Professional Documents
Culture Documents
Security Threats
Four types of security threats:
Interception refers to the situation that an unauthorized party has gained
access to a service or data.
Interruption refers to the situation in which services or data become
unavailable, unusable, or destroyed.
Modifications involve unauthorized changing of data or tampering with a
service.
Fabrication refers to the situation in which additional data or activity are
generated that would normally not exist.
Active Attacks
Passive Attacks
Snooping
MAC Layer
Attacks
Jamming
Network Layer
Attacks
Transport Layer
Attacks
Wormhole
attack
Session
hijacking
Application Layer
Attacks
Repudiation
DoS
Impersonation
Manipulation
of network
traffic
Device
tampering
Blackhole attack
Byzantine attack
Information disclosure
Resource consumption attack
Routing attacks
Other attacks
Other Attacks
Multi-layer attacks could occur in any layer of the network protocol stack.
Denial of service: An adversary attempts to prevent authorized users
from accessing the service.
Jamming: Transmitting signals on the frequency of senders and
receivers to hinder the communication.
SYN flooding: An adversary send a large number of SYN packets to
a victim node.
Distributed DoS attack: Several adversaries attack a service at the
same time.
Impersonation: An adversary pretends to be other node.
Device tampering: Mobile devices get damaged or stolen easily.
7
Key Management
Cryptography is one of the most common and reliable means to
ensure security.
The purpose of cryptography is to take a message or a file, called
the plaintext (P), and encrypt it into the ciphertext (C) in such a
way that only authorized people know how to convert it back to
the plaintext.
The secrecy depends on parameters to the algorithms called keys.
The four main goals of cryptography are confidentiality, integrity,
authentication, and non-repudiation.
Usually, the encryption method E is made public, but let the
encryption as a whole be parameterized by means of a key k (same
for decryption).
Three types of intruders:
Passive intruder only listens to messages.
Active intruder can alter messages.
Active intruder can insert messages.
Cryptography
Cryptography
There are two major kinds of cryptographic algorithms:
Symmetric (secret-key) system: Use a single key to (1) encrypt the
plaintext and (2) decrypt the ciphertext. Requires that sender and receiver
share the secret key.
Asymmetric (public-key) system: Use different keys for encryption and
decryption, of which one is private, and the other public.
Description
KA, B
K A
Public key of A
K A
Private key of A
10
Cryptography Functions
Cryptography functions
Secret key (symmetric cryptography, e.g., Substitution, Transposition)
Public key (asymmetric cryptography, e.g., RSA)
Hashing (one-way function - message digest, e.g., MD5)Security services
Security services
Privacy (Secrecy): preventing unauthorized release of information
Authentication: verifying identity of the remote participant
Integrity: making sure message has not been altered
Security
Cryptography
algorithms
Secret
key
(e.g., DES)
Public
key
(e.g., RSA)
Security
services
Message
digest
(e.g., MD5)
Privacy
Authentication
11
Message
integrity
Symmetric Cryptosystems
Substitute Cipher: each letter or group of letter is replaced by
another letter or group of letters
Caesar cipher: rotate the letter (a D, b E, c F, z C).
Example: attack DWWDFN
Monoalphabetic substitution
Each letter replaced by different letter
Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ciphertext: QWERTYUIOPASDFGHJKLZXCVBNM
Disadvantage: It does not smooth out frequencies in the cipher text.
Polyalphabatic cipher use multiple cipher alphabets.
12
Secret-Key Cryptography
Transposition cipher: reorder the letters, but don't disguise them.
Select a key
MEGABUCK
74512836
plea se tr
ansfe ron
ehundred
afnsedtoelnhesurndpaeerr
Plain text cipher text
13
Transposition Ciphers
A transposition cipher.
14
15
16
Key predestribution
Distributing the keys to interested parties before the start of
communication
But participants should agree for a priori Once deployed there is no provision for including new members
there is no provision for changing the key.
17
Key predestribution
Distributing the keys to interested parties before the start of
communication
But participants should agree for a priori Once deployed there is no provision for including new members
there is no provision for changing the key.
18
Key transport
One of the entity in the network generates key and is transported to
the members.
It assumes that, members hold a shared prior key and is used to
encrypt the new key.
This encrypted key is then transported
Any member who knows the prior key can decrypt it and can get
the new key.
This is called as KEY ENCRYPTION KEY(KEK)
It assumes the presence of TTP as PKI because prior key may not
exist with all the nodes.
One of the best method- Shamirs three phase protocol.
19
Generate K
and Kx
Encrypt as
f(kx,K)
Generate Ky
Encrypt as
g(Ky,(f(kx,K))
Decrypts
using Kx
Applies
inverse of f
Encrypt as
g(ky,K)
Decrypts
using Ky
Applies
inverse of g
20
Key arbitration
A central arbitror will create and distribute keys to all the participants
Access points are used as arbitrors in infrastructure based networks.
But APs have to be powered continuously, this may not be suitable
for adhoc n/w.
Solution is to distribute arbitration among nodes by avoiding
replication.
21
Key agrement
Two or more nodes will agree upon a secret key which is then used
for secret communication among them.
A secret context is established between agreed nodes.
Each participant will contribute a part in key management
22
23
Threshold cryptography
Network consists of n nodes
Out of n, T+1 nodes will perform arbitration(key distribution).
These nodes are alled as servers
Each server will generate a partial signature using its private key
and submits to a combiner(any one of the server)
there will b t+1 number of combiners
T+1 Combiner combines these signatures and verify its validity
using public key.
If verification fails (because of malicious nodes signature), it
means atleast one signature is in valid out of t+1
Then another set of partial signature are tried.
24
25
1
trust
trust
y
trust
26
27
28
ack
30
Types of hash
Mangalore
Bangalore
Mumbai
Chennai
3
4
5
6
0001
0010
0011
0100
3
4
5
6
0001
0010
0011
0100
0001
0010
0011
0100
31
32
Hashing
The hash code istransmitted along with original update message
Malicious node can break this hashed sequence number only if it
knows previous hash hkm+j-1
Note: this is possible only in normal hash functions (but not in
oneway
34
Timeliness
In order delivery of packets
Authenticity
Integrity
Confidentiality
(SAR)
On receival Route request a nodechecks its security level, and If security level > node's security level then the node is allowed to read n
forward
If security level = node's security level the node is allowed to only to
forward
If security level < node's security level, the node is neither allowed to read
not to forward (request is discarded)
36
37