Information and Network

Security Concepts
Chapter 1
Objectives
› Describe the key security requirements of confidentiality,
integrity, and availability.
› Discuss the types of security threats and attacks that must be
dealt with
› Types of threats and attacks that apply to different categories
of computer and network assets.
› Provide an overview of keyless, single-key, and two-key
cryptographic algorithms.
› Provide an overview of the main areas of network security.
› Describe a trust model for information security.
› List and briefly describe key organizations involved in
cryptography standards
CYBERSECURITY, INFORMATION SECURITY,
AND NETWORK SECURITY
› Cybersecurity:

– The practice of protecting systems, networks, and programs from

digital attacks.
– Protection encompasses confidentiality, integrity, availability,
authenticity, and accountability.
– Methods of protection include:
› Organizational policies and procedures, and
› Technical means such as encryption and secure communications protocols.
CYBERSECURITY, INFORMATION SECURITY,
AND NETWORK SECURITY
› Information security:

– Prefers to preservation of confidentiality, integrity, and availability

of information.
– Protects sensitive information from unauthorized activities,
including inspection, modification, recording, and any disruption
or destruction..
CYBERSECURITY, INFORMATION SECURITY,
AND NETWORK SECURITY
› Network security:

– Protection of the underlying networking infrastructure from

unauthorized access, misuse, or theft.
– It involves creating a secure infrastructure for devices,
applications, users, and applications to work in a secure manner.
Security Objectives
› Confidentiality:

– Protection of the underlying networking infrastructure from

unauthorized access, misuse, or theft.
– It involves creating a secure infrastructure for devices,
applications, users, and applications to work in a secure manner.
– Covers two related concepts:
› Data confidentiality
– protection of data from unauthorized access and disclosure
› Privacy
– involves your right to manage your personal information
Security Objectives
› Integrity:
– Maintaining internal and external consistency of data and
programs.
– Preventing unauthorized users from making modifications to data
or programs.
– Preventing authorized users from making improper or
unauthorized modifications. .
– Can be compromised unintentionally by:
› errors in entering data, a system malfunction, or
› forgetting to maintain an up-to-date backup.
– Can be categorised as Data integrity or System integrity.
Security Objectives
› Availability:
– Availability means information should be consistently and readily
accessible for authorized parties.
– This involves properly maintaining hardware and technical
infrastructure and systems that hold and display the information.
Challenges of Information Security
Challenges of Information Security
› Threat landscape: attackers continually develop new
methods to exploit network and system vulnerabilities
› Complexity: managing multiple layers of security and
access control methods are challenging task.
› Cost: Securing information for resource-limited
organizations involves a constant cost-risk balance.
› Continuous monitoring: demands ongoing monitoring,
vulnerability assessments, cyber threat intel, and adaptive
risk management
Challenges of Information Security
› Cyber threats and attacks
› Internet of Things security
› Cloud security
› Artificial Intelligence and Machine Learning
› Quantum computing and Cryptography
› Privacy and data protection
› Mobile security
ITU-T X.800
› Also known as "Recommendation X.800 - Security
architecture for Open Systems Interconnection for CCITT
applications,“
› X.800 is a standard published by the International
Telecommunication Union (ITU-T).
› Defines a security architecture for open systems
interconnection (OSI) networks.
› Provides a comprehensive framework for understanding
and implementing security measures
ITU-T X.800
› Key elements addressed by X.800 includes:
– Security Services
– Security Mechanisms
– Security Architecture
– Security Management
– Security Assurance
– Security Threats and Vulnerabilities
› ITU-T X.800 is a foundational document frequently cited in
OSI network security policy development and
implementation.
› Helps organizations design and deploy secure network
environments.
Security Attacks
› An attempt to gain unauthorized access to information
resource or services, or to cause harm or damage to
information systems.
› Security attack is defined as any action, intended or not,
that compromises the security of the information and/or
system.
Security Attacks
› Active Attack:

– Involves an unauthorized party attempting to disrupt, manipulate,

or compromise the integrity, confidentiality, or availability of data,
systems, or networks.

– Require the attacker to interact directly with the target system or

network and can have various objectives, including data theft,
system disruption, or gaining unauthorized access.
Security Attacks
› Active Attack
Security Attacks
› Types of Active Attack:
– Malware
– Denial-of-Service (DoS) Attacks
– Distributed Denial-of-Service (DDoS) Attacks:
– Man-in-the-Middle (MitM) Attacks
– Phishing
– Password Attacks
– SQL Injection
– Cross-Site Scripting (XSS)
– Drive-By Downloads
– Eavesdropping/Sniffing
– Social Engineering
Security Attacks
› Types of Active Attack:
– Ransomware
– Zero-Day Exploits
– Session Hijacking
– DNS Spoofing/Poisoning

– To protect against active attacks, it's crucial to implement strong

security measures, keep systems and software up to date, educate
users about security best practices, and employ intrusion
detection and prevention systems
Security Attacks
› Passive Attack:

– Is an unauthorized attempt to gain access to or gather information

from a computer system, network, or data without actively altering
or disrupting the targeted resources.

– Unlike active attacks, which involve malicious actions that directly

manipulate, damage, or disrupt systems or data, passive attacks
aim to covertly observe or intercept information without the
knowledge or consent of the system's owner or users.
Security Attacks
› Passive Attack:
Security Attacks
› Types of Passive Attack:
– Eavesdropping
– Traffic Analysis
– Packet Sniffing
– Passive Reconnaissance
– Shoulder Surfing
Security Services
› Security services supports security requirements
(confidentiality, integrity, availability, authenticity, and
accountability).
› Security services enforce policies using security
mechanisms.
Security Services
› Two specific authentication services are defined in X.800:

– Peer entity authentication

› Verifies the identities of two parties in a communication, ensuring trust and
security

– Data origin authentication

› verifies the source or sender of data to ensure it's legitimate and hasn't been
tampered with during transmission.
Security Services
› Access Control
– Access control limits resource access to authorized
users/entities.
› Data Confidentiality
– Keeping sensitive information secret and safe from unauthorized
access.
› Data Integrity
– Data integrity is the assurance that data remains accurate,
complete, and unaltered during storage, processing, or
transmission.
Security Services
› Non-repudiation
– Non-repudiation is the assurance that someone cannot deny the
validity of something.
– Non-repudiation is an infosec concept that proves data origin and
integrity, often used in legal contexts.

› Availability Services
– Ensures that a system or resource is consistently accessible and
operational when needed, minimizing downtime.
– A variety of attacks can result in the loss of or reduction in
availability
– Some attacks can be automated, like using authentication and
encryption, while others require physical intervention to maintain
or restore a distributed system's availability.
SECURITY MECHANISMS
› A method or tool used to protect systems, data, or
resources from threats and unauthorized access.
› Ensures the confidentiality, integrity, and availability of
information and systems. Some of the mechanisms are:
– Cryptographic algorithms
– Data integrity
– Digital signature
– Authentication exchange
– Traffic padding
– Routing control
– Notarization
– Access control.
Cryptography
› Cryptography secures data through encryption to prevent
unauthorized access.
› Cryptographic algorithms are used in many ways to
implement data and network security.
› Cryptographic algorithms can be divided into three
categories:
– Keyless:
› Do not use any keys during cryptographic transformations.
– Single-key:
› The result of a transformation is a function of the input data and a single
key, known as a secret key.
Cryptography
– Two-key:
› At various stages of the calculation, two different but related keys are used,
referred to as a private key and a public key.
Keyless Algorithms
› Encryption techniques that do not require a secret key for
either encryption or decryption.
› Instead, they rely on other methods or properties to secure
data.
› One important type of keyless algorithm is the
cryptographic hash function.
– A hash function transforms text into a fixed-length hash value,
called as hash value, hash code or digest.
› A cryptographic hash function is designed for use in
cryptographic algorithms like authentication codes or
digital signatures.
Keyless Algorithms
› A pseudorandom number generator creates a seemingly
random sequence that eventually repeats.
Single-key Algorithms
› A "single key algorithm" typically refers to a cryptographic
algorithm that uses a single key for both encryption and
decryption, such as symmetric encryption algorithms.
› Single-key cryptographic algorithms depend on the use of
a secret key.
– Symmetric encryption uses a single key.
– Symmetric encryption uses a secret key to transform data into an
unintelligible form.
– The decryption algorithm, with the same key, retrieves the original
data from the transformed form.
› Symmetric encryption takes the following forms:
Single-key Algorithms
– Block cipher
› A block cipher operates on data as a sequence of blocks.
› A typical block size is 128 bits.
› The input data is divided into fixed-size blocks, like 64 or 128 bits, and
encrypted individually with the same secret key.
› Examples of block ciphers include the Data Encryption Standard (DES),
Advanced Encryption Standard (AES), and Triple DES (3DES).

– Stream cipher
› A stream cipher operates on data as a sequence of bits.
› XOR operation is used to produce a bit-by-bit transformation.
› suitable for applications where data is transmitted continuously.
› Examples of stream cipher include RC4 algorithm, ChaCha20 and Salsa20.
Classical Encryption
Techniques
Chapter 3
Objectives
› Present an overview of the main concepts of symmetric
cryptography.
› Explain the difference between cryptanalysis and brute-
force attack.
› Understand the operation of a monoalphabetic substitution
cipher.
› Understand the operation of a polyalphabetic cipher.
› Present an overview of the Hill cipher.
Security Mechanism
› One of the most specific security mechanisms in use is
cryptographic techniques.
› Encryption or encryption-like transformations of
information are the most common means of providing
security.
› Some of the mechanisms are:
– Encipherment
› Converting data into encrypted form using encryption techniques.
› Fundamental concept of transforming plaintext into ciphertext for security.
› Securing data during transmission or storage in insecure environments.
Security Mechanism
– Digital Signature
› Verifies the authenticity and integrity of a digital message or document.
› It verifies data integrity and sender authenticity.

– Access Control
› It is the management of who can use or interact with a system, resource, or
data.
Security Attack
› There are four general categories of attack which are listed
below:
› Interruption
– An asset of the system is destroyed or becomes unavailable or
unusable.
– Attack to hardware damage, communication break, or file system
disablement.

› Interception
– Unauthorized capturing of data during transmission.
– An unauthorized party gains access to an asset.
Security Attack
– This is an attack on confidentiality.
– Unauthorized party could be a person, a program or a computer.

› Modification
– An unauthorized party not only gains access to but tampers with
an asset.
– This is an attack on integrity.
Security Attack
› Fabrication
– An unauthorized party inserts counterfeit objects into the system.
– This is an attack on authenticity.
Symmetric and public key algorithms
› Encryption/Decryption methods fall into two categories.
– Symmetric key algorithms
› The encryption and decryption keys are known both to sender and receiver.
› The encryption key is shared and the decryption key is easily calculated from it.
› In many cases, the encryption and decryption keys are the same.

– Public key
› Encryption key is made public, but it is computationally infeasible to find the
decryption key without the information known to the receiver.
A model for network security
A model for network security
› A message is to be transferred from one party to another
across some sort of internet.
› The two parties, who are the principals in this transaction,
must cooperate for the exchange to take place.
› Creating a logical information channel involves defining a
route through the internet and using communication
protocols (e.g., TCP/IP) by both parties.
› Using this model requires us to:
– Design a suitable algorithm for the security transformation.
– Generate the secret information (keys) used by the algorithm.
– Develop methods to distribute and share the secret information.
– Specify a protocol enabling the principals to use the transformation
and secret information for a security service
Model for network access security
› Framework or set of principles and practices used to secure
access to a computer network.
› Includes authentication, authorization, and encryption
mechanisms.
Model for network access security
› Using this model require us to:
– Select appropriate gatekeeper functions to identify users.

– implement security controls to ensure only authorized users access

designated information or resources.

– Trusted computer systems can be used to implement this model.

Conventional Encryption
› Referred conventional / private-key / single-key
› Sender and recipient share a common key
› All classical encryption algorithms are private-key was only
type prior to invention of public key in 1970 ‟plaintext - the
original message.
› Some basic terminologies used:
– Cipher text - the coded message
– Cipher - algorithm for transforming plaintext to cipher text
– Key - info used in cipher known only to sender/receiver
– Encipher (encrypt) - converting plaintext to cipher text
– Decipher (decrypt) - recovering cipher text from plaintext
– Cryptography - study of encryption principles/methods
Conventional Encryption
– Cryptanalysis (code breaking) - the study of principles/ methods of
deciphering cipher text without knowing key
– Cryptology - the field of both cryptography and cryptanalysis
Conventional Encryption
› Plaintext, is converted into cipher text.
› The encryption process consists of an algorithm and a key.
› The key is a value independent of the plaintext.
› Changing the key changes the output of the algorithm.
› Once the cipher text is produced, it may be transmitted.
› The ciphertext can be reverted to plaintext using decryption
and the original key.
Requirements for secure use of Symmetric encryption
› There are two requirements for secure use of symmetric
encryption:
– A strong encryption algorithm
– A secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)
– Assume encryption algorithm is known
– Implies a secure channel to distribute key
– A source produces a message in plaintext, X = [X1, X2… XM]
› where M are the number of letters in the message.
– A key of the form K = [K1, K2… KJ] is generated.
– If the key is generated at the source, then it must be provided to the
destination by means of some secure channel.
Requirements for secure use of Symmetric encryption
› With the message X and the encryption key K as input, the
encryption algorithm forms the cipher text Y = [Y1, Y2, YN].
› This can be expressed as
Y = EK(X)
› The intended receiver, in possession of the k e y , is able to
invert the transformation:
X = DK(Y)
› An opponent, observing Y but not having access to K or X,
may attempt to recover X or K or both.
› It is assumed that the opponent knows the encryption and
decryption algorithms.
Requirements for secure use of Symmetric encryption
› If the opponent is interested in only this particular message,
then the focus of effort is to recover X by generating a
plaintext estimate.
› Often if the opponent is interested in being able to read
future messages as well, in which case an attempt is made to
recover K by generating an estimate.
Classical encryption techniques
– Shifting: Each letter in the plaintext is shifted by the value of the
corresponding key letter. The shifting is done using a basic Caesar
cipher approach, where a letter's position in the alphabet is added to
or subtracted from the letter's position in the plaintext.

– Wraparound: When shifting causes the letter to go beyond the end of

the alphabet, it wraps around to the beginning. For example, if the
shift value is 3, 'X' wraps around to 'A'.
Symmetric Encryption
› Referred to as conventional encryption or single-key
encryption.
– Same key is used for both the encryption and decryption of data.
– The sender and receiver share a common secret key, to scramble
(encrypt) and unscramble (decrypt) the information.
› A symmetric encryption scheme has five ingredients:
– Plaintext
– Encryption algorithm
– Secret key
– Ciphertext
– Decryption algorithm
Symmetric Encryption
Classical encryption techniques
› There are two basic building blocks of all encryption
techniques:
– substitution and transposition
› Substitution techniques
– It is one in which the letters of plaintext are replaced by other letters
or by numbers or symbols.
– If the plaintext is viewed as a sequence of bits, then substitution
involves replacing plaintext bit patterns with cipher text bit patterns.
› Caesar cipher (or) shift cipher
– The earliest known use of a substitution cipher and the simplest was
by Julius Caesar.
– The Caesar cipher involves replacing each letter of the alphabet with
the letter standing 3 places further down the alphabet.
Classical encryption techniques
– Example:
e.g., plain text : pay more money
Cipher text: SDB PRUH PRQHB

Note that the alphabet is wrapped around, so that letter following “z” is
“a”.
For each plaintext letter p, substitute the cipher text letter c such that
C = E(p) = (p+3) mod 26
A shift may be any amount, so that general Caesar algorithm is
C = E (p) = (p+k) mod 26
Where k takes on a value in the range 1 to 25.
The decryption algorithm is simply P = D(C) = (C-k) mod 26
Classical encryption techniques
› Playfair cipher
– It is a classical symmetric encryption technique used to encrypt and
decrypt text.
– Invented by Sir Charles Wheatstone in 1854, but it was popularized
by Lord Playfair.
– This cipher is a digraph substitution cipher, meaning it works on pairs
of letters (digraphs) from the plaintext.
› Here's how the Playfair cipher works:
– A 5x5 grid (matrix) is created based on a keyword provided.
– The letters of the keyword are placed in the grid, avoiding duplicates
and omitting any repeated letters.
– Typically, 'I' and 'J' are treated as the same letter.
Classical encryption techniques
– Create Key Table (using the keyword “KEYWORD”)

– The plaintext is divided into pairs of letters (digraphs).

– Separate all duplicated letters by inserting letter 'X’.
– If there is an odd letter at the end of message, insert letter.
– Ignore all spaces.
Classical encryption techniques
› Preparing secret message
– Spilt your plaintext into pairs of letters.
Example:
SECRET MESSAGE (will turn up like)
SE CR ET ME SX SA GE

› Encryption Rules: Insert each pair into a separate table.

– IF diagraphs in the same COLUMN
› Move each letter down ONE
› Upon reaching end of the table, wrap around
– IF diagraphs in the same ROW
› Move each letter right ONE
› Upon reaching end of the table, wrap around
Classical encryption techniques
– IF diagraphs forms a rectangle
› Swap the letters with the ones at the end of the rectangle

After carefully applying all the rules the cipher text of the plaintext
SE CR ET ME SX SA GE (will be)
NO RD KU NK QZ PC ND

Plaintext: SECRETMESSAGE
Ciphertext: NORDKUNKQZPCND
› Decryption Rules:
– Reverse the process.
Classical encryption techniques
› Vigenere cipher
– It is a method of encrypting alphabetic text by using a simple form of
polyalphabetic substitution.

– In a polyalphabetic cipher, the substitution of each plaintext letter

depends on its position within the plaintext and relies on a secret
key.

– Blaise de Vigenère introduced the Vigenère cipher in the 16th century,

a notable improvement over the Caesar cipher, which employs a
basic monoalphabetic substitution.
Classical encryption techniques
› Vigenere cipher
– The encryption is done using a keyword or phrase to rearrange the
letters of the plaintext.

– Each letter in the keyword corresponds to a shift value for the letters
in the plaintext.
Classical encryption techniques
› Here's how the Vigenère cipher works:
– Choose a keyword or phrase. For example, "KEY".

– Repeat the keyword or phrase until it matches the length of the plaintext.
For example, if the plaintext is "HELLO", and the keyword is "KEY", repeat
the keyword to match the length of the plaintext: "KEYKE".

– Convert the letters of the keyword and the plaintext to numbers (A=0, B=1,
..., Z=25).

– Add the corresponding numbers of the keyword and plaintext together

(modulo 26) to get the ciphertext.

– Convert the numbers back to letters.

Classical encryption techniques
› Vigenère cipher Example:

– Let's encrypt the plaintext "HELLO" using the keyword "KEY":

– Plaintext: H E L L O
– Keyword: K E Y K E
– Ciphertext: R I J V S
Classical encryption techniques
› Vigenère cipher Decryption:

– Repeat the keyword to match the length of the ciphertext.

– Convert the letters of the keyword and the ciphertext to numbers.
– Subtract the corresponding numbers of the keyword and ciphertext
(adding 26 if necessary to ensure the result is positive).
– Convert the numbers back to letters.

Vignere Cipher
One-time pad
› Also known as Vernam cipher, is a type of encryption
where plaintext is combined with a random key (the one-
time pad) to produce ciphertext.
› Each key in the one-time pad is only used once and is as
long as the plaintext.
› The key need not to be repeated.
› The key is to be used to encrypt and decrypt a single
message, and then is discarded.
› Each new message requires a new key of the same length
as the new message.
One-time pad
› It produces random output.
› No statistical relationship to the plaintext.
› Because the ciphertext contains no information
whatsoever about the plaintext, there is simply no way to
break the code.
› Code is unbreakable.
› The security of the one-time pad is entirely due to the
randomness of the key.
Difficulties of One-time pad
› The practical problem of making a large quantities of
random keys.
› Even more daunting is the problem of key distribution and
protection.
› Due to these difficulties, the one-time pad is of limited
utility and is useful primarily for low-bandwidth channels
requiring very high-security.
One-time Pad
› How it works?
– Generate a random key that is at least as long as the plaintext.
This key must be truly random, and each bit should be equally
likely to be 0 or 1.
– Convert both the plaintext and the key into binary strings.
– Perform a bitwise XOR (exclusive OR) operation between the
plaintext and the key.
– The resulting binary string is the ciphertext.
– Decryption is performed by XORing the ciphertext with the same
key used for encryption, which will reveal the original plaintext.
One-time Pad (Example)

One-time Pad
Transposition Cipher Techniques
› A method of encryption where the positions of characters
in the plaintext are rearranged according to a certain
system or key, but the characters themselves are not
changed.
› This differs from substitution ciphers, where the
characters themselves are replaced with different
characters.
› Examples: Rail Fence Cipher and Columnar Transposition
Cipher
Transposition Cipher Techniques
› How it works?
– Choose a key or rule for rearranging the characters. This could
be something as simple as reversing the order of the characters,
or it could involve more complex patterns.
– Write out the plaintext in a grid or table, with a certain number
of columns determined by the key.
– Rearrange the characters according to the chosen key or rule.
– The resulting arrangement of characters is the ciphertext.
Transposition Cipher Techniques (Example)

Transposition
Technique
Rail Fence Cipher
› It is a simple form of transposition cipher where the
plaintext is written in a zigzag pattern down and up
through a number of "rails" or "lines" (rows).
› then, the ciphertext is read off in rows.
› It's a straightforward encryption technique that was
historically used, though it's not particularly secure
compared to modern encryption methods.

The cipher of MEET ME AT THE PARK will be MEMATEAKETETHPR

Columnar Transposition Cipher
› The Columnar Transposition Cipher rearranges the
columns of the plaintext.
› Columnar Transposition involves writing the plaintext out
in rows, and then reading the ciphertext off in columns
one by one.
Columnar Transposition Cipher
› How it works?
– Choose a keyword or phrase to determine the order of the
columns.
– Write your plaintext into a grid, row by row, filling in the columns
from left to right. Use dummy letters to fill the grid.
– Rearrange the columns of the grid alphabetically based on the
letters of the keyword.
– Read off the ciphertext by reading down the columns instead of
across the rows.
Columnar Transposition Cipher (Example)
› Plain text: Hello World
› Key: KEY
Step1: Alphabetical position
Key of key

Dummy letters
Columnar Transposition Cipher (Example)
Step2: Step3
EORXHLODLWLY (Cipher)
Rotor Machines
› Rotor machines are electro-
mechanical devices used for
encrypting and decrypting
secret messages.
› They were widely used in the
early to mid-20th century
before electronic computers
became prevalent.
› Rotor machines typically
consist of a set of rotating
disks, or rotors, each
containing a wired pattern that
substitutes one letter for
another.
Rotor Machines
› How they work?
› Rotor Configuration:
– Each rotor contains a set of electrical contacts corresponding to
the alphabet.
– These contacts are wired in a particular pattern so that when a
key is pressed, an electrical circuit is created, and the signal is
passed through the rotor to produce a different letter output.
› Rotor Movement:
– After each key press, one or more rotors may rotate by a certain
amount, changing the wiring configuration and thus altering the
encryption process.
– This rotation is typically based on a preset mechanism or
determined by the operator.
Rotor Machines
› How they work?
› Reflector:
– The output from the last rotor is passed through a reflector,
which further scrambles the signal before it is sent back through
the rotors for decryption.
– The reflector ensures that the encryption process is reversible.
› Key Setting:
– The operator can configure the initial positions of the rotors, as
well as other parameters such as rotor wiring and reflector
configuration.
– This setting determines the encryption or decryption key for the
message.
Rotor Machines
› How they work?
› Encryption/Decryption:
– To encrypt or decrypt a message, the operator types in the
plaintext on the machine's keyboard.
– The electrical signal passes through the rotors, reflecting off the
reflector, and then returns back through the rotors, producing
the ciphertext output.

Famous rotor machines include the Enigma machine used by the

German military during World War II and the Lorenz SZ40/42 used
for high-level communications within the German Army.