 I want to introduce you to what we mean by security. Computer security, network security, give a few definitions, and then talk about some of the concepts that we use when we talk about securing computer systems. Hopefully we'll finish this today. We may get on to the next one, but just a light introduction to security. Some definitions. What other people think of, what is security? The first one comes from an organization called NIST, the National Institute of Standards and Technology in the US. They are a government organization that creates standards in the US, but they produce a lot of standards about how companies and people should use computer security. They say computer security is the protection afforded to automated information system in order to obtain the applicable objectives of preserving integrity, availability, and confidentiality of information system resources. So a long definition. What can we pick out there? Okay, so we want to protect some computer system, an automated information system, and protect it to attain some objectives. So we're going to see that we need to have some objectives. If I have a computer system, then from a security perspective, we'll have some objectives of what we want to achieve with that system and how do we want to keep it secure? And we'll arrive at talking about security policies in one of the later slides. And we want to preserve, for that computer system, preserve the integrity, availability, and confidentiality of information, or information system resources, not just information resources. Resources include, for example, the processing and the memory resources on the computer, network resources, as well as files, that information. So another definition before we look more depth at these parts. This is about, the first one is about computer security. So generally about securing computer systems. Computer systems include securing a standalone computer, like a laptop or a server or a mainframe or a TV. They may also include collections of computers, so a network of computers. But sometimes security of computer networks is treated separately than securing a computer. So there's a lot of overlap, but sometimes the techniques we use to secure my computer on its own may be slightly different from what I use to secure the communications between my computer and another computer across a network. Here's another definition of network and internet security. So communications across a network, how do we keep them secure? Well, the measures we use to deter, prevent, detect, and correct security violations that involve transmission of information. You're all experts on data communications. It's about getting information from one point to another, transmitting information across a network. So if there are security violations, that is when we transfer information across the network, something goes wrong with respect to security, then we wanna look at, well, how do we stop such violations? And in some case, fix and detect them. So to deter violations, that is to make people not want to violate the security of my network, to prevent them, to make it impossible for someone to violate the security of my network. Detect is if someone does violate the security that I at least know that it happened. And correct is, okay, if something is violated in my network, then I can fix it. So we'll see that prevention and detection usually go together. These are just two definitions of computer security and network and internet security. The second one is from your course textbook. It's by William Stollings called Cryptography and Network Security. This is the fifth edition. There's a sixth edition, I think, just released. If you're gonna buy a textbook, buy this one. But you see the thick handout that I give you, you may survive without it. But it is a good textbook that covers all the things that we cover in this course. So let's look at some of these things in more depth. So some of it may not make sense yet. In the definition of computer security, there was we wanna preserve integrity, availability and confidentiality. And those are three concepts that come up quite often talking about security. Confidentiality, integrity, availability, CIA. Not the organization but the combination of these three concepts. What confidentiality is keeping things secret, keeping information confidential. I think that's what many people think of when they think about computer and network security. You send a file to someone else. You don't want someone in the middle to intercept and read the contents of that file. You wanna keep it secret. You wanna keep it confidential. So that's a common thing that we need in computer systems to keep information confidential. Integrity is making sure that the information or the system is not modified in some way. An example, and we'll see some other examples later, but one common one is that we wanna send data to some destination even if we allow it to be seen by people. That is we don't care about confidentiality. I don't care if someone reads my message. I would still like it such that no one could modify the message along the way. So that I send a message to you, the message that you receive is identical to the one that I sent. That is about the integrity of the message, the integrity of the information. If I send a message to you, but someone malicious modifies that message along the way and you receive the modified message, that can be a security violation. So integrity is also important. The last one in this triangle is availability. And that often refers to the availability of a computer system or a computer network. The purpose of computer systems, computer networks is to provide some service to the users. A server, a web server is so that people can turn access the files on that web server, an email server so that they can send emails. A security violation of a computer system may be making that system unavailable for the normal users to use. So for example, Amazon has a web server. You go there to buy things. If someone violates the security of the Amazon web server such that you can no longer go there to buy things, that can be considered a security attack because the availability of the Amazon web server is no longer available. So we treat this as an important security issue, making sure the computer system is available. In the case of Amazon, if their web server is down for just a few seconds, then they're gonna lose a lot of money. So it can have a significant impact if our computer system is not available because of a security violation. You may have heard of denial of service attacks. And that's the main form of attack on availability. So we'd like usually to have confidentiality, integrity, availability. Maybe not always all three, but there are three common concepts that we see in computer systems. There are others, sometimes we distinguish between also we identify authenticity, making sure either the information or the people that we're communicating with are authentic. Someone sends your message. The source says it's from Steve. You want to be sure that it's from Steve, it's not from someone pretending to be me. That's about authenticity. Accountability is to make sure that we can contract and keep monitor of what things happen and that we can track things back to who caused some particular event. We can hold them accountable. So a computer system or a computer network, we usually want to focus on making sure the information is confidential. It maintains its integrity and we have availability of that system. We will not go too much into what happens when a computer system is compromised, but I think you can think of many examples, but how does a breach or a compromise of a computer system impact upon organizations? For example, SIT. We're an organization, what's our business? What's the business of SIT? Education, okay? So SIT makes money by educating people. So that's our business. What if there's some security attack on the SIT computer network such that something goes wrong on the computers, on the servers or some part of our network? Well, there can be different impacts on an organization, ranging from minor to catastrophic, very bad. So some examples, a common thing if there is a security violation is that the effectiveness of that organization is reduced. So the primary operation of SIT is education. We teach people. If, for example, someone does an attack on our network and they reboot this computer, like someone did in my lab yesterday, then it's going to stop me from teaching for two or three minutes. It's going to reduce my effectiveness in our operation of education. Well, not so bad. You may enjoy the break for a few minutes, but you can imagine if someone did an attack such that they deleted all the files on my laptop, then that's also going to reduce my effectiveness because I'm going to have to recreate all my lecture notes and get backups and so on. So security breaches can reduce how well an organization operates. Sometimes it's just an inconvenience. Sometimes we'll lose money because of that. So you can think that if someone logs or accesses SIT's network and manages to delete a lot of confidential information then recreating that and getting it from backups may cost us money. So we may lose money. There may be damage to real hardware, damage to assets. An example that happened one or two years ago, maybe even a little bit earlier than that, was an attack on some nuclear power plants in Iraq that was basically some form of virus was installed on the computers inside the nuclear power plants and the idea was that it would cause some of the machinery there to operate outside the normal specs that it will operate in an unexpected way such that the machinery would break down and that effectively damaged that, the assets that damaged hardware in that case. So it can not just mean to loss of money but we can lose equipment because of an attack. And maybe the worst case, it can start to harm individuals in, you can imagine if a nuclear reactor is, if there's some attack on the computer system and that computer system controls the heating and the cooling and so on, then the worst case is a meltdown and of course that has catastrophic impacts. So there's a wide range of impacts if a breach does occur. We're not gonna talk much about them, I think you can think about different impacts from very low to very major impacts. In the topic on IT security, we, you, I, you don't, I cover more aspects of well, how would organizations measure and predict what the impact of a particular violation would be but we will not get into that in this course. This course is gonna focus more about the network security part of community, of computer security. So we wanna try and arrive at some definitions and some classification of the things that we need to consider in network and computer security. What's OSI? Anyone seen it before, the acronym? ISO backwards? Well, OSI and remember last semester we talked about the five layer TCP IP model. There was another one before that which was a seven layer model called the Open Systems Interconnection, OSI model for communications and the organization that created OSI is ISO. ISO created OSI. Why is it relevant here? In creating a model for communications in networks, one aspect they need to consider is security, security of communications. And many years ago, they come up with some, some definition and models of, well, what do we need in terms of security and networks? So that's why we introduced this here because it has a few nice definitions of network security. So we're not too concerned with OSI, with ISO and there's another organization, ITU, who work with ISO. I'm not too concerned about that. I'm concerned about getting to some of the definitions and terminology that they introduced. This organization is ISO and ITU created some definition of security and computer networks. And some aspects that they defined were, they classified types of attacks different security mechanisms and the services that computer networks should provide to users to prevent the attacks. The aims of, well, how do we say that? The services that the users should be offered such that the network works correctly. Sometimes we distinguish between a threat and an attack on a computer system. A threat is a potential violation of security. So something may go wrong, that's a threat. So a threat could be that someone guesses the password of my login for SIT. An attack is when they actually do that. They carry out the threat. An attack may result in a violation. A threat is something that can go wrong. An attack is an attempt to carry out that threat and the attack may be successful or not. So ISO, ITU created some definitions and they spoke about a security attack. Some action that attempts to compromise the security of information or facilities. So something that someone does that tries to defeat the security of information, for example, files or information that we store, or facilities like a computer, parts of a computer system or network. A threat is a potential for an attack to occur. So we may have security attacks on systems. Security mechanisms are the different methods that we have available to prevent attacks and if we can't prevent them to detect attacks and if we detect them to hopefully recover from attacks. Ideally, we'd like to prevent attacks, stop them from happening, but in practice that may be impossible. So if an attack does happen, we'd like to at least be able to detect it and then do something about it. We will, towards the end of this topic, list a set of security mechanisms and in fact this course goes through those mechanisms. A service, we want to use a set of security mechanisms to enhance the security of our information or the security of our facilities to stop attacks. So I want to provide a service such that attacks are difficult or preferably impossible. So in the next few slides, we'll list first some attacks or classify different types of attacks, then we'll classify different types of services and then in the rest of this course, we'll really look at the different types of mechanisms and they'll all come together, attacks. And this is related to computer networks, but a lot of it also applies to just stand-alone computers. A computer network is multiple computers communicating with each other. First, we'll classify attacks as to either passive or active. And within passive, we'll see there are two types of attacks, releasing the message contents and traffic analysis. And in active attacks, there are four types, masquerade, replay, modification and denial of service. We'll go through those six. So really we have six types of attacks. Two are passive, four are active. Let's go through those six and then we'll come back and compare active versus passive and explain them. These examples of attacks are from pictures from the textbook. And in a communication system, we have someone wanting to communicate data to someone else. So Bob wants to send data to Alice in this example. Bob and Alice are normal users of our communication system. So in this picture, this cloud represents our communications network. It's called a communications facility here. So the normal situation is in this case, Bob sends a message to Alice. If there's no attack, then that's all that happens. Bob sends a message to Alice. Let's say Bob wants to keep that message secret or private or confidential. Bob's sending a message to Alice and he doesn't want anyone else but Alice to see that message. Then an attack on that form of communications, if there's another user, a Darth in this case, our malicious user, the attacker, that somehow gets a copy of the message that Bob sends to Alice and is able to read the contents of that message. That is an attack on the communication system and the name here is just releasing the message contents. That is, the contents of the message Bob sends to Alice is released to someone who shouldn't have it. And this is a common attack that people think of in security. That is, we want to keep information confidential. Such an attack makes the confidential information public or available to those that shouldn't have it. How do we stop such an attack? What mechanism do you think we have that we can stop such an attack? I'm sure you've heard of it. Again, I hear, all right, many answers, sorry. MD5 is what? Three letters, three letter acronym, a hash algorithm? No, we'll come back to a hash algorithm. We'll see it is used in some things. But it may be a simpler thing. I think you've heard of and you probably use it on a regular basis, but you may not see it. How do we keep messages secret? We encrypt them, okay? That's all, that is, we use encryption. A cipher is just the name of, is what we call an algorithm, an encryption algorithm or an encryption cipher. So if Bob wants to send a message to Alice across a network, such as the internet, then we normally assume that someone else may be able to see those messages being sent. Let's say my computer is Bob and Alice's computer is in the US. So when I send a message to Alice, then it travels through the SIT network, through the ISP inside Thailand to some ISP that connects to Japan and then across the Pacific to the US and so on. So my data travels through many other people's networks. I don't trust them. It's very easy for someone who owns and operates one of those networks to intercept the messages and see the contents of them. And in fact, if I send this through the SIT Wi-Fi, it'll be very easy for you to sit here on your laptop or even mobile phone and intercept my message as I send it to the US. So if Bob normally sends a message to Alice, then it's very easy for someone to intercept the message and get a copy of the message. So the way that we try to prevent such an attack is that before Bob sends the message, he encrypts the message and then sends the encrypted version of that message. Alice receives the encrypted version and Alice decrypts the message. And to decrypt, she must have some key. So there's some key that Alice needs to know which usually Bob knows as well. So Bob and Alice have a shared secret key. Bob encrypts, sends to Alice, Alice decrypts and gets the original message back. Darth intercepts the encrypted message. Even though he can see the encrypted message, he cannot see the contents, the original message, unless he can decrypt that message. And to decrypt, he needs the key. So that's what encryption relies on, is making it hard to be able to decrypt a message without having the key and then making sure that Darth cannot get the key. We'll spend several topics going through how encryption works. So that's one of the mechanisms and a very common mechanism used in computer security is encryption. At this stage, we're just looking at some of the attacks. Let's say that Bob does encrypt his messages. He's got an encryption algorithm. Before he sends them, he encrypts them and Alice can decrypt, Darth cannot. So then we prevent such an attack of releasing the message contents. But there's another type of attack that can occur called traffic analysis. In this case, Bob and Alice are not married. And late at night, Bob sending messages to Alice, someone else's wife. And he shouldn't be, okay? He doesn't want other people, both of them don't want other people to know that they're communicating late at night, okay? And they're smart. They encrypt their messages so that no one else can see that there are some love messages between Bob and Alice. But Darth still intercepts the messages. Maybe Darth is the husband of Alice. He intercepts the messages and he cannot see the contents. So he doesn't know what Bob and Alice are communicating. But he can realize that they are communicating at a particular point in time. And sometimes that's enough to be useful for an attack. To not realize what the contents are, but to realize that two entities are communicating at a particular point in time and maybe with a particular pattern. That is, every Saturday night they send a bunch of messages between each other. Or maybe from a different example, a law enforcement agency is Darth, a police force or some other agency. They are monitoring communications between some criminals. Those messages are encrypted so they cannot see what the criminals are communicating. But they can at least know that they are communicating. And maybe the pattern of communications leads to them working out that some other things are going to happen. Maybe a terrorist attack is going to happen in the future based on an increased frequency of messages between those people. So analyzing the communications without seeing the contents is also an attack. Encryption doesn't stop that. How do we stop that? How could your Bob or Alice, okay, what could you do such that Darth cannot work out any patterns of your behavior based upon your communications? How would you hide the patterns of your behavior from someone who can easily monitor the communications? Encryption doesn't help. Encryption, Darth can't read the contents but he can still see you're communicating at midnight or you're sending a thousand messages between a person that you shouldn't be. How can we hide that or stop that? Maybe I gave it away. You want to somehow hide the pattern of your communications. So assuming someone can monitor maybe you want to send some fake messages at different points in time to hide the patterns. So instead of sending thousands of messages every Saturday night, make some pattern of communications that spreads the messages over time. So it's harder for the observer to observe any pattern in the communications. So there are some ways to try and hide the communications by introducing some extra messages or introducing some delay in your communications. Do not send the messages instantaneously that have them delayed over time. So that's a second form of attack. Consider both of these attacks. Look at the picture. Let's assume there was no attack. In this case, Darth wasn't there then the normal communications is that Bob sends a message to Alice. Let's say Bob sends one message Alice receives one message if there was no attack. So the normal users Bob sends a message Alice receives a message. When there is an attack Bob sends one message Alice receives one message. Nothing changes from Bob and Alice's perspective whether there's an attack or not. And that's what we call a passive attack. From the perspective of the system of the normal users, the normal communications network when we introduce the attack nothing changes compared to the normal operation. With the attack Bob sends one message Alice receives one message. Without the attack it's exactly the same. So the attack doesn't change the system operation. So we call that a passive attack. It's the same in this case. Let's say Bob sends 10 messages to Alice in the case of no attack. Bob sends 10 messages Alice receives 10 messages. If there is an attack it's the same. Bob and Alice send and receive the same number of messages. It's just that Darth also receives them. So the attack doesn't modify the system operation or the system resources. These two are passive attacks. The next four are active attacks. You'll see that when the attack takes place the normal behavior is different from the perspective of Bob and Alice. Masquerade. What does it mean? Masquerade. Mask to pretend to pretend to be someone else. In this case. To mask yourself or to pretend to be someone else in terms of network security. So this is an attack. Alice is the works in the accounting office and does the pay slips for everyone. And Bob is the employee and sorry, Bob is the director of SIT and he issues commands to Alice to increase Steve's pay by 10,000 baht per month or to decrease if I do a bad job. So normally Bob sends an email to Alice saying at the end of the month whose salary to increase and decrease and when Alice receives that she changes the amount you get paid. Darth pretends to be Bob and sends an email to Alice saying I am the director. Please increase the salary of Darth by 100,000 baht. So this is one user, Darth, the malicious user pretending to be Bob. Darth sends a message to Alice setting the source address to be that of Bob. Alice receives the message thinks okay, the email is from Bob therefore I should increase the salary of Darth by 100,000 baht. Darth pretends to be someone else and performs an attack on the system. Any questions about a masquerade attack? How do we stop it? We can't really stop it. We cannot prevent someone from sending out a message in our network normally but we can detect. How can we detect it? Alice, let's say it's an email. Alice receives an email. I don't have a demo today, maybe next lecture. It's very easy to fake the source address of an email. That is I send an email and say from Tanara and you receive it and it's from Tanara. And for most people it looks in the email client it will say from Tanara at SIT. It's very easy to fake the source address of an email. So in that case we can't really prevent someone from sending fake messages. What we need to do is make it easy for Alice to detect when Alice receives a message she needs a way to be able to check is this message really from Bob or is it from someone pretending to be Bob? We need to somehow authenticate the sender of that message. And probably after the midterm we'll look at some mechanisms for doing that. We'll start to introduce hash algorithms, message authentication codes and digital signatures we'll arrive at. That is the source really needs to sign the message. In the same way with a piece of paper you sign the message give it to someone and they know it's from you because the signature acts as some proof it's from you. Well we need that in computer systems as well that someone can create a message sign it such that when the receiver receives it they can verify the signature to prove that it did come from the original source not from someone else. So we'll see the mechanisms of digital signatures and related techniques in this course. It's an active attack what if there was a no attack? How many messages does Bob send if there was no attack here? Not nothing he sends nothing no messages. And of course Alice doesn't receive a message if there was no attack. But the introduction of the attack in this case means Alice receives one message. That's we say we've altered the system behaviour this is an active attack something changes because of the attack. And there's a famous comic on the internet nobody knows you're a dog because when you're communicating with someone on the internet there's generally no built in authentication mechanisms. There's no way normally with the normal internet protocols to confirm that the message that you're receiving from someone is who they say they are. Let's keep going through the next three replay attack. Bob is the director of SIT. Again he sends a message to Alice increase the salary of Darth by 10,000 baht. Fine that's an intended message. Darth did some good work increase the salary of Darth by 10,000 baht Alice who works in the finance office increases his salary for that month. That was normal operation. But Darth intercepted that message and took a copy. And next month Darth takes that copied message and sends it on to Alice. The message was signed by Bob the director. What Darth did was took a copy and replayed that same message some time later. So the next month Alice receives a message it's from Bob it's got Bob's signature Alice confirms it's from Bob saying increase the salary of Darth by 10,000 baht so now in the next month he gets a second salary increase. This is a replay attack where the attacker intercepts a message a valid message and some time later replays that message to achieve some goal which is breaking the system. So sending a valid message at some time later is a replay attack. How do we stop it? Again you can't stop replays normally that is it's easy for someone to intercept and you can't stop them from sending again we need some way for Alice to detect that the first message was the original, the valid one the second replayed message is just a copy of the original one let's ignore it. We could use some sequence number if we receive two messages which have the same sequence number ignore the second one or some time stamp I receive the message and inside that message contains today's date one month later I receive that same message for the date from one month ago ignore that because it's too old it becomes invalid after some time so we'll see some mechanisms that deal with stopping replay attacks modification Bob sends a message decrease Darth's salary by 10,000 baht before that message gets to Alice Darth intercepts changes the word or the letters D DE to IN from decrease to increase and forwards the message on to Alice Alice receives it and increases the salary so this is modifying the message along the way Darth must intercept it's different from before where they intercepted but the original travelled through to the destination to intercept and make sure the original doesn't get to Alice and then modify and send on to Alice again an active attack why is it active what's changed the contents has changed if there was no attack Bob sends a message decrease the salary Alice would receive a message decrease the salary Bob sends a message decrease the salary Alice receives a message increase the salary something has changed the message has changed in this case we call that an active attack last one denial of service Alice has disappeared Alice is a computer server a website for example Bob normally accesses that website to get his job done accesses the server to do things the service users does some things to overload the server maybe he sends many messages to the server so fast that the server overloads and it cannot process any messages from Bob as a result Bob can't do his normal job this is a denial of service attack it's an attack that denies the normal users access to the service or the server how do we stop that it turns out it's very very easy to perform denial of service attacks and quite difficult to stop it without disrupting the normal users let's just jump back to this summary of passive and active so passive we make use of information sent but we don't change the system resources we intercept and look at the message contents but we do not change the message or we do not generate new messages traffic analysis we just observe the messages being sent the frequency the timing passive attacks are hard to detect Bob and Alice are communicating it's hard for them to know that Darth is listening in and intercepting it's very hard to detect but quite easy to prevent by using encryption or adding some extra messages to hide the behavior passive attacks change the system resources or the system operation they are hard to prevent that is it's hard to stop someone to send messages but easier than the passive attacks to detect so there's trade or there's differences in terms of prevention and detection so usually we try to prevent passive attacks and detect active attacks any questions on attacks so broad classification of the main types of attacks in computer networks and also relevant for most computer systems in general I will sometimes use the word I will not use Darth very often but we'll talk about the attacker or the malicious user what other words do we hear for someone who does this a hacker a hacker is commonly used to refer to someone as the attacker but unfortunately the word hacker has other meanings some nicer meanings a hacker can be someone who plays with hardware to build new things out of existing things so sometimes we avoid the word hacker but an attacker malicious user they don't need to be a bad person it could be some law enforcement agencies some police force for example detect and stop crimes just because they are the attacker or malicious user doesn't necessarily mean they are the bad person in the world but just with respect to the communications they are doing something to perform an attack so there are different types of attacks possible we've mentioned some mechanisms encryption digital signatures and there are other mechanisms some of those mechanisms come together to provide services there are a couple of definitions but I'll go direct to the third point here security services implement security policies and are implemented by security mechanisms so what that means is we use different security mechanisms to provide a service to our users and that service is provided to achieve some policy and the policy is usually from some organization so the policy for SIT may be that no one can see the grades of no student can see the grades of any other student that could be the policy of the organization that every student's grades should be confidential to that student other students shouldn't be able to see them so that could be the policy so we look at what security services do we need to implement that policy and the next slide will list the security services and those security services will implement using mechanisms in this course we will not talk too much about policies we'll go direct to the services and then more details about the mechanisms there are different types of services or different classification services which are commonly used to talk about what we try to offer our users in securing a computer system some people have different names for them but we will use these in this course and you will remember them because there will be quiz questions about them they're important these are the things that we want to provide our users if we operate a computer system authentication we want some means for assuring that the person we're communicating with is who they say they are so we saw there's an attack if someone sends me a message if they pretend to be someone else I need some way to check that they are who they say they are that service is called authentication more precisely we can talk about peer entity authentication so when we're communicating between two entities they appear with each other so when someone sends a message to one entity that entity wants to authenticate the other peer in the communications the other entity sometimes we'd like to also authenticate the data the data origin that the data we don't care who it came from that the data is correct came from valid origin what's an example an example of data origin authentication is that some emergency systems are deployed such that when there's an earthquake the monitoring devices send out a message to people to say there's an earthquake here and maybe that means there's a tsunami coming so you can evacuate so there are computing devices so in the sea and monitoring when they detect the earthquake they automatically send a message when we receive such a message we'd like to authenticate that that's correct data we'd like to authenticate that it's not fake data that it's true data it's not some data that's made up that causes us to evacuate when we don't need to evacuate so sometimes we'd like to authenticate the data that it came from a valid source another service we'd often like to provide in both computers and also computer networks is access control our computers have resources that we provide to users we want to control who can access those resources so we prevent unauthorized use of resources for example we have a website and some parts of that website are public to everyone but some parts of that website should be private and you need to log in to access that part of the website the mechanisms to protect that part of the website is called access control you use it commonly on computers access control on files access control on different features in the computer networks it's commonly commonly implemented by firewalls a firewall controls who can access a particular network so that's a common service needed data confidentiality of course is quite common we need to be able to protect the data from unauthorized disclosure that is often we want to make sure that no one else can see our data keep it confidential that's a common one for related data integrity we want to be able to make sure that the data that we receive is exactly as the source sent it it's not modified along the way it means we maintain the integrity of the data availability jumping to number six making sure the system is accessible and available to the people who should be using it so if it's a website that's used for registration inside SIT then it needs to be available during the registration period so all the students can register on time if for some form of an attack it means the registration website is not available during last week then there will be some severe disruptions in SIT so availability is the service that we want to provide it's to stop denial of service attacks number five non-repudiation this is the service of trying to stop people from denying communications took place consider we're using our computer network to perform financial transactions exchange money or pay for things so what happens when you go into a shop and you buy something how do you prove that you bought that or you've paid your money for a receipt you give them money they give you a receipt and you can use that receipt as a form of proof to say that you've actually paid for this object that you're taking we often want similar services in computer networks we perform some transaction we send a message we'd like to be able to later prove to others that that message was actually sent or from the other entity's perspective that the message was received for example you need to submit your assignment by email to me so you send the assignment to me I don't get it or even worse I'm a nasty teacher and I say I don't like you I didn't get your assignment I'm going to give you a zero what do you do you need some way to prove that you did send it so we'd like some way to prove that you did send it or the other way you send you send what do we want the opposite direction you want to be able to prove that you received a message some proof that you've received a message is the other thing so non-repudiation is this service of trying to protect people or protect against denial of communications make it hard for someone to say no I didn't receive it or no I didn't send it that's what non-repudiation is about security mechanisms we use the mechanisms to try to implement these services and such that we prevent the attacks so we use mechanisms to implement services such that the attacks can all take place there are many types of mechanisms there's no one mechanism that provides all six services so we need a combination most mechanisms make use of cryptography the title of this course includes cryptography and the next topic and several topics following that we'll look at what is cryptography cryptographic techniques this lists a few examples of mechanisms but maybe the next table is a nice summary and nice place to almost finish in the rows we see in this case there are eight services it splits some of them out so authentication is split into two different services authentication of the peer and the authentication of the data origin and confidentiality is split into two confidentiality of the data stopping the release of the message contents and traffic flow confidentiality is stopping traffic analysis even if someone cannot see my messages they can still analyze my traffic so traffic flow confidentiality is trying to make it such that someone cannot analyze my traffic so they come together the column shows some common mechanisms used to implement those services so to provide confidentiality we commonly use what's called an encipherment or we usually just call encryption we encipher the data or we encrypt the data to provide authentication we may use a combination of mechanisms we use encryption or encipherment digital signatures which we need to explain in this course and maybe some exchange of messages to authenticate the user we'll see that there are mechanisms called data integrity which use encryption techniques and cryptographic techniques so in this course we're going to go through really the cryptographic techniques to implement most of these mechanisms these mechanisms then come together to implement these services that we want to provide our users questions so key points from this topic CIA attacks services we haven't really got into the mechanisms yet we've mentioned some but I will not ask you in the quiz what are all the mechanisms but what are the services what are the attacks passive versus active and these general concepts of confidentiality, integrity and availability are important we're moving to cryptography and the way that we study cryptography in this course is that there are many complex algorithms to encrypt information very hard to cover those algorithms but they are based upon some principles that have been around for a long time so the first part will we look at the old ciphers the old algorithms for encrypting information old starting from several thousand years old Caesar cipher and then progressed through some old nowadays they are ineffective ciphers with computers they are very weak but they demonstrate different principles of how do we encrypt data and we'll finish today with an example which will set us up for next lecture here's some encrypted data find the original data this is a simple cipher it's based on what's called the Caesar cipher where we shift the letters so we call this it's not easy to solve quickly but I think with a little bit of thought you will we call this this is the encrypted data we'll give it the name ciphertext we'll see this to find next topic cipher, a cipher is an algorithm for encrypting and similarly decrypting so the encrypted form of our message is called ciphertext in this case it's k-h-o-o-r and to get this ciphertext I started with some plaintext we'll find that in a moment the plaintext is the original message unencrypted we encrypt it and we get ciphertext and the most common form of encryption algorithms the way that they work is that we take an algorithm called a cipher and in this case the cipher we used is what's called the Caesar cipher I always spell it wrong based on Julius Caesar one of the Roman emperors and we take the plaintext we apply an algorithm the algorithm is called the cipher in this case it's the Caesar cipher and combine the plaintext and a key a secret key and the key is secret if you know the key you can decrypt if you don't know the key you cannot decrypt well that's the idea of encryption in this case the cipher is not so good that even if you don't know the key I think you may be able to find what the plaintext was so the cipher is the Caesar cipher you may not know what it is yet you will next lecture some of you do the ciphertext is k-h-o-o-r your challenge as the attacker is two things find the plaintext even better find the key because if you know the key you can find the plaintext and the Caesar cipher is a cipher if we think of the English alphabet A through to Z where the key determines the number of places we shift the character by to get the ciphertext for example if the key is 3 the letter A as plaintext is encrypted to get the letter A to B to C to D the letter D is ciphertext we shift A 3 positions to the right and we get D so the output would be D as ciphertext so I will not ask you to guess the key how many possible keys are there so the Caesar cipher English alphabet 26 letters if we have a shift of 0 plaintext letter of A becomes ciphertext letter of A so if my message was security and I encrypt it with a key of 0 the ciphertext is security it's not so good encryption but if I have a key of 1 it means the S in security is encrypted and shifted to the letter T E in security shifted one position to F T, F and so on so the number of possible keys is 26 in this case one of them is not so good 0 the key in this case is 4 from memory now I find this plaintext shifting up is for encryption so encryption takes say the letter A and if we shift by 4 positions produces the letter E we move to the right shift up so decryption should be the other way I think I've made a mistake the key wasn't 4 it was 3 sorry because if you decrypt it doesn't make much sense but it's 3 so be careful you want to decrypt not encrypt encrypt takes a letter let's say A a shift of 3 produces ciphertext of A goes to B C D we go to the right decryption goes backwards K H O O R and a quick helper maybe just so you can remember the alphabet but the numbers makes a little bit easier we had K a shift of 3 positions mean the input must have been H if we start with H and shift it to the right 3 positions we get K therefore if we start with a ciphertext K to get the original plaintext we must shift back the opposite direction to get H so K decrypts to H H decrypts to E we had K H O O decrypts to L and we had R decrypts to O hello we'll see that the challenge of the attacker is given some ciphertext given the cipher find the key and or the plaintext with encryption we assume the attacker will know the ciphertext the encrypted form we also assume that they know the algorithm used it's usually the practice that the algorithm is known to everyone so the attacker knows it was Caesar cipher we have K H O O R the attacker has 2 challenges given that find the key and or the plaintext if you find the key you can easily find the plaintext if you find the plaintext sometimes you can get back to the key but not always for different algorithms so what we'll do on Friday Friday we will look at ciphers similar to this very simple ones with some examples to start to demonstrate the concepts of encryption