USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY WELCOME SEMINAR ON USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY BY M.SUSMITHA ( I.T )
ABSTRACT: Security has become a more sensible issue in “REAL WORLD” or “ CYBER WORLD”. It is a complicated subject which is deal by well-trained and experienced experts. The security mechanisms are primarily based on cryptographic algorithms. The main purpose of the algorithms are to achieve optimal speed and security levels.
CONTENTS: Introduction Popular networks Security services Security threats/ Attacks Fire walls Security mechanisms Cryptography Types of cryptography Conclusion
INTRODUCTION: The main purpose of computer networks is to understand the principles of network security. Users want to exchange the data in a secure way. The problem of network issue is a complex issue. Network security means a protection of the network assets.
POPULAR NETWORKS: UUCP: Unix to Unix Copy It was developed to connect UNIX hosts together. INTERNET: It is the worlds largest network of networks.
SERVICES FOR SECURITY: CONFIDENTIALITY: Ensure that information in a computer system and transmitted information are accessible only read by authorized parties. AUTHENTICATION: Ensure that the origin of message is correct. INTEGRITY: Ensure that only authorized parties are able to modify computer systems or transmitted information.
SERVICES FOR SECURITY:( contd ) 4. NON-REPUDIATION: Requires that neither sender nor receiver of a message is able to deny the transmission. 5. ACCESS CONTROL: Requires that access to information resources may be controlled for target system. 6. AVAILABILITY: The availability of computer systems must be only for authorized parties when ever needed.
ATTACKS:
ATTACKS: ( contd) PASSIVE ATTACKS: the goal of attacker is to obtain the information that is being transmitted. ACTIVE ATTACKS: it involve some modification of the data stream or the creation of false data stream. DENIAL OF SERVICE: ->Not running your visible-to-the-world servers at a level too close to capacity ->Using packet filtering to prevent obviously forged packets from entering into your network address space. ->Keeping up-to-date on security-related patches for your hosts' operating systems.
ATTACKS:( contd ) UNAUTHORIZED ACCESS: The goal of these attacks is to access some resource that your machine should not provide the attacker. These can take the form of a virus, worm, or Trojan horse. One of the most publicized threats to security is intruder or hacker or cracker. WHERE DO ATTACKS COME FROM?:Through any connection that you have to the outside world. This includes Internet connections, dial- up modems, and even physical access.
ATTACKS:( contd ) PREVENTING SECURITY DISASTERS: 1. hope your computer have backups. 2. don’t put data where it doesn’t need to be 3. avoid systems with single points of failure 4. watch for relevant security advisories.
FIRE WALLS: Firewalls can be an effective means of protecting a local system or network of systems from network based security threats while at the same time, a firewall is simply a group of components that collectively form a barrier between two networks. TYPES OF FIRE WALLS: 1. Application gate ways 2. Packet filtering 3. Hybrid systems
FIRE WALLS: ( contd ) POINTS OF FAILURE: Any time there is only one component paying attention to what's going on between the internal and external networks, an attacker has only one thing to break (or fool!) in order to gain complete access to your internal networks.
SECURITY MECHANISMS: A mechanism that is designed to detect, prevent, or recover from a security attack. Cryptography and Steganographic are such two techniques. Hence we focus on development, use and management of Cryptographic techniques.
CRYPTOGRAPHY: the word “cryptography” is derived from Greek means “ secret writing”. the process of encoding and decoding the data is called cryptography. encryption refers to the transformation of data from plain text to cipher text. decryption refers to the transformation of cipher text to original data. this process requires a key in order to provide security or privacy for the data.
CRYPTOGRAPHY: ( contd ) ciphers are broken into 2 categories. 1. substitution ciphers 2. transposition ciphers Substitution ciphers replace letters in the plaintext with other letters or symbols, keeping the order in which the symbols fall the same. Transposition ciphers keep all of the original letters intact, but mix up their order.
CRYPTOGRAPHY: ( contd ) Substitution cipher: Plaintext letter A B C D E F G H Cipher text letter F H E A C D G B
CRYPTOGRAPHY: ( contd )
TYPES OF CRYPTOGRAPHY: There are 3 types of cryptographic algorithms. They are 1. secret key algorithm 2. public key algorithm 3. hash algorithms
SECRET KEY CRYPTOGRAPHY: it involves the use of single key. it is also known as symmetric cryptography. Encryption Plain text ------------------> cipher text Key Cipher text------------------> plain text Decryption
SECRET KEY CRYPTOGRAPHY: ( contd ) ADVANTAGES: 1.widely used and very popular. 2. very fast relative to public key cryptography. 3.cipher text is compact. DISADVANTAGES: 1. administration of keys become extremely complicated. 2. key is subject to interception by hackers.
PUBLIC KEY CRYPTOGRAPHY: it is also known as asymmetric cryptography. it is used to provide privacy or confidentiality. Encryption Plain text ---------------------------------> cipher text Public key Private key Cipher key --------------------------------> plain text Decryption
PUBLIC KEY CRYPTOGRAPHY: ( contd ) ADVANTAGES: 1. more secure and easy to configure the systems. 2. supports non-repudiation. DISADVANTAGES: 1. slower compared to secret key cryptography. 2. cipher text is much larger than plain text.
HASH ALGORITHMS: it is also known as one way transformations. it is a mathematical transformation that takes a message of arbitrary length and computes from it a fixed length number. PASSWORD HASHING: When a user types a password, the system must store the password encrypted because someone else can use it. To avoid this problem hashing is used.
HASH ALGORITHMS: ( contd ) MESSAGE INTEGRITY: Cryptographic hash functions can be used to protect the integrity of a message transmitted over insecure media. MESSAGE FINGERPRINT: We can know whether some data stored has been modified from one day to the next, if we save that data structure with a hash function.
HASH ALGORITHMS: ( contd ) DIGITAL SIGNATURES: can be efficiently implemented using hash functions. KEY SIZE: This has major role for amount of security. If the algorithm is inherently strong, then it can be assumed that the larger the key size for the ciphers, the harder it is for a hacker to perform an attack on the cipher text. HYBRID SYSTEMS: Just one crypto-system will not solve every problem. Most systems in use today employ a hybrid system.
CONCLUSION: Everyone has a different idea of what ``security'' is, and what levels of risk are acceptable. when new security methods are developed, breaking of these methods has increased. Cryptography is evergreen and developments in this area are a better option.
QUERIES ?
THANK YOU