With passive security threats the attacker only reads the packages, but does not modify them (for example sniffing) Goal: obtain info that's being transmitted. with an active attack the attacker attempts to alter system resources or effect their operations. Involves modification of data streams / creation of a false stream.
Active attacks:
These attacks involve some modification of the data stream or the creation of a false stream or message. An active attack attempts to alter system resources or affect their operation and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.
Q2. List and briefly define categories of security services.
Ans X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which
ensures adequate security of the systems or of data transfers. Perhaps a clearer definition is found in RFC 2828, which
provides the following definition: a processing or communication service that is provided by a system to give a specific
kind of protection to system resources; security services implement security policies and are implemented by security
mechanisms.
Authentication :-
The authentication service is concerned with assuring that a communication is authentic. In other words it assure that the communicating entity is the one claimed.
Used in association with a logical connection to provide confidence in the
identity of the entities connected.
Data Origin Authentication
In a connectionless transfer, provides assurance that the source of received
data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of a resource (i.e., this
service controls who can have access to a resource, under what
conditions access can occur, and what those accessing the
resource are allowed to do).
DATA CONFIDENTIALITY
The protection of data from unauthorized disclosure.
Connection Confidentiality
The protection of all user data on a connection.
Connectionless Confidentiality
The protection of all user data in a single data block
Selective-Field Confidentiality
The confidentiality of selected fields within the user data on a connection or
in a single data block.
The confidentiality of selected fields within the user data on a connection or
in a single data block.
Traffic Flow Confidentiality
The protection of the information that might be derived from observation of
traffic flows.
DATA INTEGRITY
The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).
Connection Integrity with Recovery
Provides for the integrity of all user data on a connection and detects any
modification, insertion, deletion, or replay of any data within an entire data
sequence, with recovery attempted.
Connection Integrity without Recovery
As above, but provides only detection without recovery.
Selective-Field Connection Integrity
Provides for the integrity of selected fields within the user data of a data
block transferred over a connection and takes the form of determination of
whether the selected fields have been modified, inserted, deleted, or replayed.
Connectionless Integrity
Provides for the integrity of a single connectionless data block and may take
the form of detection of data modification. Additionally, a limited form of
replay detection may be provided.
Q3. Is there any problem with the one-time pad cipher? Discuss the Problems.
Ans There are two types of problems and these are:
Key distribution
Because the pad must be passed and kept secure, and the pad has to be at least as long as the message, there is often no point in using one-time padding, as you can simply send the plain text instead of the pad (as both are the same size and have to be sent securely). However, once a very long pad has been securely sent (e.g., a computer disk full of random data), it can be used for numerous future messages, until the sum of their sizes equals the size of the pad.
Distributing very long one-time pad keys is inconvenient and usually poses a significant security risk. The pad is essentially the encryption key, but unlike keys for modern ciphers, it must be extremely long and is much too difficult for humans to remember. Storage media such as thumb drives, DVD-Rs or personal digital audio players can be used to carry a very large one-time-pad from place to place in a non-suspicious way, but even so the need to transport the pad physically is a burden compared to the key negotiation protocols of a modern public-key cryptosystem, and such media cannot reliably be erased securely by any means short of physical destruction (e.g., incineration). A 4.7 GB DVD-R full of one-time-pad data, if shredded into particles 1 mm² in size, leaves over 100 kibibits of (admittedly hard to recover, but not impossibly so) data on each particle.[citation needed] In addition, the risk of compromise during transit (for example, a pickpocket swiping, copying and replacing the pad) is likely much greater in practice than the likelihood of compromise for a cipher such as AES. Finally, the effort needed to manage one-time pad key material scales very badly for large networks of communicantsâ€"the number of pads required goes up as the square of the number of users freely exchanging messages. For communication between only two persons, or a star network topology, this is less of a problem.
The key material must be securely disposed of after use, to ensure the key material is never reused and to protect the messages sent. Because the key material must be transported from one endpoint to another, and persist until the message is sent or received, it can be more vulnerable to forensic recovery than the transient plaintext it protects .
True randomne
High-quality random numbers are difficult to generate. The random number generation functions in most programming language libraries are not suitable for cryptographic use. Even those generators that are suitable for normal cryptographic use, including /dev/random and many hardware random number generators, make some use of cryptographic functions whose security is unproven.
In particular, one-time use is absolutely necessary. If a one-time pad is used just twice, simple mathematical operations can reduce it to a running key cipher. If both plaintexts are in a natural language (e.g. English or Russian or Irish) then, even though both are secret, each stands a very high chance of being recovered by heuristic cryptanalysis, with possibly a few ambiguities. Of course the longer message can only be broken for the portion that overlaps the shorter message, plus perhaps a little more by completing a word or phrase. The most famous exploit of this vulnerability is the VENONA project.
PART - B
Q4. Define types of attacks based on what is known to the attacker.
Ans Data Modification
After an attacker has read your data, the next logical step is to alter it. An attacker can modify the data in the packet without the knowledge of the sender or receiver. Even if you do not require confidentiality for all communications, you do not want any of your messages to be modified in transit. For example, if you are exchanging purchase requisitions, you do not want the items, amounts, or billing information to be modified.
Identity Spoofing (IP Address Spoofing)
Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumedâ€" identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet.After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. The attacker can also conduct other types of attacks, as described in the following sections.
Password-Based Attacks
A common denominator of most operating system and network security plans is password-based access control. This means your access rights to a computer and network resources are determined by who you are, that is, your user name and your password. When an attacker finds a valid user account, the attacker has the same rights as the real user. Therefore, if the user has administrator-level rights, the attacker also can create accounts for subsequent access at a later time.
After gaining access to your network with a valid account, an attacker can do any of the following:
Obtain lists of valid user and computer names and network information.
Modify server and network configurations, including access controls and routing tables.
Modify, reroute, or delete your data.
Denial-of-Service Attack
Unlike a password-based attack, the denial-of-service attack prevents normal use of your computer or network by valid users.After gaining access to your network, the attacker can do any of the following:
Randomize the attention of your internal Information Systems staff so that they do not see the intrusion immediately, which allows the attacker to make more attacks during the diversion.
Man-in-the-Middle Attack
As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data.
Sniffer Attack A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key.
Q5. Write a Program to implement Play fair cipher?
Ans:- The Playfair cipher is a digraph substitution cipher. It employs a table where one letter of the alphabet is omitted, and the letters are arranged in a 5x5 grid.
to playfair :keyword :message
local [matrix a b c d e f g h i j k l m n o p q r s t u v w x y z]
setkeyword jtoi lowercase :keyword
output encode (reduce "word :message)
end
;; Prepare the code array
to setkeyword :word
make "matrix ~
reorder word :word (remove :word "abcdefghiklmnopqrstuvwxyz)
make "j :i
end
to remove :letters :string
if emptyp :string [output "]
if memberp first :string :letters [output remove :letters bf :string]
output word first :string remove :letters bf :string
end
to reorder :string
output reorder1 :string (mdarray [5 5]) 1 1
end
to reorder1 :string :array :row :column
if :row=6 [output :array]
if :column=6 [output reorder1 :string :array :row+1 1]
mdsetitem (list :row :column) :array first :string
make first :string (list :row :column)
output reorder1 (butfirst :string) :array :row :column+1
end
;; Encode the message
to encode :message
if emptyp :message [output "]
if emptyp butfirst :message [output paircode first :message "q]
if equalp (jtoi first :message) (jtoi first butfirst :message) ~
[output word (paircode first :message "q) (encode butfirst :message)]
output word (paircode first :message first butfirst :message) ~
(encode butfirst butfirst :message)
end
Q6. Given the speed of a current ordinary computer (for home or light office use), estimate the amount of time necessary to crack a DES encryption by testing all 256 possible keys. Make a similar estimate for a 128-bit AES key.
Ans The Data Encryption Standard (DES) is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard (FIPS) for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm that uses a 56-bit key. The algorithm was initially controversial with classified design elements, a relatively short key length, and suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutiny which motivated the modern understanding of block ciphers and their cryptanalysis.
DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes (see chronology). There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are infeasible to mount in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been superseded by the Advanced Encryption Standard (AES). Furthermore, DES has been withdrawn as a standard by the National Institute of Standards and Technology (formerly the National Bureau of Standards).
In some documentation, a distinction is made between DES as a standard and DES the algorithm which is referred to as the DEA (the Data Encryption Algorithm). When spoken, "DES" is either spelled out as an abbreviation .
