Scribd
Upload
26 views21 pages

Information Security

The document discusses multi-level security and classical encryption techniques. It introduces the concepts of multi-level security, mandatory access control, and the Bell-LaPadula security model. The Bell-LaPadula model was introduced in 1973 to enable formally showing that a computer system can securely process classified information at different security levels. The document also defines basic terminology related to classical encryption such as plaintext, ciphertext, encryption algorithms, secret keys, and ciphers.

Uploaded by

Haider Ali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views21 pages

Information Security

The document discusses multi-level security and classical encryption techniques. It introduces the concepts of multi-level security, mandatory access control, and the Bell-LaPadula security model. The Bell-LaPadula model was introduced in 1973 to enable formally showing that a computer system can securely process classified information at different security levels. The document also defines basic terminology related to classical encryption such as plaintext, ciphertext, encryption algorithms, secret keys, and ciphers.

Uploaded by

Haider Ali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

CLASSICAL ENCRYPTION

TECHNIQUES

INFORMATION SECURITY
BS_CS 6TH 2
MULTI-LEVEL SECURITY (MLS)

 There are security classifications or security levels


 Users/principals/subjects have security clearances
 Objects have security classifications
 Example of security levels
 Top Secret
 Secret
 Confidential
 Unclassified
 In this case Top Secret > Secret > Confidential > Unclassified
 Security goal (confidentiality): ensures that information do not flow to those
not cleared for that level
3
MULTI-LEVEL SECURITY (MLS)

 The capability of a computer system to carry information with different


sensitivities (i.e. classified information at different security levels), permit
simultaneous access by users with different security clearances and needs-to-
know, and prevent users from obtaining access to information for which they
lack authorization.
 Discretionary access control fails to achieve MLS
 Typically use Mandatory Access Control
 Primary Security Goal: Confidentiality

4
MANDATORY ACCESS CONTROL(MAC)

 Mandatory access controls (MAC) restrict the access of subjects to


objects based on a system-wide policy
 Denying users full control over the access to resources that they create. The
system security policy (as set by the administrator) entirely determines the
access rights granted

5
WHAT IS A SECURITY MODEL?

 A model describes the system


 e.g., a high level specification or an abstract machine description of what the system does
 A security policy
 defines the security requirements for a given system
 Verification techniques that can be used to show that a policy is satisfied by a system
 System Model + Security Policy = Security Model

6
BELL-LAPADULA MODEL(BLP): A MAC MODEL FOR ACHIEVING
MULTI-LEVEL SECURITY

 Introduce in 1973
 Air-Force was concerned with security in time-sharing systems
 Many OS bugs
 Accidental misuse
 Main Objective:
 Enable one to formally show that a computer system can securely process classified
information

7
THE BLP SECURITY MODEL

 A computer system is modeled as a state-transition system


 There is a set of subjects; some are designated as trusted.
 Each state has objects, an access matrix, and the current access
information.
 There are state transition rules describing how a system can go from
one state to another
 Each subject s has a maximal sec level Lm(s), and a current sec level Lc(s)
 Each object has a classification level

8
ELEMENTS OF THE BLP MODEL
Lm: Max Lc: Current L: Class.
Sec. Level Sec. Level Level

Subjects Objects
Current
Accesses
Trusted
Subjects

Access Matrix 9

Security levels, e.g.: {TS, S, C, U}


CLASSICAL ENCRYPTION TECHNIQUES

 As opposed to modern cryptography


 Goals:
 to introduce basic concepts & terminology of encryption
 to prepare us for studying modern cryptography

10
BASIC TERMINOLOGY

 Plaintext: original message to be encrypted

 Ciphertext: the encrypted message

 Enciphering or encryption: the process of converting plaintext into ciphertext

 Encryption algorithm: performs encryption

 Two inputs: a plaintext and a secret key

11
 Deciphering or decryption: recovering plaintext from ciphertext

 Decryption algorithm: performs decryption


 Two inputs: ciphertext and secret key

 Secret key: same key used for encryption and decryption


 Also referred to as a symmetric key

12
 Cipher or cryptographic system : a scheme for encryption and decryption

 Cryptography: science of studying ciphers

 Cryptanalysis: science of studying attacks against cryptographic systems

 Cryptology: cryptography + cryptanalysis

13
Cryptography
Basics

 Cryptography is the science of secret, or hidden writing


 It has two main Components:
1. Encryption
– Practice of hiding messages so that they can not be read by anyone other than the intended
recipient

2. Authentication & Integrity


– Ensuring that users of data/resources are the persons they claim to be and that a message has
not been surreptitiously altered
CIPHERS

 Symmetric cipher: same key used for encryption and


decryption
 Block cipher: encrypts a block of plaintext at a time
(typically 64 or 128 bits)

 Stream cipher: encrypts data one bit or one byte at a time

 Asymmetric cipher: different keys used for


encryption and decryption
15
Encryption
Symmetric Algorithms

 Algorithms in which the key for encryption and decryption are the same are
Symmetric
 Example: Caesar Cipher
 Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message

2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
SYMMETRIC ENCRYPTION

 or conventional / secret-key / single-key


 sender and recipient share a common key
 all classical encryption algorithms are symmetric
 The only type of ciphers prior to the invention of asymmetric-key ciphers in
1970’s
 by far most widely used

17
Encryption
Cipher

Plain Text Encryption Cipher Text Decryption Plain Text


Algorithm Algorithm

 Cipher is a method for encrypting messages

Key A Key B

 Encryption algorithms are standardized & published


 The key which is an input to the algorithm is secret
 Key is a string of numbers or characters
 If same key is used for encryption & decryption the algorithm is called symmetric
 If different keys are used for encryption & decryption the algorithm is called asymmetric
Symmetric Encryption
Key Strength

 Strength of algorithm is determined by the size of the key


 The longer the key the more difficult it is to crack
 Key length is expressed in bits
 Typical key sizes vary between 48 bits and 448 bits
 Set of possible keys for a cipher is called key space
 For 40-bit key there are 240 possible keys
 For 128-bit key there are 2128 possible keys
 Each additional bit added to the key length doubles the security
 To crack the key the hacker has to use brute-force
(i.e. try all the possible keys till a key that works is found)
 Super Computer can crack a 56-bit key in 24 hours
 It will take 272 times longer to crack a 128-bit key
(Longer than the age of the universe)
SYMMETRIC CIPHER MODEL

20
SYMMETRIC ENCRYPTION

 Mathematically:
Y = EK(X) or Y = E(K, X)
X = DK(Y) or X = D(K, Y)
 X = plaintext
 Y = ciphertext
 K = secret key
 E = encryption algorithm
 D = decryption algorithm
 Both E and D are known to public

21

You might also like