Network Security: Dr. Md. Imdadul Islam
Network Security: Dr. Md. Imdadul Islam
Network Security: Dr. Md. Imdadul Islam
2
Need for Security
• Some people who cause security problems and why.
3
An Introduction to Cryptography
4
The messages to be encrypted, known as plaintext, are transformed
by a function that parameterized by a key. The output of the
encryption process, known as the ciphertext, is then transmitted,
often by messenger or radio. We assume that the enemy or intruder,
hears and accurately copies down the complete ciphertext.
6
It will often be useful to have a notation for relating plaintext,
ciphertext and keys. We will use C = EK(P) to mean that the
encryption of the plaintext P using key K gives the ciphertext C.
Similarly P = DK(C) represents the decryption of C to get the
plaintext again. Therefore, DK(EK(P)) = P.
7
The sender applies an encryption function to the original plaintext
message, resulting in a ciphertext message that is sent over the
network, as in fig. below. In a symmetric-key cipher, both
participants in a communication share the same key. In other words,
if a message is encrypted using a particular key, the same key is
required for decrypting the message.
Substitution Ciphers
In substitution cipher each letter or group of letters is replaced by
another letter or group of letters to disguise it.
One of the oldest ciphers is the Caesar cipher, attributed to Julius
Caesar. In this method a becomes D, b becomes E, c becomes F,
…….., z becomes C. For example attack becomes DWWDFN.
A slight generalization of the Caesar cipher allows the ciphertext
alphabet to be shifted by k letters, instead of always 3. In this case k
becomes a key to the general method of circularly shifted alphabets.
9
The next improvement is to have the symbols in the plaintext, say, the
26 letters for simplicity map onto some other letters. For example:
Plaintext: a b c d e f g h i j k l mno pq r s t u v w x y z
Ciphertext: A Q E R T Y U I O P A S D F G H J K L Z X C V B N M
The general system of symbol-for-symbol substitution is called momoalphabetic
substitution, with the key being 26-letter string corresponding to the full alphabet.
Now attack become QZZQEA.
At first this might appeared to be safe because it requires 26! Keys and take 10 10
years if each trial needs 1nsec.
10
In English, e is the most common letter, followed by t, o, a, n, i etc.
Digrams: th, in, er, re and an.
Trigrams: the, ing, and and ion.
From the most frequent letter, T = e.
11
Example-1: Ciphetext from an accounting firm should contains
financial
Using our knowledge that financial has a repeated letter (i), with four
other letters between their occurrences. We look for repeated letters
in the ciphertext at this spacing. We find 12 hits at positions 6, 15,
27, 31, 42, 48, 56,66, 70, 71, 76 and 82. However, only two of these,
31 and 42, have the next letter( corresponding to n in the plaintext)
repeated in the popper place. Of these two only 31 also has the a
correctly positioned, so we know that financial begins at position1230.
Transposition Ciphers
Transpositional ciphers in contrast reorder the letters but do not disguise them.
Therefore statistical distribution of letters will remain same. The cipher is keyed by
a word or phrase not containing any repeated letters. In this example,
MEGABUCK is the key. If the intruder assume that the plain text contains
milliondollar then he can try to beak it
By hunting for various possibilities, the cryptanalyst can easily find
the key length.
15
Public-Key Algorithms
Key had to be protected from theft, but they also had to be
distributed.
In 1976, two researcher at Stanford University, Diffie and Hellman
(1976) proposed a radically new kind of cryptosystem, one in
which the encryption and decryption key were different, and the
decryption key could not feasibly be derived from the
encryption key. In their proposal, the (keyed) encryption
algorithm, E, and the (keyed) decryption algorithm, D, had to
meet three requirements:
1. D(E(P)) = P
2. It is exceedingly difficult to deduce D from E.
3. E can not be broken by a chosen plaintext attack.
16
Public-key cryptography requires each user to have two key: a
public key, used by the entire world for encrypting messages to be
sent to that user and a private key, which the user needs for
decrypting message.
17
RSA
One good method was discovered by a group at M.I.T. , 1978 known
as RSA( Rivest, Shamir, Adleman). The RSA method is based on
some principles from number theory.
18
To encrypt a message, P, compute C = Pe(mod n). To decrypt C,
compute P = Cd (mod n).
Let, p = 3, q = 11
n = pq = 33, z = (p-1)(q-1) = 20
d = 7, since 20 and 7 does not have common factor
Now 7e = 1 mod 20 which provides e = 3
C = P3 (mod 33) which provides encoded value C
19
Fig. An example of the RSA algorithm.
RSA In Image Encryption and Decryption
e = 3;
n = 33;
d = 7;
N=256;
I=imread('17.jpg');
I=rgb2gray(I);
I=imresize(I,[N, N]);
subplot(2,2,1)
imshow(I)
title('Original Image')
R=mod(I,16);
R=double(R);
I=double(I);
for i=1:N
for j=1:N
Q(i,j)=round(deconv(I(i,j),16)-0.5);
% quisont of the image
end 20
end
for i =1:N
for j = 1:N
Original Image Encrypted Quiscent Image
Qe(i, j)=mod(Q(i,j)^e, n);
Re(i, j)=mod(R(i,j)^e, n);
%Decryption of image
Qd(i, j)=mod(Qe(i,j)^d, n);
Rd(i, j)=mod(Re(i,j)^d, n);
end
End
Rec=Qd*16+Rd; Encrypted Remainder Image Decrypted Image
subplot(2,2,2)
imshow(uint8(Qe))
title('Encrypted Quiscent Image')
subplot(2,2,3)
imshow(uint8(Re))
title('Encrypted Remainder Image')
subplot(2,2,4)
imshow(uint8(Rec))
title('Decrypted Image')
21
Digital Signatures
The authority of many legal, financial and other documents is
determined by the presence or absence of an authorized handwritten
signature.
Basically, what is needed is a system by which one party can send a
signed message to another party in such a way that the following
conditions holds:
1.The receiver can verify the claimed identity of the sender.
2.The sender cannot later repudiate (deny) the contents of the
message.
3.The receiver cannot possibly have concocted the massage himself.
22
Symmetric-Key Signatures
23
When Alice wants to send a signed plaintext message P, to her banker, Bob, she
generates KA(B, RA, t, P), where B is Bob’s identity, RA is a random number
chosen by Alice, t is a timestamp to ensure freshness, and KA(B, RA, t, P) is the
message encrypted with her KA. Then she send it as depicted in fig, below. BB
sees that the message is from Alice , decrypts it and sends a message to Bob as
shown. The message to Bob contains the plain text of Alice’s message and also
the signed message KBB(A, t, P). Bob now carries out Alice’s request.
24
Public-Key Signatures
25
Fortunately public-key cryptography can make an important
contribution in this area. Let us assume that the public-key
encryption and decryption algorithms have the property that E(D(P))
= P, in addition of course, to the usual property that D(E(P)) = P
(RSA has this property, so the assumption is not unreasonable). Here
D is private key encryption and E is public key encryption algorithm.
Assuming that this is the case, Alice can send a signed plaintext
message, P to Bob by transmitting EB(DA(P)). Note carefully that
Alice knows her own (private) key, DA, as well as Bob’s public key,
EB, so constructing this message is something Alice can do.
26
When Bob receives the message, he transform it using his private
key, as usual, yielding DA(P) shown below. He stores this text in a
safe place and then applies EA to get the original plaintext.
27
To see how the signature properly works, suppose that Alice
subsequently denies having sent the message P to Bob. When the
case comes up in the court, Bob can produce both P and DA(P).
The judge can easily verify that Bob indeed has a valid message
encrypted by DA by simply applying EA to it. Sine Bob does not
know what Alice’s private key is, the only way Bob could have
acquired a message encrypted by it is if Alice did indeed send it.
28
Problems:
1.Bob can prove that a message was sent by Alice only as long as DA
remains secret. If Alice discloses her secret key, the argument no
longer holds, because anyone could have sent the message including
Bob himself.
29
Message Digests
This scheme is based on the idea of a one way hash function that
takes an arbitrary long piece of plaintext and from it computes a fixed
length bit string. This hash function, MD often called a message
digest, has four important properties:
30
Computing a message digest from a piece of plaintext is much faster than
encrypting that plaintext with a public-key algorithm, so message digests can be
used to speed up digital signature algorithms. To see how this works, consider the
signature protocol of fig. below again. Instead of signing P with KBB (A, t, P), BB
now computes the message digest by applying MD to P, yielding MD(P). BB then
encloses KBB(A, t, MD(P)), as the fifth item in the list encrypted with KB that is sent
to Bob, instead of KBB(A, t, P).
32
SHA-1
The other major message digest function is SHA-1 (Secure Hash
Algorithm-1). A typical way for Alice to send a nonsecret but
signed message to Bob is illustrated in fig. below. Here her
plaintext message is fed into the SHA-1 algorithm to get a 160-bit
SHA-1 hash. Alice then signs the hash with her RSA privte key and
sends both the plaintext massage and the signed hash to Bob.
34
IP Security (IPsec)
One of the weaknesses of the original Internet Protocol is that it lacks any sort
of general purpose mechanism for ensuring the authenticity and privacy of data
as it is passed over the internetwork. Since IP datagrams must usually be routed
between two devices over unknown networks, any information in them is subject
to being intercepted and even possibly changed. With the increased use of the
Internet for critical applications, security enhancements were needed for IP. To
this end, a set of protocols called IP Security or IPSec was developed.
It can be used in protecting data flows between a pair of hosts (host-to-host),
between a pair of security gateways (network-to-network), or between a security
gateway and a host (network-to-host)
IP Security (IPsec)
36
Basic Concepts:
Authentication Verifies that each datagram was originated by the claimed sender
that the sender is not impersonated by third party. (data origin authentication).
Integrity Verifies that the contents of a datagram were not changed in transit,
either deliberately or due to random errors.
40
Next Header:The Next Header is an 8-bit field that identifies the
type of the next payload after the Authentication Header. The
value of this field is chosen from the set of IP Protocol Numbers
defined on the web page of Internet Assigned Numbers Authority
(IANA). For example, a value of 4 indicates IPv4, a value of 41
indicates IPv6, and a value of 6 indicates TCP.
Sequence Number
This unsigned 32-bit field contains a counter value that increases
by one for each packet sent, i.e., a per-SA packet sequence number.
42
Authentication Data: It is a variable-length field contains the
payload’s digital signature. Normally public-key-cryptography is
not used here because packets must be processed extremely rapidly
and all known public key algorithms are too slow. One simple way
is to compute the hash over the packet plus the shared key. The
shared key is not transmitted, of course. A scheme like this is called
an HMAC (Hashed Message Authentication Code)
43
Firewall
A firewall is a system that is the sole point of connectivity between
the site it protects and the rest of the network, as illustrated in Figure
below. It is usually implemented as part of a router, although a
personal firewall may be implemented on an end-user machine.
A firewall filters packets flowing between a site and the rest of the Internet 44
In terms of walls, a firewall is like the only door (connection)
through a wall (the absence of any other connection). A firewall
provides access control by restricting which messages it will relay
between the site and the rest of the network; it forwards messages
that are allowed, and filters out messages that are disallowed. For
example, it might filter out all incoming messages addressed to a
particular IP address or to a particular TCP port number.
45
The firewall shown in fig. below has two components: two routers
that do packet filtering and an application gateway. Each packet
filter is a standard router equipped with some extra functionality.
This pattern says to discard all packets from port 1234 on host
192.12.13.14 addressed to port 80 on host 128.7.6.5. (Port 80 is the
well-known TCP port for HTTP.)
47
Of course it’s often not practical to name every source host whose
packets you want to filter, so the patterns can include wildcards. For
example,
<*, *, 128.7.6.5, 80>
says to filter out all packets addressed to port 80 on 128.7.6.5,
regardless of what source host or port sent the packet.
48
Modern firewalls also understand and filter based on many specific
application level protocols such as HTTP, Telnet, or FTP. They use
information specific to that protocol, such as URLs in the case of
HTTP, to decide whether to discard a message.
49
Even if the firewall is perfectly configured, plenty of security
problems still exits. For example, if a firewall is configured to
allow in packets from only specific networks ( i.e. company’s other
plants), an intruder outside the firewall can put in false source
address to bypass this check.
50