Attacks on Computers & Computer Security

Introduction
Computer security is about protecting computers and networks from unauthorized
access, attacks, or damage. It ensures the confidentiality, integrity, and availability of
data.
Need for Security
Security is needed to:
• Prevent data theft or loss.
• Protect sensitive information like passwords or financial details.
• Stop hackers from causing damage to systems or networks.
• Ensure systems function correctly without disruptions (e.g., due to viruses).
Security Approaches
1. Prevention: Stopping threats before they occur (e.g., using firewalls).
2. Detection: Identifying when a security breach happens (e.g., antivirus
software).
3. Recovery: Fixing issues and restoring data after an attack.
Principles of Security
• Confidentiality: Ensures only authorized users can access data.
• Integrity: Keeps data accurate and unchanged unless authorized.
• Availability: Ensures data is available whenever needed.
Types of Attacks
1. Passive Attacks: Monitoring systems without causing damage (e.g.,
eavesdropping).
2. Active Attacks: Interfering with operations or altering data (e.g., phishing,
viruses).
3. Insider Attacks: Threats from within an organization.
4. External Attacks: Threats from outside, such as hackers.

Cryptography: Concepts & Techniques

Introduction
Cryptography is the practice of securing information by converting it into a form that
unauthorized users cannot understand.
Plaintext & Ciphertext
• Plaintext: Original, readable message or data.
• Ciphertext: Encrypted form of plaintext, which looks unreadable to
unauthorized users.
Substitution Techniques
• Replace characters or bits with others.
Example: Caesar cipher shifts each letter by a fixed number (e.g., A → D).
Transposition Techniques
• Rearrange the characters of plaintext to form ciphertext.
Example: Writing a message in rows and reading it column-wise.
Encryption & Decryption
• Encryption: Converting plaintext into ciphertext using a key.
• Decryption: Reversing ciphertext into plaintext using the same or a different
key.
Symmetric & Asymmetric Key Cryptography
• Symmetric Key: Same key is used for both encryption and decryption (e.g.,
DES).
• Asymmetric Key: Uses two keys—one public (encryption) and one private
(decryption) (e.g., RSA).
Key Range & Key Size
• Key Range: The total possible keys that can be used.
• Key Size: The length of the key in bits; larger keys are harder to break but
require more processing.

Symmetric Key Algorithm

Introduction
Symmetric key algorithms use the same secret key for both encryption and decryption.
These are fast and efficient for encrypting large amounts of data.
Algorithm Types & Modes
1. Stream Ciphers: Encrypt one bit or byte at a time (e.g., RC4).
 2. Block Ciphers: Encrypt data in fixed-size blocks (e.g., DES).
Modes:
• ECB (Electronic Codebook): Encrypts each block independently (simpler but
less secure).
• CBC (Cipher Block Chaining): Links each block with the previous one,
improving security.
Overview of Symmetric Key Cryptography
• Simple and fast.
• Suitable for encrypting large datasets.
• Requires secure key sharing.
DES (Data Encryption Standard) Algorithm
• Encrypts data in 64-bit blocks using a 56-bit key.
• Performs 16 rounds of encryption with various transformations.
• Now considered outdated due to vulnerability to brute-force attacks.
IDEA (International Data Encryption Algorithm)
• Uses a 128-bit key to encrypt 64-bit blocks.
• Designed to be secure and efficient.
• Resistant to most known cryptanalytic attacks.
RC5 (Rivest Cipher 5) Algorithm
• Flexible design with variable key size, block size, and number of encryption
rounds.
• Highly secure and adaptable.
• Commonly used in modern applications.
Asymmetric Key Algorithm, Digital Signature,
and RSA
Introduction
Asymmetric key algorithms use two keys: one for encryption (public key) and another
for decryption (private key). This solves the key distribution problem in symmetric
cryptography.
Overview of Asymmetric Key Cryptography
• Public Key: Shared with everyone; used for encryption.
• Private Key: Kept secret; used for decryption.
• Asymmetric cryptography is slower but more secure than symmetric
cryptography.
RSA Algorithm
• Developed by Rivest, Shamir, and Adleman.
• Steps:
1. Generate two large prime numbers, pp and qq, and calculate n=p×qn = p
\times q.
2. Compute ϕ(n)=(p−1)×(q−1)\phi(n) = (p-1) \times (q-1).
3. Choose a public key ee such that 1<e<ϕ(n)1 < e < \phi(n) and ee is
coprime to ϕ(n)\phi(n).
4. Find a private key dd such that (e×d)mod ϕ(n)=1(e \times d) \mod
\phi(n) = 1.
5. Encrypt: C=(Me)mod nC = (M^e) \mod n, where MM is the plaintext.
6. Decrypt: M=(Cd)mod nM = (C^d) \mod n.
Symmetric & Asymmetric Key Cryptography Together
• Often used together in hybrid encryption:
o Asymmetric encryption secures the symmetric key.
o Symmetric encryption encrypts the actual data.
Digital Signature
• A digital method to verify authenticity and integrity of a message.
• Process:
 1. Sender hashes the message to create a message digest.
2. Sender encrypts the digest with their private key (signature).
3. Receiver decrypts it with the sender's public key and verifies the
message.
• Ensures:
o Authenticity: Message is from the sender.
o Integrity: Message hasn’t been altered.
o Non-repudiation: Sender cannot deny sending the message.
Message Digest and Hash Function
• Message Digest: A fixed-size output generated from any input data (e.g., SHA-
256).
• Hash Function: A one-way function that converts data into a digest.
o Example: Hash("hello") → 2cf24dba5fb0a30e.

Internet Security Protocols, User Authentication

Basic Concepts
• Protect data transfer over the internet.
• Ensure user identities are verified before access is granted.
SSL (Secure Sockets Layer) Protocol
• Encrypts communication between web browsers and servers.
• Uses both symmetric and asymmetric cryptography.
• Replaced by TLS (Transport Layer Security) in modern systems.
Authentication Basics
• Ensures only authorized users can access a system.
Password-Based Authentication
• Most common method.
• Weakness: Vulnerable to guessing or brute-force attacks.
Authentication Token
• A physical or digital device generating a unique code (e.g., OTP, smartcards).
Certificate-Based Authentication
• Uses digital certificates issued by trusted authorities (CAs).
• Verifies user identity through public key cryptography.
Biometric Authentication
• Uses unique biological traits (e.g., fingerprint, face recognition).
• High accuracy but requires special hardware.

Electronic Mail Security

Basics of Mail Security
• Protect emails from unauthorized access or tampering.
Pretty Good Privacy (PGP)
• Encrypts emails and their attachments.
• Uses both public and private keys.
S/MIME (Secure/Multipurpose Internet Mail Extensions)
• Adds encryption and digital signatures to emails.
• Ensures email integrity and confidentiality.

Firewall
Introduction
• A firewall is a system that monitors and controls network traffic based on
security rules.
Types of Firewalls
1. Packet-Filtering Firewalls: Inspect individual packets; basic filtering.
2. Stateful Firewalls: Monitor entire connections.
3. Proxy Firewalls: Act as intermediaries between users and resources.
4. Next-Generation Firewalls (NGFW): Include advanced features like intrusion
prevention.
Firewall Configurations
1. Standalone: Protects a single computer or small network.
 2. Network-Based: Protects larger networks.
DMZ (Demilitarized Zone) Network
• A separate network layer between the internal network and the internet.
• Hosts public-facing services like web servers for additional security.