network security(seminar part2)

8/9/2019 Network Security(seminar part2)

http://slidepdf.com/reader/full/network-securityseminar-part2 1/29

USA GE OF CRYPTOGRA PHY IN

NETWORK SECURITY

BYM.SUSMITHA ( I.T )



A BSTRACT:

v Security has become a more sensible issue in “REAL WORLD” or “

CYBER WORLD”.v It is a complicated subject which is deal by well-trained and experiencedexperts.vThe security mechanisms are primarily based on cryptographicalgorithms.vThe main purpose of the algorithms are to achieve optimal speed and

security levels.



CONTENTS:

q Introduction

q Popular networks

q Security servicesq Security threats/ Attacks

q Fire walls

q Security mechanisms

q Cryptography

qTypes of cryptography

q Conclusion



INTRODUCTION:

Ø The main purpose of computer networks is to

understand the principles of network security.

Ø Users want to exchange the data in a secureway.

Ø The problem of network issue is a complex

issue.

Ø Network security means a protection of the

network assets.



POPULA R NETWORKS:

ü UUCP: Unix to Unix Copy

It was developed to connect UNIX

hosts together.ü INTERNET: It is the worlds largest network of

networks.



SERVICES FOR SECURITY:

1. CONFIDENTIALITY: Ensure that information in

a computer system and transmitted

information are accessible only read by

authorized parties.

2. AUTHENTICATION: Ensure that the origin of

message is correct.

3. INTEGRITY: Ensure that only authorized partiesare able to modify computer systems or

transmitted information.



SERVICES FOR SECURITY:( contd )

4. NON-REPUDIATION: Requires that neither

sender nor receiver of a message is able to

deny the transmission.5. ACCESS CONTROL: Requires that access to

information resources may be controlled for

target system.

6. AVAILABILITY: The availability of computersystems must be only for authorized parties

when ever needed.



ATTACKS:



A TTA CKS: ( c ont d)

§ PASSIVE ATTACKS: the goal of attacker is to obtainthe information that is being transmitted.

§ ACTIVE ATTACKS: it involve some modification of

the data stream or the creation of false data stream.§ DENIAL OF SERVICE:

->Not running your visible-to-the-world serversat a level too close to capacity

->Using packet filtering to prevent obviously

forged packets from entering into your networkaddress space.

->Keeping up-to-date on security-related patchesfor your hosts' operating systems.



A TTA CKS:( co nt d )

§ UNAUTHORIZED ACCESS: The goal of theseattacks is to access some resource that yourmachine should not provide the attacker. These

can take the form of a virus, worm, or Trojanhorse. One of the most publicized threats tosecurity is intruder or hacker or cracker.

§ WHERE DO ATTACKS COME FROM?:Through

any connection that you have to the outsideworld.This includes Internet connections, dial-up modems, and even physical access.



A TTA CKS:( co nt d )

§ PREVENTING SECURITY DISASTERS:

1. hope your computer have backups.

2. don’t put data where it doesn’t need to be3. avoid systems with single points of failure

4. watch for relevant security advisories.



FIRE WA LLS:

o Firewalls can be an effective means of

protecting a local system or network of

systems from network based security threatswhile at the same time, a firewall is simply a

group of components that collectively form a

barrier between two networks.

o TYPES OF FIRE WALLS:1. Application gate ways

2. Packet filtering

3. Hybrid systems



FIRE WA LLS: ( c ont d )

o POINTS OF FAILURE: Any time there is only

one component paying attention to what's

going on between the internal and externalnetworks, an attacker has only one thing to

break (or fool!) in order to gain complete

access to your internal networks.



SECURITY MECHA NISMS:

vA mechanism that is designed to detect,

prevent, or recover from a security attack.

Cryptography and Steganographic are suchtwo techniques. Hence we focus on

development, use and management of

Cryptographic techniques.



CRYPTOGRA PHY:

Ø the word “cryptography” is derived from

Greek means “ secret writing”.

Ø the process of encoding and decoding thedata is called cryptography.

Ø encryption refers to the transformation of

data from plain text to cipher text.

Ø decryption refers to the transformation of

cipher text to original data.

Ø this process requires a key in order to provide

security or privacy for the data.



CRYPTOGRA PHY: ( c ont d )

Ø ciphers are broken into 2 categories.

1. substitution ciphers

2. transposition ciphersØ Substitution ciphers replace letters in the

plaintext with other letters or symbols,keeping the order in which the symbols fall

the same.

Ø Transposition ciphers keep all of the original

letters intact, but mix up their order.




§ Substitution cipher:

Plaintext letter

A B C D E F G HCipher text letter

F H E A C D G B



TYPES OF CRYPTOGRA PHY:

There are 3 types of cryptographic algorithms.

They are

1. secret key algorithm2. public key algorithm

3. hash algorithms



SECRET KEY CRYPTOGRA PHY:

v it involves the use of single key.

v it is also known as symmetric cryptography.

EncryptionPlain text ------------------> cipher text

Key

Cipher text------------------> plain textDecryption



SECRET KEY CRYPTOGRA PHY:

( cont d )§ ADVANTAGES:

1.widely used and very popular.

2. very fast relative to public keycryptography.

3.cipher text is compact.

§DISADVANTAGES:

1. administration of keys become extremely

complicated.

2. key is subject to interception by hackers.



PUBLIC KEY CRYPTOGRA PHY:

§ it is also known as asymmetric cryptography.

§ it is used to provide privacy or confidentiality.

EncryptionPlain text --------------------------------->

cipher text

Public key

Private key

Cipher key --------------------------------> plain



PUBLIC KEY CRYPTOGRA PHY:

( cont d )§ ADVANTAGES:

1. more secure and easy to configure the

systems.2. supports non-repudiation.

§ DISADVANTAGES:

1. slower compared to secret keycryptography.

2. cipher text is much larger than plain text.



HA SH A LGORITHMS:

§ it is also known as one way transformations.

§ it is a mathematical transformation that

takes a message of arbitrary length andcomputes from it a fixed length number.

§ PASSWORD HASHING: When a user types a

password, the system must store the

password encrypted because someone elsecan use it. To avoid this problem hashing is

used.



HA SH A LGORITHMS: ( c ont d )

§ MESSAGE INTEGRITY: Cryptographic hash

functions can be used to protect the integrity

of a message transmitted over insecuremedia.

§ MESSAGE FINGERPRINT: We can know

whether some data stored has been modified

from one day to the next, if we save that datastructure with a hash function.



HA SH A LGORITHMS: ( c ont d )

§ DIGITAL SIGNATURES: can be efficiently

implemented using hash functions.

§ KEY SIZE: This has major role for amount of security. If the algorithm is inherently strong,

then it can be assumed that the larger the key

size for the ciphers, the harder it is for a

hacker to perform an attack on the ciphertext.

§ HYBRID SYSTEMS: Just one crypto-system

will not solve every problem. Most systems in



CONCLUSION:

Everyone has a different idea of what

``security'' is, and what levels of risk are

acceptable. when new security methods aredeveloped, breaking of these methods has

increased. Cryptography is evergreen and

developments in this area are a better option.

network security(seminar part2)

Documents