UNIT I

CYBER PHYSICAL SYSTEMS AND INTER

CONNECTION OF THREATS

Topics: IoT and cyber-physical systems, IoT security

(vulnerabilities, attacks, and counter measures), security
engineering for IoT development, IoT security lifecycle. Network
Robustness of Internet of Things-Sybil Attack Detection in
Vehicular Networks-Malware Propagation and Control in Internet
of Things-Solution-Based Analysis of Attack Vector son Smart
Home Systems. Crypto foundations: Block ciphers, message
integrity, authenticated encryption, hash functions, Marketers,
elliptic curves, public-key crypto (PKI), signature algorithms.

1.1 IoT And Cyber-Physical Systems:

What is it?

In short, Cyber Physical Systems is a system that integrates computing elements

with physical components and processes. Sensors and actuators are monitoring
(real-time) the environment in the physical elements and provides the computer
with data and thereby controlling the physical system, which enables the system
or workers intelligently to take more accurate actions based on the data. In
relation to the field of production management it is also referred to as Cyber
Physical Production Systems (CPPS). Where CPS has roots in control, computer
science, real-time systems, and sensor networks, IoT has roots in communication
networks and wireless communication.
Internet of Things is a technology enabling the inter-connection of all types of
devices through the internet to exchange data, optimize processes, monitor
devices in order to generate benefits for the industry, the economy, and the end
user. It is composed of a network of sensors, actuators, and devices, forming new
systems and services. Manufacturing companies have expanded their use of IoT;
hence given rise to the term Industrial Internet of Things (IIoT).

Both IoT/IIoT and CPS/CPPS have physical as well as cyber aspect. These may
also be referred to as smart systems. IoT emphasizes on connectivity while CPS
emphasizes on embedded part. Connected CPSs are thus called Internet of Things
(IoT). Therefore, CPS forms the first level of vertical digital integration and IoT
forms the second level. Due to the development of the technologies, new words
are constantly emerging like for instance Smart Factory, Future Factory, Smart
Industry etc. All in all, both IoT and CPS help enhance manufacturing and
industrial processes.

Ongoing advances in science and engineering improve the link between

computational and physical elements by means of intelligent mechanisms,
increasing the adaptability, autonomy, efficiency, functionality, reliability,
safety, and usability of IoT and CPS systems. Thus, the technology fields
continue to develop.
1.2 IoT Security (vulnerabilities, attacks, and counter
measures):

IoT Security Definition

IoT security is a focus of cybersecurity that safeguards cloud-based, internet-

connected hardware known as IoT devices and their respective networks.

What Is an IoT Device?

An IoT device is a network-connected physical object outfitted with sensors,

software and computing systems that is capable of transmitting data over the
internet. They have at least one transducer — a sensor or an actuator — that
collects information from their environment, which is digitally connected via at
least one network interface, like Bluetooth or Wi-Fi.

What Is IoT Security?

IoT security refers to a strategy of safeguards that help protect these internet-
enabled devices from cyber-attacks. It’s a fairly new discipline of cybersecurity,
given the relatively recent introduction to these non-standard computing devices.

Potential IoT attacks “could range from unauthorized access and data theft to
physical tampering of the devices.

The practice of IoT security involves protecting, identifying and monitoring risks,
threats and breaches of a multiple-device system.

Why Is IoT Security Important?

As IoT devices grow in influence, so does the potential for unauthorized network
access. By design, IoT devices were not built with any sort of security
mechanisms in place.

Vulnerability:

Vulnerability is the term we use to identify a weakness, either in the design,

integration, or operation of a system or device. Vulnerabilities are ever-present,
and countless new ones are discovered every day. Many online databases and web
portals now provide us with automated updates on newly discovered
vulnerabilities.
The following diagram provides a view into the relationships between each of
these concepts:
Vulnerabilities may be deficiencies in a device's physical protection (for example,
weaknesses in a device's casing that allow the ability to tamper), software quality,
configuration, suitability of protocol security for its environment, or
appropriateness of the protocols themselves.

Attacks and countermeasures:

Common IoT attack types:

There are many attack types; however, the following list provides some of the
most significant as they relate to the IoT:

• Wired and wireless scanning and mapping attacks

• Protocol attacks
• Eavesdropping attacks (loss of confidentiality)
• Cryptographic algorithm and key management attacks
• Spoofing and masquerading (authentication attacks)
• Operating system and application integrity attacks
• Denial of service and jamming
• Physical security attacks (for example, tampering, interface exposures)
• Access control attacks (privilege escalation)

The following diagram shows the ecosystem of attacks, vulnerabilities,

and controls:
1.3 Security Engineering for IoT Development:

"Security engineering is a specialized field of engineering that focuses on the

security aspects in the design of systems that need to be able to deal robustly with
possible sources of disruption, ranging from natural disasters to malicious acts"

In today's fast-paced tech industry, security engineering often takes a back seat to

the rush to develop competitive market-driven features. That is frequently a costly

sacrifice as it provides malicious hackers an opportunity-rich sandbox in which

to develop exploits.

In an ideal world and project, a methodical approach includes identification and

evolution of a series of functional business requirements. These requirements are
prototyped, tested, refined, and finalized into an architecture before being
developed, tested and deployed. This is how things might happen in a perfect,
error-free waterfall model.

The world is not ideal, however, and IoT devices and systems will be rolled out
by a variety of company types using a multitude of development practices.

Gartner estimates that by 2017, 50% of all IoT solutions will originate from start-
up companies less than 3 years old. This imposes challenges as security is
frequently an afterthought and minor area of focus for most start-up
organizations.

The Cloud Security Alliance (CSA) IoT WG performed a survey on IoT-based

start-ups in 2015 and found that there was a lack of security emphasis and an
overall gap in the strong, dedicated workforce of security professionals.

Angel investors and venture capital firms may also impose barriers to a start-up's
meaningful incorporation of security; security is frequently demoted to a "nice to
have" status among an extensive list of features on the road to success. In this
environment, start-up companies and even more traditional companies will
frequently rely on the supposed security of their suppliers' hardware and software.
This occurs regardless of whether the intended deployment target and
environment are commensurate with the suppliers' stipulations.

1.4 IoT security lifecycle:

The security engineer's job is to be able to examine and characterize each of these
disparate systems and define an appropriate lifecycle focused on maintaining a
secure state across the enterprise.
The lifecycle is designed to be iterative, allowing for the secure addition of new
IoT capabilities throughout an enterprise. Technical, policy, and procedural
lifecycle topics are addressed to enable a robust enterprise IoT security capability
that is continuously updated and tailored to the unique operating needs of the
system. An IoT security lifecycle should support an enterprise IoT ecosystem
with the following:

• Privacy considerations due to the potential to leak sensitive information

or metadata through third-party relationships, requiring comprehensive
confidentiality controls.
• Large quantities of new devices and device types that must be configured
securely to guard against new attack vectors into the enterprise.
• Autonomous operations and device-to-device transactions that worsen the
impact of an intrusion.
• Safety-related risks to which IT staff have not traditionally been exposed.
These risks can result in harm to employees and customers if an adversary
compromises an IoT system with the potential to do physical harm.
• Potential for leased (non-owned) products. This introduces confusion into the
need for lifecycle support as vendors now must be provided with the ability to
maintain their systems.

• Preprocessing and initial data analytics (application as well as security) at the

edge of the network, with transmission of log and event data to the cloud for
additional analytics.

1.4.1 The secure IoT system implementation lifecycle:

• The following figure provides a graphical depiction of the IoT security
lifecycle that begins with the introduction of safety, privacy, and security
engineering in the system design stage, and concludes with the secure disposal
of IoT assets as their effective lifetime is reached.
1.5 Network Robustness of Internet of Things:

In many cases, edge rewire is not permitted in the IoT due to circumstances
such as protocol confinement, geolocation constraint, and so on. In this
scenario, one seeks to use the nodal detectability to infer the presence of an
attack.

A fusion-based defense mechanism is proposed to infer the presence of an attack

based on the feedbacks from each node. The feedback information can be as
simple as a binary status report reflecting that each node is, or is not, under attack,
based on the node-level detection capabilities. Then, a network level attack
inference scheme is carried out at the fusion center.

An illustration of the attack and fusion-based defense model for the IoT is shown
in Figure 1.5. A two-player game between the defender (the fusion center) and
the attacker is naturally formed, given the critical value of network resilience
(e.g., the largest component can be no less than 50% of its original size) and the
node-level detection configurations.
Figure 1.5: Illustration of the attack and fusion-based defense model for the
IoT. The adversary attacks a subset of nodes, as indicated by the red dotted
arrows. The defender performs attack inference based on the attack status
feedbacks from another subset of nodes, as indicated by blue dashed arrows.

Intuitively, from the adversary’s perspective, too few node removals cause hardly
any harm to the network connectivity, while too many node removals are prone
to be detected by the fusion center, which means that the attack is eventually in
vain. From the defender’s perspective, inferring attacks using all feedbacks might
treat the topological attack as a false alarm, since only a small subset of nodes is
targeted.
On the other hand, inferring attacks using only a few feedbacks might suffer from
information insufficiency and therefore fail to detect the presence of attacks.
Consequently, there exists a balance point at which both attacker and defender
are satisfied with their own strategies, which is exactly the notion of Nash
equilibrium in game theory.
At game equilibrium, no player’s payoff can be increased by unilaterally
changing strategy. As a result, the game payoff at game equilibrium can be used
to study the robustness of a network.

As an illustration, we evaluate the network robustness of the Internet router level

topology and the EU power grid in terms of the payoff of the defender at the game
equilibrium in Figure 1.6. The parameter PD (PF) denotes the probability of
declaring an attack when the attack is actually present (absent).

It is observed that the EU power grid is more robust to the Internet router level
topology given the same parameters PD and PF, and the network robustness
approaches 1 as the detection capability increases, which suggests that the
adversary gradually loses its advantage in disrupting the network, and the damage
caused by malicious attacks can be alleviated by the fusion-based defense
mechanism.

Figure 1.6: Network robustness of the Internet router-level topology and

the EU power grid under degree attack when PF = 0.01.

These results suggest that in addition to topological defense approaches (e.g.,

the edge rewiring method), one can improve network resilience of the IoT by
implementing network-level defense mechanisms.
1.6 Sybil Attack Detection in Vehicular Networks:
In this concept, we consider safety issues arising in vehicular ad hoc networks
(VANETs) (Figure 1.7). Although vehicular networks originated in the
infotainment domain, today they are also used in many safety-critical systems
such as
in an emergency vehicle grid.

Figure 1.7: Architecture of vehicular ad hoc network

Due to the open nature of vehicular networks, they are more amenable to
malicious attacks; and, due to their high mobility and dynamic topology, the
detection and prevention of such attacks is also more difficult.

We consider one such attack in this chapter, the Sybil attack, in which an
attacker tries to violate the unique vehicular ID property by forging or fabricating
it and presenting multiple identities.

A Sybil attack is a serious threat because it can result in large-scale denial of

service or other security risks in the network.
This chapter presents a new method to prevent Sybil attacks in a vehicular
network based on the traditional cryptographic techniques, as well as the unique
features of the network. A key feature of the methodology is the use of fixed
roadside units and a central authority.

The automobile today has evolved from a complex electromechanical system to

a “computer system on wheels” and vehicular networks are pushing the frontier
of the internet of things (IoT) to include the large class of highly mobile entities;
namely, vehicles. With the inclusion of vehicles and communication between
vehicles, as well as between vehicles and the infrastructure, the “internet of
vehicles” can potentially provide real-time connectivity between vehicles around
the globe. By further providing connectivity with entities such as traffic lights
and RFID devices, we move closer toward the goal of a safe and efficient
traffic environment.

A vehicle has potentially had more storage, communication, and computing

capacity compared to other embedded and mobile devices, and hence, vehicular
networks can act as core infrastructure to connect various things.

The vehicular ad hoc network (VANET) facilitates communication between

vehicles in the network by sharing road conditions and safety information. The
network is especially useful in dense urban regions in promoting greater road
safety and efficient traffic control.
In contrast with a mobile ad hoc network, a vehicular ad hoc network has a highly
dynamic network topology owing to the rapid movement of vehicles, with
frequent disconnections in the network and more resource constraints. It uses a
combination of networking technologies such as Wi-Fi IEEE 802.11p, WAVE
IEEE 1609, WiMAX IEEE 802.16, Bluetooth, IRA, and ZigBee.
There are two types of communication in a vehicular network: (i) vehicle-to
vehicle and (ii) vehicle-to-network-infrastructure.

The open nature of VANET communication makes it much more amenable to

malicious attacks, and the dynamic nature of vehicular movement makes it
difficult to protect against these. In this chapter, we consider one such attack, the
Sybil attack, in which a single entity can gain control over a substantial fraction
of the system by presenting multiple identities.

There are mainly two types of Sybil attacks: (i) a single node presents multiple
identities; and (ii) a Sybil node uses the identity of another node. Sybil attacks
violate the fundamental assumption of one-to-one correspondence of a node with
its identity.

1.7: Malware Propagation and Control in Internet of Things

Cyber physical systems (CPSs) integrate computing and physical processes;

embedded computers monitor and control the physical process. The system
consists of a set of nodes with various communication capabilities, including
sensors, actuators, a processor or a control unit, and a communication device. The
nodes constitute a network and communicate with each person to support
everyday life in a smart way, which is known as the Internet of Things (IoT). The
“smartness” in IoT applications, such as smart home, smart factory, smart grid,
and smart transportation, implies that nodes could automatically sense the
environment, collect data, communicate with each other, and perform
corresponding actions with minimal human involvement. Some interesting
features of the IoT are listed as follows:

➢ Numerous objects: The IoT evolves into a large number of objects that
collectively move toward a state of pervasiveness.

➢ Autonomous functioning: With minimal human intervention, objects in the

IoT will perform data collection, processing, collaborating with each other,
and decision-making in an autonomous fashion.

➢ Heterogeneous communication and computation capabilities: Objects in

the IoT might support different wireless communication technologies and
computing power. As a result, objects might play different roles in different
IoT scenarios.

➢ Interdependency between the cyber and the physical world: For example,
in one well-known IoT, the smart grid, the physical world cooperates with
the cyber network.

➢ Complex network structure: With various radio interfaces, objects can

communicate with each other in more complicated ways, forming a
complex.

Figure 1.8 shows the network architecture of an IoT platform. The security
issue in the IoT has received much attention. Obviously, the growing
popularity of objects with rich wireless communication capabilities has made
the IoT attractive to digital viruses and malicious content. Moreover, the
 mobility and novel proximity-based communication technologies increase the
possibility of spreading malware.

Figure 1.8: IoT platform with infrastructure-based and proximity-based

communications.

1.7.1 Malware Schemes in IoT:

Typically, IoT malware can propagate via infrastructure-based communication

technologies such as GSM/General Packet Radio Service (GPRS)/Universal
Mobile Telecommunications System (UMTS)/Long-Term Evolution (LTE) and
wireless local area network (WLAN).
The other approach is to exploit proximity based wireless media, such as BLE,
Wi-Fi direct, and NFC, to infect the objects
in the vicinity, as shown in Figure 1.8. With two kinds of infection path, the
malware propagation dynamics might significantly change; Figure 1.9 illustrates
an example.
As a result, an analytical model is necessary to examine the complicated malware
dynamics so that malware mitigation schemes can be proposed accordingly.
 Figure 1.9: The spreading phenomenon of IoT malware.

1.7.2. Control of malware propagation:

In the following, we are going to explore the immunity mechanisms via
epidemiology, as well as direct mapping to control of malware propagation. Two
schemes are considered, as follows.
➢ Self-healing scheme: On the expiration of the global timer, the infected
nodes delete the data, and therefore the nodes transit from the infected state to
the recovered state.
➢ Vaccine-spreading scheme: A recovered node participates in vaccinating
the susceptible nodes against the malware. In this case, a susceptible node
 becomes a vaccinee and is therefore immune to the epidemic. The
probability that a susceptible node becomes a vaccinee is denoted by k.

1.8 Solution-Based Analysis of Attack Vector son Smart Home

Systems

As welfare increases and technological gadgets become ubiquitous, we lighten

our daily lives by automating trivial and common tasks. The last few years have
shown a clear trend of automation technology usage within both personal homes
and commercial buildings. The increasing adoption of smart home systems (SHS)
leads to the need for not only more functionality but also for a safe, secure, and
functional environment.

The ongoing battle for smart grid security includes smart homes and, especially
when one technology becomes particularly widespread, it automatically creates a
high-reward target type. One specific area that is seeing a particular technological
increase, and is thus at higher risk of becoming such a target, is home automation
for personal use. Several companies offer products on the market to automate
lighting, shades, heating, cooling, and the like.

Among the many systems that feature different wired or wireless topologies is
digital STROM (dS) with its powerline-based bus and embedded central server.
This research is dedicated to finding security and privacy weaknesses in SHS
using the example of dS system. Wherever possible, we try to approach the
problem in a generic way that can also be applied to other systems.
1.8.1. The digitalSTROM Environment

Figure 1.10: A sample digitalSTROM SHS.

Figure 1.10 shows a simplified SHS consisting of three separate power circuits
(one per floor), two dS appliances (TV, light on the dash dotted line), and a non-
dS charging electric vehicle on an outdoor plug. The dSM are interconnected
(dashed lines) with the dSS by the two-wire bus. The dSS is connected to the
home network, symbolized by the wireless router, by a Cat.5 cable or, optionally,
by a supported wireless universal serial bus (USB) dongle.

A control device (typically a smartphone or tablet) is connected to the home

network with the wireless network. The dSS provides a web interface for
configuration and an AJAX/JSON application programmable interface (API) for
control.
1.8.2. Attack Vectors on SHS
We grouped the possible SHS attack vectors into five vulnerability categories,
which are detailed in this section: wired SHS commonly use a server for state
management and to provide a control interface or API, a bus for communication
with the appliances, and a small clamp or control device for switching individual
appliances. This system is ultimately controlled by the user with a control device
such as a smartphone.
Additionally, remote third-party services may be contracted to extend the
system’s core functionality. The categories and their communicative interaction
are visualized in Figure 1.11.

Figure 1.11: The five risk categories.

We divided the attacks into nine relative and perceived risk categories: low,
medium, and high in each of the two dimensions, severity and probability, shown
in Figure 1.12.
 Figure 1.12: The nine risk categories.

1.9. Crypto foundations: Block ciphers

What is a block cipher?

A block cipher is a method of encrypting data in blocks to produce

ciphertext using a cryptographic key and algorithm. The block cipher processes
fixed-size blocks simultaneously, as opposed to a stream cipher, which encrypts
data one bit at a time. Most modern block ciphers are designed to encrypt data in
fixed-size blocks of either 64 or 128 bits.

How does a block cipher work?

A block cipher uses a symmetric key and algorithm to encrypt and decrypt a block
of data. A block cipher requires an initialization vector (IV) that is added to the
input plaintext in order to increase the key space of the cipher and make it more
difficult to use brute force to break the key. The IV is derived from a random
number generator, which is combined with text in the first block and the key to
ensure all subsequent blocks result in ciphertext that does not match that of the
first encryption block.
The block size of a block cipher refers to the number of bits that are processed
together. Data Encryption Standard (DES) and Advanced Encryption Standard
(AES) are both symmetric block ciphers.

The DES block cipher was originally designed by IBM in 1975 and consisted of
64-bit blocks and a 56-bit key. This cipher is not considered secure anymore, due
to the short key size, and was replaced in 1998 by AES. AES uses a 128-bit block
size and a 128-, 192- or 256-bit key size.
1.10. Message Integrity

The cryptography systems that we have studied so far provide secrecy, or

confidentiality, but not integrity. However, there are occasions where we may not
even need secrecy but instead must have integrity.

1.10.1. Document and Fingerprint

One way to preserve the integrity of a document is through the use of a

fingerprint. If Alice needs to be sure that the contents of her document will not
be changed, she can put her fingerprint at the bottom of the document.

1.10.2. Message and Message Digest

The electronic equivalent of the document and fingerprint pair is the message
and digest pair.

Figure 1.13 Message and digest

1.10.3 Difference

The two pairs (document / fingerprint) and (message / message digest) are similar,
with some differences. The document and fingerprint are physically linked
together. The message and message digest can be unlinked separately, and, most
importantly, the message digest needs to be safe from change.
1.10.4 Checking Integrity

Figure 11.2 Checking integrity

1.11: Authenticated encryption

Authenticated Encryption (AE) is a block cipher mode of operation which

simultaneously provides confidentiality and authenticity (integrity) assurances on
the data. It became readily apparent that securely compositing a confidentiality
mode with an authentication mode could be error prone and difficult.

In addition to protecting message integrity and confidentiality,

authenticated encryption can provide plaintext awareness and security against
chosen ciphertext attack. In these attacks, an adversary attempts to gain an
advantage against a cryptosystem (e.g., information about the secret decryption
key) by submitting carefully chosen ciphertexts to some "decryption oracle" and
analyzing the decrypted results.

Authenticated encryption schemes can recognize improperly-constructed

ciphertexts and refuse to decrypt them. This in turn prevents the attacker from
requesting the decryption of any ciphertext unless he generated it correctly using
the encryption algorithm, which would imply that he already knows the plaintext.
Implemented correctly, this removes the usefulness of the decryption oracle, by
preventing an attacker from gaining useful information that he does not already
possess.

Many specialized authenticated encryption modes have been developed for

use with symmetric block ciphers. However, authenticated encryption can be
generically constructed by combining an encryption scheme and a Message
Authentication Code (MAC), provided that the encryption scheme is semantically
secure under chosen plaintext attack and the MAC function is unforgeable under
chosen message attack. Bellare and Namprempre (2000) analyzed three
compositions of these primitives, and demonstrated that encrypting a message
and subsequently applying a MAC to the ciphertext implies security against
adaptive chosen ciphertext attack, provided that both functions meet the required
properties.

Six different authenticated encryption modes, namely OCB 2.0, Key Wrap,
CCM, EAX, Encrypt-then-MAC and GCM, have been standardized in ISO/IEC
19772:2009 (Authenticated encryption).

1.12: Hash Functions

Hash functions are extremely useful and appear in almost all information security
applications.

A hash function is a mathematical function that converts a numerical input value

into another compressed numerical value. The input to the hash function is of
arbitrary length but output is always of fixed length.

Values returned by a hash function are called message digest or simply hash
values. The following picture illustrated hash function −
Features of Hash Functions:

The typical features of hash functions are −

• Fixed Length Output (Hash Value)

• Hash function coverts data of arbitrary length to a fixed length. This

process is often referred to as hashing the data.
• In general, the hash is much smaller than the input data, hence hash
functions are sometimes called compression functions.
• Since a hash is a smaller representation of a larger data, it is also
referred to as a digest.
• Hash function with n bit output is referred to as an n-bit hash
function. Popular hash functions generate values between 160 and
512 bits.
 • Efficiency of Operation

• Generally, for any hash function h with input x, computation of

h(x) is a fast operation.
• Computationally hash functions are much faster than a symmetric
encryption.

1.13 Marketers:

Marketing has evolved remarkably in this digital age following the introduction
of cryptocurrency and blockchain tech. Just imagine a world where marketing no
longer centers on promoting physical products but on building trust and
community for digital assets.

Crypto marketing involves promoting exchanges or digital currencies and

engaging with crypto lovers transparently and personally. Marketing is the most
essential aspect of any cryptocurrency project because competition in the industry
is huge, so there is always a need to ensure that your brand stands out and makes
a substantial impact on consumers. This post will discuss crypto marketing and
its significance for your project.

1.13.1 What is Crypto Marketing?

Crypto marketing is the application of various strategies to hype digital assets,

including cryptocurrencies and blockchain technology solutions. Marketers in
this space often work with social media influencers to launch campaigns and help
popularize a crypto project. The main goal of crypto marketing is to target the
audience’s interest, foster trust, and convince a crypto community to embrace a
project. From improving brand awareness to gaining credibility through press
releases, crypto marketing campaigns can help your project succeed in the
competitive digital landscape. Leading bitcoin buying and selling platforms like
NakitCoins understand that following the crypto market has never been easier.
That’s why the brand provides quick, safe, and instant transactions.

1.14. Elliptic Curves

1.14.1. Elliptic Curve Cryptography: What is it? How does it work?

Elliptic curve cryptography (ECC) is a public key cryptographic algorithm

used to perform critical security functions, including encryption, authentication,
and digital signatures. ECC is based on the elliptic curve theory, which generates
keys through the properties of the elliptic curve equation, compared to the
traditional method of factoring very large prime numbers.

1.14.2. What are the benefits of ECC?

Several benefits make elliptic curve cryptography an attractive option for certain
applications. First, as mentioned above, ECC requires smaller keys than other
methods to achieve the same level of security. This can be important in
constrained environments where limited storage is available.

Because ECC offers equivalent security with lower computing power and battery
resource usage, it is becoming more widely used in cryptocurrency platforms,
including Bitcoin and Ethereum, mobile applications, and low-power devices that
have limited computational power.

Finally, ECC can be used for digital signatures, key exchange, and other
purposes; this makes it a versatile tool for many different applications.

1.14.3. Real-world applications of Elliptic Curve Cryptography

Elliptic curve cryptography has several practical applications in the real world.
One example is online banking and payments. When you make an online
purchase with your debit or credit card, your information is often encrypted using
ECC before it’s sent over the internet. This ensures that your information remains
confidential and secure throughout the transaction process.

Another application of ECC is in email encryption. Pretty Good Privacy (PGP) is

a popular email encryption software that can leverage ECC to protect your emails
from being read by anyone other than the intended recipient.

PGP works by generating a public/private key pair for each user. The public key
can be shared with anyone, but the private key must be kept confidential at all
times. To encrypt an email, you simply need the recipient’s public key;
conversely, you’ll need your private key to decrypt an email you’ve received.

1.15. Public-Key Crypto (PKI):

Data security and privacy protection are at the core of most internet users’
concerns. Encryption is a fundamental security measure designed to protect data
from unauthorized access. And public key infrastructure (PKI) is perhaps the
most common cryptography method.

PKI involves a set of physical components (computers and software or hardware

cryptographic equipment such as Hardware Security Module “HSM” or smart
cards), human procedures (checks, validation), and software (system and
application), all of which issue and manage the life cycle of digital certificates or
electronic certificates. These tools enable cryptographic operations (e.g.,
encryption and digital signatures), which promote the following key security
characteristics during the transmission of data:

• Confidentiality: only the legitimate receiver (or owner) of data has

intelligible access to it;
 • Authentication: the legitimacy of an entity’s access request (human,
system, etc.) to system resources (systems, networks, applications, etc.).
• Integrity: the data has not been altered, accidentally or intentionally.
• Non-repudiation: the data source cannot deny the data’s sending
authenticity.

1. Components of the public key infrastructure

The PKI is generally composed of a certification authority, a registration

authority, and a central directory. Collectively, these components distribute and
validate certificates.

Certification authority (CA): Issues certificates to users, computers, and

services and manages certificates. A certification authority signs each certificate
it issues with its own digital certificate.

Registration authority (RA): The interface between the user and the
certification authority. It is responsible for identifying applicants or certificate
holders and ensuring that the certificate usage constraints are met.

Central Directory (CD): Responsible for storing digital certificates. It

centralizes and organizes the archiving of certificates. It also manages the list of
expired or revoked certificates (CRL) and makes public-key certificates issued
by the certification authority available to all users.

1.16 Signature Algorithms:

The Digital Signature Algorithm (DSA) is a cryptographic algorithm that is used

to generate and verify digital signatures. It was developed in the United States by
the National Institute of Standards and Technology. DSA allows recipients to
authenticate the sender’s identity by verifying the signature using their public
key. It also ensures integrity, as any modification to the message will render the
signature invalid, allowing recipients to detect tampering.

DSA has been widely adopted and used in various applications, including secure
email, digital certificates, and secure electronic transactions. However, newer
algorithms are becoming more popular because of their shorter key lengths and
computational efficiency.

1.16.1. How does the DSA work?

1. A private key and corresponding public key are generated. The private key
is kept secret and used for signing, while the public key is available to
others for signature verification.
2. The private key holder performs a series of mathematical operations on the
message using a specific set of parameters and creates a unique digital
signature for it.
3. The recipient uses the public key associated with the private key to verify
the authenticity and integrity of the message. They can determine if the
signature is valid or not by performing a series of calculations on the
signature and the message.