LAKIREDDY BALI REDDY COLLEGE OF ENGINEERING

(AUTONOMOUS)
Accredited by NAAC & NBA (Under Tier - I) ISO 9001:2015 Certified Institution
Approved by AICTE, New Delhi. and Affiliated to JNTUK, Kakinada
L.B. REDDY NAGAR, MYLAVARAM, KRISHNA DIST., A.P.-521 230.
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

17CI20 – INFORMATION SECURITY

Program & Semester: B.Tech & VII SEM
Section: CSE-A/B
Academic Year: 2021 - 22

INTRODUCTION
By
Mr. Ch.Srinivasa Rao
Assistant Professor
Dept.of CSE, LBRCE
1.Background
The requirements of information security within an
organization have undergone two major changes in the last
several decades.

Before the introduction of data processing equipment security

traditionally provided by physical (eg. rugged filing cabinets with
locks) and administrative mechanisms (eg. Personnel screening
procedures during hiring process)

With the evolution of computers the usage of automated tools to

protect files has made an impact on resource sharing. The generic
name for the collection of tools designed to protect data and to
thwart hackers is computer security

The second major change that affected security is the

introduction of distributed systems and the use of networks and
communications which requires measures to protect data during
transmission.
1.1 Definitions
Computer Security - Generic name for the collection of
tools designed to protect data and to thwart hackers

Network Security - Measures to protect data during their

transmission

Internet Security - Measures to protect data during their

transmission over a collection of interconnected networks

Threat: A Threat is a possible security violation that might exploit the

vulnerability of a system or asset. The origin of threat may be accidental,
environmental (natural disaster), human negligence or human failure.
Difference types of security threats are interruption, interception,
fabrication and modification.
.
Attack: Attack is an deliberate unauthorized action on a system or
asset. Attack can be classified as active and passive attack. An attack will
 The difference between threat and attack are:

S.NO THREAT ATTACK

Can be intentional
1
or unintentional Is intentional

Is malicious
2
May or may not be
malicious
1.2 OSI Security Architecture
 Security Architecture for OSI defines a systematic approach useful to
managers as a way to evaluate and choose various security products
and policies.
 The managers are responsible for computer and network security
needs.
 The OSI security architecture focuses on security attacks, mechanisms,
and services.
 Information security is about protecting the information
from unauthorized access, misuse, disclosure, destruction,
modification, or disruption by using processes and methodologies
which are designed and implemented for protecting information.

Three key objectives that are at the heart of computer security.

 Confidentiality
 Integrity
 Availability

These three concepts form what is often referred to as the CIA triad.

The three concepts embody the fundamental security objectives for

both data and for information and computing services.

To provide Information Security we should consider three aspects

a. Security Attacks
b. Security Mechanism
c. Security Services
Security attack:
Any action that compromises the security of information owned
by an organization.

Security mechanism:
A process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security attack.

Security service:
A processing or communication service that enhances the
security of the data processing systems and the information transfers
of an organization. The services are intended to counter security
attacks, and they make use of one or more security mechanisms to
provide the service.
 1.3 Security Attacks
Attacks on the information can be classified into two categories
i. Passive attacks
ii. Active attacks
Passive Attacks
Passive attacks mainly focus on getting information by doing tapping or
eavesdropping or monitoring etc..,
There are two types of passive attacks
a. Revealing formation
b. Traffic analysis
Passive attacks are difficult to identify.
Passive attacks are prevented rather than detecting.
Active attacks

Active attacks are major security threats. Unlike passive attacks

these attacks mainly focus on alteration and false information.
They are categorized into four
a. Masquerade
b. Replay
c. Message Modification
d. Denial of service
All attacks that are imposed on information can be of four types
Interruption
Interception
Modification
Fabrication
1.4 Security Services
 Enhance security of data processing systems and
information transfers of an organization
Intended to counter security attacks using one or
more security mechanisms
often replicates functions normally associated with
physical documents
X.800:
“a service provided by a protocol layer of
communicating open systems, which ensures
adequate security of the systems or of data
transfers”

RFC 2828:
“a processing or communication service provided by a
system to give a specific kind of protection to
system resources”
Security Services (X.800)
Authentication
Assurance that the communicating entity is the
one claimed
Access Control
Prevention of the unauthorized use of a
resource
Data Confidentiality
Protection of data from unauthorized disclosure
Data Integrity
Assurance that data received is as sent by an
authorized entity
Non-Repudiation
Protection against denial by one of the parties
in a communication
1. 5 Security Mechanisms
Detect, prevent, or recover from a security attack
no single mechanism that will support all
services required
However one element underlies many of the
security mechanisms in use:
cryptographic techniques
Hence our focus on this topic
 Security Mechanisms (X.800)
specific security mechanisms:

Encipherment, digital signatures, access controls, data

integrity, authentication exchange, traffic padding,
routing control, notarization

pervasive security mechanisms:

Trusted functionality, security labels, event detection,

security audit trails, security recovery
1.6 A Model for Network Security
Any Security model deals mainly with two aspects

 A Secure Transformation of information

 Sharing of Secure information

There are mainly four important tasks for providing Security

Service

 An Algorithm for secure transformation

 Generate Secret information to be used with Algorithm
 Methods for sharing the Secret information
 A procedure to be followed by the two communication parties
The security mechanisms that provide access control falls into two
categories
Gatekeeper Function
Internal Security controls
 2. Conventional Encryption Techniques
Any Conventional Encryption Algorithm should posses five qualities

Plain text
Encryption Algorithm
Cipher text
Secret Key
Decryption Algorithm

along with these it should also satisfy two requirements

A Strong Encryption algorithm

A Secure way to transfer the Secret key
Basic Terminology
plaintext - original message
ciphertext - coded message
cipher - algorithm for transforming
plaintext to ciphertext
key - info used in cipher known only
to sender/receiver
encipher (encrypt) - converting plaintext to
ciphertext
decipher (decrypt) - recovering ciphertext from
plaintext
cryptography - study of encryption principles

cryptanalysis (codebreaking) - study of principles/

methods of deciphering ciphertext without knowing key

cryptology - field of both cryptography and

cryptanalysis
2.1Symmetric Encryption
It can also be called as conventional / private-key /
single-key
sender and recipient share a common key
all classical encryption algorithms are private-key
was only technique prior to invention of public-key
in 1970’s and by far most widely used
Two requirements for secure use of symmetric
encryption:
a strong encryption algorithm
a secret key known only to sender / receiver
mathematically have:
Y = EK(X)
X = DK(Y)
assume encryption algorithm is known
implies a secure channel to distribute key
Cryptography
Cryptography is the study of techniques related to aspects of
information security. Hence cryptography is concerned with the
writing (ciphering or encoding) and deciphering (decoding) of
messages in secret code. Cryptographic systems are classified along
three independent dimensions:

Cryptanalysis
objective to recover key not just message
general approaches:
 cryptanalytic attack
 brute-force attack
2.2 Cryptanalytic Attacks
ciphertext only
only know algorithm & ciphertext, is statistical, know or
can identify plaintext
known plaintext
know/suspect plaintext & ciphertext
chosen plaintext
select plaintext and obtain ciphertext
chosen ciphertext
select ciphertext and obtain plaintext
chosen text
select plaintext or ciphertext to en/decrypt
Brute Force Search
always possible to simply try every key
most basic attack, proportional to key size
assume either know / recognise plaintext
2.3 Classical Substitution Ciphers
where letters of plaintext are replaced by other letters
or by numbers or symbols
or if plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit patterns
with ciphertext bit patterns
2.3.1Caesar Cipher
 earliest known substitution cipher by Julius Caesar
 first attested use in military affairs
 replaces each letter by 3rd letter on
 example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
Caesar Cipher
can define transformation as:
abcdefghijklmnopqrstuvwxyz
DEFGHIJKLMNOPQRSTUVWXYZABC
mathematically give each letter a number
abcdefghij k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

then have Caesar cipher as:

c = E(p) = (p + k) mod (26)
p = D(c) = (c – k) mod (26)
2.3.2 Monoalphabetic Cipher
rather than just shifting the alphabet
could shuffle (jumble) the letters arbitrarily
each plaintext letter maps to a different
random ciphertext letter
hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaint: ifwewishtoreplaceletters
Cipher : WIRFRWAJUHYFTSDVFSFUUFYA
2.3.3 Playfair Cipher
not even the large number of keys in a monoalphabetic
cipher provides security
 one approach to improving security was to encrypt multiple letters
 the Playfair Cipher is an example
 invented by Charles Wheatstone in 1854, but named after his
friend Baron Playfair

Playfair Key Matrix

 a 5X5 matrix of letters based on a keyword
 fill in letters of keyword (sans duplicates)
 fill rest of matrix with other letters
 eg. using the keyword MONARCHY
Encrypting and Decrypting
 plaintext is encrypted two letters at a time
1. if a pair is a repeated letter, insert filler like 'X’
2. if both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end)
3. if both letters fall in the same column, replace
each with the letter below it (again wrapping to
top from bottom)
4. otherwise each letter is replaced by the letter in
the same row and in the column of the other letter
of the pair
2.3.4 Polyalphabetic Ciphers
polyalphabetic substitution ciphers
improve security using multiple cipher
alphabets
make cryptanalysis harder with more
alphabets to guess and flatter frequency
distribution
use a key to select which alphabet is used
for each letter of the message
use each alphabet in turn
repeat from start after end of key is reached
2.3.5 Transposition Ciphers
now consider classical transposition or
permutation ciphers
these hide the message by rearranging the
letter order
without altering the actual letters used
can recognise these since have the same
frequency distribution as the original text
2.3.6 Steganography
an alternative to encryption
hides existence of message
using only a subset of letters/words in a longer
message marked in some way
using invisible ink
hiding in LSB in graphic image or sound file
has drawbacks
high overhead to hide relatively few info bits
2.4 Block Cipher Principles
most symmetric block ciphers are based on a
Feistel Cipher Structure
needed since must be able to decrypt
ciphertext to recover messages efficiently
block ciphers look like an extremely large
substitution
would need table of 264 entries for a 64-bit
block
instead create from smaller building blocks
using idea of a product cipher
Ideal Block Cipher
Block vs Stream Ciphers
block ciphers process messages in blocks, each of which
is then en/decrypted
like a substitution on very big characters
 64-bits or more
stream ciphers process messages a bit or byte at a time
when en/decrypting
many current ciphers are block ciphers
broader range of applications
2.5 Feistel Cipher Structure
Horst Feistel devised the feistel cipher
based on concept of invertible product cipher
partitions input block into two halves
process through multiple rounds which
perform a substitution on left data half
based on round function of right half & subkey
then have permutation swapping halves
implements Shannon’s S-P net concept
Feistel Cipher Structure
3. Conventional Encryption Algorithms

3. 1 Data Encryption Standard (DES)

Most widely used block cipher in world

adopted in 1977 by NBS (now NIST)
as FIPS PUB 46
Plain text size– 64 bit
Cipher text size – 64 bit
Key size – 64 bit [ 56 bit]
No.of rounds – 16
Round key size – 48-bit
has widespread use
DES: Data Encryption Standard
Initial Permutation IP
first step of the data computation
IP reorders the input data bits
even bits to LH half, odd bits to RH half
quite regular in structure (easy in h/w)
 DES Round Structure
uses two 32-bit L & R halves
as for any Feistel cipher can describe as:
Li = Ri–1
Ri = Li–1  F(Ri–1, Ki)
Li-1 Ri-1
F takes 32-bit R half and 48-bit subkey:
 expands R to 48-bits using perm E
 adds to subkey using XOR
 passes through 8 S-boxes to get 32-bit result
 finally permutes using 32-bit perm P
 f

Li Ri
Substitution Boxes [S-Box]
have eight S-boxes which map 6 to 4 bits
each S-box is actually 4 little 4 bit boxes
 outer bits 1 & 6 (row bits) select one row of 4
 inner bits 2-5 (col bits) are substituted
 result is 8 lots of 4 bits, or 32 bits
row selection depends on both data & key
 feature known as autoclaving (autokeying)

Strength of DES – Key Size

 56-bit keys have 256 = 7.2 x 1016 values
 brute force search looks hard
 recent advances have shown is possible
◦ in 1997 on Internet in a few months
◦ in 1998 on dedicated h/w (EFF) in a few days
◦ in 1999 above combined in 22hrs!
 still must be able to recognize plaintext
 must now consider alternatives to DES
3.2 Advanced Encryption Standard (AES)
clear a replacement for DES was needed
have theoretical attacks that can break it
have demonstrated exhaustive key search attacks
can use Triple-DES – but slow, has small blocks
US NIST issued call for ciphers in 1997
15 candidates accepted in Jun 98
5 were shortlisted in Aug-99
Rijndael was selected as the AES in Oct-2000
issued as FIPS PUB 197 standard in Nov-2001
The AES Cipher
designed by Rijmen-Daemen in Belgium
has 128/192/256 bit keys, 128 bit data with 10/12/14
rounds
an iterative rather than feistel cipher
processes data as block of 4 columns of 4 bytes
operates on entire data block in every round

designed to be:
resistant against known attacks
speed and code compactness on many CPUs
design simplicity
 data block of 4 columns of 4 bytes is state
 key is expanded to array of words
 has 9/11/13 rounds in which state undergoes:
 byte substitution (1 S-box used on every byte)
 shift rows (permute bytes between groups/columns)
 mix columns (subs using matrix multipy of groups)
 add round key (XOR state with key material)
 view as alternating XOR key & scramble data bytes
 initial XOR key material & incomplete last round
 with fast XOR & table lookup implementation
AES
Block size=128 bit(4words/16 bytes)
No.of rounds=10
Key size=128(4words/16 bytes)
No.of subkeys=44
Each subkey size=32bit/1word/16bytes
Each round=use 4 subkeys(128bit/4words/16/bytes)
Before starting
 pre round calculation-4subkeys used
Ciphertext=128 bit(4words/16 bytes)
Byte Substitution
a simple substitution of each byte
uses one table of 16x16 bytes containing a
permutation of all 256 8-bit values
each byte of state is replaced by byte indexed
by row (left 4-bits) & column (right 4-bits)
eg. byte {95} is replaced by byte in row 9 column 5
which has value {2A}
S-box constructed using defined
transformation of values in GF(28)
designed to be resistant to all known attacks
Shift Rows
 a circular byte shift in each each
 1st row is unchanged
 2nd row does 1 byte circular shift to left
 3rd row does 2 byte circular shift to left
 4th row does 3 byte circular shift to left
 decrypt inverts using shifts to right
 since state is processed by columns, this step permutes bytes
between the columns
Mix Columns
each column is processed separately
each byte is replaced by a value dependent on
all 4 bytes in the column
effectively a matrix multiplication in GF(28)
using prime poly m(x) =x8+x4+x3+x+1
Add Round Key
AES Round
AES Key Expansion
 takes 128-bit (16-byte) key and expands into array of 44/52/60
32-bit words
 start by copying key into first 4 words
 then loop creating words that depend on values in previous & 4
places back
 in 3 of 4 cases just XOR these together
 1st word in 4 has rotate + S-box + XOR round constant on previous,
before XOR 4th back
AES Decryption
AES decryption is not identical to encryption since
steps done in reverse
but can define an equivalent inverse cipher with steps
as for encryption
but using inverses of each step
with a different key schedule
works since result is unchanged when
swap byte substitution & shift rows
swap mix columns & add (tweaked) round key
AES Decryption
3.3 Multiple Encryption & DES
clearly a replacement for DES was needed
 theoretical attacks that can break it
 demonstrated exhaustive key search attacks
AES is a new cipher alternative
prior to this alternative was to use multiple encryption
with DES implementations
Triple-DES is the chosen form
Double-DES?
could use Double DES for encryption
C = EK2(EK1(P))
issue of reduction to single stage
and have “meet-in-the-middle” attack
works whenever use a cipher twice
since X = EK1(P) = DK2(C)
attack by encrypting P with all keys and store
then decrypt C with keys and match X value
can show takes O(256) steps
3.3.1 Triple-DES
Due to the drawback of Double DES 3
encryptions are used
would seem to need 3 distinct keys
But can use 2 keys with E-D-E sequence
C = E (D (E (P)))
K1 K2 K1
encrypt & decrypt equivalent in security
if K1=K2 then can work with single DES
standardized in ANSI X9.17 & ISO8732
no current known practical attacks
Triple-DES with Three-Keys
although are no practical attacks on two-key
Triple-DES have some indications
can use Triple-DES with Three-Keys to avoid
even these
C = EK3(DK2(EK1(P)))
has been adopted by some Internet applications,
eg PGP, S/MIME
4. Modes of Operation
Block ciphers encrypt fixed size blocks
eg. DES encrypts 64-bit blocks with 56-bit key
need some way to encrypt/decrypt arbitrary amounts of
data in practise
ANSI X3.106-1983 Modes of Use (now FIPS 81) defines
different modes
4.1 Cipher Block Chaining (CBC)

message is broken into blocks

linked together in encryption operation
each previous cipher blocks is chained with current
plaintext block, hence name
use Initial Vector (IV) to start process
Ci = DESK1(Pi XOR Ci-1)
C-1 = IV
uses: bulk data encryption, authentication
Advantages and Limitations of CBC
A ciphertext block depends on all blocks before
it
any change to a block affects all following
ciphertext blocks
need Initialization Vector (IV)
which must be known to sender & receiver
if sent in clear, attacker can change bits of first block,
and change IV to compensate
hence IV must either be a fixed value (as in EFTPOS)
or must be sent encrypted in ECB mode before rest of
message
4.2 Cipher FeedBack (CFB)
message is treated as a stream of bits
added to the output of the block cipher
result is feed back for next stage (hence name)
standard allows any number of bit (1,8, 64 or 128
etc) to be feed back
denoted CFB-1, CFB-8, CFB-64, CFB-128 etc
most efficient to use all bits in block (64 or 128)
Ci = Pi XOR DESK1(Ci-1)
C-1 = IV
uses: stream data encryption, authentication
Cipher Feedback (CFB)
 Advantages and Limitations of CFB

appropriate when data arrives in bits/bytes

most common stream mode
limitation is need to stall while do block encryption
after every n-bits
note that the block cipher is used in encryption
mode at both ends
errors propogate for several blocks after the error
5. Stream Ciphers
process message bit by bit (as a stream)
have a pseudo random keystream
combined (XOR) with plaintext bit by bit
randomness of stream key completely destroys
statistically properties in message
C = Mi XOR Stream Keyi
i
but must never reuse stream key
otherwise can recover messages (cf book cipher)
Stream Cipher Structure
Stream Cipher Properties
some design considerations are:
long period with no repetitions
statistically random
depends on large enough key
large linear complexity
properly designed, can be as secure as a block
cipher with same size key
but usually simpler & faster
6. RC4
a proprietary cipher owned by RSA DSI
another Ron Rivest design, simple but
effective
variable key size, byte-oriented stream cipher
widely used (web SSL/TLS, wireless WEP)
key forms random permutation of all 8-bit
values
uses that permutation to scramble input info
processed a byte at a time
RC4 Key Schedule
starts with an array S of numbers: 0..255
use key to well and truly shuffle
S forms internal state of the cipher

for i = 0 to 255 do
S[i] = i
T[i] = K[i mod keylen])
j = 0
for i = 0 to 255 do
j = (j + S[i] + T[i]) (mod 256)
swap (S[i], S[j])
RC4 Encryption
encryption continues shuffling array values
sum of shuffled pair selects "stream key"
value from permutation
XOR S[t] with next byte of message to
en/decrypt
i = j = 0
for each message byte Mi
i = (i + 1) (mod 256)
j = (j + S[i]) (mod 256)
swap(S[i], S[j])
t = (S[i] + S[j]) (mod 256)
Ci = Mi XOR S[t]
RC4 Overview
RC4 Security
claimed secure against known attacks
have some analyses, none practical
result is very non-linear
since RC4 is a stream cipher, must never reuse a key
have a concern with WEP, but due to key handling
rather than RC4 itself
 7. Placement of Encryption

have two major placement alternatives

link encryption
encryption occurs independently on every link
implies must decrypt traffic between links
requires many devices, but paired keys
end-to-end encryption
encryption occurs between original source and final
destination
need devices at each end with shared keys
Placement of Encryption
 Placement of Encryption

when using end-to-end encryption must leave headers

in clear
so network can correctly route information
hence although contents protected, traffic pattern
flows are not
ideally want both at once
end-to-end protects data contents over entire path and
provides authentication
link protects traffic flows from monitoring
 Placement of Encryption

can place encryption function at various layers in OSI

Reference Model
link encryption occurs at layers 1 or 2
end-to-end can occur at layers 3, 4, 6, 7
as move higher less information is encrypted but it is
more secure though more complex with more entities
and keys
Encryption vs Protocol Level
Traffic Analysis
is monitoring of communications flows between
parties
useful both in military & commercial spheres
can also be used to create a covert channel
link encryption obscures header details
but overall traffic volumes in networks and at end-points
is still visible
traffic padding can further obscure flows
but at cost of continuous traffic
 8. Key Distribution

symmetric schemes require both parties to share a

common secret key
issue is how to securely distribute this key
often secure system failure due to a break in the key
distribution scheme
Key Distribution
Given parties A and B have various key
distribution alternatives:
1. A can select key and physically deliver to B
2. third party can select & deliver key to A & B
3. if A & B have communicated previously can use
previous key to encrypt a new key
4. if A & B have secure communications with a
third party C, C can relay key between A & B
 Key Hierarchy

typically have a hierarchy of keys

session key
temporary key
used for encryption of data between users
for one logical session then discarded
master key
used to encrypt session keys
shared by user & key distribution center
Key Distribution Scenario