UNIT – I

Network Security Introduction

Learning Outcomes
 To make the students

 understand about the concept of information security and

its importance in today’s world

 learn about classical Encryption standard

 understand the working of rotor machines

 learn about Stegnography and various methods in

Stegnography
Syllabus
 Introduction
 Security attacks
 Security services
 Security mechanisms
 A Model for Network Security
 Classical Encryption Techniques – Symmetric Cipher Model
 Substitution Techniques
 Transposition Techniques
 Rotor Machines
 Steganography
Introduction
Introduction
 Computer Security - generic name for the collection of
tools designed to protect data and to thwart hackers
 Network Security - measures to protect data during their
transmission
 Internet Security - measures to protect data during their
transmission over a collection of interconnected
networks
Services, Mechanisms, Attacks
 Need systematic way to define requirements
 Consider three aspects of information security:
 Security attack
 Security mechanism
 Security service
Security Attacks
Security Attack
 Any action that compromises the security of information
owned by an organization
 Information security is about how to prevent attacks, or
failing that, to detect attacks on information-based
systems
 Have a wide range of attacks
 Can focus of generic types of attacks
 Note: often threat & attack mean same
Classification of Security Attacks
 Passive attacks - eavesdropping on, or monitoring
of, transmissions to:
 obtain message contents, or
 monitor traffic flows
 Active attacks – modification of data stream to:
 masquerade of one entity as some other
 replay previous messages
 modify messages in transit
 denial of service
Passive and Active Attacks
Passive Attacks

Obtain message contents

Monitor Traffic flows

Active Attacks

Masquerade Replay

Modification Denial of Service

Security Mechanisms
Security Mechanism
 A mechanism that is designed to detect, prevent, or
recover from a security attack
 No single mechanism that will support all functions
required
 However one particular element underlies many of the
security mechanisms in use: cryptographic techniques
 Hence our focus on this area
Security Mechanisms (X.800)
 Specific security mechanisms
 Encipherment
 digital signatures
 access controls
 data integrity
 authentication exchange
 traffic padding
 routing control
 notarization
 Pervasive security mechanisms
 Trusted functionality
 security labels
 event detection
 security audit trails
 security recovery
Security Mechanisms
Security Services
Security Service
 It is something that enhances the security of the data
processing systems and the information transfers of an
organization
 Intended to counter security attacks
 Make use of one or more security mechanisms to provide the
service
 Replicate functions normally associated with physical
documents
 Eg. have signatures, dates; need protection from disclosure, tampering,
or destruction; be notarized or witnessed; be recorded or licensed
Security Services
 X.800 defines it as: a service provided by a protocol layer
of communicating open systems, which ensures adequate
security of the systems or of data transfers
 RFC 2828 defines it as: a processing or communication
service provided by a system to give a specific kind of
protection to system resources
 X.800 defines it in 5 major categories
Security Services (X.800)
 Authentication - assurance that the communicating entity
is the one claimed
 Access Control - prevention of the unauthorized use of a
resource
 Data Confidentiality –protection of data from
unauthorized disclosure
 Data Integrity - assurance that data received is as sent by
an authorized entity
 Non-Repudiation - protection against denial by one of the
parties in a communication
Model for Network Security
Model for Network Security
Model for Network Security
 This model can:
 Design a suitable algorithm for the security transformation
 Generate the secret information (keys) used by the algorithm
 Develop methods to distribute and share the secret
information
 Specify a protocol enabling the principals to use the
transformation and secret information for a security service
Model for Network Access Security
Model for Network Access Security
 Using this model requires us to:
 select appropriate gatekeeper functions to identify users
 implement security controls to ensure only authorised users
access designated information or resources
 Trusted computer systems can be used to implement this
model
Classical Encryption Techniques –
Symmetric Cipher Model
Classical encryption techniques

Goals:
 To introduce basic concepts & terminology of encryption
 To prepare students for studying modern cryptography
Basic terminology
 Plaintext: original message to be encrypted
 Ciphertext: the encrypted message
 Enciphering or encryption: the process of converting
plaintext into ciphertext
 Encryption algorithm: performs encryption
 Two inputs: a plaintext and a secret key
Symmetric Cipher Model
 Symmetric Cipher Model

 Deciphering or decryption: recovering plaintext from

ciphertext
 Decryption algorithm: performs decryption
 Two inputs: ciphertext and secret key
 Secret key: same key used for encryption and
decryption
 Also referred to as a symmetric key
 Symmetric Cipher Model

 Cipher or cryptographic system : a scheme for

encryption and decryption
 Cryptography: science of studying ciphers
 Cryptanalysis: science of studying attacks against
cryptographic systems
 Cryptology: cryptography + cryptanalysis
Ciphers
 Symmetric cipher: same key used for encryption and
decryption
 Block cipher: encrypts a block of plaintext at a time
(typically 64 or 128 bits)
 Stream cipher: encrypts data one bit or one byte at a
time
 Asymmetric cipher: different keys used for encryption
and decryption
Symmetric Encryption
 Also named as conventional / secret-key / single-key
 Sender and recipient share a common key
 All classical encryption algorithms are symmetric
 The only type of ciphers prior to the invention of
asymmetric-key ciphers in 1970’s
 By far most widely used
Symmetric Encryption
 Mathematically:
Y = EK(X) or Y = E(K, X)
X = DK(Y) or X = D(K, Y)
 X = plaintext
 Y = ciphertext
 K = secret key
 E = encryption algorithm
 D = decryption algorithm
 Both E and D are known to public
Videos
 Symmetric Encryption
Cryptanalysis
 Objective: to recover the plaintext of a ciphertext or,
more typically, to recover the secret key.
 Two general approaches:
 brute-force attack
 non-brute-force attack (cryptanalytic attack)
 Brute-Force Attack
 Try every key to decipher the ciphertext.
 On average, need to try half of all possible keys
 Time needed proportional to size of key space
Key Size (bits) Number of Alternative Time required at 1 Time required at 106
Keys decryption/µs decryptions/µs
32 232 = 4.3  109 231 µs = 35.8 minutes 2.15 milliseconds

56 256 = 7.2  1016 255 µs = 1142 years 10.01 hours

128 2128 = 3.4  1038 2127 µs = 5.4  1024 years 5.4  1018 years

168 2168 = 3.7  1050 2167 µs = 5.9  1036 years 5.9  1030 years

26 characters 26! = 4  1026 2  1026 µs = 6.4  1012 years 6.4  106 years
(permutation)
Cryptanalytic Attacks

 May be classified by how much information needed

by the attacker:
 Ciphertext-only attack
 Known-plaintext attack
 Chosen-plaintext attack
 Chosen-ciphertext attack
Classical Ciphers
 Plaintext is viewed as a sequence of elements (e.g., bits or
characters)
 Substitution cipher: replacing each element of the
plaintext with another element.
 Transposition (or permutation) cipher: rearranging the
order of the elements of the plaintext.
 Product cipher: using multiple stages of substitutions and
transpositions
Substitution Techniques
Caesar Cipher
 Earliest known substitution cipher
 Invented by Julius Caesar
 Each letter is replaced by the letter three positions
further down the alphabet.
• Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A
BC
 Example: ohio state  RKLR VWDWH
Contd...

 Mathematically, map letters to numbers:

a, b, c, ..., x, y, z
0, 1, 2, ..., 23, 24, 25
 Then the general Caesar cipher is:
c = EK(p) = (p + k) mod 26
p = DK(c) = (c – k) mod 26
 Can be generalized with any alphabet.
Cryptanalysis of Caesar Cipher

 Key space: {0, 1, ..., 25}

 Vulnerable to brute-force attacks.
 E.g., break ciphertext "UNOU YZGZK“
 Monoalphabetic Substitution
Cipher

 Shuffle the letters and map each plaintext letter to a

different random ciphertext letter:

Plain letters: abcdefghijklmnopqrstuvwxyz

Cipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
 Monoalphabetic Cipher
Security

 Now we have a total of 26! = 4 x 1026 keys.

 With so many keys, it is secure against brute-force
attacks.
 But not secure against some cryptanalytic attacks.
Language Statistics and
Cryptanalysis
 Letters are not equally frequently used.
 In English, E is by far the most common letter,
followed by T, R, N, I, O, A, S.
 Other letters like Z, J, K, Q, X are fairly rare.
 There are tables of single, double & triple letter
frequencies for various languages
English Letter Frequencies
Statistics for double & triple
letters

 In decreasing order of frequency

 Double letters:
th he an in er re es on, …
 Triple letters:
the and ent ion tio for nde, …
Example Cryptanalysis
 Given ciphertext:
 UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
 VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
 EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
 Count relative letter frequencies (see next page)
 Guess {P, Z} = {e, t}
 Of double letters, ZW has highest frequency, so guess ZW = th and
hence ZWP = the
 Proceeding with trial and error finally get:
 it was disclosed yesterday that several informal but
 direct contacts have been made with political
 representatives of the viet cong in moscow
Letter frequencies in ciphertext

P 13.33 H 5.83 F 3.33 B 1.67 C 0.00

Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00
M 6.67
Types of attacks
 Ciphertext-only attack
 Known-plaintext attack
 Chosen-plaintext attack
 Chosen-ciphertext attack
Playfair Cipher
 Not even the large number of keys in a
monoalphabetic cipher provides security.
 One approach to improving security is to encrypt
multiple letters at a time.
 The Playfair Cipher is the best known such cipher.
 Invented by Charles Wheatstone in 1854, but named
after his friend Baron Playfair.
 Playfair Key Matrix

 Use a 5 x 5 matrix.
 Fill in letters of the key (w/o duplicates).
 Fill the rest of matrix with other letters.
 E.g., key = MONARCHY.

M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
 Encrypting and Decrypting

Plaintext is encrypted two letters at a time.

1. If a pair is a repeated letter, insert filler like 'X’.
2. If both letters fall in the same row, replace each
with the letter to its right (circularly).
3. If both letters fall in the same column, replace
each with the the letter below it (circularly).
4. Otherwise, each letter is replaced by the letter in
the same row but in the column of the other letter
of the pair.
Videos

 Play Fair Cipher

Security of Playfair Cipher
 Equivalent to a monoalphabetic cipher with an
alphabet of 26 x 26 = 676 characters.
 Security is much improved over the simple
monoalphabetic cipher.
 Once thought to be unbreakable.
 Actually, it can be broken, because it still leaves some
structure of plaintext intact.
Polyalphabetic Substitution Ciphers

 A sequence of monoalphabetic ciphers (M1, M2, M3, ...,

Mk) is used in turn to encrypt letters.
 A key determines which sequence of ciphers to use.
 Each plaintext letter has multiple corresponding
ciphertext letters.
Vigenère Cipher
 Simplest polyalphabetic substitution cipher
 Consider the set of all Caesar ciphers:
{ Ca, Cb, Cc, ..., Cz }
 Key: e.g. security
 Encrypt each letter using Cs, Ce, Cc, Cu,Cr, Ci, Ct, Cy
in turn.
 Repeat from start after Cy.
 Decryption simply works in reverse.
Example of Vigenère Cipher
 Keyword: deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Videos

 Vigener Cipher
 Security of Vigenère Ciphers
 There are multiple ciphertext letters corresponding to
each plaintext letter.
 So, letter frequencies are obscured but not totally lost.
 To break Vigenere cipher:
1. Try to guess the key length. How?
2. If key length is N, the cipher consists of N Caesar
ciphers. Plaintext letters at positions k, N+k, 2N+k,
3N+k, etc., are encoded by the same cipher.
3. Attack each individual cipher as before.
 Key Length
 Plaintext words separated by multiples of the key
length are encoded in the same way.
 In our example, if plaintext = “…thexxxxxxthe…”
then “the” will be encrypted to the same ciphertext
words.
 check the ciphertext for repeated patterns.
 E.g. repeated “VTW” in the previous example
suggests a key length of 3 or 9:
 ciphertext:
ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Transposition Techniques
Transposition Ciphers
 Also called permutation ciphers.
 Shuffle the plaintext, without altering the actual letters used.
 Example:
 Row Transposition Ciphers
 Rail Fence Cipher
Row Transposition Ciphers

 Plaintext is written row by row in a rectangle.

 Ciphertext: write out the columns in an order

specified by a key.
a t t a c k p
Key: 3 4 2 1 5 6 7
o s t p o n e
Plaintext: d u n t i l t
wo a mx y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Videos
 Transposition Ciphers
 Product Ciphers
 Uses a sequence of substitutions and transpositions
 Harder to break than just substitutions or
transpositions
 This is a bridge from classical to modern ciphers.
Rotor Machines
 Rotor Machines
 Before modern ciphers, rotor machines were most
common complex ciphers in use.
 Used a series of rotating cylinders.
 Implemented a polyalphabetic substitution cipher of
period K.
 With 3 cylinders, K = 263 =17,576.
 With 5 cylinders, K = 265 =12 x 106.
Steganography
 Steganography
 Hide a message in another message.
 E.g., hide your plaintext in a graphic image
 Advantage: hiding existence of messages
 Drawback: high overhead
Techniques in Stegnography

 Character Marking
 Invisible Ink
 Type Writer Correction Ribbon
 Pin Punctures