## Security goals, Attacks and Defense strategies,

Key Points

We now look at the first goal of security, confidentiality. Confidentiality can be achieved using ciphers. There are two types of ciphers – **Symmetric key and Asymmetric Key**

Reference

- B2: Behrouz A. Foruzan,
**“Data Communication and Networking”**, *Tata McGraw-Hill*,**(5t****h Edition), (2013).**

- Information hidden from unauthorised access –
**Confidentiality** - Information protected from unauthorised change –
**Integrity** - Information entity from unauthorised bandwitdth hijacking –
**Availability**

## Threat to Confidentiality

- Snooping – Someone wants to look through your data
- Traffic Analysis

## Threat to Intrgrity

- Modification
- Masquerading
- Replaying
- Repudiation

## Threat to Availability

- Denial of Service DoS

## Cryptography: Substitution cipher

Key Points

Traditionally if you want to encrypt the data you can use substitution cipher. It is easy to crack as the substitution can be recognised by just the frequency of characters in english.

Ceasar Cipher is one of the examples of Substitution cipher.

There are two types of cipher, Symmetric where the Key is shared with both the machines and Asymmetric where the key is not common–generally there is a public key and a private key.

Reference

- B2: Behrouz A. Foruzan,
**“Data Communication and Networking”**, *Tata McGraw-Hill*,**(5t****h Edition), (2013).**

## Ciphers

We now look at the first goal of security, confidentiality. Confidentiality can be achieved using ciphers. There are two types of ciphers – **Symmetric key and Asymmetric Key**

Symmetric Key is basically same for encryption and decryption and must be shared with both the client and server.

Ceasar Cipher is one of the examples of Symmetric cipher. Just shift/replace the letter by that key in alphabet

Polyalphabetic is a little different. This has one to many mapping and this kind of encryption is generally one directional and probabilistic.

## DES and RSA algorithms,

Key Points

DES is a Symmetric Key Cipher where are RSA is Asymmetric Key Cipher

RSA Algorithm

- Choose two large primes, p and q
- Computer n = p x q and z = (p-1) x (q-1)
- Choose a number
*relatively*prime to z and call it e(public key) - find d (private key) such that e x d = 1 mod z
- Encrypt p -> C =
- Encrypt p -> P =

Reference

- B2: Behrouz A. Foruzan,
**“Data Communication and Networking”**, *Tata McGraw-Hill*,**(5t****h Edition), (2013).** - Coursera Cryptography I https://www.coursera.org/learn/crypto/lecture/cbnX1/information-theoretic-security-and-the-one-time-pad

DES or Data Encryption Standard takes 64 bit plain text and encrypts then using a Round Key Generator which is given a 54 bit cipher key.

There are 16 rounds and in each round you get a 48 bit Rounded Key which is then ExOrd in Mixer and swapped.

## One-time pad

One time pad It was designed by Vernam back at the beginning of the twentieth century. So a key in the one time pad is simply a random big string, it’s a random sequence of bits. That’s as long as the message to be encrypted, as long as the message.So essentially the ciphertexts. Which is the result of encrypting a message with a particular key, is simply the XOR of the two. So they decrypt a cipher text using a particular key. What I do is I XOR the key and the ciphertext again.

## What about Asymmetric Ciphers though

Symmetric- and asymmetric-key ciphers will exist in parallel and continue to serve the community

Lecture Slides

## RSA- Rivest Shamir and Adleman

Aww, the name reminds me so much of BCH encoding 🙁

- Choose two large primes, p and q
- Computer n = p x q and z = (p-1) x (q-1)
- Choose a number
*relatively*prime to z and call it e(public key) - find d (private key) such that e x d = 1 mod z
- Encrypt p -> C =
- Encrypt p -> P =

## Digital signatures, Authentication protocols: One-Way Authentication,

Key Points

A digest can be used to check the integrity of a message—that the message has not been changed. To ensure the integrity of the message and the data origin authentication–we need to include a secret shared in the process; we need to create a message authentication code (MAC).

*A MAC uses a secret key to protect the digest; a digital signature uses a pair of private-public keys.*

- A crypto system uses the public and private key of the receiver
- A digital signature uses the private and public keys of the sender

Reference

- B2: Behrouz A. Foruzan,
**“Data Communication and Networking”**, *Tata McGraw-Hill*,**(5t****h Edition), (2013).**

- A crypto system uses the public and private key of the receiver
- A digital signature uses the private and public keys of the sender

PowerPoint Presentation

Entity authentication is a technique designed to let one party verify the identity of another party. An entity can be a person, a process, a client, or a server.

The entity whose identity needs to be proven is called the claimant; the party that tries to verify the identity of the claimant is called the verifier.

PowerPoint Presentation

- Something Known. This is a secret known only by the claimant that can be checked by the verifier. Examples are a password, a PIN, a secret key, and a private key.
- Something Possessed. This is something that can prove the claimant’s identity.Examples are a passport, a driver’s license, an identification card, a credit card, and a smart card.
- Something Inherent. This is an inherent characteristic of the claimant. Examples are conventional signatures, fingerprints, voice, facial characteristics, retinal pattern, and handwriting.

Different Attacks to Fixed Password

1.Eavesdropping

2.Stealing a Password

3.Accessing a file

4.Guessing.

We may not even need secrecy but instead must have integrity

Quotes from Computer Networks Lecture Slides 💙