Networking

1
Networking Security

• Introduction to Basics of Cryptography
• Main Sources Chapter 2 of Pfleeeger Pfleeger

2
Agenda

• Basic process involved in encryption/decryption
• Symmetric and asymmetric encryption
• General encryption methods
• One way functions and their use
• Digital signatures
• Types of cryptographic attacks

3
Hiding of information

• One classic mechanism for protecting the
  confidentiality of an item is to hide it
• Two methods of hiding information
• The location of the information may be
  hidden/secret
• Not suitable especially when data is transmitted
  on networks
• The information itself can be camouflaged

4
What is Cryptography?

• Cryptography is the study of how to hide
  information by camouflaging the information
• Cryptanalysis is the study of how to unhide
  information that has been hidden by camouflaging
  it
• Cryptology combines the 2 and is the study of how
  to hide information by camouflage and unhide
  information that has been so hidden.
• We will only be looking at hiding by camouflaging
  it. (method 2 of information hiding)

5
Basic terminology

• The information to be hidden is called plaintext
• The process of camouflaging it is called
  encryption
• The camouflaged information is called ciphertext
• The process of removing the camouflage to obtain
  the original plaintext is called decryption

6
Encryption and Decryption

• Encryption process is a function that maps a
  plaintext onto a ciphertext
• The function is represented by an algorithm i.e.
  a method of carrying out the necessary
  computations that transforms the plaintext into
  the ciphertext
• Decryption is a function that maps the ciphertext
  onto a plaintext
• as for encryption this function is represented by
  an algorithm that transforms the ciphertext into
  plaintext

7
Encryption and Decryption

• Most encryption functions (and their algorithms)
  use a parameter value in the computation that
  determines exactly how the encryption occurs i.e.
  the exact mapping between plaintext and
  ciphertext - this parameter value is the key
• ciphertext encryption (key1, plaintext)
• is assignment not equals
• Reconstituted plaintext decryption(key2,cipherte
  xt)

8
Encryption and Decryption

• key1 may be the same as key2 (symmetric keys or
  private key approach) or keys may be different
  from each other (asymmetric keys or public key
  approach) depending upon the algorithms used
• The encryption and decryption algorithms are
  related so that the decryption of an encrypted
  plaintext produces the original plaintext i.e.
• reconstituted plaintext
• decryption(key2, encryption(key1, plaintext))
• original plaintext is equals
• Decryption inverts or reverses the encryption
  process

9
Encryption and Decryption

• The encryption/decryption pair of algorithms
  effectively behaves like a lock.
• It is a well designed and well understood
  security component that has been designed by
  experts to be difficult to break or pick
• A given type/design of lock can be produced so
  that there are a large number of different
  possible keys that might work with that design of
  lock,
• although only one of those keys should open or
  close any particular lock

10
Symmetric asymmetric key encryption

• when key1 key2 this is called symmetric keys
  (symmetry because both keys the same)
• when key1 ! key2 this is called asymmetric keys
  (not the same)
• with symmetric keys the sender of information and
  the receiver of information both have the same key

11
Symmetric asymmetric key encryption

• Like conventional security situation - you have a
  strong box and when people want to leave an item
  for you securely they can leave the item in the
  strongbox.
• You have a key to the lock on the strong box and
  the other person has a key to the lock on the
  strongbox.
• Problem is that the key has to be kept safe - if
  anybody else gets a copy of the key then they can
  open the strongbox and obtain the contents!
• Same with messages, if both parties need the same
  key to encrypt and decrypt the message then the
  key needs to be kept secret.

12
Symmetric asymmetric key encryption

• Hence symmetric keys are often called private
  keys.
• Two issues are fundamental to symmetric keys
• 1. key distribution - how to give someone with
  whom you wish secure communication a copy of the
  key you intend to use to encrypt or decrypt
  messages - and do so without risking the key
  being copied

13
Symmetric asymmetric key encryption

• 2. key proliferation - if you want pairwise
  secure communication between many people then the
  number of keys required grows rapidly
• with n members who want pairwise secure
  communication the number of keys n (n-1)/2
• Two people need 1 key, 3 people need 3 keys, 4
  people 6 keys, 5 need 10, 30 need 435, 100 need
  4950, etc.
• As you add another person to the group they have
  to have a key for each person already in the
  group, thus increasing number of keys by n-1 each
  time

14
Symmetric asymmetric key encryption

• With asymmetric keys the sender of the
  information and the recipient have different keys
• the sender has a key with which they can ONLY
  encrypt a message for the recipient
• the receiver has a key that can ONLY decrypt a
  message encrypted with the key made available to
  the sender to encrypt the message
• Because the key used by the sender of the
  message can only encrypt the message and can NOT
  decrypt the message (unlike the conventional key
  approach), then it does NOT represent a security
  threat to encrypted messages - thus does NOT
  need to be private/secret

15
Symmetric asymmetric key encryption

• In fact the encryption key should be made public
  so that anyone who needs to be able to send you
  encrypted information can do so using that key.
• You in turn can then decrypt using your private
  key - hence the use of asymmetric keys is often
  called public key encryption
• So the public key can ONLY encrypt the message
  and the private key can ONLY decrypt the message

16
Symmetric asymmetric key encryption

• Asymmetric keys - avoid the problem of key
  distribution because the sending key is public so
  no special arrangements have to be made to
  securely distribute the keys and
• the private key used to decrypt is ONLY used by
  the receiver of the message-
• It does NOT need to be distributed and can more
  easily be kept secure.

17
Symmetric asymmetric key encryption

• It also means that you need fewer keys - so key
  proliferation is not as much of a problem - each
  person only needs ONE private key and ONE public
  key-
• The number of keys for n people 2n, which is
  much smaller with larger numbers than with the
  symmetric key arrangement
• 2 people need 4 keys, 3 need 6, 4 need 8, 5 need
  10, but 30 need 60 (not 435) and, 100 need 200
  (not 4950)

18
Encryption methods

• To hide the information encoded in the string of
  symbols we may change one symbol for another in
  the string
• This is called substitution
• and change/mix up the order of symbols in the
  string
• This is called permutation
• Most commercial encryption algorithms work by
  using a combination of substitutions and
  permutations on the string of symbols

19
Substitution Techniques

• 1. Mono-alphabetic - which means you have one
  mapping that substitutes the same symbol for
  another symbol all the time
• 2. Poly-alphabetic - which means you have a
  number of different mappings that are used.
• Choice of mapping depends upon key and position
  of symbol in the stream of symbols
• The purpose of substitution is to cause confusion.

20
Permutations

• Permutations map blocks of symbols onto blocks of
  symbols by re-ordering position of symbols in the
  block
• The purpose of permutations is to make the
  symbols of the ciphertext dependent upon all the
  symbols in a block of the plaintext - diffusion
• The permutation of blocks can be repeated (called
  rounds) with the output of a block or other
  blocks being fed into process for carrying out
  permutation next time

21
Stream block ciphers

• Two traditional types of cipher
• Stream cipher operates on one symbol at a time,
  as a result it cannot carry out permutations and
  is thus restricted to substitutions only - the
  substitution employed is dependent upon the
  position of a symbol in the string of symbols
• Block cipher operates on a fixed size block of
  symbols all at one time, it thus can use
  permutations to mix up the order of symbols

22
Recognising plaintext

• How does an attacker recognise the output symbol
  string from decryption as the original plaintext?
• This is easy because most decryptions with the
  wrong key do not exhibit the structure of the
  appropriate type of plaintext-
• e.g. the decrypted output looks nothing like
  English!

23
One way or hash functions

• One way or hash functions map some text onto
  something that is normally called a hash value or
  a message digest.
• It maps an input onto an output,
• This process can not be reversed-
• Can NOT reconstitute the original input from the
  output directly.
• The best you can do is simply input values,
  calculate the output and keep a record of the
  ltinput,outputgt pair for later reference.

24
Uses of one way functions

• One way functions are used to provide
  authentication of identities and messages
• In password verification systems-
• User inputs password,
• One way function is applied to password to give
  hash value,
• The hash value is then compared with a stored
  password hash value for that user.
• Thus the system can verify whether the password
  is correct, but without needing to store the
  actual password on the system.

25
Digital signatures

• You can use an asymmetric key system in which the
  encryption (locking) key is private and the
  decryption (unlocking) key was public - this
  would seem to be the opposite of security-
• All could read the messages you encrypted!
• However, it provides a mechanism for
  authenticating that a message came (genuinely)
  from the source that claimed to have sent it
• like a real signature it is meant to authenticate
  the source of the item as coming from the right
  person
• A hash function is used to produce a
  representation of the message (i.e. the message
  digest or digital signature)

26
Types of cryptographic attack

• Three types of attack in general
• Ciphertext only attacks - the attacker only has
  the ciphertext available to determine the key -
  the brute force and heuristic searches are
  examples of ciphertext only attacks
• Known-plaintext attacks - the attacker has both
  the ciphertext and the plaintext
• Chosen-plaintext attack - attacker can choose
  which plaintext is to be encrypted

27
known-plaintext attacks

• If you have the plaintext why bother to find the
  key?
• There may be other messages that could be
  decrypted once you have the key
• an example of having a known plaintext is knowing
  that you have a Word document-
• the headers (first few hundred bytes) to Word
  documents are fixed and known-
• this provides cracker with more information
  greatly reducing the entropy of the key used.
• Stallings entropy of a message H(X) is related
  to the number of bits of information needed to
  encode a message X

28
Chosen-plaintext attack

• 3. Attacker can choose which plaintext is to be
  encrypted
• This provides even more information than
  known-plaintext attacks.
• So that the entropy of the key can be further
  reduced