Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Management and Security

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Management and Security"— Presentation transcript:

1 Network Management and Security
Professor Katz Session 1

2 Hackers and Cryptanalysts
Rule 1: Hackers exist and will exploit your mistakes Network control and security must be maintained at all times What is safe by today’s standards may not be safe tomorrow. The amount of time to perform a brute force attack changes.

3 Security Goals Authentication Authorization Receipt Privacy
Certification of originality Availability

4 Methods of attack Interruption Interception Modification Fabrication

5 Interruption A part of a system becomes lost or unusable for example by network congestion, interruption of communication lines, destruction of hardware. An attacker causes the system to become inaccessible by valid users

6 Interception An Attacker has gained unauthorized access to data by a method similar to wiretapping The system will remain operational however privacy has been compromised and system integrity can no longer be trusted

7 Modification An unauthorized party has accessed and/or modified a message. Also known as “Man-in-The-Middle” attack Data security and system integrity have been compromised

8 Fabrication An intruder may fabricate or fake the identity of a valid user. Data security and system security have been compromised

9 Encryption and Authenticaiton
Cryptography Encryption and Authenticaiton

10 Terminology Plaintext Cyphertext Secret Key Algorithm

11 Concept of Encryption Cyphertext = Encryption(Plaintext)
Plaintext = Decryption(Cyphertext) P = (D(E(P))

12 Methods for implementing encryption
Protect the Encryption Algorithm Create a shared Key Create a complex algorithm with multiple keys

13 Caesar Cypher Represent the letters of the alphabet by sequential numbers Shift the letters by a specified amount (use wrapping where necessary) The key is the number of letters you shifted E = (P +k) mod N

14 Other Monoalphabetic Cyphers
Map each letter of the alphabet to another letter or number Theoretically there are 26! possible keys so brute force is difficult.

15 Problems with Monoalphabetic cyphers
Frequency of common letters Two and Three letter combinations remain intact Only solves the problem of privacy of data

16 Transposition Cypher The key is the number of columns.
Encryption: write the plain text across, read the cyphertext down

17 Data Encryption Encryption is the process of encoding a message such that its meaning is not obvious. Decryption is the reverse process, ie, transforming an encrypted message to its original form. We denote plaintext by P and ciphertext by C. C = E(P), P = D(C) and P = D(E(P)), where E() is the encryption function (algorithm) and D() the decryption function. Encryption Decryption Plaintext Ciphertext

18 Kerckhoff’s Principle
How do you prevent and eavesdropper from computing P, given C? Keep the encryption algorithm E() secret. BAD IDEA!! Choose E() (and corresponding D()) from a large collection, based on secret key. GOOD IDEA!! Kerckhoff’s principle. C = E(K, P) and P = D(K, C) Encryption Decryption Plaintext Ciphertext Secret Key

19 Symmetric and Asymmetric Cryptosystems
Just by changing key we have different encryptions of one plaintext. If the encryption key and the decryption key are the same then we have a symmetric encryption scheme (also private key, one-key). If the encryption key and the decryption key are different then we have an asymmetric encryption scheme (also public key, two-key). A cryptosystem then a five-tuple consisting of 1) The set of all plaintexts 2) The set of all ciphertexts ) The set of all keys 4) A family of encryption functions 5) A family of decryption functions.

20 Cryptanalysis A cryptosystem had to be secure against the following kinds of attacks: Ciphertext only attack. Known plaintext attack. Chosen plaintext attack. Adaptive chosen plaintext attack. Chosen ciphertext attack. Chosen key attack. Of course there is one attack against which no cryptosystem can offer protection – Brute Force attack.

21 Brute Force Attacks. Since the key space is finite, given a ciphertext a cryptanalyst can try and check all possible keys. For above to be not feasible, key space should be large!! How large? How about 256? Large enough to make it impractical for an adversary. But what is impractical today, may not be so tomorrow. In practice, for a “good” cryptosystem, the only possible attack should be the brute force attack, which should be impractical into the foreseeable future, as slong as message may have value.

22 Encryption by Mono-alphabetic Substitution.
K E M N A S T R A B C D E F G H I J K L M N O P Q R S T U V W X Y Z K B U T R S P D F A Key space is large 26! (How do you remember a key? See example). However, mono-alphabetic substitution is easy to break as it preserves source first order statistics. Large key space is necessary but not sufficient condition for security!

23 Encryption by Poly-alphabetic Substitution.
Playfair cipher. Used by British Army in WW1 and WW2. Can be broken easily today with only a ciphertext of length about 100. P O L Y T E C H N I/J U V R S B K W A D F G M Q X Z Encrypt plaintext a pair at a time. Two letters specify a rectangle. Substitute by opposite corner pair. Eg: VX -> SM. If they fall in same row or column, then using next pair in circular manner. Eg: LY -> TP. Repeated letters are broken by filler letter. I/J chosen randomly.

24 Poly-alphabetic Cipher – Vigenere.
Use K mono-alphabetic ciphers – E1, E2, … Ek. In position i, of plaintext, use cipher Ei. Example using Caesar ciphers … Plaintext: helloiloveyouwontyoutellmeyourname Key: polytechnicpolytechnicpolytechnicpoly Ciphertext: wswjhmnv………………………………coxc A little harder to break but trivial once you know key length! Some well known techniques for determining key length – See text.

25 Vernam – The Perfect Substitution Cipher.
If we use Vigenere with key length as long as plaintext, then cryptanalysis will be difficult! If we change key every time we encrypt then cryptanalyst’s job becomes even more difficult. One-time pad or Vernam Cipher. How do we get such long keys? A large book shared by transmitter and receiver. Initial key followed by previous messages themselves!! Random number sequence based on common shared and secret seed. Such a cipher is difficult to break but not very practical.

26 Binary Vernam – Unconditional Security.
If plaintext is binary string and key is binary string of equal length then encryption can be done by a simple exclusive or operation. Plaintext: Key: Ciphertext: If plaintexts are uniformly distributed and keys are random then such a system offers unconditional security – perfect secrecy! (Under the right mathematical formulation and assumptions). How do we obtain “random” bit-strings for shared secret keys? Again system is not practical.

27 Encryption by Transposition
K E M N A S T R 1 2 3 4 5 6 7 8 9 10 11 12 13 O E N T M P K A S R Harder to break than substitution ciphers Preserve first order statistics One can arrange plaintext in table and sort rows and columns.

28 Product Ciphers To get improved security one can encrypt the ciphertext again. If one uses same algorithm – super encryption. May or may not be useful. For example, super-encryption with Caesar cipher is as good as single encryption! If one uses different algorithms – product cipher. Product ciphers based on sequence of substitutions and transpositions are very popular. You will see one next week – DES.

29 Shannon Characteristics of Good Ciphers
The amount of secrecy needed should determine the amount of labor appropriate for encryption and decryption. The set of keys and enciphering algorithms should be free from complexity. The implementation of the process should be as simple as possible. Errors in ciphering should not propagate and cause corruption of future information in the message. The size of enciphered text should be no longer than the text of the original message.

30 Confusion and Diffusion
Confusion: The cryptanalyst should not be able to predict what changing one character in the plaintext will do to the ciphertext. Diffusion: Changes in the plaintext should affect many parts in the ciphertext.

Download ppt "Network Management and Security"

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
Computer Science 101 Data Encryption And Computer Networks.

Computer Science 101 Data Encryption And Computer Networks.
Making “Good” Encryption Algorithms

Making “Good” Encryption Algorithms
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.

Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …

Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Lecture 1 Overview.

Lecture 1 Overview.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Cryptography Week-6.

Cryptography Week-6.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Lecture 2 Overview.

Lecture 2 Overview.

Similar presentations

Ads by Google