Information Security - ~ 4.Theory of Secure Communication.

# 01 Introduction

정보보안이란 무엇인가? 

 

Preservation of confidentiality, integrity and availability of information. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.

정보의 기밀성, 무결성 및 가용성의 보존. 또한, 진정성, 책임, 부인 불가 및 신뢰성과 같은 기타 속성도 포함될 수 있습니다.

 

⭐️ CIA : Confidentiality, Integrity, Availability

 

- Authentication :: 인증

: Am I really talking to my friend?

- Confidentiality :: 기밀성

: Is infomation exposed to others? :: 정보가 타인에게 노출되었는가?

- Integrity :: 무결성

: Is the data not tampered with? :: 데이터가 변조되지는 않았는가?

- Anonymization

: Does my vote contain information about me without revealing about me?

- Authorization :: 권한

: Does the person has a right to vote?

- Availability :: 가용성

: Can the legitimate voter have access to the voting station?

- Privacy

: Does my vote contain my choice without revealing sensitive info?

 

 

# Cryptographic Objectives

Threats	Goal
Exposure of data	Confidentiality	data
Tampering with data	Integrity
Impersonation	Authentication	user
Exposure of personal information	Privacy
Identification of individual	Anonymity
Denial of service	Availability	system
Forbidden access	Authorization (Access Control)

 

 

1. Confidentiality :: 기밀성

- Ability to keep information unavailable and private to others

- Cryptography is a tool to achieve confidentiality, e.g., encryption

 

 

2. Integrity :: 무결성

- Ability to ascertain that information exchanged has not been subject to unexpected changes

- Cryptography is a tool to achieve data integrity, e.g., Cryptographic Hash(e.g., SHA), Message Authentication Code(MAC)

- Intentional or accidental data changes should be detectable

 

3a. Authentication

- Ability to ascertain the identity of others

- Types : Mutually trusted, One-Way Authenticated, Mutually Suspicious

- Approaches : Something you know (password, pin, ...), Something you have (phone, token, ...), Something you are (fingerprint, retina, ...)

- Multi-factor authentication is a good thing

- Cryptography is a tool to achieve authentication, e.g. digital signature

- Password theft/leakage is a huge problem

 

 

3b. Non-Repudiation :: 부인할 수 없는

- Ability to prevent an authorized party from denying the existence or contents of a communication session :: 승인된 당사자가 의사소통 세션의 존재 또는 내용을 거부하는 것을 방지할 수 있는 능력

- Example : If Alice sent Bob an electronic money saying that “she will pay Bob $1000 if Bob finish a job for her”, but later Alice denies that she sent Bob this message. How could you prove that Alice undeniably sent Bob this message?

Digital signature + notarization (from third party)

 

 

4. Privacy

- The right of an entity acting in its own behalf, to determine the degree to which it will interact with its environment, including the degree to which the entity is willing to share information about itself with others. :: 엔티티가 자신에 대한 정보를 다른 엔티티와 공유하고자 하는 정도를 포함하여, 엔티티가 자신의 환경과 상호작용할 정도를 결정할 수 있는 자신을 대신하여 행동하는 권리.

- cryptography is a tool to achieve privacy, e.g., encryption

 

 

5. Anonymity

- Being not identifiable within a set

- Very different from privacy

    - An anonymous action may be public, but the actor's identity remains unknown (e.g., vote in elections)

- Various data processing  techniques can be used, e.g., randomization, k-anonymity, I-diversity, ...

 

 

6. Authorization (Access Control)

- Authorization verifies that a user has the proper privileges to access a resource (presumes successful authentication)

 

 

7. Availability

- Ability to prevent an unauthorized party from making resources unavailable

- Question:

    - How to ahieve the availability?

    - Cryptography is not enough to deal with the DoS attack!

    - Cryptography + Other Techniques (Backup, Redundancy, Traffic Monitoring and Analysis, Redirection, etc.)

 

 

 

 

# Cryptology

 

 

# Cryptography

- The science and study of "secret writing"

 

# Cryptanalysis

- The science and study of breaking ciphers

 

 

 

# Basic Cryptographic Tools

1. Encryption / Decryption

- Symmetric Cryptography 

    - Block Ciphers

    - Stream Ciphers

- Asymmetric Cryptography

    - public key

 

2. Message Authentication Code (Hashing)

3. Digital Signature

 

 

# Encryption

: Process of transforming a plaintext message M into ciphertext C using an unique key K

: C = E(M,K)

 

# Decryption

: Reverse operation of encryption

: Process of transforming cipher text C into plaintext M under control of key K

: M = D(C,K)

 

 

# Encryption / Decryption - Security Requirement

- Kerckhoffs Principle

: The security should depend on the confidentiality of the key K. Attacker assumed to know the algorithms E and D, except K. :: 보안은 키 K의 기밀성에 의존해야 합니다. 공격자는 K를 제외한 알고리즘 E와 D를 알고 있다고 가정합니다.

: It should be (computationally) infeasible for an observer of C to recover either M or K (in a reasonable time) :: (계산적으로) C의 관찰자가 M이나 K 중 하나를 (합리적인 시간 내에) 회복하는 것은 불가능해야 합니다.

 

 

 

# Symmetric Encryption

: Same key used for both encryption and decryption

 

# Asymmetric Encryption

: Different key used for both encryption and decryption

 

 

 

# Message Authentication/Hashing

- Allows detection of any modification of the plaintext message

- Examples : 

    - Hashing Functions
    - Message Digest / Message Authentication Code (MAC)

 

 

# Hashing

a) Example of hash function , b) Collision of hashes

 

 

# Cryptographic Hash Function Requirements :: 암호 해시 함수 요구 사항

1. Easy to compute H(M)

2. Preimage Resistance

    - Difficult to generate M given H(x)  :: H(x)가 주어지면 M을 생성하기 어렵다.

3. Collision Resistance

    - (Weak) Difficult find another M2 given M1 such that H(M1) = H(M2)

        : (약) H(M1) = H(M2)가 되는 M1이 주어지면 다른 M2를 찾기 어렵다

    - (Strong) Difficult to find M1 and M2 such that H(M1) = H(M2)

        : (강) H(M1) = H(M2)가 될 M1, M2 쌍을 찾기 어렵다

 

4. Avalanche Effect :: 눈사태 효과

- Digest created in such as way that as little as one-bit change in the message will produce an unpredictable change in approximately 50% of the bits or characters of the digest :: 메시지에서 최소 1비트의 변화가 다이제스트의 약 50% 비트 또는 문자에 예측할 수 없는 변화를 일으키도록 생성된 다이제스트

- Example :

 

# Digital Signatures

: Source authentication

: Uses private key to sign an electronic file :: 개인 키를 사용하여 전자 파일에 서명합니다

 

 

# Randomness

- The security of most systems relies on the availability of “random” numbers or bit streams. :: 대부분의 시스템 보안은 "난수" 또는 비트 스트림의 가용성에 의존합니다.

- Cryptographically Secure Pseudo Random Number Generator (CSPRNG) :: 암호학적으로 안전한 의사 난수 생성기

- There are used for

    - Keys or keystreams

    - One-time authentication parameters (Nonce)

- The security of any system will only be as strong as its weakest link. :: 모든 시스템의 보안은 가장 약한 링크만큼만 강력합니다

- If the “random” parameters used are not random or can be influenced, then the system is vulnerable.

- Requirement

    - Next-bit Test : given 𝑘 bits of a random sequence, cannot predict the (𝑘 + 1)- th bit with probability of success better than 50% ::  랜덤 시퀀스의 𝑘 비트가 주어지면 성공 확률이 50%보다 높게 (𝑘 + 1)번째 비트를 예측할 수 없습니다.

 

 

 

---

# 02 History of Cryptography

# k-out-of-n encryption

- Threshold-based Security: Unless k-out-of-n locks are unlocked, the key cannot reach the keyhole

 

 

# Hash Chain

Hash Chain : Dolls have to be recursively opened from the largest to get to the smallest doll

 

 

# Visual Cryptography

 

 

# Digital Watermarking

 

 

# Russian Postal System Puzzle Key Exchange

: Bob puts the diamond in a box and locks it using his key
Alice receives the locked box. Alice also attaches her lock on the box
Boris receives the locked box with two locks. Bob removes his lock and sends the box to Alice
Alice receives the box with only her lock.

 

- Diffie-Hellmen Key Exchange Algorithm!?

 

# Ancient period

1) transposition of letters (reposition letters)

2) substitution (replace letters)

 

- Code Book (Substitution)

: change letters into numbers. -> WAR : 52 11 42

 

- Caesar Cipher (Transposition)

: each letter substituted by shifting n=3 places

 

    - Breaking Caesar Cipher : Brute Force Technique

 

---

# 03 Network and Systems

# Points of Attack

1. Passive

- Attacker just listens information as it passes.

- If data is encrypted, Still gives attacker information about secrecy of communication

 

2. Active

- Attacker not only listens, but may add, delete, modify, or delay information

 

 

# Reasons to Cheat

• Unauthorized access to information
• Impersonation
• Disavow responsibility or liability
• Claim information or data was sent/received when it wasn’t
• Conceal the presence of information being sent (covert communication)
• Cause others to violate a protocol
• Corrupt the integrity of information
• Prevent communication among others (DoS)
• Etc...

 

 

# Network Considerations

Security can be applied at various points(layers) in the network

 

- Link-to-Link Layer Security

     - Contents and headers are encrypted Information appears in-the-clear within switch

    • Example

        - Wired: Ethernet

        - Wireless: WEP (Wired Equivalent Privacy), 802.11i, 802.1x

 

- Network Layer Security

    - All data from one node to another are encrypted

        - Provides authentication, confidentiality, and key management

        - Security applied to the entire original IP packet (tunnel mode), or to all except the IP headers (transport mode)

    - Example: IPsec, VPNs (Virtual Private Networks)

 

- Transport Layer Security

    - Provides

        - Security services between TCP and application that use TCP

        - Confidentiality using symmetric encryption 

        - Data integrity using a message authentication code (MAC)

    -  Includes protocol mechanisms to enable two TCP users to determine the security mechanisms and services they will use 

    - Example: SSL (Secure Socket Layer), Secure Shell (SSH), HTTPS(HTTP on SSL)

 

 

# Hardware or Software

1. Software

Pros :

- Cheap to reproduce and distribute

Cons :

- Almost impossible to protect secret parameters (such as encryption keys) if an attacker has access to the device data

 

2. Hardware

Pros : 

- Faster processing

- Tamper-resistant

- Security "token" can be carried by user from system to system

Cons : 

- More expensive

Etc : 

- Some levels of approval can only be obtained with hardware

 

 

---

# 04 Theory of Secure Communication

 

# Digital Signature Susceptibility - MD5 and Hash Value

- Hash Operation : m → f(m)

- Solution:

1) Use MD5 with more bits!!

2) Since Mallory gains no information if he finds two fair (legitimate) or two fraudulent documents (not one fair and one fraudulent pair) with the same hash, output of the hash function has to be large enough. :: Mallory는 동일한 해시를 가진 두 개의 공정 문서(합법 문서) 또는 두 개의 부정 문서(공정 문서와 부정 문서 쌍이 아님)를 발견하면 정보를 얻지 못하기 때문에 해시 함수의 출력은 충분히 커야 합니다.

 

 

# Priori and Posterior Probabilities :: 선험적 확률과 후험적 확률

 

# Condition for Perfect Secrecy

- The posteriori probability represent the attacker’s knowledge

 

 

 

# Shannon Entropy

: Measure of the unpredictability in a random variable :: 랜덤 변수의 예측 불가능성 측도

 

 

 

1. Message Entropy	2. Key Entropy

 

- Observation

    - The amount of uncertainty introduced into the system cannot be greater than the key uncertainty. :: 시스템에 도입된 불확실성의 양은 key 불확실성보다 클 수 없습니다

    - Message information can be perfectly concealed if the key uncertainty is at least the message uncertainty. :: key 불확실성이 최소한 메시지 불확실성인 경우 메시지 정보를 완벽하게 숨길 수 있습니다

        - Occurs when all messages are equally probable (i.e., appears totally random)

 

 

 

# Equivocation :: 모호한 말, 얼버무림

: Conditional entropies of the key K and message M :: 키 K 및 메시지 M의 조건부 엔트로피

- i.e., unpredictability of the key and message given an intercepted cipher text C :: 즉, 가로챈 암호문 C가 주어진 키와 메시지의 예측 불가능성

 

 

- H(K,N|C) is a non-increasing function of N

    - i.e., it is theoretically easier to determine the key as more ciphertext is intercepted :: 즉, 더 많은 암호문이 감청됨에 따라 키를 결정하는 것이 이론적으로 더 쉽습니다

 

 

 

 

# Perfect Secrecy :: 완벽한 기밀

- Mutual Information
    - I(M|C) represent the amount of information revealed about M given C :: I(M|C)는 C가 주어졌을 때 M에 대해 드러나는 정보의 양을 나타냅니다
    - I(K|C) represent the amount of information revealed about K given C :: I(K|C)는 C가 주어졌을 때 K에 대해 드러난 정보의 양을 나타냅니다

 

 

- “New Information revealed knowing C ” = “Uncertainty” – “Uncertainty after Knowing C

    - :: "C를 알고 있다는 새로운 정보" = "불확실성" – "C를 알고 난 후의 불확실성"

-  I(M|C) = H(M) -  H(M|C)

 

 - How to achieve perfect secrecy?
    - We want to make C and M statistically independent :: 우리는 C와 M을 통계적으로 독립적으로 만들기를 원합니다

    -  Therefore,

            - I(M|C) = H(M) -  H(M|C) = 0

            - H(M) =  H(M|C)

 

 

- 𝑯(𝑴) ≤ 𝑯(𝑲)

- If H(K) is small, 

    - Cryptanalyst can obtain a lot of info about the plaintext!!

 

 

 

* Part2

 

# Intercepted Ciphertext

- What happens as more ciphertext is intercepted?

 

- Which value of n makes H(M) small?

    - i.e., when does ciphertext become less uncertain?

 

 

 

# Redundancy

: Redundancy (D) of a language is defined in terms of the Absolute Rate of the language (R) and the Rate of the language (r) :: 언어의 중복성(D)은 언어의 절대 비율(R)과 언어의 비율(r)로 정의됩니다

: D = R - r

 

- “Absolute Rate of Language” :

number of bits of info that can be encoded in each character assuming all possible combinations of characters :: 가능한 모든 문자 조합을 가정하여 각 문자에서 인코딩할 수 있는 정보 비트 수

 

- "Rate of Language" : 

entropy of actual language

 

- Redundancy of English language 

 

 

 

 

# “Spurious Key” Decipherment :: "가짜 키" 암호 해독

: A spurious key decipherment (“false solution”) occurs when