CLO 1

Lecture#01
Introduction To Information and
Network Security
Course: Cryptography & Network Security (CE-408)
Course Teacher: Ms. Rukaiya

Contact Info:

Room No: BS-02, CED

Email: rukaiya@ssuet.edu.pk

1
 Course Description
• PRE-REQUISITE: MS-204 Discrete Mathematics / CE-402 Computer Communication
and Networks

• COURSE OBJECTIVE
The objective of this course is to introduce concepts related to cryptography and Network
Security. Different security algorithms and mechanisms will be presented and solutions to
security threats will be discussed.

• COURSE BOOK

Recommended Books:
• Stallings, William. Cryptography and Network Security: Principles and Practice, 7th
Edition, published by Pearson Education, 2017

Reference Books:
• Krawetz, Neal. Introduction to Network Security, 1st ed.: Published by Charles River
Media, an imprint of Thomson Learning, Inc.2007.

• Forouzan, Behrouz A. Cryptography and Network Security, Special Indian Edition,

Published in India by arrangements with the McGraw-Hill Companies, Inc., New York

2
 Brief Course Outline
• Introduction to data and network security,
• Goals, threats and attacks,
• Advanced Persistent Threats, Security mechanisms,
• Difference between Cryptography and cryptanalysis,
• Traditional substitution and transposition cipher,
• Modern symmetric-key cryptography,
• Simplified DES, DES design principals, Double DES, Triple DES,
• Concept of Blockchain with its applications,
• Block cipher modes of operation,
• Raijndael Algorithm, Mechanism of encryption in AES,
• Principles of Public Key Cryptosystem,
• RSA Algorithm,
• Diffie-Hellman Key Exchange,
• Application of cryptographic Hash functions,
• Secure Hash Algorithm (SHA),
• Key management and distribution,
• Network Security Mechanisms,
• IPSec, Virtual Private Network,
• Firewalls and Intrusion Detection and Prevention Systems

3
Course Learning Outcomes w.r.t.
Program Learning Outcomes

Grading Policy

4
 Importance of the Course
Cybersecurity professionals are in high demand across a wide variety of
industries. A recent LinkedIn search for “cybersecurity” resulted in more
than 50,000 search results

2021
Cybersecurity
Trends

https://www.infosys.com/iki/insights/2021-cybersecurity-
trends-report.html 5
 Importance of the Course
Job Positions in Market
• Cybersecurity Analyst
• Security Auditor
• Cybersecurity Specialist
• Cybersecurity Architect
• Cybersecurity Consultant
• Network Administrator
• Penetration Tester

Top recruiters for cyber security experts

• Deloitte
• Accenture
• AT&T, Venm
• IBM
• Oracle
• Infosys
• Microsoft
• Apple
• Samsung

6
• Particularly ransomware attacks that have become more severe
• Caused some companies to shut down and others to put emergency response
plans in place to avoid being shuttered.

https://venturebeat.com/2021/03/29/canalys-more-data-breaches-in-2020-than-previous-15-years-despite-10-
growth-in-cybersecurity-spending/ 7
 What is Cybersecurity?

The collection of tools, policies, security concepts, security safeguards,

guidelines, risk management approaches, actions, training, best practices,
assurance, and technologies that can be used to protect the cyberspace
environment and organization and users’ assets

Assets include;
connected computing devices, personnel, infrastructure, applications,
services, telecommunications systems, and the totality of transmitted and/or
stored information in the cyberspace environment.

8
 Cybersecurity

Cybersecurity

Information Network
Security Security

Information Security
Refers to preservation of confidentiality, integrity, and availability of
information. In addition, other properties, such as authenticity, accountability,
nonrepudiation, and reliability can also be involved.

Network Security
Refers to protection of networks and their service from unauthorized
modification, destruction, or disclosure, and provision of assurance that the
network performs its critical functions correctly and there are no harmful side
effects
9
CIA Triad

10
 Security Objectives

• Cybersecurity introduces three key objectives that are at the heart of

information and network security:
 Confidentiality: This term covers two related concepts:
 Data confidentiality: Assures that private or confidential information is
not made available or disclosed to unauthorized individuals
 Privacy: Assures that individuals control or influence what information
related to them may be collected and stored and by whom and to whom
that information may be disclosed

11
 Security Objectives
 Integrity: This term covers two related concepts:
 Data integrity:
 Assures that data and programs are changed only in a specified and
authorized manner.
 It encompasses data authenticity, which means that a digital object is
indeed what it claims to be or what it is claimed to be,
 Nonrepudiation, which is assurance that the sender of information is
provided with proof of delivery and the recipient is provided with proof
of the sender’s identity, so neither can later deny having processed the
information
 System integrity: Assures that a system performs its intended function in
an unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system

 Availability: Assures that systems

work promptly, and service is not
denied to authorized users
12
Security Objectives

13
 Information Security Challenges

• Security is not simple • Security mechanisms

typically involve more than a
• Potential attacks on the particular algorithm or
security features need to be protocol
considered
• Security is essentially a
• Procedures used to provide battle of wits between a
particular services are often perpetrator and the designer
counter-intuitive
• Little benefit from security
• It is necessary to decide investment is perceived until
where to use the various a security failure occurs
security mechanisms
• Strong security is often
• Requires constant monitoring viewed as a hurdle to
efficient and user-friendly
• Is too often an afterthought
operation

14
 Challenges of Cyber Security Faced
• According to a report, following are top 10 challenges thar faced and
being faced in year 2020 and 2021 respectively.
1. Ransomware attacks

2. IoT attacks
3. Cloud attacks
4. Phishing attacks
5. Blockchain and cryptocurrency attacks
6. Software vulnerabilities

7. Machine learning and AI attacks

8. BYOD policies
9. Insider attacks
10.Outdated hardware

https://www.jigsawacademy.com/blogs/cyber-security/challenges-of-cyber-security/ 15
 OSI Security Architecture

A processing or communication
service that enhances the
security of the data processing
systems and the information
transfers of an organization

Any action that A process (or a Intended to counter security

compromises the device incorporating attacks, and they make use of
security of such a process) that one or more security
information owned is designed to detect, mechanisms to provide the
by an organization prevent, or recover service
from a security
attack

16
Threats and Attacks

17
18
 Security Attacks
• A means of classifying security attacks, used both in X.800 and RFC
4949, is in terms of passive attacks and active attacks

An active attack attempts to

alter system resources or affect
their operation

• Involve some modification of the data stream or the creation of a false stream

• Difficult to prevent because of the wide variety of potential physical, software,

and network vulnerabilities

• Instead, the goal is to detect attacks and to recover from any disruption or
delays caused by them

19
 Types of Active Attacks
• Masquerade
• Takes place when one entity pretends to be a different entity
• E.g., authentication sequences can be captured and replayed
after a valid authentication sequence has taken place

20
 Types of Active Attacks
• Replay
• Involves the passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect

21
 Types of Active Attacks
• Data Modification
• Some portion of a legitimate message is altered, or messages
are delayed or reordered to produce an unauthorized effect

22
 Types of Active Attacks
• Denial of Service (DoS)
• Prevents or inhibits the normal use or management of
communications facilities

23
 Security Attacks

A passive attack attempts to learn or make use of information from the

system but does not affect system resources

• Are in the nature of eavesdropping on, or monitoring of, transmissions

• Goal of the opponent is to obtain information that is being transmitted

24
 Types of Passive Attacks
1. Traffic Analysis

2. Release of Message Content

25
26
Authentication
• Concerned with assuring that a communication is authentic
 In the case of a single message, assures the recipient that the
message is from the source that it claims to be from
 In the case of ongoing interaction, assures the two entities are
authentic and that the connection is not interfered with in such
a way that a third party can masquerade as one of the two
legitimate parties

Password-based Authentication 27
Authentication Services
• Two specific authentication services are defined in X.800:
• Peer entity authentication
 Provides for the verification of the identity of a peer entity in an
association.
 Two entities are considered peers if they implement the same
protocol in different systems.
 It is provided for use at the establishment of, or at times during
the data transfer phase of, a connection.
 It attempts to provide confidence that an entity is not
performing either a masquerade or an unauthorized replay of a
previous connection

28
Authentication Services
• Data origin authentication
 Also known as message authentication,
 It is an assurance that the source of the information is indeed
verified.
 It guarantees data integrity because if a source is corroborated,
then the data must not have been altered.
 Various methods, such as Message Authentication
Codes (MACs) and digital signatures are most commonly used.

29
 Access Control
• The ability to limit and control the access to host systems and
applications via communications links
• To achieve this, each entity trying to gain access must first be
indentified, or authenticated, so that access rights can be tailored
to the individual
• Major components:
 Authentication,
 Authorization,
 Access,
 Manage, and
 Audit

30
 Access Control
• Access control can be split into two groups designed to improve
physical security or cybersecurity:

• Physical access control:

• limits access to campuses, building and other physical assets, e.g., a
proximity card to unlock a door.

• Logical access control:

• limits access to computers, networks, files and other sensitive data, e.g., a
username and password.

31
 Data Confidentiality
• The protection of transmitted data from passive attacks
 Broadest service protects all user data transmitted between two users over a
period of time
 Narrower forms of service includes the protection of a single message or even
specific fields within a message

• The protection of traffic flow from analysis

 This requires that an attacker not be able to observe the source and destination,
frequency, length, or other characteristics of the traffic on a communications
facility

32
Data Integrity

Can apply to a stream of messages, a single

message, or selected fields within a message

Connection-oriented integrity service, one that deals

with a stream of messages, assures that messages
are received as sent with no duplication, insertion,
modification, reordering, or replays

A connectionless integrity service, one that deals

with individual messages without regard to any
larger context, generally provides protection against
message modification only

33
 Nonrepudiation
• Prevents either sender or receiver from denying a transmitted
message

• When a message is sent, the receiver can prove that the alleged
sender in fact sent the message

• When a message is received, the sender can prove that the alleged
receiver in fact received the message

34
 Availability Service
• Protects a system to ensure its availability

• This service addresses the security concerns raised by denial-of-

service attacks

• It depends on proper management and control of system resources

and thus depends on access control service and other security
services

35
 Security Mechanisms
Cryptographic Algorithms
Two cryptographic mechanisms.
• Reversible mechanism is simply an encryption algorithm
that allows data to be encrypted and subsequently decrypted.
• Irreversible mechanisms include hash algorithms and
message authentication codes, which are used in digital
signature and message authentication applications.

Data Integrity

This category covers a variety of mechanisms used to assure

the integrity of a data unit or stream of data units.

Digital Signature
Data appended to, or a cryptographic transformation of, a data
unit that allows a recipient of the data unit to prove the source
and integrity of the data unit and protect against forgery.

36
 Security Mechanisms
Authentication Exchange
A mechanism intended to ensure the identity of an entity by
means of information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate
traffic analysis attempts.
Routing Control
Enables selection of particular physically or logically secure
routes for certain data and allows routing changes, especially
when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain properties of a
data exchange
Access Control
A variety of mechanisms that enforce access rights to
resources.
37
38
 Keyless Algorithms
• Deterministic functions that have certain properties useful for
cryptography
• One type of keyless algorithm is the cryptographic hash function
 A hash function turns a variable amount of text into
a small, fixed-length value called a hash value, hash
code, or digest
 A cryptographic hash function is one that has
additional properties that make it useful as part of
another cryptographic algorithm, such as a message
authentication code or a digital signature
 A pseudorandom number generator
produces a deterministic sequence of
numbers or bits that has the appearance of
being a truly random sequence

39
 Single-Key Algorithms
Encryption Symmetric
algorithms that use a encryption takes
Single-key single key are
cryptographic the following forms:
referred to as
algorithms depend symmetric encryption
on the use of a algorithms
secret key Block cipher
• A block cipher operates on
data as a sequence of blocks
With symmetric encryption,
an encryption algorithm takes • In most versions of the
as input some data to be block cipher, known as
protected and a secret key and modes of operation, the
produces an unintelligible transformation depends not
transformation on that data only on the current data
block and the secret key but
also on the content of
preceding blocks
A corresponding decryption
algorithm takes the
transformed data and the Stream cipher
same secret key and
recovers the original data • A stream cipher operates
on data as a sequence of
bits
• As with the block cipher,
the transformation
depends on a secret key

40
 Single-Key Algorithms

Another form of single-key cryptographic

algorithm is the message authentication
code (MAC)

A MAC is a data element associated with a data block or

message

The MAC is generated by a cryptographic transformation

involving a secret key and, typically, a cryptographic hash
function of the message

The MAC is designed so that someone in possession of the

secret key can verify the integrity of the message

The recipient of the message plus the MAC can perform the
same calculation on the message; if the calculated MAC
matches the MAC accompanying the message, this provides
assurance that the message has not been altered

41
 Asymmetric Algorithms
Encryption algorithms that use a two keys are referred to as
asymmetric encryption algorithms

Digital signature algorithm

A digital signature is a value computed with a cryptographic
algorithm and associated with a data object in such a way that
any recipient of the data can use the signature to verify the data’s
origin and integrity

Key exchange
The process of securely distributing a symmetric key to two or
more parties

User authentication
The process of authenticating that a user attempting to access an
application or service is genuine and, similarly, that the
application or service is genuine

42
 Communication Security
• Deals with the protection of communications through the network,
including measures to protect against both passive and active
attacks
• Communications security is primarily implemented using network
protocols
• A network protocol consists of the format and
procedures that governs the transmitting and
receiving of data between points in a network
• A protocol defines the structure of the individual
data units and the control commands that
manage the data transfer
• With respect to network security, a security protocol may be an
enhancement that is part of an existing protocol or a standalone
protocol

43
 Device Security
• The other aspect of network security is the protection of network devices, such as
routers and switches, and end systems connected to the network, such as client
systems and servers
• Three types of device security are:

Firewall
• A device or service that acts as a gatekeeper, deciding what enters and exits the
network. They use a set of defined rules to allow or block traffic. A firewall
can be hardware, software, or both.
• Acts as a filter that permits or denies data traffic, both incoming and outgoing, based
on a set of rules based on traffic content and/or traffic pattern
Intrusion detection
Hardware or software products that gather and analyze information
from various areas within a computer or a network for the purpose
of finding, and providing real-time or near-real-time warning of,
attempts to access system resources in an unauthorized manner
Intrusion prevention
Hardware or software products designed to detect intrusive activity
and attempt to stop the activity, ideally before it reaches its target

44
45
 Standards
National Institute of Standards and Technology:
• NIST is a U.S. federal agency that deals with measurement science, standards and technology
related to U.S. government use and to the promotion of U.S. private sector innovation. Despite
its national scope, NIST Federal Information Processing Standards (FIPS) and Special
Publications (SP) have a worldwide impact

Internet Society:
• ISOC is a professional membership society with worldwide organizational and individual
membership. It provides leadership in addressing issues that confront the future of the Internet
and is the organization home for the groups responsible for Internet infrastructure standards,
including the Internet Engineering Task Force (IETF) and the Internet Architecture Board
(IAB). These organizations develop Internet standards and related specifications, all of which
are published as Requests for Comments (RFCs).

ITU-T:
• The International Telecommunication Union (ITU) is an international organization within the
United Nations System in which governments and the private sector coordinate global telecom
networks and services. The ITU Telecommunication Standardization Sector (ITU-T) is one of the
three sectors of the ITU. ITU-T’s mission is the development of technical standards covering all
fields of telecommunications. ITU-T standards are referred to as Recommendations

ISO:
• The International Organization for Standardization (ISO) is a worldwide federation of national
standards bodies from more than 140 countries, one from each country. ISO is a
nongovernmental organization that promotes the development of standardization and related
activities with a view to facilitating the international exchange of goods and services and to
developing cooperation in the spheres of intellectual, scientific, technological, and economic
activity. ISO’s work results in international agreements that are published as International
Standards
46
 Summary

• Key security requirements of confidentiality, integrity, and

availability
• Key organizations involved in cryptography standards
• An overview of keyless, single-key and two-key cryptographic
algorithms
• An overview of the main areas of network security
• Types of security threats and attacks that must be dealt with
and give examples of the types of threats and attacks that
apply to different categories of computer and network assets

47