Network Security

Lecture-1

1
 Dangers of 2006 and beyond
 Spyware
• also called adware or malware
• Distributed through IE and Windows
• Softwares like KaZaa and Bonzi buddy act as spyware
• Advertisement bombardment
• People with Mozilla Firefox(cross platform web browser) are safe
• Transferred by Trojan horse method or scripts.
 Identity Theft
•Phishing
•Spamming
•Stealing personal information
•VAULT concept in Zone alarm Firewall prevents Identity theft.
 Website attacks
•Stealing information from other sources not just banks. 2
•Trojan Horse method.
 Course Outline

I. CRYPTOGRAPHY
 Secret-key cryptography
 Classical encryption techniques
 DES, AES
 Public-key cryptography
 RSA
 Key management
3
 Course Outline (Continued)

II. AUTHENTICATION
 MAC
 Hashes and message digests
 Digital signatures
 Kerberos

4
 Course Outline (Continued)
III Network security
IP security

Web security (SSL, secure electronic

transactions)
Firewalls

VPNs

Wireless security

5
 Course Outline (Continued)
IV Other Issues
Viruses

Trojan Horses

Network attacks

Securing networks

6
 Teaching materials
Reference Books
Network Security (A Hacker’s Perspective)

by Ankit Fadia by Premier Press

Cryptography Principles and Practices

by William Stallings
Cryptography by Schnider

C.Kaufman, R.Perlamn,

M.Speciner–“Network security. Private

communication in a public world”
Handouts 7
 Why do we need Cryptography?

Computers are used by millions of people for many

purposes
 Banking
 Shopping
 Tax returns
 Protesting
 Military
 Student records
…
Privacy is a crucial issue in many of these applications
Security is to make sure that nosy people cannot read
or secretly modify messages intended for other recipients
8
 The Good Old Days
The world before computers was in some ways
much simpler
 Signing, legalizing a paper would authenticate
it
 Photocopying easily detected
 Erasing, inserting, modifying words on a paper
document easily detectable
 Secure transmission of a document: seal it and
use a reasonable mail carrier (hoping the mail
train does not get robbed)
 One can recognize each other’s face, voice,
hand signature, etc. 9
 The Electronic Age

The ability to copy and alter information has changed

dramatically
 No difference between an “original” file and copies of it
 Removing a word from a file or inserting others is
undetectable
 Adding a signature to the end of a file/email: one can
impersonate it –add it to other files as well, modify it, etc.
 Electronic traffic can be (and is!) monitored, altered,
often without noticing
 How to authenticate the person electronically
communicating with you?
10
 Possible adversaries
Student: to have fun snooping on other people’s email
Cracker: to test out someone’s security system, to steal

data
Businessman: to discover a competitor’s strategic

marketing plan
Ex-employee: to get revenge for being fired

Accountant: to embezzle money from a company

Stockbroker: to deny a promise made to a customer by

email
Convict: to steal credit card numbers for sale

Spy: to learn an enemy’s military or industrial secrets

Terrorist: to steal germ warfare secrets

11
 Important Points
Making a network or a communication
secure involves more than just keeping it
free of programming errors

It involves outsmarting often intelligent,

dedicated and often well-funded
adversaries

12
 Security issues: some practical
situations
A sends a file to B: E intercepts it and reads it
How to send a file that looks gibberish to all but
the intended receiver?

A send a file to B: E intercepts it, modifies it,

and then forwards it to B
How to make sure that the document has been
received in exactly the form it has been sent?

E sends a file to B pretending it is from A

How to make sure your communication partner is
really who (s)he claims to be? 13
 Security issues: some practical
situations

A sends a message to B: E is able to delay

the message for a while.
How to detect old messages?

A sends a message to B. Later A (or B)

denies having sent (received) the message.
How to deal with electronic contracts?

14
 Classes of Network Security
Problems

Secrecy (or confidentiality)

Keep the information out of the hands of unauthorized
users, even if it has to travel over insecure links
Authentication

Determine whom you are talking to before revealing

sensitive information
Non-repudiation (or signatures)

Sender cannot deny the transmission

Data integrity (or message authentication)

Make sure that the message received was exactly the

message you sent (not necessarily interested here in the
confidentiality of the document)
15
Basic situation in cryptography

16
 Basic situation in cryptography

A(lice) sends a message (or file) to B(ob) through an open channel

(say, Internet), where E(vil, nemy) tries to read or change the
message
A will encrypt the plaintext using a key transforming it into a
“unreadable” cryptotext
This operation must be computationally easy

B also has a key (say, the same key) and decrypts the cryptotext
to get the plaintext. This operation must be computationally easy
E tries to cryptanalyze: deduce the plaintext (and the key)
knowing only the cryptotext. This operation should be
computationally difficult
We will use cryptography to cover both the design of secure
systems and their cryptanalysis– cryptology is also used
sometimes
17
 Cryptography-Some type of
Systems
Depending on the type of operations in
the encryption/decryption.
Substitutions (replacements) or
transpositions (rearrangement).
Number of keys used.

Symmetric / unsymmetric systems

The way the plaintext is processed.

Block or stream approach

18
 Cryptanalysis (Some types of
attacks)
 Fundamental rule: one must always assume that the attacker
knows the methods for encryption and decryption; he is only looking
for the keys.
• Difficult to keep the cryptography algorithm secret (too many people
involved).
• Bonus of advertising. (People try to break it for you).

Passive attack: the attacker only monitors the traffic attacking the
confidentiality of the data.

Active attack: the adversary attempts to alter the transmission

attacking data integrity, confidentiality, and authentication.

Brute-force attack: try every possible key on the ciphertext until

an intelligible translation into a plaintext is obtained

19
Brute forcing

20
 Attacks on protocols
Known-key attack: obtain some previous keys
and use the information to get the new ones
Replay: the adversary records a communication

session and replays the entire session or portions

of it at a later time
Impersonation: adversary assume the identity

of a legitimate user
Dictionary: the attacker has a list of probable

passwords, hashes them and compares with the

entries in the list of true encrypted passwords
hoping to get a match 21
 How secure is secure?

Evaluating the security of a system is a

crucial and most difficult task
Unconditionally secure system

•If the ciphertext does not contain enough information

to determine uniquely the corresponding ciphertext:
any plaintext may be mapped into that ciphertext with
a suitable key
•Consequently, the attacker cannot find the plaintext
regardless of how much time and computational power
he has because the information is not there!
Bad news: only one known system has this
property: one-time pad 22
 How secure is secure?
Provable security


• Prove that breaking the system is

equivalent with solving a supposedly difficult
(math) problem (e.g., from Number Theory)

Computationally secure


• The (perceived) cost of breaking the system

exceeds the value of the encrypted information
•The (perceived) time required to break the
system exceeds the useful lifetime of the
information 23
 Aims and objectives of the course
To increase awareness among computer
professionals on “ Computer & Network Security”
To study the interesting science of cryptography.

To keep the contents lively by the right mix of

mathematics , algorithm design and protocol

analysis.
To award an A+ to “deserving” candidates. 

To dive into the turbulent waters of computer

crime and fight the “sharks” (hackers).

24
I.CRYPTOGRAPHY

25
 I.1 Secret Key cryptography
I.1 Secret-key cryptography
Also called symmetric or conventional
cryptography
Five ingredients
 Plaintext
 Encryption algorithm: runs on the plaintext and the
encryption key to yield the ciphertext
 Secret key: an input to the encryption algorithm, value
independent of the plaintext; different keys will yield different
outputs
 Ciphertext: the scrambled text produced as an output by
the encryption algorithm
 Decryption algorithm: runs on the ciphertext and the key
to produce the plaintext 26
 Secret Key cryptography
(Contd)
• Requirements for secure conventional encryption
Strong encryption algorithm
• An opponent who knows one or more
ciphertexts would not be able to find the
plaintexts or the key
• Ideally, even if he knows one or more pairs
plaintext-ciphertext, he would not be able to
find the key
• Sender and receiver must share the same key.
Once the key is compromised, all communications
using that key are readable
• Encryption algorithm is not a secret
27
 Cryptography notations

C=EK(P) denotes that C is the encryption

of the plaintext P using the key K

P=DK(C) denotes that P is the decryption

of the ciphertext C using the key K

28
 CAESER Cipher
It is a typical substitution cipher and the oldest known –
attributed to Julius Caesar
Simple rule: replace each letter of the alphabet with the
letterstanding 3 places further down the alphabet
Example:

MEET ME AFTER THE TOGA PARTY

PHHW PH DIWHU WKH WRJD SDUWB
Here the key is 3 –choose another key to get a different
substitution
The alphabet is wrapped around so that after Z follows
A:

a bcd efghi jk l mnopq rs t u vwxyz

DEFGHIJKLMNOPQRSTUVWXYZABC 29
 CAESER Cipher
 Mathematically give each letter a number
a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

The key is a number from 0 to 25

Caesar cipher can now be given as

E(p) = (p + k) mod (26)

D(C) = (C –k) mod (26)

30
 Attacking CAESER Cipher

Substitute a value of key , k from 0 to 25 and

stop when english message is obtained.
Exercise: attack the ciphertext:

PHHW PH DIWHU WKH WRJD SDUWB

31
 Attack results

CAESER too easy to attack!!

Why?

32
 Attack results

Adapted from Cryptography and network security

33
by William Stallings
 Modification to Caeser
Idea:instead of shifting the letters with a fixed amount
how about allowing any permutation of the alphabet

Plain: a b c d e f g h I j k l m n o p q r s t u v w x y z
Cipher: D K V Q F I B J W P E S C X H T M Y A U O L R G Z N

Plaintext: if we wish to replace letters

Ciphertext: WI RF RWAJ UH YFTSDVF SFUUFYA

This is called monoalphabetic susbstitution cipher–a

single alphabet is used
The increase in the number of keys is dramatic: 26!, i.e.,
more than 4x1026 possible keys
Compare: DES only has an order of 1016possible keys

34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Hill Cipher

50
 Hill Cipher
 Takes two or three or more letter
combinations to the same size
combinations, e.g. “the”  “rqv”
 Uses simple linear equations
 An example of a “block” cipher
encrypting a block of text at a time
 Numbered alphabet: a = 0, b = 1, c =
3, etc.
(in CAP, use ASCII code) 51
 Example
C1 = 9*p1 + 18*p2 + 10*p3 (mod 26)
C2 = 16*p1 + 21*p2 + 1*p3 (mod 26)
C3 = 5*p1 + 12*p2 + 23*p3 (mod 26)

C1 9 18 10 p1
C2 = 16 21 1 p2 (mod 26)
C3 5 12 23 p3

52
I can’t do it
 EOM TMY SVJ
8 2 0 13 19 3 14 8 19

4 9 18 10 8
14 = 16 21 1 2 (mod 26)
12 5 12 23 0

19 9 18 10 13
12 = 16 21 1 19 (mod 26)
14 5 12 23 3

18 9 18 10 14
21 = 16 21 1 8 (mod 26)
9 5 12 23 19
53
 Hill – key is matrix
k11 k12 k13
k21 k22 k23
k31 k32 k33

Generalize to any size, larger blocks

Matrix must be invertible

54
 Hill – Important Observation
Friday  ?
a b c d e f g h I j k l m n o p q r s t u v w
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

x y z
23 24 25

55