Network Security

Haramaya University, Haramaya Institute of Technology
School of Electrical and Computer Engineering
Advanced Computer Networks

(ECEg5193)
Chapter IV
Network Security
Saturday, August 12, 2023 Computer Network and Security

Advanced Computer Networks /Chapter IV
Overview of the Issues of Network

2
 Information Security requirements have changed in recent times
 Traditionally provided by physical and administrative mechanisms
 Many daily activities have been shifted from physical world to cyber space
 Use of computers
 Protect files and other stored information
 Use of networks and communications links

 Protect data during transmission
Haramaya University, HiT, SECE Computer Network and Security Saturday, August 12, 2023
Definitions
3
 Computer Security
 Generic name for the collection of tools designed to protect data and hackers
 Network Security
 Measures to protect data during their transmission
 Internet Security
 Measures to protect data during their transmission over a collection of
interconnected networks
Threats and Attacks

4
 A threat to a computing system is a set of circumstances that has the potential to cause
loss or harm
 A vulnerability is a weakness in the security system that might be exploited to cause loss
or harm
 A human who exploits a vulnerability commits an attack on the system
 A control is an action, device, procedure, or technique that removes or reduces a

vulnerability
 A threat is blocked by control of a vulnerability

System Security Threats

5
 Threats are one of four kinds
 Interception
 Interruption
 Modification and
 Fabrication
System Security Threats… interception

6
 An interception: unauthorized party has gained access to an asset.
 The unauthorized party can be a

 Person
 Program,or
 Computing system.
 Examples of this type of failure are

 Illicit copying of program or data files, or wiretapping to obtain data in a network.
 A loss may be discovered fairly quickly

 However a silent interceptor may leave no traces
System Security Threats…Interruption

7
 In an interruption, an asset of the system is lost, unavailable, or unusable.
 Example
Malicious destruction of a hardware device
Erasure of a program or data file
Malfunction of an operating system file manager so that it cannot find a particular disk file.
System Security Threats…Modification

8
 Modification: If an unauthorized party not only accesses but tampers with an asset
 Example
Someone might change the values in a database
Alter a program so that it performs an additional computation
Modify data being transmitted electronically. It is even possible to modify

hardware.
Some cases of modification can be detected with simple measures, but other,
more subtle, changes may be almost impossible to detect.
System Security Threats (Fabrication)

9
 An unauthorized party might create a fabrication of counterfeit objects on a
computing system.
 The intruder may insert spurious (forged) transactions to a network

communication system or add records to an existing database.
Sometimes these additions can be detected as forgeries, but if skillfully done,

they are virtually indistinguishable from the real thing
Security Goals
10
 The three Goals of Security are:
 Confidentiality
 Integrity and
 Availability.
Security Goals …
11
 Confidentiality: Ensures that  Integrity: An assets can be modified  Availability: An assets are
computer-related assets are only by authorized parties or only in accessible to authorized
accessed only by authorized authorized ways. parties at appropriate
parties.  In this context, modification includes times.
 Writing, Changing, changing status,
 That is, only those who  If some person or system
Deleting and Creating
should have access to has legitimate access to a
 If we say that we have preserved particular set of objects,
something will actually get the integrity of an item, we may that access should not be
that access. mean that the item is prevented.
 By "access," we mean not
 Accurate and unmodified  For this reason,
only reading but also  modified only in acceptable ways availability is sometimes
viewing, printing, or simply  modified only by authorized people known by its opposite
knowing that a particular  modified only by authorized  denial of service.
asset exists. processes
 Confidentiality is sometimes  Consistent, meaningful and usable
called secrecy or privacy.

Security Goals…
12
 An object or service is thought to be available if
 It is present in a usable form.
 It has capacity enough to meet the service's needs.
 It is making clear progress, and, if in wait mode, it has a bounded waiting time
 The service is completed in an acceptable period of time.
 There is a timely response to our request.
 Resources are allocated fairly so that some requesters are not favored over others.
 The service or system involved follows a philosophy of fault tolerance, whereby hardware or
software faults lead to graceful cessation of service or to work-around rather than to crashes and
abrupt loss of information.
 The service or system can be used easily and in the way it was intended to be used.
 Concurrency is controlled; that is, simultaneous access, deadlock management, and exclusive
access are supported as required.
Use of Passwords and

13
Access Control Mechanisms
 Software Controls
 Limit access in a database or in operating systems
 Protect each user from other users
 Hardware Controls
 Smartcard
 Policies
 Frequent changes of passwords
 Physical Controls
Methods of Defense/Control/Protection
14
 Harm occurs when a threat is realized against a vulnerability.
 To protect against harm, then, we can neutralize the threat, close the vulnerability, or both
 We can deal with harm in several ways
 prevent it, by blocking the attack or closing the vulnerability

 deter it, by making the attack harder but not impossible
 deflect it, by making another target more attractive (or this one less so)
 detect it, either as it happens or some time after the fact
 recover from its effects
Software Controls
15
 Program controls include the following:

 Internal program controls
 Parts of the program that enforce security restrictions, such as access limitations in a database
management program
 Operating system and network system controls
 Limitations enforced by the operating system or network to protect each user from all other users
 Independent control programs
 Application programs, such as password checkers, intrusion detection utilities, or virus scanners,
that protect against certain types of vulnerabilities
 Development controls
 Quality standards under which a program is designed, coded, tested, and maintained to prevent
software faults from becoming exploitable vulnerabilities
Hardware Controls
16
 Numerous hardware devices have been created to assist in providing computer

security.
 These devices include a variety of means, such as

 Hardware or smart card implementations of encryption
 Locks or cables limiting access or deterring theft
 Devices to verify users' identities
 Firewalls
 Intrusion detection systems
 Circuit boards that control access to storage media
Multiple Controls
17
Model of Network Security

18
Model for Network Security…

19
 Using this model requires us to:
1. design a suitable algorithm for the security transformation
2. generate the secret information (keys) used by the algorithm
3. develop methods to distribute and share the secret information
4. specify a protocol enabling the principals to use the transformation and secret
information for a security service
Conventional Encryption and Privacy

20
 Background
 Cryptography
 Symmetric and Asymmetric Cryptosystems
 Symmetric Cipher Model
 Substitution Techniques
 Caesar Cipher
 Vernam Cipher
Background
21
 Consider the steps involved in sending messages from a sender, S, to a recipient, R

 If S entrusts the message to T, who then delivers it to R, T then becomes the transmission
medium.
 If an outsider, O, wants to access the message (to read, change, or even destroy it), we call O an
interceptor or intruder
 Any time after S transmits message via T, the message is vulnerable to exploitation, and
 O might try to access the message in any of the following ways:
 Block it, by preventing its reaching R, thereby affecting the availability of the message.
 Intercept it, by reading or listening to the message, thereby affecting the confidentiality of the
message.
 Modify it, by seizing the message and changing it in some way, affecting the message's integrity.
 Fabricate an authentic-looking message, arranging for it to be delivered as if it came from S,
thereby also affecting the integrity of the message
Background…
22
 Encryption is the process of encoding a message so that its meaning is not obvious
 Decryption is the reverse process, transforming an encrypted message back into its
normal, original form.
 Alternatively, the terms encode and decode or encipher and decipher are used
instead of encrypt and decrypt.
Background…
23
 A system for encryption and decryption is called a cryptosystem
 For convenience, we denote a plaintext message P as a sequence of individual

characters P = <p1, p2, …, pn>. Similarly, ciphertext is written as C = <c 1, c2, …, cm>.
 For instance, the plaintext message "I want cookies" can be denoted as the message
string <I, ,w,a,n,t, , c,o,o,k,i,e,s>.
 It can be transformed into ciphertext <c1, c2, …, c14>, and the encryption algorithm tells
us how the transformation is done.
Background…
24
 Cryptography means hidden writing, and it refers to the practice of using encryption to conceal
text.
 A cryptanalyst studies encryption and encrypted messages, hoping to find the hidden meanings.
 A Cryptographer and a cryptanalyst attempt to translate coded material back to its original
form.
 A cryptographer works on behalf of a legitimate sender or receiver
 A cryptanalyst works on behalf of an unauthorized interceptor
 Cryptology is the research into and study of encryption and decryption. Includes
 cryptography and
 cryptanalysis
Formal Notation
25
 The transformation between plaintext and ciphertext can described by

 C = E(P) and P = D(C) where
 C represents the ciphertext

 E is the encryption rule
 P is the plaintext and
 D is the decryption rule.
 What we seek is a cryptosystem for which P = D(E(P)).

 We want to be able to convert the message to protect it from an intruder
 We want to be able to get the original message back so that the receiver can read it properly
Encryption Algorithms
26
 The encryption and decryption rules, called algorithms, often use a device called a
key, denoted by K
 Thus the resulting ciphertext depends on
 The original plaintext message
 The algorithm and
 The key value
 We write this dependence as C = E(K, P)

 E is a set of encryption algorithms, and
 The key K selects one specific algorithm from the set
 A key gives us flexibility in using an encryption scheme.

 We can create different encryptions of one plaintext message just by changing the key.
Symmetric and Asymmetric Cryptosystems

27
 Sometimes the encryption and decryption keys are

the same, so
 P = D(K, E(K,P)). This form is called symmetric
encryption because D and E are mirror-image processes.
 At other times, encryption and decryption keys come
Symmetric Cryptosystem
in pairs.
 The decryption key, KD, inverts the encryption of key
KE so that
 P = D(KD, E(KE,P))
 Encryption algorithms of this form are called
asymmetric because converting C back to P involves a
series of steps and a key that are different from the steps
and key of E
Asymmetric Cryptosystems
Symmetric Cipher Model

28
 Conventional/private-key /single-key
 Sender and recipient share a common key
 All classical encryption algorithms are

private-key
 Was only type prior to invention of

public-key in 1970’s
 Most widely used
Representing Characters
29
 We want to study ways of encrypting any computer material

 Could be written as
 ASCII characters
 binary data
 object code, or
 a control stream.
 Suppose we encode Letter A – Z with numbers 0 - 25
 We can perform addition and subtraction on letters by adding and subtracting the corresponding code
numbers.
 Expressions such as A + 3 = D or K - 1 = J have their natural interpretation
 Arithmetic is performed as if the alphabetic table were circular.
 Addition wraps around from one end of the table to the other so that Y + 3 = B.
 Thus, every result of an arithmetic operation is between 0 and 25
Substitution Technique
30
 The technique of substituting a character or symbol for each character of the original
message is called a monoalphabetic cipher or simple substitution.
 The Caesar Cipher
 Each letter is translated to the letter a fixed number of places after it in the alphabet.
 Caesar used a shift of 3, so plaintext letter p was enciphered as ciphertext letter c by the
i i
rule ci = E(pi) = pi + 3
 Using this encryption, the message TREATY IMPOSSIBLE would be encoded as
 TREATY IMPOSSIBLE
 wuhdwb lpsrvvleoh
 Advantage: Simple
 Disadvantage: Algorithm has to be secret
 Once Algorithm is known all messages can be decrypted
Substitution Technique…The Caesar Cipher

31
 Define transformation as:

abcdefghijklmnopqrstuvwxyz
DE F G H I J K LM N O PQR STUVWXYZAB C
 Mathematically give each letter a number

abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
 Then have Caesar cipher as:

c = E(p) = (p + k) mod (26)
p = D(c) = (c – k) mod (26)
Vernam Cipher
32
 The basic encryption involves an arbitrarily long nonrepeating sequence of

numbers that are combined with the plaintext.
 Vernam's invention used an arbitrarily long punched paper tape that fed into a
teletype machine.
 The tape contained random numbers that were combined with characters typed
into the teletype.

 The sequence of random numbers had no repeats, and each tape was used only
once.
 As long as the key tape does not repeat or is not reused, this type of cipher is
immune to cryptanalytic attack

 the available ciphertext does not display the pattern of the key
Vernam Cipher…
33
Vernam Cipher… Combining Function

34
Example
Data Encryption Standard (DES)

35
 Most widely used block cipher in the world

 Adopted in 1977 by National Bureau of
Standards NBS
 Encrypts 64-bit data using 56-bit key
 Has widespread use
 especially in financial applications
 still standardised for legacy application use
 Quite regular in structure (easy in h/w)

 Uses a 64-bit block and a 56-bit key.
Single Round
36
 Uses two 32-bit L & R halves
 As for any Feistel cipher can describe as:
Li = Ri–1
Ri = Li–1  F(Ri–1, Ki)
 F takes 32-bit R half and 48-bit subkey:
 Expands R to 48-bits using permutation +

Expansion
 Involves duplication of the 16 bits
 Adds to subkey using XOR
 The resulting 48 bits are XORed with ki
 Passes through 8 S-boxes to get 32-bit
result
 This 48-bit result passes through a
substitution function that produces a 32-
bit output,
 Finally permutes using 32-bit permutation P
Public-Key Cryptography
37
 Most significant advance in the 3000 year history of cryptography

 Uses two keys – a public & a private key (Asymmetric)
 Uses clever application of number theory concepts to function
Principle of Public-Key Cryptography

38
 Public-Key algorithms rely on two keys where:

 it is computationally infeasible to find decryption key knowing only the algorithm
& encryption key
 it is computationally easy to en/decrypt messages when the relevant (en/decrypt)
key is known
 either of the two related keys can be used for encryption, with the other used for
decryption (for some algorithms)
 A public-key, which may be known by anybody, and can be used to encrypt
messages, and verify signatures
 A private-key, known only to the recipient, used to decrypt messages, and sign
(create) signatures
Ingredients of Public Key Encryption

39
1. Plaintext: This is the readable message or data that is fed into the algorithm as
input
2. Encryption algorithm: The encryption algorithm performs various
transformations on the plaintext
3. Public and private keys: This is a pair of keys that have been selected so that if
one is used for encryption, the other is used for decryption
 The exact transformations performed by the algorithm depend on the public or private key that is
provided as input
5. Ciphertext: This is the scrambled message produced as output
 It depends on the plaintext and the key
 For a given message, two different keys will produce two different ciphertexts
6. Decryption algorithm: This algorithm accepts the ciphertext and the matching key
and produces the original plaintext
Encryption with Public Key

40
 Bob encrypt with Alice’s public key
 Alice Decrypts with her private Key
Encryption with Private key

41
 Bob encrypt with his private key

 Alice Decrypts with Bob’s Public Key
Why Public-Key Cryptography?

42
 Developed to address two key issues:

 Key distribution – how to have secure communications in general without having
to trust a KDC with your key
 Digital signatures – how to verify a message comes intact from the claimed
sender
 Is asymmetric because
 those who can encrypt messages or verify signatures cannot decrypt messages or
create signatures
 Application of public key encryption
 encryption/decryption (provide secrecy)

 digital signatures (provide authentication)
 key exchange (of session keys)
 some algorithms are suitable for all uses, others are specific to one
Rivest Shamir Adelman Encryption

43
 By Rivest, Shamir & Adleman of MIT in 1977

 Best known & widely used public-key scheme
 based on exponentiation in a finite field over integers modulo a prime
 Note: exponentiation takes O((log n)3) operations (easy)

 Uses large integers (eg. 1024 bits)
 Security due to cost of factoring large numbers
Note: factorization takes O(e log n log log n) operations


 The RSA encryption algorithm combines results from number theory with the degree of
difficulty in determining the prime factors of a given number
Rivest Shamir Adelman Encryption…

44
 The RSA algorithm also operates with arithmetic mod n like many other.
 The two keys used in RSA, d and e, are used for decryption and encryption.
 They are actually interchangeable
 Either can be chosen as the public key, but once one having been chosen, the other one must be
kept private.
P = E(D(P)) = D(E(P))
 You can think of E and D as two complementary functions, each of which "undoes" the other
 The RSA scheme is a block cipher in which the plaintext and ciphertext are integers between 0
and n - 1 for some n
 A typical size for n is 1024 bits, or 309 decimal digits

45
 Any plaintext block P is encrypted as

 Because the exponentiation is performed mod n, factoring Pe to uncover
the encrypted plaintext is difficult

 However, the decrypting key d is carefully chosen so that
 Thus, the legitimate receiver who knows d simply computes

 and recovers P without having to factor
 It is infeasible to determine d given e and n

46
 The encryption algorithm is based on the underlying problem of factoring large

numbers.
 So far, nobody has found a shortcut or easy way to factor large numbers in a finite set
called a field.
 In a highly technical but excellent paper, Boneh reviews all the known
cryptanalytic attacks on RSA and concludes that none is significant
 Because the factorization problem has been open for many years, most
cryptographers consider this problem a solid basis for a secure cryptosystem
Steps in RSA
47
 Each user generates a public/private key pair by:
 Selecting two large primes at random, p and q
 computing their system modulus

N = p.q
 holds if e and d are multiplicative inverses modulo φ(n)

 where φ(n) is the Euler totient function.
 Note: φ (pq) = (p - 1)(q - 1)
Steps in RSA…
48
 The relationship between e and d can be expressed as ed mod φ(n) = 1

 selecting at random the encryption key e
where 1<e<ø(n), gcd(e,ø(n))=1

 solve following equation to find decryption key d
 e.d=1 mod ø(n) and 0≤d≤n

 publish their public encryption key: PU={e,n}
 keep secret private decryption key: PR={d,n}
 To encrypt a message P the sender:

 obtains public key of recipient PU={e,n} and computes: C = Pe mod n, where 0≤P<n
 To decrypt the ciphertext C the owner:
 uses their private key PR={d,n} and computes: P = Cd mod n
 note that the message P must be smaller than the modulus n
RSA Example - Key Setup

49
1. Select primes: p=17 & q=11

2. Compute n = pq =17 x 11=187
3. Compute ø(n)=(p–1)(q-1)=16 x 10=160
4. Select e: gcd(e,160)=1; choose e=7
5. Determine d: d.e = 1 mod 160 and d < 160
d=23 since 23x7=161= 10x16+1

6. Publish public key PU={7,187}
7. Keep secret private key PR={23,187}
RSA Example - En/Decryption

50
 Sample RSA encryption/decryption is

 Given message M = 88 ( Notice 88<187)
 Encryption:
C = 887 mod 187 = 11
=[(884 mod 187) x (882 mod 187) x (881 mod 187)] mod 187 = (77x 132
x 88) mod 187 = 894, 432 mod 187 = 11
 Decryption:
P = 1123 mod 187 = 88
P= 1123 mod 187 = [(118 mod 187) x (118 mod 187) x (114 mod 187) X
(112 mod 187)]* 11) mod 187 = (33x33x55x121x11)mod 187 = 88
Exercise 1
51
 Suppose n= 187, e = 7 and d = 23, show the Encryption and Decryption of z = 122
 Solution
 Encryption
 Decryption
Exercise 2
52
 Let p= 113, q = 157, e=101 and d =173, Show the Encryption and Decryption of P = “BA”.
 Use the following function to change the text in to its integer equivalent
 Solution
 The integer equivalent of “BA” is
 PI= 66* 256^0+65*256^1= 16706
 n = 113*157 = 17741
 Encryption
 = 11205
 Decryption
 CT = 11205
 P = (CT)dmod n = 11205173mod 17741 = 16706
Exercise 3
53
 Let N = 1591 p= 37, q = 43, e=17 and d =89, Show the Encryption and Decryption of P = “LARGE NO” by
employing a block of two characters at a time.
 Solution B1 = “LA” , B2=“RG”, B3 = “E “, B4=“NO”
 Use the following function to change the text in to its integer equivalent
 L A R G E N O
 12 1 18 7 5 27 19 20
 CipherText = “1054 1337 327 731”
 = 1054 = 39
 = 1337 = 207
 = 327 = 734
 = 731 = 559
To Retrieve the Text

54
 for i = 1 to lb do
 Pi[i] = PI mod 27
 PI = PI/27
 end
 Example
 B1I = 39
 Pi[1] = 39 mod 27 = 12 => “L”
 Pi[2] = (39/27) mod 27=1 mod 27 = 1=> “A”

Network Security

Uploaded by

Copyright:

Available Formats

Network Security

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Security

Uploaded by

Copyright:

Available Formats

Haramaya University, Haramaya Institute of Technology

School of Electrical and Computer Engineering

Advanced Computer Networks

Saturday, August 12, 2023 Computer Network and Security

Overview of the Issues of Network

 Information Security requirements have changed in recent times

 Traditionally provided by physical and administrative mechanisms

 Use of networks and communications links

Threats and Attacks

 A human who exploits a vulnerability commits an attack on the system

 A control is an action, device, procedure, or technique that removes or reduces a

 A threat is blocked by control of a vulnerability

System Security Threats

 Threats are one of four kinds

System Security Threats… interception

 An interception: unauthorized party has gained access to an asset.

 The unauthorized party can be a

 Examples of this type of failure are

 A loss may be discovered fairly quickly

System Security Threats…Interruption

 In an interruption, an asset of the system is lost, unavailable, or unusable.

Erasure of a program or data file

System Security Threats…Modification

Someone might change the values in a database

Alter a program so that it performs an additional computation

Modify data being transmitted electronically. It is even possible to modify

System Security Threats (Fabrication)

 The intruder may insert spurious (forged) transactions to a network

Sometimes these additions can be detected as forgeries, but if skillfully done,

 The three Goals of Security are:

called secrecy or privacy.

Use of Passwords and

 Harm occurs when a threat is realized against a vulnerability.

 We can deal with harm in several ways

 prevent it, by blocking the attack or closing the vulnerability

 Program controls include the following:

 Numerous hardware devices have been created to assist in providing computer

 These devices include a variety of means, such as

Model of Network Security

Model for Network Security…

 Using this model requires us to:

1. design a suitable algorithm for the security transformation

2. generate the secret information (keys) used by the algorithm

3. develop methods to distribute and share the secret information

Conventional Encryption and Privacy

 Symmetric Cipher Model

 Consider the steps involved in sending messages from a sender, S, to a recipient, R

 A system for encryption and decryption is called a cryptosystem

 For convenience, we denote a plaintext message P as a sequence of individual

 The transformation between plaintext and ciphertext can described by

 C represents the ciphertext

 What we seek is a cryptosystem for which P = D(E(P)).

 We write this dependence as C = E(K, P)

 A key gives us flexibility in using an encryption scheme.

Symmetric and Asymmetric Cryptosystems

 Sometimes the encryption and decryption keys are

Symmetric Cipher Model

 All classical encryption algorithms are

 Was only type prior to invention of