Professional Documents
Culture Documents
L1 (Intro)
L1 (Intro)
Handout 1 - Introduction
Kasun de Zoysa
kasun@ucsc.cmb.ac.lk
– Communications security
– Authentication of unknown users
– Access authorizations
– Verification of transactions
Confidentiality
Secure
Integrity
Availability
● Confdentiality:
Computer related assets are only available to authorized
parties. Only those that should have access to
something will actually get that access.
● “Access” isn't limited to reading. But also to viewing,
printing or...
● Simply even knowing that the particular asset exists
(steganography)
– Straight forward concept but very hard to
implement.
● Integrity
Can mean many things: Something has integrity if it is:
● Precise
● Accurate
● Unmodifed
● Consistent
● Meaningful and usable
● Availability
– There is a timely response to our requests
– There is a fair allocation of resources (no
starvation)
– Reliability (software and hardware failures lead
to graceful cessation of services and not an
abrupt crash)
– Service can be used easily and in the manner
it was intended to be used.
– Controlled concurrency, support for
simultaneous access with proper deadlock
and access management.
Information System Security Sunday, September 08, 2019
Principles of Computer Security
Functionality
Information security
are methods and technologies
for protection, integrity, availability,
authenticity and extended functionality
of computer programs and data
Encryption
SW & HW Controls
Policies
Physical controls
Physical controls
Physical controls
Physical controls
Physical controls
Help
Cipher Algorithm
Encrypted Data
●
Cryptography
– Art or science of secret writing
– Protects sensitive information from disclosure
– Storing and transmitting information in a form that allows it to be revealed
only to those intended
– Cryptosystem accomplishes this
– Identifes the corruption or unauthorized change of information
– Designed to make compromise too expensive or too time-consuming
●
Cryptanalysis
– art/science relating to converting ciphertext to plaintext without the
(secret) key
●
Cryptology
– Includes both cryptography and cryptanalysis
●
Why Encrypt?
– Protect stored information
– Protect information in transmission
● Cryptography originally used for secrecy
●
Encryption - process by which plaintext
is converted to ciphertext using a key
●
Decryption - process by which ciphertext
is converted to plaintext (with the
appropriate key)
●
plaintext (cleartext)- intelligible data
●
The goal of a cryptosystem is to provide
●
Confidentiality To ensure that unauthorized parties cannot
access the data, message or information
●
Authenticity To ensure that the source / sender of the data,
message or information is identifable
●
Integrity To ensure that the data. Message or Information
was not modifed during transmission
●
Nonrepudiation To ensure that either party cannot deny
sending or receiving the data, message or information
Historic examples...
Earliest cryptography: an Egyptian scribe using
non-standard hieroglyphics
Julius Caesar (“Caesar Cipher”)
Each plaintext letter is replaced by a letter some
fixed number of positions further down the
alphabet (e.g. Belgica (3 positions) ehojlfd)
The Kama Sutra recommends cryptography as
44th and 45th art
(of 64) men and women should know
Ci = E(Pi)= Pi+3
How it work
The kamasutra generate list of 26
alphabet with no duplicate. Then
divide by 2 row. Find for each
letter of message text in table and
choose the opposite of the letter
Sunday, September 08, 2019 42
kamasutra
for example:
Key = G H A J R I O B E S Q C L F V Z T Y K M X W N U D
P
divide by 2 rows
G H A J R I OB E S Q C L
F V Z TY KMX WN U D P
Cipher : IZOZNQJYZ
Sunday, September 08, 2019 43
Monoalphabetic Substitutions
Letter Frequency
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Columnar Transposition
c1 c2 c3 c4 c5
c6 c7 c8 c9 c10
c11 c12 etc.
c1 c2 c3 c4 c5
c6 c7 c8 c9 c10
c11 c12 etc.
Plain Text :V E R NA M C I P H E R
Numeric Equivalent : 21 4 17 13 0 12 2 8 15 7 4 17
+Random Number : 76 48 16 82 44 3 58 11 60 5 48 88
= Sum : 97 52 33 95 44 15 60 19 75 12 52 105
=Mod 26 : 19 0 7 17 18 15 8 19 23 12 0 1
Cipher text : t a h r s p I t x m a b
+ Random Stream : 0 1 0 1 1 0 1 0 1 1 1 0 1 0 1
Cipher text :111110010111000
•Books
•CD
•Speed of transformation
•Low error propagation ISSOPMI WEHTUA..
Y
Disadvantage Plain text Cipher text
Cipher text(F)
Plain text (A)
Disadvantage Y
Plain text Cipher text
•Slowness of encryption
Cipher
•Error propagation
•The set of keys and the encryption algorithm should be free from complexity
Reasons:
•Algorithms are difficult to change
•Cannot design an algorithm for every pair of users
•Expert review
•No security through obscurity!
Confusion
The interceptor should not be able to
predict what changing one character in
the plaintext will do to the ciphertext
Plaintext
Ciphertext
Diffusion
The characteristics of distributing the
information from single plaintext letter
over the entire ciphertext
Plaintext
KASUN
ANHYJ
Ciphertext
Information System Security Sunday, September 08, 2019 58
Brute Force Search
Unconditional security
no matter how much computer power is
available, the cipher cannot be broken since the
ciphertext provides insufficient information to
uniquely determine the corresponding plaintext
Computational security
given limited computing resources (e.g. time
needed for calculations is greater than age of
universe), the cipher cannot be broken