Network Security Components - Information Security
Plain Text
Original data is in this format
Data before encryption
Cipher Text => Data after encryption
Stream Cipher
Keys and Algorithms are applied to every bit of data
Block Cipher
Keys and Algorithms are applied to every block of data
Generally key/blocks sizes are taken as 40, 56, 64, 128, 256 bits
Electronic Codebook (ECB)
Block is taken of 64 bits and same key is taken
Every plain text is independently encrypted and decrypted
In large messages blocks can be repeated which can make pattern recognition by attackers easier
Cipher Block Chaining (CBC)
Same key is used to encrypt and decrypt
Initialization Vector (IV) => Should be complex
Cipher Feedback (CFB) Mode
Top register is of "n" bits
1 < s < n
Blocks are divided into "s" bits
IV is put into register for the first time which is then encrypted using key
Select MSB "s" bits which is then used for encryption with plain text
This cipher text is again loaded into register by doing "s" left shift in register which is then used to repeat the encryption process for next block
Same process is used for decryption by first loading IV in the register
Output Feedback (OFB) Mode
Like CFB but instead of cipher, Output is used as feedback
Counter (CTR) Mode
Counter size is same as plain text size
Feistel Cipher
Plain text block is divided into 2 parts denoted by "L" and "R"
Rounds are boxes in which encryption is done
XOR operation is performed between "L" and output of Round function
Round/Encryption Function takes "R" and key as input
Specific keys (Subkeys) are used for each round derived from original key
"L" and "R" are interchanged as given as input to new round
At the end, "L" and "R" are combined to generate cipher text
RSA (Rivest, Shamir, Adlemann) Algorithm
Choose 2 prime numbers, "p" & "q"
Compute n = p*q
Φ(n) = Φ(p*q) = Φ(p)*Φ(q)
Choose "e", 1 < e < Φ(n), Co-prime to Φ(n)
O(e, n) is public key
Determine "d" as e*d = 1 mod Φ(n)
d = e-1 mod Φ(n) => "d" is MI of "e"
d = (Φ(n) * i) + 1/e => Increment "i" till answer is not in decimals
O(d, n) is private key
Encryption
c = pe mod n, p < n
Decryption
p = cd mod n, p < n
Data Encryption Standard (DES)
Data (Plain Text) is divided into blocks of 64 bits
Rearrange bots into a particular order by Initial Permutation
key is taken of 64 bits and then key transformation (Compression Permutation) is performed
Remove 8 parity bits to get Permuted Choice 1 (PC1) by removing every 8th bit and rearrange
Divide 56 bits into 2 equal half and apply Left Circular Shift (LS)
Shift by 1 bit if Round number is 1, 2, 9, 16 otherwise shift by 2 bits
Select 48 bits out of 56 to get PC2
Round function takes two inputs and gives the output to next round function
First input is divided into 2 parts and then Expansion Permutation is performed to get 48 bits out of 32 bits
XOR is performed with PC2 output
Substitution (S-Box)
Total 8 box are present which takes 6 bits as input as gives 4 bits as output
Generates a cell value from the table by taking first & last value as row number and middle 4 values as column number and represents it in 4 bits
Based on Feistel Cipher method with "R" value going up to 16
Round 16 output is swapped and given to final permutation (Inverse Initial Permutation)
Advanced Encryption Standard (AES)
Plain text of 128 bits is represented with Input array of 16 bytes (4 word)
Each cell represents 1 byte and each column represents 1 word
1 word = 32 bits
Key is first represented in matrix
Expand key into 44 words
Add round key
Performs XOR operation between previous output and key of 4 words
State array
Used to represent intermediate state
Rounds
Substitute bytes
Also takes S-Box of 16x16 as input along with State matrix
Cell number is generated by taking 8 bit binary representation of each cell where first 4 digits converted to number for row number and last 4 for column number
Each cell of state matrix is updated with new value taken from S-table
Cell value is then represented again in 8 bit binary
Shift Rows
Row number represents the number of bits to be shifted
Circular Shift towards Left
Mix column
Multiply by a predefined 4x4 matrix
Not performed in Round 10
SHA-1 (Secure Hash Algorithm - 1)
Variable length message is first divided into blocks/chunks of 512 bits where message length is 448 bits and 64 bits of original message length
Message padding is used to reach 448 bits if required by "1000..."
Message scheduling algorithm (MSA) converts the 512 bits into 16 words of 32 bits each given as inputs to rounds using formula wt
Round
Given word and 160 bit input and output given to next round
Initial 160 bit input of 32 bits each is generated
80 Rounds are divided into 4 stages
Function "f" and key "k" are different for each stage
Addition Modulo 232 is performed at last and the output is again given to Round 0 for next chunk of message
Final output is the required hash value
Encryption
Converts data to cipher text, User by sender
Decryption
Converts data back to plain text, User by receiver
Cryptography
Types
Symmetric (Secret/Private) Key Cryptography
Single key is used, Faster, Utilizes less resources
Bulk data transmission
DES and AES algorithms are used
Asymmetric (Public) Key Cryptography
2 keys are used, Slower, Utilizes more resources
Securely exchanging the keys
RSA and DiffieHellman algorithms are used
Techniques
Substitution Cipher Techniques => Substituting by another letter
Caesar Cipher
Converting plain text into cipher text
Steps
C = E(3, P) = (P + 3) mod 26
P = D(3, C) = (C - 3) mod 26
Less complexity but low security
PlayFair Cipher
Given Message & Keyword
Construct a 5x5 table
Start filling cells by writing keyword from left to right and top to bottom
Then fill rest of the cells with remaining letters from the alphabet which are not included
"i" & "j" are written together
Decompose Message
Take pair of 2 without repetitions
Pair with "x" if nothing else present
Convergence
If letters of the pair are present in same column then replace them with the immediate down letter
If letters of the pair are present in same row then replace them with the immediate right letter
If letters of the pair are not present in same row or column then form a rectangle connecting them and replace letter with the letter present in same row of the opposite diagonal
One Time Pad (Vernam Cipher)
Assign numbers to all the alphabets from 0 to 25
Assign numbers to all the alphabets of the message
Generate a random key (Separate for each message) of same length as message and assign them their numbers
(Plain Text No. + Key No.) Mod 26
Write letters from the numbers to form cipher text
Decryption => (Cipher Text No. - Key No.) Mod 26
Hill Cipher Encryption
Select a "VALU" and convert it into NxN matrix format and assign numbers to the alphabets to generate a key (K)
Write the message in Nx1 matrix format and assign numbers to the alphabets
C = K*P mod 26 and convert it into alphabets
M mod 26 > Subtract the result with its floor value > Multiply by 26
Combine them to form cipher text
Transposition Cipher Techniques => Changing position
Columnar Transposition
Create a table of NxN filling its cells with the letters of the message
Generate a key with random arrangements of column numbers from 1 to "N"
Generate cipher text by writing letters of the columns (taken in order using Key) from top to bottom
Keyless Transposition
Write message in zig-zag pattern with 2 rows, First letter in row 2
Write cipher text by writing letters row-wise from left to right
Cryptanalyst
People trying to break cipher text into understandable format
Key
Unique code for encryption and decryption
Public key => Available to everyone
Private key => Not shared with anyone
Kerckhoffs's principle states that "only secrecy of the key provides security," while Shannon's maxim continues "the enemy knows the system"
Steganography
Covered/Secret writing => Sending data by covering it in another data
Techniques => LSB, Image/Video, Still Imagery
Steganalyst
People trying to break covered text into understandable format
