Upload
haritha-devinani
View
219
Download
0
Embed Size (px)
Citation preview
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 1/25
NETWORK SECURITY &NETWORK SECURITY &
CRYPTOGRAPHY CRYPTOGRAPHY
BY BY
D.HARITHA (cse )D.HARITHA (cse )
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 2/25
CONTENTS:CONTENTS:
IntroductionIntroduction
networks aspectsnetworks aspects
Security servicesSecurity services
Security threats/ AttacksSecurity threats/ Attacks
Fire wallsFire walls
Security mechanismsSecurity mechanisms
CryptographyCryptography Types of cryptographyTypes of cryptography
ConclusionConclusion
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 3/25
I NTRODUCT ION:I NTRODUCT ION:
What is network?What is network?
Why we need network security?Why we need network security?
What is the role of cryptographyWhat is the role of cryptography
in network security?in network security?
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 4/25
Aspects of Security: Aspects of Security:
consider 3 aspects of informationconsider 3 aspects of informationsecurity:security:
security attacksecurity attacksecurity mechanismsecurity mechanism
security servicesecurity service
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 5/25
Security AttackSecurity Attack
information security is about how to prevent information security is about how to prevent attacks, or failing that, to detect attacks onattacks, or failing that, to detect attacks oninformationinformation--based systemsbased systems
oftenoften threat threat && attackattack used to mean sameused to mean samethingthing
have a wide range of attackshave a wide range of attacks
can focus of generic types of attackscan focus of generic types of attackspassivepassive
activeactive
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 6/25
Passive attacksPassive attacks
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 7/25
Active attacks Active attacks
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 8/25
A TT A CKS:A TT A CKS:
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 9/25
SECUR I TY SERV ICES SECUR I TY SERV ICES
enhance security of data processing systemsenhance security of data processing systemsand information transfers of an organizationand information transfers of an organization
intended to counter security attacksintended to counter security attacks
using one or more security mechanismsusing one or more security mechanisms
often replicates functions normally associatedoften replicates functions normally associatedwith physical documentswith physical documents
which, for example, have signatures, dates; needwhich, for example, have signatures, dates; needprotection from disclosure, tampering, orprotection from disclosure, tampering, ordestruction; be notarized or witnessed; bedestruction; be notarized or witnessed; berecorded or licensedrecorded or licensed
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 10/25
SECUR I TY SERV ICES SECUR I TY SERV ICES
1.1. CONFIDENTIALITY:CONFIDENTIALITY: Ensure that Ensure that information in a computer system andinformation in a computer system andtransmitted information are accessibletransmitted information are accessibleonly read by authorized parties.only read by authorized parties.
2.2. AUTHENTICATION: E AUTHENTICATION: Ensure that thensure that theorigin of message is correct.origin of message is correct.
3.3. INTEGRITY: EINTEGRITY: Ensure that only authorizednsure that only authorizedparties are able to modify computerparties are able to modify computersystems or transmitted information.systems or transmitted information.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 11/25
SECUR I TY SERV ICES SECUR I TY SERV ICES
4.4. NONNON--REPUDIATION:REPUDIATION: Requires that Requires that neither sender nor receiver of a messageneither sender nor receiver of a messageis able to deny the transmission.is able to deny the transmission.
5.5. ACCESS CONTROL ACCESS CONTROL: Requires that access: Requires that accessto information resources may beto information resources may becontrolled for target system.controlled for target system.
66. AVAILABILITY:. AVAILABILITY: The availability of The availability of computer systems must be only forcomputer systems must be only forauthorized parties when ever needed.authorized parties when ever needed.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 12/25
FIRE W ALL S:FIRE W ALL S:
oo Firewalls can be an effective means of Firewalls can be an effective means of protecting a local system or network of protecting a local system or network of systems from network based security threatssystems from network based security threatswhile at the same time, a firewall is simply awhile at the same time, a firewall is simply agroup of components that collectively form agroup of components that collectively form abarrier between two networks.barrier between two networks.
oo TY PES OF FIRE WALLS:TY PES OF FIRE WALLS:1. Application gate ways1. Application gate ways2. Packet filtering2. Packet filtering3. Hybrid systems3. Hybrid systems
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 13/25
FIRE W ALL S:FIRE W ALL S:
FIREWALL GLOBAL
INTERNET
I N S I D E OUTSIDE
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 14/25
SECUR I TY MECHA NI S M S: SECUR I TY MECHA NI S M S:
A mechanism that is designed to detect, A mechanism that is designed to detect,prevent, or recover from a security attack.prevent, or recover from a security attack.Cryptography and Steganographic areCryptography and Steganographic aresuch two techniques. Hence we focus onsuch two techniques. Hence we focus ondevelopment, use and management of development, use and management of CryptographicCryptographic techniques.techniques.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 15/25
CRYPTOGR A PHY:CRYPTOGR A PHY:
The word cryptography is derived fromThe word cryptography is derived fromGreek means secret writing.Greek means secret writing.
the process of encoding and decoding thethe process of encoding and decoding the
data is called cryptography.data is called cryptography. encryption refers to the transformation of encryption refers to the transformation of
data from plain text to cipher text.data from plain text to cipher text. decryption refers to the transformation of decryption refers to the transformation of
cipher text to original data.cipher text to original data. this process requires a key in order tothis process requires a key in order to
provide security or privacy for the data.provide security or privacy for the data.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 16/25
CRYPTOGR A PHY: CRYPTOGR A PHY:
Su bstit ution ciph er:Su bstitution ciph er:
Plaint ext lett erPlaint ext lett er
A A B C D E F GB C D E F G HHCiph erCiph er t ext lett ert ext lett er
F H E A C D G BF H E A C D G B
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 17/25
CRYPTOGR A PHY:CRYPTOGR A PHY:
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 18/25
TYPES OF CRYPTOGR A PHY: TYPES OF CRYPTOGR A PHY:
There are types of cryptographicThere are types of cryptographicalgorithms. They arealgorithms. They are
1.1. secret key algorithmsecret key algorithm
2.2. public key algorithmpublic key algorithm
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 19/25
SECRET KEY CRYPTOGR A PHY: SECRET KEY CRYPTOGR A PHY:
it involves the use of single key.it involves the use of single key.
it is also known as symmetricit is also known as symmetriccryptography.cryptography.
EncryptionEncryption
PlainPlain text text ------------------------------------> cipher> cipher text text
KeyKey
Cipher text Cipher text------------------------------------> plain text > plain text DecryptionDecryption
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 20/25
SECRET KEY CRYPTOGR A PHY: SECRET KEY CRYPTOGR A PHY:
ADVANTAGE S: ADVANTAGE S:
1.widely used and very popular.1.widely used and very popular.
2. very fast relative to public key2. very fast relative to public keycryptography.cryptography.3.cipher text is compact.3.cipher text is compact.
D IS ADVANTAGE S:D IS ADVANTAGE S:
1. administration of keys become extremely1. administration of keys become extremelycomplicated.complicated.
2. key is subject to interception by hackers.2. key is subject to interception by hackers.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 21/25
PUBLIC KEY CRYPTOGR A PHY:PUBLIC KEY CRYPTOGR A PHY:
it is also known as asymmetric cryptography.it is also known as asymmetric cryptography. it is used to provide privacy or confidentiality.it is used to provide privacy or confidentiality.
EncryptionEncryption
PlainPlain texttext ------------------------------------------------------------------>> cipherciphertexttextPublic keyPublic key
Private keyPrivate keyCipher keyCipher key ---------------------------------------------------------------->>plain textplain text
DecryptionDecryption
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 22/25
PUBLIC KEY CRYPTOGR A PHY: PUBLIC KEY CRYPTOGR A PHY:
ADVANTAGES: ADVANTAGES:
1. more secure and easy to configure the1. more secure and easy to configure thesystems.systems.
2. supports non2. supports non--repudiation.repudiation. DISADVANTAGES:DISADVANTAGES:
1. slower compared to secret key1. slower compared to secret key
cryptography.cryptography.2. cipher text is much larger than plain2. cipher text is much larger than plaintext.text.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 23/25
CONCL USION:CONCL USION:
Everyone has a different idea of Everyone has a different idea of what ``security'' is, and what levels of riskwhat ``security'' is, and what levels of riskareare acceptable.acceptable. when new securitywhen new securitymethods are developed, breaking of thesemethods are developed, breaking of thesemethods has increasedmethods has increased.. Cryptography isCryptography isevergreen and developments in this areaevergreen and developments in this area
are a better option.are a better option.
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 24/25
8/8/2019 28635625 Network Security Cryptography m Susmitha i t
http://slidepdf.com/reader/full/28635625-network-security-cryptography-m-susmitha-i-t 25/25
2525
Why do we need Cryptography?Why do we need Cryptography?
Computers are used by millions of people for many purposes
Banking
Shopping
Tax returns
Protesting
Military
Student records
Privacy is a crucial issue in many of these applications
Security is to make sure that nosy people cannot read or secretlymodify messages intended for other recipients