NETWORK SECURITY

ADVERSARY GOAL

Student To have fun snooping on people’s email

Hacker To test out someone’s security system steal data

Sales rep To claim to represent all of Europe, not just Andorra

Business man To discover a competitor’s strategic marketing plan

Ex-employee To get revenge for being fired

Accountant To embezzle money from a company

Stockbroker To deny a promise made to customer by email

Con man To steal credit card numbers for sale

Spy To learn an enemy’s military Strength

Terrorist To steal germ warfare secrets

PASSIVE ATTACKS

• Eavesdropping on transmissions

• To obtain information

– release of possibly sensitive/confidential message contents

– traffic analysis which monitors frequency and length of messages to get info on senders

• Difficult to detect

• Can be prevented using Encryption

ACTIVE ATTACKS

• Masquerade– pretending to be a different entity

• Replay• Modification of messages• Denial of service• Easy to detect– detection may lead to deterrent

• Hard to prevent– focus on detection and recovery

NETWORK SECURITY PROBLEMS

•Network security is based on Secrecy Authentication Non repudiation Integrity control

•Secrecy- Keeping confidential information out of hands of unauthorized users

•Authentication- Determining whom you are talking to before revealing sensitive information

•Non repudiation deals with signatures

CRYPTOGRAPGHY•Cryptography is the word derived from Greek where kryptos means “hidden secret” and gráph means “writing”. Cryptography is the process of studying and hiding the information.

•Cryptography is the art of encoding and decoding messages and has existed as long as people have distrusted each other and sought forms of secure communication.

•The purpose of cryptography is to transmit information such that only the intended recipient receives it.

•It is used by:•Military•Diplomatic Cops•Lovers

•‘Encryption’ which the process of conversion of information from a readable state to nonsense.

• Decryption is the reverse of encryption.

•Encryption is the process of converting ordinary information (plain text) into unintelligible non sense(ciphertext) and Decryption is the process of moving from the unintelligible ciphertext back to plain text.

•Message plain text

Message + key Cipher Text

•A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption.

•Cryptanalysis is the term for the study of how to crack encryption algorithms or Ciphers.

•The art of devising ciphers and breaking them is collectively known as Cryptology.

•Let the person sending the message be Alice and the person receiving the message be Bob.

•Encryption with plain text (P) and using key (k) gives Ciphertext(C) is shown below: C = Ek(P)•Decryption of ciphertext(C) using key(k) gives the plaintext(P) is shown below: P = Dk(C)•Key a random sequence of bits

• This is a secret for a specific message exchange context. •It does not contain any information.

•Keys are important, as ciphers without variable keys can be trivially broken with only the knowledge of the cipher used and are therefore useless for most purposes.

•Key Size: In encryption systems that use a cipher algorithm, messages can be much longer than the key. The key must, however, be long enough so that an attacker cannot try all possible combinations.

•128-bit keys are commonly used and considered very strong.

•Key length of two digits have 100 probabilities.

•Key length of three digits have 1000 probabilities.

•So, Secrecy comes from having a strong algorithm and a long key.

Fundamental Cryptographic Principles:

•All encrypted messages must contain some redundancy i.e. information not needed to understand the message.

•Some measures must be taken to prevent active intruders from playing back old messages

TYPES OF CRYPTOSYSTEMS

Cryptosystems come in two classes depending on the similarity of the key, Alice and Bob use. Based on that below are the two types of cryptosystems.

•Public- key Cryptosystems

•Secret-key Cryptosystems

•Public- key Cryptosystems:

This is the case where Alice and Bob use different keys for encryption and decryption.\

•They are also known as Asymmetric Cryptosystems.

•Asymmetric Cryptosystems Different Key Public-key Cryptosystems

Secret-key Cryptosystems:

•Symmetric Cryptosystems Same key Secret-key Cryptosystems

•Here Alice and Bob use the same key for encryption and decryption

ONE TIME PADS

The use of a one-time pad for encryption and the possibility of getting any possible plaintext from the cipher text by the

use of some other pad.

DISADVANTAGES

• No synchronization between Alice and Bob

• Keys are hard to memorize(long)

• Keys are not reusable

DATA ENCRYPTION STANDARD

• US standard

• Developed by IBM

• 64 bit plain text blocks

• 56 bit key 19 stages

• The algorithm has been designed to allow decryption to be done with the same key as encryption

• Broken in 1998 by Electronic Frontier Foundation– DES now worthless

DATA ENCRYPTION STANDARD

The data encryption standard. (a) General outline.(b) Detail of one iteration. The circled + means Exclusive OR.

CRYPTANALYSIS

• Some common symmetric-key cryptographic algorithms.

SOCIAL ISSUES

• Keeping keys secret is one of the most difficult problems in practical cryptography.

• License oriented

• The Distance Barrier

• Expensive

• Criminal Act