Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Introduction to Information
Security
2
Confidentiality, Integrity, and
Availability
6
Examples of security
requirements: Integrity
• A hospital patient’s allergy information (high integrity data): a
doctor should be able to trust that the info is correct and current
– If a nurse deliberately falsifies the data, the database should
be restored to a trusted basis and the falsified information
traced back to the person who did it
• An online newsgroup registration data: moderate level of
integrity
• An example of low integrity requirement: anonymous online
poll (inaccuracy is well understood)
7
Examples of security
requirements: Availability
• A system that provides authentication: high availability
requirement
– If customers cannot access resources, the loss of services
could result in financial loss
• A public website for a university: a moderate availably
requirement; not critical but causes embarrassment
• An online telephone directory lookup: a low availability
requirement because unavailability is mostly annoyance (there
are alternative sources)
8
Other aspects of
Information security
4. Authenticity
– Authenticity is to guarantee that a user (or information,
process) is genuinely the correct user (or information,
process), and is not someone else who pretends to be them.
5. Accountability
– to ensure that a result of activity (or process) can be
uniquely traced back to its origin, so that no malicious or
unexpected entities are in the course of its path.
– This is important to prevent man-in-the-middle attacks
9
Other aspects of information security
6. Reliability
– Reliability in information security means the extent
(quality) how well an outcome or a result of activity or
process matches expected result or plan.
7. Non-repudiation
– Non-repudiation is to prove that a given transaction has
been performed before, and cannot be denied later by
anyone.
– This is important for e-commerce system and e-contract
as well as for legal reasons.
10
Unauthorized Accesses
1. Vulnerabilities
• Vulnerability, also called a “security hole”, is a weakness in
your system (both electronic and organizational) that makes a
threat possible.
• This may be poorly designed software, inappropriate
procedures in your office, human mistakes, or anything that
provides a way for attacker to break the security.
• Weak input validation is an example of an application layer
vulnerability, which can result in input attacks.
11
Unauthorized accesses
2. Threats
• A threat is any possibility that cause bad effect on your
information security.
• A threat itself does not mean any actual attack, but means its
possibility.
• If you recognize any threat in your system, you must try to
eliminate them in order to prevent from potential real attack.
3. Attacks
• An attack is an action that exploits vulnerability or realizes a
threat.
• There are many kinds of attacks in today’s information security.
• The information security is now getting more and more
important due to the increasing number of possible threats and
due also to the more sophisticated technologies hackers and
attackers are trying to utilize. 12
Examples of Threats
13
Security Technologies Used
14
Cryptography
15
Cryptography(Cont.)
• A cipher or cryptosystem is used to encrypt data. The
original data is known as plaintext, and the result of
encryption is cipher text.
• Decrypt the cipher text to recover the original plaintext.
• A key is used to configure a cryptosystem for encryption and
• decryption.
19
Exercises
1. Given that the Caesar’s cipher is used, Find the plaintext from
the cipher text
• VSRQJHEREVTXDUHSDQWU
2. Find the plaintext and the key from the cipher text
• CSYEVIXIVQMREXIH
given that the cipher is a simple substitution of the shift-by-n
variety.
20
Assignment-I
21
Chapter(2)
22
Access Control
• Access control
– refers to issues concerning access of system resources.
– a mechanism to precisely assign various privileges to individual
user.
• access control is more broadly defined, with authentication and
authorization.
• Authentication: Who goes there?
• Authorization: Are you allowed to do that?
• Authentication is the process to identify and assure the
genuine, authorized user in the system.
• Authentication is the basis for effective information security.
authenticated users are allowed access to system resources.
• Authorization deals with more fine-grained restrictions and
limitations on access to various system resources.
23
Authentication Methods
1.User name / Password authentication
•Usernames and passwords are the most common form of authentication in use
today for its simplicity. However, passwords are often the weakest portion against
attack (like too easy passwords).
2.Key-file-based authentication
•Instead of using passwords, a system can authenticate by using encrypted “key-
file”, which normally has far larger data size than typical password, thus more
secure. For example, SSH (Secured Shell) client can connect and login to the server
by using key file instead of a password.
•In this case, a user cannot login by password, and must prepare a valid key file for
the authentication.
3.Biometrics authentication
•Password is handy for authentication, but is actually a very weak method because
anyone who knows the password can login to a system. In case the system needs to
recognize a particular person, we should use some forms of biometrics
authentication like the followings.
1)Fingerprint 2) Iris (Retina) 3)Hand palm geometry 4) Face 5)DNA
24
User Authentication
• Fundamental security building block
– basis of access control & user accountability
• The process of verifying an identity claimed by or for a system
entity
• Two steps:
– identification: specify identifier
– verification: bind entity (person) and identifier
• Distinct from message authentication (when communicating
parties are concerned with the integrity of the exchanges
messages)
25
Means of user authentication
26
Password Authentication
27
Password vulnerabilities
• offline dictionary attack
• password guessing against single user (w/ previous knowledge
about the user)
• workstation hijacking
• exploiting user mistakes
• exploiting multiple password use
• electronic monitoring
28
Countermeasures for password
vulnerability
• stop unauthorized access to password file
• intrusion detection measures
• account lockout mechanisms
• policies against using common passwords but rather hard to
guess passwords
• training & enforcement of policies
• automatic workstation logout
• encrypted network links
29
Biometric Authentication
• Authenticate user based on one of their physical
characteristics:
– facial
– fingerprint
– hand geometry
– retina pattern
– iris
– signature
– voice
30
Authentication Security Issues
31
Authentication Security Issues
32
Authentication Security Issues
33
Authentication Security Issues
• Replay: attacker repeats a previously captured user response
– Countermeasure
• Challenge-response
• 1-time passcodes
34
Authentication Security Issues
• eavesdropping
• replay
• trojan horse
35
Authentication Security Issues
36
Symmetric Key Encryption
• A symmetric key (sometimes called private, secret key, or single
key) system uses a single key.
• That key is used both to encrypt and to decrypt information.
• A symmetric key cryptosystem uses the one key to encrypt and
decrypt messages.
• cryptanalysis
– rely on nature of the algorithm
– plus some knowledge of plaintext characteristics
– even some sample plaintext-ciphertext pairs
– exploits characteristics of algorithm to deduce specific
plaintext or key
• brute-force attack
– try all possible keys on some ciphertext until get an
intelligible translation into plaintext
40
Symmetric Encryption Algorithms
41
Data Encryption Standard
• simple block cipher
• a symmetric key algorithm
• DES has a 64-bit block length;
• DES uses a 56-bit key; 8 of the 64 key bits were discarded, so
the actual key length is a mere 56 bits.
• each round of DES uses a 48-bit subkey and each subkey
consists of a 48-bit subset of the 56-bit key
• In DES, each S-box maps 6 bits to 4 bits, and DES employs
eight distinct S-boxes.
• The S-boxes, taken together, map 48 bits to 32 bits.
• The same S-boxes are used at each round of DES.
42
Triple DES
• DES
• Let P be a block of plaintext, K a key, and C the
corresponding block of ciphertext.
• For DES, C and P are each 64 bits, while K is 56 bits.
• The notation for the encryption of P with key K is
• C = E(P,K)
• while the corresponding decryption is denoted
• P = D(C,K).
• Double DES
• C = E(E(P,K1),K2).
43
Triple DES
44
Public Key Encryption
• A public key (sometimes called
asymmetric key or two key) system
uses two keys: a public key and a
private key.
• A public key is known to everyone,
whereas a private key is kept secret
by its owner.
• A big random number is used to
make a public-key pair. Public and
private keys are mathematically
related.
• data encrypted with one key can only
be decrypted with the other key.
Figure 2- Public Key Pair
45
Public Key Encryption
• In public key cryptography, one key is used to encrypt and a
different key is used to decrypt.
• A public key cryptosystem is based on a “trap door one-way
function,” that is, a function that is easy to compute in one
direction and hard to compute in other direction.
48
Public Key Encryption
49
Public Key Authentication
Authentication and/or data integrity
50
Public Key Algorithms
51
RSA
52
RSA Key Setup
• each user generates a public/private key pair by selecting two
large primes at random - p, q
• computing their system modulus N=p.q
– ø(N)=(p-1)(q-1)
• selecting at random the encryption key e
• where 1<e<ø(N), gcd(e,ø(N))=1
• solve following equation to find decryption key d
– e.d=1 mod ø(N) and 0≤d≤N
• publish their public encryption key: KU={e,N}
• keep secret private decryption key: KR={d,N}
53
RSA Key Setup(Cont.)
• to encrypt a message M the sender:
– obtains public key of recipient KU={e,N}
– computes: C=Me mod N, where 0≤M<N
54
RSA Algorithm
55
RSA Example-1
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is
d=23 since 23×7=161= 10×160+1
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}
57
RSA Example-2
• Now you want to send message M=4 to Alice. Encrypt your plaintext
M using Alice public exponent. What is the resulting ciphertext C? Now
Alice receives C. Verify that Alice can obtain M from C, using her
private decryption exponent.
• Select primes p=11, q=3.
• n = pq = 11*3 = 33
ø(n) = (p-1)(q-1) = 10*2 = 20
• Select e: gcd(e, ø(n)) = 1, gcd(e ø(n)) = gcd(e, 20) = 1
• Choose e=3, gcd(3, 20) = 1
• Compute d such that e.d ≡ 1 mod ø(n), select d = 7
• Public key = (n, e) = (33, 3), Private key = (n, d) = (33, 7).
• Encrypt the message m = 7,
c = me mod n = 73 mod 33 = 343 mod 33 = 13.
Hence the ciphertext c = 13.
• To check decryption , compute
m = cd mod n = 137 mod 33 = 7. 58
Exercises:
60
Digital Signature
• a mathematical scheme for demonstrating the authenticity of a digital message
or document.
• It is used to verify a message.
• It is basically an encrypted hash of the message.
• The recipient can check if the message was tampered with by hashing the
received message and comparing this value with the decrypted signature.
• To decrypt the signature, the corresponding public key is required.
• A valid digital signature gives a recipient reason to believe that the message
was created by a known sender, and that it was notAlice
altered in transit.
Bob
Clear text
Cipher text Clear text
message calculate
Encryption Decryption
hash
Digital
Hash value Hash value
signature
= ?
message Clear text
calculate
hash
Hash value
63
Digital Signature (Cont.)
• Suppose Alice wants to send a signed document or message to
Bob.
• The first step is generally to apply a hash function to the
message, creating what is called a message digest.
• The message digest is usually considerably shorter than the
original message.
• In fact, the job of the hash function is to take a message of
arbitrary length and shrink it down to a fixed length.
• In addition, someone could pretend to be Alice and sign
documents with a key pair he claims is Alice's.
• To avoid scenarios such as this, there are digital documents
called certificates that associate a person with a specific public
key.
64
Digital Signature (Cont.)
• Alice sends Bob the encrypted message digest and the
message, which she may or may not encrypt.
• In order for Bob to authenticate the signature he must apply
the same hash function as Alice to the message she sent him,
decrypt the encrypted message digest using Alice's public key
and compare the two.
• If the two are the same, he has successfully authenticated the
signature.
• If the two do not match, either someone is trying to
impersonate Alice, the message itself has been altered since
Alice signed it or an error occurred during transmission.
65
Digital Certificate
•A digital certificate is used to bind public keys to persons or other
entities.
• If there were no certificates, the signature could be easily be forged,
as the recipient could not check if the public key belongs to the sender.
•An individual wishing to send an encrypted message applies for a
digital certificate from a Certificate Authority (CA) which acts as a
trusted third party, or TTP.
•By signing the certificate, the CA is confirming that the identity stated
in the certificate is that of the holder of the corresponding private key.
•When you receive a certificate, you must verify the signature.
• If the certificate is signed by a CA that you trust, then you would
attempt to verify the signature using that CA’s public key.
•Anyone can create a certificate and claim to be anyone else—only the
verification of the signature can create trust in the validity of the
certificate.
66
Digital Certificates Functions
• Authentication – Proof that you are who you claim to be
• Encryption – encoding information in such a way as to
make it unreadable
• Non-repudiation – Inability to deny having sent specific
information or having accessed a specific system
• Data Integrity – Proof that the data has not been altered
since it was originally sent
• With a Digital Certificate, you can assure friends, business
associates, and online services that the electronic information
they receive from you are authentic .
67
Digital Signature & Digital Certificate
• The digital certificate is an electronic document that binds a
public key using digital signature to an individual or a person, a
computer or a network device
• a digital signature is to ensure that a data/information remain
secure from the point it was issued.
• Digital Certificates are used to verify the trustworthiness of a
website, while digital signatures are used to verify the
trustworthiness of information.
• In the case of digital certificates, an organization may only trust a
site if the digital certificates are issued by the organization itself
or by a trusted certification source.
• But, this doesn't necessarily mean that the content of the site can
be trusted; a trusted site may be infiltrated by a hacker who
modifies the site's content. 68
Certificate authorities
• A creator of a public key certificate is normally referred to as a
Certificate Authority (or CA).
• The CA takes responsibility for ensuring that the information on
a certificate is correct. The CA creates the public key certificate
to the owner.
• Whenever anyone has need of the owner’s public key they
request a copy of the public key certificate.
• The certificate might be made available on a central server, or
the owner or even the CA might send the certificate to whoever
requires it.
• The recipient of the public key certificate checks that the
certificate is in order, and if they are happy with it then they are
free to use the public key contained in the certificate. 69
Public Key Infrastructure (PKI)
70
Public Key
Infrastructure(Cont.)
Three websites that offers digital certificates :
• www.verisign.com, www.webopedia.com, www.thawte.com
• Public key infrastructures based on digital certificates and
certificate authorities remain the favoured method for trying to
securely implement public key cryptography.
• typical usage with PKI:
– Encryption and/or sender-authentication of Email messages
– Encryption and/or authentication of documents
– Authentication of users to applications,
– Bootstrapping secure communication protocols
71
Message Authentication
73
Authentication Functions
Authentication Functions
• Three classes of functions that may be used to produce an
authenticator
– Message encryption
• Ciphertext itself serves as authenticator
– Message authentication code (MAC)
• A public function of the message and a secret key that
produces a fixed-length value that serves as the
authenticator
– Hash function
• A public function that maps a message of any length into a
fixed-length hash value, which serves as the authenticator74
Message Encryption
75
Checking Techniques
• Checksums: a form of redundancy check. It adds up the digits
in a message before and after transmission for protecting the
integrity of data.
• Parity checks: counting the ones and zeroes in a message to
determine if the number of ones is odd or even, and verifying
that whatever the state was before transmission for the purposes
of error detection and error correction.
76
Message Authentication Code (MAC)-
• generated by an algorithm that creates a small fixed-sized
block
• This provides assurance that:-
– message is unaltered
– message comes from sender
• appended to message as a signature
• receiver performs same computation on message and checks it
matches the MAC
• provides assurance that message is unaltered and comes from
sender
• MAC differs from digital signatures, as MAC values are both
generated and verified using the same private key.
• This implies that the sender and receiver of a message must
agree on keys before initiating communications, as is the case
with symmetric encryption.
77
Message Authentication Codes
78
Hash Function
• The two most common cryptography techniques for message
authentication are a message authentication code (MAC) and a
secure hash function.
• A hash function maps a variable-length message into a fixed
hash value, or message digest.
• Hashes are used to protect integrity of data.
• Only the hash code is encrypted, using public key encryption
and using the sender’s private key.
• This provide authentication. It also provides a digital
signature, because only the sender could have produced the
encrypted hash code.
• In fact, this is the essence of the digital signature technique.
79
Secure Hash Functions
80
md5 - MD5 Message-Digest
Algorithm
• A well-known cryptographic hash function with a 128-bit
resulting hash value.
• It is conjectured that it is computationally infeasible to produce
two messages having the same message digest.
• Intended where a large file must be “compressed” in a secure
manner before being encrypted with a private key under a
public-key cryptosystem.
• The MD5 algorithm can be used as a digital signature
mechanism.
81
Hash Functions
• two attack approaches
– cryptanalysis
• exploit logical weakness in alg
– brute-force attack
• trial many inputs
• strength proportional to size of hash code (2n/2)
• SHA most widely used hash algorithm
– SHA-1 gives 160-bit hash
– more recent SHA-256, SHA-384, SHA-512 provide
improved size and security
82
openssl - OpenSSL command line tool
• OpenSSL is a cryptography toolkit implementing the Secure
Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) network protocols and related cryptography standards
required by them.
• It is a C library that implements the main cryptographic
operations like symmetric encryption, public-key encryption,
digital signature, hash functions, etc.
• It has a command-line interface & an application programming
interface.
• There are a lot of tools using OpenSSL’s libraries to secure data
or establish secure connections.
83
openssl - OpenSSL command line
tool
• It can be used for
1. Creation and management of private keys, public keys and
parameters Public key cryptographic operations
2. Creation of X.509 certificates, CSRs and CRLs
3. Calculation of Message Digests
4. Encryption and Decryption with Ciphers
5. SSL/TLS Client and Server Tests
6. Handling of S/MIME signed or encrypted mail
7. Time Stamp requests, generation and verification
84