Classical Encryption Techniques

 

 

  • Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using the same key. It is also known as conventional encryption.
  • The two types of attack on an encryption algorithm are:
    • Cryptanalysis:
      • Based on properties of the encryption algorithm.
      • Some knowledge of the general characteristics of the plaintext or even some sample plaintext-ciphertext pairs.
    • Brute-force: involves trying all possible keys.
  • Traditional symmetric ciphers use:
    • Substitution techniques: map plaintext elements (characters, bits) into ciphertext elements.
    • Transposition techniques: systematically transpose the positions of plaintext elements.
  • Rotor machines are sophisticated precomputer hardware devices that use substitution techniques.
  • Steganography is a technique for hiding a secret message within a larger one in such a way that others cannot discern the presence or contents of the hidden message.
  • Cryptanalysis are
    techniques used for deciphering a message without any knowledge of the enciphering details.

  • Requirements for secure use of conventional encryption:
    • We need a strong encryption algorithm.
      • The opponent should be unable to decrypt ciphertext or discover the key even if he or she is in possession of a number of ciphertexts together with the plaintext that produced each ciphertext.
    • Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure.

  • Cryptographic systems are characterized along three independent dimensions:
    • The type of operations used for transforming plaintext to ciphertext (Substitution, Transposition).
      • Product systems, involve multiple stages of substitutions and transpositions.
    • The number of keys used.
      • If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption.
      • If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or public-key encryption.
    • The way in which the plaintext is processed.
      • Stream Cipher: symmetric encryption algorithm in which ciphertext output is produced bit-by-bit or byte-by-byte from a stream of plaintext input.
      • Block Cipher symmetric encryption algorithm in which a block of plaintext bits (typically 64 or 128) is transformed as a whole into a ciphertext block of the same length
  • Types of attacks on encrypted messages:
    • Ciphertext only:
      • Encryption algorithm.
      • Ciphertext.
    • Known plaintext:
      • Encryption algorithm.
      • Ciphertext.
      • One or more plaintext-ciphertext pairs formed with the secret key.
    • Chosen plaintext:
      • Encryption algorithm.
      • Ciphertext.
      • Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key.
    • Chosen ciphertext.
      • Encryption algorithm.
      • Ciphertext.
      • Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key.
    • Chosen text:
      • Encryption algorithm.
      • Ciphertext.
      • Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key.
      • Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key.
  • Generally, an encryption algorithm is designed to withstand a known-plaintext attack.
  • Encryption scheme types:
    • Unconditionally secure:
      • If the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available.
    • Conditionally secure.
  • All forms of cryptanalysis for symmetric encryption schemes are designed to exploit the fact that traces of structure or pattern in the plaintext may survive encryption and be discernible in the ciphertext.
  • Cryptanalysis for public-key schemes proceeds from a fundamentally different premise, namely, that the mathematical properties of the pair of keys may make it possible for one of the two keys to be deduced from the other.
  • Well encryption algorithm characteristics:
    • The cost of breaking the cipher exceeds the value of the encrypted information.
    • The time required to break the cipher exceeds the useful lifetime of the information.
  • Unfortunately, there is no encryption algorithm that is unconditionally secure.

  • The significance of the rotor machine today is that it points the way to the most widely used cipher ever: the Data Encryption Standard (DES).
  • Steganography Techniques:
    • Character marking:
      • Selected letters of printed or typewritten text are overwritten in pencil. The marks are ordinarily not visible unless the paper is held at an angle to bright light.
    • Invisible ink:
      • A number of substances can be used for writing but leave no visible trace until heat or some chemical is applied to the paper.
    • Pin punctures:
      • Small pin punctures on selected letters are ordinarily not visible unless the paper is held up in front of a light.
    • Typewriter correction ribbon:
      • Used between lines typed with a black ribbon, the results of typing with the correction tape are visible only under a strong light.
  • Questions:
    • What is meant by “precomputer”?
      • ما قبل عصر الحاسوب
    • What’s meant by “digrams”?
    • Reasons for preferring Playfair Cipher.
    • Encryption/Decryption of algorithms should be summarized in points.
  • 53-First paragraph.

Introduction to Cryptography and Computer Security

 

 

  • Cryptology: is the study of techniques for ensuring the secrecy and/or authenticity of information. Two main branches of Cryptology are:
    • Cryptography: This is the study of the design of such techniques.
    • Cryptanalysis: This deals with defeating such techniques, to recover information or forging (تزوير) information that will be accepted as authentic.
  • Network Security: This area covers the use of cryptographic algorithms in network protocols and network applications.
  • Computer Security: area of securing computers against intruders (e.g. hackers) and malicious software (e.g. viruses).
  • Security Attack is any action that compromises the security of information. It’s classified into:
    • Passive Attack: attempts to make use of information from the system without modification.
      • Examples: eavesdropping and monitoring of transmissions.
      • Passive attack types:
        • Release message contents: Learning contents of information sent between two parties.
        • Traffic analysis:
          • Suppose that the sent message is encrypted so, that opponents, even if they captured the message could not extract information from it.
          • Observing the encrypted message to analyze and guess about the encryption pattern is called traffic analysis.
      • Why passive attacks are very difficult to detect?
      • Dealing with passive attacks is on prevention not detection.
    • Active Attack: attempts to modify system resources or effect their operation.
    • Active attacks types:
      • Masquerade: happens when an entity pretends to be different entity.
        • Example: obtaining extra privileges for few privileged users.
      • Replay: involves passive capturing of data unit and its subsequent retransmission to produce an unauthorized effect.
      • Modification of messages.
      • Denial of services: prevents or inhibits the normal use or management of communication facilities.
        • Example: suppression of messages, disruption of entire network
    • Active attacks are easy to detect.
    • Here we are concerned with detection and recovering of active attacks.
  • Security mechanism is a process that is designed to detect, prevent or recover from a security attack.
  • Security service is a processing or communication service that enhances the security of data processing systems and the information transfers of an organization. Services usually use one or more security mechanism to provide the service.
  • Threat is a potential for violation of security which exists when an action that could breach security and cause harm.
  • Attack is an intelligent threat; that is an intelligent action that is a deliberate to evade security services and violate the security policy of a system.
  • Difference between internet and Internet!
  • Major requirements for security services:
    • Confidentiality.
    • Authentication.
    • Nonrepudiation.
    • Integrity.
  • Why Internetwork security is both complex and fascinating?
    • Complexity of meeting security services.
    • Considering the potential attacks on used algorithms.
    • Hardness of picking best suit algorithm for current situation because there is no general one.
    • Designing various security mechanisms and decide where to use them from physical (e.g. at what points in a network are certain security mechanisms are needed) and logical manner (e.g. what layer of an architecture such as TCP/IP should mechanisms be placed).
    • Limitations and constraints sometimes make the used algorithm meaningless.
  • IP spoofing, is about creating packets with false IP addresses and exploit applications that use authentication based on IP
  • Security service is a processing or communication service that is provided by a system to give a specific kind of protection to system resources.
  • Security Services:
    • Authentication: The assurance that the communicating entity is the one that it claims to be.
      • Peer Entity Authentication: provide confidence in the identity of the entities connected.
      • Data Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed.
    • Access Control: Prevention of unauthorized use of a resource
      • Service controls who can have access to a resource.
      • Under what conditions access can occur.
      • What those accessing the resource are allowed to do?
    • Data Confidentiality: protection of data from unauthorized disclosure (passive attacks).
      • Connection Confidentiality: protection of all user data on a connection.
      • Connectionless Confidentiality: protection of all user data in single data block.
      • Selective Field Confidentiality: protection of selected fields within the user data on a connection or in a single data block
      • Traffic Flow Confidentiality: protection of the information that might be derived from observation of traffic flows.
    • Data Integrity: assurance that data received are exactly as sent by an authorized entity (i.e. contain no modification, insertion, deletion or replay).
      • Connection Integrity with Recovery: provides integrity for all user data on a connection and detects any violations with a recovery attempted.
      • Connection Integrity without Recovery: as above without recovery.
      • Selective Field Connection Integrity.
      • Connectionless Integrity: as first type but with limited replay detection on connectionless data block.
      • Selective Field Connectionless Integrity.
    • Nonrepudiation: provides protection against denial by one of the entities involved in the communication.
      • Nonrepudiation, Origin: proof that the message was sent by the specified party.
      • Nonrepudiation, Destination: proof that the message was received by the specified party.
  • Reversible encipherment mechanism is an encryption algorithm that allows data to be encrypted and decrypted.
  • Irreversible encipherment mechanism includes hash algorithms and message authentication codes.
  • Security Mechanisms:
    • Specific Security Mechanisms:
      • Involved into protocol layer in order to provide some of the OSI security services.
      • Encipherment:
        • The use of math algorithms to transform data into a form that is not readily intelligible.
      • Digital Signature:
        • Data appended to cryptographic transformation of a data unit that allows a recipient of the data unit to prove the source and integrity of it.
      • Access Control.
      • Data Integrity.
      • Authentication Exchange.
      • Traffic Padding:
        • Insertion of bits into gaps in a data stream to frustrate traffic analysis attempt.
      • Routing Control:
        • Enables selection for particular physically secure routes for certain data and allows routing changes especially when a breach of security is suspected.
      • Notarization:
        • The use of a trusted third party to assure certain properties of a data exchange.
    • Pervasive Security Mechanisms:
      • Trusted Functionality.
      • Security Label.
      • Event Detection.
      • Security Audit Trail.
      • Security Recovery.
  • 21-Relationship between security services and mechanisms.
  • All the techniques for providing security have two components:
    • Security-related transformation on the information to be sent (encrypted data).
    • Some secret information shared by two principals and it’s hoped, unknown to the opponent (key).
  • Four basic security tasks in designing security service:
    • Design an algorithm for performing the security related transformation.
    • Generate the secret information to be used with the algorithm.
    • Develop methods for the distribution and sharing of the secret information.
    • Specify a protocol to be used by the principals. That makes use of the security algorithm and the secret information to achieve a particular security service.    
  • Programs can present two kinds of threats:
    • Information access threats:
      • intercept or modify data on behalf of users who should not have access to that data
    • Service threats:
      • Exploit service flaws in computer to inhibit use of legitimate users.


  • Questions:
    • I need an example of denial attack.
      • Physical denial attack: cutting of the network cable.
      • Logical denial attack: routing a message from receiver to another receiver.
    • Need to understand replay more.
      • Sending message more than one time.
      • Delaying message.
    • What’s meant by pervasive security mechanisms?
      • Basic and general mechanism for any security system.
    • Explanation of pervasive security mechanisms.

Introduction to Neural Networks and Learning Machines

  • A neural network is a massively parallel distributed processor made up of simple processing units that has a natural propensity for storing experiential knowledge and making it available for us.
  • Brain is a highly complex, nonlinear and parallel computer.
  • Brain is able to accomplish perceptual recognition tasks in 100-200 ms whereas tasks of much lesser complexity take a great deal longer on a powerful computer.
  • Much of the development of human brain taking place during the first two years of birth! But the development continues well beyond this stage.
  • Plasticity permits the developing nervous system to adapt to its surrounding environment.
  • Neural Network is a machine that is designed to model the way in which the brain performs a particular task or function of interest.
  • Learning algorithm is the function of which to modify the synaptic weights of the network in an orderly fashion to attain a desired design objective.
  • Properties and capabilities on NN:
    • Nonlinearity.
    • Input-Output Mapping.
    • Adaptivity.
      • The principal time constants of the system should be long enough for the system to ignore spurious disturbances, and yet short enough to respond to meaningful changes in the environment. This is the problem on stability-plasticity dilemma.
    • Evidential Response.
      • Supplying each decision with confidence factor.
    • Contextual Information.
      • Every neuron in the network is affected by the global activity of all other neurons in the network.
    • Fault Tolerance.
    • VLSI Implementation.
    • Uniformity of Analysis and Design.
    • Neurobiological Analogy.
  • It’s estimated that there are approximately 10 billion neuron in human cortex and 6o0 trillion synaptic.
  • Synapses or nerve endings are elementary structural and functional units that mediate the interconnections between neurons.
  • Adaptivity in human brain is made by:
    • Creation of new synaptic connections between neurons or,
    • Modification of existing synapses.
  • ANN we are presently able to design is just as primitive compared with the local circuits and the interregional circuits of the brain.
  • Types of activation function:
    • Threshold Function (Heaviside Function).
    • Sigmoid Function.
  • See page 46: mathematical definition of neural network (as a directed graph) and 4 properties of it.
  • See page 47: partially complete directed graph (architectural graph) and its properties.
  • The manner in which the neurons of a NN are structured is intimately linked with the learning algorithm used to train the network.
  • Networks Architecture:
    • Single-Layer Feedforward Networks.
    • Multilayer Feedforward Networks.
      • By adding one or more hidden layers the network is enabled to extract higher-order statistics from its input.
      • We’ve two types of connected networks: fully connected and partially connected.
    • Recurrent Networks.
      • Self-feedback refers to a situation where the output of a neuron is fed back into its own input.
  • Knowledge refers to stored information or models used by a person or machine to interpret, predict, and appropriately respond to the outside world.
  • Characteristics of Knowledge Representation:
    • What information is actually made explicit?
    • How the information is physically encoded for subsequent use?
  • 55-See differences between pattern classifiers and neural networks in page.
  • Knowledge representation of the surrounding system is environment is defined by the values taken by the free parameters (i.e. synapses and bias) of the network.
  • Knowledge Representation Rules:
    • Similar inputs from similar classes should usually produce similar representations inside the networks and should therefore be classified as belonging to the same class.
    • Items to be categorized as separate classes should be given widely different representations in network.
    • If a particular feature is important, then there should be a large number of neurons involved in the representation of that item in the network.
    • Prior information and invariances should be built into the design of a neural network whenever they are available. So as to simplify the network design by not having to learn them.
  • To find similarity for deterministic terms we use Euclidian distance. For stochastic terms we use Mahalanobis distance.
  • Specialized Structured Neural Networks are desired for the following reasons:
    • Having smaller number of free parameters. This lead to small number of training, network learns fast and often generalizes better.
    • The rate of information transmission through a specialized network (i.e. the network throughput) is accelerated.
    • The cost is reduced because its smaller size relative to fully connected network.
  • Ad hoc techniques to build prior information into neural network:
    • Restricting the network architecture, this is achieved through the use of local connections known as receptive fields.
    • Constraining the choice of synaptic weights, which is implemented through the use of weight sharing.
  • Receptive field of a neuron is defined as the region of the input field over which the incoming stimuli can influence the output signal produced by the neuron.
  • Techniques for rendering classifier-type neural network invariant to transformations:
    • Invariance by structure:
      • Synaptic connections between the neurons of the network are created so that transformed versions if the same input are forced to produce the same output. (i.e image center rotation)
    • Invariance by training:
      • Ability to recognize an object from different perspectives using several aspect views.
      • Disadvantages from engineering aspect:
        • Probability of misclassification.
        • High computation demand (especially with high features dimensions)
    • Invariant feature space:
      • This technique relies on the ability of extracting features that characterize the essential information content of an input data set and that are invariant to transformations.
      • Advantages of using this technique:
        • Reduced number of features.
        • Requirements of the design are relaxed
        • Invariance for all objects with respect to known transformations is assured.
  • Learning Paradigms:
    • Supervised Learning.
    • Unsupervised Learning.
    • Reinforcement Learning.
  • Learning Tasks:
    • Pattern Association.
      • Associative memory is a brain like distributed memory that learns by association.
      • Association forms:
        • Autoassociation (Unsupervised).
        • Heteroassociation (Supervised).
      • Phases of associative memory:
        • Storage phase.
        • Recall phase.
      • Challenge here is to make the storage capacity q (expressed as a percentage of the total number N neurons used to constructs the network) as large as possible.
    • Pattern Recognition.
      • Pattern recognition is the process of receiving a pattern/signal and assign it to one of prescribed number of classes.
      • Forms of pattern recognition machines using neural networks:
        • Machine is constructed from feature extractor and supervised classification.
          • Feature extractor applies dimensionality reduction (i.e. data compression).
        • Machine is constructed from Feedforward network using supervised learning algorithm.
          • The task of feature extraction is performed by the computational units in the hidden layers of the network.
    • Function Approximation.
      • Given a set of labeled examples, the requirement is to design a neural network that approximates the unknown function f(.) such that the function F(.) describes input-output mapping actually realized by the network, is close enough to f(.) in Euclidean sense over all inputs (i.e. for all x)
      • Ability of a NN to approximate an unknown input-output mapping is characterized by:
        • System identification: ability to identify key patterns.
        • Inverse modeling:
    • Control.
      • Primary objective of the controller is to supply appropriate inputs to the plant to make its output y track the referenced signal d. In other words, the controller has to invert the plant’s input-output behavior.
      • Approaches for accounting k, j:
        • Indirect Learning.
        • Direct Learning.
    • Beamforming.
      • Beamforming is used to distinguish between the spatial properties of the target and background noise. The device used to do the Beamforming is called a beamformer.
      • Task of Beamforming is complicated according to two factors:
        • Target signal originates from an unknown direction.
        • There is no prior information available on the inferring signals.
  • Key terms: key pattern, memorized pattern, error in recall, memoryless MIMO system, neuro-beamformer, attentional neurocomputers, semisupervised learning.
  • Questions:
    • What’s linear adaptive filter theory?
    • What’s tabula rasa learning?
    • Page 33 line 19. What’s meant by this paragraph?
    • Needs more discussion about “Uniformity of Analysis and Design”.
    • Discussion about the 2 examples in page 35.
    • Last paragraph in page 37.
    • What’s logistic function?
    • 48-What we mean by dynamic system?
    • 48-Why A and B are operators? And what’s the resulted from this?
    • 48-What’s the difference between A and ?
    • 48-What we mean by non-commutative?
    • 48-What are the properties on non-commutative operators?
    • 49-Explanation of equation 19, 20?
    • 49-What’s binomial expansion?
    • 49-Explanation of 2 cases in bottom.
    • 53-Last paragraph
    • 59- Ad hoc techniques to build prior information into neural network.
    • 60-What are the differences between convolution network and usual networks?
    • 61-What’s meant by occlusion?
    • 65-2nd portion of page until unsupervised learning.
    • 66-Reinforcement learning paragraph
    • 68-What is meant by space of dimensionality?
    • 73-Is system identification is done using control task?
    • 73-In equation 37 how he’ll get the differentiation of a constant?
    • 73-What is meant by element of a planet?
    • 73-What’s the problem of j, k?
    • 73-What’s direct and indirect learning?
    • 74-Discussion on diagram of generalized sidelobe canceller.