Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer and Network Security

Published byEvan Daniels Modified over 5 years ago

Similar presentations

Presentation on theme: "Computer and Network Security"— Presentation transcript:

1 Computer and Network Security
Rabie A. Ramadan

2 CIA Triad Security Goals Confidentiality, Integrity , and Availability

3 Confidentiality The property of preventing disclosure of information to unauthorized individuals or systems. Real Scenario a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. To ensure confidentiality To ensure confidentiality

4 Integrity Data cannot be modified without authorization.
Real scenarios: Integrity is violated when an employee (accidentally or with malicious intent) deletes important data files, When a computer virus infects a computer, When an employee is able to modify his own salary in a payroll database, When an unauthorized user vandalizes a web site, When someone is able to cast a very large number of votes in an online poll, and so on. Preventing by Access Control and Encryption

5 Availability The information must be available when it is needed.
Highly available systems aim to remain available at all times. Real Scenarios Power outages, Hardware failures, DoS attacks (denial-of-service attacks). Preventions by fault tolerance , access control, and attack prevention mechanisms.

6 Security Goals (Summary)
Confidentiality Ensures that computer-related assets are accessed only by authorized parties. Sometimes called secrecy or privacy. Integrity Assets can be modified only by authorized parties or only in authorized ways. Availability Assets are accessible to authorized parties at appropriate times. The opposite is denial of service.

7 Security Goals Strong protection is based on Goals relations

8 Goals are Applied to Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks

9 Threats , vulnerability, and Attacks
Crossing the water to the right is a Threat to the man. Ex. (Computer) software failures Crossing the water through the wall crack is a Vulnerability. Ex. (Computer) Open ports Somebody or another system destroyed the wall is an Attack Ex. (Computer) sending an overwhelming set of messages to another system to block it.

10 Attacks Passive Attacks Active Attacks
Attempts to learn or make use of information from the system but does not affect system resources. Eavesdropping or monitoring of transmissions Active Attacks Attempts to alter system resources or affect their operation.

11 Passive Attacks Release of message contents / snooping

12 Passive Attacks (Cont.)
Traffic Analysis/ spoofing Passive Attacks are hard to be detected

13 Active Attacks

14 Active Attacks Masquerade One entity pretends to be a different entity

15 Active Attacks (Cont.) Replay Attack
Passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

16 Active Attacks (Cont.) Modification Attack
Some portion of a legitimate message is altered, or that messages are reordered, to produce an unauthorized effect

17 Active Attacks (Cont.) Denial of Service
Prevents or inhibits the normal use or management of communications facilities

18 Group Activities Which of the following attacks is a threat to which of the security goals? Attacks Security Goals Modification Confidentiality Masquerading Integrity Traffic Analysis Availability Denial of service Replaying Snooping

19 Answer Security Attacks Snooping Traffic Analysis Modification
Masquerading Replaying Denial of Service Confidentiality Integrity Availability Replaying might change the message sequence.. That is why it is under the integrity .

20 Security Services Authentication - assurance that the communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality –protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication

21 Security Mechanisms Specific security mechanisms:
Implemented on specific layer (OSI model) Encipherment, digital signatures, access controls, data integrity, authentication exchange, routing control, notarization Pervasive security mechanisms: Not related to a specific layer Trusted functionality, security labels, event detection

22 Model for Network Security

23 Model for Network Security
Using this model requires us to: Design a suitable algorithm for the security transformation. Generate the secret information (keys) used by the algorithm. Develop methods to distribute and share the secret information. Specify a protocol enabling the principals to use the transformation and secret information for a security service.

24 Symmetric Cipher Model

25 Symmetric Cipher Model
Known as: Conventional Encryption Single-Key Encryption Plaintext Original text/msg Ciphertext Coded msg Enciphering/Encryption The process of converting the plaintext to ciphertext Deciphering/Decryption The process of converting the ciphertext to plaintext

26 Symmetric Cipher Model (Cont.)
Cryptography The developed encryption schemes Cryptanalysis Techniques used to get the plaintext out of the ciphertext without prior knowledge to the encryption scheme (breaking the code) Cryptology Both the cryptography and cryptanalysis

27 More Definitions Unconditional Security Computational Security
The ciphertext provides insufficient information to uniquely determine the corresponding plaintext. Computational Security The time needed for calculations is greater than age of universe

28 Symmetric Cipher Model (Cont.)

29 Symmetric Cipher Model
Requirements Strong Key  the opponent can not figure it out even if he/she has a number of ciphertexts The key must be exchanged through a secure channel Y = E(K,X) ~ Y = EK(X) X =D(K,Y) ~ X = DK(Y)

30 Brute Force Search Always possible to simply try every key
Most basic attack, proportional to key size

31 Substitution Ciphers

32 “Ygjcxgvqmnnvjgrgumfgpv” Can you decrypt this message?
Lets have Fun You are spying on your friend Ahmed while he is chatting with John, you received the following message: “Ygjcxgvqmnnvjgrgumfgpv” Can you decrypt this message?

33 “Ygjcxgvqmnnvjgrgumfgpv” “We have to kill the president”
Answer Ahmed is telling John: “Ygjcxgvqmnnvjgrgumfgpv” “We have to kill the president” Encryption Key: Replacement Table Plaintext ABCDEFGHIJKLMNOPQRSTUVWXYZ Ciphertext CDEFGHIJKLMNOPQRSTUVWXYZAB Encryption Technique Each letter is replaced by the second one after it Remove blanks

34 Caesar Cipher Earliest known substitution cipher by Julius Caesar
first attested use in military affairs replaces each letter by 3rd one after it E.g. meet me after the party PHHW PH DIWHU WKH SDUWB

35 Caesar Cipher (Cont.) Transformation :
Mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y Z Then have Caesar cipher as: C = E(p) = (p + k) mod (26) p = D(C) = (C – k) mod (26)

36 Caesar Cipher (Cont.) Cryptanalysis Only have 26 possible ciphers
A maps to A,B,..Z Could simply try each in turn

37 Monoalphabetic Cipher
Rather than just shifting the alphabet Could shuffle (jumble) the letters arbitrarily Each plaintext letter maps to a different random ciphertext letter The key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

38 Monoalphabetic Cipher Security
now have a total of 26! = 4 x 1026 keys with so many keys, might think is secure but would be !!!WRONG!!! Language Characteristics Problem Using the occurrence frequency of each letter , we can deduce the letters in the ciphertext

39 English Letter Frequencies

40 Playfair Cipher Invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair. Encrypts multiple letters Uses Playfair Matrix Uses some of the rules to interpret the matrix

41 Playfair Key Matrix A 5X5 matrix of letters based on a keyword
Fill in letters of keyword (Avoid repetition) Fill rest of matrix with other letters E.g. using the keyword MONARCHY M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z Why I and j  look at the word frequency . J frequency is very small

42 Playfair Rules Plaintext encrypted two letters at a time:
if a pair is a repeated letter, insert a filler like 'X', eg. "balloon" encrypts as "ba lx lo on" If both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. “ar" encrypts as "RM" If both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. “mu" encrypts to "CM" Otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “hs" encrypts to "BP", and “ea" to "IM" or "JM" (as desired)

43 Note: The key is an arrangement of all of the alphabetic letters
Group Activity Based on Playfair encryption, encrypt the word “Hello” Key : Note: The key is an arrangement of all of the alphabetic letters L G D B A Q M H E C U R N I/J F X V S O K Z Y W T P

44 Answer Step 1: Group the letters
He ll o 1st rule  repeated letters ll He lx lo Step 2: find the corresponding text in the key He  EC - rule 2 H and e on the same row (replace each with letter to right)  EC Lx  QZ -- rule 3 L and x at the same column (replace each with the letter below it)  QZ loBX -- rule 4 l and o at different rows and columns (replaced by the one in its row in the column of the other letter of the pair) E (Hello) “ECQZBX”

45 Security of the Playfair Cipher
Security much improved over monoalphabetic Since have 26 x 26 = 676 diagrams Was widely used for many years (eg. US & British military in WW1) It can be broken, given a few hundred letters since still has much of plaintext structure

46 Polyalphabetic Ciphers
Another approach to improving security is to use multiple cipher alphabets Makes cryptanalysis harder with more alphabets to guess and flatter frequency distribution Use a key to select which alphabet is used for each letter of the message Use each alphabet in turn Repeat from start after end of key is reached

47 Vigenère Cipher Simplest polyalphabetic substitution cipher
effectively multiple Caesar ciphers key is multiple letters long K = k1 k2 ... kd ith letter specifies ith alphabet to use use each alphabet in turn repeat from start after d letters in message decryption simply works in reverse

48

49 Example eg using repeated keyword deceptive
key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ From the previous table lookup the key letter then the plain text letter. The cipher letter is the intersection letter

50 Security of Vigenère Ciphers
have multiple ciphertext letters for each plaintext letter Letter frequencies are obscured But not totally lost

51 Autokey Cipher Ideally want a key as long as the message
Vigenère proposed the autokey cipher The keyword is prefixed to message as key Still have frequency characteristics to attack Eg. given key deceptive key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA

52 One-Time Pad Select a random key that is equal to the message length.
Use a table structure such as Vigenère table Problems: Generating long random keys Bandwidth problem  sending the key as long as the Msg

53 Transposition/Permutation Ciphers

54 Transposition (Cont.) The letters of the message are rearranged
Columnar transposition The number of columns is required Example: THIS IS A MESSAGE TO SHOW HOW A COLMUNAR TRANSPOSITION WORKS

55 Transposition (Cont.) T H I S I S A M E S S A G E T O S H O W
H O W A C O L M U N A R T R A N S P O S I T I O N W O R K S tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasna

56 “ This is the second lecture”
Group Activity Given the following message “ This is the second lecture” Divide the message onto a block of 5 letters block Transpose the message Use Autokey cipher to encrypt the result Key : “ NetworkSecurity”

57 Stream Vs. Block Ciphers
Stream  converts one symbol of plaintext into a symbol of ciphertext Block  encrypts a group of plaintext symbols as one block.

58 Reading materials Stallings Chapter 1 Chapter 2

Download ppt "Computer and Network Security"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
CSCE 790G: Computer Network Security

CSCE 790G: Computer Network Security
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Chapter 2 – Classical Encryption Techniques. Classical Encryption Techniques Symmetric Encryption Or conventional / private-key / single-key sender and.

Chapter 2 – Classical Encryption Techniques. Classical Encryption Techniques Symmetric Encryption Or conventional / private-key / single-key sender and.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Lecture 1 Overview.

Lecture 1 Overview.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Classical Encryption Techniques

Classical Encryption Techniques
Overview of Cryptographic Techniques Hector M Lugo-Cordero CIS 4361 Secure Operating System Administration 1.

Overview of Cryptographic Techniques Hector M Lugo-Cordero CIS 4361 Secure Operating System Administration 1.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security

Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Information Security Rabie A. Ramadan GUC, Cairo Room C7 -310 Lecture 2.

Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007 INCS.

Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Similar presentations

Ads by Google