Lecture1 Introduction

Data and Network Security MIT 4010
Introduction
Nandika Kasun
Department of Communication and Media Technologies

University of Colombo School of Computing
University of Colombo
Sri Lanka
UCSC All rights reserved. No part of this material may be reproduced and sold.
1
kasun@cmb.ac.lk
Introduction
Course Title: Data and Network Security (MIT 4010)

For Whom: MIT students
Number of Lecture Hours: 30 hours (2 hours x 15
Weeks)
Prerequisites: A familiarity with basic mathematical
concepts
2
kasun@cmb.ac.lk
Learning Outcome:
After successfully completing this module student should be

able to:
●
understand the concept of symmetric key and asymmetric key
cryptography.
●
compare and contrast the different encryption and decryption
algorithms and technologies.
●
understand the web security and principals of security application
development
●
Apply modern cryptographic principles (symmetric key and
asymmetric key cryptography) to solve real world security problems.
●
design new cryptographic solutions to address the security issues in
open network environments.
3
kasun@cmb.ac.lk
Outline of the Syllabus
1. Introduction
Classical Encryption techniques, Cipher Principles ,Block Ciphers,
Stream Ciphers, Cipher Design Principle
2. Symmetric Encryption
Data Encryption Standard, Block Cipher Design Principles and
Modes of Operation, Triple DES, AES Cipher
3. Asymmetric key Encryption and Hash functions

Introduction to Number Theory, Confidentiality using Symmetric Encryption,
Public Key Cryptography, RSA, DSA, ECC
4. Message Authentication
Message Authentication Codes, Hash Functions, Security of Hash Functions and
MACs , MD5, Secure Hash Algorithm, HMAC, Digital Signatures
4
kasun@cmb.ac.lk
5. Key Management
Diffie-Hellman key Exchange, Public Key Infrastructure (PKI), Quantum Cryptography
6. Authentication Protocols
Authentication principles,X.509 Authentication Service, Kerberos,
.NET Passport protocol, Multi-party authentication
7. IP Security and VPN

Security Association(SA), Authentication Header(AH), Encapsulating Security
Payload(ESP), The Internet Key Exchange (IKE) Protocol, VPN
8. Intrusion Detection and Prevention

Viruses and related Threats, Virus Counter measures, Firewall Design Principles,
IDS, Honey ports
9. Electronic Mail and Electronic Document Security

PGP, S/MIME, Hoax, Spam, PKCS7, XML Security
5
kasun@cmb.ac.lk
10. Web Application Security
User Requirements,SSL, Web Server Protection, Web Service Security,
SQL Injection
11. Wireless Security

Wireless Application Protocol Security(WAP), Wireless Transport Layer,
Security(WTLS)
12. Secure electronic commerce

Digital cash, Credit card transactions, SET, 3D Secure
13. Java Cryptography

JSA, JCE, Java cryptography application development, Key management,
Signed applets
14. Information Crime and Investigations

UCSC
crime laws, DigitalAllforensic methodologies and tools
rights reserved. No part of this material may be reproduced and sold.
6
kasun@cmb.ac.lk
Basic Encryption and
Decryption
Lecturer 1
•Requirement and basic concept

•Monoalpabetic & Polyalphabetic ciphers
•The “perfect” substitution ciphers
•Transposition ciphers
•Stream & Block ciphers
•Characteristics of “Good” cipher
7
kasun@cmb.ac.lk
Requirement
Help
8
kasun@cmb.ac.lk
Basic Concept
Cipher Algorithm
Cipher Algorithm
Encrypted Data
9
kasun@cmb.ac.lk
The Caesar Cipher
Plain Text :ABCDEFGHIJKLMNOPQRSTUVWXYZ

Cipher Text : D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Ci = E(Pi)= Pi+3
10
kasun@cmb.ac.lk
Monoalphabetic Substitutions

Cipher Text : K E Y G H I J K L M N O P Q R S T U V W X Y Z A B C
Letter Frequency
ABCDEFGHIJKLMNOPQRSTUVWXYZ
11
kasun@cmb.ac.lk
Polyalalphabetic Substitutions
Table for Odd Positions

Cipher Text : A D G J N O S V Y B E H K N Q T W Z C F I L O R U X
Table for Even Positions

Cipher Text : N S X C H M R W B G I Q V A F K P U Z E J O T Y D I
Plain Text : SSIBL

Cipher Text : czysh
12
kasun@cmb.ac.lk
The Perfect Substitution Cipher
One Time Pad
•Recipient need identical pad

•Pad position should be synchronized
•Plain text length = Key length
13
kasun@cmb.ac.lk
The Vernam Cipher
Plain Text :V E R NA M C I P H E R
Numeric Equivalent : 21 4 17 13 0 12 2 8 15 7 4 17
+Random Number : 76 48 16 82 44 3 58 11 60 5 48 88
= Sum : 97 52 33 95 44 15 60 19 75 12 52 105
=Mod 26 : 19 0 7 17 18 15 8 19 23 12 0 1
Cipher text : t a h r s p I t x m a b
Binary Vernam Cipher

Plain Text :101000111001101
+ Random Stream : 0 1 0 1 1 0 1 0 1 1 1 0 1 0 1
Cipher text :111110010111000
14
kasun@cmb.ac.lk
The One-Time Pad
•If a truly random key as long as the message is used, the

cipher will be secure
•Called a One-Time pad
•Has unconditional security:
•ciphertext bears no statistical relationship to the
plaintext since for any plaintext & any ciphertext there
exists a key mapping one to other
•Can only use the key once
•Have problem of safe distribution of key
15
kasun@cmb.ac.lk
Random Number Generation
1. Truly Random numbers
•Books 2. Pseudo Random numbers

•CD
•Linear congruential random number generation
Ri+1 = (a * Ri+b) mod n
R1 = (a * R0+b) mod n
R2 = (a * R1+b) mod n
R3 = (a * R2+b) mod n
16
kasun@cmb.ac.lk
Transpositions (Permutation)
Columnar Transposition
c1 c2 c3 c4 c5
c6 c7 c8 c9 c10
c11 c12 etc.
Cipher text formed by c1 c6 c11 c2 c7 c12 c3 c8 ...
c1 c2 c3 c4 c5
c6 c7 c8 c9 c10
c11 c12 etc.
17
kasun@cmb.ac.lk
Block vs Stream Ciphers
•Block ciphers process messages in blocks, each of which

is then en/decrypted
•Like a substitution on blocks of characters
•64-bits or more
•Stream ciphers process messages a bit or byte at a time

when en/decrypting
•E.g. Vernam cipher, one time pad
•Many current ciphers are block ciphers
18
kasun@cmb.ac.lk
Stream Cipher
Key (Optional)
ISSOPMI WEHTUA..
Y
Plain text Cipher text
Cipher
Advantage
•Speed of transformation Cipher text(F)

•Low error propagation Plain text (A)
Disadvantage
•Low diffusion
•Susceptibility to malicious insertion and modifications
19
kasun@cmb.ac.lk
Block Cipher
XN
OI BA
TP QC
Key (Optional) KD
YR
CN EM
ES MC
Y
Plain text Cipher text
Disadvantage
Cipher
•Slowness of encryption
•Error propagation
Cipher text(FRWSU)
Advantage
Plain text
(AKEDF)
•Diffusion
•Immunity to insertion
20
kasun@cmb.ac.lk
Characteristic of “Good” Cipher
Shannon Characteristics - 1949
•The amount of secrecy needed should determine

the amount of labor appropriate for encryption and decryption
•The set of keys and the encryption algorithm should be free from complexity
•The implementation of the process should be as simple as possible
•Errors in the ciphering should not propagate and cause corruption of

further information in the message
•The size of enciphered text should be no larger than the

text of the original message
21
kasun@cmb.ac.lk
Kerckhoff’s Principle
The security of the encryption scheme must depend

only on the secrecy of the key and not on the secrecy
of the algorithms.
Reasons:
•Algorithms are difficult to change
•Cannot design an algorithm for every pair of users
•Expert review
•No security through obscurity!
22
kasun@cmb.ac.lk
Confusion and Diffusion
Goal: cipher needs to completely obscure statistical

properties of original plaintext (like a one time pad)
23
kasun@cmb.ac.lk
Confusion
Confusion
The interceptor should not be able to predict
what changing one character in the plaintext
will do to the ciphertext
Plaintext
Ciphertext
24
kasun@cmb.ac.lk
Diffusion
Diffusion
The characteristics of distributing the
information from single plaintext letter over
the entire ciphertext
Plaintext
KASUN
ANHYJ
Ciphertext
25
kasun@cmb.ac.lk
Information Theoretic Tests
Prob(h(C)=P)<z
Perfect Secrecy Imperfect Secrecy

P1
C1 P1
C1
P2
C2 P2
C2
P3
C3 P3
C3
P4
C4 P4
C4
P5
C5 P5
C5
26
kasun@cmb.ac.lk
Redundancy
Meaningless messages P1
C1
P2
Meaningful message P3
P4
P5
27
kasun@cmb.ac.lk
What the Cryptanalyst Has to Work With
•Ciphertext only
•Full or partial plaintext
•Ciphertext of any plain text
•Algorithm of ciphertext
28
kasun@cmb.ac.lk
Types of Cryptanalytic Attacks
Ciphertext only
only knows encryption algorithm and ciphertext, goal is to
identify plaintext
Known plaintext
know encryption algorithm and one or more plaintext &
ciphertext pairs formed with the secret key
Chosen plaintext
know encryption algorithm and can select plaintext and obtain
ciphertext to attack cipher
29
kasun@cmb.ac.lk
Types of Cryptanalytic Attacks
Chosen ciphertext
know encryption algorithm and can select ciphertext and obtain
plaintext to attack cipher
Chosen text
know encryption algorithm and can select either plaintext or
ciphertext to en/decrypt to attack cipher
30
kasun@cmb.ac.lk
Brute Force Search
•Always possible to simply try every key
•Most basic attack, proportional to key size
•Assume either know/recognize plaintext
Key Size Number of Time required at

(bits) Alternative Keys 106 Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds

56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years
31
kasun@cmb.ac.lk
Unconditional/Computational Security
Unconditional security
no matter how much computer power is
available, the cipher cannot be broken since the
ciphertext provides insufficient information to
uniquely determine the corresponding plaintext
Computational security
given limited computing resources (e.g. time
needed for calculations is greater than age of
universe), the cipher cannot be broken
32
kasun@cmb.ac.lk
Discussion
33
kasun@cmb.ac.lk

Lecture1 Introduction

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Lecture1 Introduction

Diunggah oleh

Hak Cipta:

Format Tersedia

Data and Network Security MIT 4010

Department of Communication and Media Technologies

Course Title: Data and Network Security (MIT 4010)

After successfully completing this module student should be

3. Asymmetric key Encryption and Hash functions

7. IP Security and VPN

8. Intrusion Detection and Prevention

9. Electronic Mail and Electronic Document Security

11. Wireless Security

12. Secure electronic commerce

13. Java Cryptography

14. Information Crime and Investigations

•Requirement and basic concept

Plain Text :ABCDEFGHIJKLMNOPQRSTUVWXYZ

Plain Text :ABCDEFGHIJKLMNOPQRSTUVWXYZ

Table for Odd Positions

Table for Even Positions

Plain Text :ABCDEFGHIJKLMNOPQRSTUVWXYZ

Plain Text : SSIBL

One Time Pad

•Recipient need identical pad

Binary Vernam Cipher

•If a truly random key as long as the message is used, the

1. Truly Random numbers

•Books 2. Pseudo Random numbers

Ri+1 = (a * Ri+b) mod n

Cipher text formed by c1 c6 c11 c2 c7 c12 c3 c8 ...

•Block ciphers process messages in blocks, each of which

•Stream ciphers process messages a bit or byte at a time

•Many current ciphers are block ciphers

•Speed of transformation Cipher text(F)

Shannon Characteristics - 1949

•The amount of secrecy needed should determine

•The implementation of the process should be as simple as possible

•Errors in the ciphering should not propagate and cause corruption of

•The size of enciphered text should be no larger than the

The security of the encryption scheme must depend

Goal: cipher needs to completely obscure statistical

Perfect Secrecy Imperfect Secrecy

Key Size Number of Time required at

32 232 = 4.3 x 109 2.15 milliseconds

Anda mungkin juga menyukai