20071219

Answer of yesterday's game

Although it is not 24 hours yet, I still want to give the answer and solution to you.
As some of you may know, what I did is to hide the most significant 4-bits/ 3-bits of an image to the least significant bits of each pixel of the photo. It is the reason why the photo did not change much after this modification. The reverse is also very intuitive, I will leave it to you.

Here is the image hidden in each photo.


EncodeDecode

photos taken by Sam Rohn - Location Scout

Here is my source code, which is written in python. If you want to run this code, you need to have the package Python Imaging Library (PIL).

Reference:
http://en.wikipedia.org/wiki/Steganography
http://www.pythonware.com/products/pil/
http://petitcolas.net/fabien/steganography/
http://utilitymill.com/utility/Steganography_Encode

20071217

Steganography Study

I have promised to give a funny game yesterday. However, actually, it is not that easy to make the game. This game does not have a very strict rule, and it is not really a game. This game just want to give an opportunity for me and you to get more familiar with steganography. I will provide three photos below, and what you need to do is try to get back the images hidden in these photos. I will give the solutions and the program to fetch the hidden images tomorrow.





photos taken by Sam Rohn - Location Scout
Hint: 4-bit/ 3-bit pixels of the hidden image is inside the given photos.

20071216

Cryptographic Techniques

Today, I would like to discuss some technical terms which are related to cryptography. Cryptography is the art of achieving security by encoding messages to make them non-readable. In general, we say that a message need to be encode is called plain text, while the encoded message is called cipher text. There are two primary ways to encode a plain text message, Substitution and Transposition.

The earliest substitution scheme is called Caesar Cipher, proposed by Julius Caesar. This encryption algorithm is to replace each alphabet in the message with the alphabet three places down the line. (ie. A replaced by D, B replaced by E, ... Z replaced by C).
For further information about substitution techniques, please visit Substitution cipher.

Rail Fence Technique is an example of transposition. This algorithm first write down the plain text message as a sequence of diagonals, then read the plain text written as a sequence of rows. eg. Original plain text message: what the hell you are doing
W A T E E L O A E O N
 H T H H L Y U R D I G
and the result cipher text is "wateeloaeonhthhlyurdig". Other transposition technique is quite similar to Rail Fence Technique, here is more examples of Transposition cipher.

Every encryption and decryption process has two aspects, the algorithm and the key used for encryption and decryption. There are two cryptographic mechanisms, depending on what keys are used. Symmetric Key Cryptography, is the mechanisms that using the same key for both encryption and decryption. In opposite, the mechanisms use different keys for encryption and decryption is called Asymmetric Key Cryptography.

In symmetric key cryptography, the problem is key distribution. Since the key is to decrypt the message in the receiver side, how can the key distributed securely to receiver? Whitefield Diffie and Martin Hellman developed an amazing solution for key distribution problem in 1976. The solution is called Diffie-Hellman key exchange algorithm. The algorithm is very easy to understand, here is how it works. First, if A and B want to exchange message, they first come up with two large prime numbers, n and g. These two numbers need not be kept secret. Then A and B choose two large random number x and y respectively, then calculate two numbers vA = gx mod n, vB = gy mod n respectively. After that, A and B exchange vA and vB. At last, A will get the secret K1 = vBx mod n, B will get the secret K2 = vAy mod n. At last, K1 is equal to K2, and the key has been exchanged. However, this algorithm raises another problem, it is caused by the first step. If the third party, user C, intercept the message and get the value n and g. then C can continue the whole process to get further data exchange between A and B, because C holds the keys to communicate to A and B. However, A and B will never know that their data has been hijacked. This problem is called man-in-the-middle attack.

In asymmetric key cryptography, the problems mentioned above will not exist. When A try to communicate with others, it can ask the trusted third party T, to get a pair of key, one is called public key, which will be distributed to those who want to send data A. The other is called private key, which is held by A to decrypt the message. The other name of this cryptography mechanism is called Public-key cryptography.

Another message encoding technique is called steganography. This technique is to hide the message that is to be kept secret inside other messages.

ps. I will provide a fun game tomorrow.

20071215

Cryptography and Network Security

I am reading this book "Cryptography and Network Security" (Seems Amazon does not have this book, please tell me if you find it in Amazon). Seriously, I want to learn network security, and that's why I resume this blog for making notes when I am reading it.
Hope you enjoy and rise questions or comments if you have any.

Chapter 1: Introduction
In chapter 1, it describes some basic principles of security, and attacks related to each principle. There are mainly five principles of security, they are confidentiality, authentication, integrity, availability and non-repudiation.

The principle of confidentiality specifies that only the sender and the intended recipents should be able to access the contents of a message. Confidentiality gets compromised if an unauthorized person is able to get the message. The simple example is, if user A want to send a message to user B, another user C capture the message without permission or knowledge of A and B. This type of attack is called interception.

Authentication mechanisms help establish proof of identities. The authentication ensures that the sender of a message is correctly identified. If user C sends a message to B. However, C has posed as user A when he sent this message to B. User B would not know that the message is come from C, but not A. This kind of attack is called fabrication.

When the contents of a message is changed after the sender sends it, but before it reaches the receiver, then the integrity of this message is lost. For example, user A transfers HKD $100 dollars to user B through the online Banking System. Unfortunately, user C capture the message and edit the content as "Transfer HKD $1000", both user A and B has no way of knowing that the contents were changed during the message was transferring. This attack is called modification.

Non-repudiation does not allow the sender of a message to refute the claim of not sending that message.

The principle of availability states that resources should be available to authorized parties at all times. Due to the intentional actions of an unauthorized user C, an authorized user A may not be able to contact a server B, this is an attack called interruption.

Theoretically, attacks can be divided into two categories, passive attack and active attack. passive attack is not easy to detect because attacker does not attempt to perform any modification to the data. Obviously, active attack is the opposite of passive attack, it is based on modification of the original message, and this kind of attack is easy to detect but difficult to prevent. The following two are examples of each attack.

IP Sniffing is a passive attack on an ongoing conversation. An attacker can simply observe packets they pass by. There are two ways to prevent attackers from sniffing packets. The first is encode the data before sending it, second is the transmission link itself can be encoded.

In IP Spoofing, an attacker sends packets with an incorrect source address. When this happens, the receiver has no way to know that the sender is fake, and he send replies back to the forged address, and not to the attacker. However the attacker can intercept the reply to get information he needs for hijacking attacks, or just want to cause the Denial of Service by these messages.