Information and Network Security Unit-02 PDF
Document Details
Uploaded by Deleted User
Prof. Bhakti Chaudhari
Tags
Summary
This document covers information and network security concepts like RSA algorithm, encryption modes, and public key cryptography. It details steps in RSA algorithm and various encryption modes, and an explanation of public key cryptography. The document's layout and organization seem to resemble a unit from a course on information and network security at the undergraduate or postgraduate level.
Full Transcript
INFORMATION AND NETWORK SECURITY UNIT-02 1. State and explain with example step involved with RSA Algorithm. RSA algorithm: Step 1: Derive RSA key pair Choose two large prime numbers p and q such that each of these prime numbers may be 100...
INFORMATION AND NETWORK SECURITY UNIT-02 1. State and explain with example step involved with RSA Algorithm. RSA algorithm: Step 1: Derive RSA key pair Choose two large prime numbers p and q such that each of these prime numbers may be 100 or more number of digits in length. Compute n=pXq such that n is approximately twice as many digits as of the prime factors. Also compute z=(p-1)(q-1) Choose e such that e < n and it has no common factors with z. that means, and z are relatively prime. Choose d such that ed-1 is exactly divisible by z. that means, ed mod z=1 Therefore resulting RSA key pair contains: o Public key(n,e)=KB o Private key(n,d)=KB Step 2: RSA Encryption To encrypt a bit pattern (plaintext message) m, compute c= me mod n where c is the remainder when me is divided by n Step 3: RSA Decryption To decrypt received bit pattern(CipherText message) c, compute m= cd mod n where m is the remainder when cd is divided by n That means, m=(me mod n)d mod n The Security of RSA: There are four possible approaches to attacking the RSA algorithm are Brute force: This involves trying all possible private keys. Mathematical attacks: There are several approaches,all equivalent in effort to factoring the product of two primes. Timing attacks: These depend on the running time of the decryption algorithm. Chosen ciphertext attacks: This type of attack exploits properties of the RSA algorithm. 2. Describe various modes of encryption algorithm. Encryption algorithms are divided into two categories based on input type, as block cipher and stream cipher. Block cipher is an encryption algorithm which takes fixed size of input say b bits and produces a ciphertext of b bits again. If input is larger than b bits it can be divided further. For different applications and uses, there are several modes of operations for a block cipher. Electronic Code Book (ECB) – Electronic code book is the easiest block cipher mode of functioning. It is easier because of direct encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext. Generally, if a message is larger than b bits in size, it can be broken down into bunch of blocks and the procedure is repeated. Procedure of ECB is illustrated below: 1 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 Advantages of using ECB – Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption. Simple way of block cipher. Disadvantages of using ECB – Prone to cryptanalysis since there is a direct relationship between plaintext and ciphertext. Cipher Block Chaining(CBC) – Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some security requirements. In CBC, previous cipher block is given as input to next encryption algorithm after XOR with original plaintext block. In a nutshell here, a cipher block is produced by encrypting a XOR output of previous cipher block and present plaintext block. The process is illustrated here: 2 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 Advantages of CBC – CBC works well for input greater than b bits. CBC is a good authentication mechanism. Better resistive nature towards cryptanalsis than ECB. Disadvantages of CBC – Parallel encryption is not possible since every encryption requires previous cipher. Cipher Feedback Mode (CFB) – In this mode the cipher is given as feedback to the next block of encryption with some new specifications: first an initial vector IV is used for first encryption and output bits are divided as set of s and b-s bits the left hand side s bits are selected and are applied an XOR operation with plaintext bits. The result given as input to a shift register and the process continues. The encryption and decryption process for the same is shown below, both of them use encryption algorithm. Advantages of CFB – Since, there is some data loss due to use of shift register, thus it is difficult for applying cryptanalysis. 3 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 3. Explain public key cryptosystem. A public-key encryption scheme has six ingredients Plaintext: This is the readable message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various transformations on the plaintext. Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input. Ciphertext: This is the scrambled message produced as output.It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts. Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext. The essential steps are the following. 1. Each user generates a pair of keys to be used for the encryption and decryption of messages. 2. Each user places one of the two keys in a public register or other accessible file. This is the public key. 3. The companion key is kept private.As Figure 9.1a suggests, each user maintains a collection of public keys obtained from others. 4. If Bob wishes to send a confidential message to Alice,Bob encrypts the message using Alice’s public key. 5. When Alice receives the message, she decrypts it using her private key. No other recipient can decrypt the message because only Alice knows Alice’s private key. Applications for Public-Key Cryptosystems 4 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 4. Explain Diffie-Hellman Key Exchange algorithm with example. Diffie Hellman (DH) key exchange algorithm is a method for securely exchanging cryptographic keys over a public communications channel. Keys are not actually exchanged – they are jointly derived. It is named after their inventors Whitfield Diffie and Martin Hellman. Algorithm is stated in the following steps: 1. If Alice and Bob wish to communicate with each other, they first agree between them a large prime number p, and a generator (or base) g (where 0 < g < p). 2. Alice chooses a secret integer a (her private key) and then calculates g^a mod p (which is her public key). Bob chooses his private key b, and calculates his public key in the same way. 3. Alice and Bob then send each other their public keys. Alice now knows a and Bob’s public key g^b mod p. She is not able to calculate the value b from Bob’s public key as this is a hard mathematical problem (known as the discrete logarithm problem). She can however calculate (g^b)^a mod p = g^ab mod p. 4. Bob knows b and g^a, so he can calculate (g^a)^b mod p = g^ab mod p. Therefore both Alice and Bob know a shared secret g^ab mod p. An eavesdropper Eve who was listening in on the communication knows p, g, Alice’s public key (g^a mod p) and Bob’s public key (g^b mod p). She is unable to calculate the shared secret from these values. 5. In static-static mode, both Alice and Bob retain their private/public keys over multiple communications. Therefore the resulting shared secret will be the same every time. In ephemeral-static mode one party will generate a new private/public key every time, thus a new shared secret will be generated. Example: Step 1: Alice and Bob get public numbers P = 23, G = 9 Step 2: Alice selected a private key a = 4 and Bob selected a private key b = 3 Step 3: Alice and Bob compute public values Alice: x =(9^4 mod 23) = (6561 mod 23) = 6 Bob: y = (9^3 mod 23) = (729 mod 23) = 16 Step 4: Alice and Bob exchange public numbers Step 5: Alice receives public key y =16 and Bob receives public key x = 6 Step 6: Alice and Bob compute symmetric keys Alice: ka = y^a mod p = 65536 mod 23 = 9 Bob: kb = x^b mod p = 216 mod 23 = 9 Step 7: 9 is the shared secret. 5 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 5. What are the Problems with public key exchange? Private key, or secret key, systems use the same key to encrypt and decrypt data. Because of this, you need to keep your key hidden so that no one else can access it. In a public key system, you use two keys. Your private key, which you keep hidden, decrypts data, but the public key gets used to encrypt the data. Because there's essentially no use to the public key other than to encode information, you can safely share it with anyone. Public key encryption works well in situations where you can't securely share a key, like over the Internet, but it has some real disadvantages. 1. Speed Public key encryption works very well and is extremely secure, but it's based on complicated mathematics. Because of this, your computer has to work very hard to both encrypt and decrypt data using the system. In applications where you need to work with large quantities of encrypted data on a regular basis, the computational overhead means that public key systems can be very slow. 2. Certification Problems Many public key systems use a third party to certify the reliability of public keys. For instance, if you were to encrypt sensitive corporate data to send to your attorney's computer, you'd want to be sure that the computer you were sending it to was really tied to his law firm. 6 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 The third party, called a certification authority, digitally signs their public key, turning it into a digital certificate, so that you can be sure it's safe to use. However, if the certification authority gets compromised, the criminal that did it could issue false certificates and fool people into sending data to the wrong place. This has already happened. 3. Direct Compromise There are two ways to crack data encrypted with a public key system. The first is to find a hole in the underlying mathematics that can be used to break the cipher. As of the date of publication, no such hole is publicly known. The other way to crack the encryption is to guess the correct key. Since public key encryption works on the basis of having an extremely large number that is derived from multiplying a large number hidden in the public key with a large number hidden in the private key, if you could factor that extremely large number, you could break the encryption. As computers become more powerful and as quantum computing, which uses light to create even faster speeds than traditional supercomputers, becomes a reality, brute force attacks on public key encrypted data become practical. 4. False Sense of Security No matter how safe your public key cryptography system is, it only protects what it's designed to protect. For instance, when your customers send you their credit card data over the Internet that transfer is protected by a mixture of public and private key encryption and is extremely safe. However, once you receive that credit card data, if you leave a computer with access to your server out in the open, someone could sit down at the keyboard, download all of the securely transferred data and steal it. Public key encryption won't protect against that and, as such, it's only a part of an overall security system. 6. Explain man in middle attack with example. A MITM attack happens when a communication between two systems is intercepted by an outside entity. This can happen in any form of online communication, such as email, social media, web surfing, etc. Not only are they trying to eavesdrop on your private conversations, they can also target all the information inside your devices. A man-in-the-middle attack is a type of cyberattack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late Man-in-the-middle is a type of eavesdropping attack that occurs when a malicious actor inserts himself as a relay/proxy into a communication session between people or systems. A MITM attack exploits the real-time processing of transactions, conversations or transfer of other data. Man-in-the-middle attacks allow attackers to intercept, send and receive data never meant to be for them without either outside party knowing until it is too late. 7 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 Man-in-the-middle is a form of session hijacking. Other forms of session hijacking similar to man-in- the-middle are: Sidejacking - This attack involves sniffing data packets to steal session cookies and hijack a user’s session. These cookies can contain unencrypted login information, even if the site was secure. Evil Twin - This is a rogue Wi-Fi network that appears to be a legitimate network. When users unknowingly join the rogue network, the attacker can launch a man-in-the-middle attack, intercepting all data between you and the network. Sniffing - This involves a malicious actor using readily available software to intercept data being sent from, or to, your device. 7. Explain message authentication requirements. Message authentication is a mechanism or service used to verify the integrity of a message. Message authentication assures that data received are exactly as sent by (i.e., contain no modification, insertion, deletion ,or replay) and that the purported identity of the sender is valid. In the context of communications across a network, the following attacks can be identified. 1. Disclosure: Release of message contents to any person or process not possessing the appropriate cryptographic key. 2. Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented application, the frequency and duration of connections could be determined. In either a connection-oriented or connectionless environment, the number and length of messages between parties could be determined. 3. Masquerade: Insertion of messages into the network from a fraudulent source. This includes the creation of messages by an opponent that are purported to come from an authorized entity. Also included are fraudulent acknowledgments of message receipt or nonreceipt by someone other than the message recipient. 4. Content modification: Changes to the contents of a message, including insertion, deletion, transposition, and modification. 5. Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion and reordering. 6. Timing modification: Delay or replay of messages. In a connection-oriented application, an entire session or sequence of messages could be a replay of some previous valid session or individual messages in the sequence could be delayed or replayed. In a connectionless application, an individual message (e.g., datagram) could be delayed or replayed. 7. Source repudiation: Denial of transmission of message by source. 8. Destination repudiation: Denial of receipt of message by destination. 8 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 8. What is a message authentication code? Message authentication code (MAC), sometimes known as a tag, is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed. This is an alternative authentication technique that involves the use of a secret key to generate a small fixed-size block of data. This technique assumes that two communicating parties, say A and B, share a common secret key K. when A has a message to send to B, it calculates the MAC as a function of the message and key MAC = MAC(K, M) Where, M = input message, C = MAC function, K = shared secret key and MAC = message authentication code The message plus MAC are transmitted to the intended recipient. The recipient performs the same calculation on the received message, using the same secret key, to generate a new MAC. The received MAC is compared to the calculated MAC. If we assume that only the receiver and the sender know the identity of the secret key, and if the received MAC matches the calculated MAC, then - 1. The receiver is assured that the message has not been altered. If an attacker alters the message but does not alter the MAC, then the receiver’s calculation of the MAC will differ from the received MAC. Because the attacker is assumed not to know the secret key, the attacker cannot alter the MAC to correspond to the alterations in the message. 2. The receiver is assured that the message is from the alleged sender. Because no one else knows the secret key,no one else could prepare a message with a proper MAC. 3. If the message includes a sequence number (such as is used with HDLC,X.25, and TCP),then the receiver can be assured of the proper sequence because an attacker cannot successfully alter the sequence number. 9 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 A MAC function is similar to encryption. One difference is that the MAC algorithm need not be reversible, as it must be for decryption. Q. Describe limitations of MAC There are two major limitations of MAC, both due to its symmetric nature of operation − Establishment of Shared Secret. o It can provide message authentication among pre-decided legitimate users who have shared key. o This requires establishment of shared secret prior to use of MAC. Inability to Provide Non-Repudiation o Non-repudiation is the assurance that a message originator cannot deny any previously sent messages and commitments or actions. o MAC technique does not provide a non-repudiation service. If the sender and receiver get involved in a dispute over message origination, MACs cannot provide a proof that a message was indeed sent by the sender. o Though no third party can compute the MAC, still sender could deny having sent the message and claim that the receiver forged it, as it is impossible to determine which of the two parties computed the MAC. Q. Explain security of MAC. Just as with symmetric and public-key encryption, we can group attacks on hash functions and MACs into two categories: brute-force attacks and cryptanalysis. Brute-force attacks: A brute-force attack on a MAC is a more difficult undertaking than a brute-force attack on a hash function because it requires known message-tag pairs. The strength of a hash function against brute-force attacks depends solely on the length of the hash code produced by the algorithm, with cost (2m/2). A brute-force attack on a MAC has cost related to min (2k, 2n), similar to symmetric encryption algorithms. It would appear reasonable to require that the key length and MAC length satisfy a relationship such as min(k, n) >= N, where N is perhaps in the range of 128 bits. Q. Explain Hash Function? A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length. Values returned by a hash function are called message digest or hash values. The following picture illustrated hash function – Features of Hash Functions : The typical features of hash functions are − Fixed Length Output (Hash Value) 10 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 Hash function coverts data of arbitrary length to a fixed length. This process is often referred to as hashing the data. In general, the hash is much smaller than the input data, hence hash functions are sometimes called compression functions. Since a hash is a smaller representation of a larger data, it is also referred to as a digest. Hash function with n bit output is referred to as an n-bit hash function. Popular hash functions generate values between 160 and 512 bits. Efficiency of Operation Generally for any hash function h with input x, computation of h(x) is a fast operation. Computationally hash functions are much faster than a symmetric encryption. Q. Define Properties of Hash Functions[types of security in hash function] In order to be an effective cryptographic tool, the hash function is desired to possess following properties − Pre-Image Resistance o This property means that it should be computationally hard to reverse a hash function. o In other words, if a hash function h produced a hash value z, then it should be a difficult process to find any input value x that hashes to z. o This property protects against an attacker who only has a hash value and is trying to find the input. Second Pre-Image Resistance o This property means given an input and its hash, it should be hard to find a different input with the same hash. o In other words, if a hash function h for an input x produces hash value h(x), then it should be difficult to find any other input value y such that h(y) = h(x). o This property of hash function protects against an attacker who has an input value and its hash, and wants to substitute different value as legitimate value in place of original input value. Collision Resistance o This property means it should be hard to find two different inputs of any length that result in the same hash. This property is also referred to as collision free hash function. o In other words, for a hash function h, it is hard to find any two different inputs x and y such that h(x) = h(y). o Since, hash function is compressing function with fixed hash length, it is impossible for a hash function not to have collisions. This property of collision free only confirms that these collisions should be hard to find. o This property makes it very difficult for an attacker to find two input values with the same hash. o Also, if a hash function is collision-resistant then it is second pre-image resistant. 11 Prof. Bhakti Chaudhari INFORMATION AND NETWORK SECURITY UNIT-02 Q. What are different applications of Hash Functions There are two direct applications of hash function based on its cryptographic properties. 1. Password Storage Hash functions provide protection to password storage. Instead of storing password in clear, mostly all logon processes store the hash values of passwords in the file. The Password file consists of a table of pairs which are in the form (user id, h(P)). The process of logon is depicted in the following illustration − An intruder can only see the hashes of passwords, even if he accessed the password. He can neither logon using hash nor can he derive the password from hash value since hash function possesses the property of pre-image resistance. 2. Data Integrity Check Data integrity check is a most common application of the hash functions. It is used to generate the checksums on data files. This application provides assurance to the user about correctness of the data. The process is depicted in the following illustration − The integrity check helps the user to detect any changes made to original file. It however, does not provide any assurance about originality. The attacker, instead of modifying file data, can change the entire file and compute all together new hash and send to the receiver. This integrity check application is useful only if the user is sure about the originality of file. 12 Prof. Bhakti Chaudhari