Visit: www.geocities.com/chinna_chetan05/forfriends.html
CRYPTOGRAPHY AND NETWORK SECURITY
1 Email:
[email protected]
Visit: www.geocities.com/chinna_chetan05/forfriends.html
Contents: Abstract \
u
2
0
2
2
Introduction
\
u
2
0
2
2
Network Security Problems
\
u
2
0
2
2
Key process Techniques
\
u
2
0
2
2
Advanced cryptographic technique
\ u e 0 0 0 \
u
2
0
2
2
Steganography
Cryptographic technologies
\ u e 0 0 0 \ u e 0 0 0
Based on layers Based on algorithms
\
u
2
0
2
2
Applications of cryptography
\
u
2
0
2
2
Application of network security
\
u
2
0
2
2
Conclusion
2 Email:
[email protected]
Visit: www.geocities.com/chinna_chetan05/forfriends.html
CRYPTOGRAPHY
NETWORK SECURITY
CRYPTOGRAPHY AND NETWORKSECURITY ABSTRACT \u201cSECURITY\u201d in this
preceded by information gathering. Movie gangsters \u201ccase the joint\u201d; soldiers \u201cscout the area\u201d. This is also true in the cyber world. Here the \u201cbad
contemporary scenarios has become a
guys\u201d are referred to as intruders,
more sensible issue either it may be in
eavesdroppers, hackers, hijackers, etc.
The intruders would first have a the \u201cREAL WORLD\u201d or in the \u201cCYBER panoramic view of the victims network WORLD\u201d. In the real world as opposed to the cyber world an attack is often
and then start digging the holes.
3 Email:
[email protected]
Visit: www.geocities.com/chinna_chetan05/forfriends.html Today the illicit activities of
security breaches and eavesdroppers, the
the hackers are growing by leaps and
technological prowess has been
bounds, viz., “THE RECENT ATTACK
stupendously developed to defy against
ON THE DNS SERVERS HAS
each of the assaults. Our paper covers
CAUSED A LOT OF HULLABALOO
the ADVANCED technical combats that
ALL OVER THE WORLD”. However,
have been devised all through the way,
fortunately, the antagonists reacted
thus giving birth to the notion of
promptly and resurrected the Internet
“NETWORK -SECURITY”. Various
world from the brink of prostration.
antidotes that are in fact inextricable
Since the inception of
with security issues are – Cryptography,
conglomerating Computers with
Authentication, Integrity and Non
Networks the consequence of which
Repudiation, Key Distribution and
shrunk the communication
certification, Access control by
world,hitherto, umpteen ilks of security
implementing Firewalls etc.
breaches took their origin. Tersely quoting some security ditherers –
To satiate the flaws in the network
Eavesdropping, Hacking, Hijacking,
security more and more advanced
Mapping, Packet Sniffing, 1Spoofing,
security notions are being devised day
DoS & DDoS attacks, etc.
by day. Our paper covers a wide
Newton’s law says “Every action has got perspective of such arenas where the an equal but opposite reaction”. So is
contemporary cyber world is revolving
the case with this. Nevertheless the
around viz.
.
Introduction:
Network security deals with the problems of legitimate messages being captured and replayed. Network security is the effort to create a secure computing platform. The action in question can be reduced to operations of access, modification and deletion. Many people
pay great amounts of lip service to security but do not want to be bothered with it when it gets in their way. It’s important to build systems and networks in such a way that the user is not constantly reminded of the security system. Users who find security policies and systems to restrictive will find ways around them. It’s important to get their
4 Email:
[email protected]
Visit: www.geocities.com/chinna_chetan05/forfriends.html feed back to understand what can be
Cryptography enables you to store
improved, the sorts of risks that are
sensitive information or transmit it
deemed unacceptable, and what has been across insecure networks (like the done to minimize the organizations
internet)
exposure to them. Network security
So that it cannot be read by anyone
problems can be divided roughly into
expect the intended recipient. While
four intertwined areas:
cryptography is the science of securing
Secrecy, Authentication,
data, cryptanalysts are also called
Nonrepudation, and Integrity control.
attackers. Cryptology embraces both
•
Secrecy
has to do with
cryptography and cryptanalysis.
keeping information out of the hands of unauthorized users. •
Authentication
deals with
whom you are talking to before
KEY PROCESSTECHNIQUES:
revealing sensitive information or entering into a business deal. •
Nonrepudation deals with signatures.
•
Integrity control deals with long enterprises like banking, online networking.
There are three key process techniques. They are:
These problems can be handled by using cryptography, which provides means and
•
Symmetric-key encryption
•
A symmetric-key encryption
•
Hash functions
methods of converting data into unreadable from, so that valid User can access Information at the Destination.
Cryptography
is the science of
using mathematics to encrypt and decrypt data. 5 Email:
[email protected]
Symmetric-key encryption (one key):
Visit: www.geocities.com/chinna_chetan05/forfriends.html There is only one key in this
private key remains private. Data
encryption. That is private key. This
encrypted with the public key can be
key is only used for both encryption
decrypted only using the private key.
and decryption. This is also called as
Data encrypted with the private key
private-key encryption. In this
can be decrypted only using the
method the sender encrypt the data
public key. In the below figure, a
through private key and receiver
sender has the receiver’s public key
decrypt that data through that key
and uses it to encrypt a message, but
only.
only the receiver has the related private key used to decrypt the message.
Private Key method Private Key method
Asymmetric-key encryption (two keys): There are two keys in this encryption.
Public key method Hash functions:
They are: •
Public key
•
Private key
Two keys – a private
key,
An improvement on the public key scheme is the addition of a one-way hash function in the process. A oneway hash function takes variable
public key and a
which
are
mathematically related, are used in public-key encryption. To contrast it with symmetric-key encryption, public-key encryption is also some times called public-key encryption. In public key can be passed openly between the parties or published in a public repository, but the related 6 Email:
[email protected]
length input. In this case, a message of any length, even thousands or millions of bits and produces a fixedlength output; say, 160-bits. The function ensures that, if the information is changed in any way even by just one bit an entirely different output value is produced. As long as a secure hash function is used, there is no way to take someone’s signature from one
Visit: www.geocities.com/chinna_chetan05/forfriends.html Its goal is to prevent the detection of documents and attach it to another,
secret message.
or to alter a signed message in any
Steganography uses techniques to
way. The slightest change in signed
communicate information in a way
documents will cause the digital
that is a hidden. The most common
signature verification process to fail.
use of Steganography is hiding information image or sound within the information of another file by using a s tegokey such as password is additional information to further conceal a message. There are many reasons why Srteganography is used, and is often used in significant fields. It can be used to communicate with complete freedom even under conditions that
ADVANCED
are censured or monitored.
CRYPTOGRAPHIC
The Steganography is an effective
TECHNIQUE
means of hiding data, there by
STEGANOGRAPHY
protecting
the
data
from
unauthorized or unwanted viewing. INTRODUCTION:
But stego is simply one of many
Over the past couple of year’s
ways to protect confidentiality of
Steganography has been the source
data. Digital image steganography is
of a lot of discussion. Steganography
growing in use and application. In
is one of the fundamental ways by
areas where
which data can be kept confidential.
strong
Steganography hides the existence of
outlawed,
a
steganography to avoid these policies
message
by
transmitting
information through various carriers.
7 Email:
[email protected]
cryptography and
encryption
people
are
being
are
using
and to send these messages secretly.
Visit: www.geocities.com/chinna_chetan05/forfriends.html Although steganography is become CRYPTOGRAPHIC very popular in the near future.
TECHNOLOGIES Based on layers:
WHAT IS STEGANOGRAPHY?
The word steganography comes •
Link layer encryption
(hidden or secret) and “graphy”
•
Network layer encryption
(writing or drawing”) and literally
•
IPSEC, VPN, SKIP
means
writing.
•
Transport layer
Stegenography uses techniques to
•
SSL,
from the Greek name “stegnos”
hidden
that is hidden. The most common use of
•
Application layer
•
PEM
Steganography is hiding information or
sound within
the
information
to
further
conceal a message.
•
PGP (Pretty Good Privacy)
•
SHTTP
IS
many
STEGANOGRAPHY
security
tools,
steganography can be used for variety of reasons, some good, some not so good. Steganography can also be used as a way to make a substitute for a one-way hash value. Further, Steganography can be used to tag notes to online images.
Cryptographic process can be implemented at various at various layers
USED FOR?
Like
Enhanced
such as password is
additional
WHAT
(Privacy
Mail)
information of another file by using a stegokey
(private
Communication Technology)
communicate information in a way
image
PCT
starting from
the link layer all the
way up to the application layer. The most popular encryption scheme is SSL and it is implemented at the transport layer. If the encryption is done at the transport layer. If the encryption is done at the transport layer, any application that is running on the top of the transport layer can be protected.
Based on algorithms:
8 Email:
[email protected]
Visit: www.geocities.com/chinna_chetan05/forfriends.html Secret-key
is
encryption
practically
impossible.
algorithms (symmetric algorithms) •
DES
APPLICATIONS
(Data
OF CRYPTOGRAPHY
Encryption Standard)—
•
Defense service
•
Secure Data Manipulation
112bitkey
•
E-Commerce
IDEA
•
Business Transactions
(International
•
Internet Payment Systems
Data Encryption
•
Pass
56bitkey •
•
Triple
DES—
Algorithm)— •
algorithms (Asymmetric algorithms)
impossible.
•
Identification
•
Access control
•
Computational Security
•
Secure access to Corp Data
Diffie-Hellman (DH): Exponentiation is
from the resulting value is practically
User Systems
encryption
easy but computing discrete algorithms
Secure
Internet Comm.
128bitkey Public-key
Phrasing
•
Data Security
APPLICATIONS
OF
NETWORK
SECURITY
RSA:
Multiplication of two large prime numbers is easy but factoring the resulting product
9 Email:
[email protected]
Computer
networks
were
primarily used by university researchers for sending email, and by corporate employees for sharing printers. Under these conditions, security did not get a lot of attention.
Visit: www.geocities.com/chinna_chetan05/forfriends.html decide
is
whether what
proposed will be conflict with your security policies and practices.
But now, as millions of ordinary citizens are using
is
Security
networks for:
everybody’s business, and only with everyone’s cooperation,
•
Banking
intelligent
•
Shopping
consistent practices, will it be
•
Filling
achievable.
their
and
policy,
Cryptography
tax
protects users by providing
returns
functionality for the encryption of data and authentication of other users. This technology
CONCLUSION:
lets
Network security is a very idea
of
receiver
an
sender, ensures that a message
what
can be read only by the
“security” is, and what levels
intended person, and assures
of risks are acceptable. The key
the recipient that a message has
for building a secure network is
not be altered in transmit. The
to define what security means
Cryptography
to your organization. Once that
Attacking
techniques like Cryptanalysis
has been defined, everything
and Brute Force Attack. This
that goes on with. The network
paper provides information of
can be evaluated with respect
Advance
to the policy. Projects and
Techniques.
systems can then be broken down into their components, and it becomes much simpler to
of
electronic messages verify the
difficult topic. Every one has a different
the
BIBOLOGRAPHY:
10 Email:
[email protected]
Cryptography
Visit: www.geocities.com/chinna_chetan05/forfriends.html
•
“Computer Networks ”, by Andrew S.Tanunbaum
•
“Fighting Steganography detection” by Fabian Hansmann
•
“Network
security”
by
Andrew S.Tanenbaum •
“Cryptography
and
Network Security” by William Stallings •
“Applied Cryptography” by
Bruce
Schneier,
JohnWillley and Sons Inc •
URL: http://www.woodmann.co m/fravia/fabian2.html.
•
URL: http://www.jjtc.com/stegd oc/sec202.html.
11 Email:
[email protected]