Cryptography & Cyber Security Course Notes
Crytopgraphy For Security course on You Tube.
The triad of cybersecurity is:
- Confidentiality
- Integrity
- Availability
Confidentiality refers to “the property that sensitive info is not disclosed to unauthorized individuals, entities, or processes”. —N.I.S.T.
Intregrity is defined as the “guarding against improper info modification or destruction, and includes ensuring information non-repudiation & authenticity”. -NIST
Availability is “ensuring timely and reliable access to and use of information”. -NIST
- Impact of Security Breaches:
- Effectiveness of primary operations are reduced.
- Financial loss
- Damage to assets
- Harm to individuals
Threat: potential violation of security
Attack: assault on system security derived from intelligent threat.
Aspects of Security
Security Attack—any action that attempts to compromise the security of information or facilities
Security Mechanism—A method for preventing, detecting, or recovering from an attack.
Security Service—Uses security mechanisms to enhance the security of information or facilities or facilities in order to stop attacks.
Types of Attacks
Passive Attack—Make use of information, but not affect system resources, e.g. 1). Release message contents, or 2) Traffic Analysis; A passive attack can be relatively hard to detect, but easier to prevent.
Active Attack—Alter system resources or operation, e.g. 1) Masquerade, 2) Replay, 3) Modification, 4) Denial of Service; An active attack is relatively hard to prevent, but easier to detect.
Release Message Attack
Traffic Analysis—Bob sends message to Alice, and Darth observes pattern of messages from Bob to Alice. Analyzing the frequency of message communications.
Masquerade—“On the Internet, no one know’s that you’re a dog.”
Replay Attack—Bob sends message to Alice, and Darth captures the message from Bob to Alice; later replay message to Alice.
Modification Attack— Bob sends message to Alice, and Darth modifies message from Bob to Alice.
Denial of Service—Darth disrupts service provided by server.
Masquerade Attack—Darth sends message that appears to be from Bob.
Security Services
- Authentication—Assure that the communicating entity is the one that it claims to be. (Peer entity & data origin authentication.)
- Access Control—Prevent unauthorized use of a resource
- Data Confidentiality—Protect data from unauthorized disclosure
- Data Integrity—Assure data received are exactly as sent by authorized entity.
- Non-repudiation—Protect against denial of one entity involved in communications of having participated in communications
- Availability—System is accessible and usable on demand by authorized users according to intended goal.
- Security Mechanisms
- Techniques designed to prevent, detect, or recover from attacks.
- No single mechanism can provide all services
- Common in most mechanisms: cryptographic techniques
- Specific security mechanisms from ITU-T x.800:
- Encipherment, digital signature, access control, data integrity, authentication exchange, traffic padding, routing control, notaries action.
- Pervasive security mechanisms from ITU-T x.800:
- Trusted functionality, security label, event detection, security audit trail, security recovery.