SlideShare a Scribd company logo

Network Security

Download as PPTX, PDF
M
moviebro1

The document discusses network security and related concepts. It defines network security as protecting computer systems and networks from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. It identifies key security goals of confidentiality, integrity and availability. Various security attacks like passive attacks that obtain information and active attacks that modify data are described. The document also outlines security services, mechanisms and basic cryptography terminology to provide network security.

1 of 40
Network Security • Security is the ability of a system to protect information and system resources with respect to confidentiality and integrity. • Computer security is the security applied to computer peripherals (such as computers and Smartphone's) as well as computer networks (such as private networks, including the Internet and public networks). • This field covers all processes and mechanisms to protect devices, information and digital services against unauthorized or unauthorized access, tampering or destruction (damage) attempts. • It is sometimes referred to as "cyber security" or "IT security“ or Network Security
Security Goal 1. Confidentiality :  A security goal that defines procedures to hide information from an unauthorized access.  Ensuring that information is not accessed by unauthorized persons.  Confidentiality is concerned with preventing unauthorized disclosure of sensitive information.  For Ex. I. In the industry, the information of competitors must be hidden so that the organization can function properly. II. In banking, customers account need to be kept secret.  Confidentiality applies not only to the storage of information, but also to the transmission of information. Security Goals Confidentiality Integrity Availability
2. Integrity:-  Means that changes need to be done only by authorized entities and through authorized mechanisms  information protected from unauthorized change is called integrity.  For ex. In a bank, when a customer deposit or withdraws money, the balance of her account needs to be changed and only desired customer know this.  Integrity violations do not necessarily result from malicious behavior. System interruption (such as an increase in voltage) may also cause unexpected changes in some information. 3. Authentication :-  Means assuring that a communication is authentic.  Ensuring that users are the person they claim to be.
Security Attack Passive Releases of message contents Traffic Analysis Active Masquerade Replay Modification of Message Contents Denial of Service Security Attacks  Any action that compromises the security of information owned by an organization is security attack or  An attack that threatening the security goals of a system is a security attacks.  According to G. J. Simmons “Information security is way to prevent attack or, failing that, to detect attack in information-based system where in the information itself has no meaningful physical existence”. Type of Attacks
A. Passive Attack A type of attack in which the attacker’s goal is to obtain information that is being transmitted. The attack does not modify data or harm the system. The nature of Passive attacks are eavesdropping on (जासूसी), or monitoring of, transmissions. The revealing or diagnose of the information may harm the sender or receiver of the massage, but the system is not affected. Passive attack can be prevented by encipherment of the data. Two types of passive attacks are Release of message contents and Traffic analysis. 1. Release Of Message Contents :- Unauthorized access to confidential information or interception of data. Some time it is also called snooping. For ex., Wiretapping to capture data in a network. The unauthorized copying of files or programs.
Fig.1 Release Of Message Contents Fig.2 Traffic Analysis 2. Traffic Analysis:- In this, attacker observe the pattern of the messages that is length of messages, frequency of massages or network resources available. This kind of information is helpful for getting knowledge about communication channel and its capacity, or this information might be useful in guessing the nature of the communication that was taking place. A B C Internet or other facility C read content of the massage from A to B A B C Internet or other facility Observe pattern of messages from A to B
B. Active Attacks • Active attacks involve some modification of the data stream or the creation of a false stream. These attacks may changes the data or harm the system. Active attacks are easier to detect than to prevent because an attacker can start them in a verity of way. • They are four types: Masquerade, Replay, Modification of message, Denial of service. I. Masquerade or Spoofing: happens when the attacker impersonates somebody else. A masquerade takes place when one entity pretends (imagine) to be different entities.  It uses a fake identity such a network identity to gain unauthorized access to personal computer information through legitimate access identification.  For Ex. An attacker take the bank card and PIN of a bank customer and pretends (act as if) that she is that customer. Sometimes the attacker pretends instead to be the receiver entity.
• For Ex. A user tries to contact a bank, but another site pretends that is the bank and obtains some information from the user. Fig. Masquerade 2. Replay:- In this the attacker intercepts the message and resends it again. That is the attacker obtains a copy of message sent by a user and later tries to replay it. C A B Message from C that appear to be from A Internet or other facility C A B Capture messages from A to B later replay message to B Fig. Replay
3. Modification of message:-after intercepting or accessing information, the attacker modifies the information to make it beneficial to herself. It involves some change in original message this mean that some portion of a legitimate message is altered, delayed or reordered.  For Ex. A customer sends a message to a bank to do some transaction. The attacker intercept the message and changes the type of transaction to benefit herself. Fig. Modification of message 3. Denial of Service:- सेवा से इनकार it may slow down or totally interrupt the service of a system. The attacker can use several strategies to achieve this. She might send so many false requests to a server that the server crashes because of the heavy load. Internet or other facility C A B C modifies messages from A to B
 The attacker might intercept and delete a server’s response to a client, making the client to believe that the server is not responding.  For Ex. an unauthorized user might send too many login requests to a server using random user ids one after the other in quick succession, so as to flood the network and deny other legitimate users from using the network facilities. C A B C disrupt serves provided by server and presser user A to communicate B Fig. Denial of Service
Security Services  International Telecommunication Union Telecommunication (ITU) X.800 defines a security service as a service provided by the protocol system to communicate on an open system to ensure sufficient security of system or transfers of data.  We define security service as “a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms”. X.800 divides these services into five categories : Security Service Authent ication Access Control Non repudiation Data Integrity, Data Confide ntiality
1. Authentication: In the authentication service, we make sure that communication is done reliably (faithfully) i.e. it verifies. In the case of a single message, (e.g. a warning or alarm signal), function of the authentication service to ensure that the message originates from the creator of the complaint. A. Peer entity authentication:- In connection oriented communication, it provides authentication of the sender or receiver during the connection establishment B. Data origin authentication:- In connectionless communication, it authenticates the source of the data Authentication Peer entity authentication Data origin authentication
2. Access control :- Provides protection against unauthorized access to data. In the context of network security, access control is the ability to limit and control the access to host systems and applications via communications links. To do this, it is first necessary to identify or verify each entity that attempts to access so that the access rights can be customized for personal use. 3. Data Confidentiality:- Protect your data against unauthorized disclosure/ broadcaster. Confidentiality is the protection of data transmitted by passive attacks. It is possible to identify different levels of protection with respect to the content of the data transfer. Data Confidentiality Connection Confidentiality Connectionless Confidentiality Traffic Flow Confidentiality Selective-Field Confidentiality
A. Connection Confidentiality:-The protection of all user data on a connection. B. Connectionless Confidentiality:-The protection of all user data in a single data block. C. Selective-Field Confidentiality:-The confidentiality of selected fields within the user data on a connection or in a single data block. D. Traffic Flow Confidentiality:-The protection of the information that might be derived from observation of traffic flows. 4. Data Integrity :-The assurance that data received are exactly as sent by an authorized entity (i.e.to protect data from modification, insertion, deletion, or replaying by an adversary). It may protect the whole message or part of the message.
i. Connection Integrity with Recovery:- It provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, and tries to recover. ii. Connection Integrity without Recovery:-As above, but provides only detection without recovery. iii. Selective-Field Connection Integrity:- It guarantees the integrity of selected field within the user data in the transmitted data block and determines the selected field to be modified, inserted, deleted, or replayed. iv. Connectionless Integrity:- It guarantees the integrity of a single data block that is not connected and can take the form of detection of data modification. In addition, a limited form of replay detection can be provided. v. Selective-Field Connectionless Integrity:-Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified.
5. Non repudiation:-Non repudiation prevents either sender or receiver from denying a transmitted message. • Non repudiation, Origin:-Proof that the message was sent by the specified party. when a message is sent, the receiver can prove that the alleged sender in fact sent the message. • Non repudiation, Destination:-Proof that the message was received by the specified party. when a message is received, the sender can prove that the alleged receiver in fact received the message.
Security Mechanisms A Security Mechanisms designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocols. Security Mechanisms Encipherment Digital Signature Routing Control TrafficPadding Authentication Exchange Data Integrity Access Control Notarization 1. Encipherment:-it hiding or converting data, it can provide confidentiality. It also be used to complement other mechanisms to provide other services. Two techniques are: Cryptography Steganography
2. Digital Signature: a DS is a means by which the sender can electrically sign the data and the receiver can electrically verify the signature. The sender uses a process that involves showing that she owns a private key related to the public key that she has announced publicly. The receiver uses the sender’s public key to prove that the message is indeed signed by the sender who claims to have sent the message. 3. Access Control: Access control uses methods to prove that a user has access right to the data or resources owned by a system. Ex. Of proofs are passwords and PIN 4. Data Integrity: This mechanism appends to the data a short check value (checksum) that has been created by a specific process from the data itself. The receiver receives the data and the check value. He creates a new check value from the received data and compares it with previous value. If the two check values are the same, the integrity of the data has been accepted.
5. Authentication Exchange: In authentication exchange two parties exchange some message to prove identify to each other or they can show there some unique identity with each other. For ex. One entity can prove that she knows a secret that only she is supposed to know. 6. Traffic Padding: Traffic padding means inserting some bogus (false) data into the data traffic to fail the attacker’s attempts of traffic analysis. 7. Routing Control: Routing control means selecting and continuously changing different available routers between the sender and the receiver to prevent the attacker from eavesdropping on a particular route. 8. Notarization: Notarization means selecting a third trusted party to control the communication between two entities. This can be done, for example, to prevent repudiation. The receiver can involve a trusted party to store the sender request in order to prevent the sender from later denying that she has made such a request.
Basic Terminology • Plaintext:- The original form of a message is known as plaintext or we can say that plaintext is the original intelligible message or data that is fed into the algorithm as input. • Ciphertext: The message that is sent through the channel is called ciphertext. This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertext. The ciphertext is an actually random stream of data and, as it stands, is unintelligible. • Encryption : it is a method of transforming original data(plaintext) into unreadable form (ciphertext). Encryption Plaintext Ciphertex t
• Decryption: it is a method of transforming unreadable data (ciphertext) into original data(plaintext) . • Encryption Algorithm To create the ciphertext from the plaintext, we use an encryption method and a shared secret key is called encryption algorithm. (two simple forms of encryption: substitutions in which one letter is exchanged for another and transpositions, in which the order of the letters is rearranged. ) • Decryption Algorithm : To create the plaintext from the ciphertext, we use a decryption method and same shared secret key is called Decryption algorithm. • Ciphers: Encryption and decryption algorithm is called ciphers. • Key: A key is a set of values(numbers) that the cipher, as an algorithm, operates on. Decryption Plaintext Ciphertex t
• Mono alphabetic substitution cipher: Relationship between cipher text symbol and plain text symbol is 1:1. • Additive cipher: • Key value is added to plain text and numeric value of key ranges from 0 – 25. • Example: • Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14) • Key (K)=15 • Cipher text (C)= 7+15,4+15,11+15,11+15,14+15 = 22,19, 26,26,(29%26)=3 = W T AAD
• Cryptography:- Cryptography is a Greek word means “secret writing”. Cryptography refers to the science and art of secret writing of transforming message to make them secure and protected to attacks. • If P is a plaintext, C is the ciphertext, and K is the key then Encryption: C=Ek(P) Decryption: P=Dk(C) Cryptography are two types (1) Symmetric-key: If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption. (2) Asymmetric-key : If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or public-key encryption. • Cryptanalysis-As cryptography is the science and art of crating secret code while cryptanalysis is the science and art of breaking those codes.
Classical Encryption Techniques • Symmetric Cipher Model • Substitution Techniques • Transposition Techniques • Steganography 1. Symmetric Cipher Model: A symmetric encryption scheme has five ingredients (element):Plaintext, Ciphertext, Encryption algorithm, Decryption algorithm, Secret key.  Feature we do not need to keep the algorithm secret; we need to keep only the key secret. 2. Substitution Techniques: A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution require replacing plaintext bit patterns with ciphertext bit patterns. There are following types of substitution techniques.
I. Caesar Cipher: The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. For example, plain: meet me after the toga party cipher: PHHW PH DIWHU WKH WRJD SDUWB Let us assign a numerical equivalent to each letter: Then the algorithm can be expressed as follows. For each plaintext letter p, substitute the ciphertext letter C: C = E(3, p) = (p + 3) mod 26 A shift may be of any amount, so that the general Caesar algorithm is
C = E(k, p) = (p + k) mod 26 where k takes on a value in the range 1 to 25. The decryption algorithm is simply p = D(k, C) = (C k) mod 26 Three important characteristics of are  The encryption and decryption algorithms are known.  There are only 25 keys to try.  The language of the plaintext is known and easily recognizable. • Monoalphabetic Ciphers: Relationship between cipher text symbol and plain text symbol is 1:1. • Key value is added to plain text and numeric value of key ranges from 0 – 25. Example: Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14) Key (K)=15 Cipher text (C)= 7+15,4+15,11+15,11+15,14+15 = 22,19, 26,26,(29%26)=3 = W T A AD
• Polyalphabetic substitution cipher : In polyalphabetic cipher each occurrence of a character may have different substitution. The relationship between characters in plain text and cipher text is 1 to many. • Playfair cipher • Hill cipher • Auto key cipher • Vigenere cipher • Playfair cipher :In playfair cipher the secret key is made of 25 characters arranged in 5x5 matrix : • Rules:-  If 2 letters in a plaintext are located in the same row of the secret key then the corresponding encrypted character for each letter is next letter to the right.  If 2 letters in a pair are in same column then the corresponding encrypted character is next below in the same column.  If 2 letters are neither in same row or in same column then encrypted character is in its own row but in the same column as the other character.
• For Ex. Let us encrypt the plaintext “hello” using the key given below We dropped the letter in the matrix diagonally starting from the top right-hand corner. Before encryption, if two letter in a pair are the same, a bogus letter is inserted to separate them. After inserting bogus letter, if the number of characters in the plaintext is odd, one extra bogus character is added at the end to make the number of character even. • Solution: First make pair, we get “he, ll, o”. We need to insert a X between two ll. Hence pair is “he, lx, lo” he--> EC lx-->QZ lo-->BX Hence cipher: ECQZBX
• Auto key cipher:  In this cipher, key is stream of subkeys in which subkey is used to encrypt the corresponding character in the plain text.  Here 1st subkey is predefined and 2nd subkey is the value of the 1st character of the plain text 3rd subkey is the value of the 2nd plain text and so on. • Ex. If the initial key value=12 and plaintext is “attack is today” then ciphertext is
• Plaintext= “she is listening” and initial key stream=Pascal Solution: Since the key stream Pascal(15,0,18,2,0,11) is the repetition of this initial key stream as many times as needed. • Hill Cipher: The encryption algorithm takes m successive plaintext letters and substitutes for
• c1 = (k11P1 + k12P2 + k13P3) mod 26 • c2 = (k21P1 + k22P2 + k23P3) mod 26 • c3 = (k31P1 + k32P2 + k33P3) mod 26 • This can be expressed in term of column vectors and matrices: Or • C = KP mod 26, where C and P are column vectors of length 3, representing the plaintext and ciphertext, and K is a 3 x 3 matrix, representing
The first three letters of the plaintext are represented by the vector
• Transposition ciphers: it changes the location of the symbols. A symbol in the first position of the plaintext may appear in the tenth position of the ciphertext. A symbol in the eighth position in the plaintext may appear in the first position of the ciphertext. In other words, a transposition cipher reorders (transposes) the symbols. 1. Keyless transposition ciphers 2. keyed transposition ciphers 3. Combining two approaches • Keyless transposition ciphers: There are two methods for permutation of characters. In the method, the text is written into a table column by column and then transmitted row by row. In the second method, the text is written into the table row by row and then transmitted column by column. • Good ex. Is rail fence cipher. In this plaintext is arranged in two lines as zigzag pattern, the ciphertext is created reading the pattern row by row.
• Plaintext:"meet me after the toga party“ Key: rail fence cipher Solution row by row mematrhtgpryetefeteoaat • Plaintext:"meet me after the toga party“ Key: rail fence cipher Solution column by column mmthgreeeeateartpytftoa
• Keyed transposition cipher: in this divide the plaintext into groups of predetermined size, called blocks, and then use a key to permute the characters in each block separately. • Plaintext: “enemy attacks tonight” • solution
• Steganography: The word steganography, with origin in Greek, mean “covered writing”, in contrast with cryptography, which means “secret writing”. Cryptography means hiding the contents of a message by enciphering; while steganography means hide the message itself by covering it with something else. • Today, any form of data, such as text, image, or video, can be digitized, and it is possible to insert secret binary information into the data during digitization process. Such hidden information is not necessarily used for secrecy; it can also be used to protect copyright, prevent tampering, or add extra information. • It can be implemented using text cover or image cover. • Text cover: the cover of secret data can be text. There are several ways to insert binary data into an safe text. We can use single space between words to represent the binary digit 0 and double space to represent binary digit 1.
• Plaintext: “this book is mostly about cryptography and not steganography” • Steganography: text cover Solution: That is steganography message is “this book is mostly about cryptography and not steganography” 0 1 0 0 0 0 0 1 But he write as “this book is mostly about cryptography and not a steganography” because the message 01000001 in ASCII code mean A.  Image cover: secret data can also be covered under a color image. Digitized images are made of pixels in which data can be hidden. • Invisible ink: A number of substances can be used for writing but leave no visible trace until heat or some chemical is applied to the paper.(lemon juice)
• Character marking: Selected letters of printed or typewritten text are overwritten in pencil. The marks are ordinarily not visible unless the paper is held at an angle to bright light. • Pin punctures: Small pin punctures on selected letters are ordinarily not visible unless the paper is held up in front of a light. Cryptanalysis : A cryptography is the science and art of creating secret codes while cryptanalysis is the science and art of breaking those code. Cryptanalysis does not needed to break the code of others only, but it is necessary to understand the weakness of our cryptosystem. The study of cryptanalysis helps us to develop better secret code. Cryptanalytic attacks depend on the nature of the algorithm as well as knowledge of the general characteristics of the plaintext. This type of attack uses the properties of the algorithm to try to guess a certain plain text and guess the used key. They are four types.
I. Ciphertext-only II. Known-plaintext III. Chosen-plaintext IV. Chosen-ciphertext I. Ciphertext-only :In this types of attack, attacker has access to only to the ciphertext and tries to find the corresponding key and the plaintext. The hypothesis is that attacker knows the algorithm and can intercept the ciphertext. They are basically three types I. Brute-Force Attack II. Statistical attack
III. Chosen-plaintext: it is similar to known- plaintext attack, but the plaintext/ciphertext pair have been chosen by the attacker herself. IV. Chosen-ciphertext: This is similar to the chosen- plaintext attack, except that attacker chooses some ciphertext and decrypts it to form a ciphertext/plaintext pair.

Recommended

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
Dr.Florence Dayana
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
Kabul Education University
 
Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 Authentication
Information Technology
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
UTD Computer Security Group
 
IP Security
IP SecurityIP Security
IP Security
Ambo University
 

Recommended

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
Dr.Florence Dayana
 
Network Security Goals
Network Security GoalsNetwork Security Goals
Network Security Goals
Kabul Education University
 
Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 Authentication
Information Technology
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
UTD Computer Security Group
 
IP Security
IP SecurityIP Security
IP Security
Ambo University
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
Vidulatiwari
 
Email security
Email securityEmail security
Email security
Ahmed EL-KOSAIRY
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Naveen Kumar
 
Authentication Application in Network Security NS4
Authentication Application in Network Security NS4Authentication Application in Network Security NS4
Authentication Application in Network Security NS4
koolkampus
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
Vittorio Giovara
 
Kerberos
KerberosKerberos
Kerberos
Rahul Pundir
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
Pushkar Dutt
 
User authentication
User authenticationUser authentication
User authentication
CAS
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Adam Reagan
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
Mohammed Adam
 
kerberos
kerberoskerberos
kerberos
sameer farooq
 
Intruders
IntrudersIntruders
Intruders
ALOK KUMAR
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
Unit 1
Unit 1Unit 1
Unit 1
KRAMANJANEYULU1
 
Unit 1
Unit 1Unit 1
Unit 1
Vinod Kumar Gorrepati
 

More Related Content

What's hot

Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
Vidulatiwari
 
Email security
Email securityEmail security
Email security
Ahmed EL-KOSAIRY
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Naveen Kumar
 
Authentication Application in Network Security NS4
Authentication Application in Network Security NS4Authentication Application in Network Security NS4
Authentication Application in Network Security NS4
koolkampus
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
Vittorio Giovara
 
Kerberos
KerberosKerberos
Kerberos
Rahul Pundir
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
Pushkar Dutt
 
User authentication
User authenticationUser authentication
User authentication
CAS
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Adam Reagan
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
Mohammed Adam
 
kerberos
kerberoskerberos
kerberos
sameer farooq
 
Intruders
IntrudersIntruders
Intruders
ALOK KUMAR
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 

What's hot (20)

Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
 
Email security
Email securityEmail security
Email security
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Authentication Application in Network Security NS4
Authentication Application in Network Security NS4Authentication Application in Network Security NS4
Authentication Application in Network Security NS4
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
 
Kerberos
KerberosKerberos
Kerberos
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
User authentication
User authenticationUser authentication
User authentication
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
kerberos
kerberoskerberos
kerberos
 
Intruders
IntrudersIntruders
Intruders
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 

Similar to Network Security

Unit 1
Unit 1Unit 1
Unit 1
KRAMANJANEYULU1
 
Unit 1
Unit 1Unit 1
Unit 1
Vinod Kumar Gorrepati
 
Unit 1
Unit 1Unit 1
Unit 1
Vinod Kumar Gorrepati
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
Bhadra Gowdra
 
IT.pptx
IT.pptxIT.pptx
IT.pptx
RaaviKapoor
 
Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security Introduction
Alwyn Rajiv
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
sneha padhiar
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Security
jp tj
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
UmangThakkar26
 
Cyber Security Part-I.pptx
Cyber Security Part-I.pptxCyber Security Part-I.pptx
Cyber Security Part-I.pptx
RavikumarVadana
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
SHUBHA CHATURVEDI
 
The Road Network security
The Road Network securityThe Road Network security
The Road Network security
Khaled Omar
 
Unit-1.pptx
Unit-1.pptxUnit-1.pptx
Unit-1.pptx
ssuseref9c81
 
CSI-ZG-513
CSI-ZG-513CSI-ZG-513
CSI-ZG-513
rajeshkongath1
 
cryptographic security
cryptographic securitycryptographic security
cryptographic security
Priyamvada Singh
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdf
surajthakur474818
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
karthikasivakumar3
 
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxCH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
sangeeta borde
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
osama elfar
 

Similar to Network Security (20)

Unit 1
Unit 1Unit 1
Unit 1
 
Unit 1
Unit 1Unit 1
Unit 1
 
Unit 1
Unit 1Unit 1
Unit 1
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
IT.pptx
IT.pptxIT.pptx
IT.pptx
 
Cryptography Network Security Introduction
Cryptography Network Security IntroductionCryptography Network Security Introduction
Cryptography Network Security Introduction
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Security
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cyber Security Part-I.pptx
Cyber Security Part-I.pptxCyber Security Part-I.pptx
Cyber Security Part-I.pptx
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
 
The Road Network security
The Road Network securityThe Road Network security
The Road Network security
 
Unit-1.pptx
Unit-1.pptxUnit-1.pptx
Unit-1.pptx
 
CSI-ZG-513
CSI-ZG-513CSI-ZG-513
CSI-ZG-513
 
cryptographic security
cryptographic securitycryptographic security
cryptographic security
 
typesofattacks-180418113629.pdf
typesofattacks-180418113629.pdftypesofattacks-180418113629.pdf
typesofattacks-180418113629.pdf
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCENETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
NETWORK SECURITY-K.GAYADRI-II-MSC COMPUTER SCIENCE
 
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptxCH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
CH2_CYBER_SECURITY_FYMSC(DS)-MSC(CS)-MSC(IMCA).pptx
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 

Recently uploaded

Digital Artefact 1 - Tiny Home Environmental Design
Digital Artefact 1 - Tiny Home Environmental DesignDigital Artefact 1 - Tiny Home Environmental Design
Digital Artefact 1 - Tiny Home Environmental Design
amberjdewit93
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
adhitya5119
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
Celine George
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
Priyankaranawat4
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
taiba qazi
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Akanksha trivedi rama nursing college kanpur.
 
Advanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docxAdvanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docx
adhitya5119
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold MethodHow to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
Celine George
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
PECB
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
heathfieldcps1
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
National Information Standards Organization (NISO)
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
Dr. Mulla Adam Ali
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
WaniBasim
 

Recently uploaded (20)

Digital Artefact 1 - Tiny Home Environmental Design
Digital Artefact 1 - Tiny Home Environmental DesignDigital Artefact 1 - Tiny Home Environmental Design
Digital Artefact 1 - Tiny Home Environmental Design
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
 
Advanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docxAdvanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docx
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold MethodHow to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
 

Network Security

  • 1. Network Security • Security is the ability of a system to protect information and system resources with respect to confidentiality and integrity. • Computer security is the security applied to computer peripherals (such as computers and Smartphone's) as well as computer networks (such as private networks, including the Internet and public networks). • This field covers all processes and mechanisms to protect devices, information and digital services against unauthorized or unauthorized access, tampering or destruction (damage) attempts. • It is sometimes referred to as "cyber security" or "IT security“ or Network Security
  • 2. Security Goal 1. Confidentiality :  A security goal that defines procedures to hide information from an unauthorized access.  Ensuring that information is not accessed by unauthorized persons.  Confidentiality is concerned with preventing unauthorized disclosure of sensitive information.  For Ex. I. In the industry, the information of competitors must be hidden so that the organization can function properly. II. In banking, customers account need to be kept secret.  Confidentiality applies not only to the storage of information, but also to the transmission of information. Security Goals Confidentiality Integrity Availability
  • 3. 2. Integrity:-  Means that changes need to be done only by authorized entities and through authorized mechanisms  information protected from unauthorized change is called integrity.  For ex. In a bank, when a customer deposit or withdraws money, the balance of her account needs to be changed and only desired customer know this.  Integrity violations do not necessarily result from malicious behavior. System interruption (such as an increase in voltage) may also cause unexpected changes in some information. 3. Authentication :-  Means assuring that a communication is authentic.  Ensuring that users are the person they claim to be.
  • 4. Security Attack Passive Releases of message contents Traffic Analysis Active Masquerade Replay Modification of Message Contents Denial of Service Security Attacks  Any action that compromises the security of information owned by an organization is security attack or  An attack that threatening the security goals of a system is a security attacks.  According to G. J. Simmons “Information security is way to prevent attack or, failing that, to detect attack in information-based system where in the information itself has no meaningful physical existence”. Type of Attacks
  • 5. A. Passive Attack A type of attack in which the attacker’s goal is to obtain information that is being transmitted. The attack does not modify data or harm the system. The nature of Passive attacks are eavesdropping on (जासूसी), or monitoring of, transmissions. The revealing or diagnose of the information may harm the sender or receiver of the massage, but the system is not affected. Passive attack can be prevented by encipherment of the data. Two types of passive attacks are Release of message contents and Traffic analysis. 1. Release Of Message Contents :- Unauthorized access to confidential information or interception of data. Some time it is also called snooping. For ex., Wiretapping to capture data in a network. The unauthorized copying of files or programs.
  • 6. Fig.1 Release Of Message Contents Fig.2 Traffic Analysis 2. Traffic Analysis:- In this, attacker observe the pattern of the messages that is length of messages, frequency of massages or network resources available. This kind of information is helpful for getting knowledge about communication channel and its capacity, or this information might be useful in guessing the nature of the communication that was taking place. A B C Internet or other facility C read content of the massage from A to B A B C Internet or other facility Observe pattern of messages from A to B
  • 7. B. Active Attacks • Active attacks involve some modification of the data stream or the creation of a false stream. These attacks may changes the data or harm the system. Active attacks are easier to detect than to prevent because an attacker can start them in a verity of way. • They are four types: Masquerade, Replay, Modification of message, Denial of service. I. Masquerade or Spoofing: happens when the attacker impersonates somebody else. A masquerade takes place when one entity pretends (imagine) to be different entities.  It uses a fake identity such a network identity to gain unauthorized access to personal computer information through legitimate access identification.  For Ex. An attacker take the bank card and PIN of a bank customer and pretends (act as if) that she is that customer. Sometimes the attacker pretends instead to be the receiver entity.
  • 8. • For Ex. A user tries to contact a bank, but another site pretends that is the bank and obtains some information from the user. Fig. Masquerade 2. Replay:- In this the attacker intercepts the message and resends it again. That is the attacker obtains a copy of message sent by a user and later tries to replay it. C A B Message from C that appear to be from A Internet or other facility C A B Capture messages from A to B later replay message to B Fig. Replay
  • 9. 3. Modification of message:-after intercepting or accessing information, the attacker modifies the information to make it beneficial to herself. It involves some change in original message this mean that some portion of a legitimate message is altered, delayed or reordered.  For Ex. A customer sends a message to a bank to do some transaction. The attacker intercept the message and changes the type of transaction to benefit herself. Fig. Modification of message 3. Denial of Service:- सेवा से इनकार it may slow down or totally interrupt the service of a system. The attacker can use several strategies to achieve this. She might send so many false requests to a server that the server crashes because of the heavy load. Internet or other facility C A B C modifies messages from A to B
  • 10.  The attacker might intercept and delete a server’s response to a client, making the client to believe that the server is not responding.  For Ex. an unauthorized user might send too many login requests to a server using random user ids one after the other in quick succession, so as to flood the network and deny other legitimate users from using the network facilities. C A B C disrupt serves provided by server and presser user A to communicate B Fig. Denial of Service
  • 11. Security Services  International Telecommunication Union Telecommunication (ITU) X.800 defines a security service as a service provided by the protocol system to communicate on an open system to ensure sufficient security of system or transfers of data.  We define security service as “a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms”. X.800 divides these services into five categories : Security Service Authent ication Access Control Non repudiation Data Integrity, Data Confide ntiality
  • 12. 1. Authentication: In the authentication service, we make sure that communication is done reliably (faithfully) i.e. it verifies. In the case of a single message, (e.g. a warning or alarm signal), function of the authentication service to ensure that the message originates from the creator of the complaint. A. Peer entity authentication:- In connection oriented communication, it provides authentication of the sender or receiver during the connection establishment B. Data origin authentication:- In connectionless communication, it authenticates the source of the data Authentication Peer entity authentication Data origin authentication
  • 13. 2. Access control :- Provides protection against unauthorized access to data. In the context of network security, access control is the ability to limit and control the access to host systems and applications via communications links. To do this, it is first necessary to identify or verify each entity that attempts to access so that the access rights can be customized for personal use. 3. Data Confidentiality:- Protect your data against unauthorized disclosure/ broadcaster. Confidentiality is the protection of data transmitted by passive attacks. It is possible to identify different levels of protection with respect to the content of the data transfer. Data Confidentiality Connection Confidentiality Connectionless Confidentiality Traffic Flow Confidentiality Selective-Field Confidentiality
  • 14. A. Connection Confidentiality:-The protection of all user data on a connection. B. Connectionless Confidentiality:-The protection of all user data in a single data block. C. Selective-Field Confidentiality:-The confidentiality of selected fields within the user data on a connection or in a single data block. D. Traffic Flow Confidentiality:-The protection of the information that might be derived from observation of traffic flows. 4. Data Integrity :-The assurance that data received are exactly as sent by an authorized entity (i.e.to protect data from modification, insertion, deletion, or replaying by an adversary). It may protect the whole message or part of the message.
  • 15. i. Connection Integrity with Recovery:- It provides for the integrity of all user data on a connection and detects any modification, insertion, deletion, or replay of any data within an entire data sequence, and tries to recover. ii. Connection Integrity without Recovery:-As above, but provides only detection without recovery. iii. Selective-Field Connection Integrity:- It guarantees the integrity of selected field within the user data in the transmitted data block and determines the selected field to be modified, inserted, deleted, or replayed. iv. Connectionless Integrity:- It guarantees the integrity of a single data block that is not connected and can take the form of detection of data modification. In addition, a limited form of replay detection can be provided. v. Selective-Field Connectionless Integrity:-Provides for the integrity of selected fields within a single connectionless data block; takes the form of determination of whether the selected fields have been modified.
  • 16. 5. Non repudiation:-Non repudiation prevents either sender or receiver from denying a transmitted message. • Non repudiation, Origin:-Proof that the message was sent by the specified party. when a message is sent, the receiver can prove that the alleged sender in fact sent the message. • Non repudiation, Destination:-Proof that the message was received by the specified party. when a message is received, the sender can prove that the alleged receiver in fact received the message.
  • 17. Security Mechanisms A Security Mechanisms designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocols. Security Mechanisms Encipherment Digital Signature Routing Control TrafficPadding Authentication Exchange Data Integrity Access Control Notarization 1. Encipherment:-it hiding or converting data, it can provide confidentiality. It also be used to complement other mechanisms to provide other services. Two techniques are: Cryptography Steganography
  • 18. 2. Digital Signature: a DS is a means by which the sender can electrically sign the data and the receiver can electrically verify the signature. The sender uses a process that involves showing that she owns a private key related to the public key that she has announced publicly. The receiver uses the sender’s public key to prove that the message is indeed signed by the sender who claims to have sent the message. 3. Access Control: Access control uses methods to prove that a user has access right to the data or resources owned by a system. Ex. Of proofs are passwords and PIN 4. Data Integrity: This mechanism appends to the data a short check value (checksum) that has been created by a specific process from the data itself. The receiver receives the data and the check value. He creates a new check value from the received data and compares it with previous value. If the two check values are the same, the integrity of the data has been accepted.
  • 19. 5. Authentication Exchange: In authentication exchange two parties exchange some message to prove identify to each other or they can show there some unique identity with each other. For ex. One entity can prove that she knows a secret that only she is supposed to know. 6. Traffic Padding: Traffic padding means inserting some bogus (false) data into the data traffic to fail the attacker’s attempts of traffic analysis. 7. Routing Control: Routing control means selecting and continuously changing different available routers between the sender and the receiver to prevent the attacker from eavesdropping on a particular route. 8. Notarization: Notarization means selecting a third trusted party to control the communication between two entities. This can be done, for example, to prevent repudiation. The receiver can involve a trusted party to store the sender request in order to prevent the sender from later denying that she has made such a request.
  • 20. Basic Terminology • Plaintext:- The original form of a message is known as plaintext or we can say that plaintext is the original intelligible message or data that is fed into the algorithm as input. • Ciphertext: The message that is sent through the channel is called ciphertext. This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertext. The ciphertext is an actually random stream of data and, as it stands, is unintelligible. • Encryption : it is a method of transforming original data(plaintext) into unreadable form (ciphertext). Encryption Plaintext Ciphertex t
  • 21. • Decryption: it is a method of transforming unreadable data (ciphertext) into original data(plaintext) . • Encryption Algorithm To create the ciphertext from the plaintext, we use an encryption method and a shared secret key is called encryption algorithm. (two simple forms of encryption: substitutions in which one letter is exchanged for another and transpositions, in which the order of the letters is rearranged. ) • Decryption Algorithm : To create the plaintext from the ciphertext, we use a decryption method and same shared secret key is called Decryption algorithm. • Ciphers: Encryption and decryption algorithm is called ciphers. • Key: A key is a set of values(numbers) that the cipher, as an algorithm, operates on. Decryption Plaintext Ciphertex t
  • 22. • Mono alphabetic substitution cipher: Relationship between cipher text symbol and plain text symbol is 1:1. • Additive cipher: • Key value is added to plain text and numeric value of key ranges from 0 – 25. • Example: • Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14) • Key (K)=15 • Cipher text (C)= 7+15,4+15,11+15,11+15,14+15 = 22,19, 26,26,(29%26)=3 = W T AAD
  • 23. • Cryptography:- Cryptography is a Greek word means “secret writing”. Cryptography refers to the science and art of secret writing of transforming message to make them secure and protected to attacks. • If P is a plaintext, C is the ciphertext, and K is the key then Encryption: C=Ek(P) Decryption: P=Dk(C) Cryptography are two types (1) Symmetric-key: If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption. (2) Asymmetric-key : If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or public-key encryption. • Cryptanalysis-As cryptography is the science and art of crating secret code while cryptanalysis is the science and art of breaking those codes.
  • 24. Classical Encryption Techniques • Symmetric Cipher Model • Substitution Techniques • Transposition Techniques • Steganography 1. Symmetric Cipher Model: A symmetric encryption scheme has five ingredients (element):Plaintext, Ciphertext, Encryption algorithm, Decryption algorithm, Secret key.  Feature we do not need to keep the algorithm secret; we need to keep only the key secret. 2. Substitution Techniques: A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. If the plaintext is viewed as a sequence of bits, then substitution require replacing plaintext bit patterns with ciphertext bit patterns. There are following types of substitution techniques.
  • 25. I. Caesar Cipher: The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. For example, plain: meet me after the toga party cipher: PHHW PH DIWHU WKH WRJD SDUWB Let us assign a numerical equivalent to each letter: Then the algorithm can be expressed as follows. For each plaintext letter p, substitute the ciphertext letter C: C = E(3, p) = (p + 3) mod 26 A shift may be of any amount, so that the general Caesar algorithm is
  • 26. C = E(k, p) = (p + k) mod 26 where k takes on a value in the range 1 to 25. The decryption algorithm is simply p = D(k, C) = (C k) mod 26 Three important characteristics of are  The encryption and decryption algorithms are known.  There are only 25 keys to try.  The language of the plaintext is known and easily recognizable. • Monoalphabetic Ciphers: Relationship between cipher text symbol and plain text symbol is 1:1. • Key value is added to plain text and numeric value of key ranges from 0 – 25. Example: Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14) Key (K)=15 Cipher text (C)= 7+15,4+15,11+15,11+15,14+15 = 22,19, 26,26,(29%26)=3 = W T A AD
  • 27. • Polyalphabetic substitution cipher : In polyalphabetic cipher each occurrence of a character may have different substitution. The relationship between characters in plain text and cipher text is 1 to many. • Playfair cipher • Hill cipher • Auto key cipher • Vigenere cipher • Playfair cipher :In playfair cipher the secret key is made of 25 characters arranged in 5x5 matrix : • Rules:-  If 2 letters in a plaintext are located in the same row of the secret key then the corresponding encrypted character for each letter is next letter to the right.  If 2 letters in a pair are in same column then the corresponding encrypted character is next below in the same column.  If 2 letters are neither in same row or in same column then encrypted character is in its own row but in the same column as the other character.
  • 28. • For Ex. Let us encrypt the plaintext “hello” using the key given below We dropped the letter in the matrix diagonally starting from the top right-hand corner. Before encryption, if two letter in a pair are the same, a bogus letter is inserted to separate them. After inserting bogus letter, if the number of characters in the plaintext is odd, one extra bogus character is added at the end to make the number of character even. • Solution: First make pair, we get “he, ll, o”. We need to insert a X between two ll. Hence pair is “he, lx, lo” he--> EC lx-->QZ lo-->BX Hence cipher: ECQZBX
  • 29. • Auto key cipher:  In this cipher, key is stream of subkeys in which subkey is used to encrypt the corresponding character in the plain text.  Here 1st subkey is predefined and 2nd subkey is the value of the 1st character of the plain text 3rd subkey is the value of the 2nd plain text and so on. • Ex. If the initial key value=12 and plaintext is “attack is today” then ciphertext is
  • 30. • Plaintext= “she is listening” and initial key stream=Pascal Solution: Since the key stream Pascal(15,0,18,2,0,11) is the repetition of this initial key stream as many times as needed. • Hill Cipher: The encryption algorithm takes m successive plaintext letters and substitutes for
  • 31. • c1 = (k11P1 + k12P2 + k13P3) mod 26 • c2 = (k21P1 + k22P2 + k23P3) mod 26 • c3 = (k31P1 + k32P2 + k33P3) mod 26 • This can be expressed in term of column vectors and matrices: Or • C = KP mod 26, where C and P are column vectors of length 3, representing the plaintext and ciphertext, and K is a 3 x 3 matrix, representing
  • 32. The first three letters of the plaintext are represented by the vector
  • 33. • Transposition ciphers: it changes the location of the symbols. A symbol in the first position of the plaintext may appear in the tenth position of the ciphertext. A symbol in the eighth position in the plaintext may appear in the first position of the ciphertext. In other words, a transposition cipher reorders (transposes) the symbols. 1. Keyless transposition ciphers 2. keyed transposition ciphers 3. Combining two approaches • Keyless transposition ciphers: There are two methods for permutation of characters. In the method, the text is written into a table column by column and then transmitted row by row. In the second method, the text is written into the table row by row and then transmitted column by column. • Good ex. Is rail fence cipher. In this plaintext is arranged in two lines as zigzag pattern, the ciphertext is created reading the pattern row by row.
  • 34. • Plaintext:"meet me after the toga party“ Key: rail fence cipher Solution row by row mematrhtgpryetefeteoaat • Plaintext:"meet me after the toga party“ Key: rail fence cipher Solution column by column mmthgreeeeateartpytftoa
  • 35. • Keyed transposition cipher: in this divide the plaintext into groups of predetermined size, called blocks, and then use a key to permute the characters in each block separately. • Plaintext: “enemy attacks tonight” • solution
  • 36. • Steganography: The word steganography, with origin in Greek, mean “covered writing”, in contrast with cryptography, which means “secret writing”. Cryptography means hiding the contents of a message by enciphering; while steganography means hide the message itself by covering it with something else. • Today, any form of data, such as text, image, or video, can be digitized, and it is possible to insert secret binary information into the data during digitization process. Such hidden information is not necessarily used for secrecy; it can also be used to protect copyright, prevent tampering, or add extra information. • It can be implemented using text cover or image cover. • Text cover: the cover of secret data can be text. There are several ways to insert binary data into an safe text. We can use single space between words to represent the binary digit 0 and double space to represent binary digit 1.
  • 37. • Plaintext: “this book is mostly about cryptography and not steganography” • Steganography: text cover Solution: That is steganography message is “this book is mostly about cryptography and not steganography” 0 1 0 0 0 0 0 1 But he write as “this book is mostly about cryptography and not a steganography” because the message 01000001 in ASCII code mean A.  Image cover: secret data can also be covered under a color image. Digitized images are made of pixels in which data can be hidden. • Invisible ink: A number of substances can be used for writing but leave no visible trace until heat or some chemical is applied to the paper.(lemon juice)
  • 38. • Character marking: Selected letters of printed or typewritten text are overwritten in pencil. The marks are ordinarily not visible unless the paper is held at an angle to bright light. • Pin punctures: Small pin punctures on selected letters are ordinarily not visible unless the paper is held up in front of a light. Cryptanalysis : A cryptography is the science and art of creating secret codes while cryptanalysis is the science and art of breaking those code. Cryptanalysis does not needed to break the code of others only, but it is necessary to understand the weakness of our cryptosystem. The study of cryptanalysis helps us to develop better secret code. Cryptanalytic attacks depend on the nature of the algorithm as well as knowledge of the general characteristics of the plaintext. This type of attack uses the properties of the algorithm to try to guess a certain plain text and guess the used key. They are four types.
  • 39. I. Ciphertext-only II. Known-plaintext III. Chosen-plaintext IV. Chosen-ciphertext I. Ciphertext-only :In this types of attack, attacker has access to only to the ciphertext and tries to find the corresponding key and the plaintext. The hypothesis is that attacker knows the algorithm and can intercept the ciphertext. They are basically three types I. Brute-Force Attack II. Statistical attack
  • 40. III. Chosen-plaintext: it is similar to known- plaintext attack, but the plaintext/ciphertext pair have been chosen by the attacker herself. IV. Chosen-ciphertext: This is similar to the chosen- plaintext attack, except that attacker chooses some ciphertext and decrypts it to form a ciphertext/plaintext pair.