This document provides an introduction and overview of information system security. It covers topics such as security attacks, services, and mechanisms. The document is divided into multiple units that cover encryption techniques like the Data Encryption Standard (DES) and advanced topics such as public key cryptosystems, hash functions, and IP security. DES encryption is explained in detail, covering aspects like its history, design, encryption process, key generation, decryption, and strengths/limitations. Feistel ciphers and their design principles are also summarized.
Different date block size using to evaluate the performance between different...IJCNCJournal
The different computer networks whether wired or wireless are becoming more popular with its high
security aspect. Different security algorithms and technique are using to avoid any aforementioned attacks.
One of these technique is a cryptography technique that makes the data as unreadable during the transfer
hence; there is no chance to reclaim the information. Presently, most of the users are using various media
types and internet to transfer the data but, it has the chance to retrieve the data by using these media types.
The perfect solution for this problem is to provide security on time-to-time basis; this stage is always
significant to the security related community discussions. This paper explains the comparison between the
run time of three different encryption algorithms which are DES, AES and Blowfish The compression
includes using different modes, data block size and different operation modes. As a result, Blowfish
algorithm followed by AES take less time for running compared to DES.
Training and Tips that are very helpful to gain knowledge in the field of information Security and passing your CISSP Certification Exam.
To be CISSP Certified Please Check out the link below:
http://asmed.com/cissp-isc2/
Different date block size using to evaluate the performance between different...IJCNCJournal
The different computer networks whether wired or wireless are becoming more popular with its high
security aspect. Different security algorithms and technique are using to avoid any aforementioned attacks.
One of these technique is a cryptography technique that makes the data as unreadable during the transfer
hence; there is no chance to reclaim the information. Presently, most of the users are using various media
types and internet to transfer the data but, it has the chance to retrieve the data by using these media types.
The perfect solution for this problem is to provide security on time-to-time basis; this stage is always
significant to the security related community discussions. This paper explains the comparison between the
run time of three different encryption algorithms which are DES, AES and Blowfish The compression
includes using different modes, data block size and different operation modes. As a result, Blowfish
algorithm followed by AES take less time for running compared to DES.
Training and Tips that are very helpful to gain knowledge in the field of information Security and passing your CISSP Certification Exam.
To be CISSP Certified Please Check out the link below:
http://asmed.com/cissp-isc2/
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
Information And Data Security Block Cipher and the data encryption standard (DES) seminar
Mustansiriya University
Department of Education
Computer Science
A NOVEL STRUCTURE WITH DYNAMIC OPERATION MODE FOR SYMMETRIC-KEY BLOCK CIPHERSIJNSA Journal
Modern Internet protocols support several modes of operation in encryption tasks for data confidentiality to keep up with varied environments and provide the various choices, such as multi-mode IPSec support. To begin with we will provide a brief background on the modes of operation for symmetric-key block ciphers. Different block cipher modes of operation have distinct characteristics. For example, the cipher block chaining (CBC) mode is suitable for operating environments that require self-synchronizing capabilities, and the output feedback (OFB) mode requires encryption modules only. When using symmetric-key block cipher algorithms such as the Advanced Encryption Standard (AES), users performing information encryption often encounter difficulties selecting a suitable mode of operation. This paper describes a structure for analyzing the block operation mode combination. This unified operation structure (UOS) combines existing common and popular block modes of operation. UOS does multi-mode of operation with most existing popular symmetric-key block ciphers and do not only consist of encryption mode such as electronic codebook (ECB) mode, cipher block chaining (CBC) mode, cipher feedback (CFB) mode and output feedback (OFB) mode, that provides confidentiality but also message authentication mode such as the cipher block chaining message authentication code (CBC-MAC) in cryptography. In Cloud Computing, information exchange frequently via the Internet and on-demand. This research provides an overview and information useful for approaching low-resource hardware implementation, which is proper to ubiquitous computing devices such as a sensor mote or an RFID tag. The use of the method is discussed and an example is given. This provides a common solution for multimode and this is very suitable for ubiquitous computing with several resources and environments. This study indicates a more effectively organized structure for symmetric-key block ciphers to improve their application scenarios. We can get that it is flexible in modern communication applications.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Today information security is a challenging factor that touches a lot of areas, including computers and communications. Message communication is kept secure through cryptography so that an eavesdropper is not able to decipher a transmitted message. One of the oldest and simplest known algorithms for cryptography is the Caesar cipher algorithm. In this paper, three programs based on Java, C++, and Python languages have been developed to implement the Caesar cipher algorithm to aid information security students and help them understand this fundamental algorithm. A code flow chart is used for each program to describe the code’s flow. It also reveals the sequence of steps for the code’s main methods, as well as the relationships between them. Furthermore, various technical descriptions are presented in detail for each of the methods used in both the encoding and the decoding of the messages.
FellowBuddy.com is an innovative platform that brings students together to share notes, exam papers, study guides, project reports and presentation for upcoming exams.
We connect Students who have an understanding of course material with Students who need help.
Benefits:-
# Students can catch up on notes they missed because of an absence.
# Underachievers can find peer developed notes that break down lecture and study material in a way that they can understand
# Students can earn better grades, save time and study effectively
Our Vision & Mission – Simplifying Students Life
Our Belief – “The great breakthrough in your life comes when you realize it, that you can learn anything you need to learn; to accomplish any goal that you have set for yourself. This means there are no limits on what you can be, have or do.”
Like Us - https://www.facebook.com/FellowBuddycom
ieee project topic & abstracts in php
Php project aim is to develop dynamic and attractive web application as per user requirement. you can easily develop web application with our guidance............
Our Project Guidance Methods
We are following Waterfall Methodology for Project development and condition and it has been strictly followed by each guiding staffs and we have better knowledge in this field and updated with new innovative technologies. Our past students have found project work at our centers as a reliable, efficient, inexpensive and a fruitful learning experience. We provide Students about their project at various stages of their project through regular classes and also through detailed technical documentation that we provide in digital format.
for more details..... contact us..........
softroniics
calicut || palakkad || coimbatore
9037061113 , 9037291113
www.softroniics.in
In this project we develop an application for translation of information in any language to Cipher/Encrypted , which otherwise is done by using different software in the present scenario. Our attempt is to overcome the various shortcomings in different software available in the market and develop the best (Encryptor/Decryptor) with most useful algorithms. We explore and implement Tiny Algorith, Neural Algorithm, A hybrid blend Neural and Tiny algorithm, Rijandel Agorithm, Stegnography (for Image and Audio files), Video Encryption and Decryption, and a Chat server for secret Communication oiver the software.
In this project we develop an application for translation of information in any language to Cipher/Encrypted , which otherwise is done by using different software in the present scenario. Our attempt is to overcome the various shortcomings in different software available in the market and develop the best (Encryptor/Decryptor) with most useful algorithms. We explore and implement Tiny Algorith, Neural Algorithm, A hybrid blend Neural and Tiny algorithm, Rijandel Agorithm, Stegnography (for Image and Audio files), Video Encryption and Decryption, and a Chat server for secret Communication oiver the software.
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
Information And Data Security Block Cipher and the data encryption standard (DES) seminar
Mustansiriya University
Department of Education
Computer Science
A NOVEL STRUCTURE WITH DYNAMIC OPERATION MODE FOR SYMMETRIC-KEY BLOCK CIPHERSIJNSA Journal
Modern Internet protocols support several modes of operation in encryption tasks for data confidentiality to keep up with varied environments and provide the various choices, such as multi-mode IPSec support. To begin with we will provide a brief background on the modes of operation for symmetric-key block ciphers. Different block cipher modes of operation have distinct characteristics. For example, the cipher block chaining (CBC) mode is suitable for operating environments that require self-synchronizing capabilities, and the output feedback (OFB) mode requires encryption modules only. When using symmetric-key block cipher algorithms such as the Advanced Encryption Standard (AES), users performing information encryption often encounter difficulties selecting a suitable mode of operation. This paper describes a structure for analyzing the block operation mode combination. This unified operation structure (UOS) combines existing common and popular block modes of operation. UOS does multi-mode of operation with most existing popular symmetric-key block ciphers and do not only consist of encryption mode such as electronic codebook (ECB) mode, cipher block chaining (CBC) mode, cipher feedback (CFB) mode and output feedback (OFB) mode, that provides confidentiality but also message authentication mode such as the cipher block chaining message authentication code (CBC-MAC) in cryptography. In Cloud Computing, information exchange frequently via the Internet and on-demand. This research provides an overview and information useful for approaching low-resource hardware implementation, which is proper to ubiquitous computing devices such as a sensor mote or an RFID tag. The use of the method is discussed and an example is given. This provides a common solution for multimode and this is very suitable for ubiquitous computing with several resources and environments. This study indicates a more effectively organized structure for symmetric-key block ciphers to improve their application scenarios. We can get that it is flexible in modern communication applications.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Today information security is a challenging factor that touches a lot of areas, including computers and communications. Message communication is kept secure through cryptography so that an eavesdropper is not able to decipher a transmitted message. One of the oldest and simplest known algorithms for cryptography is the Caesar cipher algorithm. In this paper, three programs based on Java, C++, and Python languages have been developed to implement the Caesar cipher algorithm to aid information security students and help them understand this fundamental algorithm. A code flow chart is used for each program to describe the code’s flow. It also reveals the sequence of steps for the code’s main methods, as well as the relationships between them. Furthermore, various technical descriptions are presented in detail for each of the methods used in both the encoding and the decoding of the messages.
FellowBuddy.com is an innovative platform that brings students together to share notes, exam papers, study guides, project reports and presentation for upcoming exams.
We connect Students who have an understanding of course material with Students who need help.
Benefits:-
# Students can catch up on notes they missed because of an absence.
# Underachievers can find peer developed notes that break down lecture and study material in a way that they can understand
# Students can earn better grades, save time and study effectively
Our Vision & Mission – Simplifying Students Life
Our Belief – “The great breakthrough in your life comes when you realize it, that you can learn anything you need to learn; to accomplish any goal that you have set for yourself. This means there are no limits on what you can be, have or do.”
Like Us - https://www.facebook.com/FellowBuddycom
ieee project topic & abstracts in php
Php project aim is to develop dynamic and attractive web application as per user requirement. you can easily develop web application with our guidance............
Our Project Guidance Methods
We are following Waterfall Methodology for Project development and condition and it has been strictly followed by each guiding staffs and we have better knowledge in this field and updated with new innovative technologies. Our past students have found project work at our centers as a reliable, efficient, inexpensive and a fruitful learning experience. We provide Students about their project at various stages of their project through regular classes and also through detailed technical documentation that we provide in digital format.
for more details..... contact us..........
softroniics
calicut || palakkad || coimbatore
9037061113 , 9037291113
www.softroniics.in
In this project we develop an application for translation of information in any language to Cipher/Encrypted , which otherwise is done by using different software in the present scenario. Our attempt is to overcome the various shortcomings in different software available in the market and develop the best (Encryptor/Decryptor) with most useful algorithms. We explore and implement Tiny Algorith, Neural Algorithm, A hybrid blend Neural and Tiny algorithm, Rijandel Agorithm, Stegnography (for Image and Audio files), Video Encryption and Decryption, and a Chat server for secret Communication oiver the software.
In this project we develop an application for translation of information in any language to Cipher/Encrypted , which otherwise is done by using different software in the present scenario. Our attempt is to overcome the various shortcomings in different software available in the market and develop the best (Encryptor/Decryptor) with most useful algorithms. We explore and implement Tiny Algorith, Neural Algorithm, A hybrid blend Neural and Tiny algorithm, Rijandel Agorithm, Stegnography (for Image and Audio files), Video Encryption and Decryption, and a Chat server for secret Communication oiver the software.
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
Maintaining high-quality standards in the production of TMT bars is crucial for ensuring structural integrity in construction. Addressing common defects through careful monitoring, standardized processes, and advanced technology can significantly improve the quality of TMT bars. Continuous training and adherence to quality control measures will also play a pivotal role in minimizing these defects.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Automobile Management System Project Report.pdfKamal Acharya
The proposed project is developed to manage the automobile in the automobile dealer company. The main module in this project is login, automobile management, customer management, sales, complaints and reports. The first module is the login. The automobile showroom owner should login to the project for usage. The username and password are verified and if it is correct, next form opens. If the username and password are not correct, it shows the error message.
When a customer search for a automobile, if the automobile is available, they will be taken to a page that shows the details of the automobile including automobile name, automobile ID, quantity, price etc. “Automobile Management System” is useful for maintaining automobiles, customers effectively and hence helps for establishing good relation between customer and automobile organization. It contains various customized modules for effectively maintaining automobiles and stock information accurately and safely.
When the automobile is sold to the customer, stock will be reduced automatically. When a new purchase is made, stock will be increased automatically. While selecting automobiles for sale, the proposed software will automatically check for total number of available stock of that particular item, if the total stock of that particular item is less than 5, software will notify the user to purchase the particular item.
Also when the user tries to sale items which are not in stock, the system will prompt the user that the stock is not enough. Customers of this system can search for a automobile; can purchase a automobile easily by selecting fast. On the other hand the stock of automobiles can be maintained perfectly by the automobile shop manager overcoming the drawbacks of existing system.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
2. INTRODUCTION OF SUBJECT
INFORMATION
SYSTEM
SECURITY
Data can be defined as a representation of facts,
concepts or instructions in a formalized manner which
should be suitable for communication, interpretation,
or processing by human or electronic machine
A set of detailed methods, procedures and routines
created to carry out a specific activity, perform a
duty, or solve a problem.
In information technology, security is the protection
of information assets through the use of technology,
processes, and training.
3. INDEX
UNIT 1:- Introduction to security attacks
UNIT 2:- AES, RC6, random number generation
UNIT 3:- Public Key Cryptosystems
UNIT 4:- Message Authentication and Hash Function
UNIT 5:- Pretty Good Privacy, IP Security
4. UNIT 1-CONTENTS
1.1 Introduction to security attacks Services and mechanism
1.1.1 Security Attacks
1.1.2 Passive and Active Attacks
1.1.3 Passive Attack
1.1.4 Active Attack
1.1.5 Security Services
1.1.6 Basic Vocabulary of Encryption and Decryption
1.2 Classical encryption techniques
1.2.1 Substation Technique
1.2.2 Transposition Techniques
1.3 Cryptanalysis, stream and block ciphers
1.3.1 Stream and Block Ciphers
1.4 Modern Block Ciphers: Block ciphers principals
1.4.1 Block Cipher Principles
1.4.2 Ideal Block Cipher
1.5 Shannon’s theory of confusion and diffusion
5. 1.6 Fiestal structure
1.6.1 Feistel Cipher Structure
1.6.2 Feistel Cipher
1.6.3 Design Features of Feistel Network
1.7 Data encryption standard(DES)
1.7.1 History
1.7.2 DES Design Controversy
1.7.3 DES Encryption
1.7.4 Initial Permutation IP
1.7.5 DES Round Structure
1.7.6 DES Round Structure
1.7.7 Substitution Boxes S
1.7.8 DES Key Schedule
1.7.9 DES Decryption
1.7.11 Strength of DES – Key Size
1.7.12 Strength of DES – Timing Attacks
1.8 Differential and linear cryptanalysis of DES
1.8.1 Differential Cryptanalysi
1.8.2 Linear Cryptanalysis
6. 1.9 Block cipher modes of operations.
1.9.1 Quick History
1.9.2 Modes of Operation Taxonomy
1.9.3 Technical Notes
1.9.4 Electronic Codebook Book (ECB)
1.9.5 ECB Scheme
1.9.6 Cipher Block Chaining (CBC)
1.9.7 CBC Scheme
1.9.8 Cipher FeedBack (CFB)
1.9.9 CFB Scheme
1.9.10 CFB Encryption/Decryption
1.9.11 CFB as a Stream Cipher
1.9.12 Output FeedBack (OFB)
1.9.13 OFB Scheme
1.9.14 OFB as a Stream Cipher
1.9.15 Counter (CTR)
1.9.16 CTR Scheme
1.9.17 OFB as a Stream Cipher
1.10 Triple Data Encryption Standard (Triple-DES)
1.10.1 Triple DES Algorithm
7. 1.1 INTRODUCTION TO SECURITY
ATTACKS SERVICES AND MECHANISM
Three aspects of Information Security:
Security Attack: Any
action that
Compromises the
Security of Information
Security Mechanism:
a mechanism that is
designed to detect,
prevent or recover
from a security attack.
Security Service: A
Service that enhances
the security of data
processing systems and
information transfers. A
security services makes
use of one or more
security mechanisms.
9. SECURITY ATTACKS
Interruption: This is an attack on availability
Interception: This is an attack on confidentiality
Modfication: This is an attack on integtrity
Fabrication: This is an attack on authenticity
10. Security Attacks
Interruption: An asset of the system is destroyed
or becomes unavailable or unusable.
This is an attack or availability
Examples:
Destroying some H/W (disk or wire)
Disabling file system.
Swamping a computer with jobs or
communication link with packets.
11. Security Attacks
Interception:-An unauthorized part gain access
to an asset.
This is an attacks on confidentiality
Example:-
Wiretapping to capture data in a network.
Illicitly copying data or programs.
12. Security Attacks
Modification: an unauthorized part gains
access and tampers an asset.
This is an attack on integrity.
Examples:
Changing data files.
Altering a program.
Altering the contents of a message.
13. Security Attacks
Fabrication: An unauthorized party inserts a
counterfeit object into the system.
This is an attack on authenticity.
Examples:
Insertion of records in data files.
Insertion of spurious messages in a network.
(message replay)
15. 1.1.2 PASSIVE AND ACTIVE ATTACKS
Active attacksPassive attacks
• No modification of content or fabrication
• Eavesdropping to learn contents or other information
(transfer patterns, traffic flows etc.)
• Modification of content and/or participation in
communication to
•Impersonate legitimate parties
•Modify the content in transit
•Launch denial of service attacks
20. 1.1.6 SECURITY SERVICES
A security service is a service provided by the
protocol layer of a communicating system (X.800)
5 Categories
Authentication
Access Control
Data confidentiality
Data Integrity
Nonrepudiation (and Availability)
21. 1.1.7 Basic Vocabulary of Encryption and
Decryption
Plaintext: This is what you want to encrypt
Cipher text: The encrypted output
Enciphering or encryption: The process by which
plaintext is converted into cipher text
Encryption algorithm: The sequence of data processing
steps that go into transforming plaintext into cipher text.
Various parameters used by an encryption algorithm are
derived from a secret key.
Secret key: A secret key is used to set some or all of the
various parameters used by the encryption algorithm. The
important thing to note is that, in classical cryptography, the
same secret key is used for encryption and decryption.
22. Deciphering or decryption: Recovering plaintext from cipher text
Decryption algorithm: The sequence of data processing steps that go
into transforming cipher text back into plaintext. In classical
cryptography, the various parameters used by a decryption algorithm are
derived from the same secret key that was used in the encryption
algorithm.
Cryptography: The many schemes available today for encryption and
decryption
Cryptographic system: Any single scheme for encryption and
decryption.
Cipher: A cipher means the same thing as a “cryptographic system”
Block cipher: A block cipher processes a block of input data at a time
and produces a cipher text block of the same size.
Stream cipher: A stream cipher encrypts data on the fly, usually one
byte at time.
23. 1.2 Classical Encryption Techniques
CLASSIFICATION OF ENCRYPTION TECHNIQUES
Encryption techniques are broadly classified into
Substition technique and Transposition techniques.
Substitution - Substitution means replacing an
element of the plaintext with an element of cipher text.
Transposition - Transposition means rearranging
the order of appearance of the elements of the
plaintext.
24. 1.2.1 Substation Technique
Substitution ciphers encrypt plaintext by
changing the plaintext one piece at a time.
The Caesar Cipher was an early substitution
cipher. In the Caesar Cipher, each character is
shifted three places up. Therefore, A becomes
D and B becomes E, etc…
25. This table shows “VOYAGER” being encrypted
with the Caesar substitution cipher:
26. Plaintext V O Y A G E R
Key +3 +3 +3 +3 +3 +3 +3
Ciphertext Y R B D J H U
A more complex substitution cipher would be created if,
instead of incrementing each character by three, we used
a more complex key. This table shows a simple
substitution cipher with a key of “123”.
27. Plaintext V O Y A G E R
Key +1 +2 +3 +1 +2 +3 +1
Ciphertext W Q B B I H S
28. 1.2.2 Transposition Techniques
All the techniques examined so far involve the
substitution of a ciphertext symbol for a plaintext
symbol. A very different kind of mapping is
achieved by performing some sort of permutation
on the plaintext letters. This technique is referred to
as a transposition cipher.
29. m e m a t r h t g p r y
e t e f e t e o a a t
The encrypted message is
MEMATRHTGPRYETEFETEOAAT
The simplest such cipher is the rail fence technique,
in which the plaintext is written down as a sequence
of diagonals and then read off as a sequence of
rows. For example, to encipher the message "meet
me after the toga party" with a rail fence of depth 2,
we write the following:
30. 1.3 Cryptanalysis, Stream and Block
Ciphers
Cryptanalysis :- Cryptanalysis is the study of
analyzing information systems in order to study the
hidden aspects of the systems. Cryptanalysis is used
to breach cryptographic security systems and gain
access to the contents of encrypted messages, even if
the cryptographic key is unknown.
31. 1.3.1 Stream and Block Ciphers
Idea of a block cipher: Partition the text into
relatively large (e.g. 128 bits) blocks and encode
each block separately. The encoding of each block
generally depends on at most one of the previous
blocks.
• the same “key” is used at each block.
Idea of a stream cipher: Partition the text into
small (e.g. 1 bit) blocks and let the encoding of
each block depend on many previous blocks. • for
each block, a different “key” is generated.
• for each block, a different “key” is generated.
32. 1.4 Modern Block Ciphers
Now look at modern block ciphers
One of the most widely used types of
cryptographic algorithms
Provide secrecy /authentication services
Focus on DES (Data Encryption Standard)
To illustrate block cipher design principles
33. MODERN BLOCK CIPHERS
A symmetric-key modern block cipher encrypts an n-
bit block of plaintext or decrypts an n-bit block of
cipher text. The encryption or decryption algorithm
uses a k-bit key. The common value
for n are 64,128,256
and 512 bits
34. 1.4.1 BLOCK CIPHER PRINCIPLES
Most symmetric block ciphers are based on a Feistel
Cipher Structure
Needed since must be able to decrypt cipher text to
recover messages efficiently
Block ciphers look like an extremely large substitution
Would need table of 264 entries for a 64-bit block
Instead create from smaller building blocks
Using idea of a product cipher
36. 1.5 SHANNON’S THEORY OF CONFUSION
AND DIFFUSION
Claude Shannon suggested that to complicate
statistical attacks, the cryptographer could
dissipate the statistical structure of the plaintext
in the long range statistics of the ciphertext.
Shannon called this process diffusion.
37. Diffusion complicates the statistics of the cipher
text, and makes it difficult to discover the key of the
encryption process.
The process of confusion, makes the use of the
key so complex, that even when an attacker knows
the statistics, it is still difficult to deduce the key.
Confusion can be accomplished by using a
complex substitution algorithm.
Block ciphers, such as the Data Encryption
Standard, makes use of substitution operations.
38. 1.6 FEISTEL STRUCTURE
Horst Feistel devised the Feistel
cipher
based on concept of invertible product
cipher
Partitions input block into two halves
process through multiple rounds
which
perform a substitution on left data half
based on round function of right half
& subkey
then have permutation swapping
halves
Implements Shannon’s S-P net
concept
40. 1.6.2 FEISTEL CIPHER
Feistel Cipher is not a specific scheme of block
cipher. It is a design model from which many
different block ciphers are derived. DES is just
one example of a Feistel Cipher. A cryptographic
system based on Feistel cipher structure uses the
same algorithm for both encryption and
decryption.
Encryption Process
The encryption process uses the Feistel structure
consisting multiple rounds of processing of the
plaintext, each round consisting of a
“substitution” step followed by a permutation
step.
41. 1.6.3 DESIGN FEATURES OF FEISTEL
NETWORK
Block Size: (larger block means greater security) 64 bits.
Key Size:56-128 bits.
Number of Rounds: a single round offers inadequate security, a typical
size is 16 rounds.
Sub-key Generation Algorithms: greater complexity should lead to a
greater difficulty of cryptanalysis.
Round function: Again, greater complexity generally means greater
resistance to cryptanalysis.
Round function: Again, greater complexity generally means greater
resistance to cryptanalysis.
Fast Software encryption/Decryption: the speed of execution of the
algorithm is important.
Ease of Analysis: to be able to develop a higher level of assurance as to
its strength
Decryption: use the same algorithm with reversed keys.
43. 1.7.1 HISTORY
In 1971, IBM developed an algorithm, named
LUCIFER which operates on a block of 64
bits, using a 128-bit key
Walter Tuchman, an IBM researcher,
refined LUCIFER and reduced the key
size to 56-bit, to fit on a chip.
In 1977, the results of Tuchman’s project
of IBM was adopted as the Data
Encryption Standard by NSA (NIST).
44. 1.7.2 DES Design Controversy
Although DES standard is public
Was considerable controversy over design
• in choice of 56-bit key (vs Lucifer 128-bit)
• and because design criteria were classified
Subsequent events and public analysis show in
fact design was appropriate
DES has become widely used, especially in
financial applications
46. 1.7.4 Initial Permutation IP
First step of the data computation
IP reorders the input data bits
Even bits to LH half, odd bits to RH half
Quite regular in structure (easy in h/w)
See text Table 3.2
Example:
IP(675a6967 5e5a6b5a) = (ffb2194d
004df6fb)
47. 1.7.5 DES Round Structure
Uses two 32-bit L & R halves
As for any Feistel cipher can describe as:
Li = Ri–1
Ri = Li–1 xor F(Ri–1, Ki)
Takes 32-bit R half and 48-bit subkey and:
• Expands R to 48-bits using perm E
• Adds to subkey
• Passes through 8 S-boxes to get 32-bit result
• Finally permutes this using 32-bit perm P
49. 1.7.7 Substitution Boxes S
Have eight S-boxes which map 6 to 4 bits
Each S-box is actually 4 little 4 bit boxes
outer bits 1 & 6 (row bits) select one rows
inner bits 2-5 (col bits) are substituted
result is 8 lots of 4 bits, or 32 bits
Row selection depends on both data & key
feature known as autoclaving (autokeying)
example:
S(18 09 12 3d 11 17 38 39)= 5fd25e03
50. 1.7.8 DES Key Schedule
Forms subkeys used in each round
Consists of:
- initial permutation of the key (PC1) which selects
56-bits in two 28-bit halves
- 16 stages consisting of:
•selecting 24-bits from each half
•permuting them by PC2 for use in function f,
•rotating each half separately either 1 or 2 places
depending on the key rotation schedule K
51. 1.7.9 DES Decryption
Decrypt must unwind steps of data computation
With Feistel design, do encryption steps again
Using subkeys in reverse order (SK16 … SK1)
Note that IP undoes final FP step of encryption
1st round with SK16 undoes 16th encrypt round
….
16th round with SK1 undoes 1st encrypt round
Then final FP undoes initial encryption IP
Thus recovering original data value
52. 1.7.10 Avalanche Effect
Key desirable property of encryption algorithm
Where a change of one input or key bit results in
changing approx half output bits
Making attempts to “home-in” by guessing keys
impossible
DES exhibits strong avalanche
53. 1.7.11 Strength of DES – Key Size
56-bit keys have 256 = 7.2 x 1016 values
Brute force search looks hard
Recent advances have shown is possible
• In 1997 on Internet in a few months
• In 1998 on dedicated h/w (EFF) in a few days
• In 1999 above combined in 22hrs!
Still must be able to recognize plaintext
Now considering alternatives to DES
54. 1.7.12 Strength of DES – Timing Attacks
Attacks actual implementation of cipher
Use knowledge of consequences of
implementation to derive knowledge of
some/all subkey bits
Specifically use fact that calculations can
take varying times depending on the value of
the inputs to it
Particularly problematic on smartcards
55. 1.8 Differential and Linear Cryptanalysis
However, if one is fortunate
enough to have a large
quantity of corresponding
plaintext and ciphertext
blocks for a particular
unknown key, a technique
called differential
cryptanalysis.
Linear cryptanalysis, invented by
Mitsuru Matsui, is a different, but
related technique. Instead of
looking for isolated points at
which a block cipher behaves like
something simpler, it involves
trying to create a simpler
approximation to the block cipher
as a whole
Differential Cryptanalysis
Linear Cryptanalysis
56. 1.8.1 Differential Cryptanalysi
A statistical attack against Feistel ciphers
Uses cipher structure not previously used
Design of S-P networks has output of function f
influenced by both input & key
Hence cannot trace values back through cipher
without knowing value of the key
Differential cryptanalysis compares two related
pairs of encryptions (differential)
57. Differential Cryptanalysis
Have some input difference giving some
output difference with probability p
If find instances of some higher probability
input / output difference pairs occurring
Can infer subkey that was used in round
Then must iterate process over many
rounds (with decreasing probabilities)
59. Differential Cryptanalysis
Perform attack by repeatedly encrypting plaintext pairs with
known input XOR until obtain desired output XOR
When found, assume intermediate deltas match
if intermediate rounds match required XOR have a right
pair
if not then have a wrong pair, relative ratio is S/N for attack
Can then deduce keys values for the rounds
right pairs suggest same key bits
wrong pairs give random values
For large numbers of rounds, probability is so low that more
pairs are required than exist with 64-bit inputs
60. 1.8.2 Linear Cryptanalysis
Another fairly recent development
Also a statistical method
Must be iterated over rounds, with
decreasing probabilities
Developed by Matsui et al in early 90's
Based on finding linear approximations
Can attack DES with 243 known plaintexts,
easier but still in practice infeasible
61. Linear Cryptanalysis
Find linear approximations with prob p != ½
P[i1,i2,...,ia] C[j1,j2,...,jb] = K[k1,k2,...,kc]
where ia,jb,kc are bit locations in P,C,K
Gives linear equation for key bits
Get one key bit using max likelihood alg
Using a large number of trial encryptions
Effectiveness given by: |p–1/2|
62. 1.9 Block cipher modes of operations
Modes of Operation
Block ciphers encrypt fixed size blocks
eg. DES encrypts 64-bit blocks, with 56-bit key
Need way to use in practise, given usually have arbitrary
amount of information to encrypt
Partition message into separate block for ciphering
A mode of operation describes the process of
encrypting each of these blocks under a single key
Some modes may use randomized addition input value
63. 1.9.1 Quick History
Early modes of operation: ECB, CBC,
CFB, OFB
DES Modes of operation
Revised and including CTR mode and
AES
Recommendation for Block Cipher Modes of
Operation
New Mode : XTS-AES
Recommendation for Block Cipher Modes of
Operation: The XTS-AES Mode for
Confidentiality on Storage Devices
1981
2001
2010
64. 1.9.2 Modes of Operation Taxonomy
Current well-known modes of operation
65. 1.9.3 Technical Notes
Initialize Vector (IV)
•a block of bits to randomize the encryption and hence to
produce distinct ciphertext
Nonce : Number (used) Once
•Random of psuedorandom number to ensure that past
communications can not be reused in replay attacks
•Some also refer to initialize vector as nonce
Padding
•final block may require a padding to fit a block size
•Method
•Add null Bytes
•Add 0x80 and many 0x00
•Add the n bytes with value n
66. 1.9.4 Electronic Codebook Book (ECB)
Message is broken into independent blocks
which are encrypted
Each block is a value which is substituted, like a
codebook, hence name
Each block is encoded independently of the other
blocks
Ci = EK (Pi)
Uses: secure transmission of single values
68. 1.9.6 Cipher Block Chaining (CBC)
Solve security deficiencies in ECB
Repeated same plaintext block result
different ciphertext block
Each previous cipher blocks is chained to
be input with current plaintext block, hence
name
Use Initial Vector (IV) to start process
Ci = EK (Pi XOR Ci-1)
C0 = IV
70. 1.9.8 Cipher FeedBack (CFB)
Use Initial Vector to start process
Encrypt previous ciphertext , then combined with the plaintext
block using X-OR to produce the current ciphertext
Cipher is fed back (hence name) to concatenate with the rest
of IV
Plaintext is treated as a stream of bits
•Any number of bit (1, 8 or 64 or whatever) to be feed back
(denoted CFB-1, CFB-8, CFB-64)
Relation between plaintext and ciphertext
Ci = Pi XOR SelectLeft(EK (ShiftLeft(Ci-1)))
C0 = IV
Uses: stream data encryption, authentication
73. 1.9.11 CFB as a Stream Cipher
In CFB mode, encipherment and decipherment use the encryption
function of the underlying block cipher.
74. 1.9.12 Output FeedBack (OFB)
Very similar to CFB
But output of the encryption function output of cipher is
fed back (hence name), instead of ciphertext
Feedback is independent of message
Relation between plaintext and ciphertext
Ci = Pi XOR Oi
Oi = EK (Oi-1)
O0 = IV
Uses: stream encryption over noisy channels
76. 1.9.14 OFB as a Stream Cipher
In OFB mode, encipherment and decipherment use the
encryption function of the underlying block cipher.
77. 1.9.15 Counter (CTR)
Encrypts counter value with the key rather than any
feedback value (no feedback)
Counter for each plaintext will be different
can be any function which produces a sequence which is
guaranteed not to repeat for a long time
Relation
Ci = Pi XOR Oi
Oi = EK (i)
Uses: high-speed network encryptions
80. 1.10 Triple Data Encryption Standard
(Triple-DES)
Triple DES is based on the DES algorithm,
therefore it is very easy to modify existing
software to use Triple DES. It also has the
advantage of proven reliability and a longer
key length that eliminates many of the attacks
that can be used to reduce the amount of time
it takes to break DES. However, even this
more powerful version of DES may not be
strong enough to protect data for very much
longer. As such, the DES algorithm itself has
become obsolete and is no longer used.
81. 1.10.1 Triple DES Algorithm
Before using 3TDES, user first generate and distribute a 3TDES key K,
which consists of three different DES keys K1, K2 and K3. This means
that the actual 3TDES key has length 3×56 = 168 bits. The encryption
scheme is illustrated as follows −
82. Triple DES Algorithm
The encryption-decryption process is as follows −
Encrypt the plaintext blocks using single DES with
key K1.
Now decrypt the output of step 1 using single
DES with key K2.
Finally, encrypt the output of step 2 using single
DES with key K3.
The output of step 3 is the ciphertext.
Decryption of a ciphertext is a reverse process.
User first decrypt using K3, then encrypt with
K2, and finally decrypt with K1.
83. CONCLUSION
We start our description of security in distributed systems by
taking a look at some general security issues. First, it is
necessary to define what a secure system is. We distinguish
security policies from security mechanisms , and take a look
at the Globus wide-area system for which a security policy
has been explicitly for-mulated. Our second concern is to
consider some general design issues for secure systems.
Finally, we briefly discuss some cryptographic algorithms,
which play a key role in the design of security protocols
Editor's Notes
The basic process in enciphering a 64-bit data block using the DES, shown on the left side, consists of:
- an initial permutation (IP)
- 16 rounds of a complex key dependent round function involving substitution and permutation functions
- a final permutation, being the inverse of IP
The right side shows the handling of the 56-bit key and consists of:
- an initial permutation of the key (PC1) which selects 56-bits in two 28-bit halves
- 16 stages to generate the subkeys using a left circular shift and a permutation
A more recent development is linear cryptanalysis. This attack is based on finding linear approximations to describe the transformations performed in DES. This method can find a DES key given 2^43 known plaintexts, as compared to 2^47 chosen plaintexts for differential cryptanalysis. Although this is a minor improvement, because it may be easier to acquire known plaintext rather than chosen plaintext, it still leaves linear cryptanalysis infeasible as an attack on DES. Again, this attack uses structure not seen before. So far, little work has been done by other groups to validate the linear cryptanalytic approach
If the data is only available a bit/byte at a time (eg. terminal session, sensor value etc), then must use some other approach to encrypting it, so as not to delay the info. Idea here is to use the block cipher essentially as a pseudo-random number generator (see stream cipher lecture later) and to combine these "random" bits with the message. Note as mentioned before, XOR is an easily inverted operator (just XOR with same thing again to undo). Again start with an IV to get things going, then use the ciphertext as the next input. As originally defined, idea was to "consume" as much of the "random" output as needed for each message unit (bit/byte) before "bumping" bits out of the buffer and re-encrypting. This is wasteful though, and slows the encryption down as more encryptions are needed. An alternate way to think of it is to generate a block of "random" bits, consume them as message bits/bytes arrive, and when they're used up, only then feed a full block of ciphertext back. This is CFB-64 mode, the most efficient. This is the usual choice for quantities of stream oriented data, and for authentication use.