The document discusses cryptography and the principles of encrypting messages to make them unintelligible and then decrypting them. It covers plaintext vs ciphertext and different encryption algorithms. It also summarizes security mechanisms like encipherment and digital signatures. It defines security services like confidentiality, authentication, integrity and non-repudiation. It discusses public key distribution schemes and signature schemes. It outlines authentication requirements to prevent attacks like disclosure, traffic analysis and masquerade. It also covers authenticator types and Pretty Good Privacy (PGP) key requirements.

1. By:
P. Gayathri
I M.Sc CS

2. Cryptography The art or science encompassing the principles and
methods of transforming an intelligible message into one that is
unintelligible, and then retransforming that message back to its
original form
Plaintext The original intelligible message Cipher text The
transformed message Cipher An algorithm for transforming an
intelligible message into one that is unintelligible by transposition
and/or substitution methods

3. SECURITY MECHANISMS
One of the most specific security mechanisms in use is cryptographic
techniques. Encryption or encryption-like transformations of
information are the most common means of providing security. Some
of the mechanisms are
1 Encipherment
2 Digital Signature
3 Access Control

4. SECURITY SERVICES The classification of security services are as
follows:
Confidentiality: Ensures that the information in a computer system a n
d transmitted information are accessible only for reading by authorized
parties. E.g. Printing, displaying and other forms of disclosure.
Authentication: Ensures that the origin of a message or electronic
document is correctly identified, with an assurance that the identity is
not false.
Integrity: Ensures that only authorized parties are able to modify
computer system assets and transmitted information. Modification
includes writing, changing status, deleting, creating and delaying or
replaying of transmitted messages.
Non repudiation: Requires that neither the sender nor the receiver of a
message be able to deny the transmission. Access control: Requires that
access to information resources may be controlled by or the target

5. Public-Key Distribution Schemes (PKDS) - where the scheme is used to securely exchange
a single piece of information (whose value depends on the two parties, but cannot be set).
This value is normally used as a session key for a private-key scheme o Signature
Schemes - used to create a digital signature only.
the private-key signs (create) signatures, and the public-key verifies signatures Public
Key Schemes (PKS) - used for encryption, where the public-key encrypts messages, and
the private-key decrypts messages.

6. AUTHENTICATION REQUIREMENTS In the context of communication across a network,
the following attacks can be identified:
Disclosure – releases of message contents to any person or process not possessing the
appropriate cryptographic key.
Traffic analysis – discovery of the pattern of traffic between parties. Masquerade – insertion of
messages into the network fraudulent source.
Content modification – changes to the content of the message, including insertion deletion,
transposition and modification.
Sequence modification – any modification to a sequence of messages between parties, including
insertion, deletion and reordering.
Timing modification – delay or replay of messages. Source repudiation – denial of transmission
of message by source.
Destination repudiation – denial of transmission of message by destination.

7. The different types of functions that may be used to produce
an authenticator are as follows:
Message encryption – the cipher text of the entire message
serves as its authenticator.
Message authentication code (MAC) – a public function of
the message and a secret key that produces a fixed length
value serves as the authenticator.
Hash function – a public function that maps a message of
any length into a fixed length hash value, which serves as
the authenticator.

8. Basic constraints:
Indicates if the subject may act as a CA. If so, a certification path length constraint may be
specified.
Name constraints: Indicates a name space within which all subject names in subsequent
certificates in a certification path must be located.
Policy constraints: Specifies constraints that may require explicit certificate policy identification
or inhibit policy mapping for the remainder of the certification path.

9. Three separate requirements can be identified with respect to these keys:
A means of generating unpredictable session keys is needed.
It must allow a user to have multiple public key/private key pairs.
Each PGP entity must maintain a file of its own public/private key pairs
as well as a file of public keys of correspondents.

10. Deletion, addition, or reordering of carriage return and linefeed o
Truncating or wrapping lines longer than 76 characters Removal of
trailing white space (tab and space characters) o Padding of lines in a
message to the same length o Conversion of tab characters into multiple
space characters

11. Thank you