SlideShare a Scribd company logo

networksecurityandcryptography-140303114745-phpapp02.pdf

Y
Yasmin297583

Network security and engineering

Engineering
1 of 18
Download to read offline
By Raj Kumar Rampelli
 Need for Network security  Classification of Network Attacks ◦ Possible Attacks  Security Features  Security Mechanism: Cryptography  Types of Encryption-Decryption techniques ◦ Symmetric: Shared Key Type ◦ Asymmetric: Public/Private Key Type  Public Key Infrastructure  Digital Signature  Public Key Infrastructure implementation and its factors ◦ Generation of key pair ◦ Obtain Digital certificate ◦ Encryption/Decryption analysis ◦ Digital certificate role  Conclusion 3/3/2014 Raj Kumar Rampelli 2
 What is a Network ? ◦ Data Carrier  Data ? ◦ Anything which conveys something between 1st person (sender/receiver) and 2nd person (receiver/sender)  Categories of Data ? ◦ Normal ◦ Confidential  Data can’t be enclosed to 3rd person.  Goal ? ◦ Protection of DATA i.e. Information Security. ◦ Preventing compromise or loss of DATA from unauthorized access 3/3/2014 Raj Kumar Rampelli 3
 What is Network Attack ? ◦ An action that compromises the security of DATA  Categories of Attacks ◦ Passive  Learn from DATA and make use of system information  Do not alter the DATA  Very difficult to identify the attack  Ex: Eavesdropping (Interception) ◦ Active  Modifies the DATA  Ex: Denial of Service  Possible Attacks ◦ Interruption ◦ Interception ◦ Modification ◦ Fabrication 3/3/2014 Raj Kumar Rampelli 4
 Normal Flow  Interruption ◦ Attack on “availability”  Disconnection of a wireless or wired internet connection  Unavailability of a particular web site  Inability to access any web site Sender Receiver Disturb Sender Receiver 3/3/2014 Raj Kumar Rampelli 5
 Interception (No Privacy) ◦ Attack on “confidentiality” ◦ Packet Analyzer software  Intercept and log traffic passing over a network  Captures each Packet and decodes the data  Ex: Microsoft Network Monitor ◦ Man in the middle attack ◦ Wiretapping: capture the data ◦ Intruder can be a person or a program or a computer Sender Receiver Intruder 3/3/2014 Raj Kumar Rampelli 6
 Modification ◦ Attacker modifies the data sent by the sender ◦ Gain access to a system and make changes  Alter programs so that it performs differently ◦ Attack on “Integrity”  Fabrication ◦ Attacker acts like Sender ◦ Gain access to a person’s email and sending messages ◦ Attack on “Authenticity” ◦ Lack of mutual authentication 3/3/2014 Raj Kumar Rampelli 7
 A Transaction/Communication (or a service) is secure if and only if the following security features are provided ◦ Confidentiality ◦ Integrity ◦ Authenticity (Mutual Authentication) ◦ Non-repudiation  Cryptography ◦ Symmetric key Cryptography ◦ Public Key Infrastructure 3/3/2014 Raj Kumar Rampelli 8
Cryptography Services •Provide security features Symmetric Key Cryptography •Data Encryption Standard (DES) •Triple DES •Advanced ES Public Key Infrastructure •Public-Private Key •RSA •ECC Encryption and Decryption •Cypher Text Digital Signature Digital Certificate String of information that binds the unique identifier of each user to his/her corresponding public key. A mathematical scheme for demonstrating the authenticity, non-repudiation and integrity of a digital message 3/3/2014 Raj Kumar Rampelli 9
 Symmetric Key scenario  Public-Private Key scenario Sender (plain text)  SK(plain text) Cipher Text (Encrypted text) Receiver SK(Cipher text)  Plain text Sender (plain text)  PubKey(plain text) Cipher Text (Encrypted text) Receiver PrivKey(Cipher text)  Plain text 3/3/2014 Raj Kumar Rampelli 10
• Generation of Public-Private key pair • Generation of certificate request message • Receive and store digital certificates • Encryption and Decryption • Generation and verification of digital signature message • Verification of Digital certificate Performance factors at client 3/3/2014 Raj Kumar Rampelli 11
 Generate public and private key pair at client  Check the following details using different Public Key Cryptography (PKC) algorithms ◦ Time taken for key pair generation ◦ Storage space required for storing the key pair ◦ Repeat above two steps by changing the key size in the algorithm ◦ Analyze the results and choose optimal algorithm suitable for your application.  PKC algorithms ◦ RSA ◦ ECC 3/3/2014 Raj Kumar Rampelli 12
 Generate certificate request message (CRM) using public-private key pair  Apply for new Digital Certificate ◦ Send CRM and user/app credentials to Certificate Authority (CA)  CA verifies the requester credentials ◦ Approves/Rejects the application ◦ If approved,  Generate Digital Certificate using requester credential with public key information  Store it in Digital certificate data base locally  Send Digital certificate to requester  Receive Digital certificate from CA and store locally. 3/3/2014 Raj Kumar Rampelli 13
 String of information that binds the unique identifier of each client to his/her corresponding public key.  Pre-requite for obtaining Digital certificate ◦ Generate public-private key pair locally ◦ Generate certificate request message  Digital certificate used to authenticate server credentials during mutual authentication process  Mutual authentication process: ◦ a client authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others' identity [wiki]  Authenticating an entity using its Digital certificate: ◦ Check the validity period of certificate ◦ Verify the digital signature of CA on the certificate using CA’s public key 3/3/2014 Raj Kumar Rampelli 14
 Client encrypts the message using server’s public key  The time taken for encryption of fixed size message ◦ Using server’s ECC public key ◦ Using server’s RSA public key ◦ Analyze the results.  Client decrypts the received message (from server) using client’s private key  The time taken for decryption of fixed size message ◦ Using client’s ECC private key ◦ Using client’s RSA private key ◦ Analyze the results. 3/3/2014 Raj Kumar Rampelli 15
A valid digital signature gives a recipient reason to believe that the message was created by a known sender (Authenticity), such that the sender cannot deny having sent the message (Non-repudiation) and that the message was not altered in transit (Integrity). Performance factor-4: Digital signature generation & verification 3/3/2014 Raj Kumar Rampelli 16
 A method to Secure “Data transactions” between users is needed ◦ Should ensure all desired security features for any transaction.  Cryptography: collections of standards/techniques for securing the Data. ◦ PKI ensures all security features  As the key size increases, the more difficult to crack the data.  Analyze PKI Implementation factors using different cryptographic algorithms with different key sizes  Digital certificate: Mainly used for authenticity  Digital signature: Mainly used for Integrity of data 3/3/2014 Raj Kumar Rampelli 17
 Have a Look at:  My PPTs:  http://www.slideshare.net/rampalliraj/  My Tech Blog:  http://practicepeople.blogspot.in/ 3/3/2014 Raj Kumar Rampelli 18

Recommended

Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptography
RajKumar Rampelli
 
Cryptography
Cryptography Cryptography
Cryptography
1326OmkarKamble
 
Lesson 3- Remote Access
Lesson 3- Remote AccessLesson 3- Remote Access
Lesson 3- Remote Access
MLG College of Learning, Inc
 
10. grid security
10. grid security10. grid security
10. grid security
Dr Sandeep Kumar Poonia
 
Network Security_Module_2.pdf
Network Security_Module_2.pdfNetwork Security_Module_2.pdf
Network Security_Module_2.pdf
Dr. Shivashankar
 
Empirical Study of a Key Authentication Scheme in Public Key Cryptography
Empirical Study of a Key Authentication Scheme in Public Key CryptographyEmpirical Study of a Key Authentication Scheme in Public Key Cryptography
Empirical Study of a Key Authentication Scheme in Public Key Cryptography
IJERA Editor
 
Ledingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersLedingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for Developers
Mukesh Singh
 
Cryptography
CryptographyCryptography
Cryptography
TanviGogri
 

Recommended

Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptography
RajKumar Rampelli
 
Cryptography
Cryptography Cryptography
Cryptography
1326OmkarKamble
 
Lesson 3- Remote Access
Lesson 3- Remote AccessLesson 3- Remote Access
Lesson 3- Remote Access
MLG College of Learning, Inc
 
10. grid security
10. grid security10. grid security
10. grid security
Dr Sandeep Kumar Poonia
 
Network Security_Module_2.pdf
Network Security_Module_2.pdfNetwork Security_Module_2.pdf
Network Security_Module_2.pdf
Dr. Shivashankar
 
Empirical Study of a Key Authentication Scheme in Public Key Cryptography
Empirical Study of a Key Authentication Scheme in Public Key CryptographyEmpirical Study of a Key Authentication Scheme in Public Key Cryptography
Empirical Study of a Key Authentication Scheme in Public Key Cryptography
IJERA Editor
 
Ledingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for DevelopersLedingkart Meetup #3: Security Basics for Developers
Ledingkart Meetup #3: Security Basics for Developers
Mukesh Singh
 
Cryptography
CryptographyCryptography
Cryptography
TanviGogri
 
Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architectures
inovia
 
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextRSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
Yekini Nureni
 
Kerberos
KerberosKerberos
Kerberos
RafatSamreen
 
Lessson 3
Lessson 3Lessson 3
Lessson 3
MLG College of Learning, Inc
 
PKI & SSL
PKI & SSLPKI & SSL
PKI & SSL
RitaThakkar1
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communication
manish kumar
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
IJCSEA Journal
 
digital_sign_interview.ppt
digital_sign_interview.pptdigital_sign_interview.ppt
digital_sign_interview.ppt
jayarao21
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
Uttara University
 
E-Business security
E-Business security E-Business security
E-Business security
Surendhranatha Reddy
 
Mj3422172221
Mj3422172221Mj3422172221
Mj3422172221
IJERA Editor
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
blondellchancy
 
Network Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr ShivashankarNetwork Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr Shivashankar
Dr. Shivashankar
 
NS Unit 3 AAR.ppt
NS Unit 3 AAR.pptNS Unit 3 AAR.ppt
NS Unit 3 AAR.ppt
Vishalkumar605125
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
RushikeshChikane2
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
Abdulaziz Mohd
 
Secure instant messanger service
Secure instant messanger serviceSecure instant messanger service
Secure instant messanger service
Aditya Gupta
 
Security
SecuritySecurity
Security
majstors
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
Adarsh Kumar Yadav
 
Software Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdfSoftware Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdf
ssuser5c9d4b1
 
Raashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashid final report on Embedded Systems
Raashid final report on Embedded Systems
RaashidFaiyazSheikh
 

More Related Content

Similar to networksecurityandcryptography-140303114745-phpapp02.pdf

RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextRSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
Yekini Nureni
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
IJCSEA Journal
 
digital_sign_interview.ppt
digital_sign_interview.pptdigital_sign_interview.ppt
digital_sign_interview.ppt
jayarao21
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
Uttara University
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
blondellchancy
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
Abdulaziz Mohd
 

Similar to networksecurityandcryptography-140303114745-phpapp02.pdf (20)

Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architectures
 
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and TextRSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
RSA and RC4 Cryptosystem Performance Evaluation Using Image and Text
 
Kerberos
KerberosKerberos
Kerberos
 
Lessson 3
Lessson 3Lessson 3
Lessson 3
 
PKI & SSL
PKI & SSLPKI & SSL
PKI & SSL
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communication
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
 
digital_sign_interview.ppt
digital_sign_interview.pptdigital_sign_interview.ppt
digital_sign_interview.ppt
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
E-Business security
E-Business security E-Business security
E-Business security
 
Mj3422172221
Mj3422172221Mj3422172221
Mj3422172221
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
 
Network Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr ShivashankarNetwork Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr Shivashankar
 
NS Unit 3 AAR.ppt
NS Unit 3 AAR.pptNS Unit 3 AAR.ppt
NS Unit 3 AAR.ppt
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
 
Secure instant messanger service
Secure instant messanger serviceSecure instant messanger service
Secure instant messanger service
 
Security
SecuritySecurity
Security
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 

Recently uploaded

litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdflitvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
Alexander Litvinenko
 
Artificial Intelligence in due diligence
Artificial Intelligence in due diligenceArtificial Intelligence in due diligence
Artificial Intelligence in due diligence
mahaffeycheryld
 
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and ToolsMaximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
soginsider
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
Kira Dess
 
Insurance management system project report.pdf
Insurance management system project report.pdfInsurance management system project report.pdf
Insurance management system project report.pdf
Kamal Acharya
 

Recently uploaded (20)

Software Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdfSoftware Engineering Practical File Front Pages.pdf
Software Engineering Practical File Front Pages.pdf
 
Raashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashid final report on Embedded Systems
Raashid final report on Embedded Systems
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
 
handbook on reinforce concrete and detailing
handbook on reinforce concrete and detailinghandbook on reinforce concrete and detailing
handbook on reinforce concrete and detailing
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.ppt
 
5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...
 
UNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptxUNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptx
 
Working Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdfWorking Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdf
 
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdflitvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
 
History of Indian Railways - the story of Growth & Modernization
History of Indian Railways - the story of Growth & ModernizationHistory of Indian Railways - the story of Growth & Modernization
History of Indian Railways - the story of Growth & Modernization
 
Artificial Intelligence in due diligence
Artificial Intelligence in due diligenceArtificial Intelligence in due diligence
Artificial Intelligence in due diligence
 
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and ToolsMaximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
 
analog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptxanalog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptx
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
 
Insurance management system project report.pdf
Insurance management system project report.pdfInsurance management system project report.pdf
Insurance management system project report.pdf
 
NEWLETTER FRANCE HELICES/ SDS SURFACE DRIVES - MAY 2024
NEWLETTER FRANCE HELICES/ SDS SURFACE DRIVES - MAY 2024NEWLETTER FRANCE HELICES/ SDS SURFACE DRIVES - MAY 2024
NEWLETTER FRANCE HELICES/ SDS SURFACE DRIVES - MAY 2024
 
Adsorption (mass transfer operations 2) ppt
Adsorption (mass transfer operations 2) pptAdsorption (mass transfer operations 2) ppt
Adsorption (mass transfer operations 2) ppt
 
What is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, FunctionsWhat is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, Functions
 
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfInvolute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
 
CLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference ModalCLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference Modal
 

networksecurityandcryptography-140303114745-phpapp02.pdf

  • 2.  Need for Network security  Classification of Network Attacks ◦ Possible Attacks  Security Features  Security Mechanism: Cryptography  Types of Encryption-Decryption techniques ◦ Symmetric: Shared Key Type ◦ Asymmetric: Public/Private Key Type  Public Key Infrastructure  Digital Signature  Public Key Infrastructure implementation and its factors ◦ Generation of key pair ◦ Obtain Digital certificate ◦ Encryption/Decryption analysis ◦ Digital certificate role  Conclusion 3/3/2014 Raj Kumar Rampelli 2
  • 3.  What is a Network ? ◦ Data Carrier  Data ? ◦ Anything which conveys something between 1st person (sender/receiver) and 2nd person (receiver/sender)  Categories of Data ? ◦ Normal ◦ Confidential  Data can’t be enclosed to 3rd person.  Goal ? ◦ Protection of DATA i.e. Information Security. ◦ Preventing compromise or loss of DATA from unauthorized access 3/3/2014 Raj Kumar Rampelli 3
  • 4.  What is Network Attack ? ◦ An action that compromises the security of DATA  Categories of Attacks ◦ Passive  Learn from DATA and make use of system information  Do not alter the DATA  Very difficult to identify the attack  Ex: Eavesdropping (Interception) ◦ Active  Modifies the DATA  Ex: Denial of Service  Possible Attacks ◦ Interruption ◦ Interception ◦ Modification ◦ Fabrication 3/3/2014 Raj Kumar Rampelli 4
  • 5.  Normal Flow  Interruption ◦ Attack on “availability”  Disconnection of a wireless or wired internet connection  Unavailability of a particular web site  Inability to access any web site Sender Receiver Disturb Sender Receiver 3/3/2014 Raj Kumar Rampelli 5
  • 6.  Interception (No Privacy) ◦ Attack on “confidentiality” ◦ Packet Analyzer software  Intercept and log traffic passing over a network  Captures each Packet and decodes the data  Ex: Microsoft Network Monitor ◦ Man in the middle attack ◦ Wiretapping: capture the data ◦ Intruder can be a person or a program or a computer Sender Receiver Intruder 3/3/2014 Raj Kumar Rampelli 6
  • 7.  Modification ◦ Attacker modifies the data sent by the sender ◦ Gain access to a system and make changes  Alter programs so that it performs differently ◦ Attack on “Integrity”  Fabrication ◦ Attacker acts like Sender ◦ Gain access to a person’s email and sending messages ◦ Attack on “Authenticity” ◦ Lack of mutual authentication 3/3/2014 Raj Kumar Rampelli 7
  • 8.  A Transaction/Communication (or a service) is secure if and only if the following security features are provided ◦ Confidentiality ◦ Integrity ◦ Authenticity (Mutual Authentication) ◦ Non-repudiation  Cryptography ◦ Symmetric key Cryptography ◦ Public Key Infrastructure 3/3/2014 Raj Kumar Rampelli 8
  • 9. Cryptography Services •Provide security features Symmetric Key Cryptography •Data Encryption Standard (DES) •Triple DES •Advanced ES Public Key Infrastructure •Public-Private Key •RSA •ECC Encryption and Decryption •Cypher Text Digital Signature Digital Certificate String of information that binds the unique identifier of each user to his/her corresponding public key. A mathematical scheme for demonstrating the authenticity, non-repudiation and integrity of a digital message 3/3/2014 Raj Kumar Rampelli 9
  • 10.  Symmetric Key scenario  Public-Private Key scenario Sender (plain text)  SK(plain text) Cipher Text (Encrypted text) Receiver SK(Cipher text)  Plain text Sender (plain text)  PubKey(plain text) Cipher Text (Encrypted text) Receiver PrivKey(Cipher text)  Plain text 3/3/2014 Raj Kumar Rampelli 10
  • 11. • Generation of Public-Private key pair • Generation of certificate request message • Receive and store digital certificates • Encryption and Decryption • Generation and verification of digital signature message • Verification of Digital certificate Performance factors at client 3/3/2014 Raj Kumar Rampelli 11
  • 12.  Generate public and private key pair at client  Check the following details using different Public Key Cryptography (PKC) algorithms ◦ Time taken for key pair generation ◦ Storage space required for storing the key pair ◦ Repeat above two steps by changing the key size in the algorithm ◦ Analyze the results and choose optimal algorithm suitable for your application.  PKC algorithms ◦ RSA ◦ ECC 3/3/2014 Raj Kumar Rampelli 12
  • 13.  Generate certificate request message (CRM) using public-private key pair  Apply for new Digital Certificate ◦ Send CRM and user/app credentials to Certificate Authority (CA)  CA verifies the requester credentials ◦ Approves/Rejects the application ◦ If approved,  Generate Digital Certificate using requester credential with public key information  Store it in Digital certificate data base locally  Send Digital certificate to requester  Receive Digital certificate from CA and store locally. 3/3/2014 Raj Kumar Rampelli 13
  • 14.  String of information that binds the unique identifier of each client to his/her corresponding public key.  Pre-requite for obtaining Digital certificate ◦ Generate public-private key pair locally ◦ Generate certificate request message  Digital certificate used to authenticate server credentials during mutual authentication process  Mutual authentication process: ◦ a client authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others' identity [wiki]  Authenticating an entity using its Digital certificate: ◦ Check the validity period of certificate ◦ Verify the digital signature of CA on the certificate using CA’s public key 3/3/2014 Raj Kumar Rampelli 14
  • 15.  Client encrypts the message using server’s public key  The time taken for encryption of fixed size message ◦ Using server’s ECC public key ◦ Using server’s RSA public key ◦ Analyze the results.  Client decrypts the received message (from server) using client’s private key  The time taken for decryption of fixed size message ◦ Using client’s ECC private key ◦ Using client’s RSA private key ◦ Analyze the results. 3/3/2014 Raj Kumar Rampelli 15
  • 16. A valid digital signature gives a recipient reason to believe that the message was created by a known sender (Authenticity), such that the sender cannot deny having sent the message (Non-repudiation) and that the message was not altered in transit (Integrity). Performance factor-4: Digital signature generation & verification 3/3/2014 Raj Kumar Rampelli 16
  • 17.  A method to Secure “Data transactions” between users is needed ◦ Should ensure all desired security features for any transaction.  Cryptography: collections of standards/techniques for securing the Data. ◦ PKI ensures all security features  As the key size increases, the more difficult to crack the data.  Analyze PKI Implementation factors using different cryptographic algorithms with different key sizes  Digital certificate: Mainly used for authenticity  Digital signature: Mainly used for Integrity of data 3/3/2014 Raj Kumar Rampelli 17
  • 18.  Have a Look at:  My PPTs:  http://www.slideshare.net/rampalliraj/  My Tech Blog:  http://practicepeople.blogspot.in/ 3/3/2014 Raj Kumar Rampelli 18