1. Network Security (Course Details) By ASIM SHAHZAD Assistant Professor University Of Engineering And Technology Taxila

2.  Name:Asim Shahzad  MS Telecom Engineering (I.C.T)  MS Computer Engineering (U.E.T Taxila)  Currently started PhD in area of Solitons propagation in Fiber Optics Communication from U.E.T Taxila  Email: asimshahzad@uettaxila.edu.pk  Contact no.0300 9755694

4. Theme of Course  1. Module 1 (Cryptography) Introduction to Security terms and Algorithms Overview of Symmetric and Asymmetric Cryptographic Algorithms  2. Module 2 (Security Architectures and Models) Security in Network Multilayer Security  3. Module 3 (Operations Security) TCSEC (Trusted Computer Security Evaluation Criteria); The Orange Book Vulnerabilities of Networked Applications Worms, viruses, malicious codes arriving from networks, attack on infrastructure  4. Module 4 (Defense Technologies) Protection of information in transit; Application and Transport Layer security Protocols Protection of Networked Applications; Firewalls, and IPS  5. Module 5 (Application and System Development) Kerberos, IPSec, SSL/TLS (Case Studies)  6. Module 6 (Security Management) Security Planning; Physical Security Disaster Recovery Law, Investigation, Ethics; Ethical Hacking

5. Marks Breakdown  Total Marks150  External marks25  Final 100  Internal Sessional Work 25  Passing Marks75

6.  Two parts of your course.  How to secure data (data security).  How to secure your networks (network security) we start from data security talk about its various aspects.major concern will be ciphers designing.

7. Desirable Security Properties  Authenticity  Confidentiality  Integrity  Availability  Accountability and non-repudiation  Freshness  Access control  Privacy of collected information

8. Cryptology  Some Terminologies  Plain text: The original message  Cipher Text: The coded message  Cipher: algorithm for transforming plaintext to cipher text  Key: info used in cipher; known only to sender/receiver  Encipher (encrypt): converting plaintext to cipher text  Decipher (decrypt): recovering cipher text from plaintext

9. Contd… Cryptography: study of encryption principles/methods. Cryptanalysis (code breaking): the study of principles/ methods of deciphering cipher text without knowing key. Cryptology: the field of both cryptography and cryptanalysis.

10. Contd..  Unconditional security No matter how much computer power is available, the cipher cannot be broken since the cipher text provides insufficient information to uniquely determine the corresponding plaintext.  Computational security Given limited computing resources (e.g. time needed for calculations is greater than age of universe), the cipher cannot be broken.

11. Conventional Encryption Principles  An encryption scheme has five ingredients:  Plaintext  Encryption algorithm  Secret Key  Cipher text  Decryption algorithm  Security depends on the secrecy of the key, not the secrecy of the algorithm

12. Cryptology Classified along three independent dimensions: 1)Type of encryption operations used for transforming plaintext to cipher text. substitution / transposition / product 2) Number of keys used symmetric - single-key or secret key encryption asymmetric - two-key or public key encryption 3)Way in which plaintext is processed Block stream

13. Cryptanalysis  Two general approaches to attack an encryption scheme 1) Cryptanalysis. needs encryption algorithm plus some knowledge regarding the plaintext or some sample plain text cipher text pair. 2) Brute-Force attack attacker tries every possible key to decrypt. needs to check so many keys.

14. Types of Cryptanalysis  Ciphertext only attacker only knows the encryption algorithm & ciphertext  Known plaintext knows the encryption algorithm & ciphertext additionally knows some sample plaintext- ciphertext pairs  Chosen plaintext attacker selects plaintext and obtain ciphertext to attack cipher  Chosen ciphertext select ciphertext and obtain plaintext to attack cipher

15. Classical Ciphers.Where letters of plaintext are replaced by other letters or by numbers or symbols..Or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with cipher text bit patterns.

16. Caesar Cipher  Earliest known substitution cipher  Devised by Julius Caeser.  First attested use in military affairs.  Replaces each letter by 3rd letter of alphabets  Example:  Plaintext: MEET ME AFTER THE TEA PARTY  Cipher text: PHHW PH DIWHU WKH WHD SDUWB

18. Contd…  We can generalize Caesar cipher as:  C = E( p) = ( p + k) mod (26)  p = D(C) = (C – k) mod (26)  Where k is the offset e.g., 3 as in our  example  p is the letter to be converted into cipher text  and C is cipher text

19.  Cryptanalysis of Caeser Cipher  Only have 26 possible ciphers  A maps to A,B,..Z.Could simply try each in turn i.e., using a brute force search  Given cipher text, just try all shifts of letters

21. CAUTION: QUIZ AHEAD  You are free to leave the class room but if seated, then please be silent  If eyes tried to tilt to fellows paper; either for correction or for soliciting info will cancel you quiz on immediate basis  Exams also checks ability, honesty, zeal and struggle towards problem solving attitude  Initial thesis: “everyone is honest, unless he proves himself otherwise”  Hope that initial conditions (thesis) will remain steady state

22.  QUIZ NO 01  Find the plain text and Key from the  given cipher text  Cipher Text:  TUSBCMRK MW HMWLSRIWXC

24. Attacks, Services and Mechanisms  Security Attack: Any action that compromises the security of information.  Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.  Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms

33. Security Attacks

51. CIPHERS  Now we will discuss various ciphers and their working.  Cipher is an algorithm that provides encryption to your data.

78. Transposition Ciphers  now consider classical transposition or permutation ciphers  these hide the message by rearranging the letter order  without altering the actual letters used  can recognise these since have the same frequency distribution as the original text

79. Rail Fence cipher  write message letters out diagonally over a number of rows  then read off cipher row by row  eg. write message out as: m e m a t r h t g p r y e t e f e t e o a a t  giving ciphertext MEMATRHTGPRYETEFETEOAAT

80. Row Transposition Ciphers  a more complex scheme  write letters of message out in rows over a specified number of columns  then reorder the columns according to some key before reading off the rows Key: 3 4 2 1 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

81. Product Ciphers  ciphers using substitutions or transpositions are not secure because of language characteristics  hence consider using several ciphers in succession to make harder, but: two substitutions make a more complex substitution two transpositions make more complex transposition but a substitution followed by a transposition makes a new much harder cipher  this is bridge from classical to modern ciphers

82. Rotor Machines  before modern ciphers, rotor machines were most common product cipher  were widely used in WW2 German Enigma, Allied Hagelin, Japanese Purple  implemented a very complex, varying substitution cipher  used a series of cylinders, each giving one substitution, which rotated and changed after each letter was encrypted  with 3 cylinders have 26 3 =17576 alphabets

83. Steganography  an alternative to encryption  hides existence of message using only a subset of letters/words in a longer message marked in some way using invisible ink hiding in LSB in graphic image or sound file  has drawbacks high overhead to hide relatively few info bits

84. Summary  have considered: classical cipher techniques and terminology monoalphabetic substitution ciphers cryptanalysis using letter frequencies Playfair ciphers polyalphabetic ciphers transposition ciphers product ciphers and rotor machines stenography