Transcript Lecture 4 - Rabie A. Ramadan

Computer and Network Security
Rabie A. Ramadan
Lecture 4
Table of Contents

•
•
•
Mathematics of cryptography
Groups
Rings
Polynomials
2
Mathematics of Cryptography
3
Groups

A group G is a set of elements with a binary operation
that satisfies four properties:

Closure : if a and b are elements of G , then c = a
is also an element of G

Associatively : if a, b , and c are elements of G , then
(a b) c = a
(b
c)
b
4
Groups (Cont.)

Existence of Identity : for all a in G , there exists an
element e , called the identity element , such that
e
a = a e = a
Existence of Inverse : for each a in G , there exists an a
, called the inverse of
a , such that
a
a = a a = e
An Commutative or Abelian group is a group that satisfies
Commutativity property

Commutativity : for all a and b in G a b = b
a

5
Group Activity

Given the following group , is it abelian group?
G = <{a,b,c,d} , >
a
b
c
d
a
a
b
c
d
b
b
c
d
a
c
c
d
a
b
d
d
a
b
c
6
Answer

Yes it is an abelian group

Closure



•
•
•
•
•

•
Applying the operation on any element ,
results an element in the group.
Associativity
a
b
c
d
a
a
b
c
d
b
b
c
d
a
c
c
d
a
b
d
d
a
b
c
Check the combination of any 3 elements
(a
b)
c= a (b
c) = d
Commutative
a
b =
b
a
Identity element is a
Using it with any element gives the same element
Inverse
Each element has an inverse  e.g. (a , a), (b, d), (c , c)
7
Groups (Cont.)


•
•

•
•
•
Finite Group
If it has a finite number of elements
Order of a group |G|
Number of elements in the group
Subgroups
A subset H is a subgroup of G if H is a group with respect to G
The two groups must be under the same operations
Both H and G will have the same properties
8
Cyclic Group

Define exponentiation as repeated
application of operator
• example:

a3 = a.a.a
a is said to be a generator of the group
Ring

A set of “numbers” with two operations (addition and
multiplication) which are:

An Abelian group with addition operation

Multiplication:
• has closure
• is associative
• distributive over addition:

a(b+c) = ab + ac
If multiplication operation is commutative, it forms a
commutative ring
Field

A set of numbers with two operations:
• abelian group for addition
• abelian group for multiplication (ignoring 0)
• ring
Galois Fields(Cont.)






finite fields play a key role in cryptography
can show number of elements in a finite field must be a power of a
prime pn
known as Galois fields
denoted GF(pn)
in particular often use the fields:
• GF(p)
• GF(2n)
Hence arithmetic is “well-behaved” and can do addition,
subtraction, multiplication, and division without leaving the
field GF(p)
12
GF(2n )

The elements in the set is n-bit words

Example
•
GF(23)  the set is {000, 001,010, 011, 100, 101, 110, 111}
13
GF(p)



•
{0,1}
The field includes the set  Z = {0,1,2,3,4,…,p-1}
Addition/Subtraction
is the same as XOR operations
Operations
 Add / Subtract
Multiplication/Division is the same as AND operations
E.g.
GF(2)
+ X
+
0
1
x
0
1
0
0
1
0
0
0
1
1
0
1
0
1
a
0
1
a
0
1
-a
1
0
a-1 -
1
14
Group Activity
Show a GF(7) using multiply operation?
X
0
1
2
3
4
5
6
0
1
2
3
4
5
6
15
Example GF(7)
Modular Arithmetic


•
•
We care about the reminder of a given operation
An operation
a =qxn + r
a and n (modulus) are inputs, q is quotient , and r is the residue
Z = {…., -2,-1, 0, 1, 2, …..}
a
n
mod
r (nonnegative)
17
Example



•
•
•
•
•
25 mod 3
a =25 and n = 3
Divide a by n and get the reminder  r = 1
-7 mod 10
a = -7 and n = 10
Divide -7 by 10  r = -7
Add the modulus (n= 10) to remove the negative sign  -7 + 10 =
3  r =3
The result of a mod n is always nonnegative number less than n
18
Set of Residues Zn

Modulo operation creates a set with numbers always less than n

The output of a mod operation for a number n must fall in the
set

E.g.
•
•
•
Z2 = { 0, 1}
Z5 = {0,1,2,3,4}
Z11 = {0,1,2,3,4,5,6,7,8, 9,10}
19
Congruence


It is the same as the equality

Using mod , we can get an infinite number of residue
when we map Z to Zn

E.g.
•
•
2 mod 10 = 2
 12 mod 10  22 mod 2
2 , 12, 22 are congruent of mod 10
20
Residue Classes

Residue class [a] or [a]n
Set of all integers such that x =a (mod n)

E.g. If n = 5

•
•
•
•
[0] = {.., -15, -10 , -5, 0, 5, 10,15,…}
[1] = {…., -14, -9, -4, 1, 6, 11, 16,...}
..
[4] = {.., -11, -6, -1, 4, 9, 14, 19,…}
21
Operations on Zn

(a + b) mod n = [ (a mod n) + b mod n)] mod n

(a - b) mod n = [ (a mod n) - b mod n)] mod n

(a x b ) mod n = [ (a mod n) x (b mod n ) ] mod n
22
Group Activity


•
•
•
•
•
•
Find :
10 mod 3
102 mod 3
103 mod 3
Answer
10 mod 3 = 1
102 mod 3 = [10 mod 3 X 10 mod 3] mod 3
103 mod 3 = [ 10 mod 3 X 10 mod 3 X 10 mod 3] mod 3
Then 10n mod 3 = (10 mod 3) n mod 3
 an
mod x = ( a mod x) n mod x
23
Group Activity

Draw a table that shows the addition Modulo 8?
24
Modulo 8
Inverses

Additive inverse
Multiplicative inverse

In Z (Integer Numbers )

•
•

•
•
a + b = 0 , b is the additive inverse of a and a is the inverse of b
a X b = 1, b is the multiplicative inverse of a and a is the inverse of
b
In Zn (Modulo )
a + b = 0 (mod n)  Simply : b = n – a
a X b = 1 (mod n)  Simply : (a X b) mod n = 1
26
Inverses (Cont. )

•
•
•
•
•
Examples:
Find the additive inverse of 4 in Z10?  find b?
b = n – a = 10 – 4 = 6
•
Find all additive inverse of Z10 ?
(0,0), (1, 9), (2, 8), (3,7) , (4, 6),..
•
Find the multiplicative inverse of 8 in Z10?
(a X 8) mod 10 = 1  no multiplicative inverse can be found
•
Find all multiplicative inverse of Z10 ?
(1,1), (3, 7), and (9, 9)
27
The greatest common divisor



The greatest common divisor (gcd) of two non-zero
integers, is :
The largest positive integer that divides both numbers
without remainder
gcd(42, 56)=14 where
28
Euclid's GCD Algorithm


An efficient way to find the GCD(a,b)
Uses theorem that:
• GCD(a,b) = GCD(b, a mod b)
•

GCD(55,22)= GCD(22,55 mod 22)= GCD (22,11) = 11
Euclid's Algorithm to compute GCD(a,b):
• A=a, B=b
• while B>0
• R = A mod B
• A = B, B = R
• return A
29
Example GCD(1970,1066)
1970 = 1 x 1066 + 904
1066 = 1 x 904 + 162
904 = 5 x 162 + 94
162 = 1 x 94 + 68
94 = 1 x 68 + 26
68 = 2 x 26 + 16
26 = 1 x 16 + 10
16 = 1 x 10 + 6
10 = 1 x 6 + 4
6 = 1 x 4 + 2
4 = 2 x 2 + 0

gcd(1066, 904)
gcd(904, 162)
gcd(162, 94)
gcd(94, 68)
gcd(68, 26)
gcd(26, 16)
gcd(16, 10)
gcd(10, 6)
gcd(6, 4)
gcd(4, 2)
gcd(2, 0)
gcd(1970, 1066) = 2
30
Polynomial Arithmetic

Can compute using polynomials

Several alternatives available
• ordinary polynomial arithmetic
• poly arithmetic with coords mod p
• poly arithmetic with coords mod p and polynomials
mod M(x)
Ordinary Polynomial Arithmetic



add or subtract corresponding coefficients
multiply all terms by each other
eg
• let f(x) = x3 + x2 + 2 and g(x) = x2 – x + 1
f(x) + g(x) = x3 + 2x2 – x + 3
f(x) – g(x) = x3 + x + 1
f(x) x g(x) = x5 + 3x2 – 2x + 2
Polynomial Arithmetic with
Modulo Coefficients



when computing value of each coefficient do
calculation modulo some value
could be modulo any prime
but we are most interested in mod 2
• ie all coefficients are 0 or 1
• eg. let f(x) = x3 + x2 and g(x) = x2 + x + 1
f(x) + g(x) = x3 + x + 1
f(x) x g(x) = x5 + x2
Modular Polynomial Arithmetic

can write any polynomial in the form:

if have no remainder say g(x) divides f(x)
if g(x) has no divisors other than itself & 1
say it is irreducible (or prime) polynomial
arithmetic modulo an irreducible polynomial
forms a field


• f(x) = q(x) g(x) + r(x)
• can interpret r(x) as being a remainder
• r(x) = f(x) mod g(x)
Modular Polynomial Arithmetic

can compute in field GF(2n)
• polynomials with coefficients modulo 2
• whose degree is less than n
• hence must reduce modulo an irreducible poly of
degree n (for multiplication only)

form a finite field
Example GF(23)
Group Activity

Find the results of (x5+x2+x) * x7+x4+x3+x2+x
in GF(28) with irreducible polynomial
x8+x4+x3+x+1
Answer


Multiply the two polynomials
• (x5+x2+x) * x7+x4+x3+x2+x = x5 * (x7+x4+x3+x2+x ) + x2 *
(x7+x4+x3+x2+x ) + x * (x7+x4+x3+x2+x ) = (x12+x7+x2)
Get the results of
• (x12+x7+x2) mod (x8+x4+x3+x+1) = (x5+x3+x2+x+1)
x4 1
x 8  x 4  x 3  x  1 x12  x 7  x 2
x12  x 8  x 7  x 5  x 4
x8  x 5  x 4  x 2
x8  x 4  x 3  x  1
Re mainder x 5  x 3  x 2  x  1
Group Activity

3DES (Tripple Data Encryption Standard) is
based on which of the following?
• A.
• B.
• C.
• D.
Hashing algorithm
Symmetric key-based algorithm
Asymmetric key-based algorithm
None of these
Viruses, Worms, Zombies, and
others
40
What is Computer Security?
41
What is Computer Security?

Computer Security is the protection of
computing systems and the data that they
store or access
42
Why is Computer Security
Important?

Computer Security allows the
University to carry out its mission by:
• Enabling people to carry out their jobs,
education, and research.
• Supporting critical business processes
• Protecting personal and sensitive
information
43
Why do I need to learn about
Computer Security?
Isn’t this just an IT Problem?
44

Good Security Standards follow the “90 /
10” Rule:
• 10% of security safeguards are technical
• 90% of security safeguards rely on the
computer user (“YOU”) to adhere to good
computing practices
45
What Does This Mean for Me?

This means that everyone who uses a computer
or mobile device needs to understand how to
keep their computer, device and data secure.
•
Information Technology Security is everyone’s
responsibility
46
What’s at Stake?
Kinds of damage caused by insecurity
• Nuisance: spam, …
• Data erased, corrupted, or held hostage
• Valuable information stolen
•
(credit card numbers, trade secrets, etc.)
Services made unavailable
(email and web site outages, lost business)
47
Breaking into a Computer
48
Breaking into a Computer
What?
• Run unauthorized software
How?
• Trick the user into running bad software
•
(“social engineering”)
Exploit software bugs to run bad software
without the user’s help
49
Example of “social engineering”:
Trojan Horse
CoolScreenSaver.exe
50
Viruses and Worms

Automated ways of breaking in;
Use self-replicating programs

(Recall self-replicating programs:
Print the following line twice, the second time
in quotes. “Print the following line twice, the
second time in quotes.” )
51
Computer Viruses

Self-replicating programs that spread by
infecting other programs or data files
Cool
Screen
Saver
Notepad
Solitaire
Paint
Payload

Must fool users into opening the infected file
52
Email Viruses




Infected program, screen saver, or Word document
launches virus when opened
Use social engineering to entice you to open the
virus attachment
Self-spreading: after you open it, automatically
emails copies to everyone
in your address book
Other forms of social engineering: downloadable
software/games, P2P software, etc.
53
The Melissa Virus (1999)





Social engineering: Email says attachment
contains porn site passwords
Self-spreading: Random 50 people from
address book
Traffic forced shutdown of many email
servers
$80 million damage
20 months and $5000 fine
David L. Smith
Aberdeen, NJ
54
Computer Worms

Self-replicating programs like viruses, except exploit
security holes in OS (e.g., bugs in networking
software) to spread on their own without human
intervention
Payload
Payload
Payload
55
Robert Tappan Morris






First Internet worm
Created by student at Cornell
Exploited holes in email
servers, other programs
Infected ~10% of the net
Spawned multiple copies,
crippling infected servers
Sentenced to 3 years
probation, $10,000 fine, 400
hours community service
Robert Tappan Morris
56
“Can we just develop software
to detect a virus/worm?”
[Adleman’88] This task is undecidable.
(so no software can work with 100% guarantee)
Current methods:
(i) Look for snippets of known virus programs on hard
drive
(ii) maintain log of activities such as network requests,
read/writes to hard-drive and look for “suspicious” trends
(iii) look for changes to OS code.
No real guarantee
57
Spyware/Adware
Hidden but not
self-replicating
 Tracks web
activity for
marketing,
shows popup
ads, etc.
 Usually written
by businesses:
Legal gray area

58
Zombies
Attacker’s
Program
Bot
Bot program runs silently in the background,
awaiting instructions from the attacker
59
Can we stop computer crime?
Probably not!
 Wild West nature of the Internet
 Software will always have bugs
 Rapid exponential spread of attacks
But we can take steps to reduce risks…
60
Protecting Your Computer
Six easy things you can do…






Keep your software up-to-date
Use safe programs to surf the ‘net
Run anti-virus and anti-spyware regularly
Add an external firewall
Back up your data
Learn to be “street smart” online
61
Keep Software Up-to-Date
Use Safe Software to Go Online
Firefox
(web browser)
Thunderbird
(email)
Anti-virus / Anti-spyware Scans
Symantec Antivirus
(Free from OIT)
Spybot Search & Destroy
(Free download)
Add an External Firewall
Provides layered security
(think: castle walls, moat)
(Recent operating systems have built-in firewall features)
Back Up Your Data
Tivoli Storage Manager
(Free from OIT)
Learn Online “Street Smarts”

Be aware of your surroundings

Don’t accept candy from strangers
• Is the web site being spoofed?
• How do you know an attachment or download isn’t a virus,
Trojan, or spyware?

Don’t believe everything you read
• Email may contain viruses or phishing attack – remember,
bad guys can forge email from your friends
Quiz: A hacked computer can be
used to… (select all that apply)
1.
2.
3.
4.
5.
6.
7.
8.
9.
Send spam and phishing emails.
Harvest and sell email addresses and passwords.
Illegally distribute music, movies and software.
Distribute child pornography.
Infect other systems.
Hide programs that launch attacks on other computers.
Record keystrokes and steal passwords.
Access restricted or personal information on your computer or other
systems that you have access to.
Generate large volumes of traffic, slowing down the entire system
68
Next time is an exam

Assignment
• Survey some of viruses and security incidents
•
that
ha been found in the last five years ?
69