Information Security Fundamentals: Concepts, Cryptography, and Jamming Defenses

Posted by Anonymous and classified in Computers

Written on in English with a size of 8.66 KB

What is Information Security?

Information security means protecting data from theft, alteration, destruction, disclosure, or denial of access. It has traditionally relied on physical measures (e.g., locked cabinets) and administrative controls (e.g., personnel screening). Even today, some reliance on physical security remains.

Modern Information Security Needs

With increased computer usage, automated tools are now essential for protecting stored information. As network usage grows, securing data during transmission has become equally essential.

Aspects of Information Security (ITU-T X.800/1205)

  • Security Attack: Any action that compromises system security.
  • Threat: A potential violation, defined as capability plus intent.
  • Security Mechanism: Any policy or procedure designed to detect, prevent, or recover from attacks.
  • Security Service: Strengthens the security of data processing and transmission, typically utilizing one or more security mechanisms (e.g., cryptosystems).
  • Physical Security: Involves protective measures against intentional or accidental physical threats.

Security Mechanisms

There are three primary approaches to securing information: prevention, restriction, and cryptography.

  1. Access can be prevented entirely. For example, an offline system is inherently safe from external attacks.
  2. When isolation is not possible, access can be restricted using various authentication methods tailored to different security needs.
  3. Cryptography is the most common method. It encodes data so only the intended recipients can read the message.

Wireless Network Security Analysis

Each layer of the network stack has its own protocols and is vulnerable to specific attacks:

  • Application Layer: Email, Web, NFS: Send mail, FTP, Linux bugs, chosen-protocol, version rollback
  • Session Layer: RPC (Remote Procedure Call): RPC worms, portmapper
  • Transport Layer: TCP: Flooding, RIP, sequence number manipulation
  • Network Layer: IP: DoS, address spoofing
  • Data Link Layer: 802.11: WEP, WPA attacks
  • Physical Layer: Jamming

Flooding Attack Explained

Flooding overloads the TCP buffer with SYN packets, preventing communication. The system becomes unresponsive or "silenced." SYN packets initiate TCP connections, and the buffer holds unprocessed packets.

Denial of Service (DoS) Attacks

Denial of Service (DoS) blocks legitimate access by overwhelming the target with useless data, thereby draining resources. Attacks can originate from one or many sources.

Cryptography Principles

Cryptography hides data so that only authorized users can read it, by converting plaintext into ciphertext. It is used to protect secret communication from eavesdroppers and attackers who may access network data.

How Cryptography Works

A plaintext message m is encrypted using Alice’s key K_A to produce ciphertext: K_A(m). Bob then decrypts it using his key K_B: m = K_B(K_A(m)). The encryption algorithm protects the message from eavesdroppers until it is safely decrypted.

Cryptosystem Types and Examples

  • Symmetric Key Cryptography: Uses the same key for both encryption and decryption.
    • Block ciphers include DES (Data Encryption Standard) and AES (Advanced Encryption Standard).
    • Stream ciphers include RC4, which encrypts data one byte at a time, and A5, a family of ciphers used in GSM mobile communication.
  • Asymmetric Key Cryptography: Uses a public key for encryption and a private key for decryption, with RSA and ElGamal being common examples.
  • Hash Functions: Produce fixed-length outputs from variable input.
    • MD5 is a message-digest algorithm used to verify file integrity, while SHA-1 is another secure hashing method.
    • HMAC is a keyed hash function used for cryptographic message authentication.

Understanding Hash Functions

A hash function maps input data of any size to a fixed-size value called a hash. These outputs are also referred to as hash values, hash codes, digests, or simply hashes. Hashes are commonly used to index entries in a hash table, a process known as hashing. For example, SHA-256 takes any input and produces a 256-bit hash. Collisions can occur when different inputs produce the same hash value.

RSA Public Key Encryption Example

To encrypt the binary message (10111)2, first convert it to decimal: (10111)2 = (23)10.
Use the public key values: n=91, e=5.
Now compute: 235 = 6,436,343.
Take the result modulo 91: 6,436,343 ÷ 91 = 70,729 remainder 4.
Convert the remainder back to binary: (4)10 = (100)2.
So, the encrypted version of 10111 is 100.

RSA Private Key Decryption Example

To decrypt the message (100)2, first convert to decimal: (100)2 = (4)10.
Use the private key values: n=91, d=29.
Now compute: 429 = 288,230,376,151,711,744.
Take the result modulo 91: 288,230,376,151,711,744 ÷ 91 = 3,167,476,485,150,634 remainder 23.
Convert back to binary: (23)10 = (10111)2.
So, the decrypted version of 100 is 10111, confirming the original message.

Supporting Calculations:
1·24 + 0·23 + 1·22 + 1·21 + 1·20 = 16 + 0 + 4 + 2 + 1 = 23
Given p=7, q=13n=91
φ(n) = (p-1)(q-1) = 6·12 = 72
Public exponent e=5

Wireless Jamming: Threats and Countermeasures

Jamming is the deliberate disruption of wireless communication by lowering the signal-to-noise ratio at the receiver through the use of interfering signals. It involves transmitting high-power signals at specific frequencies or bandwidths to interrupt reception. An adversary can block the wireless medium entirely to launch a severe jamming attack.

Constant Jammer Characteristics

A constant jammer continuously emits a radio signal, acting as persistent noise. It transmits without waiting for the channel to become idle, disrupting any ongoing communication.

Deceptive Jammer Tactics

A deceptive jammer injects continuous, valid-looking packets with no gaps. Target devices remain stuck in receive mode and cannot transmit due to the uninterrupted stream.

Random Jammer Behavior

A random jammer switches randomly between jamming and sleeping to conserve energy. During jamming, it can behave like a constant or deceptive jammer.

Reactive Jammer Operations

A reactive jammer remains silent until it detects channel activity, then begins jamming to disrupt message reception. While it doesn't save energy, it is harder to detect.

Signal Strength for Jamming Detection

Jamming can alter signal strength patterns. Devices should collect their own signal data to assess jamming risk and compare it to a baseline or model of normal energy levels.

Jamming Countermeasures

Hermes nodes combine Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS) to resist jamming. DSSS spreads data over a wide bandwidth, while FHSS rapidly switches frequencies to avoid interference.

A Hermes node (DSSS + FHSS) defends against jamming by hopping 1 million times per second and masking signals as noise. It uses 55 FHSS channels and 275 MHz DSSS bandwidth. To decode, both FHSS and DSSS codes must be known.

A secret word is used to generate the channel sequence and the pseudo-noise (PN) code. This is usually coded for a specific network so that any new node can be identified by existing nodes. Synchronization between nodes is important for the Hermes node to operate properly.

The Anti-Jam Antenna System (AJAS) is a multi-element antenna system that uses various technologies and can differ in the number of elements. Additionally, secure antenna designs using advanced materials such as metasurfaces (meta-antennas) help improve resistance to jamming.

Karma: 19%
Visits: 0

Related entries:

Tags:
threats flooding attack RSA encryption cybersecurity information security security mechanisms jamming denial of service cryptography DSSS data protection security attacks hash functions wireless security