``` ```# EE4758 Information Security **Important Dates:** - [x] Quiz 1: 15 MCQ, 15 Marks (**24 September 2021, Friday, 9.15am - 10.30am**) - [x] Quiz 2: 15 MCQ, 15 Marks (**29 October 2021, Friday**) - [x] Assignment (10 Marks) (Submitted by **29 October 2021, Friday**) - [x] Final Exam (60%) (**29 November 2021, Monday**) **Course Outcome:** - Identify and explain the modern e-security threats/attacks related to social engineering, cyber terrorism, cyber warfare and cyber bullying. - Design appropriate technical solutions for e-security. - Apply appropriate solutions to reduce cyber-attacks. - Formulate policies and procedure to protect computers and digital information from cyber threats. ## Cybersecurity Threat Landscape  <p style="text-align: center">Knowing the threat environment, companies defend themselves using the Plan-Protect-Respond Cycle.</p> **Threat Environment:** Attacks and attackers **Plan:** Planning Principles; rick analysis, comprehensive security, defense in depth, minimum permissions. **Protect:** Ongoing protection by access control, firewalls, cryptography, etc. **Respond:** Response to incidents, also called compromises and breaches. ## Introduction to Information Security <font size="4">**What is Information Security?**</font> * The protection afforded to an automated information system in order to attain the applicable objectives of perserving the: * Confidentiality - eg. Student's Grades * Integrity - eg. Patient's Information * Availability - eg. Authentication Services * Perserving the following information system resources: * Hardware * Software * Firmware * Information/Data * Telecommunications * Tasks of **guarding information** that is in a **digital format**. * **Ensures** that protective measures are **properly implemented**. * **Protect information** that have value to people and organizations * Value which comes from the characteristics of the information. <span style="display:block;text-align:center"><font size="4">**CNSS Security Model - The McCumber Cube**</font> </span> Security refers to the **state of freedom** from a danger or risk and can be **achieved through a combination** of three entities. * **Products** eg. Physical Security * **People** eg. Personal Security * **Procedures** eg. Organization Security For example, a successful organization should have mutiple layers of security in place such as: * Physical Security (Products) * **Form the physical security around the data.** May be as basic as door locks or as complicated as special hardware or software. * Personal Security (People) * Those **who implement** and properly **use** security products to protect data. * Organization Security (Procedure) * Plans and **policies** established by an organization to ensure that people correctly use the products. * Communications Security * Network Security * Information Security (CIA) <span style="display:block;text-align:center"></span> ### Modern definition of Information Security * **Policies, Practices and Technology** that must be in place for an organization to transact business electronically via networks with a reasonble assurance of safety. * Which will result in the follow **assets at risk**: * Data Assets * Knowledge Assets * Software Assets * Physical Assets * Monetary or Financial Assets * Employee Assets * Customer and Partner Assets * Goodwill ### Information Security Services **Authentication**: Assurance that communicating entity is the one claimed. **Access Control**: Prevention of the unauthorized use of a resource. **Data Confidentiality**: Protection of data from unauthorized disclosure. **Data Integrity**:Assurance that data received is as sent by an authorized entity **Non-Repudiation**: Protection against denial by one of the parties in a communication. **Availability**: Resource accessible/usable. **Security Mechanism**: Feature designed to detect, prevent, or recover from a security attack. ### Industrial Revolution <span style="display:block;text-align:center"></span> Phases of **FOUR** Industrial Revolutions: 1. **1760 to 1840**: Water and **steam power** used to mechanize productions. (Muscle Power) 2. **1870 to 1940**: Mass production; **electricity and assembly line**. (Gun Powder) 3. **1960 to 2010**: **IT power** to automate production, the internet. 4. **Industry 4.0**: The term is used to describe the fourth industrial revolution. (Brain Power) * Originating in Germany, the term Industry 4.0 is more commonly known in some countries as the Industrial Internet, where **everything from assembly line machine to delivery truck, is being connected with everything else, via the internet.** * In this fourth industrial revolution, the **fusion of physical and virtual worlds into global networks** of cyber-physical systems is radically changing production control. * It is estimated that **85% of companies will have implemented industry 4.0** solutions in all important business divisions in few years time. <span style="display:block;text-align:center"></span> Driving Forces of Industry 4.0: * Industrial Internet of Things * The Industrial (IoT) is the use of Internet of Things (IoT) technologies in industry. The driving philosophy behind the IIoT is that **smart machines are better than humans at accurately, consistently capturing and communicating data.** * Cloud Computing * The **practice of using a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.** * You can **access as many resources as you need, almost instantly, and only pay for what you use.** * **Processing** of **information retrieved by IIoT devices from cloud-based systems.** * The most **common attack** goes against its **availability**, by means of a Denial of Service (DoS) attacks and the **confidentiality and integrity of the stored data.** * Cyber-physical system (Big Data) * According to IDC, **2.5 "quintillion bytes"** of data **are added to the world's digital repositories every day.** * In 2015, roughly **7.9 zettabytes were collected (7.9 x $10^{21}$),** and we're expected to reach **176 zettabytes by 2025.** * Much of this growth can be attributed to the increased adoption of **the Internet of Things.** * **However, with every new connection comes a new security vulnerability and privacy concerns.** * **Confidentiality and Integrity of data** are threathened if approprite measures are not applied. * Virtualization * A **virtual copy of the Smart Factory which is created by linking sensor data** (from monitoring physical processes) **with virtual plant models and simulation models.** * **In practice, a computer in Louisiana (USA) could make decisions about a production plan in China, and vice versa.** * The **main challenge** is the **secure information exchange between the physical assets and their virtual representations.** * Smart Factories * Manufacturing is **becoming increasingly digitalized** as the industry is adopting automation, to a greater extent than ever before. * The Industrial Internet of Things (**IIoT**) **is bringing artificial intelligence, cloud computing and robotics into factories.** * Smart Factories will help manufacturing industry considerably, as **digital technology can offer greater efficiency in the production stage, better quality products with fewer mistakes, and more flexibility for working processes**. * By the end of 2021, **75% of large manufacturers will have incorporated the Industrial IoT in their operations** and by 2022, **the Industrial IoT market is expected to be worth $195.47 billion.** * **Despite the benefits they offer, the connected nature of Smart Factories leaves** the manufacturing industry **open to a variety of potential cyber threats.** * The manufacturing industry **is the third most targeted industry for cybercrime**, just **behind the finance and government sectors**. * The EEF's **2020 Cybersecurity Report found that while 91% of manufacturers are investing in digital technology, 35% said they are inhibited from fully investing <font color="red">due to cybersecurity concerns.</font>** <span style="display:block;text-align:center"></span> ### Why Industry 4.0? <span style="display:block;text-align:center">  </span> While this brings **benefits**; in **lower costs and higher efficiency**, it also **increases the risks**. Industry 4.0 means <font color="red">**opportunities and challenges.**</font> and it's a **challenge that cyber criminals are exploiting it.** ### Challenge: Susceptibility of IoT and AI technologies to Cyber Attacks **IoT and AI** technologies are an **integral part of smart manufacturing systems.** The concept of **Industry 4.0 depends upon connectivity** of devices across the whole ecosystem. This **interconnectivity create security holes** throughout the system, which can mean potentially compromised operations because from a security perspective it cannot be determined where the data is coming from or where it's going at the other end. Hence, data visibility is the **biggest cybersecurity challenge** for smart manufacturing on the factory floor. ## Threats Environment - Attacks and Attackers ### What are the threats? * Various types of **attacks** * Criminal Attacks * Basis is in financial gain * Includes fraud, destruction and theft(personal, brand, identity) * Privacy Violations * Private/Personal Information acquired by organizations not authorized. * Includes surveillance, databases, traffic analysis. * Publicity Attacks * Attacker wants to get their name(s) in the papers * Can affect ANY system, not just related to profit centers * Denial of Service * Legal Attack * Setup situation to use discovery process to gather information * Rare, but possibly devastating * Various types of **attackers** * Hackers * Attacks for the challenge * Own subculture with names, lingo and rules * Can have considerable expertise and passion for attacks * Lone Criminals * Attack for financial gain * Cause the bulk of computer-related crimes * Malicious insiders * Already inside the system * Knows weaknesses and tendencies of the organization * Very difficult to catch * Press * Gather information for a story to sell papers/commercial time * Industrial Espionage * Gain a competitive advantage by stealing trade secrets * Organized crime * Lots of resources to put behind their attacks... usually very lucrative * Police * Lines are sometimes crossed when gathering information to pursue a case * Terrorists * Goal is disruption and damage * National Intelligence Organizations * Highly funded and skilled * Very risk averse * Info-warriors * Military based group targeting information or networking infrastructures * Lots of resources * Willing to take high risks for short term gain. <span style="display:block;text-align:center"></span> **The Unchanging and Changing Nature of Attacks** * Unchanging: Similar to "bricks and mortar" crimes * Robbery * Embezzlement * Fraud * Changing * More common * More widespread * **Difficult** to <font color="red">track, capture and convict.</font> The Internet has **THREE CHARACTERISTOCS** that aid Attacks. 1. Automation * Speed of computers and networks makes minimal rate of return attacks possible. * Data mining is easy and getting easier, affecting privacy. 2. Action at a Distance * Attackers can be **far away** from their prey and still do damage. * **Interstate/International differences in laws** can affect prosecution. 3. Electronic Techniques Easily Transferable/Duplicated * Counterfeiting e-money * Attack tools can be created by a single person * Easily modified per situation. ### Threats and Attacks **Eavesdropping: PASSIVE ATTACK 1** The **interception of information** intended for someone else during its transmissions over a communication channel. <span style="display:block;text-align:center">  </span> **Alteration or Modification: ACTIVE ATTACK** **Unauthorized modification** of information. For example, The **man-in-the-middle attack**, where a network stream is **intercepted, modified, and retransmitted.** <span style="display:block;text-align:center"></span> **Masquerading** The fabrication of information that is purported to be from **someone who is not actually the author.** <span style="display:block;text-align:center"> </span> **Repudiation** The **denial of a commitment** or data receipt. This involves an **attempt to back out of a contract or a protocol** that requires the different parties to provide receipts acknowledging that data has been received. **Denial of Service** The **interruption** or degradation **of a data service** or information access. For example, email spam, to the degree that it is meant to **simply fill up a mail queue and slow down an email server.** <span style="display:block;text-align:center"></span> ### Delibrate Software Attacks * **Malicious software (malware) designed to damage, destroy, or deny service to target systems usually exploits system vulnerabilities.** Which includes: * **Viruses** * A program that **piggybacks on other executable programs** * Not structured to **exist by itself** * When the **host program is executed**, the **virus** code also **executes** and performs its action * Typically, **actions maybe spreading** itself to other programs or disks, **deleting** files or **causing systems** to become **unusable** * Five characteristics of viruses are: 1. **Propagation/Migration**: The way a virus **replicates** locally and over a network. 2. **Payload**: The **mechanism by which a virus causes damage**, such as a computer command to delete files or send email. Payloads can be harmless or cause severe file system corruption. 3. **Signature**: The **identifier by which a virus is detected** by <font color="red">**AV**</font> software. 4. **Trigger**: The **action that activates a virus.** Many viruses are triggered when a user clicks on an email attachment, often Visual Basic Script (VBS). 5. **Detection Avoidance**: The method which a **virus attempts to conceal or disguise itself.** * A typical virus goes through phases of: * **Dormant**: The virus is idle * **Propagation**: The virus places an identical copy of itself into other programs. * **Triggering**: The virus is activated to perform the function for which it was intended. * **Execution**: The function is performed. * Viruses **CAN'T physically damage computer's hardware.** * If the computer suddenly burts into flames, it isn't a virus. * In the late 1980's and early 1990's, most viruses were **spread by "FLOPPYNET."** * Most viruses today are spread through * Contaminated media (USA drive and other external media) * Email and peer-to-peer sites * Part of another program * Visits to Websites (even legitimate ones) * Social Networking sites * Types of Viruses 1. Armored Virus * It is designed to **make itself difficult to detect or analyze**. * **Cover themselves with a protective code** that stop debuggers or dis-assemblies from examining critical elements of the virus. * Some **part of the code may also act as a decoy to distract analysis** * It is **important to identify them quickly!** 2. Companion Virus * **Attaches itself to legitimate program and when a user types the name of the legitimate program, the companion virus executes** instead of the real program * Or **make changes to program pointers in the registry so that they point to the infected program** * The infected program **performs its dirty deed** and then starts the real program. 3. Macro Virus * It **exploits the enhancements made to many applications.** * Macro virus **infects** such **macros** such that the related documents are infected and can spread to other systems via attached documents in an email. 4. Multipartie Virus * **Attcks** your system in **multiple ways** * May **infect** your **boot sector**, all your **executable** files and **destroy** your **application** files (e.g. MS Word Documents) at the same time. * The key is that you **won't be able to correct all the problems** and will allow infestation to continue. 5. Phage Virus * It **modifies other programs and databases.** * **Require reinstallation** of programs or databases to remove virus. 6. Retrovirus * **Bypasses the antivirus program** * May **directly attack the antivirus program.** * **Destroys the virus** definition database file. * May **leave you with a false sense of security**. 7. Polymorhic Virus * The virus **changes form in order to avoid detection.** * Attempts to **hide from your anti-virus program by <font color="red">Encrypting**</font> itself and <font color="red">**changing its signature**</font> to fool the antivirus program. 8. Stealth Virus * **Hide** from antivirus program **by masking** itself from application * May **attach itself to the boot sector** * Redirects commands to **avoid detection** * **Report a different file size** * **Move around from file to file**, for example, from file A (not yet scanned) to file B (already scanned) during a virus scan * **Worms** * **Viruses**, as just noted, are pieces of code that **attach themselves to other programs.** * **Worms**, in contrast, **are stand-alone programs that do not need to attach to other programs.** * **Can propagate like viruses** through e-mail, and so on. * **Antivirus** programs **search for worms as well as viruses** * **Directly-propagating** worms **jump to victim hosts directly. * Can **only** do this **if target hosts have a specific vulnerability.** * Directly-propagating worms **can spread with amazing speed.** * **Directly-propagating** worms **can be thwarted by firewalls** and by **installing patches.** * **Not by antivirus programs.** * **Ransomware** * Ransom malware also know as **ransomware**, is a type of malware that **prevents users from accessing their system or personal files** and **demands ransome payment** in order to regain access. * The earliest variants of **ransomware were developed in the late 1980s,** and payment was to be sent **via snail mail**. Today, ransomware authors order that payment be sent **via cryptocurrency.** * Today, Ransomware malware **encrypts or locks your files and demands payment to access them.** * Although there are **multiple strains of ransomware, all fall under two main types: <font color="red">Crypto-Ransomware & Locker Ransomware.</font>** * Most ransomware **attacks are triggered by tricking** users into clicking on deceptive links **using social engineering** tactics or by exploiting system vulnerabilities. * An attacker always **demands payment in cryptocurrency, mainly Bitcoin,** * Taking payments **this way reduces the risk of being caught.** <span style="display:block;text-align:center"> </span> * **Trojan** * It is another type of malware **named after the wooden horse that the Greeks used to infiltrate Troy.** It is a harmful piece of **software that looks legitimate.** Users are typically tricked into loading and executing it on their systems. **After it is activated, it can achieve any number of attacks on the host**, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). <span style="display:block;text-align:center"></span> * **Bots** * It is derived from the word **"robot"** and often **automate tasks and provide information or services** that would otherwise be conducted by a human being. A typical use of bots is to gather information, such as web crawlers, or interact automatically with Instant Messaging (IM), Internet Relay Chat (IRC), or other web interfaces. They may also be used to interact dynamically with websites. * **Logic Bombs** * Program or snippet of **codes that execute when a certain predefined events occurs.** * **Events** could also be **based** on a certain **date** (e.g. Christmas) or set of **circumstances** (certain eployee has been sacked) * It could **send a message back to the attacker or launch an attack such as DDoS, or grant access to the victim system at attacker's choice of time. * **Back door or trap door** * **Virus and worm hoaxes (Hoax and Spam)** * Hoaxes usually claim **to do things that are impossible for viruses to do** - the **aim is to create widespread panic** * Spams are annoying, unwanted, unsolicited emails and come in large volume. * **Anti-spam** and filtering **software are used to prevent spams.** <span style="display:block;text-align:center"></span> ### Damages caused by Cyber Attacks **<font color="red">Melissa</font>: Both virus and worm** * The **worm part enabled it to travel from system to system.** * The **virus part replicated itself on local systems and did the damage.** * <font color="red">**DAMAGE**</font>: **$1.2 Billion Worldwide.** Possible damages caused by cyber attacks includes: * **Deletion** of files * **Corruption** of files * Cause **systems unusable** * **Over consumption** of resources * Denial of services (**DoS**) * **Overload** a network * **Access and pass on of privilege information.** ### Attacks on Individuals * Social Engineering * Social Engineering is a network intrusion technique **based on trickery**. * Hackers use it to **fool someone into revealing access codes, passwords, or other confidential information and break into a system.** * **Works best if people don't know one another and high staff turn over.** * Identity Theft * Collecting enough data to **impersonate the victim in large financial transactions** * May **take a long time to restore the victim's credit rating** * **In corporate** identity theft, the **attacker impersonates an entire corporation.** * **Accept credit cards in the company's name.** * **Commit other crimes in the name of the firm.** * **Can seriously harm a company's reputation.** ### Human Break-Ins Viruses and worms **only** have a single attack method. Humans **can** keep trying different approaches until they succeed. **Hacking** * Informally, hacking is **breaking into a computer.** * Formally, hacking is **intentionally using a computer resource without authorization or in excess of authorization.** **Hacker** * **Originally**, an expert programmer. **Today**, someone who breaks into computers. **Types of Hackers** * Elite Hackers * Superior technical skills * Very persistent * Often publish their exploits * Not only have the ability to **write scripts** that **exploit vulnerabilities but also are capable of discovering new vulnerabilities.** * Script Kiddies * Hacker in training * **Script kiddies use the scripts written by Elite Hackers** to make attacks * Script kiddies **have low technical skills** * Script kiddies are **dangerous because of their large numbers.** * Script Writers * Writing scripts to exploit known vulnerabilities. * Much more technically competent than script kiddies. <span style="display:block;text-align:center"></span> **White Hat**: Also known as **ethical hackers**, are the good guys of the hacker world. They'll **help you remove a virus or PenTest a company.** **Black Hat**: These are the ones who find banks or other companies with weak security and **steal money or credit card information.** **Gray Hat**: Exploits a security weakness in a computer system or product in order **to bring the weakness to the attention of the owners.** **Green Hat**: **Baby hackers** taking their first steps in the cyber world. **Red Hat**: These are the **vigilantes of the hacker world.** They're like White Hats in that they halt Black Hats, but these folks are downright *SCARY* to those who have ever tried so much as PenTest. **Blue Hat**: **If a Script Kiddie took revenge, he/she might become a Blue Hat.** Blue Hat hackers often **take existing code for malware and viruses they find online, then modify it to meet their needs.** They will use this code to target the business or individual they feel has wronged them and inflict their revenge. ### Why Do Hackers Hack? **Government sponsored hacking** * Cyber Warfare * Cyber Terrorism * Espionage **Industrial Espionage** * Attacks on confidentiality * Public information gathering * Trade secret espionage **White-Hats/Elite Hackers** * Publicize vulnerabilities * Hacking-Challenge * Financial Gains **Script Kiddies** * Gain Respect **Insiders** * Revenge ### Avenues Of Attack of Human Break-ins * There are **two** general **reasons** a particular system is attacked: * It is **specifically targeted** * It is a **target of opportunity** * Equipment **may be taargeted because of the organization it belongs to or for political reasons.** * Targets of opportunity - attacks are conducted against a **site that has software vulnerable to a specific exploit.** In these instances, the attackers are not targeting the organization, instead they are **targeting a vulnerable device** that happens to belong to the organization. **Typical Stages** in a Human Break-In * **Scanning** Phase: Probes and Exploits * <font color ="red"> **First round** </font> of probe **packets, such as pings, identify active IP addresses and therefore potential victims.**  * <font color ="red"> **Second round** </font>**sends packets to specific ports on identified potential victims to identify applications.**  * The **Break-In** * **Uses an exploit** - A tailored attack method that is often a program * Normally **exploits a vulnerability** on the victim computer. * The **act of breaking** in is **called an exploit**. * The **hacker tool** is also called **an exploit** * <font color ="red"> **Third round** </font> of **packets are exploits used in break-ins.  * **After the Break-In** 1. The **hacker downloads a hacker tool** kit to **automate hacking work.** 2. The **hacker becomes invisible by deleting log files.** 3. The hacker **creates a backdoor** (way to get back into the computer). * **Backdoor Account**: An account with a known password and full privileges. * **Backdoor Program**: A program to allow re-entry. * The hacker **can then do damage** at his or her leisure. * **Download a Trojan horse to continue exploiting the computer** after the attacker leaves. * **Manually give operating system commands** to do damage. ### Web Attacks 1. **Attacker breaks into a legitimate website and posts malware** * Malware is **no longer exclusive to malicious Web sites.** * Today it is commonplace for **legitimate mainstream Web sites to act as parasitic hosts** that serve up malware to their unsuspecting visitors. 2. **Attacking end-user machines** * **Malware** on a Web site **makes its way down on to a user's machine when that user visits the host Web site.** * **"Drive-by-download" - happens automatically with no user interaction required** * Additional techniques which do require some input from the user, but in practice are equally, if not more so, effective. 3. **Leveraging end user machines for malicious activity** * The most malicious activities begin once **new malware has established a presence on a user's machine. <span style="display:block;text-align:center">  </span> | Steps | Plans | How to execute it | | ----------- | ----------- | ----------- | | Step 1: Profiling | Gather information on the target organization | Can check via a web site for example (www.sec.gov/edgar.shtml), or just Google it | | Step 2 | Determine systems available | Ping sweep with nmapor superscan(find the IP address) | | Step 3: Finger Printing | Determine the OS and open ports | Nmapor superscan, banner grab | | Step 4 | Discover applicable exploits | Search web sites for vulnerabilities and exploits that exist for the OSesand services discovered | | Step 5 | Execute exploit | Systematically execute exploits | ### Internet Attacks **Cookies** * **First-party Cookie** * **Third-party Cookie** * Cookies **cannot contain a virus or steal personal information stored on a hard drive** but can pose a **privacy risk**. * When you access a **specific** website, it might **store information as a cookie**. * Every time you revisit that server, the cookie is re-sent to the server. * **Effectively** used to hold state information over sessions. * Can also **hold sensitive information** * This includes **passwords, credit card information, social security number, etc.** * Almost every large website uses cookies * Cookies are stored on your computer and **can be controlled** * However, many sites require that you enable cookies in order to use the site. * The **expiration is set by the sites** session by default, which is chosen by the server, which **means that cookies will probably stick around for a while** **Adware** * **Software that delivers advertising content** * Unexpected and **unwanted by the user** * Can be a **privacy risk** * **Tracking funstion** **Popup** * Small Web **browser window appears over the Web site that is being viewed** **Attacks while Surfing** * Attacks **on users** can occur while pointing the browser to a site or just viewing a site. **Redirecting Web Traffics** * **Mistake when typing Web Address** * Attackers can **exploit a misaddressed web name by registering the namers of similar-sounding web sites.** **Drive-By Downloads** * Can be **initiated** by simply visiting a site. * **Spreading at an alarming pace.** * Attackers identify **well-known site** * **Inject malicious** content * Zero-pxel IFrame * Virtually invisible to the naked eye. ### Spyware **Software** * Software that **violates a user's personal security** * Tracking software that is **deployed without adequate notice, consent, or user control.** * Sypware creators are **motivated by profit** and is **<font color="red"> VERY</font>** widespread, where an average computer has **over 24 pieces of spyware**. **Keylogger** * Small **hardware device or program** * **Monitors each keystroke** a user types on the computer's keyboard * **Transmits keystrokes to remote location** * Attacker **searches for useful information in captured text** **Effects of Spyware** | Effect | Explanation | |------- | ----------- | | **Slow computer** performance | Spyware can increase the time to boot a computer or surf the Internet. | | System **instability** | Spyware can cause a computer to freeze frequently or even reboot. | | New browser toolbars or menus | Spyware may install new menus or toolbars to a Web browser. | | New shortcuts | New shortcuts on the desktop or in the system tray may indicate the presence of spyware. | Hijacked Homepage | An authorized change in the default homepage on a Web browser can be caused by spyware. | | Increased pop-ups | Pop-up advertisements that suddenlt appear are usually the results of spyware. | ### Phishing * Phishing is **a way of attempting to acquire** **sensitive information** such as usernames, passwords and credit card details by **deceiving users**. * Phishing is typically **carried out by e-mail spoofing** and it often **direct users to enter details at a fake website whose look and feel alre almost identical to the legitimate one.** * Number of **users that respond** to phishing attacks is considered to be **extremely high** and **social networking sites are prime target.** * Experiments show a **success rate of over 70%** for phishing attacks **on social networks.** * According to Phishme (phishme.com) report, **91% of Cyberattacks start with a Phishing email.** * <font color="red">**Most Targeted sites**</font> * Financial services (eg. Citibank) * Payment services (eg. PayPal) * Auctions (eg. eBay) * Social networks (eg. Facebook) **Some Phishing Examples** <span style="display:block;text-align:center"> </span> ### Cyber Bullying **Definition:** Cyber Bullying is **being cruel to others by sending or posting harmful material using technological means**. <span style="display:block;text-align:center"> </span> Cyber bullying **is a crime in Singapore** and the punishment is fine of up to S$5,000 or a jail term not exceeding 12 months. **Tips to Help Stop Cyberbullying** * **Don't respond or retaliate**: Sometimes a reaction is exactly what aggressors are looking for because they think it gives them power over you, and you don't want to empower a bully. * **Save the evidence**: Bullying online or on phones can usually be captured, saved, and shown to someone who can help. * **Tell the person to stop.** * **Reach out for help** * **Use available tech tools:** Most social media apps and services allow you to block the person. You can also report the problem to the service. * **Protect your accounts.** Don't share your passwords with anyone - even your closest friends, who may not be close forever - and password-protect your phone so no one can use it to impersonate you. <span style="display:block;text-align:center">  </span> ## Plan and Planning Principles ### Security Planning Principles * **Risk Analysis** * The **process of balancing** threat and protection costs for individual assets. * Annual **cost of protection should not exceed** the expected annual **damage.** * If probable annual **damage is $10,000** and the annual **cost of protection is $200,000,** protection **should not be undertaken.** * Goal is **not eliminate risk but to reduce it** in an economically rational level. * **Comprehensive Security** * An **attacker only has to find one weakness** to succeed. * A firm **needs to close off all avenues of attack** (comprehensive security). * This **requires very good planning.** * **Defense in Depth** * **Every protection breaks down** sometimes. * The attacker **should have to break through several lines of defense** to succeed. * Even **if one protection brekas down, the attack will not succeed.** ### Dimensions of Cyber Security * There are **TWO** aspects of Cyber Security * Technical * Main focus is on developing **technical expertise** and technologies for computer security * **Encryption techniques** * **Firewalls** * **Biometric-based security technologies** * Managerial * The focus is on developing security policies and procedures * **Policies and mechanisms** * **Operational Issues** * **Human Issues** **Cyber security implementation relies on** <span style="display:block;text-align:center"></span> ### Policy-Based Security <span style="display:block;text-align:center"></span> Planners create **polocoes**, which **specify what to do but not how to do it** **Policy-makers** create policies with global knowledge. **Implementers** implment policies with local and technical expertise. Implementation **guidance goes beyond pure "what" by constraining to some extent the "how".** For example, it may specify that **encryption keys must be more than 100 bits long. **Constrains implementers so they will make reasonable choices.** Implementation Guidance has **two forms**. **Standards MUST** be followed by implementers. **Guidelines** SHOULD be followed, but **are optional**. However, guidelines **must be considered carefully.** Oversight checks that policies are being **implemented successfully.** * Policies are **given** to implementers and oversight staff **indepently.** * Oversight **may uncover** implementation **problems** or problems with the specification of the policy. **Good Implementation + Good Oversight = <font color="red"> Good Protection </font>** ### Cyber Security Approaches <span style="display:block;text-align:center"></span> * Bottom-Up Approach * Systems **administrators attempt to improve the security of their systems * **Key advantage**: **Technical expertise** of the individual administrators * **Key disadvantage**: **Seldom works** since it lacks critical features: * Participant support * Organizational staying power * Top-Down Approach * Initiated by **upper management**: * Issue policy, procedures, and processes * Dictate the goals and expected outcomes of the project * Determine who is accountable for each required action * **Advantages** * Strong upper management support * Dedicated Champion * Dedicated Funding * Clear Planning * Chance to influence organizational culture ### An Affirmative model of defense digital liability management * DLM Model and methodology * Benefits of the **top-down approach to implementation.** * **Role of people, process and technology** in security. * The objective of the DLM approach * To **protect against the occurrence of intrusion and incidents.** * To **provide a good defense when they occur.** * The **four defense tiers** help companies deal with the challenging threats and vulnerabilities. The four tiers are: 1. Senior management commitment and support 2. Acceptable-use policies and other statements of practice 3. Secure-use procedures 4. Hardware, software and network security tools ### Cyber Security Strategies * Security strategies that are **technology-centric or policy-centric will fail. * **Technology-centric strategies are weak without strong policies** and practices. * **Policy-centric strategies are ineffective without technology** to monitor and enforce them. * What is needed is a comprehensive multi faceted approach based on the following four as **all four play a vital role** in the proper execution of an security program. * Senior Management Support * Policies * Processes * Technologies ### The System Development Life Cycle **Cyber security must be managed** in a manner **similar** to any other major system implemented in the **organization.** **Using a Methodology** * Ensures a rigorous process * Avoids missing steps Goal is to **create a comprehensive security** program. ### SDLC Waterfall Methodology <span style="display:block;text-align:center"></span> **Investigation** * What is the problem the cyber security system is being developed to solve? * The **objectives, constraints,** and **scope** of the project **are specified** * A preliminiary **cost/benefit analysis** is developed * A feasibility analysis is performed to **assesses the economic, technical, and behavioral feasibilities of the process. **Analysis** * Consists primarily of * **Assessments** of the organization * The **status of current cyber security systems** * **Capability to support the proposed cyber security systems** **Analysis begin to Determine** * **What** the **new cyber security system is expected to do** * **How** the **new system will interact with existing systems.** * **Ends** with the **documentation** of the findings and a feasibility analysis update **Logical Design** * **Based on business need**, applications are selected capable of providing needed services * **At the end, another feasibility analysis is performed** **Physical Design** * **Specific technologies are selected** to support the alternatives identified and evaluated in the logical design * **Selected components** are **evaluated** based on a **make-or-buy decision** * **Entire solution is presented** to the end-user representatives **for approval** **Implementation** * **Components** are **ordered, received, assembled, and tested.** * **Users** are **trained** and **documentation created** * **Users** are then **presented** with the **system for a performance review and acceptance test** **Maintenance and Change** * **Tasks necessary to support and modify** the system for the **remainder of its useful life** * The **life cycle continues until the process begins again** from the investigation phase. * When the current system can **no longer support** the mission of the organization, a **new system is implemented** * It takes a **wide range of professionals to support a diverse cyber security** program * To **develop and execute** specific **security policies** and procedures, **addtional administrative support and technical expertise is required** **Senior Management** * Chief Information Officer * The **senior technology officer** * Primarily **responsible for advising** the **senior executive(s) for strategic planning** * Chief Information Security Officer * **Responsible** for the **assessment, management,** and **implementation** of securing the information in the organization. * May also be referred to as the Manager for Security, Security Manager, the Security Administrator, or a similar title. **Security Project Team** * The team **leader** * Security policy **developers** * Risk assessment **specialists** * Security **professionals** * Systems **administrators** * **End Users** ## Protecting (Access Control) ### Access Control **Controlling access to resources**: If **criminals cannot get access, they cannot do harm. **Authentication** * Proving one's identity * The supplicant **proves its identity to the verifier by sending** its credentials (**Proofs of Identity) * The **four** means of authenticating user identity are based on: 1. Something the individual knows * Password, PIN, answers to prearranged questions 2. Something the individual possesses (Token) * Smartcard, electronic keycard, physical key 3. Something the individual is (static biometrics) * Fingerprint, retina, face 4. Something the individual does (dynamic biometrics) * Voice pattern, handwritting, typing rhythm ### Password-Based Authentication * Widely used as line of defense against intruders * User provides name/login and password * System compared password with the one stored for that specified login <span style="display:block;text-align:center">  </span> * Reusable Passwords * Strings of characters typed to authenticate the use of a username (account) on a computer. * They are used repeatedly and so are called reusable passwords. * Benefits * **Ease of use** for users (familiar) * **Inexpensive** because built into operating systems * Often Weak (Easy to Crack) * Word and name passwords are common and can be cracked quickly with dictionary attacks. * Hybrid Dictionary Attacks * Look for common variations of names and words * Passwords that can be cracked with hybrid dictionary attacks are never adequately strong, regardless of how long they are. ### Password Vulnerabilities <span style="display:block;text-align:center">   </span> ### Password Complexity * A Fixed 6 symbols password * Numbers Only: $10^{6}$ = 1,000,000 * Upper **or** Lower case characters: $26^{6}$ = 308,915,776 * Upper **and** Lower case characters: $52^{6}$ = 19,770,609,664 * 32 Special characters (& % $ " | ^ etc.): $32^{6}$ = 1,073,741,824 * 94 Practical symbols available: $94^{6}$ = 689, 869,781,056 * ASCII Standard 7 Bit $2^{7}$ = 128 Symbols: $128^{6}$ = 4,398,046,511,104 * 26 Upper/Lower case characters = 52 Characters * 10 numbers * 32 Special characters => 94 Characters available * 5 characters: $94^{5}$ = 7,339,040,224 * 6 characters: $94^{6}$ = 689,869,781,056 * 7 characters: $94^{7}$ = 64,847,759,419,264 * 8 characters: $94^{8}$ = 6,095,689,385,410,816 * 9 characters: $94^{9}$ = 572,994,802,228,616,704 ### Duration to crack a Password (<font color ="red"> VERY IMPORTANT: TESTED IN EXAM* </font>) * **Password choices = 95** printable ASCII characters * **Length of the password = 10** characters in length * **Password cracker rate = 6.4** millions operations per second (6.4 x $10^{6}$) * Hence, how **long** will it take to **test all possible passwords**? * $95^{10}$ = 6 x $10^{19}$ possible passwords. * The **time required = Possible passwords/cracker rate** * $\frac{6 X 10^{19} passwords}{6.4 X 10^6 passwords/second}$ = 9.4 x $10^{12}$ seconds = **300,000 years** * Thus, it will take **300,000 years to crack the password**. **Rules for choosing GOOD passwords** * Easy to remember, difficult to guess. * Length - 6 to 9 characters. * Mix character types * Letters, digits, special characters * Use an acronym * Avoid dictionary words * Different account -> Different password * Change passwords regularly <span style="display:block;text-align:center"></span> **Ten MOST common security MISTAKES** 1. Passwords on Post-it Notes 2. Leaving your computer on, unattended 3. Opening e-mail attachments from strangers 4. Poor password etiquette 5. Laptops on the loose 6. Blabber mouths 7. Plug and play without protection 8. Not reporting security violations 9. Always behind the times (the patch procrastinator) 10. Not knowing internal threats ### Other forms of Authentication * Password Authentication Concerns * If **people are forced to use long and complex passwords, they tend to write them down.** * People **should use different passwords for different sites.** * Otherwise, a **compromised password** will give access to multiple sites. * Overall, **reusable passwords are too vulnerable** to be used for high security today. * Access Cards * Permit door access. * Proximity access cards do not require physical scanning. * Need to control distribution and disable lost or stolen cards. * Goal is to eliminate reusable passwords. * Two-Factor Authentication * Supplicants **need two forms of credentials**. For example, a **Debit Card and PIN** * Strengthens authentication (defense in depth) * Fails if attacker controls the user's computer or intercepts the authentication communication * Proof that **you** are **you** because of: * **Something you have** - token, smart card * **Something you know** - PIN, password * **Something you are** - **Biometric** * Biometrics comes from the **Greek** words "**Bios-life**" and "**Metron - to measure**". * Automated methods of **verifying or recognizing** the identity of a living **person based on physiological or behavioural characteristics.** **There are 2 ways of determining if you are you:** 1. **<font color = "red"> Identification </font>** * **Establishing** a persons **identity** - Who are you? * **One to many comparison.** * **Biometric sample presented** to a **system** which **compared it against a database** of samples in the hope of finding a match. 2. **<font color = "red"> Verification </font>** * Involves **comfirming** or **denying** a **person's** claimed **identity** - Are you who you claim to be? * **One to one comparison** * **Biometric sample** captured and **compared with the previously stored template** for that user (Reference template). **Most** of the **technologies** that **scan human characteristics convert** these images to some form of **minutiae** (the small, precise, or trivial details of something). **Minutiae** are unique **points of reference** that are **digitized** and **stored** in an **encrypted format**. **Each subsequent scan** is also **digitized** and then **compared** with the **encoded value** to determine **if users are who they claim to be**. The **problem** is that some **human characteristics** can **change over time, due to normal development, injury, or illness.** Also it is **hard to find biometric features which are consistent** (Even for a very short time.) <span style="display:block;text-align:center">***Biometric Based Authentication***</span> ### Types of Biometric There are **two categories** of biometric technologies: * **Physiological**: These mainly **consist of fingerprints, the shape of the hand, vein pattern, the eye (iris and retina), and the shape of the face.** * **Physiological are usually considered to offer the benefit of remaining more stable.** * **Behavioral**: The most common are **voice recognition, signature dynamics** (speed of movement of pen, accelerations, pressure exerted, etc.), **keystroke, voice, gestures, etc** <span style="display:block;text-align:center"> </span> ### Fingerprint **Variety** of **fingerprint devices available** (optical, capacitive and ultrasound). **Template constructed by analysing patterns** and/or **points of interest** that make up the fingerprint (there are 30 **minutia in fingerprint**) **Fingerprint** biometrics **measure** the **pattern** and features **associated with** the **friction ridges** on **fingertips.** Fingerprint is the **most widely used** biometric because **it is easy to use**, very **accurate** and very **inexpensive to deploy.** Today, there are **fingerprint readers built** right into popular notebook computers, smartphones and many others devices. Fingerprint biometrics **work well** in either a **one-to-one verification** or a **one-to-many identification** application context. **Advantages** * Low cost * Size of device and mutiple choices * Ease of integration * Accurate - low instances of false acceptance. * Fast **Disadvantages** * Fingerprint is **easier to steal** (is left on everything we touch) * High quality **copies of fingerprints can be made by using different techniques.** * **Environment and usage can affect measurements** * **Systems are not 100% accurate.** * **Require integration and/or additional hardware** * **Cannot be reset once compromised** ### Hand Geometry **Measures** the **physical characteristics** of the user's **hand and fingers**. It uses **low level infrared light** and a **camera** to **capture an image**. **Suited** to applications where there is a **large user base** or **users access the system infrequently**. **Flecible performance tuning** can **accommodate a wide range of applications.** **Hand geometry readers** have been **used** for a **number of years** to protect access to **high security areas of buildings.** This technology can also be **deployed** effectively for **verification or one-to-one matching.** **Disadvantages** * **Large** footprint of hand geometry **devices** * Only used for **verification** * **Right hand** use only ### Iris Iris is **exciting** biometric technology that **measures the patterns of the iris which is the coloured area arounf the pupil of the eye.** Because there is significantly **more information** that can be measured, **iris is considered the most accurate biometric.** Iris recognition **can be accomplished from a distance of one to three feet** and **users a light source** about as intense as the one on the television remote control. Iris is **growing in popularity** in the **healthcare sector to protect access to patient electronic records.** * Captures the **pattern** of flecks on the iris. * Pattern **processed** and **encoded** into **512 byte** record. * Uses **conventional cameras.** * Average **2 seconds** for **identification.** * **Less intrusive** than **retinal scanning.** * **No physical contact** between user and reader (unless very tall or very short). * Iris biometrics **can** be **used** in rapid **identification** search applications across **millions** of **records** in **just seconds** with no false positive matches. * The only **problem** is that we **don't have** existing **repositories** of iris templates to use for this type of large-scale screening application. * It is a **promising technology**, but it is a **little pricey** for some application. **Disadvantages** * Not easy to use. * System integration is complicated. * Cost is also an issue, particularly for high quality iris-based system. <span style="display:block;text-align:center"> **Iris Recognition Diagram**  </span> ### Retinal Retina scanning **is not considered a mainstream biometric** because **it requires close proximity to the lens** and **shines** a **high-intensity light** source **into the eye.** The **unique patterns** of the retina is **scanned** by **infrared light.** **Image constructed** from de-scanned **reflected light** and is extremely **accurate** and **fast** enrolment process. **Disadvantages** * **User acceptance** - intrusive technology. * **Cost** * **Limited** to **high security applications** * **Does not perform well** when user **wears spectacles** or has cataracts. ### Face Recognition The **human face** provides **features** and **measurements** of **distance** and **angle** that **can be computed** in two or **three dimensions** to **determine** a person's identity. While **not as accurate as fingerprint** technology, face recognition has **significant benefits** as an automated **verification** and **identification tool.** For one it **sues** a familiar **digital photo** process that **most people** are **accustomed** to and **comfortable** with. This is the primary reason that the **International Civil Aviation** Organization **chose face recognition** as the biometric technology to be stored on a computer chip embedded within the machine readable **passports** that most countries of the world are now adopting. Face recognition **can be performed from a distance** without requiring the user to touch the device. Based upon the **geometric shape** and **position of features** of the face and **performs** equally well on all races and both genders. Google, Apple, Facebook, Amazon and Microsoft (**GAFAM**) are all **developing face recognition applications.** Face recognition is **resistant** to **changes** in **lighting, skin tone, facial hair, hair style, eyeglasses, expression** and **pose.** **No user participation is required** in order to **perform identification/verification.** There are **limited success** in **practical applications.** Face recognition is a **1 to many matching** **Disadvantages** * **Perceived** to be **invasive** as covert system. **2D Facial** * **Relies** on **controlled lighting.** * **One photograph per facial position** * **High failure rate** * **Can be 'fooled'** **Artificial neural network algorithms** are helping face recognition algorithms to be **more accurate.** The **ethical and societal challenge** posed by **data protection** is radically affected by the **use** of facial recognition technologies. ### 3D Facial 3D technology enables the **real-time capture of three-dimensional** images of a subject's face. 3D recognition **uses distinctive features of the face** - where rigid tissue and bone is most apparent, such as the **curves of the eye socket, nose and chin** - to identify the subject. **These areas** are all unique and **don't change over time.** The **unique features are extracted** and **stored** as a **biometric template** for automated human recognition. The method **can be used** either in **identification** or in **verification**. **Detection** * Acquiring an image can be accomplished by **digitally scanning an existing photograph (2D) or by using a video image to acquire a live picture of a subject (3D). **Alignment** * Once it detects a face, the **system determines the head's position, size and pose.** **Measurement** * The system then **measures the curves of the face on a sub-milimeter (or microwave) scale and creates a template.** **Representation** * The system **translates the template into a unique code.** This coding gives each template a set of numbers to represent the features on a subject's face. **Matching** * If the **image is 3D** and the database contains 3D images, then **matching will take place without any changes being made to the image. However if it is a 2D image then it goes through further processing.** **Verification or Identification** * In **verification, an image is matched to only one** image in the database (**1:1**). * For **identification, the image is compared to all images** in the database resulting in a score for each potential match (**1:N**). ### Signature **Behavioral Biometric** based on **analysis** of the dynamics of a **handwritten signature** e.g. **shape, speed, stroke, order, pen pressure.** Generally use **pressure sensitive tablets or wired pens.** **User friendly and Non intrusive** - minimal public acceptance issues. **Captured signature can be used for digitally signing documents.** **Disadvantages** * **Considered** to be one of the **least accurate** * **Only performs 1 to 1 verification.** ### Speech Verification Another form of biometric is speech verification, which **measures** the **distinctive pitch, cadence and tone of the voice** when speaking a set passphrase. This **should not be confused with voice recognition** technology which can **convert spoken words into text** Speech verification is **often used in telephony applications** and **requires no special device hardware** other than a microphone or telephone handset. In applications using speech verification, the **system** may also **randomly prompt** the user **to pick** from a **list of pre-recorded phrases.** This **avoids** the slight **risk** of the use of a **recording of a person's voice which might otherwise fool the system.** Speech verification is **used only in one-to-one verification** applications but **is quite cost-effective** for unattended **applications** like **telephone banking** or **phone shopping**. For example, the **Home Shopping** Channel **uses speaker verification** to **validate** that the **returning account holder** is the same person that opened the account and not a teenage daughter with insomnia. Speech Verification has **high user acceptance - perived as least intrusive biometric technology.** **Easy** for **end users to implement** <font color="red"> **BUT** the least secure biometric</font>. **Ideal*** for **telephone systems/mobile environments.** **Disadvantages** * Affected by **environmental factors - background noise** grealty **affects** system **performance.** * **Problems** if **enrolment** undertaken using **mobile device** then **request verification from fixed land line.** ### Operation of a Biometric System **Each individual** who is to be included in the database of authorized users must be **enrolled** in the system. For a biometric system, the user presents a name and, typically, some type of password or PIN to the system. At the same time the system senses some **biometric characteristic** of this user (e.g. fingerprint of right index finger). The system **digitizes** the input and then extracts a set of features that can be **stored** as a number or set of numbers representing this **unique biometric characteristic**; this set of numbers is referred to as the **user's template**. The user is **now enrolled** in the system, which maintains for the user a name (ID), perhaps a PIN or password, and the biometric value. Depending on application, **user authentication** on a biometric system **involves either verification or identification.** The system extracts the **corresponding feature** and **compares** that to the **template** stored for this user. **If* there is a match, then the system **authenticates this user.** <span style="display:block;text-align:center"></span> ### Biometric Authentication Biometric **authentication is based on something you are** (your fingerprint, iris pattern, face, hand geometry, and so forth) or something you do (write, type, and so forth). The major **promise of biometrics is to make reusable passwords obsolete.** **Enrollment** (enrollment scan, process for key features, store template) * Key **features extracted** from the scan **should be nearly the same** * **Scan data is variable** (scan fingerprint differently each time) **Later access attempts provide access data**, which will be turned into key feature data for comparison with the template. Biometric **access key features will never be exactly the same as the template.** There must be configurable decision criteria for deciding **how close a match (match index) to require.** * Requiring an overly **exact match** index will **cause many false rejections** * Requirinf too **loose a match** index will **cause more false acceptances**. <span style="display:block;text-align:center"> **Biometric Authentication System**  </span> ### Biometric Errors and Deception **False Acceptance Rates (FARS)** * Percentage of people who are identified or verified as matched to a template but should not be. **False Rejection Rates (FRRS)** * Percentage of people who should be identified or verified as matches to a template but are not. | Situation | False Acceptance | False Rejection | | --------- | ---------------- | --------------- | | Identification for computer access | Security Violation | Inconvenience | | Verification for computer access | Security Violation | Inconvenience | | Watch list for door access | Security Violation | Inconvenience | | Watch list for **terrorists** | **Inconvenience** | **Security Violation** | **Errors** * when subject is **NOT trying to fool the system** **Deception** * when subject is **trying to fool the system** **Vendor Claims for FARs and FRRs** * Tend to be exaggerated through **tests under ideal conditions** **Failure to Enroll (FTE)** * Subject **cannot enroll in system** * E.g. **poor fingerprints due to construction work**, clerical work, age, etc. **Other Factors Affecting Performance** * Demographics (youth, aged, ethnic origin, gender, occupation) * **Template Age** * Physiology (hair, disability, illness, injury, height, features, time of day) * **Appearance** (clothing, cosmetics, tattoos, adornments, hair-style, glasses, contact lenses, bandages) * **Behaviour** (language, accent, pose, positioning, nervousness, distractions) ### Comparison of Different Biometric Methods | Method | Coded Pattern | Misidentification Rate | Security | Applications | | ------ | ------------- | ---------------------- | -------- | ------------- | | Iris | Iris Pattern | $\frac{1}{1,200,000}$ | High | High-Security | | Fingerprint | Fingerprints | $\frac{1}{1,000}$ | Medium | Universal | | Voice | Voice Characteristics | $\frac{1}{30}$ | Low | Telephone Service | | Signature | Shape of letters, writing, order, pen pressure | $\frac{1}{100}$ | Low | Low-Security | | Face | Outline, shape, distribution of eyes, nose | $\frac{1}{100}$ | Low | Low-Security | | Palm | Size, length & thickness hands | $\frac{1}{700}$ | Low | Low-Security | ### Future of Biometrics **If the whole world was bio-metricized** - if everyone was required to carry a biometrically enabled ID card - many of the **problems of identity theft and fraud could be solved pretty quickly.** But the **whole world won't be bio-metricized anytime soon.** Packaged **solutions exist today that can replace passwords** with more **secure biometrics** and make our **lives simpler and more convenient.** This **technology** is still in its **early days of development** and **although** it is very **promising**, there is **lot to be done before it can be widely deployed for computer security.** ## Protect (Cryptography) **Cryptography** * is the **art and science of secret writing, encrypting, or hiding information** from all but the intended recipient. * Cryptography is the **use of mathematical operations to protect messages** travelling between parties or stored on a computer. * It means that **someone intercepting your communications cannot read them** **Cryptanalysis** * is the **process of attempting to break a cryptographic system** and return the encrypted message to be its original form. **Basic Definitions** * **Plaintext**: A piece of data that is not encrypted * **Ciphertext**: The output of an encryption algorithm * **Cipher**: A cryptographic algorithm * **Key**: A sequence of characters or bits used by an algorithm to encrypt or decrypt a message. * **Encryption**: Changing plaintext to ciphertext * **Decryption**: Changing ciphertext to plaintext ### Encryption and Decryption Process **Notation** * **M** = Message, **C** = Ciphertext, **E** = Encryption, **D** = Decrypting * **E(M)** = C (encrypting message = ciphertext) * **D( C)** = M (decrypting ciphertext = message) <span style="display:block;text-align:center"></span> **Notation using a Key** * **Secret-key (Symmetric) Cryptosystem - One Key** * $E_{K}$(M) = C * $D_{K}$( C) = M * **Public-key (Asymmetric) Cryptosystem - Two keys** * $E_{K1}$(M) = C * $D_{K2}$( C) = M <span style="display:block;text-align:center"></span> **Cryptographic Algorithms** * The cryptograhic algorithm - What is commonly called the encryption algorithm or cipher - is made up of **mathematical steps for encrypting and decrypting information. **Types of Ciphers** * **Substitution** ciphers (**replace**) * **Transposition** ciphers (**rearrange**) * **Product ciphers** (**substitution, permutation, and modular arithmetic**) * Vigenere * One-time pad **Keys** * Keys are **special pieces of data** used in both the encryption and decryption processes. * The **algorithms stay the same, but different key is used.** * The **more complex the key, the greater the security** of the system. ### Key Length * **Security** = <font color="red"> **Strength of Algorithm**</font> + Length of Key * Key of **8 bits has $2^{8}$ or 256** possible combinations. Tricial to break even without a computer (**50% chance** of finding the key after **128 tries**) * Every **bit you add, doubles the number of possible combinations.** * Assuming **a key of 56** bits, there are $2^{56}$ possible combinations. * If a computer can try **1,000,000 keys a second, it would take ($\frac{2^{56}}{1,000,000 * 365days * 24h * 60min * 60s}$) 2285 years to find the correct key.** * A **64-bit key would take 585,000 years.** * **128 bits requires $10^{25}$ years** * However **computers are much faster than 1M keys/s these days** and with hackers **using millions of compromised computers in parallel**, in reality it is **much easier to break it then it is in theory.** ### Cryptography Plaintext can be encrypted through **bit stream or clock** cipher method **Bit Stream**: Each plaintext bit transformed into cipher bit **one bit at a time** * RC4 (widely used) is a byte oriented stream cipher **Block Cipher**: Message divided into **blocks** (e.g. sets of **8- or 16-bit** blocks) and each is transformed into encrypted block of ciphers bits using algorithm and key. **Encryption Modes**: Different encryption modes may be used. Common modes are: * **Electronic Code (ECB)**: Each block encrypted separately * **Cipher Block Chaining (CBC)**: Next input depends on previous output **Cryptosystem**: or (Cryptographic system) is the **package of all procedures, protocols, cryptographic algorithms** and instructions used for enciphering and deciphering messages using cryptography. **Choosing Algorithms** * **Depends on the application** * Encrypting streams of data in real-time has different requirements than encryption files on your local computer. * **Symmetric**: Best for data on your **hard drive** * **Public**: Good for **messages** * **Cryptography is Used to Achieve Information** * **Confidentiality**: only authorized persons can access information * **Integrity**: Information that was sent is what was received * **Authentication**: Guarantee of originator and of electronic transmission (using digital signature) * **Non-repudiation**: Originator of information cannot deny content or transmission (using digital signature) ### Shift or Caesar's Cipher Caesar's cipher **uses an algorithm and a key** * The **algorithm specifies that you offset the alphabet** either **to the right** (forward) or **to the left** (backward) * The **key specifies how many letters the offset should be.** The **Caesar's cipher is also known as a shift cipher.** Historically, **additive ciphers** are called **shift ciphers.** **Julius Caesar** used an addition cipher to communicate with his officers. For this reason, additive ciphers are sometimes **referred to as the Caesar cipher.** Caesar used a **key of 3** for his communications. The action of a Caesar cipher is to replace each plaintext letter with one fixed number of places down the alphabet. <span style="display:block;text-align:center">  </span> This example **is with a shift of three**, so that a **B** in the plaintext becomes **E** in the ciphertext. <span style="display:block;text-align:center"> </span> ### Substitution Ciphers **Simple Shift** ciphers are **easy to crack** * Simply **figure out the number of rotations.** **Substitution** ciphers were developed because they **are more complex**. Substitution ciphers work on the principle of **substituting a different letter for every letter.** * **a** becomes **g**, **b** becomes **d**, and so on. * The **letters are not in order as they are in shift ciphers.** **Basic Idea** - **substitute each block** of plaintext by a **different block** * If **plaintext is English** then * **Mona-alphabetic** substitution (**one to one** relationship) * **Poly-alphabetic** substitution (**one to many** relationship) * If **plaintext is binary string** then **map one block of bits to another. * **Plaintext**: 0011010101010001... **10100101** * **Ciphertext**: 0100010000011100 ... **00101001** * In substitution cipher, **the alphabets may be shifted, reversed or scrambled.** * **Shifted**: Creating the **Caesar Cipher** * **Reversed**: Creating **Atbash Cipher** (simple substitution cipher for the Hebrew alphabet) * **Scrambled**: Creating a **mixed alphabet** or deranged alphabet. * Traditionally, **mixed alphabets may be created by first writing out a keyboard, removing repeated letters in it**, then **writing all the remaining letters in the alphabet in the usual order. * **Example**: The keyword "**zebras**" gives us the following alphabets  * **A message of**: flee at once. we are discovered! * **Enciphers to**: SIAA ZQ LKBA. VA ZOA RFPBLUAOAR! * The encyption can also be represented **using modular arithmetic** by first **transforming the letters into numbers**, according to the scheme, A=0, B=1,..., Z=25. <span style="display:block;text-align:center"></span> * **Encryption and Decryption** can be described mathematically as shown below. This is also called **additive cipher**. <font color ="red"> **Very Important!! Will come out for quiz and exam!**</font> <span style="display:block;text-align:center"></span> ### Substitution (Additive) Ciphers <font color ="red">**Die Die must know, contain a big part for the exam :(**</font> **Question**: Use the **additive cipher** with **key = 15** to **encrypt** the message "**hello**" **Solution**: We apply the encryption algorithm to the plaintext, character by character. <span style="display:block;text-align:center"></span> **Question**: Use the additive cipher with **key = 15** to decrypt the message "**WTAAD**" **Solution**: We apply the decryption algorithm to the plaintext character by character. <span style="display:block;text-align:center"></span> ### Substitution Ciphers **Question**: Eve has intercepted the ciphertext "**UVACLYFZLJBYL**". Show how she can use a **brute-force attack to break the cipher.** **Solution**: Eve tries **keys from 1 to 7**. With a key of 7, the plaintext is "not very secure", which makes sense. <span style="display:block;text-align:center"></span> ### Substitute Example Let **k = 9, m = "VELVET" (21 4 11 21 4 19)** $E_{k}$(m) = (30 13 20 30 13 28) mod 26 = "4 13 20 4 13 2" = "**ENUENC" $D_{k}$(m) = (**26 + c - k**)**mod 26** = (21 30 37 21 30 19)mod 26 = "21 4 11 21 4 19" = **"VELVET"** <span style="display:block;text-align:center"></span> ### Transposition The **order of the letters are changed.** This can be done **at the bit level or at the byte** (character) level - transposition ciphers move these bits or bytes to another location in the block, so that bit 1 becomes bit 4, bit 2 becomes bit 7 etc. **Example**: "**THE UNEXAMINED LIFE IS NOT WORTH LIVING**", Written vertically over six columns becomes: <span style="display:block;text-align:center"></span> ### Vigenere Cipher * The Vigenere cipher is a **much more complex cipher**. * It **corrects the issues with more simplistic keys.** * **It workds as a poly-alphabetic substitution** cipher that depends on a password. * **Makes the algorithms rather simple** * **But the key rather complex**, with the best keys comprising very long and very random data * A Vigenere cipher is **done by setting up a substitution table** like this one: <span style="display:block;text-align:center"></span> * The **password is matched up to the text** it is meant to encipher. * The cipher letter is **determined by** use of the grid. * **Matching** the plaintext **character's row** * **With** the password character's **column**, * Resulting in a single ciphertext character **where the two meet.** * For example - **Plain text is "Send Help"** and the **password is "cabinet"**. * 1st **plaintext letter S (column)**, 1st **password letter c (row)** * **Ciphertext is now U** <span style="display:block;text-align:center"></span> ### One-Time Pads: A Perfect Substitution * There is one **type of substitution cipher** that is **absolutely unbreakable**. * The one-time pad was **invented in 1917 by Joseph Mauborgne and Gilbert Vernam** and is also known as **vernam cipher**. * We **use a block of shift keys**, ($k_{1}$, $k_{2}$, ..., $k_{n}$), to encrypt a plaintext, M, of length n, with **each shift key being chosen uniformly at random**. * Since each shift is random, every ciphertext is equally likely for any plaintext. * In spite of their perfect security, one-time pads have some weaknesses * The **key has to be as long as the plaintext** * **Keys can never be reused** * Repeated use of one-time pads allowed the U.S. to break some of the communications of Soviet spies during the Cold War. * Such cipher is **difficult to break but not very practical** ### Modern Ciphers * Operate on **binary plaintext** * Uses **binary keys** of fixed length * Different types of ciphers: * **Symmetric Ciphers** * Stream Ciphers (**RC4**, A5/x, Helix, SEAL) * Block Ciphers (**DES, Triple-DES**, Blowfish, **AES**) * **Asymmetric Ciphers** * **Diffie-Hellman**, ElGamal, **RSA**, ECC * Two basic operations in **modern cipher** are: * **Substitution**: Substitutes a code symbol for another. * Example: **Shifts** (Vigenere cipher), **xor** * **Permutation**: Transposes or re-orders the symbols present in the code. * **Both steps are needed for security** ## Protect (Secret Key Cryptography) <span style="display:block;text-align:center"></span> ### Secret-Key Cryptography (SKC) * Uses a **single key to encrypt and decrypt** a message. * Not only **deals with encryption**, but it **also** deals **with authentication.** * Main **problem** is getting the sender and receiver to **agree on the secret key without anyone else finding out.** * This **requires a method** by which the two parties can communicate **without fear of eavesdropping.** * The **advantage** is tht it is generally **faster** than public-key cryptography. **Vulnerabilities** * **Passive Attacker** (Eavesdropper) * **Obtain** and/or guess **key** and cryptosystem, **and** use these to **decrypt messages.** * **Capture text** in transit and **try a ciphertext-only attack to obtain plaintext**. * **Active Attacker** * **Break communication channe** (denial of service) * **Obtain** and/or guess **key** and cryptosystem, **and** use these to **send fake messages.** **Advantages** * Symmetric-key ciphers can be designed to have **high rates of data throughput.** * Some hardware and software implementations **achieve encrypt rates of hundreds of megabytes per second.** * **Keys** for symmetric-key ciphers are **relatively short** * For example, **128-bit keys are considered very safe.** **Disadvantages** * In a two-party communication, the **key must remain secret at both ends.** * In a **large** network, there are many **key pairs to be managed.** Consequently, effective key management **requires the use** of a **trusted third-party (TTP).** **Popular Symmetric Encryption Algorithms** * **DES, 3DES, AES**, CAST, RIVEST, Blowfish, IDEA ### Attacking Symmetric Encryption **Cryptanalytic Attacks** * Rely on: * Nature of the algorithm * Some knowledge of the general characteristics of the plaintext * Exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or the key being used * If successful, all future and past messages encrypted with that key are compromised. **Brute Force Attacks** * Try all possible keys on some ciphertext until an intelligible translation into plaintext is obtained * On average half of all possible keys must be tried to achieve success. ### Data Encryption Standard (DES) **In 1973, the Natinal Bureau of Standards (NBS) now National Institute of Standards and Technology (NIST) requested proposals** for national symmetrickey cryptosystem. The request **specified the following set of design criteria:** * The cryptographic algorithm **should be** described in an **easy-to-understand** language. * The **security** of the algorithm must **depend on the key**, not on keeping the method itself (or parts of it) secret. * The details of the algorithm must be **publicly available**, so that anyone could implement it in software or hardware. * The method **must be adaptable** for use **in many applications**. * Hardware **implementation** of the algorithm **must be practical.** * The method **must be efficient** (i.e. fast and with reasonable memory requirements.) * It **should be possible to test and validate the algorithm under real-life conditions. A proposal from **IBM, a modification of a project called "Lucifer", was accepted as DES.** Des was **adopted in 1976-77**. <span style="display:block;text-align:center"> </span> **Block Cipher <font color="red">(Will come out for QUIZ. MEMORISE!)</font>** * The **block size is 64** bits. This means **64 bits of plaintext gives you 64 bits of ciphertext.** * <font color ="red">**56-bit key** length </font> * 64-bit DES Symmetric consists of **56-bits + 8 redundancy** * **Performs** a **substitution and permutation** (a form of transposition) based on the key **16 times on every 64 bit block.** <span style="display:block;text-align:center"> </span> ### DES Block Encryption <span style="display:block;text-align:center"> </span> ### DES Structure The **encryption process is made of two permutations (P-boxes), called initial and final permutations, and sixteen rounds.** <span style="display:block;text-align:center"></span> ### DES Controversy Originally **designed by researchers at IBM in the early 1970s with block size and key size as 128 bits.** However, once it was adopted as DES, the **key size was changed to 56 and the block size to 64.** **According to USA government, this was done in order to ensure that DES was quickly adopted by industries** such as **financial services**, where the need for strong encryption is high. This argument proved to be **true as the simplicity of DES saw it used in a wide variety of embedded systems.** **However, many security experts felt the 56-bit key length was inadequate even before DES was adopted as a standard.** **Another change made to original algorithm** "LUCIFER" was that **S boxes were designed under classified conditions and no reasons for their particular design were ever given.** **This change led people to assume that the NSA had introduced a "trapdoor"** through which **they could decrypt any data encrypted by DES even without knowledge of the key.** ### Someone Broke DES, so WHAT? * Use DES multiple times? * How many Times? <span style="display:block;text-align:center">  </span> ### Use Double DES (2 DES) **Use DES twice, with two keys (2x<font color = "red">56</font> = 112 bits)** <span style="display:block;text-align:center">  </span> **ISSUES** * With **two pair of keys** of known plain-text/cipher-text, double **DES can be guessed with very high confidence**, for roughly same computational complexity as breaking DES itself. * Also **Meet-in-the middle-attack** using known plain/cipher pairs. ### Use DES THRICS (3DES) <font color ="red"> **Triple DES (3DES) is a variant of DES.** </font> * Multiple encryption - **goes through the DES algorithm three times. It is **three times slower** than regular DES but can be **billions of times more secure <font color = "red"> if used properly**</font> 3DES is **stronger than DES but has similar weakness.** The **longer key length makes it more resistant** to brute force attacks. 3DES was a **good interim step** before the new encryption standard, AES. <span style="display:block;text-align:center"> </span> ### 3DES <span style="display:block;text-align:center">  </span> ### Advanced Encryption Standard (AES) **Originally called Rijndael, the cipher **was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen.** AED **is a block cipher that separates data input into 128-bit blocks.** It can have **key sizes of 128, 192, and 256 bits**, with the size of the key affecting the number of rounds used in the algorithm. * These **versions are known as AES-128, AES-192 and AES-256** respectively. Although **no efficient attacks exist against AES, in 2011, the trio of CRYPTOGRAPHY RESEARCHERS** (working at Microsoft and European Universities) **identified a weakness** in AES security algorithm that can crack secret keys faster than before. **However** recorvering a key is no five minute job and despite being four times easier than other methods **the number of steps required to crack AES-128 is an 8 followed by 37 zeroes.** ### AES One of the **fastest and strongest algorithms.** * Fixed **block length: 128** bits * Variable **key length: 128, 192, 256** bits * Variable **number of rounds** (iterations): **10, 12, 14** * Number of **rounds depend on key/block length.** **Winner of the U.S.** Advanced Encryption Standard (AES) **competition*** **Royalty-free, patent-free** <span style="display:block;text-align:center"></span> ### Rijndael Structure **Rather than using a substitution and a permutation** at each stage **like DES, Rijndael consists of multiple cycles of Substitution, Shifting, Column mixing and a KeyAdd operation.** <span style="display:block;text-align:center"></span> ### Key and State Bytes <span style="display:block;text-align:center"></span> ### Initial Step The **process begins by grouping the plaintext** bits **into a column array** by bytes. * The **first four bytes form the first column; the second four bytes from the second column,** and so on. * If the **block size is 128 bits then this becomes a 4x4 array.** For **larger block** sizes the array **has additional columns.** * The **key is also grouped into an array** using the same process. <span style="display:block;text-align:center"></span> ### Substitution The **substitution layer uses a single S-box** (rather than the 8 Sboxes used in DES). The Rijndael S-box is a 16 x 16 array. * Each element in the current column array serves as an address into the S-box where the **first four bits identify the S-box row** and the **last 4 bits identify the S-box column.** <span style="display:block;text-align:center">  </span> ### Row Shift Operation A row shift operation **is applied to the output of the S-box** in which the four rows of the column array are cyclically shifted to the left. * The **first row is shifted by 0,** * The **second by 1**, * The **third by 2**, and * The **fourth by 3** <span style="display:block;text-align:center"></span> ### Matrix Multiply Column mixing is accomplished by a matrix multiplication operation. * **The shifted column array is mutiplied by a fixed matrix.** <span style="display:block;text-align:center"></span> ### Key Add The final operation **adds a Sub-key** derived from the original key to the column array * This **completes one round of AES** <span style="display:block;text-align:center"></span> ### Differences Between AES and Rijindael **Rijindael allows** for **both key and block sizes** to be chosen independently from the set of **128, 160, 192, 224, 256** bits. However, **AES specifies that the block size must always be 128** bits in AES, and that the **key size may be either 128, 192, or 256 bits.** Therefore AES-128, AES-192, and AES-256 are actually: * In other words, **AES has a fixed block size** of 128 bits and a key size of 128, 192, or 256 bits, **whereas Rijindael can be specified with block and key sizes in any multiple of 32 bits**, with a minimum of 128 bits and a maximum of 256 bits. | AES Version | Key Size (Bits) | Block Size (Bits) | |:-----------:| --------------- | ----------------- | | AES-128 | 128 | **128** | | AES-192 | 192 | **128** | | AES-256 | 256 | **128** | ### AES Selection Process **When proposals were called by USA government to replace DES/3DES with a secure encryption system, there were 15 finalist competitors.** The most **prominent were**: * **MARS**: submitted by a large team **from IBM Research** * **RC6**: submitted by **RSA Security** * **Rijindael**: submitted by two Belgian cryptographers, Joan Daemen and Vincent Rijmen * **Serpernt**: submitted by Ross Anderson, Eli Biham and Lars Knudsen * **Twofish**: submitted by a **large team of researchers** from Counterpane Internet Security, including noted cryptographer Bruce Schneier. It was **Rijindael, that eventually became the standard** and henceforth acquired the title Advanced Encryption Standard or AES. The **selection process was very stringent, taking 5 years to complete.** During that span, **many experts from the cryptographic community carried out detailed tests and painstaking discussions to find vulnerabilities and weaknesses.** **Although** the cipher's **strength** against various attacks **was a major consideration** in choosing the standard, **other factors like speed, versatility, and computational requirements were likewise given importance.** The government **wanted** an encryption **standard that wasn't just strong, but also fast, reliable and easily implemented in both software and hardware** - even those with limited CPU and memory. **Although** the **other** encryption **algorithms were ** also very **good** (Some of those ciphers are also widely used today but understandably don't enjoy the same level of acceptance as AES) the **Rijindael** cipher **was** ultimately **selected** and declared a Federal Information Processing Standards or FIPS standard by the NIST (National Institute of Standards and Technology) in 2001. In **2003**, the government **deemed it suitable for protecting classified information.** In fact, up to this day, the **NSA** (National Security Agency) **is using AES to encrypt even Top Secret Information. That should explain why **AES has gained the confidence** of various industries. **If it's good enough for the NSA, then it must be good enough for businesses.** ### AES Summary * Advanced Encryption Standard, also known as **Rijindael**, is a block cipher **adopted as an encryption standard by the US government.** * Result of a public process * **Evaluation criteria**: * **Security** * **No licensing** * **Computational efficiency** * **Memory requirements** * **Flexibility (Key size, block size, time/memory tradeoffs)** * **Hardware and software suitability** * **Simplicity of design** * Acts on **128-bit blocks** * Key **128, 192 or 256 bits** (for **10, 12, 14 rounds**) * AES operates on a 4x4 array of bytes, termed the <font color = "red"> **state** </font> (versions of Rijindael with a larger block size have additional columns in the state.) * **For encryption, each round of AES (except the last round) consists of four stages:** * <font color = "red">**SubBytes**</font>: a non-linear **substitution step** where each byte is replaced with another according to a lookup table. * <font color = "red">**ShiftRows**</font>: a **transposition step** where each row of the state is shifted cyclically a certain number of steps. * <font color = "red">**MixColumns**</font>: a **mixing operation** which operates on the columns of the state, combining the four bytes in each column using a linear transformation. * <font color = "red">**AddRoundKey**</font>: each byte of the **state is combined with the round key;** each round key is derived from the cipher key using a key schedule. * The **final round omits the MixColumns stage.** ### DES and AES Comparison | | DES | AES | |:---:| --- | --- | | **Key Length** | <font color = "red"> 56 bits </font> | <font color = "red"> 128, 192, or 256 bits </font> | | **Cipher Type** | Symmetric block cipher | Symmetric block cipher | | **Block Size** | 64 bits | <font color = "red">**128 bits**</font> | | **Developed** | <font color = "red">1976-77</font> | <font color = "red">2000</font> | |**Cryptanalysis resistance** | <font color = "red">Vulnerable</font> to differential and linear cryptanalysis; weak substitution tables | <font color = "red">Strong</font> against differential, truncated differential, linear, interpolation and Square attacks | | **Security** | <font color = "red">Proven inadequate</font> | <font color = "red">Considered secure</font> | | **Possible Keys** | $2^{56}$ | $2^{128}$, $2^{192}$, or $2^{256}$ | | **Time required to check all possible keys at 50 billion keys per second** | For a 56-bit key: <font color = "red">400 days</font> | For a 128-bit key: <font color = "red">5 x $10^{21}$ years </font> | <span style="display:block;text-align:center">  </span> ### RC RC is the term for ciphers **designed by Ron Rivest, (<font color = "red">RC-**R**ivest **C**iphers</font>). * **RC1:** Was **never published** * **RC2:** Was **designed in 1987 as DES replacement.** It has **8 to 1024 bit key** size, **64 bit block** size (**keys below 64 bit are vulnerable**). * **RC3:** Was **broken before ever being used.** * **RC4:** Is the world's **most widely used stream cipher** and was designed in 1987. It uses **key** lengths of **8 to 2048** bits (**most vulnerable to possibility of weak keys**). * **RC5:** Is a **32/64/128-bit block cipher** developed in **1994** with **keys sizes of 128, 192, 256.** * **RC6:** Is a **128-bit block** cipher **based** heavily **on RC5** and was an **AES finalist developed in 1997**. It is quite **fast** and **resistant to brute force attacks.** ### RC4 **First**, RC$ is **extremely fast abd uses only a small amount of RAM.** * This means that it is **ideal for small handheld devices** and was viable for even the earliest **802.11 wireless access points.** **Second**, RC4 **can use a broad range of key lengths**. * For most ciphers, longer key length is better. However, **RC4 was widely used primarily because its shortest optional key length is 40 bits.** One way to see why **RC4** is **fast** is to note that RC4 can be **implemented in only about 50 lines of code**. In contrast, the gold-standard <font color = "red">**AES**</font> **algorithm requires <font color = "red">350</font> lines of code. **More lines** of code generally **correspond to longer processing time per key.** An RC4 **key length of 40 bits is commonly used because national export limits in many countries** once limited commercial products up to 40-bit encryption. Due to its **weakness regarding its key, many variants of RC4 have been developed** over the years with different names (**RC4A, VMPC, RC4+, Spritz**). ### Major Symmetric Key Encryption Ciphers <span style="display:block;text-align:center"> </span> ## Protect (Public Key Cryptography) ### Public (Asymmetric) Key Cryptography * Symmetric Algorithms are **IMPORTANT** * they are comparatively **fast** and have few computational requirements. * Their **MAIN WEAKNESSES** * Two geographically distant parties **both need to have a key that matches the other key exactly.** * Secure **key exchange** can be an **issue**. * Public Key (also known as Asymmetric-Key Encryption) * Uses **two different but related keys** * Either **key can encrypt or decrypt message** * If **Key A encrypts message, only Key B can decrypt** * **One key serves as private key** and the **other serves as public key** * Public Key Algorithms * **Diffie-Hellman**, El-Gamal, **RSA** and Elliptic Curve ### Public-Key Encryption Structure <span style="display:block;text-align:center">  </span> ### Public-Key Encryption Example <span style="display:block;text-align:center">  </span> ### Public-Key Cryptography PKC was **invented by Whitfield *Diffie* and Martin *Hellman* in 1976**, both were **PhD students at Stanford University.** Some give **credit** to **Ralph Merkle** (in **2002, he was recognized**) **NSA** says that they **knew** PKC **back in the 60's** The **two main uses** for public key cryptography are: * <font color = "red">**Public Key Encryption**:</font> A **message encrypted** with a recipient's **public key cannot be decrypted by anyone except** a possessor of the **matching private key**. This is used to attempt to ensure **confidentiality.** * <font color = "red">**Digital Signatures**</font>: **A message signed with a sender's private key can be verfied by anyone who has access to the sender's public key**, and, therefore, **is likely to be the person associated with the public key used.** A central **problem with public-key cryptography is proof that a particular public key is correct, and has not been tampered with.** The **usual approach** to this problem **is** to use a public-key infrastructure (PKI), in which one or more third parties - know as certificate authorities **(CA) certify ownership of key pairs**. **Public-Key Cryptography** uses 2 keys: * **Public-Key** * **May be known by anybody**, and can be used to **encrypt messages, and verify signatures.** * **Private-Key** * **Known only to the recipient,** used to **decrypt messages, and sign (create) signatures.** **Keys are mathematically related** to each other but it is **not feasible to find out private key from the public key.** The **3 misconceptions about PKC** are: 1. **It replaces symmetric crypto** * PKC rather **complements** private key crypto 2. PKC is more secure. * No, **security** mostly **depends on the key size** in both schemes. 3. **Key Distribution is Trivial** in PKC since public keys are public. * Making something public is not easy. How can one make sure that a public key belongs to the intended person? * **Key distribution is easier, but not trivial.** ### Public Key Encryption <span style="display:block;text-align:center"> ![](https://i.imgur.com/hCV6EqK.png </span> ### Public Key Authentication <span style="display:block;text-align:center">  </span> ### Prime Numbers And MOD * Prime Numbers * Prime numbers **only have divisors of 1 and itself.** * They **cannot be written as a product of other numbers.** * **Note**: *1 is prime, but is generally not of interest.* ## Protect (Digital Signature and Certificates) # Practice and Sample Quizzes As the notes is getting too long, to access the practice and sample quizzes. Please [click here.](https://hackmd.io/@michmich/ByFouIaXF)