Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Infomration & network security


Published on

Cryptography Basics, Types of Attacks

Published in: Technology
  • Be the first to comment

Infomration & network security

  1. 1. Mr. Pawar R.B. Information Network Security
  2. 2. Introduction:  Information is an asset  Security Goals  Confidentiality:  Not only storage information but also transmission of information  Integrity:  Changes need to done by authorized entities  Availability:  Information available when needed to the authorized entities.
  3. 3. Cryptographic Attacks  Two Types 1. Cryptanalytic Attacks:  Combination of statistical and algebraic techniques aimed at ascertaining the secret key of a cipher  Efficient attacks will try “divide and conquer” strategy to reduce the complexity of guessing the key from the brute force search complexity  An attack is successful if the guessing complexity is lesser than brute force search complexity, although it may be practically infeasible 2. Non-cryptanalytic Attacks:  It threaten to security goals (confidentiality, integrity & availability)
  4. 4. Non- cryptanalytic Attacks Threat to availability Threat to confidentiality Threat to integrity Fig: Taxonomy of attacks with relation to security goals Security Attacks Snoopin g Traffic Analysis Modificatio n Denial of Services Repudiatio n Replaying Masquerad ing
  5. 5.  Snooping:  unauthorized access to or interception of data  Traffic Analysis:  It can obtain some other information by monitoring online traffic.  Modification: after accessing the information, the ataacker modifies the information to make it beneficial to herself.  Masquerading: masquerading or snooping happens when the attacker impersonates somebody else.  Replaying: attacker obtains a copy of a massage sent by a user and later tries to replay it.  Repudiation: it is different from others becoz it is performed by one of the two parties in the
  6. 6. Passive Vs Active Attacks Attacks Passive / Active Threatening Snooping, Traffic analysis Passive Confidentiality Modification, Masquerading, Replay, Repudiation Active Integrity Denial of Services Active Availability  Passive Attacks:  The attacker goal is just to obtain information  Does not modify data or harm the system  Difficult to detect until the sender or receiver finds out about leaking of confidential information  Can be prevent by encipherment  Active Attacks:  May change the data or harm the system  Easier to detect than to prevent