Security Attack:
• Cryptanalyst can not communicate with both parties, attempting to break the system
solely based on the observed data
Traffic analysis.
• A network attack is the process of intercepting or examining messages in order to deduce
information from pattern in communication.
• It can be performed even for encrypted messages
Greater the number of messages observed more can be inferred
Active attacks :
• Active attacks involve some modification of the data stream or the creation of a false
stream
• can be subdivided into four categories:
– masquerade,
– replay,
– modification of messages,
– and denial of service.
Masquerade attack:
• A network attack that uses fake identity, such as network identity , to gain unauthorized
access to personal computer information through legitimate access identification
Replay:
• A form of a network attack in which a valid transmission of data is maliciously or
fraudulently repeated or delayed
Modified message:
Cyber attack where the perpetrator seeks to make a machine or network unavailable to its
intended users by temporarily disrupting services of a host connected to the internet.
This is accomplished by flooding the targeted resource with superfluous requests in an attempt to
overload systems and prevent some of all legitimate requests from being fulfilled
2. Discuss Active and Passive security attacks
Same as answer 1
At the sender side, message undergoes security related transformation using secret
DATA CONFIDENTIALITY
The protection of data from unauthorized disclosure.
• Connection Confidentiality
• The protection of all user data on a connection.
• Connectionless Confidentiality
• The protection of all user data in a single data block.
• Selective-Field Confidentiality
• The confidentiality of selected fields within the user data on a connection
or in a single data block.
• Traffic-Flow Confidentiality
• The protection of the information that might be derived from observation
of traffic flows.
DATA INTEGRITY
– The assurance that data received are exactly assent by an authorized entity
(i.e., contain no modification, insertion, deletion, or replay).
• Connection Integrity with Recovery
– Provides for the integrity of all user data on a connection and
detects any modification, insertion, deletion, or replay of any data
within an entire data sequence, with recovery attempted.
• Connection Integrity without Recovery
– As above, but provides only detection without recovery.
• Selective-Field Connection Integrity
– Provides for the integrity of selected fields within the user data of a
data block transferred over a connection and takes the form of
determination of whether the selected fields have been modified,
inserted, deleted, or replayed.
• Connectionless Integrity
– Provides for the integrity of a single connectionless data block and
may take the form of detection of data modification. Additionally,
a limited form of replay detection may be provided.
• Selective-Field Connectionless Integrity
– Provides for the integrity of selected fields within a single
connectionless data block; takes the form of determination of
whether the selected fields have been modified.
NONREPUDIATION
– Provides protection against denial by one of the entities involved in a
communication of having participated in all or part of the communication.
• Nonrepudiation, Origin
– Proof that the message was sent by the specified party.
• Nonrepudiation, Destination
– Proof that the message was received by the specified party
National Institute of Standards and Technology: NIST is a U.S. federal agency that deals
with measurement science, standards, and technology related to U.S. government use and
to the promotion of U.S. private-sector innovation. Despite its national scope, NIST
Federal Information Processing Standards (FIPS) and Special Publications (SP) have a
worldwide impact.
• Internet Society: ISOC is a professional membership society with worldwide
organizational and individual membership. It provides leadership in addressing issues
that confront the future of the Internet and is the organization home for the groups
responsible for Internet infrastructure standards, including the Internet Engineering Task
Force (IETF) and the Internet Architecture Board (IAB). These organizations develop
Internet standards and related specifications, all of which are published as Requests for
Comments (RFCs).
Kerberos Requirements:
• its first report identified requirements as:
– secure
– reliable
– transparent
– scalable
implemented using an authentication protocol based on Needham-Schroeder
Kerberos Version 4
i)The client requests a ticket-granting ticket on behalf of the user by sending its
user’s ID to the AS, together with the TGS ID, indicating a request to use the TGS
service.
ii). The AS responds with a ticket that is encrypted with a key that is derived from
the user’s password (KC), which is already stored at the AS.
When this response arrives at the client, the client prompts the user for his
or her password, generates the key, and attempts to decrypt the incoming message.
If the correct password is supplied, the ticket is successfully recovered.
iii)The client requests a service-granting ticket on behalf of the user. For this
purpose, the client transmits a message to the TGS containing the user’s ID, the ID of the
desired service, and the ticket-granting ticket.
iv)The TGS decrypts the incoming ticket using a key shared only by the AS and the
TGS (Ktgs) and verifies the success of the decryption by the presence of its ID.
It checks to make sure that the lifetime has not expired
.Then it compares the user ID and network address with the incoming
information to authenticate the user.
If the user is permitted access to the server V, the TGS issues a ticket to
grant access to the requested service.
v). The client requests access to a service on behalf of the user. For this purpose, the
client transmits a message to the server containing the user’s ID and the servicegranting
ticket
.The server authenticates by using the contents of the ticket.
Kerberos v4 Dialogue
i)obtain ticket granting ticket from AS
• once per session
ii)obtain service granting ticket from TGT
• for each distinct service required
iii)client/server exchange to obtain service
• on every service request
7. With a neat block diagram explain the model of network
security and explain the security mechanisms involved in it.
Network security model.. take from answer 3
Security Mechanism:
• feature designed to detect, prevent, or recover from a security attack
• no single mechanism that will support all services required
• however one particular element underlies many of the security mechanisms in
use:
– cryptographic techniques
• hence our focus on this topic
Security Mechanisms (X.800)
• specific security mechanisms:
– encipherment, digital signatures, access controls, data integrity,
authentication exchange, traffic padding, routing control, notarization
• pervasive security mechanisms:
– trusted functionality, security labels, event detection, security audit trails,
security recovery
SPECIFIC SECURITY MECHANISMS
• Encipherment
• The use of mathematical algorithms to transform data into a form that is
not readily intelligible.
• The transformation and subsequent recovery of the data depend on an
algorithm and zero or more encryption keys.
• Digital Signature
• Data appended to, or a cryptographic transformation of, a data unit that
allows a recipient of the data unit to prove the source and integrity of the
data unit and protect against forgery (e.g., by the recipient).
• Access Control
• A variety of mechanisms that enforce access rights to resources.
• Data Integrity
• A variety of mechanisms used to assure the integrity of a data unit or
stream of data units.
Authentication Exchange
• A mechanism intended to ensure the identity of an entity by means of
information exchange.
Traffic Padding
• The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
Routing Control
• Enables selection of particular physically secure routes for certain data and
allows routing changes, especially when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain properties of a data
exchange.
PERVASIVE SECURITY MECHANISMS
Trusted Functionality
• That which is perceived to be correct with respect to some criteria (e.g., as
established by a security policy).
Security Label
• The marking bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource.
Event Detection
Detection of security-relevant events.
We see that message (3) for both versions includes an authenticator, a ticket, and the name of the
requested service. In addition, version 5 includes requested times and options for the ticket and a
nonce—all with functions similar to those of message (1).
The authenticator itself is essentially the same as the one used in version 4. Message (4) has the same
structure as message (2). It returns a ticket plus information needed by the client, with the information
encrypted using the session key now shared by the client and the TGS.
In message (5), the client may request as an option that mutual authentication is required.The
authenticator includes several new fields:
• Subkey: The client’s choice for an encryption key to be used to protect this specific application session.
If this field is omitted, the session key from the ticket (KC,V) is used.
Sequence number: An optional field that specifies the starting sequence number
to be used by the server for messages sent to the client during this session.
Messages may be sequence numbered to detect replays.
a)PKI
b)IETF
The Internet Engineering Task Force
(IETF) Public Key Infrastructure X.509 (PKIX) working group has been the driving
force behind setting up a formal (and generic) model based on X.509 that is
suitable for deploying a certificate-based architecture on the Internet.
These organizations develop Internet standards and related specifications,
all of which are published as Requests for Comments (RFCs).
14. Discuss the authentication procedures in detail
Authentication Procedures
X.509 includes three alternative authentication procedures:
One-Way Authentication
Two-Way Authentication
Three-Way Authentication
all use public-key signatures
One-Way Authentication
1 message ( A->B) used to establish
o the identity of A and that message is from A
o message was intended for B
o integrity & originality of message
message must include timestamp, nonce, B's identity and is signed by A
may include additional info for B
o eg session key
Two-Way Authentication
2 messages (A->B, B->A) which also establishes in addition:
o the identity of B and that reply is from B
o that reply is intended for A
o integrity & originality of reply
reply includes original nonce from A, also timestamp and nonce from B
may include additional info for A
Three-Way Authentication
3 messages (A->B, B->A, A->B) which enables above authentication without synchronized clocks
has reply from A back to B containing signed copy of nonce from B
means that timestamps need not be checked or relied upon
• There are a number of popular symmetric encryption cryptosystems. One of the most
widely known is the Data Encryption Standard (DES), which was developed by IBM and
is based on the company’s Lucifer algorithm, which uses a key length of 128 bits. As
implemented, DES uses a 64-bit block size and a 56-bit key.
• In 1998, a group called the Electronic Frontier Foundation (www.eff.org), using a
specially designed computer, broke a DES key in less than three days (just over 56 hours,
to be precise). Since then, it has been theorized that a dedicated attack supported by the
proper hardware (not necessarily a specialized computer) can break a DES key in less
than four hours.
• Triple DES (3DES) was created to provide a level of security far beyond that of DES.
3DES was an advanced application of DES, and while it did deliver on its promise of
encryption strength beyond DES, it too soon proved too weak to survive indefinitely—
especially ascomputing power continued to double every 18 months. Within just a few
years, 3DES needed to be replaced.
• The successor to 3DES is the Advanced Encryption Standard (AES). AES has been
developed to replace both DES and 3DES. While 3DES remains an approved algorithm
for some uses, its expected useful
• life is limited
• AES implements a block cipher called the Rijndael Block Cipher with a variable block
length and a key length of 128, 192, or 256 bits. Experts estimate that the special
computer used by the Electronic Frontier Foundation to crack DES within a couple of
days would requireapproximately 4,698,864 quintillion years
(4,698,864,000,000,000,000,000) to crack AES.
• Asymmetric Encryption
• While symmetric encryption systems use a single key to both encrypt and decrypt a
message, asymmetric encryption uses two different but related keys, and either key can
be used to encrypt or decrypt the message. If, however, key A is used to encrypt the
message, only key B can decrypt it, and if key B is used to encrypt a message, only key A
can decrypt it.
• Asymmetric encryption can be used to provide elegant solutions to problems of secrecy
and verification.
• This technique has its highest value when one key is used as a private key, which means
that it is kept secret (much like the key in symmetric encryption), known only to the
owner of the key pair, and the other key serves as a public key, which means that it is
stored in a public location where anyone can use it. This is why the more common name
for asymmetric encryption is public-key encryption.
• Asymmetric algorithms are one-way functions. A one-way function is simple to compute
in one direction, but complex to compute in the opposite direction. This is the foundation
of public-key encryption. Public-key encryption is based on a hash value, which, as you
learned earlier in this chapter, is calculated from an input number using a hashing
algorithm.
• One of the most popular public key cryptosystems is RSA, whose name is derived from
• Rivest-Shamir-Adleman, the algorithm’s developers. The RSA algorithm was the first
public key encryption algorithm developed (in 1977) and published for commercial use.
• The problem with asymmetric encryption, as shown earlier in the example in Figure 8-6,
is that holding a single conversation between two parties requires four keys. Moreover, if
four organizations want to exchange communications, each party must manage its private
key and four public keys. In such scenarios, determining which public key is needed to
encrypt a particular message can become a rather confusing problem, and with more
organizations in the loop, the problem expands. This is why asymmetric encryption is
sometimes regarded by experts as inefficient. Compared to symmetric encryption,
asymmetric encryption is also not as efficient in terms of CPU computations.
17 14 20 19 4 17 14 20
R O U T E
+ (mod 26)
S E C U R I T Y
18 4 2 20 17 8 19 24
=
Cipher Text:
J S W N V Z H S
Digital Certificates:
Digital Certificates
As you learned earlier in this chapter, a digital certificate is an electronic document or container
file that contains a key value and identifying information about the entity that controls the key.
The certificate is often issued and certified by a third party, usually a certificate authority. A
digital signature attached to the certificate’s container file certifies the file’s origin and integrity.
This verification process often occurs when you download or update software via the Internet.
Unlike digital signatures, which help authenticate the origin of a message, digital certificates
authenticate the cryptographic key that is embedded in the certificate. When used properly these
certificates enable diligent users to verify the authenticity of any organization’s certificates. This
is much like what happens when the Federal Deposit Insurance Corporation issues its FDIC logo
to banks to assure customers that their bank is authentic.