SlideShare a Scribd company logo

Network Security & Cryptography Explained

Download as DOC, PDF
L
lakshmansoft7

This document provides an overview of network security and cryptography. It discusses the history and basic concepts of networking and security. The document covers risk management, network threats like viruses and denial of service attacks. It also explains different network security methods like virtual private networks (VPNs), firewalls, and IPSec. Cryptography techniques like secret key cryptography, public key cryptography, hash functions, and authentication methods are summarized. Popular cryptographic algorithms and protocols like PGP, SHA, and AAA servers are also mentioned.

1 of 10
NETWORKSECURITY & CRYPTOGRAPHY G.MANOGNA K.HIMATHA 3RD B.TECH 3RD B.TECH C.S.E C.S.E manogna_gudipudi@yahoo.co.in himatha_k007@yahoo.com NALANDA INSTITUTE OF ENGG & TECH KANTEPUDI,SATTENAPALLI . Abstract Network security is a complicated subject, historically only tackled by well- trained and experienced experts. However, as more and more people become ``wired'', an increasing number of people need to understand the basics of security in a networked world. This document was written manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them. Some history of networking is included, as well as an introduction to TCP/IP and internetworking . We go on to consider risk management, network threats, firewalls, and more special-purpose secure networking devices. This is not intended to be a ``frequently asked questions'' reference, nor is it a ``hands-on'' document describing how to accomplish specific functionality. It is hoped that the reader will have a wider perspective on security in general, and better understand how to reduce and manage risk personally, at home, and in the workplace.
Cryptography and Authentication: The process of proving one's identity. (The primary forms of host-to-host Network Security authentication on the Internet today are name-based Does security provide some very or address-based, both of which are notoriously basic protections that we are naive to believe weak.) that we don't need? During this time when the • prrivacy/confidentiality: Ensuring that no Internet provides essential communication one can read the message except the intended between tens of millions of people and is receiver. being increasingly used as a tool for commerce, security becomes a tremendously • Integrity: Assuring the receiver that the important issue to deal with. There are many received message has not been altered in any aspects to security and many applications, way from the original. Ranging from secure commerce and payments to private Communications and protecting • Non-repudiation: A mechanism to prove passwords. One essential aspect for Secure that the sender really sent this message. communications is that of cryptography. Cryptography, then, not only protects data from theft or alteration, but can also be used for user Cryptography is the science of writing in authentication. secret code and is an ancient art. The first documented use of cryptography in writing • The three types of cryptographic algorithms that dates back to circa 1900 B.C. when an will be discussed are (Figure 1): Egyptian scribe used non-standard • Secret Key Cryptography (SKC): Uses a hieroglyphs in an inscription. single key for both encryption and decryption In data and Public Key Cryptography (PKC): Uses telecommunications,cryptography is necessary one key for encryption and another for when communicating over any untrusted decryption medium, which includes just about any network, particularly the Internet.Within the context of • Hash Functions: Uses a mathematical any application-to-application communication, transformation to irreversibly "encrypt" there are some specific security requirements, information including:
both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key.Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so- called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plain text block will always 1. Secret Key Cryptography encrypt to the same cipher text when using the same key in a block cipher With secret key cryptography, a single key is whereas the same plaintext will used for both encryption and decryption. encrypt to different cipher text in a As shown in Figure the sender uses the key (or stream cipher. some set of rules) to encrypt the plain text and 2. Public key cryptography sends the cipher text to the receiver. The receiver applies the same key (or rule set) to Modern PKC was first described decrypt the message and recover the plain publicly by Stanford University professor text. Because a single key is used for both Martin Hellman and graduate student functions, secret key cryptography is also Whitfield Diffie in 1976. Their paper called symmetric encryption. described a two-key crypto system in which two parties could engage in a secure With this form of cryptography, it is communication over a non-secure obvious that the key must be known to communications channel without having to
share a secret key. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other 4. TRUST MODELS key. One key is used to encrypt the Secure use of cryptography requires trust. plaintext and the other key is used to decrypt While secret key cryptography can ensure the cipher text. The important point message confidentiality and hash codes can here is that it does not matter which key is ensure integrity, none of this works without applied first, but that both keys are required trust. In SKC, PKC solved the secret for the process to work (Figure 1B). Because distribution problem. There are a number of a pair of keys are required, this approach is trust models employed by various also called asymmetric cryptography cryptographic schemes. 3. Hash Functions • The web of trust employed by Pretty Good Hash functions, also called message digests Privacy (PGP) users, who hold their own and one-way encryption, are algorithms that, set of trusted public keys. in some sense, use no key (Figure 1C). • Kerberos, a secret key distribution scheme Instead, a fixed-length hash value is computed using a trusted third party. based upon the plaintext that makes it impossible for either the contents or length of • Certificates, which allow a set of trusted the plaintext to be recovered. Hash algorithms third parties to authenticate each other and, are typically used to provide a digital by implication, each other's users. fingerprint of a file's contents often used to Each of these trust models differs in ensure that the file has not been altered by an complexity, general applicability, scope, and intruder or virus. Hash functions are also scalability. commonly employed by many operating systems to encrypt passwords. Hash functions, then, help preserve the integrity of a file. Types of authority • Establish identity: Associate, or bind, a public key to an individual, organization, corporate position, or other entity.
• Assign authority: Establish what actions good one. The strength of cryptography lies in the holder may or may not take based the choice (and management) of the keys; upon this certificate. longer keys will resist attack better than shorter keys • Secure confidential information (e.g., Encrypt and decrypt messages using any of encrypting the session's symmetric key for the classical substitution ciphers discussed, data confidentiality). both by hand and with the assistance of ------------------------------------------------ programs. ---------------------------- understand the concepts of language redundancy and unicity distance. Todays latest used cryptographic techniques:Hash algorithms that are in Different types of threats to network: common use today include:Message Digest (MD) algorithms • Application backdoors - Some  Secure Hash Algorithm (SHA) programs have special features that allow for remote access . Others contain bugs that provide a backdoor , Pretty Good Privacy (PGP) or hidden access , that provides some Pretty Good Privacy (PGP) is one of today's level of control of the program. most widely used public key cryptography programs. PGP can be used to sign or encrypt • SMTP session hijacking - SMTP is e-mail messages with mere click of the mouse. the most common method of Sending Depending upon the version of PGP, the e-mail over the Internet . By gaining software uses SHA or MD5 for calculating the access to a list of e- mail Addresses , a message hash; CAST, Triple-DES, or IDEA person can send unsolicited junk e-mail for encryption; and RSA or DSS/Diffie- ( spam ) to thousands of users . This is Hellman for key exchange and digital done quite often by redirecting the e- signatures. And much more techniques used. mail through the SMTP server of an Time is the only true test of good unsuspecting host , making the actual cryptography; any cryptographic scheme that sender of the spam difficult to trace. stays in use year after year is most likely a
• Operating system bugs - Like • Macros - To simplify complicated applications , some operating systems procedures , many applications allow Have backdoors . Others provide remote you to create a script of commands access with insufficient security that the application can run . This controls or have bugs that an script is known as a macro . Hackers experienced hacker can take advantage have taken advantage of this to create of . their own macros that , depending on the application , can destroy your data • Denial of service - You have probably or crash your computer . heard this phrase used in news reports on the attacks on major Web sites . • Viruses - Probably the most well-known This type of attack is nearly Impossible threat is computer viruses . A virus is a to counter . What happens is that the small program that can copy itself to hacker sends a request to the server to other computers . This way it can connect to it . When the server spread quickly from one system to the responds with an acknowledgement and next. Viruses range from harmless tries to establish a session , it cannot messages to erasing all of your data . find the system that made the request . By inundating a server with these • Spam - Typically harmless but always unanswerable session requests , a annoying , spam is the electronic hacker causes the server to slow to a equivalent of junk mail . Spam can be crawl or eventually crash. dangerous though . Quite often it contains links to Web sites . Be careful • E-mail bombs - An e-mail bomb is of clicking on these because you may usually a personal attack . Someone accidentally accept a cookie that sends you the same e-mail hundreds or provides a backdoor to your computer. thousands of times until your e-mail • Redirect bombs - Hackers can use system cannot accept any more ICMP to change ( redirect ) the Path messages . information takes by sending it to a different router . This is one of the
ways that a denial of service attack is set up. Network security can be done by various methods. 1. Virtual Private Network: A virtual private network ( VPN ) is a way to use a public telecommunication infrastructure , such as the Internet , to provide remote Step 2. - When connectivity to the corporate offices or individual users with secure network is desired, the user initiates a tunnel request access to their organization's network. A to the destination Security server on the corporate virtual private network can be contrasted network. The security server authenticates the user with an expensive system of owned or and creates the other end of tunnel. leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities , but at a much lower cost Implementation of network security by VPN. Step 1. - The remote user dials into their local ISP Fig : a) A leased line and logs into the ISP’s network as usual. private network b) A virtual private network
corporate network. Any information sent back to the Remote user is also encrypted before being sent over the Internet. Step 3. - The user then sends data through the tunnel which encrypted by the VPN software before being sent over the ISP connection. 2.Firewalls: A firewall provides a strong barrier between your private network and the Internet . You can set firewalls to restrict the number of open ports , what type of packets are passed through and which protocols are allowed through . You should already have a good firewall in place before you implement a VPN , but a firewall can also be used to terminate the VPN sessions . Step 4. - The destination Security server receives Fig2: A fire wall consisting of two packet filters and the encrypted data and decrypts. The Security server an application gateway then forwards the decrypted data packets onto the
3.IPSec - client , the Request is proxies to the AAA Internet Protocol Security Protocol (IPSec) server . AAA then checks the following : provides enhanced security features such as Who you are (authentication) better encryption algorithms and more What you are allowed to do (authorization) comprehensive authentication . IPSec has two What you actually do (accounting) The accounting encryption modes : tunnel and transport . Tunnel information is especially useful for tracking encrypts the header and the payload of each client. Use for security auditing , billing or packet while transport only encrypts the reporting purposes . payload. Only systems that are IPSec compliant can take advantage of this Protocol . Also , all devices must use a common key and the firewalls of each network must have very similar security policies set up. IPSec can encrypt data between various devices , such as : Router to router Firewall to router PC to router PC to server A software firewall can be installed on the REFRERNCES computer in your home that has an Internet - connection . This computer is considered a - gateway because it provides the only 1.The New Lexicon Webster's Encyclopedic point of access between your home network and the Internet . Dictionary of the English Language. New York: Lexicon. 1.Cryptography And Network Security -- William 4. AAA Server - AAA (authentication , Stallings authorization and accounting) 2.R.T. Morris, 1985. A Weakness in the 4.2BSD servers are used for more secure access in a Unix TCP/IP Software. Computing & Science remote-access VPN environment . When a request Technical Report No. 117, AT&T Bell to establish a session comes in from a dial up
Laboratories, Murray Hill, New Jersey . 4.S.M. Bellovin. Security Problems in the TCP/IP 3.COMPUTER NETWORKS ---ANDREW S. Protocol Suite. Computer Communication Review, TENAUNBAUM Vol. 19, No. 2, pp. 32-48, April 1989.

Recommended

Seminar report on symmetric key
Seminar report on symmetric keySeminar report on symmetric key
Seminar report on symmetric keyRajat Tripathi
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444IJRAT
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniqueseditor1knowledgecuddle
 
Cryptography and security
Cryptography and securityCryptography and security
Cryptography and securityresearch30
 

Recommended

Seminar report on symmetric key
Seminar report on symmetric keySeminar report on symmetric key
Seminar report on symmetric keyRajat Tripathi
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444IJRAT
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniqueseditor1knowledgecuddle
 
Cryptography and security
Cryptography and securityCryptography and security
Cryptography and securityresearch30
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptographyVaibhav Khanna
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pkiPrabhat Goel
 
CNS Solution
CNS SolutionCNS Solution
CNS SolutionNitin Kanzariya
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsIJNSA Journal
 
Cryptography
CryptographyCryptography
CryptographyKalyani Government Engineering College
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationBitcoin Association of Australia
 
Efficient Coercion Resistant Public Key Encryption
Efficient Coercion Resistant Public Key EncryptionEfficient Coercion Resistant Public Key Encryption
Efficient Coercion Resistant Public Key EncryptionCSCJournals
 
A Robust Technique to Encrypt and Decrypt Confidential Data within Image
A Robust Technique to Encrypt and Decrypt Confidential Data within ImageA Robust Technique to Encrypt and Decrypt Confidential Data within Image
A Robust Technique to Encrypt and Decrypt Confidential Data within Imageinventionjournals
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSSURBHI SAROHA
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied CryptographyMarcelo Martins
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyeSAT Publishing House
 
Cn ppt
Cn pptCn ppt
Cn pptAshish Agarwal
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEWIMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEWijcsit
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
Edit rpp
Edit rppEdit rpp
Edit rppUmar Hadi Wahyu D
 
Writing For The Media 12.11.10
Writing For The Media 12.11.10Writing For The Media 12.11.10
Writing For The Media 12.11.10WCG London
 
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...Richard West
 

More Related Content

What's hot

Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptographyVaibhav Khanna
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pkiPrabhat Goel
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsIJNSA Journal
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Efficient Coercion Resistant Public Key Encryption
Efficient Coercion Resistant Public Key EncryptionEfficient Coercion Resistant Public Key Encryption
Efficient Coercion Resistant Public Key EncryptionCSCJournals
 
A Robust Technique to Encrypt and Decrypt Confidential Data within Image
A Robust Technique to Encrypt and Decrypt Confidential Data within ImageA Robust Technique to Encrypt and Decrypt Confidential Data within Image
A Robust Technique to Encrypt and Decrypt Confidential Data within Imageinventionjournals
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSSURBHI SAROHA
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyeSAT Publishing House
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEWIMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEWijcsit
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 

What's hot (19)

Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pki
 
CNS Solution
CNS SolutionCNS Solution
CNS Solution
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
 
Cryptography
CryptographyCryptography
Cryptography
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
 
Efficient Coercion Resistant Public Key Encryption
Efficient Coercion Resistant Public Key EncryptionEfficient Coercion Resistant Public Key Encryption
Efficient Coercion Resistant Public Key Encryption
 
A Robust Technique to Encrypt and Decrypt Confidential Data within Image
A Robust Technique to Encrypt and Decrypt Confidential Data within ImageA Robust Technique to Encrypt and Decrypt Confidential Data within Image
A Robust Technique to Encrypt and Decrypt Confidential Data within Image
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSS
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied Cryptography
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a survey
 
Cn ppt
Cn pptCn ppt
Cn ppt
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network Security
 
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEWIMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
IMAGE ENCRYPTION TECHNIQUES USING FRACTAL FUNCTION: A REVIEW
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
 

Viewers also liked

Writing For The Media 12.11.10
Writing For The Media 12.11.10Writing For The Media 12.11.10
Writing For The Media 12.11.10WCG London
 
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...Richard West
 
Connective tissue identification
Connective tissue identificationConnective tissue identification
Connective tissue identificationM. Carol Carlisle
 
מדיניות תקשוב לאומית
מדיניות תקשוב לאומיתמדיניות תקשוב לאומית
מדיניות תקשוב לאומיתhagitmt
 
Supertek induction lamp catalog
Supertek induction lamp catalogSupertek induction lamp catalog
Supertek induction lamp catalogbingoeric
 
2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina
2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina
2011 Kia Soul For Sale at Keffer Kia in Charlotte, North CarolinaCourtney Boone
 
Portfolio Essentials: Expectation 7
Portfolio Essentials: Expectation 7Portfolio Essentials: Expectation 7
Portfolio Essentials: Expectation 7Jon Kelly
 
Top work capitolo 1
Top work capitolo 1Top work capitolo 1
Top work capitolo 1Etikalab
 
Orologio classicos2
Orologio classicos2Orologio classicos2
Orologio classicos2Etikalab
 
Klasse 8 gruppe 2
Klasse 8 gruppe 2Klasse 8 gruppe 2
Klasse 8 gruppe 2ingerikt
 
13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ
13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ
13th Investigator Initiated Trials, April 2011, Basking Ridge, NJExL Pharma
 
Team Performance Workout
Team Performance WorkoutTeam Performance Workout
Team Performance WorkoutAl Cini
 

Viewers also liked (20)

Edit rpp
Edit rppEdit rpp
Edit rpp
 
Writing For The Media 12.11.10
Writing For The Media 12.11.10Writing For The Media 12.11.10
Writing For The Media 12.11.10
 
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
Finding Transition States Algorithmically for Automatic Reaction Mechanism Ge...
 
Connective tissue identification
Connective tissue identificationConnective tissue identification
Connective tissue identification
 
מדיניות תקשוב לאומית
מדיניות תקשוב לאומיתמדיניות תקשוב לאומית
מדיניות תקשוב לאומית
 
Supertek induction lamp catalog
Supertek induction lamp catalogSupertek induction lamp catalog
Supertek induction lamp catalog
 
2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina
2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina
2011 Kia Soul For Sale at Keffer Kia in Charlotte, North Carolina
 
Portfolio Essentials: Expectation 7
Portfolio Essentials: Expectation 7Portfolio Essentials: Expectation 7
Portfolio Essentials: Expectation 7
 
990413社會住宅與角色2 阿姆斯特丹為例
990413社會住宅與角色2 阿姆斯特丹為例990413社會住宅與角色2 阿姆斯特丹為例
990413社會住宅與角色2 阿姆斯特丹為例
 
Top work capitolo 1
Top work capitolo 1Top work capitolo 1
Top work capitolo 1
 
Publicacion osb 2010
Publicacion osb 2010Publicacion osb 2010
Publicacion osb 2010
 
Educational technology
Educational technologyEducational technology
Educational technology
 
Orologio classicos2
Orologio classicos2Orologio classicos2
Orologio classicos2
 
Pre zimskih snova 1
Pre zimskih snova 1Pre zimskih snova 1
Pre zimskih snova 1
 
Blood moon
Blood moonBlood moon
Blood moon
 
Klasse 8 gruppe 2
Klasse 8 gruppe 2Klasse 8 gruppe 2
Klasse 8 gruppe 2
 
13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ
13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ
13th Investigator Initiated Trials, April 2011, Basking Ridge, NJ
 
Team Performance Workout
Team Performance WorkoutTeam Performance Workout
Team Performance Workout
 
Digestive system
Digestive systemDigestive system
Digestive system
 
Reproductive system
Reproductive systemReproductive system
Reproductive system
 

Similar to Network Security & Cryptography Explained

CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptPayalChopra9
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfYasmine Anino
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Petar Radanliev
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full reportharpoo123143
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPrabhatMishraAbvp
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptvinitajain703
 
Presentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYPresentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYBARATH800940
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Petar Radanliev
 
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUESA REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUESValerie Felton
 
Public Key Authentication With SSH
Public Key Authentication With SSHPublic Key Authentication With SSH
Public Key Authentication With SSHDon Norwood
 
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptPresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptso6281019
 

Similar to Network Security & Cryptography Explained (20)

Data encryption
Data encryptionData encryption
Data encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdf
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & crypto
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full report
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
Presentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYPresentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHY
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
 
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUESA REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
 
Public Key Authentication With SSH
Public Key Authentication With SSHPublic Key Authentication With SSH
Public Key Authentication With SSH
 
Group 6
Group 6Group 6
Group 6
 
cryptography
cryptographycryptography
cryptography
 
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptPresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
 

Network Security & Cryptography Explained

  • 1. NETWORKSECURITY & CRYPTOGRAPHY G.MANOGNA K.HIMATHA 3RD B.TECH 3RD B.TECH C.S.E C.S.E manogna_gudipudi@yahoo.co.in himatha_k007@yahoo.com NALANDA INSTITUTE OF ENGG & TECH KANTEPUDI,SATTENAPALLI . Abstract Network security is a complicated subject, historically only tackled by well- trained and experienced experts. However, as more and more people become ``wired'', an increasing number of people need to understand the basics of security in a networked world. This document was written manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them. Some history of networking is included, as well as an introduction to TCP/IP and internetworking . We go on to consider risk management, network threats, firewalls, and more special-purpose secure networking devices. This is not intended to be a ``frequently asked questions'' reference, nor is it a ``hands-on'' document describing how to accomplish specific functionality. It is hoped that the reader will have a wider perspective on security in general, and better understand how to reduce and manage risk personally, at home, and in the workplace.
  • 2. Cryptography and Authentication: The process of proving one's identity. (The primary forms of host-to-host Network Security authentication on the Internet today are name-based Does security provide some very or address-based, both of which are notoriously basic protections that we are naive to believe weak.) that we don't need? During this time when the • prrivacy/confidentiality: Ensuring that no Internet provides essential communication one can read the message except the intended between tens of millions of people and is receiver. being increasingly used as a tool for commerce, security becomes a tremendously • Integrity: Assuring the receiver that the important issue to deal with. There are many received message has not been altered in any aspects to security and many applications, way from the original. Ranging from secure commerce and payments to private Communications and protecting • Non-repudiation: A mechanism to prove passwords. One essential aspect for Secure that the sender really sent this message. communications is that of cryptography. Cryptography, then, not only protects data from theft or alteration, but can also be used for user Cryptography is the science of writing in authentication. secret code and is an ancient art. The first documented use of cryptography in writing • The three types of cryptographic algorithms that dates back to circa 1900 B.C. when an will be discussed are (Figure 1): Egyptian scribe used non-standard • Secret Key Cryptography (SKC): Uses a hieroglyphs in an inscription. single key for both encryption and decryption In data and Public Key Cryptography (PKC): Uses telecommunications,cryptography is necessary one key for encryption and another for when communicating over any untrusted decryption medium, which includes just about any network, particularly the Internet.Within the context of • Hash Functions: Uses a mathematical any application-to-application communication, transformation to irreversibly "encrypt" there are some specific security requirements, information including:
  • 3. both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key.Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so- called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plain text block will always 1. Secret Key Cryptography encrypt to the same cipher text when using the same key in a block cipher With secret key cryptography, a single key is whereas the same plaintext will used for both encryption and decryption. encrypt to different cipher text in a As shown in Figure the sender uses the key (or stream cipher. some set of rules) to encrypt the plain text and 2. Public key cryptography sends the cipher text to the receiver. The receiver applies the same key (or rule set) to Modern PKC was first described decrypt the message and recover the plain publicly by Stanford University professor text. Because a single key is used for both Martin Hellman and graduate student functions, secret key cryptography is also Whitfield Diffie in 1976. Their paper called symmetric encryption. described a two-key crypto system in which two parties could engage in a secure With this form of cryptography, it is communication over a non-secure obvious that the key must be known to communications channel without having to
  • 4. share a secret key. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other 4. TRUST MODELS key. One key is used to encrypt the Secure use of cryptography requires trust. plaintext and the other key is used to decrypt While secret key cryptography can ensure the cipher text. The important point message confidentiality and hash codes can here is that it does not matter which key is ensure integrity, none of this works without applied first, but that both keys are required trust. In SKC, PKC solved the secret for the process to work (Figure 1B). Because distribution problem. There are a number of a pair of keys are required, this approach is trust models employed by various also called asymmetric cryptography cryptographic schemes. 3. Hash Functions • The web of trust employed by Pretty Good Hash functions, also called message digests Privacy (PGP) users, who hold their own and one-way encryption, are algorithms that, set of trusted public keys. in some sense, use no key (Figure 1C). • Kerberos, a secret key distribution scheme Instead, a fixed-length hash value is computed using a trusted third party. based upon the plaintext that makes it impossible for either the contents or length of • Certificates, which allow a set of trusted the plaintext to be recovered. Hash algorithms third parties to authenticate each other and, are typically used to provide a digital by implication, each other's users. fingerprint of a file's contents often used to Each of these trust models differs in ensure that the file has not been altered by an complexity, general applicability, scope, and intruder or virus. Hash functions are also scalability. commonly employed by many operating systems to encrypt passwords. Hash functions, then, help preserve the integrity of a file. Types of authority • Establish identity: Associate, or bind, a public key to an individual, organization, corporate position, or other entity.
  • 5. Assign authority: Establish what actions good one. The strength of cryptography lies in the holder may or may not take based the choice (and management) of the keys; upon this certificate. longer keys will resist attack better than shorter keys • Secure confidential information (e.g., Encrypt and decrypt messages using any of encrypting the session's symmetric key for the classical substitution ciphers discussed, data confidentiality). both by hand and with the assistance of ------------------------------------------------ programs. ---------------------------- understand the concepts of language redundancy and unicity distance. Todays latest used cryptographic techniques:Hash algorithms that are in Different types of threats to network: common use today include:Message Digest (MD) algorithms • Application backdoors - Some  Secure Hash Algorithm (SHA) programs have special features that allow for remote access . Others contain bugs that provide a backdoor , Pretty Good Privacy (PGP) or hidden access , that provides some Pretty Good Privacy (PGP) is one of today's level of control of the program. most widely used public key cryptography programs. PGP can be used to sign or encrypt • SMTP session hijacking - SMTP is e-mail messages with mere click of the mouse. the most common method of Sending Depending upon the version of PGP, the e-mail over the Internet . By gaining software uses SHA or MD5 for calculating the access to a list of e- mail Addresses , a message hash; CAST, Triple-DES, or IDEA person can send unsolicited junk e-mail for encryption; and RSA or DSS/Diffie- ( spam ) to thousands of users . This is Hellman for key exchange and digital done quite often by redirecting the e- signatures. And much more techniques used. mail through the SMTP server of an Time is the only true test of good unsuspecting host , making the actual cryptography; any cryptographic scheme that sender of the spam difficult to trace. stays in use year after year is most likely a
  • 6. Operating system bugs - Like • Macros - To simplify complicated applications , some operating systems procedures , many applications allow Have backdoors . Others provide remote you to create a script of commands access with insufficient security that the application can run . This controls or have bugs that an script is known as a macro . Hackers experienced hacker can take advantage have taken advantage of this to create of . their own macros that , depending on the application , can destroy your data • Denial of service - You have probably or crash your computer . heard this phrase used in news reports on the attacks on major Web sites . • Viruses - Probably the most well-known This type of attack is nearly Impossible threat is computer viruses . A virus is a to counter . What happens is that the small program that can copy itself to hacker sends a request to the server to other computers . This way it can connect to it . When the server spread quickly from one system to the responds with an acknowledgement and next. Viruses range from harmless tries to establish a session , it cannot messages to erasing all of your data . find the system that made the request . By inundating a server with these • Spam - Typically harmless but always unanswerable session requests , a annoying , spam is the electronic hacker causes the server to slow to a equivalent of junk mail . Spam can be crawl or eventually crash. dangerous though . Quite often it contains links to Web sites . Be careful • E-mail bombs - An e-mail bomb is of clicking on these because you may usually a personal attack . Someone accidentally accept a cookie that sends you the same e-mail hundreds or provides a backdoor to your computer. thousands of times until your e-mail • Redirect bombs - Hackers can use system cannot accept any more ICMP to change ( redirect ) the Path messages . information takes by sending it to a different router . This is one of the
  • 7. ways that a denial of service attack is set up. Network security can be done by various methods. 1. Virtual Private Network: A virtual private network ( VPN ) is a way to use a public telecommunication infrastructure , such as the Internet , to provide remote Step 2. - When connectivity to the corporate offices or individual users with secure network is desired, the user initiates a tunnel request access to their organization's network. A to the destination Security server on the corporate virtual private network can be contrasted network. The security server authenticates the user with an expensive system of owned or and creates the other end of tunnel. leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities , but at a much lower cost Implementation of network security by VPN. Step 1. - The remote user dials into their local ISP Fig : a) A leased line and logs into the ISP’s network as usual. private network b) A virtual private network
  • 8. corporate network. Any information sent back to the Remote user is also encrypted before being sent over the Internet. Step 3. - The user then sends data through the tunnel which encrypted by the VPN software before being sent over the ISP connection. 2.Firewalls: A firewall provides a strong barrier between your private network and the Internet . You can set firewalls to restrict the number of open ports , what type of packets are passed through and which protocols are allowed through . You should already have a good firewall in place before you implement a VPN , but a firewall can also be used to terminate the VPN sessions . Step 4. - The destination Security server receives Fig2: A fire wall consisting of two packet filters and the encrypted data and decrypts. The Security server an application gateway then forwards the decrypted data packets onto the
  • 9. 3.IPSec - client , the Request is proxies to the AAA Internet Protocol Security Protocol (IPSec) server . AAA then checks the following : provides enhanced security features such as Who you are (authentication) better encryption algorithms and more What you are allowed to do (authorization) comprehensive authentication . IPSec has two What you actually do (accounting) The accounting encryption modes : tunnel and transport . Tunnel information is especially useful for tracking encrypts the header and the payload of each client. Use for security auditing , billing or packet while transport only encrypts the reporting purposes . payload. Only systems that are IPSec compliant can take advantage of this Protocol . Also , all devices must use a common key and the firewalls of each network must have very similar security policies set up. IPSec can encrypt data between various devices , such as : Router to router Firewall to router PC to router PC to server A software firewall can be installed on the REFRERNCES computer in your home that has an Internet - connection . This computer is considered a - gateway because it provides the only 1.The New Lexicon Webster's Encyclopedic point of access between your home network and the Internet . Dictionary of the English Language. New York: Lexicon. 1.Cryptography And Network Security -- William 4. AAA Server - AAA (authentication , Stallings authorization and accounting) 2.R.T. Morris, 1985. A Weakness in the 4.2BSD servers are used for more secure access in a Unix TCP/IP Software. Computing & Science remote-access VPN environment . When a request Technical Report No. 117, AT&T Bell to establish a session comes in from a dial up
  • 10. Laboratories, Murray Hill, New Jersey . 4.S.M. Bellovin. Security Problems in the TCP/IP 3.COMPUTER NETWORKS ---ANDREW S. Protocol Suite. Computer Communication Review, TENAUNBAUM Vol. 19, No. 2, pp. 32-48, April 1989.