Department of Computer Science

Computer Security

Nekemte , Ethiopia

Chapter 1: Information/Computer Security ▪ Includes protection of the integrity, availability,

Issues authenticity, non-repudiation and confidentiality of user
data.
1. Introduction
o Using physical, technical and administrative controls to
▪ Security is ―the quality or state of being secure—to be free
accomplish these tasks. o not only digital but
from danger.‖
also analog or physical form
o in other words, protection against adversaries —from
▪ Includes restoration of information systems by
those who would do harm, intentionally or otherwise—is
incorporating protection, detection, and reaction
the objective. o National security, for example, is a
capabilities.
multilayered system that protects the sovereignty of a state,
▪ It is best thought of as a superset of information security,
its assets, its resources, and its people. Achieving the
strongly related to the field of information security, and
appropriate level of security for an organization also also with business continuity.
requires a multifaceted system.
3. Why Information Assurance is needed?
2. Information Assurance?
▪ To protect information exchanges between interconnected
▪ The practice of assuring information and managing risks computer systems. o Stand-alone COMPUSEC could not
related to the use, processing, storage, and transmission
protect information during storage, processing or transfer
of information or data, the systems and processes used
between systems.
for those purposes.
 o to detect attacks and enable a response to those attacks information system resources (includes hardware,
▪ To add business benefit through the use of IRM software, firmware, information/data, and
(Information Risk Management). telecommunications).
o improves business continuity ▪ Two major aspects of InfoSec are:
▪ Generally, to minimize risk and ensure business continuity o IT security (Sometimes computer security): is InfoSec
by implementing controls to limit the impact of a security applied to technology (most often computer system). o IA:
breach. The act of ensuring that data is not lost when critical issues
4. Information Assurance pillars like natural disasters, system malfunction, physical theft, etc.
➢ Confidentiality: o Preserving authorized restrictions on arise.
access and ▪ InfoSec, computer security & IA are frequently used
disclosure. interchangeably;
o Includes personal privacy and proprietary information o These fields are interrelated and share the common goals
protection. of protecting the CIA of information; however, there are some
➢ Integrity: subtle differences. o differences lie primarily in the approach
o protecting against improper information modification or to the subject, the methodologies used, and the areas of
damage concentration.
o The data stored on the computer is the same as what is
intended. ▪ InfoSec: concerned with the CIA of data regardless of the
➢ Availability: form the data may take: electronic, print, or other forms.
o Ensuring timely and reliable access to and use of ▪ Computer security: can focus on ensuring the availability
information. and correct operation of a computer system without concern
o Assures systems work promptly & service isn’t denied to for the information stored or processed by the computer.
authorize users. ▪ IA: focuses on the reasons for assurance that information is
➢ Authentication: protected, and is thus reasoning about information security.
o Is proving a claim – usually that you are who you say you 7. Enterprise security & Cyber defense
are. ▪ Enterprise security: is about building systems to
➢ non-repudiation: remain dependable in the face of malice, error, or
o Prevention of either the sender or receiver denying a mischance.
transmitted message. ▪ Cyber defense: computer network defense
o Prove the occurrence of a claimed event or action and its mechanism which includes response to actions and
originating entities. critical infrastructure protection and IA for possible
5. Information Assurance strategy ▪ networks.
Cyber security awareness and education ▪ Business-driven approach to enterprise security
▪ Strong cryptography architecture means that security is about enabling the
▪ Good security-enabled commercial information technology objective of an organization by controlling operational
▪ An enabling global Security Management Infrastructure; and risk.
▪ A civil defense infrastructure equipped with an attack sensing 8. Threats, vulnerabilities, risk, controls (W. Stallings)
and warning capability and coordinated response mechanism ▪ Adversary (threat agent): An entity that attacks, or is a
6. Difference: InfoSec, computer security & IA threat to, a system. e.g. all hackers in the world
▪ IA: measures that protect and defend information and ISs by ▪ Threat: any circumstances or events that can potentially
ensuring their availability, integrity, authentication, harm an information system by destroying it, disclosing the
confidentiality, and non-repudiation. information stored on the system, adversely modifying
data, or making the system unavailable.
▪ Information protection or InfoSec: protection of information
▪ Vulnerability: weaknesses or fault in an information
and ISs from unauthorized access, use, disclosure, disruption,
system or its components that could be exploited.
modification, perusal, inspection, recording or destruction.
▪ Attack: actual violation of security that derives from an
▪ Computer Security: (W. Stallings) o Protection to an
intelligent threat.
automated information system in order to
attain the applicable objectives of preserving the
confidentiality, integrity, and availability (CIA) of

2|Page
 ▪ Risk: An expectation of loss expressed as the probability ▪ Confidentiality: Data confidentiality and Privacy o is the
that a particular threat will exploit a particular vulnerability prevention of unauthorized disclosure of
with a particular harmful result. information.
o Risk = Threats x Vulnerabilities o In other words, confidentiality means keeping
▪ Control, safeguard, or countermeasure: An action, information
device, procedure, or technique that reduces a threat, a private or safe.
vulnerability, or an attack by eliminating or preventing it, o it may be important for military, business or personal
by minimizing the harm it can cause, or by discovering and reasons.
reporting it so that corrective action can be taken. o it may also be known as privacy or secrecy.
▪ Security Policy: A set of rules and practices that specify or ▪ Integrity: covers Data integrity and System integrity o
regulate how a system or organization protects sensitive the prevention of unauthorized writing or modification of
and critical system resources. information. o Integrity in a computer system means
▪ System Resource (Asset): Data contained in an that there is an external consistency in the system –
information system; or a service provided by a system; or a
everything is as it is expected to be.
system performance; or an item of system equipment (i.e.,
o Data integrity: the data stored on the computer is the same
a system component—hardware, software, or
documentation); or a facility that houses system operations as what is intended.
and equipment. ▪ Availability:
o Assures that systems work promptly and service is not
Chapter 2: Information security models and
denied to authorized users. o Information should
mechanisms be accessible and usable upon appropriate demand
1. Model for Computer Security by an authorized user.

▪ Example: If a company has antivirus software but does not

use an anti-virus and keep the virus signatures up-to-date,
this is vulnerability. The company is vulnerable to virus
attacks. Similarly, if you fail to routinely update your
operating systems or application software, these will
remain vulnerable to software problems ("bugs") that
have been identified and patched
o Vulnerability: no antivirus/ un updated
Signatures o Threat: Virus
o Attack: System Crash and/or destroy data
and/or
data modification
o The likelihood of a virus showing up in the
environment and causing damage is the risk.
o The countermeasures in this situation are to
update
the signatures and install the antivirus software on
all computers
2. Goals of computer security
3 key objectives of computer security: CIA triad (W. Stallings)

3|Page
 o

o Disruption/Interruption: destroyed/unavailable
services/resources, DoS (attack on data availability)
Denial of service (DOS) attacks are a common form of
o Fabrication: unauthorized party inserts a fake
attack against computer systems whereby authorized users are
asset/resource, loss of confidentiality, authenticity and
denied access to the computer system. Additional objectives:
integrity of the message
▪ Non-repudiation: is the prevention of either the sender or
▪ Types of Attackers o Amateurs: Opportunistic attackers
the receiver denying a transmitted message. o It is the
(use a password they found), Script kiddies
ability to prove the occurrence of a claimed event or action
o Hackers - nonmalicious o
and its originating entities
o It assures that a sender of data is provided with proof of Crackers – malicious o
delivery and the recipient is provided with proof of the Career criminals
sender's identity, so neither can later deny having o State-supported spies and information
processed the data. warriors
o often implemented by using digital signatures 4. Countermeasure Methods to Risk
▪ Authentication o is proving a claim – usually that you ▪ Any means taken to deal with a security attack. It can be
are who you say you are. devised to prevent a particular type of attack. When
o for example it may be obtained by the provision of a prevention is not possible, or fails in some instance, the
password or by a scan of your retina. goal is to detect the attack and then recover from the
▪ Access controls o provide the limitation and control of effects of the attack.
access to authorized users through identification and ▪ Five basic approaches to defense of computing systems o
authentication. Prevent attack: from violating security policy, Block
o A system needs to be able to identify and authenticate attack / Close vulnerability
users for access to data, applications and hardware. o Deter attack: intended to discourage potential attackers,
o In a large system there may be a complex structure Make attack harder,
determining which users and applications have access to o Deflect attack: Make another target more attractive than
which objects. this target
▪ Accountability o Ensuring an entity’s action is traceable o Detect attack: accept that an attack will occur; the goal
uniquely to that entity. is to determine that an attack is under way, or has
o Ascertains the responsibility of an entity (like a person) occurred, and report it.
for its actions and decisions. o Recover from attack: Stop attack, assess and repair
o All relevant activities events and operations on a system, damage or restore the operations of the business
e.g., failed and successful authentication attempts, are 5. Controls: Security policies & mechanisms
recorded in a log. ▪ for Today Computers o Encryption: primary control that
3. Security Attack protects CIA, by which Cleartext scambled into ciphertext.
▪ The agent carrying out the attack is referred to as an o Software controls: password checker, virus scanner,
attacker, or threat agent. IDS (intrusion detection system) o Hardware controls:
▪ We can distinguish two types of attacks: (W. Stallings) o provide higher degree of security; Locks, Smart cards,
Active attack: an attempt to alter/affect system resources dongles, hadware keys... o Policies and procedures:
or their operation. Alignment with users’ legal and ethical standards; eg.
o Passive attack: an attempt to learn/make use of password policy
information from the system that does not affect o Physical controls: natural and man-made disaster
system resources. protection; walls, locks, guards, security, cameras,
▪ We can also classify attacks based on the origin of the backup copies and archives
attack: o Inside attack: Initiated by an entity inside the
security perimeter (an ―insider‖). 6. Principles of Computer Security
o Outside attack: Initiated from outside the ▪ Principle of Easiest Penetration
perimeter. ▪ Principle of Adequate Protection
▪ Types of Attacks on Data CIA (W. Stallings) o ▪ Principle of Effectiveness: Controls must be efficient, easy
Disclosure/Interception: unauthorized party snooping, or to use, and appropriate.
getting access to a resource, Attack on data confidentiality: ▪ Principle of Weakest Link: Security can be no stronger than
o Modification / Deception: unauthorized party its weakest link.
modifying a resource, acceptance of false data, E.g.,
providing wrong data (attack on data integrity)
4|Page
 ▪ Principles of Least Privilege: ―Do not give any more C. Cryptanalysis: the process of breaking an encrypted
privileges than absolutely necessary to do/perform the code.
required job‖. ✓ Ciphertext only Attack, Known plaintext Attack,
▪ Defense in Depth: having more than one layer or type of Chosen plaintext Attack, Chosen ciphertext Attack,
defense and Chosen text Attack
▪ Minimization: ―do not run any software, or applications 2. Class of Attacks
that are not strictly required to do the entrusted job.‖
▪ Reconnaissance: The hackers first identifies a target to
▪ Compartmentalization: limits the damage in other launch an attack, extract maximum information regarding
compartments when one compartment is compromised. this target, understand its vulnerabilities, and then only
▪ Keep Things Simple: Complexity is the worst enemy of explore the best ways to exploit it.
security. o Examples: Credential Theft using Keyloggers and
▪ Fail Securely: if a security measure or control has failed for Spyware; Identity Theft using spam e-mail, phishing
whatever reason, the system is not rendered to an insecure attack and social engineering attack
state. ▪ Access: Ones the attacker Reconnaissance the target, S/he
▪ Balancing Security and Access starts a successful exploitation and continued access to the
Chapter 3: Computer Threats/Attacks 1. Types of system. Then, the attacker is in control of the target.
Threats/Attacks … (Chuck Eastom) ▪ Denial of Service: Ones the attacker having a successful
▪ Physical Attack: Stealing, breaking or damaging of access to the system. S/he starts to deny users from
computing devices accessing or using the service or system.
▪ Malware Attack: A generic term for software that has Chapter 4: Application of Security Mechanisms 1.
malicious purpose. o Viruses o Worms Cryptography and hash functions
o Trojan horses o Spy-wares o ▪ Cryptography is the science and art of secret, or hidden
Zombie o Botnets o writing
Bacterium o Logic bomb o ▪ Cryptanalysis is the science and art of breaking codes.
Backdoor(Trapdoor) o Adware ▪ Modern cryptography concerns with:
o Flooders (DoS client) o Key o Confidentiality - Information cannot be understood by
loggers o Rootkit o anyone.
Spam/scam, identity theft, e- o Integrity - Information cannot be altered.
payment frauds, etc. o Non-repudiation - Sender cannot deny his/her
intentions in the transmission of the information at a
▪ Hacking /Intrusion/ Attack: any attempt to intrude or gain
later stage. o Authentication - Sender and receiver can
unauthorized access to your system either via some
operating system flaw or other means. The purpose may or confirm each.
may not be for malicious purposes. ▪ Generally, the goal of the cryptography is to protect private
▪ Cracking: is hacking conducted for malicious purposes. communication in the public world.
▪ Denial of Service (DoS) Attack: Blocking access from ▪ Basic cryptographic terms o Plaintext - the original form
legitimate users of a message o Ciphertext - the coded/encrypted form of a
▪ Distributed DoS Attack: is accomplished by tricking message o Cipher – an encryption method or process
routers into attacking a target or using Zombie hosts to encompassing the algorithm and key, or procedures
simultaneously attack a given target with large number of used to transform plaintext to ciphertext
packets. o Key - info used in cipher known only by the
▪ Spoofing: Examples; MAC cloning, IP spoofing, and email sender/receiver. A Key is value that the cipher, as an
spoofing algorithm, operates on.
▪ Password attacks: guessing password; social engineering ✓ If same key is used for encryption & decryption the
attack, Dictionary attack ▪ Cryptographic Attack: algorithm is called symmetric
A. Frequency Analysis attack: Guess values based on ✓ If different keys are used for encryption &
frequency of occurrence decryption the algorithm is called asymmetric
B. Brute-force attack: The attacker tries every possible key Encipher (encrypt) – the process of converting
on a piece of ciphertext until an intelligible translation into plaintext to ciphertext
plaintext is obtained. On average, half of all possible keys o Decipher (decrypt) - recovering plaintext from
must be tried to achieve success. ciphertext

5|Page
 o

o Cryptography – the study of encryption

principles/methods
o Cryptanalysis (codebreaking) - the study of
principles/ methods of breaking ciphertext without (2) Polyalphabetic Ciphers o The relationship between a
knowing key character in the plaintext to a character in the ciphertext is one-
o Cryptology - the field of study which deals with both to-many. o Autokey Cipher:
cryptography and cryptanalysis
▪ Cryptography classification:
A. Classical/Conventional Cryptography: Substitution
Cipher and Transposition Cipher o Playfair Cipher o Vigenere Cipher
B. Modern Cryptography: Symmetric key cryptography o Exercise:
and Public key cryptography Classical ✓ Encrypt the message ―She is listening‖ using the 6-
character keyword ―PASCAL‖.
Cryptography Substitution ciphers ▪ Replaces ✓ The initial key stream is (15, 0, 18, 2, 0, 11). The key
one symbol with another.
stream is the repetition of this initial key stream (as
▪ Categories monoalphabetic or polyalphabetic ciphers.
many times as needed)
(1) Monoalphabetic Ciphers o The relationship between a
o Hill Cipher:
symbols in the plaintext to a symbol in the ciphertext is
✓ Key in the Hill cipher: The key matrix in the Hill
always one-to-one.
cipher needs to have a multiplicative inverse.
o sometimes called additive cipher or shift cipher or Caesar
cipher (key of 3)
o When the cipher is additive, the plaintext, ciphertext,
and key are integers in Z26. o Exercise:
✓ Use additive cipher with key = 15 to encrypt the
message ―hello‖.
✓ Use the additive cipher with key = 15 to decrypt the
message ―WTAAD‖.
o Multiplicative Ciphers: the plaintext and ciphertext are
integers in Z26; the key is an integer in Z26*. This set has
only 12 members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25.
o Exercise:
✓ use a multiplicative cipher to encrypt the message
―hello‖ with a key of K=7. The ciphertext is
―XCZZU‖. Transposition Ciphers
✓ Decryption key is multiplicative inverse of K=7; K -1 ▪ Does not substitute one symbol for another, instead it
mod 26=7-1 mod 26. changes the location of the symbols (reorders symbols).
▪ A transposition cipher relies on an algorithm which
o Affine Ciphers: uses a pair of keys in which the first key
rearranges the order of the letters in a plaintext
is from Z26* and the second is from Z26. The size of the message
key domain is 26 × 12 = 312.
(1) Keyless Transposition Ciphers o Permute the characters
✓ The additive cipher is a special case of an affine
by writing plaintext in one way and reading it in another
cipher in which k1 = 1. The multiplicative cipher is
way.
a special case of affine cipher in which k2 = 0. o
o rail-fence transposition: a plaintext message is
Because additive, multiplicative, and affine ciphers
transposed into several rows
have
small key domains, they are very vulnerable to brute- ✓ Ciphertext is produced by reading the resulting
columns in sequence
force attack;
✓ Example with 2 rails (rows): ➢ Plaintext:
✓ Solution: Monoalphabetic Substitution Cipher o
THEBIGBANGTHEORY
Monoalphabetic Substitution Cipher: creates a
➢ Plaintext arranged into 2 rows:
mapping between each plaintext character and the
 THEBIGBA
corresponding ciphertext character. Alice and Bob can
 NGTHEORY
agree on a table showing the mapping for each
➢ Ciphertext: tnhgetbhiegobray o
character.
columnar transposition: a plaintext message is

6|Page
 transposed into several columns ▪ complexity of a brute-force attack: o If the key is
✓ Ciphertext is produced by reading the resulting 56 bits long, there are 256 possible keys.
rows in sequence o Assuming a supercomputer can try a million keys a
✓ Example with 2 columns: second, it will take 2285 years to find the correct key.
➢ Plaintext: SECRET o 256 /(1000,000*(365days*24hr*3600s))
➢ Plaintext arranged into 2 columns: e.g. DES
SR ▪ There are three main types of modern cryptographic
EE functions that are the building blocks of security:
CT 1) symmetric encryption
➢ Ciphertext: sreect 2) Asymmetric encryption
✓ The key in a columnar transposition is the number 3) Hash Functions
of columns! Symmetric key cryptography
✓ In the example above, the key is 2 ▪ Uses conventional / secret-key / single-key.
(2) Keyed Transposition Ciphers o Is to divide ▪ The secret key shared by both sender and receiver.
the plaintext into groups of predetermined size, ▪ All classical encryption algorithms are private-key.
called blocks, and then use a key to permute the o Use the same key (shared key) for encryption and
characters in each block separately. decryption process.
o The permutation of each character in the plaintext ▪ If this key is disclosed communications are compromised.
into the ciphertext based on the positions. o Permutation ▪ Symmetric Cipher Model o Alice can send a message to
key: key used for encryption and decryption. Bob over an insecure channel
✓ with the assumption that an adversary, Eve, cannot
understand the contents of the message.
o The original message from Alice to Bob is referred to as
plaintext;
(3) Combining Two Approaches
o the message that is sent through the channel is referred to
as the cipher text.
o Alice uses an encryption algorithm and a shared secret
key.
o Bob uses a decryption algorithm and the same secret key.

Figure 4.1 symmetric - key cryptography

Modern Cryptography: ▪ 2 requirements for secure use of symmetric encryption: o
▪ Based on Kerckhoff’s principle, one should always Strong encryption algorithm: i.e., Y = EK(X) o
assume that the adversary, Eve, knows the Secret key known only to sender / receiver: i.e. X =
encryption/decryption algorithm. DK(Y)
▪ The resistance of the cipher to attack must be ▪ Assume encryption algorithm is known o Implies a
based only on the secrecy of the key and the secure channel to distribute key:
strength of the algorithm. ✓ Problem: - Key distribution problem
▪ If the strength of the algorithm is secured enough, ▪ Key Distribution o Symmetric schemes require both
better way to break the cryptosystem will be trying parties to share a common secret key.
every possible key in a brute-force attack. o Issue is how to securely distribute this key.

7|Page
 o

Often secure system failure due to a break in the key o Four different stages are used, one of permutation
distribution scheme. and three of substitution:
▪ Given parties A and B have various key distribution ✓ Substitute bytes: Uses an S-box to perform a byte- by-
alternatives: o A can select key and physically deliver byte substitution of the block
to B. o Third party can select & deliver key to A & B. ✓ ShiftRows: A simple permutation
o If A & B have communicated previously can use previous ✓ MixColumns: A substitution that makes use of
key to encrypt a new key. arithmetic over GF(28)
o If A & B have secure communications with a third- party ✓ AddRoundKey: A simple bitwise XOR of the
C, C can relay key between A & B. current block with a portion of the expanded key ▪
▪ Key Hierarchy o session key Categories of symmetric ciphers: o Stream Ciphers:
✓ temporary key Encrypt data one bit or one byte at a time
✓ used for encryption of data between users o Block Ciphers: a group of plaintext characters of a fixed
✓ for one logical session then discarded o master size (a block) is encrypted at once and sent to the receiver;
key Playfair, Hill ciphers, modern symmetric ciphers o
✓ used to encrypt session keys Combination Cipher
✓ shared by user & key distribution center Asymmetric key cryptography
▪ Advantage: Simpler and faster ▪ also known as public-key encryption.
▪ Disadvantages: Less secured, key exchange problem, large ▪ In public key cryptography, o unlike symmetric-key, there
number of keys are needed are two keys: a private key and a public key.
▪ Examples of symmetric key algorithms are as follows: ✓ The public key is announced to the public; whereas the
(1) Data Encryption Standard (DES) (56bits key) o private key is kept by the receiver.
Feistel cipher: half of the data block is used to modify o anyone can send messages using the public key of the
the other half of the data block and then the halves are receiver for encryption, but only the receiver uses his
swapped. o passes through an initial permutation (IP) private key for decryption
that rearranges the bits to produce the permuted input. ✓ Secret transmission of key for decryption is not
o followed by sixteen rounds of the same function: required
involves both permutation and substitution functions. ✓ Every entity can generate a key pair and release its
o The left and right halves of the output are swapped to public key
produce the preoutput. ✓ Encryption and decryption keys are different but form
o The preoutput passed through the inverse of the initial a unique pair
permutation function (IP -1) o Note that: Private key can also be public by keeping public
key secret
▪ PKE systems eliminate the problems(key exchange)
encountered with symmetric key systems
o Key distribution is easy with PKE!
▪ used for confidentiality, authentication & Digital Signature.
▪ the padlock that is locked with a public key can be unlocked
only with the corresponding private key.
▪ Eve should not be able to advertise her public key to the
community pretending that it is Bob’s public key.
▪ used for internet secure links. Each site has its own public &
private keys.
▪ Asymmetric-key cryptosystem Model o Both users (Bob
(2) Triple DES (3DES) (168 bits key)
& Alice) generates a pair of keys o Each user places one of
(3) Advanced Encryption Standard (AES) o is not a
2 keys in public register.
Feistel structure
✓ This is the public key: each user maintains a collection of
✓ processes the entire data block as single matrix public keys obtained from others.
during each round using substitutions and o The companion key is kept private to each.
permutation (substitutions permutation Network o If Alice wishes to send a confidential message to Bob,
) She encrypts the message using Bob’s public key.
o plain text is a fixed block size of 128 bits and a key size o When Bob receives the message, he decrypts it using his
of 128, 192, or 256 bits private key.
8|Page
 ✓ No other recipient can decrypt because only Bob knows his o first practical method for secret share over unsecured
private key. channel. o The point is to agree on a key that two
parties can use for a symmetric encryption, in such a
way that an eavesdropper cannot obtain the k. o
One of the main uses of DH is in the Internet
Key Exchange (IKE) protocol,
✓ a central part of the IP Security (IPSEC) architecture
o Example: Suppose Alice and Bob want to agree on a
shared symmetric key.
a) Alice and Bob, and everyone else, already know the
values of p and g.
b) Alice generates a random private value a and Bob
generates a random private value b.
Both a and b are drawn from the set of integers 1, ..., p-1.
c) Alice and Bob derive their corresponding public values, - the
Figure 4.2 Asymmetric-key cryptography values they will send to each other unencrypted-as follows.
▪ uses this ideas to make a trap-door one-way function: • Alice’s public value is ga mod p and
• Bob’s public value is gb mod p then, they exchange their
o dominant PKE algorithms are based on the difficulty
public values.
of factoring large numbers, or Discrete Logarithm • Finally,
Problem. o Multiplying two large primes is a one-way ➢ Alice computes gab mod p = (gb mod p) a
Function, factoring is conjectured to be a hard problem mod p and ➢ Bob computes gba mod p = (ga
▪ These algorithms are also susceptible to a brute-force mod p) b mod p.
attack, but of a different type.
▪ Breaking these algorithms o does not involve trying
every possible key; o involves trying to factor the large
number (or taking discrete logarithms in a very large
finite field)
▪ If the number is too small, you have no security.
▪ If number is large enough, secured against all
computing power. Fig 4.3 Diffie-Hellman Key Agreement (DH)
▪ Advantages: more secured, Authentication
(3) Rivest, Shamir, Adleman (RSA) o Developed by Ron
▪ Disadvantages: relatively complex
Rivest, Adi Shamir, Len Adelman o Variable Key Size
▪ Public Key Infrastructure (PKI) o used for the
(512, 1024, or 2048 bits) o Most popular public key
management of public key and distribution of digital algorithm o Based on principle:
certificates
No mathematical method to efficiently find the prime
o Authenticates users and devices in the digital world. o
factors of large numbers
Its most familiar use is
o Breaking RSA is equivalent to finding prime factors:
✓ in SSL certificates and TLS (newer version): in
this is now to be computationally infeasible.
practice, most websites now use TLS.
o private and public keys are constructed from very large
o With HTTPS, certificates serve to identify the web
prime numbers. o only who has produced the keys
site; ensure no-one can eavesdrop your connection. o
from prime number can easily decrypt messages
consists of
o Key Generation, Encryption & Decryption Procedure
✓ Certification Authorities (CAs), Registration
Authorities (RAs), Certificate holders, • Choose two large prime numbers p & q
Clients, Repositories, Cryptographic • Compute n=pq and z=(p-1)(q-1)
Algorithms and Protocols. • Choose number e, less than n, which has no
▪ Examples of Asymmetric key algorithms are as common factor (other than 1) with z
follows: • Find number d, such that ed – 1 is exactly
(1) El Gamal o Developed by Taher ElGamal o Variable divisible by z
key size (512 or 1024 bits) o Less common than others • Keys are generated using n, d, e
(2) Diffie-Hellman Key Agreement (DH): ➢ Public key is (n,e)
➢ Private key is (n, d)
9|Page
 o

Encryption: c = me mod n

10 | P a g e
 ➢ m is plain text |Page
➢ c is cipher text
• Decryption: m = cd mod n
• Public key is shared and the private key is
hidden
(4) Digital Signature Algorithm (DSA):
o PKI relies on DS, which uses public key cryptography.
o The basic idea is that private key is only known by
that entity & used for signing.
✓ Public key derived from it: used for verifying
Figure 4.5 Examples of hash algorithms: MD5 , SHA-1
signatures but cannot be used to sign.
✓ It is available to anyone, and is typically included in 2. Application Security
the certificate document. ▪ Vulnerability: o any mistakes or weakness in the
o Digital Signature procedure system security that may result the possibility for
• Sender encrypts message with its private key intruders to get
• Receiver can decrypt using sender’s public key unauthorized access
➢ This authenticates sender, who has the matching key ▪ Vulnerability Assessment :
➢ Does not give privacy of data i.e. Decrypt key is public o a software testing technique to evaluate the sudden
key. increase of risks involved in the system in order to
reduce the probability of the event.
o depends on two mechanisms:
✓ Vulnerability Assessment: the process of
scanning (locating & reporting) vulnerabilities to
provide a way to detect and resolve security
problems by ranking the vulnerabilities.
✓ Penetration Testing: an authorized simulated
attack on a computer system, performed to
evaluate the security of the system.
Fig 4.4 digital Signature algorithm (DSA) ▪ Types of vulnerability scanner:
o Host Based :
Hash functions o A hash function H takes a variable-size ✓ Identifies the issues in the host or the system.
message m as input and produces a fixed-size output, ✓ carried out by using host-based scanners . o
referred to as a hash code or message digest or hash value Network Based :
H (m) ✓ will detect the open port, and identify the unknown
o no key is used in this algorithm. o A fixed-length services running on these ports.
hash value is computed as per the plain text ✓ carried out by using Network-based Scanners. o
✓ that makes it impossible for the contents of the plain Database Based :
text to be recovered. ✓ identify the security exposure in the database
o also used by many operating systems to encrypt systems to prevent from SQL Injections.
passwords.. ▪ Vulnerability Testing Methods:
o Hashing o Active Testing: While doing the test, the tester will
✓ the transformation of variable-length messages into actively involve in the process of finding out the new
fixed-length message digest that represents the test cases and analyzes the results.
original string. o Passive Testing: monitoring the result of running SW
o Hash value (or simply hash), also called a message under test without introducing new test cases or data.
digest, is a number generated from a string of text. o Network Testing: the process of measuring the state
✓ is much smaller than the text itself. o creates a of network operation over a period of time to find out
unique, fixed- length signature for a specific the problems created by new services.
message or data set. o Distributed Testing: applied for testing distributed
✓ even minor changes to that message result in a applications.
dramatically different hash. Therefore, it is very o Penetration Test (pen test):
resistant to tampering.
11
 ✓ To identify both weaknesses (vulnerabilities) & b) Application-Level Gateway (application firewall
strengths, to enable a full risk assessment. / proxy server): runs special software that acts as a
✓ Determine whether a system is vulnerable, proxy for a service request. Proxy server receives
defenses were sufficient and which defenses (if requests for Web pages, accesses the Web server
any) the test defeated. on behalf of the external client, and returns the
▪ Secure Shell (SSH): requested pages to the users.

A cryptographic protocol for operating NW services

o
securely over an unsecured NW. o Best-known |Page
application: for remote login to computer systems by
users. o Common applications: remote command- c) Circuit Level Gateway: Standalone Software that sets
line login and execution. up two TCP connections (inside & outside). It
▪ Secure Email: determines which connections will be allowed.
o Adds confidentiality and integrity protection to ▪ Firewalls implementation
ordinary e-mail. o E.g. PGP. a) Hardware firewalls: a stand-alone product or
integrated into the router. It will have a minimum of
▪ Secure Web servers: o The main vulnerability of web
four network ports to connect other computers.
applications is Cross-Site Scripting (XSS).
b) Software firewalls: installed on your computer and
o Securing the website or web application itself and the
will protect your computer from outside and then
network around it.
determine whether the request is valid or not.
o Common web servers: Apache, and IIS.
c) Combination of both
▪ TLS-based client digital certificates
4. Physical security
▪ Apache or Oracle penetration testing
▪ Without physical security to protect hardware (i.e., doors that
▪ VPN Apps
lock) nothing else about a computer system can be called
▪ Application firewall / proxy server
secure
3. Firewall
5. Operations security
▪ a program or network devices (e.g. router) which filters
▪ As the software charged with controlling access to the
access to a protected network from the internet connection.
hardware, the file system, and the network, weaknesses in
▪ protects a local or network of systems from network-based an operating system are the most valued amongst
security threats, crackers.
▪ monitors & controls incoming & outgoing network traffic ▪ Most OS authentication is handled through user names
based on predetermined security rules. and passwords. Biometric (e.g. voice, face, retina, iris,
▪ Firewall Objectives o Keep intruders, malicious code and fingerprint) and physical token-based (swipe cards, pin-
unwanted traffic out generating cards) authentication are sometimes used to
o Keep private and sensitive information in augment simple passwords, but the costs and accuracy of
o security wall b/n private (protected) NW the technology limit their adoption.
& outside word. 6. Access control
▪ Categorizes of firewalls ▪ Since many systems (such as router access control lists)
a) Network firewalls: Filter traffic b/n two or more define which packets may and which packets may not pass
networks and run-on NW hardware. based on the sender's IP address
✓ Implemented at a specific point in the network path ▪ An access enforcement mechanism authorizes requests from
and protects all computers on the internal side of multiple subjects (e.g. users, processes, etc.) to perform
the firewall from all computers on the external side operations (e.g., read, write, etc.) on objects (e.g., files,
of the fire wall. sockets, etc.).
b) Host-based firewalls: Run on host computers and ▪ Network access control (NAC): is an umbrella term for
control network traffic in/out of those machines. managing access to a net-work. NAC authenticates users
a) Packet Filtering Router: Examines TCP/IP logging into the network and determines what data they can
header information of network data packets going access and actions they can perform. NAC also examines the
in both directions. Applies set of rules to each health of the user’s computer or mobile device (the
incoming IP packets & then forwards or discards endpoints).
the packets. ▪ An operating system provides an access enforcement
mechanism.
12
 ▪ Two fundamental concepts of access control:
o a protection system that defines the access control
specification and
o a reference monitor that is the system’s access
enforcement mechanism that enforces this specification.
7. Plan, Design and manage security, security policies,
business continuity plans, disaster recovery plans, and
social and legal issues of information security
8. Design secure systems for real world information
system services

13