provided by cryptography is the
ability to send information between participants in a way that prevents others from reading it.
 This kind of cryptography can provide other services, such as integrity checking—reassuring the
recipient of a message that the message has not been altered since it was generated by a
legitimate source, authentication—verifying someone’s (or something’s) identity.
 There are three basic kinds of cryptographic functions: hash functions, secret key functions,
and public key functions.
 A message in its original form is known as plaintext or cleartext. The mangled information is
known as ciphertext. The process for producing ciphertext from plaintext is known as
encryption. The reverse of encryption is called decryption.

Cryptography allows the following 3 objectives to be achieved:

 Confidentiality: Cryptography protects the secrecy of information. Even if the transmission or

storage medium has been compromised, the encrypted information will be render useless to
unauthorized person.
 Integrity: Cryptography ensures the information has not been tampered with using hashing
method.
 Authenticity: Cryptography ensures the information sent is from intended and not fake sender.
This done using digital certificate, digital signature and Public Key Infrastructure (PKI).

Cryptography can be further divided into:

2
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 Symmetric (or Secret Key) Cryptography

 Asymmetric (or Public Key) Cryptography

What is Symmetric Cryptography?

 In symmetric cryptography, both sender and receiver uses the same secret key to encrypt and
decrypt a message.
 Some of the algorithms includes Blowfish, AES, RC4, DES, RC5, and RC6. The most widely
used symmetric algorithm is AES-128, AES-192, and AES-256. All AES algorithms uses the
block size of 128-bit but different size of key lengths (128, 192, 256).

What is Asymmetric Cryptography?

 Asymmetric cryptography uses a key pairs — public and private key. It works in a way,
message encrypted with either public or private key can only be decrypted using the other key of
the pair.
 That is public key to encrypt, private key to decrypt and private key to encrypt, public key to
decrypt.
 Public keys are disseminated in public network whereas private keys are only known to the
owners. This key pair cryptography differs from symmetric cryptography which uses one secret
key.

Some of the algortihms includes RSA, ELC, Diffie-Helman key exchange, etc.

Asymmetric Cryptography has 2 usages, data encryption and digital signature.

1. Data Encryption
 For data encryption, a sender encryptes an information with receiver’s public key. The
message can only be decrypted using receiver’s private key which is only known to the
receiver.

Encrypting a Message

1. Sender encrypts a document with one time symmetric key. This is typically AES or DES
Session Key.

3
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

2. Sender encrypts the symmetric key with receiver’s public key

3. Sender sends both encrypted document and key.

Decrypting a Message

1. Receiver decrypts the session key using own private key.

2. Receiver uses decrypted session key to decrypt the message.

2. Digital Signature

 Digital Signature is simply encryption of hash of a message using private key

Performing a Digital Signature

1. Sender hashes the original message.

2. Sender ciphers the hashed message with own private key to produce a signature.

3. Sender sends the original message together with signature.

Verifying a Digital Signature

1. Receiver uses the sender public key to decrypt the signature. The outcome is the hashed
message.

2. Receiver hashes the original message.

3. Receiver compares the hashes from step 1 and 2.

What is hashing?

 Hashing converts input data to output random data of fixed size (digest). This is a one way
function, hence the original input data cannot be derive dfrom the output.
 One usage of hashing is instead of storing password in clear text, we store the hashed password.
Even if the hashed passwords were to be compromised, the nature of hashing makes it difficult to
retrieve the clear password.

4
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 Some of the commonly used hashing algorithms include MD5, SHA-1, bcrypt, Whirlpool,
SHA-2 and SHA-3.

2. CONVENTIONAL AND PUBLIC-KEY CRYPTOGRAPHY

 Symmetric Cipher Model

 Cryptography
 Cryptanalysis and Brute-Force Attack
 Public Key Encryption
 Principles of Public-Key Cryptosystems
Public-Key Cryptosystems
Applications for Public-Key Cryptosystems
Requirements for Public-Key Cryptography
Public-Key Cryptanalysis

 An original message is known as the plaintext, while the coded message is called the ciphertext.
 The process of converting from plaintext to ciphertext is known as enciphering or encryption;
restoring the plaintext from the ciphertext is deciphering or decryption.
 The many schemes used for encryption constitute the area of study known as cryptography. Such a
scheme is known as a cryptographic system or a cipher.
 Techniques used for deciphering a message without any knowledge of the enciphering details fall
into the area of cryptanalysis. Cryptanalysis is what the layperson calls “breaking the code.” The
areas of cryptography and cryptanalysis together are called cryptology.

2.1 SYMMETRIC CIPHER MODEL

A symmetric encryption scheme has five ingredients (Figure 1.1):

 Plaintext: This is the original intelligible message or data that is fed into the algorithm as
input.

5
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure: 1.1 Simplified Model of Symmetric Encryption

 Encryption algorithm: The encryption algorithm performs various substitutions and

transformations on the plaintext.
 Secret key: The secret key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The algorithm will produce a different
output depending on the specific key being used at the time. The exact substitutions and
transformations performed by the algorithm depend on the key.
 Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the secret key. For a given message, two different keys will produce two
different ciphertexts. The ciphertext is an apparently random stream of data and, as it
stands, is unintelligible.
 Decryption algorithm: This is essentially the encryption algorithm run in reverse. It
takes the ciphertext and the secret key and produces the original plaintext.

There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to

be such that an opponent who knows the algorithm and has access to one or more
ciphertexts would be unable to decipher the ciphertext or figure out the key. This
requirement is usually stated in a stronger form: The opponent should be unable to
decrypt ciphertext or discover the key even if he or she is in possession of a number of
ciphertexts together with the plaintext that produced each ciphertext.

6
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

2. Sender and receiver must have obtained copies of the secret key in a secure fashion and
must keep the key secure. If someone can discover the key and knows the algorithm, all
communication using this key is readable.

Figure: 1.2 Model of Symmetric Cryptosystem

 Let us take a closer look at the essential elements of a symmetric encryption scheme, using Figure
1.2. A source produces a message in plaintext, X = [X1, X2, c, XM]. The M elements of X are letters
in some finite alphabet.
 Traditionally, the alphabet usually consisted of the 26 capital letters. Nowadays, the binary alphabet
{0, 1} is typically used.
 For encryption, a key of the form K = [K1, K2, c, KJ] is generated. If the key is generated at the
message source, then it must also be provided to the destination by means of some secure channel.
Alternatively, a third party could generate the key and securely deliver it to both source and
destination.
 With the message X and the encryption key K as input, the encryption algorithm forms the ciphertext
Y = [Y1, Y2, c, YN]. We can write this as

𝒀 = 𝑬 (𝑲, 𝑿)

 This notation indicates that Y is produced by using encryption algorithm E as a function of the
plaintext X, with the specific function determined by the value of the key K.

7
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

The intended receiver, in possession of the key, is able to invert the transformation:

𝑿 = 𝑫 (𝑲, 𝒀)

 An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X
and K. It is assumed that the opponent knows the encryption (E) and decryption (D) algorithms.
 If the opponent is interested in only this particular message, then the focus of the effort is to recover
X by generating a plaintext estimate 𝑋̂ .
 Often, however, the opponent is interested in being able to read future messages as well, in which
̂.
case an attempt is made to recover K by generating an estimate 𝐾

Cryptography

Cryptographic systems are characterized along three independent dimensions:

 The type of operations used for transforming plaintext to ciphertext. All encryption algorithms
are based on two general principles: substitution, in which each element in the plaintext (bit, letter,
group of bits or letters) is mapped into another element, and transposition, in which elements in the
plaintext are rearranged. The fundamental requirement is that no information be lost (i.e., that all
operations are reversible). Most systems, referred to as product systems, involve multiple stages of
substitutions and transpositions.
 The number of keys used. If both sender and receiver use the same key, the system is referred to as
symmetric, single-key, secret-key, or conventional encryption. If the sender and receiver use
different keys, the system is referred to as asymmetric, two-key, or public-key encryption.
 The way in which the plaintext is processed. A block cipher processes the input one block of
elements at a time, producing an output block for each input block. A stream cipher processes the
input elements continuously, producing output one element at a time, as it goes along.

Cryptanalysis and Brute-Force Attack

Typically, the objective of attacking an encryption system is to recover the key in use rather than simply
to recover the plaintext of a single ciphertext. There are two general approaches to attacking a
conventional encryption scheme:

8
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some
knowledge of the general characteristics of the plaintext or even some sample plaintext–
ciphertext pairs. This type of attack exploits the characteristics of the algorithm to attempt to
deduce a specific plaintext or to deduce the key being used.
 Brute-force attack: The attacker tries every possible key on a piece of ciphertext until an
intelligible translation into plaintext is obtained. On average, half of all possible keys must be
tried to achieve success.

2.2 PUBLIC-KEY CRYPTOGRAPHY

Principles of Public-Key Cryptosystems

Public-Key Cryptosystems:
 Asymmetric algorithms rely on one key for encryption and a different but related key for
decryption. These algorithms have the following important characteristic.
 It is computationally infeasible to determine the decryption key given only knowledge of
the cryptographic algorithm and the encryption key.
 In addition, some algorithms, such as RSA, also exhibit the following characteristic.
 Either of the two related keys can be used for encryption, with the other used for
decryption.
 A public-key encryption scheme has six ingredients (Figure 1.3 a; compare with Figure 1.1).
 Plaintext: This is the readable message or data that is fed into the algorithm as input.

9
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure: 1.3 Public-Key Cryptography

 Encryption algorithm: The encryption algorithm performs various transformations on

the plaintext.
 Public and private keys: This is a pair of keys that have been selected so that if one is
used for encryption, the other is used for decryption. The exact transformations
performed by the algorithm depend on the public or private key that is provided as input.
 Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the key. For a given message, two different keys will produce two different
ciphertexts.
 Decryption algorithm: This algorithm accepts the ciphertext and the matching key and
produces the original plaintext.

The essential steps are the following.

1. Each user generates a pair of keys to be used for the encryption and decryption of messages.
2. Each user places one of the two keys in a public register or other accessible file. This is the
public key. The companion key is kept private. As Figure 2.3a suggests, each user maintains
a collection of public keys obtained from others.
3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message using
Alice’s public key.

10
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

4. When Alice receives the message, she decrypts it using her private key. No other recipient
can decrypt the message because only Alice knows Alice’s private key.

Let us take a closer look at the essential elements of a public-key encryption scheme, using Figure 9.2
(compare with Figure 2.2). There is some source A that produces a message in plaintext, X = [X1, X2, …
, XM]. The M elements of X are letters in some finite alphabet. The message is intended for destination
B. B generates

Table 1.1 Conventional and Public-Key Encryption

a related pair of keys: a public key, 𝑃𝑈𝑏 and a private key, 𝑃𝑅𝑏 . 𝑃𝑅𝑏 is known only to B, whereas 𝑃𝑈𝑏
is publicly available and therefore accessible by A. With the message X and the encryption key 𝑃𝑈𝑏 as
input, A forms the ciphertext 𝑌 = [𝑌1, 𝑌2, … , 𝑌𝑁]:

𝒀 = 𝑬(𝑷𝑼𝒃 , 𝑿)

The intended receiver, in possession of the matching private key, is able to invert the transformation:

𝑿 = 𝑫(𝑷𝑹𝒃 , 𝒀)

11
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure: 1.4 Public-Key Cryptosystem: Secrecy

An adversary, observing Y and having access to 𝑃𝑈𝑏 , but not having access to 𝑃𝑅𝑏 or X, must attempt to
recover X and/or 𝑃𝑅𝑏 . It is assumed that the adversary does have knowledge of the encryption (E) and
decryption (D) algorithms. If the adversary is interested only in this particular message, then the focus of
effort is to recover X by generating a plaintext estimate 𝑋̂ . Often, however, the adversary is interested in
being able to read future messages as well, in which case an attempt is made to recover 𝑃𝑅𝑏 by
̂ 𝑏.
generating an estimate 𝑃𝑅

Applications for Public-Key Cryptosystems

 Public-key systems are characterized by the use of a cryptographic algorithm with two keys, one
held private and one available publicly.
 Depending on the application, the sender uses either the sender’s private key or the receiver’s public
key, or both, to perform some type of cryptographic function. In broad terms, we can classify the use
of public-key cryptosystems into three categories
 Encryption/decryption: The sender encrypts a message with the recipient’s public key.

12
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 Digital signature: The sender “signs” a message with its private key. Signing is achieved by
a cryptographic algorithm applied to the message or to a small block of data that is a function
of the message.
 Key exchange: Two sides cooperate to exchange a session key. Several different approaches
are possible, involving the private key(s) of one or both parties.

Requirements for Public-Key Cryptography

The cryptosystem illustrated in Figures 1.4 through 1.5 depends on a cryptographic algorithm based on
two related keys. Diffie and Hellman postulated this system without demonstrating that such algorithms
exist. However, they did lay out the conditions that such algorithms must fulfill [DIFF76b].

1. It is computationally easy for a party B to generate a pair (public key 𝑃𝑈𝑏 , private key 𝑃𝑅𝑏 ).

2. It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M,
to generate the corresponding ciphertext:

𝑪 = 𝑬(𝑷𝑼𝒃 , 𝑴)

3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to
recover the original message:

𝑴 = 𝑫(𝑷𝑹𝒃 , 𝑪) = 𝑫[𝑷𝑹𝒃 , 𝑬(𝑷𝑼𝒃 , 𝑴)]

4. It is computationally infeasible for an adversary, knowing the public key, 𝑃𝑈𝑏 , to determine the
private key, 𝑃𝑅𝑏 .

13
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure:1.5 Public-Key Cryptosystem: Authentication and Secrecy

5. It is computationally infeasible for an adversary, knowing the public key, 𝑃𝑈𝑏 , and a ciphertext, C, to
recover the original message, M. We can add a sixth requirement that, although useful, is not necessary
for all public-key applications:

6. The two keys can be applied in either order:

𝑴 = 𝑫[𝑷𝑼𝒃 , 𝑬(𝑷𝑹𝒃 , 𝑴)] = 𝑫[𝑷𝑹𝒃 , 𝑬(𝑷𝑼𝒃 , 𝑴)]

Public-Key Cryptanalysis

 As with symmetric encryption, a public-key encryption scheme is vulnerable to a brute-force

attack. The countermeasure is the same: Use large keys. However, there is a tradeoff to be
considered.
 Public-key systems depend on the use of some sort of invertible mathematical function. The
complexity of calculating these functions may not scale linearly with the number of bits in the
key but grow more rapidly than that.
 Thus, the key size must be large enough to make brute-force attack impractical but small enough
for practical encryption and decryption.

14
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 In practice, the key sizes that have been proposed do make brute-force attack impractical but
result in encryption/ decryption speeds that are too slow for general-purpose use.
 Instead, as was mentioned earlier, public-key encryption is currently confined to key
management and signature applications.

3. HASH FUNCTIONS

 Applications of Cryptographic Hash Functions

 Message Authentication
 Digital Signatures

 A hash function 𝐻 accepts a variable-length block of data 𝑀 as input and produces a fixed-size
hash value ℎ = 𝐻(𝑀). A “good” hash function has the property that the results of applying the
function to a large set of inputs will produce outputs that are evenly distributed and apparently
random. In general terms, the principal object of a hash function is data integrity.
 A change to any bit or bits in M results, with high probability, in a change to the hash code. The
kind of hash function needed for security applications is referred to as a cryptographic hash
function.
 A cryptographic hash function is an algorithm for which it is computationally infeasible (because
no attack is significantly more efficient than brute force) to find either (a) a data object that maps
to a pre-specified hash result (the one-way property) or (b) two data objects that map to the same
hash result (the collision-free property).
 Because of these characteristics, hash functions are often used to determine whether or not data
has changed.

15
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure: 1.6 Cryptographic Hash Function; 𝒉 = 𝑯(𝑴)

 Figure 1.6 depicts the general operation of a cryptographic hash function. Typically, the input is
padded out to an integer multiple of some fixed length (e.g., 1024 bits), and the padding includes
the value of the length of the original message in bits.
 The length field is a security measure to increase the difficulty for an attacker to produce an
alternative message with the same hash value.

Applications of Cryptographic Hash Functions

1. Message Authentication:

 Message authentication is a mechanism or service used to verify the integrity of a message.

Message authentication assures that data received are exactly as sent (i.e., contain no
modification, insertion, deletion, or replay).
 When a hash function is used to provide message authentication, the hash function value is
often referred to as a message digest.
 The essence of the use of a hash function for message authentication is as follows.
 The sender computes a hash value as a function of the bits in the message and transmits both
the hash value and the message.

16
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 The receiver performs the same hash calculation on the message bits and compares this value
with the incoming hash value. If there is a mismatch, the receiver knows that the message (or
possibly the hash value) has been altered (Figure 1.7a).

Figure: 1.7 Attack Against Hash Function

 The hash function must be transmitted in a secure fashion. That is, the hash function must be
protected so that if an adversary alters or replaces the message, it is not feasible for adversary to
also alter the hash value to fool the receiver.
 This type of attack is shown in Figure 1.7b. In this example, Alice transmits a data block and
attaches a hash value. Darth intercepts the message, alters or replaces the data block, and
calculates and attaches a new hash value.

17
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 Bob receives the altered data with the new hash value and does not detect the change. To prevent
this attack, the hash value generated by Alice must be protected.
 Figure 1.8 illustrates a variety of ways in which a hash code can be used to provide message
authentication, as follows.

Figure 1.8 Simplified Examples of the Use of a Hash Function for Message Authentication
1. The message plus concatenated hash code is encrypted using symmetric encryption. Because
only A and B share the secret key, the message must have come from A and has not been altered.
The hash code provides the structure or redundancy required to achieve authentication. Because
encryption is applied to the entire message plus hash code, confidentiality is also provided.
2. Only the hash code is encrypted, using symmetric encryption. This reduces the processing
burden for those applications that do not require confidentiality.

18
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

3. It is possible to use a hash function but no encryption for message authentication. The technique
assumes that the two communicating parties share a common secret value S. A computes the
hash value over the concatenation of M and S and appends the resulting hash value to M.
Because B possesses S, it can recomputed the hash value to verify. Because the secret value itself
is not sent, an opponent cannot modify an intercepted message and cannot generate a false
message.
4. Confidentiality can be added to the approach of method (c) by encrypting the entire message plus
the hash code.

2. Digital Signatures:

Another important application, which is similar to the message authentication application, is the
digital signature. The operation of the digital signature is similar to that of the MAC. In the case
of the digital signature, the hash value of a message is encrypted with a user’s private key.
Anyone who knows the user’s public key can verify the integrity of the message that is
associated with the digital signature.

Figure: 1.9 Simplified Examples of Digital Signatures

19
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

a. The hash code is encrypted, using public-key encryption with the sender’s private key.
As with Figure 1.8b, this provides authentication. It also provides a digital signature,
because only the sender could have produced the encrypted hash code. In fact, this is the
essence of the digital signature technique.
b. If confidentiality as well as a digital signature is desired, then the message plus the
private-key-encrypted hash code can be encrypted using a symmetric secret key. This is a
common technique.

4. AUTHENTICATION

 In spy movies, when two agents who don’t know each other must rendezvous, they are each
given a password or pass phrase that they can use to recognize one another.
 For example, Alice’s secret phrase might be “The moon is bright tonight.” Bob’s response might
be “Not as bright as the sun.”
 If Alice were not talking to the real Bob, she will have divulged the secret phrase to the imposter.
Even if she is talking to Bob, she may have also divulged the secret phrase to an eavesdropper.
 The term strong authentication means that someone can prove knowledge of a secret without
revealing it. Strong authentication is possible with cryptography.
 Strong authentication is particularly useful when two computers are trying to communicate over
an insecure network (since few people can execute cryptographic algorithms in their heads).
 Suppose Alice wants to make sure she is talking to Bob, and they share a key 𝐾𝐴𝐵 . Alice picks a
random number 𝑟𝐴 , encrypts it with 𝐾𝐴𝐵 . , and sends that to Bob.
 The quantity {𝑟𝐴 }𝐾𝐴𝐵 . is known as a challenge. Bob decrypts the challenge and sends 𝑟𝐴 to
Alice. This is known as Bob’s response to the challenge {𝑟𝐴 }𝐾𝐴𝐵 .. Alice knows that she is
speaking to someone who knows 𝐾𝐴𝐵 . because the response matches 𝑟𝐴 . See Figure 1.10.

Figure: 1.10 Challenge–Response Authentication with Shared Secret

20
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

5. DIGITAL SIGNATURES

 Digital Signatures
 Properties
 Attacks and Forgeries
 Digital Signature Requirements
 Direct Digital Signature

 The most important development from the work on public-key cryptography is the digital
signature. The digital signature provides a set of security capabilities that would be difficult to
implement in any other way.
 Figure 1.11 is a generic model of the process of making and using digital signatures. Bob can
sign a message using a digital signature generation algorithm.
 The inputs to the algorithm are the message and Bob’s private key. Any other user, say Alice,
can verify the signature using a verification algorithm, whose inputs are the message, the
signature, and Bob’s public key.
 Message authentication protects two parties who exchange messages from any third party.
However, it does not protect the two parties against each other. Several forms of dispute between
the two are possible.
 For example, suppose that John sends an authenticated message to Mary, using one of the
schemes of Figure 1.11. Consider the following disputes that could arise.

21
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure: 1.11 Basic Uses of Message Encryption

1. Mary may forge a different message and claim that it came from John. Mary would simply have
to create a message and append an authentication code using the key that John and Mary share.
2. John can deny sending the message. Because it is possible for Mary to forge a message, there is
no way to prove that John did in fact send the message.

22
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Figure 1.12Simplified Depiction of Essential Elements of Digital Signature Process

 Both scenarios are of legitimate concern. Here is an example of the first scenario: An electronic
funds transfer takes place, and the receiver increases the amount of funds transferred and claims
that the larger amount had arrived from the sender.
 An example of the second scenario is that an electronic mail message contains instructions to a
stockbroker for a transaction that subsequently turns out badly. The sender pretends that the
message was never sent.

The digital signature must have the following properties:

 It must verify the author and the date and time of the signature.
 It must authenticate the contents at the time of the signature.
 It must be verifiable by third parties, to resolve disputes.

23
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Thus, the digital signature function includes the authentication function.

Attacks and Forgeries

Lists the following types of attacks, in order of increasing severity. Here A denotes the user whose
signature method is being attacked, and C denotes the attacker.

 Key-only attack: C only knows A’s public key.

 Known message attack: C is given access to a set of messages and their signatures.
 Generic chosen message attack: C chooses a list of messages before attempting to breaks
A’s signature scheme, independent of A’s public key. C then obtains from A valid signatures
for the chosen messages. The attack is generic, because it does not depend on A’s public key;
the same attack is used against everyone.
 Directed chosen message attack: Similar to the generic attack, except that the list of
messages to be signed is chosen after C knows A’s public key but before any signatures are
seen.
 Adaptive chosen message attack: C is allowed to use A as an “oracle.” This means that C
may request from A signatures of messages that depend on previously obtained message-
signature pairs.

Then defines success at breaking a signature scheme as an outcome in which C can do any of the
following with a non-negligible probability:

 Total break: C determines A’s private key.

 Universal forgery: C finds an efficient signing algorithm that provides an equivalent way of
constructing signatures on arbitrary messages.
 Selective forgery: C forges a signature for a particular message chosen by C.
 Existential forgery: C forges a signature for at least one message. C has no control over the
message. Consequently, this forgery may only be a minor nuisance to A.

24
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

Digital Signature Requirements

On the basis of the properties and attacks just discussed, we can formulate the following requirements
for a digital signature.

 The signature must be a bit pattern that depends on the message being signed.
 The signature must use some information unique to the sender to prevent both forgery and
denial.
 It must be relatively easy to produce the digital signature.
 It must be relatively easy to recognize and verify the digital signature.
 It must be computationally infeasible to forge a digital signature, either by constructing a
new message for an existing digital signature or by constructing a fraudulent digital signature
for a given message.
 It must be practical to retain a copy of the digital signature in storage.

Direct Digital Signature

 The term direct digital signature refers to a digital signature scheme that involves only the
communicating parties (source, destination). It is assumed that the destination knows the public
key of the source.
 Confidentiality can be provided by encrypting the entire message plus signature with a shared
secret key (symmetric encryption). Note that it is important to perform the signature function
first and then an outer confidentiality function. In case of dispute, some third party must view the
message and its signature.
 If the signature is calculated on an encrypted message, then the third party also needs access to
the decryption key to read the original message.
 However, if the signature is the inner operation, then the recipient can store the plaintext
message and its signature for later use in dispute resolution.
 The validity of the scheme just described depends on the security of the sender’s private key. If a
sender later wishes to deny sending a particular message, the sender can claim that the private
key was lost or stolen and that someone else forged his or her signature.
 Administrative controls relating to the security of private keys can be employed to thwart or at
least weaken this ploy, but the threat is still there, at least to some degree.

25
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 One example is to require every signed message to include a timestamp (date and time) and to
require prompt reporting of compromised keys to a central authority.

2 Marks Questions in unit-1

1. Define cryptography?
A message in its original form is known as plaintext or cleartext. The mangled information is
known as ciphertext. The process for producing ciphertext from plaintext is known as
encryption. The reverse of encryption is called decryption.
2. What are the basic principles of cryptography?
 Confidentiality: Cryptography protects the secrecy of information. Even if the transmission
or storage medium has been compromised, the encrypted information will be render useless
to unauthorized person.
 Integrity: Cryptography ensures the information has not been tampered with using hashing
method.
 Authenticity: Cryptography ensures the information sent is from intended and not fake
sender. This done using digital certificate, digital signature and Public Key Infrastructure
(PKI).
3. How many keys are there in cryptography?
Symmetric key cryptography makes use of only one key, asymmetric key cryptography, also
known as public key cryptography, utilizes two keys: a public key and a private key. The public
key is used to encrypt data sent from the sender to the receiver and is shared with everyone.
4. What is cryptanalysis and cryptography?
Cryptography is an art of writing hidden messages. It is a historical (or) forensic approach.
Cryptanalysis is the process of analyzing hidden messages. It is a statistical (or) analytical
approach.

26
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

5. Differentiate conventional (symmetric) from public key (asymmetric) encryption.

6. What are the requirements for the use of a public-key certificate scheme?
Four requirements can be placed on this particular scheme:
1. Any participant can read a certificate to determine the name and public keyof the
certificate’s owner
2. Any participant can read a certificate to determine the name and public key of the
certificate’s owner
3. Only the certificate authority can create and update certificates
4. Any participant can verify the currency of the certificate
7. Compare the symmetric and asymmetric key cryptography
Symmetric Encryption uses a single secret key that needs to be shared among the people who
needs to receive the message while Asymmetric encryption uses a pair of public key, and a
private key to encrypt and decrypt messages when communicating.
1. Symmetric Encryption is an age old technique while asymmetric Encryption is relatively
new.
2. Asymmetric Encryption was introduced to complement the inherent problem of the need
to share the key in symmetric encryption model eliminating the need to share the key by
using a pair of public-private keys.
8. What is a hash function?
A hash function H is a transformation that takes a variable-size input m and returns a fixed-size
string, which is called the hash value h (that is, h = H(m)). Hash functions with just this property

27
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

have a variety of general computational uses, but when employed in cryptography the hash
functions are usually chosen to have some additional properties.
9. What is the application of hash function?
Message Authentication:
 Message authentication is a mechanism or service used to verify the integrity of a message.
Message authentication assures that data received are exactly as sent (i.e., contain no
modification, insertion, deletion, or replay).
 When a hash function is used to provide message authentication, the hash function value is
often referred to as a message digest.

Digital Signatures:

 Another important application, which is similar to the message authentication application, is

the digital signature. The operation of the digital signature is similar to that of the MAC.
 In the case of the digital signature, the hash value of a message is encrypted with a user’s
private key.
10. What is a digital signature?
A digital signature is a cryptographic output used to verify the authenticity of data. A digital
signature algorithm allows for two distinct operations: a signing operation, which uses a signing
key to produce a signature over raw data.
11. List out the properties of digital signature?
 It must verify the author and the date and time of the signature.
 It must authenticate the contents at the time of the signature.
 It must be verifiable by third parties, to resolve disputes.
12. What are the examples of authentication in network security?
Authentication factors can include passwords, security tokens (like keys or smart cards), and
biometric verification such as fingerprint scans.
13. What is the conventional encryption scheme?
There are two general approaches to attacking a conventional encryption scheme:
 Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps
some knowledge of the general characteristics of the plaintext or even some sample

28
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

plaintext–ciphertext pairs. This type of attack exploits the characteristics of the

algorithm to attempt to deduce a specific plaintext or to deduce the key being used.
 Brute-force attack: The attacker tries every possible key on a piece of ciphertext until
an intelligible translation into plaintext is obtained. On average, half of all possible keys
must be tried to achieve success.
14. List out the types of attacks in order to increasing severity.
 Key-only attack
 Known message attack
 Generic chosen message attack
 Directed chosen message attack
 Adaptive chosen message attack
15. What is meant by cryptography and cryptanalysis?
Cryptography is an art of writing hidden messages. It is a historical (or) forensic approach.
Cryptanalysis is the process of analyzing hidden messages. It is a statistical (or) analytical approach.

16. What are the two basic functions used in encryption algorithms.
All the encryption algorithms are based on two general principles:
 Substitution: In which each element in the plaintext is mapped into another element.
 Transposition: In which elements in the plaintext are rearranged. The fundamental
requirement is that no information be lost.
17. What do you mean by cryptanalysis?
 Techniques used for deciphering a message without any knowledge of the enciphering
details fall into the area of cryptanalysis. Cryptanalysis is what the layperson calls
“breaking the code.”The areas of cryptography and cryptanalysis together are called
cryptology.
 Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge
of the general characteristics of the plaintext or even some sample plaintext–ciphertext
pairs. This type of attack exploits the characteristics of the algorithm to attempt to
deduce a specific plaintext or to deduce the key being used
18. Define – Key and Plaintext.
In cryptography, a key is defined as a piece of information that determines the functional

29
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

output of a cryptographic algorithm or cipher. In encryption, a key specifies the particular

transformation of plaintext into ciphertext or vice versa during decryption. Plaintext is ordinary
readable text before being encrypted into ciphertext or after being decrypted.

19. Mention the application of public key cryptography.

Encryption/decryption: The sender encrypts a message with the recipient‟s public key.
Digital signature: The sender “signs” a message with its private key. Signing is achieved by a
cryptographic algorithm applied to the message or to a small block of data that is a function of
the message.
Key exchange: Two sides cooperate to exchange a session key. Several different approaches
are possible, involving the private key(s) of one or both parties.

20. State whether symmetric and asymmetric cryptographic algorithms require key exchange.
Both symmetric and asymmetric cryptographic algorithms require key exchange. Key exchange
(also known as "key establishment") is any method in cryptography by which cryptographic keys are
exchanged between two parties, allowing use of a cryptographic algorithm. If the cipher is a
symmetric key cipher, both will need a copy of the same key. If an asymmetric key cipher with the
public/private key property, both will need the other's public key.
21. Mention the significance of signature function in Digital Signature Standard(dss)
approach.
 The DSS approach makes use of a hash function. The hash code is provided as input
to a signature function along with a random number generated for this particular
signature.
 The signature function also depends on the sender’s private key [PRa]and a set of
parameters known to a group of communicating principals.
 This set to constitute a global public key [PUg]. The result is a signature consisting of
two components, labeled s and r.

 At the receiving end, the hash code of the incoming message is generated. This plus
the signature is input to a verification function.
 The verification function also depends on the global public key[PU g] as well as the
sender’s public key [PUa], which is paired with the sender’s private key.

30
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

 The output of the verification function is a value that is equal to the signature
component if the signature is valid.
 The signature function is such that only the sender, with knowledge of the private key,
could have produced the valid signature

22. List the authentication requirements.

Specify the requirements for message authentication.
 Disclosure
 Traffic analysis
 Masquerade
 Content identification
 Sequence modification
 Timing modification
 Source repudiation
 Destination repudiation

23. Define hashing function

Hash function accepts a variable size message M as input and produces a fixed-
size output, referred to as hash code H(M). A hash code does not use a key but is a
function only of the input message. The hash code is also referred to as a message digest
or hash value.
A hash value h is generated by a function H of the form
h = H(M)
where M is a variable-length message and H(M) is the fixed-length hash value

24. What are the properties of hashing function in cryptography?

 H can be applied to a block of data of any size.
 H produces a fixed-length output.
 H(x) is relatively easy to compute for any given x, making both hardware and
software implementations practical.
 For any given value h, it is computationally infeasible to find x such that H(x)= h.
This is sometimes referred to as the one-way property.
 For any given block x, it is computationally infeasible to find y x such that H(y) =

31
 CCS354 NETWORK SECURITY (UNIT-1 INTRODUCTION)

H(x). This is sometimes referred to as weak collision resistance

 It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). This is
sometimes referred to as strong collision resistance
25. What do you mean by one-way property in hash function?
 H is one-way, for any given value h, it is computationally infeasible to find x
such that H(x) = h.
 One-way property states that it is easy to generate a code given a message but
virtually impossible to generate a message given a code.
 This property is essential for authentication.
26. What are the security services provided by digital signature?
 Authentication - The assurance that the communicating entity is the one that
it claims to be.
 Data Integrity - The assurance that data received are exactly as sent by an
authorized entity (i.e., contain no modification, insertion, deletion, or replay).
 Non-repudiation - Provides protection against denial by one of the entities
involved in a communication of having participated in all or part of the
communication.
Part-B important questions in Unit-1
1. (i) Write and explain the digital signature algorithm. (8) (ii) Explain in detail Hash Functions. (8)
2. Write a detailed note on Digital signatures schemes and its properties and their requirements.
(NOV2011, NOV2010, DEC 2016, APR 2017)
3. Describe about Hash Function. How its algorithm is designed? Explain its features & properties?
4. Explain the principle of public key encryption?
5. Explain symmetric and public key cryptography schemes. Use small examples to illustrate your
claims. State relative advantages of each scheme.
6. What is the need of authentication? Explain various authentication function.(8)

32