Cryptography

Cryptography is the science of writing in secret code and is an ancient art; the first
documented use of cryptography in writing dates back to circa 1900 B.C. when an
Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue
that cryptography appeared spontaneously sometime after writing was invented, with
applications ranging from diplomatic missives to war-time battle plans. It is no
surprise, then, that new forms of cryptography came soon after the widespread
development of computer communications. In data and telecommunications,
cryptography is necessary when communicating over any untrusted medium, which
includes just about any network, particularly the Internet.
Within the context of any application-to-application communication, there are some
specific security requirements, including:
Authentication: The process of proving one's identity. (The primary forms of
host-to-host authentication on the Internet today are name-based or addressbased, both of which are notoriously weak.)
Privacy/confidentiality: Ensuring that no one can read the message except the
intended receiver.
Integrity: Assuring the receiver that the received message has not been altered
in any way from the original.
Non-repudiation: A mechanism to prove that the sender really sent this
message.
Cryptography, then, not only protects data from theft or alteration, but can also be
used for user authentication. There are, in general, three types of cryptographic
schemes typically used to accomplish these goals: secret key (or symmetric)
cryptography, public-key (or asymmetric) cryptography, and hash functions, each of
which is described below. In all cases, the initial unencrypted data is referred to
as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted
into usable plaintext
Public-key cryptography, also known as asymmetric cryptography, is a class
of cryptographic algorithms which requires two separate keys, one of which
is secret (or private) and one of which is public. Although different, the two parts of
this key pair are mathematically linked. The public key is used

to encrypt plaintext or to verify a digital signature; whereas the private key is

used to decrypt ciphertext or to create a digital signature. The term "asymmetric"
stems from the use of different keys to perform these opposite functions, each the
inverse of the other as contrasted with conventional ("symmetric") cryptography
which relies on the same key to perform both.
Symmetric-key algorithms are a class of algorithms for cryptography that use the
same cryptographic keys for both encryption of plaintext and decryption of ciphertext.
The keys may be identical or there may be a simple transformation to go between the
two keys. The keys, in practice, represent a shared secret between two or more parties
that can be used to maintain a private information link. This requirement that both
parties have access to the secret key is one of the main drawbacks of symmetric key
encryption, in comparison to public-key encryption.

Caesar cipher
In cryptography, a Caesar cipher, also known as Caesar's cipher, the shift
cipher, Caesar's code or Caesar shift, is one of the simplest and most widely
known encryption techniques. It is a type of substitution cipher in which each letter in
the plaintext is replaced by a letter some fixed number of positions down the alphabet.
For example, with a left shift of 3, D would be replaced by A, E would become B, and
so on. The method is named after Julius Caesar, who used it in his private
correspondence.
The encryption step performed by a Caesar cipher is often incorporated as part of
more complex schemes, such as the Vigenre cipher, and still has modern application
in the ROT13 system. As with all single alphabet substitution ciphers, the Caesar
cipher is easily broken and in modern practice offers essentially no communication
security.
The transformation can be represented by aligning two alphabets; the cipher alphabet
is the plain alphabet rotated left or right by some number of positions. For instance,
here is a Caesar cipher using a left rotation of three places, equivalent to a right shift
of 23 (the shift parameter is used as the key):
Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW

When encrypting, a person looks up each letter of the message in the "plain" line and
writes down the corresponding letter in the "cipher" line. Deciphering is done in
reverse, with a right shift of 3.
Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD
Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG

FIREWALL
A firewall is a hardware or software system that prevents unauthorized access to or from a
network. It can be implemented in both hardware and software, or a combination of both.
Firewalls are frequently used to prevent unauthorized Internet users from accessing private
networks connected to the Internet. All data entering or leaving the intranet pass through the
firewall, which examines eachpacket and blocks those that do not meet the specified security
criteria.
Generally, firewalls are configured to protect against unauthenticated interactive logins from the
outside world. This helps prevent hackers from logging into machines on your network. More
sophisticated firewalls block traffic from the outside to the inside, but permit users on the inside
to communicate a little more freely with the outside.
Firewalls are essential since they provide a single block point, where security and auditing can
be imposed. Firewalls provide an important logging and auditing function; often, they provide
summaries to the administrator about what type/volume of traffic has been processed through it.
This is an important benefit: Providing this block point can serve the same purpose on your
network as an armed guard does for your physical premises.

What are the different types of firewalls?

The National Institute of Standards and Technology (NIST) 800-10 divides firewalls into three
basic types:

Packet filters

Stateful inspection

Proxys

These three categories, however, are not mutually exclusive, as most modern firewalls have a
mix of abilities that may place them in more than one of the three. For more information and
detail on each category, see theNIST Guidelines on firewalls and firewall policy.
One way to compare firewalls is to look at the Transmission Control Protocol/Internet Protocol
(TCP/IP) layers that each is able to examine. TCP/IP communications are composed of four
layers; they work together to transfer data between hosts. When data transfers across networks,
it travels from the highest layer through intermediate layers to the lowest layer; each layer adds
more information. Then the lowest layer sends the accumulated data through the physical
network; the data next moves upward, through the layers, to its destination. Simply put, the data
a layer produces is encapsulated in a larger container by the layer below it.

Network layer firewalls

Network layer firewalls generally make their decisions based on the source address, destination
address and ports in individual IP packets. A simplerouter is the traditional network layer firewall,
since it is not able to make particularly complicated decisions about what a packet is actually
talking to or where it actually came from.
One important distinction many network layer firewalls possess is that they route traffic directly
through them, which means in order to use one, you either need to have a validly assigned IP
address block or a private Internet address block. Network layer firewalls tend to be very fast
and almost transparent to their users.

Application layer firewalls

Application layer firewalls are hosts that run proxy servers, which permit no traffic directly
between networks, and they perform elaborate logging and examination of traffic passing
through them. Since proxy applications are simply software running on the firewall, it is a good
place to do logging and access control. Application layer firewalls can be used as network
address translators, since traffic goes in one side and out the other after having passed through
an application that effectively masks the origin of the initiating connection.
However, run-of-the-mill network firewalls can't properly defend applications. As Michael
Cobb explains, application layer firewalls offerLayer 7 security on a more granular level, and may
even help organizations get more out of existing network devices.
In some cases, having an application in the way may impact performance and make the firewall
less transparent. Older application layer firewalls that are still in use are not particularly
transparent to end users and may require some user training. However, more modern
application layer firewalls are often totally transparent. Application layer firewalls tend to provide
more detailed audit reports and tend to enforce more conservative security models than network
layer firewalls.
Future firewalls will likely combine some characteristics of network layer firewalls and application
layer firewalls. It is likely that network layer firewalls will become increasingly aware of the
information going through them, and application layer firewalls have already become more

transparent. The end result will be kind of a fast packet-screening system that logs and checks
data as it passes through.

Proxy firewalls
Proxy firewalls offer more security than other types of firewalls, but at the expense of speed and
functionality, as they can limit which applications the network supports.
Why are they more secure? Unlike stateful firewalls or application layer firewalls, which allow or
block network packets from passing to and from a protected network, traffic does not flow
through a proxy. Instead, computers establish a connection to the proxy, which serves as an
intermediary, and initiate a new network connection on behalf of the request. This prevents
direct connections between systems on either side of the firewall and makes it harder for an
attacker to discover where the network is, because they don't receive packets created directly by
their target system.
Proxy firewalls also provide comprehensive, protocol-aware security analysis for the protocols
they support. This allows them to make better security decisions than products that focus purely
on packet header information.