1. Cryptology Information Security Süleyman Kondakcı S Kondakci

2. Brief Intro Main objectives of information security
Basic functions of cryptology
Basic cryptographic systems
Symmetric crypography
Simple (XOR) encryption
Asymmetric crypography and its application to authentication
Confidentiality with asymmetric crypography
Secure message exchange
Digital Signature
Othe important issues
S Kondakci

3. The Triad (CIA) of Security Objectives
Confidentiality
Integrity
Availability

4. Distributed Denial of Service Attack

5. DDoS Attack and CPU Usage

6. Attacks, Mechanisms, and Services
Security Attack: Any action that compromises the security of information.
Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

7. Security Attacks Interruption: This is an attack on availability
Interception: This is an attack on confidentiality
Modification: This is an attack on integrity
Fabrication: This is an attack on authenticity

8. Security Services Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (the order is final)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)
Denial of Service Attacks
Virus that deletes files

10. Main Objectives Expanded(1)
1) Confidentiality (Gizlilik)
Protecting data from unauthorized disclosure
2) Authentication (Kimlik Doğrulama)
Reliably determining the identity of the communicating parts
3) Integrity (Bütünlük sağlama)
Ensure that the contents of the traffic are not altered in transmission.
4) Access Control (Erişim kontrolü)
Prvent unauthorized users/devices.
5) Traffic Flow Control
Trafik akış denetim ve yönetimi
S Kondakci

11. Main Objectives Exapanded (2)
6) Availability (Sistem sürekliliği)
Güvenlik servislerinde idame
7) Accountability (Gözetleme ve denetleme)
Ağ aktivitelerinin taranması ve loglanması
8) Scalability (Ölçeklenebilirlilik)
Adding new users/devices should be easy and should not require changes to existing architecture and infrastructure.
S Kondakci

12. Defence Methods Encryption
Authorization: access control file systems, databases, and operating system controls for protecting users from violating each other’s area)
Authentication
Hardware Controls (smartcard)
Policies (frequent changes of passwords)
Physical Controls

13. The Basic Cipher Operator: XOR
Aslo known as Vernam Cipher 1
Encoded Text Bit 1
Plaintext Bit 1
Key Bit
S Kondakci

14. Encrypting and Decrypting with XOR
Plaintext
Key 
Ciphertext
Ciphertext
Key 
Plaintext
S Kondakci

15. Monoalphabetic Ciphers: Cipher ROT13
Plaintext
Ciphertext A B . M N Z O
$ tr "[a-z][A-Z]" "[n-z][a-m][N-Z][A-M]" < plain_file
S Kondakci

16. Polyalphabetic Substitution Ciphers: Vigenere Cipher
P = plain text,
C= Cipher text,
E(P) = Encryption,
D(C) = Decryption.
S Kondakci

17. Flexible Caeser Cipher in C/*
* Denmonstration of a flexible shifter function
* S. Kondakci/10/5/1996 */
void caeser(short c,int shifts) {
if (('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z')) {
int Case = (isupper(c) == 0 ? 122 : 90);
if ( shifts + c >= Case)
printf("%c",(char)(c-25+shifts));
else
putchar(c + shifts); }
else if (c == '\n')
putchar('\n\n');
putchar(c);
S Kondakci

18. Caesar cipher: Sage example
A shift cryptosystem with key k = 3 is commonly referred to as the Caesar cipher. Create a Caesar cipher over the upper-case letters of the English alphabet:
sage: caesar = ShiftCryptosystem(AlphabeticStrings())
sage: K = 3
sage: P = caesar.encoding("abcdef"); P
ABCDEF
sage: C = caesar.enciphering(K, P); C
DEFGHI
sage: caesar.deciphering(K, C) == P
True

19. Using random keys for encryption and decryption
sage: S = ShiftCryptosystem(AlphabeticStrings())
sage: P = S.encoding("Shift cipher with a random key.")
sage: K = S.random_key()
sage: C = S.enciphering(K, P)
sage: S.deciphering(K, C) == P
True
Decrypting with the key K is equivalent to encrypting with its corresponding inverse key:
sage: S.enciphering(S.inverse_key(K), C) == P

20. Rail fence technique Plaintext: “Let us bust them by the midnight”
Ciphertext:
S Kondakci

21. Rail fence technique with key
Write the plaintext row by row in a rectangle, and cipher the message, column by column.
Plaintext: “Let us bust them by the midnight”
Ciphertext: tedte.uthumnshtbygLtmsbiehi
S Kondakci

22. Security Planning
S Kondakci

23. The Classification Ranges5
0.6
2.1
3.5
Group 1: unclassified (public); weighed between 0 and 0.5.
Group 2: classified; weighed between 0.6 and 2.
Group 3: restricted; weighed between 2.1 and 3.5.
Group 4: secret weighed between 3.6 and 5.
S Kondakci

24. Estimation of the Security class
n = sizeof(LD)+sizeof(D)+sizeof(WD)
Cumulative
Max(F(LD),F(D),F(WD))
S Kondakci

25. Test
Given the network below, We want to make secure messaging and document exchange within this network. Perform the following tasks:
1) Define at least 3 security objectives
2) Design the necessery security services
3) Assess the overal risk qıuantitatively
Win
UNIX
HUB
Mail, document, www-Server, SW-lib, etc Intranet common use
İnternet
(Güvensiz)
S Kondakci

26. Cryptography
Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication.
Study of cryptography consists of a number of primitives (basic tasks and algorithms) that can be combined to provide a full range of information security services.
S Kondakci

27. Basic Terminology Cryptography terminologies : Encryption/Encipherment
Decryption/Decipherment
Cryptographic Algorithm/cipher
Encryption Key/Decryption Key
Cipher/Decipher
Single key encryption = Symmetric key enc.
Public key encryption = Asymmetric key enc.

28. Modern Cryptography
1977: Data Encryption Standard (DES) adopted by the U.S. Federal Information Processing for encrypting unclassified information
1976: Diffie and Hellman, introduced the revolutionary concept of public-key cryptography. Security is based on the intractability of the discrete logarithm problem
1978: Rivest, Shamir, and Adleman (RSA), perhaps the most well-known scheme; security is based on the intractability of factoring large integers.
S Kondakci

29. Model of 2-Party Communication Using Encryption
S Kondakci

30. Cipher Types
Stream cipher: Encrypts digital data one bit or one byte at a time.
Block cipher: A block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. Typical block sizes are 64 or 128 bits.

31. Terminology
Below is a symmetric key encryption using a shared single key for secure data exchange.
D_key
E_key
Plaintext M
Encryption
Decryption
C = Ciphertext = E_key(M) C
M = Plaintext = D_key(C)
S Kondakci

32. Basic Encryption TEchniques
Symmetric algorithm Asymmetric algorithm
Secret key ciphering Public key ciphering
4/22
S Kondakci

33. Basic Algorithms Symmetric/Shared key systems
Single key (Secret commonly shared).
The single key both ciphers and deciphers.
Asymmetric/Public key systems:
Uses 2 keys:
Private key (Private to the generator)
Public key (Distributed to others)
One of the keys ciphers the other deciphers
S Kondakci

34. Symmetric Encryption DES, 3DES (Data Encryption Standard)
IDEA (International Data Enc. Algorithm)
FEAL
LOKI
LUCIFER
RC2 (Rives’t Code )
RC4
RC5
S Kondakci

35. A 2-Party Communication Using Symmetric Encryption
One of the major problems in symmetric-key systems is to find an efficient method to agree upon and exchange keys
S Kondakci

36. Symmetric Encryption Same “Secret Key” S Kondakci Plaintext M
Ciphertext C
Ciphertext C
S Kondakci

37. Encryption—DES and 3 DES
Widely adopted standard
Encrypts plaintext into ciphertext
DES performs 16 rounds
Triple DES
168-bit 3DES includes three DES keys
Accomplished on VPN client, server, router, or firewall
S Kondakci

38. Average time required for exhaustive key search
Key Size (bits)
Number of Alternative Keys
Time required at 106 Decryption/µs 32
232 = 4.3 x 109
2.15 milliseconds 56
256 = 7.2 x 1016
10 hours
128
2128 = 3.4 x 1038
5.4 x 1018 years
168
2168 = 3.7 x 1050
5.9 x 1030 years
S Kondakci

39. Costs/Times to Break DES Keys
Budget
40-Bit
56-Bit
168-Bit 3 DES
Type of Attacker
Individual Hacker
Dedicated Hacker
Intelligence Community
$400
38 Years
Too Long
556 Days
1019 Years
21 Minutes
1017 Years
$10M
0.02 Seconds
$10K
12 Minutes
5 Hours
S Kondakci

40. Asymmetric Algorithms
A pair of mathematically related keys:
A private key and a public key
Çok kullanılan açık anahtar kripto sistem:
Stanford Üniversitesi’nden Whitfield Diffie ve Martin Hellman 1976 da açık anahtar sistemi buldular.
Rivest Shamir Adleman (RSA)
S Kondakci

41. Authentication with Asymmetric Algorithms
Private Key
Public Key
E_key
D_key
Plaintext = M
(kullanıcı Kimliği)
Plaintext M C
Encryption
Decryption
S Kondakci

42. Confidentiality with Asymmetric Algorithms
Public Key
Private Key
E_key
D_key
Plaintext = M
(Message)
Plaintext M C
Encryption
Decryption
S Kondakci

43. Feistel Cipher Structure
Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973
The realization of a Fesitel Network depends on the choice of the following parameters and design features (see next slide):
S Kondakci

44. S Kondakci

45. Example: Encryption
© Lawrie Brown
S Kondakci

46. Example: Decryption
S Kondakci

47. A simple Feistel System
© S. Kondakcı
S Kondakci

48. Feistel Cipher Structure
Block size: larger block sizes mean greater security
Key Size: larger key size means greater security
Number of rounds: multiple rounds offer increasing security
Subkey generation algorithm: greater complexity will lead to greater difficulty of cryptanalysis.
Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern
S Kondakci

49. Feistel Cipher Decryption
The process of decryption with a Feistel cipher, as shown in Stallings Figure 3.3, is essentially the same as the encryption process. The rule is as follows: Use the ciphertext as input to the algorithm, but use the subkeys Ki in reverse order. That is, use Kn in the first round, Kn–1 in the second round, and so on until K1 is used in the last round. This is a nice feature because it means we need not implement two different algorithms, one for encryption and one for decryption.
S Kondakci

50. Decryption Analysis Last round encryption
Output of the first round of decryption is equal to 32-bit
swap of the input to the 16th round of the encryption process.
Last round encryption
S Kondakci

51. Decryption Analysis Cont’d
Thus, we have:
Which is the 32-bit swap of the input to the 16th round of the encryption
S Kondakci

52. Public Key Diffie-Hellman and RSA
Outlined by Diffie and Hellman in 1976
Refined by Rivest, Shamir and Adlemen
RSA is based on a pair of keys—public and private
Sender looks up the public key of the recipient and uses it to encipher the message
Recipient deciphers the message with private key
Eliminates need to exchange private keys before communicating
Based on algorithms performed on numbers up to 256 bytes long
No one has yet cracked it3
PGP is a public domain implementation of RSA
Authentication achieved via digital signatures
S Kondakci

53. RSA Algorithm

54. Diffie-Hellman Key Echange

55. Diffiie-Hellman Açık Anahtar Dağıtımı
From Bob
To Alice
Alice
Bob
Private Key
Bob
Alice
Public Key
Private Key
Public Key
Key calculation engine
Plaintext M
Plaintext M
Ciphertext C
Alice and Bob’s Shared Secret Key
S Kondakci

56. RSA Public Key Distribution
Data authentication
Data integrity
Non-repudiation
Security Objective
RSA Usage are:
Encryption,
Digital Signature:
1) Generate Message Digest using a common hush function
2) Signature = Encrypt the Message Digest with the senders private key
3) Send the message and the Signature to the requestor
S Kondakci

57. RSA-Encryption Alice Alice One-way Trust Model RSA calculation To Bob
Alice’s RSA Prv. Key
RSA calculation
Alice
Encrypted
Data
To Bob
Data
Alice’s RSA Pub. Key
RSA calculation
Alice
Data
One-way Trust Model Information encrypted with the RSA private key can only be decrypted with the matching RSA public key
Encrp.
Data
S Kondakci

58. Example: A trusted messaging
Shared session key
Plain
text
S-key
Cipher
text
Ciphertext
To Bob
S-key
Bob’s public key
Cipher-key
Both the message and a session key (S-key) are encrypted and sent to Bob. Bob uses his own public key to decrypt the session key, then uses the decrypted session key to decrypt the message
S Kondakci

59. Bob Deciphers the Session Key
text
Bob’s private key
Bob deciphers the encrypted session key using his own private key and asymmetric algorithm. Now he has the session key and ciphered message
S-key
S-key
S Kondakci

60. Bob Deciphers the Message
S-key
Cipher
text
Plaintext
S Kondakci

61. Public-Key Cryptography Principles
The use of two keys has consequences in: key distribution, confidentiality and authentication.
The scheme has six ingredients (see Figure 3.7)
Plaintext
Encryption algorithm
Public and private key
Ciphertext
Decryption algorithm

62. Encryption using Public-Key system

63. Authentication using Public-Key System

64. Applications for Public-Key Cryptosystems
Three categories:
Encryption/decryption: The sender encrypts a message with the recipient’s public key.
Digital signature: The sender ”signs” a message with its private key.
Key exchange: Two sides cooperate two exhange a session key.

65. Requirements for Public-Key Cryptography
Computationally easy for a party B to generate a pair (public key KUb, private key KRb)
Easy for sender to generate ciphertext:
Easy for the receiver to decrypt ciphertect using private key:

66. Requirements for Public-Key Cryptography
Computationally infeasible to determine private key (KRb) knowing public key (KUb)
Computationally infeasible to recover message M, knowing KUb and ciphertext C
Either of the two keys can be used for encryption, with the other used for decryption:

67. The RSA Algorithm: Key Generation
Select p,q p and q both prime
Calculate n = p x q
Calculate
Select integer e
Calculate d
Public Key KU = {e,n}
Private key KR = {d,n}

68. Example of RSA Algorithm

69. The RSA Algorithm: Encryption
Plaintext: M<n
Ciphertext: C = Me (mod n)

70. The RSA Algorithm: Decryption
Ciphertext: C
Plaintext: M = Cd (mod n)

71. RSA & Sagemath
S Kondakci

72. RSA & Factoring
S Kondakci

73. Factoring is Hard
S Kondakci

74. Other Public-Key Cryptographic Algorithms
Digital Signature Standard (DSS)
Makes use of the SHA-1
Not for encryption or key echange
Elliptic-Curve Cryptography (ECC)
Good for smaller bit size
Low confidence level, compared with RSA
Very complex

75. Fingerprint: One-way Hash Functions
Also called hash function, cryptographic checksum, message integrity check, message digest function
Plaintext
Finger print
Fingerprint (also called hash value) is
always unique for a given message
one-way; can’t generate plaintext from the hash value
S Kondakci

76. One-way Hash one-way; can’t generate plaintext from the hash value
Unknown
Plaintext
Finger print
S Kondakci

77. Message Digest Algorithms (Mesaj Özetleme)
MD4:128-bit hash value, 32-bit register faster than MD2, better security
MD5: Replacement for MD4, solves some weaknesses of MD4
SHA: Secure Hash Algorithm, 160-bit.
HAVAL, SNEFRU, etc ...
S Kondakci

78. Digital Signatures (Sayısal İmzalar)
Digital signatures ensure:
message integrity (not modified in transit)
identity of the sender (Sender’s private key)
non-repudiation
Message
SHA, DH, …
1/1/93 to 12/31/98
Alice Smith, Acme Corp
DH,
Acme Corporation, Security Dept.
SHA, DH,
Digital certificate
S Kondakci

79. Digital Signatures At the Sender’s Side Receiver Genereted Digest
Sender’s private key
Digest
To the Receiver
Digest
Receiver Genereted
Digest
At the Receiver’s Side
Digest
Digest
TRUE
Comparator
Sender’s public key
FALSE
Digest
Sender Genereted
Digest
To verify the signature of the message both the sender and receiver create digest messages.
S Kondakci

80. Cryptographic Strength
Key Secrecy: The secrecy of the key.
Exhaustive Search: The difficulty of guessing the key or trying out all possible keys. Keys with longer size (over 40 bits) are harder to guess.
Breaking: The difficulty of inverting the encryption algorithm without knowing the encryption key, also known as breaking the encryption algorithm.
Trapdoors: The existence (or lack) of back doors, or additional ways by which an encrypted file can be decrypted more easily without knowing the key.
Knowntext Attack: The ability to decrypt an entire ciphertext if you know the way that a portion of it decrypts.
Chosentext Attack The properties of the plaintext and the knowledge of those properties by an attacker.
S Kondakci

81. What are SSL and TLS? SSL – Secure Socket Layer
TLS – Transport Layer Security
both provide a secure transport connection between applications (e.g., a web server and a browser)
SSL version 3.0 has been implemented in many web browsers and web servers and widely used on the Internet
SSL v3.0 was specified in an Internet Draft (1996) and evolved into TLS specified in RFC 2246 TLS can be viewed as SSL v3.1

82. SSL architecture SSL Handshake Protocol SSL Change Cipher Spec
Alert
Protocol
applications
(e.g., HTTP)
SSL Record Protocol
TCP IP

83. SSL components SSL Handshake Protocol
negotiation of security algorithms and parameters
key exchange
server authentication and optionally client authentication
SSL Record Protocol
fragmentation
compression
message authentication and integrity protection
encryption

84. SSL components SSL Alert Protocol SSL Change Cipher Spec Protocol
error messages (fatal alerts and warnings)
SSL Change Cipher Spec Protocol
a single message that indicates the end of the SSL handshake

85. Where SSL Fits HTTP SMTP POP3 80 25 110 HTTPS SSMTP SPOP3 443 465 995
HTTPS SSMTP SPOP3
Secure Sockets Layer
Transport
Network
Link

86. Uses Public Key Scheme Each client-server pair uses 2 public keys
one for client (browser)
created when browser is installed on client machine
one for server (http server)
created when server is installed on server hardware
2 private keys
one for client browser

87. SSL Operation SSL session SSL connection
an association between client & server
created by the Handshake Protocol
define a set of cryptographic parameters
may be shared by multiple SSL connections
SSL connection
a transient, peer-to-peer, communications link
associated with 1 SSL session

88. SSL Handshake Protocol – overview
client
server
client_hello
Phase 1: Negotiation of the session ID, key exchange
algorithm, MAC algorithm, encryption algorithm, and
exchange of initial random numbers
server_hello
certificate
Phase 2: Server may send its certificate and key
exchange message, and it may request the client
to send a certificate. Server signals end of hello
phase.
server_key_exchange
certificate_request
server_hello_done
certificate
Phase 3: Client sends certificate if requested and may
send an explicit certificate verification message.
Client always sends its key exchange message.
client_key_exchange
certificate_verify
change_cipher_spec
finished
Phase 4: Change cipher spec and finish handshake
change_cipher_spec
finished

89. That’s all Folks! Süleyman Kondakcı: suleyman.kondakci@ieu.edu.tr
S Kondakci