Fundamentals Elements
of Network and Cyber
Security
Hussein Abdel-Wahab, Ph.D.
Professor and Graduate Program Director
Departmet of Computer Science
Old Dominion University
wahab@cs.odu.edu
www.cs.odu.edu/~wahab
General Concepts
Players: Alice, Bob and Trudy.
How to communicate securely
over an insecure medium?
Alice should be able to send a message to Bob
That Trudy can't understand or modify
&
Bob is assured that Alice is the sender.
Fundamental Tenet of
Cryptography

If lots of smart people failed to solve a problem,
then it probably won't be solved (soon).

The time required to break a code should
be longer than the time the encrypted data must
remain secret.

The value of most data decreases overtime.
Cryptographic System:
Algorithm + Key
 It
is perfectly OK to let everyone know
the algorithm. Knowledge of the
algorithm without the key does not help
unmangle the information.
Publishing the algorithm provides an
enormous amount of free consulting to
uncover weaknesses.
Traditional use of
Cryptography
Plaintext >>> Ciphertext >>> Plaintext
(Encryption)
(Decryption)
Cryptographer: Invent clever secret codes.
Cryptanalyst: Attempt to break these codes.
Computational Difficulty
Example: combination lock

Typically require 3 numbers between 1 and 40.
If it takes 10 seconds for a good guy,
it would take 10*(40**3) seconds
or about 1 week for the bad guy.

By requiring 4 numbers:
If it takes 13 seconds for the good guy,
it would take 13*(40**4) seconds
or about 1 year for the bad guy.
Secret Key Cryptography
(Symmetric Cryptography)
(encryption)
plaintext
>>>
ciphertext
|
key
|
ciphertext
>>>
plaintext
(decryption)
Uses of
Symmetric Cryptography
Transmission Over an Insecure Channel:
An eavesdropper will only see unintelligible data.
Secure Storage on Insecure Media:
Forgetting the key makes the data irrevocably lost!
Authentication: Alice authenticating Bob
Alice
challenge:
response:
Bob
r
r= K{c}
>>>>>>
<<<<<<<
r
c=K{r}
Public Key Cryptography
(Asymmetric Cryptography)
Each individual has two keys:
private key (not revealed to anyone)
public key (make it known to everyone)
plaintext
(encryption)
>>>>>>>>>>
ciphertext
|
public key
ciphertext
private key
|
>>>>>>>>>
(decryption)
plaintext
Digital Signature
(signing)
plaintext >>>>>>>>>
|
private key
ciphertext
public key
|
ciphertext >>>>>>>> plaintext
(verification)
Uses of Public Key
Secret Key establishment
Public key cryptographic algorithms are much slower than
Secret key cryptographic algorithms.
Thus they are normally used to establish temporary
shared secret key for use during a given session.
Alice
Bob
{K} eB
>>>>>>>>>
[K] dB
K{mB}
>>>>>>>>>
K{mB}
K{mA}
<<<<<<<<<
K{mA}
Uses of Public Key
Authentication
Alice authenticating Bob:
Alice
challenge: c = { r }eB
response:
r
Bob
>>>>>
<<<<<
c
r = [c]dB
Hash Algorithms
message-digest, finger-print, one-way-function
The hash of a message m,
h = H(m)
has the following properties:
 Given m, it is easy to compute h.
 Given h, it is hard to compute m.
 Given m, it is hard to find another m'
such that H(m) = H(m').
 It is hard to find m1 and m2
such that H(m1) = H(m2).
Message Authentication/Integrity Code
(MIC/MAC)
Using Secret Key:
Alice
m,h, where h = H(m|K)
>>
Bob
m,h , OK if h = H (m|K)
Bob is sure that Alice sent m, since she knows K.
Bob can NOT prove to any one else that
Alice sent him m, since he also knows K!
Password Hashing
UNIX stores the hash of passwords.
For each user U with password P, there is a
tuple:
<U, h>, where h = H(P)
When user U types a password P,
UNIX computes: H(P)
and the use is allowed to login if H(P) = h
The magic of XOR
0 ® 0 = 0 , 0 ® 1 = 1,
1®0=1 & 1®1=0
Note that:
a®a=0 &
a ® b®b = a (since b ® b = 0)
A Simple XOR symmetric algorithm:
(P plain, C cipher, K key)
Encrypt: C = P ® K*
Decrypt: P = C ® K* (since (P ® K) ® K = P)
Secret Key Cryptography
Principle
Secret key cryptographic systems takes:
a key K and a data block M and
generate a one-one mapping that looks
completely random.
I.e., any single bit change of K or M
result in a totally independent random
output.
Secret Key Cryptography
Transformation
Substitution:
For small blocks of size k bits, specify for each of
the 2k possible values of the input, the k-bit output.
Permutation:
Specify for each input bit, the output position to
which it goes.
Example: DES (Data Encryption Standard)
Hashes/Message-Digests
Principle
Major Algorithms:
Ron Rivest Message Digest (MD2, MD4 and MD5): 128-bit.
NIST Secure Hash Algorithm SHA-1: 160-bit.
Both takes an arbitrary-length string and map it to a
fixed-length quantity that appears to be randomly chosen.
They are easy to compute and are computed in rounds.
It is computationally infeasible to find:
•
A message that has a given message digest.
•
A different message with the same message digest.
•
Two messages that have the same message digest.
Things to do with a Hash
Authentication:
Alice
challenge: r
response: d
>>
<<
Bob
r
d=MD{K|r}
Alice computes MD{K|r} and if equal d, then Bob knows K.
Computing a MAC:
Alice
Bob
m,d where d = MD(K|m) >> m,d, OK if d = MD (K|m)
Encryption using
Hash
Generating one-time pad:
Both Alice and Bob knows he shared secret K
and generates:
b1= MD(K)
bi = MD(K|bi-1), i=2,3, ....
Alice
ci = mi ® bi
Bob
>>>>
mi= ci ® bi
Public Key Cryptography
Principle
Secret key algorithms & Hash algorithms similar.
Public key algorithms are different from each other.
What is common among all public key algorithms is:
each participant has two keys, public and private,
& most of them are based on modular arithmetic:
x mod n is the remainder of x when divided by n.
Example: 24 mod 10 = 4
Multiplication mod 10
Multiplication by 1, 3, 7 and 9 works as cipher since it performs 1-1 mapping.
Each "1" is the intersection of k and k-1, e.g. k = 7, then k-1 is 3.
Example: if k = 7, then 1987 is encrypted to 7369
Totient Function
What is so special about the set {1,3,7,9} ?
These numbers are relatively prime to 10,
i.e., they do not share with 10 any common factors other than 1.
How many numbers < n are relatively prime to n?
This quantity is referred to as Ø(n) and is called the totient function:


If n is prime:
then {1,2, ..., n-1} are all relatively prime and Ø(n) = n-1.
If n = p.q where p and q are two distinct primes,
then Ø(n) = (p-1)(q-1).
Example: for n = 10 = 2.5, Ø(10) =(2-1).(5-1)=1.4=4,
which is the set {1,3,7,9}.
Exponentiation
mod 10
Examples: 4 2 = 6, 8 8 = 6, 76 = 9
An exponentiative inverse of e is the number d such that:
e.d = 1 mod Ø(n)
Example: For n= 10, Ø(10)=4:
e=3 and d=7 are exponentiative inverses since 3.7=21= 1 mod 4
In public cryptography:
<e, n> is public key & <d,n> is private key
Encrypt / Decrypt
Sign / Verify
Encrypt / Decrypt:
To encrypt m: compute c = me mod n
To decrypt c: compute m = cd mod n
Example:
encrypt m = 8: c = 83 = 2
decrypt c=2: m = 27 = 8
Sign / Verify:
To sign m: compute s = md mod n
To verify s: compute m = se mod n
Example:
sign m = 8: s = 87 = 2
verify s=2: m = 23 = 8
RSA works
Encrypt/Decrypt:
To encrypt a message m (<n): c = me mod n
& To decrypt c: m = cd mod n
This works since:
cd mod n = (me)d mod n = me.d mod n
= m mod n // since e.d = 1 mod Ø(n)
=m
// since m < n
Sign/Verify:
To sign a message m (<n): s = md mod n
& To verify s: m = se mod n
This also works since:
se mod n = me.d mod n = m mod n = m
Diffie-Hellman:
Key agreement Protocol
Alice and Bob agree on: p (large prime) & g < p.
Alice
Bob
Pick SA (512-bit random number) Pick SB (512-bit random number)
Compute TA = ( gSA) mod p
Compute TB = (gSB) mod p
send TA >>>>>>>> <<<<<<<<< send TB
Compute X = TB SA mod p
Compute Y = TA SB mod p
X is the same as Y, why?
X = TBSA = gSBSA
Y = TASB = gSASB
No one can compute g (SASB ) by knowing g (SA ) & g (SB )
Email Security Protocols

PEM (Privacy Enhanced Mail):
Add encryption, authentication and integrity
to ordinary text messages.

MIME (Multipurpose Internet Mail Extensions):
Is a standard for encoding arbitrary data in email
(images, video, etc.).

S/MIME:
Incorporated many principles of PEM into MIME.
PEM: MIC-CLEAR
From: Alice
To: Bob
Subject: Colloquium
Date: Tue Oct 26, 2005
-----BEGIN PRIVACY ENHANCED MESSAGE----Originator-ID-Asymmetric: <certificate>
MIC-Info: RSA-MD5, RSA, <MIC>
Dear Bob:
I would like to invite you to give a colloquium next Fall, If you
accept, let us talk about the details.
Alice
-----END PRIVACY ENHANCED MESSAGE-----
PEM: ENCRYPTED
From: Alice
To: Bob
Subject: Colloquium
Date: Tue Oct 26, 2005
-----BEGIN PRIVACY ENHANCED MESSAGE----DEK-Info: DES-CBC, IV
MIC-Info: RSA-MD5, RSA, <MIC>
Recipient-ID-Asymmetric: <Recipient certificate>
Key-Info: RSA, <key encrypted with recipient public key>
<encoded encrypted message using DES-CBC>
-----END PRIVACY ENHANCED MESSAGE-----
SSL/TLS
Secure Socket Layer, Netscape
Transport Layer Security, IETF
Run as a user-level processes on top of TCP/IP.
Alice
Bob
I want to talk, ciphers I support, Ra --------------------- >
< ---------------------------- crtificate, cipher I choose, Rb
choose secret S, compute K= f (S,Ra,Rb):
{S}Bob , {keyed hash of handshake msgs} -------------- >
compute K= f(S,Ra,Rb):
<------------------------ {keyed hash of handshake msgs}
<-- data protected with keys derived from K -->
Ra and Rb are 32 octets long, the first 4 are the time
This ensures that Rs are always different.
Authentication Systems
Password-based
It’s not who you are, It’s what you know
On-line Password attack:
Easy to defend, e.g., limit and slow down the number of guesses.
Off-line Password attack:
Capture a quantity X derived from the password and take
your time to guess the password that produces X.
(e.g., use a dictionary)
Authentication Systems
Address-based
It's not what you know. It's where you are
In Unix /etc/hosts.equiv:
Contains a list of computers that have identical user accounts
to allow users on these hosts to rlogin without providing
passwords.
Trusted Intermediaries
For N entities, if each keeps N -1 secrets,
then adding a new entity involves adding N new secrets. Clearly
not practical for large N.
KDC (Key Distribution Center):
Keeps N keys, and adding one key for each new entity.
Alice
KDC
Bob
Need to talk to Bob -------------->
generate random R,
R= KA[X] <--------- X= KA{R} , Y= KB{R} -------> R= KB[Y]
C1 = R{M1}
--------------------------------------> M1 = R[C1]
M2 = R[C2] <-----------------------------------C2 = R{M2}
Disadvantages of KDC:
If compromised, all Keys are compromised.
Single point of failure
Performance bottleneck.
CA
Certificate Authority
Each entity keeps its private key.
 The CA certifies (sign) that the public key belong
to the entity.
 All public key certificates may be kept in one place
or each entity keeps its own.
 Certifies expire after a reasonable period (1 year).
It can be revoked and the CA periodically publish a
CRL (certificate revocation list) .
Clients should check the latest CRL before trusting
a certificate.

Delegation
It's not who you are. It's who you're working for
Sometime it is necessary to have some entity act on your behave.
This is achieved using delegation
Generate a special message, signed by you
(using public key cryptography, or through KDC), specifying:



To whom you are delegating the rights,
Which rights are being delegated &
For how long.
Mutual Authentication
Shared Secret
Alice
Bob
I'm Alice --------------------------------------->
< ------------------------------------------------ Rb
f(K, Rb) ---------------------------------------->
Ra ---------------------------------------------->
<------------------------------------------ f(K, Ra)
Reducing number of Messages
Packing more information into each message:
Alice
Bob
I'm Alice, Ra ------------------------------------->
<------------------------------------------ Rb, f(K, Ra)
f(K, Rb) -------------------------------------------->
Reflection Attack!
Trudy can impersonate Alice to Bob by
opening a second connection to Bob
Session1:
Trudy
Bob
I'm Alice, Ra ------------------------------------------------>
<------------------------------------------------------ Rb, f(K, Ra)
suspend session 1......
Session 2:
Trudy
Bob
I'm Alice, Rb ---------------------------------------------->
<------------------------------------------------ Rb', f(K, Rb)
abort session 2.......
continue session 1......
f(K, Rb) --------------------------------------------------------->
Using Time Stamps
We can use time stamps to reduce the number of
messages to two:
Alice
Bob
I'm Alice, f(K, timestamp) ------------------------->
<-------------------------------------- f(K, timestamp++)