Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
SEMESTER – VI
Module – 1
<Chapter 1>
Introduction
• Cyber Attacks,
• Defence Strategies and Techniques,
• Guiding Principles,
<Chapter 3>
Mathematical Background for Cryptography –
• Modulo Arithmetic’s,
• The Greatest Comma Divisor,
• Useful Algebraic Structures,
• Chinese Remainder Theorem
<Chapter 4>
Basics of Cryptography –
• Preliminaries
• Elementary Substitution Ciphers,
• Elementary Transport Ciphers,
• Other Cipher Properties
<Chapter 5>
Secret Key Cryptography –
• Product Ciphers,
• DES Construction,
• Modes of Operation,
• MAC and Other Applications,
• Attacks
• Linear Cryptanalysis.
Chapter 1: Introduction
• Introduction - Cyber Attacks, Defence
Strategies and Techniques, Guiding Principles,
What is Security about (in the
technical sense)
• Attacks
• Vulnerabilities
• Defence
Chapter 1: Introduction
• Cyber security is a study of attacks and know about
defense against attacks.
– Motives:
• The main goal of an attackers is thrill of mounting successful cyber
attacking mechanism.
• Most hackers are young programmers, teens- who dropped out schools
but intelligent and focused.
• Most traditional hackers are obsessive programmers
• Script kiddies- who use scripts and attack kits designed by other.
• Company insiders- disgruntled (dissatisfied) employees.
• Cyber terrorists- who adopt extreme religious or political causes.
Main aim is to cripple the information and
communication systems of the financial and
business institutions of their enemies.
• Human Vulnerabilities
– Induced by careless/unthinking human behavior
– Ex. clicking on a link in an e-mail message from a
questionable source
– Related to phishing and cross-site scripting attacks
Vulnerability Types (contd.)
• Protocol Vulnerabilities
– Attacks on commonly used networking protocols such as
TCP, IP, ARP, ICMP and DNS
– Ex. Connection hijacking caused by ARP spoofing, etc.
– Denial of Service Attacks (DoS) which exploit the 3-way
TCP handshake
– Pharming attacks exploit vulnerabilities in DNS
Vulnerability Types (contd.)
• Software Vulnerabilities
• Example:
• 10 mod 4 =2 , 14 mod 4=2 10-14=4X(2-3)
Modulo arithmetic properties
Properties Example
a=7 ,b=9 n=6
(a+b) mod n=( (a mod n) +(b mod n)) mod n ((7+9) mod 6= (7 mod 6) +(9 mod 6 ) mod 6
16 mod 6= 4
7 mod 6= 1
9 mod 6=3
4= (1+3 ) mod 6
(a-b) mod n=( (a mod n) -(b mod n)) mod n ((7-9) mod 6= (7 mod 6) -(9 mod 6 ) mod 6
-2 mod 6= 4
7 mod 6= 1
9 mod 6=3
4= (1-3 )mod 6 4
(a*b) mod n=( (a mod n) *(b mod n)) mod n ((7*9) mod 6= (7 mod 6) *(9 mod 6 ) mod 6
63 mod 6= 3
7 mod 6= 1
9 mod 6=3
3= (1*3 ) mod 63
GCD-Greatest Common Divisor
• Suppose two integers a and b, a divides b i.e a|b, if there exists an
integer x>=1 such that a*x=b, a is said to be divisor of b.
• Example: 6 |66 then 6 is divisor of 66.
• If a|b and a|c, if there exist a’>a such that a’|b and a’|c the a’ is
said to be GCD of b and c
• Example : 2|24 2|78, there exist 3 which is also divisor of 24 and
78 .
• 6 is another divisor which is greatest of these
• So 6 if GCD of 24 ,78
• GCD(24,78)=6
• Properties:
– gcd(a,b)=gcd(a,-b)=gcd(-a,b)=gcd(-a,-b)
Properties of congruences
Properties Example Verification
a ≡b (mod n) if n |(a-b) 23 ≡ 8 (mod 5) 5| (23-8) 5|15
a ≡b (mod n) implies b ≡ a (mod n) 23 ≡ 8 (mod 5) 23 mod 5 3,
8 ≡ 23 (mod 5) 8 mod 5 3
a ≡ b (mod n) b ≡ c (mod n) 23 ≡ 8 (mod 5), (23-18 )=5
implies a ≡c (mod n) 8 ≡18 (mod 5) multiple of 5
23 ≡ 18 (mod 5
Example: compute GCD(126,26)
• Compute GCD(b,c) where b>c
• b and c are represented as b=cXq+r
– In each steps new divisor and new remainder are obtained
from old remainder and old divisor of previous steps.
– These steps are repeated till remainder becomes 0
– quotientis GCD(b,c).
b=126,c=26
Step b =c*q+r
1 126 =26*4+22
2 26 =22*1+4
3 22 =4*5+2
4 4 =2*2+0 GCD(126,26) 2
Greatest Common Divisor(GCD)
• If a|b and a|c then a is referred to as GCD of b and c .
• There exist a’ such that a’>a , a’|b ,a’|c.
• This is expressed as :- a=gcd(b,c)
a b c Remark
5 10 15 5 = GCD(10,15)
7 28 77 7 =GCD(28,77)
Relatively Prime Numbers
• Two numbers are relatively prime if they have no common
divisors other than 1.
• 10 and 21 are relatively prime, in respect to each other, as
10 has factors of 1, 2, 5, 10 and 21 has factors of 1, 3, 7, 21.
• The Greatest Common Divisor (GCD) of two relatively
prime numbers can be determined by comparing their
prime factorizations and selecting the least powers.
•If the two numbers are relatively prime the GCD will be 1.
•Consider the following: 10(1, 2, 5, 10) and 21(1, 3, 7, 21)
•GCD(10, 21) = 1
Additive and multiplicative modulo 8
Modular Exponentiation
•Find 119 MOD 13? 112MOD 13=4
114MOD 13=42mod 13=3
118MOD 13=32MOD 13=9
119MOD 13=118MOD13X11MOD 13
=9X11MOD 13=99MOD 13=8
Prime Numbers
• InverseModulo(b,c)
Old1=1,new1=0; Old2=0,new2=1; Set b’=b, c’=c, r=2;
• While r>1{
q=b’/c’ ; r=b’%c’;
t1=old1-new1*q;
Old1=new1 ;
new1=t1;
t2=old2-new2*q;
Old2=new2 ;
new2=t2;
b’=c’
c’=r (At this point, new1*b+new2*c=r)
}
return new2
Trace: compute 12’Mod 79
Iteration b' c’ q r old1 new1 Old2 New2 Eqn
new1*b+new2*c=r
1 79 12 - 2 1 0 0 1 -
2 12 7 6 7 0 1 1 -6 1X79+-6X12=7
3 7 5 1 5 1 -1 -6 7 -1*79+7*12=5
4 5 2 1 2 -1 2 7 -13 2*79+-13*12
5 2 1 2 1 2 -5 -13 33 -5*79+33*12=1
-5*79+33*12=1
33*12 Mod 79=1+5*79 Mod 79
=33*12 Mod 79=1
=33*12 Mod 79=1
33=12’Mod 79
Compute 7-1 mod 11(b=11,c=7)
Iteration 0 1 2 3
b' 11 7 4 1
c’ 7 4 3 1
q - 11/7=1 7/4=1 4/3=1
r 2 11%7=4 7%4=3 4%3=1
old1 1 0 1 -1
new1 0 1-0X1=1 0-1*1=-1 1-(-1x1)=2
old2 0 1 -1 2
new2 1 0-1*1=-1 1-(-1)*1=2 -1-(2x1)=-3
Eqn=new1*b+new2*c=r - 1*11+-1*7=4 -1*11+2*7=3 2*11+-3*7=1
To find the 8-bit word related to the polynomial x5 + x2 + x, Since n = 8, it means the
polynomial is of degree 7. The expanded polynomial is
4.38
Find additive and multiplicative
GF(23) using irreducible polynomial
GF(2n): x3+x2+1
Chinese Remainder Theorem
• Suppose
• 2x ≡ 5 (mod 7); 3x ≡ 4 (mod 8)
• is equivalent to the simpler system
• 2.x.2-1≡ 5. 2-1 (mod 7)
• 3x.3-1≡ 4. 3-1 (mod 8)
• Find x using CRT
<Chapter 4>
Basics of Cryptography - Preliminaries,
Elementary Substitution Ciphers, Elementary
Transport Ciphers, Other Cipher Properties,
NH/SIT/2017- 10
18/6CS/CBCS/15CS61 5
Basics of Cryptography
• Cryptography is the science of disguising
<hiding>messages so that only the
intended recipient can
decipher the received message.
• It is lynchpin <essential> of data security, it
provides confidentiality, integrity,
authentication, and digital signatures.
NH/SIT/2017- 10
18/6CS/CBCS/15CS61 6
Conventional Block diagram
NH/SIT/2017- 10
18/6CS/CBCS/15CS61 7
Key points
• The original message or document to be transferred is called plain text
• The hidden message is called cipher text
• Usually these message will be in binary form
• The process of hiding message is called encryption.
• The processor of recovering original message is called decryption.
• The encryption involves the use of an encryption function or algorithm
denoted by E and encryption key.
• Similarly , the decryption involves the use of an decryption function or
algorithm denoted by D and decryption key.
• c=Ee(p) and p=Dd(c).
– Where p denotes a block of plain text.
– This encrypted by sender to produce cipher text c.
– The second operation is performed by receiver on the cipher text to recover plain
text.
NH/SIT/2017- 10
18/6CS/CBCS/15CS61 8
Role of ethical hackers
• Reverse- engineered code
• Discover bugs.
• If decryption algorithm placed in public
domain then bugs can be identified
NH/SIT/2017- 10
18/6CS/CBCS/15CS61 9
The secrecy should be in the
key used for decryption, not in
the decryption or encryption
algorithm
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 0
Secret key cryptography Vs Public
key cryptography
Secret key cryptography Public key cryptography
Sender and receiver share common Sender and receiver share key pair
secret key
Same key is used for encryption and One of the key is used for encryption and
decryption process other key is used for decryption process
e=d <e,d>
Known as symmetric key cryptography Known as asymmetric key cryptography
c=Ek(p), p=Dk(c) c=Epu(p), p=Dpr(c) for confidentiality
c=Epr(p), p=Dpu(c) for authentication
Best known algorithms: RSA ECC
Data Encryption standard (DES) Advanced
Encryption Standard (AES)
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 1
Requirements for secure use of
conventional encryption
• Strong encryption algorithm.
• Sender and receiver must have obtained
copies of the secret key in a secure fashion
and must keep the key secure
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 2
• Cryptographic systems are characterized along
three independent dimensions:
– The type of operations used for transforming
plaintext to cipher text.
– The number of keys used.
– The way in which the plaintext is processed
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 3
Model of Symmetric Cryptosystem
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 4
Types of Attacks
• If cryptographic algorithm is secure , then for
cryptanalyst is unable to
– Obtain the corresponding plaintext from a given cipher
text
– Deduce the key <secret key or private key>
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 5
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 6
How attacker realize key, scheme,
plain text?
• 1. Attacker could accumulate set of cipher text. Then
attacker would then look for patterns in the cipher text to
recognize some plain text or key. This attack is called known
cipher text attack
• 2. Sometime plain text is predictable or guessed , crypt
analyst then build repertoire <catalog> of corresponding
plain text, cipher text pair with invention of key . This
attack is called plain text attack.
• If Attacker uses piece of plain text and induce <tempt>
sender to encrypt such plain text to get the knowledge of
algorithm or cryptographic scheme . This attack is called
chosen plain text attack.
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 7
Substitution ciphers
• Mono alphabetic ciphers
– For 26 alphabetic , key k is used as substitution
– i.e D=P+k
– Example CYBER k=3
Plain text CYBER
Cipher text FBEHU
K 3
Alphabet is shifted right circularly by k
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 8
Caesar Cipher
• The Caesar cipher replaces each alphabet in a
text by the alphabet k positions away (in the
modulo 26 sense). For k = 3, the substitutions
are
D for A, E for B, . . . A for X,
B for Y, etc.
So, W H A T I S Y O U R N A M E becomes
ZKDW LV BRXU QDPH
NH/SIT/2017- 11
18/6CS/CBCS/15CS61 9
Attack on the Caesar Cipher
• By observing “large” amounts of cipher text, we may
be able to guess the plaintext. Why?
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 0
Vigenere Cipher
• Poly alphabetic cipher – works on an entire block
(bunch of consecutive characters)
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 3
Hill Cipher
• The relationship between a block of plaintext and its
ciphertext is expressed by
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 4
• Step 1: Matrix of minor
– Minor of an element aij is the determinant obtained from
|K| by deleting the ith row and jth column
• Step 2: Matrix of Cofactors
– The cofactor of an element Kij is (-1) i+j. the minor of Kij and
it is denoted by Kij
• Step 3:Adjugate or Adjoint matrix
– "Transpose" all elements of the Matrix of Cofactors
• Step 4: Multiply by 1/Determinant
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 5
Hill cipher example
• Given plain text HELP and K= 3 7
15 12
HE ( 7 4)
C= P.K 7 4 3 7 7*3+4*15 7*7+ 4*12 MOD 26
15 12
21+60 49+48 mod 2681 97 MOD 26 3 19 D T
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 6
Hill cipher decryption
Decryption
Minor of K 12 15 Cofactor of K 12 -15 Adjoint 12 -7
7 3 -7 3 -15 3
|K|= (3*12- 15.7) (36-105) = -69 mod 26 26*-3+9 9
1/|k| 9 -1 mod 26 9.y mod 26 = 1 MOD 26 9.3 MOD 26 27 MOD 26=1
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 7
Hill Cipher (example)
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 8
NH/SIT/2017- 12
18/6CS/CBCS/15CS61 9
One time pad
• Both sender and receiver agree for arbitrary
long, random, non replacing sequence of
characters.
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 0
Elementary Transposition cipher
• Given plain text is represented as matrix of
characters
• As per row key row is interchanged<shuffled >
then as per column key columns are
shuffled.
• The resultant matrix is rearranged to get
cipher text.
• Reverse process is used to recover plain text.
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 1
* Elementary Transposition Cipher
• Example:
– Arrange characters of text in a matrix
– Then shuffle the rows and columns
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 2
Elementary Transposition Cipher
• Plaintext: Begin Operation at Noon
• We represent text in a 5 X 4 matrix in row-major form:
• Rearrange the rows as follows
• Row 1 3, Row 2 5, Row 3 2, Row 4 1 Row 5 4.
b e g i o n a t
n o p e r a t i
r a t i b e g i
o n a t n o o n
n o o n n
e
o p
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 3
* Elementary Transposition
Cipher (example
• Rearrange the columns as follows contd.)
• Column 1 4 , Column 2 3, Column 3 1, Column 4 2
o n a t a t n o
r a t i t i a r
b e g i g i e b
n o o n o n o n
n p e p e o n
o
• Resulting cipher text is
A T N O T I A R G I E B O N O N P E ON
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 4
Confusion and diffusion.
• Confusion is the property of cipher whereby it
provides no clue regarding the relationship
between cipher text and the key.
• If a single bit of key changes and produces
k’ , it roughly produces half the bits of
cipher text
i.e Ek(p) and Ek’(p) are entirely different.
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 5
Confusion and diffusion
• Diffusion is concerned with the relationship
between the plaintext and corresponding
cipher text.
•A change in plain text , will
have the effect
a on block of bit
single cipher text
in
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 6
Assignment Questions
• 1. Explain different ingredients of typical
Crypto system.
NH/SIT/2017- 13
18/6CS/CBCS/15CS61 7
<Chapter 5>
• Involves
– Expansion
– XOR with round key
– Substitution
– Permutation
• Input to round function is 32 bit binary
• First this 32-bit quantity is expanded to 48 bits
• This 48-bit is then xored with round key Ki
• The result of xor is divided into 6 bit chunks
• Each chunk is substituted with 4-bit chunk
• For this 8 different S-box is used
S-box using table lookup
I5 I4 I3 I2 I1 I0
Row
O3 O2 O1 O0
Column
Modes of Operation
• Drawback:
– Identical blocks of plain text is encrypted into identical block of cipher text.
– Attacker can easily deduce plain text.
– Reordering of blocks by an attacker- this will not be detected by receiver.
* CBC Mode of Operation
This mode combines the previous block of ciphertext with
the current block of plaintext before performing the
encryption.
Ci-1 is XORed with Pi and then encrypted to produce Ci.
CBC advantages and Drawbacks
• This has the effect of “randomizing” the input to the
encryption box so that two identical blocks of
plaintext will, with high probability, map to different
ciphertext values.