SlideShare a Scribd company logo

Cyber Security Module 2 Notes - Cryptography, Firewalls & Tools

Sitamarhi Institute of Technology
Sitamarhi Institute of Technology

Module 2 Lectures 4 hrs. Cryptography and Cryptanalysis: Introduction to Cryptography, Symmetric key Cryptography, Asymmetric key Cryptography, Message Authentication, Digital Signatures, Applications of Cryptography. Overview of Firewalls- Types of Firewalls, User Management, VPN Security, Security Protocols: - security at the Application Layer- PGP and S/MIME, Security at Transport Layer- SSL and TLS, Security at Network Layer-IPSec. Open Source/ Free/ Trial Tools: Implementation of Cryptographic techniques, OpenSSL, Hash Values Calculations MD5, SHA1, SHA256, SHA 512, Steganography (Stools)

Engineering
1 of 15
Download to read offline
Cyber Security [105713] – Notes Module 2 Cryptography and Cryptanalysis: Introduction to Cryptography, Symmetric key Cryptography, Asymmetric key Cryptography, Message Authentication, Digital Signatures, Applications of Cryptography. Overview of Firewalls- Types of Firewalls, User Management, VPN Security, Security Protocols: - security at the Application Layer- PGP and S/MIME, Security at Transport Layer- SSL and TLS, Security at Network Layer-IPSec. Open Source/ Free/ Trial Tools: Implementation of Cryptographic techniques, OpenSSL, Hash Values Calculations MD5, SHA1, SHA256, SHA 512, Steganography (Stools) Introduction to Cryptography  Cryptography is an important aspect when we deal with network security. ‘Crypto’ means secret or hidden.  Cryptography is the science of secret writing with the intention of keeping the data secret.  Cryptanalysis, on the other hand, is the science or sometimes the art of breaking cryptosystems. These both terms are a subset of what is called as Cryptology  Cryptography is classified into symmetric cryptography, asymmetric cryptography and hashing. Below are the description of these types:-  Symmetric key cryptography – It involves usage of one secret key along with encryption and decryption algorithms which help in securing the contents of the message. The strength of symmetric key cryptography depends upon the number of key bits. It is relatively faster than asymmetric key cryptography. There arises a key distribution problem as the key has to be transferred from the sender to receiver through a secure channel.  Asymmetric key cryptography – It is also known as public key cryptography because it involves usage of a public key along with secret key. It solves the problem of key distribution as both parties uses different keys for encryption/decryption. It is not feasible to use for decrypting bulk messages as it is very slow compared to symmetric key cryptography.
 Hashing – It involves taking the plain-text and converting it to a hash value of fixed size by a hash function. This process ensures integrity of the message as the hash value on both, sender’s and receiver’s side should match if the message is unaltered. Features Of Cryptography are as follows:  Confidentiality: Information can only be accessed by the person for whom it is intended and no other person except him can access it.  Integrity: Information cannot be modified in storage or transition between sender and intended receiver without any addition to information being detected.  Non-repudiation: The creator/sender of information cannot deny his or her intention to send information at later stage.  Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of information is confirmed. Message Authentication Code (MAC) MAC algorithm is a symmetric key cryptographic technique to provide message authentication. For establishing MAC process, the sender and receiver share a symmetric key K. Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along with a message to ensure message authentication. The process of using MAC for authentication is depicted in the following illustration – Let us now try to understand the entire process in detail −
 The sender uses some publicly known MAC algorithm, inputs the message and the secret key K and produces a MAC value.  Similar to hash, MAC function also compresses an arbitrary long input into a fixed length output. The major difference between hash and MAC is that MAC uses secret key during the compression.  The sender forwards the message along with the MAC. Here, we assume that the message is sent in the clear, as we are concerned of providing message origin authentication, not confidentiality. If confidentiality is required then the message needs encryption.  On receipt of the message and the MAC, the receiver feeds the received message and the shared secret key K into the MAC algorithm and re-computes the MAC value.  The receiver now checks equality of freshly computed MAC with the MAC received from the sender. If they match, then the receiver accepts the message and assures himself that the message has been sent by the intended sender.  If the computed MAC does not match the MAC sent by the sender, the receiver cannot determine whether it is the message that has been altered or it is the origin that has been falsified. As a bottom- line, a receiver safely assumes that the message is not the genuine. Digital Signature:  Digital signatures are the public-key primitives of message authentication. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the message.  Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can be independently verified by receiver as well as any third party.  Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer.  In real world, the receiver of message needs assurance that the message belongs to the sender and he should not be able to repudiate the origination of that message. This requirement is very crucial in business applications, since likelihood of a dispute over exchanged data is very high. Model of Digital Signature As mentioned earlier, the digital signature scheme is based on public key cryptography. The model of digital signature scheme is depicted in the following illustration − The following points explain the entire process in detail −  Each person adopting this scheme has a public-private key pair.  Generally, the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key.  Signer feeds data to the hash function and generates hash of data.  Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier.  Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output.  Verifier also runs same hash function on received data to generate hash value.
 For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid.  Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future. Overview of Firewalls: A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific traffic.  Accept: allow the traffic  Reject: block the traffic but reply with an “unreachable error”  Drop: block the traffic with no reply A firewall establishes a barrier between secured internal networks and outside untrusted network, such as the Internet. Generation of Firewall Firewalls can be categorized based on its generation.  First Generation- Packet Filtering Firewall : Packet filtering firewall is used to control network access by monitoring outgoing and incoming packet and allowing them to pass or stop based on source and destination IP address, protocols and ports. It analyses traffic at the transport protocol layer (but mainly uses first 3 layers). Packet filtering firewall maintains a filtering table which decides whether the packet will be forwarded or discarded. From the given filtering table, the packets will be Filtered according to following rules: 1. Incoming packets from network 192.168.21.0 are blocked. 2. Incoming packets destined for internal TELNET server (port 23) are blocked. 3. Incoming packets destined for host 192.168.21.3 are blocked. 4. All well-known services to the network 192.168.21.0 are allowed.  Second Generation- Stateful Inspection Firewall : Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of the state of networks connection travelling across it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but also on packet’s history in the state table.  Third Generation- Application Layer Firewall : Application layer firewall can inspect and filter the packets on any OSI layer, up to the application layer. It has the ability to block specific content, also recognize when certain application and protocols (like HTTP, FTP) are being misused. In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection between either side of the firewall, each packet has to pass through the proxy. It can allow or block the traffic based on predefined rules. Note: Application layer firewalls can also be used as Network Address Translator(NAT).
 Next Generation Firewalls (NGFW) : Next Generation Firewalls are being deployed these days to stop modern security breaches like advance malware attacks and application-layer attacks. NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many functionalities to protect the network from these modern threats. Types of Firewalls Firewalls are generally of two types: Host-based and Network-based.  Host- based Firewalls: Host-based firewall is installed on each network node which controls each incoming and outgoing packet. It is a software application or suite of applications, comes as a part of the operating system. Host-based firewalls are needed because network firewalls cannot provide protection inside a trusted network. Host firewall protects each host from attacks and unauthorized access.  Network-based Firewalls: Network firewall function on network level. In other words, these firewalls filter all incoming and outgoing traffic across the network. It protects the internal network by filtering the traffic using rules defined on the firewall. A Network firewall might have two or more network interface cards (NICs). A network-based firewall is usually a dedicated system with proprietary software installed. Network Firewalls are the devices that are used to prevent private networks from unauthorized access. A Firewall is a security solution for the computers or devices that are connected to a network, they can be either in form of hardware as well as in form of software. Types of Network Firewall:  Packet Filters – It is a technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols, and ports. This firewall is also known as a static firewall.  Stateful Inspection Firewalls – It is also a type of packet filtering which is used to control how data packets move through a firewall. It is also called dynamic packet filtering. These firewalls can inspect that if the packet belongs to a particular session or not. It only permits communication if and only if, the session is perfectly established between two endpoints else it will block the communication.  Application Layer Firewalls – These firewalls can examine application layer (of OSI model) information like an HTTP request. If finds some suspicious application that can be responsible for harming our network or that is not safe for our network then it gets blocked right away.  Next-generation Firewalls –
These firewalls are called intelligent firewalls. These firewalls can perform all the tasks that are performed by the other types of firewalls that we learned previously but on top of that, it includes additional features like application awareness and control, integrated intrusion prevention, and cloud- delivered threat intelligence.  Circuit-level gateways – A circuit-level gateway is a firewall that provides User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) connection security and works between an Open Systems Interconnection (OSI) network model’s transport and application layers such as the session layer.  Software Firewall – The software firewall is a type of computer software that runs on our computers. It protects our system from any external attacks such as unauthorized access, malicious attacks, etc. by notifying us about the danger that can occur if we open a particular mail or if we try to open a website that is not secure.  Hardware Firewall – A hardware firewall is a physical appliance that is deployed to enforce a network boundary. All network links crossing this boundary pass-through this firewall, which enables it to perform an inspection of both inbound and outbound network traffic and enforce access controls and other security policies.  Cloud Firewall – These are software-based, cloud-deployed network devices. This cloud-based firewall protects a private network from any unwanted access. Unlike traditional firewalls, a cloud firewall filters data at the cloud level. Advantages of Network Firewall:  Monitors network traffic – A network firewall monitors and analyzes traffic by inspecting whether the traffic or packets passing through our network is safe for our network or not. By doing so, it keeps our network away from any malicious content that can harm our network.  Halt Hacking – In a society where everyone is connected to technology, it becomes more important to keep firewalls in our network and use the internet safely.  Stops viruses – Viruses can come from anywhere, such as from an insecure website, from a spam message, or any threat, so it becomes more important to have a strong defence system (i.e. firewall in this case), a virus attack can easily shut off a whole network. In such a situation, a firewall plays a vital role.  Better security – If it is about monitoring and analyzing the network from time to time and establishing a malware-free, virus- free, spam-free environment so network firewall will provide better security to our network.  Increase privacy – By protecting the network and providing better security, we get a network that can be trusted. Disadvantages of Network Firewall:  Cost – Depending on the type of firewall, it can be costly, usually, the hardware firewalls are more costly than the software ones.  Restricts User – Restricting users can be a disadvantage for large organizations, because of its tough security mechanism. A firewall can restrict the employees to do a certain operation even though it’s a necessary operation.  Issues with the speed of the network – Since the firewalls have to monitor every packet passing through the network, this can slow down operations needed to be performed, or it can simply lead to slowing down the network.  Maintenance – Firewalls require continuous updates and maintenance with every change in the networking technology. As the development of new viruses is increasing continuously that can damage your system. The Importance of Using a Firewall:
Feature-1 : Monitoring Network Traffic – Firewall security starts with effective monitoring of network traffic based on pre-established rules and filters to keep the systems protected. Feature-2 : Stops Virus Attacks and spyware – With cyber thieves creating hundreds of thousands of new threats every day, including spyware, viruses, and other attacks like email bombs, denial of service, and malicious macros, it’s critical that you put protections in place to keep your systems safe. Feature-3 : Preventing Hacks – Cyber threats are evolving at a fast pace and are widespread. Firewalls keep hackers out of your data, emails, systems, and other sensitive information. Feature-4 : Promotes Privacy – Having a firewall keeps the data safe and builds an environment of privacy that is trustworthy and a system without a firewall is accepting every connection into the network from anyone. User Management: User management (UM) is defined as the effective management of users and their accounts, giving them access to various IT resources like devices, applications, systems, networks, SaaS services, storage systems, and more.  User management is a core part to any identity and access management (IAM) solution, in particular directory services tools.  Controlling and managing user access to IT resources is a fundamental security essential for any organization.  User management enables admins to control user access and on-board and off-board users to and from IT resources.  Subsequently a directory service will then authenticate, authorize, and audit user access to IT resources based on what the IT admin had dictated. Virtual Private Network (VPN):  VPN stands for the virtual private network. A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet.  A Virtual Private Network is a way to extend a private network using a public network such as the internet.  The name only suggests that it is a Virtual “private network” i.e. user can be part of a local network sitting at a remote location. It makes use of tunneling protocols to establish a secure connection.
Features of VPN :  VPN provides plentiful Server location.  It also provides anonymous DNS servers.  VPNs are generally cost-effective.  VPN supports Router.  The VPN is highly encrypted and secure.  Along with VPN, we get secure VPN protocols.  It provides safety against DNS Leak.  The VPN providers also offer Cross-Platform Compatible Apps. Applications of VPN:  VPN can easily bypass geographic restrictions on websites or streaming audio and video.  Using a VPN, we can protect ourselves from snooping from untrustworthy Wi-Fi hotspots.  One can gain privacy online by hiding one’s true location.  One can protect themselves from being logged while torrenting. What does a VPN hide?  A VPN can hide a lot of information like –  User’s Browsing History  User’s IP address and location  User’s location for streaming  User’s device  User’s web activity — to preserve internet freedom How to choose a VPN? In order to choose the perfect VPN, one must ask the given questions from their VPN providers as follows.  How much privacy the VPN is providing to you?  Are you able to run all security protocols?  Do they set any limits on your data?  Where is the server of your VPN located?  Are all your devices able to access VPN?  What is the cost of a VPN? Advantages of VPN :  It Provides you Anonymity.  It Avoid the Geo-restrictions.  It has security Protection from Cyberattacks.  It will Prevent Bandwidth Throttling.  It will help you to Improve Gaming Experience.
 It has capability to Bypass Firewall. Disadvantages of VPN :  It can Slow down the Internet Speed.  It has Privacy Issues.  It might be Connection droppings while you will be connected over VPN.  It might have Configuration difficulty.  It has Legality Issues. Virtual Private Network (VPN) is basically of 2 types: 1. Remote Access VPN: Remote Access VPN permits a user to connect to a private network and access all its services and resources remotely. The connection between the user and the private network occurs through the Internet and the connection is secure and private. Remote Access VPN is useful for home users and business users both. An employee of a company, while he/she is out of station, uses a VPN to connect to his/her company’s private network and remotely access files and resources on the private network. 2. Site to Site VPN: A Site-to-Site VPN is also called as Router-to-Router VPN and is commonly used in the large companies. Companies or organizations, with branch offices in different locations, use Site-to-site VPN to connect the network of one office location to the network at another office location.  Intranet based VPN: When several offices of the same company are connected using Site-to- Site VPN type, it is called as Intranet based VPN.  Extranet based VPN: When companies use Site-to-site VPN type to connect to the office of another company, it is called as Extranet based VPN. Types of Virtual Private Network (VPN) Protocols: 1. Internet Protocol Security (IPSec): Internet Protocol Security, known as IPSec, is used to secure Internet communication across an IP network. IPSec secures Internet Protocol communication by verifying the session and encrypts each data packet during the connection. IPSec runs in 2 modes: i. Transport mode ii. Tunneling mode The work of transport mode is to encrypt the message in the data packet and the tunneling mode encrypts the whole data packet. IPSec can also be used with other security protocols to improve the security system. 2. Layer 2 Tunneling Protocol (L2TP): L2TP or Layer 2 Tunneling Protocol is a tunneling protocol that is often combined with another VPN security protocol like IPSec to establish a highly secure VPN connection. L2TP generates a tunnel between two L2TP connection points and IPSec protocol encrypts the data and maintains secure communication between the tunnel. 3. Point–to–Point Tunneling Protocol (PPTP): PPTP or Point-to-Point Tunneling Protocol generates a tunnel and confines the data packet. Point-to- Point Protocol (PPP) is used to encrypt the data between the connection. PPTP is one of the most widely used VPN protocol and has been in use since the early release of Windows. PPTP is also used on Mac and Linux apart from Windows.
4. SSL and TLS: SSL (Secure Sockets Layer) and TLS (Transport Layer Security) generate a VPN connection where the web browser acts as the client and user access is prohibited to specific applications instead of entire network. Online shopping websites commonly uses SSL and TLS protocol. It is easy to switch to SSL by web browsers and with almost no action required from the user as web browsers come integrated with SSL and TLS. SSL connections have “https” in the initial of the URL instead of “http”. 5. OpenVPN: OpenVPN is an open source VPN that is commonly used for creating Point-to-Point and Site-to-Site connections. It uses a traditional security protocol based on SSL and TLS protocol. 6. Secure Shell (SSH): Secure Shell or SSH generates the VPN tunnel through which the data transfer occurs and also ensures that the tunnel is encrypted. SSH connections are generated by a SSH client and data is transferred from a local port on to the remote server through the encrypted tunnel. Security Protocols: Security at the Application Layer- PGP and S/MIME 1. Pretty Good Privacy (PGP) : PGP is an open source software package that is designed for the purpose of email security. Phil Zimmerman developed it. It provides the basic or fundamental needs of cryptography. In this multiple steps such are taken to secure the email, these are,  Confidentiality  Authentication  Compression  Resemble  Segmentation  E-mail compatibility 2. Secure/Multipurpose Internet Mail Extension (S/MIME) : S/MIME is a security-enhanced version of Multipurpose Internet Mail Extension (MIME). In this, public key cryptography is used for digital sign, encrypt or decrypt the email. User acquires a public-private key pair with a trusted authority and then makes appropriate use of those keys with email applications. Difference between PGP and S/MIME : S.NO PGP S/MIME 1. It is designed for processing the plain texts While it is designed to process email as well as many multimedia files. 2. PGP is less costly as compared to S/MIME. While S/MIME is comparatively expensive. 3. PGP is good for personal as well as office use. While it is good for industrial use.
Security at Transport Layer- SSL and TLS ❖ Transport Layer Security (TLS) Transport Layer Securities (TLS) are designed to provide security at the transport layer. TLS was derived from a security protocol called Secure Socket Layer (SSL). TLS ensures that no third party may eavesdrop or tampers with any message. There are several benefits of TLS:  Encryption: TLS/SSL can help to secure transmitted data using encryption.  Interoperability: TLS/SSL works with most web browsers, including Microsoft Internet Explorer and on most operating systems and web servers.  Algorithm flexibility: TLS/SSL provides operations for authentication mechanism, encryption algorithms and hashing algorithm that are used during the secure session.  Ease of Deployment: Many applications TLS/SSL temporarily on a windows server 2003 operating systems.  Ease of Use: Because we implement TLS/SSL beneath the application layer, most of its operations are completely invisible to client. 4. PGP is less efficient than S/MIME. While it is more efficient than PGP. 5. It depends on user key exchange. Whereas it relies on a hierarchically valid certificate for key exchange. 6. PGP is comparatively less convenient. While it is more convenient than PGP due to the secure transformation of all the applications. 7. PGP contains 4096 public keys. While it contains only 1024 public keys. 8. PGP is the standard for strong encryption. While it is also the standard for strong encryption but has some drawbacks. 9. PGP is also be used in VPNs. While it is not used in VPNs, it is only used in email services. 10. PGP uses Diffie hellman digital signature. While it uses Elgamal digital signature.
Working of TLS: The client connect to server (using TCP), the client will be something. The client sends number of specification: i. Version of SSL/TLS. ii. which cipher suites, compression method it wants to use. The server checks what the highest SSL/TLS version is that is supported by them both, picks a cipher suite from one of the clients option (if it supports one) and optionally picks a compression method. After this the basic setup is done, the server provides its certificate. This certificate must be trusted either by the client itself or a party that the client trusts. Having verified the certificate and being certain this server really is who he claims to be (and not a man in the middle), a key is exchanged. This can be a public key, “PreMasterSecret” or simply nothing depending upon cipher suite. Both the server and client can now compute the key for symmetric encryption. The handshake is finished and the two hosts can communicate securely. To close a connection by finishing. TCP connection both sides will know the connection was improperly terminated. The connection cannot be compromised by this through, merely interrupted. ❖ Secure Socket Layer (SSL) Secure Socket Layer (SSL) provides security to the data that is transferred between web browser and server. SSL encrypts the link between a web server and a browser which ensures that all data passed between them remain private and free from attack. Secure Socket Layer Protocols:  SSL record protocol  Handshake protocol  Change-cipher spec protocol  Alert protocol SSL Protocol Stack: SSL Record Protocol: SSL Record provides two services to SSL connection.  Confidentiality  Message Integrity In the SSL Record Protocol application data is divided into fragments. The fragment is compressed and then encrypted MAC (Message Authentication Code) generated by algorithms like SHA (Secure Hash Protocol) and MD5 (Message Digest) is appended. After that encryption of the data is done and in last SSL header is appended to the data.
Handshake Protocol: Handshake Protocol is used to establish sessions. This protocol allows the client and server to authenticate each other by sending a series of messages to each other. Handshake protocol uses four phases to complete its cycle.  Phase-1: In Phase-1 both Client and Server send hello-packets to each other. In this IP session, cipher suite and protocol version are exchanged for security purposes.  Phase-2: Server sends his certificate and Server-key-exchange. The server end phase-2 by sending the Server-hello-end packet.  Phase-3: In this phase Client reply to the server by sending his certificate and Client-exchange-key.  Phase-4: In Phase-4 Change-cipher suite occurred and after this Handshake Protocol ends. Silent Features of Secure Socket Layer:  The advantage of this approach is that the service can be tailored to the specific needs of the given application.  Secure Socket Layer was originated by Netscape.  SSL is designed to make use of TCP to provide reliable end-to-end secure service.  This is a two-layered protocol. There are some differences between SSL and TLS which are given below: S.NO SSL TLS 1. SSL stands for Secure Socket Layer. TLS stands for Transport Layer Security. 2. SSL (Secure Socket Layer) supports Fortezza algorithm. TLS (Transport Layer Security) does not support Fortezza algorithm. 3. SSL (Secure Socket Layer) is the 3.0 version. TLS (Transport Layer Security) is the 1.0 version.
4. In SSL( Secure Socket Layer), Message digest is used to create master secret. In TLS(Transport Layer Security), Pseudo-random function is used to create master secret. 5. In SSL( Secure Socket Layer), Message Authentication Code protocol is used. In TLS(Transport Layer Security), Hashed Message Authentication Code protocol is used. 6. SSL (Secure Socket Layer) is complex than TLS(Transport Layer Security). TLS (Transport Layer Security) is simple. 7. SSL (Secure Socket Layer) is less secured as compared to TLS(Transport Layer Security). TLS (Transport Layer Security) provides high security. Security at Network Layer-IPSec: IPSec  IPSec stands for Internet Protocol Security.  It is a suite of protocols between two communication points across the IP network that provides data authentication, data integrity, and confidentiality.  It was developed by Internet Engineering Task Force(IETF) in 1995.  It defines the architecture for security services for IP network traffic and gives a framework for providing security at the IP layer, as well as the suite of protocols designed to provide security through authentication and encryption of IP network packets.  IPsec includes the protocols that define the cryptographic algorithms used for encryption, decryption, and authentication. Characteristics of IPSec:  Anti-Replay Protection: IPSec assigns unique number to each packet when a packet with duplicate sequence number is detected then it is replayed and dropped.  Data Authentication-The Hash Message Authentication Code (HMAC) verifies that the packets are not changed.  Transparency: IPSec works below the transport layer so it is transparent to users and applications.  Confidentiality: Data packets are encrypted by the sender before transmission so the sensitive data will only reach to intended recipient.  Dynamic Re-Keying: Re-Keying procedure at set intervals replaces manual reconfiguration of secret keys. Advantages of IPSec:  IPSec operates at layer 3, that is the network layer, as a result it has no impact on higher network layers. It provides transparency to application. The end-user need not to bother about the IPSec or its configurations.  As it is implemented at the network layer, IPSec allows monitoring all the traffic that passes over the network.
 During any data exchange, IPSec uses a public key that helps in the safe transfer of confidential data, as a result securing the keys ensures safe data transfer.  IPSec only requires modifications to the operating system, so IPSec based Virtual Private Networks do not need to worry about the type of application. Disadvantages of IPSec:  One of the greatest disadvantages of IPSec is its wide access range, giving access to a single device of IPSec based network, can give privileges for other devices too.  IPSec causes some compatibility issues with software if software developers do not adhere to the standards of IPSec.  IPSec has high C.P.U usage when the data packet size is small, the performance of the network diminishes due to large overhead used by IPSec.  Security of certain algorithms used in IPSec is a concern, if someone uses broken algorithm, the server will be at a greater risk of a hack. Uses of IP Security – IPsec can be used to do the following things:  To encrypt application layer data.  To provide security for routers sending routing data across the public internet.  To provide authentication without encryption, like to authenticate that the data originates from a known sender.  To protect network data by setting up circuits using IPsec tunnelling in which all data is being sent between the two endpoints is encrypted, as with a Virtual Private Network (VPN) connection.

Recommended

module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security ConceptsSitamarhi Institute of Technology
 
Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesMdFazleRabbi18
 
Cryptography
CryptographyCryptography
CryptographySagar Janagonda
 
Substitution techniques
Substitution techniquesSubstitution techniques
Substitution techniquesvinitha96
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptographyHossain Md Shakhawat
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptographyPrabhat Goel
 

Recommended

module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security ConceptsSitamarhi Institute of Technology
 
Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesMdFazleRabbi18
 
Cryptography
CryptographyCryptography
CryptographySagar Janagonda
 
Substitution techniques
Substitution techniquesSubstitution techniques
Substitution techniquesvinitha96
 
Protection and security
Protection and securityProtection and security
Protection and securitymbadhi
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptographyHossain Md Shakhawat
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptographyPrabhat Goel
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud ComputingNephoScale
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Cryptanalysis and Attacks
Cryptanalysis and AttacksCryptanalysis and Attacks
Cryptanalysis and AttacksShahbaz Anjam
 
Hash function
Hash function Hash function
Hash function Salman Memon
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity PredictionsMatthew Rosenquist
 
Cryptography
CryptographyCryptography
CryptographySuhepi Saputri
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.pptreshmy12
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Cryptography
CryptographyCryptography
CryptographyKalyani Government Engineering College
 
Parallel computing
Parallel computingParallel computing
Parallel computingVinay Gupta
 
Task programming
Task programmingTask programming
Task programmingYogendra Tamang
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLcscpconf
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocolcsandit
 

More Related Content

What's hot

symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud ComputingNephoScale
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Cryptanalysis and Attacks
Cryptanalysis and AttacksCryptanalysis and Attacks
Cryptanalysis and AttacksShahbaz Anjam
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity PredictionsMatthew Rosenquist
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.pptreshmy12
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Parallel computing
Parallel computingParallel computing
Parallel computingVinay Gupta
 

What's hot (20)

symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud Computing
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer Security
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniques
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
Message digest 5
Message digest 5Message digest 5
Message digest 5
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
 
Cryptanalysis and Attacks
Cryptanalysis and AttacksCryptanalysis and Attacks
Cryptanalysis and Attacks
 
Hash function
Hash function Hash function
Hash function
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity Predictions
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.ppt
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Web Security
Web SecurityWeb Security
Web Security
 
Cryptography
CryptographyCryptography
Cryptography
 
Parallel computing
Parallel computingParallel computing
Parallel computing
 
Task programming
Task programmingTask programming
Task programming
 

Similar to Cyber Security Module 2 Notes - Cryptography, Firewalls & Tools

VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLcscpconf
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocolcsandit
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd Iaetsd
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Vishal Kumar
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptxsandyBS
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...
A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...
A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...IJNSA Journal
 
Chaos Based Direct Public Verifiable Signcryption Scheme
Chaos Based Direct Public Verifiable Signcryption SchemeChaos Based Direct Public Verifiable Signcryption Scheme
Chaos Based Direct Public Verifiable Signcryption SchemeIOSR Journals
 
A novel paradigm in authentication system
A novel paradigm in authentication systemA novel paradigm in authentication system
A novel paradigm in authentication systemIJNSA Journal
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerEmprovise
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docxblondellchancy
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
Network security
Network securityNetwork security
Network securityanoop negi
 
CNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdfCNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdfAdiseshaK
 

Similar to Cyber Security Module 2 Notes - Cryptography, Firewalls & Tools (20)

VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptx
 
security issue
security issuesecurity issue
security issue
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
network security
network securitynetwork security
network security
 
final ppt TS.pptx
final ppt TS.pptxfinal ppt TS.pptx
final ppt TS.pptx
 
A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...
A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...
A NOVEL PARADIGM IN AUTHENTICATION SYSTEM USING SWIFI ENCRYPTION /DECRYPTION ...
 
Chaos Based Direct Public Verifiable Signcryption Scheme
Chaos Based Direct Public Verifiable Signcryption SchemeChaos Based Direct Public Verifiable Signcryption Scheme
Chaos Based Direct Public Verifiable Signcryption Scheme
 
A novel paradigm in authentication system
A novel paradigm in authentication systemA novel paradigm in authentication system
A novel paradigm in authentication system
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
Network security
Network securityNetwork security
Network security
 
crypto.pptx
crypto.pptxcrypto.pptx
crypto.pptx
 
CNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdfCNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdf
 

More from Sitamarhi Institute of Technology

More from Sitamarhi Institute of Technology (20)

Project Front_Page.pdf
Project Front_Page.pdfProject Front_Page.pdf
Project Front_Page.pdf
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
Module 5.pdf
Module 5.pdfModule 5.pdf
Module 5.pdf
 
Module 6.pdf
Module 6.pdfModule 6.pdf
Module 6.pdf
 
Module 7.pdf
Module 7.pdfModule 7.pdf
Module 7.pdf
 
Module 2.pdf
Module 2.pdfModule 2.pdf
Module 2.pdf
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdf
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
 
short notes bio
short notes bioshort notes bio
short notes bio
 
Photosynthesis.pptx
Photosynthesis.pptxPhotosynthesis.pptx
Photosynthesis.pptx
 
Concept of Allele.pptx
Concept of Allele.pptxConcept of Allele.pptx
Concept of Allele.pptx
 
Genetics.pptx
Genetics.pptxGenetics.pptx
Genetics.pptx
 
8m Biology.pdf
8m Biology.pdf8m Biology.pdf
8m Biology.pdf
 
Module 5.pptx
Module 5.pptxModule 5.pptx
Module 5.pptx
 
Mendel’s experiment.pptx
Mendel’s experiment.pptxMendel’s experiment.pptx
Mendel’s experiment.pptx
 
microbiology.pptx
microbiology.pptxmicrobiology.pptx
microbiology.pptx
 
BIOLOGY 7sem.pdf
BIOLOGY 7sem.pdfBIOLOGY 7sem.pdf
BIOLOGY 7sem.pdf
 
Heirarchy of life forms and classification.pptx
Heirarchy of life forms and classification.pptxHeirarchy of life forms and classification.pptx
Heirarchy of life forms and classification.pptx
 
Amino acids and proteins.pptx
Amino acids and proteins.pptxAmino acids and proteins.pptx
Amino acids and proteins.pptx
 
BIO.docx
BIO.docxBIO.docx
BIO.docx
 

Recently uploaded

College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 

Recently uploaded (20)

Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 

Cyber Security Module 2 Notes - Cryptography, Firewalls & Tools

  • 1. Cyber Security [105713] – Notes Module 2 Cryptography and Cryptanalysis: Introduction to Cryptography, Symmetric key Cryptography, Asymmetric key Cryptography, Message Authentication, Digital Signatures, Applications of Cryptography. Overview of Firewalls- Types of Firewalls, User Management, VPN Security, Security Protocols: - security at the Application Layer- PGP and S/MIME, Security at Transport Layer- SSL and TLS, Security at Network Layer-IPSec. Open Source/ Free/ Trial Tools: Implementation of Cryptographic techniques, OpenSSL, Hash Values Calculations MD5, SHA1, SHA256, SHA 512, Steganography (Stools) Introduction to Cryptography  Cryptography is an important aspect when we deal with network security. ‘Crypto’ means secret or hidden.  Cryptography is the science of secret writing with the intention of keeping the data secret.  Cryptanalysis, on the other hand, is the science or sometimes the art of breaking cryptosystems. These both terms are a subset of what is called as Cryptology  Cryptography is classified into symmetric cryptography, asymmetric cryptography and hashing. Below are the description of these types:-  Symmetric key cryptography – It involves usage of one secret key along with encryption and decryption algorithms which help in securing the contents of the message. The strength of symmetric key cryptography depends upon the number of key bits. It is relatively faster than asymmetric key cryptography. There arises a key distribution problem as the key has to be transferred from the sender to receiver through a secure channel.  Asymmetric key cryptography – It is also known as public key cryptography because it involves usage of a public key along with secret key. It solves the problem of key distribution as both parties uses different keys for encryption/decryption. It is not feasible to use for decrypting bulk messages as it is very slow compared to symmetric key cryptography.
  • 2.  Hashing – It involves taking the plain-text and converting it to a hash value of fixed size by a hash function. This process ensures integrity of the message as the hash value on both, sender’s and receiver’s side should match if the message is unaltered. Features Of Cryptography are as follows:  Confidentiality: Information can only be accessed by the person for whom it is intended and no other person except him can access it.  Integrity: Information cannot be modified in storage or transition between sender and intended receiver without any addition to information being detected.  Non-repudiation: The creator/sender of information cannot deny his or her intention to send information at later stage.  Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of information is confirmed. Message Authentication Code (MAC) MAC algorithm is a symmetric key cryptographic technique to provide message authentication. For establishing MAC process, the sender and receiver share a symmetric key K. Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along with a message to ensure message authentication. The process of using MAC for authentication is depicted in the following illustration – Let us now try to understand the entire process in detail −
  • 3.  The sender uses some publicly known MAC algorithm, inputs the message and the secret key K and produces a MAC value.  Similar to hash, MAC function also compresses an arbitrary long input into a fixed length output. The major difference between hash and MAC is that MAC uses secret key during the compression.  The sender forwards the message along with the MAC. Here, we assume that the message is sent in the clear, as we are concerned of providing message origin authentication, not confidentiality. If confidentiality is required then the message needs encryption.  On receipt of the message and the MAC, the receiver feeds the received message and the shared secret key K into the MAC algorithm and re-computes the MAC value.  The receiver now checks equality of freshly computed MAC with the MAC received from the sender. If they match, then the receiver accepts the message and assures himself that the message has been sent by the intended sender.  If the computed MAC does not match the MAC sent by the sender, the receiver cannot determine whether it is the message that has been altered or it is the origin that has been falsified. As a bottom- line, a receiver safely assumes that the message is not the genuine. Digital Signature:  Digital signatures are the public-key primitives of message authentication. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the message.  Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can be independently verified by receiver as well as any third party.  Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer.  In real world, the receiver of message needs assurance that the message belongs to the sender and he should not be able to repudiate the origination of that message. This requirement is very crucial in business applications, since likelihood of a dispute over exchanged data is very high. Model of Digital Signature As mentioned earlier, the digital signature scheme is based on public key cryptography. The model of digital signature scheme is depicted in the following illustration − The following points explain the entire process in detail −  Each person adopting this scheme has a public-private key pair.  Generally, the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key.  Signer feeds data to the hash function and generates hash of data.  Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier.  Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output.  Verifier also runs same hash function on received data to generate hash value.
  • 4.  For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid.  Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future. Overview of Firewalls: A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific traffic.  Accept: allow the traffic  Reject: block the traffic but reply with an “unreachable error”  Drop: block the traffic with no reply A firewall establishes a barrier between secured internal networks and outside untrusted network, such as the Internet. Generation of Firewall Firewalls can be categorized based on its generation.  First Generation- Packet Filtering Firewall : Packet filtering firewall is used to control network access by monitoring outgoing and incoming packet and allowing them to pass or stop based on source and destination IP address, protocols and ports. It analyses traffic at the transport protocol layer (but mainly uses first 3 layers). Packet filtering firewall maintains a filtering table which decides whether the packet will be forwarded or discarded. From the given filtering table, the packets will be Filtered according to following rules: 1. Incoming packets from network 192.168.21.0 are blocked. 2. Incoming packets destined for internal TELNET server (port 23) are blocked. 3. Incoming packets destined for host 192.168.21.3 are blocked. 4. All well-known services to the network 192.168.21.0 are allowed.  Second Generation- Stateful Inspection Firewall : Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of the state of networks connection travelling across it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but also on packet’s history in the state table.  Third Generation- Application Layer Firewall : Application layer firewall can inspect and filter the packets on any OSI layer, up to the application layer. It has the ability to block specific content, also recognize when certain application and protocols (like HTTP, FTP) are being misused. In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection between either side of the firewall, each packet has to pass through the proxy. It can allow or block the traffic based on predefined rules. Note: Application layer firewalls can also be used as Network Address Translator(NAT).
  • 5.  Next Generation Firewalls (NGFW) : Next Generation Firewalls are being deployed these days to stop modern security breaches like advance malware attacks and application-layer attacks. NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many functionalities to protect the network from these modern threats. Types of Firewalls Firewalls are generally of two types: Host-based and Network-based.  Host- based Firewalls: Host-based firewall is installed on each network node which controls each incoming and outgoing packet. It is a software application or suite of applications, comes as a part of the operating system. Host-based firewalls are needed because network firewalls cannot provide protection inside a trusted network. Host firewall protects each host from attacks and unauthorized access.  Network-based Firewalls: Network firewall function on network level. In other words, these firewalls filter all incoming and outgoing traffic across the network. It protects the internal network by filtering the traffic using rules defined on the firewall. A Network firewall might have two or more network interface cards (NICs). A network-based firewall is usually a dedicated system with proprietary software installed. Network Firewalls are the devices that are used to prevent private networks from unauthorized access. A Firewall is a security solution for the computers or devices that are connected to a network, they can be either in form of hardware as well as in form of software. Types of Network Firewall:  Packet Filters – It is a technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols, and ports. This firewall is also known as a static firewall.  Stateful Inspection Firewalls – It is also a type of packet filtering which is used to control how data packets move through a firewall. It is also called dynamic packet filtering. These firewalls can inspect that if the packet belongs to a particular session or not. It only permits communication if and only if, the session is perfectly established between two endpoints else it will block the communication.  Application Layer Firewalls – These firewalls can examine application layer (of OSI model) information like an HTTP request. If finds some suspicious application that can be responsible for harming our network or that is not safe for our network then it gets blocked right away.  Next-generation Firewalls –
  • 6. These firewalls are called intelligent firewalls. These firewalls can perform all the tasks that are performed by the other types of firewalls that we learned previously but on top of that, it includes additional features like application awareness and control, integrated intrusion prevention, and cloud- delivered threat intelligence.  Circuit-level gateways – A circuit-level gateway is a firewall that provides User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) connection security and works between an Open Systems Interconnection (OSI) network model’s transport and application layers such as the session layer.  Software Firewall – The software firewall is a type of computer software that runs on our computers. It protects our system from any external attacks such as unauthorized access, malicious attacks, etc. by notifying us about the danger that can occur if we open a particular mail or if we try to open a website that is not secure.  Hardware Firewall – A hardware firewall is a physical appliance that is deployed to enforce a network boundary. All network links crossing this boundary pass-through this firewall, which enables it to perform an inspection of both inbound and outbound network traffic and enforce access controls and other security policies.  Cloud Firewall – These are software-based, cloud-deployed network devices. This cloud-based firewall protects a private network from any unwanted access. Unlike traditional firewalls, a cloud firewall filters data at the cloud level. Advantages of Network Firewall:  Monitors network traffic – A network firewall monitors and analyzes traffic by inspecting whether the traffic or packets passing through our network is safe for our network or not. By doing so, it keeps our network away from any malicious content that can harm our network.  Halt Hacking – In a society where everyone is connected to technology, it becomes more important to keep firewalls in our network and use the internet safely.  Stops viruses – Viruses can come from anywhere, such as from an insecure website, from a spam message, or any threat, so it becomes more important to have a strong defence system (i.e. firewall in this case), a virus attack can easily shut off a whole network. In such a situation, a firewall plays a vital role.  Better security – If it is about monitoring and analyzing the network from time to time and establishing a malware-free, virus- free, spam-free environment so network firewall will provide better security to our network.  Increase privacy – By protecting the network and providing better security, we get a network that can be trusted. Disadvantages of Network Firewall:  Cost – Depending on the type of firewall, it can be costly, usually, the hardware firewalls are more costly than the software ones.  Restricts User – Restricting users can be a disadvantage for large organizations, because of its tough security mechanism. A firewall can restrict the employees to do a certain operation even though it’s a necessary operation.  Issues with the speed of the network – Since the firewalls have to monitor every packet passing through the network, this can slow down operations needed to be performed, or it can simply lead to slowing down the network.  Maintenance – Firewalls require continuous updates and maintenance with every change in the networking technology. As the development of new viruses is increasing continuously that can damage your system. The Importance of Using a Firewall:
  • 7. Feature-1 : Monitoring Network Traffic – Firewall security starts with effective monitoring of network traffic based on pre-established rules and filters to keep the systems protected. Feature-2 : Stops Virus Attacks and spyware – With cyber thieves creating hundreds of thousands of new threats every day, including spyware, viruses, and other attacks like email bombs, denial of service, and malicious macros, it’s critical that you put protections in place to keep your systems safe. Feature-3 : Preventing Hacks – Cyber threats are evolving at a fast pace and are widespread. Firewalls keep hackers out of your data, emails, systems, and other sensitive information. Feature-4 : Promotes Privacy – Having a firewall keeps the data safe and builds an environment of privacy that is trustworthy and a system without a firewall is accepting every connection into the network from anyone. User Management: User management (UM) is defined as the effective management of users and their accounts, giving them access to various IT resources like devices, applications, systems, networks, SaaS services, storage systems, and more.  User management is a core part to any identity and access management (IAM) solution, in particular directory services tools.  Controlling and managing user access to IT resources is a fundamental security essential for any organization.  User management enables admins to control user access and on-board and off-board users to and from IT resources.  Subsequently a directory service will then authenticate, authorize, and audit user access to IT resources based on what the IT admin had dictated. Virtual Private Network (VPN):  VPN stands for the virtual private network. A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet.  A Virtual Private Network is a way to extend a private network using a public network such as the internet.  The name only suggests that it is a Virtual “private network” i.e. user can be part of a local network sitting at a remote location. It makes use of tunneling protocols to establish a secure connection.
  • 8. Features of VPN :  VPN provides plentiful Server location.  It also provides anonymous DNS servers.  VPNs are generally cost-effective.  VPN supports Router.  The VPN is highly encrypted and secure.  Along with VPN, we get secure VPN protocols.  It provides safety against DNS Leak.  The VPN providers also offer Cross-Platform Compatible Apps. Applications of VPN:  VPN can easily bypass geographic restrictions on websites or streaming audio and video.  Using a VPN, we can protect ourselves from snooping from untrustworthy Wi-Fi hotspots.  One can gain privacy online by hiding one’s true location.  One can protect themselves from being logged while torrenting. What does a VPN hide?  A VPN can hide a lot of information like –  User’s Browsing History  User’s IP address and location  User’s location for streaming  User’s device  User’s web activity — to preserve internet freedom How to choose a VPN? In order to choose the perfect VPN, one must ask the given questions from their VPN providers as follows.  How much privacy the VPN is providing to you?  Are you able to run all security protocols?  Do they set any limits on your data?  Where is the server of your VPN located?  Are all your devices able to access VPN?  What is the cost of a VPN? Advantages of VPN :  It Provides you Anonymity.  It Avoid the Geo-restrictions.  It has security Protection from Cyberattacks.  It will Prevent Bandwidth Throttling.  It will help you to Improve Gaming Experience.
  • 9.  It has capability to Bypass Firewall. Disadvantages of VPN :  It can Slow down the Internet Speed.  It has Privacy Issues.  It might be Connection droppings while you will be connected over VPN.  It might have Configuration difficulty.  It has Legality Issues. Virtual Private Network (VPN) is basically of 2 types: 1. Remote Access VPN: Remote Access VPN permits a user to connect to a private network and access all its services and resources remotely. The connection between the user and the private network occurs through the Internet and the connection is secure and private. Remote Access VPN is useful for home users and business users both. An employee of a company, while he/she is out of station, uses a VPN to connect to his/her company’s private network and remotely access files and resources on the private network. 2. Site to Site VPN: A Site-to-Site VPN is also called as Router-to-Router VPN and is commonly used in the large companies. Companies or organizations, with branch offices in different locations, use Site-to-site VPN to connect the network of one office location to the network at another office location.  Intranet based VPN: When several offices of the same company are connected using Site-to- Site VPN type, it is called as Intranet based VPN.  Extranet based VPN: When companies use Site-to-site VPN type to connect to the office of another company, it is called as Extranet based VPN. Types of Virtual Private Network (VPN) Protocols: 1. Internet Protocol Security (IPSec): Internet Protocol Security, known as IPSec, is used to secure Internet communication across an IP network. IPSec secures Internet Protocol communication by verifying the session and encrypts each data packet during the connection. IPSec runs in 2 modes: i. Transport mode ii. Tunneling mode The work of transport mode is to encrypt the message in the data packet and the tunneling mode encrypts the whole data packet. IPSec can also be used with other security protocols to improve the security system. 2. Layer 2 Tunneling Protocol (L2TP): L2TP or Layer 2 Tunneling Protocol is a tunneling protocol that is often combined with another VPN security protocol like IPSec to establish a highly secure VPN connection. L2TP generates a tunnel between two L2TP connection points and IPSec protocol encrypts the data and maintains secure communication between the tunnel. 3. Point–to–Point Tunneling Protocol (PPTP): PPTP or Point-to-Point Tunneling Protocol generates a tunnel and confines the data packet. Point-to- Point Protocol (PPP) is used to encrypt the data between the connection. PPTP is one of the most widely used VPN protocol and has been in use since the early release of Windows. PPTP is also used on Mac and Linux apart from Windows.
  • 10. 4. SSL and TLS: SSL (Secure Sockets Layer) and TLS (Transport Layer Security) generate a VPN connection where the web browser acts as the client and user access is prohibited to specific applications instead of entire network. Online shopping websites commonly uses SSL and TLS protocol. It is easy to switch to SSL by web browsers and with almost no action required from the user as web browsers come integrated with SSL and TLS. SSL connections have “https” in the initial of the URL instead of “http”. 5. OpenVPN: OpenVPN is an open source VPN that is commonly used for creating Point-to-Point and Site-to-Site connections. It uses a traditional security protocol based on SSL and TLS protocol. 6. Secure Shell (SSH): Secure Shell or SSH generates the VPN tunnel through which the data transfer occurs and also ensures that the tunnel is encrypted. SSH connections are generated by a SSH client and data is transferred from a local port on to the remote server through the encrypted tunnel. Security Protocols: Security at the Application Layer- PGP and S/MIME 1. Pretty Good Privacy (PGP) : PGP is an open source software package that is designed for the purpose of email security. Phil Zimmerman developed it. It provides the basic or fundamental needs of cryptography. In this multiple steps such are taken to secure the email, these are,  Confidentiality  Authentication  Compression  Resemble  Segmentation  E-mail compatibility 2. Secure/Multipurpose Internet Mail Extension (S/MIME) : S/MIME is a security-enhanced version of Multipurpose Internet Mail Extension (MIME). In this, public key cryptography is used for digital sign, encrypt or decrypt the email. User acquires a public-private key pair with a trusted authority and then makes appropriate use of those keys with email applications. Difference between PGP and S/MIME : S.NO PGP S/MIME 1. It is designed for processing the plain texts While it is designed to process email as well as many multimedia files. 2. PGP is less costly as compared to S/MIME. While S/MIME is comparatively expensive. 3. PGP is good for personal as well as office use. While it is good for industrial use.
  • 11. Security at Transport Layer- SSL and TLS ❖ Transport Layer Security (TLS) Transport Layer Securities (TLS) are designed to provide security at the transport layer. TLS was derived from a security protocol called Secure Socket Layer (SSL). TLS ensures that no third party may eavesdrop or tampers with any message. There are several benefits of TLS:  Encryption: TLS/SSL can help to secure transmitted data using encryption.  Interoperability: TLS/SSL works with most web browsers, including Microsoft Internet Explorer and on most operating systems and web servers.  Algorithm flexibility: TLS/SSL provides operations for authentication mechanism, encryption algorithms and hashing algorithm that are used during the secure session.  Ease of Deployment: Many applications TLS/SSL temporarily on a windows server 2003 operating systems.  Ease of Use: Because we implement TLS/SSL beneath the application layer, most of its operations are completely invisible to client. 4. PGP is less efficient than S/MIME. While it is more efficient than PGP. 5. It depends on user key exchange. Whereas it relies on a hierarchically valid certificate for key exchange. 6. PGP is comparatively less convenient. While it is more convenient than PGP due to the secure transformation of all the applications. 7. PGP contains 4096 public keys. While it contains only 1024 public keys. 8. PGP is the standard for strong encryption. While it is also the standard for strong encryption but has some drawbacks. 9. PGP is also be used in VPNs. While it is not used in VPNs, it is only used in email services. 10. PGP uses Diffie hellman digital signature. While it uses Elgamal digital signature.
  • 12. Working of TLS: The client connect to server (using TCP), the client will be something. The client sends number of specification: i. Version of SSL/TLS. ii. which cipher suites, compression method it wants to use. The server checks what the highest SSL/TLS version is that is supported by them both, picks a cipher suite from one of the clients option (if it supports one) and optionally picks a compression method. After this the basic setup is done, the server provides its certificate. This certificate must be trusted either by the client itself or a party that the client trusts. Having verified the certificate and being certain this server really is who he claims to be (and not a man in the middle), a key is exchanged. This can be a public key, “PreMasterSecret” or simply nothing depending upon cipher suite. Both the server and client can now compute the key for symmetric encryption. The handshake is finished and the two hosts can communicate securely. To close a connection by finishing. TCP connection both sides will know the connection was improperly terminated. The connection cannot be compromised by this through, merely interrupted. ❖ Secure Socket Layer (SSL) Secure Socket Layer (SSL) provides security to the data that is transferred between web browser and server. SSL encrypts the link between a web server and a browser which ensures that all data passed between them remain private and free from attack. Secure Socket Layer Protocols:  SSL record protocol  Handshake protocol  Change-cipher spec protocol  Alert protocol SSL Protocol Stack: SSL Record Protocol: SSL Record provides two services to SSL connection.  Confidentiality  Message Integrity In the SSL Record Protocol application data is divided into fragments. The fragment is compressed and then encrypted MAC (Message Authentication Code) generated by algorithms like SHA (Secure Hash Protocol) and MD5 (Message Digest) is appended. After that encryption of the data is done and in last SSL header is appended to the data.
  • 13. Handshake Protocol: Handshake Protocol is used to establish sessions. This protocol allows the client and server to authenticate each other by sending a series of messages to each other. Handshake protocol uses four phases to complete its cycle.  Phase-1: In Phase-1 both Client and Server send hello-packets to each other. In this IP session, cipher suite and protocol version are exchanged for security purposes.  Phase-2: Server sends his certificate and Server-key-exchange. The server end phase-2 by sending the Server-hello-end packet.  Phase-3: In this phase Client reply to the server by sending his certificate and Client-exchange-key.  Phase-4: In Phase-4 Change-cipher suite occurred and after this Handshake Protocol ends. Silent Features of Secure Socket Layer:  The advantage of this approach is that the service can be tailored to the specific needs of the given application.  Secure Socket Layer was originated by Netscape.  SSL is designed to make use of TCP to provide reliable end-to-end secure service.  This is a two-layered protocol. There are some differences between SSL and TLS which are given below: S.NO SSL TLS 1. SSL stands for Secure Socket Layer. TLS stands for Transport Layer Security. 2. SSL (Secure Socket Layer) supports Fortezza algorithm. TLS (Transport Layer Security) does not support Fortezza algorithm. 3. SSL (Secure Socket Layer) is the 3.0 version. TLS (Transport Layer Security) is the 1.0 version.
  • 14. 4. In SSL( Secure Socket Layer), Message digest is used to create master secret. In TLS(Transport Layer Security), Pseudo-random function is used to create master secret. 5. In SSL( Secure Socket Layer), Message Authentication Code protocol is used. In TLS(Transport Layer Security), Hashed Message Authentication Code protocol is used. 6. SSL (Secure Socket Layer) is complex than TLS(Transport Layer Security). TLS (Transport Layer Security) is simple. 7. SSL (Secure Socket Layer) is less secured as compared to TLS(Transport Layer Security). TLS (Transport Layer Security) provides high security. Security at Network Layer-IPSec: IPSec  IPSec stands for Internet Protocol Security.  It is a suite of protocols between two communication points across the IP network that provides data authentication, data integrity, and confidentiality.  It was developed by Internet Engineering Task Force(IETF) in 1995.  It defines the architecture for security services for IP network traffic and gives a framework for providing security at the IP layer, as well as the suite of protocols designed to provide security through authentication and encryption of IP network packets.  IPsec includes the protocols that define the cryptographic algorithms used for encryption, decryption, and authentication. Characteristics of IPSec:  Anti-Replay Protection: IPSec assigns unique number to each packet when a packet with duplicate sequence number is detected then it is replayed and dropped.  Data Authentication-The Hash Message Authentication Code (HMAC) verifies that the packets are not changed.  Transparency: IPSec works below the transport layer so it is transparent to users and applications.  Confidentiality: Data packets are encrypted by the sender before transmission so the sensitive data will only reach to intended recipient.  Dynamic Re-Keying: Re-Keying procedure at set intervals replaces manual reconfiguration of secret keys. Advantages of IPSec:  IPSec operates at layer 3, that is the network layer, as a result it has no impact on higher network layers. It provides transparency to application. The end-user need not to bother about the IPSec or its configurations.  As it is implemented at the network layer, IPSec allows monitoring all the traffic that passes over the network.
  • 15.  During any data exchange, IPSec uses a public key that helps in the safe transfer of confidential data, as a result securing the keys ensures safe data transfer.  IPSec only requires modifications to the operating system, so IPSec based Virtual Private Networks do not need to worry about the type of application. Disadvantages of IPSec:  One of the greatest disadvantages of IPSec is its wide access range, giving access to a single device of IPSec based network, can give privileges for other devices too.  IPSec causes some compatibility issues with software if software developers do not adhere to the standards of IPSec.  IPSec has high C.P.U usage when the data packet size is small, the performance of the network diminishes due to large overhead used by IPSec.  Security of certain algorithms used in IPSec is a concern, if someone uses broken algorithm, the server will be at a greater risk of a hack. Uses of IP Security – IPsec can be used to do the following things:  To encrypt application layer data.  To provide security for routers sending routing data across the public internet.  To provide authentication without encryption, like to authenticate that the data originates from a known sender.  To protect network data by setting up circuits using IPsec tunnelling in which all data is being sent between the two endpoints is encrypted, as with a Virtual Private Network (VPN) connection.