Cryptography & Network SecurityIntroductionChester RebeiroIIT MadrasCR
The Connected WorldCR2
Information StorageCR3
Increased Security Breaches81% more in ecutive-summary-02.pdf4
Security Threats(why difficult to prevent?)Networks / Communication linksHardwareSystem Software(Operating Systems / Hypervisor)ApplicationsAttackers need to target theweakest link in the chainCRPeripherals5
Security Studies (Research)(an ocean)Networks / Communication linksNetwork SecurityHardwareHardware SecuritySystem SecuritySystem Software(Operating Systems / Hypervisor)OS SecurityApplicationsCloud SecurityWeb SecurityCryptographyDBMS SecurityCRPeripherals Embedded Security6
Cryptography A crucial component in all security systems Fundamental component to achieve– ConfidentialityAllows only authorized users access to dataCR7
Cryptography(its use) A crucial component in all security systems Fundamental component to achieve– Confidentiality– Data IntegrityCryptography can be used to ensure that onlyauthorized users can make modifications(for instance to a bank account number)CR8
Cryptography(its use) A crucial component in all security systems Fundamental component to achieve– Confidentiality– Data Integrity– AuthenticationCryptography helps prove identitiesCR9
Cryptography(its use) A crucial component in all security systems Fundamental component to achieve– Confidentiality– Data Integrity– Authentication– Non-repudiationI did notsend thatThe sender of a message cannotclaim that she did not send itCR10
Scheme for Confidentialityuntrusted communication linkAliceBobmessageAttack at Dawn!!Problem : Alice wants to send a messageto Bob (and only to Bob) through an untrustedcommunication linkCRMallory11
EncryptionKEAlicemessage“Attack at Dawn!!”untrusted communication linkD#%AR3Xf34 decryptionencryption(ciphertext)ESecrets Only Alice knows the encryption key KE Only Bob knows the decryption key KDCRKDBob“Attack at Dawn!!”MalloryOnly sees ciphertext.cannot get the plaintext messagebecause she does not know the keys12
Encryption AlgorithmsKEAliceKDuntrusted communication linkBobD#%AR3Xf34( “Attack at Dawn!!”decryptionencryption(ciphertext)E Should be easy to compute for Alice / Bob (who know the key) Should be difficult to compute for Mallory (who does not know the key) What is ‘difficult’? Ideal case : Prove that the probability of Mallory determining the encryption /decryption key is no better than a random guess Computationally : Show that it is difficult for Mallory to determine the keyseven if she has massive computational powerCR13
Algorithmic Attacks Can Mallory use tricks to break the algorithmE There by reducing the ‘difficulty’ of getting thekey.CR14
Encryption KeysKEAliceKDuntrusted communication linkBobD#%AR3Xf34( “Attack at Dawn!!”decryptionencryption(ciphertext)E How are keys managed– How does Alice & Bob select the keys?– Need algorithms for key exchangeCR15
Ciphers Symmetric Algorithms– Encryption and Decryption use the same key– i.e. KE KD– Examples: Block Ciphers : DES, AES, PRESENT, etc. Stream Ciphers : A5, Grain, etc. Asymmetric Algorithms– Encryption and Decryption keys are different– KE KD– Examples: RSA ECCCR16
Cipher ImplementationsCryptography is always an overhead !! For security, the algorithms need to be computationintensive. Often require large numbers, complex mathematicaloperations. Design Challenges: Performance, Size, Power. Algorithms to achieve thisCR17
Encryption DevicesKEAlicemessage“Attack at Dawn!!”untrusted communication linkBobD“Attackat Dawn!!”#%AR3Xf34( decryptionencryption(ciphertext)ESide ChannelsEg. Power consumption / radiationof device, execution time, etc.CRKDMalloryGets information about the keys by monitoringSide channels of the device18
Side Channel Analysis00111AliceEencryptionmessage“Attack at Dawn!!”Radiation fromDeviceSecret informationCR0011119
Ciphers Design ChallengesTradeoffs between Security , Speed, Side-Channel AttacksWe want crypto algorithms to be fast and smallFor security, the algorithms arecomputationally intensive.Typically use large numbers,complex operationsCRNeed to protect against sidechannel attacks.
Cryptography Study Mathematics EngineeringMathematicsElectrical Engg.cryptographyPhysicsCRComputer Sc.21
Some Hot Research Trendsefficient implementationscryptanalysispost-quantum cryptographyLeakage resilient cryptographyside channel analysisCRprivacy enhancing securitylight weight cryptographycloud securityhomomorphic encryption22
The Plan Ahead How are ciphers designed?––––Ideal security vs Computational securityBlock ciphers / Stream ciphersAsymmetric key ciphersTrade offs between security and implementation Attacks– Algorithmic / Side Channel Analysis Applications– How are they used to achieve confidentiality, integrity,authentication, non-repudiation Case Studies– Network security aspects, BitcoinsCR23
Course Structure Classical Cryptography Shannon’s Theory Block Ciphers– DES, AES, their implementations and their attacks Stream Ciphers Digital Signatures and Authentication– Hash functions Public key ciphers– RSA, implementations, and attacks Side channel analysis Network Security aspects Case Studies : BitcoinsCR24
Expected Learning Outcomes What you would learn by the end of the courseDistinguish between cipher algorithms- Where to use what algorithm?Evaluate ciphers and their implementations for security- Mathematical cryptanalysis of some algorithms- Side channel based attacks on cipher implementationsApply algorithms to solve security problems in networksand real-world systemsCR25
Books / ReferencesTextbooks(STINSON) ''Cryptography: Theory and Practice", Third Edition, by Douglas R.Stinson, CRC Press, Taylor and Francis GroupReferences(STALLINGS) ''Cryptography and Network Security: Principles and Practices'',Sixth Edition, by William Stallings(HANDBOOK) ''Handbook of Applied Cryptography'', Fifth Printing, by Alfred J.Menezes, Paul C. van Oorschot, and Scott A. Vanstone, CRC Press(HARDSEC) ''Hardware Security : Design, Threats, and Safeguards", byDebdeep Mukhopadhyay and Rajat Subhra Chakraborty, CRC Press, Taylorand Francis GroupCR26
Grading Quiz 1 : 20%Quiz 2 : 20%End semester : 40%Assignments : 20%– Surprise tests / Tutorials / Programming assignments /minute papers / Google groups / etc.Self Study vs Attending Classes Same tutorials / assignments / quizzes / etc. Grading policy is differentCR27
Course Webpages For slides / syllabus / schedule etc.http://www.cse.iitm.ac.in/ chester/courses/16e cns/index.html For discussions / announcements / submissionsCSE MoodleGoogle Groups (cnsiitm 2016)CR28
Logistics CS26 Time:––––CRTuesdays : 11:00 - 11:50 AMWednesdays : 10:00 - 10:50 AMThursdays : 8:00 - 8:50 AMFridays : 2:00 – 2:50 PM29
Sixth Edition, by William Stallings (HANDBOOK) ''Handbook of Applied Cryptography'', Fifth Printing, by Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, CRC Press (HARDSEC) ''Hardware Security : Design, Threats, and Safeguards", by
of public-key cryptography; providing hands-on experience with some of the most common encryption algorithms that are used on the internet today. Modern Cryptography Introduction Outline 1 Introduction 2 Historical Cryptography Caesar Cipher 3 Public{Key Cryptography
Cryptography and Java Java provides cryptographic functionality using two APIs: JCA - Java Cryptography Architecture - security framework integrated with the core Java API JCE - Java Cryptography Extension - Extensions for strong encryption (exported after 2000 US export policy)
integrating together cryptography and Steganography through image processing. In particular, we present a system able to perform Steganography and cryptography at the same time. In this paper, both Cryptography and Steganography methods are used for data security over the network. IRIS i
Fourth Edition Chapter 11 Basic Cryptography . Objectives Define cryptography Describe hash, symmetric, and asymmetric cryptographic algorithms List the various ways in which cryptography is used Security Guide to Network Security Fundamentals, Fourth Edition 2 . Introduction Multilevel approach to information security
Cryptography with DNA binary strands and so on. In terms of DNA algorithms, there are such results as A DNA-based, bimolecular cryptography design, Public-key system using DNA as a one-way function for key distribution, DNASC cryptography system and so on. However, DNA cryptography is an
network security. This paper covers the various cipher generation algorithms of cryptography which are helpful in network security. Cryptography in the past was used in keeping military information, diplomatic correspondence secure and in protecting the national security
basic cryptography concerns secure communication between two parties, while in this course we are interested in cryptographic protocols in multiuser/network context prerequisites: a previous course in cryptography (e.g. C&O 487, Applied Cryptography) is helpful but not required mat
Keywords: network security, cryptography, decryption, encryption Cite This Article: Shyam Nandan Kumar, “Review on Network Security and Cryptography.” International Transaction of Electrical and Computer Engineers System, vol. 3, no. 1 (2015): 1-11. doi: 10.12691/iteces-3-1-1. 1. Introduction Internet has become more and more widespread, if an