-
8/8/2019 479624_634179597380063750
1/23
-
8/8/2019 479624_634179597380063750
2/23
M PRADEEP KUMAR & P RAHUL
HT.NO 08AU1A0559 08AU1A0571
1ST B.TECH
CSE BRANCH
GNYANA SARASWATI COLLEGE OF ENG.&TECHNOLOGY
DHARMARAM(B)
-
8/8/2019 479624_634179597380063750
3/23
Information security means protecting information and
information systems
from unauthorized access, use, disclosure, disruption,
modification, or
destruction
Cryptography (from Greek "hidden, secret") is the practice and
study of hiding
information
Information security is concerned with the confidentiality,
integrity and
availability of data regardless of the form the data may take:
electronic, print,
or other forms.Cryptography is used in applications present in
technologically advanced
societies; examples include the security ofATM cards, computer
passwords,
and electronic commerce, which all depend on cryptography.
-
8/8/2019 479624_634179597380063750
4/23
Information security uses cryptography to transform usable
information
into a form that renders it unusable by anyone other than an
authorized
user; this process is called encryption
Encrypted information can be transformed back into its original
form byan authorized user, who possesses the cryptographic key,
through the
process of decryption
Cryptography is used in information security to protect
information from
unauthorized users while the information is in transit and
storage
Cryptography provides information security with improved
authentication
methods, message digests, digital signatures, and encrypted
network
communications
-
8/8/2019 479624_634179597380063750
5/23
Modern Information Security
Computer Security
It mainly focuses on shared system, such as time-sharing system
andnecessary to provide some tools to protect file and other
information stored
on the computer
Network (Communication) SecurityIt mainly concerns distributed
system, such as internet and its purpose is to
protect the information over the internet
It also focuses on measures to deter, prevent, detect and
correct security
violations that involve the transmission of information.
-
8/8/2019 479624_634179597380063750
6/23
Confidentiality : Information is accessible only for reading
Authentication :Information is correctly identified, with an
assurance
that identity is not false
Integrity :Only authorized parties are able to modify
computersystem assets and transmitted information
Nonrepudiation :Both the sender and receiver of message are
unable
to deny the transmission.
Access Control : Requires that access to information resources
maybe
controlled by or for the target system..
-
8/8/2019 479624_634179597380063750
7/23
Source Destination
INTERRUPTION
Source Destination
INTERCEPTION
Source Destination
MODIFICATION
Source Destination
FABRICATION
-
8/8/2019 479624_634179597380063750
8/23
Passive Attacks
Passive threats
Interception
Release of message contents Traffic analysis
Active Attacks
Passive threats
Interruption
(availability)
Fabrication
(authenticity)
Modification
(integrity)
-
8/8/2019 479624_634179597380063750
9/23
Integrity
Confidentiality
Avaliability
-
8/8/2019 479624_634179597380063750
10/23
The art or science encompassing the principles and methods
of
transforming an intelligible message into unintelligibleone, and
then
retransforming that message back to original form.
Plaintext
Ciphertext
Cipher
Key
code
Encipher(encode)
Decipher(decode)
Cryptanalysis
Cryptology
-
8/8/2019 479624_634179597380063750
11/23
-
8/8/2019 479624_634179597380063750
12/23
The development of digital computers
and electronics afterWWII made
possible much more complex ciphers
Many computer ciphers can be charact-
erized by their operation on binary bit
sequences,unlike classical and
mechanical schemes
The Enigma machine, used, in several
variants, by the German military
between the late 1920s and the end of
WorldWar II
Enigma machine
-
8/8/2019 479624_634179597380063750
13/23
Cryptography, then, not only protects data from theft or
alteration, but
can also be used for user authentication. There are, in general,
three
types of cryptographic schemes typically used to accomplish
these goals
Secret key cryptography (or symmetric)
Public-key cryptography (or asymmetric)
Hash functions,
-
8/8/2019 479624_634179597380063750
14/23
In this form single key is used for both encryption and
decryption
The sender uses the key to encrypt the plaintext and sends
the
ciphertext to the receiver. The receiver applies the same key to
decrypt
the message and recover the plaintext
Because a single key is used for both functions, secret key
cryptography is also called symmetric encryption
-
8/8/2019 479624_634179597380063750
15/23
Secret key cryptography schemes are generally categorized as
being
either stream ciphers or block ciphers.
Stream ciphers operate on a single bit (byte or computer word)
at a
time and implement some form of feedback mechanism so that
the
key is constantly changing.
A block cipher is so-called because the scheme encrypts one
block
of data at a time using the same key on each block.
In general, the same plaintext block will always encrypt to the
sameciphertext when using the same key in a block cipher whereas
the
same plaintext will encrypt to different ciphertext in a stream
cipher.
-
8/8/2019 479624_634179597380063750
16/23
-
8/8/2019 479624_634179597380063750
17/23
Hash functions, also called message digests and one-way
encryption,
are algorithms that, in some sense, use no key
A fixed-length hash value is computed based upon the plaintext
that
makes it impossible for either the contents or length of the
plaintext to berecovered.
Hash algorithms are typically used to provide a digital
fingerprint of a
file's contents and are also commonly employed by many
operating
systems to encrypt passwords and then, provide a measure of
the
integrity of a file
-
8/8/2019 479624_634179597380063750
18/23
Combines all functions to form a secure transmission comprising
digital signature and
digital envelope
-
8/8/2019 479624_634179597380063750
19/23
Nearly all modern network operating systems employ passwords
at
the very least to protect and authenticate users accessing
computer
and network resources
But passwords are not typically kept on a host or server in
plaintext,but are generally encrypted using some sort of hash
scheme
As the passwords are not saved in plaintext on computer
systems
precisely,they cannot be easily compromised.
An even stronger authentication method uses the password to
modifya shared secret between the client and server, but never
allows the
password in any form to go across the network.
-
8/8/2019 479624_634179597380063750
20/23
PGP can be used to sign or encrypt e-mail messages with the
mere
click of the mouse
Depending upon the version ofPGP, the software uses SHA or
MD5
for calculating the message hash; CAST, Triple-DES, or IDEA
forencryption; and RSA or DSS/Diffie-Hellman for key exchange
and
digital signatures.
PGP is available as a plug-in for many e-mail clients, such as
Claris
Emailer, Microsoft Outlook and Qualcomm Eudora
Pretty Good Privacy (PGP) is one of today's most widely used
public key cryptography programs, developed by Philip
Zimmermann
in the early 1990s
-
8/8/2019 479624_634179597380063750
21/23
In typical applications workstation are attached to LAN. The
user
can reach other hosts, workstations and servers in the same
LAN
that are interconnected via bridges and routers.
Transmissions from station to station is visible on the LAN to
allstation. Data is transmitted in the form of packets which
contain
source/destination Ids, and other information.
On this basis, an eavesdropper can monitor and capture
traffic
packets. Eavesdropper needs not be a local LAN user; it could
be
anyone to whom the LAN offers a dial-up capacity.
Eavesdropping may also occur in any of the communication
links
which provide connectivity to the system
-
8/8/2019 479624_634179597380063750
22/23
Link Encryption
Each vulnerable communication link is equipped on both end with
an
encryption devices
End-to-End EncryptionData is encrypted only at the source node
and decrypted at the destination
node
Problem
Data consists of packets have a header portion and content
portion. we canencrypt the header. So the data is secure and the
traffic pattern is not
Solution
Use a combination of above two approaches.
-
8/8/2019 479624_634179597380063750
23/23
