8. 8
Classify Security Attacks
passive attacks - eavesdropping on, or
monitoring of, transmissions to:
obtain message contents, or
monitor traffic flows
active attacks – modification of data stream to:
masquerade of one entity as some other
replay previous messages
modify messages in transit
denial of service
13. 13
Security Services
Confidentiality – protection from
passive attacks
Authentication – you are who you say
you are
Integrity – received as sent, no
modifications, insertions, shuffling or
replays
14. 14
Security Services
Nonrepudiation – can’t deny a
message was sent or received
Access Control – ability to limit and
control access to host systems and
apps
Availability – attacks affecting loss or
reduction on availability
16. 16
Cryptography
Cryptography -- from the Greek for “secret
writing” -- is the mathematical “scrambling”
of data so that only someone with the
necessary key can “unscramble” it.
Cryptography allows secure transmission of
private information over insecure channels
(for example packet-switched networks).
Cryptography also allows secure storage of
sensitive data on any computer.
17. 17
The language of cryptography
symmetric key crypto: sender, receiver
keys identical
public-key crypto: encryption key
public, decryption key secret
(private)
plaintext plaintextciphertext
K
A
encryption
algorithm
decryption
algorithm
K
B
21. 21
Caesar Cipher
Technique:
A general concept of Cryptography
In cryptography, a Caesar cipher, also
known as a shift cipher, is one of the
simplest and most widely known encryption
techniques. It is a type of substitution cipher
in which each letter in the plaintext is
replaced by a letter some fixed number of
positions down the alphabet.
For example, with a shift of 3, A would be
replaced by D, B would become E, and so on.
The method is named after Julius Caesar,
who used it to communicate with his
22. 22
Caesar cipher is to
replace each
plaintext letter
with one a fixed
number of places
down the
alphabet. This
example is with a
shift of three, so
that a B in the
plaintext becomes
E in the ciphertext.
C = P + K,
Here K=3
24. 24
RSA Encryption Algorithm
For example. make p = 7and q = 13
We then calculate N = 7∗13 = 91 and (p−1)(q−1)
= 72
We next select ke relatively prime to 72 and< 72,
yielding 5
Finally,we calculate kd such that ke*kd mod 72 =
1, yielding 29
We how have our keys
Public key, ke, N = 5, 91
Private key, kd , N = 29, 91
Encrypting the message 69 with the public key
results in the cyphertext 62
Cyphertext can be decoded with the private key
Public key can be distributed in cleartext to
anyone who wants to communicate with holder
26. 26
What is a Firewall?
a choke point of control and
monitoring
interconnects networks with differing
trust
imposes restrictions on network
services
only authorized traffic is allowed
auditing and controlling access
can implement alarms for abnormal
behavior