DOCSLIB.ORG

Data Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Data Security DATA SECURITY Asst.Prof.Dr. Ali Kadhim Data Security 2 Asst.Prof.Dr. Ali Kadhim Chapter 2. Elementary Cryptography In this chapter Concepts of encryption Cryptanalysis: how encryption systems are "broken" Symmetric (secret key) encryption and the DES and AES algorithms Asymmetric (public key) encryption and the RSA algorithm Key exchange protocols and certificates Digital signatures Cryptographic hash functions Cryptography secret writing is the strongest tool for controlling against many kinds of security threats. Well-disguised data cannot be read, modified, or fabricated easily. Cryptography is rooted in higher mathematics: group and field theory, computational complexity, and even real analysis, not to mention probability and statistics. Fortunately, it is not necessary to understand the underlying mathematics to be able to use cryptography. We begin this chapter by examining what encryption does and how it works. We introduce the basic principles of encryption with two simple encryption methods: substitution and transposition. Next, we explore how they can be expanded and improved to create stronger, more sophisticated protection. Because weak or flawed encryption provides only the illusion of protection, we also look at how encryption can fail. We analyze techniques used to break through the protective scheme and reveal the original text. Three very popular algorithms are in use today: DES, AES, and RSA. We look at them in some detail to see how these and other algorithms can be used as building blocks with protocols and structures to perform other computing tasks, such as signing documents, detecting modification, and exchanging sensitive data. Chapter 12 offers a deeper analysis of encryption techniques and algorithms, including their mathematical bases, the mechanisms that make them work, and their limitations. Most users of cryptography will never invent their own algorithms, just as most users of electricity do not build their own power generators. Still, deeper knowledge of how cryptography works can help you use it effectively, just as deeper knowledge of energy issues helps you understand the environmental and cost trade-offs among different energy sources. This chapter offers you a rudimentary understanding of what cryptography is; but we encourage you to study the details in Chapter 12 to better understand the implications of each choice of 2.1. Terminology and Background Consider the steps involved in sending messages from a sender, S, to a recipient, R. If S entrusts the message to T, who then delivers it to R, T then becomes the transmission medium. If an outsider, O, wants to access the message (to read, change, or even destroy it), we call O an interceptor or intruder. Any time after S transmits it via T, the message is vulnerable to exploitation, and O might try to access the message in any of the following ways: Block it, by preventing its reaching R, thereby affecting the availability of the message. Intercept it, by reading or listening to the message, thereby affecting the confidentiality of the message. Modify it, by seizing the message and changing it in some way, affecting the message's integrity. Fabricate an authentic-looking message, arranging for it to be delivered as if it came from S, thereby also affecting the integrity of the message. Data Security 3 Asst.Prof.Dr. Ali Kadhim As you can see, a message's vulnerabilities reflect the four possible security failures we identified in Chapter 1. Fortunately, encryption is a technique that can address all these problems. Encryption, probably the most fundamental building block of secure computing, is a means of maintaining secure data in an insecure environment. (It is not the only building block, however.) In this book, we study encryption as a security technique, and we see how it is used in protecting programs, databases, networks, and electronic communications. Terminology Encryption is the process of encoding a message so that its meaning is not obvious; decryption is the reverse process, transforming an encrypted message back into its normal, original form. Alternatively, the terms encode and decode or encipher and decipher are used instead of encrypt and decrypt.[1] That is, we say that we encode, encrypt, or encipher the original message to hide its meaning. Then, we decode, decrypt, or decipher it to reveal the original message. A system for encryption and decryption is called a cryptosystem. [1] There are slight differences in the meanings of these three pairs of words, although they are not significant in this context. Strictly speaking, encoding is the process of translating entire words or phrases to other words or phrases, whereas enciphering is translating letters or symbols individually; encryption is the group term that covers both encoding and enciphering. The original form of a message is known as plaintext, and the encrypted form is called ciphertext. This relationship is shown in Figure 2-1. For convenience, we denote a plaintext message P as a sequence of individual characters P = <p1, p2, …, pn>. Similarly, ciphertext is written as C = <c1, c2, …, cm>. For instance, the plaintext message "I want cookies" can be denoted as the message string <I, ,w,a,n,t, , c,o,o,k,i,e,s>. It can be transformed into ciphertext <c1, c2, …, c14>, and the encryption algorithm tells us how the transformation is done. Figure 2-1. Encryption. We use this formal notation to describe the transformations between plaintext and ciphertext. For example, we write C = E(P) and P = D(C), where C represents the ciphertext, E is the encryption rule, P is the plaintext, and D is the decryption rule. What we seek is a cryptosystem for which P = D(E(P)). In other words, we want to be able to convert the message to protect it from an intruder, but we also want to be able to get the original message back so that the receiver can read it properly. Encryption Algorithms The cryptosystem involves a set of rules for how to encrypt the plaintext and how to decrypt the ciphertext. The encryption and decryption rules, called algorithms, often use a device called a key, denoted by K, so that the resulting ciphertext depends on the original plaintext message, the algorithm, and the key value. We write this dependence as C = E(K, P). Essentially, E is a set of encryption algorithms, and the key K selects one specific algorithm from the set. We see later in this chapter that a cryptosystem, such as the Caesar cipher, is keyless but that keyed encryptions are more difficult to break. This process is similar to using mass-produced locks in houses. As a homeowner, it would be very expensive for you to contract with someone to invent and make a lock just for your house. In addition, you would not know whether a particular inventor's lock was really solid or how it compared with those of other inventors. A better solution is to have a few well-known, well- respected companies producing standard locks that differ according to the (physical) key. Then, you and your neighbor might have the same model of lock, but your key will open only your Data Security 4 Asst.Prof.Dr. Ali Kadhim lock. In the same way, it is useful to have a few well-examined encryption algorithms that everyone could use, but the differing keys would prevent someone from breaking into what you are trying to protect. Sometimes the encryption and decryption keys are the same, so P = D(K, E(K,P)). This form is called symmetric encryption because D and E are mirror-image processes. At other times, encryption and decryption keys come in pairs. Then, a decryption key, KD, inverts the encryption of key KE so that P = D(KD, E(KE,P)). Encryption algorithms of this form are called asymmetric because converting C back to P involves a series of steps and a key that are different from the steps and key of E. The difference between symmetric and asymmetric encryption is shown in Figure 2-2. Figure 2-2. Encryption with Keys. A key gives us flexibility in using an encryption scheme. We can create different encryptions of one plaintext message just by changing the key. Moreover, using a key provides additional security. If the encryption algorithm should fall into the interceptor's hands, future messages can still be kept secret because the interceptor will not know the key value. Sidebar 2-1 describes how the British dealt with written keys and codes in World War II. An encryption scheme that does not require the use of a key is called a keyless cipher. The history of encryption is fascinating; it is well documented in Kahn's book [KAH96]. Encryption has been used for centuries to protect diplomatic and military communications, sometimes without full success. The word cryptography means hidden writing, and it refers to the practice of using encryption to conceal text. A cryptanalyst studies encryption and encrypted messages, hoping to find the hidden meanings. Both a cryptographer and a cryptanalyst attempt to translate coded material back to its original form. Normally, a cryptographer works on behalf of a legitimate sender or receiver, whereas a cryptanalyst works on behalf of an unauthorized interceptor. Finally, cryptology is the research into and study of encryption and decryption; it includes both cryptography and cryptanalysis. Data Security 5 Asst.Prof.Dr. Ali Kadhim Sidebar 2-1: Silken Codes Marks [MAR98] describes the life of a code-maker in Britain during World War II. That is, the British hired Marks and others to devise codes that could be used by spies and soldiers in the field. In the early days, the encryption scheme depended on poems that were written for each spy and relied on the spy's ability to memorize and recall them correctly.
Load more

Recommended publications
  • Making Speech-Matter: Recurring Mediations in Sound Poetics and Its Contemporary Practice
    ORBIT - Online Repository of Birkbeck Institutional Theses Enabling Open Access to Birkbecks Research Degree output Making Speech-Matter: Recurring Mediations in Sound Poetics and its Contemporary Practice http://bbktheses.da.ulcc.ac.uk/35/ Version: Full Version Citation: Pester, Holly (2013) Making Speech-Matter: Recurring Mediations in Sound Poetics and its Contemporary Practice. PhD thesis, Birkbeck, University of London. c 2013 The Author(s) All material available through ORBIT is protected by intellectual property law, including copyright law. Any use made of the contents should comply with the relevant law. Deposit guide Contact: email 1 Making Speech-Matter: Recurring Mediations in Sound Poetics and its Contemporary Practice Holly Pester Birkbeck, University of London PhD 2013 2 I, Holly Pester, confirm that the work presented in this thesis is my own. Where information has been derived from other sources, I confirm that this has been indicated in the thesis. ---------------------------------------------- 3 Abstract This thesis produces a critical and creative space for new forms of sound poetics. Through a reflective process combining theoretical research and poetic practice – performances, text-scores and installations – the thesis tests the contemporary terms of intermedial poetics and sound poetry, establishing a conceptual terminology for speech-matter. Beginning with a study of 1960s sound poet Henri Chopin and his relation to the tape machine, I argue that this technological mediation was based on a poetics of analogue sound hinged on bodily engagement. Social and physical properties of the tape machine contribute to a mode of practice that negotiates the body, machine, and effort. Exploring Michel Serres’s concept of parasitic noise and the relation of interference to lyric appeal, via the work of Denise Riley and Hannah Weiner, I understand sound poetics as a product of lyrically active noise.
    [Show full text]
  • Ministry of Defence Acronyms and Abbreviations
    Acronym Long Title 1ACC No. 1 Air Control Centre 1SL First Sea Lord 200D Second OOD 200W Second 00W 2C Second Customer 2C (CL) Second Customer (Core Leadership) 2C (PM) Second Customer (Pivotal Management) 2CMG Customer 2 Management Group 2IC Second in Command 2Lt Second Lieutenant 2nd PUS Second Permanent Under Secretary of State 2SL Second Sea Lord 2SL/CNH Second Sea Lord Commander in Chief Naval Home Command 3GL Third Generation Language 3IC Third in Command 3PL Third Party Logistics 3PN Third Party Nationals 4C Co‐operation Co‐ordination Communication Control 4GL Fourth Generation Language A&A Alteration & Addition A&A Approval and Authorisation A&AEW Avionics And Air Electronic Warfare A&E Assurance and Evaluations A&ER Ammunition and Explosives Regulations A&F Assessment and Feedback A&RP Activity & Resource Planning A&SD Arms and Service Director A/AS Advanced/Advanced Supplementary A/D conv Analogue/ Digital Conversion A/G Air‐to‐Ground A/G/A Air Ground Air A/R As Required A/S Anti‐Submarine A/S or AS Anti Submarine A/WST Avionic/Weapons, Systems Trainer A3*G Acquisition 3‐Star Group A3I Accelerated Architecture Acquisition Initiative A3P Advanced Avionics Architectures and Packaging AA Acceptance Authority AA Active Adjunct AA Administering Authority AA Administrative Assistant AA Air Adviser AA Air Attache AA Air‐to‐Air AA Alternative Assumption AA Anti‐Aircraft AA Application Administrator AA Area Administrator AA Australian Army AAA Anti‐Aircraft Artillery AAA Automatic Anti‐Aircraft AAAD Airborne Anti‐Armour Defence Acronym
    [Show full text]
  • Books Pages 10/2
    book reviews when conditions were right, selection plus establishing with whom one is communicat- replied, and all were caught and executed. recombination would restore the original ing and verifying that their messages have Much of Between Silk and Cyanide con- genetic message. But this is to assume that not been altered en route. Indeed, some of cerns the unfortunate consequences of the selection can act simultaneously at many loci, the earliest forms of writing may have origi- ‘poem code’ initially used by the SOE, and which requires that each of the multitude of nated as a side effect of an authentication Marks’ effort to substitute more secure codes, genetic changes should be separately advan- device — the Sumerian bulla, a sealed clay including the provably unbreakable ‘one- tageous. This is precisely the assumption he vessel containing loose tokens representing time pad’. The poem code was insecure has rejected in order to conclude that inter- the kinds and quantities of goods in an because it depended on having the agent vention from outer space is needed. accompanying shipment. memorize a poem. If the Germans could It is sad to see such a creative mind devot- Users of secret codes have often been guess the poem, or force a captured agent to ed to reaching such an absurd conclusion. It lulled into a false sense of security, with reveal it, they could read all the agent’s previ- might have been better for the reputation of a regard to both secrecy and authentication. A ous messages as well as forging new ones to great scientist if this book had been left to the famous example described by Singh is the their liking, which would be accepted by the decent obscurity of a facsimile edition.
    [Show full text]
  • 20151019-Website TICOM and the INTELLIGENCE CORPS CIGY
    1 TICOM and the Intelligence Corps DRAMATIS PERSONAE TICOM TEAM 1 PERSONNEL *Oeser, O. Wing Commander RAFVR. (Chief TRO) A Cambridge psychologist and friend of Winterbotham, he had joined Hut 3 in the summer of 1940. In 1941 he was Hut 3 Dep. Air Advisor. By June 1942 was Head of Hut 3(Air) and by late 1942 he was head of the newly formed Hut 3(L) where he made Enigma and Fish priority decisions. He became professor of psychology at the University of Melbourne. By the age of 27 he had graduated from four universities in three countries and had gained doctorates in two disciplines. *Campaigne, H. Lieutenant Commander USNR (Deputy Chief) As a young man with a PhD in mathematics he had sent the navy a homemade design for an encryption device which was rejected. He gained his commission in December 1941. He was eventually to become NSA research chief as head of REMP (Research, Engineering, Math & Physics). Barringer, H. Capt AUS. (US Army). Carter, T. Captain IC (Intelligence Corps) A Lieutenant though there was a Captain TM Carter at the time in the Corps working in ‘Special employment’ which usually referred to serving in MI5, MI6, MI8; there is no record of his working at B.P.. Cockerell, H. Lieutenant RNVR He served in the Naval Section of B.P. where he was department head of N.S.111J Administration and Manning. After TICOM, he and Pickering stayed on in Germany in search of various wanted persons Coolidge, J. Lieutenant (J.G) USNR Crowe, R. Major AUS.
    [Show full text]
  • MOD Acronyms and Abbreviations
    MOD Acronyms and Abbreviations Definitions for terms and acronyms used throughout MOD documents. Acronym Long Title 1ACC No. 1 Air Control Centre 1SL First Sea Lord 2 PUS Second Permanent Under Secretary 2 PUS Second Permanent Under Secretary of State 200D Second OOD 200W Second 00W 2C Second Customer 2IC Second in Command 2Lt Second Lieutenant 2nd PUS Second Permanent Under Secretary of State 2SL Second Sea Lord 2SL/CNH Second Sea Lord Commander in Chief Naval Home Command 3D 3 Dimensional 3IC Third in Command A in A Appropriations in Aid A&A Alteration & Addition A&A Alterations & Additions A&A Approval and Authorisation A&AEE Aeroplane and Armament Experimental Establishment A&AEW Avionics And Air Electronic Warfare IPT A&ER Ammunition and Explosive Regulations A&ER Ammunition and Explosives Regulations A&Ers Ammunition and Explosive Regulations A&SD Arms and Service Director A/AS Advanced/Advanced Supplementary level qualifications a/c or A/C Aircraft A/D Air Defence A/G Air-to-Ground A/G/A Air Ground Air A/R As Required A/S Anti-Submarine A/S or AS Anti Submarine A/WST Avionic/Weapons, Systems Trainer A3*G Acquisition 3-Star Group A3I Accelerated Architecture Acquisition Initiative A3P Advanced Avionics Architecture and Policy A3P Advanced Avionics Architectures and Packaging (TDP) AA Accommodation Allowance AA Active Adjunct (sonar) AA Administering Authority AA Administrative Assistant. Civil Service grade AA Air Adviser AA Air Attache AA Air-to-Air AA Alterations and Additions AA Alternative Assumption AA Anti-Aircraft AA Application
    [Show full text]
  • Proceedings of the 1St International Conference on Historical Cryptology
    HistoCrypt 2018 Proceedings of the 1st International Conference on Historical Cryptology June 18-20, 2018 Uppsala University Uppsala, Sweden Proceedings of the 1st International Conference on Historical Cryptology HistoCrypt 2018 Editor Beata´ Megyesi June 18-20, 2018 Department of Linguistics and Philology Uppsala University Sweden Published by NEALT Proceedings Series 34 Linkoping¨ University Electronic Press, Sweden Linkoping¨ Electronic Conference Proceedings No. 149 ISSN: 1650-3686 eISSN: 1650-3740 ISBN: 978-91-7685-252-1 URL: http://www.ep.liu.se/ecp/contents.asp?issue=149 SPONSORS Preface: Program Chair We are very pleased to introduce the proceedings of the International Conference on Historical Cryptology (HISTOCRYPT 2018), held at the Department of Linguistics and Philology on the English Park Campus, Uppsala University, Sweden, between June 18 and 20, 2018. HISTOCRYPT addresses all aspects of historical cryptology/cryptography includ- ing work in closely related disciplines (such as history, history of ideas, computer science, AI, computational linguistics, linguistics, or image processing) with rele- vance to historical ciphertexts and codes. The subjects of the conference include, but are not limited to the use of cryptography in military, diplomacy, business, and other areas, analysis of historical ciphers with the help of modern computerized methods, unsolved historical cryptograms, the Enigma and other encryption machines, the his- tory of modern (computer-based) cryptography, linguistic aspects of cryptology, the influence of cryptography on the course of history, or teaching and promoting cryp- tology in schools, universities, and the public. HISTOCRYPT represents a continuation of the friendly events of European Histor- ical Ciphers Colloquiums (EuroHCC) held in Heusenstamm (2012), Kassel (2016), and Smolenice (2017) to discuss on-going research in historical cryptology in Europe.
    [Show full text]