Security and Cryptography Part 1

1
Security and CryptographyPart 1
2
Objectives and outline

• Introduction to Network security
• What is security and why have security?
• Security Threats
• Security Attacks
• Methods of defence
• Introduction to Cryptography
• Some Encryption Algorithms
• Firewalls

3
What is network and computer system security ?

• Protection of data against loss or misuse within
  a network or computer system.
• No particular boundary between these two forms of
  security
• E.g Computer virus. Can be loaded from a disk.
  Also may arrive over the Internet.

4
Why have security ?

• Data is a very valuable resource Data such as -
• Bank account details
• Military secrets
• Medical records
• Financial records in big business
• Police criminal records

5
Security Threats

• Can be internal or external to the organisation.
  Examples of threats
• Criminals
• Hackers
• Industrial Spies
• Disgruntled Employees
• Terrorists

6
Network Security Services

• Different types of service
• Confidentiality
• Authentication
• Non-repudiation
• Guarantees that the sender/receiver of a message
  can not later deny having sent/received it.
• Integrity
• Access Control-ability to limit access
• Availability-attacks may result in loss of data

7
Where to use security?

• Having designed a network security, it is
  necessary to decide where to use them
• Physical placement
• At what point in the network?
• Logical placement
• Which layer(s) of TCP/IP stack?

8
Requirements

• Security mechanisms involve algorithms
  (protocols).
• Participants are usually required to possess some
  secret information. (e.g. encryption key).

9
Attacks, Services and Mechanisms

• Are the three aspects that define the
  requirements for security
• Security Attack
• Any action that compromises the security of
  information owned by a corporation.
• Security Mechanism
• A mechanism designed to detect, prevent or
  recover from security attack.
• Security Service
• A service that enhances the security of data
  processing system as well as information transfer
  of a corporation.

10
Types of Attacks

• Passive attacks
• Eavesdropping on, or monitoring of,
  transmissions.
• The two subtypes are in the form of
• Release of message contents (email, file
  transfer,..)
• Traffic analysis
• Even with encrypted data the attacker observes
  the pattern of the message and guesses the nature
  of communication.

11
Types of Attacks

• Active attacks
• Involve modification of data stream or creation
  of false stream.
• Can be subdivides into four categories
• Masquerade-one entity pretends to be a different
  entity.
• Replay-passively capturing data and
  retransmission.
• Modification of message- e.g Allow 1 exam
  question in networks altered to No exam
  question in networks
• Denial of service- prevent normal use of services

12
Types of Attacks
13
Example of PassiveAttack

• Passive wire tap

14
Example of Active Attack

• Active Wire Tap

15
Summary of Security Attacks(copy right W.
Stalling)
16
Security Attacks(Copy rights W. Stalling)

• Interruption This is an attack on availability
• Interception This is an attack on
  confidentiality
• Modification This is an attack on integrity
• Fabrication This is an attack on authenticity

17
Data privacy

• Same as confidentiality, protects data against
  unwarranted access and passive attacks

18
Data Authentication/Integrity

• Assures the receiver that the message is from
  the source that the sender claims to be from.
• Proves the message has not been altered

19
Non-repudiation

• Proves that a message has been sent and this
  cannot be denied by the sender or receiver

20
Methods of Defence (Copy rights W. Stalling)

• Cryptography Encryption Decryption
• Software Controls (access limitations in a data
  base, in operating system protect each user from
  other users)
• Hardware Controls (smartcard)
• Policies (frequent changes of passwords)
• Physical Controls

21
What is Cryptography?

• Cryptography is the study of how to hide
  information by camouflaging the information
• Cryptanalysis is the study of how to unhide
  information that has been hidden by camouflaging
  it
• Cryptology combines the 2 and is the study of how
  to hide information by camouflage and unhide
  information that has been so hidden.
• We will only be looking at hiding by camouflaging
  it.

22
Basic terminology

• The information to be hidden is called plaintext
• The process of camouflaging it is called
  encryption
• The camouflaged information is called ciphertext
• The process of removing the camouflage to obtain
  the original plaintext is called decryption

23
Encryption and Decryption

• Encryption process is a function that maps a
  plaintext onto a ciphertext
• Decryption is a function that maps the ciphertext
  onto a plaintext

24
Encryption and Decryption

• Most encryption functions use a parameter value
  (aka key) in the computation that determines
  exactly how the encryption occurs
• ciphertext encryption (key1, plaintext)
• is assignment not equals
• Reconstituted plaintext decryption(key2,cipherte
  xt)

25
Encryption and Decryption

• The encryption and decryption algorithms are
  related so that the decryption of an encrypted
  plaintext produces the original plaintext i.e.
• reconstituted plaintext
• decryption(key2, encryption(key1, plaintext))
• original plaintext is equals
• Decryption inverts or reverses the encryption
  process

26
Encryption and Decryption

• The encryption/decryption pair of algorithms
  effectively behaves like a lock.
• It is a well designed and well understood
  security component that has been designed by
  experts to be difficult to break or pick
• A given type/design of lock can be produced so
  that there are a large number of different
  possible keys that might work with that design of
  lock,
• although only one of those keys should open or
  close any particular lock

27
Symmetric asymmetric key encryption

• when key1 key2 this is called symmetric keys
  (symmetry because both keys the same)
• when key1 ! key2 this is called asymmetric keys
  (not the same)
• with symmetric keys the sender of information and
  the receiver of information both have the same key

28
Symmetric asymmetric key encryption

• Like conventional security situation - you have a
  strong box and when people want to leave an item
  for you securely they can leave the item in the
  strongbox.
• You have a key to the lock on the strong box and
  the other person has a key to the lock on the
  strongbox.
• Problem is that the key has to be kept safe - if
  anybody else gets a copy of the key then they can
  open the strongbox and obtain the contents!
• Same with messages, if both parties need the same
  key to encrypt and decrypt the message then the
  key needs to be kept secret (hence the term
  private key)

29
Symmetric asymmetric key encryption

• With asymmetric keys the sender of the
  information and the recipient have different keys
• the sender has a key with which they can ONLY
  encrypt a message for the recipient
• the receiver has a key that can ONLY decrypt a
  message encrypted with the key made available to
  the sender to encrypt the message

30
Encryption methods

• To hide the information encoded in the string of
  symbols we may change one symbol for another in
  the string
• This is called substitution
• and change/mix up the order of symbols in the
  string
• This is called permutation
• Most commercial encryption algorithms work by
  using a combination of substitutions and
  permutations on the string of symbols

31
Substitution Techniques

• 1. Mono-alphabetic - which means you have one
  mapping that substitutes the same symbol for
  another symbol all the time
• 2. Poly-alphabetic - which means you have a
  number of different mappings that are used.
• Choice of mapping depends upon key and position
  of symbol in the stream of symbols
• The purpose of substitution is to cause confusion.

32
Permutations

• Permutations map blocks of symbols onto blocks of
  symbols by re-ordering position of symbols in the
  block
• The purpose of permutations is to make the
  symbols of the ciphertext dependent upon all the
  symbols in a block of the plaintext - diffusion
• The permutation of blocks can be repeated (called
  rounds) with the output of a block or other
  blocks being fed into process for carrying out
  permutation next time

33
Stream block ciphers

• Two traditional types of cipher
• Stream cipher operates on one symbol at a time,
  as a result it cannot carry out permutations and
  is thus restricted to substitutions only - the
  substitution employed is dependent upon the
  position of a symbol in the string of symbols
• Block cipher operates on a fixed size block of
  symbols all at one time, it thus can use
  permutations to mix up the order of symbols