Vous êtes sur la page 1sur 11

A PAPER PRESENTATION

ON
CRYPTOGRAPHY AND NETWORK
SECURITY
FOR
SVITS QUEST 2007

PRESENTED BY

Naresh kumar .K Rajeswara Reddy .k


MCA (II/IV) MCA (II/IV)
E-Mail: naresh1985_mca@yahoo.co.in E-Mail rajesh_katasani@yahoo.co.in

1
Contents:
Abstract

• Introduction

• Network Security Problems

• Key process Techniques

• Advanced cryptographic technique

 Steganography

• Cryptographic technologies

 Based on layers
 Based on algorithms

• Applications of cryptography

• Application of network security

• Conclusion

CRYPTOGRAPHY

2
NETWORK SECURITY

CRYPTOGRAPHY AND Movie gangsters “case the joint”;


NETWORKSECURITY soldiers “scout the area”. This is also
true in the cyber world. Here the “bad
ABSTRACT
“SECURITY” in this guys” are referred to as intruders,
contemporary scenarios has become a eavesdroppers, hackers, hijackers, etc.
more sensible issue either it may be in The intruders would first have a
the “REAL WORLD” or in the “CYBER panoramic view of the victims network
WORLD”. In the real world as opposed and then start digging the holes.
to the cyber world an attack is often Today the illicit activities of
preceded by information gathering. the hackers are growing by leaps and

3
bounds, viz., “THE RECENT ATTACK technological prowess has been
ON THE DNS SERVERS HAS stupendously developed to defy against
CAUSED A LOT OF HULLABALOO each of the assaults. Our paper covers
ALL OVER THE WORLD”. However, the ADVANCED technical combats that
fortunately, the antagonists reacted have been devised all through the way,
promptly and resurrected the Internet thus giving birth to the notion of
world from the brink of prostration. “NETWORK -SECURITY”. Various
Since the inception of antidotes that are in fact inextricable
conglomerating Computers with with security issues are – Cryptography,
Networks the consequence of which Authentication, Integrity and Non
shrunk the communication Repudiation, Key Distribution and
world,hitherto, umpteen ilks of security certification, Access control by
breaches took their origin. Tersely implementing Firewalls etc.
quoting some security ditherers –
Eavesdropping, Hacking, Hijacking, To satiate the flaws in the network
Mapping, Packet Sniffing, 1Spoofing, security more and more advanced
DoS & DDoS attacks, etc. security notions are being devised day
Newton’s law says “Every action has got by day. Our paper covers a wide
an equal but opposite reaction”. So is perspective of such arenas where the
the case with this. Nevertheless the contemporary cyber world is revolving
security breaches and eavesdroppers, the around viz.
security but do not want to be bothered
. Introduction: with it when it gets in their way. It’s
important to build systems and networks
Network security deals with the
in such a way that the user is not
problems of legitimate messages being
constantly reminded of the security
captured and replayed. Network security
system. Users who find security policies
is the effort to create a secure computing
and systems to restrictive will find ways
platform. The action in question can be
around them. It’s important to get their
reduced to operations of access,
feed back to understand what can be
modification and deletion. Many people
improved, the sorts of risks that are
pay great amounts of lip service to

4
deemed unacceptable, and what has been across insecure networks (like the
done to minimize the organizations internet)
exposure to them. Network security So that it cannot be read by anyone
problems can be divided roughly into expect the intended recipient. While
four intertwined areas: cryptography is the science of securing
Secrecy, Authentication, data, cryptanalysts are also called
Nonrepudation, and Integrity control. attackers. Cryptology embraces both

• Secrecy has to do with cryptography and cryptanalysis.

keeping information out of the


hands of unauthorized users.

• Authentication deals with KEY PROCESSTECHNIQUES:


whom you are talking to before
revealing sensitive information
or entering into a business deal.

• Nonrepudation deals with


signatures.

• Integrity control deals


There are three key process techniques.
with long enterprises like
They are:
banking, online networking.
• Symmetric-key encryption
• A symmetric-key encryption
These problems can be handled by using
• Hash functions
cryptography, which provides means and
methods of converting data into
unreadable from, so that valid User can
access Information at the Destination.

Cryptography is the science of Symmetric-key encryption


using mathematics to encrypt and (one key):
decrypt data.
Cryptography enables you to store There is only one key in this
sensitive information or transmit it encryption. That is private key. This

5
key is only used for both encryption decrypted only using the private key.
and decryption. This is also called as Data encrypted with the private key
private-key encryption. In this can be decrypted only using the
method the sender encrypt the data public key. In the below figure, a
through private key and receiver sender has the receiver’s public key
decrypt that data through that key and uses it to encrypt a message, but
only. only the receiver has the related
private key used to decrypt the
message.

Private Key method


Private Key method
Asymmetric-key encryption (two
Public key method
keys):
Hash functions:
There are two keys in this encryption.
An improvement on the public key
They are:
scheme is the addition of a one-way
• Public key
hash function in the process. A one-
• Private key
way hash function takes variable
length input. In this case, a message
Two keys – a public key and a
of any length, even thousands or
private key, which are
millions of bits and produces a fixed-
mathematically related, are used in
length output; say, 160-bits. The
public-key encryption. To contrast it
function ensures that, if the
with symmetric-key encryption,
information is changed in any way
public-key encryption is also some
even by just one bit an entirely
times called public-key encryption.
different output value is produced.
In public key can be passed openly
As long as a secure hash function is
between the parties or published in a
used, there is no way to take
public repository, but the related
someone’s signature from one
private key remains private. Data
documents and attach it to another,
encrypted with the public key can be
or to alter a signed message in any

6
Steganography uses techniques to
way. The slightest change in signed communicate information in a way
documents will cause the digital that is a hidden. The most common
signature verification process to fail. use of Steganography is hiding
information image or sound within
the information of another file by
using a stegokey such as password is
additional information to further
conceal a message.
There are many reasons why
Srteganography is used, and is often
used in significant fields. It can be
used to communicate with complete
freedom even under conditions that
ADVANCED are censured or monitored.
CRYPTOGRAPHIC The Steganography is an effective
TECHNIQUE means of hiding data, there by

STEGANOGRAPHY protecting the data from


unauthorized or unwanted viewing.
INTRODUCTION: But stego is simply one of many
Over the past couple of year’s ways to protect confidentiality of
Steganography has been the source data. Digital image steganography is
of a lot of discussion. Steganography growing in use and application. In
is one of the fundamental ways by areas where cryptography and
which data can be kept confidential. strong encryption are being
Steganography hides the existence of outlawed, people are using
a message by transmitting steganography to avoid these policies
information through various carriers. and to send these messages secretly.
Its goal is to prevent the detection of Although steganography is become
secret message. very popular in the near future.

7
WHAT IS STEGANOGRAPHY?
The word steganography comes • Link layer encryption
from the Greek name “stegnos” • Network layer encryption
(hidden or secret) and “graphy”
• IPSEC, VPN, SKIP
(writing or drawing”) and literally
• Transport layer
means hidden writing.
• SSL, PCT (private
Stegenography uses techniques to
Communication Technology)
communicate information in a way
• Application layer
that is hidden.
• PEM (Privacy Enhanced
The most common use of
Mail)
Steganography is hiding information
• PGP (Pretty Good Privacy)
image or sound within the
information of another file by using a • SHTTP

stegokey such as password is


additional information to further Cryptographic process can be

conceal a message. implemented at various at various layers


starting from the link layer all the

WHAT IS STEGANOGRAPHY way up to the application layer. The


USED FOR? most popular encryption scheme is SSL
Like many security tools, and it is implemented at the transport
steganography can be used for layer. If the encryption is done at the
variety of reasons, some good, some transport layer. If the encryption is done
not so good. Steganography can also at the transport layer, any application
be used as a way to make a substitute that is running on the top of the transport
for a one-way hash value. Further, layer can be protected.
Steganography can be used to tag
notes to online images. Based on algorithms:

CRYPTOGRAPHIC  Secret-key encryption


TECHNOLOGIES algorithms (symmetric

Based on layers: algorithms)

8
• DES (Data OF CRYPTOGRAPHY
Encryption
Standard)— • Defense service
56bitkey • Secure Data Manipulation
• Triple DES— • E-Commerce
112bitkey • Business Transactions
• IDEA • Internet Payment Systems
(International
• Pass Phrasing Secure
Data Encryption
Internet Comm.
Algorithm)—
• User Identification
128bitkey
Systems
• Access control
 Public-key encryption
• Computational Security
algorithms (Asymmetric
• Secure access to Corp
algorithms)
Data
• Data Security
Diffie-Hellman (DH): Exponentiation is
APPLICATIONS OF NETWORK
easy but computing discrete algorithms
SECURITY
from the resulting value is practically
impossible.
Computer networks were
primarily used by university
• RSA:
researchers for sending email,
Multiplication of
and by corporate employees
two large prime
for sharing printers. Under
numbers is easy
these conditions, security did
but factoring the
not get a lot of attention.
resulting product
is practically
impossible.

APPLICATIONS

9
But now, as millions of your security policies and
ordinary citizens are using practices.
networks for: Security is
everybody’s business, and only
• Banking with everyone’s cooperation,
• Shopping intelligent policy, and

• Filling consistent practices, will it be

their tax achievable.

returns Cryptography
protects users by providing
functionality for the encryption
of data and authentication of
CONCLUSION:
other users. This technology
Network security is a very lets the receiver of an
difficult topic. Every one has a electronic messages verify the
different idea of what sender, ensures that a message
“security” is, and what levels can be read only by the
of risks are acceptable. The key intended person, and assures
for building a secure network is the recipient that a message has
to define what security means not be altered in transmit. The
to your organization. Once that Cryptography Attacking
has been defined, everything techniques like Cryptanalysis
that goes on with. The network and Brute Force Attack. This
can be evaluated with respect paper provides information of
to the policy. Projects and Advance Cryptography
systems can then be broken Techniques.
down into their components,
and it becomes much simpler to
decide whether what is
BIBOLOGRAPHY:
proposed will be conflict with

10
• “Computer Networks ”,
by Andrew S.Tanunbaum
• “Fighting Steganography
detection” by Fabian
Hansmann
• “Network security” by
Andrew S.Tanenbaum
• “Cryptography and
Network Security” by
William Stallings
• “Applied Cryptography”
by Bruce Schneier,
JohnWillley and Sons Inc
• URL:
http://www.woodmann.co
m/fravia/fabian2.html.
• URL:
http://www.jjtc.com/stegd
oc/sec202.html.

11