1

04/29/2024
Eng. Mohamed Jaambiir
Computer Network Security
COS-413

Lecture Three
Eng. Mohamed Jaambiir
 2
Cryptographic terminology
1. Plaintext
 plaintext is an unencrypted, readable, plain message that anyone can read.
2. Ciphertext
 Ciphertext is the result of the encryption process.
3. Encryption
 is the process of applying a mathematical function to turn plaintext to cipher text
4. Decryption
 turning ciphertext back to plaintext.
5. Keys
 The encryption process requires a cryptographic key that tells the algorithm how to transform the plaintext into ciphertext
6. Hash
 an encryption algorithm to convert your plaintext password to a hash. A hash is different from encryption in that once the
Eng. Mohamed Jaambiir 04/29/2024
data is hashed, it cannot be unhashed.
 3
1. Ciphertext-Only Attack (COA)

 Only know algorithm & ciphertext, is statistical know or can identify

plaintext.
 During ciphertext-only attacks, the attacker has access only to a
number of encrypted messages. He has no idea what the plaintext data
or the secret key may be. The goal is to recover as much plaintext
messages as possible or (preferably) to guess the secret key. After
discovering the encryption key, it will be possible to break all the other
messages which have been encrypted by this key.
Eng. Mohamed Jaambiir 04/29/2024
 4
2. Known Plaintext Attack (KPA)

 Know/suspect plaintext & ciphertext.

 During known-plaintext attacks, the attacker has an access to the
ciphertext and its corresponding plaintext. His goal is to guess the
secret key (or a number of secret keys) or to develop an algorithm
which would allow him to decrypt any further messages.

Eng. Mohamed Jaambiir 04/29/2024

 5
3. Chosen-Plaintext Attack(CPA)

 Select plaintext and obtain ciphertext.

 During the chosen-plaintext attack, a cryptanalyst can choose arbitrary
plaintext data to be encrypted and then he receives the corresponding
ciphertext. He tries to acquire the secret encryption key or alternatively
to create an algorithm which would allow him to decrypt any
ciphertext messages encrypted using this key (but without actually
knowing the secret key).

Eng. Mohamed Jaambiir 04/29/2024

 6
4. Chosen-Ciphertext Attack(CCA)

 Select ciphertext and obtain plaintext.

 During the chosen-ciphertext attack, a cryptanalyst can analyze any
chosen cipher-texts together with their corresponding plaintexts. His
goal is to acquire a secret key or to get as many information about
the attacked system as possible.
 The attacker has capability to make the victim (who obviously knows
the secret key) decrypt any ciphertext and send him back the result.

Eng. Mohamed Jaambiir 04/29/2024

 7
5. Chosen-Key Attack(CKA)

 Select plaintext or ciphertext to encrypt/decrypt.

 Chosen-key attacks are a bit different than other kinds of cryptographic
attacks. Usually, they are intended to not just break a cipher but to
break the larger system which relies on that cipher.
 The attacker should have some knowledge regarding the relationship
between various keys that can be used in the cipher. Usually, he knows
exactly what keys have been used or he himself can choose the secret
key.
Eng. Mohamed Jaambiir 04/29/2024
 8
Cryptographic Attacks:

1. Brute-Force Attack
 During the brute-force attack, the intruder tries all possible keys (or passwords), and checks which
one of them returns the correct plaintext. A brute-force attack is also called an exhaustive key search
A. Dictionary Attack
 Dictionary attacks are a kind of brute-force attacks, in which the intruder attempts to guess a password
by trying existing words or popular expressions.
B. Reverse Brute-Force Attack
 In reverse brute-force attack, the intruder tests a single (usually popular) password against multiple
victims. Usually a popular expression, like a word 'password', is tried against a huge number of users.
The attacker does not target a specified user but rather the whole system which is used by them.

Eng. Mohamed Jaambiir 04/29/2024

 9
2. Denial-of-Service Attack

 A Denial-of-Service attack (DoS attack) is an attack where an attacker attempts to disrupt the services
provided by a host, by not allowing its intended users to access the host from the Internet. If the attack
succeeds, the targeted computer will become unresponsive and nobody will be able to connect with it.
DoS Techniques
A. Reducing Performance
B. Exhausting Resources
C. Crashing
D. Targeting Layers
E. DDoS (Distributed Denial-of-Service) Attack
 A distributed denial-of-service is an attack where the targeted system is attacked by large number of other
machines, often located in different places, sometimes all around the world
Eng. Mohamed Jaambiir 04/29/2024
 10
3. Man-in-the-Middle Attack

 During the man-in-the-middle attack, the hidden intruder joins the communication and
intercepts all messages.
 First, the attacker creates two secret keys. Then, he uses the first key to start the
communication with the first side. The received answer is encrypted but the intruder can
decrypt it easily, as he knows the key. He encrypts the message again, this time with the
second key. The encrypted message is then send back to the second side. Then, after
receiving the answer from the second side, he decrypts the message, reads it, encrypts by the
first key and sends back to the first site. In this way, the whole communication moves
through the attacker. He can receive a lot of information about the whole system and even
successfully impersonate authorized persons and reach the access for hidden data.

Eng. Mohamed Jaambiir 04/29/2024

 11
4. KRACK

 Key Reinstallation Attack (KRACK) is a complex attack against the WPA2

protocol. It is a combination of a known-ciphertext attack and a man-in-the-middle
attack. The intruder performs the attack during the WPA2 handshake, that is during
the initialization of WPA2 connection. The attack is based on flaws in the standard
and its implementations.

Eng. Mohamed Jaambiir 04/29/2024

 12
5. Frequency Analysis

 Frequency analysis is one of the known ciphertext attacks. It is based on the study of
the frequency of letters or groups of letters in a ciphertext.
 In all languages, different letters are used with different frequencies. For each
language proportions of appearance of all characters are slightly different, so texts
written in a given language have some certain common properties, which allow
to distinguish them from texts written in other languages.

Eng. Mohamed Jaambiir 04/29/2024

 13
6. Replay Attack

 During replay attacks the intruder sends to the victim the same message as was
already used in the victim's communication. The message is correctly encrypted, so
its receiver may treat is as a correct request and take actions desired by the intruder.
 The attacker might either have eavesdropped a message between two sides before or
he may know the message format from his previous communication with one of
the sides. This message may contain some kind of the secret key and be used for
authentication.

Eng. Mohamed Jaambiir 04/29/2024

 14
What is Data Encryption?

 Data Encryption is a method of preserving data confidentiality by transforming it

into ciphertext, which can only be decoded using a unique decryption key produced
at the time of the encryption or prior to it.
 Encryption is a critical tool for maintaining data integrity, and its importance
cannot be overstated. Almost everything on the internet has been encrypted at some
point.

Eng. Mohamed Jaambiir 04/29/2024

 15
Types of Data Encryption:

I. Symmetric Encryption
II. Asymmetric Encryption

 Encryption is frequently used in one of two ways i.e. with a symmetric

key or with an asymmetric key.

Eng. Mohamed Jaambiir 04/29/2024

 16
I. Symmetric Encryption

 Symmetric encryption is a type of encryption key management solution where only one
key (a secret key) is used to both encrypt and decrypt.
 Symmetric encryption uses a single key to encrypt and decrypt.

Eng. Mohamed Jaambiir 04/29/2024

 17
II. Asymmetric Key Encryption:

 Some cryptography methods employ one key for data encryption and another key for
data decryption. It uses two different key to encrypt and decrypt the message.
 This type of cryptography, known as “public-key” encryption,

Eng. Mohamed Jaambiir 04/29/2024

 18
Private Key:

 In the Private key, the same key (secret key) is used for encryption and
decryption. In this key is symmetric because the only key is copied or
shared by another party to decrypt the cipher text. It is faster than
public-key cryptography.

Eng. Mohamed Jaambiir 04/29/2024

 19
Public Key:

 In a Public key, two keys are used one key is used for encryption and
another key is used for decryption. One key (public key) is used to
encrypt the plain text to convert it into cipher text and another key
(private key) is used by the receiver to decrypt the cipher text to read the
message.

Eng. Mohamed Jaambiir 04/29/2024

S.N
O
Private Key Public Key 20

1. The private key is faster than the public key. It is slower than a private key.

In public-key cryptography, two keys are used, one key

In this, the same key (secret key) and algorithm are used
2. to encrypt and decrypt the message.
is used for encryption, and the other is used for
decryption.

In public-key cryptography, one of the two keys is kept

3. In private key cryptography, the key is kept a secret.
a secret.

The private key is Symmetrical because there is only The public key is Asymmetrical because there are two
4. one key that is called a secret key. types of keys: private and public keys.

In this cryptography, the sender and receiver need to In this cryptography, the sender and receiver do not need
5. share the same key. to share the same key.
Eng. Mohamed Jaambiir 04/29/2024
 21
States of Data Encryption:

 Data, whether it’s being transferred between users or stored on a server, is valuable
and must be protected at all times.
I. Data encryption in transit: Information that is actively traveling from one point
to another, such as via the internet or over a private network, is referred to as data
in transit.
II. Encryption of data at rest: Data at rest refers to information that is not actively
moving from one device to another or from one network to another, such as
information stored on a hard drive, laptop, flash drive, or archived/stored in
another way

Eng. Mohamed Jaambiir 04/29/2024

 22
Advantages of Data Encryption:

 Encryption is a low-cost solution.

 Data encryption keeps information distinct from the security of the device on which it is stored.
Encryption provides security by allowing administrators to store and send data via insecure channels.
 Regulatory Fines Can Be Avoided With Encryption
 Remote Workers Can Benefit from Encryption
 If the password or key is lost, the user will be unable to open the encrypted file. Using simpler keys in
data encryption, on the other hand, makes the data insecure, and anybody may access it at any time.
 Encryption improves the security of our information.
 Consumer Trust Can Be Boosted by Encryption

Eng. Mohamed Jaambiir 04/29/2024

 23
Disadvantages of Data Encryption:

 If the password or key is lost, the user will be unable to open the encrypted
file.
 Data protection solutions might be difficult to utilize when the user layers
them for contemporary systems and applications.
 If a company fails to realize any of the restrictions imposed by encryption
techniques, it is possible to set arbitrary expectations and requirements that
might undermine data encryption protection.

Eng. Mohamed Jaambiir 04/29/2024

 24

The End
Eng. Mohamed Jaambiir 04/29/2024