RUAHA CATHOLIC UNIVERSITY

FACULTY OF INFORMATION TECHNOLOGY AND

COMMUNICATION
DEPARTMENT OF COMPUTER SCIENCE

Computer Security
RIT 212

Dani Mfungo
Security Attacks/Hacking
Use of a computer or any digital device to
gain unauthorized access to data
• Interruption: This is an attack on availability
• Interception: This is an attack on confidentiality
• Modification: This is an attack on integrity
• Fabrication: This is an attack on authenticity
 Security attacks/Hacking

Denial of Service Read, Observe ,Monitoring or Traffic analysis

Prevent or inhibit normal use of Release of information content / Decryption
communication facility Very difficult to detect

Modification, Replay Masquerade,

Pretending to be a different entity
Disrupts service provided by server
Nonrepudiation
Security attacks/Hacking
Security Mechanism/Control
• Any process that is designed to detect,
prevent or recover from a security
attacks.
• Examples of mechanism are
encryption algorithm, digital
signatures, and authentication
protocols
Security Services
• Authentication (Who created or sent the data)
• Access control (Prevent misuse of resources)
• Confidentiality (Privacy)
• Integrity (Modification or Alteration)
• Nonrepudiation (proof that the message was sent by the
specified party)
• Availability (Denial of Service attack e.g Virus that deletes
files)
{The services are intended to counter security attacks, and they make the use of
one or more security mechanisms to provide the services.}
Network Privacy Security Model
Network Access Security model
Key Terms
• Plaintext (original message)
• Ciphertext (Coded message)
• Enciphering or Encryption (Process of
converting plaintext to ciphertext
• Deciphering or decryption (restoring
plaintext from ciphertext)
The many schemes used for encryption is
known as Cryptography
Cryptology
• Cryptosystem (System doing encryption and
decryption
• Cryptanalysis (Deciphering of a message without a
knowledge of the enciphering details - breaking the
code)
• Cryptology (area of cryptography and
cryptanalysis)
• Brute-force attack
 Why Cryptography?
• The ubiquitous nature of computer networks has given
rise to e-commerce, e-Business, e-Learning, e-health,
web-based electronic transactions in the process has
enlarged the area in which cryptography is needed.
• Transactions over the web have changed the scale and
environment in which the problems of secrecy and
authentication exist.
Cryptographic systems

• Symmetric Cipher ( Encryption and

Decryption are performed using the same
key)
• Asymmetric Cipher ( Encryption and
Decryption are performed using different
keys)
Symmetric Encryption and Cryptosystem Models
Cryptographic System Characterization

Three independent dimensions

(1) Type of operations used for transforming plaintext to ciphertext
All encryption algorithms are based on two general principles: substitution, in
which each element in the plaintext (bit, letter, group of bits or letters) is
mapped into another element, and transposition, in which elements in the
plaintext are rearranged. The fundamental requirement is that no information
be lost (all operations are reversible).

 Most systems are PRODUCT SYSTEMS ( They involve

multiple stages of substitutions and transpositions)
Cryptographic System Characterization Cont…

(2)The number of keys used.

If both sender and receiver use the same key,
the system is referred to as symmetric, single-
key, secret-key, or conventional encryption.
If the sender and receiver use different keys,
the system is referred to as asymmetric, two-
key, or public-key encryption.
Cryptographic System Characterization Cont…

(3)The way in which the plaintext is processed.

A block cipher processes the input one block of elements
at a time, producing an output block for each input block.

A stream cipher processes the input elements continuously,

producing output one element at a time, as it goes along.
Symmetric Cipher Techniques
(1) Substitution Cipher Techniques
• Caesar Cipher
• Monoalphabetic Ciphers
• Playfair Cipher
• Hill Cipher
• Polyalphabetic Ciphers
• One time pad
(2) Transposition Techniques
Ingredients of Symmetric Encryption
• Plaintext
• Encription algorithm
• Secret key
• Ciphertext
• Decryption algorithm