Handout

Chapter 1: Computer Security and Privacy
Computer security is about provisions and policies adopted to protect information and
property from theft, corruption, or natural disaster while allowing the information
&property to remain accessible and productive to its intended users.
Network security on the other hand deals with provisions and policies adopted to
prevent and monitor unauthorized access, misuse, modification, or denial of the computer
network and network-accessible resources.
The three primary secuirity goals
Computer Security and Privacy/ Overview

Definitions:
Security: The prevention and protection of computer assets from unauthorized
access, use, alteration, degradation, destruction, and other threats.
Privacy: The right of the individual to be protected against intrusion into his
personal life or affairs, or those of his family, by direct physical means or by
publication of information.
Security/Privacy Threat: Any person, act, or object that poses a danger to
computer security/privacy.
History
The most secure computers are those not connected to the Internet and shielded from any interference”
Until 1960s computer security was limited to physical protection of computers
In the 60s and 70s
 Evolutions
Computers became interactive(communicating with the user)
Multiuser/Multiprogramming was invented
More and more data started to be stored in computer databases
Organizations and individuals started to worry about
What the other persons using computers are doing to their data
What is happening to their private data stored in large databases
In the 80s and 90s
 Evolutions
Personal computers were popularized
LANs and Internet invaded the world
Applications such as E-commerce, E-government and
E-health started to develop
Viruses become majors threats
 Organizations and individuals started to worry about
Who has access to their computers and data
Whether they can trust a mail, a website, etc.
Whether their privacy is protected in the connected world
Famous security problems
 Morris worm – Internet Worm
November 2, 1988 a worm attacked more than 60,000 computers
around the USA.
The worm attacks computers, and when it has installed itself, it
multiplies itself, freezing the computer
It exploited UNIX security holes in Send mail and Finger.
A nationwide effort enabled to solve the problem within 12 hours
 Robert Morris became the first person to be indicted under the Computer
Fraud and Abuse Act. He was sentenced to three years of probation, 400
hours of community service and a fine of $10,050. He is currently an
associate professor at the Massachusetts Institute of Technology (MIT)
 NASA shutdown: In 1990, an Australian computer science student was charged
for shutting down NASA’s computer system for 24 hours
 Airline computers: In 1998, a major travel agency discovered that someone
penetrated its ticketing system and has printed airline tickets illegally
 Bank theft: In 1984, a bank manager was able to steal $25 million through un-
audited computer transactions
In Ethiopia
 Employees of a company managed to change their salaries by fraudulently
modifying the company’s database
 In 1990s Internet password theft
 Hundreds of dial-up passwords were stolen and sold to other users
 Many of the owners lost tens of thousands of Birr each
 A major company suspended the use of a remote login software by technicians
who were looking at the computer of the General Manager
In Africa: Cote d’Ivoire
 An employee who has been fired by his company deleted all the data in his
company’s computer.
Early Efforts
o 1960s: Marked as the beginning of true computer security
o 1970s: Tiger teams: Government and industry sponsored crackers who
attempted to break down defenses of computer systems in order to
uncover vulnerabilities so that patches can be developed
o 1970s: Research and modeling
 Identifying security requirements
 Formulating security policy models
 Defining recommended guidelines and controls
 Development of secure systems
Legal Issues
In the US, legislation was enacted with regards to computer security and privacy
starting from late 1960s.
European Council adopted a convention on Cyber-crime in 2001.
The World Summit for Information Society considered computer security and
privacy as a subject of discussion in 2003 and 2005.
The Ethiopian Penal Code of 2005 has articles on data and computer related
crimes.
Computer Security & Privacy Attacks
◊ Interruption: An attack on availability
◊ Interception: An attack on confidentiality
◊ Modification: An attack on integrity
◊ Fabrication: An attack on authenticity
Categories of Attacks/Threats (W. Stallings)
Computer Security and Privacy/Vulnerabilities
Physical vulnerabilities (Ex. Buildings)
Natural vulnerabilities (Ex. Earthquake)
Hardware and Software vulnerabilities (Ex. Failures)
Media vulnerabilities (Ex. Disks can be stolen)
Communication vulnerabilities (Ex. Wires can be tapped)
Human vulnerabilities (Ex. Insiders)
Computer Security and Privacy Countermeasures
Computer security controls:
 Authentication (Password, Cards, Biometrics)
(What we know, have, are!)
 Encryption
 Auditing Administrative procedures
 Certifications Physical Security
 Standards Laws
The Human Factor:
The human factor is an important component of computer security
Some organizations view technical solutions as “their solutions” for computer
security. However:
◊ Technology is fallible (imperfect): Ex. UNIX holes that opened the door for
Morris worm
◊ The technology may not be appropriate: Ex. It is difficult to define all the
security requirements and find a solution that satisfies those requirements
◊ Technical solutions are usually (very) expensive: Ex. Antivirus purchased by
ETC to protect its Internet services
◊ Given all these, someone, a human, has to implement the solution
Competence of the security staff: Ex. Crackers may know more than the security
team
Understanding and support of management: Ex. Management does not want to spend
money on security
Staff’s discipline to follow procedures: Ex. Staff members choose simple passwords
Staff members may not be trustworthy: Ex. Bank theft
Physical Security
“The most robustly secured computer that is left sitting unattended in an unlocked room is not at all secure!!” [Chuck Easttom]
Physical security is the use of physical controls to protect premises, site, facility,
building or other physical asset of an organization [Lawrence Fennelly]
Physical security protects your physical computer facility (your building, your
computer room, your computer, your disks and other media) [Chuck Easttom].
In the early days of computing physical security was simple because computers were
big, standalone, expensive machines
It is almost impossible to move them (not portable)
They were very few and it is affordable to spend on physical security for them
Management was willing to spend money
Everybody understands and accepts that there is restriction
Today
 Computers are more and more portable (PC, laptop, PDA,
Smartphone)
 There are too many of them to have good physical security for each of
them
 They are not “too expensive” to justify spending more money on
physical security until a major crisis occurs
 Users don’t accept restrictions easily
 Accessories (ex. Network components) are not considered as
important for security until there is a problem
 Access to a single computer may endanger many more computers
connected through a network
Physical security is much more difficult to achieve today than some decades ago!
Threats and vulnerabilities

Natural Disasters
o Fire and smoke: Fire can occur anywhere
Solution – Minimize risk
Good policies: NO SMOKING, etc..
Fire extinguisher, good procedure and training
Fireproof cases (and other techniques) for backup tapes
Fireproof doors
o Climate: Heat, Direct sun, Humidity
o Hurricane, storm, cyclone
o Earthquakes
o Water: Flooding can occur even when a water tab is not properly closed
o Electric supply: Voltage fluctuation
Solution: Voltage regulator
o Lightning
Solution: Avoid having servers in areas often hit by Natural Disasters!
People
o Intruders:
 Thieves
 People who have been given access unintentionally by the insiders
 Employees, contractors, etc. who have access to the facilities
o External thieves: Portable computing devices can be stolen outside the
organization’s premises
Loss of a computing device: Mainly laptop
Safe area: often is a locked place where only authorized personnel can have
access. Organizations usually have safe area for keeping computers and related
devices.
Safe area … Challenges
Is the area inaccessible through other openings (window, roof-ceilings, ventilation
hole, etc.)?
o Design of the building with security in mind
o Know the architecture of your building
During opening hours, is it always possible to detect when unauthorized person
tries to get to the safe area?
o Surveillance/guards, video-surveillance, automatic-doors with security
code locks, alarms, etc.
o Put signs so that everybody sees the safe area
Safe area…Locks
Are the locks reliable?
o The effectiveness of locks depends on the design, manufacture,
installation and maintenance of the keys!
o Among the attacks on locks are:
Illicit keys
 Duplicate keys: Avoid access to the key by unauthorized persons
even for a few seconds, Change locks/keys frequently, Key
management procedure
 Lost keys: Notify responsible person when a key is lost, There
should be no label on keys
o Circumventing of the internal barriers of the lock: Directly operating the
bolt completely bypassing the locking mechanism which remains locked
o Forceful attacks: Punching, Drilling, Hammering, etc.
Safe area… Surveillance
Surveillance with guards: The most common in Ethiopia. Not always the most
reliable since it adds a lot of human factor. Not always practical for users
(employees don’t like to be questioned by guards wherever they go)
Surveillance with video:
o Uses Closed Circuit Television (CCTV)
o Started in the 1960s
o Become more and more popular with the worldwide increase of theft and
terrorism
o Advantages:
 A single person can monitor more than one location
 The intruder doesn’t see the security personnel
 It is cheaper after the initial investment
 It can be recorded and be used for investigation
 Since it can be recorded the security personnel is more careful
 Today’s digital video-surveillance can use advanced techniques
such as face recognition to detect terrorists, wanted people, etc.
Drawback: Privacy concerns
Internal Human factor – Personnel
Choose employees carefully: Personal integrity should be as important a factor in
the hiring process as technical skills
Create an atmosphere in which the levels of employee loyalty, morale, and job
satisfaction are high
Remind employees, on a regular basis, of their continuous responsibilities to
protect the organization’s information
Establish procedures for proper destruction and disposal of obsolete programs,
reports, and data
Act defensively when an employee must be discharged, either for cause or as part
of a cost reduction program
o Such an employee should not be allowed access to the system and should
be carefully watched until he or she leaves the premises
o Any passwords used by the former employee should be immediately
disabled
Computer Security Attacks and Threats: …(Refer your assignment)
A computer security threat is any person, act, or object that poses a danger to
computer security. Computer world is full of threats! … refer to the your first
assignment…
And so is the real world! Thieves, pick-pockets, burglars, murderers, drunk
drivers, …
What is the right attitude? To do what you do in real life:
What do you do in real life?
o You learn about the threats
 What are the threats
 How can these threats affect you
 What is the risk for you to be attacked by these threats
 How you can protect yourself from these risks
 How much does the protection cost
 What you can do to limit the damage in case you are attacked
 How you can recover in case you are attacked
Then, you protect yourself in order to limit the risk but to continue to live
your life.
You need to do exactly the same thing with computers!
Threats on computer security goals

Modification: An attacker can modify the transmitted information without
needing to know the actual content It can delay or change the content to fail the
objective of a transaction.
Masquerading: An attacker can modify the communication data to pretend
(spoof) as a legal sender or receiver to obtain the information to which it does not
have access.
Replying: An attacker copies a message sent by a different user & replays later.
Passive vs active attacks
Attacks Passive/active attacks Goal threatened
Snooping Traffic analysis Passive Confidentiality

Modification, masquerading, active Integrity
replying repudiation
DOS active Availability
Denial of Service (DoS) Attack
According to the WWW Security FAQ [4]: a DoS attack can be described as an
attack designed to render a computer or network incapable of providing normal
services.
A DoS attack is considered to take place only when access to a computer or
network resource is intentionally blocked or degraded as a result of malicious
action taken by another user. These attacks don’t necessarily damage data directly
or permanently, but they intentionally compromise the availability of the
resources. (DoS) attacks are undoubtedly a very serious problem in the Internet,
whose impact has been well demonstrated in the computer network literature. The
main aim of a DoS is the disruption of services by attempting to limit access to a
machine or service instead of subverting the service itself. This kind of attack
aims at rendering a network incapable of providing normal service by targeting
either the networks bandwidth or its connectivity.
These attacks achieve their goal by sending at a victim a stream of packets that
swamps his network or processing capacity denying access to his regular clients.
In the not so distant past, there have been some large-scale attacks targeting high
profile Internet sites.
Distributed DoS Attack: is the most common & accomplished by tricking routers
into attacking a target or using Zombie hosts to simultaneously attack a given
target with large number of packets.
Fig. Simple illustration of DoS attack (from Easttom)

Password cracking attack
An attacker makes guesses about the user's passwords, username until they guess
correctly or they give up. Nowadays, attacking the passwords is one of the most
straightforward attack vectors, which authorize access to information system.
There are numerous feasible methods, attempt to guess or crack passwords, with a
deferent methods, approaches and tools.
There are two basic types of password cracking methods that can be automatize
with tools:
Dictionary - A le of words is run against user accounts, and if the password is a
simple word, it can be found pretty quickly.
Brute force - The most time-consuming, but comprehensive way to crack a
password. Every combination of character is tried until the password is broken.
Rainbow tables use a refined algorithm by using a number of deferent reduction
functions to create multiple parallel chains within a single "rainbow" table, reducing the
probability of false positives from accidental chain collisions, and thus increasing the
probability of a correct password crack
Preventing a Brute Force or Dictionary Attack: How to Keep the Brutes Away from Your
Loot??
To understand and then combat a brute force attack, also known as a dictionary attack, we must
start by understanding why it might be an appealing tool for a hacker!
Corporate intranet sites can contain confidential data such as project plans and customer
lists. E-commerce sites often store users’ email addresses and credit card numbers.
Bypassing or evading authentication in order to steal this data is clearly high on a
hacker’s priority list, and today’s hackers have a large library of authentication evasion
techniques at their disposal.
Session hijacking attacks such as Cross-site Scripting can steal a user’s authentication
token and transmit it to a malicious third party, who can then use it to impersonate the
legitimate user.
SQL injection attacks can also be very effective at bypassing authentication. By sending
a specially-formatted username and password combination containing SQL code to the
login form, an attacker can often trick the server into granting him unauthorized access
How to defense Password cracking attack?

There are several factors that work to the hacker’s advantage
► Don’t Be Lazy – Choose a Password Carefully!
Generally, people do not remember complicated passwords very well. If users are
allowed to create their own passwords, they will often create very simple ones like
“password”, “1234”, their spouse’s name, or their favorite sports team
N.B once the brute force attack has revealed a valid username and password combination
for one Web site, the hacker knows that the same combination is likely to work for other
Web sites.
 In a study conducted by the University of Wichita, more than half of the test subjects
reported using the exact same password for multiple sites
► Sidestepping a Dictionary Attack with Username Selection
Of course, a password is only half of the required login credential. A username is also
required. While it is less likely that a dictionary word would be used as a username, there
are still some common usernames that hackers are certain to try with a brute force attack.
First among these are “admin” and “administrator”. These names are especially
dangerous since they are not only easily guessed, but the accounts they represent are
usually highly privileged
If the hacker’s dictionary attack could gain access to an administrative account, he could
probably do much more damage to the system than he could if he gained access to a
regular user’s account.
Many Web applications and Web application frameworks create default users during
installation. If the site administrator does not remove these default users or at least
change their passwords, these accounts will be easy targets for a dictionary attack.
► Countering a Brute Force Attack with a Strong Password Policy

While there is no strict definition of a strong password that will be harder to determine
via a dictionary attack, some good guidelines would be:
◊ Minimum length of at least seven characters
◊ Must include both upper and lower case characters
◊ Must include numeric characters
◊ Must include punctuation
Almost 70 trillion combinations of characters, Attacker tool can request~1000/minute, then it
needs 11,000 years
► Automatically disable an account after a certain number of failed login attempts.
For example, if the server detects that the user “bobsmith” has provided an incorrect
password three times since his last login, the server might decide that the “bobsmith”
account is the subject of a brute force attack and will disable it.
► Incremental Delay: A Better Defense

A better strategy for blocking any brute force attack is to incrementally delay the page
response after failed login attempts. After the first failed login attempt, for example, the
response would be delayed by one second. After the second failed attempt, the response
would be delayed by two seconds, and so on. A one-, two-, or even six-second delay is
probably not going to bother a human user too seriously. Certainly he will find it less
irritating than having to wait 30 minutes for his account to reactivate because he
accidentally left his caps lock key on.
► Carefully Word the Error Messages

Finally, it is important to create appropriate error messages in response to failed login
attempts. Many Web sites inadvertently aid hackers by providing overly helpful error
messages. Consider the difference between the messages “User ID not found” and
“Incorrect password.”
IP spoofing:
also known as IP address forgery or a host file hijack, is a hijacking technique in which
a cracker masquerades as a trusted host to hide his identity
How it works? The hijacker obtains the IP address of a legitimate host and
alters packet headers so that the legitimate host appears to be the source. When IP
spoofing is used to hijack a browser, a visitor who types in the URL (Uniform Resource
Locator) of a legitimate site is taken to a fake Web page created by the hijacker.
For example, if the hijacker spoofed the Library of Congress Web site, then any Internet
user who typed in the URL www.loc.gov would see spoofed content created by the
hijacker.
If a user interacts with dynamic content on a spoofed page, the hijacker can gain access to
sensitive information or computer or network resources. He could steal or alter sensitive
data, such as a credit card number or password, or install malware .
The hijacker would also be able to take control of a compromised computer to use it as
part of a zombie army in order to send out spam.
Defensing IP spoofing:
1. Use authentication based on key exchange between the machines on your network; something
like IPsec will significantly cut down on the risk of spoofing.
2. Use an access control list to deny private IP addresses on your downstream interface.
3. Implement filtering of both inbound and outbound traffic.
4. Configure your routers and switches if they support such configuration, to reject packets
originating from outside your local network that claim to originate from within.
5. Enable encryption sessions on your router so that trusted hosts that are outside your network
can securely communicate with your local hosts.
Malware Attack: A generic term for software that has malicious purpose.
o Examples: Viruses, Trojan horses, Spy-wares

 New ones: Spam/scam, identity theft, e-payment frauds, etc.
o Viruses: “A small program that replicates and hides itself inside other
programs usually without your knowledge.” Similar to biological virus:
Replicates and Spreads.
o Worms: An independent program that reproduces by copying itself from
one computer to another
o Trojan horses (Ancient Greek tale of the city of Troy and the wooden
horse): Secretly downloading a virus or some other type of mal-ware on to
your computers.
o Spy-wares: “A software that literally spies on what you do on your
computer.”
Example: Simple Cookies and Key Loggers
Most software based attacks are commonly called Viruses: How do viruses work?
Infection mechanisms:
 First, the virus should search for and detect objects to infect
 Installation into the infectable object:
o Writing on the boot sector, Add some code to executable programs, Add
some code to initialization/auto-executable programs.
Effects: It can be anything
o A message, deleting files, Formatting disk, Overloading
processor/memory, Etc
Who Writes Virus?
Adolescents
o Ethically normal and of average/above average intelligence.
o Tended to understand the difference between what is right and wrong
o Typically do not accept any responsibility for problems caused
The Adult (smallest category)
o Ethically abnormal
Anti-Viruses
Functions of anti-viruses
o Identification of known viruses
o Detection of suspected viruses
o Blocking of possible viruses
o Disinfection of infected objects
o Deletion and overwriting of infected objects
Hackers/Intrusion Attack:
Hacking: is any attempt to intrude or gain unauthorized access to your system
either via some operating system flaw or other means. The purpose may or may
not be for malicious purposes.
Cracking: is hacking conducted for malicious purposes.
Chapter: 2
Cryptography; Encryption Techniques
Terminologies
 Cryptography: Schemes for encryption and decryption
 Encryption: The process by which plaintext is converted into ciphertext.
 Decryption: Recovering plaintext from the ciphertext
 Secret key: Used to set some or all of the various parameters used by the
encryption algorithm. In a classical (symmetric key) cryptography, the same
secret key is used for encryption and decryption
 Cryptanalysis: The study of “breaking the code”.
Cryptology: Cryptography and cryptanalysis together constitute the area of
cryptology.
◊ Cryptography has five ingredients:
• Plaintext, Encryption algorithm, Secret Key, Ciphertext, Decryption
algorithm
Security depends on the secrecy of the key, not the secrecy of the algorithm
Simplified Encryption Model:
Description:
A sender S wanting to transmit message M to a receiver R
To protect the message M, the sender first encrypts it into an unintelligible (no
clearly understand)message M’
After receipt of M’, R decrypts the message to obtain M
M is called the plaintext: What we want to encrypt
M’ is called the ciphertext: The encrypted output
◊ Notation: Given P=Plaintext
C=CipherText
C = EK (P) Encryption
P = DK ( C) Decryption
Cryptographic system are characterized along three independent dimension:
1. The type of operation used for transforming plaintext to cipher text: all
encryption algorism are based on two general principles: SUBSTITUATION each
element in the plain text is mapped in to another element. TRANSPOSITION-each
element in the plain text is rearranged.
2. The number of keys used: sender and receiver use the same key and different key
3. The way in which the plain text is processed:
A. Block cipher process the input one block of elements at a time producing an
output block for each input block.
B. Stream cipher process the input element continuously producing output one
element at a time as it goes along.
Caesar Cipher: SUBSTITUATION principle

Caesar Cipher: The earliest known example of a substitution cipher in which each
character of a message is replaced by a character some position down in the alphabet.
Look the example here:
Plaintext: are you ready
Ciphertext: duh brx uhdgb
If we represent each letter of the alphabet by an integer that corresponds to its
position in the alphabet:
 The formula for replacing each character ‘p’ of the plaintext with a character
‘c’ of the ciphertext can be expressed as: c = E3(p ) = (p + 3) mod 26
A more general version of this cipher that allows for any degree of shift:
c = Ek(p ) = (p + k) mod 26
The formula for decryption would be
p = Dk(c ) = (c - k) mod 26
In these formulas
‘k’ is the secret key. The symbols ’E’ and ’D’ stand for Encryption and Decryption
respectively, and p and c are characters in the plain and cipher text respectively.
Properties of encryption function
It is computationally infeasible to find the key K when given the plaintext P and
associated ciphertext C= EK (p)
It should also be computationally infeasible to find another key k’ such as E K(p) = EK’(p).
Uniqueness.
Types of attacks
The attacker has only the ciphertext and his goal is to find the corresponding
plaintext
The attacker has a ciphertext and the corresponding plaintext and his goal is to find
the key
A good cryptosystem protects against all types of attacks
Attackers use both Mathematics and Statistics
Intruders
Eavesdropping (listening/spy the message)
An intruder may try to read the message
If it is well encrypted the intruder will not know the content
However, just the fact the intruder knows that there is communication may be a
threat (Traffic analysis)
Modification
Modifying a plaintext is easy, but modifying encrypted messages is more
difficult
Insertion of messages
Inserting new message into a ciphertext is difficult
Intruders
There are two fundamentally different cryptographic systems

Symmetric cryptosystem/Private key
Asymmetric cryptosystem/Public key
Symmetric Cryptosystem (Private/secret key cryptosystem)
The same key is used to encrypt and decrypt a message, single key and conventional
encryption. P = DK [EK (P) ]
Have been used for centuries in a variety of forms
The key has to be kept secret
The key has to be communicated using a secure channel
They are still in use in combination with public key cryptosystems due to some of their
advantages
Asymmetric Cryptosystem (Public-key Cryptosystem)
keys for encryption and decryption are different but form a unique pair
 P = DKD [EKE (P) ] two key.
 Only one of the keys need to be private while the other can be public
Uses Mathematical functions whose inverse is not known by Mathematicians of the
day
It is a revolutionary concept since it avoids the need of using a secure channel to
communicate the key. It has made cryptography available for the general public and
made many of today’s on-line application feasible.
Which one of the encryption or decryption key is made public depends on the use
of the key
If Hana wants to send a confidential message to Ahmed
She encrypts the message using Ahmed’s public key
Send the message
Ahmed will then decode it using his own private key
On the other hand, if Ahmed needs to make sure that a message sent by Hana really
comes from her, how can he make that?
Using digital signature
 Hana has to first encrypt a digital signature using her private key
 Then encrypt the message (signature included) with Ahmed’s public key
 Sends the encrypted message to Ahmed
 Ahmed decrypts the message using his private key
 Ahmed then decrypts the signature using Hana’s public key
If successful, he insures that it comes from Hana
Public-key Cryptosystem: Example RSA
RSA is from R. Rivesh, A. Shamir and L. Aldermen
Principle: No mathematical method is yet known to efficiently find the prime factors
of large numbers. The private and public keys are constructed from very large prime
numbers (consisting of hundreds of decimal digits). One of the keys can be made
public.
Breaking RSA is equivalent to finding the prime factors: this is known to be
computationally infeasible
It is only the person who has produced the keys from the prime number who can
easily decrypt the messages
Average time required for exhaustive key search
Public key cryptosystem (Summary)
 A pair of keys (private, public)
 If you have the private key, you can easily decrypt what is encrypted by the public
key
 Otherwise, it is computationally infeasible to decrypt what has been encrypted by
the public key
Hash functions
One application of cryptography in distributed systems is the use of hash
functions
A hash function H takes a message m of arbitrary length and produces a bit string
h, h= H (m). When the hash value h is sent with the message m, it enables to
determine whether m has been modified or not. It is similar to cyclic-redundancy
check (CRC) and Check sum
Properties of hash functions
One-way function: It is computationally infeasible to find m that corresponds to a
known output of h
Collision resistance
Weak-collision resistance: It is computationally infeasible, given m and
H, to find m’ ≠ m such that H(m) = H(m’)
Strong-collision resistance: Given H, it is computationally infeasible to
find any two different input values m and m’, such that H(m) = H(m’)
RSA- Example of Asymmetric/Public-Key Cryptosystem
The RSA algorithm
 Used for both public key encryption and digital signatures.
 Security is based on the difficulty of factoring large integers.
Major Activities
◊ Key Generation (Algorithm)
◊ Encryption
◊ Digital signing
◊ Decryption
◊ Signature verification
RSA- Key Generating Algorithm
1. Generate two large random primes, p and q
2. Compute n = pq and (φ) phi = (p-1)(q-1)
3. Choose an integer e, 1 < e < φ, such that gcd(e, phi) = 1
4. Compute the secret exponent d, 1 < d < φ, i.e. φ divides (ed-1)
5. The public key is (n, e) and the private key is (n, d).
o Keep all the values d, p, q and φ secret
o n is known as the modulus
o e is known as the public exponent or encryption exponent
o d is known as the secret exponent or decryption exponent.
RSA- Encryption
Sender A does the following
o Obtains the recipient B's public key (n, e)
o Represents the plaintext message as a positive integer m
o Computes the ciphertext c = me mod n
o Sends the ciphertext c to B
RSA- Decryption
Recipient B does the following
o Uses his private key (n, d) to compute m = cd mod n
o Extracts the plaintext from the message representative m
RSA- Digital signing
Sender A does the following
o Creates a message digest of the information to be sent
o Represents this digest as an integer m between 0 and n-1
o Uses her private key (n, d) to compute the signature s = md mod n.
o Sends this signature s to the recipient, B.
RSA- Signature verification
Recipient B does the following
o Uses sender A's public key (n, e) to compute integer v = se mod n
o Extracts the message digest from this integer
o Independently computes the message digest of the information that has been
signed
o If both message digests are identical, the signature is valid
RSA- Key Generation Simple Example
1. Select primes p=11, q=3.
2. n = pq = 11*3 = 33
phi = (p-1)(q-1) = 10*2 = 20
3. Choose e=3
Check gcd(e, p-1) = gcd(3, 10) = 1 (i.e. 3 and 10 are relatively prime - have no
common factors except 1) and check gcd(e, q-1) = gcd(3, 2) = 1,
therefore gcd(e, phi) = gcd(e, (p-1)(q-1)) = gcd(3, 20) = 1
4. Compute d (1<d<phi) i.e. find a value for d such that phi divides ed-1 (20 divides
3d-1.)
Simple testing (d = 2, 3 ...) gives d = 7
Check: ed-1 = 3*7 - 1 = 20, which is divisible by phi (20).
5. Public key = (n, e) = (33, 3)
Private key = (n, d) = (33, 7).
Given
Public key = (n, e) = (33, 3)
Private key = (n, d) = (33, 7)
Now say we want to encrypt the message m = 7
c = me mod n = 73 mod 33 = 343 mod 33 = 13 Hence the ciphertext c = 13
To check decryption we compute
M = cd mod n = 137 mod 33 = 7
RSA……… More Meaningful Example
Message: ATTACKxATxSEVEN
Grouping the characters into blocks of three and computing a message
representative integer for each block:
ATT ACK XAT XSE VEN
 In the same way that a decimal number can be represented as the sum of
powers of ten, e.g. 135 = 1 x 102 + 3 x 101 + 5, we could represent our blocks
of three characters in base 26 using A=0, B=1, C=2, ..., Z=25
ATT = 0 x 262 + 19 x 261 + 19 = 513
ACK = 0 x 262 + 2 x 261 + 10 = 62
XAT = 23 x 262 + 0 x 261 + 19 = 15567
XSE = 23 x 262 + 18 x 261 + 4 = 16020
VEN = 21 x 262 + 4 x 261 + 13 = 14313
Key Generation
1. We "generate" primes p=137 and q=131 (we cheat by looking for suitable primes
around √n)
2. n = pq = 137*131 = 17,947
phi = (p-1)(q-1) = 136*130 = 17680
3. Select e = 3
check gcd(e, p-1) = gcd(3, 136) = 1, OK and
check gcd(e, q-1) = gcd(3, 130) = 1, OK.
4. Compute d = e-1 mod phi = 3-1 mod 17680 = 11787.
d = e-1 mod phi , i.e. phi divides (ed-1)
5. Hence
public key, (n, e) = (17947, 3) and
private key (n, d) = (17947, 11787).
Given
Public key = (n, e) = (17947, 3)
Private key = (n, d) = (17947, 11787)
Encryption/Decryption
To encrypt the first integer that represents "ATT“ (513), we have
c = me mod n = 5133 mod 17947 = 8363
We can verify that our private key is valid by decrypting
m = cd mod n = 836311787 mod 17947 = 513
Overall, our plaintext is represented by the set of integers m

 (513, 62, 15567, 16020, 14313)
 We compute corresponding cipher text integers c = me mod n
 (8363, 5017, 11884, 9546, 13366)
Digital Signature
Digital Signature for Message Integrity and Confidentiality

Confidentiality insures that messages cannot be intercepted and read by
eavesdroppers
Message integrity insures that messages are protected against modification
Principles of Digital Signature
◊ User A signs digitally a message m using “backward” cryptographic hash of
the message m with the private key of A and attach it to the message m.
◊ Anybody can then decrypt A’s digital signature using A’s public key and
compare it with the cryptographic hash of the message m to verify that m
was signed by A and m was not altered.
Digital Signature for Assurance
Consider the situation where Bob has just sold Alice something for 500 Birr
through a deal that is made by E-mail
Alice sends an E-mail accepting to pay 500 Birr
Two issues need to be taken care of in addition to authentication
Alice needs to be assured that Bob will not modify the amount and show that
Alice promised to pay more than 500 Birr
Bob needs to be assured that Alice will not deny that she sends the message
If Alice signs the message digitally, the two issues will be solved
◊ There are several ways to place digital signatures
◊ One popular way is to use public-key cryptosystem such as RSA
Digital Signature Using Public Key Cryptosystem
Notation: KX- : Private key of X
KX+ : Public key of X
When Alice sends her message m to Bob, she encrypts it with her private key K A-
(m)
If she wants to keep the message content a secret, she can use Bob’s public key
and send KB+(m, KA-(m))
Alice is protected against modification by Bob since if Bob produces m’, he has
to find KA-(m’)
Digital Signature Using Message Digest
Hash/Message Digest: Short “signature” of the message, 128–512 bits, That
depend on entire message. It is extremely improbable that unequal messages have
same hash
H = H (m) is sent along m, where H is a cryptographic hash function
KA-(H(m)) (or KB+(m, KA-(H(m)))) is sent so that Bob knows that it comes from
Alice by decrypting it
Bob hashes the message m and compares it with H that he has received from
Alice
Key Distribution: Verifying Someone’s Public Key

Even with public-key cryptosystems and digital signatures, we still have the
problem of authentication: binding users to keys.
Early days articles envisioned phonebook-like database with Name and Public
Key entries.
Problem: How secure is that database itself?
Attacker can put in his own key for someone else, and start signing fake contracts
(and even checks!).
Maybe we can secure the phonebook, but then it kills the idea of keys widely and
easily available (publicly).
Key Distribution: Problems
Distribution of a key is a difficult matter!
For a symmetric cryptosystem, the initial key must be communicated along a secured
channel
For public key, we need a body that certifies the public key is that of the party we
need to communicate with
Solution: Certification/Certificate Authority (CA) that signs (certifies) the public key
Certification:
The critical thing is that the name in the certificate must match the alleged name.
Common solution to public key distribution today is to have trusted third party to
sign the user’s public encryption key. A certificate is a public key and some
naming “stuff”, digitally signed by someone you trust (third party) - Certification
Authority (CA).
Remark: Just because they are CAs doesn’t mean you should trust them.
Resulting certificate will contain information like user’s name/ID, user’s public
key, name of CA, start date of certificate, and length of time it is valid.
User publishes certificate with the X.509 standard (for formatting certificates).
Certification - Associated Overheads
An important issue is the longevity of certificates
Lifelong certificates are not feasible. Therefore, we need a way to revoke
certificates
Certificate Revocation List (CRL) published regularly
Problems
◊ Vulnerability between the publishing and the request for revocation
◊ Restricting the lifetime of a certificate
◊ A client contacts the certification authority for each public key, checks
whether it is valid or not
Notes:
Asymmetric key distribution
Symmetric key distribution
Applications:
Electronic Payment
Payment systems - based on direct payment

a) Paying in cash.
b) Using a check.
c) Using a credit card.
Payment systems based on money transfer between banks.

a) Payment by money order.
b) Payment through debit order
Security in Electronic Payment
General requirements
In cash based systems (using ATM), the main issue is authentication
◊ Use of magnetic card
◊ PIN
Digital money
◊ Protection against fraud
◊ It should not be possible to use the money more than once
◊ It should not be possible to use forged money
◊ Credit card or check based system
◊ No tampering/alteration
Protection against repudiation (the buyer denies having made the order)
Electronic Cash (E-Cash)
There are a number of electronic payment systems based on the concept of digital
coins
E-cash is one of the most famous
◊ Achieves anonymity in the payment system
◊ When Alice wants to buy some goods from Bob she contacts her bank and
requests for withdrawal
◊ The Bank hands out the digital money in the form of signed notes
representing some value with each having a uniquely associated signature
To prevent the notes to be copied each note has a serial number
Bob can check that it is not a forged money by looking at the bank’s signature
Bob can check that the money has not already been spent by contacting the bank
The drawback of this system is that the bank has to remember the serial numbers
that have been spent or not
Secure Electronic Transaction (SET)
SET is the result of efforts by VISA, Mastercard, etc. to develop a standard way
of purchasing goods over a network using a credit card
SET is an open standard: entire protocol is published
Dual signature is used in order to avoid
◊ The merchant from knowing the detail of the payment information
◊ The Bank from knowing about the order information
The concept of session keys after authentication
During the establishment of a secure channel, after the authentication phase, the
communicating parties use session/temporary keys
Benefits
◊ The session key is safely discarded when the channel is no longer used
◊ When a key is used very often it becomes vulnerable. Thus by using the
main key less often, we make them vulnerable
◊ Replay attacks can be avoided
Authentication keys are often expensive to replace
Such a combination of long-lasting and cheaper/more temporary session keys is a
good choice
Summary
Advantage of private/secret key cryptography is that it provides better secrecy but
needs prearranged key exchange
Advantage of public-key cryptography is that it allows for secrecy between two
parties who have not arranged in advance to have a shared key (or trusted some third
party to give it to them) and the disadvantage is overhead and speed
Therefore, in practice, hybrid systems use public-key to establish session key for
private key !!

Handout

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Handout

Caricato da

Copyright:

Formati disponibili

Chapter 1: Computer Security and Privacy

The three primary secuirity goals

Computer Security and Privacy/ Overview

Threats and vulnerabilities

Solution: Avoid having servers in areas often hit by Natural Disasters!

Threats on computer security goals

Snooping Traffic analysis Passive Confidentiality

Fig. Simple illustration of DoS attack (from Easttom)

How to defense Password cracking attack?

► Countering a Brute Force Attack with a Strong Password Policy

► Incremental Delay: A Better Defense

► Carefully Word the Error Messages

o Examples: Viruses, Trojan horses, Spy-wares

Caesar Cipher: SUBSTITUATION principle

There are two fundamentally different cryptographic systems

Overall, our plaintext is represented by the set of integers m

Digital Signature for Message Integrity and Confidentiality

Digital Signature Using Message Digest

Key Distribution: Verifying Someone’s Public Key

Symmetric key distribution

Payment systems - based on direct payment

Payment systems based on money transfer between banks.

Potrebbero piacerti anche