Unit III: Public Key Cryptography and Message Authentication

Denial of Service (DoS) Attack in Cryptography

A Denial of Service (DoS) attack is a malicious attempt to disrupt the normal functioning of
a system, server, or network by overwhelming it with a flood of traffic or sending it requests
it cannot handle. This attack makes the system unavailable to legitimate users, affecting its
confidentiality, integrity, and availability.

In the context of cryptography, DoS attacks can exploit vulnerabilities in cryptographic

protocols, algorithms, or systems that rely on secure communication.

Key Features of a DoS Attack

1. Targeted Disruption: Focuses on making a resource (e.g., website, server, or network)

inaccessible to legitimate users.
2. Resource Overload: Consumes bandwidth, CPU, memory, or other system resources.
3. No Data Theft: Unlike other cyberattacks, the goal is not to steal data but to cause
downtime or disruption.

Types of DoS Attacks

1. Volumetric Attacks:
o Flood the network with excessive traffic.
o Example: Sending a large number of requests to a web server until it crashes.

2. Protocol Attacks:
o Exploit weaknesses in network protocols or cryptographic algorithms.
o Example: Exploiting SSL/TLS handshakes to overload a server.

3. Application Layer Attacks:

o Target specific applications or services (e.g., web servers, APIs).
o Example: Sending multiple malicious HTTP requests to a website.

Example of a DoS Attack

1. Ping Flood Attack:

o An attacker sends a flood of ICMP (ping) requests to a server.
o The server becomes overwhelmed while trying to respond to each request.

2. SYN Flood Attack:

o Exploits the TCP handshake process by sending SYN requests to a server and never
completing the handshake.

How to Prevent DoS Attacks

1. Rate Limiting: Limit the number of requests a client can make in a given time frame.
2. Firewalls: Use packet-filtering firewalls to block malicious traffic.
3. Load Balancers: Distribute traffic across multiple servers to handle spikes.
 4. Strong Algorithms: Use cryptographic protocols resistant to computational attacks.
5. DDoS Protection Services: Services like Cloudflare, AWS Shield, or Akamai can mitigate
large-scale attacks.

IP Spoofing Attack in Cryptography

IP spoofing is a type of cyberattack in which an attacker manipulates the source IP address

of packets to make it appear as though they are coming from a trusted source rather than the
attacker. This technique is often used to bypass security measures, gain unauthorized access,
or facilitate other types of attacks, such as Denial of Service (DoS) or Man-in-the-Middle
(MITM) attacks.

How IP Spoofing Works

1. The attacker forges the source IP address in the packet headers.

2. The victim receives the packet and believes it originated from the spoofed IP address
(usually a trusted system).
3. The attacker can exploit this trust to:
o Bypass access controls.
o Inject malicious data.
o Disrupt communication.

Types of IP Spoofing Attacks

1. Non-Blind Spoofing:
o The attacker can monitor the traffic between the victim and the target (e.g.,
same network).
o Example: Intercepting a session and injecting malicious packets.
2. Blind Spoofing:
o The attacker does not have direct access to the network traffic.
o They predict the sequence numbers and acknowledgment numbers of packets
to craft malicious packets.
3. DoS/DDoS Using IP Spoofing:
o The attacker floods a target with packets using spoofed IP addresses, making it
difficult to trace the source.

IP Spoofing in Cryptographic Systems

In cryptographic systems, IP spoofing can exploit vulnerabilities in authentication

mechanisms that rely on IP-based trust rather than robust cryptographic measures. Examples
include:

1. Bypassing firewalls: Spoofed IP addresses might bypass basic IP-based access

control lists.
2. Hijacking secure sessions: If encryption is not implemented end-to-end, an attacker
can insert spoofed packets to disrupt or manipulate a session.
 3. MitM attacks: Combined with ARP spoofing, an attacker can intercept or manipulate
cryptographic keys and encrypted data.

Example of IP Spoofing

1. Attack Scenario:
o Target: Bank server that allows IP 192.168.1.100 (trusted client) to access
financial data.
o Attacker: Spoofs IP 192.168.1.100 and sends fraudulent requests to the
server.
o Result: The server processes these requests, thinking they are legitimate.
2. Real-World Example:
o SYN Flood Attack: Spoofed SYN requests are sent to overwhelm a target
server.

Conventional Encryption and Message Confidentiality in Cryptography

Conventional encryption, also known as symmetric key encryption, is a cryptographic

technique where the same key is used for both encryption and decryption. It is one of the
oldest and most widely used methods of securing data.

Features of Conventional Encryption

1. Symmetric Key: A single shared secret key is used for both encryption and decryption.
2. Fast and Efficient: Symmetric encryption algorithms are computationally less intensive
compared to asymmetric encryption.
3. Key Distribution: The primary challenge is securely sharing the secret key between the
sender and receiver.

Examples of Conventonal Encryption Algorithms

1. DES (Data Encryption Standard):

o Block size: 64 bits
o Key size: 56 bits
o Outdated due to vulnerabilities to brute-force attacks.

2. AES (Advanced Encryption Standard):

o Block size: 128 bits
o Key size: 128, 192, or 256 bits
o Widely used for secure communication.

3. Triple DES (3DES):

o An enhancement of DES that applies the encryption process three times with
different keys.

4. Blowfish and RC4:

o Other widely used symmetric key algorithms.

Working of Conventional Encryption

 1. Encryption:
o The plaintext is transformed into ciphertext using an encryption algorithm and a
secret key.
o Formula: C=Ek(P)C = E_k(P), where:
 CC: Ciphertext
 EE: Encryption algorithm
 PP: Plaintext
 kk: Secret key

2. Decryption:
o The ciphertext is transformed back into plaintext using the same key.
o Formula: P=Dk(C)P = D_k(C), where:
 DD: Decryption algorithm

Message Confidentiality

Message confidentiality ensures that the contents of a message are not accessible to
unauthorized parties. It is one of the core goals of cryptography and is often achieved using
encryption techniques.

Key Aspects of Message Confidentiality

1. Encryption:
o Converts plaintext into unreadable ciphertext.
o Ensures that only authorized recipients with the correct decryption key can access
the original message.

2. End-to-End Security:
o Protects the data throughout its journey from sender to receiver.
o Even if the data is intercepted, it remains secure due to encryption.

3. Protection Against Eavesdropping:

o Prevents attackers from reading sensitive information during transmission.

Advantages of Conventional Encryption

1. Speed: Faster than asymmetric encryption, making it suitable for bulk data encryption.
2. Simplicity: Uses a single key for both encryption and decryption.

Challenges of Conventional Encryption

1. Key Distribution: Securely sharing the secret key is difficult.

2. Scalability: As the number of users increases, managing keys becomes complex.

Conventional Encryption Algorithms in Cryptography

Conventional encryption algorithms, also called symmetric key encryption algorithms, use
the same key for both encryption and decryption. These algorithms have been widely used for
decades due to their simplicity and efficiency.
Applications of Conventional Encryption Algorithms

1. Secure Communication:
o Encrypting emails, chat messages, and calls.
2. Data Storage:
o Protecting sensitive files on local drives or cloud storage.
3. Banking and Finance:
o Securing transactions and customer data.
4. Wireless Networks:
o Encrypting Wi-Fi traffic (though modern networks use AES).

Limitations

1. Key Distribution Problem:

o Requires a secure way to share the secret key between sender and receiver.
2. Scalability:
o As the number of users increases, the number of keys needed grows
exponentially.
3. Vulnerability to Key Compromise:
o If the key is compromised, all communications encrypted with that key are
exposed.

Key Distribution in Cryptography

Key distribution refers to the process of securely sharing cryptographic keys between the
communicating parties so that they can encrypt and decrypt information. It is a fundamental
aspect of cryptographic systems because the security of encrypted communication depends
on the confidentiality and integrity of the keys.

Why is Key Distribution Important?

1. Confidentiality: The security of the communication relies on the secrecy of the encryption
key.
2. Authentication: Ensures that the key comes from a trusted source.
3. Integrity: Protects against tampering or substitution of the key.

Key Distribution Methods

There are several methods for distributing cryptographic keys, depending on whether the
system uses symmetric or asymmetric encryption.

1. Manual Key Distribution

 Keys are physically delivered to the recipient.

 Examples: Handing over keys via a secure courier or USB device.
 Advantages:
o Simple and does not require additional technology.
o Useful for small-scale systems.
 Disadvantages:
 o Impractical for large-scale systems or remote communication.
o Risk of physical theft or interception.

2. Key Distribution in Symmetric Encryption

In symmetric encryption, the same key is used for both encryption and decryption. Securely
sharing the secret key is challenging.

Methods:

1. Pre-shared Key (PSK):

o The key is shared before the communication begins.
o Common in Wi-Fi networks (WPA2-PSK).
2. Key Distribution Center (KDC):
o A centralized server securely distributes keys to users.
o Example: Kerberos protocol.
3. Quantum Key Distribution (QKD):
o Uses quantum mechanics to securely distribute keys.
o Example: BB84 protocol.
o Advantage: Resistant to eavesdropping.

3. Key Distribution in Asymmetric Encryption

Asymmetric encryption uses a pair of keys: a public key (shared openly) and a private key
(kept secret). This eliminates the need to securely transmit the secret key.

Challenges in Key Distribution

1. Eavesdropping: Interception of keys during transmission.

2. Man-in-the-Middle Attacks: An attacker intercepts and alters key exchange messages.
3. Scalability: Managing a large number of keys in large networks.
4. Trust: Ensuring that the keys come from authentic sources.

Applications of Key Distribution

1. Secure Internet Communication:

o HTTPS, SSH, and VPNs.
2. Email Security:
o Encrypted emails using PGP or S/MIME.
3. Digital Payments:
o Secure transactions in e-commerce.
4. Cloud Storage:
o Encrypted file sharing.
 1. Approaches to Message Authentication

Message authentication ensures that a message is not altered during transmission and verifies
the sender's identity. The common approaches include:

 Message Authentication Code (MAC): A small block of data generated from the message
and a secret key, used to verify message integrity.
 Hash Functions: These generate a fixed-size hash value from the input message to ensure
integrity.
 Digital Signatures: Combines cryptography and hash functions to ensure authenticity,
integrity, and non-repudiation.

2. Hashing Algorithms

Hashing algorithms are used to convert any form of data into a fixed-length string, which is
used for verifying integrity.

 SHA-1 (Secure Hash Algorithm 1):

o Produces a 160-bit hash value.
o Vulnerable to cryptographic attacks but widely used in legacy systems.
 MD5 (Message Digest 5):
o Produces a 128-bit hash value.
o Fast but insecure against collision attacks and should not be used in security-critical
applications.

3. Public-Key Cryptography Principles

Public-key cryptography, also known as asymmetric cryptography, involves a pair of keys: a

public key and a private key. Principles include:

 The public key is shared with everyone.

 The private key remains confidential with the owner.
 Encryption is performed using the public key, and decryption is done using the private key.
 Common uses include secure communication and digital signatures.

Example:

Alice wants to send a message HELLO to Bob securely.

1. Alice encrypts HELLO using Bob’s public key.

2. Bob decrypts it using his private key.

Public-key cryptography enables secure communication without sharing private keys.

3. RSA Algorithm
The RSA algorithm is a widely used asymmetric cryptographic technique that provides both
encryption and digital signatures. It was invented in 1977 by Rivest, Shamir, and Adleman,
and its security is based on the difficulty of factoring large integers.

Key Features of RSA

1. Asymmetric Encryption:
o Uses two keys: a public key (for encryption) and a private key (for decryption).
2. Security:
o Based on the difficulty of factoring the product of two large prime numbers.
3. Applications:
o Securing data in transit (HTTPS).
o Digital signatures for verifying authenticity.

Steps in the RSA Algorithm

1. Key Generation

Key generation involves creating the public and private key pair:
Applications of RSA

1. Data Encryption:
o Secures communications, such as in SSL/TLS for HTTPS.
2. Digital Signatures:
o Verifies the authenticity of a message or document.
3. Email Security:
o Used in PGP and S/MIME for secure email.
4. Blockchain:
o RSA-based techniques are used in blockchain-related activities.

Advantages of RSA
 1. High security for large key sizes (2048-bit and above).
2. Eliminates the need for secure key exchange (uses public key).
3. Can be used for both encryption and digital signatures.

Disadvantages of RSA

1. Slow Performance:
o Not suitable for encrypting large amounts of data.
o Often combined with symmetric encryption for hybrid cryptosystems.
2. Key Management:
o Requires large keys (2048-bit or more) for high security.
3. Quantum Computing Threat:
o Vulnerable to attacks using quantum algorithms like Shor's algorithm.

1. Digital Signatures

A digital signature is a cryptographic technique used to verify the authenticity, integrity,

and non-repudiation of digital data. It is the digital equivalent of a handwritten signature or
a stamped seal but much more secure.

Key Characteristics of Digital Signatures

1. Authenticity: Confirms the identity of the sender.

2. Integrity: Ensures that the data has not been altered during transmission.
3. Non-repudiation: The sender cannot deny having sent the message.

How Digital Signatures Work

Digital signatures are created using asymmetric encryption (public-key cryptography),

which involves a pair of keys:

 Private Key: Used to create the signature.

 Public Key: Used to verify the signature.

Process of Digital Signing

1. The sender creates a hash of the message using a cryptographic hash function (e.g., SHA-
256).
2. The sender encrypts the hash using their private key. This encrypted hash is the digital
signature.
3. The sender sends the message along with the digital signature to the recipient.

Verification Process

1. The recipient decrypts the digital signature using the sender’s public key, retrieving the
original hash.
2. The recipient computes the hash of the received message.
3. If the computed hash matches the decrypted hash, the signature is verified.

Applications of Digital Signatures

 1. Email Security: To verify the authenticity of the sender (e.g., in PGP encryption).
2. Software Distribution: To confirm that the software is from a trusted source and hasn't been
tampered with.
3. Legal Documents: For signing contracts digitally.
4. Blockchain: To validate transactions in cryptocurrencies like Bitcoin.

Benefits of Digital Signatures

1. Stronger security than handwritten signatures.

2. Globally accepted and legally recognized in many countries.
3. Automation-friendly, reducing human error.

6. Key Management

Key management involves:

 Generating, distributing, and storing keys securely.

 Ensuring the proper lifetime and revocation of keys.
 Using trusted third-party systems like Certificate Authorities (CAs) for public-key distribution.

Example of Key Distribution:

 A user requests a public key from a Certificate Authority (CA).

 The CA provides a digitally signed certificate containing the public key.

7. Firewalls

Firewalls are network security systems that monitor and control incoming and outgoing
traffic based on predetermined security rules. Types include:

 Packet-Filtering Firewalls: Filter data packets based on source and destination addresses,
ports, and protocols.
 Stateful Inspection Firewalls: Monitor the state of active connections.
 Application-Level Gateways (Proxies): Perform deep inspection at the application level.

Packet-Filtering Firewall Example:

 Rule: Block all incoming traffic on port 80 (HTTP).

 Incoming packet: Source IP: 192.168.1.10, Destination Port: 80.
 Action: The firewall blocks this packet.

Stateful Inspection Firewall Example:

 It checks if an incoming packet is part of an existing connection before allowing it

through.

Application-Level Gateway Example:

 Proxy server inspects HTTPS traffic for malicious content before forwarding it.