The document introduces basic concepts and terminology of information security, focusing on the three primary security goals: confidentiality, integrity, and availability. It discusses various security attacks that threaten these goals, as well as services and mechanisms to counteract them, including cryptography and steganography as key techniques for information security. Additionally, it covers different types of cryptographic methods, encryption algorithms, and the principles of cryptanalysis to protect information integrity.

1. 1.1

2. 1.2
Chapter 1
Introduction

3. 1.3
❑ To define three security goals
❑ To define security attacks that threaten security
goals
❑ To define security services and how they are
related to the three security goals
❑ To define security mechanisms to provide security
services
❑ To introduce two techniques, cryptography and
steganography, to implement security mechanisms.
Objectives
Chapter 1

4. 1.4

5. 1.5

6. 1.6
Bogus: not genuine or true

7. Some Basic Terminology
• plaintext - original message
• ciphertext - coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering plaintext from ciphertext
• cryptography - study of encryption principles/methods.
• Etymololy: from Greek kryptós, meaning "hidden" or "secret," and graphein, meaning "to
write."
• cryptanalysis (codebreaking) - study of principles/ methods of deciphering
ciphertext without knowing key
• cryptology - field of both cryptography and cryptanalysis

8. 1.8
1-1 SECURITY GOALS
This section defines three security goals.
1.1.1 Confidentiality
1.1.2 Integrity
1.1.3 Security
Topics discussed in this section:

9. 1.9
Figure 1.1 Taxonomy of security goals
1.1 Continued

10. 1.10
1.1.1 Confidentiality
Confidentiality is probably the most common aspect of
information security. We need to protect our confidential
information. An organization needs to guard against those
malicious actions that endanger the confidentiality of its
information.

11. 1.11
1.1.2 Integrity
Information needs to be changed constantly. Integrity means
that changes need to be done only by authorized entities and
through authorized mechanisms.

12. 1.12
1.1.3 Availability
The information created and stored by an organization needs
to be available to authorized entities. Information needs to
be constantly changed, which means it must be accessible to
authorized entities.

13. 1.13
1-2 ATTACKS
The three goals of security⎯confidentiality, integrity,
and availability⎯can be threatened by security attacks.
1.2.1 Attacks Threatening Confidentiality
1.2.2 Attacks Threatening Integrity
1.2.3 Attacks Threatening Availability
1.2.4 Passive versus Active Attacks
Topics discussed in this section:

14. 1.14
Figure 1.2 Taxonomy of attacks with relation to security goals
1.2 Continued

15. 1.15
1.2.1 Attacks Threatening Confidentiality
Snooping refers to unauthorized access to or interception of
data.
Traffic analysis refers to obtaining some other type of
information by monitoring online traffic.

16. 1.16
1.2.2 Attacks Threatening Integrity
Modification means that the attacker intercepts the message
and changes it.
Masquerading or spoofing happens when the attacker
impersonates somebody else.
Replaying means the attacker obtains a copy
of a message sent by a user and later tries to replay it.
Repudiation means that sender of the message might later
deny that she has sent the message; the receiver of the
message might later deny that he has received the message.

17. 1.17
1.2.3 Attacks Threatening Availability
Denial of service (DoS) is a very common attack. It may
slow down or totally interrupt the service of a system.

18. 1.18
1.2.4 Passive Versus Active Attacks
Table 1.1 Categorization of passive and active attacks

19. 1.19
1-3 SERVICES AND MECHANISMS
ITU-T provides some security services and some
mechanisms to implement those services. Security
services and mechanisms are closely related because a
mechanism or combination of mechanisms are used to
provide a service..
1.3.1 Security Services
1.3.2 Security Mechanism
1.3.3 Relation between Services and Mechanisms
Topics discussed in this section:

20. 1.20
1.3.1 Security Services
Figure 1.3 Security services

21. 1.21
1.3.2 Security Mechanism
Figure 1.4 Security mechanisms

22. 1.22
1.3.3 Relation between Services and Mechanisms
Table 1.2 Relation between security services and mechanisms

23. 1.23
1-4 TECHNIQUES
Mechanisms discussed in the previous sections are only
theoretical recipes to implement security. The actual
implementation of security goals needs some
techniques. Two techniques are prevalent today:
cryptography and steganography.
1.4.1 Cryptography
1.4.2 Steganography
Topics discussed in this section:

24. 1.24
1.4.1 Cryptography
Cryptography, a word with Greek origins, means “secret
writing.” However, we use the term to refer to the science
and art of transforming messages to make them secure and
immune to attacks.

25. Cryptography

26. Model for Network
Security

27. Model for Network
Security
• This general model shows that there are four basic tasks in
designing a particular security service:
1. Design an algorithm for performing the security-related
transformation. The algorithm should be such that an opponent
cannot defeat its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop methods for the distribution and sharing of the secret
information.
4. Specify a protocol to be used by the two principals that makes use
of the security algorithm and the secret information to achieve a
particular securityservice.

28. Cryptography

29. Classical encryption
techniques
• As opposed to modern cryptography
• Goals:
• to introduce basic concepts & terminology of
encryption
• to prepare us for studying modern cryptography
29

30. Classical encryption techniques
• As opposed to modern cryptography
• Goals:
– to introduce basic concepts & terminology of
encryption
– to prepare us for studying modern
cryptography
30

31. Basic terminology
• Plaintext: original message to be
encrypted
• Ciphertext: the encrypted message
• Enciphering or encryption: the process of
converting plaintext into ciphertext
• Encryption algorithm: performs encryption
– Two inputs: a plaintext and a secret key
31

32. Symmetric Cipher Model
32

33. • Deciphering or decryption: recovering
plaintext from ciphertext
• Decryption algorithm: performs decryption
– Two inputs: ciphertext and secret key
• Secret key: same key used for encryption
and decryption
– Also referred to as a symmetric key
33

34. • Cipher or cryptographic system : a scheme
for encryption and decryption
• Cryptography: science of studying ciphers
• Cryptanalysis: science of studying attacks
against cryptographic systems
• Cryptology: cryptography + cryptanalysis
34

35. Ciphers
• Symmetric cipher: same key used for
encryption and decryption
– Block cipher: encrypts a block of plaintext at a
time (typically 64 or 128 bits)
– Stream cipher: encrypts data one bit or one byte
at a time
• Asymmetric cipher: different keys used for
encryption and decryption
35

36. Symmetric Encryption
• or conventional / secret-key / single-key
• sender and recipient share a common key
• all classical encryption algorithms are
symmetric
• The only type of ciphers prior to the
invention of asymmetric-key ciphers in
1970’s
• by far most widely used
36

37. Symmetric Encryption
• Mathematically:
Y = EK(X) or Y = E(K, X)
X = DK(Y) or X = D(K, Y)
• X = plaintext
• Y = ciphertext
• K = secret key
• E = encryption algorithm
• D = decryption algorithm
• Both E and D are known to public
37

38. Cryptanalysis
• Objective: to recover the plaintext of a ciphertext
or, more typically, to recover the secret key.
• Kerkhoff’s principle: the adversary knows all
details about a cryptosystem except the
secret key.
• Two general approaches:
– brute-force attack
– non-brute-force attack (cryptanalytic attack)
38

39. Brute-Force Attack
• Try every key to decipher the ciphertext.
• On average, need to try half of all possible keys
• Time needed proportional to size of key space
Key Size (bits) Number of Alternative
Keys
Time required at 1
decryption/µs
Time required at 106
decryptions/µs
32
232
= 4.3 × 109
231
µs = 35.8 minutes 2.15 milliseconds
56
256
= 7.2 × 1016
255
µs = 1142 years 10.01 hours
128
2128
= 3.4 × 1038
2127
µs = 5.4 × 1024
years 5.4 × 1018
years
168
2168
= 3.7 × 1050
2167
µs = 5.9 × 1036
years 5.9 × 1030
years
26 characters
(permutation) 26! = 4 × 1026
2 × 1026
µs = 6.4 × 1012
years 6.4 × 106
years
39

40. 40
Cryptanalytic Attacks
• May be classified by how much
information needed by the attacker:
– Ciphertext-only attack
– Known-plaintext attack
– Chosen-plaintext attack
– Chosen-ciphertext attack

41. Table 2.1
Types of Attacks on Encrypted Messages

42. 42
Ciphertext-only attack
• Given: a ciphertext c
• Q: what is the plaintext m?
• An encryption scheme is completely
insecure if it cannot resist ciphertext-only
attacks.

43. 43
Known-plaintext attack
• Given: (m1,c1), (m2,c2), …, (mk,ck) and a
new ciphertext c.
• Q: what is the plaintext of c?
• Q: what is the secret key in use?

44. 44
Chosen-plaintext attack
• Given: (m1,c1), (m2,c2), …, (mk,ck), where
m1, m2, …, mk are chosen by the
adversary; and a new ciphertext c.
• Q: what is the plaintext of c, or what is the
secret key?

45. 45
Example: chosen-plaintext attack
• In 1942, US Navy cryptanalysts discovered that
Japan was planning an attack on “AF”.
• They believed that “AF” means Midway island.
• Pentagon didn’t think so.
• US forces in Midway sent a plain message that their
freshwater supplies were low.
• Shortly, US intercepted a Japanese ciphertext saying
that “AF” was low on water.
• This proved that “AF” is Midway.

46. 46
Chosen-ciphertext attack
• Given: (m1,c1), (m2,c2), …, (mk,ck), where
c1, c2, …, ck are chosen by the adversary;
and a new ciphertext c.
• Q: what is the plaintext of c, or what is the
secret key?

47. Classical Ciphers
• Plaintext is viewed as a sequence of
elements (e.g., bits or characters)
• Substitution cipher: replacing each element
of the plaintext with another element.
• Transposition (or permutation) cipher:
rearranging the order of the elements of the
plaintext.
• Product cipher: using multiple stages of
substitutions and transpositions
47

48. cryptanalysis
• An encryption scheme is computationally secure
if the ciphertext generated by the scheme meets
one or both of the following criteria:
• The cost of breaking the cipher exceeds the value of
the encrypted information
• The time required to break the cipher exceeds the
useful lifetime of the information

49. 1.49
1.4.2 Steganography
The word steganography, with origin in Greek, means
“covered writing,” in contrast with cryptography, which
means “secret writing.”
Example: covering data with text

50. Steganography
• Hide a message in another message.
• E.g., hide your plaintext in a graphic image
– Each pixel has 3 bytes specifying the RGB color
– The least significant bits of pixels can be
changed w/o greatly affecting the image quality
– So can hide messages in these LSBs
• Advantage: hiding existence of messages
• Drawback: high overhead
50

51. 51
• Take a 640x480 (=30,7200) pixel image.
• Using only 1 LSB, can hide 115,200 characters
• Using 4 LSBs, can hide 460,800 characters.

52. 52

53. 1.53
1.4.2 Continued
Example: using dictionary
Example: covering data under color image

54. Caesar Cipher
• Earliest known substitution cipher
• Invented by Julius Caesar
• Each letter is replaced by the letter three
positions further down the alphabet.
• Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
• Example: ohio state RKLR VWDWH
🡪
54

55. Caesar Cipher
• Mathematically, map letters to numbers:
a, b, c, ..., x, y, z
0, 1, 2, ..., 23, 24, 25
• Then the general Caesar cipher is:
c = EK(p) = (p + k) mod 26
p = DK(c) = (c – k) mod 26
• Can be generalized with any alphabet.
55

56. Cryptanalysis of Caesar Cipher
• Key space: {0, 1, ..., 25}
• Vulnerable to brute-force attacks.
• E.g., break ciphertext "UNOU YZGZK“
• Need to recognize it when have the
plaintext
• What if the plaintext is written in Swahili?
56

57. Monoalphabetic Substitution Cipher
• Shuffle the letters and map each plaintext letter to a
different random ciphertext letter:
Plain letters: abcdefghijklmnopqrstuvwxyz
Cipher letters: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
• What does a key look like?
57

58. Monoalphabetic Cipher Security
• Now we have a total of 26! = 4 x 1026
keys.
• With so many keys, it is secure against
brute-force attacks.
• But not secure against some cryptanalytic
attacks.
• Problem is language characteristics.
58

59. Language Statistics and Cryptanalysis
• Human languages are not random.
• Letters are not equally frequently used.
• In English, E is by far the most common letter,
followed by T, R, N, I, O, A, S.
• Other letters like Z, J, K, Q, X are fairly rare.
• There are tables of single, double & triple letter
frequencies for various languages
59

60. English Letter Frequencies
60

61. Statistics for double & triple letters
• In decreasing order of frequency
• Double letters:
th he an in er re es on, …
• Triple letters:
the and ent ion tio for nde, …
61

62. Use in Cryptanalysis
• Key concept: monoalphabetic substitution does
not change relative letter frequencies
• To attack, we
– calculate letter frequencies for ciphertext
– compare this distribution against the known
one
62

63. Example Cryptanalysis
• Given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
• Count relative letter frequencies (see next page)
• Guess {P, Z} = {e, t}
• Of double letters, ZW has highest frequency, so
guess ZW = th and hence ZWP = the
• Proceeding with trial and error finally get:
it was disclosed yesterday that several informal but
direct contacts have been made with political
representatives of the viet cong in moscow
63

64. Letter frequencies in ciphertext
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00
M 6.67
64

65. What type of attack?
• Ciphertext-only attack
• Known-plaintext attack
• Chosen-plaintext attack
• Chosen-ciphertext attack
65