SlideShare a Scribd company logo

Cryptography

Download as DOCX, PDF
Vishalya Dulam
Vishalya Dulam

This document provides an overview of cryptography techniques. It discusses modern cryptography methods like DES and DSA, how cryptography is used in applications like VPNs and secure web browsing. It also summarizes Windows authentication methods used in operating systems from Windows NT to Windows Server 2012, and the Kerberos authentication protocol.

Internet
1 of 15
CRYPTOGRAPHY 1 W1-CRYPTOGRAPHY Presented By Vishalya Dulam AVONMORE TERITARY INSTITUTE
CRYPTOGRAPHY 2 INDEX P.no Abstract 3 1. Cryptography 3-7 a) Modern Methods of Cryptography 4 (i) DES 4 (ii) DSA 5 b) Usage in I.T Industry 7 2. a) Application of Cryptographic Techniques in Computing 7 b) Cryptography Used in SET on Web Browser 8 c) Cryptography in VPN 9 3. Windows Authentication 9-12 a) Win NT 10 b) Win 2000 10 c) Win Server 2003 11 d) Win Server 2008 11 e) Win Server 2012 12 f) Difference between Integrated Windows Authentication and Logon Authentication 12 4. Kerberos Protocol 12-14 a) Description of Kerberos Protocol 12 b) Time Synchronization in Kerberos Protocol 14
CRYPTOGRAPHY 3 ABSTRACT: Primarily Computer Networks are used by University Researchers for sending e-mails and by co-operate company employees for sharing printers. At this stage there is no problem for security attention. Now-a-days millions of ordinary citizens using networks for banking, online shopping, e-booking, etc. Due to this network security became the massive problem. To overcome come this problem many security techniques are came into existence, in those techniques Cryptography is the one of the important technique for securing the data or information from the particular source to required destination. These are of many types and in this report we know about few methods of cryptography and their functioning. 1. CRYPTOGRAPHY: The word Cryptography comes from t he Greek word and it means “Sec ret Writing”. Cryptography is a process which encrypts the original data into cipher text by using key and this cipher text is decrypted at the other end by using key and these keys are called session keys which includes Public and Private Keys. Protection of Data or Information: Cryptography protects the data only, owner and other person who got access from owner can view the data. When the private information is encrypted and transmitted across the internet and stored on a server, it which allows only required persons to see the data who have key. Cryptography protects data Confidentially, Integrity,Availability,Authenticity and Non-repudiation For example, Sender sends plain text to the Receiver, the below diagram describes about the transmitting of data between sender and receiver. At first, Sender sends the plain text which is encrypted into cipher text using key is nothing but Encryption and it passes through network at last reaches the proper destination. Here, at the Receiver cipher text converts into original plain text using key is nothing but Decryption.
CRYPTOGRAPHY 4 a) MODERN METHODS IN CRYPTOGRAPHY: Many modern methods are come into existence in cryptography, now discussing two methods of cryptography and their theory of operation. (i) Data Encryption Standard (DES): DES is designed by IBM in 1976 by National Bureau of Standards (NES), which got approval from National Security Agent (NSA). In the year 2000 DES is used in the standard encryption process later from 2001 AES is replaced by DES. Theory of Operation: DES uses a symmetric key for both encryption and decryption of data; it is a one type of algorithm which takes a fixed length string of 64-bits plain text, it performs a series of complicated operations to convert the plain text into cipher text of same length at a time. The key is of 64-bits in it 56-bits are meant for encryption and decryption process, the person who holds this 64-bit key can perform the encryption and decryption of data. The remaining 8-bits of key are used for the purpose of parity check and later on it is not used or discarded. Key is transmitted as 8 bytes and each consists of odd parity. 16 rounds are included in DES process in which 16 intermediate keys is included which carries 48-bits each.
CRYPTOGRAPHY The above diagram the total process consists of three phases and it describes about functioning of initial permutation on entire DES structure consists of 64-bit block of data and it splits into 32-bit sub blocks which are passed through rounds as shown in figure. Each round is identical which includes 16 rounds, the security algorithm is increased and temporary efficiency is decreased. At the 16th round, the 32-bit output quantities are swapped by using functions which combines the text and the output of final permutation is 64-bit cipher text. 5 Key Structure: Initially, 56-bits keys are selected from 64-bits permuted choices, algorithm generates some sub keys. The below diagram tells about key function and it includes- 1. Key is then splits into two 28-bits and processed alternatively. In each round, both halves are rotated left by one or two bits and then 48-bit sub key is selected by permuted choice. The 8-bits are used by parity checker. 2. The key schedule is same for decryption. Strengths of DES:  DES uses 54 bit key for encryption, there are 256 possible keys. An attack on such number of keys is impossible.  It is tough to find the weakness of DES. Weakness of DES:  The purpose using IP and FP not clearly described.  Instead of 64-bits only 56-bits are used.  The designing of cipher have some defects. (ii) Digital Signal Algorithm (DSA): DSA is a United States Federal Government standard for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in 1991 for use in their Digital Signature Standard (DSS), specified in FIPS 186 in 1993. Theory of Operation: DSA is one type of asymmetric cryptography where both public and private keys are used for transmitting the data from sender to receiver. Many organizations across the world use digital systems for transmitting the electronic data among them in a secured manner. The below diagram explains life cycle of document which includes digital signature. This technique is slower but reliable because there no chance for data loss. The main requirement for the organizations is
CRYPTOGRAPHY paper work which is transmitted digitally and the main fundamental principle is to validate the data by assigning digital signature. The procedure for digital signature is simple which ensures authenticate of documents transferring themselves and stored with computer tools. The digital signature of electronic document having the following requirements:  Authenticity: At the Receiver, it verifies the identity of the sender.  Non-repudiation: The sender c an’t delay the signature doc ument.  Integrity: The receiver is unavailable to modify the signed document which is sent by non-authorized 6 user. Digital signature is generated based on asymmetric key pair, the private key is used by the owner and it is not shared used to generate digital signature for specific document, for verification purpose the public key is used to authenticate the signature. The digital signature consists of three algorithms:  The algorithm generates a pair of key (PK, SK) where PK is public key and SK is secret key, this key pair is used to sign in the document.  In Signature algorithm, sender sends message ‘m’ and the private key gives signature as ‘x’.  In verifying algorithm, it verifies the incoming data and signature with public key. At this stage it accepts or rejects the signature. The document is sign in with private key and its signature verified with public key. Once security is given to document it is impossible to reconstruct the private key even though both keys are uniquely connected. Process: The original data is enc rypted by using one way hash func tion with the user’s privat e key. The following steps are involved in digital signal processing:  The user send the document or a file which is encrypted using the hash function here 256 bits SHA is used, when the owner uses private key to sign in then the sign is calculated with come hash functions, it also generates come control codes on document.  Once the hash get calculated then it is impossible to get it back so the hackers cannot hack the transmitting documents or file without private key.  On the receiver side, the data is decrypted using same hash algorithm with public key, it also compares with the new hash and previous hash functions. If they both match then user can sign in to the document.
CRYPTOGRAPHY The above diagram explains about the hash values and how the data is transmitted between user A and user B using hash algorithm. 7 Strengths of DSA:  Reduces the time and cost when compared to other algorithms.  High level of efficiency operations is done.  High data quality with long term storage of files. Weakness of DSA:  DSA signatures are much shorter than RSA (Rivest-Shamir-Adleman) algorithm, because DSA signature consist 56-bits and RSA signature consist 2048-bits.  The strength of verifying in DSA is slower when compared to RSA. b) USAGE IN I.T INDUSTRY:  The Digital Signature Algorithms are used in reputed Organizations and multiple companies with sub offices, to transfer the confidential information across them with the help of digital signatures.  The Data Enc ryption Standards are used in bank ATM’s for transac tions with help of pin number, person can perform the transactions; once it matches with the pin already existed in required bank portals. Reference: http://www.creativeworld9.com/2011/04/abstract -and-full-paper-on-network_13.html http://www.cs.ust.hk/faculty/cding/COMP364/SLIDES/readdes.pdf http://www.facweb.iitkgp.ernet.in/~sourav/DES.pdf https://www.lri.fr/~fmartignon/documenti/systemesecurite/4-DES.pdf http://www.herongyang.com/Cryptography/DSA-Introduction-What-Is-DSA-Digital-Signature- Algorithm.html http://en.wikipedia.org/wiki/Digital_Signature_Algorithm http://securityaffairs.co/wordpress/5223/digital-id/what-is-a-digital-signature-fundamental-principles.html 2. a) APPLICATION OF CRYPTOGRAPHIC TECHNIQUES IN COMPUTING:  User Authentication: When the user uses their password on the network for login purpose and then cryptography authentication techniques are used which gives high security to the password, like generating one time verification codes here user authentication uses public or private keys.  Hardware and Software Implementation: The hardware devices used in computer like electronic chips, ROM protected processors are implemented by cryptography and controlled by software, instead of by passing the data, the software is protected by cryptography techniques it ensures the hardware and gives correct information.  Transferring Files on Network: Files are transmitted between one user to other on network and data should be protecting against the attackers. The sender sends the file, it is encrypted and the encrypted file is sent to receiver. Symmetric key is used it means only one key is used for both encryption and decryption. To dec rypt the file, the system c omponent driver’s users their private
CRYPTOGRAPHY Key to decrypt the symmetric key which is used to encrypt the file, now the encrypted file system component drivers uses symmetric key to decrypt the file by other user on network. 8 b) CRYPTOGRAPHY IS USED ON SECURITY ELECTRONIC TRANSACTION (SET) ON THE WEB: Secured Electronic Transactions (SET) is one type of protocol which is used for the purpose of transactions on networks which are not secured and these are mainly used in banking sectors for online transactions done with credit cards. There are various technologies are used to secure the web browsers as SSL, HTTPS, SSH and IPsec:-  SSL: SSL stands for Socket Secure Layer. SSL is a one type of protocol which consists of certificates that are used to secure the data transmitting between the user and server, without certificates if data is transferred then there is a chance to hack the data. The below diagram tells about the interaction between browser and the server. When the browser requests the SSL and server responds along with session keys which is encrypted with SSL public key and sends back to server, now the browser and server start s talking with each other and the pages are transmitted securely.  HTTPS: HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer. HTTPS by default uses port 443.The URL's beginning with HTTPS indicate that the connection is encrypted using SSL. The below figure tells us about the working of HTTPS and it is implemented by SSL and these SSL certificates are purchased by HTTPS and installed in web server to identify the type of business using to encrypt the sensitive data like Credit card information, SSL consists of certificates which gives permission to communicate securely to its web customers, HTTPS process done in transport layer. HTTPS is recognized easily by seeing lock symbol in the security status bar, we can click on it to view the identity of website. Mainly HTTPS uses SSL certificates for communication purpose to secure the data from client to server and vice versa.  SSH: SSH stands for Secure Shell, it is a one type of cryptographic network protocol which is used to transfer the data securely. User can login to the other system under same network as remote login to transfer the files from one system to other through SSH server. SSH a use automatically
CRYPTOGRAPHY generated public key or private key cryptography to login remote system and encrypts the network connection then uses the password to login.  IPSEC: IPSEC stands for Internet Protocol Security, it works under network layer to secure the internet traffic inside the IP. Cryptography technique used to protect the IP packets and the protection of this packet includes confidentially, authentication and integrity. 9 c) CRYPTOGRAPHY USED IN VPN: VPN stands for Virtual Private Network and it is the combination of both public network and private network. Data transmitting between both the networks can handle by remote user; the data is encrypted for security purpose. The below diagram tells us about the virtual network. The encryption techniques used for transferring the data they are:  DTLS: It stands for Datagram Transport Layer Security, these are used in open connect VPN and solves the problem occurred by SSL.  MPPE: It stands for Microsoft Point-to-Point Encryption; the data is encrypted using point-to-point protocol. 128-bit key, 56-bit key are supported for encrypting the data. In this the data is not compressed but the protocol is used as node between the PPP and VPN links. http://airccse.org/journal/nsa/1111nsa06.pdf http://www.isaca.org/Journal/Past-Issues/2000/Volume-6/Pages/Secure-Electronic-Transaction-SET-Protocol. aspx http://www.slideshare.net/kagoil235/cryptography-and-ecommerce http://www.slideshare.net/ijnsa/a-secure-electronic-payment-protocol-for-wireless-mesh-networks? qid=8c68ca76-307f-4992-b506-eed2a2267bcc&v=qf1&b=&f rom_search=10 http://www.infosecwriters.com/text_resources/pdf/Cryptosystems_SecureWebBrowse rs.pdf https://samsclass.info/122/ppt/ch09.ppt https://www.evsslcertificate.com/ssl/description-ssl.html http://en.wikipedia.org/wiki/Secure_Shell http://en.wikipedia.org/wiki/Virtual_private_network 3. WINDOWS AUTHENTICATION: Windows authentication is a process to secure the data that is transmitted from client to server on the network. Once you enable the windows Authentication, the username and password given by the client are strongly hashed with cryptographic techniques and send on the network for secure browsing. Windows Authentication is suitable mainly in private networks knows as Intranet by following conditions:  All computers and web servers are being in one domain.  Administrator can confirm every client using same browser like Internet Explorer.  NTLM are not supported by the HTTP proxy connections and mostly they are not required.
CRYPTOGRAPHY a) NT Authentication at Logon: Compare to other authentication methods, Windows NT authentication method is much complex it encrypts the username and password, which also held multiple communications between client and server. Passwords are not transmitted across the network and user credentials are automatically given once the users log on this are the benefits in Windows NT. When the user logon to Windows NT with the help of username and password, it requests to LSA which is responsible by Local Security Authority policy to verify the credentials authentication, it gets permission from Local SAM (Security Accounts Manager) database and gets access for the tokens to logon. This all process runs through Win logon. The below figure describes about the logon process of Windows NT. Protocol Used: The three different protocols Windows NT they are NetBIOS/NetBEUI, TCP/IP and PPTP. Here a brief description about TCP/IP. TCP/IP: It stands for Transfer Control Protocol/ Internet Protocol which is developed by DARPA (Defense Advanced Research Project Agency) for network connect ions. Users connected to internet using this protocol in Win NT, without this protocol users c an’t c onnec t to internet and it also used as interac tion between the operating system and hardware platforms like router. 10 b) Windows 2000 Authentication at Logon: Windows 2000 authenticates is varied whether the user logging from domain or local computer. Domain Logon: When the user tries to logon on domain the information provided by the user like username and password are given to domain controller, if the domain have the copy of user then it is validated if not denied. Local Computer Logon: When the user tries to logon on local computer then the information provided by user like user name and password are given to security subsystem of local computer which is operated by local security database, if the information exist then it is validated if not denied. Protocols Used:
CRYPTOGRAPHY 11 Different types of protocols are used in windows 2000 for the authentication purpose as listed below:  Password Authentication Protocol (PAP)  Shiva Password Authentication Protocol (SPAP)  Challenge Handshake Authentication Protocol (CHAP)  Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)  Extensible Authentication Protocol (EAP) c) Windows Server 2003 Authentication at Logon: In Windows server 2003 all the users should logon to the computer and their identity should be validated for the authentication and the authorised users will get access to the resources. There are two types of interactive logon in server 2003 as shown below,  When the user not joined to the active directory domain then they can logon to the unjointed computer with local account.  When the user joined to the active directory domain then they can log on with local account or domain account. Protocols Used: The protocols used in Windows server 2003 for authentication purpose as listed below;  Kerberos v5  NTLM  SSL/TLS (Secure Socket Layer/Transport Layer Security) d) Windows Server 2008 Authentication at Logon: Windows Server 2008 logon process includes security components in windows security compare to previous Windows servers; these security policies keep the track record of account logons for security purpose; any organisations can also logon to other systems which are located in sub areas as remote computers with host servers contains Remote Desktop Protocol(RDP). Logon page interacts with the LSA (Local Security Authority) to communicate with Remote authentication sources such as Domain Controller.
CRYPTOGRAPHY 12 Protocols Used: The protocols used in Windows Server 2008 for authentication as listed below;  SSL (Secure Socket Layer)  RDP (Remote Desktop Protocol)  TCP/IP (Transmission Control Protocol/Internet Protocol)  Kerberos V.5 protocol e) Windows Server 2012 Authentication at Logon: User should mention login information like username and password to login in windows server 2012 and these details are used for authentication to user access in local computer under same domain, the certificates gives access to user to login which are stored in active directory, now the User can also have access to local network through same domain and get authenticated. Protocols Used: The protocols used in Windows Server 2012 for authentication are:  SMB (Server Message Block)  RDP (Remote Desktop Protocol) f) Difference between Integrated Windows Authentication and Logon Authentication: Integrated Windows Authentication Logon Authentication 1. This type of Authentication is more secure the username and password given by user are encrypted with hash algorithms and sent through the network. 2. Windows Authentication is best for internet environment because both client and server are in same domain. 3. It supports two authentication protocols like Kerberos and NTLM (NT LAN Manager). 1. This type of Authentication is not secured because the username and password are not encrypted. 2. Logon Authentication is used mainly in Industry to collect username and passwords. 3. It supports SSL for authentication. http://en.wikipedia.org/wiki/Windows_NT_startup_process http://technet.microsoft.com/en-us/library/hh831360.aspx 4. KERBEROS PROTOCOL: Kerberos is one type of protocol which is used for providing strong network authentication between the client and server using symmetric key cryptography. Many protocols are used in Internet for security purpose because it is an insecure place, but them fails to give security whereas Kerberos protocol gives strong network security, here client and server using Kerberos to prove their identity.
CRYPTOGRAPHY a) Description of Kerberos Protocol: This protoc ol works as ‘tic kets’ for the c ommunic ation purpose, the below diagram gives brief description how the protocol works and these even includes Authentication Server (AS) request from the client to get Ticket Granting Ticket (TGT), the combination of both TGT and AS is nothing but Key Distribution Center (KDC) which encrypts the users password using secret key and it is controlled by Domain Controller as shown below, The description of Kerberos Protocol includes eight steps, now we are going to look those steps with the help of diagrams:- Step-1: client sends a request to AS to verify the username and the password is encrypted with security key. Step-2: After verifying AS issues to client who includes time stamp and the session having expiry date like 8 hours. 13 Step-3: In this, request sent back to the client using TGT consist of tickets, as shown below. Step-4: In this step the authentication is done for the client by submitting the TGT to Ticket Granting Server (TGS). Step-5: TGS creates an encrypted key with the time stamp of 8 hours and got permission to the client to use a ticket.
CRYPTOGRAPHY Step-6: At this step, the client decrypts the ticket and sends acknowledgement (ACK) says that user got the ticket to TGS. Step-7: At this stage, the client sends encrypted key to service server as shown below in figure, now in server it decrypts the key to check the validation of time stamp. If it is validated then service server directly contacts KDC to get a session between client and the server. Step-8: At this step, the client checks whether the validation and decrypt s the key, then connection is initiated between client and server for communication purpose. Now the client is authenticated until the session expires. 14 b) TIME SYNCHRONISATION IS IMPORTANT FOR KERBEROS:  The authentication is based on time stamp of tickets in Kerberos protocol and as we discussed before there is a short life time for tickets which issued by TGT in order to prevent the hackers to perform any hacking process.  Accurate clock synchronization is there on Kerberos servers, if your clock not synchronized at certain time intervals then Kerberos shows fatal errors.  If user allows clock on to the server and they themselves makes their network as platform for the attackers it causes loss in their vulnerability.  Since to overcome these malware activities, time synchronization plays a vital role to provide security of the Kerberos protocol. http://tldp.org/HOWTO/Kerberos-Inf rastructure-HOWTO/time-sync.html http://en.wikipedia.org/wiki/Kerberos_(protocol)#Description http://web.mit.edu/kerberos/ http://www.slideshare.net/RakeshRajgopal/rakesh-raj?qid=c929c8b1-be01-408c-8de3- 4534487920c7&v=default&b=&from_search=12
CRYPTOGRAPHY 15

Recommended

Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Cryptography
CryptographyCryptography
Cryptography
Sandip kumar
 
Cryptography
CryptographyCryptography
Cryptography
PPT4U
 
Cryptography
CryptographyCryptography
Cryptography
Sagar Janagonda
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
Vaibhav Khanna
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
thai
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
Anas Rock
 

Recommended

Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Cryptography
CryptographyCryptography
Cryptography
Sandip kumar
 
Cryptography
CryptographyCryptography
Cryptography
PPT4U
 
Cryptography
CryptographyCryptography
Cryptography
Sagar Janagonda
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
Vaibhav Khanna
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
thai
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
Anas Rock
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
Duy Do Phan
 
Cryptography
CryptographyCryptography
Cryptography
Sidharth Mohapatra
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Bharat Kumar Katur
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
Twinkal Harsora
 
cryptography
cryptographycryptography
cryptography
Jai Nathwani
 
Cryptography
CryptographyCryptography
Cryptography
jayashri kolekar
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation final
adrigee12
 
Introductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityIntroductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information Security
Bikramjit Sarkar, Ph.D.
 
Cryptography
CryptographyCryptography
Cryptography
prasham95
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Cryptography
CryptographyCryptography
Cryptography
AnandKaGe
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
prasenjeetd
 
Cryptanalysis and Attacks
Cryptanalysis and AttacksCryptanalysis and Attacks
Cryptanalysis and Attacks
Shahbaz Anjam
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
Amit Pathak
 
Cryptography
CryptographyCryptography
Cryptography
herrberk
 
Criptography
CriptographyCriptography
Criptography
Sajan Sahu
 
Encryption
EncryptionEncryption
Encryption
keith dias
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full report
harpoo123143
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
Hardik Manocha
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
SecurityTube.Net
 

More Related Content

What's hot

Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
Duy Do Phan
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation final
adrigee12
 
Introductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityIntroductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information Security
Bikramjit Sarkar, Ph.D.
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full report
harpoo123143
 

What's hot (20)

Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
 
cryptography
cryptographycryptography
cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation final
 
Introductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information SecurityIntroductory Lecture on Cryptography and Information Security
Introductory Lecture on Cryptography and Information Security
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
 
Cryptanalysis and Attacks
Cryptanalysis and AttacksCryptanalysis and Attacks
Cryptanalysis and Attacks
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
 
Cryptography
CryptographyCryptography
Cryptography
 
Criptography
CriptographyCriptography
Criptography
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full report
 

Similar to Cryptography

Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
SecurityTube.Net
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
KailasS9
 
Cryptography Methodologies
Cryptography MethodologiesCryptography Methodologies
Cryptography Methodologies
ijtsrd
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
Uttara University
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
editor1knowledgecuddle
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
ijsrd.com
 

Similar to Cryptography (20)

Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
 
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
 
Cryptography Methodologies
Cryptography MethodologiesCryptography Methodologies
Cryptography Methodologies
 
PKI.pptx
PKI.pptxPKI.pptx
PKI.pptx
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
CNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdfCNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdf
 
CNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdfCNS_Solutions-Adi.pdf
CNS_Solutions-Adi.pdf
 
CNS Solutions-Adi.pdf
CNS Solutions-Adi.pdfCNS Solutions-Adi.pdf
CNS Solutions-Adi.pdf
 
Asif
AsifAsif
Asif
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU Lucknow
 
82 86
82 8682 86
82 86
 
82 86
82 8682 86
82 86
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
 
Email Encryption using Tri-Cryptosystem Based on Android
Email Encryption using Tri-Cryptosystem Based on AndroidEmail Encryption using Tri-Cryptosystem Based on Android
Email Encryption using Tri-Cryptosystem Based on Android
 
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUESA REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
A REVIEW STUDY OF CRYPTOGRAPHY TECHNIQUES
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
 
L017136269
L017136269L017136269
L017136269
 

Recently uploaded

2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 

Recently uploaded (20)

20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 

Cryptography

  • 1. CRYPTOGRAPHY 1 W1-CRYPTOGRAPHY Presented By Vishalya Dulam AVONMORE TERITARY INSTITUTE
  • 2. CRYPTOGRAPHY 2 INDEX P.no Abstract 3 1. Cryptography 3-7 a) Modern Methods of Cryptography 4 (i) DES 4 (ii) DSA 5 b) Usage in I.T Industry 7 2. a) Application of Cryptographic Techniques in Computing 7 b) Cryptography Used in SET on Web Browser 8 c) Cryptography in VPN 9 3. Windows Authentication 9-12 a) Win NT 10 b) Win 2000 10 c) Win Server 2003 11 d) Win Server 2008 11 e) Win Server 2012 12 f) Difference between Integrated Windows Authentication and Logon Authentication 12 4. Kerberos Protocol 12-14 a) Description of Kerberos Protocol 12 b) Time Synchronization in Kerberos Protocol 14
  • 3. CRYPTOGRAPHY 3 ABSTRACT: Primarily Computer Networks are used by University Researchers for sending e-mails and by co-operate company employees for sharing printers. At this stage there is no problem for security attention. Now-a-days millions of ordinary citizens using networks for banking, online shopping, e-booking, etc. Due to this network security became the massive problem. To overcome come this problem many security techniques are came into existence, in those techniques Cryptography is the one of the important technique for securing the data or information from the particular source to required destination. These are of many types and in this report we know about few methods of cryptography and their functioning. 1. CRYPTOGRAPHY: The word Cryptography comes from t he Greek word and it means “Sec ret Writing”. Cryptography is a process which encrypts the original data into cipher text by using key and this cipher text is decrypted at the other end by using key and these keys are called session keys which includes Public and Private Keys. Protection of Data or Information: Cryptography protects the data only, owner and other person who got access from owner can view the data. When the private information is encrypted and transmitted across the internet and stored on a server, it which allows only required persons to see the data who have key. Cryptography protects data Confidentially, Integrity,Availability,Authenticity and Non-repudiation For example, Sender sends plain text to the Receiver, the below diagram describes about the transmitting of data between sender and receiver. At first, Sender sends the plain text which is encrypted into cipher text using key is nothing but Encryption and it passes through network at last reaches the proper destination. Here, at the Receiver cipher text converts into original plain text using key is nothing but Decryption.
  • 4. CRYPTOGRAPHY 4 a) MODERN METHODS IN CRYPTOGRAPHY: Many modern methods are come into existence in cryptography, now discussing two methods of cryptography and their theory of operation. (i) Data Encryption Standard (DES): DES is designed by IBM in 1976 by National Bureau of Standards (NES), which got approval from National Security Agent (NSA). In the year 2000 DES is used in the standard encryption process later from 2001 AES is replaced by DES. Theory of Operation: DES uses a symmetric key for both encryption and decryption of data; it is a one type of algorithm which takes a fixed length string of 64-bits plain text, it performs a series of complicated operations to convert the plain text into cipher text of same length at a time. The key is of 64-bits in it 56-bits are meant for encryption and decryption process, the person who holds this 64-bit key can perform the encryption and decryption of data. The remaining 8-bits of key are used for the purpose of parity check and later on it is not used or discarded. Key is transmitted as 8 bytes and each consists of odd parity. 16 rounds are included in DES process in which 16 intermediate keys is included which carries 48-bits each.
  • 5. CRYPTOGRAPHY The above diagram the total process consists of three phases and it describes about functioning of initial permutation on entire DES structure consists of 64-bit block of data and it splits into 32-bit sub blocks which are passed through rounds as shown in figure. Each round is identical which includes 16 rounds, the security algorithm is increased and temporary efficiency is decreased. At the 16th round, the 32-bit output quantities are swapped by using functions which combines the text and the output of final permutation is 64-bit cipher text. 5 Key Structure: Initially, 56-bits keys are selected from 64-bits permuted choices, algorithm generates some sub keys. The below diagram tells about key function and it includes- 1. Key is then splits into two 28-bits and processed alternatively. In each round, both halves are rotated left by one or two bits and then 48-bit sub key is selected by permuted choice. The 8-bits are used by parity checker. 2. The key schedule is same for decryption. Strengths of DES:  DES uses 54 bit key for encryption, there are 256 possible keys. An attack on such number of keys is impossible.  It is tough to find the weakness of DES. Weakness of DES:  The purpose using IP and FP not clearly described.  Instead of 64-bits only 56-bits are used.  The designing of cipher have some defects. (ii) Digital Signal Algorithm (DSA): DSA is a United States Federal Government standard for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in 1991 for use in their Digital Signature Standard (DSS), specified in FIPS 186 in 1993. Theory of Operation: DSA is one type of asymmetric cryptography where both public and private keys are used for transmitting the data from sender to receiver. Many organizations across the world use digital systems for transmitting the electronic data among them in a secured manner. The below diagram explains life cycle of document which includes digital signature. This technique is slower but reliable because there no chance for data loss. The main requirement for the organizations is
  • 6. CRYPTOGRAPHY paper work which is transmitted digitally and the main fundamental principle is to validate the data by assigning digital signature. The procedure for digital signature is simple which ensures authenticate of documents transferring themselves and stored with computer tools. The digital signature of electronic document having the following requirements:  Authenticity: At the Receiver, it verifies the identity of the sender.  Non-repudiation: The sender c an’t delay the signature doc ument.  Integrity: The receiver is unavailable to modify the signed document which is sent by non-authorized 6 user. Digital signature is generated based on asymmetric key pair, the private key is used by the owner and it is not shared used to generate digital signature for specific document, for verification purpose the public key is used to authenticate the signature. The digital signature consists of three algorithms:  The algorithm generates a pair of key (PK, SK) where PK is public key and SK is secret key, this key pair is used to sign in the document.  In Signature algorithm, sender sends message ‘m’ and the private key gives signature as ‘x’.  In verifying algorithm, it verifies the incoming data and signature with public key. At this stage it accepts or rejects the signature. The document is sign in with private key and its signature verified with public key. Once security is given to document it is impossible to reconstruct the private key even though both keys are uniquely connected. Process: The original data is enc rypted by using one way hash func tion with the user’s privat e key. The following steps are involved in digital signal processing:  The user send the document or a file which is encrypted using the hash function here 256 bits SHA is used, when the owner uses private key to sign in then the sign is calculated with come hash functions, it also generates come control codes on document.  Once the hash get calculated then it is impossible to get it back so the hackers cannot hack the transmitting documents or file without private key.  On the receiver side, the data is decrypted using same hash algorithm with public key, it also compares with the new hash and previous hash functions. If they both match then user can sign in to the document.
  • 7. CRYPTOGRAPHY The above diagram explains about the hash values and how the data is transmitted between user A and user B using hash algorithm. 7 Strengths of DSA:  Reduces the time and cost when compared to other algorithms.  High level of efficiency operations is done.  High data quality with long term storage of files. Weakness of DSA:  DSA signatures are much shorter than RSA (Rivest-Shamir-Adleman) algorithm, because DSA signature consist 56-bits and RSA signature consist 2048-bits.  The strength of verifying in DSA is slower when compared to RSA. b) USAGE IN I.T INDUSTRY:  The Digital Signature Algorithms are used in reputed Organizations and multiple companies with sub offices, to transfer the confidential information across them with the help of digital signatures.  The Data Enc ryption Standards are used in bank ATM’s for transac tions with help of pin number, person can perform the transactions; once it matches with the pin already existed in required bank portals. Reference: http://www.creativeworld9.com/2011/04/abstract -and-full-paper-on-network_13.html http://www.cs.ust.hk/faculty/cding/COMP364/SLIDES/readdes.pdf http://www.facweb.iitkgp.ernet.in/~sourav/DES.pdf https://www.lri.fr/~fmartignon/documenti/systemesecurite/4-DES.pdf http://www.herongyang.com/Cryptography/DSA-Introduction-What-Is-DSA-Digital-Signature- Algorithm.html http://en.wikipedia.org/wiki/Digital_Signature_Algorithm http://securityaffairs.co/wordpress/5223/digital-id/what-is-a-digital-signature-fundamental-principles.html 2. a) APPLICATION OF CRYPTOGRAPHIC TECHNIQUES IN COMPUTING:  User Authentication: When the user uses their password on the network for login purpose and then cryptography authentication techniques are used which gives high security to the password, like generating one time verification codes here user authentication uses public or private keys.  Hardware and Software Implementation: The hardware devices used in computer like electronic chips, ROM protected processors are implemented by cryptography and controlled by software, instead of by passing the data, the software is protected by cryptography techniques it ensures the hardware and gives correct information.  Transferring Files on Network: Files are transmitted between one user to other on network and data should be protecting against the attackers. The sender sends the file, it is encrypted and the encrypted file is sent to receiver. Symmetric key is used it means only one key is used for both encryption and decryption. To dec rypt the file, the system c omponent driver’s users their private
  • 8. CRYPTOGRAPHY Key to decrypt the symmetric key which is used to encrypt the file, now the encrypted file system component drivers uses symmetric key to decrypt the file by other user on network. 8 b) CRYPTOGRAPHY IS USED ON SECURITY ELECTRONIC TRANSACTION (SET) ON THE WEB: Secured Electronic Transactions (SET) is one type of protocol which is used for the purpose of transactions on networks which are not secured and these are mainly used in banking sectors for online transactions done with credit cards. There are various technologies are used to secure the web browsers as SSL, HTTPS, SSH and IPsec:-  SSL: SSL stands for Socket Secure Layer. SSL is a one type of protocol which consists of certificates that are used to secure the data transmitting between the user and server, without certificates if data is transferred then there is a chance to hack the data. The below diagram tells about the interaction between browser and the server. When the browser requests the SSL and server responds along with session keys which is encrypted with SSL public key and sends back to server, now the browser and server start s talking with each other and the pages are transmitted securely.  HTTPS: HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer. HTTPS by default uses port 443.The URL's beginning with HTTPS indicate that the connection is encrypted using SSL. The below figure tells us about the working of HTTPS and it is implemented by SSL and these SSL certificates are purchased by HTTPS and installed in web server to identify the type of business using to encrypt the sensitive data like Credit card information, SSL consists of certificates which gives permission to communicate securely to its web customers, HTTPS process done in transport layer. HTTPS is recognized easily by seeing lock symbol in the security status bar, we can click on it to view the identity of website. Mainly HTTPS uses SSL certificates for communication purpose to secure the data from client to server and vice versa.  SSH: SSH stands for Secure Shell, it is a one type of cryptographic network protocol which is used to transfer the data securely. User can login to the other system under same network as remote login to transfer the files from one system to other through SSH server. SSH a use automatically
  • 9. CRYPTOGRAPHY generated public key or private key cryptography to login remote system and encrypts the network connection then uses the password to login.  IPSEC: IPSEC stands for Internet Protocol Security, it works under network layer to secure the internet traffic inside the IP. Cryptography technique used to protect the IP packets and the protection of this packet includes confidentially, authentication and integrity. 9 c) CRYPTOGRAPHY USED IN VPN: VPN stands for Virtual Private Network and it is the combination of both public network and private network. Data transmitting between both the networks can handle by remote user; the data is encrypted for security purpose. The below diagram tells us about the virtual network. The encryption techniques used for transferring the data they are:  DTLS: It stands for Datagram Transport Layer Security, these are used in open connect VPN and solves the problem occurred by SSL.  MPPE: It stands for Microsoft Point-to-Point Encryption; the data is encrypted using point-to-point protocol. 128-bit key, 56-bit key are supported for encrypting the data. In this the data is not compressed but the protocol is used as node between the PPP and VPN links. http://airccse.org/journal/nsa/1111nsa06.pdf http://www.isaca.org/Journal/Past-Issues/2000/Volume-6/Pages/Secure-Electronic-Transaction-SET-Protocol. aspx http://www.slideshare.net/kagoil235/cryptography-and-ecommerce http://www.slideshare.net/ijnsa/a-secure-electronic-payment-protocol-for-wireless-mesh-networks? qid=8c68ca76-307f-4992-b506-eed2a2267bcc&v=qf1&b=&f rom_search=10 http://www.infosecwriters.com/text_resources/pdf/Cryptosystems_SecureWebBrowse rs.pdf https://samsclass.info/122/ppt/ch09.ppt https://www.evsslcertificate.com/ssl/description-ssl.html http://en.wikipedia.org/wiki/Secure_Shell http://en.wikipedia.org/wiki/Virtual_private_network 3. WINDOWS AUTHENTICATION: Windows authentication is a process to secure the data that is transmitted from client to server on the network. Once you enable the windows Authentication, the username and password given by the client are strongly hashed with cryptographic techniques and send on the network for secure browsing. Windows Authentication is suitable mainly in private networks knows as Intranet by following conditions:  All computers and web servers are being in one domain.  Administrator can confirm every client using same browser like Internet Explorer.  NTLM are not supported by the HTTP proxy connections and mostly they are not required.
  • 10. CRYPTOGRAPHY a) NT Authentication at Logon: Compare to other authentication methods, Windows NT authentication method is much complex it encrypts the username and password, which also held multiple communications between client and server. Passwords are not transmitted across the network and user credentials are automatically given once the users log on this are the benefits in Windows NT. When the user logon to Windows NT with the help of username and password, it requests to LSA which is responsible by Local Security Authority policy to verify the credentials authentication, it gets permission from Local SAM (Security Accounts Manager) database and gets access for the tokens to logon. This all process runs through Win logon. The below figure describes about the logon process of Windows NT. Protocol Used: The three different protocols Windows NT they are NetBIOS/NetBEUI, TCP/IP and PPTP. Here a brief description about TCP/IP. TCP/IP: It stands for Transfer Control Protocol/ Internet Protocol which is developed by DARPA (Defense Advanced Research Project Agency) for network connect ions. Users connected to internet using this protocol in Win NT, without this protocol users c an’t c onnec t to internet and it also used as interac tion between the operating system and hardware platforms like router. 10 b) Windows 2000 Authentication at Logon: Windows 2000 authenticates is varied whether the user logging from domain or local computer. Domain Logon: When the user tries to logon on domain the information provided by the user like username and password are given to domain controller, if the domain have the copy of user then it is validated if not denied. Local Computer Logon: When the user tries to logon on local computer then the information provided by user like user name and password are given to security subsystem of local computer which is operated by local security database, if the information exist then it is validated if not denied. Protocols Used:
  • 11. CRYPTOGRAPHY 11 Different types of protocols are used in windows 2000 for the authentication purpose as listed below:  Password Authentication Protocol (PAP)  Shiva Password Authentication Protocol (SPAP)  Challenge Handshake Authentication Protocol (CHAP)  Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)  Extensible Authentication Protocol (EAP) c) Windows Server 2003 Authentication at Logon: In Windows server 2003 all the users should logon to the computer and their identity should be validated for the authentication and the authorised users will get access to the resources. There are two types of interactive logon in server 2003 as shown below,  When the user not joined to the active directory domain then they can logon to the unjointed computer with local account.  When the user joined to the active directory domain then they can log on with local account or domain account. Protocols Used: The protocols used in Windows server 2003 for authentication purpose as listed below;  Kerberos v5  NTLM  SSL/TLS (Secure Socket Layer/Transport Layer Security) d) Windows Server 2008 Authentication at Logon: Windows Server 2008 logon process includes security components in windows security compare to previous Windows servers; these security policies keep the track record of account logons for security purpose; any organisations can also logon to other systems which are located in sub areas as remote computers with host servers contains Remote Desktop Protocol(RDP). Logon page interacts with the LSA (Local Security Authority) to communicate with Remote authentication sources such as Domain Controller.
  • 12. CRYPTOGRAPHY 12 Protocols Used: The protocols used in Windows Server 2008 for authentication as listed below;  SSL (Secure Socket Layer)  RDP (Remote Desktop Protocol)  TCP/IP (Transmission Control Protocol/Internet Protocol)  Kerberos V.5 protocol e) Windows Server 2012 Authentication at Logon: User should mention login information like username and password to login in windows server 2012 and these details are used for authentication to user access in local computer under same domain, the certificates gives access to user to login which are stored in active directory, now the User can also have access to local network through same domain and get authenticated. Protocols Used: The protocols used in Windows Server 2012 for authentication are:  SMB (Server Message Block)  RDP (Remote Desktop Protocol) f) Difference between Integrated Windows Authentication and Logon Authentication: Integrated Windows Authentication Logon Authentication 1. This type of Authentication is more secure the username and password given by user are encrypted with hash algorithms and sent through the network. 2. Windows Authentication is best for internet environment because both client and server are in same domain. 3. It supports two authentication protocols like Kerberos and NTLM (NT LAN Manager). 1. This type of Authentication is not secured because the username and password are not encrypted. 2. Logon Authentication is used mainly in Industry to collect username and passwords. 3. It supports SSL for authentication. http://en.wikipedia.org/wiki/Windows_NT_startup_process http://technet.microsoft.com/en-us/library/hh831360.aspx 4. KERBEROS PROTOCOL: Kerberos is one type of protocol which is used for providing strong network authentication between the client and server using symmetric key cryptography. Many protocols are used in Internet for security purpose because it is an insecure place, but them fails to give security whereas Kerberos protocol gives strong network security, here client and server using Kerberos to prove their identity.
  • 13. CRYPTOGRAPHY a) Description of Kerberos Protocol: This protoc ol works as ‘tic kets’ for the c ommunic ation purpose, the below diagram gives brief description how the protocol works and these even includes Authentication Server (AS) request from the client to get Ticket Granting Ticket (TGT), the combination of both TGT and AS is nothing but Key Distribution Center (KDC) which encrypts the users password using secret key and it is controlled by Domain Controller as shown below, The description of Kerberos Protocol includes eight steps, now we are going to look those steps with the help of diagrams:- Step-1: client sends a request to AS to verify the username and the password is encrypted with security key. Step-2: After verifying AS issues to client who includes time stamp and the session having expiry date like 8 hours. 13 Step-3: In this, request sent back to the client using TGT consist of tickets, as shown below. Step-4: In this step the authentication is done for the client by submitting the TGT to Ticket Granting Server (TGS). Step-5: TGS creates an encrypted key with the time stamp of 8 hours and got permission to the client to use a ticket.
  • 14. CRYPTOGRAPHY Step-6: At this step, the client decrypts the ticket and sends acknowledgement (ACK) says that user got the ticket to TGS. Step-7: At this stage, the client sends encrypted key to service server as shown below in figure, now in server it decrypts the key to check the validation of time stamp. If it is validated then service server directly contacts KDC to get a session between client and the server. Step-8: At this step, the client checks whether the validation and decrypt s the key, then connection is initiated between client and server for communication purpose. Now the client is authenticated until the session expires. 14 b) TIME SYNCHRONISATION IS IMPORTANT FOR KERBEROS:  The authentication is based on time stamp of tickets in Kerberos protocol and as we discussed before there is a short life time for tickets which issued by TGT in order to prevent the hackers to perform any hacking process.  Accurate clock synchronization is there on Kerberos servers, if your clock not synchronized at certain time intervals then Kerberos shows fatal errors.  If user allows clock on to the server and they themselves makes their network as platform for the attackers it causes loss in their vulnerability.  Since to overcome these malware activities, time synchronization plays a vital role to provide security of the Kerberos protocol. http://tldp.org/HOWTO/Kerberos-Inf rastructure-HOWTO/time-sync.html http://en.wikipedia.org/wiki/Kerberos_(protocol)#Description http://web.mit.edu/kerberos/ http://www.slideshare.net/RakeshRajgopal/rakesh-raj?qid=c929c8b1-be01-408c-8de3- 4534487920c7&v=default&b=&from_search=12