The C.I.A triad characteristics of information security
CIA is acronym of confidentiality, integrity and Availability. These are three main pillar of security (Ciampa, 2015, p. 13). If any product compliances these three-key security objectives, then it will be more secure and trustworthy-
- Confidently: It ensures that data must be visible to only authentic and true person. Data should be stored or transmitted in such a way so that only required person can only understand it and process it. Any other person should not able to understand the meaning of data.
- Integrity: It ensures that data is not altered in transit. There are few cryptography algorithms which can be used to maintain the integrity. These algorithms are called the hash functions. These hash functions calculate unique fixed value for the data. If any bit is changed in transit by attacker, then it will generate totally different hash at recipient side.
- Availability: It ensures that data is available for authorized users when it is required for processing. There should be some mechanism so that only authorized user can access it. Attacker should not be able to lock data by sending the DOS, DDOS attacks.
- If we talk about confidentialityin context of ATM card, then PIN is kept confidential so that only authorized person of the card can use the ATM. If in any circumstances it is lost or stolen, then it cannot be used for withdrawing the money because PIN is required for accessing the bank data. Also, it uses SSL encryption (provides confidentiality) for sending and receiving the financial information from ATM to Bank server.
- Integrityof data or information states that protecting information from being modified by illegal parties. For maintaining the integrity in ATM system, we use cryptography protocol HTTPS (SSL provides integrity) for transferring and receiving financial info from ATM machine to bank’s server.
- Availabilityensures that ATM service should be up and running for all the time. There should not be any outage. Customer has proper access rights for all type of transactions. In some kiosk, Financial institutions put more than one ATM machine which provided redundancy as well as fast service to customers.
Mirai is malicious software or malware which exploits networked devices (Linux/Unix based). This malware comes under the DDOS category. Once these devices like, Internet of things, DVRs, Camera etc. are attacked then they become bot and can be controlled remotely. (MalwareTech, 2016) These controlled devices called bots can be used as part of a botnet in large-scale network attacks.
Mirai does wide-ranging IP addresses scan and locate under-secured IoT devices that can be remotely accessed via simply guessable login credentials. This malware spreads by brute-forcing servers with a list of so many horribly insecure default passwords for example admin, admin123, root123 and other dictionary words etc. (Ken, 2016)
For mitigating the risk of this type of attacks-
- we must use the strong password in all our devices.
- We can deploy security devices like IPS (intrusion prevention system) and firewall and network scanning from outside can be blocked by using these devices.
All Attackers/Hackers play various roles for information gathering of the network system and later exploiting it. There are various roles are performed sequentially and in logical way to exploit the target system. These roles are like social engineering methods often involve impersonation, phishing, spam, hoaxes, typo squatting, and watering hole attacks etc. (Ciampa, 2015, p. 68)
DDOS is acronym of distributed denial of service. In this technique, Attacker uses large number of compromised machine to attack on a computer network or single machine. (McDowell, 2013) DDOS attack can be divided in three components –
- Bots – Army of the compromised machines. All nodes of army connect to controller for receiving the attack commands.
- Controller – this is the central server which manage all the bots and send the commands.
- Attacker – This component asks controller machine to send some attack commands to the specific network.
Examples of DDOS attacks are smurf attack, syn flood, HTTP GET flood and HTTP POST flood etc. In case of Mirai malware, Attacker asks all the bots to scan the IPs of the network and try to login it by using default passwords.
Message-digest fingerprints (checksum) for the provided files:
|
MD5 |
SHA1 |
SHA256 |
|
|
shattered-1.pdf |
EE4AA52B139D925F8D8884402B0A750C |
38762CF7F55934B34D179AE6A4C80CADCCBB7F0A |
2BB787A73E37352F92383ABE7E2902936D1059AD9F1BA6DAAA9C1E58EE6970D0 |
|
shattered-2.pdf |
5BD9D8CABC46041579A311230539B8D1 |
38762CF7F55934B34D179AE6A4C80CADCCBB7F0A |
D4488775D29BDEF7993367D541064DBDDA50D383F89F0AA13A6FF2E0894BA5FF |
SHA-256 hash algorithm is more secure as compared to MD5 and SHA1. SHA-256 generates the 256-bits long hash which is harder to break and so far, there is no collision attack found. In contrast, MD5 and SHA1 produces 128-bits and 160-bits long hash respectively. These two hash MD5 and SHA1 are vulnerable collision attacks.
Example of three hashes of same string “All is well”-
MD5: 83D32746565A8EC3DEC033AA221AC479
SHA1: 8ED19AEDBE9C09F57437A27E21EB51B03032E63C
SHA256: 0A62A6F248F6F91E799DFFE77779130729143139384642041D66C6CA964856A9
In Collision attack, we can create two different file which generates the same hash values then that hash algorithm is vulnerable to collision attack. By using this flaw attacker can replace the file with other file which is big failure of the security forced by hash functions. (Ciampa, 2015, p. 191)
The SHA0 and SHA1 function couldn’t guard the network system against these kinds of attacks that is why it got obsoleted and not in use. As we can see in above table in 3(1), that 2 different pdf files have produced the same SHA1 hash. This collision attack was discovered by Google that is why Google announced that it had performed a successful collision attack on the popular SHA-1 cryptographic hash function for the first time in early 2017.
The Vigenère cipher method uses numerous Caesar ciphers in some order with diverse shift values. A keyword is used for encrypting any string. For Encrypting any plain text string, a table of alphabets is used, called a Vigenère’s square or Vigenère’s table. (Rodriguez-Clark, CRYPTO CORNER, 2017)
Possible issues of vulnerable devices and preventive strategies
The main difference between Caesar and Vigenère method is, Caesar uses the fix values for shifting the alphabets i.e. all letters will use the same shift value. But in Vigenère method, it uses variable shift value for each letter in the string and this variable shift value depends on keyword used for encryption.
By using Vigenère cipher, choose a key to encrypt the plaintext “meet me after the toga party”-
Mechanism Used for Encryption: As we know that for encrypting any string by using Vigenère cipher, we need a keyword. Let’s assume the keyword is “SKYBLUE”. Also, we need the Vigenère table.
String: meet me after the toga party
Keyword: SKYBLUE
Cipher: eocu xy exdcs ebi lyeb auvli
The main common methods use statistical methods to discover the key length, then a simple frequency study allows to find the key. Kasiski test finds repeating sequences of letters in the cipher text. By analysing the gaps between two similar repetitive sequences, an attacker can discover multiples of the key width. (Rodriguez-Clark, Kasiski Analysis, 2017)
For improving the strength of this cipher algorithm, we should use the long keyword, it will result much gap between repeated pattern in encrypted data and much efforts will be required to guess the length of the keyword and will result the low possibility of attack.
RSA belongs to Asymmetric key cryptography. RSA is protocol developed by three developer Ron Rivest, Adi Shamir, and Leonard Adleman. RSA name is taken from first letter of the last name of Ron Rivest, Adi Shamir, and Leonard Adleman. They first openly defined the procedure in 1978.
As we know that RSA is asymmetric key cryptography so it uses a pair of key, one key is called private key and another key is called public key. Here we keep the private key secure and confidential and we publish the public key using PKI infrastructure. (Ciampa, 2015, p. 203)
- Encryption/Decryption using RSA Protocol: This protocol uses one mathematical algorithm for generating the set of key.
In this procedure, it takes two very huge prime numbers m and n. The definition of prime number is that it is divisible only by 1 or itself. It multiplies this number c = mn. Post that, it randomly selects a number e which is small than c and a prime factor to (m – 1) (n – 1). Post that number d is selected where (ed – 1) is divisible by (m – 1) (n – 1). The values of e and d are the public and private component. The public key set is (c,e) and the private key set is (c,d).
For using RSA key for encryption and decryption, two pair of RSA key are generated. One set is used for sender and another is used for Receiver.
- Digital Signature: The Purpose of digital signature is to verify the sender, nonrepudiation and data integrity. For signing the data, we use the asymmetric key cryptography.
If data needs to be digitally signed, then we calculate the hash of the data and encrypt the hash using the senders public key. This encrypted hash is called the sender’s digital signatures. This digital signature is sent to receiver along with the actual data and sender’s certificate. Receiver verifies the signature by calculating the hash again at their end. After this it decrypt the signature by using sender’s public key.
The main weakness with digital signature is that it only verifies that sender’s private key was used for signing the message. But it does not confirm the identity of the sender and receiver doesn’t know who is sender. (Ciampa, 2015, p. 230)
For compensating this weakness, sender uses the digital certificate which is signed by the trusted third party. Both sender and receiver has strong trust on this third party. whenever any user sends digitally signed data to other party then it also attaches its own digital certificate. At Recipient side, receiver verifies the sender’s certificate and if certificate is valid then it takes the public key from sender and validate the digitally signed data. In this way receiver, can know that data came from real sender.
References
Ciampa, M. (2015). CompTIA security+ guide to network security fundamentals (5th ed.). Boston: Cengage.
Ken, S. (2016). A Post-Mortem on the Mirai Botnet: Part 1: Defining the Attack. Retrieved August 20, 2017, from https://www.pwnieexpress.com/blog/mirai-botnet-part-1
MalwareTech. (2016). Mapping Mirai: A Botnet Case Study. Retrieved August 18, 2017, from https://www.malwaretech.com/2016/10/mapping-mirai-a-botnet-case-study.html
McDowell, M. (2013). Security Tip (ST04-015). Retrieved August 16, 2017, from https://www.us-cert.gov/ncas/tips/ST04-015
Rodriguez-Clark, D. (2017). CRYPTO CORNER. Retrieved August 21, 2017, from https://crypto.interactive-maths.com/vigenegravere-cipher.html
Rodriguez-Clark, D. (2017). Kasiski Analysis. Retrieved August 19, 2017, from https://crypto.interactive-maths.com/kasiski-analysis-breaking-the-code.html.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
