Unit - V

Security
Cryptography
Protection

1
Security

Information is an asset that has a value like

any other asset.
As an asset, information needs to be secured
from attacks.
To be secured, information needs to be hidden
from unauthorized access (confidentiality)
Protected from unauthorized change
(integrity)
Available to an authorized entity when it is
2
Security

User Authenticity.
Passwords.
Password Vulnerability.
Encrypted password.
One – Time Password.
Bio-metric.
Voice recognition.

3
System Threats

Worms
Viruses
Denial of Service

4
 Unit - V

Cryptograp
hy

5
Topics Discussed in the Section
 Security Goals
 Attacks
 Services
 Techniques

6
Taxonomy of attacks with relation to security goals

7
Security Attacks - Confidentiality

Snooping - Snooping, in a security context, is

unauthorized access to another person's or
company's data.

Traffic Analysis - A type of attack against

Internet encryption. Traffic Analysis can be
used to determine what type of information is
being communicated. 8
Security Attacks - Integrity

A masquerade - attack is an attack that

uses a fake identity, such as a network
identity, to gain unauthorized access to
personal computer information through
legitimate access identification.

Replaying - Replay attacks are the network

attacks in which an attacker spies the
conversation between the sender and receiver
and takes the authenticated information e.g.
sharing key and then contact to the receiver
with that key. In Replay attack the attacker9
Security Attacks - Integrity

Repudiation- Repudiation attacks make data

or information appear to be invalid or
misleading (which can be even worse). For
example, someone might access your e-mail

10
Security Attacks - Availability

DOS – A Denial-of-Service (DoS ) attack is an

attack meant to shut down a machine or
network, making it inaccessible to its intended
users

11
TRADITIONAL CIPHERS

We now look at the first goal of security,

confidentiality. Confidentiality can be
achieved using ciphers. Traditional
ciphers are called symmetric-key ciphers
(or secret-key ciphers) because the same
key is used for encryption and
decryption and the key can be used for
bidirectional communication. 12
Topics Discussed in the Section

 Key
 Substitution Ciphers
 Transposition Ciphers

13
General idea of traditional cipher

14
Note

A substitution cipher replaces one

symbol with another.

15
Symmetric-key: locking and unlocking with the same key

16
Locking and unlocking in asymmetric-key cryptosystem

17
Note

A substitution cipher replaces one

symbol with another.

18
Representation of characters in modulo 26

19
Note

In additive cipher, the plaintext,

ciphertext, and key are integers in
modulo 26.

20
Example
Use the additive cipher with key = 15 to encrypt
the message “hello”.

Solution
We apply the encryption algorithm to the
plaintext, character by character. The result is
“WTAAD”. Note that the cipher is monoalphabetic
because two instances of the same plaintext
character (ls) are encrypted as the same
character (A).

21
Example
Use the additive cipher with key = 15 to decrypt
the message “WTAAD”.

Solution
We apply the decryption algorithm to the
plaintext character by character. The result is
“hello”. Note that the operation is in modulo 26,
which means that we need to add 26 to a
negative result (for example 15 becomes 11).

22
An example key for mono-alphabetic substitution cipher

23
Example
We can use the key in Figure 29.5 to encrypt the
message

The ciphertext is

24
Note

A transposition cipher reorders

symbols.

25
 Transposition cipher

Plaintext Plaintext
e n emy a t t a c k s t o n i g h t z e n emy a t t a c k s t o n i g h t z

Write row by row Read row by row

e n e m y e n e m y
a t t a c a t t a c
k s t o n k s t o n
i g h t z i g h t z

E E M Y N E E M Y N
T A A C T T A A C T
T K O N S T K O N S
H I T Z G H I T Z G
Read column by column Write column by column

E T T H E AK I MAO T Y C N Z N T S G E T T H E AK I MAO T Y C N Z N T S G
Ciphertext Ciphertext
Transmission
26
ASYMMETRIC-KEY CIPHERS

In previous sections we discussed

symmetric-key ciphers. In this chapter,
we start the discussion of asymmetric-
key ciphers. Symmetric-key and
asymmetric-key ciphers will exist in
parallel and continue to serve the
community. We actually believe that
they are complements of each other; the
advantages of one can compensate for
the disadvantages of the other.

27
Topics Discussed in the Section
 Keys
 General Idea
 RSA Cryptosystem
 Applications

28
Note

Symmetric-key cryptography is based

on sharing secrecy;
asymmetric-key cryptography is based
on personal secrecy.

29
Note

In symmetric-key cryptography,
symbols are permuted or substituted;
in asymmetric-key cryptography,
numbers are manipulated.

30
Note

Asymmetric-key ciphers are sometimes

called public-key ciphers.

31
Figure 29.14 General idea of asymmetric-key cryptosystem

To public
Key-generation
Public-key distribution procedure
channel

Public key Private key

Encryption Decryption
Plaintext Ciphertext Insecure channel Ciphertext Plaintext

32
 Figure 29.15 Encryption, decryption, and key Generation in RSA

Key calculation
(e, n) Select p, q
To public n=p×q
Select e and d

Private (d)

(e, n)
C: Ciphertext
P C = P e mod n P = C d mod n P
Plaintext Encryption Decryption Plaintext

33
Steps in RSA algorithm

Step1: Choose 2 large prime numbers p & q

Step2: Compute n= p X q and z = (p-1) (q-1)

Step3: Choose a number relatively prime to ‘z’ and call

it ‘d’

Step4: Find ‘e’ such that (e X d) mod z = 1

Note: Choose e or d randomly any prime number less

than n

Encryption Algorithm  C = Pe mod n

34
Example 29.6
For the sake of demonstration, let Bob choose 7
and 11 as p and q and calculate n = 7 × 11 = 77.
The value of φ(n) =
(7 − 1)(11 − 1), or 60. If he chooses e to be 13,
then d is 37. Note that e × d mod 60 = 1. Now
imagine that Alice wants to send the plaintext 5
to Bob. She uses the public exponent 13 to
encrypt 5. This system is not safe because p and
q are small.

35
Example
Here is a more realistic example calculated with a
computer. We choose a 512-bit p and q, calculate
n and φ(n), We then choose e and calculate d.
Finally, we show the results of encryption and
decryption. The integer p is a 159-digit number.

The integer q is a 160-digit number.

TCP/IP Protocol Suite 36

Example Continued
The modulus n = p × q. It has 309 digits.

φ(n) = (p − 1)(q − 1) has 309 digits.

TCP/IP Protocol Suite 37

Example 29.7 Continued
Bob chooses e = 35535 (the ideal is 65537). He
then finds d.

Alice wants to send the message “THIS IS A

TEST”, which can be changed to a numeric value
using the 00−26 encoding scheme (26 is the
space character).

TCP/IP Protocol Suite 38

Example 29.7 Continued
The ciphertext calculated by Alice is C = Pe, which
is

Bob can recover the plaintext from the ciphertext

using P = Cd, which is

The recovered plaintext is “THIS IS A TEST” after

decoding.

TCP/IP Protocol Suite 39

Application of RSA algorithm

The RSA algorithm is used worldwide to

secure

Internet
Banking
Credit card transactions..

40
Advantage of RSA algorithm

RSA is an algorithm for public key

cryptography that is based on the presumed
difficulty of factoring large integers, the
factoring problem

41