CRYPTOGRAPHY & NETWORK SECURITY [Autosaved].pptx

asjadzaki2021 37 views 82 slides May 30, 2024
Slide 1
Slide 1 of 82
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41
Slide 42
42
Slide 43
43
Slide 44
44
Slide 45
45
Slide 46
46
Slide 47
47
Slide 48
48
Slide 49
49
Slide 50
50
Slide 51
51
Slide 52
52
Slide 53
53
Slide 54
54
Slide 55
55
Slide 56
56
Slide 57
57
Slide 58
58
Slide 59
59
Slide 60
60
Slide 61
61
Slide 62
62
Slide 63
63
Slide 64
64
Slide 65
65
Slide 66
66
Slide 67
67
Slide 68
68
Slide 69
69
Slide 70
70
Slide 71
71
Slide 72
72
Slide 73
73
Slide 74
74
Slide 75
75
Slide 76
76
Slide 77
77
Slide 78
78
Slide 79
79
Slide 80
80
Slide 81
81
Slide 82
82

About This Presentation

Jkuu

Size: 924.72 KB
Language: en
Added: May 30, 2024
Slides: 82 pages

Slide Content

CRYPTOGRAPHY & NETWORK SECURITY Paper Code: ETIT-403 Text Book: [T1] William Stallings, "Cryptography and Network Security - Principles and Practices", Prentice Hall of India, Third Edition, 2003. [T2] Wade Trappe, Lawrence C Washington, “Introduction to Cryptography with coding theory”, 2nd ed , Pearson, 2007. Reference Book: [R1] R.Rajaram , “Network Security and Cryptography” SciTech Publication, First Edition, 2013. [R2] Atul Kahate , "Cryptography and Network Security", Tata McGraw-Hill, 2003 [R3] Bruce Schneier , "Applied Cryptography", John Wiley & Sons Inc, 2001.

UNIT- I: Basic Cryptographic Techniques, Computational Complexity, Finite Fields, Number Theory, DES and AES, Public Key Cryptosystems, Traffic Confidentiality, Cryptanalysis, Intractable (Hard) Problems, Hash Functions, OSI Security Architecture Privacy of Data. [T1, T2] [No. of Hrs: 11] UNIT- II: Linear Cryptanalysis, Differential Cryptanalysis, DES, Triple DES, Message Authentication and Digital Signatures, Attacks on Protocols, Elliptic Curve Architecture and Cryptography, Public Key Cryptography and RSA, , Evaluation criteria for AES, Key Management, Authentication requirements Digital forensics including digital evidence handling: Media forensics, Cyber forensics, Software forensics, Mobile forensics. [T1, T2] [No. of Hrs: 11]

Roadmap Computer Security Network Security Mutual Trust Cryptographic algorithms symmetric ciphers asymmetric encryption hash functions

Computer Security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) Three key objectives that are at the heart of computer security

Levels of Impact can define 3 levels of impact from a security breach Low Moderate High

Examples of Security Requirements confidentiality – student grades integrity – patient information availability – authentication service

Computer Security Challenges Not simple Must consider potential attacks Procedures used counter-intuitive Involve algorithms and secret info Must decide where to deploy mechanisms Battle of wits between attacker / admin Not perceived on benefit until fails Requires regular monitoring Too often an after-thought Regarded as impediment to using system

OSI ( Open Systems Interconnection) Security Architecture ITU-T X.800 ( International Telecommunication Union Telecommunication Standardization Sector) “Security Architecture for OSI” Defines a systematic way of defining and providing security requirements It provides a useful, abstract, overview of concepts we will study

Aspects of Security Consider Three aspects of information security: Security attack Security mechanism Security service Important terms Threat – a potential for violation of security Attack – an assault on system security, a deliberate attempt to evade security services

Passive Attacks

Active Attacks

Security Service Enhance security of data processing systems and information transfers of an organization Intended to counter security attacks Using one or more security mechanisms Often replicates functions normally associated with physical documents which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed

Security Services X.800: “ A service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”. RFC 2828: “ A processing or communication service provided by a system to give a specific kind of protection to system resources”.

Security Services (X.800) Authentication - assurance that communicating entity is the one claimed have both peer-entity & data origin authentication Access Control - prevention of the unauthorized use of a resource Data Confidentiality – protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication Availability – resource accessible/usable

Security Mechanisms (X.800) Specific security mechanisms: encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Pervasive security mechanisms: trusted functionality, security labels, event detection, security audit trails, security recovery

Security Mechanism Feature designed to detect, prevent, or recover from a security attack No single mechanism that will support all services required However one particular element underlies many of the security mechanisms in use: cryptographic techniques

Network Security Network and Internet security consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. Example A network manager, D, transmits a message to a computer, E, under its management. The message instructs computer E to update an authorization file to include the identities of a number of new users who are to be given access to that computer. User F intercepts the message, alters its contents to add or delete entries, and then forwards the message to computer E, which accepts the message as coming from manager D and updates its authorization file accordingly.

Model for Network Security

Model for Network Security Using this model we are require to: Design a suitable algorithm for the security transformation. 2. Generate the secret information (keys) used by the algorithm. Develop methods to distribute and share the secret information. Specify a protocol enabling the principals to use the transformation and secret information for a security service.

Model for Network Access Security

Model for Network Access Security using this model we are require to: Select appropriate gatekeeper functions to identify users. Implement security controls to ensure only authorised users access designated information or resources.

What Is Cryptography? Cryptography -- from the Greek for “secret writing” -- is the mathematical “scrambling” of data so that only someone with the necessary key can “unscramble” it. Cryptography allows secure transmission of private information over insecure channels (for example packet-switched networks). Cryptography also allows secure storage of sensitive data on any computer.

Some Basic Terminology plaintext - original message ciphertext - coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key cryptology - field of both cryptography and cryptanalysis

Symmetric Cipher Model

Requirements Two requirements for secure use of symmetric encryption: a strong encryption algorithm a secret key known only to sender / receiver Mathematically have: Y = E(K, X) X = D(K, Y) Assume encryption algorithm is known Implies a secure channel to distribute key

Cryptography Can characterize cryptographic system by: type of encryption operations used substitution transposition product number of keys used single-key or private two-key or public way in which plaintext is processed block stream

Cryptanalysis Objective to recover key not just message General approaches: cryptanalytic attack brute-force attack If either succeed all key use compromised

Cryptanalytic Attacks ciphertext only only know algorithm & ciphertext, is statistical, know or can identify plaintext known plaintext know/suspect plaintext & ciphertext chosen plaintext select plaintext and obtain ciphertext chosen ciphertext select ciphertext and obtain plaintext chosen text select plaintext or ciphertext to en /decrypt

More Definitions unconditional security no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext computational security given limited computing resources ( eg time needed for calculations is greater than age of universe), the cipher cannot be broken

Brute Force Search Always possible to simply try every key Most basic attack, proportional to key size Assume either know / recognise plaintext Key Size (bits) Number of Alternative Keys Time required at 1 decryption/µs Time required at 10 6 decryptions/µs 32 2 32 = 4.3  10 9 2 31 µs = 35.8 minutes 2.15 milliseconds 56 2 56 = 7.2  10 16 2 55 µs = 1142 years 10.01 hours 128 2 128 = 3.4  10 38 2 127 µs = 5.4  10 24 years 5.4  10 18 years 168 2 168 = 3.7  10 50 2 167 µs = 5.9  10 36 years 5.9  10 30 years 26 characters (permutation) 26! = 4  10 26 2  10 26 µs = 6.4  10 12 years 6.4  10 6 years

Caesar Cipher Earliest known substitution cipher By Julius Caesar First attested use in military affairs Replaces each letter by 3rd letter on Example: meet me after the party PHHW PH DIWHU WKH SDUWB

Caesar Cipher Can define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Then have Caesar cipher as: c = E(k, p ) = ( p + k ) mod (26) p = D(k, c) = (c – k ) mod (26)

Cryptanalysis of Caesar Cipher Only have 26 possible ciphers A maps to A,B,..Z Could simply try each in turn A brute force search Given ciphertext, just try all shifts of letters Do need to recognize when have plaintext eg . break ciphertext "GCUA VQ DTGCM“ easy to break

Monoalphabetic Cipher Rather than just shifting the alphabet Could shuffle (jumble) the letters arbitrarily Each plaintext letter maps to a different random ciphertext letter Hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

Monoalphabetic Cipher Security Now have a total of 26! = 4 x 10 26 keys With so many keys, might think is secure But would be !!!WRONG!!! Problem is language characteristics

Language Redundancy and Cryptanalysis human languages are redundant eg " th lrd s m shphrd shll nt wnt " letters are not equally commonly used in English E is by far the most common letter followed by T,R,N,I,O,A,S other letters like Z,J,K,Q,X are fairly rare have tables of single, double & triple letter frequencies for various languages

English Letter Frequencies

Use in Cryptanalysis key concept - monoalphabetic substitution ciphers do not change relative letter frequencies discovered by Arabian scientists in 9 th century calculate letter frequencies for ciphertext compare counts/plots against known values if caesar cipher look for common peaks/troughs peaks at: A-E-I triple, NO pair, RST triple troughs at: JK, X-Z for monoalphabetic must identify each letter tables of common double/triple letters help

Example Cryptanalysis given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUD BMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ count relative letter frequencies A-2, B-2,C-0,D-6,E-6,F-4,G-2,H-7,I-1,J-1,K-0,L-0,M-8,N-0,O-9,P-16,Q-3,R-0,S-10,T-3,U-10,V-5, W-4,X-5,Y-2,Z-15 guess P & Z are e and t guess ZW is th and hence ZWP is the proceeding with trial and error finally get: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow

Playfair Cipher not even the large number of keys in a monoalphabetic cipher provides security one approach to improving security was to encrypt multiple letters the Playfair Cipher is an example invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair

Playfair Key Matrix a 5X5 matrix of letters based on a keyword fill in letters of keyword (minus duplicates) from left to right and top to bottom fill rest of matrix with other letters in alphabetic order. Letter i /j count as one letter. eg . using the keyword MONARCHY M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z

Encrypting and Decrypting Plaintext is encrypted two letters at a time as follows: If a pair is a repeated letter, insert filler like ‘X’ If both letters fall in the same row, replace each with letter to right (wrapping back to start from end) 3. If both letters fall in the same column, replace each with the letter below it (wrapping to top from bottom) 4. otherwise each letter in a pair is replaced by the letter in the same row and in the column of the other letter of the pair

Security of Playfair Cipher security much improved over monoalphabetic since have 26 x 26 = 676 diagrams would need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic) and correspondingly more ciphertext was widely used for many years e.g. by US & British military in WW1 it can be broken, given a few hundred letters since still has much of plaintext structure

Playfair Cipher Plain text – tall trees Key – occurrence Plain text – name Key – playfair Plain text – helloworld , whydontyou,impossible Key – keyword Plain text – mecseroom416 Key - keyword

Hill Ciphers Created by Lester S. Hill in 1929 Polygraphic Substitution Ciphers Encrypts letters in groups Frequency analysis more difficult Uses matrices to encrypt and decrypt Uses modular arithmetic (Mod 26)

Modular Arithmetic For a Mod b , divide a by b and take the remainder. 14 ÷ 10 = 1 R 4 14 Mod 10 = 4 24 Mod 10 = 4 Modulus Theorem

Modulus Examples

Modular Inverses Inverse of 2 is ½ (2 · ½ = 1) Matrix Inverse: AA -1 = I Modular Inverse for Mod m : ( a · a -1 ) Mod m = 1 For Modular Inverses, a and m must NOT have any prime factors in common

Modular Inverses of Mod 26 A 1 2 5 7 9 11 15 17 19 21 23 25 A -1 1 9 21 15 3 19 7 23 11 5 17 25 Example – Find the Modular Inverse of 9 for Mod 26 9 · 3 = 27 27 Mod 26 = 1 3 is the Modular Inverse of 9 Mod 26

Hill Cipher Matrices One matrix to encrypt, one to decrypt Must be n x n, invertible matrices Decryption matrix must be modular inverse of encryption matrix in Mod 26

Modular Inverse Matrices with Example Calculate determinant of first matrix A, det A Make sure that det A has a modular inverse for Mod 26 Calculate the adjugate of A, adj A and Multiply adj A by modular inverse of det A Calculate Mod 26 of the result to get B

Encryption Assign each letter in alphabet a number between and 25 Change message into 2 x 1 letter vectors Change each vector into 2 x 1 numeric vectors Multiply each numeric vector by encryption matrix Convert product vectors to letters

Change Message to Vectors Message to encrypt = HELLO WORLD A B C D E F G H I J K L M 1 2 3 4 5 6 7 8 9 10 11 12 N O P Q R S T U V W X Y Z 13 14 15 16 17 18 19 20 21 22 23 24 25

Multiply Matrix by Vectors

Convert to Mod 26

Convert Numbers to Letters HELLO WORLD has been encrypted to SLHZY ATGZT

Decryption Change message into 2 x 1 letter vectors Change each vector into 2 x 1 numeric vectors Multiply each numeric vector by decryption matrix Convert new vectors to letters

Change Message to Vectors Message to encrypt = SLHZYATGZT

Multiply Matrix by Vectors

Convert to Mod 26

Convert Numbers to Letters SLHZYATGZT has been decrypted to HELLO WORLD

Polyalphabetic Ciphers polyalphabetic substitution ciphers improve security using multiple cipher alphabets make cryptanalysis harder with more alphabets to guess and flatter frequency distribution use a key to select which alphabet is used for each letter of the message use each alphabet in turn repeat from start after end of key is reached.

Vigenère Cipher simplest polyalphabetic substitution cipher effectively multiple caesar ciphers key is multiple letters long K = k 1 k 2 ... k d i th letter specifies i th alphabet to use use each alphabet in turn repeat from start after d letters in message decryption simply works in reverse

Example of Vigenère Cipher write the plaintext out write the keyword repeated above it use each key letter as a caesar cipher key encrypt the corresponding plaintext letter eg using keyword deceptive key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Aids simple aids can assist with en/decryption a Saint-Cyr Slide is a simple manual aid a slide with repeated alphabet line up plaintext 'A' with key letter, eg 'C' then read off any mapping for key letter can bend round into a cipher disk or expand into a Vigenère Tableau

Security of Vigenère Ciphers have multiple ciphertext letters for each plaintext letter hence letter frequencies are obscured but not totally lost start with letter frequencies see if look monoalphabetic or not if not, then need to determine number of alphabets, since then can attach each

Kasiski Method method developed by Babbage / Kasiski repetitions in ciphertext give clues to period so find same plaintext an exact period apart which results in the same ciphertext of course, could also be random fluke eg repeated “VTW” in previous example suggests size of 3 or 9 then attack each monoalphabetic cipher individually using same techniques as before

Autokey Cipher ideally want a key as long as the message Vigenère proposed the autokey cipher with keyword is prefixed to message as key knowing keyword can recover the first few letters use these in turn on the rest of the message but still have frequency characteristics to attack eg. given key deceptive key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA

Vernam Cipher ultimate defense is to use a key as long as the plaintext with no statistical relationship to it invented by AT&T engineer Gilbert Vernam in 1918 originally proposed using a very long but eventually repeating key

One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time pad is unbreakable since ciphertext bears no statistical relationship to the plaintext since for any plaintext & any ciphertext there exists a key mapping one to other can only use the key once though problems in generation & safe distribution of key

Transposition Ciphers now consider classical transposition or permutation ciphers these hide the message by rearranging the letter order without altering the actual letters used can recognise these since have the same frequency distribution as the original text

Rail Fence cipher write message letters out diagonally over a number of rows then read off cipher row by row eg. write message out as: m e m a t r h t g p r y e t e f e t e o a a t giving ciphertext MEMATRHTGPRYETEFETEOAAT

Row Transposition Ciphers is a more complex transposition write letters of message out in rows over a specified number of columns then reorder the columns according to some key before reading off the rows Key: 4312567 Column Out 4 3 1 2 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

Product Ciphers ciphers using substitutions or transpositions are not secure because of language characteristics hence consider using several ciphers in succession to make harder, but: two substitutions make a more complex substitution two transpositions make more complex transposition but a substitution followed by a transposition makes a new much harder cipher this is bridge from classical to modern ciphers

Rotor Machines before modern ciphers, rotor machines were most common complex ciphers in use widely used in WW2 German Enigma, Allied Hagelin, Japanese Purple implemented a very complex, varying substitution cipher used a series of cylinders, each giving one substitution, which rotated and changed after each letter was encrypted with 3 cylinders have 26 3 =17576 alphabets

Hagelin Rotor Machine

Rotor Machine Principles

Steganography an alternative to encryption hides existence of message using only a subset of letters/words in a longer message marked in some way using invisible ink hiding in LSB in graphic image or sound file has drawbacks high overhead to hide relatively few info bits advantage is can obscure encryption use

Cryptographic Algorithms and Protocols Four main areas: Symmetric encryption: Used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords. Asymmetric encryption: Used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures. Data integrity algorithms: Used to protect blocks of data, such as messages, from alteration. Authentication protocols: These are schemes based on the use of cryptographic algorithms designed to authenticate the identity of entities.

Classical Cryptography: Secret-Key or Symmetric Cryptography A and B agree on an encryption method and a shared key. A uses the key and the encryption method to encrypt (or encipher) a message and sends it to B. B uses the same key and the related decryption method to decrypt (or decipher) the message.

Advantages of Classical Cryptography There are some very fast classical encryption (and decryption) algorithms Since the speed of a method varies with the length of the key, faster algorithms allow one to use longer key values. Larger key values make it harder to guess the key value -- and break the code -- by brute force.

Disadvantages of Classical Cryptography Requires secure transmission of key value Requires a separate key for each group of people that wishes to exchange encrypted messages (readable by any group member) For example, to have a separate key for each pair of people, 100 people would need 4950 different keys.
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 37
  • Slides 82
  • Age 550 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category