2. OUTLINE
• Network Fundamentals
• OSI
• TCP/IP
• Protocols
• Information security
• Overview
• Components
• Common Attacks
• Cryptography
• Traditional
• Modern
• Authorization & Authentication
• Firewall
• Access control
• Next Generation
• Hack The Box
• Tools
• VM
• Packet Tracer
• Kali & Nethunter
3. NETWORK FUNDAMENTALS
INTRODUCTION
A network is a set of devices (often referred to as nodes) connected by communication
links. A node can be a computer, printer, or any other device capable of sending and/or
receiving data generated by other nodes on the network.
Standards:
De facto standards that have not been approved by an organized body but have been
adopted as standards through widespread use.
De jure those standards that have been legislated by an officially recognized body.
ISO, IEEE, ANSI, TIA, IETF, ITU-T
5. OSI REFERENCE MODEL
• De Jure Standard
Established in 1947, the International Standards
Organization (ISO) is a multinational body
dedicated to worldwide agreement on
international standards. An ISO standard that
covers all aspects of network communications is
the Open Systems Interconnection (OSI) model.
It was first introduced in the late 1970s.
7. TCP/IP MODEL
• Open De Facto Standard
• Governed by IETF Working
• Support for a flexible architecture
• Adding more system to a network is easy.
• In TCP/IP, the network remains intact until
the source, and destination machines were
functioning properly.
• TCP is a connection-oriented protocol.
• TCP offers reliability and ensures that data
which arrives out of sequence should put
back into order.
• TCP allows you to implement flow control,
so sender never overpowers a receiver with
data.
8. INFORMATION SECURITY
OVERVIEW
• What is security?
• In general, security is “The quality or state of
being secure that is to be free from danger”.
• To be protected from adversaries from those
• who would do harm, intentionally or otherwise
• A successful organization should have
• Physical security is to protect
• physical objects, or areas of an organization from
unauthorized access and misuse
• Personal Security is to protect
• individual or group who are authorized to access
the organization and its operations
• Operations Security is to protect
• details of a particular operation or series of
activities
• Communications Security is to protect
• an organization’s communications media,
technology, and content
• Network security is to protect
• networking components ,connections, and contents
• Information Security is to protect
• information, critical elements, including the
systems and hardware.
9. INFORMATION SECURITY
An Information System is much more than computer hardware. It is the security of entire set:
• software, hardware, data, people, and procedures necessary to use information as a resource
• within and outside the organization
Briefly, information security is a work of
• Securing the component
• computer as a subject of attack (compute used as active tools for attack)
• computer as a object of attack (it is the entity being attack)
• Security and Access Balancing
• Perfect security is not possible
• Security should be considered a balance between protection and availability
• Security must allow reasonable access
• yet protect against threat
11. COMPONENTS OF InfoSec
• Confidentiality
• concealment of information or resources
• only seen by people who have the right to see it
• keeping information secret from unauthorized access
• Integrity
• refers to the trustworthiness of data or resources
• preventing improper or unauthorized change
• ensuring that information remains intact and unaltered
• includes both the correctness and the trustworthiness of the data
• Availability
• ability to use the information or resource desired
• having access to your information when you need it
• no person or event is able to block legitimate or timely access to information
• Information is useless if it is not available
• In some cases information needs to be changed constantly
• it must be accessible to those authorized to access it
12. ADDITIONAL OBJECTIVES
• Authenticity
• being genuine and able to be verified or trust
• to ensure that the data, transactions, communications or documents
• are genuine
• authenticity to validate that both parties involved are who they claim to be
• Accountability
• involves actions of an entity can be traced uniquely
• nonrepudiation, deterrence, fault isolation, intrusion, detection and prevention
• one party of a transaction cannot deny having received a transaction
• nor can the other party deny having sent a transaction
• Non-repudiation implies one’s intention to fulfill their obligations to a contract
13. COMMON SECURITY ATTACKS
• Attacks Threatening Confidentiality
• snooping and traffic analysis
• Snooping refers to unauthorized access to or interception of data
• Traffic analysis: information collected by an intruder by monitoring online traffic
• Attacks Threatening Integrity
• modification, masquerading, replaying and repudiation of information
• Attacks Threatening Availability
• Denial of Service (DOS) attack
• Make system so busy that it might collapses
• intercept message sent in one direction such that
• Sending system believe that other party or message has lost
• It should be resent
14. COMMON SECURITY ATTACKS
• Interruption: This is an attack on availability
• Disrupting traffic
• Physically breaking communication line
• Interception: This is an attack on confidentiality
• Overhearing, eavesdropping over a communication line
• Modification: This is an attack on integrity
• Corrupting transmitted data or tampering with it before it
reaches its destination
• Fabrication: This is an attack on authenticity
• Faking data as if it were created by a legitimate and
authentic party
15. CRYPTOGRAPHY
Cryptography!!
• Greek word, means “Secret Writing”
• Cryptography is used for information security
• To protect information from unauthorized or accidental disclosure
• Transform usable information to a for that renders
• unusable by anyone other than an authorized user
• this process is called encryption
• original message is known as plain text
• message sent through channel is referred to as cypher text
• Encrypted information can be transformed back into original usable form
• known as decryption
• done by cryptographic key
16. CYPHER TEXT GENERATION
Types of cypher text
• Traditional Ciphers: hiding information from intruders
• Substitution Ciphers
• Replace one symbol with another
• plain text characters are replaced by other characters
• Transposition Ciphers
• Does not substitute
• change the position of the symbols
• Modern symmetric key cyphers
• traditional cypher is no longer secure ??
• thus, modern symmetric-key ciphers have been developed
• combination of substitution, transposition and some other complex transformations
• Examples
• DES: Data Encryption Standard: developed by NIST in 1977;
• AES: Advanced Encryption Standard: NIST in 2001 (shortcoming of DES)
17. CRYPTOGRAPHY
ASYMMETRIC KEY
Asymmetric Key Cryptography
• used for confidentiality
• Unlike symmetric key cryptography; distinctive keys are used
• Private key and public key
• A public key encryption is only decrypt by private key
Both symmetric and asymmetric exist in parallel
• In symmetric key cryptography a secret token is shared between two parties
• in asymmetric key cryptography: token is unshared by two parties. Creates their own
token
• issues are: performance?? Key transfer?? Complement of each other(!!)
• advantage of one compensate the disadvantage of others
18. CRYPTOGRAPHY
TERMINOLOGIES
• Plaintext – original text
• Cipher Text – Encrypted text
• Cryptology – the art and science of making and breaking “secret codes.”
• Cryptography – the making of “secret codes.”
• Cryptanalysis – the breaking of “secret codes.”
• Crypto — a synonym for any or all of the above (and more), where the precise meaning should be
clear from context
• Decrypt – cipher text to plain text
We will discuss on
• Classical Crypto-system
• Symmetric key cryptography
• Public key cryptography
• Hash functions
• Advanced Cryptanalysis
19. OBJECTIVES OF CRYPTOSYSTEM
Objectives of the Cryptosystem
• make it infeasible to recover plain text from ciphertext
However, According to Kerckhoffs’ Principle
• Inner working mechanisms of cryptography are completely known to the attacker
• Design of cipher is not secret
• cipher – must not require to be secret
Why?
• Reverse engineering may discover the technique
• crypto algorithm must be tested with extensive public analysis
• without rigorous public testing – it may failed (ex. microsoft)
Security?: Best known attack on the system is impractical, in the sense of being computationally
impossible.
20. CLASSICAL CRYPTO SYSTEM
SUBSTITUTION
Cryptography for Confidentiality
• Substitution
• Transposition
Substitution Method
• cipher text generated by substituting the letter of n places ahead of current letter
• By looking each plain text letter and substitute by another letter
Convention: plain text in lowercase. cipher text in uppercase
Brute-force attack and exhaustive key search
How large the keyspace is?. If 240 per second
• keyspace of 256 can be exhausted in 216 seconds, 264 would take more than half a year; 2128
requires nine quintillion years.
22. CLASSICAL CRYPTO SYSTEM
TRANSPOSITION
Double Transposition Method
• Write the plain text into an array or matrix
• permute rows and columns
• suppose plain text in 3 × 4 matrix
Now, if we permute the rows according to (1, 2, 3) → (3, 2, 1) and then transpose the columns
according to (1, 2, 3, 4) → (4, 2, 1, 3) we obtain,
Cipher text is the final array
Bad news are in transposition symbols are there
Good news is – to break statistical information is not helpful
23. SYMMETRIC CRYPTOGRAPHY
BLOCK CIPHER
Block Cipher
• Splits plain text in fixed-sized blocks
• generated fixed-sized blocks of cipher
• an iterating function F is used for some number of round
• The function F is depends of output of the previous round and key K
• F is known as round function
• Example: Feistel Cipher describe the general principle
24. DATA ENCRYPTION STANDARD
Data Encryption Standard
• Developed in 1970 by IBM called Lucifer cipher
• For commercial use US NBS (now NIST) issues a request for cipher
• NBS has little number of crypto expert, therefore they turned to Gov secret agency NSA.
NSA design and use cipher and it is super secret
• But NSA was reluctant to get involved with DES
• Under pressure they agreed to study the Lucifer cipher provided that its role would not be
public
• eventually, people think NSA may placed backdoor so NSA along can break the code
• NSA changes the original Lucifer cipher to design DES
• Key length reduced to 64 from 128
• Also, found that 8-bits of 64-bits key was effectively discarded
• exhaustive key search reduce from 2127 to 255
25. DES STRUCTURE
• Change was made in Lucifer to involve
substitution box or S-boxes
• 16-round
• 64-bit block length
• 56-bit key
• 48-bit subkey from 56-bit key
• eight S-boxes map 6-bits to
• 4-bits. 48-bits to 32-bits.
• Lookup table
• round function as
• Ri = Li−1⊕[F(Ri−1,Ki) =
P−box(S−boxes(Exapnd(Ri−1)⊕Ki))]
• Li = Ri−1
26. DES: DISCUSSION
Comments on DES
• Mathematicians are very good at solving linear equations
• only part S-Box is non-linear of DES and it is the fundamental security
component
• DES is today vulnerable because of the key is too small
• In theory, less work or computation is needed for exhaustive key search
• It was designed to process in a system with small (byte) sized words
• Variation is triple-DES with large key is more effective
27. PUBLIC KEY CRYPTOGRAPHY
In Symmetric Cryptography
• Same key is used for encryption and decryption
• Need secure distribution of key!! – important problem
Asymmetric Key Cryptography
• Two different keys are used for encryption and decryption
• Eliminate most vexing problem to distribute symmetric key
• Public key for encryption
• Private key for decryption
• Some public keys are used only to transfer symmetric key
28. PUBLIC KEY ENCRYPTION
BACKGROUND
Background
• Is invented by GCHQ (British equivalent of NSA) in late 1960-70 and Academic researcher
shortly thereafter.
• Government cannot grasp the full potential of Public key encryption
• Compared to symmetric key, public key is recent.
• it was a revolution of cryptography
• it lay dormant until the academicians pushed it into the limelight
Based on very special mathematical structure. It also based on trapdoor one way function.
Compute one direction but hard to compute other directions.
• A trap door feature ensure that attacker cannot use public information to recover the private
information
29. HOW DOES IT WORK?
General Idea
• Generates two prime numbers p and p provides very large N where N = pq
• for a given sufficiently large N, it is difficult to find factors p and q
• Two large key pair Public Key and Private Key.
• Any one want to transfer data to receiver must use receiver public key to encrypt
• Only receiver’s private key can decrypt the message
• For digital signature – sender use it’s private key to encrypt and any one can
verify (integrity) sender’s message (decrypt) by using sender’s public key.
• sender’s digital signature is attached with the message therefore copy of
signature is not possible
• example: knapsack cryptography – one of the first practical example of public
key encryption
30. KNAPSACK PUBLIC KEY
CRYPTOGRAPHY
Knapsack Public Key Cryptography
• Diffie and Hellman conjectured that public cryptography is possible
• They only offer key exchange policy
• nearly at the same time: Merkle-Hellman proposed a cryptosystem based on NP-Hard problem
• For the cryptosystem Knapsack problem is defined as,
Definition (Knapsack Problem)
Given a set (n) of weight as W0, W1, · · · , Wn−1 and desired sum S, find a0, a1, a2, · · · ,
an−1 for each ai ∈ {0, 1}. So that
S = a0W0 + a1W1 + a2W2 + · · · + an−1Wn−1
with a maximum number of elements
31. KNAPSACK PROBLEM
EXAMPLE
Suppose the weights are: 85, 13, 9, 7, 47, 27, 99, 86 and S = 172 then the solution exists and given by,
a = (a0, a1, a2, a3, a4, a5, a6, a7) = (11001100)
since, 85 + 13 + 47 + 27 = 172
• Knapsack problem is NP-Complete but special Knapsack superincreasing knapsack can be solved in
linear time
• Definition (Superincreasing Knapsack)
• It is variant of general Knapsack where weights are arranged in increasing order such that each weight
is greater than sum of previous weights as,
Wi> 𝑗=0
𝑖−1
𝑊𝑗
Example: 3, 6, 11, 25, 46, 95, 200, 411
32. KNAPSACK CRYPTOGRAPHY
Steps of Knapsack Cryptography
• Generate a superincreasing Knapsack, example: (2, 3, 7, 14, 30, 57, 120, 251)
• Convert the superincreasing knapsack into a general knapsack.
• Choose n and m relatively prime;
• where m is a multiplier and n is greater sum of all elements
• convert general knapsack to superincreasing knapsack
• The public key is the general knapsack.
• The private key is the superincreasing knapsack together with the conversion factors
33. CONVERT TO SUPERINCREASING
KNAPSACK
Let multiplier m = 41 and modulus n = 491 then for the following superincreasing Knapsack:
(2, 3, 7, 14, 30, 57, 120, 251), the general Knapsack is
2m = 2 × 41 = 82 mod 491
3m = 3 × 41 = 123 mod 491
7m = 7 × 41 = 287 mod 491
14m = 14 × 41 = 83 mod 491
30m = 30 × 41 = 248 mod 491
57m = 57 × 41 = 373 mod 491
120m = 120 × 41 = 10 mod 491
251m = 251 × 41 = 471 mod 491
≡ {82, 123, 287, 83, 248, 373, 10, 471}
Therefore, the public key is {82, 123, 287, 83, 248, 373, 10, 471} and the private key is {2, 3, 7, 14,
30, 57, 120, 251, 12} and multiplicative inverse(modulo) 41−1 mod 491 = 12. Which can be
determined 12 = (w × 491)/41 + 1, w > 0 such that (w × 491) is divisible by m = 41.
34. EXAMPLE
Example (public key encryption)
Let M = 11001011, and public and private keys are show as above, then, encrypt message M:
C = 82 + 123 + 248 + 10 + 471 = 934
Decrypt cipher text C:
C.𝑚−1mod n = (934 × 12) mod 491 = 406
Now solve the super increasing Knapsack problem as, and the solution is
2 × 1 + 3 × 1 + 7 × 0 + 14 × 0 + 30 × 1 + 57 × 0 + 120 × 1 + 251 × 1
= 2 + 3 + 30 + 120 + 251
= 406
and the message is 11001011
35. DOWNSIDE OF KNAPSACK CIPHER
Downside of Knapsack cipher
• General Knapsack is a NP-Complete problem
• The bottom line is that the general Knapsack which is generated from superincreasing Knapsack
is not really a General Knapsack
• In 1983 Shamir broke it using apple II computer
• The lattice reduction attack take the advantages of such structure
• lattice reduction attack – easily recover plain text from cipher text
• Therefore, it is not secure
There are variant of Knapsack cipher, that are more secure, but people are reluctant to use
them since the name “knapsack” is forever tainted
36. CRYPTOGRAPHIC HASH FUNCTION
A cryptographic hash function h(x) must have the following features
• Compression: for a input x, the output length of y = h(x) is small. In practice the length is
fixed (e.g., 160 bits), regardless of the input
• Efficiency: Must be easy to computer h(x) regardless of the input
• On way: Not invertible; For a give y = h(x), for any x’ it is infeasible to compute y from
h(x’)
• Weak collision resistance: It is infeasible to change message without changing the hash.
• For a given x and h(x), it is infeasible to find any y, with y 6= x such that h(y) = h(x)
• Strong collision resistance: It’s infeasible to find any x and y, such that x != y and h(x) =
h(y). Cannot find two input producing same output
Let 128-bit hash calculated from 150-bits input, then there are 222 collision on average. The
collision resistance property states that it should be computationally hard to calculate.
37. BIRTHDDAY ATTACK
Birthday attack
• recall the birthday problem we can find √2^N = 2^n/2different input, we can expect a
collision or two input that hash the same value
• the attacker can find the same value as h(M) = h(M’) (!!)
• It is a brute-force attack similar to exhaustive key search
38. AUTHORIZATION
Authorization
• Authentication is the issue which establish identity
• Authorization deals with situation where we already authenticated
• The decision of authentication is binary permitted to enter the system or not
• authorization can be a much more ne grained process
• Firewall { is the form of access control for the network.
• CAPTCHA which is a form of access control to restrict access to human
• Intrusion detection come on scene when rewall fails
• Authorization was often considered the heart of information security
• today it seems like quaint notion.
39. ACCESS CONTROL MATRIX
Lampson's access control matrix
• this matrix contains all of the relevant information needed by an operating system
• Make decision which user allowed to do and what to do
• ACL and Capabilities (C-Lists) are derived from Lampson's access control matrix
Subject: is the user of the system and Object is the system resources. An example: (Row
present the subject, on the other hand column tells about objects)
40. FIREWALL
Firewall -What does it mean?
• A firewall acts a lot like a secretary for your network.
• The firewall examines requests for access to your network, and it decides whether they pass a
reasonableness test.
• If so, they are allowed through, and, if not, they are refused.
Firewall Terminology and Types
• Packet Filter
• Stateful packet filter
• Application Proxy