INS- UNIT 1.pdf
Document Details
Uploaded by RightRadiance
Tags
Full Transcript
Information and Network Security Asst. Prof. Jesica D Security Trends Remote Social working engineering cybersecurity attacks...
Information and Network Security Asst. Prof. Jesica D Security Trends Remote Social working engineering cybersecurity attacks risks Multi-factor Internet of authentication Things (IoT) improving Rise of AI Ransomware Cloud computing Mobile security 1. Remote working cybersecurity risks Working from home poses new cybersecurity risks and is one of the most talked-about new trends in cyber security. Home offices are often less protected than centralized offices, which tend to have more secure firewalls, routers, and access management run by IT security teams. In the rush to keep things operational, traditional security vetting may not have been as rigorous as usual – with cybercriminals adapting their tactics to take advantage. Therefore, a critical cyber security trend is for organizations to focus on the security challenges of distributed workforces. 2. Internet of Things (IoT) The expanding Internet of Things (IoT) creates more opportunities for cybercrime. Examples of IoT devices include wearable fitness trackers, smart refrigerators, smartwatches, and voice assistants like Amazon Echo and Google Home. So many additional devices change the dynamics and size of what is sometimes called the cyber-attack surface – that is, the number of potential entry points for malicious actors. Compared to laptops and smartphones, most IoT devices have fewer processing and storage capabilities. This can make it harder to employ firewalls, antivirus, and other security applications to safeguard them. 3. Ransomware Extortion attacks involve criminals stealing a company’s data and then encrypting it so they can’t access it. Afterward, cybercriminals blackmail the organization, threatening to release its private data unless a ransom is paid. The burden of this cyberthreat is significant given the sensitive data at stake as well as the economic impact of paying the ransom. 4. Cloud services and cloud security threats Cloud vulnerability continues to be one of the biggest cyber security industry trends. Cloud services offer a range of benefits – scalability, efficiency, and cost savings. But they are also a prime target for attackers. Misconfigured cloud settings are a significant cause of data breaches and unauthorized access, insecure interfaces, and account hijacking. 5. Mobile Security Mobile threats such as spyware, vulnerabilities with android operating system, DDOS attacks, spam SMS, stealing of data causing harm to individual as well as organization which is continuously evolving. Specialized spyware designed to spy on encrypted messaging applications. Criminals exploiting critical security vulnerabilities within Android devices. 6. Social engineering attacks Social engineering attacks like phishing are not new threats but have become more troubling amid the widespread remote workforce. SMS phishing – sometimes known as ‘smishing’.Attackers use these platforms(messenger apps) to try to trick users into downloading malware onto their phones. Another variation is voice phishing – also called ‘vishing’.Hackers posing as IT staff called customer service representatives and tricked them into providing access to an important internal tool.There is also SIM jacking, where fraudsters contact the representatives of the mobile operator of a particular client and convince them that their SIM card is hacked. This makes it necessary to transfer the phone number to another card. If the deception is successful, the cybercriminal gains access to the digital contents of the target’s phone. 7. Rise of Artificial Intelligence The use of Machine Learning and Artificial Intelligence is growing rapidly in the industries as it plays very important role in network security. AI has been paramount in building automated security systems, natural language processing, face detection, and automatic threat detection. AI also makes it possible to analyze massive quantities of risk data at a much faster pace. Though practical implementation of AI and ML is a paramount in developing automated security systems and threat detection, there is a risk as ML and AI may get exploited by attackers as attacker are getting smarter. THE OSI SECURITY ARCHITECTURE OSI Security Architecture was developed as an international standard for computer and communications vendors to develop security features for their products and services that relate to this structured definition of services and mechanisms. OSI security architecture is a systematic way of defining and providing requirements of the security and it emphasises on following concepts:- SECURITY ATTACKS Security attack is an unauthorized access to sensitive data to expose, steal or damage it. PASSIVE ATTACKS Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Use encryption for data masking so that information is Introduction unreadable by an intruder. Two types of passive attacks 1. Release of message contents: A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. 2. Traffic analysis: Data is encrypted so the opponent may not know the exact contents. An opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. ACTIVE ATTACKS Active attacks involve some modification of the data stream or the creation of a false stream. Classified into four types :- 1. Masquerading 2. Replay attack 3. Modification of messages 4. Denial of Service (DOS) Masquerading ➔ A system or a user posing as a false identity to gain access or to modify information ➔ Also known as spoofing ACTIVE ATTACKS Replay attack Passive capturing of data packet and its transmission to produce authorized effect Modification of messages Some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an authorized effect For example, a message meaning “Allow John Smith to read confidential file accounts” is modified to mean “Allow Fred Brown to read confidential file accounts.” ACTIVE ATTACKS Denial of Service (DOS) Prevents or inhibits the normal use or management of communications facilities May have a specific target; for example, an entity may suppress all messages directed to a particular destination Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. SECURITY SERVICES A processing or communication service that is provided by a system to give a specific kind of protection to system resources Security services implement security policies and are implemented by security mechanisms. Provided by a protocol layer of communicating open systems and that ensures adequate security of the systems or of data transfers. These services are defined by x.800. X.800 divides these services into five categories 1. AUTHENTICATION 2. ACCESS CONTROL 3. DATA CONFIDENTIALITY 4. DATA INTEGRITY 5. NONREPUDIATION AUTHENTICATION The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication 1. Used in association with a logical connection to provide confidence in the identity of the entities connected. 2. Two entities are considered peers if they implement to same protocol in different systems; e.g., two TCP modules in two communicating systems. 3. Peer entity authentication is provided for use at the establishment of, or at times during the data transfer phase of, a connection. 4. It attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection. Data-Origin Authentication 1. In a connectionless transfer, provides assurance that the source of received data is as claimed. 2. It does not provide protection against the duplication or modification of data units. This type of service supports applications like electronic mail, where there are no prior interactions between the communicating entities. ACCESS CONTROL 1. The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). 2. To achieve this, each entity trying to gain access must first be identified, or authenticated, so that access rights can be tailored to the individual(eg ACL). DATA CONFIDENTIALITY 1. The protection of data from unauthorized disclosure. 2. Confidentiality is the protection of transmitted data from passive attacks. 3. Connection Confidentiality: The protection of all user data on a connection 4. Connectionless Confidentiality: The protection of all user data in a single data block 5. Selective-Field Confidentiality: The confidentiality of selected fields within the user data on a connection or in a single data block. 6. Traffic-Flow Confidentiality: The protection of the information that might be derived from observation of traffic flows. DATA INTEGRITY 1. The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay) 2. Connection Integrity with Recovery Provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted. 3. Connection Integrity without Recovery As above, but provides only detection without recovery 4. Selective-Field Connection Integrity Provides for the integrity of selected fields within the user data of a data block transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted, or replayed. 5. Selective-Field Connectionless Integrity Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified. NONREPUDIATION 1. Nonrepudiation prevents either sender or receiver from denying a transmitted message. 2. Nonrepudiation, Origin: Proof that the message was sent by the specified party 3. Nonrepudiation, Destination: Proof that the message was received by the specified party SECURITY MECHANISMS Security mechanisms are set of processes designed to detect, prevent and recover from various types of threats and attacks. Security mechanisms are the techniques or tools to implement security principles or security services in an organization They are divided into 2 categories based upon dependency on protocol layer/services or independent of them: 1. Specific security mechanism: May be incorporated into the appropriate protocol layer in order to provide some of the OSI security services. 2. Pervasive security mechanism: Mechanisms that are not specific to any particular OSI security service or protocol layer. Categories of Specific Security Mechanism ★ Encipherment 1. Converting data to unreadable format through encryption to maintain confidentiality. 2. For data transformation various mathematical algorithms are used. 3. Data transformation and recovery depends on encryption keys. 4. Difficulty level of encryption is dependent on mathematical algorithm and no of keys used. 5. Techniques which are used in encipherment are steganography and cryptography ★ Access Control 1. Enforcing access permission for resources 2. Controls unauthorized access of data 3. Example is passwords, Pin numbers, usage of firewall 4. Defining role of the users and their permissions Categories of Specific Security Mechanism ★ Digital Signature 1. Security achievement by appending original data with invisible digital data. 2. Form of an electronic signature 3. Digital signature is added to document by sender and verified by receiver 4. Sender uses his own private key and corresponding public key will be share with receiver. Receiver on the other side uses this public key to assure authenticity of the sender who has claimed data has been sent by him 5. Authenticity and integrity of the data is been proved. ★ Traffic padding 1. Adding additional data in your network traffic to make it more difficult to identify the sender, receiver, and/or the data being transmitted. 2. It's designed to make the traffic look more random, or at least less identifiable. Categories of Specific Security Mechanism ★ Data Integrity 1. Assurance of keeping data intact during transmission 2. Original data is appended with a code which needs to be same during transmission and verified by sender and receiver to prove data integrity. 3. Original data contents and appended check value is shared with receiver. 4. Receiver at the other end also computes new check value based on some predefined algorithm. 5. This newly created check value and the value which shared by sender is then compared. 6. If these both are same then data integrity is maintained. 7. If these both values do not match then there is considered to be data modification while transmission of data. 8. Detects unauthorized modification of data. Categories of Specific Security Mechanism ★ Authentication Exchange 1. Entities involved in communication proves their identity to each other 2. Example is two-way handshaking mechanism used to establish connection. ★ Routing control 1. Selection of specific secure routes for data transmission. 2. Enables routing changes when security breach is suspected 3. Choosing and continuously changing various available routes between communicating entities. 4. Preventing traffic analysis attack on a specific route ★ Notarization 1. The use of a trusted third party to assure certain properties of a data exchange. 2. Record maintenance of request from sender and receiver in case later denied. 3. Prevents repudiation Categories of Pervasive Security Mechanism ★ Trusted Functionality 1. Supposed to be correct with respect to some criteria like as per security policies ★ Security Label 1. The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource. ★ Event Detection 1. Security related events detection 2. Detecting events associated with security violation ★ Security Recovery Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions. Categories of Pervasive Security Mechanism ★ Security Audit Trail 1. Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities 2. Ensuring compliance with existing policies and operational procedures. 3. Discovering security breaches 4. Suggests changes in policies, controls and procedures if needed Relationship Between Security Services and Mechanisms Classical Encryption Techniques Symmetric Cipher Model Symmetric encryption or one key encryption or conventional encryption is a type of cryptosystem where encryption and decryption process is done using same key. Symmetric Cipher Model contains five components. 1. Plain text – Original data that is to be feed as input to the algorithm. 2. Encryption algorithm – Various algorithms used to convert plain text into cipher text. These algorithms are classified as substitution and transposition algorithms 3. Secret key – The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The exact substitutions and transformations performed by the algorithm depend on the key. 4. Cipher text – Converted data that is received as output. Output is based on plain text and secret key used for algorithm. 5. Decryption algorithm – Reverse of an encryption algorithm. It used cipher text and secret key and generates plain text. Characteristics of cryptography Techniques used in encryption 1. Substitution – Each character of plain text is replaced by other character or symbol 2. Transposition – Rearrangement of characters of plain text 3. Multiple rounds of substitution and transposition is possible Number of Keys used 1. If same key is used for encryption and decryption process by sender and receiver then process is called as - Symmetric key cryptography/Single key cryptography/ Secret key cryptography/Conventional cryptography 2. If different keys are used for encryption and decryption process by sender and receiver then process is called as - Asymmetric key cryptography/ Two key cryptography/ Public key cryptography Processing of plain text 1. Block cipher - Processing one block of input at a time and producing corresponding output block for each input block 2. Stream cipher - Processing input in continuous format and producing corresponding output one element at a time as long as it goes. Attack Approaches for Symmetric Key Cryptography The objective of attacking an encryption system is to recover the key in use rather than simply to recover the plaintext of a single ciphertext 1. Cryptanalysis Rely on the nature of the algorithm + Knowledge of basic features of plain text or some sample plaintext–ciphertext pairs Exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. 2. Brute Force Attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. Cryptography Techniques SUBSTITUTION TECHNIQUES The techniques in which letters of plain text are replaced by other characters, symbols or numbers are called as substitution techniques. 1. Caesar cipher Involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. Note that the alphabet is wrapped around, so that the letter following Z is A. We can define the transformation by listing all possibilities, as follows: 2. Monoalphabetic cipher A substitution cipher where each letter of the plain text is replaced with another letter of the alphabet. It uses a fixed key which consist of the 26 letters of a “shuffled alphabet”. Example With the above key, all “A” letters in the plain text will be encoded to an “M”. This type of cipher is a form of symmetric encryption as the same key can be used to both encrypt and decrypt a message. Frequency in ciper text Decryption of cipher by attacker Frequency in plain text Decryption of cipher by attacker Cipher plain 2. Playfair cipher Best-known multiple-letter encryption cipher which treats digrams in the plaintext as single units and translates these units into ciphertext digrams Based on the use of a 5 × 5 matrix of letters constructed using a keyword Matrix Rules ★ Characters in keyword are arranged in 5x5 matrix row wise from left to right and from top to bottom ★ Repeated characters from keyword have to be written only once in matrix ★ Fill the rest spaces in matrix with remaining characters from A – Z which are not a part of keyword. ★ I and J can not be written separately. They need to write in same cell of matrix Encryption process Encryption process Encryption process Encryption process example: Hill Cipher Multi-letter cipher, developed by the mathematician Lester Hill in 1929. The algorithm uses matrix calculations used in Linear Algebra. It is easier to understand if we have the basic knowledge of matrix multiplication, modulo calculation, and the inverse calculation of matrices. In hill cipher algorithm every letter (A-Z) is represented by a number moduli 26. Usually, the simple substitution scheme is used where A = 0, B = 1, C = 2…Z = 25 in order to use 2x2 key matrix. The complexity of the Hill cipher increases with the size of the key matrix. To encrypt the text using hill cipher, we need to perform the following operation. E(K, P) = (K * P) mod 26 Where K is the key matrix and P is plain text in vector form. Matrix multiplication of K and P generates the encrypted ciphertext. Hill Cipher - Steps For Encryption Step 1: Let's say our key text (2x2) is DCDF. Convert this key using a substitution scheme into a 2x2 key matrix as shown below: Hill Cipher - Steps For Encryption Step 2: Now, we will convert our plain text into vector form. Since the key matrix is 2x2, the vector must be 2x1 for matrix multiplication. (Suppose the key matrix is 3x3, a vector will be a 3x1 matrix.) In our case, plain text is TEXT that is four letters long word; thus we can put in a 2x1 vector and then substitute as: Hill Cipher - Steps For Encryption Step 3: Multiply the key matrix with each 2x1 plain text vector, and take the modulo of result (2x1 vectors) by 26. Then concatenate the results, and we get the encrypted or ciphertext as RGWL. Vigenere Cipher / Polyalphabetic cipher A polyalphabetic cipher is any cipher based on substitution, using multiple substitution alphabets. The best known, and one of the simplest, polyalphabetic ciphers is the Vigenère cipher. The encryption of the original text is done using the Vigenère square or Vigenère table. 1. The table consists of the alphabets written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar Ciphers. 2. At different points in the encryption process, the cipher uses a different alphabet from one of the rows. 3. The alphabet used at each point depends on a repeating keyword. Vigenere Cipher / Polyalphabetic cipher A more easy implementation could be to visualize Vigenère algebraically by converting [A-Z] into numbers [0–25]. Note: Di denotes the offset of the i-th character of the plaintext. Like offset of A is 0 and of B is 1 and so on. Vigenère square or Vigenère table Vigenere Cipher - Example 1. Plain text : STAY HOME Keyword : TYCS 2. For generating key, the given keyword is repeated in a circular manner until it matches the length of the plain text. 3. The keyword "TYCS" generates the key "TYCSTYCS" 4. The plain text is then encrypted using the process explained below. ➔ The first letter of the plaintext, S is paired with T, the first letter of the key. So use row S and column T of the Vigenère square, namely L. ➔ Similarly, for the second letter of the plaintext, the second letter of the key is used, the letter at row T, and column Y is R. ➔ The rest of the plaintext is enciphered in a similar fashion. Vernam Cipher /One Time Pad Cipher An improvement to the Vernam cipher that yields the ultimate in security proposed by Army Signal Corp officer, Joseph Mauborgne Uses a random key that is as long as the message, so that the key need not be repeated. The key is to be used to encrypt and decrypt a single message, and then is discarded. Each new message requires a new key of the same length as the new message. It produces random output that bears no statistical relationship to the plaintext. Because the ciphertext contains no information whatsoever about the plaintext, there is simply no way to break the code. The security of the one-time pad is entirely due to the randomness of the key The one-time pad is the only cryptosystem that exhibits what is referred to as perfect secrecy. One Time Pad Cipher- Challenges In theory, we need look no further for a cipher. The one-time pad offers complete security but, in practice, has two fundamental difficulties: There is the practical problem of making large quantities of random keys. Any heavily used system might require millions of random characters on a regular basis. Supplying truly random characters in this volume is a significant task. Even more daunting is the problem of key distribution and protection. For every message to be sent, a key of equal length is needed by both sender and receiver. Thus, a mammoth key distribution problem exists. Because of these difficulties, the one-time pad is of limited utility and is useful primarily for low-bandwidth channels requiring very high security. One Time Pad Cipher- Encryption algorithm Assign a number to each character of the plain text and the key according to alphabetical order. Bitwise XOR both the number (Corresponding plain-text character number and Key character number). Subtract the number from 26 if the resulting number is greater than or equal to 26, if it isn’t then leave it. Note: For the Decryption apply the just reverse process of encryption. One Time Pad Cipher- Example Plain text : O A K Keyword : S O N 1. Since the resulting number is greater than 26, subtract 26 from it. Then convert the Cipher-Text character number to the Cipher-Text character. 2. One Time Pad Cipher- Example Plain text : O A K Keyword : S O N Similarly, do the same for the other corresponding characters, TRANSPOSITION TECHNIQUES The techniques in which letters of plain text are rearranged or jumbled are called as transposition techniques. 1. Rail fence cipher Plain text is represented as sequence of diagonals And then read as rows Plain text :- GOOD MORNING Cipher text :- GOMRIG ODONN Columnar cipher Keyed Transposition Cipher Columnar Transposition builds in a keyword to order the way we read the columns, as well as to ascertain how many columns to use. Write the plaintext out in a grid where the number of columns is the number of letters in the keyword. Title each column with the respective letter from the keyword. Take the letters in the keyword in alphabetical order, and read down the columns in this order. If a letter is repeated, we do the one that appears first, then the next and so on Example: Keyword: TOMATO Plaintext: The tomato is a plant in the nightshade family Ciphertext: TINESAXEOAHTFXHTLTHEYMAIIAIXTAPNGDLOSTNHMX Multicolumnar cipher Plain text is written in columns Order of the columns to read characters need to be finalized Read columns accordingly Write cipher text again in columns And repeat above process multiple times by keeping order of columns same. Steganography is the technique of hiding data within an ordinary, nonsecret file or message to avoid detection; the hidden data is then extracted at its destination. Steganography use can be combined with encryption as an extra step for hiding or protecting data. Steganography can be used to conceal almost any type of digital content, including text, image, video or audio content. Example: One of the most prevalent techniques is called ‘least significant bit’ (LSB) steganography. This involves embedding the secret information in the least significant bits of a media file. For example, In an image file, each pixel is made up of three bytes of data corresponding to the colors red, green, and blue. Some image formats allocate an additional fourth byte to transparency, or ‘alpha’.LSB steganography alters the last bit of each of those bytes to hide one bit of data. So, to hide one megabyte of data using this method, you would need an eight-megabyte image file.Modifying the last bit of the pixel value doesn’t result in a visually perceptible change to the picture, which means that anyone viewing the original and the steganographically-modified images won’t be able to tell the difference. Other steganography methods include hiding an entire partition on a hard drive or embedding data in the header section of files and network packets. The practice of adding a watermark -- a trademark or other identifying data hidden in multimedia or other content files -- is a common use of steganography. Online publishers often use watermarking to identify the source of media files that are being shared without permission. Example NFT(non fungible tokens) From a cybersecurity perspective, threat actors can use steganography to embed malicious data within seemingly unharming files Block Cipher Principles A block cipher is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length Many symmetric block encryption algorithms in current use are based on a structure referred to as a Feistel block cipher Stream Ciphers And Block Ciphers Stream Cipher Block Cipher In a stream cipher, encryption and decryption are In a block cipher, a group of plaintext symbols of done one symbol (such as a character or a bit) at size m (m > 1) are encrypted together creating a a time group of ciphertext of the same size. Consists of a plaintext stream, a ciphertext stream, Consists of a plaintext block, a ciphertext block,, a and a key stream single key is used to encrypt the whole block even if the key is made of multiple values. Uses only confusion Uses confusion and diffusion Reverse process is easy Reverse process is difficult Works on substitution techniques Works on transposition techniques Fast process Slow process Eg. monoalphabetic substitution ciphers, Vigenere Eg. Fiestel Cipher, Playfair ciphers, Hill Cipher ciphers, Vernam cipher Confusion And Diffusion Ciphers Confusion Diffusion Make the statistical relationship between the Make the relationship between the statistics plaintext and ciphertext as complex as of possible in order to thwart attempts to the ciphertext and the value of the deduce the key encryption key as complex as possible, again to thwart attempts to discover the key It is used in block and stream cipher method. It is used in block cipher method. If a single bit in the key is; changed, all the In case a symbol in the plaintext is changed, bits in the ciphertext will also have to be several or all symbols in the cipher text will changed. also have to be changed. Example Substitution Eg. Transposition DES (DATA ENCRYPTION STANDARD) The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST). DES is block cipher At the encryption site, DES takes a 64-bit plaintext and creates a 64-bit ciphertext; at the decryption site, DES takes a 64-bit ciphertext and creates a 64-bit block of plaintext. The same 56-bit cipher key is used for both encryption and decryption. Working of DES The encryption process is made of two permutations (P-boxes), which we call initial and final permutations, and sixteen Feistel rounds. Each round uses a different 48-bit round key generated from the cipher key according to a predefined algorithm. Initial and Final Permutations Each of these permutations takes a 64-bit input and permutes them according to a predefined rule. Keyless straight permutations that are the inverse of each other. The permutation rules for these P-boxes are shown in Table 6.1. Each side of the table can be thought of as a 64-element array. Rounds DES uses 16 rounds. Each round of DES is a Feistel cipher. Each round performs the steps of substitution and transposition. After IP is completed, the resultant 64-bit permuted text block is separated into two half blocks. Each block consists of 32 bits.Left block is called LI-1 and right block is called RI-1. 16 rounds are performed on these two blocks each. Key Generation A 64-bit key is used as input to the algorithm. The bits of the key are numbered from 1 through 64; every eighth bit is ignored, as indicated by the lack of shading in Table a. The key is first subjected to a permutation governed by a table labeled Permuted Choice One (Table b). The resulting 56-bit key is then treated as two 28-bit quantities, labeled Co and Do. Key Generation These parts are shifted towards left by one or two positions. For round number 1,2,9 or 16, shifting is done by one position and for rest of rounds shifting is done by two positions. After shifting random 48 bits are selected. This process is also known as compression permutation. DES Function The heart of DES is the DES function. The DES function applies a 48-bit key to the rightmost 32 bits (RI−1) to produce a 32-bit output. This function is made up of four sections: 1. an expansion P-box 2. a whitener (that adds key) 3. a group of S-boxes 4. a straight P-box 1. Expansion P-box Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to 48 bits. RI−1 is divided into 8 4-bit sections. Each 4-bit section is then expanded to 6 bits This input is first expanded to 48 bits by using a table that defines a permutation plus an expansion that involves duplication of 16 of the bits (Table 6.2) 2. Whitener (XOR) After the expansion permutation, DES uses the XOR operation on the expanded right section and the round key. Note that both the right section and the key are 48-bits in length. Also note that the round key is used only in this operation. 3. S-Boxes The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output. The 48-bit data from the second operation is divided into eight 6-bit chunks, and each chunk is fed into a box. The result of each box is a 4-bit chunk; when these are combined the result is a 32-bit text. 4. Straight P-box (Straight Permutation) The last operation in the DES function is a straight permutation with a 32-bit input and a 32-bit output. For example, the seventh bit of the input becomes the second bit of the output. XOR and Swap: – LPT, which is of 32 bits, which we have not processed at all. – LPT is XORed with output of RPT. – Result of this XOR operation becomes the new RPT. – The old value of RPT becomes new LPT in process of swapping. Final Permutation: – Finally, at the end of all 16 rounds, Final Permutation is performed only once. – A simple transposition is based on Final Permutation Table. – Output of the Final permutation is 64-bit encrypted block. MULTIPLE ENCRYPTION AND TRIPLE DES MULTIPLE ENCRYPTION AND TRIPLE DES Variations of DES: 1. Double DES 2. Triple DES Triple DES with 2 keys Advanced Encryption Standard (AES) The Advanced Encryption Standard (AES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) in December 2001. AES is a block cipher intended to replace DES for commercial applications. It uses a 128-bit block size and a key size of 128, 192, or 256 bits. AES has defined three versions (AES-128, AES-192, and AES-256) , with 10, 12, and 14 rounds. Each version uses a different cipher key size (128, 192, or 256), but the round keys are always 128 bits. AES does not use a Feistel structure. This algorithm can be implemented on software and hardware both, so it seems to be the strongest security protocol. Rounds AES is a non-Feistel cipher that encrypts and decrypts a data block of 128 bits. Each full round consists of four separate functions: 1. Substitute bytes: Uses an S-box to perform a byte-by-byte substitution of the block 2. ShiftRows: A simple permutation 3. MixColumns: A substitution that makes use of arithmetic over 4. AddRoundKey: A simple bitwise XOR of the current block with a portion of the expanded key. AES Encryption process AES processes the entire data block as a single matrix during each round using substitutions and permutation. The key that is provided as input is expanded into an array of forty-four 32-bit words, w[i]. Four distinct words (128 bits) serve as a round key for each round For both encryption and decryption, the cipher begins with an AddRoundKey stage, followed by nine rounds that each includes all four stages, followed by a tenth round of three stages Only the AddRoundKey stage makes use of the key. For this reason, the cipher begins and ends with an AddRoundKey stage. Any other stage, applied at the beginning or end, is reversible without knowledge of the key and so would add no security The AddRoundKey stage is, in effect, a form of Vernam cipher and by itself would not be formidable. The other three stages together provide confusion, diffusion, and nonlinearity, but by themselves would provide no security because they do not use the key AES Encryption process The cipher as alternating operations of XOR encryption (AddRoundKey) of a block, followed by scrambling of the block (the other three stages), followed by XOR encryption, and so on. Block Cipher Modes of Operation In real life applications, the text to be enciphered is of variable size and normally much larger than 64 or 128 bits. Modes of operation have been devised to encipher text of any size employing either DES or AES. Electronic Codebook (ECB) Mode The simplest mode of operation is called the electronic codebook (ECB) mode. The plaintext is divided into N blocks. The block size is n bits(mostly 64 bits). If the plaintext size is not a multiple of the block size, the text is padded to make the last block the same size as the other blocks. The same key is used to encrypt and decrypt each block. The term codebook is used because, for a given key, there is a unique ciphertext for every n-bit block of plaintext. Advantages The ECB method is ideal for a short amount of data, such as an encryption key. Thus, if you want to transmit a DES or AES key securely, ECB is the appropriate mode to use. Faster and easy implementation. Electronic Codebook (ECB) Mode Disadvantages: The most significant characteristic of ECB is that if the same n-bit block of plaintext appears more than once in the message, it always produces the same ciphertext. For lengthy messages, the ECB mode may not be secure. If the message is highly structured, it may be possible for a cryptanalyst to exploit these regularities Electronic Codebook (ECB) Mode Cipher Block Chaining (CBC) Mode To overcome the security deficiencies of ECB, we would like a technique in which the same plaintext block, if repeated, produces different ciphertext blocks In this scheme, the input to the encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext block; the same key is used for each block. In effect, we have chained together the processing of the sequence of plaintext blocks. The input to the encryption function for each plaintext block bears no fixed relationship to the plaintext block. Therefore, repeating patterns of bits are not exposed. As with the ECB mode, the CBC mode requires that the last block be padded to a full bits if it is a partial block. For decryption, each cipher block is passed through the decryption algorithm. The result is XORed with the preceding ciphertext block to produce the plaintext block. Cipher Block Chain (CBC) Mode The first step of encryption receives 2 inputs :- ➔ First block of plaintext ➔ Random block of text called Initialization vector (IV) Initialization vectors is a randomly produced set of characters used to make each message unique. The IV must be known to both the sender and receiver but be unpredictable by a third party The second step makes use of second plaintext block XORed with the cipher text block generated in step 1 and uses the key for encryption to produce ciphertext block 2 an so on. Advantages: Suitable for large amount of data Maintains confidentiality Supports authentication Security enhancement as compared with ECB due to use of XOR and IV Cipher Feedback (CFB) Mode For AES, DES, or any block cipher, encryption is performed on a block of bits. In the case of DES b=64, and in the case of AES b=128. However, it is possible to convert a block cipher into a stream cipher, using one of the three modes: cipher feedback (CFB) mode, output feedback (OFB) mode, and counter (CTR) mode. A stream cipher eliminates the need to pad a message to be an integral number of blocks. It also can operate in real time. Thus, if a character stream is being transmitted, each character can be encrypted and transmitted immediately using a character-oriented stream cipher. In CFB mode, encipherment and decipherment use the encryption function of the underlying block cipher. In this mode, like CBC, 64-bit Initialization vector(IV) is used and a shift register as well. Cipher Feedback (CFB) Mode The following four steps are used for this cipher mode Assume that there are i-bits of plaintext taken at a time Step 1: Initially, shift register is filled with 64-bit initialization vector (IV), and encryption algorithm is executed once to create 64 bits IV ciphertext. Step 2: The left-most i-bits of encrypted IV is then XOR'ed with i-bits of plaintext which generates first portion of ciphertext (say C) and then C is transmitted to receiver. Step 3: Contents of shift register including IV are shifted left by i positions and empty rightmost i places of shift register are then filled with C. Step 4: Steps 1 to 3 are repeated until all the plaintext units are encrypted. Output Feedback (OFB) Mode The output feedback (OFB) mode is similar in structure to that of CFB. It is the output of the encryption function that is fed back to the shift register in OFB, whereas in CFB, the ciphertext unit is fed back to the shift register The other difference is that the OFB mode operates on full blocks of plaintext and ciphertext, not on an s-bit subset. As with CBC and CFB, the OFB mode requires an initialization vector. In the case of OFB, the IV must be a nonce; that is, the IV must be unique to each execution of the encryption operation. Changing of IV in same plaintext block produces different ciphertext. One advantage of the OFB method is that bit errors in transmission do not propagate The disadvantage of OFB is that it is more vulnerable to a message stream modification attack than is CFB. Counter (CTR) Mode In the counter (CTR) mode, there is no feedback. A counter equal to the plaintext block size is used. The counter value must be different for each plaintext block that is encrypted. The counter is initialized to some value(IV) and then incremented by 1 for each subsequent block (modulo 2b , where b is the block size) For encryption, the counter is encrypted and then XORed with the plaintext block to produce the ciphertext block; there is no chaining. For the last plaintext block, which may be a partial block of bits, the most significant bits of the last output block are used for the XOR operation; the remaining bits are discarded. Unlike the ECB, CBC, and CFB modes, we do not need to use padding because of the structure of the CTR mode. As with the OFB mode, the initial counter value must be a nonce; that is, must be different for all of the messages encrypted using the same key Any other plaintext blocks that are encrypted using the same counter value can be easily recovered from their associated ciphertext blocks. Counter (CTR) Mode Advantages: Hardware efficiency: Unlike the three chaining modes, encryption (or decryption) in CTR mode can be done in parallel on multiple blocks of plaintext or ciphertext. In CTR mode, the throughput is only limited by the amount of parallelism that is achieved. Unlike chaining modes maximum throughput of the algorithm to the reciprocal of the time for one execution of block encryption or decryption Software efficiency: Similarly, because of the opportunities for parallel execution in CTR mode, processors that support parallel features can be effectively utilized. Random access: The th block of plaintext or ciphertext can be processed in random-access fashion. With the chaining modes, block cannot be computed until the – 1 prior block are computed. Public-Key Cryptography and RSA Asymmetric encryption is a form of cryptosystem in which encryption and decryption are performed using the different keys—one a public key and one a private key. It is also known as public-key encryption. Asymmetric encryption transforms plaintext into ciphertext using a one of two keys and an encryption algorithm. Using the paired key and a decryption algorithm, the plaintext is recovered from the ciphertext. Asymmetric encryption can be used for confidentiality, authentication, or both. The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on the difficulty of finding the prime factors of a composite number. Components of Public Key Cryptosystem 1. Plain Text A normal readable message which is considered as input for the process of encryption 2. Encryption Algorithm Sequence of steps which are used to convert plain text into cipher text 3. Public key and private key Key pair which is selected for asymmetric key cryptography. One key is used in encryption process and other will be used for decryption process. 4. Cipher Text The resultant text which is produced after implementing encryption algorithm. 5. Decryption Algorithm Sequence of steps which are used to convert cipher text back into plain text with the help of matching key Steps involved in Asymmetric key cryptography Steps involved in Asymmetric key cryptography Symmetric and Asymmetric cryptography / Conventional and Public-Key Encryption Symmetric / Conventional Asymmetric / Public-key The same algorithm with the same key is One algorithm is used for encryption and used for encryption and decryption. decryption with a pair of keys, one for encryption and one for decryption. The sender and receiver must share the The sender and receiver must each have algorithm and the key one of the matched pair of keys (not the same one). The key must be kept secret. One of the two keys must be kept secret. Knowledge of the algorithm plus samples of Knowledge of the algorithm plus one of the ciphertext must be insufficient to determine keys plus samples of ciphertext must be the key. insufficient to determine the other key. Applications for Public-Key Cryptosystems Depending on the application, the sender uses either the sender’s private key or the receiver’s public key, or both, to perform some type of cryptographic function. In broad terms, we can classify the use of public-key cryptosystems into three categories Applications for Public-Key Cryptosystems Depending on the application, the sender uses either the sender’s private key or the receiver’s public key, or both, to perform some type of cryptographic function. In broad terms, we can classify the use of public-key cryptosystems into three categories RSA ALGORITHM Developed in 1977 by Ron Rivest, Adi Shamir, and Len Adleman at MIT Use of two keys :- Public and private key One key which is known to be as public key is sent to other who are involved in communication and other key is kept secret. Based on block cipher. Plain text is encrypted in blocks. Public and private key are based on random prime numbers. Encryption and decryption are of the following form, for some plaintext block M and ciphertext block C. RSA ALGORITHM Both sender and receiver must know the value of n. The sender knows the value of e, and only the receiver knows the value of d. Thus, this is a public-key encryption algorithm with a public key of PU = {e, n} and a private key of PR = {d, n}. To implement RSA the following things are required RSA ALGORITHM RSA ALGORITHM - Example 1. p=15 & q=17 2. n=p*q =15*17=255 3. phi(n) = 14*16 = 224 4. e= 3 RSA ALGORITHM - Example d= ((224*1)+1)/3 =75 Stop the process when you get a absolute value of d for some value of i RSA ALGORITHM - Example 6. Public key ={3,255} , Private key= {75,255} 7. let’s say M=13 C = 13 ^ 3 mod 255 => 157 8. M = 157 ^ 75 mod 255 =>13 RSA ALGORITHM - Exercise