Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Prepared By: Prof. Ajaykumar T. Shah

Published byFranklin Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security Prepared By: Prof. Ajaykumar T. Shah"— Presentation transcript:

1 Information Security Prepared By: Prof. Ajaykumar T. Shah

2 Security Attack Passive Attack Active Attack
A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active attack attempts to alter system resources or affect their operation. Aforajayshahnirma.wordpress.com

3 Passive Attack The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are The release of message contents Traffic analysis. The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions. Aforajayshahnirma.wordpress.com

4 Release of Message Content
Aforajayshahnirma.wordpress.com

5 Traffic Analysis A second type of passive attack, traffic analysis. Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. An opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. Aforajayshahnirma.wordpress.com

6 Traffic Analysis

7 Passive Attack Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion, and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.

8 Active Attack Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: Masquerade Replay Modification of messages Denial of service.

9 Active Attack Masquerade

10 Active Attack Replay

11 Active Attack Modification of Message

12 Active Attack Denial of Service

13 Model for N/w Security

14 Model for N/w Security This general model shows that there are four basic tasks in designing a particular security service: Design an algorithm for performing the security-related transformation. Generate the secret information to be used with the algorithm. Develop methods for the distribution and sharing of the secret information. Specify a protocol to be used by the two principals that makes use of the security algorithm and the secret information to achieve a particular security service.

15 Model for N/w Security

16 Basic Terms An original message is known as the plain text.
The coded message is called the cipher text. The process of converting from plaintext to cipher text is known as enciphering or encryption. Restoring the plaintext from the cipher text is deciphering or decryption. The many schemes used for encryption constitute the area of study known as cryptography. Such a scheme is known as a cryptographic system or a cipher. Techniques used for deciphering a message without any knowledge of the enciphering details fall into the area of cryptanalysis. The areas of cryptography and cryptanalysis together are called cryptology.

17 Symmetric Cipher Model

18 Model of Symmetric Cryptosystem

19 Cryptography The type of operations used for transforming plaintext to cipher text. Substitution Transposition The number of keys used. If both key are same – symmetric If both key are different – asymmetric The way in which the plaintext is processed. Block Cipher Stream Cipher

20 Typically, the objective of attacking an encryption system is to recover the key in use rather than simply to recover the plaintext of a single cipher text. There are two general approaches to attacking a conventional encryption scheme: • Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plain text–cipher text pairs. This type of attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.

21

22 • Brute-force attack: The attacker tries every possible key on a piece of cipher text until an intelligible translation into plaintext is obtained. On average, half of all possible keys must be tried to achieve success.

23 Substitution Techniques
Caeser Cipher Mono-alphabetic Cipher Playfair Cipher Hill Cipher Poly-alphabetic Cipher

24 Caeser Cipher Julius Caesar.
The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet.

25 Caeser Cipher cont…

26 Caeser Cipher cont… If it is known that a given cipher text is a Caesar cipher, then a brute-force cryptanalysis is easily performed: simply try all the 25 possible keys. Three important characteristics of this problem enabled us to use a bruteforce cryptanalysis: The encryption and decryption algorithms are known. There are only 25 keys to try. The language of the plaintext is known and easily recognizable.

27

28 Monoalphabetic Cipher
With only 25 possible keys, the Caesar cipher is far from secure. A dramatic increase in the key space can be achieved by allowing an arbitrary substitution. Before proceeding, we define the term permutation. A permutation of a finite set of elements is an ordered sequence of all the elements of, with each element appearing exactly once. For Example if S={a , b , c } there are six permutations of S:

29 Monoalphabetic Cipher cont…
Cipher Text Frequency of all char in the cipher text.

30 Monoalphabetic Cipher cont…

31 Monoalphabetic Cipher cont…

32 Playfair Cipher The Playfair algorithm is based on the use of a 5 × 5 matrix of letters constructed using a keyword. Key: monarchy

33 Playfair Cipher cont… The letters I and J count as one letter. Plaintext is encrypted two letters at a time, according to the following rules: Repeating plaintext letters that are in the same pair are separated with a filler letter, such as x, so that balloon would be treated as ba lx lo on. Two plaintext letters that fall in the same row of the matrix are each replaced by the letter to the right, with the first element of the row circularly following the last. For example, ar is encrypted as RM. Two plaintext letters that fall in the same column are each replaced by the letter beneath, with the top element of the column circularly following the last. For example, mu is encrypted as CM. Otherwise, each plaintext letter in a pair is replaced by the letter that lies in its own row and the column occupied by the other plaintext letter. Thus, hq becomes YP and ea becomes IM (or JM, as the encipherer wishes).

34 Playfair Cipher cont… Key: secret Input Text: come to office
B D F G H I/J K L M N O P Q U V W X Y Z Input Text: come to office co me to of fi ce Cipher Text: EP IT EU QB BL RC

35 Hill Cipher Developed by the mathematician Lester Hill in 1929.
This encryption algorithm takes m successive plaintext letters and substitutes for them m cipher text letters. The substitution is determined by m linear equations in which each character is assigned a numerical value (a=0, b=1, … z=25). For , m=3 the system can be described as

36 Hill Cipher cont… OR where C and P are row vectors of length 3 representing the plaintext and cipher text, and K is a 3 * 3 matrix representing the encryption key. Operations are performed mod 26.

37 Hill Cipher cont… Plaintext: paymoremoney Key: = (303 303 531)
The first three letters of the plaintext are represented by the vector ( ). Then ( ) K = ( ) mod 26 = ( ) = RRL . Continuing in this fashion, the cipher text for the entire plaintext is RRLMWBKASPDH.

38 Hill Cipher cont… KK-1 = =

39 Hill Cipher cont…

40 Polyalphabetic Cipher
VIGENERE CIPHER We can express the Vigenère cipher in the following manner. Assume a sequence of plaintext letters P = p0, p1, p2, ... , pn-1 and a key consisting of the sequence of letters K = k0, k1, k2, ... , km-1 , where typically m < n. The sequence of Cipher text letters C = C0, C1, C2, ... , Cn-1 is calculated as follows:

41 Polyalphabetic Ciphercont…

42 Polyalphabetic Ciphercont…

43 Polyalphabetic Ciphercont…
The periodic nature of the keyword can be eliminated by using a nonrepeating keyword that is as long as the message itself. Vigenère proposed what is referred to as an autokey system, in which a keyword is concatenated with the plaintext itself to provide a running key. For our example,

44 Polyalphabetic Ciphercont…
VERNAM CIPHER AT&T engineer named Gilbert Vernam in 1918. His system works on binary data (bits) rather than letters.

45 Polyalphabetic Cipher cont…

46 MONOALPHABETIC CIPHER POLYALPHABETIC CIPHER
Difference MONOALPHABETIC CIPHER POLYALPHABETIC CIPHER Once the key is chosen each alphabetic character of a plain text is mapped onto a UNIQUE alphabetic character of a cipher text. Each alphabetic character of a plaintext can be mapped onto ‘m’ alphabetic characters of a ciphertext. The relationship between a character in the plaintext and the character in the ciphertext is one to one. The relationship between a character in the plaintext and the character in the ciphertext is one to many. A stream cipher is a monoalphabetic cipher if the value of ki does not depend on the position of the plaintext character in the plaintext stream. A stream cipher is a polyalphabetic cipher if the value of ki does depend on the position of the plaintext character in the plaintext stream. Monoalphabetic cipher includes additive, multiplication, affine and monoalphabetic substitution cipher. Polyalphabetic cipher includes autokey, playfair, vigenere, Hill, one time pad, roter and Enigma cipher.

47 One-Time Pad An Army Signal Corp officer, Joseph Mauborgne, proposed an improvement to the Vernam cipher that yields the ultimate in security. Mauborgne suggested using a random key that is as long as the message, so that the key need not be repeated. In addition, the key is to be used to encrypt and decrypt a single message, and then is discarded. Each new message requires a new key of the same length as the new message. Such a scheme, known as a one-time pad, is unbreakable.

48 One-Time Pad cont… The one-time pad offers complete security but, in practice, has two fundamental difficulties: There is the practical problem of making large quantities of random keys. Any heavily used system might require millions of random characters on a regular basis. Supplying truly random characters in this volume is a significant task. Even more daunting is the problem of key distribution and protection. For every message to be sent, a key of equal length is needed by both sender and receiver. Thus, a mammoth key distribution problem exists.

49 Transposition Techniques
RAIL FENCE The simplest such cipher is the rail fence technique, in which the plaintext is written down as a sequence of diagonals and then read off as a sequence of rows. PLAIN TEXT: meet me after the toga party m e m a t r h t g p r y e t e f e t e o a a t CIPHER TEXT: mematrhtgpryetefeteoaat

50 Transposition Techniques cont…
This sort of thing would be trivial to cryptanalyze. A more complex scheme is to write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns. The order of the columns then becomes the key to the algorithm. For example,

51 Steganography A plaintext message may be hidden in one of two ways. The methods of steganography conceal the existence of the message, whereas the methods of cryptography render the message unintelligible to outsiders by various transformations of the text.

52 Steganography cont… Covered writing, Covert channels Document marking
Protection Against Detection Removal Watermarking Fingerprinting Covered writing, Covert channels Document marking Data Hiding All object are marked in the same way Identify all object, every object is marked specified

53 Steganography cont… STEGANOGRAPHY TECHNIQUES Genome Steganography
Hiding in text Hiding in the disk space Hiding data in software and circuitry Information hiding in Images Hiding in the network packets.

54

55 End of the Unit-1

Download ppt "Information Security Prepared By: Prof. Ajaykumar T. Shah"

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
Cryptography and Network Security

Cryptography and Network Security
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CSCE 790G: Computer Network Security

CSCE 790G: Computer Network Security
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Classical Encryption Techniques

Classical Encryption Techniques
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.

Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Lecture 2 Overview.

Lecture 2 Overview.
Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007 INCS.

Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester 2008-2009.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Chapter 2 Classical Encryption Techniques. Symmetric Encryption n conventional / private-key / single-key n sender and recipient share a common key n.

Chapter 2 Classical Encryption Techniques. Symmetric Encryption n conventional / private-key / single-key n sender and recipient share a common key n.

Similar presentations

Ads by Google