Network Security (Course Details) By ASIM SHAHZAD Assistant Professor University Of Engineering And Technology Taxila.

Network Security

(Course Details)

By

ASIM SHAHZAD

Assistant Professor

University Of Engineering And Technology Taxila

Name Asim Shahzad MS Telecom Engineering (ICT) MS Computer Engineering (UET Taxila) Currently started PhD in area of Solitons

propagation in Fiber Optics Communication from UET Taxila

Emailasimshahzaduettaxilaedupk

Contact no 0300 9755694

Theme of Course

1 Module 1 (Cryptography) Introduction to Security terms and Algorithms Overview of Symmetric and Asymmetric Cryptographic Algorithms

2 Module 2 (Security Architectures and Models) Security in Network Multilayer Security

3 Module 3 (Operations Security) TCSEC (Trusted Computer Security Evaluation Criteria) The Orange Book Vulnerabilities of Networked Applications Worms viruses malicious codes arriving from networks attack on infrastructure

4 Module 4 (Defense Technologies) Protection of information in transit Application and Transport Layer security

Protocols Protection of Networked Applications Firewalls and IPS

5 Module 5 (Application and System Development) Kerberos IPSec SSLTLS (Case Studies)

6 Module 6 (Security Management) Security Planning Physical Security Disaster Recovery Law Investigation Ethics Ethical Hacking

Marks Breakdown

Total Marks 150

External marks 25 Final 100 Internal Sessional Work 25

Passing Marks 75

Two parts of your course How to secure data (data security) How to secure your networks (network security) we start from data security talk

about its various aspects major concern will be ciphers designing

Desirable Security Properties

Authenticity Confidentiality Integrity Availability Accountability and non-repudiation Freshness Access control Privacy of collected information

Cryptology

1048708 Some Terminologies 1048708 Plain text The original message 1048708 Cipher Text The coded message 1048708 Cipher algorithm for transforming plaintext

to cipher text 1048708 Key info used in cipher known only to

senderreceiver 1048708 Encipher (encrypt) converting plaintext to

cipher text 1048708 Decipher (decrypt) recovering cipher text

from plaintext

Contdhellip

Cryptography study of encryption principlesmethods

Cryptanalysis (code breaking) the study of principles methods of deciphering cipher text without knowing key

Cryptology the field of both cryptography and cryptanalysis

Contd

1048708 Unconditional security No matter how much computer power is

available the cipher cannot be broken since the cipher text provides insufficient information to uniquely determine the corresponding plaintext

Computational security Given limited computing resources (eg time

needed for calculations is greater than age of universe) the cipher cannot be broken

Conventional Encryption Principles

1048708 An encryption scheme has five ingredients

1048708 Plaintext 1048708 Encryption algorithm 1048708 Secret Key 1048708 Cipher text 1048708 Decryption algorithm 1048708 Security depends on the secrecy of the

key not the secrecy of the algorithm

Cryptology

Classified along three independent dimensions 1)Type of encryption operations used for transforming plaintext to cipher text substitution transposition product 2) Number of keys used symmetric - single-key or secret key encryption asymmetric - two-key or public key encryption

3)Way in which plaintext is processed1048708 Block1048708 stream

Cryptanalysis

Two general approaches to attack an encryption scheme

1) Cryptanalysis needs encryption algorithm plus some knowledge regarding the plaintext or some sample plain text cipher

text pair

2) Brute-Force attack1048708 attacker tries every possible key to decrypt1048708 needs to check so many keys

Types of Cryptanalysis

1048708 Ciphertext only1048708 attacker only knows the encryption algorithm amp

ciphertext 1048708 Known plaintext1048708 knows the encryption algorithm amp ciphertext1048708 additionally knows some sample plaintext-

ciphertext pairs 1048708 Chosen plaintextattacker selects plaintext and obtain ciphertext to

attack cipher 1048708 Chosen ciphertext1048708 select ciphertext and obtain plaintext to attack

cipher

Classical Ciphers

Where letters of plaintext are replaced by other letters or by numbers or symbols

Or if plaintext is viewed as a sequence of bits then substitution involves replacing plaintext bit patterns with cipher text bit patterns

Caesar Cipher

1048708 Earliest known substitution cipher 1048708 Devised by Julius Caeser 1048708 First attested use in military affairs 1048708 Replaces each letter by 3rd letter of alphabets 1048708 Example 1048708 Plaintext MEET ME AFTER THE TEA PARTY Cipher text PHHW PH DIWHU WKH WHD SDUWB

Contdhellip

1048708 We can generalize Caesar cipher as 1048708 C = E( p) = ( p + k) mod (26) 1048708 p = D(C) = (C ndash k) mod (26) 1048708 Where k is the offset eg 3 as in our example 1048708 p is the letter to be converted into

cipher text and C is cipher text

Cryptanalysis of Caeser Cipher 1048708 Only have 26 possible ciphers 1048708 A maps to ABZCould simply try each in turn ie usinga brute force search Given cipher text just try all shifts ofletters

CAUTION QUIZ AHEAD

You are free to leave the class room but if seated then please

be silent If eyes tried to tilt to fellows paper either for

correction or for soliciting info will cancel you quiz on immediate basis Exams also checks ability honesty zeal and struggle

towards problem solving attitude Initial thesis ldquoeveryone is honest unless he proves

himself otherwiserdquo Hope that initial conditions (thesis) will remain steady

state

QUIZ NO 01 1048708 Find the plain text and Key from

the given cipher text 1048708 Cipher Text 1048708 TUSBCMRK MW HMWLSRIWXC

Attacks Services and Attacks Services and MechanismsMechanisms

Security Attack Any action that compromises the security of information

Security Mechanism A mechanism that is designed to detect prevent or recover from a security attack

Security Service A service that enhances the security of data processing systems and information transfers A security service makes use of one or more security mechanisms

Security AttacksSecurity Attacks

CIPHERS

Now we will discuss various ciphers and their working

Cipher is an algorithm that provides encryption to your data

Transposition Ciphers

now consider classical transposition or permutation ciphers

these hide the message by rearranging the letter order

without altering the actual letters used can recognise these since have the

same frequency distribution as the original text

Rail Fence cipher

write message letters out diagonally over a number of rows

then read off cipher row by row eg write message out as

m e m a t r h t g p r y

e t e f e t e o a a t

giving ciphertextMEMATRHTGPRYETEFETEOAAT

Row Transposition Ciphers

a more complex scheme write letters of message out in rows

over a specified number of columns then reorder the columns according to

some key before reading off the rowsKey 3 4 2 1 5 6 7Plaintext a t t a c k p o s t p o n e d u n t i l t w o a m x y zCiphertext TTNAAPTMTSUOAODWCOIXKNLYPETZ

Product Ciphers

ciphers using substitutions or transpositions are not secure because of language characteristics

hence consider using several ciphers in succession to make harder but two substitutions make a more complex substitution two transpositions make more complex transposition but a substitution followed by a transposition makes

a new much harder cipher this is bridge from classical to modern ciphers

Rotor Machines

before modern ciphers rotor machines were most common product cipher

were widely used in WW2 German Enigma Allied Hagelin Japanese Purple

implemented a very complex varying substitution cipher

used a series of cylinders each giving one substitution which rotated and changed after each letter was encrypted

with 3 cylinders have 263=17576 alphabets

Steganography

an alternative to encryption hides existence of message

using only a subset of letterswords in a longer message marked in some way

using invisible ink hiding in LSB in graphic image or sound file

has drawbacks high overhead to hide relatively few info

bits

Summary

have considered classical cipher techniques and

terminology monoalphabetic substitution ciphers cryptanalysis using letter frequencies Playfair ciphers polyalphabetic ciphers transposition ciphers product ciphers and rotor machines stenography