CLO 1

Lecture#01
Introduction To Information and
Network Security
Course: Cryptography & Network Security (CE-408)
Course Teacher: Dr. Rukaiya

Contact Info:

Room No: BS-02, CED

Email: [email protected]

1
 Course Description
• PRE-REQUISITE: MS-204 Discrete Mathematics / CE-402 Computer
Communication and Networks

• COURSE OBJECTIVE
The objective of this course is to introduce concepts related to cryptography and
Network Security. Different security algorithms and mechanisms will be
presented and solutions to security threats will be discussed.

• COURSE BOOK

Recommended Books:
 Stallings, William. Cryptography and Network Security: Principles and
Practice, 8th Edition, published by Pearson Education, 2020, ISBN 978-0-13-
670722-6

Reference Books:
 Forouzan, Behrouz A. Cryptography and Network Security, January 2010
Edition 2nd, Published by Tata McGraw-Hill, ISBN- 10: 0073327530

2
 Brief Course Outline
• Introduction to data and network security,
• Goals, threats and attacks,
• Advanced Persistent Threats, Security mechanisms,
• Difference between Cryptography and cryptanalysis,
• Traditional substitution and transposition cipher,
• Modern symmetric-key cryptography,
• Simplified DES, DES design principals, Double DES, Triple DES,
• Concept of Blockchain with its applications,
• Block cipher modes of operation,
• Raijndael Algorithm, Mechanism of encryption in AES,
• Principles of Public Key Cryptosystem,
• RSA Algorithm,
• Diffie-Hellman Key Exchange,
• Application of cryptographic Hash functions,
• Secure Hash Algorithm (SHA),
• Key management and distribution,
• Network Security Mechanisms,
• IPSec, Virtual Private Network,
• Firewalls and Intrusion Detection and Prevention Systems

3
Course Learning Outcomes w.r.t.
Program Learning Outcomes

4
Course Learning Outcomes w.r.t.
Program Learning Outcomes

5
 Importance of the Course
Cybersecurity professionals are in high demand across a wide variety of industries.
A recent LinkedIn search for “cybersecurity” resulted in more than 50,000 search results

2023
Top
Cybersecurity
Trends

https://www.devoteam.com/expert-view/11-cybersecurity-trends-for-2023/ 6
 Importance of the Course
Roles in Cybersecurity
• CISO (Chief Information Security Officer)
• Cybersecurity Analyst
• SOC Analyst
• Forensic Analyst
• Security Auditor
• Cybersecurity Specialist
• Cybersecurity Engineer
• Cybersecurity Manager
• Cybersecurity Architect
• Cybersecurity Consultant Top recruiters for cyber security experts
• Penetration Tester/ Ethical Hacker
• Deloitte
Recruiters in Pakistan • Accenture
• Systems Limited • AT&T, Venm
• Catalyic Security Pvt. Ltd • IBM
• Invo Zone • Oracle
• Genesis Lab • Infosys
• Yottabyte • Microsoft
• Others • Apple
• Samsung
7
 Approximately 1 in 13 web requests has malicious
intent

• Eye-opening: Email is the top carrier of malware.

• Roughly 29% of users and 35% of organizations open phishing emails.

• 25% of healthcare organizations use the public cloud report not encrypting patient
data.

• Particularly ransomware attacks that have become more severe (healthcare)

• Caused some companies to shut down and others to put emergency response plans in
place to avoid being shuttered.

https://truelist.co/blog/cybercrime-statistics/ 8
Most Challenging areas to
defend

9
 What is Cybersecurity?

The collection of tools, policies, security concepts, security safeguards,

guidelines, risk management approaches, actions, training, best
practices, assurance, and technologies that can be used to protect the
cyberspace environment and organization and users’ assets

Assets include:
Connected computing devices personnel, infrastructure, applications,
services, telecommunications systems, and the totality of transmitted and/or
stored information in the cyberspace environment.

10
 Cybersecurity

Cybersecurity

Information
Network Security
Security

Information Security

Refers to preservation of confidentiality, integrity, and availability of

information. In addition, other properties, such as authenticity, accountability,
nonrepudiation, and reliability can also be involved.

Network Security

Refers to protection of networks and their service from unauthorized

modification, destruction, or disclosure, and provision of assurance that the
network performs its critical functions correctly and there are no harmful side
effects.
11
CIA Triad

12
 Security Objectives

• Cybersecurity introduces three key objectives that are at the heart of information and
network security:
 Confidentiality: This term covers two related concepts:
 Data confidentiality: Assures that private or confidential information is not
made available or disclosed to unauthorized individuals
 Privacy: Assures that individual's control or influence what information
related to them may be collected and stored and by whom and to whom that
information may be disclosed

13
 Security Objectives
 Integrity: This term covers two related concepts:
Data integrity:
 Assures that data and programs are changed only in a specified and
authorized manner.
 It encompasses data authenticity, which means that a digital object is
indeed what it claims to be or what it is claimed to be
System integrity: Assures that a system performs its intended function in
an unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system
Nonrepudiation, assurance that the sender of information is provided with
proof of delivery and the recipient is provided with proof of the sender’s
identity, so neither can later deny having processed the information

 Availability: Assures that systems

work promptly, and service is not
denied to authorized users

14
Security Objectives

15
 Information Security Challenges

• Security is not simple • Security mechanisms

typically involve more than a
• Potential attacks on the particular algorithm or
security features need to be protocol
considered
• Security is essentially a
• Procedures used to provide battle of wits between a
particular services are often perpetrator and the designer
counter-intuitive
• Little benefit from security
• It is necessary to decide investment is perceived until
where to use the various a security failure occurs
security mechanisms
• Strong security is often
• Requires constant monitoring viewed as a hurdle to
efficient and user-friendly
• Is too often an afterthought
operation

16
 Cyberattacks Faced
• According to a report, following are top 10 challenges thar faced and
being faced in year 2021 and 2023 respectively.
1. Ransomware attacks

2. IoT attacks
3. Cloud attacks
4. Phishing attacks
5. Blockchain and cryptocurrency attacks
6. Software vulnerabilities

7. Machine learning and AI attacks

8. BYOD policies
9. Insider attacks
10.Outdated hardware

https://www.jigsawacademy.com/blogs/cyber-security/challenges-of-cyber-security/ 17
 OSI Security Architecture

A processing or communication
service that enhances the
security of the data processing
systems and the information
transfers of an organization

Any action that A process (or a Intended to counter security

compromises the device incorporating attacks, and they make use of
security of such a process) that one or more security
information owned is designed to mechanisms to provide the
by an organization detect, prevent, or service
recover from a
security attack

18
19
Threats and Attacks

20
 Security Attacks
• A means of classifying security attacks, used both in X.800 and RFC
4949, is in terms of passive attacks and active attacks

An active attack attempts to

alter system resources or affect
their operation

• Involve some modification of the data stream or the creation of a false stream

• Difficult to prevent because of the wide variety of potential physical,

software, and network vulnerabilities

• Instead, the goal is to detect attacks and to recover from any disruption
or delays caused by them

21
 Types of Active Attacks
• Masquerade
• Takes place when one entity pretends to be a different entity
• E.g., authentication sequences can be captured and replayed
after a valid authentication sequence has taken place

22
 Types of Active Attacks
• Replay
• Involves the passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect

23
 Types of Active Attacks
• Data Modification
• Some portion of a legitimate message is altered, or messages
are delayed or reordered to produce an unauthorized effect

24
 Types of Active Attacks
• Denial of Service (DoS)
• Prevents or inhibits the normal use or management of
communications facilities

25
 Security Attacks

A passive attack attempts to learn or make use of information from the

system but does not affect system resources

• Are in the nature of eavesdropping on, or monitoring of, transmissions

• Goal of the opponent is to obtain information that is being transmitted

26
 Types of Passive Attacks
1. Traffic Analysis

2. Release of Message Content

27
28
29
30
Authentication
• Concerned with assuring that a communication is authentic
 In the case of a single message, assures the recipient that the
message is from the source that it claims to be from

 In the case of ongoing interaction, assures the two entities are

authentic and that the connection is not interfered with in such a
way that a third party can masquerade as one of the two legitimate
parties

Password-based Authentication 31
 Authentication Services
• Two specific authentication services
are defined in X.800: Peer-to-Peer

• Peer entity authentication

 Provides for the verification of the
identity of a peer entity in an
association.
 Two entities are considered peers if
they implement the same protocol
in different systems.
 It is provided for use at the
establishment of, or at times during
the data transfer phase of, a
connection.
 It attempts to provide confidence that
an entity is not performing either a
masquerade or an unauthorized
replay of a previous connection

32
Authentication Services
• Data origin authentication
 Also known as message authentication,
 It is an assurance that the source of the information is indeed
verified.
 It guarantees data integrity because if a source is
corroborated, then the data must not have been altered.
 Various methods, such as Message Authentication
Codes (MACs) and digital signatures are most commonly used.

33
 Access Control
• The ability to limit and control the access to host systems and
applications via communications links
• To achieve this, each entity trying to gain access must first be
identified, or authenticated, so that access rights can be tailored
to the individual
• Major components:
 Authentication (who someone is)
 Authorization (on which app, file, or data user has access to)
 Access,
 Manage, and
 Audit (Accountability)

34
 Access Control
• Access control can be split into two groups designed to improve physical
security or cybersecurity:

• Physical access control Methods:

 Perimetral (boundaries)
 Building
 Work areas
 Servers and networks

• Technical uses of Physical security controls:

 ID Badges
 List and logs
 Door access control systems (Fingerprints, face recognition, RFID etc.)
 Tokens
 Proximity sensors
 Physical block
 Cameras
35
 Access Control
• Logical access control
 limits access to computers, networks, files and other sensitive data,
e.g., a username and password.

• Logical access control Methods

 Access control Lists (ACLs)
 Government Policies and Compliances
 Password policies
 Devices Policies
 Day and time restrictions
 Accounts
 Centralized
 Decentralized
 Expiration

 BYOD, BYOC,
 BYOEverything

*MDM: Mobile Device Management

36
Data Confidentiality
• The protection of transmitted data
from passive attacks
 Broadest service protects all user data
transmitted between two users over a
period of time

 Narrower forms of service includes the

protection of a single message or even
specific fields within a message

• The protection of traffic flow from

analysis
 This requires that an attacker not
be able to observe the source and
destination, frequency, length, or
other characteristics of the
traffic on a communications facility

37
Data Integrity

Can apply to a stream of messages, a single

message, or selected fields within a message

Connection-oriented integrity service, one that

deals with a stream of messages, assures that
messages are received as sent with no duplication,
insertion, modification, reordering, or replays

A connectionless integrity service, one that deals

with individual messages without regard to any
larger context, generally provides protection
against message modification only

38
 Nonrepudiation
• Prevents either sender or receiver from denying a transmitted
message

• When a message is sent, the receiver can prove that the alleged
sender in fact sent the message

• When a message is received, the sender can prove that the alleged
receiver in fact received the message

39
 Availability Service
• Protects a system to ensure its availability
• This service addresses the security concerns raised
by denial-of-service (DoS) attacks
• It depends on proper management and control of
system resources and thus depends on access
control service and other security services

40
41
 Security Mechanisms
Cryptographic Algorithms
• Two cryptographic mechanisms.
• Reversible mechanism is simply an encryption algorithm
that allows data to be encrypted and subsequently decrypted.
• Irreversible mechanisms include hash algorithms and
message authentication codes, which are used in digital
signature and message authentication applications.

Data Integrity

• This category covers a variety of mechanisms used to assure

the integrity of a data unit or stream of data units.

Digital Signature
Data appended to, or a cryptographic transformation of, a data
unit that allows a recipient of the data unit to prove the source
and integrity of the data unit and protect against forgery.

42
 Security Mechanisms
Authentication Exchange
• A mechanism intended to ensure the identity of an entity by
means of information exchange.
Traffic Padding
• The insertion of bits into gaps in a data stream to frustrate
traffic analysis attempts.
Routing Control
Enables selection of particular, physically or logically secure
routes for certain data and allows routing changes, especially
when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain properties of a
data exchange
Access Control
A variety of mechanisms that enforce access rights to
resources.
43
44
 Keyless Algorithms
• Deterministic functions that have certain properties useful
for cryptography
• One type of keyless algorithm is the cryptographic hash
function
 A hash function turns a variable amount of text into a small, fixed-
length value called a hash value, hash code, or digest

 A cryptographic hash function is one that has additional

properties that make it useful as part of another cryptographic
algorithm, such as a message authentication code or a digital
signature
 A pseudorandom number generator produces a
deterministic sequence of numbers or bits that has the
appearance of being a truly random sequence

45
 Single-Key Algorithms
Encryption Symmetric
algorithms that use a encryption takes
Single-key single key are
cryptographic the following forms:
referred to as
algorithms depend symmetric encryption
on the use of a algorithms
secret key Block cipher
• A block cipher operates on
data as a sequence of blocks
With symmetric encryption,
an encryption algorithm takes • In most versions of the
as input some data to be block cipher, known as
protected and a secret key and modes of operation, the
produces an unintelligible transformation depends not
transformation on that data only on the current data
block and the secret key but
also on the content of
preceding blocks
A corresponding decryption
algorithm takes the
transformed data and the Stream cipher
same secret key and
recovers the original data • A stream cipher operates
on data as a sequence of
bits
• As with the block cipher,
the transformation
depends on a secret key

46
 Single-Key Algorithms

Another form of single-key cryptographic

algorithm is the message authentication
code (MAC)

A MAC is a data element associated with a data block or

message

The MAC is generated by a cryptographic transformation

involving a secret key and, typically, a cryptographic hash
function of the message

The MAC is designed so that someone in possession of the

secret key can verify the integrity of the message

The recipient of the message plus the MAC can perform the
same calculation on the message; if the calculated MAC
matches the MAC accompanying the message, this provides
assurance that the message has not been altered

47
 Asymmetric Algorithms
Encryption algorithms that use a two keys are referred to as
asymmetric encryption algorithms

Digital signature algorithm

A digital signature is a value computed with a cryptographic
algorithm and associated with a data object in such a way that
any recipient of the data can use the signature to verify the data’s
origin and integrity

Key exchange
The process of securely distributing a symmetric key to two or
more parties

User authentication
The process of authenticating that a user attempting to access an
application or service is genuine and, similarly, that the
application or service is genuine

48
Security on Network

49
 Communication Security
• Deals with the protection of communications through
the network, including measures to protect against both
passive and active attacks

• Communications security is primarily implemented using

network protocols
• A network protocol consists of the format and procedures
that governs the transmitting and receiving of data
between points in a network

• A protocol defines the structure of the individual data

units and the control commands that manage the data
transfer
• With respect to network security, a security protocol may be
an enhancement that is part of an existing protocol or a
standalone protocol

50
 Device Security
• The other aspect of network security is the protection of
network devices, such as routers and switches, and end
systems connected to the network, such as client systems and
servers
• Three types of device security are:
Firewall
• A device or service that acts as a gatekeeper, deciding what enters and exits the network.
They use a set of defined rules to allow or block traffic. A firewall can be hardware,
software, or both.
• Acts as a filter that permits or denies data traffic, both incoming and outgoing, based
on a set of rules based on traffic content and/or traffic pattern

Intrusion detection
• Hardware or software products that gather and analyze information from various
areas within a computer or a network for the purpose of finding, and providing real-
time or near-real-time warning of, attempts to access system resources in an
unauthorized manner

Intrusion prevention
• Hardware or software products designed to detect intrusive activity and attempt
to stop the activity, ideally before it reaches its target
51
52
 Standards
National Institute of Standards and Technology (NIST):

• NIST is a U.S. federal agency that deals with measurement science, standards and technology
related to U.S. government use and to the promotion of U.S. private sector innovation. Despite
its national scope, NIST Federal Information Processing Standards (FIPS) and Special
Publications (SP) have a worldwide impact

Internet Society:
• ISOC is a professional membership society with worldwide organizational and individual
membership. It provides leadership in addressing issues that confront the future of the Internet
and is the organization home for the groups responsible for Internet infrastructure standards,
including the Internet Engineering Task Force (IETF) and the Internet Architecture Board
(IAB). These organizations develop Internet standards and related specifications, all of which
are published as Requests for Comments (RFCs).

ITU-T:
• The International Telecommunication Union (ITU) is an international organization within the
United Nations System in which governments and the private sector coordinate global telecom
networks and services. The ITU Telecommunication Standardization Sector (ITU-T) is one of the
three sectors of the ITU. ITU-T’s mission is the development of technical standards covering all
fields of telecommunications. ITU-T standards are referred to as Recommendations

ISO:
• The International Organization for Standardization (ISO) is a worldwide federation of national
standards bodies from more than 140 countries, one from each country. ISO is a
nongovernmental organization that promotes the development of standardization and related
activities with a view to facilitating the international exchange of goods and services and to
developing cooperation in the spheres of intellectual, scientific, technological, and economic
activity. ISO’s work results in international agreements that are published as International
Standards
53
 Summary

• Key security requirements of confidentiality, integrity, and

availability
• Types of security threats and attacks that must be dealt with
and give examples of the types of threats and attacks that
apply to different categories of computer and network assets
• Key organizations involved in cryptography standards
• An overview of keyless, single-key and two-key cryptographic
algorithms
• An overview of the main areas of network security

54