FACULITY OF ELECTRONIC TECNOLOGY

COMPUTETR ENGINEERING (MSc)

By: Haitham Farag Daw

1

Cryptography and Cryptography and Network SecurityNetwork Security

OutLine

2

Blowfish Encryption Algorithm

Paper Search

Nmap Tool

Blowfish Encryption Algorithm

3

-----------------------------------------------------------------

Main point

Introduction

Structure

Cryptanalysis

Comparison

References

4

Introduction

designed in 1993 by Bruce Blowfish

64-bit block cipher with variable length key

Large key-dependent S-boxes

More resistant to cryptanalysis

Key-dependent permutations

Diverse Mathematical Operations

Combine XOR and addition5

Continue Fast

Compact It can run in less than 5K of memory.

Simple to code

Easily modifiable for different security levels Secure: The key length is variable ,it can be in

the range of 32~448 bits: default 128 bits key length.

Unpatented and royality-free.

6

Structure of BF

Feistel iterated block cipher

Scalable Key (32 to 448 bits)

Simple operation that are efficient on

microprocessors

XOR, Addition, Table lookup, etc

Employ Precomputable Subkeys

Variable number of iterations7

8

Implementation: Encryption

( )

171617

181617

11

111

PRR

PLL

PLR

RPLFL

iii

iiii

⊕=⊕=⊕=

⊕⊕=

−−

−−−

Wikipedia, http://en.wikipedia.org/wiki/Image:BlowfishDiagram.png

Arrays:

P – Number of rounds + 2 elements

4 S-boxes – 256 elements

9

Implementation: Function F(x(

( ) [ ] [ ]( ) [ ]( )[ ]07

81516232431031

4

321

−

−−−−

+⊕+=

XS

XSXSXSXF

Wikipedia, http://upload.wikimedia.org/wikipedia/en/8/81/BlowfishFFunction.png

Addition is mod 232

10

Data Encryption

• Divide 64-bits into two 32-bit halves: XL, XR • For i = 1 to 16

o XL = XL XOR Pi o XR=F(XL) XOR XR o Swap XL and XR

• Swap XL and XR (Undo the last swap ) • XR=XR XOR P17 • XL = XL XOR P18 • Concatenate XL and XR

11

Cryptanalysis

Differential Attack

After 4 rounds a differential attack is no better than a brute

force attack

Weak Keys

S-box collisions

blowfish algorithm has yet to be cracked as the key size

is high, requires 2448 combinations

12

Future Concerns Simplifications

Fewer and Smaller S-boxes

Fewer Iterations

On-the-fly subkey calculation

Twofish

AES Finalist

128-bit Block Size

More Operations

13

Comparison

14

References

Wikipedia (for illustrations)

http://en.wikipedia.org/wiki/Blowfish_cipher

Applied Cryptography

Bruce Schneier

John Wiley and Sons, Inc. 1996

The Blowfish Paper

http://www.schneier.com/paper-blowfish-fse.html

15

Paper Search-----------------------------------------------------------------

16

New Approach for Modifying Blowfish Algorithm by Using

Multiple Keys

byAfaf et al in

VOL.11 No.3, March 2011, Amman, Jordan, Baghdad, Iraq

17

Nmap Tool-----------------------------------------------------------------

18

Outline

Introduction

Port Scanning

Nmap

Anti-Port Scanning

Reference

19

Introduction

IP Addresses: Finding out an IP Address

Through Instant Messaging Software

Through Internet Relay Chat

Through Your website

Through Email Headers

20

21

Port Scanning

Port Scanning is normally the first step that an

attacker undertakes.

List of Open Ports

Services Running

Exact Names and Versions of all the Services or

Daemons.

Operating System name and version

Major Tools Available

Some of the best and the most commonly used Port Scanners are: Nmap Superscan Hping Nessus

Common Features of all above Port Scanners: Very Easy to Use Display Detailed Results

23

Nmap Nmap (Network Mapper) is a security scanner originally

written by Gordon Lyon , (1997).

Is a free and open source, Website nmap.org.

Nmap runs on all major computer operating systems

Used to discover

hosts and services on acomputer network, and security

auditing

Thus creating a "map" of the network.

24

25

Determain what..

operating systems

vulnerability detection.

It was designed to rapidly scan large networks

Nmap is also capable of adapting to network

conditions including latency and congestion during a

scan

Nmap sends specially crafted packets to the target

host and then analyzes the responses.

Nmap features Host discovery

Port scanning

Version detection

OS detection

Nmap can provide further information on targets,

including reverse DNS names, device types, and

MAC addresses.

26

27

28

29

Anti-Port Scanning

Some useful Anti-Port Scanning software available

are:

Scanlogd

BlackICE

Snort

Abacus Port sentry

And multi tools using to hide the IP address .

30

Reference

http://nmap.org/book/man.html

http://nmap.org/book/install.html

http://nmap.org/nsedoc

H.mondo89@yahoo.com

31