CRYPTOGRAPHY & NETWORK SECURITY

INSTITUTE OF ROAD & TRANSPORT TECHNOLOGY

PRESENTED BY: 1)T.ROOBAN(II-CSE)

2)S.GOBALAKRISHNAN(IICSE)

CRYPTOGRAPHY:
Cryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Cryptology prior to the modern age was almost synonymous with encryption, the conversion of information from a readable state to apparent nonsense. The sender retained the ability to decrypt the information and therefore avoid unwanted persons being able to read it. Since WWI and the advent of the computer, the methods used to carry out cryptology have become increasingly complex and its application more widespread. Modern cryptography follows a strongly scientific approach, and designs cryptographic
2

algorithms around computational hardness assumptions that are assumed hard to break by an adversary.

Such systems are not unbreakable in theory but it is infeasible to do so for any practical adversary. Information-theoretically secure schemes that provably cannot be broken exist but they are less practical than computationally-secure mechanisms. An example of such systems is the one-time pad. Alongside the advancement in cryptology-related technology, the practice has raised a number of legal issues, some of which remain unresolved

Simple explanation of encryption and decryption methods

In this form single key is used for both encryption and decryption The sender uses the key to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key to decrypt the message and recover the plaintext Because a single key is used for both functions, secret key cryptography is also called symmetric encryption

CRYPTOGRAPHIC SCHEME:
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals Secret key cryptography (or symmetric) Public-key cryptography (or asymmetric) Hash functions.

Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers.

Secret-Key Cryptography:
3

 Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher.

Public-Key Cryptography:

PKC depends upon the existence of so-called one-way functions,that are easy to computer whereas their inverse function is difficult to compute

It employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext

Hash algorithms are typically used to provide a digital fingerprint of a file's contents and are also commonly employed by many operating systems to encrypt passwords and then, provide a measure of the integrity of a file

Hash Functions:
Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key A fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered.

NETWORK SECURITY:
Nearly all modern network operating systems employ passwords at the very least to protect and authenticate users accessing computer and network resources But passwords are not typically kept on a host or server in plaintext, but are generally encrypted using some sort of hash scheme As the passwords are not saved in plaintext on computer systems precisely,they cannot be easily compromised. An even stronger authentication method uses the password to modify
6

a shared secret between the client and server, but never allows the password in any form to go across the network.

Security Attack any action that compromises the security of information owned by an organization information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems

Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks

Often threat & attack used to mean same thing Have a wide range of attacks Can focus of generic types of attacks o Active o Passive Passive Attacks

Consider 3 aspects of Network security: security attack security mechanism security service

 Enhance security of data processing systems and information transfers of an organization Intended to counter security attacks Using one or more security mechanisms

Active Attacks

Often replicates functions normally associated with physical documents Which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed They are

X.800:
A service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers

RFC 2828:
A processing or communication service provided by a system to give a specific kind of protection to system

Security Service
8

3)develop methods to distribute and share the secret information 4)specify a protocol enabling the principals to use the transformation and secret information for a security service.

Model for Network Security:

Using this model requires us to:

1)Select appropriate gatekeeper functions to identify users 2) Implement security controls to ensure only authorised users access designated information or resources

using this model requires us to: 1)design a suitable algorithm for the security transformation 2)generate the secret information (keys) used by the algorithm

Trusted computer systems may be useful to help implement this model

A simpler way to demonstrate:

9

 Data consists of packets have a header portion and content portion. we cant encrypt the header. So the data is secure and the traffic pattern is not

The Importance of Network Security:

Knowing how destructive hackers can be shows you the meaning of Network Security. Most networks control firewalls enabled with the purpose of bar hackers and viruses. Having anti-virus software on all computers in a group is obliged to. Taking part in a group, all of the computers are connected, so with the purpose of if solitary supercomputer gets a virus, all of the other computers can be adversely affected by this same virus. Any group administrator is supposed to control all of the essential annals on back up disks. If a parade is deleted by a hacker, but you control it on
10

Advantages:
For some organizations it may be tempting to keep desktop software. This might be tempting for any or all of the following reasons: This may seem simpler. You may already have desktop security software installed on individual machines that seems to be doing the job just fine.

back up, so therefore in attendance is veto spring. When annals are lost forever, major problems ensue. Network security is a weighty phenomenon in support of a problem, or a back home. Hackers try to promote to peoples lives challenging, but if you are keen in support of them, your group will be safe.

REFERENCES:
1) Cryptography & Speech from Cyberlaw 2) Self-Defending Networks: The Next Generation of Network Security, Duane DeCapite, 3) Network Infrastructure Security, Angus Wong and Alan Yeung 4) A Short History of Cryptography, Fred Cohen

11