UNIT I INTRODUCTION TO SECURITY

Computer Security Concepts – The OSI Security Architecture – Security Attacks – Security
Services and Mechanisms – A Model for Network Security – Classical encryption techniques:
Substitution techniques, Transposition techniques, Steganography – Foundations of modern
cryptography: Perfect security – Information Theory – Product Cryptosystem – Cryptanalysis.

COMPUTER SECURITY
The protection afforded to an automated information system in order to attain
the applicable objectives of preserving the integrity, availability, and confidentiality of
information system resources (includes hardware, software, firmware, information/ data, and
telecommunications).
This definition introduces three key objectives that are at the heart of computer
security.
1) Confidentiality: This term covers two related concepts:
Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information related to
them may be collected and stored and by whom and to whom that information may be
disclosed.
2) Integrity: This term covers two related concepts:
Data integrity: Assures that information and programs are changed only in a specified and
authorized manner.
System integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
3)Availability: Assures that systems work promptly and service is not denied to authorized
users.
These three concepts form what is often referred to as the CIA triad (Figure 1.1). The three
concepts embody the fundamental security objectives for both data and for information and
computing services.
Confidentiality: Preserving authorized restrictions on information access and disclosure,
including means for protecting personal privacy and proprietary information. A loss of
confidentiality is the unauthorized disclosure of information.

• Integrity: Guarding against improper information modification or destruction,including

ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorized
modification or destruction of information.
• Availability: Ensuring timely and reliable access to and use of information. A loss of
availability is the disruption of access to or use of information or an information system.
Although the use of the CIA triad to define security objectives is well established, some in
the security field feel that additional concepts are needed to present a complete picture. Two
of the most commonly mentioned are,
• Authenticity: The property of being genuine and being able to be verified and trusted;
confidence in the validity of a transmission, a message, or message originator. This means
verifying that users are who they say they are and that each input arriving at the system came
from a trusted source.
• Accountability: The security goal that generates the requirement for actions of an entity to
be traced uniquely to that entity. This supports non-repudiation, deterrence, fault isolation,
intrusion detection and prevention, and after-action recovery and legal action. Because truly
secure systems are not yet an achievable goal, we must be able to trace a security breach to a
responsible party. Systems must keep records of their activities to permit later forensic
analysis to trace security breaches or to aid in transaction disputes.
 UNIT-2
MATHEMATICS OF SYMMETRIC KEY CRYPTOGRAPHY:

Algebraic structures
Cryptography requires sets of integers and specific operations that are defined for those
sets. The combination of the set and the operations that are applied to the elements of the set
is called an algebraic structure. Three common algebraic structures: groups, rings, and fields.

MODULAR ARITHMETIC
If a is an integer and n is a positive integer, we define a mod n to be the remainder when a is
divided by n. The integer n is called the modulus.
Congruent modulo
Two integers a and b are said to be congruent modulo n if a (mod n)≡ b (mod
n)

a ≡ b (mod n) 73 ≡
4 mod 23

Properties of modulo operator

Congruences have the following properties:

1. a≡ b (mod n) if n|(a-b)
2. a≡ b (mod n) implies b≡ a( mod n)
3. a ≡ b (mod n) and b ≡ c (mod n) imply a ≡ c (mod n).

Modular Arithmetic Operations

Modular arithmetic exhibits the following properties:

1. [(a mod n) + (b mod n)] mod n = (a + b) mod n

2. [(a mod n) - (b mod n)] mod n = (a - b) mod n
3. [(a mod n) * (b mod n)] mod n = (a * b) mod n
11 mod 8 = 3; 15 mod 8 = 7

[(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 = 2

(11 + 15) mod 8 = 26 mod 8 = 2

[(11 mod 8) - (15 mod 8)] mod 8 = -4 mod 8 = 4

(11 - 15) mod 8 = -4 mod 8 = 4

 UNIT II SYMMETRIC KEY CRYPTOGRAPHY

SYMMETRIC KEY CRYPTOGRAPHY: Algebraic structures - Modular arithmetic-Euclid‟s algorithm-

Congruence and matrices - Groups, Rings, Fields- Finite fields SYMMETRIC KEY CIPHERS: SDES –
Block cipher Principles of DES – Strength of DES – Differential and linear cryptanalysis - Block cipher
design principles – Block cipher mode of operation – Evaluation criteria for AES – Advanced Encryption
Standard - RC4 – Key distribution.

ALGEBRAIC STRUCTURES
 Cryptography requires sets of integers and specific operations that are defined for those sets.
 The combination of the set and the operations that are applied to the elements of the set is called
an Algebraic Structure.
MODULAR ARITHMETIC

If a is an integer and n is a positive integer, we define a mod n to be the remainder when a is divided by
n. The integer n is called the modulus.

The division relationship (a = q × n + r) discussed in the previous

section has two inputs (a and n) and two outputs (q and r). In modular arithmetic, we are interested in only
one of the outputs, the remainder r.

The modulo operator is shown as mod. The second input (n) is called the modulus. The output r is called the
residue.
 UNIT III PUBLIC KEY CRYPTOGRAPHY

MATHEMATICS OF ASYMMETRIC KEY CRYPTOGRAPHY: Primes – Primality

Testing – Factorization – Euler‘s totient function, Fermat‘s and Euler‘s Theorem – Chinese
Remainder Theorem – Exponentiation and logarithm
ASYMMETRIC KEY CIPHERS: RSA cryptosystem – Key distribution – Key
management – Diffie Hellman key exchange -ElGamal cryptosystem – Elliptic curve
arithmetic-Elliptic curve cryptography.

MATHEMATICS OF ASYMMETRIC KEY CRYPTOGRAPHY

PRIME NUMBER
An integer p > 1 is a prime number if and only if its only divisors are ±1 and ±p. Any
integer a> 1 can be factored in a unique way as

where p1 <p2 <…< pt are prime numbers and where each ai is a positive integer.

Eg, 91 = 7 * 13
3600 = 24 * 32 * 52
11011 = 7 * 112 * 13

If P is the set of all prime numbers, then any positive integer a can be written uniquely in
the following form:

It is easy to determine the greatest common divisor of two positive integers if we express
each integer as the product of primes
Eg 300 = 22 * 31 * 52
18 = 21 * 32
gcd(18, 300) = 21 * 31 * 50 = 6

The following relationship always holds: If k = gcd(a, b), then kp = min(ap, bp) for all p.

TESTING FOR PRIMALITY

For many cryptographic algorithms, it is necessary to select one or more very large
prime numbers at random. Thus, we are faced with the task of determining whether a given
large number is prime. There is no simple yet efficient means of accomplishing this task.

Miller-Rabin Algorithm
The algorithm due to Miller and Rabin [MILL75, RABI80] is typically used to test a
large number for primality.
TEST (n)
1. Find integers k, q, with k > 0, q odd, so that (n - 1 = 2kq);
2. Select a random integer a, 1 < a < n - 1;
3. if aqmod n = 1 then return("inconclusive");
4. for j = 0 to k - 1 do
5. if a2jqmod n = n - 1 then return("inconclusive");
6. return("composite");
 UNIT IV MESSAGE AUTHENTICATION AND INTEGRITY

Authentication requirement – Authentication function – MAC – Hash function –

Security of hash function and MAC – SHA –Digital signature and authentication
protocols – DSS
Entity Authentication: Biometrics, Passwords, Challenge Response protocols-
Authentication applications – Kerberos, X.509

MESSAGE AUTHENTICATION
 is a mechanism or service used to verify the integrity of a message.
 Message authentication is concerned
with:
 protecting the integrity of a message
 validating identity of originator
 non-repudiation of origin (dispute resolution)

AUTHENTICATION REQUIREMENT
1. Disclosure: Release of message contents to any person or process not
possessing the appropriate cryptographic key.
2. Traffic analysis: Discovery of the pattern of traffic between parties. In a
connection- oriented application, the frequency and duration of connections
could be determined. In either a connection- oriented or connectionless
environment, the number and length of messages between parties could be
determined.
3. Masquerade: Insertion of messages into the network from a fraudulent
source. This includes the creation of messages by an opponent that are
purported to come from an authorized entity.
4. Content modification: Changes to the contents of a message, including
insertion, deletion, transposition, and modification.
5. Sequence modification: Any modification to a sequence of messages between
parties, including insertion, deletion, and reordering.
6. Timing modification: Delay or replay of messages. In a connection-oriented
application, an entire session or sequence of messages could be a replay of
some previous valid session, or individual messages in the sequence could be
delayed or replayed. In a connectionless application, an individual message
(e.g., datagram) could be delayed or replayed.
7. Source repudiation: Denial of transmission of message by source.
8. Destination repudiation: Denial of receipt of message by destination.

Summary:
Message authentication
 A procedure to verify that messages come from the alleged (suspected)
source and have not been altered
 Message authentication may also verify sequencing and timeliness
Digital signature
 An authentication technique that also includes measures to counter
repudiation by either source or destination
 UNIT-5

CYBER SECURITY