chapter-1: conventional encryption information security...

Information Security Chapter-1 Conventional Encryption

Chapter-1: Conventional Encryption

Information security

There are three aspects of information security

Security service

Security mechanism

Security attack

Security service:

The security service is something that enhances the security of data processing

systems and information transfers of an organization.

It is used to counter security attacks and it uses many security mechanisms to do so.

The security standards defined by ITU (International Telecommunication Union

Telecommunication Standardization sector recommendation) X.800 are:

1. Authentication:

Authentication refers to the authenticity of the contents of the messages being

exchanged as well as that of the communicating entities.

2. Access control:

Access control is the ability to limit and control the access to host systems and

applications via communication links. To achieve this control, each entity trying

to gain access must first be identified, or authenticated, so that access rights can

be provided to the individual.

3. Data confidentiality:

The contents of the message being transferred across the insecure medium

should be readable to only those whom it is intended for and to no other entity.

Connection confidentiality: The protection of all user data on a connection.

Connectionless confidentiality: all user data in a single data block.

Selective field confidentiality: the user data on a connection or in a single data

block.

Traffic flow confidentiality: The protection of the information that might be

derived from observation of traffic flows.

4. Data integrity:

Integrity can apply to a stream of messages a single message or selected fields

within a message.

The contents of the message should not get modified during transit and even if

the message is modified, it should be detected at the receiving end.

Modification causes loss of message integrity.

Connection integrity with recovery, Connection integrity without recovery,

Selective field connection integrity, Connectionless integrity, Selective field

connectionless integrity.

5. Non repudiation:

Repudiation disputes arise when one entity denies sending or receiving any

message. The security mechanism should provide means to resolve such disputes.

Prof H.M.Patel


Security mechanism:

A security mechanism is a mechanism designed to detect, prevent and recover from

a security attack.

No single mechanism supports all the functions required to provide complete

security and therefore many mechanisms work together.

Security attack:

A security attack is any action which compromises the security of information

of an organization.

It is an assault on the system derived from a threat.

Following figures shows different types of security attacks:

Security threat:

A threat is potential for violation of security which exists when there is a

circumstance, capability, action or event that could breach security.

In simple words a threat is the vulnerability of the system which may be exploited by

an attacker.

Two types of security attacks:

Passive attacks

Active attacks

Passive attacks:

In a passive attack the attack monitors the transmissions to obtain message content or

monitors traffic flows, but does not modify the message.

Prof H.M.Patel


Active attacks:

In an active attack the attacker acquires the message and modifies the contents of the

message to obtain unauthorized effects.

Types of active attacks-

Modification of messages in transit:

In such type of a part of the message is altered or the message is delayed to produce an

unauthorized effect.

Masquerade:

In masquerade one entity pretends to be another entity to produce an unauthorized

effect.

For example: Authentication sequences can be captured and replayed after a valid

authentication sequence has taken place, thus enabling an authorized entity with few

privileges to obtain extra privileges by impersonating an entity that has those

privileges.

Interruption attacks are called as masquerade attacks.

Replay:

In replay attack a message sequence is captured and then retransmitted to produce an

unauthorized effect.

Denial of service:

Denial of service attack prevents or inhibits the normal use and management of

communication facilities.

Q-2: Explain Conventional Encryption Model.

A symmetric encryption model has five ingredients.

1. Plaintext

2. Encryption algorithm

3. Secret Key

4. Ciphertext

5. Decryption algorithm

Fig shows the conventional encryption model.

Prof H.M.Patel


Plaintext : It is the original message or data that is fed into the algorithm as input.

Encryption algorithm : It performs various substitutions and transformations on the

plaintext.

Secret Key : It is a value independent of the plaintext and of the algorithm.

The exact substitutions and transformations performed by the algorithm depend on

the key.

Ciphertext : It is the scrambled message produced as output. It depends on the

plaintext and the secret key.

Decryption algorithm : It takes the ciphertext and the secret key and produces the

original plaintext.

Encryption process: An algorithm - produce a different output depending on the

specific key being used at the time.

A key - a value independent of plaintext, shared by sender and recipient.

The ciphertext can be transformed back to the original plaintext by using a

decryption algorithm and the same key that was used for encryption.

The security of conventional encryption depends on the secrecy of the key, not the

secrecy of the algorithm.

It is impractical to decrypt a message based on the ciphertext plus knowledge of the

encryption/decryption algorithm.

The principal security problem is maintaining the secrecy of the key.

Observing Y, but not having access to K and X, may attempt to recover X or K, or

both X and K.

Assumed that the opponent knows E and D

If only the message is interested, then an estimated plaintext Xˆ is generated. If

future messages are interested, then an estimated key Kˆ is generated.

Cryptography - the art of secret writing.

In symmetric cipher encryption or secret key encryption the sender and the receiver

share a secret key between them and all the messages are encrypted and decrypted using

the same secret key.

Prof H.M.Patel


A secret key is generated by the sender which is delivered to the receiver securely.

The plain text is encrypted using this secret key to generate the cipher text as:

C = EK (P)

Where E is the encryption algorithm.

The receiver decrypts the cipher text using the same key to obtain the plain text as:

P = DK (C)

Where D is the decryption algorithm.

Characteristics of Cryptography:

Classifications of cryptographic systems

1) Classification based on type of operations used for transforming plain text into cipher

text:

Substitution cipher:

In substitution cipher each element in the plain text is mapped into (replaced

by) another element to generate the cipher text.

Transposition cipher:

In transposition cipher the elements of the plain text are rearranged to generate

the cipher text.

Product systems:

Product systems involve multiple stages of substitution and transposition.

2) Classification based on number of keys used:

Symmetric, single key, secret key or conventional encryption:

In this encryption method both the sender and the receiver use the same single

key. The key is used for both encryption and decryption purposes.

Asymmetric, two key or public key encryption:

In public key encryption the sender and the receiver use different keys.

3) Classification on the basis of manner in which plain text is processed:

Block cipher:

A block cipher processes the input one block at a time producing an output

block for each input block.

Stream cipher:

Stream cipher processes the input elements continuously producing an output

one element at a time as it goes along.

Cryptanalysis: The process of trying to break any cipher text message to obtain the

original plaintext message itself is called as cryptanalysis.

Cryptanalyst: Cryptanalysis is the breaking of codes. The person attempting a

cryptanalysis is called as a cryptanalyst.

Brute force attack: The attacker tries every possible key on a piece of cipher text

until an intelligible translation into plaintext is obtained.

Prof H.M.Patel


The various type of cryptanalytic attacks based on the amount of information known

to the cryptanalyst.

Table summarizes the various types of Attacks on Encrypted Messages.

Q-3: Explain Substitution Techniques.

Substitution: one letter is exchanged for another.

Substitution cipher:

In substitution cipher each element in the plain text is mapped into (replaced by)

another element to generate the cipher text.

A substitution technique is one in which the letters of plaintext are replaced by other

letters or by numbers or symbols.

If the plaintext is viewed as a sequence of bits, then substitution involves replacing

plaintext bit patterns with ciphertext bit patterns.

Prof H.M.Patel


1. Caesar Cipher:

It was used by Julius Caesar.

The Caesar cipher involves replacing each letter of the alphabet with the letter

standing three places further down the alphabet

For example

Plain: meet me after the toga party

Cipher: PHHW PH DIWHU WKH WRJD SDUWB

Transformation is made using the following mapping:

Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z

Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Let us assign a numerical equivalent to each letter from 0 to 25.

Then the algorithm may be expressed as follows. For each plaintext letter p,

substitute the ciphertext letter C:

C = E (3, p)

= (p+3) mod 26

A shift may be of any amount, so that general Caesar algorithm is

C = E (k,p) = (p+k) mod 26,

where k takes on a value in the range 1 to 25.

The decryption algorithm is simply

p = D (k,C)

= (C-k) mod 26

If it is known that a given ciphertext is a Caesar cipher, then a brute-force

cryptanalysis is easily performed: simply try all possible 25 keys.

Three important characteristics of this problem enable us to use brute-force

cryptanalysis:

1. The encryption and decryption algorithms are known

2. There are only 25 keys to try

3. The language of the plaintext is known and easily recognizable

2. Monoalphabetic Cipher:

Monoalphabetic cipher substitutes one letter of the alphabet with another letter of

the alphabet.

However, rather than substituting according to a regular pattern, any letter can be

substituted for any other letter, as long as each letter has a unique substitute left and

vice versa.

For example:

Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z

Cipher: m n b v c x z a s d f g h j k l p o i u y t r e w q

Plaintext message : hello how are you

Ciphertext message : acggk akr moc wky

Monoalphabetic ciphers are easy to break because they reflect the frequency data of

the original alphabet.

Prof H.M.Patel


3. Homophonic Substitution Cipher:

It provides multiple substitutes for a single letter.

For example, A can be replaced by D, H, P, R;

B can be replaced by E, Q, S, T etc.

4. Playfair Cipher:

The Playfair algorithm is based on the use of a 5x5 matrix of letters constructed

using

a keyword.

In the case of keyword monarchy, matrix is as follows:

M O N A R

C H Y B D

E F G I/J KL P Q S TU V W X Z

The matrix is constructed by filling in the letters of the keyword (minus duplicates)

from left to right and from top to bottom, and then filling in the remainder of the

matrix with the remaining letters in alphabetic order.

The letters I and J count as one letter.

5. Hill Cipher:

It was developed by the mathematician Lester Hill in 1929.

The encryption algorithm takes m successive plaintext letters and substitutes for

them

m ciphertext letters.

The substitution is determined by m linear equations in which each character is

assigned a numerical value : ( a = 0, b = 1, c = 2, , z = 26 ) the system can be

described as follows:

abcdef ghi j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

For m=3, the system can be described as follows:

C1=(k11p1+k12p2+k13p3) mod 26

C2=(k21p1+k22p2+k23p3) mod 26

C3=(k31p1+k32p2+k33p3) mod 26

This can be expressed in terms of column vectors and

matrices:

C=KP mod 26,


where C and P are column vectors of length 3, representing the plaintext and

ciphertext, and K is 3x3 matrix, representing the encryption key.

Operations are performed mod 26.

For example, consider the plaintext "payformoney", and use the encryption key

K=

17 17 5

21 18 21

2 2 19

The first 3 letters of the plaintext are represented by the vector (15 0 24).

C = KP mod 26,

17 17 5 15 375 11

= 21 18 21 0 mod 26 = 819 mod 26 = 13

2 2 19 24 486 18

= LNS

Continuing in this fashion, the ciphertext for the entire plaintext is

LNSHDLEWMTRW.

Decryption requires using the inverse of the matrix K.

The general terms in Hill cipher is

Cipher C = E(K, P) = KP mod 26

Plaintext P = D(K, P) = K -1 C mod 26 = K-1 KP = P

Advantage:

It completely hides single-letter frequencies.

Hill cipher is strong against a ciphertext-only attack.

By using larger matrix, move frequency information hiding is possible.

Disdvantage:

Easily broken with a known plaintext attack.

6. Polyalphabetic Substitution:

In polyalphabetic substitution, each occurrence of a character can have a different

substitute.

The relationship between a character in the plaintext and a character in the ciphertext

is always one-to-many.

An example of polyalphabetic substitution is the Vigenere Cipher. 26

Caesar ciphers are used, with shifts of 0 through 25.

Each cipher is denoted by a key letter (from a to z).

For example : Let the message be THE BOY HAS THE BAG and the key be VIG.

Prof H.M.Patel


Key = VIG VIG VIG VIG VIG

Plaintext = THE BOY HAS THE BAG

Ciphertext = OPKWWECIYOPKWIM

The strength of this cipher is that there are multiple ciphertext letters for each plaintext

letter, one for each unique letter of the keyword.

7. One Time Pad (Vernam cipher):

The key is a random string that is at least as long as the plaintext.

Each new message requires a new key of the same length as the new message. It

produces random output that bears no statistical relationship to the plaintext.

Vernam cipher uses a one time pad, which is discarded after a single use, and

therefore is suitable only for short messages.

For example :

Plaintext: c o m e t o d a y

2 14 12 4 19 14 3 0 24

Key: N C B T Z Q A R X

13 2 1 19 25 16 0 17 23

Total: 15 16 13 23 44 30 3 17 47

Subtract 15 16 13 23 18 04 3 17 21

26

If > 25

Ciphertext: P Q N X S E D R V

Prof H.M.Patel


The one time pad offers complete security but, in practice, has two fundamental

difficulties.

1. There is the practical problem of making large quantities of random keys.

2. Key distribution and protection is also major problem with one time pad.

Q-4: Explain Transposition Techniques.

In transposition cipher the elements of the plain text are rearranged to generate the

cipher text.

The letters are not changed.

The rail fence cipher is composed by writing the plaintext in two rows, proceeding

down, then across and reading the ciphertext across, then down.

For example, to encipher the message "meet me after this party" with a rail fence of

depth 2, we write the following :

m e m a t r h s a

te t e f e t i p

r y

The ciphertext is

MEMATRHSATETEFETIPRY

Attacking a transposition cipher requires rearrangement of the letters of the

ciphertext.

A pure transposition cipher is easily recognized because it has the same letter

frequencies as the original plaintext.

Plaintext : The book is suitable for self study.

Key : 5 6 4 1 3 2

Key : 5 6 4 1 3 2

Plaintext : t h e b o o

k i s s u it

a b l e fo

r s e l f

S t u d y

Ciphertext: BSLEDOIFFOUELYESBSUTKTOSHIART

Q-5: Explain Steganography.

It is a technique that facilitates hiding of a message that is to be kept secret inside

other messages.

Steganography is derived from the Greek for covered writing and essentially means

"to hide in plain sight".

It is simple form , but one that is time-consuming to construct, is one in which an

arrangement of words or letters within an real message.

Various other techniques have been historically; some examples are the following:

Character marking : Selected letters of printed or type written text are over-written

in pencil. The marks are ordinarily not visible unless the paper is held at an angle to

bright light.

Prof H.M.Patel


Invisible ink : A number of substances can be used for writing but leave no visible

trace until heat or some chemical is applied to the paper.

Pin punctures : Small pin punctures on selected letters are ordinarily not visible

unless the paper is held up in front of a light.

Typewriter correction ribbon : Used between lines typed with a black ribbon, the

results of typing with the correction tape are visible only under a strong light.

The advantage is that it can be employed by parties who have something to lose

should the fact of their secret communication be discovered.

Encryption flags traffic as important or secret or may identify the sender or receiver

as someone with something to hide.

Steganography

(Covered writing, covert channels)

Protection against detection Protection against removal

(data hiding) (document marking)

Watermarking Fingerprinting

(all objects are marked (identify all objects, every

In the same way) object is marked specific)

Prof H.M.Patel

chapter-1: conventional encryption information security...

Documents