Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Blind attack

advertisement 
Network Security
Unit - 1
1. Write the brief introduction about network security? Explain the various security issues?
Computers are used by millions of people for many purposes banking, Shopping, Tax returns, Protesting
Military, Student records
…
Privacy is a crucial issue in many of these applications
Security is to make sure that nosy people cannot read or secretly modify messages intended for other
recipients
Security issues
The world before computers was in some ways much simpler
1. Signing, legalizing a paper would authenticate it
2. Photocopying easily detected
3. Erasing, inserting, modifying words on a paper document easily detectable
4. Secure transmission of a document: seal it and use a reasonable mail carrier (hoping the mail train does
not get robbed)
5. One can recognize each other’s face, voice, hand signature, etc.
Electronic world: the ability to copy and alter information has changed dramatically
1. No difference between an “original” file and copies of it
2. Removing a word from a file or inserting others is undetectable
3. Adding a signature to the end of a file/email: one can impersonate it – add it to other files as well,
modify it, etc.
4. Electronic traffic can be monitored, altered, often without noticing
5. How to authenticate the person electronically communicating with you
Possible adversaries
Student: to have fun snooping on other people’s email
Cracker: to test out someone’s security system, to steal data
Businessman: to discover a competitor’s strategic marketing plan
Ex-employee: to get revenge for being fired
Accountant: to embezzle money from a company
Stockbroker: to deny a promise made to a customer by email
Convict: to steal credit card numbers for sale
Spy: to learn an enemy’s military or industrial secrets
N HARI BABU
HOD, Dept of CSE
1
Network Security
Terrorist: to steal germ warfare secrets
Unit - 1
How secure is secure?
1. Evaluating the security of a system is a crucial and most difficult task
2. Unconditionally secure system
 If the cipher text does not contain enough information to determine uniquely the corresponding cipher
text: any plaintext may be mapped into that cipher text with a suitable key
 Consequently, the attacker cannot find the plaintext regardless of how much time and computational
power he has because the information is not there!
 Bad news: only one known system has this property: one-time pad
3. Complexity-theoretic security
 Consider a model of computation (e.g., Turing machine) and adversaries modeled as having polynomial
computational power
 Consider the weakest possible assumptions and the strongest possible attacker and do worst-case or at
least average-case analysis
4. Provable security
Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (e.g.,
from Number Theory)
5. Computationally secure
 The (perceived) cost of breaking the system exceeds the value of the encrypted information
 The (perceived) time required to break the system exceeds the useful lifetime of the information
2. Write the brief notes about Classes of network security problems?
Secrecy (or confidentiality) keep the information out of the hands of unauthorized users, even if it has to
travel over insecure links
Authentication Determine whom you are talking to before revealing sensitive information
Non-repudiation (or signatures) proves that the order was to buy X litres of alcohol at the price before the
taxes fell down and not the price after. Prove also that the order indeed existed
Data integrity (or message authentication) Make sure that the message received was exactly the message
you sent (not necessarily interested here in the confidentiality of the document)
Cryptography – some types of systems
Depending on the type of operations in the encryption/decryption
Based on substitutions: elements in the plaintext are replaced by other elements
Based on transpositions: elements in the plaintext are re-arranged
Number of keys used Symmetric systems (also known as single-key, secret-key, or conventional systems)
N HARI BABU
HOD, Dept of CSE
2
Network Security
Asymmetric systems (also known as two-key, public-key, or unconventional systems)
Unit - 1
The way the plaintext is processed Block ciphers: plaintext split into blocks processed separately
Stream ciphers: plaintext processed continuously
3. Write about Cryptanalysis – types of attacks?
Fundamental rule: one must always assume that the attacker knows the methods for encryption and
decryption; he is only looking for the keys Creating a new cryptographic method is a very complex process
involving many people – difficult to keep it confidential
Bonus for publishing the methods: people will try to break it for you (for free!)
Passive attack: the attacker only monitors the traffic attacking the confidentiality of the data
Active attack: the adversary attempts to alter the transmission attacking data integrity, confidentiality, and
authentication.
Cryptanalysis: rely on the details of the encryption algorithm plus perhaps some knowledge about the general
characteristics of the plaintext – sometimes the plaintext is known and the key is being looked for
Brute-force attack: try every possible key on the cipher text until an intelligible translation into a plaintext is
obtained
Attacks on encryption schemes Type of Known to cryptanalyst
attack
Cipher text only
Encryption algorithm
Cipher text
Known plaintext
Encryption algorithm
One or more pairs plaintext-cipher text
Encryption algorithm
Chosen plaintext
One or more pairs plaintext-cipher text, with the plaintext chosen
by the attacker
Chosen cipher text
Encryption algorithm
Several pairs plaintext-cipher text, cipher text chosen by the
N HARI BABU
HOD, Dept of CSE
3
Network Security
Unit - 1
attacker
4. Write short notes about conventional cryptography?
Secret-key cryptography also called symmetric or conventional cryptography
Five ingredients
Plaintext
Encryption algorithm: runs on the plaintext and the encryption key to yield the cipher text
Secret key: an input to the encryption algorithm, value independent of the plaintext; different keys will yield
different outputs
Cipher text: the scrambled text produced as an output by the encryption algorithm
Decryption algorithm: runs on the cipher text and the key to produce the plaintext
Requirements for secure conventional encryption
Strong encryption algorithm: An opponent who knows one or more ciphertexts would not be able to find the
plaintexts or the key .Ideally, even if he knows one or more pairs plaintext-ciphertext, he would not be able to
find the key
Sender and receiver must share the same key. Once the key is compromised, all communications using that key
are readable
It is impractical to decrypt the message on the basis of the ciphertext plus the knowledge of the encryption
Notations for relating the plaintext, ciphertext, and the keys C=EK (P) denotes that C is the encryption of the
plaintext P using the key K
P=DK(C) denotes that P is the decryption of the ciphertext C using the key K
Then DK (EK (P)) =P
5. Explain the various techniques in substitution method?
1. Caesar Cipher
It is a typical substitution cipher and the oldest known – attributed to Julius Caesar
replace each letter of the alphabet with the letter standing 3 places further down the alphabet
N HARI BABU
HOD, Dept of CSE
4
Network Security
Example:
Unit - 1
MEET ME AFTER THE TOGA PARTY
PHHW PH DIWHU WKH WRJD SDUWB
Here the key is 3 – choose another key to get a different substitution
wrapped around so that after Z follows A:
abcdefghijklmnopqrstuvwxyz
DEFGHIJKLMNOPQRSTUVWXYZABC
Mathematically, give each letter a number
abcdefghijklmnopqrstuvwxyz
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
The key is a number from to 25
Caesar cipher can now be given as
E(p) = (p + k) mod (26)
D(C) = (C – k) mod (26)
Attacking Caesar
Caesar can be broken if we only know one pair (plain letter, encrypted letter) The difference between them is
the key
Caesar can be broken even if we only have the encrypted text and no knowledge of the plaintext Brute-force
attack is easy: there are only 25 keys possible Try all 25 keys and check to see which key gives an intelligible
message
2. Monoalphabetic ciphers: Strengthening Caesar:
Caesar only has 25 possible keys – far from secure
Idea: instead of shifting the letters with a fixed amount how about allowing any permutation of the alphabet
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: if we wish to replace letters
Ciphertext: WI RF RWAJ UH YFTSDVF SFUUFYA
 This is called monoalphabetic substitution cipher – a single alphabet is used
N HARI BABU
HOD, Dept of CSE
5
Network Security
Unit - 1
 The increase in the number of keys is dramatic: 26! i.e., more than 4x1026 possible keys
 Compare: DES only has an order of 1016 possible keys
Having 1016 possible keys appears to make the system challenging: difficult to perform brute-force attacks
is known If the cryptanalyst knows the nature of the text, e.g., noncompressed English text, then he can exploit
the regularities of the language
3. Playfair Cipher
The Playfair Cipher is an example of multiple-letter encryption, Invented by Sir Charles Wheatstone in 1854,
but named after his friend Baron Playfair who championed the cipher at the British foreign office .Based on the
use of a 5x5 matrix in which the letters of the alphabet are written (I is considered the same as J) This is called
key matrix
A 5X5 matrix of letters based on a keyword
Fill the rest of matrix with the other letters in alphabetic order
E.g. using the keyword MONARCHY, we obtain the following matrix
MONAR
C HYBD
E FGIK
L PQST
UVWXZ
The plaintext is encrypted two letters at a time: Break the plaintext into pairs of two consecutive letters If a
pair is a repeated letter, insert a filler like ‘X‘in the plaintext, eg. "Balloon" is treated as "ba lx lo on"
If both letters fall in the same row of the key matrix, replace each with the letter to its right (wrapping back to
start from end), eg. “AR" encrypts as "RM"
If both letters fall in the same column, replace each with the letter below it (again wrapping to top from
bottom), eg. “MU" encrypts to "CM"
Otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “HS"
encrypts to "BP” and “EA to "IM" or "JM" (as desired)
Decryption works in the reverse direction
N HARI BABU
HOD, Dept of CSE
6
Network Security
The examples above are based on this key matrix:
MONAR
MONAR
C HYB D
C HYBD
E FG I K
E F GI K
L P QST
L P QST
U VWXZ
UVWXZ
Unit - 1
Security of Playfair
Security much improved over monoalphabetic there are 26 x 26 = 676 diagrams
Needs a 676 entry diagram frequency table to analyses (vs. 26 for a monoalphabetic) and correspondingly more
ciphertext .Widely used for many years (e.g. US & British military in WW I, other allied forces in WW II)
Can be broken, given a few hundred letters Still has much of plaintext structure
6. Write about the TCP session hijacking?
TCP session hijacking is a technique that involves intercepting a TCP session initiated between two machines
in order to hijack it.
In that the authentication check is performed only when opening the session, a pirate who successfully
launches this attack is able to take control of the connection throughout the duration of the session.
Source routing
The initial hijacking method used involved using the source routing option of the IP protocol. This option
made it possible to specify the path IP packets were to follow, using a series of IP addresses showing the
routers to be used.
By exploiting this option, the pirate could indicate a return path for packets to a router under his control.
Blind attack
When source routing is disabled, which is the case nowadays for most equipment, a second method involves
sending packets as "blind attacks", without receiving a response, by trying to predict sequence numbers.
Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by
surreptitiously obtaining the session ID and masquerading as the authorized user. Once the user's session ID
N HARI BABU
HOD, Dept of CSE
7
Network Security
Unit - 1
has been accessed (through session prediction), the attacker can masquerade as that user and do anything the
user is authorized to do on the network.
The session ID is normally stored within a cookie or URL. For most communications, authentication
procedures are carried out at set up. Session hijacking takes advantage of that practice by intruding in real time,
during a session. The intrusion may or may not be detectable, depending on the user's level of technical
knowledge and the nature of the attack. If a Web site does not respond in the normal or expected way to user
input or stops responding altogether for an unknown reason, session hijacking is a possible cause.
Related glossary terms: session prediction (credential/session prediction) , CGI scanner, Trusted Computing
Group (TCG), release, pigs and chickens, Software Process Improvement and Capability dEtermination
(SPICE) , denial of service (DoS) , HTTPS (HTTP over SSL or HTTP Secure), work breakdown structure
(WBS), stress testing
N HARI BABU
HOD, Dept of CSE
8
Related documents
SampleHWSubmission
SampleHWSubmission
MonoAlphapetic substitution cryptanalysis example
MonoAlphapetic substitution cryptanalysis example
VideoCase08:_Security
VideoCase08:_Security
Hwk #11
Hwk #11
PGP
PGP
exercises - comp
exercises - comp
Homework 2 typed
Homework 2 typed
Cryptology Handout
Cryptology Handout
Download
advertisement