Crypto basics

CRYPTOGRAPHY BITS F463 Lecture 1

BITS Pilani, Hyderabad Campus

Learning Objectives

Cryptography is an indispensable tool for protecting information in computer

systems

Learning to reason about the security of cryptographic constructions and to apply

this knowledge to real-world applications

forms the crux of this course


Course Material Textbooks:

T1: Cryptography and Network Security: Principles and Practice,

William Stallings, Fifth Edition, Pearson Education

Reference books:

R1: Cryptography and Network Security, Behrouz A. Forouzan,

McGraw-Hill, 2007

R2: Applied Cryptography, Bruce Schneier, Wiley Student Edition,

Second Edition, Singapore, 2010

R3: Handbook of Applied Cryptography: Alfred Menezes, Paul van

Oorschot, and ScoF Vanstone, CRC Press, NY

R4: Cryptography: Theory and Practice, Douglas Stinson, Chapman

and Hall/CRC, 3rd Edition, 2005.

R5: Cryptography and E-Commerce: A Wiley Tech Brief, Jon C. Graff,

John Wiley & Sons, 2000

Online Study Material:

http://online.stanford.edu/course/cryptography, https://www.coursera.org/course/crypto


Course Administration and Evaluation

Evaluation

Component

Weightage Date & Time Mode

Test-1 20% Closed Book

Test-2 20% Closed Book

Assignments/

Term Projects

(Take Home)

20% Open Book

Comprehensive 40% Closed Book


Roadmap

Cryptographic algorithms

symmetric ciphers

asymmetric encryption

hash functions

Mutual Trust


Cryptographic algorithms: This is the study of techniques for ensuring the secrecy and/or authenticity

of information. The three main areas of study in this

category are: 1. symmetric encryption, 2. asymmetric

encryption, and 3. cryptographic hash functions, with the

related topics of message authentication codes and

digital signatures

Mutual trust: This is the study of techniques and algorithms for providing mutual trust in two main areas.

First, key management and distribution deals with

establishing trust in the encryption keys used between

two communicating entities. Second, user authentication

deals with establish trust in the identity of a

communicating partner

What would you learn?


Standards Organizations

National Institute of Standards & Technology (NIST)

Internet Society (ISOC)

International Telecommunication Union Telecommunication Standardization Sector (ITU-T)

International Organization for Standardization (ISO)

RSA Labs (de facto)


Computer Security

the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)

->NIST95 definition


Key Security Concepts (CIA triad)


Confidentiality (covers both data confidentiality and privacy): preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information.

Integrity (covers both data and system integrity): Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information.

Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system.

Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator.

Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.

CIA triad


Levels of Impact

3 levels of impact from a security breach

Low

Moderate

High


Low Impact

The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.

A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might

(i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced;

(ii) result in minor damage to organizational assets;

(iii) result in minor financial loss; or

(iv) result in minor harm to individuals.


Moderate Impact

The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.

A serious adverse effect means that, for example, the loss might

(i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced;

(ii) result in significant damage to organizational assets;

(iii) result in significant financial loss; or

(iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries.


High Impact

The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

A severe or catastrophic adverse effect means that, for example, the loss might

(i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions;

(ii) result in major damage to organizational assets;

(iii) result in major financial loss; or

(iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.


Examples of Security Requirements

confidentiality student grades

integrity patient information

availability authentication service

authenticity admission ticket

non-repudiation stock sell order


Computer Security Challenges not simple easy to get it wrong

must consider potential attacks

procedures used counter-intuitive

involve algorithms and secret info

must decide where to deploy mechanisms

battle of wits between attacker / admin

not perceived on benefit until fails

requires regular monitoring

a process, not an event

too often an after-thought

regarded as impediment to using system

Unusable security is not secure


What is security all about?

Security is protecting assets Prevention, detection, reaction are the protective measures

Computer security rests on the basic aspects

-- Confidentiality

-- Integrity

-- Availability


How to realize Security?

models

mechanisms

policies


What is a security policy? A security policy is a statement that

partitions the states of the system into a set of authorized or secure states and a set of unauthorized or non secure states (security policy theorem)

A security policy sets the context in which we can define a secure system

A secure system is one which starts in an authorized state and cannot enter an unauthorized state


What is a security model?

A Security Model is a formal description of a security policy

A security policy captures the security requirements of an enterprise and describes the

steps that have to be taken to achieve security in

the form of a model

Security models are used in security evaluation, also as proofs of security

Among all the security models, Bell-LaPadula model is treated as a milestone in computer

security


What is a security mechanism?

secure precise broad

set of reachable states set of secure states


Security Objectives

Security objectives should include

Availability (of systems and data for intended use only)

Integrity (of system and data)

Confidentiality (of data and system information)

Accountability (to the individual level)

Assurance (that the other four objectives have been adequately met)


Security Objective Dependencies

confidentiality

confidentiality

integrity

confidentiality integrity

accountability

confidentiality

availability

assurance

integrity

integrity


More on basics of security

Authorization Accounting

Authentication

Verify credentials

Grant rights Unauthorized

access

auditing repudiation

Verify identity ID spoofing

ID Masquerade

Content modification


More on basics of security contd..

Availability Confidentiality

Integrity

Continuity

Punctuality Interruption

delay

exclusivity divulging

Correctness

Completeness

Validity

Authenticity

Non-repudiation

manipulation

destruction

Falsification

repudiation


Classification of Security Services

Support. These services are generic and underlie most information technology security capabilities. Prevent. These services focus on preventing a security breach from occurring Recover. The services in this category focus on the detection and recovery from a security


Security Services Model


Security Life Cycle

Threats

Policy

Specification

Design

Implementation

Operation


Computer Security - generic name for the collection of policies/tools/mechanisms designed to protect data and to thwart hackers

Network Security - measures to protect data during their transmission

Internet Security - measures to protect data during their transmission over a collection of interconnected networks

The focus is on measures to deter, prevent, detect and correct security violations that involve the transmission & storage of information

Definitions


Observed security trends, growth in sophistication of attacks contrasting with decrease in skill & knowledge needed to mount an attack.

Security Trends


We need a systematic way of defining the requirements for security and characterizing the

approaches to satisfy those requirements

ITU-T2 recommendation X.800 Security Architecture for OSI defines a systematic way of defining and providing security requirements

It provides a useful overview of concepts

OSI Security Architecture


security attack

security mechanism

security service

Aspects of Security


The OSI security architecture focuses on security attacks,

mechanisms and services. These can be defined briefly as

follows:

Security attack: Any action that compromises the security of

information owned by an organization.

Security mechanism: A process (or a device incorporating

such a process) that is designed to detect, prevent, or

recover from a security attack.

Security service: A processing or communication service that

enhances the security of the data processing systems and

the information transfers of an organization. The services

are intended to counter security attacks and they make

use of one or more security mechanisms to provide the

service.

OSI Security Architecture & Aspects


Any action that compromises the security of information owned by an organization

Information security is about how to prevent attacks, or failing that, to detect attacks on

information-based systems

often threat & attack used to mean same thing

have a wide range of attacks

can focus on generic types of attacks passive

active

Security Attack


Threat:

A potential for violation of security, which exists when

there is a circumstance, capability, action or event that

could breach security and cause harm.

Attack:

An assault on system security that derives from an

intelligent threat; an intelligent act that is a deliberate

attempt (method/technique) to evade security services

and violate the security services and violate the security

policy of a system

Threat and Attack


A potential occurrence that can have an undesirable effect on the system assets or resources

Primary threats

Unauthorized access

User masquerading

Denial of service

Physical attacks

Secondary threats

Introduction of malware

Bad security administration

Bad architecture, implementation

misconfiguration

Threats


Passive Attack - Interception


Passive Attack: Traffic Analysis

Observe traffic pattern


Active Attack: Interruption

Block delivery of message


Active Attack: Fabrication

Fabricate message


Active Attack: Replay


Active Attack: Modification

Modify message


Handling Attacks

Passive attacks focus on Prevention

Easy to stop

Hard to detect

Active attacks focus on Detection and Recovery

Hard to stop

Easy to detect


Security Service

enhance security of data processing systems and information transfers of an organization

intended to counter security attacks

using one or more security mechanisms

often replicates functions normally associated with physical documents

which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed


Security Services

X.800: a service provided by a protocol layer of

communicating open systems, which ensures adequate security of the systems or of data transfers

RFC 2828: a processing or communication service provided by

a system to give a specific kind of protection to system resources


Security Services (X.800)

Authentication - assurance that communicating entity is the one claimed have both peer-entity & data origin authentication

Access Control - prevention of the unauthorized use of a resource

Data Confidentiality protection of data from unauthorized disclosure

Data Integrity - assurance that data received is as sent by an authorized entity

Non-Repudiation - protection against denial by one of the parties in a communication

Availability resource accessible/usable


Security Mechanism

a.k.a. control

feature designed to detect, prevent, or recover from a security attack

no single mechanism that will support all services required

however one particular element underlies many of the security mechanisms in use: cryptographic techniques

hence our focus on this topic


Security Mechanisms (X.800)

specific security mechanisms: encipherment, digital signatures, access controls,

data integrity, authentication exchange, traffic padding, routing control, notarization

pervasive security mechanisms: trusted functionality, security labels, event

detection, security audit trails, security recovery


Model for Network Security


Model for Network Security

using this model requires us to: 1. design a suitable algorithm for the security

transformation

2. generate the secret information (keys) used by the algorithm

3. develop methods to distribute and share the secret information

4. specify a protocol enabling the principals to use the transformation and secret information for a security service


Model for Network Access Security


Model for Network Access Security

using this model requires us to: 1. select appropriate gatekeeper functions to

identify users

2. implement security controls to ensure only authorised users access designated information or resources

note that model does not include: 1. monitoring of system for successful penetration

2. monitoring of authorized users for misuse

3. audit logging for forensic uses, etc.


Summary

topic roadmap & standards organizations

security concepts:

confidentiality, integrity, availability

X.800 security architecture

security attacks, services, mechanisms

models for network (access) security

Documents

Crypto basics