Network security: scribe notes

BASICS IN CRYPTOGRAPHY AND SECURITY

Definitions:

Cryptography: Cryptography is the art or science encompassing the principles and methods of transforming message into one that is unintelligible, and retransforming that to its original form.

plaintext:        The original intelligible message.

ciphertext:    The transformed message.

cipher:                An algorithm for transforming and intelligible message into one that is unintelligible by transposition and/or substitution methods.

Encryption:    The process of converting plaintext to ciphertext using a cipher and a key.

Decryption:       The process of converting ciphertext back to plaintext using a cipher and a key.

Cryptanalysis: Cryptoanlysis is the practice of analyzing and breaking cryptography. It is important that the cryptographic
                            algorithms one uses be resistant to cryptoanalysis. Also called codebreaking.

Cryptography:    The study of both cryptography and cryptanalysis.

Authentication: The assurance of identity of originator of data.

Common security threats:

Identity interception - Somebody might steal your identity and use it as their own.
Masquerading - If you send your username and password in cleartext, somebody might grab it from the network.
Replay attack - Capturing a request and replaying it.
Data interception and manipulation
Repudiation
Denial of service

Approaches to security:

Link encryption: Each vulnerable communication link is equipped on both ends with an encryption device. It has the following disadvantages:

It is only effective only if all potential weak links from source to destination are secured.
It violates end-to-end argument.

End-to-end encryption: Data is encrypted only at the source node and decrypted at the destination node.

We cannot encrypt the header, so data is secure but the traffic pattern is not secure. Here traffic pattern refers to

Identities of partners
How frequently do two partners communicate.
Message patterns. Eg: length, time.

       Solution:

                Use a combination of both procedures.

        Other layers at which security can be implemented:

Network layer encryption: Examples: IPSEC,VPN,SKIP

Transport layer security: Examples: SSL,PCT(Private communication technology).

Application layer security: Examples: Privacy enhanced mail, Pretty good privacy, SHTTP

Taxonomy of ciphers:

Monoalphabetic cipher: letters of the plaintext are mapped into unique letters.

Polyalphabetic cipher: Letters of the plaintext are mapped into ciphertext space depending on their position on the text.

Stream cipher: A key stream is generated and is used to encrypt data. Encryption/Decryption is done one symbol at a time.

Block cipher: Encryption/Decryption is done on fixed size blocks.

Cryptanalysis:

The art of breaking ciphers is known as cryptanalysis.

Methods of cryptanalysis:

Ciphertext-Only : The opponent possesses a string of cipher text y.

Known plaintext: The opponent possesses a string of plaintext x, and the corresponding ciphertext string y.

Chosen plaintext: The opponent can choose a plaintext string x and construct corresponding ciphertext string y : he has obtained access to encryption machinery.

Chosen ciphertext: The opponent has obtained access to decryption machinery. He can chose ciphertext string y and construct the corresponding plaintext string x.

Types of security:

There are two fundamentally different ways ciphers may be secure.

Undonditional security:

No matter how much computing power is available, the cipher cannot be broken.

Computational security:

It may one one of the following:

Given limited computing resources (e.g., time needed for calculations is greater than time of universe), the cipher cannot be broken.

Provide evidence of computational security by reducing the security of cryptosystem to some well-studied problem thought to be difficult (e.g, factoring). Such systems are called Provably secure.

To enhance privacy i.e to increase data confidentiality we use encryption techniques.

There are two types of modern cryptographic algorithms: public-key algorithm and secret-key algorithm.

Secret-key algorithms:

In secret-key algorithm, a k-bit ``secret key'' is shared by two users, who use it to transform plaintext inputs to an encoded cipher.By carefully designing transformation algorithms, each bit of output can be made to depend on every bit of the input. With such an arrangement, a key of 128 bits used for encoding results in a key space of two to the 128th (or about ten to the 38th power).

Example algorithms: DES,TripleDES,AES.

Public-key algorithms:

In public-key algorithm, we use a pair of keys : one public the otherone private. Only private key need to be kept secret.

The pair of keys is produced by a mathematical algorithm.

One key is used for encryption and the other is used for decryption.

These algorithms solve the problem of secure key exchange.

Example algorithms: RSA,Galois Field system.

Problems with secret-key algorithm:

The algorithm is symmetric i.e the same key is used encrypt and decrypt messages. So analysis of the secret key encryption algorithm might make it more vulnerable, leading to increase in the size of the key can be used to offset this. Also the algorithm is no more a secret so the security of system resides on secrecy of the algorithm, so once key is known this algorithm is no longer useful.

The main problem with secret-key encryption establishing a secret key between the two parties in communication. Any two users who wished to communicate could agree on a key in advance, but in practice for many users this would require secure storage and organization of a awkwardly large database of agreed-on keys. A possible solution is to agree on a key at the time of communication. But this has the problem that anybody can eavesdrop on the transmission line before the two parties establish the key. In the cryptography literature this is referred to as the key distribution problem.

Approaches to solving key distribution problem:

One method for solving the key distribution problem is appointing a central key distribution center. Every potential communicating party must register with the server and establish a shared secret key. If party A wishes to establish a secret key with party B this
request is sent to the central server. The server can then inform B that A wishes to communicate, and re-encrypt and re-transmit a
key B has sent. ``The problem with this approach is that key distribution center should be a trusted party agreeable to everyone``.

A secret key can be agreed upon even without a central server. For example, the Diffie-Hellman key exchange is a protocol for
agreeing on a secret key based on publicly-discussed very large prime numbers. Its security is based on the assumed difficulty of
taking discrete logarithms modulo very large prime numbers.

Problems with public-key encryption:

In general public key systems are slower compared to private key algorithms.

Public key algorithms have the problem of key validation. If A wishes to send encrypted data to a person , B and has obtained what is known as B's public key. How does A know it really is B's public key? What if a third party, C were to publish a public key in B's name? If C knew B's public key, he can reencrypt A's message to B using the real public key and deliver it to B as if it had come directly from A. B would then decrypt it with his private key and read a message as if it had come directly from A.

Secret key Vs Public key algorithms

Key management and distribution

Public key is easier to distribute than the secret key.

Performance

Secret key scheme is much faster

Security Services possible

Digital signing is only possible with public key

Suitability to intranet and internet

Public key is better suited to both.

Encryption algorithms used are different.

Key length may vary.