Session Topic: Session Number 4

Information Security Terminologies

Speaker: Manjunath/Bharathi

IC 624: Cyber Security in Industrial Automation

 Recap
• Policies/Standards/Guidelines/Procedures

• Malicious Code and Attacks

– Virus
– Worm
– Trojan Horse
• Logic Bomb
– Mobile code
– Guessing Passwords
• Dictionary
• BrutForce
– Social Engineering
– Dumpster Diving
Disclaimer:

2 3
 Agenda
• Firewalls

• Basics and Purpose of Cryptography

• History of Cryptography

• Types of Cryptography

• Cryptographic Attacks

• Virtual Private networks

Disclaimer:

3 3
 Firewalls

• NIST SP 800-41 - “devices or programs that control the flow

of network traffic between networks or hosts that employ
differing security postures.”

• ANSI/ISA-62443-1-1 - An internetwork connection device

that restricts data communication traffic between two
connected networks.

• Firewalls are categorized as to their technical

implementation and their architecture. 4
How does a Firewall works?

5
Types of firewall based on Technical and Architecture

6
 Packet-Filtering Firewall

• Resides at the network layer of the OSI model.

• It filters the packets based on firewall access control lists
(ACLs), which specify the packets that can be sent to
particular destination addresses or to specific application
port destinations.

7
 Stateful Inspection

• A stateful inspection firewall improves on a packet-filtering

firewall by determining the state of incoming data
connections at the network layer and blocking data packets
that do not conform to the anticipated state.

8
 Application Firewall
• Referred to as deep packet inspection by incorporating stateful protocol
analysis.
• Potential malicious activity could include email with harmful attachments,
unexpected command sequences, and the downloading of active mobile code.

9
Application-Proxy Gateway

10
Screened-Host Firewall

11
Dual-Homed Host Firewall

12
Screened-Subnet Firewalls

13
 Limitations of Firewalls
• The importance of using firewalls as a security system is obvious; however, firewalls
have some limitations:
• Firewalls cannot stop users from accessing malicious websites, making it vulnerable to
internal threats or attacks.
• Firewalls cannot protect against the transfer of virus-infected files or software.
• Firewalls cannot prevent misuse of passwords.
• Firewalls cannot protect if security rules are misconfigured.
• Firewalls cannot protect against non-technical security risks, such as social engineering.
• Firewalls cannot stop or prevent attackers with modems from dialing in to or out of the
internal network.
• Firewalls cannot secure the system which is already infected.

14
 Reference Website to follow
• Firewall | Firewall Tutorial – javatpoint
• What Is Firewall: Types, How Does It Work & Advantages | Simplilearn

15
Firewall Vendors

16
 Cryptography
Disclaimer:

4
Cryptography
Disclaimer:

4
 Cryptography
Cryptography derived its name from the Greek word called “Kryptos” which means hidden secrets
and “Graphia” meaning writing.

•It is a method of storing and transmitting data in a form that only those intended for , can read and process.

•It is the art or science of converting a plain intelligible data into an unintelligible data and again retransforming
that message into its original form.
Disclaimer:

4
 Cryptographic Terms
Encryption – A process of encoding a message, so that its meaning is not obvious.

Decryption – A process of decoding an encrypted message back into its original form .

Cryptosystem – is a system for Encryption and Decryption.

Plain Text – Unencrypted version of a message.

Ciphertext – Encrypted version of a message.

Key – is a string of characters used within an encryption algorithm for altering data so that it appears random.
Disclaimer:

5
 Purpose of Cryptography
• Authentication

•Confidentiality

•Integrity

•Non Repudiation
Disclaimer:

6
 History
Caesar Ciphers developed by Julian Caesar to communicate with Cicero in Rome while
conquering Europe.
To encrypt a message you simply shift each letter of alphabet three places to the right .which is
also called ROT3.

Example :
Disclaimer:

7
 History
•American Civil War
•They used complex combinations of word Substitutions and transpositions.
•They also used a series of flag signals.

•Ultra vs Enigma
•Used by German Military
•Involved three to six rotors to implement an extremely complicated Substitution Cipher.
•Required the same machine at the receiving end.
•Ultra is a top secret effort to attack Enigma Machines.
Disclaimer:

8
 Cryptography Types

1. Symmetric
2. Asymmetric
3. Hashing
4. Digital Signature
Disclaimer:

8
 Symmetric Cryptography
•It relies on a “shared secret” that is distributed to all members who participate in the communication.
•This key is used by all the members to both encrypt and decrypt messages .
•When large sized keys are used , its difficult to break Symmetric Encryption.
•It is fast compared to Asymmetric key cryptography and used to transmit large volume of data.
Disclaimer:

9
 Symmetric Key Cryptography - AES
• Advanced Encryption Standard.
• Specified in NIST Federal Information Processing Standard Publication 197.
• Standard specifies three symmetric key strengths of 128, 192 or 256 bits.
• Widely used in smart cards, routers etc.

• Other Symmetric Cryptography Algorithms – DES, 3DES, Blow Fish , IDEA

Disclaimer:

10
 Issues with Symmetric Key Cryptography
• Key Distribution
• Doesn’t implement Non-Repudiation
• Non Scalable
• Keys must be regenerated often.
Disclaimer:

11
 Asymmetric / Public Key Cryptography
• Each user has two keys – Private key and Public Key.
• Private key is kept confidential and Public key is shared with all users.
• Public key cannot be used to determine Private key.
• Opposite and related keys must be used in tandem to Encrypt and Decrypt.
• Key size have to be much larger than symmetric keys to obtain same amount of protection.
• Used extensively in generating Digital Signatures
Disclaimer:

12
 Asymmetric / Public Key Cryptography
Disclaimer:

13
 Asymmetric Cryptography

Key Generation Confidentiality Integrity

Disclaimer:

14
 Disclaimer:

13
 Disclaimer:

13
 Disclaimer:

13
 Disclaimer:

13
 Disclaimer:

13
 Disclaimer:

13
 Disclaimer:

13
 Asymmetric Algorithm - RSA
• RSA, named after its developers Rivest , Shamir and Addleman.
• It is based on the difficulty of finding the prime number factors of a large number, which would be
required to generate the private key from the corresponding Public Key.

• Examples of other Asymmetric Algorithms : Diffie Hellman , El Gamal and Elliptic Curve
Cryptosystem (ECC)
Disclaimer:

15
 Disclaimer:

16
 Disclaimer:

16
 Disclaimer:

16
 Digital Signatures
NIST Digital Signature Standard defines Digital Signature as “result of a cryptographic
transformation of data that , when properly implemented provides a mechanism to verify origin
authentication , data signatory and signatory nonrepudiation “

Certificate Authority – An independent third party that warrants an individual’s Public key and
generates a digital certificate to that effect.

• Certificate contains Subject’s name , Subject’s public key, Name of Certificate Authority and
period for which the certificate is valid.
Disclaimer:

16
 Digital Signatures
Disclaimer:

17
 Digital Signatures
Disclaimer:

17
 Attacks against Crypto Systems

• Known Plain Text Attack – Attacker has access to samples of the unencrypted and encrypted
version of the message and tries to find the key.

• Cipher Text only Attack – The attacker has access to multiple samples of encrypted messages
that have been encrypted with the same algorithm and tries to find the key.

• Man in the Middle Attack – Attacker intercepts messages being sent between two parties and
attempts to decipher them and possibly to forward false messages to the parties.

• Replay Attack – Attacker intercepts a message and send it at a later time.

• Chosen Plain Text Attack – Attacker has the ability to select plain text message , have them
encrypted and then analyze the result to determine the key.
Disclaimer:

18
 Attacks against Crypto Systems
• Chosen Cipher text Attack – Attacker has the ability to select cipher text messages for trial
decryption while having access to the corresponding decrypted plaintext.

• Brute Force Attack – Attacker tries all possible combination of keys in the hope of finding the
correct key.
Disclaimer:

19
 Virtual Private Network (VPN)
Disclaimer:

21
 Virtual Private Network (VPN)
According to NIST VPN is defined as
“ A restricted use , logical computer network that is constructed from the system resource of a
relatively public , physical network, often by using encryption and by tunneling links of the virtual
network across the real network”
Disclaimer:

20
 Virtual Private Network (VPN)

It contains three components, which are handled at the recipient end of the VPN:

– Authenticity and Authentication – This component consists of security measures designed to establish the
validity of a transmission, message, originator, or a means of verifying an individual's authorization to receive
specific categories of information.

– Integrity – In a formal security mode, integrity is interpreted more narrowly to mean protection against
unauthorized modification or destruction of information.

– Confidentiality – This component provides assurance that information is not disclosed to unauthorized
persons, processes, or devices.
Disclaimer:

20
 Virtual Private Network (VPN)
Three types of VPN
1. Gateway to Gateway – Provides secure communication between two organizations over the
public internet.
2. Host to Gateway – Also known as “Remote Access “ VPN , it provides secure communication
between a host computer and an organization’s network.
Example – Travelling salesman connecting his laptop to the organization’s network from a remote
location
3. Host to Host – This VPN enables secure communication between two computers over an
untrusted network.
Disclaimer:

21
 Virtual Private Network (VPN)
• VPN uses tunneling to transmit the data, which involves encapsulating packets of particular VPN
protocol inside headers and transmitting the packet using another carrier protocol.

• A logical network is established between VPN client and Server.

• For maximum security packets should be encrypted using an approved Algorithm and a strong
key.
Disclaimer:

22
 VPN Technologies
IPSec
It operates at the OSI Network layer and provides two modes of encryption.
• Transport Mode – Encrypts the data segment of the packet to be transmitted and doesn’t encrypt
the header.
• Tunnel Mode – Adds an additional header to the packet and encrypts the entire packet, including
original header.

Secure Socket Layer (SSL)

• Developed by Netscape to provide secure internet transactions.
• SSL encrypts the packet contents and authenticates the server to the client using Digital
signature and certificates.
• SSL 3.0 is modified to Transport Layer Security (TLS)
• SSL and TLS are used to protect HTTP communication .
Disclaimer:

23
 Please follow from page 83 & 367 - for Q/A
Disclaimer:

24