Unit-1

OSI (Open System Interconnect) Security Architecture :

The OSI Security Architecture provides a systematic approach to defining security requirements
and evaluating security solutions. It is useful for security managers in organizing security tasks
and serves as an international standard for vendors to align security features in their products
and services.
The architecture focuses on three key aspects:
• Security Attack: Any action that compromises the security of an organization’s
information.
• Security Mechanism: A process or device designed to detect, prevent, or recover from a
security attack.
• Security Service: A processing or communication service that enhances security by
countering security attacks, utilizing one or more security mechanisms.

1.Security attacks
Security attacks are broadly categorized into passive attacks and active attacks, based on their
impact and method of execution.

Passive attacks
Passive attacks aim to gather information without altering or disrupting the system. These
attacks are difficult to detect because they do not modify data or system resources. However,
they can be prevented using encryption and traffic masking techniques.
Types of Passive Attacks:
1. Release of Message Contents:
o Involves unauthorized access to sensitive information such as emails, file
transfers, or phone conversations.
o Example: A hacker intercepting confidential emails between two employees.
2. Traffic Analysis:
o Even if message contents are encrypted, attackers can analyze the pattern,
frequency, and size of transmitted messages to infer sensitive details.
o Example: If a company suddenly starts sending large encrypted messages to a
legal firm, an attacker might guess that a lawsuit is being prepared.
Active Attacks
Active attacks involve modifying, disrupting, or fabricating data in a communication system.
These attacks can cause significant harm by altering system behavior.
Types of Active Attacks:
1. Masquerade: An attacker impersonates a legitimate user, often in combination with
other attacks like replay or message modification. Example: An unauthorized user posing
as an admin to gain access.
2. Replay: Capturing and retransmitting data (e.g., authentication credentials) to gain
unauthorized access. Example: An attacker reuses a valid login session.
3. Modification of Messages: Altering the content of messages to change their meaning.
Example: Changing “Transfer $100 to Alice” to “Transfer $10,000 to Bob.”
4. Denial of Service (DoS): Disrupting network services to prevent legitimate access.
Example: Flooding a server with requests to make it unavailable.
Active attacks are difficult to prevent entirely due to software, network, and hardware
vulnerabilities. The focus is on detection and recovery, including logging, intrusion detection
systems (IDS), and security audits.

2.Security Services
A security service is a function provided by a system to protect resources, implement security
policies, and ensure secure data transfers. It is categorized into six main types:
Authentication
This service ensures that the sender and receiver are who they claim to be.
 • Peer Entity Authentication: Confirms identities during communication to prevent
impersonation. Used in network connections like TCP.
• Data Origin Authentication: Verifies the sender of a message (useful for emails) but does
not prevent message tampering.
Access Control
Limits who can access a system or network. Before granting access, the system checks the user’s
identity through authentication.
Data Confidentiality
Protects data from being seen by unauthorized people.
• Full Protection: Secures all data in a communication session.
• Selective Protection: Protects only specific messages or parts of messages.
• Traffic Flow Confidentiality: Hides communication patterns, preventing attackers from
guessing who is talking to whom and how often.
Data Integrity
Ensures that data is not altered, duplicated, or lost during transmission.
• Stream Integrity: Protects an entire session from message tampering, duplication, or
destruction.
• Message Integrity: Protects individual messages from being modified.
• Recovery Options: Some systems can automatically fix or restore altered data
Non-Repudiation
Ensures that no one can deny sending or receiving a message.
• Non-Repudiation of Origin: Proves that the sender actually sent the message.
• Non-Repudiation of Receipt: Proves that the receiver actually received the message.

Availability
Ensures that a system or network remains available for users, even during cyberattacks like
Denial-of-Service (DoS) attacks. This service depends on good security management and system
controls.
3.Security mechanisms
Security mechanisms are methods used to protect data and systems from security threats. It is
categorized into two types they are :

• Protocol-Specific Mechanisms – Implemented within specific network protocols (e.g.,

TCP, application-layer protocols).
• General Security Mechanisms – Not tied to any specific protocol but support various
security services.
Key Security Mechanisms

• Encipherment
The use of mathematical algorithms to transform data into a form that is not readily
intelligible. The transformation and subsequent recovery of the data depend on an
algorithm and zero or more encryption keys.
• Digital Signature
Data appended to, or a cryptographic transformation of, a data unit that allows a
recipient of the data unit to prove the source and integrity of the data unit and protect
against forgery (e.g., by the recipient).
• Access Control
A variety of mechanisms that enforce access rights to resources.
• Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
• Routing Control
Enables selection of particular physically secure routes for certain data and allows
routing changes, especially when a breach of security is suspected

Symmetric Encryption (Cipher Model )

Symmetric encryption is a method where the same secret key is used for both encryption and
decryption. It consists of five main components:
Components of Symmetric Encryption:
• Plaintext: The original readable message or data.
• Encryption Algorithm: Performs substitutions and transformations on plaintext.
• Secret Key: A unique value that determines how encryption occurs.
• Ciphertext: The scrambled, unreadable output after encryption.
• Decryption Algorithm: Reverses encryption to convert ciphertext back to plaintext.
 Classical Encryption Techniques
Classical encryption methods are the foundation of modern symmetric encryption methods.
These methods use two basic techniques: substitution and transposition.
1. Substitution
• In substitution, each character or symbol in the plaintext (the original message) is
replaced with another character, number, or symbol.
• If the message is in binary (1s and 0s), substitution swaps bit patterns.
• Example: Caesar Cipher, Mono alphabetical, play fair cipher, One time pad.
2. Transposition
• Transposition changes the order of characters in the message, but the characters
themselves stay the same.
• Example: Rail Fence Cipher, Row column.

Substitution
Caesar Cipher
The Caesar Cipher is one of the oldest and simplest encryption methods. It involves shifting
each letter in the plaintext by a fixed number of positions in the alphabet.
Each letter is mapped to a number:
The general encryption formula is:
C=(p+k)mod 26
The decryption formula is:
p=(C−k)mod 26
Encrypting a Message Using the Caesar Cipher
Let’s encrypt the word "HELLO" using a shift of 3.
Step 1: Assign Numbers to Each Letter

Step 2: Apply the Caesar Cipher Formula

C=(p+k)mod 26
where:
• C = Ciphertext letter's numeric value
• p= Plaintext letter's numeric value
• k = Shift (3 in this case)
• mod 26 ensures we stay within the alphabet (wraps around after Z).

Step 3: Convert Numbers Back to Letters

So, "HELLO" is encrypted as "JHOOR".

Monoalphabetic Cipher:
This substitution cipher replaces each letter in the plaintext with another letter from the
alphabet, using a fixed mapping throughout the message. It’s simple but vulnerable to
frequency analysis since each letter always maps to the same substitute.
Playfair Cipher:
A digraph substitution cipher that encrypts pairs of letters (digraphs) using a 5x5 grid of letters.
It’s more secure than simple substitution ciphers because it hides letter frequencies, but it can
still be cracked with enough effort.
One-Time Pad:
An unbreakable cipher when used correctly, this method involves pairing the plaintext with a
random key (pad) that is as long as the message. Each character is encrypted by combining it
with the corresponding key character, and the key is used only once.
Rail Fence Cipher:
A form of transposition cipher that writes the message in a zigzag pattern (like a rail fence), then
reads it row by row. It’s simple but offers minimal security since patterns can be quickly
identified and rearranged.
Row-Column Transposition Cipher:
A transposition cipher that rearranges the characters of the plaintext into a grid and then reads
them off column by column (or row by row, depending on the variant). It’s stronger than a basic
rail fence but still not highly secure.

In this there are more concepts are there they are (Mono alphabetical, play fair cipher, One time
pad.) and (Rail Fence Cipher, Row column.)
It is difficult to put all the implementation in material I just give definition .please refer to your
handwritten notes for implementation.