Computer Security

refers to protecting information systems to ensure three main goals:

1. Confidentiality:
a. Data Confidentiality: Keeps private information from unauthorized access.
b. Privacy: Allows individuals to control who collects, stores, and shares their
personal data.
2. Integrity: Ensures information is accurate and unaltered.
3. Availability: Ensures information and systems are accessible to authorized users when
needed.

Computer security covers all components of a system, including hardware, software, and data.

Integrity and Availability in computer security mean:

4. Integrity: This term covers two related concepts:

a. Data Integrity: Ensures information and programs are only changed in
authorized ways.
b. System Integrity: Ensures the system functions correctly, without unauthorized
manipulation.
5. Availability: Ensures systems and services are accessible to authorized users without
delays or disruptions.

Computer Security

relies on the CIA Triad—Confidentiality, Integrity, and Availability—as its core principles.
These objectives protect both data and information services:

1. Confidentiality: Limits access to information to authorized users.

2. Integrity: Ensures data accuracy and protection from unauthorized changes.
3. Availability: Ensures timely access to information and systems.

These principles are foundational, as highlighted in standards like NIST’s FIPS 199 for
categorizing federal information security.
The OSI Security Architecture

provides a framework for managing an organization's security needs. It helps in choosing

security products and policies by addressing three core components:

1. Security Attack: Any action that threatens the security of an organization's information.
2. Security Mechanism: Processes or devices that detect, prevent, or recover from attacks.
3. Security Service: Services that protect data systems and information transfers, using
security mechanisms to counteract attacks.

This architecture simplifies defining and meeting security needs, especially in complex
networked environments.

Security Attacks include:

1. Passive Attacks: These involve eavesdropping or monitoring transmissions to obtain

information, without altering the data.
o Types:
 Release of Message Contents: Intercepting sensitive data like phone
calls, emails, or files.
 Traffic Analysis: Observing patterns in communication to gather
information.

In passive attacks, the aim is to prevent unauthorized parties from accessing sensitive content.

Active Attacks

involve altering data or creating fake data streams, with four main types:

1. Masquerade: An attacker pretends to be someone else, often to gain unauthorized

access.
2. Replay: Capturing and reusing valid authentication sequences to bypass security.
3. Modification of Messages: Changing legitimate data to alter its meaning or impact.
4. Denial of Service (DoS): Disrupting services to make them unavailable to authorized
users.

These attacks actively interfere with data integrity and system operations.

Security Services: offer protection for system resources and data transfers:

1. X.800: Defines a security service as one provided by a protocol layer in open systems to
secure the system and its data transfers.
 2. RFC 2828: Describes a security service as a processing or communication function that
protects system resources in a specific way,,,, Both definitions emphasize safeguarding
communication and data integrity.

Security Services (X.800) include:

1. Authentication: Verifies that the communicating entity is who it claims to be.

2. Access Control: Limits access to systems and applications based on verified identities to
prevent unauthorized use.
3. Data Confidentiality: Protects data from unauthorized access during transmission.
4. Data Integrity: Ensures data remains unaltered from sender to receiver, without
unauthorized changes.
5. Non-Repudiation: Prevents parties from denying their involvement in a communication.
6. Availability: Ensures system resources are accessible to authorized users as needed.

These services provide comprehensive protection across communication and data integrity.

Security Mechanisms (X.800) are tools designed to detect, prevent, or recover from
security attacks. Since no single mechanism can meet all security needs, cryptographic
techniques are commonly used across various mechanisms.

1. Specific Mechanisms:
o Encipherment
o Digital Signatures
o Access Controls
o Data Integrity
o Authentication Exchange
o Traffic Padding
o Routing Control
o Notarization
2. Pervasive Mechanisms:
o Trusted Functionality
o Security Labels
o Event Detection
o Security Audit Trails
o Security Recovery

These mechanisms collectively enhance system security across different levels.

Symmetric Encryption is a type of cryptosystem where the same key is used for both
encryption and decryption. It is also referred to as conventional encryption.

1. Process:
 o Encryption: Converts plaintext into ciphertext using a secret key and an
encryption algorithm.
o Decryption: Uses the same key and a decryption algorithm to convert the
ciphertext back into plaintext.

This method ensures that only those with the correct key can access the original data.

Symmetric Encryption involves five key components:

1. Plaintext: The original, readable message or data that is input into the encryption
algorithm.
2. Encryption Algorithm: This algorithm applies various substitutions and transformations
to the plaintext.
3. Secret Key: A unique value used by the encryption algorithm, independent of both the
plaintext and the algorithm itself. The output will vary depending on the specific key
used.
4. Ciphertext: The output of the encryption process, which is a scrambled version of the
plaintext. It appears random and unintelligible. Different keys will produce different
ciphertexts for the same plaintext.
5. Decryption Algorithm: Essentially the reverse of the encryption algorithm. It uses the
ciphertext and the secret key to recover the original plaintext.

These components work together to secure data through symmetric encryption.

Requirements for Symmetric Encryption

1. two requirements for secure use of symmetric encryption:

 a strong encryption algorithm

 a secret key known only to sender / receiver
2. Mathematical Representation:

3. assume encryption algorithm is known

 Kerckhoff’s Principle: security in secrecy of key alone, not in obscurity of the
encryption algorithm
4. implies a secure channel to distribute key
 Central problem in symmetric cryptography
Cryptography is defined by three independent dimensions:

1. Transformation Operations:
o Substitution: Each element in the plaintext (such as a bit or letter) is replaced
with another element.
o Transposition: The arrangement of elements in the plaintext is changed.
o Product Systems: Combine multiple stages of substitutions and transpositions
for added security.
2. Number of Keys Used:
o Symmetric Encryption: Both sender and receiver use the same key (also called
single-key or secret-key encryption).
o Asymmetric Encryption: The sender and receiver use different keys (also known
as two-key or public-key encryption).
3. Processing Method:
o Block Cipher: Processes input in fixed-size blocks, producing an output block for
each input block.
o Stream Cipher: Processes input continuously, producing output one element at a
time.

These dimensions help define and differentiate various cryptographic systems.

Cryptanalysis and Brute-Force Attack are two methods of attempting to break

encryption:

1. Cryptanalysis:
o Involves exploiting the characteristics of the encryption algorithm and may
utilize knowledge of plaintext patterns or sample plaintext-ciphertext pairs.
o The goal is to deduce the specific plaintext or the key being used based on these
characteristics.
2. Brute-Force Attack:
o The attacker systematically tries every possible key on a given piece of ciphertext
until they find a key that produces an intelligible plaintext.
o On average, half of all possible keys will need to be tested to successfully decrypt
the message.

These methods highlight the challenges of securing cryptographic systems against unauthorized
access.
Cipher Strength includes:

1. Unconditional Security: The cipher cannot be broken regardless of computing power or

time, as the ciphertext lacks enough information to determine the plaintext.
2. Computational Security: The cipher cannot be feasibly broken with limited computing
resources, where the time required to break it exceeds practical limits.

These concepts highlight the effectiveness of strong encryption in data protection.

Brute Force Search 12
5. always possible to simply try every key
6. most basic attack, exponential in key length
7. assume either know / recognise plaintext

Classical Substitution Ciphers involve replacing letters of plaintext with other letters,
numbers, or symbols. If viewed as bits, substitution replaces plaintext bit patterns with ciphertext
bit patterns.

Example: Caesar Cipher (Shift Cipher)

 One of the earliest substitution ciphers, used by Julius Caesar.

 Each letter is replaced by the letter three places down the alphabet.

Example:

 Plaintext: meet me after the toga party

 Ciphertext: PHHW PH DIWHU WKH WRJD SDUWB

This method illustrates the basic concept of substitution ciphers in cryptography.

Caesar Cipher (Shift Ciph

Playfair Cipher

1. a 5X5 matrix of letters based on a keyword

2. fill in letters of keyword (sans duplicates)
3. fill rest of matrix with other letters
4. eg. using the keyword MONARCHY

Playfair Cipher: Encrypting and Decrypting

1. Encryption:
o The plaintext is processed in pairs of two letters.
o If a pair contains repeated letters, a filler (like 'X') is inserted between them.
2. Substitution Rules:
o Same Row: If both letters are in the same row, each is replaced by the letter to
its right (wrap around to the start if necessary).
o Same Column: If both letters are in the same column, each is replaced by the
letter below it (wrap to the top if at the bottom).
o Different Row and Column: Each letter is replaced by the letter in its row and
the column of the other letter in the pair.

These rules create a unique substitution method for each pair of letters in the plaintext.
Playfair Example
1. Message = Move forward
2. Plaintext = mo ve fo rw ar dx
3. Here x is just a filler, message is padded and segmented
4. mo -> ON; ve -> UF; fo -> PH, etc.
5. Ciphertext = ON UF PH NZ RM BZ

Vigenère Cipher

1. simplest polyalphabetic substitution cipher

2. effectively multiple caesar ciphers
3. key is multiple letters long K = k1 k2 ... kd
4. Example of Vigenère Cipher
5. write the plaintext out
6. write the keyword repeated above it
7. use each key letter as a caesar cipher key
8. encrypt the corresponding plaintext letter
9. eg using keyword deceptive – key: deceptivedeceptivedeceptive – plaintext:
wearediscoveredsaveyourself – ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

Vernam Cipher/One-Time Pad (OTP)

 The One-Time Pad (OTP) uses a key as long as the plaintext with no statistical
relationship to it.
 Invented by Gilbert Vernam, it provides perfect security if a truly random key is used.
 Key Features:
o Unbreakable: The ciphertext has no statistical correlation to the plaintext.
o Each plaintext and ciphertext pair corresponds to a unique key.
 Limitations:
o The key can only be used once.
o Challenges include generating random keys and securely distributing them.

These features make the OTP one of the most secure encryption methods when used correctly.
Example #7: The Vernam Cipher (One-Time Pad)

Concepts of Modern Cryptography

1. Fixed Input-Length Random Function:

o A function R:{0,1}m→{0,1}nR: \{0,1\}^m \to \{0,1\}^nR:{0,1}m→{0,1}n assigns a
random nnn-bit string to each of the 2m2^m2m possible inputs.
o This can be achieved by randomly selecting from 2m⋅2n2^{m \cdot 2^n}2m⋅2n
possible functions.
2. Variable Input-Length Random Function:
o Implemented using a device with memory and a random-bit generator.
o It outputs random nnn-bit words for new inputs and recalls answers for
previously encountered inputs.
3. Pseudo-Random Function:
o A deterministic and efficiently computable function that is indistinguishable from
a random function by practical statistical or cryptanalytic tests.
o For example, altering one bit of input should, on average, change half of the
output bits.

These concepts are fundamental to understanding the design and analysis of cryptographic
systems.
Computationally Infeasible”

With ideal cryptographic primitives (indistinguishable from random functions), the only
effective method of cryptanalysis is exhaustive search (brute force attack). Here’s a breakdown
of the feasibility limits:

 Hypothetical Setup:
o VLSI chips operating at 10 GHz, costing $10 each, can test 100 keys per cycle.
o With $10 million, we could assemble a machine capable of testing approximately
101810^{18}1018 (or 2602^{60}260) keys per second.
 Key Strength Analysis:
o 80-bit Key: This machine could break it in about 7 days on average.
o 128-bit Key: It would take over 103810^{38}1038 years to break, far exceeding
the age of the universe.
 Current Efforts:
o The fastest key search published achieved about 2232^{23}223 keys per second
using thousands of PCs on the Internet.

These numbers illustrate the immense computational resources required to break strong
encryption keys, reinforcing the notion of “computational infeasibility.”

Random Bit Generation

To generate keys and nonces for cryptographic protocols, a source of unpredictable random bits
is essential. However, computer predictability makes secure seed generation difficult.

Attack Example:

In 1995, Ian Goldberg and David Wagner exploited a flaw in Netscape 1.1's SSL encryption,
which relied on weak random-bit generation based on the time of day and process IDs, allowing
brute-force attacks.

Sources of Randomness:

1. Hardware Generators: Use physical phenomena like thermal noise or Geiger counters.
2. User Behavior Timing: Measure actions like keystrokes and mouse movements for randomness.

These methods help create secure cryptographic systems.

High-Quality Random Bit Sources

Randomness can come from:

 Peripheral Hardware Timing: Response times from devices like disk drives.
 Noise from Analog/Digital Converters: Data from sound cards or cameras.
 Network Packet Timing: Analyzing network packet data.
 High-Resolution Timing: Capturing precise events.

These sources alone don’t yield high-quality random bits, but they can be combined in a hash
function to create unbiased bits.

Stream Ciphers

• A typical stream cipher encrypts plaintext one byte at a time, although a stream cipher may
be designed to operate on one bit at a time or on units larger than a byte at a time.

• Figure 7.7 is a representative diagram of stream cipher structure. In this structure, a key is
input to a pseudorandom bit generator that produces a stream of 8-bit numbers that are
apparently random.

• The output of the generator, called a keystream, is combined one byte at a time with the
plaintext stream using the bitwise exclusive-OR (XOR) operation.
Stream Ciphers

• For example, if the next byte generated by the generator is :

01101100 , and the next plaintext byte is: 11001100,

then the Encryption as follows:

Ci = Mi XOR Stream Keyi

plaintext : 11001100 XOR

key stream: 01101100

ciphertext : 10100000

• Decryption requires the use of the same pseudorandom

sequence: Mi = Ci XOR StreamKeyi

ciphertext : 10100000 XOR

key stream : 01101100

plaintext : 11001100

Stream Cipher Properties

1.some design considerations are:

o long period with no repetitions

o statistically random
o depends on large enough key
o arge linear complexity

2.properly designed, can be as secure as a block cipher with same size key

3.but usually simpler & faster

RC4 Stream Cipher

 Designer: Created by Ron Rivest for RSA Security.

 Key Size: Supports variable lengths from 1 to 256 bytes (8 to 2048 bits).
 Operation: Performs byte-oriented operations.
 Applications: Used in SSL/TLS for secure web communication, as well as in WEP and
WPA for wireless security (IEEE 802.11 standard).
 State Vector: Initializes a 256-byte state vector (S) with elements S[0] to S[255].
 Functionality: The key generates a random permutation of all 8-bit values, which is used
to scramble input data processed one byte at a time.

RC4 : Initialize S