Network Security Lecture Notes PDF

University of Information Technology & Communications College of Engineering Mobile Communication and Computing Engineering Network security fourth stage Ass.Lec Hiba M. Yousif...

University of Information Technology & Communications College of Engineering Mobile Communication and Computing Engineering Network security fourth stage Ass.Lec Hiba M. Yousif Master’s degree in Information Security [email protected] Lecture Topics: - Encryption definition - Symmetric Encryption Model - The symmetric encryption scheme ingredients - Model of Symmetric Cryptosystem - Cryptography - Cryptanalysis The main goal of this lecture on security is to present an overview of the main concepts of symmetric cryptography. At the end of the lecture, you will be able to : - Define symmetric cipher model - List symmetric encryption scheme - Define the cryptography - Define the cryptoanalysis Encryption is the process of transforming readable plaintext into unreadable ciphertext to mask sensitive information from unauthorized users. Organizations regularly use encryption in data security to protect sensitive data from unauthorized access and data breach. Classical Encryption Techniques Symmetric Encryption Model A symmetric cipher model involves a single key that is used for both encryption and decryption. both the sender and receiver must possess the same secret key to communicate securely. Symmetric encryption scheme has five ingredients: Plaintext: This is the original intelligible message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext. Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext. Symmetric Encryption Scheme There are two requirements for secure use of conventional encryption: 1. We need a strong encryption algorithm. At a minimum, we would like the algorithm to be such that an opponent who knows the algorithm and has access to one or more ciphertexts would be unable to decipher the ciphertext or figure out the key. This requirement is usually stated in a stronger form: The opponent should be unable to decrypt ciphertext or discover the key even if he or she is in possession of a number of ciphertexts together with the plaintext that produced each ciphertext. 2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. If someone can discover the key and knows the algorithm, all communication using this key is readable. Model of Symmetric Cryptosystem Let us take a closer look at the essential elements of a symmetric encryption scheme, A source produces a message in plaintext, X = [X1, X2, c, XM]. The M elements of X are letters in some finite alphabet. Traditionally, the alphabet usually consisted of the 26 capital letters. Nowadays, the binary alphabet {0, 1} is typically used. For encryption, a key of the form K = [K1, K2, c, KJ] is generated. If the key is generated at the message source, then it must also be provided to the destination by means of some secure channel. Alternatively, a third party could generate the key and securely deliver it to both source and destination. With the message X and the encryption key K as input, the encryption algorithm forms the ciphertext Y = [Y1, Y2, c, YN]. We can write this as: Y = E(K, X) This notation indicates that Y is produced by using encryption algorithm E as a function of the plaintext X, with the specific function determined by the value of the key K. The intended receiver, in possession of the key, is able to invert the transformation: X = D(K, Y) An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X and K. It is assumed that the opponent knows the encryption (E) and decryption (D) algorithms. If the opponent is interested in only this particular message, then the focus of the effort is to recover X by generating a plaintext estimate. Often, however, the opponent is interested in being able to read future messages as well, in which case an attempt is made to recover K by generating an estimate. Cryptography: is the practice of developing and using coded algorithms to protect and obscure transmitted information so that it may only be read by those with the permission and ability to decrypt it Cryptographic systems are characterized along three independent dimensions:The type of operations used for transforming plaintext to ciphertext. The number of keys used The way in which the plaintext is processed Cryptanalysis The process of attempting to discover X or K or both is known as cryptanalysis. The strategy used by the cryptanalysis depends on the nature of the encryption scheme and the information available to the cryptanalyst. There are various types of cryptanalytic attacks based on the amount of information known to the cryptanalyst. - Cipher text only – A copy of cipher text alone is known to the cryptanalyst. - Known plaintext – The cryptanalyst has a copy of the cipher text and the corresponding plaintext. - Chosen plaintext – The cryptanalysts gains temporary access to the encryption machine. They cannot open it to find the key, however; they can encrypt a large number of suitably chosen plaintexts and try to use the resulting cipher texts to deduce the key. - Chosen cipher text – The cryptanalyst obtains temporary access to the decryption machine, uses it to decrypt several string of symbols, and tries to use the results to deduce the key. 1. The type of operations used for transforming plaintext to ciphertext. Substitution in which each element in the plaintext (bit, letter, group of bits or letters) is mapped into another element Transposition in which elements in the plaintext are rearranged Note: Most systems, referred to as product systems, involve multiple stages of substitutions and transpositions. 2. The number of keys used Symmetric key, single key secret key or conventional key Asymmetric, two-key, or public key encryption 3. The way in which the plaintext is processed Block cipher: processes the input one block of elements at a time, producing an output block for each input block. Stream cipher: processes the input elements continuously, producing output one element at a time, as it goes along. 1.Substitution: The substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. Caesar Cipher The earliest known, and the simplest, use of a substitution cipher was by Julius Caesar. The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. For example, plain: meet me after the toga party cipher: PHHW PH DIWHU WKH WRJD SDUWB plain: a b c d e f g h i j k l m n o p q r s t u v w x y z cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C If it is known that a given ciphertext is a Caesar cipher, an Attacker is easily performed attack ( brute force attack: A brute force attack is uses a trial-and-error approach to systematically guess login info, credentials, and encryption keys. The attacker submits combinations of usernames and passwords until they finally guess correctly. ) on the cipher text, What are the weaknesses of the method in your opinion? A: 1. The encryption and decryption algorithms are known. 2. There are only 25 keys to try. 3. The language of the plaintext is known and easily recognizable. 2.Transposition : A very different kind of mapping is achieved by performing some sort of permutation on the plaintext letters. The simplest such cipher is the rail fence technique, in which the plaintext is written down as a sequence of diagonals and then read off as a sequence of rows. For example, to encipher the message “meet me after the toga party” with a rail fence of depth 2, we write the following: mematrhtgpry etefeteoaat The encrypted message is MEMATRHTGPRYETEFETEOAAT (Another way to view the book is on page 107.) Compare substitution and transposition cipher , which one is more secure in your opinion

Network Security Lecture Notes PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue