Revision on

Data Security

- Security is the quality of being secure from danger

Security Layers:
1.Physical - protects physical items and misuse
2.Personnel - protects individual or a group
3.Operations - protect details of an operation
4.Communications - protect communication media
5.Network - protect networking components
6.Information - protect confidentiality

Information security is achieved via policy, awareness

Information Security
Goals:
1.Confidentiality
a.Protection from unauthorized access
b.Protect data in transit
2.Integrity
a.Detection of alterations
3.Availability
a.Prevention of data loss
b.Reliable backups
Concepts:
1.Access
2.Asset
3.Attack
4.Control, Safeguard or Countermeasure
5.Exposure
a.When a vulnerability known to an attack is
present
6.Loss
7.Profile / Posture
a.Set of controls to protect the asset
8.Risk
a.Probability of unwanted will happen
9.Subjects and Objects
a.A computer can be either the subject of an
attack, an agent entity used to conduct the
attack, or the object of an attack, or the
target entity
10. Exploit
a.Compromise a system
11. Threat
a.Category of objects,persons that presents
danger
12. Threat Agent
a.Instance of a threat
13. Vulnerability
a.A weakness or fault in system that opens it to
attack
b.Examples:
i. Flaw in software package
 ii. Unprotected system port
iii. Unlocked Door

Active Attacks:
Alter system resources or affect operations
Involves some modification of data or creation of
false statements
Types:
1.Masquerade
2.Modification of messages
3.Repudiation
4.Replay
5.Denial of service

Masquerade:
- One entity pretends to be different entity
- Ex: Stolen passwords and logins

Modification of Messages
- Some portion of message is altered to produce
unauthorized effect
- Ex: Altering data packets , Fake data

Repudiation
- Occurs when network is not secured or login control
has been tampered with
- Ex: Saving false data in log files, manipulation of
data, spoofing email messages
Replay
- Passive capture of message and its subsequent
transmission to produce an authorized effect
- Ex: Save copy of data

Denial of Service
- Prevents normal use of communication facilities
- Ex: An entity may suppress all messages, disruption
of an entire network by disabling network or
overloading it to degrade performance

Passive Attacks:
Make use of information from system but does not
affect system
Types:
1.Release of message content
2.Traffic Analysis

Release of message content (Spy)

- Telephonic conversation , mail message

Security Threats:
1.Threat to Confidentiality
a.Snooping
b.Traffic Analysis
2.Threat to Integrity
a.Modification
b.Masquerading
c.Replaying
 d.Repudiation
3.Threat to availability
a.Denial of Service

Terminology:

PlainText - original message

CipherText - coded message

Enciphering/Encryption - Process of convert plain text

to ciphertext

Deciphering or decryption - Restoring plain text from

ciphertext

Cryptography - Study of encryption

Cryptographic system - Schemes used for encryption

Cryptanalysis - Techniques used for deciphering am

message

Cryptology - Areas of cryptography and cryptanalysis

Key - A word,number or phrase to encrypt the plaintext

Security Services:
1.Data Confidentiality
a.Protection from traffic analysis
b.Protection from disclosure attack

2.Data Integrity
a.Protect data from modification by adversary
b.Anti-Change
c.Anti Replay

3.Authentication
a.Peer Entity
b.Data Origin
4.Nonrepudiation
a.Sender of data can later prove that data were
delivered to intended recipient
b.Proof of origin/ delivery
5.Access Control
a.Protection from unauthorized access to data

Security Mechanisms:
1.Encipherment
2.Data Integrity
3.Digital Signature
4.Authentication Exchange
5.Traffic padding
a.Inserts some bogus data into data traffic
6.Routing Control
a.Selects changing different available routes
 7.Notarization
a.Select third trusted party to control
communication - to prevent repudiation
8.Access Control
a.Ex: Passwords and PINs

Roots of cryptography found in Roman and Egyptian

civilization

Traditional crypto techniques:

1.Hieroglyph (‫( )الهيروغليفي‬Egyptian)
2.Caesar Shift Cipher (Roman)
3.Steganography
4.Vigenere Coding
a.Moves letters in message with number of
variable
5.Enigma Rotor Machine

During World War 2 , cryptography and cryptanalysis

became excessively mathematical

Cryptanalysis:
- Design of new cryptographic techniques to test
their security strengths

Symmetric Encryption
there is only one key, and all communicating
parties use the same (secret) key for both
encryption and decryption.
Asymmetric Encryption:
There are two keys one key is used for encryption,
and a different key is used for decryption. The
decryption key is kept private ,while the encryption
key is shared publicly, for anyone to use (hence the
"public key" name).

In a group of n people, to enable two-party

communication between any two persons, the number of
keys

In a group of n people, to enable two-party

communication between any two persons, the number of
keys required for the group is n × (n – 1)/2.

Process of encryption-decryption is faster than

asymmetric key encryption

Restrictive challenges of employing symmetric key:

1.Key establishment
2.Trust Issue

Cryptographic Attacks:
1.Ciphertext Only Attack (COA)
a.Attacker has access to set of ciphertext and
plaintext can be determined from ciphertext

2.Known Plaintext Attack (KPA)

 a.Attacker knows plaintext for some parts of
ciphertext, decrypt rest ciphertext

3.Chosen Plaintext Attack (CPA)

a.Attacker has text of his choice encrypted

4.Dictionary Attack
a.Builds a dictionary of ciphertexts and
corresponding plaintexts

5.Brute Force Attack (BFA)

a.Tries to determine key by attempting all
possible keys, If the key is 8bits long, then
number of possible keys is 2^8 = 256

6.Birthday Attack
a.Used against hash function
b.If attack found two different inputs that give
same hash value , it’s a collision

7.Main in Middle Attack (MIM)

a.Targets of this attack are mostly public key
cryptosystems

8.Side Channel Attack (SCA)

a.Launched to exploit the weakness in physical of
cryptosystem

9.Timing Attacks
10. Power Analysis Attacks
 a.Obtaining power consumption to obtain
information
11. Fault Analysis Attacks
a.Errors are induced and attacker studies the
resulting output

Substitution Ciphers:
Each letter or group of letters is replaced by
another letter or group of letters
The plain alphabet rotated left or right by some
number of positions.

Transposition Cipher Technique:

Rearranges the position of the plain text’s
characters.

Substitution Cipher

1.Monoalphabetic
a.One where each symbol in plain text mapped to a
fixed symbol in cipher text
b.One to One

2.Polyalphabetic
a.Substitution cipher with multiple alphabets
b.One To Many
Monoalphabetic

1.Caesar Cipher
Caesar Cipher - YouTube

Caesar Cipher

2.Mono alphabetic substitution cipher

LECTURE-11| MONOALPHABETIC SUBSTITUTION CIPHER
3. Vignere Cipher
Vigenere Cipher 1
4.Playfair Cipher
Playfair Cipher Explained

Transposition Cipher
1.Keyless Transposition Cipher
Keyless cipher|Keyless transposition cipher|Rail
fence cipher|Rail fence cipher encryption and decry
2.Keyed Transposition Cipher
Keyed Cipher|Keyed transposition cipher|Keyed and
keyless transposition cipher|Network Security
 3.Columnar Transposition

Modern Cryptology
Symmetric Cryptography:
1.Stream Cipher
2.Block Cipher
Asymmetric

Stream Cipher:
Encryption and decryption are done one symbol at a
time
May be stream of predetermined values

Block Cipher:
A group of plaintext symbols of size m are
encrypted together creating a group of ciphertext of
same size

Data Encryption Standard (DES)

Data are encrypted in 64-bit blocks using 56 bit
key
Initial Permutation
Divides 64 bit block into two halves 32 bit
Rounds Processes (16-Rounds)
Final Permutation
Left halves are combines with right halves to
produce 64 bit of cipher text