THE OSI SECURITY ARCHITECTURE

The OSI security architecture is useful to managers as a way of organizing

the task of providing security.The OSI security architecture focuses on
security attacks, mechanisms, and services. These can be defined briefly as -

Security attack: Any action that compromises the security of information

owned by an organization.
Security mechanism: A process (or a device incorporating such a
process) that is designed to detect, prevent, or recover from a security
attack.
Security service: A processing or communication service that enhances
the security of the data processing systems and the information transfers of
an organization. The services are intended to counter security attacks, and
they make use of one or more security mechanisms to provide the service.

SECURITY ATTACKS

1.) A passive attack attempts to learn or make use of information from the
system but does not affect system resources.Two Types:
a)The release of message contents A telephone conversation, an
electronic mail message, and a transferred file may contain sensitive or
confidential information.

b)Traffic analysis: Even if we encrypt the message being shared still

the opponent may come to know about the pattern of communication
between sender and receiver by observing the pattern of these messages.
The opponent could determine the location and identity of communicating
hosts and could observe the frequency and length of messages being
exchanged.

Passive attacks are very difficult to detect, because they do not involve any
alteration of the data.However, it is feasible to prevent the success of these
attacks, usually by means of encryption.Thus, the emphasis in dealing with
passive attacks is on prevention rather than detection.

2.)An active attack attempts to alter system resources or affect their

operation.It is divided into four categories:

A masquerade takes place when one entity pretends to be a different

entity.Ex-enabling an authorized entity with few privileges to obtain extra
privileges by impersonating an entity that has those privileges.

Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect (Figure 1.3b).
Modification of messages simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce
an unauthorized effect (Figure 1.3c). For example, a message meaning Allow
John Smith to read confidential file accounts is modified to mean Allow Fred
Brown to read confidential file accounts.

The denial of service prevents or inhibits the normal use or management

of communications facilities (Figure 1.3d). This attack may have a specific
target; for example, an entity may suppress all messages directed to a
particular destination.

Security Services:
AUTHENTICATION
The assurance that the communicating entity is the one that it claims to be.
Peer Entity Authentication
Used in association with a logical connection to provide
confidence in the identity of the entities connected.
Data-Origin Authentication
In a connectionless transfer, provides assurance that the source
of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of a resource (i.e., this service controls
who can have access to a resource, under what conditions access can occur,
and what those accessing the resource are allowed to do).
DATA CONFIDENTIALITY
The protection of data from unauthorized disclosure.
Connection Confidentiality
The protection of all user data on a connection.
Connectionless Confidentiality
The protection of all user data in a single data block
Selective-Field Confidentiality
The confidentiality of selected fields within the user data on a
connection or in a single data block.
Traffic-Flow Confidentiality
The protection of the information that might be derived from
observation of traffic flows.
DATA INTEGRITY
The assurance that data received are exactly as sent by an authorized entity
(i.e., contain no modification, insertion, deletion, or replay).
Connection Integrity with Recovery
Provides for the integrity of all user data on a connection and detects
any modification, insertion, deletion, or replay of any data within an
entire data sequence, with recovery attempted.
 Connection Integrity without Recovery
As above, but provides only detection without recovery.
Selective-Field Connection Integrity
Provides for the integrity of selected fields within the user data of a
data block transferred over a connection and takes the form of
determination of whether the selected fields have been modified,
inserted, deleted, or replayed.
Connectionless Integrity
Provides for the integrity of a single connectionless data block and may
take the form of detection of data modification. Additionally, a limited
form of replay detection may be provided.
Selective-Field Connectionless Integrity
Provides for the integrity of selected fields within a single
connectionless data block; takes the form of determination of whether
the selected fields have been modified.
NONREPUDIATION
Provides protection against denial by one of the entities involved in
communication of having participated in all or part of the communication.
Nonrepudiation, Origin
Proof that the message was sent by the specified party.
Nonrepudiation, Destination
Proof that the message was received by the specified party.

Security Mechanisms:

1)SPECIFIC SECURITY MECHANISMS

May be incorporated into the appropriate protocol layer in order to provide
some of the OSI security services.
Encipherment
The use of mathematical algorithms to transform data into a form that is not
readily intelligible.The transformation and subsequent recovery of the data
depend on an algorithm and zero or more encryption keys.
Digital Signature
Data appended to, or a cryptographic transformation of, a data unit that
allows a recipient of the data unit to prove the source and integrity of the
data unit and
protect against forgery (e.g., by the recipient).
Access Control
A variety of mechanisms that enforce access rights to resources.
Data Integrity
A variety of mechanisms used to assure the integrity of a data unit or stream
of data units.
Authentication Exchange
A mechanism intended to ensure the identity of an entity by means of
information exchange.
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
Routing Control
Enables selection of particular physically secure routes for certain data and
allows routing changes, especially when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain

2)PERVASIVE SECURITY MECHANISMS

Mechanisms that are not specific to any particular OSI security service or
protocol layer.
Trusted Functionality
That which is perceived to be correct with respect to some criteria (e.g., as
established by a security policy).
Security Label
The marking bound to a resource (which may be a data unit) that names or
designates the security attributes of that resource.
Event Detection
Detection of security-relevant events.
Security Audit Trail
Data collected and potentially used to facilitate a security audit, which is an
independent review and examination of system records and activities.
Security Recovery
Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.

Encryption and Decryption:

Data that can be read and understood without any special measures is
called plaintext or cleartext.
The method of disguising plaintext in such a way as to hide its
substance is called encryption. Encrypting plaintext results in
unreadable gibberish called ciphertext.

Cryptograpgy:
Cryptography is the science of using mathematics to encrypt and decrypt
data. Cryptography enables you to store sensitive information or transmit it
across insecure networks (like the Internet) so that it cannot be read by
anyone except the intended recipient.

While cryptography is the science of securing data, cryptanalysis is the

science of analyzing and breaking secure communication.

How does cryptography work?

A cryptographic algorithm, or cipher, is a mathematical function used in the

encryption and decryption process. A cryptographic algorithm works in
combination with a key a word, number, or phrase to encrypt the
plaintext. The same plaintext encrypts to different ciphertext with different
keys. The security of encrypted data is entirely dependent on two things: the
strength of the cryptographic algorithm and the secrecy of the key.

Conventional cryptography

In conventional cryptography, also called secret-key or symmetric-key

encryption, one key is used both for encryption and decryption. eg.The
Data Encryption Standard (DES) is an example of a conventional
cryptosystem that is widely employed by the Federal Government. Figure 1-2
is an illustration of the conventional encryption process.

Figure 1-2. Conventional encryption

A substitution technique is one in which the letters of plaintext are replaced

by other letters or by numbers or symbols.1 If the plaintext is viewed as a sequence
of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit
patterns.
Caesar's Cipher

An extremely simple example of conventional cryptography is a substitution

cipher. A substitution cipher substitutes one piece of information for another.
This is most frequently done by offsetting letters of the alphabet. Two
examples are Captain Midnight's Secret Decoder Ring, which you may have
owned when you were a kid, and Julius Caesar's cipher. In both cases, the
algorithm is to offset the alphabet and the key is the number of characters to
offset it.
For example, if we encode the word "SECRET" using Caesar's key value of 3,
we offset the alphabet so that the 3rd letter down (D) begins the alphabet.

So starting with
ABCDEFGHIJKLMNOPQRSTUVWXYZ

and sliding everything up by 3, you get

DEFGHIJKLMNOPQRSTUVWXYZABC

where D=A, E=B, F=C, and so on.

Using this scheme, the plaintext, "SECRET" encrypts as "VHFUHW." To allow

someone else to read the ciphertext, you tell them that the key is 3.

Obviously, this is exceedingly weak cryptography by today's standards, but

hey, it worked for Caesar, and it illustrates how conventional cryptography
works.

Encryption C=(M+k)mod 26
Decryption M=(C-k)mod 26

where k is secret key

Cryptanalysis and Brute-force attack:

The objective of attacking an encryption system is to recover the key in use
rather than simply to recover the plaintext of a single ciphertext.There are
two general approaches to attacking a conventional encryption scheme:

1)Cryptanalysis: Cryptanalytic attacks rely on

nature of the algorithm
knowledge characteristics of the plaintext
sample plaintextciphertext pairs.
This attack attempts to deduce a specific plaintext or to deduce the key
being used.

2)Brute-force attack: The attacker tries every possible key on a piece of

ciphertext until an intelligible translation into plaintext is obtained. On
average, half of all possible keys must be tried to achieve success.

Cryptography have two techniquies:

1)Subsitution
a)Caesar cipher
b)Playfair
c)Hill Cipher
This encryption algorithm takes m successive plaintext letters and substitutes for
them m ciphertext letters. The substitution is determined by m linear equations in
which each character is assigned a numerical value.
d) Polyalphabetic Algo
2)Transposition
A transposition cipher is a method of encryption by which the positions
held by units of plaintext are shifted according to a regular system, so that
the ciphertext constitutes a permutation of the plaintext. That is, the
plaintext is reordered.
a bijective function is used on the characters' positions to encrypt
an inverse function to decrypt.

1)Rail Fence cipher

The Rail Fence cipher is a form of transposition cipher that gets its name
from the way in which it is encoded. In the rail fence cipher, the plaintext is
written downwards on successive "rails" of an imaginary fence, then moving
up when we get to the bottom. The message is then read off in rows. For
example, using three "rails" and a message of 'WE ARE DISCOVERED. FLEE
AT ONCE', the cipherer writes out:

W...E...C...R...L...T...E
.E.R.D.S.O.E.E.F.E.A.O.C.
..A...I...V...D...E...N..
Then reads off:

WECRL TEERD SOEEF EAOCA IVDEN

2)Columnar transposition
In a columnar transposition, the message is written out in rows of a fixed
length, and then read out again column by column, and the columns are
chosen in some scrambled order.

632415
WEARED
ISCOVE
REDFLE
EATONC
EQKJEU
Providing five nulls (QKJEU) at the end. The ciphertext is then read off as:

EVLNE ACDTK ESEAQ ROFOJ DEECU WIREE

In the irregular case, the columns are not completed by nulls:

632415
WEARED
ISCOVE
REDFLE
EATONC
E
This results in the following ciphertext:
EVLNA CDTES EAROF ODEEC WIREE

Confusion and Defusion:

Confusion and Diffusion are two properties of the operation of a secure
cipher which were identified by Claude Shannon
Confusion means that each character of the ciphertext should depend
on several parts of the key(relation b/w cipher text and key)
Confusion refers to making the relationship between the key and the
ciphertext as complex and as involved as possible
Diffusion means that if we change a character of the plaintext, then
several characters of the ciphertext should change, and similarly, if we
change a character of the ciphertext, then several characters of the
plaintext should change(relation b/w cipher text and plain text)
Diffusion refers to the property that redundancy in the statistics of the
plaintext is "dissipated" in the statistics of the ciphertext.

Steganography:
Two methods of hiding plain text
1)cryptography(encrypted)-shows the unintelligent message to the
world
2)steganography(strictly not encrypted)-hides the exiistence of
message
Steganography is the hiding of a secret message within an ordinary
message and the extraction of it at its destination.
Steganography takes cryptography a step farther by hiding an
encrypted message so that no one suspects it exists.
anyone scanning your data will fail to know it contains encrypted data.

eg the sequence of first letters of each word of the overall message spells out the
hidden message.
Hello how are you.where do you live.
message:HHAYWDYL

Disadvantage:requires a lot of overhead to hide a relatively few bits of information

This problem, too, can be overcome if the insertion method depends on some sort of
key.Alternatively, a message can be first encrypted and then hidden using steganography.

Fiestel Cipher:
Feistel cipher is a symmetric structure used in the construction of block ciphers.A large set
of block ciphers use the scheme, including the Data Encryption Standard (DES).

Block Cipher and Stream Cipher

The two most common types of encryption algorithm used in modern
cryptography are the block and stream ciphers.
The block cipher uses a deterministic algorithm that conducts
operations on fixed-length groupings of bits, or blocks. By using a
 transformation specified by a symmetric key, a block cipher is able to
encrypt bulk data, and is one of the basic components of many
cryptographic protocols in use today.
A stream cipher/bit cipher, on the other hand, takes plaintext
characters or digits and combines them with a pseudo random cipher
digit stream, or key stream.It includes one to one mapping of bits.

Key Generation

3 5 2 7 4 10 1 9 8 6
6 3 7 4 8 5 10 9
2 631 4 857
4 1232341

# In cryptography, the one-time pad (OTP) is an encryption technique

that cannot be cracked if used correctly. In this technique, a plaintext is
paired with a random secret key (also referred to as a one-time pad).
DES

The Data Encryption Standard (DES) is a symmetric key block cipher which
takes 64-bit plaintext and 56-bit key as an input and produces 64-bit cipher
text as output. The DES function is made up of P and S-boxes. P-boxes
transpose bits and S-boxes substitute bits to generate a cipher.
(Three Diagrams)
Strength- The strength of DES lies on two facts:

The use of 56-bit keys: 56-bit key is used in encryption, there are 2^55
possible keys. A brute force attack on such number of keys is
impractical.
The nature of algorithm: Cryptanalyst can perform cryptanalysis by
exploiting the characteristic of DES algorithm but no one has
succeeded in finding out the weakness.
timimg attack
Number of attacks
(Plaintext size=64bit)diffusion and confusion is made more
complex(Avalanche effect)

Weakness- Weakness has been found in the design of the cipher:

Two chosen input to an S-box can create the same output.

The purpose of initial and final permutation is not clear.

S-DES(Simplified DES)

a)Key Generation(1 Diagram)

b)The encryption algorithm involves five functions:
an initial permutation (IP);
a complex function labeled fK, which involves both permutation and
substitution operations and depends on a key input;
a simple permutation function that switches (SW) the two halves of
the data;
the function fK again;
finally a permutation function that is the inverse of the initial
permutation (IP1).
use k1,then k2-->for encryption
use k2,then k1-->for Decryption
(1 Diagram in Copy)