Post on 18-Feb-2020
Information Security Chapter-1 Conventional Encryption
Chapter-1: Conventional Encryption
Information security
There are three aspects of information security
Security service
Security mechanism
Security attack
Security service:
The security service is something that enhances the security of data processing
systems and information transfers of an organization.
It is used to counter security attacks and it uses many security mechanisms to do so.
The security standards defined by ITU (International Telecommunication Union
Telecommunication Standardization sector recommendation) X.800 are:
1. Authentication:
Authentication refers to the authenticity of the contents of the messages being
exchanged as well as that of the communicating entities.
2. Access control:
Access control is the ability to limit and control the access to host systems and
applications via communication links. To achieve this control, each entity trying
to gain access must first be identified, or authenticated, so that access rights can
be provided to the individual.
3. Data confidentiality:
The contents of the message being transferred across the insecure medium
should be readable to only those whom it is intended for and to no other entity.
Connection confidentiality: The protection of all user data on a connection.
Connectionless confidentiality: all user data in a single data block.
Selective field confidentiality: the user data on a connection or in a single data
block.
Traffic flow confidentiality: The protection of the information that might be
derived from observation of traffic flows.
4. Data integrity:
Integrity can apply to a stream of messages a single message or selected fields
within a message.
The contents of the message should not get modified during transit and even if
the message is modified, it should be detected at the receiving end.
Modification causes loss of message integrity.
Connection integrity with recovery, Connection integrity without recovery,
Selective field connection integrity, Connectionless integrity, Selective field
connectionless integrity.
5. Non repudiation:
Repudiation disputes arise when one entity denies sending or receiving any
message. The security mechanism should provide means to resolve such disputes.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
Security mechanism:
A security mechanism is a mechanism designed to detect, prevent and recover from
a security attack.
No single mechanism supports all the functions required to provide complete
security and therefore many mechanisms work together.
Security attack:
A security attack is any action which compromises the security of information
of an organization.
It is an assault on the system derived from a threat.
Following figures shows different types of security attacks:
Security threat:
A threat is potential for violation of security which exists when there is a
circumstance, capability, action or event that could breach security.
In simple words a threat is the vulnerability of the system which may be exploited by
an attacker.
Two types of security attacks:
Passive attacks
Active attacks
Passive attacks:
In a passive attack the attack monitors the transmissions to obtain message content or
monitors traffic flows, but does not modify the message.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
Active attacks:
In an active attack the attacker acquires the message and modifies the contents of the
message to obtain unauthorized effects.
Types of active attacks-
Modification of messages in transit:
In such type of a part of the message is altered or the message is delayed to produce an
unauthorized effect.
Masquerade:
In masquerade one entity pretends to be another entity to produce an unauthorized
effect.
For example: Authentication sequences can be captured and replayed after a valid
authentication sequence has taken place, thus enabling an authorized entity with few
privileges to obtain extra privileges by impersonating an entity that has those
privileges.
Interruption attacks are called as masquerade attacks.
Replay:
In replay attack a message sequence is captured and then retransmitted to produce an
unauthorized effect.
Denial of service:
Denial of service attack prevents or inhibits the normal use and management of
communication facilities.
Q-2: Explain Conventional Encryption Model.
A symmetric encryption model has five ingredients.
1. Plaintext
2. Encryption algorithm
3. Secret Key
4. Ciphertext
5. Decryption algorithm
Fig shows the conventional encryption model.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
Plaintext : It is the original message or data that is fed into the algorithm as input.
Encryption algorithm : It performs various substitutions and transformations on the
plaintext.
Secret Key : It is a value independent of the plaintext and of the algorithm.
The exact substitutions and transformations performed by the algorithm depend on
the key.
Ciphertext : It is the scrambled message produced as output. It depends on the
plaintext and the secret key.
Decryption algorithm : It takes the ciphertext and the secret key and produces the
original plaintext.
Encryption process: An algorithm - produce a different output depending on the
specific key being used at the time.
A key - a value independent of plaintext, shared by sender and recipient.
The ciphertext can be transformed back to the original plaintext by using a
decryption algorithm and the same key that was used for encryption.
The security of conventional encryption depends on the secrecy of the key, not the
secrecy of the algorithm.
It is impractical to decrypt a message based on the ciphertext plus knowledge of the
encryption/decryption algorithm.
The principal security problem is maintaining the secrecy of the key.
Observing Y, but not having access to K and X, may attempt to recover X or K, or
both X and K.
Assumed that the opponent knows E and D
If only the message is interested, then an estimated plaintext Xˆ is generated. If
future messages are interested, then an estimated key Kˆ is generated.
Cryptography - the art of secret writing.
In symmetric cipher encryption or secret key encryption the sender and the receiver
share a secret key between them and all the messages are encrypted and decrypted using
the same secret key.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
A secret key is generated by the sender which is delivered to the receiver securely.
The plain text is encrypted using this secret key to generate the cipher text as:
C = EK (P)
Where E is the encryption algorithm.
The receiver decrypts the cipher text using the same key to obtain the plain text as:
P = DK (C)
Where D is the decryption algorithm.
Characteristics of Cryptography:
Classifications of cryptographic systems
1) Classification based on type of operations used for transforming plain text into cipher
text:
Substitution cipher:
In substitution cipher each element in the plain text is mapped into (replaced
by) another element to generate the cipher text.
Transposition cipher:
In transposition cipher the elements of the plain text are rearranged to generate
the cipher text.
Product systems:
Product systems involve multiple stages of substitution and transposition.
2) Classification based on number of keys used:
Symmetric, single key, secret key or conventional encryption:
In this encryption method both the sender and the receiver use the same single
key. The key is used for both encryption and decryption purposes.
Asymmetric, two key or public key encryption:
In public key encryption the sender and the receiver use different keys.
3) Classification on the basis of manner in which plain text is processed:
Block cipher:
A block cipher processes the input one block at a time producing an output
block for each input block.
Stream cipher:
Stream cipher processes the input elements continuously producing an output
one element at a time as it goes along.
Cryptanalysis: The process of trying to break any cipher text message to obtain the
original plaintext message itself is called as cryptanalysis.
Cryptanalyst: Cryptanalysis is the breaking of codes. The person attempting a
cryptanalysis is called as a cryptanalyst.
Brute force attack: The attacker tries every possible key on a piece of cipher text
until an intelligible translation into plaintext is obtained.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
The various type of cryptanalytic attacks based on the amount of information known
to the cryptanalyst.
Table summarizes the various types of Attacks on Encrypted Messages.
Q-3: Explain Substitution Techniques.
Substitution: one letter is exchanged for another.
Substitution cipher:
In substitution cipher each element in the plain text is mapped into (replaced by)
another element to generate the cipher text.
A substitution technique is one in which the letters of plaintext are replaced by other
letters or by numbers or symbols.
If the plaintext is viewed as a sequence of bits, then substitution involves replacing
plaintext bit patterns with ciphertext bit patterns.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
1. Caesar Cipher:
It was used by Julius Caesar.
The Caesar cipher involves replacing each letter of the alphabet with the letter
standing three places further down the alphabet
For example
Plain: meet me after the toga party
Cipher: PHHW PH DIWHU WKH WRJD SDUWB
Transformation is made using the following mapping:
Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Let us assign a numerical equivalent to each letter from 0 to 25.
Then the algorithm may be expressed as follows. For each plaintext letter p,
substitute the ciphertext letter C:
C = E (3, p)
= (p+3) mod 26
A shift may be of any amount, so that general Caesar algorithm is
C = E (k,p) = (p+k) mod 26,
where k takes on a value in the range 1 to 25.
The decryption algorithm is simply
p = D (k,C)
= (C-k) mod 26
If it is known that a given ciphertext is a Caesar cipher, then a brute-force
cryptanalysis is easily performed: simply try all possible 25 keys.
Three important characteristics of this problem enable us to use brute-force
cryptanalysis:
1. The encryption and decryption algorithms are known
2. There are only 25 keys to try
3. The language of the plaintext is known and easily recognizable
2. Monoalphabetic Cipher:
Monoalphabetic cipher substitutes one letter of the alphabet with another letter of
the alphabet.
However, rather than substituting according to a regular pattern, any letter can be
substituted for any other letter, as long as each letter has a unique substitute left and
vice versa.
For example:
Plain: a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher: m n b v c x z a s d f g h j k l p o i u y t r e w q
Plaintext message : hello how are you
Ciphertext message : acggk akr moc wky
Monoalphabetic ciphers are easy to break because they reflect the frequency data of
the original alphabet.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
3. Homophonic Substitution Cipher:
It provides multiple substitutes for a single letter.
For example, A can be replaced by D, H, P, R;
B can be replaced by E, Q, S, T etc.
4. Playfair Cipher:
The Playfair algorithm is based on the use of a 5x5 matrix of letters constructed
using
a keyword.
In the case of keyword monarchy, matrix is as follows:
M O N A R
C H Y B D
E F G I/J KL P Q S TU V W X Z
The matrix is constructed by filling in the letters of the keyword (minus duplicates)
from left to right and from top to bottom, and then filling in the remainder of the
matrix with the remaining letters in alphabetic order.
The letters I and J count as one letter.
5. Hill Cipher:
It was developed by the mathematician Lester Hill in 1929.
The encryption algorithm takes m successive plaintext letters and substitutes for
them
m ciphertext letters.
The substitution is determined by m linear equations in which each character is
assigned a numerical value : ( a = 0, b = 1, c = 2, , z = 26 ) the system can be
described as follows:
abcdef ghi j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
For m=3, the system can be described as follows:
C1=(k11p1+k12p2+k13p3) mod 26
C2=(k21p1+k22p2+k23p3) mod 26
C3=(k31p1+k32p2+k33p3) mod 26
This can be expressed in terms of column vectors and
matrices:
C=KP mod 26,
Information Security Chapter-1 Conventional Encryption
where C and P are column vectors of length 3, representing the plaintext and
ciphertext, and K is 3x3 matrix, representing the encryption key.
Operations are performed mod 26.
For example, consider the plaintext "payformoney", and use the encryption key
K=
17 17 5
21 18 21
2 2 19
The first 3 letters of the plaintext are represented by the vector (15 0 24).
C = KP mod 26,
17 17 5 15 375 11
= 21 18 21 0 mod 26 = 819 mod 26 = 13
2 2 19 24 486 18
= LNS
Continuing in this fashion, the ciphertext for the entire plaintext is
LNSHDLEWMTRW.
Decryption requires using the inverse of the matrix K.
The general terms in Hill cipher is
Cipher C = E(K, P) = KP mod 26
Plaintext P = D(K, P) = K -1 C mod 26 = K-1 KP = P
Advantage:
It completely hides single-letter frequencies.
Hill cipher is strong against a ciphertext-only attack.
By using larger matrix, move frequency information hiding is possible.
Disdvantage:
Easily broken with a known plaintext attack.
6. Polyalphabetic Substitution:
In polyalphabetic substitution, each occurrence of a character can have a different
substitute.
The relationship between a character in the plaintext and a character in the ciphertext
is always one-to-many.
An example of polyalphabetic substitution is the Vigenere Cipher. 26
Caesar ciphers are used, with shifts of 0 through 25.
Each cipher is denoted by a key letter (from a to z).
For example : Let the message be THE BOY HAS THE BAG and the key be VIG.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
Key = VIG VIG VIG VIG VIG
Plaintext = THE BOY HAS THE BAG
Ciphertext = OPKWWECIYOPKWIM
The strength of this cipher is that there are multiple ciphertext letters for each plaintext
letter, one for each unique letter of the keyword.
7. One Time Pad (Vernam cipher):
The key is a random string that is at least as long as the plaintext.
Each new message requires a new key of the same length as the new message. It
produces random output that bears no statistical relationship to the plaintext.
Vernam cipher uses a one time pad, which is discarded after a single use, and
therefore is suitable only for short messages.
For example :
Plaintext: c o m e t o d a y
2 14 12 4 19 14 3 0 24
Key: N C B T Z Q A R X
13 2 1 19 25 16 0 17 23
Total: 15 16 13 23 44 30 3 17 47
Subtract 15 16 13 23 18 04 3 17 21
26
If > 25
Ciphertext: P Q N X S E D R V
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
The one time pad offers complete security but, in practice, has two fundamental
difficulties.
1. There is the practical problem of making large quantities of random keys.
2. Key distribution and protection is also major problem with one time pad.
Q-4: Explain Transposition Techniques.
In transposition cipher the elements of the plain text are rearranged to generate the
cipher text.
The letters are not changed.
The rail fence cipher is composed by writing the plaintext in two rows, proceeding
down, then across and reading the ciphertext across, then down.
For example, to encipher the message "meet me after this party" with a rail fence of
depth 2, we write the following :
m e m a t r h s a
te t e f e t i p
r y
The ciphertext is
MEMATRHSATETEFETIPRY
Attacking a transposition cipher requires rearrangement of the letters of the
ciphertext.
A pure transposition cipher is easily recognized because it has the same letter
frequencies as the original plaintext.
Plaintext : The book is suitable for self study.
Key : 5 6 4 1 3 2
Key : 5 6 4 1 3 2
Plaintext : t h e b o o
k i s s u it
a b l e fo
r s e l f
S t u d y
Ciphertext: BSLEDOIFFOUELYESBSUTKTOSHIART
Q-5: Explain Steganography.
It is a technique that facilitates hiding of a message that is to be kept secret inside
other messages.
Steganography is derived from the Greek for covered writing and essentially means
"to hide in plain sight".
It is simple form , but one that is time-consuming to construct, is one in which an
arrangement of words or letters within an real message.
Various other techniques have been historically; some examples are the following:
Character marking : Selected letters of printed or type written text are over-written
in pencil. The marks are ordinarily not visible unless the paper is held at an angle to
bright light.
Prof H.M.Patel
Information Security Chapter-1 Conventional Encryption
Invisible ink : A number of substances can be used for writing but leave no visible
trace until heat or some chemical is applied to the paper.
Pin punctures : Small pin punctures on selected letters are ordinarily not visible
unless the paper is held up in front of a light.
Typewriter correction ribbon : Used between lines typed with a black ribbon, the
results of typing with the correction tape are visible only under a strong light.
The advantage is that it can be employed by parties who have something to lose
should the fact of their secret communication be discovered.
Encryption flags traffic as important or secret or may identify the sender or receiver
as someone with something to hide.
Steganography
(Covered writing, covert channels)
Protection against detection Protection against removal
(data hiding) (document marking)
Watermarking Fingerprinting
(all objects are marked (identify all objects, every
In the same way) object is marked specific)
Prof H.M.Patel