Computer Security By Rubel Biswas

Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline

“Hidden writing” Increasingly used to protect information Can ensure confidentiality – Integrity and Authenticity too Introduction

What is Computer Security?????? Computer security is information security as applied to Computers and networks. Computer security is the process of preventing and detecting unauthorized use of your computer.

Types of Computer Security Computer Network Security – flow of data and services to the authorized users – correct user name and password by Intruders Computer System Security – computer hardware and its components Computer Information and Data Security – important to avoid data and information loss in case of hard disk crashes – backups of all the data on other media such as magnetic tapes, CD-ROM

Network Security Classic properties of secure systems: – Confidentiality Encrypt message so only sender and receiver can understand it. – Authentication Both sender and receiver need to verify the identity of the other party in a communication: are you really who you claim to be? – Authorization Does a party with a verified identity have permission to access (r/w/x/…) information? Gets into access control policies. – Integrity During a communication, can both sender and receiver detect whether a message has been altered? – Availability Guaranteeing access to legal users.

Dates back to at least 2000 B.C. Pen and Paper Cryptography Examples – Scytale – Atbash – Caesar – Vigenère History – The Manual Era

Computers! Examples – Lucifer – Rijndael – RSA – ElGamal History – The Manual Era

Cryptography Cryptography (or cryptology; from Greek κρυπτός, "hidden, secret"; and γράφειν, graphein, "writing", or -λογία, -logia, "study", respectively) [1] is the practice and study of techniques for secure communication in the presence of third parties (called adversaries)κρυπτόςγράφειν-λογία-logia [1]adversaries

Speak Like a Crypto Geek Plaintext – A message in its natural format readable by an attacker Ciphertext – Message altered to be unreadable by anyone except the intended recipients Key – Sequence that controls the operation and behavior of the cryptographic algorithm Keyspace – Total number of possible values of keys in a crypto algorithm

Speak Like a Crypto Geek (2) Initialization Vector – Random values used with ciphers to ensure no patterns are created during encryption Cryptosystem – The combination of algorithm, key, and key management functions used to perform cryptographic operations

Stream-based Ciphers – One at a time, please – Mixes plaintext with key stream – Good for real-time services Block Ciphers – Amusement Park Ride – Substitution and transposition Types of Cryptography

Encryption Systems Substitution Cipher – Convert one letter to another – Crypto quip Transposition Cipher – Change position of letter in text – Word Jumble Monoalphabetic Cipher – Caesar

Encryption Systems Poly alphabetic Cipher – Vigenère Modular Mathematics – Running Key Cipher One-time Pads – Randomly generated keys

Cryptographic Methods Symmetric – Same key for encryption and decryption – Key distribution problem Asymmetric – Mathematically related key pairs for encryption and decryption – Public and private keys

Attributes of Strong Encryption Confusion – Change key values each round – Performed through substitution – Complicates plaintext/key relationship Diffusion – Change location of plaintext in ciphertext – Done through transposition

Cryptanalysis Attacks Brute force – Trying all key values in the key space Frequency Analysis – Guess values based on frequency of occurrence Dictionary Attack – Find plaintext based on common words Chosen Plaintext – Attack can encrypt chosen plaintext Chosen Ciphertext – Decrypt known ciphertext to discover key Differential Power Analysis – Side Channel Attack – Identify algorithm and key length

Caesar Cipher According to Suetonius, Caesar simply replaced each letter in a message with the letter that is three places further down the alphabet. As shown below, it is clear to see that the cipher text alphabet has been shifted by three places. Hence this form of substitution is often called the Caesar Shift Cipher.

Pigpen Cipher The Pigpen Cipher was used by Freemasons in the 18th Century to keep their records private. The cipher does not substitute one letter for another; rather it substitutes each letter for a symbol. The alphabet is written in the grids shown, and then each letter is enciphered by replacing it with a symbol that corresponds to the portion of the pigpen grid that contains the letter. For example: Plain Text : I Love Computer Science Cipher text :

Principle of Confusion and Diffusion “Diffusion” : a classical Transposition cipher modern Transposition ciphers take in N bits and permute using lookup table : called P-Boxes

QUESTION????