Scribd Logo
Upload

Welcome to Scribd!

  • Network Security - Cryptography Overview

    Uploaded by

    susmi
    102 views32 pages
    Cryptography and network security with methods and explanations

    Original Title

    Cryptography Network Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Cryptography and network security with methods and explanations

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    102 views32 pages

    Network Security - Cryptography Overview

    Uploaded by

    susmi
    Cryptography and network security with methods and explanations

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 32

    Cryptography Network

    Security

    Security
    Passive Attacks
    - corrupt the content of information
    Active Attacks
    - Interrupt of halt file transfer
    between both parties
    Cryptography
    - Art of writing secret code that
    protects data from theft or alteration

    Internet Security Holes


    Active Attack
    Person A

    Person B

    Active
    Intruder
    Passive Attack
    Person B

    Person A

    Passive
    Eaves
    Dropper

    Internet Security Holes


    Masquerade is a technique in which
    one entity pretends that is not the
    orginal entity but a different entity

    Why Cryptography
    Authentication
    - proof of identity
    - Privacy/confidentiality
    - Integrity
    - no data alteration
    - Non-repudiation
    - message was actually send
    by sender & no one else

    Cryptography Terminologies

    Intruder
    Encryption
    Decryption
    Plaintext
    Cypher text
    Algorithm
    - mathematical functions
    Key
    - String of digits

    Cryptography
    Data Encryption Standard (DES)
    - Private Key (Secret Key difficult
    to break)

    Cryptographic Protocols
    Kerberos
    - network authentication system for insecure
    networks
    IP Sec
    SET Protocol
    PGP
    - File storage applications and Email services
    - Supports digital signature and encryption
    Cryptographic protocol analyzer tool (CryPA)

    Methods of Encryption
    Secret Key or Symmetric Key
    Cryptography
    Public key or Asymmetric key
    cryptography
    Hash Function

    Secret Key Cryptography


    Orginal
    Message

    Encrypt Encrypted
    Message

    Secret Key

    Internet

    Encrypted
    Message

    Secret Key

    Decrypt

    Orginal
    Message

    Example Data Encryption


    standard
    Developed by IBM
    Encrypts 64 bit data block using a 56
    bit key

    Draw Backs secret key


    cryptography
    Both has shared secret key
    Keep track of all key for all
    correspondents to avoid duplication
    Since both have same key, identity
    cannot be published

    Public Key Cryptography


    Orginal
    Message

    Encrypt Encrypted
    Message

    Public Key

    (Cipher Text)
    Internet

    Encrypted
    Message

    Private Key

    Decrypt

    Orginal
    Message

    Advantages of Public Key


    Cryptography
    Message confidentiality can be
    proved
    Authenticity of the message
    orginator can be proved
    Easy to distribute public key

    Hash Function
    Formula that converts a message of
    a given length into a string of digits
    called as a message digest

    Codes and Ciphers


    Encryption
    - encryption algorithm
    PGP Encryption
    - Combination of data compression,public key
    cryptography,hashing and symmetric key
    cryptography
    - used only once, this is called session key
    - Identity Certificate
    - Web of trust software
    - protect data not only during transit but storage
    as well

    Types of Encryption Systems


    Classification of Encryption Systems
    - Private Key Encryption
    - Public Key Encryption (Eg:Ecommerce)
    - Private Key with the sender
    - Public key (to many number
    of consumers)

    Encryption Algorithm
    RSA Algorithm
    - Public Key encryption
    - use in Outlook,windows,firefox,IBM lotus notes
    - Its a freeware
    Popular encryption softwares
    - PGP
    - SSL (Secured Socket Layer Banks,
    (VISA,Master card)
    - SET (Secure Electronic Transactions MS)
    - DES (IBM)

    Public Key encryption


    system - Example
    Bob
    Hello Alice

    Encrypt

    Alices Public Key

    6EB69570
    08E03CE4

    Alice
    Hello Alice

    Decrypt

    Alices Private Key

    Regulations of Encryption
    http://www.bis.doc.gov/encryption/de
    fault.htm

    Breaking Encryption
    Schemes
    E-Commerce Application
    Secure Hypertext Transfer Protocol (S-HTTP)
    TCP-Based Application Protocol HTTP, SMTP,NNTP
    Secure Socket Layer
    Internet Protocol (IP)
    Web Security Layers

    Working of SSL (SSL


    Certificate)
    Allows Sensitive information to be
    encrypted during online transactions
    Authenticated info about the owner of
    the certificate
    Identity of the certificate owner is
    verified by the certificate authority at
    the same time of issue

    SSL is required for..


    An online store
    Online orders and payment through
    credit cards
    A site that offers login or sign in
    Anyone processing sensitive data like
    address,date of birth etc
    Anyone who values privacy and
    expects others to trust him

    Verisign verifies
    (Authentication)
    Owner ship of domain name, that
    business exists
    That business has the authority to
    apply for the certificate
    EV SSL Certificate (Verisign extended
    validation)
    - Highest kind of authentication

    Standard Data Encryption


    DES is a block cypher (a form of
    shared key encryption)
    National Bureau of standards
    Federal Information Processing
    Standard (FIPS) for US
    Not secure (56 bit key size)
    Research of cryptography
    Cryptanalysts

    Trusted Key Distribution &


    Verification
    Creation,broadcast and storage of keys is
    known as key management.
    Private key cryptography is not
    convenient in providing key management
    Public key cryptography can be used for
    sender authentication or verification
    known as Digital Signature

    Cryptographic Application
    Digital signature provide authentication
    for online transactions
    SSL protocol for internet security
    PGP security standard for Email
    Provide Network security
    Steganography (a method of hiding
    messages in innocent artifacts)
    Issuing Digital Certificate
    Biometric System

    Digital Signature
    Used for authenticating E-commerce
    business transactions
    Two parts
    - Signer Authentication
    - Document Authentication
    - sender cannot remove content
    after signing it
    - Receiver cannot make any
    changes in the message

    Digital Signature
    Hash Function: Formula that converts
    message of a given length into string
    of digits called a message digest

    Digital Signatures working


    Sender generates a message
    Sender creates a message digest using hash
    Sender attaches Digital Signature to end of
    the message
    Sender encrypts both messages and
    signatures with receivers public key
    Receiver decrypts entire message with own
    private key
    Receiver calculates the message digest using
    the hash function

    Validity of Digital Signature


    Digital Time Stamping Service (DTS)
    Certificates Authority (CA)
    Digital Certificate
    - Certificate holders name,organization and
    address
    - name of certificate authority
    - Public key of the holders for cryptographic
    use
    - Time limit (six months to 1 year)
    - Digital Certificate Identification Number

    Non-Repudiation and
    Message Integrity
    User and recipient cannot dispute the
    contents once sent.
    Message Integrity : - important to
    validate the authenticity of the
    credentials to be sure of their
    orginality
    NRO (Non-repudation of Origin)
    NRR (Non-repudiation of receipt)

    You might also like