Cryptography and

Network Security

1
UNIT 1

2
 Aspects of Security

 consider 3 aspects of information security:

 security attack

 security mechanism (control)

 security service

 note terms
 threat – a potential for violation of security

 vulnerability – a way by which loss can happen

 attack – an assault on system security, a deliberate

attempt to evade security services

3
Key Security Concepts

4
 Confidentiality

 Confidentiality is probably the most

comm on aspect of information security.
 We need to protect our confidential
information.
 An organization needs to guard against
those
• malicious actions that endanger the
confidentiality of its information.

5
 Integrity


Information needs to be changed constantly.


Integrity means that changes need to be done
only by authorized entities and through
authorized mechanisms.

6
 Availability

 The information created and stored by an

organization needs to be available to
authorized entities.
 Information needs to be constantly changed,
• which means it must be accessible to
authorized entities.

7
Taxonomy of attacks with relation to
security goals

8
 Attacks on confidentiality(Passive)

• Snooping refers to interception of data.

9
 Attacks on confidentiality(Passive)

Traffic analysis refers to obtaining some other

type of information by monitoring online.

10
 Attacks on Integrity(Active)

• Modification means that the attacker intercepts

the message and changes it.
• Repudiation means that sender of the message
might later deny that he has sent the message;
the receiver of the message might later deny
that he has received the message.
• Masquerading or spoofing happens
attacker impersonates somebody else.
• Replaying means the attacker obtains a copy
of a message sent by a user and later tries to replay
it.
11
 Attacks on availability(Active)

• Denial of service (DoS) is a very common attack. It

may slow down or totally interrupt the service of a
system.
• Attackers make resources (server, bandwidth)
unavailable to legitimate traffic by overwhelming
resource with bogus traffic

12
 Handling Attacks

 Passive attacks – focus on Prevention

• Easy to stop
• Hard to detect
 Active attacks – focus on Detection and
Recovery
• Hard to stop
• Easy to detect

12/03/2023 13
Model for Network Security

14
 Symmetric Encryption

• or conventional / private-key / single-key

• sender and recipient share a common key
• all classical encryption algorithms are private-key
• was only type prior to invention of public-key in 1970’s
• and by far most widely used
 Some Basic Terminology
• plaintext - original message
• ciphertext - coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext to plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - study of principles/ methods
of deciphering ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis
Symmetric Cipher Model
 Requirements

• Two requirements for secure use of symmetric encryption:

– a strong encryption algorithm
– a secret key known only to sender / receiver
• mathematically have:
Y = EK(X)
X = DK(Y)
• Assume encryption algorithm is known
• Implies a secure channel to distribute key
 Cryptography

• Characterize cryptographic system by:

– Type of encryption operations used
• substitution / transposition / product
– Number of keys used
• single-key or private / two-key or public
– Way in which plaintext is processed
• block / stream
 Asymmetric-Key
Cryptography

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
 Objectives
 To distinguish between two cryptosystems:
symmetric-key and asymmetric-key
 To introduce trapdoor one-way functions and their
use in asymmetric-key cryptosystems
 To discuss the RSA cryptosystem
To discuss the ElGamal cryptosystem
 To discuss the elliptic curve cryptosystem
 INTRODUCTION TO PUBLIC-KEY
CRYPTOGRAPHY
Symmetric and asymmetric-key cryptography will exist
in parallel and continue to serve the community. We
actually believe that they are complements of each
other; the advantages of one can compensate for the
disadvantages of the other.

Note
Symmetric-key cryptography is based on sharing secrecy;
asymmetric-key cryptography is based on personal secrecy.

10.24
public-key/two-key/asymmetric cryptography
involves the use of two keys:

 a public-key, which may be known by

anybody, and can be used to encrypt
messages, and verify signatures

 a related private-key, known only to the

recipient, used to decrypt messages, and
sign (create) signatures
Public-Key Cryptography
Symmetric vs Public-Key
 Keys

Asymmetric key cryptography uses two separate keys: one

private and one public.

Locking and unlocking in asymmetric-key cryptosystem

General Idea

Figure General idea of asymmetric-key cryptosystem

Plaintext/Ciphertext
Unlike in symmetric-key cryptography, plaintext and
ciphertext are treated as integers in asymmetric-key
cryptography.

Encryption/Decryption

C = e(Kpublic , P) P = d(Kprivate , C)
 Message Integrity

and

Message Authentication

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

11.32
Message Authentication


message authentication is concerned with:

protecting the integrity of a message

validating identity of originator

non-repudiation of origin (dispute resolution)


will consider the security requirements

then three alternative functions used:

message encryption

message authentication code (MAC)

hash function
Message Encryption


message encryption by itself also provides a measure of

authentication


if symmetric encryption is used then:

receiver know sender must have created it


since only sender and receiver now key used


know content cannot of been altered


if message has suitable structure, redundancy or a checksum to detect

any changes
Digital Signatures


have looked at message authentication

but does not address issues of lack of trust


digital signatures provide the ability to:

verify author, date & time of signature


authenticate message contents


be verified by third parties to resolve disputes


hence include authentication function with additional capabilities
Digital Signature Properties


must depend on the message signed


must use information unique to sender

to prevent both forgery and denial


must be relatively easy to produce


must be relatively easy to recognize & verify


be computationally infeasible to forge

with new message for existing digital signature


with fraudulent digital signature for given message


be practical save digital signature in storage
Message Encryption


if public-key encryption is used:

encryption provides no confidence of sender


since anyone potentially knows public-key


however if

sender signs message using their private-key


then encrypts with recipients public key


have both secrecy and authentication


again need to recognize corrupted messages


but at cost of two public-key uses on message
Message Authentication Code (MAC)


generated by an algorithm that creates a small fixed-sized block

depending on both message and some key

like encryption though need not be reversible


appended to message as a signature

receiver performs same computation on message and checks it matches

the MAC

provides assurance that message is unaltered and comes from sender
Message Authentication Codes


as shown the MAC provides confidentiality

can also use encryption for secrecy

generally use separate keys for each

can compute MAC either before or after encryption

is generally regarded as better done before


why use a MAC?

sometimes only authentication is needed

sometimes need authentication to persist longer than the encryption (eg. archival

use)


note that a MAC is not a digital signature
MAC Properties


a MAC is a cryptographic checksum

MAC = CK(M)


condenses a variable-length message M


using a secret key K


to a fixed-sized authenticator


is a many-to-one function

potentially many messages have same MAC


but finding these needs to be very difficult
Requirements for MACs


taking into account the types of attacks


need the MAC to satisfy the following:

1. knowing a message and MAC, is infeasible to find another message

with same MAC

2. MACs should be uniformly distributed

3. MAC should depend equally on all bits of the message

 Hash Functions


condenses arbitrary message to fixed size


usually assume that the hash function is public and not keyed

cf. MAC which is keyed


hash used to detect changes to message


can use in various ways with message


most often to create a digital signature
Hash Function Properties


a Hash Function produces a fingerprint of some

file/message/data

h = H(M)


condenses a variable-length message M


to a fixed-sized fingerprint


assumed to be public
Requirements for Hash Functions

1. can be applied to any sized message M

2. produces fixed-length output h

3. is easy to compute h=H(M) for any message M

4. given h is infeasible to find x s.t. H(x)=h

•
one-way property

5. given x is infeasible to find y s.t. H(y)=H(x)

•
weak collision resistance

6. is infeasible to find any x,y s.t. H(y)=H(x)

•
strong collision resistance
SSL (Secure Socket Layer)
• transport layer security service
• originally developed by Netscape
• version 3 designed with public input
• subsequently became Internet standard known as TLS (Transport
Layer Security)
• uses TCP to provide a reliable end-to-end service
• SSL has two layers of protocols
SSL Architecture
SSL Architecture
• SSL session
• an association between client & server
• created by the Handshake Protocol
• define a set of cryptographic parameters
• may be shared by multiple SSL connections
• SSL connection
• a transient, peer-to-peer, communications link
• associated with 1 SSL session
SSL Record Protocol
• confidentiality
• using symmetric encryption with a shared secret key defined by Handshake
Protocol
• IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128
• message is compressed before encryption
• message integrity
• using a MAC with shared secret key
• similar to HMAC but with different padding
SSL Change Cipher Spec Protocol
• one of 3 SSL specific protocols which use the SSL Record protocol
• a single message
• causes pending state to become current
• hence updating the cipher suite in use
SSL Alert Protocol
• conveys SSL-related alerts to peer entity
• severity
• warning or fatal
• specific alert
• unexpected message, bad record mac, decompression failure, handshake failure, illegal
parameter
• close notify, no certificate, bad certificate, unsupported certificate, certificate revoked,
certificate expired, certificate unknown
• compressed & encrypted like all SSL data
SSL Handshake Protocol
• allows server & client to:
• authenticate each other
• to negotiate encryption & MAC algorithms
• to negotiate cryptographic keys to be used
• comprises a series of messages in phases
• Establish Security Capabilities
• Server Authentication and Key Exchange
• Client Authentication and Key Exchange
• Finish
SSL Handshake Protocol
Secure Electronic Transactions (SET)
• open encryption & security specification
• to protect Internet credit card transactions
• developed in 1996 by Mastercard, Visa etc
• not a payment system
• rather a set of security protocols & formats
• secure communications amongst parties
• trust from use of X.509v3 certificates
• privacy by restricted info to those who need it
Firewalls
Introduction
• seen evolution of information systems
• now everyone want to be on the Internet
• and to interconnect networks
• has persistent security concerns
• can’t easily secure every system in org
• need "harm minimisation"
• a Firewall usually part of this
What is a Firewall?
• a choke point of control and monitoring
• interconnects networks with differing trust
• imposes restrictions on network services
• only authorized traffic is allowed
• auditing and controlling access
• can implement alarms for abnormal behavior
• is itself immune to penetration
• provides perimeter defence
Firewall Limitations
• cannot protect from attacks bypassing it
• eg sneaker net, utility modems, trusted organisations,
trusted services (eg SSL/SSH)
• cannot protect against internal threats
• eg disgruntled employee
• cannot protect against transfer of all virus infected
programs or files
• because of huge range of O/S & file types
Firewalls – Packet Filters
Firewalls – Packet Filters
• simplest of components
• foundation of any firewall system
• examine each IP packet (no context) and permit or
deny according to rules
• hence restrict access to services (ports)
• possible default policies
• that not expressly permitted is prohibited
• that not expressly prohibited is permitted
Firewalls – Packet Filters
Attacks on Packet Filters
• IP address spoofing
• fake source address to be trusted
• add filters on router to block
• source routing attacks
• attacker sets a route other than default
• block source routed packets
• tiny fragment attacks
• split header info over several tiny packets
• either discard or reassemble before check
Firewalls – Stateful Packet Filters

• examine each IP packet in context

• keeps tracks of client-server sessions
• checks each packet validly belongs to one
• better able to detect bogus packets out of context
Firewalls - Application Level Gateway
(or Proxy)
Firewalls - Application Level Gateway
(or Proxy)
• use an application specific gateway / proxy
• has full access to protocol
• user requests service from proxy
• proxy validates request as legal
• then actions request and returns result to user
• need separate proxies for each service
• some services naturally support proxying
• others are more problematic
• custom services generally not supported
Firewalls - Circuit Level Gateway
Firewalls - Circuit Level Gateway
• relays two TCP connections
• imposes security by limiting which such connections
are allowed
• once created usually relays traffic without examining
contents
• typically used when trust internal users by allowing
general outbound connections
• SOCKS commonly used for this
Firewall Configurations
Firewall Configurations
Firewall Configurations
ACCESS CONTROL
Access Control
• given system has identified a user
• determine what resources they can access
• general model is that of access matrix with
• subject - active entity (user, process)
• object - passive entity (file or resource)
• access right – way object can be accessed
• can decompose by
• columns as access control lists
• rows as capability tickets
Access Control Matrix
TRUSTED SYSTEMS
Trusted Computer Systems
• information security is increasingly important
• have varying degrees of sensitivity of information
• cf military info classifications: confidential, secret etc
• subjects (people or programs) have varying rights of
access to objects (information)
• want to consider ways of increasing confidence in
systems to enforce these rights
• known as multilevel security
• subjects have maximum & current security level
• objects have a fixed security level classification
Reference Monitor
Evaluated Computer Systems
• governments can evaluate IT systems
• against a range of standards:
• TCSEC, IPSEC and now Common Criteria
• define a number of “levels” of evaluation with
increasingly stringent checking
• have published lists of evaluated products
• though aimed at government/defense use
• can be useful in industry also
 References

• Contents are taken from:

1. William Stallings, “Cryptography and Network
Security: Principals and Practice”, 7th
ed.Pearson Prentice Hall, 2018.
2. Behrouz A. Forouzan , Debdeep Mukhopadhyay,
“Cryptography and Network Security”,5th ed.
Tata McGraw Hill Education Private Limited,
2017.

95