Embed Size (px)
Citation preview
Arab Open University - Riyadh 1
Outline of Unit 14: Hiding data - an introduction to security
• Computers and security
• Cryptography
• Security in industry
• The limits of security
• The single user and security
2
Why is security important?
• Data and information must be hidden or protected from those who wish to damage it so we can't use it, and from those who wish to use it with criminal intent.
• Hackers and crackers Cracker: someone who attempts to overcome some security technology, usually for criminal intent. Hacker: someone with superior software skills who uses them legally.
3
Some examples of major security breaches 1. False authority syndrome:
Authentic-looking messages that ask the user to do something that causes harm to the computer or files, or ask for confidential login details and passwords.
2. List Linking: Putting someone's name on several mailing lists so they are swamped with emails and cannot read their normal mail. This attack is known as a denial of service attack as it denies the user some important service that the computer provides: in this case emailing.
3. Roll your own credit cards:Bank employees responsible for the issue of credit cards issued a number of false cards to fictional people, picked up the cards and spent the money.
4
4. Web attack:An attack on the inner workings of a selling website so that the intruder can get customers' login details.
5. Money transfer: A cracker can infiltrate (break into) computer files of big companies or banks and transfer money.
6. Internet worm:A malicious program that passes from computer to computer over the internet, replicating itself and infecting other computers. It may also damage important files and dominate the processor rendering the computer unusable.
Some examples of major security breaches
5
OutlineComputers and security
• Cryptography
• Security in industry
• The limits of security
• The single user and security
6
Terminology• Cryptography:
The study of secret codes. Literally, it means 'Hidden writing'.
• Steganography:The technique of physically hiding a message inside an innocent-looking document.
• Plain text:The original, understandable text before it's been encrypted.
• Cipher text:The text transformed by applying some cryptographic method.
• Encryption:The process of transforming text so that it cannot be understood by anyone who does not have the key to the cryptographic method used.
7
• Decryption:The process of returning an encrypted document to its original form by application of a key.
• Key: The transformation of a plain text into a cipher text uses some well-defined set of steps which is varied according to an entity known as a key.
• Symmetric key cryptography:When the same key is used for encryption and decryption.
• Asymmetric key cryptography: When two different keys are used, one for encryption and another for decryption.
Terminology
8
Caesar Cipher• An early method of encryption is attributed to Julius Caesar.
• A Caesar cipher works by replacing each letter in the alphabet with another taken from a fixed distance (the shift) further down the alphabet.
• We start by numbering the letters of the alphabet.
• The choose the key (the shift), i.e. the number of places to shift each letter. Suppose we choose 3 – so that each letter will be replaced by the letter three places down the alphabet (with the alphabet wrapping around to the start). So ‘a’ is shifted three places to ‘d’, and so on.
a b c d e f g h i j k l m n o p q r s t u v w x y z1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
d e f g h i j k l m n o p q r s t u v w x y z a b c4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 1 2 3
1 (a) + 3 = 4 (d) ; 7 (g) + 3 = 10 (j)
9
n o t l o n g n o w t o t h e e n d
s t y q t s l s t b y t y m j j s i
• After shifting the letters correctly, replace each letter in the plaintext with the corresponding letter from the shifted alphabet in order to encrypt the message.
What is the shift in the encrypted message below?
Caesar Cipher
n is letter 14 and s is letter 19.So the shift is: 19 – 14 = 5.
•For the Caesar cipher, decryption is achieved by reversing the shift process (subtract the shift from the letters numbers).
•Because the key used to encrypt and decrypt are the same, the Caesar cipher is an example of symmetric key cryptography.
10
• In the Caesar cipher, each letter in the alphabet can only be substituted by one other letter (e.g. A is always replaced with Q). This form of cipher is therefore known as a monosubstitution cipher. Monosubstitution ciphers are relatively easy to break.
• In modern versions the process used in transforming a text into its encrypted form is much more complicated and leads to polyalphabetic ciphers.
• Why are there only 25 possible Caesar keys? (SAQ 2.2)There are 26 letters in the English alphabet. A Caesar shift of 0 would replace a letter with itself, as would a Caesar shift of 26. A Caesar shift of 27 is equivalent to a Caesar shift of 1, a shift of 28 is equivalent to 2, and so on. The only valid Caesar shifts are with keys of 1 to 25 and there are 25 of them.
Caesar Cipher
11
A Caesar shift of 28 is equivalent to a Caesar shift of 2.
Whenever letter 26 (z) is reached, we start over from letter 1 (a).
1 2
34
5
6
7
8
10
11
18
12
19
22
23
2425 26
1513
16
14
17
9
20
21
a b
c
d
e
f
g
h
i
j
k
lmno
p
q
r
s
t
u
v
w
xy
z
28
2
Caesar Cipher
The number of possible keys = the
number of characters the cipher deals with
- 1
12
How many bits? (Tricky question)Imagine a Caesar cipher is to be used that works for upper and lower case letters and the following special characters: space, comma, question mark, full stop.The key (i.e. the shift) is to be represented as a binary number stored in a computer file.
What is the minimum number of bits needed for the key to represent all the possible values the key could take?
The number of characters that the cipher deals with is: 26 (upper case letters) + 26 (lower case letters) + 4 (the special characters) = 56. Therefore our key can be any number in the range 1 to 55 (see SAQ 2.2 on page 12).
So we need to find the number of bits necessary to hold 55 possible values. Since 6 bits can hold 64 values (26 = 64), 6 bits is the minimum number of bits needed.
Caesar Cipher
13
One-time pad1. Pads were printed, each comprised of many pages containing
thousands of random characters (the key). Two copies were made of each pad, one for the sender, the other for the recipient.
2. The sender uses the key on the top page of their pad to encrypt the message
cipher text
3. The receiver uses the key on the top page of their pad to decrypt the message
4. Both destroy the top page of the pad; and never use it again.
14
• One-time pads are totally secure if:– The page is destroyed and never re-used. Encryption
is most secure when there is no repetition. If keys are reused, there is a chance of repetition.
– The keys are truly random. Unfortunately, for complex scientific reasons, the generation of truly random values is extraordinarily difficult.
– The pads remain secure and do not fall into the hands of anyone else.
• An electronic variant of a one-time pad is used on the Internet in SSL (Secure Sockets layer) which is often used by websites when secure information (e.g. credit card numbers) are being transmitted across the web.
One-time pad
15
One-time pad example - encryption
key K I V A K V Z M H
11 9 22 1 11 22 26 13 8
plain text B L U E B I R D S
2 12 21 5 2 9 18 4 19
key + plain text
13 21 43 6 13 31 44 17 27
mod 26 (-26)
13 21 17 6 13 5 18 17 1
cipher text M U Q F M E R Q A
16
One-time pad example - decrypt
cipher text M U Q F M E R Q A
13 21 17 6 13 5 18 17 1
key K I V A K V Z M H
11 9 22 1 11 22 26 13 A
cipher text - key
2 12 -5 5 2 -17 -8 4 -7
mod 26(+26)
2 12 21 5 2 9 18 4 19
plain text B L U E B I R D S
17
Enigma
from www.pbs.org/wgbh/nova/decoding/enigmadiagram.html
• Used during World War II to encrypt and decrypt secret military messages.
• An Enigma machine produces a polyalphabetic cipher.
• An Enigma machine uses symmetric key cryptography. The keys were held in code books. The sender and receiver had to have identical code books. This was a major weakness as code books sometimes fell into enemy hands.
see http://en.wikipedia.org/wiki/Enigma_machine for a good detailed explanation of how the enigma machine worked.
18
• At the heart of the Enigma machine are three toothed wheels known as rotors. Each rotor is labelled with the letters of the alphabet and can be set in any of 26 positions.
• Each key press advances the first rotor by one position.• The electrical signal leaving the first rotor enters the
second rotor and is further scrambled. The process is repeated in the third rotor.
• After 26 complete revolutions of the first rotor, the second rotor completes one revolution, and the third rotor moves on one place.
• When a rotor changes position, the circuit paths change and therefore the encryption changes, resulting in a polyalphabetic cipher.
Enigma
19
Data Encryption Standard (DES)• DES is one of the most popular cryptographic methods. It
was developed by IBM and the National Security Agency for the US Government 1976 and considered impregnable at the time.
• It is not impregnable anymore because the increase in computer power means that it could be cracked by brute force attack.In 1997 special purpose computers could crack DES in six hours.
• Brute force attack: feeding the encrypted text into a computer which tries every possible key, checking that the output from the decryption makes sense.
• DES uses a symmetric key (a single key that is used to both encode and decode messages, so it is held by the sender and the receiver).
• Encryption in DES can be very fast.
20
• DES uses a symmetric key with permutation, swapping and function application.
• Permutation: shuffles the characters in a message so that although the same characters appear, they appear in different positions.
• Swapping (transposition): takes two collections of characters and exchanges the first collection with the second.
Hello_Mum leH_olmuM uMH_olmle
Permutation in groups of 3
letters (reverse each 3 letters)
Swap first two and last two
letters
wOJ_qnong
Function application:
Caesar cipher shift 2
Data Encryption Standard (DES)
21
Asymmetric key cryptography techniques • To overcome the security problems with symmetric keys falling into
the wrong hands, asymmetric keys were developed. A user generates a pair of keys – one public and one private.
• In asymmetric key encryption, if two people (A and B) who wish to communicate they would do the following.
– A and B both generate two keys: a public key and a private key that will be used in the encryption and decryption of messages.
– A and B both publish their public key, e.g. on their websites. Their other keys (the private keys) are kept secret.
– If B wants to send a message to A, B encrypts the message using A’s public key.
– When A receives the message, A decrypts it using their private key. – Because A’s private key is known only to A but public keys can be
known to anyone, this means that cryptography can be achieved without having to distribute keys. This makes asymmetric key cryptography much more secure than symmetric key cryptography.
– It can also be done the other way round. A can send a message to b using A's own private key and B can decrypt it using A's public key.
22
http://www.int.gu.edu.au/courses/2010int/crypto.html
Asymmetric key cryptography techniques
23
RSA• RSA, named after its inventors Ron Rivest, Adi Shamir
and Len Adleman is the most popular of the asymmetric key techniques.
• It uses a public key for encryption and a private key for decryption and vice versa.
• This asymmetry means that the public key can be distributed by insecure means - or even made public.
• There are many public keys, one to match each private key.
• RSA (and other asymmetric key cryptography techniques) is computationally more complex than DES (or other symmetric techniques) and is much slower.
24
OutlineComputers and security
Cryptography
• Security in industry
• The limits of security
• The single user and security
25
Security in Industry
• The Internet is an open network and you can't control which computers will carry your messages.
• Your message, containing confidential data, could be intercepted at any intermediate node.
• Security is essential for some commercial transactions - for example processing credit card numbers.
• Secure Sockets Layer (SSL) provides a mechanism to do this. It is the most popular way of sending data securely, over a network, from one computer to another.
26
Secure Sockets Layer • SSL uses symmetric and asymmetric keys.• The bulk of the data is encrypted with a
symmetric key for speed.• A new key for symmetric encryption is created
for each transaction (one-time key).• This key is itself encrypted and sent across the
net for the receiving computer to use.• The key is encrypted using an asymmetric
technique for security.• SSL is more efficient than RSA alone.
27
The Process:
1. Two computers A and B identify and authenticate each other and exchange information about the encryption and decryption methods they are going to use.
2. Computer A generates a key, called a one-time key, for sending bulk data to the computer B using a symmetric key cryptography technique, such as DES. It will generate a new key each time (once used, a key is destroyed).
3. Computer A encrypts the symmetric key using the public key of computer B and sends it to computer B.
4. Computer B receives the encrypted symmetric key and decrypts it using its own private key. At this point both computers know the symmetric key.
5. Computer A sends data to computer B using the symmetric key. 6. When computer B receives the data, it can decrypt it using the
symmetric key.
Secure Sockets Layer
28
A and B exchange information about encryption and decryption
methods
A B
A generates symmetric key, encrypts it with B's public key and
sends it to B
Generate and encrypt key
datadatadatadatadataEncrypt Decrypt
Symmetric key Symmetric key
Secure Sockets Layer
Decrypt with B's private key
29
How do I know a website is using SSL?
Insecure
Secure
Secure
A site using SSL will have https rather than http in the address line, and a little closed padlock at the bottom in both Internet Explorer and Netscape. You may also get an alert when you are about to enter a secure site or page and another when you leave telling you are going to an insecure page.
30
Digital Signature• A technology used to check whether data has been
tampered with and to uniquely identify the sender. • It uses asymmetric key cryptography and a message
digest or hash function. • A message digest is simply a number calculated from a
message. Message digest algorithms are complex but are chosen so that two different messages are exceptionally unlikely to have the same message digest.
• The message digest is then encrypted using the sender’s private key to produce a digital signature which is sent together with an encrypted version of the message using a symmetric key cryptographic method.
31
Digital signatures overcome two problems:
1. Authentication: means that a receiver knows that a particular message originated from a particular user. A digital signature guarantees that the sender of a message really is who he or she claims to be.
2. Non-repudiation: means that a sender cannot deny sending a message.
What the receiver has to do:
1. Decrypt the message using the symmetric key.
2. Calculate the message digest from the decrypted message.
3. Decrypt the original (the sender’s) message digest using the sender’s public key.
4. Compare the two digests: if they are the same: then the message was sent by the person who is associated with the public key; and the message hasn’t been tampered with.
Digital Signature
32
Digital Certificates• Digital certificates have been introduced to overcome the
problem of making sure the publisher of a public key is who they say they are and not some criminal masquerading as, for example, a bank.
– You use the key to send messages to your bank.– Criminal intercepts and reads the messages.
• Digital certificates are issued by a trusted certifying authority: an organization which can be trusted, perhaps by having some sort of national or official role.
• A digital certificate provides basic authentication facilities on the Internet.
• The certifying authority holds a database of the details of the certificates.
33
Each certificate will contain the following information:• The name of the authority that issued the certificate.• The name of the user associated with the certificate.• The public key of the user and description of the user's asymmetric
cryptography method.• The digital signature of the certifying authority (contents of the
certificate encrypted with the private key of the certifying authority).• How it’s used:
1. The customer would look up the company’s digital certificate
2. Use the certificate authority’s public key to decrypt the digital signature.
3. Compare the result with the contents of the certificate. If they match, then the certificate was issued by the certificate authority.
Everything can be done automatically by the software that the customer is using.
Digital Certificates
34
Web Security• A firewall is a software or hardware
barrier which prevents an intruder from accessing a web server (or a PC, in the case of personal firewalls).
• The firewall provides two levels of protection for a web server.
• The first level is implemented by a hardware device known as a screening router (often just called a router). The router determines which packets of data should be allowed to pass in each direction. It lets through email and web server requests but rejects requests for a file held on the private network.
• The second level, when web page access is required, is known as a bastion host (often known as a proxy gateway). This server is used to store temporary copies of the web pages which are requested by users. If a requested page is not stored on the bastion host, the bastion host forwards the request to the real web server on the private network.
35
• SSL is used in e-commerce for the transfer of requests and the return of sensitive information. The parties involved authenticate each other by exchanging their digital certificates.
• Secure Electronic Transaction (SET) is a security standard that protects credit card transactions on the Internet.
• The key features of SET are as follows.– Security of data. Cardholder and payment information is kept
secret by encrypting the data using DES.– Integrity of data. SET uses message digests to ensure that the
data that has been sent has not been altered in transit.– Cardholder authentication. SET uses digital certificates to
validate that a cardholder is a legitimate user of a valid account number.
– Merchant authentication. Digital certificates are used to validate a merchant to check that they can accept credit card transactions.
Web Security
36
OutlineComputers and security
Cryptography
Security in industry
• The limits of security
• The single user and security
37
Limits of Security• When computer and communication systems fall victim to a
malicious act it is called an attack.• Attacks on computer systems and data can come in many forms,
and not only the technical attacks that we have been learning how to prevent with cryptography.
• The best security is no good if the password is written on a piece of paper under the user's keyboard or it's the name of the dog or child!
• Many systems offer strong security from a technical standpoint but are compromised by poor working practices.
‘Security is a chain; it's only as secure as the weakest link’; ‘security is a process, not a
product’Bruce Schneier
38
Attacks Where cryptography does not help• Denial of service: is an attack on a computer which disables
the computer to such an extent that normal work cannot be carried out on it. (Inserting a program that uses large amounts of resources such as memory.)
• Viruses: A virus is a program that upsets the correct functioning of a computer. There are 3 types of viruses:– Executable viruses: carry out some processing which is
illegal. – Data viruses: alter some data in a computer. – Start-up file viruses: alter the contents of a start-up file.
• Non-technical attacks A non-technical attack is an attack on a computer system which does not require any technological tools such as special software or hardware. (Password guessing)
39
The security environment• Physical methods of ensuring that access to buildings and
rooms is suitably restricted.
• Making sure that any process which could result in the change of data or reading of data which should remain secure is double checked.
• Securing any waste product that contains sensitive material (e.g. shredding printouts).
• Insisting that all passwords used by staff are secure.
• Making sure that communication hardware cannot be tampered with and that all external maintenance workers are authorized. This guards against such workers planting hardware devices – known as sniffers – that can read the data passing between computers.
40
OutlineComputers and security
Cryptography
Security in industry
The limits of security
• The single user and security
41
The Internet is not secure• It is impossible to state which route will be taken by a packet
traveling on the Internet. The packet may travel directly, or more probably travel through several routers located anywhere in the world and own by people who might be criminals.
• Spam: Is the term given to unwanted email. Spammers can use programs known as address harvesters which read the contents of web pages and collect e-mail addresses.
• Scams (cons, rip-offs): One of the most common Internet scams is the pyramid scheme where victims recruit more victims who, in turn, recruit more victims who then recruit more victims, and so on. There’s also the chain letter scam.
• Privacy violations: The websites you visit can collect information about your computer, operating system and other technical details, and even the clipboard contents or your e-mail.
42
Hazards for the Single User• Anyone connected to the Internet is at risk.• While you're on line intruders can potentially:
– read the contents of your address book– send messages from your email address– store files on your hard drive
• The effects can range from mild irritation to catastrophic damage.• How would your life be affected if everyone in your address book
received a set of offensive pictures from you by email?
Some precautions• Don't publish your email address on the web.• Use a number of email addresses
• Keep one email address for personal use with people you trust.• Have a separate email that you use when signing up for mailing lists.
43
Some precautions• If you want to post anonymously to a bulletin board then
use one of the anonymous email sites that can be found on the web. Consider using a proxy server or anonymizer. www.anonymizer.com is a website which allows you to jump to sites on the internet without revealing any of your details.
• Beware of executing unknown programs.• Only give credit card details to secure sites. Do not fill in
a web form that is not on a secure server. • Don't send credit card details by email.• Install anti-virus software and keep it up-to-date.• Run a firewall on your PC.• Keep a record of all transactions. Print out your
completed order form before submitting it.
44
What’s next?
• Unit 15
• Work on TMA04
