Cryptography and Network security, explain the BLOWFISH cryptosystem, and Nmap tools.

1. FACULITY OF ELECTRONIC
TECNOLOGY
COMPUTETR ENGINEERING
(MSc)
By: Haitham Farag Daw
1
Cryptography andCryptography and
Network SecurityNetwork Security

2. OutLine
2
Blowfish Encryption Algorithm
Paper Search
Nmap Tool

3. Blowfish Encryption
Algorithm
3
-----------------------------------------------------------------

4. Main point
 Introduction
 Structure
 Cryptanalysis
 Comparison
 References
4

5. Introduction
 designed in 1993 by Bruce Blowfish
 64-bit block cipher with variable length key
 Large key-dependent S-boxes
 More resistant to cryptanalysis
 Key-dependent permutations
 Diverse Mathematical Operations
 Combine XOR and addition
5

6. Continue
 Fast
 Compact It can run in less than 5K of memory.
 Simple to code
 Easily modifiable for different security levels
 Secure: The key length is variable ,it can be in
the range of 32~448 bits: default 128 bits key
length.
 Unpatented and royality-free.
6

7. Structure of BF
 Feistel iterated block cipher
 Scalable Key (32 to 448 bits)
 Simple operation that are efficient on
microprocessors
 XOR, Addition, Table lookup, etc
 Employ Precomputable Subkeys
 Variable number of iterations
7

8. 8

9. Implementation: Encryption
( )
171617
181617
11
111
PRR
PLL
PLR
RPLFL
iii
iiii
⊕=
⊕=
⊕=
⊕⊕=
−−
−−−
Wikipedia,
http://en.wikipedia.org/wiki/Image:BlowfishDiagram.png
Arrays:
P – Number of rounds + 2 elements
4 S-boxes – 256 elements
9

10. Implementation: Function F(x(
( ) [ ] [ ]( ) [ ]( )
[ ]07
81516232431031
4
321
−
−−−−
+
⊕+=
XS
XSXSXSXF
Wikipedia,
http://upload.wikimedia.org/wikipedia/en
/8/81/BlowfishFFunction.png
Addition is mod 232
10

11. Data Encryption
• Divide 64-bits into two 32-bit halves: XL, XR
• For i = 1 to 16
o XL = XL XOR Pi
o XR=F(XL) XOR XR
o Swap XL and XR
• Swap XL and XR (Undo the last swap )
• XR=XR XOR P17
• XL = XL XOR P18
• Concatenate XL and XR
11

12. Cryptanalysis
 Differential Attack
 After 4 rounds a differential attack is no better than a brute
force attack
 Weak Keys
 S-box collisions
 blowfish algorithm has yet to be cracked as the key size
is high, requires 2448
combinations
12

13. Future Concerns
 Simplifications
 Fewer and Smaller S-boxes
 Fewer Iterations
 On-the-fly subkey calculation
 Twofish
 AES Finalist
 128-bit Block Size
 More Operations
13

14. Comparison
14

15. References
 Wikipedia (for illustrations)
 http://en.wikipedia.org/wiki/Blowfish_cipher
 Applied Cryptography
 Bruce Schneier
 John Wiley and Sons, Inc. 1996
 The Blowfish Paper
 http://www.schneier.com/paper-blowfish-fse.html
15

16. Paper Search
-----------------------------------------------------------------
16

17. New Approach for Modifying Blowfish
Algorithm by Using
Multiple Keys
by
Afaf et al in
VOL.11 No.3, March 2011, Amman, Jordan,
Baghdad, Iraq
17

18. Nmap Tool
-----------------------------------------------------------------
18

19. Outline
Introduction
Port Scanning
 Nmap
 Anti-Port Scanning
 Reference
19

20. Introduction
IP Addresses: Finding out an IP Address
 Through Instant Messaging Software
 Through Internet Relay Chat
 Through Your website
 Through Email Headers
20

21. 21
Port Scanning
 Port Scanning is normally the first step that an
attacker undertakes.
 List of Open Ports
 Services Running
 Exact Names and Versions of all the Services or
Daemons.
 Operating System name and version

23. Major Tools Available
 Some of the best and the most commonly used Port
Scanners are:
 Nmap
 Superscan
 Hping
 Nessus
 Common Features of all above Port Scanners:
 Very Easy to Use
 Display Detailed Results
23

24. Nmap
 Nmap (Network Mapper) is a security scanner originally
written by Gordon Lyon , (1997).
 Is a free and open source, Website nmap.org.
 Nmap runs on all major computer operating systems
 Used to discover
 hosts and services on acomputer network, and security
auditing
 Thus creating a "map" of the network.
24

25. 25
 Determain what..
 operating systems
 vulnerability detection.
 It was designed to rapidly scan large networks
 Nmap is also capable of adapting to network
conditions including latency and congestion during a
scan
 Nmap sends specially crafted packets to the target
host and then analyzes the responses.

26. Nmap features
 Host discovery
 Port scanning
 Version detection
 OS detection
 Nmap can provide further information on targets,
including reverse DNS names, device types, and
MAC addresses.
26

27. 27

28. 28

29. 29

30. Anti-Port Scanning
 Some useful Anti-Port Scanning software available
are:
 Scanlogd
 BlackICE
 Snort
 Abacus Port sentry
 And multi tools using to hide the IP address .
30

31. Reference
 http://nmap.org/book/man.html
 http://nmap.org/book/install.html
 http://nmap.org/nsedoc
 H.mondo89@yahoo.com
31