Cryptography and Network Security 1

Information Security Principles

(ESGD4222)Eng. Mohanned M. Dawoud

Cryptography and Network Security 2

Textbook

Cryptography and Network Security: Principles and Practice; By William Stallings, Fourth Edition

Cryptography and Network Security 3

Grading and Others

Grading Homework 20% Mid Term 25% Report & Presentation 15% Final exam 40%

Cryptography and Network Security 4

Topics

Introduction Number Theory Traditional Methods: secret key system Modern Methods: Public Key System Digital Signature and others Internet Security: DoS, DDoS Other topics:

secret sharing, zero-knowledge proof, bit commitment, oblivious transfer,…

Cryptography and Network Security 5

Organization

Chapters Introduction Number Theory Conventional Encryption Block Ciphers Public Key System Key Management Hash Function and Digital Signature Identification Secret Sharing Pseudo-random number Generation Email Security Internet Security Others

Cryptography and Network Security 6

Cryptography and Network Security

Introduction

Xiang-Yang Li

Cryptography and Network Security 7

Introduction

The art of war teaches us not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.

--The art of War, Sun Tzu

Cryptography and Network Security 8

Cryptography

Cryptography (from Greek kryptós, "hidden", and gráphein, "to write") is, traditionally, the study of means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge — the art of encryption.

Past: Cryptography helped ensure secrecy in important communications, such as those of spies, military leaders, and diplomats.

Cryptography and Network Security 9

Crypto-graphy, -analysis, -logy

The study of how to circumvent the use of cryptography is called cryptanalysis, or codebreaking.

Cryptography and cryptanalysis are sometimes grouped together under the umbrella term cryptology, encompassing the entire subject.

In practice, "cryptography" is also often used to refer to the field as a whole; crypto is an informal abbreviation.

Cryptography and Network Security 10

Approaches to Secure Communication Steganography

“covered writing” hides the existence of a message

Cryptography “hidden writing” hide the meaning of a message

Cryptography and Network Security 11

Stenography Example

Last 2 bits

Cryptography and Network Security 12

Network Security Model

Trusted Third Party

principal principal

Security transformation

Security transformation

attacker

Cryptography and Network Security 13

Attacks, Services and Mechanisms

Security Attacks Action compromises the information security Could be passive or active attacks

Security Services Actions that can prevent, detect such attacks. Such as authentication, identification, encryption, signature, secret

sharing and so on.

Security mechanism The ways to provide such services Detect, prevent and recover from a security attack

Cryptography and Network Security 14

Attacks

Passive attacks Interception

Release of message contents Traffic analysis

Active attacks Interruption, modification, fabrication

Masquerade Replay Modification Denial of service

Cryptography and Network Security 15

Information Transferring

Cryptography and Network Security 16

Attack: Interruption

Cut wire lines,Jam wireless

signals,Drop packets,

Cryptography and Network Security 17

Attack: Interception

Wiring, eavesdrop

Cryptography and Network Security 18

Attack: Modification

interceptReplaced

info

Cryptography and Network Security 19

Attack: Fabrication

Also called impersonation

Cryptography and Network Security 20

Attacks, Services and Mechanisms

Security Attacks Action compromises the information security Could be passive or active attacks

Security Services Actions that can prevent, detect such attacks. Such as authentication, identification, encryption, signature, secret

sharing and so on.

Security mechanism The ways to provide such services Detect, prevent and recover from a security attack

Cryptography and Network Security 21

Important Services of Security Confidentiality, also known as secrecy:

only an authorized recipient should be able to extract the contents of the message from its encrypted form. Otherwise, it should not be possible to obtain any significant information about the message contents.

Integrity: the recipient should be able to determine if the message has

been altered during transmission.

Authentication: the recipient should be able to identify the sender, and verify

that the purported sender actually did send the message.

Non-repudiation: the sender should not be able to deny sending the message.

Homework

Describe two of the functions listed in Table 1.1 of the Textbook in half page for each one, be ready to discuss them in the next lecture.

Deadline: Tuesday 3/3/2009