Cryptography and Network Security: Principles and Practice Eighth Edition Chapter 1 Information and Network Security Concepts Copyright © 2020 Pearson Education, Inc

Subject:WritingPrice: Bought3

Share With

Cryptography and Network Security: Principles and Practice Eighth Edition Chapter 1 Information and Network Security Concepts Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cybersecurity (1 of 3) Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyberspace environment and organization and users’ assets. Organization and users’ assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyberspace environment. Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cybersecurity (2 of 3) Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and users’ assets against relevant security risks in the cyberspace environment. The general security objectives comprise the following: availability; integrity, which may include data authenticity and nonrepudiation; and confidentiality Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cybersecurity (3 of 3) Information Security • This term refers to preservation of confidentiality, integrity, and availability of information. In addition, other properties, such as authenticity, accountability, nonrepudiation, and reliability can also be involved Network Security • This term refers to protection of networks and their service from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side effects Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Security Objectives (1 of 2) • The cybersecurity definition introduces three key objectives that are at the heart of information and network security: – Confidentiality: This term covers two related concepts: ? Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals ? Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Security Objectives (2 of 2) • Integrity: This term covers two related concepts: – Data integrity: Assures that data and programs are changed only in a specified and authorized manner. This concept also encompasses data authenticity, which means that a digital object is indeed what it claims to be or what it is claimed to be, and nonrepudiation, which is assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information – System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system • Availability: Assures that systems work promptly and service is not denied to authorized users Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.1 Essential Information and Network Security Objectives Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Computer Security Challenges • Security is not simple • Potential attacks on the security features need to be considered • Procedures used to provide particular services are often counter-intuitive • It is necessary to decide where to use the various security mechanisms • Requires constant monitoring • Is too often an afterthought • Security mechanisms typically involve more than a particular algorithm or protocol • Security is essentially a battle of wits between a perpetrator and the designer • Little benefit from security investment is perceived until a security failure occurs • Strong security is often viewed as an impediment to efficient and user-friendly operation Copyright © 2020 Pearson Education, Inc. All Rights Reserved. O SI Security Architecture • Security attack – Any action that compromises the security of information owned by an organization • Security mechanism – A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack • Security service – A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization – Intended to counter security attacks, and they make use of one or more security mechanisms to provide the service Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Threats and Attacks Threat A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability. Attack An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.2 Key Concepts in Security (1 of 2) Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.2 Key Concepts in Security (2 of 2) Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Security Attacks • A means of classifying security attacks, used both in X.800 and RF C 4949, is in terms of passive attacks and active attacks • A passive attack attempts to learn or make use of information from the system but does not affect system resources • An active attack attempts to alter system resources or affect their operation Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Passive Attacks • Are in the nature of eavesdropping on, or monitoring of, transmissions • Goal of the opponent is to obtain information that is being transmitted • Two types of passive attacks are: – The release of message contents – Traffic analysis Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Active Attacks • Involve some modification of the data stream or the creation of a false stream • Difficult to prevent because of the wide variety of potential physical, software, and network vulnerabilities • Goal is to detect attacks and to recover from any disruption or delays caused by them • Masquerade – Takes place when one entity pretends to be a different entity – Usually includes one of the other forms of active attack • Replay – Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect • Data Modification – Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect • Denial of service – Prevents or inhibits the normal use or management of communications facilities Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.3 Security Attacks Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Authentication (1 of 2) • Concerned with assuring that a communication is authentic – In the case of a single message, assures the recipient that the message is from the source that it claims to be from – In the case of ongoing interaction, assures the two entities are authentic and that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties • Two specific authentication services are defined in X.800: – Peer entity authentication – Data origin authentication Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Authentication (2 of 2) • Peer entity authentication – Provides for the corroboration of the identity of a peer entity in an association. Two entities are considered peers if they implement the same protocol in different systems. Peer entity authentication is provided for use at the establishment of, or at times during the data transfer phase of, a connection. It attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection • Data origin authentication – Provides for the corroboration of the source of a data unit. It does not provide protection against the duplication or modification of data units. This type of service supports applications like electronic mail, where there are no ongoing interactions between the communicating entities Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Access Control • The ability to limit and control the access to host systems and applications via communications links • To achieve this, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Data Confidentiality • The protection of transmitted data from passive attacks – Broadest service protects all user data transmitted between two users over a period of time – Narrower forms of service includes the protection of a single message or even specific fields within a message • The protection of traffic flow from analysis – This requires that an attacker not be able to observe the source and destination, frequency, length, or other characteristics of the traffic on a communications facility Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Data Integrity • Can apply to a stream of messages, a single message, or selected fields within a message • Connection-oriented integrity service, one that deals with a stream of messages, assures that messages are received as sent with no duplication, insertion, modification, reordering, or replays • A connectionless integrity service, one that deals with individual messages without regard to any larger context, generally provides protection against message modification only Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Nonrepudiation • Prevents either sender or receiver from denying a transmitted message • When a message is sent, the receiver can prove that the alleged sender in fact sent the message • When a message is received, the sender can prove that the alleged receiver in fact received the message Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Availability Service • Protects a system to ensure its availability • This service addresses the security concerns raised by denial-of-service attacks • It depends on proper management and control of system resources and thus depends on access control service and other security services Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Security Mechanisms (1 of 2) • Cryptographic algorithms: We can distinguish between reversible cryptographic mechanisms and irreversible cryptographic mechanisms. A reversible cryptographic mechanism is simply an encryption algorithm that allows data to be encrypted and subsequently decrypted. Irreversible cryptographic mechanisms include hash algorithms and message authentication codes, which are used in digital signature and message authentication applications. • Data integrity: This category covers a variety of mechanisms used to assure the integrity of a data unit or stream of data units. • Digital signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery. Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Security Mechanisms (2 of 2) • Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information exchange. • Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. • Routing control: Enables selection of particular physically or logically secure routes for certain data and allows routing changes, especially when a breach of security is suspected. • Notarization: The use of a trusted third party to assure certain properties of a data exchange • Access control: A variety of mechanisms that enforce access rights to resources. Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.4 Cryptographic Algorithms Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Keyless Algorithms • Deterministic functions that have certain properties useful for cryptography • One type of keyless algorithm is the cryptographic hash function – A hash function turns a variable amount of text into a small, fixed-length value called a hash value, hash code, or digest – A cryptographic hash function is one that has additional properties that make it useful as part of another cryptographic algorithm, such as a message authentication code or a digital signature • A pseudorandom number generator produces a deterministic sequence of numbers or bits that has the appearance of being a truly random sequence Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Single-Key Algorithms (1 of 3) • Single-key cryptographic algorithms depend on the use of a secret key • Encryption algorithms that use a single key are referred to as symmetric encryption algorithms – With symmetric encryption, an encryption algorithm takes as input some data to be protected and a secret key and produces an unintelligible transformation on that data – A corresponding decryption algorithm takes the transformed data and the same secret key and recovers the original data Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Single-Key Algorithms (2 of 3) • Symmetric encryption takes the following forms: – Block cipher ? A block cipher operates on data as a sequence of blocks ? In most versions of the block cipher, known as modes of operation, the transformation depends not only on the current data block and the secret key but also on the content of preceding blocks – Stream cipher ? A stream cipher operates on data as a sequence of bits ? As with the block cipher, the transformation depends on a secret key Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Single-Key Algorithms (3 of 3) • Another form of single-key cryptographic algorithm is the message authentication code (MAC) – A MAC is a data element associated with a data block or message – The MAC is generated by a cryptographic transformation involving a secret key and, typically, a cryptographic hash function of the message – The MAC is designed so that someone in possession of the secret key can verify the integrity of the message – The recipient of the message plus the MAC can perform the same calculation on the message; if the calculated MAC matches the MAC accompanying the message, this provides assurance that the message has not been altered Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Asymmetric Algorithms • Encryption algorithms that use a single key are referred to as asymmetric encryption algorithms • Digital signature algorithm – A digital signature is a value computed with a cryptographic algorithm and associated with a data object in such a way that any recipient of the data can use the signature to verify the data’s origin and integrity • Key exchange – The process of securely distributing a symmetric key to two or more parties • User authentication – The process of authenticating that a user attempting to access an application or service is genuine and, similarly, that the application or service is genuine Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.5 Key Elements of Network Security Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Communications Security • Deals with the protection of communications through the network, including measures to protect against both passive and active attacks • Communications security is primarily implemented using network protocols – A network protocol consists of the format and procedures that governs the transmitting and receiving of data between points in a network – A protocol defines the structure of the individual data units and the control commands that manage the data transfer • With respect to network security, a security protocol may be an enhancement that is part of an existing protocol or a standalone protocol Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Device Security (1 of 2) • The other aspect of network security is the protection of network devices, such as routers and switches, and end systems connected to the network, such as client systems and servers • The primary security concerns are intruders that gain access to the system to perform unauthorized actions, insert malicious software (malware), or overwhelm system resources to diminish availability Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Device Security (2 of 2) • Three types of device security are: – Firewall ? A hardware and/or software capability that limits access between a network and device attached to the network, in accordance with a specific security policy. The firewall acts as a filter that permits or denies data traffic, both incoming and outgoing, based on a set of rules based on traffic content and/or traffic pattern – Intrusion detection ? Hardware or software products that gather and analyze information from various areas within a computer or a network for the purpose of finding, and providing real-time or near-realtime warning of, attempts to access system resources in an unauthorized manner – Intrusion prevention ? Hardware or software products designed to detect intrusive activity and attempt to stop the activity, ideally before it reaches its target Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Trust Model (1 of 2) • One of the most widely accepted and most cited definitions of trust is: “the willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party” Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Trust Model (2 of 2) • Three related concepts are relevant to a trust model: – Trustworthiness: A characteristic of an entity that reflects the degree to which that entity is deserving of trust – Propensity to trust: A tendency to be willing to trust others across a broad spectrum of situations and trust targets. This suggests that every individual has some baseline level of trust that will influence the person’s willingness to rely on the words and actions of others – Risk: A measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of 1) the adverse impacts that would arise if the circumstance or event occurs; and 2) the likelihood of occurrence Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 1.6 Trust Model Copyright © 2020 Pearson Education, Inc. All Rights Reserved. The Trust Model and Information Security • Trust is confidence that an entity will perform in a way that will not prejudice the security of the user of the system of which that entity is a part • Trust is always restricted to specific functions or ways of behavior and is meaningful only in the context of a security policy • Generally, an entity is said to trust a second entity when the first entity assumes that the second entity will behave exactly as the first entity expects • In this context, the term entity may refer to a single hardware component or software module, a piece of equipment identified by make and model, a site or location, or an organization Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Trustworthiness of an Individual (1 of 2) • Organizations need to be concerned about both internal users (employees, on-site contractors) and external users (customers, suppliers) of their information systems • With respect to internal users, an organization develops a level of trust in individuals by policies in the following two areas: • Human resource security – Sound security practice dictates that information security requirements be embedded into each stage of the employment life cycle, specifying security-related actions required during the induction of each individual, their ongoing management, and termination of their employment. Human resource security also includes assigning ownership of information (including responsibility for its protection) to capable individuals and obtaining confirmation of their understanding and acceptance Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Trustworthiness of an Individual (2 of 2) • Security awareness and training – This area refers to disseminating security information to all employees, including I T staff, I T security staff, and management, as well as I T users and other employees. A workforce that has a high level of security awareness and appropriate security training for each individual’s role is as important, if not more important, than any other security countermeasure or control Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Trustworthiness of an Organization • Most organizations rely on information system service and information provided by external organizations, as well as partnerships to accomplish missions and business functions (examples are cloud service providers and companies that form part of the supply chain for the organization) • To manage risk to the organization, it must establish trust relationships with these external organizations • N I S T S P 800-39 (Managing Information Security Risk, March 2011) indicates that such trust relationships can be: – Formally established, for example, by documenting the trust-related information in contracts, service-level agreements, statements of work, memoranda of agreement/understanding, or interconnection security agreements – Scalable and inter-organizational or intra-organizational in nature – Represented by simple (bilateral) relationships between two partners or more complex many-to-many relationships among many diverse partners Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Trustworthiness of Information Systems • S P 800-39 defines trustworthiness for information systems as “the degree to which information systems (including the information technology products from which the systems are built) can be expected to preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the systems across the full range of threats” • Two factors affecting the trustworthiness of information systems are: – Security functionality: The security features/functions employed within the system. These include cryptographic and network security technologies – Security assurance: The grounds for confidence that the security functionality is effective in its application. This area is addressed by security management techniques, such as auditing and incorporating security considerations into the system development life cycle Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Establishing Trust Relationships • Validated trust: – Trust is based on evidence obtained by the trusting organization about the trusted organization or entity. The information may include information security policy, security measures, and level of oversight • Direct historical trust: – This type of trust is based on the security-related track record exhibited by an organization in the past, particularly in interactions with the organization seeking to establish trust • Mediated trust: – Mediated trust involves the use of a third party that is mutually trusted by two parties, with the third party providing assurance or guarantee of a given level of trust between the first two parties • Mandated trust: – An organization establishes a level of trust with another organization based on a specific mandate issued by a third party in a position of authority Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Standards (1 of 2) • National Institute of Standards and Technology: – N I S T is a U.S. federal agency that deals with measurement science, standards, and technology related to U.S. government use and to the promotion of U.S. private-sector innovation. Despite its national scope, N I S T Federal Information Processing Standards (F I P S) and Special Publications (S P) have a worldwide impact • Internet Society: – I S O C is a professional membership society with worldwide organizational and individual membership. It provides leadership in addressing issues that confront the future of the Internet and is the organization home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (I E T F) and the Internet Architecture Board (I A B). These organizations develop Internet standards and related specifications, all of which are published as Requests for Comments (R F C s). Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Standards (2 of 2) • I T U-T: – The International Telecommunication Union (I T U) is an international organization within the United Nations System in which governments and the private sector coordinate global telecom networks and services. The I T U Telecommunication Standardization Sector (I T U-T) is one of the three sectors of the I T U. I T U-T’s mission is the development of technical standards covering all fields of telecommunications. I T U-T standards are referred to as Recommendations • I S O: – The International Organization for Standardization (I S O) is a worldwide federation of national standards bodies from more than 140 countries, one from each country. I S O is a nongovernmental organization that promotes the development of standardization and related activities with a view to facilitating the international exchange of goods and services and to developing cooperation in the spheres of intellectual, scientific, technological, and economic activity. I S O’s work results in international agreements that are published as International Standards Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Summary • Describe the key security requirements of confidentiality, integrity, and availability • List and briefly describe key organizations involved in cryptography standards • Provide an overview of keyless, single-key and two-key cryptographic algorithms • Provide an overview of the main areas of network security • Describe a trust model for information security • Discuss the types of security threats and attacks that must be dealt with and give examples of the types of threats and attacks that apply to different categories of computer and network assets Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Copyright This work is protected by United States copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning. Dissemination or sale of any part of this work (including on the World Wide Web) will destroy the integrity of the work and is not permitted. The work and materials from it should never be made available to students except by instructors using the accompanying text in their classes. All recipients of this work are expected to abide by these restrictions and to honor the intended pedagogical purposes and the needs of other instructors who rely on these materials. Copyright © 2020 Pearson Education, Inc. All Rights Reserved. MSDF-534 Wireless Security and Forensics • Week- 1 • • • • • • • • Defining Cell Phone Forensics and Standards Evidence Contamination and Faraday Methods Legal Process Part -1 Legal Process Part – 2 Book Title: Seeking the Truth from Mobile Evidence: Basic Fundamentals, Intermediate and Advance Overview of Current Forensic Investigations Author: John Blair Year of Publication: 2018 ISBN: 978-0-12-811056-0 Chapter 1 Defining Cell Phone Forensics and Standards Introduction: – Defining Cell Phone Forensics • • • • • • Recovering Data Validating Standards Chapter Summary Key Points References Chapter 2 Evidence Contamination and Faraday Methods Introduction: – Evidence Contamination • Wireless Connectivity – Faraday Origins • Models Specifics Capacities • Other Forms of Contaminations • Cooperative Witness • Contamination by Officers, Investigators and Crime Scene • Technicians • User Installed Applications or User Settings • The Environment – Faraday Methods • Internal Settings • Faraday Mesh • Faraday Bags • Faraday Boxes and Tents • Aluminum Foil and Arson or Paint Cans • Chapter Summary Key Points • References Cryptography and Network Security: Principles and Practice Eighth Edition Chapter 3 Classical Encryption Techniques Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Definitions (1 of 2) • Plaintext – An original message • Ciphertext – The coded message • Enciphering/encryption – The process of converting from plaintext to ciphertext • Deciphering/decryption – Restoring the plaintext from the ciphertext Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Definitions (2 of 2) • Cryptography – The area of study of the many schemes used for encryption • Cryptographic system/cipher – A scheme • Cryptanalysis – Techniques used for deciphering a message without any knowledge of the enciphering details • Cryptology – The areas of cryptography and cryptanalysis Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.1 Simplified Model of Symmetric Encryption Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Symmetric Cipher Model • There are two requirements for secure use of conventional encryption: – A strong encryption algorithm – Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.2 Model of Symmetric Cryptosystem Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cryptographic Systems • Characterized along three independent dimensions: • The type of operations used for transforming plaintext to ciphertext – Substitution – Transposition • The number of keys used – Symmetric, single-key, secret-key, conventional encryption – Asymmetric, two-key, or public-key encryption • The way in which the plaintext is processed – Block cipher – Stream cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cryptanalysis and Brute-Force Attack • Cryptanalysis – Attack relies on the nature of the algorithm plus some knowledge of the general characteristics of the plaintext – Attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used • Brute-force attack – Attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained – On average, half of all possible keys must be tried to achieve success Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Table 3.1 Types of Attacks on Encrypted Messages Type of Attack Known to Cryptanalyst Ciphertext Only • Encryption algorithm • Ciphertext Known Plaintext • Encryption algorithm • Ciphertext • One or more plaintext–ciphertext pairs formed with the secret key Chosen Plaintext • Encryption algorithm • Ciphertext • Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key Chosen Ciphertext • Encryption algorithm • Ciphertext • Ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key Chosen Text • Encryption algorithm • Ciphertext • Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key • Ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Encryption Scheme Security • Unconditionally secure – No matter how much time an opponent has, it is impossible for him or her to decrypt the ciphertext simply because the required information is not there • Computationally secure – The cost of breaking the cipher exceeds the value of the encrypted information – The time required to break the cipher exceeds the useful lifetime of the information Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Brute-Force Attack • Involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained • On average, half of all possible keys must be tried to achieve success • To supplement the brute-force approach, some degree of knowledge about the expected plaintext is needed, and some means of automatically distinguishing plaintext from garble is also needed Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Strong Encryption • The term strong encryption refers to encryption schemes that make it impractically difficult for unauthorized persons or systems to gain access to plaintext that has been encrypted • Properties that make an encryption algorithm strong are: – Appropriate choice of cryptographic algorithm – Use of sufficiently long key lengths – Appropriate choice of protocols – A well-engineered implementation – Absence of deliberately introduced hidden flaws Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Substitution Technique • Is one in which the letters of plaintext are replaced by other letters or by numbers or symbols • If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Caesar Cipher • Simplest and earliest known use of a substitution cipher • Used by Julius Caesar • Involves replacing each letter of the alphabet with the letter standing three places further down the alphabet • Alphabet is wrapped around so that the letter following Z is A plain: meet me cipher: PHHW PH after the DIWHU WKH toga party WRJD SDUWB Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Caesar Cipher Algorithm • Can define transformation as: abcdefghijklmnopqrstuvwxyz DE FGHI JK LM NOPQ RSTUVW XYZABC • Mathematically give each letter a number abcdefghij k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • Algorithm can be expressed as: c = E(3, p) = (p + 3) mod (26) • A shift may be of any amount, so that the general Caesar algorithm is: C = E(k , p ) = (p + k ) mod 26 • Where k takes on a value in the range 1 to 25; the decryption algorithm is simply: p = D(k , C ) = (C − k ) mod 26 Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.3 Brute-Force Cryptanalysis of Caesar Cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Sample of Compressed Text Figure 3.4 Sample of Compressed Text Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Monoalphabetic Cipher • Permutation – Of a finite set of elements S is an ordered sequence of all the elements of S , with each element appearing exactly once • If the “cipher” line can be any permutation of the 26 alphabetic characters, then there are 26! or greater than 4 x 1026 possible keys – This is 10 orders of magnitude greater than the key space for DES – Approach is referred to as a monoalphabetic substitution cipher because a single cipher alphabet is used per message Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.5 Relative Frequency of Letters in English Text Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Monoalphabetic Ciphers • Easy to break because they reflect the frequency data of the original alphabet • Countermeasure is to provide multiple substitutes (homophones) for a single letter • Digram – Two-letter combination – Most common is th • Trigram – Three-letter combination – Most frequent is the Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Playfair Cipher • Best-known multiple-letter encryption cipher • Treats digrams in the plaintext as single units and translates these units into ciphertext digrams • Based on the use of a 5 × 5 matrix of letters constructed using a keyword • Invented by British scientist Sir Charles Wheatstone in 1854 • Used as the standard field system by the British Army in World War I and the U.S. Army and other Allied forces during World War II Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Playfair Key Matrix • Fill in letters of keyword (minus duplicates) from left to right and from top to bottom, then fill in the remainder of the matrix with the remaining letters in alphabetic order • Using the keyword MONARCHY: M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.6 Relative Frequency of Occurrence of Letters Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Hill Cipher • Developed by the mathematician Lester Hill in 1929 • Strength is that it completely hides single-letter frequencies – The use of a larger matrix hides more frequency information – A 3 x 3 Hill cipher hides not only single-letter but also two-letter frequency information • Strong against a ciphertext-only attack but easily broken with a known plaintext attack Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Polyalphabetic Ciphers • Polyalphabetic substitution cipher – Improves on the simple monoalphabetic technique by using different monoalphabetic substitutions as one proceeds through the plaintext message • All these techniques have the following features in common: – A set of related monoalphabetic substitution rules is used – A key determines which particular rule is chosen for a given transformation Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Vigenère Cipher • Best known and one of the simplest polyalphabetic substitution ciphers • In this scheme the set of related monoalphabetic substitution rules consists of the 26 Caesar ciphers with shifts of 0 through 25 • Each cipher is denoted by a key letter which is the ciphertext letter that substitutes for the plaintext letter a Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Example of Vigenère Cipher • To encrypt a message, a key is needed that is as long as the message • Usually, the key is a repeating keyword • For example, if the keyword is deceptive, the message “we are discovered save yourself” is encrypted as: key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Vigenère Autokey System • A keyword is concatenated with the plaintext itself to provide a running key • Example: key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA • Even this scheme is vulnerable to cryptanalysis – Because the key and the plaintext share the same frequency distribution of letters, a statistical technique can be applied Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Vernam Cipher Figure 3.7 Vernam Cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. One-Time Pad • Improvement to Vernam cipher • Scheme is unbreakable proposed by an Army Signal – Produces random output Corp officer, Joseph that bears no statistical Mauborgne relationship to the plaintext • Use a random key that is as long as the message so that the key need not be repeated • Key is used to encrypt and decrypt a single message and then is discarded – Because the ciphertext contains no information whatsoever about the plaintext, there is simply no way to break the code • Each new message requires a new key of the same length as the new message Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Difficulties • The one-time pad offers complete security but, in practice, has two fundamental difficulties: – There is the practical problem of making large quantities of random keys ? Any heavily used system might require millions of random characters on a regular basis – Mammoth key distribution problem ? For every message to be sent, a key of equal length is needed by both sender and receiver • Because of these difficulties, the one-time pad is of limited utility – Useful primarily for low-bandwidth channels requiring very high security • The one-time pad is the only cryptosystem that exhibits perfect secrecy (see Appendix F) Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Rail Fence Cipher • Simplest transposition cipher • Plaintext is written down as a sequence of diagonals and then read off as a sequence of rows • To encipher the message “meet me after the toga party” with a rail fence of depth 2, we would write: mematrhtgpry etefeteoaat Encrypted message is: MEMATRHTGPRYETEFETEOAAT Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Row Transposition Cipher • Is a more complex transposition • Write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns – The order of the columns then becomes the key to the algorithm Key: Plaintext: Ciphertext: 4312 5 67 atta c kp ostpone dunt i l t w o a mx y z TTNAAPTMTSUOAODWCOIXKNLYPETZ Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Summary • Present an overview of the main concepts of symmetric cryptography • Explain the difference between cryptanalysis and bruteforce attack • Understand the operation of a monoalphabetic substitution cipher • Understand the operation of a polyalphabetic cipher • Present an overview of the Hill cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Copyright This work is protected by United States copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning. Dissemination or sale of any part of this work (including on the World Wide Web) will destroy the integrity of the work and is not permitted. The work and materials from it should never be made available to students except by instructors using the accompanying text in their classes. All recipients of this work are expected to abide by these restrictions and to honor the intended pedagogical purposes and the needs of other instructors who rely on these materials. Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cryptography and Network Security: Principles and Practice Eighth Edition Chapter 3 Classical Encryption Techniques Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Definitions (1 of 2) • Plaintext – An original message • Ciphertext – The coded message • Enciphering/encryption – The process of converting from plaintext to ciphertext • Deciphering/decryption – Restoring the plaintext from the ciphertext Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Definitions (2 of 2) • Cryptography – The area of study of the many schemes used for encryption • Cryptographic system/cipher – A scheme • Cryptanalysis – Techniques used for deciphering a message without any knowledge of the enciphering details • Cryptology – The areas of cryptography and cryptanalysis Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.1 Simplified Model of Symmetric Encryption Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Symmetric Cipher Model • There are two requirements for secure use of conventional encryption: – A strong encryption algorithm – Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.2 Model of Symmetric Cryptosystem Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cryptographic Systems • Characterized along three independent dimensions: • The type of operations used for transforming plaintext to ciphertext – Substitution – Transposition • The number of keys used – Symmetric, single-key, secret-key, conventional encryption – Asymmetric, two-key, or public-key encryption • The way in which the plaintext is processed – Block cipher – Stream cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Cryptanalysis and Brute-Force Attack • Cryptanalysis – Attack relies on the nature of the algorithm plus some knowledge of the general characteristics of the plaintext – Attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used • Brute-force attack – Attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained – On average, half of all possible keys must be tried to achieve success Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Table 3.1 Types of Attacks on Encrypted Messages Type of Attack Known to Cryptanalyst Ciphertext Only • Encryption algorithm • Ciphertext Known Plaintext • Encryption algorithm • Ciphertext • One or more plaintext–ciphertext pairs formed with the secret key Chosen Plaintext • Encryption algorithm • Ciphertext • Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key Chosen Ciphertext • Encryption algorithm • Ciphertext • Ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key Chosen Text • Encryption algorithm • Ciphertext • Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key • Ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Encryption Scheme Security • Unconditionally secure – No matter how much time an opponent has, it is impossible for him or her to decrypt the ciphertext simply because the required information is not there • Computationally secure – The cost of breaking the cipher exceeds the value of the encrypted information – The time required to break the cipher exceeds the useful lifetime of the information Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Brute-Force Attack • Involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained • On average, half of all possible keys must be tried to achieve success • To supplement the brute-force approach, some degree of knowledge about the expected plaintext is needed, and some means of automatically distinguishing plaintext from garble is also needed Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Strong Encryption • The term strong encryption refers to encryption schemes that make it impractically difficult for unauthorized persons or systems to gain access to plaintext that has been encrypted • Properties that make an encryption algorithm strong are: – Appropriate choice of cryptographic algorithm – Use of sufficiently long key lengths – Appropriate choice of protocols – A well-engineered implementation – Absence of deliberately introduced hidden flaws Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Substitution Technique • Is one in which the letters of plaintext are replaced by other letters or by numbers or symbols • If the plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Caesar Cipher • Simplest and earliest known use of a substitution cipher • Used by Julius Caesar • Involves replacing each letter of the alphabet with the letter standing three places further down the alphabet • Alphabet is wrapped around so that the letter following Z is A plain: meet me cipher: PHHW PH after the DIWHU WKH toga party WRJD SDUWB Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Caesar Cipher Algorithm • Can define transformation as: abcdefghijklmnopqrstuvwxyz DE FGHI JK LM NOPQ RSTUVW XYZABC • Mathematically give each letter a number abcdefghij k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • Algorithm can be expressed as: c = E(3, p) = (p + 3) mod (26) • A shift may be of any amount, so that the general Caesar algorithm is: C = E(k , p ) = (p + k ) mod 26 • Where k takes on a value in the range 1 to 25; the decryption algorithm is simply: p = D(k , C ) = (C − k ) mod 26 Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.3 Brute-Force Cryptanalysis of Caesar Cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Sample of Compressed Text Figure 3.4 Sample of Compressed Text Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Monoalphabetic Cipher • Permutation – Of a finite set of elements S is an ordered sequence of all the elements of S , with each element appearing exactly once • If the “cipher” line can be any permutation of the 26 alphabetic characters, then there are 26! or greater than 4 x 1026 possible keys – This is 10 orders of magnitude greater than the key space for DES – Approach is referred to as a monoalphabetic substitution cipher because a single cipher alphabet is used per message Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.5 Relative Frequency of Letters in English Text Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Monoalphabetic Ciphers • Easy to break because they reflect the frequency data of the original alphabet • Countermeasure is to provide multiple substitutes (homophones) for a single letter • Digram – Two-letter combination – Most common is th • Trigram – Three-letter combination – Most frequent is the Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Playfair Cipher • Best-known multiple-letter encryption cipher • Treats digrams in the plaintext as single units and translates these units into ciphertext digrams • Based on the use of a 5 × 5 matrix of letters constructed using a keyword • Invented by British scientist Sir Charles Wheatstone in 1854 • Used as the standard field system by the British Army in World War I and the U.S. Army and other Allied forces during World War II Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Playfair Key Matrix • Fill in letters of keyword (minus duplicates) from left to right and from top to bottom, then fill in the remainder of the matrix with the remaining letters in alphabetic order • Using the keyword MONARCHY: M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Figure 3.6 Relative Frequency of Occurrence of Letters Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Hill Cipher • Developed by the mathematician Lester Hill in 1929 • Strength is that it completely hides single-letter frequencies – The use of a larger matrix hides more frequency information – A 3 x 3 Hill cipher hides not only single-letter but also two-letter frequency information • Strong against a ciphertext-only attack but easily broken with a known plaintext attack Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Polyalphabetic Ciphers • Polyalphabetic substitution cipher – Improves on the simple monoalphabetic technique by using different monoalphabetic substitutions as one proceeds through the plaintext message • All these techniques have the following features in common: – A set of related monoalphabetic substitution rules is used – A key determines which particular rule is chosen for a given transformation Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Vigenère Cipher • Best known and one of the simplest polyalphabetic substitution ciphers • In this scheme the set of related monoalphabetic substitution rules consists of the 26 Caesar ciphers with shifts of 0 through 25 • Each cipher is denoted by a key letter which is the ciphertext letter that substitutes for the plaintext letter a Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Example of Vigenère Cipher • To encrypt a message, a key is needed that is as long as the message • Usually, the key is a repeating keyword • For example, if the keyword is deceptive, the message “we are discovered save yourself” is encrypted as: key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Vigenère Autokey System • A keyword is concatenated with the plaintext itself to provide a running key • Example: key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA • Even this scheme is vulnerable to cryptanalysis – Because the key and the plaintext share the same frequency distribution of letters, a statistical technique can be applied Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Vernam Cipher Figure 3.7 Vernam Cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. One-Time Pad • Improvement to Vernam cipher • Scheme is unbreakable proposed by an Army Signal – Produces random output Corp officer, Joseph that bears no statistical Mauborgne relationship to the plaintext • Use a random key that is as long as the message so that the key need not be repeated • Key is used to encrypt and decrypt a single message and then is discarded – Because the ciphertext contains no information whatsoever about the plaintext, there is simply no way to break the code • Each new message requires a new key of the same length as the new message Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Difficulties • The one-time pad offers complete security but, in practice, has two fundamental difficulties: – There is the practical problem of making large quantities of random keys ? Any heavily used system might require millions of random characters on a regular basis – Mammoth key distribution problem ? For every message to be sent, a key of equal length is needed by both sender and receiver • Because of these difficulties, the one-time pad is of limited utility – Useful primarily for low-bandwidth channels requiring very high security • The one-time pad is the only cryptosystem that exhibits perfect secrecy (see Appendix F) Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Rail Fence Cipher • Simplest transposition cipher • Plaintext is written down as a sequence of diagonals and then read off as a sequence of rows • To encipher the message “meet me after the toga party” with a rail fence of depth 2, we would write: mematrhtgpry etefeteoaat Encrypted message is: MEMATRHTGPRYETEFETEOAAT Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Row Transposition Cipher • Is a more complex transposition • Write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns – The order of the columns then becomes the key to the algorithm Key: Plaintext: Ciphertext: 4312 5 67 atta c kp ostpone dunt i l t w o a mx y z TTNAAPTMTSUOAODWCOIXKNLYPETZ Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Summary • Present an overview of the main concepts of symmetric cryptography • Explain the difference between cryptanalysis and bruteforce attack • Understand the operation of a monoalphabetic substitution cipher • Understand the operation of a polyalphabetic cipher • Present an overview of the Hill cipher Copyright © 2020 Pearson Education, Inc. All Rights Reserved. Copyright This work is protected by United States copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning. Dissemination or sale of any part of this work (including on the World Wide Web) will destroy the integrity of the work and is not permitted. The work and materials from it should never be made available to students except by instructors using the accompanying text in their classes. All recipients of this work are expected to abide by these restrictions and to honor the intended pedagogical purposes and the needs of other instructors who rely on these materials. Copyright © 2020 Pearson Education, Inc. All Rights Reserved