IT2352 CRYPTOGRAPHY &

NETWORK SECURITY
UNIT I
OUTLINE
Security Attacks & Services.
Basic Number Theory.
Classical Cryptosystems.

1. Security Attacks &

Services
Security Attack: Any action that compromises the
security of information.
Security Mechanism: A mechanism that is designed to
detect, prevent, or recover from a security attack.
Security Service: A service that enhances the security of
data processing systems and information transfers. A
security service makes use of one or more security
mechanisms.

Security Attacks

Security Attacks
Interruption: This is an attack on
availability.
Interception: This is an attack on
confidentiality.
Modification: This is an attack on
integrity.
Fabrication: This is an attack on
authenticity.

Security Services
Confidentiality {privacy}
Authentication {who created or sent the data}
Integrity {Content has not been altered}
Non-repudiation {the order is final}
Access control {prevent misuse of resources}
Availability {permanence, non-erasure}
Denial of Service(DoS) Attacks.
Viruses that deletes files.

Cryptography
Classified along three independent dimensions:
The type of operations used for transforming
plaintext to ciphertext
The number of keys used
symmetric (single key)
asymmetric (two-keys, or public-key encryption)

The way in which the plaintext is processed

Conventional Encryption Principles

An encryption scheme has FIVE ingredients:

Plaintext
Encryption algorithm
Secret Key
Ciphertext
Decryption algorithm

Security depends on the secrecy of the key, not

the secrecy of the algorithm.

General idea of a cryptosystem

If P is the plaintext, C is the ciphertext, and K is the

key,

Possible Attacks

Possible attacks are classified into 4 categories and they're

as follows:

 Ciphertext only: Eve has only a copy of the ciphertext.

Known plaintext: Eve has a copy of a ciphertext and
the corresponding plaintext. For example, suppose Eve
intercepts an encrypted press release, then sees the
decrypted release the next day. If she can deduce the
decryption key, and if Alice doesnt change the key, Eve
can read all future messages. Or, if Alice always starts
her messages with Dear Bob, then Eve has a small
piece of ciphertext and corresponding plaintext. For
many weak cryptosystems, this suffices to find the key.

 Chosen plaintext: Eve gains temporary access to the

encryption machine. She cannot open it to find the key;
however, she can encrypt a large number of suitably
chosen plaintexts and try to use the resulting
ciphertexts to deduce the key.
Chosen ciphertext: Eve obtains temporary access to
the decryption machine, uses it to 'decrypt1 several
strings of symbols, and tries to use the results to
deduce the key.

Attacks
Attacks can be also classified as:
1.Passive Attacks
Passive attacks are in the nature of eavesdropping
on,ormonitoring of,transmissions.The goal of the
opponent is to obtain information that is being
transmitted.
2.Active Attacks
Active attacks involve some modification of the data
stream or the creation of a false stream.

Passive Attacks
Passive attacks are of TWO types:
- Release of Message Contents.
- Traffic Analysis.

Release of Message Contents

An form of attack where the contents of a
message/data being transmitted is read.

Traffic Analysis
A subtler form of attack whereby the pattern of
messaging is observed even if the message content
cannot be understood.

Passive attacks are very difficult to detect,

because they do not involve any alteration of
the data.Typically,the message traffic is sent
and received in an apparently normal
fashion,and neither the sender nor receiver is
aware that a third party has read the messages
or observed the traffic pattern.
However,it is feasible to prevent the success of
these attacks,usually by means of encryption.
Thus,the emphasis in dealing with passive
attacks is on prevention rather than detection.

Active Attacks
Active attacks are of FOUR types:
-Masquerade.
-Replay.
-Modification of Messages.
-Denial of Service{DoS}.

Masquerade
A masquerade takes place when one entity pretends to
be a different entity/another entity.

Replay
Replay involves the passive capture of a data unit and
its subsequent retransmission to produce an
unauthorized effect.

Modification of Messages
Modification of messages simply means that some
portion of a legitimate message is altered,or that
messages are delayed or reordered,to produce an
unauthorized effect.

Denial of Service{DoS}
The denial of service prevents or inhibits the normal
use or management of communications facilities.

Active attacks present the opposite characteristics of

passive attacks.Whereas passive attacks are difficult to
detect,measures are available to prevent their success.
On the other hand,it is quite difficult to prevent active
attacks absolutely because of the wide variety of
potential physical,software,and network
vulnerabilities.Instead, the goal is to detect active
attacks and to recover from any disruption or delays
caused by them.If the detection has a deterrent
effect,it may also contribute to prevention.

Kerckhoffs Principle
Based on Kerckhoffs principle, one should always
assume that the adversary, Eve, knows the
encryption/decryption algorithm. The resistance of
the cipher to attack must be based only on the
secrecy of the key.

 Unconditional security
No matter how much computer power or
time is available, the cipher cannot be
broken since the ciphertext provides
insufficient information to uniquely
determine the corresponding plaintext.

Computational security
Given limited computing resources (eg time
needed for calculations is greater than age of
universe), the cipher cannot be broken.

Effect of Key Length on Attacks

The security of cryptographic algorithms is a difficult
property to measure. Most algorithms employ keys, and
the security of the algorithm is related to how difficult
it is for an adversary to determine the key. The most
obvious approach is to try every possible key and see
which ones yield meaningful decryptions. Such an
attack is called a brute force attack.In a brute force
attack, the length of the key is directly related to how
long it will take to search the entire keyspace.
For example, if a key is 16 bits long, then there are
216=65536 keys.

Brute Force Search

always possible to simply try every key.
most basic attack, proportional to key size.
assume either know / recognise plaintext.
KeySize(bits)

NumberofAlternative
Keys

Timerequiredat1
decryption/s

Timerequiredat106
decryptions/s

32

232=4.3109

231s

=35.8minutes

2.15milliseconds

56

256=7.21016

255s

=1142years

10.01hours

128

2128=3.41038

2127s

=5.41024years

5.41018years

168

2168=3.71050

2167s

=5.91036years

5.91030years

26!=41026

21026s =6.41012years

6.4106years

26characters
(permutation)