1. Computer and Network Security Rabie A. Ramadan Lecture 4

2. Table of Contents 2 Mathematics of cryptography Groups Rings Polynomials

3. 3 Mathematics of Cryptography

4. Groups 4 A group G is a set of elements with a binary operation that satisfies four properties: Closure : if a and b are elements of G, then c = a b is also an element of G Associatively : if a, b, and c are elements of G, then (a b) c = a ( b c )

5. Groups (Cont.) 5 Existence of Identity : for all a in G, there exists an element e, called the identity element, such that e a = a e = a Existence of Inverse : for each a in G, there exists an, called the inverse of a, such that a = a = e An Commutative or Abelian group is a group that satisfies Commutativity property Commutativity : for all a and b in G a b = b a

6. Group Activity 6 Given the following group, is it abelian group? G = abcd aabcd bbcda ccdab ddabc

7. Answer 7 Yes it is an abelian group Closure Applying the operation on any element, results an element in the group. Associativity Check the combination of any 3 elements (a b) c = a ( b c) = d Commutative a b = b a Identity element is a Using it with any element gives the same element Inverse Each element has an inverse  e.g. (a, a), (b, d), (c, c) abcd aabcd bbcda ccdab ddabc

8. Groups (Cont.) 8 Finite Group If it has a finite number of elements Order of a group |G| Number of elements in the group Subgroups A subset H is a subgroup of G if H is a group with respect to G The two groups must be under the same operations Both H and G will have the same properties

9. Cyclic Group Define exponentiation as repeated application of operator example : a 3 = a.a.a a is said to be a generator of the group

10. Ring A set of “numbers” with two operations (addition and multiplication) which are: An Abelian group with addition operation Multiplication: has closure is associative distributive over addition:a(b+c) = ab + ac If multiplication operation is commutative, it forms a commutative ring

11. Field A set of numbers with two operations: abelian group for addition abelian group for multiplication (ignoring 0) ring

12. Galois Fields(Cont.) 12 finite fields play a key role in cryptography can show number of elements in a finite field must be a power of a prime p n known as Galois fields denoted GF(p n ) in particular often use the fields: GF(p) GF(2 n ) Hence arithmetic is “well-behaved” and can do addition, subtraction, multiplication, and division without leaving the field GF(p)

13. GF(2 n ) 13 The elements in the set is n-bit words Example GF(2 3 )  the set is {000, 001,010, 011, 100, 101, 110, 111}

14. GF(p) 14 The field includes the set  Z = {0,1,2,3,4,…,p-1} Operations  Add / Subtract E.g. GF(2) {0,1} + X +01 001 110 x01 000 101 a01a01 -a10a -1 -1 Addition/Subtraction is the same as XOR operations Multiplication/Division is the same as AND operations

15. Group Activity 15 Show a GF(7) using multiply operation? X0123456 0 1 2 3 4 5 6

16. Example GF(7)

17. Modular Arithmetic 17 We care about the reminder of a given operation An operation a = q x n + r a and n (modulus) are inputs, q is quotient, and r is the residue mod Z = {…., -2,-1, 0, 1, 2, …..} n r (nonnegative) a

18. Example 18 25 mod 3 a =25 and n = 3 Divide a by n and get the reminder  r = 1 -7 mod 10 a = -7 and n = 10 Divide -7 by 10  r = -7 Add the modulus (n= 10) to remove the negative sign  -7 + 10 = 3  r =3 The result of a mod n is always nonnegative number less than n

19. Set of Residues Z n 19 Modulo operation creates a set with numbers always less than n The output of a mod operation for a number n must fall in the set E.g. Z2 = { 0, 1} Z5 = {0,1,2,3,4} Z11 = {0,1,2,3,4,5,6,7,8, 9,10}

20. Congruence 20 It is the same as the equality Using mod, we can get an infinite number of residue when we map Z to Z n E.g. 2 mod 10 = 2 12 mod 10 22 mod 2 congruent 2, 12, 22 are congruent of mod 10

21. Residue Classes 21 Residue class [a] or [a] n Set of all integers such that x =a (mod n) E.g. If n = 5 [0] = {.., -15, -10, -5, 0, 5, 10,15,…} [1] = {…., -14, -9, -4, 1, 6, 11, 16,...}.. [4] = {.., -11, -6, -1, 4, 9, 14, 19,…}

22. Operations on Z n 22 (a + b) mod n = [ (a mod n) + b mod n)] mod n (a - b) mod n = [ (a mod n) - b mod n)] mod n (a x b ) mod n = [ (a mod n) x (b mod n ) ] mod n

23. Group Activity 23 Find : 10 mod 3 10 2 mod 3 10 3 mod 3 Answer 10 mod 3 = 1 10 2 mod 3 = [10 mod 3 X 10 mod 3] mod 3 10 3 mod 3 = [ 10 mod 3 X 10 mod 3 X 10 mod 3] mod 3 Then 10 n mod 3 = (10 mod 3) n mod 3  a n mod x = ( a mod x) n mod x

24. Group Activity 24 Draw a table that shows the addition Modulo 8?

25. Modulo 8

26. Inverses 26 Additive inverse Multiplicative inverse In Z (Integer Numbers ) a + b = 0, b is the additive inverse of a and a is the inverse of b a X b = 1, b is the multiplicative inverse of a and a is the inverse of b In Z n (Modulo ) a + b = 0 (mod n)  Simply : b = n – a a X b = 1 (mod n)  Simply : (a X b) mod n = 1

27. Inverses (Cont. ) 27 Examples: Find the additive inverse of 4 in Z 10 ?  find b? b = n – a = 10 – 4 = 6 Find all additive inverse of Z 10 ? (0,0), (1, 9), (2, 8), (3,7), (4, 6),.. Find the multiplicative inverse of 8 in Z 10 ? (a X 8) mod 10 = 1  no multiplicative inverse can be found Find all multiplicative inverse of Z 10 ? (1,1), (3, 7), and (9, 9)

28. The greatest common divisor 28 The greatest common divisor (gcd) of two non-zero integers, is : The largest positive integer that divides both numbers without remainder gcd(42, 56)=14 where

29. Euclid's GCD Algorithm 29 An efficient way to find the GCD(a,b) Uses theorem that: GCD(a,b) = GCD(b, a mod b) GCD(55,22)= GCD(22,55 mod 22)= GCD (22,11) = 11 Euclid's Algorithm to compute GCD(a,b): A=a, B=b while B>0 R = A mod B A = B, B = R return A

30. Example GCD(1970,1066) 30 1970 = 1 x 1066 + 904 gcd(1066, 904) 1066 = 1 x 904 + 162 gcd(904, 162) 904 = 5 x 162 + 94 gcd(162, 94) 162 = 1 x 94 + 68 gcd(94, 68) 94 = 1 x 68 + 26 gcd(68, 26) 68 = 2 x 26 + 16 gcd(26, 16) 26 = 1 x 16 + 10 gcd(16, 10) 16 = 1 x 10 + 6 gcd(10, 6) 10 = 1 x 6 + 4 gcd(6, 4) 6 = 1 x 4 + 2 gcd(4, 2) 4 = 2 x 2 + 0 gcd(2, 0) gcd(1970, 1066) = 2

31. Polynomial Arithmetic Can compute using polynomials Several alternatives available ordinary polynomial arithmetic poly arithmetic with coords mod p poly arithmetic with coords mod p and polynomials mod M(x)

32. Ordinary Polynomial Arithmetic add or subtract corresponding coefficients multiply all terms by each other eg let f(x) = x 3 + x 2 + 2 and g(x) = x 2 – x + 1 f(x) + g(x) = x 3 + 2x 2 – x + 3 f(x) – g(x) = x 3 + x + 1 f(x) x g(x) = x 5 + 3x 2 – 2x + 2

33. Polynomial Arithmetic with Modulo Coefficients when computing value of each coefficient do calculation modulo some value could be modulo any prime but we are most interested in mod 2 ie all coefficients are 0 or 1 eg. let f(x) = x 3 + x 2 and g(x) = x 2 + x + 1 f(x) + g(x) = x 3 + x + 1 f(x) x g(x) = x 5 + x 2

34. Modular Polynomial Arithmetic can write any polynomial in the form: f(x) = q(x) g(x) + r(x) can interpret r(x) as being a remainder r(x) = f(x) mod g(x) if have no remainder say g(x) divides f(x) if g(x) has no divisors other than itself & 1 say it is irreducible (or prime) polynomial arithmetic modulo an irreducible polynomial forms a field

35. Modular Polynomial Arithmetic can compute in field GF(2 n ) polynomials with coefficients modulo 2 whose degree is less than n hence must reduce modulo an irreducible poly of degree n (for multiplication only) form a finite field

36. Example GF(2 3 )

37. Group Activity Find the results of (x 5 +x 2 +x) * x 7 +x 4 +x 3 +x 2 +x in GF(2 8 ) with irreducible polynomial x 8 +x 4 +x 3 +x+1

38. Answer Multiply the two polynomials (x 5 +x 2 +x) * x 7 +x 4 +x 3 +x 2 +x = x 5 * (x 7 +x 4 +x 3 +x 2 +x ) + x 2 * (x 7 +x 4 +x 3 +x 2 +x ) + x * (x 7 +x 4 +x 3 +x 2 +x ) = (x 12 +x 7 +x 2 ) Get the results of (x 12 +x 7 +x 2 ) mod (x 8 +x 4 +x 3 +x+1) = (x 5 +x 3 +x 2 +x+1)

39. Group Activity 3DES (Tripple Data Encryption Standard) is based on which of the following? A. Hashing algorithm B. Symmetric key-based algorithm C. Asymmetric key-based algorithm D. None of these

40. Viruses, Worms, Zombies, and others 40

41. 41 What is Computer Security?

42. 42 Computer Security is the protection of computing systems and the data that they store or access

43. Why is Computer Security Important? 43 Computer Security allows the University to carry out its mission by: Enabling people to carry out their jobs, education, and research. Supporting critical business processes Protecting personal and sensitive information

44. Why do I need to learn about Computer Security? 44 Isn’t this just an IT Problem?

45. 45 Good Security Standards follow the “90 / 10” Rule: 10% of security safeguards are technical 90% of security safeguards rely on the computer user (“YOU”) to adhere to good computing practices

46. What Does This Mean for Me? 46 This means that everyone who uses a computer or mobile device needs to understand how to keep their computer, device and data secure. Information Technology Security is everyone’s responsibility

47. What’s at Stake? 47 Kinds of damage caused by insecurity Nuisance: spam, … Data erased, corrupted, or held hostage Valuable information stolen (credit card numbers, trade secrets, etc.) Services made unavailable (email and web site outages, lost business)

48. Breaking into a Computer 48

49. Breaking into a Computer 49 What? Run unauthorized software How? Trick the user into running bad software (“social engineering”) Exploit software bugs to run bad software without the user’s help

50. Example of “social engineering”: Trojan Horse 50 CoolScreenSaver.exe

51. Viruses and Worms 51 Automated ways of breaking in; Use self-replicating programs (Recall self-replicating programs: Print the following line twice, the second time in quotes. “Print the following line twice, the second time in quotes.” )

52. Computer Viruses 52 Self-replicating programs that spread by infecting other programs or data files Must fool users into opening the infected file Payload Cool Screen Saver NotepadSolitairePaint Payload

53. Email Viruses 53 Infected program, screen saver, or Word document launches virus when opened Use social engineering to entice you to open the virus attachment Self-spreading: after you open it, automatically emails copies to everyone in your address book Other forms of social engineering: downloadable software/games, P2P software, etc.

54. The Melissa Virus (1999) 54 Social engineering: Email says attachment contains porn site passwords Self-spreading: Random 50 people from address book Traffic forced shutdown of many email servers $80 million damage 20 months and $5000 fine David L. Smith Aberdeen, NJ

55. Computer Worms 55 Self-replicating programs like viruses, except exploit security holes in OS (e.g., bugs in networking software) to spread on their own without human intervention Payload

56. Robert Tappan Morris 56 First Internet worm Created by student at Cornell Exploited holes in email servers, other programs Infected ~10% of the net Spawned multiple copies, crippling infected servers Sentenced to 3 years probation, $10,000 fine, 400 hours community service Robert Tappan Morris

57. “Can we just develop software to detect a virus/worm?” 57 [Adleman’88] This task is undecidable. (so no software can work with 100% guarantee) No real guarantee Current methods: (i) Look for snippets of known virus programs on hard drive (ii) maintain log of activities such as network requests, read/writes to hard-drive and look for “suspicious” trends (iii) look for changes to OS code.

58. Spyware/Adware 58 Hidden but not self-replicating Tracks web activity for marketing, shows popup ads, etc. Usually written by businesses: Legal gray area

59. Zombies 59 Bot Bot program runs silently in the background, awaiting instructions from the attacker Attacker’s Program

60. Can we stop computer crime? 60 Probably not! Wild West nature of the Internet Software will always have bugs Rapid exponential spread of attacks But we can take steps to reduce risks…

61. Protecting Your Computer 61 Six easy things you can do… Keep your software up-to-date Use safe programs to surf the ‘net Run anti-virus and anti-spyware regularly Add an external firewall Back up your data Learn to be “street smart” online

62. Keep Software Up-to-Date

63. Use Safe Software to Go Online Firefox (web browser) Thunderbird (email)

64. Anti-virus / Anti-spyware Scans Symantec Antivirus (Free from OIT) Spybot Search & Destroy (Free download)

65. Add an External Firewall Provides layered security (think: castle walls, moat) (Recent operating systems have built-in firewall features)

66. Back Up Your Data Tivoli Storage Manager (Free from OIT)

67. Learn Online “Street Smarts” Be aware of your surroundings Is the web site being spoofed? Don’t accept candy from strangers How do you know an attachment or download isn’t a virus, Trojan, or spyware? Don’t believe everything you read Email may contain viruses or phishing attack – remember, bad guys can forge email from your friends

68. Quiz: A hacked computer can be used to… (select all that apply) 68 1. Send spam and phishing emails. 2. Harvest and sell email addresses and passwords. 3. Illegally distribute music, movies and software. 4. Distribute child pornography. 5. Infect other systems. 6. Hide programs that launch attacks on other computers. 7. Record keystrokes and steal passwords. 8. Access restricted or personal information on your computer or other systems that you have access to. 9. Generate large volumes of traffic, slowing down the entire system

69. Next time is an exam 69 Assignment Survey some of viruses and security incidents that ha been found in the last five years ?