Fundamental of

Software Security
 Chapter 3:
Cryptography

Overview of Encryption Techniques

cryptanalysis
Symmetric cryptography (DES, AES)

Public key cryptography (RSA)

Key management and exchange

Cryptographic hash functions

and certificates
 Introduction to Encryption
• Consider a scenario in which Alice is a bank customer who wants to
communicate with her bank’s customer service representative, Bob, over a
computer network.
• Alice may first need to authenticate herself to Bob by sending her account
number and PIN.
• If Alice sends her account number and PIN to Bob without any encryption,
then an attacker may be able to intercept Alice’s credentials and
impersonate Alice.
• We can use an encryption algorithm to protect the confidentiality of data
exchanged between Alice and Bob.
• When Alice encrypts data, the message that she sends to Bob will look like
garbage to every body else but Bob.
• Bob can use a decryption algorithm to decode the message
 Overview of Cryptanalysis
• Cryptanalysis is a means to decrypt cipher text, ciphers, and
cryptosystems.
• It works by understanding how they work to find ways to crack them
despite the lack of plaintext source, encryption key, or algorithm used to
mask information
• A cipher, meanwhile, is an algorithm used to encrypt or decrypt data. It is
a series of well-defined steps to follow to encrypt or decrypt plaintext.

• Finally, a cryptosystem is a suite of cryptographic algorithms used to

secure or encrypt information.

• It typically uses three algorithms one for key generation, another for
encryption, and one more for decryption.
 Cryptography and Encryption Techniques

❖ Cryptography is the science of protecting information and communications

using secret codes through encryption and related processes.
❖ It is a process to change the form of any message in order to protect it from
reading by anyone / change in to meaning less form.
❖ Encryption is a technique to achieve cryptography that makes data
incomprehensible to ensure its confidentiality.
❖ Encryption is required for confidentiality and authentication (to assure that a
message comes from the alleged source).
 Cont.
❖ Terminology
▪ Cryptography: Schemes for encryption and decryption; It comes from the Greek words for
secret writing.
▪ Encryption: The process by which plaintext is converted into ciphertext.

▪ Decryption: Recovering plaintext from the ciphertext.

▪ Secret key: Used by the encryption algorithm.

▪ Cryptanalysis: The study of “breaking the code”. Cryptanalysts!

▪ Cryptology: field of both Cryptography and cryptanalysis (Cryptography + cryptanalysis).

 Cont.
❖ Cryptography has five ingredients
▪ Plaintext: the original message that is fed into the algorithm as input.

▪ Encryption algorithm: performs various substitutions and transformations on the

plaintext

▪ Secret Key: is also input to the algorithm; the exact substitutions and transformations
performed by the algorithm depend on the key; larger key size means greater security but
may decrease encryption/decryption speed.

▪ Ciphertext: the scrambled message produced as output. It depends on the plaintext and
the secret key. (the coded message).

▪ Decryption algorithm: the encryption algorithm run in reverse / the translation of

encrypted data in to original text.
 Cont…
• Encryption and decryption transform a plaintext message into an unreadable cipher
text and back into plaintext using cryptographic techniques.

• A sender S wants to transmit message M to a receiver R

• To protect the message M, the sender first encrypts it into an unintelligible

message M’
• After receipt of M’, R decrypts the message to obtain M

• M is called the plaintext: what we want to encrypt

• M’ is called the ciphertext: the encrypted output

▪ Alternatively, the terms encode and decode or encipher and decipher are used instead
of encrypt and decrypt.
 Cont…

▪A system for encryption and decryption is called a cryptosystem

o For convenience, we denote a plaintext message P as a sequence of
individual characters P = <p1, p2, …, pn>.

o Similarly, ciphertext is written as C = <c1, c2, …, cm>.

o For instance, the plaintext message "I want cookies" can be denoted as the
message string <I, ,w,a,n,t, , c,o,o,k,i,e,s>.
o It can be transformed into ciphertext <c1, c2, …, c14>, and the encryption
algorithm tells us how the transformation is done.
 Cont. Cryptography and Encryption Techniques
❖ Notation

▪ Given

• P = Plaintext

• C = Ciphertext

▪ C = EK(P) Encryption

▪ P = DK(C) Decryption

 P = DK(EK(P))

 C = EK(DK(C))
▪ Note : The two basic building blocks of all encryption techniques are substitution and
transposition.
 SUBSTITUTION CIPHERS
❖ To substitute a character or symbol for each character of the original message.
❖ This technique is called a monoalphabetic cipher or simple substitution.
❖ Caesar Cipher - Early Example of a Substitution Cipher by JuliusCaesar. Named after the man who
used it.
The Caesar Cipher (the simplest and widely used)
▪ Each letter is translated to the letter a fixed number of places after it in the alphabet.
▪ Caesar used a shift of 3, so plaintext letter pi was enciphered as ciphertext letter ci by the rule
ci = E(pi) = pi + 3
▪ A full translation chart of the Caesar cipher is shown here.
 Cont.
❖ Using this encryption, the message TREATY IMPOSSIBLE would be encoded as
▪ TR EATY I M PO S S I B LE
▪ wuh d w b l p s r v vl e o h

Example2:
• Encrypt the message UNIVERSISTY with the Caesar cipher with 4 as the key.
• Thus, the message is encrypted as YRIMZIVWMXC,
• Again if we d ecrypt it again using the Caesar cipher with 3 as the key;
• The Decrypted message will be give as VOFJWFSFTJZ
Advantage and disadvantages of Caesar Cipher
Advantage: it is very simple to implement
Disadvantage: Algorithm has to be secret, Once Algorithm is known all messages can be
decrypted
 TRANSPOSITIONS (PERMUTATIONS)
▪A Transposition is an encryption in which the letters of the message are rearranged.
▪ With transposition, the cryptography aims for diffusion, widely spreading the information from the message
or the key across the ciphertext.
▪Transposition is a rearrangement of the symbols of a message, it is also known as a permutation.
Columnar Transpositions (the popular type)
⚫ The columnar transposition is a rearrangement of the characters of the plaintext into columns.
⚫ The following set of characters is a five-column transposition.
⚫ The plaintext characters are written in rows of five and arranged one row after another, as shown here.
THIS IS A MESSAGE TO SHOW HOW A COLUMNAR TRANSPOSITION WORKS
 Cryptography Categories
▪ In Modern approaches ,There are two forms of encryption systems

1) Symmetric (also called Secret-key) cryptosystem

2) Asymmetric (also called Public key) cryptosystem
 1. Symmetric Cryptography
1. Symmetric Cryptography: a single (same) key is used for encryption and decryption
❑ It is faster and simpler
❑ This means the sender and receiver must share the secret key securely before
communication.
❑ Problem : how exchange keys between sender and receiver in a secure manner e.g. DES
 Cont.
▪ Symmetric Key Cryptography also known as Symmetric Encryption is when a secret key is
leveraged for both encryption and decryption functions.

▪ This method is the opposite of asymmetric encryption where one key is used to encrypt and
another is used to decrypt.

▪ During this process, data is converted to a format that cannot be read or inspected by
anyone who does not have the secret key that was used to encrypt it.
 Cont.
▪ It also requires a safe method to transfer the key from one party to another.

▪ The same key is used to encrypt and decrypt a message

• C = EK(P)
• P = DK(C)
P = DK[EK(P)]
• Has been used for centuries in a variety of forms.
▪ The key has to be kept secret
▪ The key has to be communicated using a secure channel; major problem
Symmetric ciphers categorized into: Stream and Block Ciphers.
• Stream cipher: encrypts plaintext one byte at a time, although a stream cipher designed to
operate on one bit at a time or on units larger than a byte at a time.

• Block cipher: splits the plaintext into fixed sized blocks and generates fixed sized blocks of cipher
text.
 Stream Cipher
• In stream cipher, one bit (byte) is encrypted at a time while
• In block cipher processes fixed-size blocks simultaneously, as opposed to a stream cipher 6 4
o r~128 bits are encrypted at a time.

▪ Stream Cipher follows the sequence of pseudorandom number stream.

▪ One of the benefits of following stream cipher is to make cryptanalysis more difficult, so the number
of bits chosen in the Keystream must be long in order to make cryptanalysis more difficult.

▪ By making the key more longer it is also safe against brute force attacks.

▪ The longer the key the stronger security is achieved, preventing any attack.
▪ Keystream can be designed more efficiently by including more number of 1s and 0s, for
making cryptanalysis more difficult.

▪ Considerable benefit of a stream cipher is, it requires few lines of code compared to block cipher.
Cont.
 Cont.
For Encryption,
▪ Plain Text and Keystream produces Cipher Text ▪
(Same keystream will be used for decryption.).
▪ The Plaintext will undergo XOR operation with ▪
keystream bit-by-bit and produces the Cipher
Text.
Example –
For Decryption,
Cipher Text and Keystream gives the original Plain
Text (Same keystream will be used for encryption.).
The Ciphertext will undergo XOR operation with
keystream bit-by-bit and produces the actual Plain
Text.
Example –
 Another Stream Cipher Example for Texts

• Scenario:
• Encrypt the plaintext message "HELLO" using a Stream Cipher with the following:
• Key Stream: 01101001 10110100 10001100 11101010 00011100 (Binary)
Convert plaintext to binary using ASCII.
Steps:
1. Convert Plaintext to Binary (ASCII): Each character is converted to an 8-bit ASCII value:
• H = 01001000 E = 01000101 L = 01001100 L = 01001100 O = 01001111
• Thus Plaintext in binary: 01001000 01000101 01001100 01001100 01001111
2. XOR Operation with Key Stream:
Perform bitwise XOR (⊕) operation
between the plaintext and the key
stream.
Steps to Decrypt back to the orginal plain text message
Ciphertext in binary: 00100001 11110001 11000000 10100110 01010011
 Block Cipher
▪ Block cipher splits the plaintext into fixed sized blocks and generates fixed sized
blocks of ciphertext.

▪ The ciphertext is obtained from the plaintext by iterating a function F over some
number of rounds.

▪ The function F, which depends on the output of the previous round

and the key K, is known as a round function, not because of its shape, but
because it is applied at each round.
▪ The design goals for block ciphers are security and efficiency.
▪ A block cipher operates on a plaintext block of n bits to produce a ciphertext
block of n bits.
 Cont.

▪ Block cipher splits the plaintext into fixed sized blocks and generates fixed sized blocks of
ciphertext.
Example 1: Block Cipher
• Encryption
• Given:Plaintext: "HELLO123“
• Block Size: 8 bytes (64 bits).
• Key: KEY12345 (8 bytes for simplicity).
Step 1: Convert Plaintext to Binary
• Each character in the plaintext is converted to its ASCII binary equivalent
• H = 01001000 E = 01000101 L = 01001100 L = 01001100
• O = 01001111 1 = 00110001 2 = 00110010 3 = 00110011
• Step 2: Apply XOR with Key
• The key (KEY12345) is also converted to binary using ASCII:
• K = 01001011 E = 01000101 Y = 01011001 1 = 00110001
• 2 = 00110010 3 = 00110011 4 = 00110100 5 = 00110101
• Resulting encrypted binary:
00000011 00000000 00010101 01111101 01111101 00000010 00000110 00000110
• Step 3: Convert Binary Ciphertext to Hexadecimal
• Group the binary into 2 nibbles (4 bits each) and convert to hexadecimal:
• 00000011 = 0x03
• 00000000 = 0x00
• 00010101 = 0x15 Thus the Encrypted ciphertext in hexadecimal:
• 01111101 = 0x7D
• 01111101 = 0x7D 03 00 15 7D 7D 02 06 06
• 00000010 = 0x02
• 00000110 = 0x06
• 00000110 = 0x06
 Decryption Example in Block Cypher

• To decrypt, we reverse the process.

• The key XOR operation is
symmetric,
• so XOR the ciphertext with the key
to retrieve the plaintext.
• Step 1: Ciphertext in Binary
• Ciphertext from encryption:
• 00000011 00000000 00010101
01111101 01111101 00000010
00000110 00000110

Final Decrypted Plaintext:HELLO123

 Cont.
▪ Popular and common types of Block ciphers:
1. DES
2. Triple DES
3. AES
4. IDEA
5. Blowfish
 Data Encryption Standards (DES)
▪ In 1973, the NBS (National Bureau of Standards), now called NIST (National Institute of Standards
and Technology) published a request for an encryption algorithm that would meet the following
criteria:

• Have a high security level

• Be easily understood
• Be adaptable and economical
• Be efficient
▪ In late 1974, IBM proposed "Lucifer", which was then modified by NSA (National Security Agency) in
1976 to become the DES (Data Encryption Standard)

▪ DES - A Popular Example of Symmetric Cryptosystem

 Cont …
▪ Block size = 64 bits.
▪ Key size = 56 bits (in reality, 64 bits, but 8 are used as parity check bits for error control).
37
▪ Number of rounds = 16.
▪ 16 intermediary keys, each 48 bits.

key 56 bit

plaintext Cipher text

DES
64 bit 64 bit

1/4/2025
37
 Cont.
▪ DES utilizes block cipher, which means that during the encryption process, the plaintext is broken into fixed
length blocks of 64 bits

• A block cipher processes the input one block of elements at a time, producing an output block for
each input block; larger block sizes mean greater security but reduced encryption/ decryption speed; a
block size of 128 bits is a reasonable tradeoff and is nearly universal among recent block cipher
designs.

• A stream cipher processes the input elements continuously, producing output one element at a time,
as it goes along.

▪ The key in DES is 56 bits; 8-bit out of the total 64-bit block key is used for parity check (for
example, if odd parity is used, each byte has an odd number of bits)
DES Encryption
▪ Data is divided into 64-bit blocks; the key is 56 bits
▪ The processing has three phases
▪ Phase 1
• The 64-bit plaintext passes through an initial permutation (IP) that rearranges the bits to produce the
permuted input; no elements are added or deleted or replaced, rather the order in which the elements
appear in the sequence is changed
▪ Phase 2
• The 64 bits are then divided into two 32-bit halves called L and R.
• The encryption then proceeds through 16 rounds of the same function, each using the L and R
parts, and a subkey.

• In each round, the new L part is simply a copy of the incoming R part
• The R and Subkeys are processed in the so called
✓ f-function, and exclusive-or of the output of the f-function with the existing L part to create
the new R part
▪ Phase 3
• The pre output is passed through a permutation that is the inverse of the initial permutation (IP-1),
to produce the 64- bit ciphertext
 Cont.
In Summery for DES (Data Encryption Standard)
Key Points:
•Block size: 64 bits.
•Key size: 56 bits (often represented as 64 bits with 8 parity bits).

DES Decryption
▪ It uses the same algorithm as encryption, except that the application of the subkeys is
reversed.
▪ Also, the initial and final permutations are reversed.
Example of DES:
• Given: Plaintext: ABCDEFGH (64-bit block)
• Key: 133457799BBCDFF1 (in hexadecimal)
Step 1: Convert Plaintext to Binary
• Convert each character of ABCDEFGH into its ASCII binary form.
Character ASCII (Hex) Binary Representation
A 65 01000001
B 66 01000010
C 67 01000011
D 68 01000100
E 69 01000101
F 70 01000110
G 71 01000111
H 72 01001000
So the plaintext in binary:
01000001 01000010 01000011 01000100 01000101 01000110 01000111 01001000
Step 2: Encrypt Using DES
1.Initial Permutation (IP): Rearranges the bits according to a fixed permutation table.
2.16 Rounds of Feistel Function:
1. Each round uses a different 48-bit subkey derived from the main key.
3.Final Permutation (Inverse IP): Reorders the bits back to produce the ciphertext.

How to Apply Initial Permutation (IP)

1.Start with a 64-bit plaintext block.
2.Use the IP table to rearrange the bits.
1. Take the bit in the 58th position of the plaintext and place it in the 1st
position of the permuted output.
2. Take the bit in the 50th position of the plaintext and place it in the 2nd
position of the permuted output.
3. Continue and so on this process for all 64 bits.
Let's extract a few bits as an example:
•Bit at position 58 of plaintext: 1 → becomes the 1st bit.
•Bit at position 50 of plaintext: 0 → becomes the 2nd bit.
•Bit at position 42 of plaintext: 1 → becomes the 3rd bit.
•Bit at position 34 of plaintext: 1 → becomes the 4th bit.
•Bit at position 26 of plaintext: 0 → becomes the 5th bit.
•Bit at position 18 of plaintext: 1 → becomes the 6th bit.
•Bit at position 10 of plaintext: 0 → becomes the 7th bit.
•Bit at position 2 of plaintext: 1 → becomes the 8th bit.
Thus, the new permuted output (after IP) would start with:
 AES – Advanced encryption Standard
▪ "It seems very simple."

▪ It is very simple.

▪ AES encryption is fast and flexible.

▪ It can be implemented on various platforms especially in small devices.

1/4/2025 47
 The AES Cipher - Rijndael
▪ Designed by Rijmen-Daemen in Belgium.

▪ Clear a replacement for DES was needed.

▪ Has 128/192/256 bit keys, 128 bit data.

▪ Treats data in 4 groups of 4 bytes.

▪ Operates an entire block in every round.

▪ Resistant against known attacks.

1/4/2025
48
 AES Requirements
▪ Private key symmetric block cipher.

▪ 128-bit data, 128/192/256-bit keys.

▪ Stronger & faster than Triple-DES.

▪ Provide full specification & design details.

▪ Both C & Java implementations.

▪ NIST have released all submissions & unclassified analyses.

1/4/2025
49
 AES

▪ AES is based on a design principle known as a substitution-permutation network.

▪ It is a combination of both substitution and permutation, and is fast in both software and hardware.

▪ AES is a variant of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits.

1/4/2025
50
 Advanced Encryption Standard (AES)
▪ The AES Encryption algorithm (also known as the Rijndael algorithm) is a symmetric block cipher
algorithm with a block/chunk size of 128 bits.
▪ It converts these individual blocks using keys of 128, 192, and 256 bits.
▪ Once it encrypts these blocks, it joins them together to form the ciphertext.
▪ It is based on a substitution-permutation network, also known as an SP network.
▪ It consists of a series of linked operations, including replacing inputs with specific outputs
(substitutions) and others involving bit shuffling (permutations).

▪ In AES the number of rounds to be carried out depends on the length of the key being used to encrypt
data. The 128-bit key size has ten rounds, the 192-bit key size has 12 rounds, and the 256-bit key size has
14 rounds.

✓ 10 round of repetition for 128-bit keys.

✓ 12 round of repetition for 192-bit keys.
✓ 14 round of repetition for 256-bit keys.
 Cont.
▪ The steps to be followed in AES are in the below image.

▪ The mentioned steps are to be followed for every block sequentially..

 Cont.
The steps are as follows:
1. Add Round Key: You pass the block data stored in the state array through an XOR function with the
first key generated (K0).
▪ It passes the resultant state array on as input to the next step.
2.Sub-Bytes: In this step, it converts each byte of the state array into hexadecimal, divided into two
equal parts.
▪ These parts are the rows and columns, mapped with a substitution box to generate new values
for the final state array.
3. Shift Rows: It swaps the row elements among each other.
▪ First row is not shifted, Second row is shifted one (byte) position to the left.
▪ Third row is shifted two positions to the left, and Fourth row is shifted three positions to the
left.
▪ The result is a new matrix consisting of the same 16 bytes but shifted with respect to each
other.
3. Mix Columns: Each column of four bytes is now transformed using a special mathematical function.
▪ This function takes as input the four bytes of one column and outputs four completely new bytes, which
replace the original column.
▪The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not
performed in the last round.
 Cont.
Steps:
▪ Key Expansions round keys are derived from the cipher key using Rijndael's key schedule.
▪ AES requires a separate 128-bit round key block for each round plus one more.
1) Initial round
✓ Add Round-Key each byte of the state is combined with a block of the round key using
bitwise XOR.
2) Next rounds
i. Sub-Bytes: a non-linear substitution step where each byte is replaced with another
according to a lookup table.
ii. Shift-Rows: a transposition step where the last three rows of the state are shifted
cyclically a certain number of steps.
iii. Mix-Columns: a mixing operation which operates on the columns of the state,
combining the four bytes in each column.
iv. Add Round-Key
3) Final round
i. Sub-Bytes
ii. Shift-Rows
iii. Add
Round-Key
 Cont.
▪ For 16 byte key AES encryption and decryption
Example: Encrypting "HELLO"
 Asymmetric (Public-key )Cryptosystem
▪ Asymmetric Key Encryption is based on public and private key encryption
technique. It uses two different key to encrypt and decrypt the message. It is more
secure than symmetric key encryption technique but is much slower.

▪ It is a form of cryptosystem in which encryption and decryption are performed using

different keys - one public key (KE) and one private key (KD) - that form a unique pair

▪ C = EKE(P)

▪ P = DKD(C)

 P = DKD[EKE(P)]
▪ The two keys have the property that deriving the private key from the public key
is computationally infeasible
 Cont.
▪ Proposed by Diffie and Hellman in 1976

▪ It is a revolutionary concept since it avoids the need of using a secure channel to communicate the
key

▪ It has made cryptography available for the general public and made many of today’s online
applications feasible

▪ It provides a radical departure from the past

• Public-key algorithms are based on mathematical functions rather than on substitution and
permutation.

• Public-key cryptography is asymmetric, involving the use of two separate keys, in contrast to
symmetric encryption, which uses only one key.

• The use of two keys has profound consequences in the areas of confidentiality, key
distribution, and authentication
 Cont.
▪ Properties of Public Key Cryptosystem
• If you have the private key, you can easily decrypt what is encrypted by the public key.
• Otherwise, it is computationally infeasible to decrypt what has been encrypted by the public
key.

Steps in Asymmetric Cryptosystems

1. Each user generates a pair of keys to be used for the encryption and decryption of messages
2. Each user places one of the two keys in a public register or other accessible file. This is the
public key. The companion key is kept private

3. If Bob wishes to send a confidential message to Alice, Bob encrypts the message using
Alice’s public key
4. When Alice receives the message, she decrypts it using her private key. No other recipient can
decrypt the message because only Alice knows Alice’s private key
At any time, a user can change its private key and publish the companion public key to replace its
old public key.
 Cont.
Applications of Public-Key Cryptosystems
▪ RSA - Rivest-Shamir-Adleman
▪ DSS - Digital Signature Standard
▪ Diffie-Hellman
▪ Elliptic Curve Cryptography (ECC) algorithms

▪ You can read about Diffie-Hellman and Elliptic Curve Cryptography (ECC) algorithms
 RSA (Rivest-Shamir-Adleman)
▪ The most widely used public-key cryptosystem is RSA

▪ RSA is from Rivest, Shamir and Adlerman

▪ Principle: No mathematical method is yet known to efficiently find the prime factors of large
numbers

▪ In RSA, the private and public keys are constructed from very large prime numbers
(consisting of hundred of decimal digits)

▪ Breaking RSA is equivalent to finding the prime factors: this is known to be computationally
infeasible, i.e., security is based on the difficulty of factoring large integers

▪ It is only the person who has produced the keys from the prime number who can decrypt
messages
• Asymmetric means that it works on two different keys i.e. Public
Key and Private Key.
• As the name describes the Public Key is given to everyone and the Private key
is kept private.
• An example of asymmetric cryptography:
1. A client (for example browser) sends its public key to the server and
requests some data.
2. The server encrypts the data using the client’s public key and sends the
encrypted data.
3. The client receives this data and decrypts it.
• Since this is asymmetric, nobody else except the browser can decrypt the data
even if a third party has the public key of the browser.
 ▪ RSA - Key Generating Algorithm
1. Choose two large prime numbers, p and q
2. Now First part of the Public key: then Compute n = pq and (phi) φ = (p-1)(q-1)
3. We also need a small exponent say e :
• Choose an integer e, 1 < e < φ, such that GCD(e, φ) = 1
• (Note: The Greatest Common Divisor of two integers is the largest positive integer that exactly
divides both integers) or e and φ are relatively prime (two integers are relatively prime if their only
common positive integer factor is 1)

4. Determine the secret exponent d, 1 < d < φ, such that φ divides (ed-1)
5. The public key is the pair of integers (e, n) and the private key is (d, n), i.e., both sender and
receiver must know the value of n.
o The sender knows the value of e, and only the receiver knows the value of d
▪ Keep all the values d, p, q and φ secret
▪ n is known as the modulus
▪ e is known as the public exponent or encryption exponent
▪ d is known as the secret exponent or decryption exponent
 Cont.
▪ RSA- Encryption
▪ Sender A does the following
▪ Obtains the recipient B's public key (e, n)
▪ Represents the plaintext message as a positive integer M
▪ Computes the ciphertext C = Me mod n
▪ Sends the ciphertext C to B

▪ RSA- Decryption
▪ Recipient B does the following
▪ Uses his/her private key (d, n) to compute M = Cd mod n
▪ Extracts the plaintext from the message representative M

▪ Compared to DES, RSA is computationally more complex; encryption is 100-1000 times

slower than DES
▪ Hence encryption systems use RSA to exchange only shared keys in a secure way
▪ RSA Simple Example - Key Generation
1. Choose two prime numbers: suppose p=11, q=3

2. n = pq = 11*3 = 33 φ = (p-1)(q-1) = 10*2 = 20

3. Choose e, 1 < e < φ; we choose e=3

• Check GCD(e, φ) = GCD(3, 20) = 1

4. Determine d, 1<d<φ, such that φ divides ed-1 (or 20 divides 3d-1)

• Simple testing (d = 2, 3 ...) gives d = 7

• Check: ed-1 = 3*7 - 1 = 20, which is divisible by φ (20)

5. Public key = (e, n) = (3, 33) Private key = (d, n)
=(7,33)
 Cont.
▪ Given
Public key = (e, n) = (3, 33)
Private key = (d, n) = (7, 33)

▪ RSA- Encryption Example

▪ Now say we want to encrypt the message M = 7

▪ C = Me mod n = 73 mod 33 = 343 mod 33 = 13

▪ Hence the ciphertext C = 13

▪ RSA- Decryption Example

▪ To check decryption we compute

▪ M = Cd mod n = 137 mod 33 = 7

Cryptography
How hackers access data and how to prevent it from cryptography
• Hackers can exploit cryptographic systems in various ways to gain unauthorized access
to sensitive information.

• Here's an overview of common attack methods for both symmetric and asymmetric
cryptography, along with strategies to prevent them.

Symmetric Cryptography Attacks

1. Brute-Force Attack
•Hackers try all possible keys until the correct one is found.
•Weakness exploited: Short key length or weak keys make brute-forcing feasible.
•Prevention:
• Use strong, randomly generated keys with sufficient length (e.g., AES-256 for
256-bit keys).
• Limit the number of failed attempts using mechanisms like lockouts or delays.
2. Key Exchange Interception
•If keys are exchanged over insecure channels, attackers can intercept the key and decrypt
the data.
•Weakness exploited: Poorly secured key exchange methods.
•Prevention:
• Use secure key exchange protocols like Diffie-Hellman or TLS.
• Frequently refresh keys and use unique keys for each session (e.g., session keys).

3. Ciphertext Replay
•Attackers capture encrypted messages and resend them to impersonate the sender.
•Weakness exploited: Lack of nonce or timestamp mechanisms.
•Prevention:
• Use unique timestamps for each encrypted message to prevent replay attacks.
• Implement message authentication codes (MACs) to validate the integrity of
messages.
4. Side-Channel Attacks
•Attackers exploit information leakage from the cryptographic process, such as timing,
power consumption, or electromagnetic emissions.
•Weakness exploited: Hardware or implementation vulnerabilities.
•Prevention:
• Use constant-time algorithms to mitigate timing attacks.
• Shield devices against power and electromagnetic side-channel attacks.
 Asymmetric Cryptography Attacks
1. Man-in-the-Middle (MITM) Attack
•A hacker intercepts and alters communication between two parties during key exchange.
•Weakness exploited: Lack of mutual authentication or insecure key exchange.
•Prevention:
• Use certificates and trusted Certificate Authorities (CAs) to verify public keys
(e.g., in HTTPS).
• Implement protocols like TLS, which include mutual authentication.

2. Key Theft
•Hackers steal private keys from compromised devices or servers.
•Weakness exploited: Poor storage and management of private keys.
•Prevention:
• Store private keys in secure hardware
• (e.g., Hardware Security Module (HSMs or Trusted Platform Module (TPMs).
• Encrypt private keys with strong passphrases and use access controls.
3. Weak Key Generation
•Predictable or poorly generated keys allow attackers to guess or compute private keys.
•Weakness exploited: Insufficient randomness in key generation.
•Prevention:
• Use cryptographically secure random number generators (CSPRNGs) for key
generation.
• Ensure entropy sources for randomness are robust.

4. Cryptanalysis
•Attackers use mathematical techniques to break the encryption algorithm (e.g., factoring
large numbers in RSA or breaking discrete logarithms).
•Weakness exploited: Weak or outdated algorithms.
•Prevention:
• Use modern cryptographic algorithms (e.g., RSA-2048, ECC-256, AES).
• Regularly update algorithms and protocols to counter emerging threats, like
quantum computing.
 General Cryptographic Best Practices
1. Keep Keys Secret
•Symmetric keys and private keys must be securely stored (e.g., in hardware security
modules or encrypted storage).
2. Regular Key Rotation
•Periodically regenerate and redistribute keys to limit the impact of a compromised key.
3. Use Strong Cryptographic Protocols
•Adopt industry-standard protocols like TLS 1.3, SSH, or IPSec for secure communication.
4. Educate Users
•Train users to recognize phishing, social engineering, and other attacks targeting
cryptographic secrets.
5. Monitor and Audit
•Regularly audit cryptographic implementations and monitor for anomalies or
vulnerabilities.
 Digital Signature
▪ A digital signature is a cryptographic mathematical technique used to validate the
authenticity, integrity, and non-repudiation of digital messages or documents.
▪ Digital signatures are the public-key primitives of message authentication.
▪ In the physical world, it is common to use handwritten signatures on handwritten or typed
messages. They are used to bind signatory to the message.
▪ Similarly, a digital signature is a technique that binds a person/entity to the digital data. This
binding can be independently verified by receiver as well as any third party.
▪ It is a cryptographic value that is calculated from the data and a secret key known only by the
signer.
▪ In real world, the receiver of message needs assurance that the message belongs to the sender and he
should not be able to reject the origination of that message.
▪ This requirement is very crucial in business applications, since likelihood of a dispute over
exchanged data is very high.
 How Digital Signature Works
• Digital signatures rely on asymmetric cryptography (public-key cryptography), where a pair of keys—a
private key and a public key—is used.
Key Pair Generation:
A user generates two cryptographic keys:
Private Key: Kept secret and used for signing messages.
Public Key: Shared with others and used to verify the signature.
Signing the Message:
A hash of the message is created using a hash function (e.g., SHA-256).
The hash is encrypted with the sender's private key to produce the digital signature.
Verifying the Signature:
The recipient decrypts the digital signature using the sender's public key to retrieve the original hash.
The recipient computes their own hash of the message and compares it with the decrypted hash.
If the hashes match, the signature is valid.
 Cont …

Let’s break it into simple steps:

1.Sender (Hana) wants to send a message to Receiver (Aman).
2.Hana computes a hash of the message.
3.Hana encrypts the hash with her private key to create the digital signature.
4.Hana sends the message along with the digital signature to Aman.
5.Aman uses Hana's public key to decrypt the signature.
6.Aman computes the hash of the received message.
7.If both hashes match, Aman knows:
1. The message is from Hana (authentication).
2. The message hasn’t been tampered with (integrity).
79
 Cont.

▪ Block diagram of DSA

▪ Where, M – Plaintext, H - Hash function, h - Hash digest , ‘+’ - Bundle both plaintext and digest, E –
Encryption, D – Decryption
 Cont.
▪ The image in the pervious slide shows the entire process, from the signing of the key to its

verification. So, go through each step to understand the procedure thoroughly.

Step 1: M, the original message is first passed to a hash function denoted by H# to create a digest.

Step 2: Next, it bundles the message together with the hash digest h and encrypts it using the

sender’s private key.

Step 3: It sends the encrypted bundle to the receiver, who can decrypt it using the sender’s public key.
Step 4: Once it decrypts the message, it is passed through the same hash function (H#), to
generate a similar digest.

Step 5: It compares the newly generated hash with the bundled hash value received along with

the message. If they match, it verifies data integrity.

 Cont.
▪ So the Steps in Digital signature algorithm in general
1) Key Generation
2) Signature Generation
3) Signature Verification
▪ For digital signatures, however, is the reverse of asymmetric encryption is true.
✓ The signature is encrypted using the private key and decrypted with the public key.
✓Because the keys are linked, decoding it with the public key verifies that the proper private key was
used to sign the document, thereby verifying the signature's provenance.
▪ Having understood the functionality of the DSA Algorithm, you must know the advantages this
algorithm offers over alternative standards like the RSA algorithm.
 Cont.
❖ Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very
important and useful tool to achieve information security.
❖ Let us briefly see how this is achieved by the digital signature −
▪Message authentication − When the verifier validates the digital signature using public key of a sender, he is
assured that signature has been created only by sender who possess the corresponding secret private key and no
one else.
▪ Data Integrity − In case an attacker has access to the data and modifies it, the digital
signature verification at receiver end fails.
✓ The hash of modified data and the output provided by the verification algorithm will not match.
Hence, receiver can safely deny the message assuming that data integrity has been breached.
▪Non-repudiation − Since it is assumed that only the signer has the knowledge of the signature key, he
can only create unique signature on a given data.
✓ Thus the receiver can present data and the digital signature to a third party as evidence if any dispute
arises.
 Hash Functions
▪ Hash functions are extremely useful and appear in almost all information security applications.
▪ It is a mathematical function that converts a numerical input value into another compressed numerical
value.
▪ The input to the hash function is of arbitrary length but output is always of fixed length.
▪ Values returned by a hash function are called message digest (is a fixed size numeric
representation of the contents of a message, computed by a hash function) or simply hash
values.

▪ A hash function H takes a message m of arbitrary length and produces a bit string h, h=
H(m)
▪ When the hash value h is sent with the message m, it enables to determine whether m
has been modified or not; the principal objective of a hash function is data integrity.
 Cont.
▪ When a hash function is used to provide message authentication (integrity), the hash
function value is often referred to as a message digest.
▪ The two most common hashing algorithms are MD5 (Message Digest version 5) and Secure
Hash Algorithm or SHA (SHA-1 and later versions like SHA-256).
Lets more clear based on the following Scenario example
• Alice wants to send a secure message to Bob and sign it digitally.
Step 1: Key Generation
Alice generates a pair of cryptographic keys:
•A Private Key (PrivateKey_Alice) – used to sign messages.
•A Public Key (PublicKey_Alice) – shared with Bob and others to verify the signature.

Step 2: Signing the Data

1.Alice writes a message: "Hello, Bob! This is Alice."
2.A cryptographic hash function (e.g., SHA-256) is applied to the message to create a
message digest.
•Hash Function ensures that even a small change in the message results in a drastically
different hash.
•Example Hash Result: SHA-256("Hello, Bob! This is Alice.")
= a8c5e2d8c3a5d5b9c7a10b27d34698027f9d9783b43d0edcbe3e39f9fce60606
 3. Alice encrypts the message digest using her PrivateKey_Alice.
•This encrypted hash is the digital signature.
•Example Signature: Encrypted Hash = “7d3f2b8c9...”
4. Alice sends the message and the digital signature to Bob.

Step 3: Verifying the Signature

• When Bob receives the message and the digital signature:
• Bob applies the same hash function (SHA-256) to the received message:
• Bob's Calculated Hash: SHA-256("Hello, Bob! This is Alice.") =
a8c5e2d8c3a5d5b9c7a10b27d34698027f9d9783b43d0edcbe3e39f9fce60606
• Bob decrypts the digital signature using PublicKey_Alice to retrieve the original hash signed by
Alice.
Decrypted Hash from Signature:
a8c5e2d8c3a5d5b9c7a10b27d34698027f9d9783b43d0edcbe3e39f9fce60606
• Bob compares the two hashes:
• If the hashes match, the signature is valid, and the message is verified as coming from
Alice (authenticity) and unchanged (integrity).
• If the hashes do not match, the signature is invalid, indicating tampering or forgery.
Example 2
Secure Email Communication Scenario:
• Alice sends an important email to Bob and uses a digital signature to ensure its
authenticity and integrity.
1. Key Generation:
Alice generates a private key and public key pair.
2. Message Signing:
•Message: “Today we will have a meeting at 10 L.T."
•Hash (SHA-256): abcd1234
•Alice encrypts the hash using her private key to create the digital signature:
•Enc(PrivateKey_Alice, abcd1234) = xyz9876.
•She sends the message and the signature to Bob.
3. Verification:
•Bob receives the message and the signature.
•Bob computes the hash of the received message:
•SHA-256(" Today we will have a meeting at 10 L.T.") = abcd1234.
•Bob decrypts the signature using Alice’s public key:
•Dec(PublicKey_Alice, xyz9876) = abcd1234.
•If the two hashes match, Bob confirms the message is authentic and unchanged.
 Applications of Digital Signatures
1.Secure Emails and Documents: Digital signatures ensure the authenticity of emails, contracts, and
sensitive documents (e.g., Adobe PDF signing).
2.Software Distribution: Developers sign software packages to assure users that the software is
legitimate and not tampered with (e.g., Windows Update).
3.Online Transactions: Banks and e-commerce platforms use digital signatures to secure transactions.
4.Block chain and Cryptocurrencies: Digital signatures are used in Bitcoin and Ethereum to validate
and authenticate transactions.
5.Government Services: E-signature platforms like DocuSign enable signing government forms and
contracts securely.
Real-World Example: Secure Online Voting: In an online election, voters cast their votes electronically.
•Each voter digitally signs their vote using a private key.
•The election authority verifies the signature with the voter’s public key to ensure authenticity and
prevent tampering.
This ensures a fair and secure voting process.
 Key Management in Cryptography
• In cryptography, it is a very tedious task to distribute the public and private keys between sender
and receiver.
• If the key is known to the third party (forger/eavesdropper) then the whole security mechanism
becomes worthless.
• So, there comes the need to secure the exchange of keys.
• There are two aspects for Key Management:
1.Distribution of public keys.
2.Use of public-key encryption to distribute secrets.
Distribution of Public Key:
The public key can be distributed in four ways:
1.Public announcement

2. Publicly available directory

3.Public-key authority
4.Public-key certificates.
• Key management is the process of creating, distributing, storing, using, and retiring
cryptographic keys securely.
• It is critical in cryptography to ensure the security of encrypted communication, as the
strength of cryptographic protocols depends heavily on the secrecy and proper
management of keys.
Key Management Lifecycle
Key management is divided into the following phases:
1.Key Generation
2.Key Distribution
3.Key Storage
4.Key Usage
5.Key Revocation and Retirement
1. Key Generation
• Keys must be generated securely to ensure cryptographic strength. Weak or predictable
keys compromise security.
• Process: Cryptographic algorithms (e.g., RSA, AES) or secure random number
generators are used to produce keys.
• Best Practices: Use strong entropy sources (e.g., hardware random number generators).
• Generate keys of sufficient length (e.g., 256-bit keys for AES).
• Example: Alice and Bob want to communicate securely using AES encryption.
• A secure system generates a 256-bit symmetric key:
• Symmetric Key: 5F2A3E8B9C... (256 bits)
2. Key Distribution
• Once generated, keys must be shared securely between parties to enable encryption and decryption.
This is especially critical for symmetric cryptography since both parties use the same key.

Methods of Key Distribution:

1.Out-of-Band Distribution:
• Key is shared using a secure physical medium (e.g., USB drive or courier).
• Example: Bob delivers a USB with a symmetric key to Alice in person.
2.Key Exchange Protocols:
• Public key cryptography (asymmetric) is often used to distribute symmetric keys securely over
insecure channels.
• Example: Diffie-Hellman Key Exchange
• Alice and Bob exchange public keys.
• They derive a shared symmetric key without transmitting it directly.
3.Certificate Authorities (CAs):
• For asymmetric cryptography, trusted CAs issue digital certificates binding public keys to
identities.
• Example: Alice retrieves Bob’s public key from a trusted CA and encrypts the key before
sending it.
3. Key Storage
Keys must be stored securely to prevent unauthorized access or leakage.
Best Practices for Key Storage:
1.Hardware Security Modules (HSMs):
• Physical devices designed to store and manage cryptographic keys securely.
• Example: Banks use HSMs to store private keys for secure online transactions.
2.Secure Software Storage:
• Use encrypted files or secure operating system mechanisms.
• Example: The private key for SSL/TLS certificates is stored in an encrypted format on a
server.
3.Key Splitting:
• Keys are divided into parts and stored separately to reduce risk.
• Example: A private key is split into three parts, stored with different administrators.
4. Key Usage
• Keys are used for encryption, decryption, signing, or verification. Secure usage ensures that keys
are not exposed during operations.
Key Usage Policies:
•Key Separation: Use different keys for different purposes (e.g., one for encryption, another for
signing).
Example:
• Key 1: Encrypt communication between Alice and Bob.
• Key 2: Sign Alice's documents.
•Limited Lifespan:
Keys should have an expiration date to minimize exposure.
Example:
• Alice and Bob agree to rotate the encryption key every 30 days.
5. Key Revocation and Retirement
• Keys must be revoked or retired when they are no longer secure or needed.
Revocation Reasons:
•A key is compromised.
•A key owner’s credentials change.
•The key reaches its expiration date.
Revocation Methods:
1.Certificate Revocation List (CRL):
1. A list of revoked public key certificates is published by the issuing CA.
2. Example: Bob’s old public key certificate is revoked and added to the CRL.
2.Online Certificate Status Protocol (OCSP):
1. Real-time verification of certificate validity.
2. Example: When Alice tries to use Bob’s public key, her system checks its status via OCSP.
Examples of Key Management in Real-Life Cryptographic Systems
1. Secure Web Browsing (HTTPS):
•Web servers use asymmetric keys for initial key exchange (TLS handshake).
•After the handshake, a symmetric key is generated and used for faster data encryption.
Process Example:
• The server provides its public key via a certificate.
• The client generates a symmetric session key, encrypts it with the server’s public key, and sends
it.
• The server decrypts the session key with its private key.
2. Digital Payments:
•Payment systems like Visa and Mastercard use key management to secure transactions.
•Private keys are stored in HSMs, while symmetric keys secure individual transaction data.
3. Blockchain:
•Each user in a blockchain system (e.g., Bitcoin) has a private-public key pair.
•The private key is used to sign transactions, and the public key verifies them.
Challenges in Key Management
1.Key Escrow:
1. Storing keys with a third party can introduce trust issues.
2.Key Loss:
1. Losing private keys can result in loss of access to encrypted data.
3.Key Compromise:
1. Exposure of keys to attackers can lead to data breaches.
 Cont.
These are explained as following below:
1. Public Announcement: Here the public key is broadcasted to everyone.
• Users share their public keys by broadcasting them widely, such as through email, websites, or
public forums. The major weakness of this method is a forgery.
▪ Anyone can create a key claiming to be someone else and broadcast it. Until forgery is discovered
can
masquerade as claimed user.
• Advantages:
• Simple and easy to implement.
• No need for additional infrastructure.
• Disadvantages:
• Vulnerable to man-in-the-middle attacks.
• An attacker could intercept the public key and replace it with their own, leading to
unauthorized decryption.
• No guarantee of authenticity or integrity of the key.
 Cont.
2. Publicly Available Directory:
• In this type, the public key is stored in a public directory.

• Users can query this directory to retrieve the public key of a specific person or entity.
• Directories are trusted here, with properties like Participant Registration, access and allow to modify
values at any time, contains entries like {name, public-key}.

▪ Directories can be accessed electronically still vulnerable to forgery or tampering.

• Advantages:
• Provides a structured way to distribute keys.
• Keys are accessible in one location, simplifying retrieval.
• Disadvantages:
• The directory must be secured and managed to prevent unauthorized modifications.
• Requires users to trust the directory to provide authentic keys.
• Vulnerable to attacks if the directory is compromised or not regularly updated.
 Cont.
3. Public Key Authority: It is similar to the directory but, improves security by tightening control over
the distribution of keys from the directory.

▪ It requires users to know the public key for the directory.

▪ Whenever the keys are needed, real-time
access to the directory is made by the user to obtain any desired public key securely.
• Advantages:
• Enhances security by authenticating public keys.
• Reduces the risk of man-in-the-middle attacks.
• Disadvantages:
• Involves additional infrastructure and management.
• Users must trust the authority completely.
• The authority can become a single point of failure.
 Cont.
4. Public Certification: This time authority provides a certificate (which binds an identity to the public

key) to allow key exchange without real-time access to the public authority each time.

▪ The certificate is accompanied by some other info such as period of validity, rights of use, etc.
▪ All of this content is signed by the private key of the certificate authority and it can be verified by

anyone possessing the authority’s public key.

▪ First sender and receiver both request CA for a certificate which contains a public key and

other information and then they can exchange these certificates and can start

communication.
• Advantages:
• Ensures the authenticity and integrity of public keys.
• Widely used in protocols like TLS/SSL.
• Can be verified without contacting a third party every time, as long as the certificate is trusted.
• Disadvantages:
• Requires a robust PKI (Public Key Infrastructure).
• Certificates need periodic renewal and revocation management.
Cryptography
End
Chapter 4: Application and OS Security
• Application code attacks (buffer overflow)
• Prevention:
• System design, robust coding, isolation.
• Users management
• Enforcement of security
• OS Access control, authentication
• Risk management
• Information Security
• Policies and Procedures
• Legal Issues and Information Security
• Computer Forensics
4.1 Application Code Attacks: Buffer Overflow
• Buffer overflow (also known as a buffer overrun) is a software coding error or
vulnerability that can be exploited by hackers to gain unauthorized access to corporate
systems.
• A buffer overflow occurs when:
• A program writes more data to a buffer (a fixed-size memory storage location) than it
can hold.
• Too much information is passed into a container that does not have enough space,
leading to data replacement in adjacent containers.
• The program attempting to write data to the buffer overwrites adjacent memory
locations, potentially causing program malfunction
• It is one of the best-known software security vulnerabilities yet remains fairly common.
• This vulnerability can lead to arbitrary code execution or system crashes.
• Buffer overflow attacks often target vulnerabilities in software that fail to
check or enforce boundaries when handling input data.
Example: A login system expecting a 16-character password might crash or allow
malicious access if fed a 64-character input.

How Buffer Overflow Works

1. Buffer: A temporary storage area in memory for data.
2. Overflow: When the data written exceeds the buffer’s size, it spills into adjacent
memory areas.
Impact:
1. Corruption of memory.
2. Alteration of program execution flow.
3. Injection of malicious code.
Consider for an example of Buffer Overflow
Vulnerable C Code
In this code as we have seen here is that:
• Input Overflow:
• If the input exceeds 10 characters, it
overwrites adjacent memory.
• Malicious Input:
• Attackers can input crafted data that includes
malicious code (payload).
• Overwriting the return address allows the
attacker to redirect execution to the payload.
• The program defines a buffer of 10 bytes (buffer[10]) inside the function
vulnerable_function.
• The function uses strcpy() to copy user input into the buffer without checking
the input length.
• If the user provides input larger than 10 bytes, it overflows into adjacent
memory, potentially overwriting the return address on the stack
Exploitation Example: An attacker provides the input:
AAAAAAAAAA\x90\x90\x90\x90\xeb\x0f...

Here: AAAAAAAAAA fills the buffer.

•The subsequent bytes overwrite the return address with the location of the malicious
payload.
 Types Of Buffer Overflow Attacks
There are several types of buffer overflow attacks that attackers use to exploit organizations’
systems. The most common are:

• Stack-based buffer overflows: Occurs when a buffer on the stack (used for function calls
and local variables) is overflowed.
• The attacker can overwrite the return address of a function, redirecting the program’s
execution to malicious code.
• Heap-based buffer overflows: Occurs when a buffer on the heap (dynamically allocated
memory) is overflowed.
• The attacker manipulates pointers or metadata in heap memory to alter program behavior
or achieve code execution.
• Format string attack: takes place when an application processes input data as a
command or does not validate input data effectively.
• This enables the attacker to execute code, read data in the stack, or cause segmentation
faults in the application.
 Consequences of Buffer Overflow
Program Crash:
• The program attempts to execute invalid instructions, causing it to crash.
Data Corruption:
• Adjacent memory regions are overwritten, leading to unpredictable behavior.
Code Execution:
• Attackers inject malicious code and manipulate the control flow to execute it.
Privilege Escalation:
• Attackers exploit vulnerabilities to gain unauthorized access or escalate
privileges
 Prevention Strategies
1. System Design:
o Use bounds-checking functions.
o Implement address space layout randomization (ASLR).
o Example: Modern compilers like GCC implement stack protection mechanisms.
1. Robust Coding Practices:
o Validate input lengths and sanitize data.
o Example: Use strncpy() instead of strcpy() in C programming.
2. Isolation:
o Restrict processes to run in isolated environments,
o e.g., containers or sandboxes.
o Example: Docker containers isolate applications, preventing buffer
overflow exploits from affecting the host.
Cont…
• Bounds Checking:
•Use safer functions like strncpy instead of strcpy.
• Input Validation:
•Validate and sanitize input data length and content.
• Compiler Protections:
•Use stack canaries and ASLR (Address Space Layout
Randomization).
• Modern Programming Languages:
•Languages like Python, Java, and Rust inherently prevent buffer
overflows
 4.2 User Management
• User management is a critical aspect of application and system security.
• It involves creating, managing, and controlling user accounts, their roles,
and access permissions within an application or system.
• Effective user management ensures only authorized individuals have
access to specific resources, protecting sensitive data and functionality.
• User management involves ensuring only authorized users can access
applications and systems.
Examples: Implementing role-based access control (RBAC) in a company’s software tools.
Using LDAP is best for user management
• Requiring strong passwords and multi-factor authentication (MFA).
 Components of User Management
• User Authentication
• The process of verifying the identity of a user.
• Common methods:
• Username and password.
• Multi-factor authentication (MFA).
• Biometric authentication.
• User Authorization
• Defines what resources a user can access and actions they can perform based on
their roles and permissions.
• User Roles and Permissions
• Assign roles (e.g., Admin, Editor, Viewer) to users to control access.
• Roles are mapped to specific permissions (e.g., read, write, delete).
• Password Management
• Ensures secure password policies such as complexity, expiration, and
storage mechanisms
• (e.g., hashing).
• Session Management
• Manages user sessions, including session expiration, token revocation,
and secure session handling.
• Audit and Logging
• Tracks user activities for security monitoring and compliance.
 Best Practices for User Management
• Secure Authentication:
• Use strong passwords and enforce MFA.
• Avoid storing plaintext passwords; use salted hashes.
• Principle of Least Privilege:
• Assign users the minimum permissions necessary to perform their tasks.
• Regular Access Reviews:
• Periodically audit and revoke unnecessary permissions or accounts.
• Session Security:
• Implement secure session cookies and enforce session timeouts.
• User Monitoring:
• Log and monitor user activities for suspicious behavior.
• Account Lockout Policies:
• Lock accounts after a certain number of failed login attempts to prevent brute-force
attacks.
 4.3 Enforcement of Security
• Enforcing security policies ensures compliance with best practices and legal
requirements.
• The enforcement of security involves implementing mechanisms and
practices to protect systems, applications, and data from unauthorized access,
misuse, or breaches.
• Security enforcement ensures that policies, rules, and procedures are followed
to maintain confidentiality, integrity, and availability of resources.
Enforcement of Security…
Strategies
1. Firewalls: Prevent unauthorized access.
o Example: A firewall blocks suspicious traffic from untrusted networks.
2. Intrusion Detection Systems (IDS): Identify and mitigate unauthorized
activities.
o Example: Snort, an open-source IDS, detects network anomalies.
3. Periodic Reviews: Conduct security audits.
o Example: Regular penetration testing helps to review uncover application
vulnerabilities.
• Examples or aspects of Security Enforcement
• Authentication: Verifies the identity of users or systems before granting access.
• Methods: Passwords, biometrics, multi-factor authentication (MFA).
• Authorization: Ensures users or systems have the appropriate permissions to access
resources or perform actions.
• Techniques: Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC).
• Data Protection: Ensures sensitive data is encrypted during transmission and at rest.
• Tools: TLS/SSL, AES encryption.
• Monitoring and Auditing: Tracks system activity and generates logs for detecting and
responding to security incidents.
• Tools: Intrusion Detection Systems (IDS), SIEM (Security Information and Event
Management).
• Secure Communication: Protects data exchanges between systems or users.
• Protocols: HTTPS, SSH, VPNs., e.g: Enforce SSH configuration to disable password login
 4.4 OS Access Control and Authentication
• Operating systems access control and authentication are
fundamental mechanisms to secure system resources.
• Provide mechanisms to enforce access control and authenticate
users.
• They ensure only authorized users and processes can access
specific resources while maintaining the confidentiality, integrity,
and availability of the system.
 Components of OS Access Control and Authentication
1.Access Control:
• Regulates which users or processes can access files, directories, and system resources.
• Common models:
➢ Mandatory Access Control (MAC): used to enforce strict policy-based controls
• Example: SELinux: enables fine-grained security policies for processe (Security-Enhanced Linux)
➢ Role-Based Access Control (RBAC)
2. Authentication: Verifies the identity of users or systems trying to access the OS.
▪ Techniques:
➢ Password-based authentication, and Biometric authentication.
➢ Token-based authentication (e.g., smart cards, OTP).
➢ Public Key Infrastructure (PKI).
3. User and Group Management: Users are assigned unique accounts.
• Groups categorize users to simplify permission management.
4. Permissions and Privileges: Defines actions users can perform (read, write, execute).
• Root or administrative privileges provide full system control.
Best Practices for OS Access Control and Authentication
1.Use the Principle of Least Privilege:
•Grant users the minimum permissions required to perform their tasks.
2.Enforce Strong Authentication:
•Use strong passwords methods
•Implement MFA for critical accounts.
3.Regularly Audit Permissions:
•Review and revoke unnecessary permissions.
4.Monitor Access Attempts:
•Enable logging and track failed login attempts.
•Use tools like auditd or Windows Event Viewer.
5.Enable Secure Defaults:
•Disable unused accounts and services.
•Set secure file permissions by default.
 4.5 Risk Management
• Is the process of identifying, assessing, and mitigating risks to protect an
organization's assets, including its data, systems, and reputation.
• Identifies and mitigates threats to application and system security.
• In the context of cybersecurity:
• It involves proactive measures to address vulnerabilities and threats while
minimizing their potential impact.
 The main Steps of Risk Management
1. Risk Identification: Identify and recognizing potential risks and vulnerabilities that
could affect systems or data.
• Common risks: malware, phishing attacks, insider threats, system failures.
2. Risk Assessment: Evaluating the likelihood and assess the impact of identified risks .
• Methods: Qualitative: Categorizing risks (e.g., High, Medium, Low).
• Quantitative: Assigning numerical values to risk probabilities and impacts.
o Example: Conducting threat modeling to identify attack vectors.
3. Risk Mitigation: Implement strategies or countermeasures to reduce risk.
• Approaches: Avoidance: Eliminating the risk source.
• Reduction: Implementing controls to minimize impact.
• Transfer: Using insurance or third parties to handle risk.
• Acceptance: Acknowledging and preparing for the risk.
o Example: Encrypting sensitive data to prevent data breaches.
4. Risk Monitoring and Review : Using security tools to monitor threats.
• Continuously track systems for potential risks and evaluating the risk environment
to adapt to new threats
• Example: Using Security Information and Event Management (SIEM) tools. This
SIEM tool used for collects and analyzes security logs.
5. Risk Communication: Communicating risks to stakeholders
• Ensuring stakeholders understand the risks and the strategies in place to address them.
• Methods:
• Reports: Regular risk assessment reports for management.
• Meetings: Briefings on current risks and mitigation strategies.
• Dashboards: Real-time visualization of risk levels.
 Examples of Risk Management
1. Risk Identification: Scenario: A company identifies risks associated with phishing emails.

2. Risk Assessment: Scenario: Assessing the risk of a phishing attack.

Qualitative Example: Likelihood: High, Impact: Critical, Risk Level: High
Quantitative e.g.: Likelihood: 70% (0.7), Impact: $100,000, Risk Value: 0.7×100,000=70,000

3. Risk Mitigation: Scenario: Mitigating the risk of phishing attacks.

Controls:
Preventive Measures: Implement employee training programs to recognize phishing attempts.
• Enable email filtering to block malicious emails.
•Detective Measures: Use intrusion detection systems (IDS) to monitor email traffic.
•Corrective Measures: Have an incident response plan for phishing incidents
4.6 Information Security: Policies and Procedures
• Information security policies and procedures establish guidelines and frameworks for
protecting
➢ an organization's data,
➢ Systems
➢ critical assets.
• It also define roles, responsibilities, and practices to ensure
➢ confidentiality,
➢ integrity, and
➢ availability of information.
 Components of Information Security Policies
• Purpose and Scope: Specifies the objectives and areas covered by the policy.
• Example: "This policy applies to all employees, contractors, and third-party users
of Company X's IT systems."
• Roles and Responsibilities: Defines who is responsible for implementing & enforcing
policies.
• Example: IT Team: Responsible for deploying security controls.
Employees: Adhere to acceptable use policies.
• Acceptable Use Policy (AUP): Guidelines for appropriate use of IT resources.
• Example: Prohibits using company email for personal activities.
• Disallows downloading unapproved software.
• Access Control Policy: Rules for granting, monitoring, and revoking access to systems.
• Example: "Access to confidential files is granted only to employees in managerial
roles.”
 Components…
• Incident Response Policy: Procedures for detecting, reporting, and responding to
security incidents.
• Example: "All suspected phishing emails must be reported to the IT department within
one hour."
• Data Protection Policy: Defines how sensitive data is stored, accessed, and transmitted.
• Example: "All customer data must be encrypted during transmission using TLS."
• Training and Awareness: Ensures all stakeholders are aware of security policies and
their role in protecting information.
• Example: "Employees must complete annual security training."
 Examples of Security Procedures
• Password Management Procedure
• Objective: Strengthen account security through proper password practices.
• Steps: Passwords must be at least 12 characters long.
• Passwords must include a mix of uppercase, lowercase, numbers, and special characters.
• Passwords must be changed every 90 days.
• Employees must not share passwords or write them down.
• Data Encryption Procedure
• Objective: Ensure sensitive data is protected during storage and transmission.
• Steps: Use AES-256 for encrypting files at rest.
• Ensure HTTPS (TLS 1.2 or higher) is used for all web traffic.
• Encrypt emails containing sensitive data.
• Incident Response Procedure: Objective: Minimize the impact of security incidents.
Steps: Detect and monitor systems for anomalies (e.g., unusual login attempts).
• Report: Notify the IT team within 30 minutes of detection.
• Isolate affected systems to prevent further damage.
• Investigate: Analyze logs to identify the root cause.
• Recover: Restore systems using secure backups.
• Document: Record the incident details for future reference.
4.7 Legal Issues and Information Security: Computer Forensics
• Computer forensics involves collecting, analyzing, and preserving digital evidence for
legal proceedings.
• It helps investigate or examines for cybercrimes, breaches, and policy violations while
ensuring the integrity of the collected evidence for potential legal action.
• Computer forensics overlaps with legal issues because proper handling of evidence,
adhering to legal frameworks, and ensuring privacy rights are crucial during
investigations.
• In the context of information security, computer forensics is used to track, investigate, and
act against cybercrimes.
 Applications
• Incident Investigation: Tracing a cyberattack to its source by analyzing log files.
• Collection of Digital Evidence :Digital evidence must be collected in a forensically
sound manner to preserve its integrity and admissibility in court.

• Analysis of Digital Evidence: The goal is to recover, reconstruct, and analyze data
from devices such as computers, smartphones, and servers.
• This includes examining files, metadata, system logs, deleted files, and even memory (RAM)
for traces of illicit activity.
• Preservation of Digital Evidence: Forensic procedures must ensure that evidence is
not modified, altered, or corrupted.
• Presentation of Evidence in Court: Forensic experts often testify in court to explain how
digital evidence was obtained, analyzed, and how it relates to the case.
o Example: Ensuring proper handling of personal data during forensic analysis.
 Chapter 5

Web Network Data Mobile

Security Security Security Security
• Web Security deals with the security of data over the internet/network or web or while it
is being transferred over the internet.
• Is crucial for protecting web applications, websites, and the underlying servers from
malicious attacks and unauthorized access.
• Web security protects networks, servers, and computer systems from damage to or
the theft of software, or data.
• It includes defending computer systems from misdirecting or disrupting the services
they are designed to provide.
• Many sensitive tasks are done through web
• Online banking, online shopping
• Database access
• System administration

• Web applications and web users are targets of many attacks

• Cross site scripting
• SQL injection
• Cross site request forgery
• Information leakage
• Session hijacking

• Websites are always prone to security threats/risks.

• For example- when you are transferring data between client and server and you
have to protect that data that security of data is your web security.
Web Browser and Network

request
Browser Web
reply site
OS
Hardware Network

Browser sends requests

Web site sends response pages, which may include code
Interaction susceptible to network attacks
 Web Security/Privacy Issues
• Secure communications between client & server
• HTTPS (HTTP over Secure Socket Layer)
• User authentication & session management
• Cookies & other methods
• Active contents from different websites
• Protecting resources maintained by browsers
• Web application security
• Web site authentication (e.g., anti-phishing)
• Privacy concerns
 Common Web Security Threats
1.Cross-Site Scripting (XSS):
• Attackers inject malicious scripts into web pages viewed by users. This can lead to data
theft, session hijacking, or redirection to malicious sites.
• Example: A blog with a comment section that doesn’t validate user input allows an
attacker to inject JavaScript, such as:
<script>alert('XSS Attack!');</script>
• This script executes when another user views the comment.
2. SQL Injection: Exploits vulnerabilities in web applications to manipulate database
queries by inserting malicious SQL statements.
• Example:A login form without input validation accepts ' OR '1'='1 as input,
transforming the query:
SELECT * FROM users WHERE username = '' OR '1'='1' AND password = ‘’
• This returns all user records, bypassing authentication.
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS):
• Overwhelms a website with traffic, rendering it inaccessible to legitimate users.
• Example: A botnet floods a server with requests, causing it to crash.
 Mitigation Techniques
1.Input Validation and Sanitization:
•Validate all user inputs to prevent malicious code from being executed.
•Example: Use libraries to sanitize inputs and reject dangerous characters.
2.Implement Secure Authentication Mechanisms:
•Use strong password policies, multi-factor authentication (MFA), and secure session
management.
•Example: Employ tokens for session validation and rotate them regularly.
3.Enforce HTTPS (SSL/TLS):
•Encrypt data transmission between clients and servers to prevent MITM attacks.
•Example: Websites with SSL/TLS show a padlock icon in browsers and use https://.
4.Use Web Application Firewalls (WAF):
•Protect against attacks like XSS, SQL injection, and CSRF by analyzing HTTP requests.
•Example: AWS WAF detects and blocks malicious traffic based on predefined rules.
5.Regular Security Testing:
•Conduct penetration testing, vulnerability assessments, and use automated tools to
identify and fix security flaws.
•Example: Tools like OWASP ZAP and Burp Suite help scan for vulnerabilities.
 What is Network Security?
▪ Network Security protects your network and data from breaches, intrusions and other
threats.
▪ Focuses on protecting the integrity, confidentiality, and availability of data during
transmission over a network.

▪ It is protection of the access to files and directories in a computer network against

hacking, abuse and unauthorized changes to the system.
▪ Network security is important for home networks as well as in the business world.
▪ It includes the use of technologies, policies, and procedures to safeguard networks from
unauthorized access, misuse, and cyber threats.

▪ Applications, systems, and networks can be made secure through the use of security
protocols, which provide a wide range of encryption and authentication services.
▪ Each security protocol is placed within several layers of a computing infrastructure - that
is, Data link, network, transport, and application layers. 152
 Communication Channels

Internet

Client Server
Intranet

Extranet

1/4/2025 153
 Cont …
MODEL
Trusted Third
Party

Security Security
Related Related
Transmition Transmition

Opponent
1/4/2025 154
 Cont …
• Security Services
✓ Confidentiality
✓ Authentication
✓ Integrity
✓ Non Repudiation
✓ Access Control
✓ Availability

156
 Internet Protocol Stack (TCP/IP)
▪ Protocols control the sending and receiving of messages.
✓ e.g., TCP, IP, HTTP
▪ Internet Protocol Stack (TCP/IP)
✓Application: supports network application.
• FTP, SMTP, HTTP
✓Transport: process-to-process data transfer and end-to-end reliability
• TCP, UDP (User Datagram Protocol)
✓ Network: routing of datagrams (packets) from source to destination
• IP routing protocols
✓Data Link: reliable data transfer between neighboring network
elements
• PPP (Point-to-Point Protocol), Address Resolution Protocol (ARP)
✓Physical: bits “on the wire or in the air”

157
 Cont …
ISO/OSI Reference Model
▪ Presentation: allows applications to interpret meaning of data,
e.g., encryption, compression, machine specific conventions.
▪ Session: managing sessions such as synchronization, check
pointing, recovery of data exchange.
▪ Internet protocol stack “missing” these layers!
✓ These services, if needed, must be implemented in the
application layer

158
 OSI model
Application Allows access to network resources.

Presentation Translates, encrypts and compresses data.

Session Establishes, manages and terminates sessions.

Transport Provides end-to-end message delivery & error recovery.

Network Moves packets from source to destination; Provides

internetworking.
Data Link Organizes bits into frames; Provides node-to-node
delivery.
Physical Transmits bits; Provides mechanical and electrical specifications.
1/4/2025 159
 Network security Protocols
TCP/IP layering
Application
HTTP …
FTP DNS …
SMTP SNMP

Transport
TCP UDP

Network
ICMP IP IGMP

Link
hardware
ARP RARP
interface

1/4/2025 Media 160

 TCP/IP and OSI model and Addressing
Application
Processes Message

Presentation Applications

Session
Segment Port
Transport TCP UDP address

Network Datagram
IP
IP address
Frame
Data Link Protocols defined by Physical
the underlying networks (MAC)
Bits
address
Physical
161
 Cont …

1/4/2025 162
 Discussion Question

1.What can a “bad guy” do on Networking?

What can a “bad guy” do on Networking?
▪ Bad guys can do a lot on networking
▪ Eavesdrop: intercept messages
▪ Impersonation: can fake (spoof) source address in packet (or any field in packet)
▪ Session Hijacking: “take over” ongoing connection by removing sender or receiver,
inserting itself in place.
▪ The attacker monitors an authenticated session between the client machine and
the server, and takes that session over.
▪ When a TCP connection is established between a client and a server, all
information is transmitted in clear and this can be exploited to hijack the session
▪ Denial of Service: prevent service from being used by others.
▪ It is designed to disable, shut down or disrupt a network, website or service
 Cont …
TCP Attacks

• If an attacker learns the associated TCP state for the connection, then the connection can be
hijacked!

• Attacker can insert malicious data into the TCP stream, and the recipient will believe it came
from the original source.

• Example: Instead of downloading and running new program, you download a virus and
execute it.

165
 Cont …
TCP Attacks…

Say hello to Hana, Aman and Mr. Big Ears

Hana
Aman

Mr. Big Ears 166

 Cont …
TCP Attacks…
• Hana and Aman have an established TCP connection.

1/4/2025 167
 Cont …
• TCP Attacks…
• Mr. Big Ears lies on the path between Hana and Aman on the network
– He can intercept all of their packets

1/4/2025 168
 Cont …
TCP Attacks…
• First, Mr. Big Ears must drop all of Hana’s packets since they must not be delivered to
Aman.

Packets

The Void

1/4/2025 169
 Cont …
TCP Attacks…
• Then, Mr. Big Ears sends his malicious packet with the next ISN (sniffed from the
network)

ISN, SRC=Hana

1/4/2025 170
 Cont …
• TCP Attacks…
• Why are these types of TCP attacks so dangerous?
• Malicious user can send a virus to the trusting web client, instead of
the program they thought they were downloading.

Web server Trusting web client

1/4/2025 Malicious user 171

 Cont …
TCP Attacks
▪ How do we prevent this?
▪ IPSec
✓ Provides source authentication, so Mr. Big Ears cannot pretend to be Hana.
✓ Encrypts data before transport, so Mr. Big Ears cannot talk to Aman without knowing
what the session key is.

▪ IPSec provides
▪ Origin authentication
▪ Confidentiality
▪ Message integrity
▪ Key management
1/4/2025 172
 Cont …
Transport Layer :

• TCP RST (TCP reset) and TCP FIN (TCP finish) attacks: these attacks are aimed at
disrupting an already established TCP connection between two hosts.

• An attacker sends a modified packet, as if it is sent from one of the communicating hosts,
with the RST flag set to restart the session.

• In a similar way, if the malicious packet’s FIN flag is set, the session is terminated and the
receiver ignores further packets from the other host.

• Thus RST flag is used to reset a connection between two devices in case of errors or
unexpected conditions. FIN flag also used to gracefully terminate a TCP connection

1/4/2025 173
 Cont …
Application layer
DNS spoofing: also known as DNS Cache Poisoning) is a cyberattack where malicious actors
manipulate the Domain Name System (DNS) to redirect users to fraudulent websites
without their knowledge.
• This attack exploits vulnerabilities in the DNS system, which translates domain names .
• An attacker can change the DNS server entries in such a way that a URL is associated with
a wrong IP address.
– Ex: redirecting www. example.com to map to own (attacker’s) IP address.
(e.g., www. inu.edu.et) into IP addresses (e.g., 192.168.1.1).
• Then the user is directed to a fake website resembling the original, where login
credentials are stolen.
• The cache of a DNS name server can be poisoned with false information using some
simple techniques.

1/4/2025 174
• Prevention and Mitigation:
• DNSSEC (DNS Security Extensions):
• Uses cryptographic signatures to verify DNS data integrity and authenticity.
• Regular Cache Clearing:
• Prevents long-term storage of poisoned DNS records.
• Encryption (HTTPS/TLS):
• Ensures secure communication channels and prevents tampering.
• DNS Filtering and Monitoring:
• Detects and blocks suspicious DNS queries.
• Firewalls and IDS/IPS:
• Identifies and blocks DNS spoofing attempts.
 Cont …
Application layer: E-mail Security
▪ E-mails transit through various servers before reaching their destinations.
▪ By default, they are visible by anybody who has access to the servers.
▪ SMTP protocol itself has some security holes.
▪ E-mail security can be improved using some tools and protocols.
✓ Example: PGP, S-MIME
PGP: Pretty Good Privacy
S-MIME: Secure Multi-Purpose Internet Mail Extension

1/4/2025 176
 Security services within S/MIMEv3:
• Digest and hashing algorithms: these must support MD5 and SHA-1.

• Digital signature algorithms: Both sending and receiving agents must support DSA and
should also support RSA.

• Key encryption algorithms Sending and receiving agents must support Diffie-Hellman
and should also support RSA encryption.

1/4/2025 177
 Cont …
Application layer: Security-enhanced application protocols
▪ Solution to most application layer security problems have been found by developing
security-enhanced application protocols
▪ Examples
✓ For FTP => FTPS
✓ For HTTP => HTTPS
✓ For SMTP => SMTPS
✓ For DNS => DNSSEC

1/4/2025 178
 Common Network Security Threats
• Unauthorized Access:
• Gaining access to a network or resources without permission.
• Example: A hacker brute-forces login credentials to access a corporate network.
• Man-in-the-Middle (MITM) Attack:
• Intercepting communication between two parties to steal data or inject malicious
content.
• Example: An attacker intercepts login credentials sent over an unencrypted public
Wi-Fi network.
• Denial of Service (DoS) and Distributed Denial of Service (DDoS):
• Overwhelming a network or server with excessive requests to make it unavailable to
legitimate users.
• Example: A botnet floods an e-commerce site’s server with fake traffic, causing
downtime.
• Phishing Attacks:
• Trick users into providing sensitive information by impersonating
legitimate entities.
• Example: A phishing email with a fake VPN login page captures employee
credentials.
• Malware Propagation:
• Malicious software spreads across the network, compromising devices and
stealing data.
• Example: A worm exploits a vulnerability in unpatched devices, infecting
the entire network.
• Network Security Components and Techniques
• Firewalls:
• Act as a barrier between a trusted internal network and untrusted external networks.
• Example: A firewall blocks traffic from suspicious IP addresses or restricts access to specific
services.
• Intrusion Detection and Prevention Systems (IDPS):
• Detect and prevent unauthorized activities by monitoring network traffic.
• Example: An IDPS identifies unusual traffic spikes and blocks a potential DDoS attack.
• Virtual Private Network (VPN):
• Creates an encrypted tunnel for secure communication over public networks.
• Example: Remote employees use a VPN to securely access company resources.
• Network Segmentation:
• Dividing a network into segments to contain threats and limit access.
• Example: Critical servers are isolated in a separate VLAN, accessible only to
authorized personnel.
• Access Control:
• Restricts who can access network resources based on roles and policies.
• Example: Role-based access control (RBAC) ensures only IT staff can modify
firewall settings.
• Encryption:
• Protects data in transit by converting it into unreadable formats.
• Example: Using TLS to secure web traffic and prevent eavesdropping.
 Firewalls
▪ A Firewall is a network security device that monitors and filters
incoming and outgoing network traffic based on an
organization’s previously established security policies.
▪ It provide protection against outside cyber attackers by shielding
your computer or network from malicious or unnecessary
network traffic.
▪ It can also prevent malicious software from accessing a
computer or network via the internet.
▪ The main purpose is to allow non-threatening traffic in and to
keep dangerous traffic out.
Firewalls
 Cont.
Firewall – Design Goals
▪ All traffic from outside to inside must pass through the
firewall (physically blocking all access to the local network
except via the firewall).

▪ Only authorized traffic (defined by the local security policy)

will be allowed to pass.

▪ The firewall itself is immune to penetration (use of

trusted system with a secure operating system)
 Mitigation Techniques
• Regular Updates and Patching:
• Keep network devices, operating systems, and software updated to address
vulnerabilities.
• Example: Apply firmware updates to routers and switches promptly.
• Multi-Factor Authentication (MFA):
• Adds an extra layer of security by requiring multiple forms of verification.
• Example: Employees use a password and a mobile authenticator app to log in to the
network.
• Security Information and Event Management (SIEM):
• Centralizes log collection and analyzes security events in real time.
• Example: A SIEM alerts administrators of a brute-force attack on a network device.
• Network Monitoring Tools:
• Continuously monitor traffic to identify anomalies and potential threats.
• Example: Tools like SolarWinds or Wireshark detect unusual network patterns.
 Best Practices for Network Security
• Implement Strong Password Policies:
• Enforce complex passwords and regular updates.
• Example: Require a minimum of 12 characters with a mix of letters, numbers,
and symbols.
• Backup Critical Data:
• Regularly back up data to ensure recovery in case of a ransomware attack.
• Example: Maintain offline backups of critical databases.
• Educate Users:
• Train employees on recognizing phishing attempts and safe internet practices.
• Example: Conduct simulated phishing attacks to improve awareness.
 Cont..
• Disable Unused Services and Ports:
• Reduce the attack surface by turning off unnecessary network services.
• Example: Close ports not required for business operations, such as FTP or
Telnet.
• Implement Endpoint Security Solutions:
• Protect devices connected to the network from malware and other threats.
• Example: Use antivirus software and endpoint detection tools.
 Real-World Examples
• DDoS Attack on a Financial Institution:
• A major bank experienced a DDoS attack, disrupting online banking services for
hours.
• Mitigation: The bank employed cloud-based DDoS mitigation services to restore
functionality.
• Phishing-Induced Network Breach:
• An employee fell for a phishing email, giving attackers access to sensitive network resources.
• Mitigation: The organization deployed MFA and improved employee training.
• Ransomware Spreading via Network Shares:
• A ransomware attack propagated through shared drives, encrypting critical files.
• Mitigation: Segmented the network and restored files from offline backups.
 Data Security
• Data security ensures the protection of data from unauthorized access, corruption, or theft
throughout its lifecycle.

Common Data Security Threats

• Data Breaches: Unauthorized access to sensitive data.
• Example: Hackers infiltrating a database to steal customer credit card details.
• Ransomware Attacks: Malware encrypts data and demands a ransom for its release.
• Example: An organization’s critical files are encrypted by ransomware, disrupting operations.
• Insider Threats: Malicious or negligent actions by employees leading to data exposure.
• Example: An employee accidentally shares sensitive information with an external party.
• Phishing Attacks: Social engineering techniques used to trick individuals into providing
access to sensitive data.
• Example: A fraudulent email convinces an employee to disclose their login credentials.
• Data Loss: Accidental deletion or corruption of data without a backup.
• Example: A database crash due to a hardware failure.
• Components of Data Security
• Data Encryption: Converting data into an unreadable format for unauthorized users.
Example: Encrypting sensitive customer information in a database using AES-256.
• Data Masking: Hiding original data with modified values.
Example: Showing only the last four digits of a credit card number.
• Access Control: Restricting access to data based on user roles.
Example: Only HR personnel can access employee salary records.
• Mitigation Techniques:
• Implement robust encryption standards.
• Conduct regular data audits and backups.
• Use tokenization for sensitive data like credit card numbers.
• Data Loss Prevention (DLP) Tools: Monitor and control data transfer to prevent
leakage.
• Example: Blocking email attachments containing sensitive files from leaving the organization.
 Mobile Data Security
▪ Mobile Data Security or Mobile Data Protection (MDP) Software offers a wide range of
functions and protection policies to protect mobile platforms, particularly the data that
lives on those mobile devices.
▪ These products are important for employees that use mobile devices for company
business. and they’re crucial for deskless employees that utilize Bring Your
Own Device (BYOD) policies.
▪ This situation is especially common in remote-first workforces
▪ Mobile data security allows businesses to give employees these quality of life
improvements without compromising their security posture.

▪ Mobile data security software protects mobile devices from data loss or corruption,
unauthorized access, and malware.
192
 Cont …
▪ Mobile security focuses on protecting mobile devices (smartphones, tablets) and the sensitive
data they store from threats.

▪ Some services also protect the user from lost data through the physical device itself
become lost, stolen, or corrupted and unusable, and offer cloud backup and data
protection for this eventuality.

▪ They can also help ensure user privacy via built-in VPN capabilities and data encryption.

▪ Mobile data security software is most applicable to smartphone devices, but can also be
used for laptops, notebooks, removable media, and even IoT devices in some cases.

▪ Some products will also specialize to specific devices, such as Android or iOS-based mobile
devices.
193
 Common Mobile Security Threats
• Malware: Malicious software designed to steal data, damage devices, or perform
unauthorized actions.
• Example: A banking Trojan disguises itself as a legitimate app to steal login credentials.
• Phishing Attacks: Fraudulent attempts to trick users into providing sensitive information.
• Example: A fake SMS claiming to be from a bank prompts users to click on a malicious link.
• Unsecured Wi-Fi Networks: Public Wi-Fi can expose devices to eavesdropping and man-
in-the-middle (MITM) attacks.
• Example: An attacker intercepts unencrypted data transmitted over a public Wi-Fi network.
• App Vulnerabilities: Poorly designed apps can have security flaws that attackers exploit.
• Example: A fitness app leaks user location data due to inadequate encryption.
• Device Theft or Loss: Physical loss of devices can result in unauthorized access to sensitive
data.
• Example: A lost phone with unencrypted storage exposes corporate emails.
• Outdated Software: Using devices with unpatched operating systems can leave them
vulnerable to exploits.
• Example: Attackers exploit a known vulnerability in an outdated version of Android.
 • Basics in Mobile Security
• Malware Protection: Guarding against malicious apps or software.
• Example: Preventing the installation of spyware that monitors user activities.
• Application Sandboxing: Isolating app processes to prevent unauthorized access to
device resources.
• Example: Android apps run in their own sandbox to enhance security.
• Mobile Device Management (MDM): Allows administrators to secure, monitor, and
manage mobile devices in an enterprise.
• Example: Remote wiping of corporate data from a lost or stolen phone.
• Mitigation Techniques:
• Enforcing strong device passcodes or biometrics.
• Avoiding public Wi-Fi for sensitive transactions.
• Regularly updating mobile OS and apps
 Mitigation Techniques:
• Use Trusted Sources for App Downloads: Download apps only from official app stores
like Google Play or Apple App Store.
• Example: Avoid sideloading apps from unknown third-party websites.
• Regular Updates: Keep operating systems and applications up to date to patch vulnerabilities.
• Example: Enable automatic updates for apps and OS.
• Enable Remote Wipe Features: Protect data by remotely erasing it if a device is lost or stolen.
• Example: Use "Find My Device" for Android or "Find My iPhone" for iOS.
• Implement Secure Authentication Methods: Use multifactor authentication (MFA) to
enhance login security.
• Example: Combine passwords with fingerprint or facial recognition.
• Avoid Public Wi-Fi: Use mobile data or secure VPNs when accessing sensitive information.
• Example: Refrain from logging into online banking over public Wi-Fi.
• Monitor App Permissions: Restrict unnecessary permissions requested by apps.
• Example: Deny a weather app access to your contacts and microphone.
Cont …
Best Mobile Data Security Software include:

▪ Lookout.

▪ McAfee Mobile Security.

▪ Symantec Endpoint Protection Mobile (formerly Skycure)

▪ BETTER Mobile Threat Defense.

▪ ZIMPERIUM zIPS.

▪ Check Point Harmony Mobile (formerly Sandblast Mobile).

197
End
Chapter 6
Risk Management
Frameworks and processes

Worms and other Malwares

Security System assessment

& Evaluation
 Risk Management
Frameworks and processes
 Risk management
What is Risk?
• A risk is a probable problem; it might happen, or it might not.
• There are main two characteristics of risk.
• Uncertainty: the risk may or may not happen which means there are no 100% risks.
• Loss: If the risk occurs in reality, undesirable results or losses will occur.

What is Risk Management?

• Risk Management is a systematic process of recognizing, evaluating, and handling
threats or risks that have an effect on the finances, capital, and overall operations of an
organization.
• These risks can come from different areas, such as financial instability, legal issues,
errors in strategic planning, accidents, and natural disasters.
• The main goal of risk management is to predict possible risks and find solutions to
protect CIA triad of information while aligning with organizational objectives
 Risk management…
 It is the process of identifying, assessing, and controlling risks that may impact an
organization's operations, projects, or assets.
 It involves developing strategies and techniques to mitigate risks and minimize their
potential impact on the organization.
 It is an essential component of business planning and decision-making, and it helps
organizations to protect their assets, reduce losses, and improve their overall resilience.

Why is risk management (RM) important?

• RM is important because it helps organizations to prepare for unexpected circumstances
that can vary from small issues to major crises.
• By actively understanding, evaluating, and planning for potential risks, organizations can
protect their financial health, continued operation, and overall survival.
 Risk management Frameworks
❑ NIST Risk Management Framework (RMF): A structured process for managing
cybersecurity risk to federal information systems and organizations. It provides a 7-steps
• Prepare: Define risk management policies and establish governance.
• Example: Drafting security policies for data handling in a university.
• Categorize: Classify the system based on its criticality and sensitivity.
• Example: Categorizing an online payment system as high-risk due to sensitive financial data.
• Select: Choose appropriate security controls.
• Example: Implementing multi-factor authentication for user accounts.
• Implement: Apply the selected security measures.
• Example: Encrypting sensitive files with AES encryption.
• Assess: Evaluate the effectiveness of the controls.
• Example: Conducting penetration tests to verify security controls.
• Authorize: Approve the system for operation.
• Example: Granting operational approval after security audits.
• Monitor: Continuously oversee security controls and update as needed.
• Example: Updating firewalls to address new threats. 203
 Risk management Frameworks…

• ISO 27005/31000 Framework: An international standard for risk management

applicable across various industries.
• Provides principles, framework, and a process for information security risk management.
It focuses on a risk-based approach to information security.
Principles: Integration into decision-making.
• Structured and comprehensive approach.
• Customization for organizational needs.
• COBIT (Control Objectives for Information and Related Technologies):
• A framework focusing on IT governance and risk management.
Components: Aligning IT risks with business objectives.
Implementing controls for data protection and access management.
Example: Using COBIT to manage risks in a cloud-based CRM system.
• FAIR (Factor Analysis of Information Risk):
• A quantitative risk assessment methodology that uses a structured approach to estimate
the financial impact of potential losses.
 Risk management Process
◆ Risk management process involves the following stages:
1. Risk identification: This identifying potential risks that may impact the organization,
such as financial risks, operational risks, or reputational risks as well as IT security threats
like viruses and phishing attacks
2. Risk assessment(Analysis): assessing the likelihood and potential impact of each
identified risk, and prioritizing them based on their level of risk.
• It helps determine how serious a risk is and how to best manage or mitigate it.
• Risk Analysis involves evaluating each risk’s probability and potential consequences to
prioritize and manage them effectively.

205
 Risk management Process…
3. Risk mitigation: developing strategies and techniques to mitigate the potential impact of
identified risks, such as implementing control measures, transferring risk to an insurance
provider, or avoiding the risk altogether.
• Strategies include:
• Technical Controls: Firewalls, intrusion detection systems (IDS), encryption.
• Administrative Controls: Policies, training, and incident response plans.
• Example: An organization implements RBAC to prevent unauthorized data access.
4. Risk monitoring and review: monitoring the effectiveness of the risk management
strategies and reviewing the risk management plan on a regular basis to ensure that it remains
relevant and effective.
• Regularly review risks and the effectiveness of mitigation strategies to adapt to new threats.
Risk management…
 Four Basic strategies/techniques of risk management treatment:
1. Risk Avoidance: Avoiding the activity or situation that poses the risk, either by not engaging
in the activity or by changing the approach to eliminate the risk altogether.
2. Risk Prevention and Reduction: Taking steps to reduce the likelihood or impact of the risk.
✓ by implementing controls or safeguards, such as security measures to minimize the chances
of the risk occurring or lessen its impact.
3. Risk Transfer: Transferring the risk to another party, such as an insurance company or a
third-party vendor if not possible to avoid or reduce
4. Risk Acceptance: Accepting the risks and developing a plan to manage them if they occur.
The cost of managing the risk is greater than the potential impact of the risk or when the risk
cannot be avoided, reduced.
207
What is Malware?
• Malware (short for malicious software) refers to software intentionally designed to
disrupt, damage/harm to computer systems, server, client networks, and even allow
attackers to gain unauthorized access to your device (computer systems).
• Malware is software that gets into the system without user consent to steal the user’s
private and confidential data, including bank details and passwords.
• They also generate annoying pop-up ads and change system settings.
• Common Objectives of Malware: Stealing sensitive information.
• Gaining unauthorized access.
• Causing disruption or destruction.
• Generating financial gain (e.g., ransomware).
• It includes worms, viruses, ransomware, spyware, trojans Adware, Rootkits, and other
malicious programs.
 Why Do Cybercriminals Use Malware?
• Cybercriminals use malware, including all forms of malicious software including
viruses, for various purposes.
• Using dishonesty to induce a victim to provide personal information for identity theft
• Theft of customer credit card information or other financial information
• Taking over several computers & using them to launch DoS attacks against other networks
• Using infected computers to mine for cryptocurrencies like bitcoin.
• Some types of malware, such as ransomware, encrypt your files and demand payment to
unlock them, while spyware monitors your activities and sends the information back to the
attacker.
• Additionally, malware can spread to other devices on the same network, making it a
significant threat.
 Types of Malware
Viruses
• Is a malware that attaches itself to legitimate programs or files and executes malicious
executable code attached to another executable file when the host program runs .
• The virus spreads through file-sharing, email attachments, or infected storage media as
well as when an infected file is passed from system to system.

• Characteristics: Requires user action to propagate.

Can modify or delete files, slow systems, or corrupt data.
• Example:
• ILOVEYOU Virus (2000): Spread through email as a love letter attachment. Once
opened, it overwrote files and sent copies of itself to all contacts in the user's address
book. Thus it causing billions of dollars in damages globally by overwriting files and
corrupting systems.
Worms
• Self-replicating malware that spreads across networks without user/human intervention.
• Unlike viruses, worms do not require a host program to propagate, instead it can run by
themselves.
• Worms often exploit network vulnerabilities to infect multiple systems rapidly. It
usually slow down networks.
• Characteristics of worm: Does not attach to files.
Exploits vulnerabilities to propagate.
Consumes bandwidth and system resources.
Example:
• Morris Worm (1988): One of the first worms distributed via the internet, it exploited
vulnerabilities in UNIX systems and caused significant disruption by replicating itself
rapidly.
• Conficker (2008): A disreputable worm that infected millions of computers worldwide by
exploiting vulnerabilities in Windows operating systems. It created a botnet for further
attacks and was difficult to remove.
 Trojan horses
▪ Trojans disguise themselves as legitimate software to trick(fake) users into installing them
such as a game or simple utility.

▪ While the computer user is using the new program, the Trojan horse performs some sort of
malicious action such as opening a security hole in the system for hackers to exploit,
tampering with data, or installing keystroke monitoring software.

▪ Trojan horse varies from a virus because the Trojan binds itself to non-executable files, such
as image files, and audio files.
• Characteristics: Does not replicate on its own.
Creates backdoors for attackers.
▪ Example: Zeus Trojan: Used to steal banking credentials by capturing keystrokes and form
data from infected computers.
213
•Ransomware:
• Is a malware that encrypts files in the computer with a key that is unknown to the user on
a target's system and demands payment for decryption.
• It holds a computer system or the data it contains until the victim makes a payment.
• Ransomware encrypts
• The user has to pay a ransom (price) to the criminals to retrieve data. Once the amount is
paid the victim can resume using his/her system.
•Example:
• CryptoLocker (2013): Spread via malicious email attachments. Then they asked to
demanded Bitcoin payments for decrypting files.

• WannaCry (2017): Exploited a vulnerability in Windows (EternalBlue) to spread rapidly

across networks, encrypting files and demanding ransom payments in Bitcoin.
Spyware
• A software that secretly monitors user activity and gathers personal sensitive data or
information without consent(permission) and sends it to the hacker.
• Can track browsing history, monitor keystrokes, and steal personal information.
• Example:
• Keyloggers: Record keystrokes to capture sensitive information to steal like passwords
and credit card numbers.

Adware:
• Is a software that automatically displays or downloads unwanted advertisements (ads and
pop-ups ) on the computer to generate revenue for software distributer (attackers) when a
user is online.
• Can slow down system performance of the systems and interfere with user experience.
• Often comes bundled with other software downloads and packages.
• Example:
• Ad-injecting browser extensions that collect user browsing data.
Rootkits:
• A rootkit modifies the OS to make a backdoor. Attackers then use the backdoor to access
the computer distantly.
• It hide malicious processes and files, granting attackers persistent access to a system.
• Most rootkits take advantage of software vulnerabilities to modify system files.
• Example:
• Sony BMG Rootkit (2005): Installed on users' computers via CDs, exposing them to
additional security risks.
 Summary for Differences Between Malware Types

Type Key Characteristics Propagation Impact

• Self-replicating, no host • Network disruption, spread
Worms • Exploits networks
required malware
• User action (e.g., running a • Corrupts files, spreads
Viruses • Requires host file
file) malware
• Disguised as legitimate • Creates backdoors, steals
Trojans • User action (e.g., installation)
software data
• Encrypts files, demands
Ransomware • Phishing, malicious links • Data loss, financial loss
ransom
• Software bundling, malicious • Loss of privacy, data
Spyware • Collects data secretly
sites breaches
• Reduced performance,
Adware • Displays intrusive ads • Freeware
tracking
• Gains admin privileges and • Unauthorized access,
Rootkits • Vulnerabilities, trojans
hides presence persistent
 How To Know If Our Devices Are Infected With Malware?

• Performing poorly on the computer by execution.

• When your web browser directs you to a website you didn’t intend to visit, this is known
as a browser redirect.
• Warnings about infections are frequently accompanied by offers to buy a product to treat
them.
• Having trouble starting or shutting down your computer.
• Persistent pop-up ads.
 How To Protect From Malware?
Mitigation Strategies
• Antivirus Software: Use reputable antivirus solutions to detect and remove malware.
• Example: Regularly update antivirus definitions to protect against the latest threats.
• Firewalls: Implement firewalls to monitor incoming and outgoing traffic and block
suspicious activity.
• Regular Updates/Patching: Update your operating system and software up-to-date to fix
vulnerabilities that malware might exploit.
• Do not click on unidentified links as well as Never click on a popup’s link: Simply
click the “X” in the message’s upper corner to close it
• Don’t install too many apps on your devices. Install only the apps you believe you will
regularly use and need.
• Be cautious when using the internet and Emails requesting personal information should be
avoided
• User Education: Train users on recognizing phishing attempts and avoiding suspicious
downloads or links.
• Backup Data: Regularly back up important data to recover from ransomware attacks or
data loss due to malware infections.
• Network Segmentation: Isolate critical systems from less secure networks to limit the
spread of malware.
• Intrusion Detection Systems (IDS): Deploy IDS to monitor network traffic for signs of
unusual activity that could indicate a malware infection.
• Use of Sandboxing: Test untrusted applications in a sandbox environment before
deploying them on production systems.
 Security System
Assessment & Evaluation
 Security System assessment and evaluation
◆Security System assessment is the process of evaluating the security of a system
or application to identify vulnerabilities and weaknesses that could be exploited
by attackers.
◆Is the systematic evaluation of an organization's IT environment to identify
vulnerabilities, evaluate risks, and measure the effectiveness of security controls.
◆The assessment typically involves a combination of manual and automated
testing techniques, and may be performed by internal or external security experts.
◆Security system evaluation: is the process of determining whether a system or
application meets a set of predefined security requirements or standards.
222
 Importance
• Identifies weaknesses in the system.
• Ensures compliance with regulatory standards.
• Enhances overall security posture.
• Example: A financial institution performs a security assessment to ensure compliance
with the Payment Card Industry Data Security Standard (PCI DSS).
• The choice of assessment type depends on the goals and needs of the organization, as
well as the specific risks and threats faced by the system or application.
 Types of Security system assessment
1. Vulnerability assessment:- is the process of identifying potential vulnerabilities in a
system or application, and assessing the potential risks associated with those vulnerabilities.
 Identifies known weaknesses in systems, networks, and applications.
 The goal of a vulnerability assessment is to identify potential weaknesses that could be
exploited by attackers and to provide recommendations for mitigating those risks.
Steps:
• Discovery: Identifying all assets in the environment.
• Example: Scanning an enterprise network to find servers, routers, and applications.
• Scanning: Using automated tools to detect vulnerabilities.
• Example: Running a Nessus scan to identify unpatched software.
• Reporting: Categorizing vulnerabilities based on severity.
• Example: High-severity vulnerabilities, such as outdated OpenSSL versions, are flagged for immediate
action.
• Tools: Nessus, OpenVAS, Qualys.
224
 Security System assessment…..
2. Penetrate Testing:- this type of assessment involves attempting to exploit vulnerabilities in
the system to gain unauthorized access or to perform other malicious activities.
It focuses on:
• Vulnerability: A weakness in a system or its controls that can be exploited by a threat.
• Exploit: A technique used to take advantage of a vulnerability.
• Attack Surface: The set of all possible entry points for an attacker.
• Threat Actor: An individual or entity that may pose a threat to the system.
 The goal is to simulate a real-world attack and to identify and evaluate the effectiveness of
security measures.
 Example: A tester uses Metasploit to exploit a misconfigured web application and gain
unauthorized access. 225
 Security System assessment…
3. Security Audit or Review:-a comprehensive assessment of an organization's security
posture, policies, procedures, and controls.
 Reviews system settings and configurations for compliance with security standards.
 The goal of a security audit is to identify potential security risks and to provide
recommendations for improving the overall security posture of the organization.
• Example: Auditing firewall rules to ensure they block unauthorized traffic while allowing
necessary services.
4. Static code analysis: This type of assessment involves reviewing the source code of the
system or application to identify potential security vulnerabilities, such as buffer overflows,
SQL injection, or cross-site scripting (XSS) attacks.
 The goal is to identify coding errors and to recommend remediation actions.. 226
 Security Assessment Processes
• Planning: Define scope and objectives. Identify systems and data to be assessed.
• Example: Planning a security assessment for a healthcare system focusing on patient
data confidentiality.
• Execution: Perform scans, tests, and reviews.
• Example: Running penetration tests on the organization's public-facing APIs.
• Reporting: Summarize findings, risks, and recommendations.
• Example: Reporting an outdated Apache server version and suggesting an upgrade.
• Remediation: Address identified issues.
• Example: Applying patches and reconfiguring access controls.
 Security Evaluation Techniques
•Formal Verification: Mathematically proves the correctness of security properties.
• Used for high-assurance systems where security is critical.
• Can be complex and time-consuming.
•Testing: Evaluates the system's behavior under controlled conditions.
• Includes unit testing, integration testing, and system testing.
• Can identify defects and vulnerabilities.
•Certification and Accreditation: Independent assessment of a system's security.
• Often required for government systems and critical infrastructure.
• Involves rigorous evaluation of security controls and operational procedures.
Example
A company conducts a vulnerability scan of its network and finds several critical
vulnerabilities, including missing patches for a web server and weak passwords for
administrative accounts.
•Evaluation: The company implements security controls to address the vulnerabilities,
such as installing the missing patches and enforcing strong password policies.
•Further Assessment: The company then conducts penetration testing to validate the
effectiveness of the implemented controls.
•Monitoring: The company continues to monitor the system for new vulnerabilities and
conduct regular security assessments to ensure ongoing security.
The End!
 Quize 10%
True /False Item
1. Risk avoidance involves eliminating the risk by avoiding the activity that exposes the
organization to the risk. [1pt.]

Choice Item
1. Which of the following is NOT a type of malware? [1pt.]
A) Worm B) Virus C) Trojan Horse D) Firewall E) Ransomware F) None

Explain part
1. What are the key steps involved in the risk management process? [3pt.]
2. What are the main difference between worms, viruses, and Trojans? [3pt.]
3. Explain the difference between spyware and adware. [2pt.]