Chapter-1: Introduction to Information Security

• Basic concepts of information security
• Common network attack events and their classification

Chapter-2: Information Security Assurance System

• Basic concepts of information security assurance
• Common security attributes and their implementation
• Information security assurance architecture and information security defense models
• Risk assessment and classified protection

Chapter-3: Overview of Cryptographic Technology This chapter introduces the basic concepts, classification, implementation, and application principles of cryptographic technology. Topics include:

• Basic concepts and terminology of cryptographic technology
• Symmetric cryptosystems and public key cryptosystems
• Digital signature technology and its properties +++

Since I don't know what the key points are, I can only guess by myself QAQ

Basic Concepts of Information Security

Information

A type of resource and object of communication, possessing universality, shareability, value-added nature, processability, and multi-utility, with particularly important significance for human social development.

Information System

A human-machine system composed of computers and their related and supporting equipment and facilities (including networks), designed to collect, process, store, transmit, retrieve, and otherwise handle information according to certain application goals and rules. (GB/Z20986-2007)

Information Security Incident

An event caused by natural or human factors, or by defects or failures in software and hardware, that causes harm to information systems or has a negative impact on society.

Information Security Assurance (Ensuring Information Security)

Protecting information resources in information systems and networks from various types of threats, interference, and destruction.

Measures: Finding, preventing, and blocking potential threats that cause harm and impact.

Classification of Information Security Events

7 basic types:

• Malware events
• Network attack events
• Information destruction events
• Information content security events
• Equipment and facility failures
• Disaster events
• Other events

Malware Events

• Computer virus events
• Worm events
• Trojan horse events
• Botnet events
• Blended attack program events
• Web-embedded malicious code events
• Other malware events...

Network Attack Events

• Denial of service attack events
• Backdoor attack events
• Vulnerability exploitation events
• Network scanning and eavesdropping events
• Phishing events
• Interference events
• Other network attack events...

Information Destruction Events

• Information tampering events
• Information forgery events
• Information leakage events
• Information theft events
• Information loss events
• Other information destruction events...

Information Content Security Events

• Information security events that violate the constitution, laws, and administrative regulations
• Information security events where discussions and comments on social issues form online sensitive public opinion hotspots, resulting in a certain scale of hype
• Information security events involving organizing gatherings, inciting assemblies and demonstrations
• Other information content security events...

Public Opinion on the Internet and Its Monitoring

Public opinion refers to the social and political attitudes held by the public toward social administrators, arising around intermediary social events in a certain social space. Online public opinion forms rapidly and has a huge social impact.

Characteristics: Directness, Suddenness, Deviation

Equipment and Facility Failures

• Software and hardware failures
• Supporting facility failures
• Man-made damage incidents
• Other equipment and facility failures

Disaster Events

• Data disaster caused by the 9/11 terrorist attack
• Others...

Other Network Attack Events

Information security events outside the 6 basic categories described above.

In addition to classification, information security events can also be graded. Grading mainly considers three aspects of impact:

• Importance of the information system
• System losses
• Social impact

Information Security Attributes

The main information security attributes are as follows:

1. Confidentiality
2. Integrity
3. Authentication (Verifiability)
4. Non-repudiation
5. Availability
6. Reliability
7. Accountability
8. Controllability
9. Assurance

Confidentiality

Integrity

Authentication (Verifiability)

Non-Repudiation

Availability

Reliability

Note the distinction between reliability and availability. Reliability emphasizes the continuous operation of the system without failures, while availability focuses on the overall duration of service. A highly available system can work promptly at any given moment.

The blog post Difference between Availability and Reliability mentions an example: if a system crashes for 1ms every hour, its availability exceeds 99.9999%, but it is still highly unreliable because it can only run without failure for 1 hour. Similarly, if a system never crashes but goes down for two weeks each year, it is highly reliable but has only 96% availability.

Accountability

!! This feels like it's the same as non-repudiation, but this is what's written in the slides so let's just memorize it like this- -!!

Controllability

Assurance

Information Security Assurance Architecture and Defense Models

The information security assurance system includes three major elements: people, policy (including laws, regulations, rules, and management), and technology.

The main content is to implement various security attributes such as confidentiality, authentication, integrity, and availability.

Goal: Ensuring the security of information and information systems.

The information security defense model mainly consists of the following steps:

1. Risk Assessment (Evaluation)
2. Policy Development (Policy)
3. Implementation of Protection (Protection)
4. Monitoring (Detection)
5. Response (Reaction)
6. Recovery (Restoration)

Risk Assessment (Evaluation)

Conducting a comprehensive risk assessment of the information system

• Requires comprehensive understanding of information system application requirements, network infrastructure, external and internal environments, security threats, personnel, policies and regulations, security technologies, etc.
• Proficiency in using various methods, means, and tools to perform manual and automated analysis of system risks, providing a comprehensive and detailed risk assessment.

Policy Development (Policy)

Security policy is the core of the security model

• Subsequent protection, detection, response, and recovery phases are all implemented based on security policies
• Security policies provide management direction and support for security management
• Establishing the policy system includes the formulation, evaluation, and execution of security policies

Implementation of Protection (Protection)

Using all possible methods, technologies, and means to prevent information and information systems from security threats, reducing and lowering the possibility of intrusion and attack.

Achieving security attributes such as confidentiality, integrity, availability, controllability, and non-repudiation.

• Improving perimeter defense capabilities
• Protection at information processing stages
• Information transmission protection

Monitoring (Detection)

Monitoring and detecting the information system according to security policies after system protection is implemented

• Monitoring and controlling system operational status, detecting anomalies, and potentially making dynamic adjustments
• Checking and measuring deployed systems and their security protections
• Serves as the basis for dynamic response and enhanced protection, and a means to enforce security policies

Response (Reaction)

Processing performed after a known attack (intrusion) event occurs

• Adjusting the system to a secure state
• Promptly handling events, behaviors, and processes that endanger security
• Preventing further spread of harm, striving to maintain normal service provision

Recovery (Restoration)

Recovery can be divided into system recovery and information recovery.

• System recovery refers to fixing the system defects exploited in security events, such as system upgrades, software upgrades, and patching to remove system vulnerabilities or backdoors.
• Information recovery refers to recovering lost data.

After recovery, risk assessment is performed again, creating a cycle.

Risk Assessment and Classified Protection

Classified Protection

GB17859-1999 "Criteria for Classified Protection of Computer Information System Security"

1. Level 1: User Self-Protection Level (equivalent to C1)
2. Level 2: System Audit Protection Level (equivalent to C2)
3. Level 3: Security Label Protection Level (equivalent to B1)
4. Level 4: Structured Protection Level (equivalent to B2)
5. Level 5: Access Verification Protection Level (equivalent to B3-A1)

Information Security Technical Principles

Principle of Least Privilege

Sensitive information under protection should only be shared within a certain scope

A security subject performing work duties and functions, under the premise of legal and relevant security policy permission, is granted appropriate access rights to information to meet work needs. This is called the principle of least privilege.

Separation of Duties Principle

In information systems, all privileges should be appropriately divided

• Each authorized subject should only possess a portion of the privileges
• They should mutually constrain and supervise each other, collectively ensuring the security of the information system.
• If an authorized subject is assigned excessive privileges without supervision and constraints, there is a hidden security risk of power abuse.

Security Isolation Principle

Separating information subjects from objects, and implementing subject access to objects under controllable and secure conditions according to certain security policies.

Basic Concepts and Terminology of Cryptographic Technology

Basic Concepts of Cryptographic Technology

Reference blog: Cryptographic Security: Classical Ciphers and Symmetric Ciphers Classical ciphers focus on the careful design and secrecy of encryption algorithms, while modern ciphers focus on the secrecy of keys, making the encryption algorithms public. Modern ciphers can be further divided by key type into symmetric encryption and asymmetric encryption. Symmetric encryption means the encryption and decryption keys are the same; asymmetric encryption means the encryption and decryption keys are different.

Classical Ciphers

Transposition ciphers or substitution ciphers

Transposition ciphers, as the name suggests, simply rearrange the plaintext into ciphertext.

The Caesar cipher is a typical substitution-based encryption method that can be easily broken.

See the next chapter's review for details.

Modern Ciphers

• Shannon's 1949 paper "Communication Theory of Secrecy Systems" marks the birth of modern cryptography

Common Terminology

The relevant terms for a data confidentiality communication system are as follows:

• Plaintext: The original information/data that needs security protection, commonly denoted as m. All plaintexts constitute the plaintext space, commonly denoted as M.
• Ciphertext: The data obtained after encrypting the original data, commonly denoted as c. All ciphertexts constitute the ciphertext space, commonly denoted as C.
• Encryption: $c=E_{k1}(m)$
• Decryption: $m=D_{k2}(c)$
• Key: Secret information used for encryption and decryption. All keys constitute the key space, commonly denoted as K.
• Public channel: A channel for public data transmission, also called a common channel.
• Secret channel: Refers to a secure channel, used for transmitting keys.

Cipher System

For $m\in M$, $k1,k2\in K$, the five-tuple (M,C,K,E,D) is called a cipher system, where E and D represent cryptographic algorithms: specific transformation processes or mathematical methods.

• Encryption can be viewed as the process of mixing and transforming the key with the plaintext
• Decryption is the process of stripping the key from the ciphertext, hence also called the decryption process.

Kerckhoffs' Assumption
For a cipher system, the encryption and decryption algorithms are efficient and effective for all keys.
The security of the cipher system should not depend on the secrecy of the algorithm, but only on the secrecy of the key.

Symmetric Cryptosystems and Public Key Cryptosystems

Symmetric key cryptosystem: Encryption and decryption use the same key (single key) Public key cryptosystem: Encryption and decryption use different keys (dual key)

Symmetric Cryptosystem

Basic Characteristics

• Single key: Encryption and decryption use the same key
• Dependency relationship: The encryption key and decryption key have an obvious dependency relationship; one can easily be derived from the other.
• Shared key: Symmetric cryptosystems mostly use the same key for encryption and decryption, known as shared key between encryption and decryption parties.
• Keys are transmitted through secure channels

Symmetric cryptosystems are classified as follows:

• Block cipher
• Sequential cipher (Stream cipher)

Block Cipher

1. Divide into blocks
2. Encrypt each block
3. Obtain equally-sized ciphertext blocks

First divide the plaintext into several equal-length block groups, such as 64-bit or 128-bit blocks, then encrypt each block separately to obtain equally-sized ciphertext blocks.

The decryption process is similar. In some cipher systems, the decryption algorithm is exactly the same as the encryption algorithm, such as DES.

Two design principles for block ciphers:

Diffusion

• Spread the influence of plaintext and key as quickly as possible into more output ciphertext
• A typical operation is permutation (e.g., rearranging character order)

Confusion

• Complicate the relationship between the key acting on the plaintext and the ciphertext
• Minimize the statistical correlation between plaintext and ciphertext, and between ciphertext and key, making statistical analysis attacks ineffective.
• Confusion typically uses substitution

Sequential Cipher (Stream Cipher)

1. Generate an arbitrary-length byte stream (random sequence) from a key seed
2. Mix the generated random sequence with the plaintext bit by bit or byte by byte (e.g., XOR)
3. Obtain the ciphertext sequence

Encrypt plaintext bit by bit or byte by byte, typically by mixing it with a key (an arbitrary-length byte stream generated from a key seed) through operations like XOR to obtain the ciphertext sequence. Also called Stream cipher.

Feistel Network Structure

Block ciphers generally employ multiple rounds of identical iterative operations (round operations) to achieve thorough confusion and diffusion between plaintext and key.

• Many block cipher systems adopt the Feistel network structure.
• The Feistel structure ensures that no matter how complex the round function F transformation is, it does not affect the consistency of encryption and decryption processes, achieving reversibility of the encryption process.
• The round function F has good nonlinearity, increasing the difficulty of cryptanalysis.
• Block ciphers increase confusion through multiple rounds of processing, with each round using a different round key (expanded from the initial key).

Encryption algorithms based on the Feistel structure include DES, RC6, MARS, etc.

Recommended reading: Simple Analysis of Feistel Network Structure and DES Encryption Algorithm Framework

Public Key Cryptosystem

Basic Characteristics

• Dual key: Encryption and decryption use different keys
• Algorithm: Trapdoor one-way function
• Depends on certain special mathematical problems (large number factorization, discrete logarithm, etc.)

A public key cryptosystem has two completely different keys, where one can be made public (public key, commonly used for encryption) and the other must be kept secret (private key, commonly used for decryption).

The algorithm of public key cryptography is a trapdoor one-way function f:

• For any x in the domain of $f$, it is easy to compute $f(x)$
• For almost all y in the range of $f$, even if $f$ is known, computing $f^{-1}(y)$ is infeasible
• Only when given certain auxiliary information (trapdoor) is it easy to compute $f^{-1}(y)$

In this case, $f$ is called a trapdoor one-way function, and the auxiliary information (trapdoor information) serves as the secret key.

Public key cryptosystems generally rely on certain special mathematical problems, such as large number factorization and discrete logarithm problems in number theory, to construct one-way functions. Therefore, the security strength of such ciphers depends on the computational complexity of the underlying problem.

Currently, the main public key cryptosystems fall into two categories:

• Public key cryptosystems based on the large integer factorization problem, such as the RSA system
• Public key cryptosystems based on the discrete logarithm problem, such as the ElGamal cryptosystem and elliptic curve cryptosystem.

Digital Signature Technology and Its Properties

What is a Digital Signature

A hypothetical example is as follows:

Person A wants to transmit a document to Person B over the network. After B receives this document:

• Can B confirm the authenticity of this document? (It actually comes from A, not someone else impersonating A)
• Can B confirm the correctness of this document? (It has not been tampered with during transmission)
• What if A denies ever having sent the document? Non-repudiation (A actually did send it)

This requires digital signatures:

• Digital signatures must use certain information that is unique to the signer to prevent forgery and denial.
• The generation and verification of digital signatures must be relatively easy, and in case of disputes, arbitration can be conducted through a trusted third party TTP.
• Public key cryptography provides the theoretical basis for digital signatures:
  • In a public key cryptosystem, the private key is private and secret; others cannot obtain it, making it usable as the holder's unique identification information.

The digital signature mechanism uses public key cryptography to make the message receiver believe that the received message comes from the claimed message sender (identification and authentication of the message subject -- authentication protection), and trust the message (the message was correctly delivered and has not been tampered with -- integrity protection), while the message signer cannot deny having signed the message (non-repudiation protection).

In other words, digital signatures can achieve protection of 3 security attributes:

• Authentication: Authenticity verification of entities and messages
• Integrity
• Non-repudiation