Network securities cn
-
Upload
dhaval-bhatia -
Category
Technology
-
view
110 -
download
0
Transcript of Network securities cn
NETWORK SECURITY
1012021:- Chiranjeev Shah
1012025:- Dhaval Bhatia
1012027:- Dipesh Ingawle
Introduction to Cryptography
Cryptography is a word from Greek where crpyto means "hidden, secret"; and graphy means "writing" or "study“ . It is the practice and study of techniques for secure communication in the presence of third parties .
More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity and authentication.
Applications of Cryptography
Applications of cryptography include ATM cards, computer passwords, and electronic commerce.
German Lorenz cipher machine, used inWorld War II to encrypt very-high-level general staff messages
Cryptography components
ALICE , BOB and EVE
In cryptography, it is customary to use three Characters in an information exchange.
ALICE:- who Needs to send the DATA.
BOB:- recipient of the DATA
EVE:- person who somehow disturbs the communication between Alice and Bob
Categories of cryptography
Symmetric-key cryptography
In symmetric-key cryptography, the In symmetric-key cryptography, the same key is used by the sendersame key is used by the sender
(for encryption) (for encryption) and the receiver (for decryption).and the receiver (for decryption).
The key is shared.The key is shared.
Asymmetric-key cryptography
Keys used in cryptography
Comparison between two categories of cryptography
SECURITY SERVICESSECURITY SERVICES
Network security can provide five services. Four of these Network security can provide five services. Four of these services are related to the message exchanged using the services are related to the message exchanged using the network. The fifth service provides entity authentication network. The fifth service provides entity authentication or identification.or identification.
Message ConfidentialityMessage ConfidentialityMessage IntegrityMessage Integrity
Message AuthenticationMessage AuthenticationMessage NonrepudiationMessage Nonrepudiation
Entity AuthenticationEntity Authentication
Message Confidentiality
The concept of how to achieve message confidentiality or privacy The concept of how to achieve message confidentiality or privacy has not changed for thousands of years. The message must be has not changed for thousands of years. The message must be encrypted at the sender site and decrypted at the receiver site. encrypted at the sender site and decrypted at the receiver site. This can be done using either symmetric-key cryptography or This can be done using either symmetric-key cryptography or asymmetric-key cryptography. asymmetric-key cryptography.
Message confidentiality using symmetric keys in two directions
Message confidentiality using asymmetric keys
MESSAGE INTEGRITYMESSAGE INTEGRITY
Encryption and decryption provide secrecy, or confidentiality, Encryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasion we may not even need but not integrity. However, on occasion we may not even need secrecy, but instead must have integrity. secrecy, but instead must have integrity.
To preserve the integrity of a document,To preserve the integrity of a document,both the document and the fingerprint are both the document and the fingerprint are
needed.needed.
Message and message digest
The message digest needs to be kept secret.The message digest needs to be kept secret.
MESSAGE AUTHENTICATIONMESSAGE AUTHENTICATION
A hash function per se cannot provide authentication. The A hash function per se cannot provide authentication. The digest created by a hash function can detect any modification digest created by a hash function can detect any modification in the message, but not authentication. in the message, but not authentication.
DIGITAL SIGNATUREDIGITAL SIGNATURE
When Alice sends a message to Bob, Bob needs to check the When Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to be sure that the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve. Bob can ask Alice to message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically. In other words, an electronic sign the message electronically. In other words, an electronic signature can prove the authenticity of Alice as the sender of signature can prove the authenticity of Alice as the sender of the message. We refer to this type of signature as a digital the message. We refer to this type of signature as a digital signature.signature.
A digital signature needs a public-key system.A digital signature needs a public-key system.
ENTITY AUTHENTICATIONENTITY AUTHENTICATION
Entity authentication is a technique designed Entity authentication is a technique designed to let one party prove the identity of another to let one party prove the identity of another party. An entity can be a person, a process, a party. An entity can be a person, a process, a client, or a server. The entity whose identity client, or a server. The entity whose identity needs to be proved is called the claimant; needs to be proved is called the claimant; the party that tries to prove the identity of the party that tries to prove the identity of the claimant is called the verifier. the claimant is called the verifier.
In challenge-response authentication,the claimant proves that she knows a secret
without revealing it.
KEY MANAGEMENTKEY MANAGEMENT
We never discussed how secret keys in We never discussed how secret keys in symmetric-key cryptography and how public symmetric-key cryptography and how public keys in asymmetric-key cryptography are keys in asymmetric-key cryptography are distributed and maintained. In this section, distributed and maintained. In this section, we touch on these two issues. We first we touch on these two issues. We first discuss the distribution of symmetric keys; discuss the distribution of symmetric keys; we then discuss the distribution of we then discuss the distribution of asymmetric keys.asymmetric keys.
A session symmetric key between two parties is A session symmetric key between two parties is used only once.used only once.
Thank You
K. J. SOMAIYA COLLEGE OF ENGINEERINGElectronics Engineering