Professional Documents
Culture Documents
NETWORK SECURITY
UNIT I
OUTLINE
Security Attacks & Services.
Basic Number Theory.
Classical Cryptosystems.
Security Attacks
Security Attacks
Interruption: This is an attack on
availability.
Interception: This is an attack on
confidentiality.
Modification: This is an attack on
integrity.
Fabrication: This is an attack on
authenticity.
Security Services
Confidentiality {privacy}
Authentication {who created or sent the data}
Integrity {Content has not been altered}
Non-repudiation {the order is final}
Access control {prevent misuse of resources}
Availability {permanence, non-erasure}
Denial of Service(DoS) Attacks.
Viruses that deletes files.
Cryptography
Classified along three independent dimensions:
The type of operations used for transforming
plaintext to ciphertext
The number of keys used
symmetric (single key)
asymmetric (two-keys, or public-key encryption)
Plaintext
Encryption algorithm
Secret Key
Ciphertext
Decryption algorithm
Possible Attacks
Attacks
Attacks can be also classified as:
1.Passive Attacks
Passive attacks are in the nature of eavesdropping
on,ormonitoring of,transmissions.The goal of the
opponent is to obtain information that is being
transmitted.
2.Active Attacks
Active attacks involve some modification of the data
stream or the creation of a false stream.
Passive Attacks
Passive attacks are of TWO types:
- Release of Message Contents.
- Traffic Analysis.
Traffic Analysis
A subtler form of attack whereby the pattern of
messaging is observed even if the message content
cannot be understood.
Active Attacks
Active attacks are of FOUR types:
-Masquerade.
-Replay.
-Modification of Messages.
-Denial of Service{DoS}.
Masquerade
A masquerade takes place when one entity pretends to
be a different entity/another entity.
Replay
Replay involves the passive capture of a data unit and
its subsequent retransmission to produce an
unauthorized effect.
Modification of Messages
Modification of messages simply means that some
portion of a legitimate message is altered,or that
messages are delayed or reordered,to produce an
unauthorized effect.
Denial of Service{DoS}
The denial of service prevents or inhibits the normal
use or management of communications facilities.
Kerckhoffs Principle
Based on Kerckhoffs principle, one should always
assume that the adversary, Eve, knows the
encryption/decryption algorithm. The resistance of
the cipher to attack must be based only on the
secrecy of the key.
Unconditional security
No matter how much computer power or
time is available, the cipher cannot be
broken since the ciphertext provides
insufficient information to uniquely
determine the corresponding plaintext.
Computational security
Given limited computing resources (eg time
needed for calculations is greater than age of
universe), the cipher cannot be broken.
NumberofAlternative
Keys
Timerequiredat1
decryption/s
Timerequiredat106
decryptions/s
32
232=4.3109
231s
=35.8minutes
2.15milliseconds
56
256=7.21016
255s
=1142years
10.01hours
128
2128=3.41038
2127s
=5.41024years
5.41018years
168
2168=3.71050
2167s
=5.91036years
5.91030years
26!=41026
21026s =6.41012years
6.4106years
26characters
(permutation)