A PAPER PRESENTATION ON CRYPTOGRAPHY AND NETWORK SECURITY - Contents: Abstract
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
A PAPER PRESENTATION
ON
CRYPTOGRAPHY AND NETWORK
SECURITY
Contents:
Abstract
• Introduction
• Network Security Problems
• Key process Techniques
• Advanced cryptographic technique
1 Steganography
• Cryptographic technologies
Based on layers
Based on algorithms
• Applications of cryptography
• Application of network security
• Conclusion
CRYPTOGRAPHY
2NETWORK SECURITY
CRYPTOGRAPHY AND Movie gangsters “case the joint”; soldiers
NETWORKSECURITY “scout the area”. This is also true in the
cyber world. Here the “bad guys” are
ABSTRACT
“SECURITY” in this referred to as intruders, eavesdroppers,
contemporary scenarios has become a hackers, hijackers, etc. The intruders
more sensible issue either it may be in the would first have a panoramic view of the
“REAL WORLD” or in the “CYBER victims network and then start digging
WORLD”. In the real world as opposed the holes.
to the cyber world an attack is often Today the illicit activities of
preceded by information gathering. the hackers are growing by leaps and
3bounds, viz., “THE RECENT ATTACK technological prowess has been
ON THE DNS SERVERS HAS stupendously developed to defy against
CAUSED A LOT OF HULLABALOO each of the assaults. Our paper covers
ALL OVER THE WORLD”. However, the ADVANCED technical combats that
fortunately, the antagonists reacted have been devised all through the way,
promptly and resurrected the Internet thus giving birth to the notion of
world from the brink of prostration. “NETWORK -SECURITY”. Various
Since the inception of antidotes that are in fact inextricable with
conglomerating Computers with security issues are – Cryptography,
Networks the consequence of which Authentication, Integrity and Non
shrunk the communication Repudiation, Key Distribution and
world,hitherto, umpteen ilks of security certification, Access control by
breaches took their origin. Tersely implementing Firewalls etc.
quoting some security ditherers –
Eavesdropping, Hacking, Hijacking, To satiate the flaws in the network
Mapping, Packet Sniffing, 1Spoofing, security more and more advanced
DoS & DDoS attacks, etc. security notions are being devised day by
Newton’s law says “Every action has got day. Our paper covers a wide perspective
an equal but opposite reaction”. So is the of such arenas where the contemporary
case with this. Nevertheless the security cyber world is revolving around viz.
breaches and eavesdroppers, the
security but do not want to be bothered
. Introduction: with it when it gets in their way. It’s
important to build systems and networks
Network security deals with the problems
in such a way that the user is not
of legitimate messages being captured
constantly reminded of the security
and replayed. Network security is the
system. Users who find security policies
effort to create a secure computing
and systems to restrictive will find ways
platform. The action in question can be
around them. It’s important to get their
reduced to operations of access,
feed back to understand what can be
modification and deletion. Many people
improved, the sorts of risks that are
pay great amounts of lip service to
4deemed unacceptable, and what has been Cryptography enables you to store
done to minimize the organizations sensitive information or transmit it across
exposure to them. Network security insecure networks (like the internet)
problems can be divided roughly into So that it cannot be read by anyone
four intertwined areas: expect the intended recipient. While
Secrecy, Authentication, cryptography is the science of securing
Nonrepudation, and Integrity control. data, cryptanalysts are also called
• Secrecy has to do with keeping attackers. Cryptology embraces both
information out of the hands of cryptography and cryptanalysis.
unauthorized users.
• Authentication deals with
whom you are talking to before
revealing sensitive information or
entering into a business deal.
• Nonrepudation deals with
signatures.
• Integrity control deals
KEY PROCESSTECHNIQUES:
with long enterprises like
There are three key process techniques.
banking, online networking.
They are:
These problems can be handled by using • Symmetric-key encryption
cryptography, which provides means and • A symmetric-key encryption
methods of converting data into • Hash functions
unreadable from, so that valid User can
access Information at the Destination.
Cryptography is the science of
using mathematics to encrypt and decrypt Symmetric-key encryption
data. (one key):
5There is only one key in this private key remains private. Data
encryption. That is private key. This encrypted with the public key can be
key is only used for both encryption decrypted only using the private key.
and decryption. This is also called as Data encrypted with the private key
private-key encryption. In this can be decrypted only using the
method the sender encrypt the data public key. In the below figure, a
through private key and receiver sender has the receiver’s public key
decrypt that data through that key and uses it to encrypt a message, but
only. only the receiver has the related
private key used to decrypt the
message.
Private Key method
Private Key method
Asymmetric-key encryption (two
Public key method
keys):
Hash functions:
There are two keys in this encryption.
An improvement on the public key
They are:
scheme is the addition of a one-way
• Public key
hash function in the process. A one-
• Private key
way hash function takes variable
length input. In this case, a message
Two keys – a public key and a
of any length, even thousands or
private key, which are
millions of bits and produces a fixed-
mathematically related, are used in
length output; say, 160-bits. The
public-key encryption. To contrast it
function ensures that, if the
with symmetric-key encryption,
information is changed in any way
public-key encryption is also some
even by just one bit an entirely
times called public-key encryption.
different output value is produced. As
In public key can be passed openly
long as a secure hash function is used,
between the parties or published in a
there is no way to take someone’s
public repository, but the related
signature from one
6Its goal is to prevent the detection of
documents and attach it to another, or secret message.
to alter a signed message in any way. Steganography uses techniques to
The slightest change in signed communicate information in a way
documents will cause the digital that is a hidden. The most common
signature verification process to fail. use of Steganography is hiding
information image or sound within
the information of another file by
using a stegokey such as password is
additional information to further
conceal a message.
There are many reasons why
Srteganography is used, and is often
used in significant fields. It can be
used to communicate with complete
freedom even under conditions that
ADVANCED are censured or monitored.
CRYPTOGRAPHIC The Steganography is an effective
TECHNIQUE means of hiding data, there by
STEGANOGRAPHY protecting the data from unauthorized
or unwanted viewing. But stego is
INTRODUCTION: simply one of many ways to protect
Over the past couple of year’s confidentiality of data. Digital image
Steganography has been the source of steganography is growing in use and
a lot of discussion. Steganography is application. In areas where
one of the fundamental ways by cryptography and strong encryption
which data can be kept confidential. are being outlawed, people are using
Steganography hides the existence of steganography to avoid these policies
a message by transmitting and to send these messages secretly.
information through various carriers. Although steganography is become
very popular in the near future.
7WHAT IS STEGANOGRAPHY? • Link layer encryption
The word steganography comes from • Network layer encryption
the Greek name “stegnos” (hidden or
• IPSEC, VPN, SKIP
secret) and “graphy” (writing or
• Transport layer
drawing”) and literally means hidden
• SSL, PCT (private
writing. Stegenography uses
Communication Technology)
techniques to communicate
• Application layer
information in a way that is hidden.
• PEM (Privacy Enhanced
The most common use of
Mail)
Steganography is hiding information
• PGP (Pretty Good Privacy)
image or sound within the
information of another file by using a • SHTTP
stegokey such as password is
additional information to further Cryptographic process can be
conceal a message. implemented at various at various layers
starting from the link layer all the
WHAT IS STEGANOGRAPHY way up to the application layer. The most
USED FOR? popular encryption scheme is SSL and it
Like many security tools, is implemented at the transport layer. If
steganography can be used for variety the encryption is done at the transport
of reasons, some good, some not so layer. If the encryption is done at the
good. Steganography can also be used transport layer, any application that is
as a way to make a substitute for a running on the top of the transport layer
one-way hash value. Further, can be protected.
Steganography can be used to tag
notes to online images. Based on algorithms:
CRYPTOGRAPHIC Secret-key encryption
TECHNOLOGIES algorithms (symmetric
Based on layers: algorithms)
8• DES (Data OF CRYPTOGRAPHY
Encryption
Standard)— • Defense service
56bitkey • Secure Data Manipulation
• Triple DES— • E-Commerce
112bitkey • Business Transactions
• IDEA • Internet Payment Systems
(International
• Pass Phrasing Secure
Data Encryption
Internet Comm.
Algorithm)—
• User Identification
128bitkey
Systems
• Access control
Public-key encryption
• Computational Security
algorithms (Asymmetric
• Secure access to Corp
algorithms)
Data
• Data Security
Diffie-Hellman (DH): Exponentiation is
APPLICATIONS OF NETWORK
easy but computing discrete algorithms
SECURITY
from the resulting value is practically
impossible.
Computer networks were
primarily used by university
• RSA:
researchers for sending email,
Multiplication of
and by corporate employees
two large prime
for sharing printers. Under
numbers is easy
these conditions, security did
but factoring the
not get a lot of attention.
resulting product
is practically
impossible.
APPLICATIONS
9But now, as millions of Security is
ordinary citizens are using everybody’s business, and only
networks for: with everyone’s cooperation,
intelligent policy, and consistent
• Banking practices, will it be achievable.
• Shopping Cryptography
• Filling protects users by providing
their tax functionality for the encryption
returns of data and authentication of
other users. This technology lets
the receiver of an electronic
messages verify the sender,
CONCLUSION:
ensures that a message can be
Network security is a very read only by the intended
difficult topic. Every one has a person, and assures the recipient
different idea of what “security” that a message has not be
is, and what levels of risks are altered in transmit. The
acceptable. The key for building Cryptography Attacking
a secure network is to define techniques like Cryptanalysis
what security means to your and Brute Force Attack. This
organization. Once that has paper provides information of
been defined, everything that Advance Cryptography
goes on with. The network can Techniques.
be evaluated with respect to the
policy. Projects and systems can
then be broken down into their
BIBOLOGRAPHY:
components, and it becomes
much simpler to decide whether
what is proposed will be • “Computer Networks ”,
conflict with your security by Andrew S.Tanunbaum
policies and practices.
10• “Fighting Steganography
detection” by Fabian
Hansmann
• “Network security” by
Andrew S.Tanenbaum
• “Cryptography and
Network Security” by
William Stallings
• “Applied Cryptography”
by Bruce Schneier,
JohnWillley and Sons Inc
• URL:
http://www.woodmann.co
m/fravia/fabian2.html.
• URL:
http://www.jjtc.com/stegd
oc/sec202.html.
11You can also read
