CYBER SECURITY AND CYBER LAWS

Code: 8FC08
Course Objectives:
• To learn fundamentals of cryptography and its application to network security.
• To understand network security threats, security services, and countermeasures.
• To learn computer security, Internet, E-commerce and E-governance with reference to Free
• Market Economy
• To learn International Efforts relating to Cyberspace laws and Cyber crimes
• To learn Law relating to electronic records and intellectual property rights in India
• To understand ethical laws of computer for different countries.
• To learn Penalties, Compensation and Offences under the Cyberspace and Internet in India
• To learn Miscellaneous provisions of IT Act and Conclusions
•
Course Outcomes:
• At the end of this course the student will be able to
• Familiarize the cryptographic procedures and Understand its primitives
• Outline Security policy in Legislation and Comprehend E-Commerce frame work, modelsand its
associated threats
• Justify the role of electronic signatures in E-Commerce and summarize the various laws relating to
it.
• Categorize international cyber laws and cybercrimes.
• Explore Penalties, Compensation and Adjunction of violations of provisions of IT Act 2000
• Classify and Outline theoffences under the Cyberspace law and the Internet in India
UNIT-I
Introduction to cyber Security, cryptography, Types of Attacks, Secrete Key Cryptography
Introduction: Cyber-attacks, Defense Strategies and Techniques ,Mathematical background for
Cryptography: Modulo arithmetic, The greatest common divisor, Useful Algebraic Structures, Chinese
Remainder Theorem. Basics of Cryptography: Secret versus Public key Cryptography, Types of attacks,
Elementary substitution Ciphers, Elementary Transposition Ciphers, Other Cipher Properties Secrete Key
Cryptography: Product Ciphers, DES Construction, Modes of Operation, MAC and other Applications,
Attacks, Linear Crypt analysis.

UNIT-II
Introduction to Computer Security, Internet, E-commerce and E-governance with reference to Free
Market Economy
Definition, Threats to security, Government requirements, Information Protection and Access Controls,
Computer security efforts, Standards, Computer Security mandates and legislation, Privacy considerations,
International security activity, Conceptual Framework of E-commerce: governance, the role of Electronic
Signatures in E-commerce with Reference to Free Market Economy in India.

UNIT-III
Law relating to electronic records and intellectual property rights in India
Legal aspects of Electronic records / Digital signatures, Cyber laws, the roles and regulations of Certifying
Authorities in India, Protection of Intellectual Property Rights in Cyberspace in India.
UNIT-IV
International Efforts relating to Cyberspace laws and Cyber crimes
International efforts related to Cyber laws, Council of Europe (COE) convention on Cyber Crimes.

UNIT-V
Penalties, Compensation
Penalties, Compensation and Adjunction of violations of provisions of IT Act 2000 and judicial
review.

UNIT-VI
Offences under the Cyberspace, Internet in India and Miscellaneous provisions of IT Act and
Conclusions
Some important offences under the Cyberspace law and the Internet in India, Other offences under
the Information Technology Act in India, The role of Electronic Evidence and miscellaneous
provisions of the IT Act.

TEXT BOOK:
1. Network security and Cryptography by Bernard Menezes CENGAGE Learning Publications,
2010.
2. Cyber Laws and IT Protection, Harish Chander, PHI, 2012
Introduction to cyber Security, cryptography, Types of Attacks, Secrete Key Cryptography

Cyber Security Introduction - Cyber Security Basics:

Cyber security is the most concerned matter as cyber threats and attacks are
overgrowing. Attackers are now using more sophisticated techniques to target the
systems. Individuals, small-scale businesses or large organization, are all being
impacted. So, all these firms whether IT or non-IT firms have understood the
importance of Cyber Security and focusing on adopting all possible measures to
deal with cyber threats.
What is cyber security?
"Cyber security is primarily about people, processes, and technologies working
together to encompass the full range of threat reduction, vulnerability reduction,
deterrence, international engagement, incident response, resiliency, and recovery
policies and activities, including computer network operations, information
assurance, law enforcement, etc."
(OR)
Cyber security is the body of technologies, processes, and practices designed to
protect networks, computers, programs and data from attack, damage or unauthorized
access.
The term cyber security refers to techniques and practices designed to protect digital
data.
The data that is stored, transmitted or used on an information system.
(OR)
Cyber security is the protection of Internet-connected systems, including hardware,
software, and data from cyber attacks. It is made up of two words one is cyber and
other is security.
Cyber is related to the technology which contains systems, network and programs or
data.
Whereas
security related to the protection which includes systems security, network security
and application and information security
 Why is cyber security important?

• Cyber attacks can be extremely expensive for businesses to endure.

• In addition to financial damage suffered by the business, a data breach can also
inflict untold reputational damage.
• Cyber-attacks these days are becoming progressively destructive. Cybercriminals
are using more sophisticated ways to initiate cyber attacks.
Because of the above reasons, cyber security has become an important part of the
business and the focus now is on developing appropriate response plans that
minimize the damage in the event of a cyber attack.
But, an organization or an individual can develop a proper response plan only when
he has a good grip on cyber security fundamentals.
 Cyber security Fundamentals
• Confidentiality: Preventing the disclosure of data to unauthorized parties.
Standard measures to establish confidentiality include:
Data encryption
Two-factor authentication
Biometric verification
Security tokens
• Integrity : protecting information from being modified by unauthorized
parties.
Standard measures to guarantee integrity include:
Cryptographic checksums
Using file permissions
Uninterrupted power supplies
Data backups
• Availability is making sure that authorized parties are able to access the
information when needed.
Standard measures to guarantee availability include:
Backing up data to external drives
Implementing firewalls
Having backup power supplies
Data redundancy
 1.1 Cyber-attacks
1.Motives
2.Common attacks
3.Vulnerabilities

1.Motives (reasons for doing some thing)

Theft of sensitive information
Disruption of service
Illegal access to or use of resources
2.Common attacks
Phishing
The goal is to steal sensitive data(skimming) like credit card and login information,
or to install malware on the victim’s machine.
Eaves dropping /Snooping
An eavesdropping attack, also known as a sniffing or snooping attack, is a theft of
information as it is transmitted over a network by a computer, smartphone or
another connected device.
Pharming
The attacker steals data using malware background processes or automatically sends a
user to a phishing website in their browser(online banking)
• Denial of Service It is an attack which meant to make a server or network resource
unavailable to the users. It accomplishes this by flooding the target with traffic or
sending it information that triggers a crash. It uses the single system and single
internet connection to attack a server.
System-based attacks
1. Virus It is a type of malicious software program that spread throughout the
computer files without the knowledge of a user. It is a self-replicating malicious
computer program that replicates by inserting copies of itself into other computer
programs when executed. It can also execute instructions that cause harm to the
system.
2. Worm It is a type of malware whose primary function is to replicate itself to spread
to uninfected computers. It works same as the computer virus. Worms often
originate from email attachments that appear to be from trusted senders.
3. Trojan horse It is a malicious program that occurs unexpected changes to computer
setting and unusual activity, even when the computer should be idle. It misleads the
user of its true intent. It appears to be a normal application but when
opened/executed some malicious code will run in the background.
3.Vulnerabilities
Vulnerabilities are the gaps or weaknesses in a system that make threats
possible and tempt threat actors to exploit them.
(i)Human Vulnerabilities
e.g., phishing attack by email or cross site scripting attack
(ii)Protocol Vulnerabilities
e.g., Pharming attack or hijacking attacks by protocols ARP,TCP,IP
(iii)Software Vulnerabilities
e.g., worm because of overflow of program, cross site scripting where user
enters sentence instead of string , SQL injection vulnerability to steal personal
credentials.
(iv)Configuration Vulnerabilities(first step in designing attacks)
e.g., privilege escalation attacks where permissions are asked while
installing, misconfiguration of software services.
Exploit tells about specific vulnerability
Plugging is beyond vulnerability so that it will never be exploited.
 1.2 Defense Strategies and Techniques
Access Control—Authentication and Authorization
Data Protection
Prevention and Detection
Response, Recovery, and Forensics
Access Control—Authentication and Authorization
• The first defense strategy to prevent intrusions is access control.
• This implies the existence of a trusted third party that mediates access to a
protected system.
• The first step in access control is to permit or deny entry into the system
• One form of authentication is the humble password.
• Example: The principal first enters his/her login name. By prompting him/her to
enter his/her password, the system implicitly challenges the principal to prove
his/her identity.
Data Protection
• The data in transit or in storage needs to be protected.
• It implies data confidentiality – the data should not be readable by an intruder.
• Another dimension of data protection is the preservation of data integrity.
• This implies that the data while transmitting should not be tampered with or
modified
• Cryptographic techniques are among the best known ways to protect both, the
confidentiality and integrity of data.
Prevention and Detection
• Access control and message encryption are preventive strategies.
• Authentication keeps intruders out, while authorization limits what can be done by
those who have been allowed in.
• Blackbox testing is employed when the source code of a program is not available.
• For greater assurance of secure software, whitebox testing should be employed.
Response, Recovery, and Forensics
• Once an attack or infection has been detected, response measures should be
taken.
• Cyber forensics is an emerging discipline with a set of tools that help trace back
the perpetrators of cybercrime.
 1.3 Mathematical background for Cryptography
1.3.1 Modulo arithmetic

d = n*q + r
d integer
n +ve integer
q quotient
r remainder
 1.3.2 The greatest common divisor

The greatest common divisor (GCD) of two or more integers, which are not all zero,
Is the largest positive integer that divides each of the integers.
For two integers x, y, the greatest common divisor of x and y is denoted gcd(x,y).
For example, the GCD of 8 and 12 is 4, that is, gcd(8,12)=4.
Euclids Algorithm: Used to find gcd of 2 integers
Step 1. Divide the larger number by the smaller one:
161 = 112 * 1 + 49
Step 2. Divide the smaller number by the above operation's remainder:
112 =49 * 2 + 14
Step 3. Divide the remainder of the step 1 by the remainder of the step 2:
49 =14 * 3 + 7
Step 4. Divide the remainder of the step 2 by the remainder of the step 3:
14 = 7* 2 + 0
At this step, the remainder is zero, so we stop
7 is the number we were looking for - the last non-zero remainder.
This is the greatest (highest) common factor (divisor).
 1.3.3 Useful Algebraic Structures

• Algebraic structure consists of a set together with one or more binary operations,
which are required to satisfy certain axioms.
Groups
A group is an algebraic structure with a single operation, as defined above.
Groups are closely associated with the idea of symmetry, and most
Groups that arise in mathematics are groups of symmetry transformations,
with the operation being composition of functions
Rings
A ring is a more general algebraic structure with addition and multiplication.
Unlike a field, a ring is not required to have multiplicative inverses, and the
multiplication is not required to be commutative.
Fields
A field is an algebraic structure with addition and multiplication, which obey all of the
usual rules of elementary algebra. Examples of fields include the rational numbers Q,
the real numbers R, and the complex numbers C.
 1.3.4 Chinese Remainder Theorem
• The Chinese remainder theorem is a theorem of number theory, which states that, if
one knows the remainders of the division of an integer n by several integers, then
one can determine uniquely the remainder of the division of n by the product of
these integers, under the condition that the divisors are pair wise co prime.
 1.4 Basics of Cryptography

• Cryptography is the science of using mathematics to encrypt and decrypt data.

• Cryptography is the art and science of keeping messages secure.
• The art and science of concealing the messages to introduce secrecy in information
security is recognized as cryptography
• A message is plaintext (sometimes called cleartext). The process of disguising a
message in such a way as to hide its substance is encryption. An encrypted message
is cipher text. The process of turning ciphertext back into plaintext is decryption.
 1.4.1 Secret versus Public key Cryptography

1.4.1 Secret versus Public key Cryptography

• Secret key cryptography
DES,AES,BLOWFISH,RC4
• Public key cryptography
RSA,ECC

1.4.2 Types of Attacks

Brute force attack
Cipher text-only attack
Chosen plaintext attack
Chosen cipher text attack
Known plaintext attack
Key and algorithm attack
1.4.3 Elementary substitution Cipher
A substitution cipher is one in which each symbol of the plaintext is exchanged
for another symbol.
1.4.3.1 Monoalphabetic ciphers
A Monoalphabetic substitution cipher, also known as a simple substitution
cipher, relies on a fixed replacement structure. That is, the substitution is
fixed for each letter of the alphabet.
Plain text: WHAT IS THE POPULATION
Cipher text: ZKDW LV WKH SRSXODWLRQ
1.4.3.2 Polyalphabetic ciphers
A poly-alphabetic cipher is any cipher based on substitution,
using several substitution alphabets.
The vigenere cipher
The hill cipher
 1.4.4 Elementary Transposition Ciphers

• Transposition Cipher is a cryptographic algorithm where the order of alphabets in

the plaintext is rearranged to form a cipher text. In this process, the actual plain text
alphabets are not included.
1.4.5 Other Cipher Properties
1.4.5.1 Confusion and Diffusion
Confusion is a cryptographic technique that is used to create faint ciphertexts.
Diffusion is used to create cryptic plain texts.
1.4.5.2 Block cipher and Stream cipher
A block cipher is a symmetric cryptographic technique which we used to encrypt a
fixed-size data block using a shared, secret key. During encryption, we
used plaintext and ciphertext is the resultant encrypted text. It uses the same key to
encrypt both the plaintext, and the ciphertext.
Stream cipher
A stream cipher uses time-varying changes on plaintext data to encrypt a continuous
string of binary numbers. As a result, this method of encryption works bit-by-bit,
Utilizing key streams to generate cipher text for arbitrary lengths of plain text

messages .
 1.4.6 Secret Key Cryptography
1.4.6.1 Product Ciphers
Product cipher, data encryption scheme in which the cipher text produced by
encrypting a plaintext document is subjected to further encryption.

Fig: Three round spn network

1.4.6.2 DES Construction
The Data Encryption Standard (DES) is a symmetric-key block cipher published
by the National Institute of Standards and Technology (NIST).
Fiestel Structure
DES is an implementation of a Feistel Cipher. It uses 16 round Feistel
structure. The block size is 64-bit. Though, key length is 64-bit, DES has an
effective key length of 56 bits, since 8 of the 64 bits of the key are not used by
the encryption algorithm (function as check bits only).

Since DES is based on the Feistel Cipher, all that is required to specify DES is −
• Round function
• Key schedule
• Any additional processing − Initial and final permutation
1.4.6.3 Modes of Operation
Modes of operation of a block cipher are procedural rules for a generic block
cipher. The different modes of operation result in different properties being
achieved which add to the security of the underlying block cipher in the
cryptography.
Types of mode of operations
• There are 5 types of mode of operation,
• Electronic Codebook (ECB).
• Cipher Block Chaining (CBC).
• Cipher feedback (CFB).
• Output Feedback (OFB).
• Counter Mode (CTR).
ECB CBC
• CFB CTR
1.4.6.4 MAC and other Applications
MAC algorithm is a symmetric key cryptographic technique to provide
message authentication. For establishing MAC process, the sender and
receiver share a symmetric key K.
Entity authentication
Message authentication
1.4.6.5 Attacks
One attack on DES is known as plaintext attack.
Plain text-----------Cipher text(use of same key)
e.g.,56 bit DES-2^56 possible keys are applied.
Differential cryptanalysis
Linear cryptanalysis.
1.4.6.6 Differential cryptanalysis

• Differential cryptanalysis is a type of attack that targets the weaknesses in certain types of
cryptographic algorithms. It is considered to be a powerful and effective method of
cryptanalysis, particularly against symmetric block ciphers.
• In differential cryptanalysis, the attacker compares the differences between pairs of plaintexts
and the corresponding ciphertexts. By analyzing these differences, patterns and relationships
can be identified, which can then be used to deduce information about the secret key used in
the encryption.

1.4.6.7 Linear cryptanalysis

Linear cryptanalysis is a known plaintext attack in which the attacker studies
probabilistic linear relations (called linear approximations) between parity bits of the
plaintext, the cipher text, and the secret key.
Step1: Identifying linear relationships
Step2: Using known plain text – cipher text pairs