security attacks, mechanisms, and services€¦ · security attack: any action that compromises the...
TRANSCRIPT
![Page 1: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/1.jpg)
Security Attacks, Mechanisms,
and Services
![Page 2: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/2.jpg)
Attacks, Services and
Mechanisms
◦ Security Attack: Any action thatcompromises the security of information.
◦ Security Mechanism: A mechanism that isdesigned to detect, prevent, or recover from asecurity attack.
◦ Security Service: A service that enhancesthe security of data processing systems andinformation transfers. A security servicemakes use of one or more securitymechanisms.
![Page 3: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/3.jpg)
![Page 4: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/4.jpg)
Passive Attacks
◦ These are in the nature of eavesdropping on, ormonitoring of, transmission
◦ Attempts to learn or make use of informationfrom system
◦ Does not affect system resources
◦ Difficult to detect because they do not involveany alteration of data
◦ Traffic normally sent and received in a normalfashion
◦ Attempt is made to prevent the success of theseattacks, usually by means of encryption
◦ Thus emphasis is on prevention rather thandetection
![Page 5: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/5.jpg)
Passive Attacks(cont….)
Release of message contents is easily
understood
◦ Telephonic conversation, e-mail message, or a
transferred file may contain sensitive
information
◦ Emphasis is to prevent opponent from
learning
![Page 6: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/6.jpg)
Passive Attacks(cont….)
Traffic Analysis
◦ Observe patterns of messages
◦ Could determine identity and location of
communicating hosts
◦ Could observe the frequency and length of
messages being exchanged
![Page 7: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/7.jpg)
Active Attacks
◦ Involves modification of data, or false creation
of data
◦ Attempt to alter system resources or affect
their operations
◦ Difficult to prevent active attacks
◦ Emphasis is to detect active attacks and
recover from the damage
![Page 8: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/8.jpg)
Active Attacks(cont….)
Masquarade
◦ One entity pretendes to be a different entity
◦ E.g.Authentication sequences can be captured
Replay
◦ Involves passive capture of data unit and its
subsequent retransmission to produce
unauthorized effect
![Page 9: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/9.jpg)
Active Attacks(cont….)
Modification of Message
◦ Means some portion of a legitimate message
is altered, or messages are reordered or
delayed, to produce unauthorized affect
◦ E.g. ” Allow John Smith to read confidential file
accounts” is modified to ” Allow Fred Brown
to read confidential file accounts”
![Page 10: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/10.jpg)
Active Attacks(cont….)
Denial of Service
◦ Prevents normal use of communication
facilities
◦ Disabling or overloading of entire network
![Page 11: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/11.jpg)
11
Conventional Encryption Principles
An encryption scheme has five ingredients:◦ Plaintext
◦ Encryption algorithm
◦ Secret Key
◦ Ciphertext
◦ Decryption algorithm
Security depends on the secrecy of the key, not the secrecy of the algorithm
![Page 12: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/12.jpg)
12
Conventional Encryption Principles
![Page 13: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/13.jpg)
13
Cryptography
Classified along three independent dimensions:◦ The type of operations used for transforming
plaintext to ciphertext
◦ The number of keys used symmetric (single key)
asymmetric (two-keys, or public-key encryption)
◦ The way in which the plaintext is processed
![Page 14: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/14.jpg)
14
Cryptography
can be characterized by:◦ type of encryption operations used
substitution / transposition / product
◦ number of keys used single-key or private / two-key or public
◦ way in which plaintext is processed block / stream
![Page 15: Security Attacks, Mechanisms, and Services€¦ · Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect,prevent,or](https://reader036.vdocuments.us/reader036/viewer/2022080718/5f78708643f69723d7041963/html5/thumbnails/15.jpg)
15
Average time required for
exhaustive key search
Key Size (bits)
Number of Alternative Keys
Time required at 106 Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds
56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years