conventional encryption principles_new
DESCRIPTION
CryptographyTRANSCRIPT
Security Security
It is a process of to prevent un authorized It is a process of to prevent un authorized access access
Information Security :Information Security : System SecuritySystem Security Database SecurityDatabase Security Network Security Network Security
Physical security Physical security
Network Security Network Security Cryptography and Network Cryptography and Network
SecuritySecurity The main objective of Network security how The main objective of Network security how
to protect data on communication channels to protect data on communication channels or between two parties ( Two parties are or between two parties ( Two parties are Alice & Bob)Alice & Bob)
CryptographyCryptographyCryptanalysisCryptanalysisCryptologyCryptologyEncryptionEncryptiondecryptiondecryptionPlaintextPlaintextCipher textCipher textKeysKeysCrypto System Crypto System
VulnerabilitiesVulnerabilitiesThreat Threat Exploitation Exploitation Risk Risk
Threats exploit the vulnerabilities Threats exploit the vulnerabilities to damage security assets to damage security assets
Vulnerabilities Vulnerabilities Database(VD)Database(VD)NVD 2014 7038 (V)NVD 2014 7038 (V)80% are coming through Third 80% are coming through Third
party applicationparty application13% are on OS13% are on OS4% are on Hardware devices 4% are on Hardware devices
Top applications by vulnerabilities reported in 2014
Ubuntu39 total vulnerabilities 7 high severity 27 medium severity 5 low
Red Hat Enterprise27 total vulnerabilities 6 high severity 17 medium severity 4 low
openSUSE20 total vulnerabilities 9 high severity 9 medium severity 4 low
Fedora15 total vulnerabilities 3 high severity 9 medium severity 3 low
Windows68 total vulnerabilities 47 high severity20 medium severity 1 low severity
Android6 total vulnerabilities 4 high severity 1 medium severity 1 low
How to Analyze Vulnerabilities on System
1.Microsoft Baseline Security Analyzer(MBSA)2.neXpose
Internet Security Internet Security Threats Threats 1.1. Malware ThreatsMalware Threats2.2. Email- ThreatsEmail- Threats3.3. Social Engineering Threat Social Engineering Threat
(Phishing)(Phishing)
Top 10 Threats Top 10 Threats
Security attack : Security attack : An action that An action that Compromises the security of information systemCompromises the security of information system
Security Mechanism : Security Mechanism : A process that is A process that is designed to Detect, Prevent and Recover from a designed to Detect, Prevent and Recover from a security attacks security attacks
Security service : Security service : A service that enhance A service that enhance the security of information system using Security the security of information system using Security services services
Security services implement Security polices and Security services implement Security polices and are implemented by using security mechanismare implemented by using security mechanism
Security polices : Security polices : a high level business a high level business rules define what that organization will do to rules define what that organization will do to prevent systemprevent system
Standards : Standards : a detailed statements how the a detailed statements how the organization is going to implement policiesorganization is going to implement policies
Procedures Procedures : a step by step method or : a step by step method or manual methods to implement goal of manual methods to implement goal of written polices and standards written polices and standards
Security AttacksSecurity Attacks
There are two types of attacks There are two types of attacks 1.1. Passive attacks : Passive attacks : Attempts to learn or Attempts to learn or
make use of information from the system make use of information from the system with out effecting system resources with out effecting system resources
2.2. Active attacks : Active attacks : Attempts to alter Attempts to alter system resources or effect their operations system resources or effect their operations
Passive Attacks Passive Attacks Passive attacks are in the nature of Passive attacks are in the nature of
eavesdropping on, monitoring of eavesdropping on, monitoring of transmissions. The goal of the opponent is to transmissions. The goal of the opponent is to obtain information that is being transmittedobtain information that is being transmitted
There are two types of passive attacksThere are two types of passive attacks1.1. Release of message contentsRelease of message contents2.2. Traffic analysis Traffic analysis Passive attacks are very difficult to detect because they Passive attacks are very difficult to detect because they
do not involve alternation of any messages do not involve alternation of any messages
Active attacks Active attacks Active attacks are modification of data stream Active attacks are modification of data stream
or creation of false data streamor creation of false data streamThere are four categories There are four categories 1.1. Masquerade Masquerade 2.2. ReplayReplay3.3. Modification of messageModification of message4.4. Denial of service Denial of service
Security services Security services
AuthenticationAuthenticationAccess ControlAccess ControlData Confidentiality Data Confidentiality Data IntegrityData IntegrityNonrepudiation : Nonrepudiation : Prevent either sender or Prevent either sender or
the receiver from denying a transmitted the receiver from denying a transmitted message message
Availability Availability
Model for Network Model for Network SecuritySecurity
Conventional Encryption Conventional Encryption PrinciplesPrinciples An encryption scheme has five An encryption scheme has five
ingredients:ingredients:– PlaintextPlaintext– Encryption algorithmEncryption algorithm– Secret KeySecret Key– Cipher textCipher text– Decryption algorithmDecryption algorithm
Security depends on the secrecy of the Security depends on the secrecy of the key, not the secrecy of the algorithmkey, not the secrecy of the algorithm
Conventional Encryption Conventional Encryption PrinciplesPrinciples
CryptographyCryptography Classified along three independent Classified along three independent
dimensions:dimensions:– The type of operations used for The type of operations used for
transforming plaintext to cipher texttransforming plaintext to cipher text– The number of keys usedThe number of keys used
symmetric (single key)symmetric (single key) asymmetric (two-keys, or public-key asymmetric (two-keys, or public-key
encryption)encryption)– The way in which the plaintext is The way in which the plaintext is
processedprocessed
Classical encryption Classical encryption TechniquesTechniques
These technique are divided into These technique are divided into two categoriestwo categories
1.Substitution Technique1.Substitution Technique 2.transpostion Technique2.transpostion Technique
Substitution Substitution techniquestechniques Caesar CipherCaesar Cipher Mono Alphabetic Cipher Mono Alphabetic Cipher Play fair cipherPlay fair cipher Hill cipher Hill cipher
Transposition Transposition TechniquesTechniques
Rail fence TechniqueRail fence Technique Columnar TranspositionColumnar Transposition
Caesar CipherCaesar Cipher The Caesar cipher involves The Caesar cipher involves
replacing each letter of the replacing each letter of the alphabetic with the letter alphabetic with the letter standing three places further standing three places further down the alphabeticdown the alphabetic
a b c d e f g h I j k l m n o p q r s t u v w a b c d e f g h I j k l m n o p q r s t u v w x y zx y z
d e f g h I j k l m n o p q r s t u v w x y z d e f g h I j k l m n o p q r s t u v w x y z a b ca b cEncryption Algorithm
c=E (p) = (p+3) mod 26Decryption Algorithm p=D (p) = (p-3) mod 26
Plain text : meet me after the partyCipher text: phhw ph diwhu wkh sduwb
General Caesar cipherGeneral Caesar cipher A shift may be any amountA shift may be any amount Encryption Technique :Encryption Technique : c= E(p) = (p + k) mod 26c= E(p) = (p + k) mod 26 Decryption Technique:Decryption Technique: p= D(p) = (p – k) mod 26p= D(p) = (p – k) mod 26
Drawbacks of Caesar Drawbacks of Caesar cipher cipher
The Encryption and Decryption The Encryption and Decryption algorithms are knownalgorithms are known
There are only 25 keys There are only 25 keys
Mono Alphabetic Mono Alphabetic CipherCipher Each letter is replaced with the Each letter is replaced with the
letter x position to down letter x position to down Select x value randomly Select x value randomly The value of x between 1 to 25The value of x between 1 to 25
a b c d e f g h I j k l m n o p q r s t u v w x y za b c d e f g h I j k l m n o p q r s t u v w x y zb e f I j a c d g h t s r q p o n k l m u z y x w vb e f I j a c d g h t s r q p o n k l m u z y x w v
key : 2 5 6 9 10 1 3 4 7 8 20 19 18 17 16 15 14 11 12 13 21 26 25 24 23 22
Play fair CipherPlay fair Cipher
Step 1:Step 1: Construct 5 * 5 Matrix by using Construct 5 * 5 Matrix by using
key value and Alphabetickey value and Alphabetic key=monarchykey=monarchy
Fill the matrix with key value Fill the matrix with key value fromfrom
left to right and top to bottom left to right and top to bottom and remaining positions fill and remaining positions fill with Alphabeticwith Alphabetic
the letters I/J put into one cellthe letters I/J put into one cell
m m oo nn a a rr
c c h h yy bb dd
ee ff gg i/ji/j kk
ll pp qq ss tt
uu vv ww xx zz
Step 2: Plaintext is Encrypted two letters at a time According to the following rules
a. If letters are repeated separate the letters with filler letter (filler letter is x)
b. Letters falls in same row ,each letter is replaced by the letter on position to right
c. Letters falls in same column , each letter is replaced by the letter on position to down
d. Otherwise the letters replace with the letters falls on row and column letters
m m oo nn a a rr
c c h h yy bb dd
ee ff gg i/ji/j kk
ll pp qq ss tt
uu vv ww xx zz
Plain text:Hello how are u
Cipher text:
Hill Cipher Hill Cipher
Divide the plaintext into blocks of m characters Divide the plaintext into blocks of m characters
m=2m=2
Select the key based on m Select the key based on m select m*m matrixselect m*m matrixMultiply each plain text block with m*m matrix Multiply each plain text block with m*m matrix
that output is cipher text that output is cipher text
Decryption Key
One – Time pads One – Time pads
1.1. First choose random bit string as First choose random bit string as a keya key
2.2. Then convert plain text into a bit Then convert plain text into a bit stringstring
3.3. Finally compute XOR of these Finally compute XOR of these two strings bit by bit two strings bit by bit
4.4. The output is cipher text The output is cipher text
Rail fence techniqueRail fence technique In this technique plaintext is written In this technique plaintext is written
down a sequence of diagonals and down a sequence of diagonals and read off as a sequence of rowsread off as a sequence of rows
Plain text: meet me after one monthPlain text: meet me after one month Cipher textCipher text m e m a t r n m n hm e m a t r n m n h e t e f e o e o t e t e f e o e o t mematrnmnhetefeoeotmematrnmnhetefeoeot
Columnar Columnar TranspositionTranspositionStep 1: Take the key valueStep 1: Take the key value key=4312567key=4312567Step 2: Write the plaintext from left to Step 2: Write the plaintext from left to
right and top to bottom right and top to bottom Step 3: read cipher text column wise select Step 3: read cipher text column wise select
the column which is having minimum the column which is having minimum valuevalue
ExampleExample
Key = 4312567Key = 4312567 Plaintext = hello how are uPlaintext = hello how are u 4 3 1 2 5 6 74 3 1 2 5 6 7 h e l l o hh e l l o h o w a r e o w a r e uuCipher text: l la ew houor e h .Cipher text: l la ew houor e h .
DES (Data Encryption DES (Data Encryption Standard)Standard) It is Symmetric Algorithm (or)It is Symmetric Algorithm (or) Conventional encryption algorithmConventional encryption algorithmSymmetric Encryption:Symmetric Encryption: A form of cryptosystem in which A form of cryptosystem in which
Encryption and Decryption are Encryption and Decryption are performed by single key, that key is performed by single key, that key is called Secret key called Secret key
Properties of DESProperties of DES
It uses Transposition techniqueIt uses Transposition technique It uses single key( Secret key) It uses single key( Secret key) It uses Block Cipher techniqueIt uses Block Cipher technique
DES uses the following DES uses the following functionsfunctions Initial Permutation (IP)Initial Permutation (IP) Inverse Initial Permutation(IPInverse Initial Permutation(IP¯̄¹¹)) Expansion Permutation (E)Expansion Permutation (E) Permutation Function (P)Permutation Function (P) Permuted Choice1 (PC-1)Permuted Choice1 (PC-1) Permuted Choice2 (PC-2)Permuted Choice2 (PC-2) Schedule of Left ShiftsSchedule of Left Shifts
Initial PermutationInitial Permutation
M1 M2 M3 M4 M5 M6 M7 M8M9 M10 M11 M12 M13 M14 M15 M16M17 M18 M19 M20 M21 M22 M23 M24M25 M26 M27 M28 M29 M30 M31 M32M33 M34 M35 M36 M37 M38 M39 M40M41 M42 M43 M44 M45 M46 M47 M48M49 M50 M51 M52 M53 M54 M55 M56M57 M58 M59 M60 M61 M62 M63 M64
M58 M50 M42 M34 M26 M18 M10 M2M60 M52 M44 M36 M28 M20 M12 M4M62 M54 M46 M38 M30 M22 M14 M6M64 M56 M48 M40 M32 M24 M16 M8M57 M49 M41 M33 M25 M17 M9 M1M59 M51 M43 M35 M27 M19 M11 M3M61 M53 M45 M37 M29 M21 M13 M5M63 M55 M47 M39 M31 M23 M15 M7
INPUT(64Bit) IP
Inverse Initial Inverse Initial PermutationPermutation
40 8 48 16 56 24 64 3240 8 48 16 56 24 64 3239 7 47 15 55 23 63 3139 7 47 15 55 23 63 3138 6 46 14 54 22 62 3038 6 46 14 54 22 62 3037 5 45 13 53 21 61 2937 5 45 13 53 21 61 2936 4 44 12 52 20 60 2836 4 44 12 52 20 60 2835 3 43 11 51 19 59 2735 3 43 11 51 19 59 2734 2 42 10 50 18 58 2634 2 42 10 50 18 58 2633 1 41 9 49 17 57 2533 1 41 9 49 17 57 25
Expansion FunctionExpansion Function
32 1 2 3 4 532 1 2 3 4 5 4 5 6 7 8 94 5 6 7 8 9 8 9 10 11 12 138 9 10 11 12 1312 13 14 15 16 1712 13 14 15 16 1716 17 18 19 20 2116 17 18 19 20 2120 21 22 23 24 2520 21 22 23 24 2524 25 26 27 28 2924 25 26 27 28 2928 29 30 31 32 128 29 30 31 32 1
Permutation FunctionPermutation Function
16 7 20 21 29 12 28 1716 7 20 21 29 12 28 17 1 15 23 26 5 18 31 101 15 23 26 5 18 31 10 2 8 24 14 32 27 3 92 8 24 14 32 27 3 919 13 30 6 22 11 4 2519 13 30 6 22 11 4 25
Permuted Choice-Permuted Choice-1(PC1)1(PC1)57 49 41 33 25 17 957 49 41 33 25 17 9 1 58 50 42 34 26 181 58 50 42 34 26 1810 2 59 51 43 35 2710 2 59 51 43 35 2719 11 3 60 52 44 3619 11 3 60 52 44 3663 55 47 39 31 23 1563 55 47 39 31 23 15 7 62 54 46 38 30 227 62 54 46 38 30 2214 6 61 53 45 37 2914 6 61 53 45 37 2921 13 5 28 20 12 421 13 5 28 20 12 4
Permuted Choice-Permuted Choice-2(PC2)2(PC2) 14 17 11 24 1 5 3 2814 17 11 24 1 5 3 28 15 6 21 10 23 19 12 415 6 21 10 23 19 12 4 26 8 16 7 27 20 13 226 8 16 7 27 20 13 2 41 52 31 37 47 55 30 4041 52 31 37 47 55 30 40 51 45 33 48 44 49 39 5651 45 33 48 44 49 39 56 34 53 46 42 50 36 29 3234 53 46 42 50 36 29 32
9 18 22 25 35 38 43 54
Schedule of Left ShiftsSchedule of Left Shifts
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1616
1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Round number bits rotated
permutation
Expansion
S-Box 1: Substitution Box 1
Row / Column 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 150 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
S-Box 1 Table