UNIT – 6 PRIVACY AND SECURITY. Software Complexity.

UNIT – 6UNIT – 6PRIVACY AND SECURITYPRIVACY AND SECURITY

Software ComplexitySoftware Complexity

Contributing FactorsContributing FactorsDue to the inherent complexity of large

software systems, such as those used for the internet, it is difficult to make them completely secure & error-free. By their very nature, they could have a no. of susceptible points.

Program Size : A browser may consists of as many as 75000 lines of source code. The latest browser may contain even more features, resulting in even larger programs. The executable file for a browser is usually on the order of 5 to 7 megabytes. It is very difficult to eliminate all errors in such an immense program.

Continued..Continued..Software Interfaces : The need for

browsers to interface with other software creates an even larger code base & more potential problems areas.

Market Forces : Products must often be hurried to market in order to maintain a competitive edge. It is often challenging to test all parts of them thoroughly before release. One reason why new versions of large software systems come out so frequently is that bugs are addressed in newer releases.

Encryption SchemesEncryption Schemes

Basic ConeptsBasic ConeptsAn encryption scheme is a

method of encoding information.By using encryption scheme, a

plain text can be converted into an encrypted version of same message.

The encrypted version is called ciphertext and the encryption scheme is called cipher.

Concepts of Plaintext, Concepts of Plaintext, Cipher, and CiphertextCipher, and Ciphertext

Plaintext Cipher Ciphertext

lBuy 1,000 shares of IGCO now.

------------------------------------------------

Zabxyabc egtum pa wclfp

Continued..Continued..We can not make sense of

ciphertext without knowing the cipher and the encryption key.

The goal of encryption schemes in most cases is to develop a scheme that allows information to be exchanged securely between two parties.

Illustration of an Encrypted Illustration of an Encrypted Message Sent from Sender Message Sent from Sender to Receiverto Receiver Plaintext

private key spy intercepts

ciphertext

cipher text arrives

Private key

My bank account no. is 47

Processed by cipher

Paqmcx rtuw foolrg mu

Paqmcx rtuw foolrg mu

Decrypt

My bank account no. is 47

What does

paqqmcx rtuw foolrg

mu mean?

n/w

A

B

Send ciphertext

Plaintext

Continued..Continued.. In the above diagram sender A encrypts the

plaintext message of “My bank account no. is 47”To a cipher text of “paqmcx rtuw foolrg mu” Sender A sends the ciphertext over the network to

B. While the message is being transmitted, a spy or

hacker intercepts(obtains a copy of the message) it; the message is still transmitted to receiver B.

If the cipher sender A is using is secure, spy will have a difficult time understanding the message.

When B receives the message, he decrypts it, using the scheme he and party A had previously agreed to.

Party B then determines the plaintext of the ciphertext.

Private Key CryptographyPrivate Key Cryptography In private key cryptography, both the

sender & the receiver share the same private key.

Both the key & the encryption scheme is used to encrypt the plaintext & also to decrypt the ciphertext.

The key must be kept private(secure) to ensure the system security.

If a spy obtains the key, they too will likely be able to decrypt encoded message.

Private key cryptography provides confidentiality.

Continued..Continued..A simple example of private key cryptography:Suppose party A wants to send a message: “meet me at the roadhouse at the noon urgent” to party B.The Cipher that is used is: a)Write down the characters of plaintext in rows.b)Each row will contain the no. of characters

equals to the private key’s value.c) Here lets say the private key is 5.d)So each row will contain 5 characters.e)The ciphertext is then constructed by listing

the characters in order in which they appear in the columns.

Continued..Continued.. By applying the cipher to the plaintext we

obtains the following row-format of the message:

meetmeattheroadhouseatnoonurgent Now by listing the characters column wise

we can obtain the following ciphertext:“meehannearotutetounrttasogmhdeoe”

Continued..Continued.. When party B receives the ciphertext, it decrypts it

using the private key, 5. First, party B counts the no. of characters in the

ciphertext, which in this case is 32. Since there are 5 characters per row, based on the

agreed-upon cipher and key. Party B realizes that the message is 7 rows long– six

full rows and one row containing 2 characters. Party B writes down the message column wise. And then read the text row-by-row, and obtains the

following text: “meetm eatth eroad house atnoo nurge nt” Reading from left to right, party B is able to

determine the original message. If a spy knew the cipher and the private key, he or

she could also decrypt the intercepted message.

Public Key CryptographyPublic Key Cryptographyo Public key cryptography is used to address one

of the major security issue that is ‘problem of authentication’.

o When party B receives a message, how can it be sure that party A sent it? That is, how can it be sure that the message is authentic.

o In public key cryptographic systems, every person that intends to send a message has a private key.

o In addition every person has a public key that matches up with their private key.

o The private is used to encrypt messages, and those messages can only be decrypted using the matching public key.

o As the name implies, public keys are not kept secret.

Continued..Continued.. Suppose party A sends B a message that it

has encrypted using its private key. When B receives the ciphertext, it tries to

decrypt it using A’s public key, which is available to everyone.

If B is able to decrypt the message, it knows that it must have come from A.

Because A’s public key can only decrypt messages encrypted by her private key, and only A knows her private key.

Notice that if A’s message has been intercepted, anyone could have decrypt it by using her public key.

Privacy is not provided by public key cryptography, only authentication.

Hashing AlgorithmsHashing AlgorithmsHashing algorithms are used to verify

message integrity.Suppose A sent B a message & it was

intercepted. The person that intercepted the message might be able to alter its contents before passing it along.

A way to verify that the message received is the same as the message sent involves the use of hashing algorithms.

A hashing algorithm takes a plaintext message as input and then computes a value based on that message.

The length of the computed value is usually much shorter than the length of the original message.

Continued..Continued..• For example, we will define a very simple hashing

algorithm.• Our hashing algorithm will multiply the no. of a’s, e’s,

and h’s in the message and will then add the no. of o,s to this value.

• Suppose the message is— “the combination to the safe is two, seven + thirty-

five” The hash or message digest of this message, using our

simple hashing algorithm, is as follows: (2*6*3)+4 = 40 The message digest or hash of the plain text is sent to

B along with the ciphertext. After B decrypts the message, he computes its hash

using the agreed upon hashing algorithm. If the hash value sent by A does not match with the

hash value of decrypted message, B will know that the message has been altered.

Secure Web DocumentsSecure Web Documents If you notice a broken skeleton key or an

unlocked padlock displayed in the lower-left corner of the browser window, you are looking at icons that indicate that this document is not secure.

Most documents on the web are not secure. When the skeleton key is whole or the padlock is

locked, you are looking at a secure document. Secure documents require a secure server, which

is a server that uses encryption schemes. The URL for a secure document usually begins

with https, rather than http, where the s means secure.

When a client requests a secure document, the server must first determine if they have the permission required to retrieve the document.

Continued..Continued.. The authentication process may require the

use to submit a password. The server and the client must agree on an

encryption scheme, so that all the messages(including passwords) can be transmitted securely.

A high level of security can thus be achieved on the web, using the encryption schemes currently available.

As an example, if you are using a server that is not secure, and you enter a credit card no., it is possible that it could be intercepted.

If the credit card no. were not encrypted & the no. were intercepted, someone can steal & use the no.

Digital SignatureDigital Signature In today’s electronic world, many confidential

&important messages are sent via computer. A digital signature is a mechanism that can be

used to sign an electronic document officially. Because digital signatures are difficult to forge,

documents that contains these signatures can be considered authentic.

The details concerning how implemented are complex. They usually involve a combination of the encryption schemes.

Digital signatures provide a way of verifying both the sender of the information and the content of the message, ensuring that it has not been modified.

So, a digital signature is like an official seal on both a document & the envelope that protects the document from being altered.

Example of Digital SignatureExample of Digital Signature

Buy gold

Plaintext

Hashing algorithm 12

Public key encryption scheme

wr

HashCiphertext of hash

Private key encryption scheme

Ciphertext

axzmqtu

Message sent over network

wr/axzmqtu

Private key1

Public key

Matched pair

Private key 2

Bob

Alice

Continued..Continued.. Suppose Alice wants to send Bob a confidential

message, “Buy gold”. And Bob needs to know for sure that Alice sent the

message and that it arrived unaltered. A combination of three cryptographic schemes we

have discussed can be used. Alice computes the hash of her plaintext message,

using a hashing algorithm she & Bob have chosen. In this example, Alice obtains a value of 12. She then uses her private key(key1) to her

matching public key and an agreed upon public key cryptographic scheme to encrypt the hash of the plaintext, getting “wr”.

Alice then uses a different private key(key2) and an agreed upon private key cryptography scheme to encrypt the plain text. In this case she obtains “axzmqtu”.

Continued..Continued.. She sends Bob the following two items:• The private key encrypted ciphertext of

plaintext(“axzmqtu”).• The public key encrypted hash of the plaintext(“wr”). when Bob receives the message, he essentially needs

to reverse the steps that Alice took. He first splits the message into “axzmqtu” & “wr”. Bob processes “axzmqtu” using the private key(key2)

that he & Alice chose, & he comes up with the original plaintext ”Buy gold”.

Next he uses the hashing algorithm on “Buy gold” and obtains a value of 12.

Bob then uses Alice’s public key to decrypt the ciphertext of the hash “wr”.

He again obtains a value of 12. Since the two hash values match (12 = 12), Bob can be

sure that Alice sent the message & that it arrived intact.

FirewallsFirewalls

A firewall is a security mechanism used by organizations to protect their LAN’s from the internet.

A firewall keeps private resources confidential and minimizes security risks.

The idea is simply to restrict LAN access to trusted users.

A firewall controls network traffic, in both directions.

Continued..Continued..Following figure shows a sample firewall between a

LAN & the internet:

LAN

Request permitted

Trusted users

Restricted Area

Internet

Unrestricted Area

Request denied

spy

Connection to internet

Firewall serves as a filter

Continued..Continued..The users shown in the “restricted area” are

trusted users.Whereas the users in the “unrestricted area” are

people who are not to be allowed into the LAN.The amount of filtering a firewall provides

varies.For example, in one scenario, users in the

restricted area may be able to send e-mail to anyone on the the internet, surf the Web, use remote login, and transfer files.

While users in the unrestricted area may not be allowed to do anything except send e-mail to people inside the firewall.

In another situation, using the same firewall, only e-mail might be permitted in either direction.