Abstract image of a woman sitting on books and studying on a laptop

Bt0088 cryptography and network security1

Techglyphs, profile picture
Techglyphs

The document discusses various topics related to cryptography and network security including: 1. The need for network security to prevent damage to organizations from hostile software or intruders. 2. Security attacks are any actions that compromise information security, while vulnerabilities are weaknesses that can be exploited by threats to cause harm. 3. The difference between substitution and transposition techniques for encryption, where substitution exchanges letters and transposition rearranges them. 4. Caesar cipher encryption of a sample plaintext using a key of 3.

Education
1 of 17
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
1 Cryptography and Network Security BT0088 Part-1 By Milan K Antony
2 1. Explain the need for network security. Computer security is required because many organizations will be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:  Damage or destruction of computer systems.  Damage or destruction of internal data.  Loss of sensitive information to hostile parties.  Use of sensitive information to steal elements of monitary value.  Use of sensitive information against the customers which may result in legal action by customers against the organization and loss of customers.  Damage to the reputation of an organization.  Monitory damage, due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the reputation of the organization. The methods used to accomplish these unscrupulous objectives are many and varied depending on the circumstances. 2. What is security attack? Explain with examples. Any action that compromises the security of information owned by an organization is called security attack. Those who execute such actions, or cause them to be executed, are called attackers or opponents. Computer-based system has three interrelated and valuable components namely, hardware, software, and data. Each of these assets offers value to different members of the community affected by the system. To analyze security, we can
3 brainstorm about the ways in which the system or its information can experience some kind of loss or harm Vulnerability is a weakness in the security system, For example, you can see certain system does not verify a user's identity or password before allowing them to access the data. A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. The threats to computing system would be either human-initiated or computer-initiated. A human who exploits the vulnerability perpetrates an attack on the system. An attack can also be launched by another system, as when one system sends an overwhelming set of messages to another, virtually shutting down the second system's ability to function. we have seen this type of attack frequently, as denial-of-service attacks flood servers with more messages than they can handle. 3. What is the difference between substitution and transposition techniques? Substitutions are the simple form of encryption in which one letter is exchanged for another. A substitution is an acceptable way of encrypting text. Here is few examples.The Caesar cipher has an important place in history. Julius Caesar is said to have been the first to use this scheme, in which each letter is translated to a letter a fixed number of places after it in the alphabet. Caesar used a shift of 3, so that plaintext letter pi was enciphered as ciphertext letter ci by the rule .A one-time pad is sometimes considered the perfect cipher. The name comes from an encryption method in which a large, nonrepeating set of keys is written on sheets of paper, glued together into a pad. The Vernam Cipher is a type of one-time pad devised by Gilbert Vernam for AT&T. The Vernam cipher is immune to most cryptanalytic
4 attacks. The basic encryption involves an arbitrarily long nonrepeating sequence of numbers that are combined with the plaintext. Vernam's invention used an arbitrarily long punched paper tape that fed into a teletype machine. The tape contained random numbers that were combined with characters typed into the teletype. The sequence of random numbers had no repeats, and each tape was used only once. As long as the key tape does not repeat or is not reused, this type of cipher is immune to cryptanalytic attack because the available ciphertext does not display the pattern of the key .Example: transposition techniques The goal of substitution is confusion; the encryption method is an attempt to make it difficult for a cryptanalyst or intruder to determine how a message and key were transformed into cipher-text. A transposition is an encryption in which the letters of the message are rearranged. With transposition, the cryptography aims for diffusion, widely spreading the information from the message or the key across the ciphertext. Transpositions try to break established patterns. Because a transposition is a rearrangement of the symbols of a
5 message, it is also known as a permutation. A simplest transposition technique is Columnar Transpositions. The columnar transposition is a rearrangement of the characters of the plaintext into columns. The following set of characters is a five-column transposition. The plaintext characters are written in rows of five and arranged one row after another, as shown here. c1 c2 C3 c4 c5 c6 c7 C8 c9 c10 c11 c12 etc. You form the resulting ciphertext by reading down the columns Encipherment / Decipherment Complexity
6 This type is again arranging the letters and reading them off again. Therefore, the algorithm requires a constant amount of work per character, and the time needed to apply the algorithm is proportional to the length of the message. Digrams, Trigrams, and Other Patterns Just as there are characteristic letter frequencies, there are also characteristic patterns of pairs of adjacent letters, called digrams. Letter pairs such as -re-, -th-, -en-, and -ed- appear very frequently 4. Using Caesar Cipher encrypt the plaintext “Sikkim Manipal University” using key value Plaintext ABCDEFGHIJKLMNOPQRSTUVWXYZ Ciphertext d e f g h i j k l m n o p q r s t u v w x y z a b c SIKKIM MANIPAL UNIVERSITY would be encoded as SIKKIM MANIPAL UNIVERSITY vl nnl p pd qls do x q ly huv lwb
7 5. Explain different characteristics that identify a good encryption technique. 1. The implementation of the process should be as simple as possible. Principle 3 was formulated with hand implementation in mind: A complicated algorithm is prone to error or likely to be forgotten. With the development and popularity of digital computers, algorithms far too complex for hand implementation became feasible. Still, the issue of complexity is important. People will avoid an encryption algorithm whose implementation process severely hinders message transmission, thereby undermining security. And a complex algorithm is more likely to be programmed incorrectly 2. The enciphering algorithm and set of keys used should be less complex. This principle implies that we should restrict neither the choice of keys nor the types of plaintext on which the algorithm can work. For instance, an algorithm that works only on plaintext having an equal number of As and Es is useless. Similarly, it would be difficult to select keys such that the sum of the values of the letters of the key is a prime number. Restrictions such as these make the use of the encipherment prohibitively complex. If the process is too complex, it will not be used. Furthermore, the key must be transmitted, stored, and remembered, so it must be short. 3. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. Principle 1 is a reiteration of the principle of timeliness and of the
8 earlier observation that even a simple cipher may be strong enough to deter the casual interceptor or to hold off any interceptor for a short time. 4. Errors in ciphering should not propagate and cause corruption of further information in the message. Principle 4 acknowledges that humans make errors in their use of enciphering algorithms. One error early in the process should not throw off the entire remaining ciphertext. 5. The size of the original message and that of enciphered text should be at most same. 6. Compare Symmetric and Asymmetric Encryption Systems. The two basic kinds of encryption systems are key based and block based. Key based encryption is based on either single key or multiple keys. Block based encryption is based on either stream or block of characters We have two types of encryptions based on keys they are symmetric (also called "secret key") and asymmetric (also called "public key"). Symmetric algorithms use one key, which works for both encryption and decryption. Usually, the decryption algorithm is closely related to the encryption one The symmetric system means both encryption and the decryption are performed using the same key. They provide a two-way channel to their users: A and B share a secret key, and they can both encrypt information to send to the other as well as decrypt information from the other. As long as the key remains secret, the system also provides authentication, proof that a message received was not fabricated by someone other than the declared sender. Authenticity is ensured because only the legitimate sender can produce a message that will decrypt properly with the shared key. Public key systems, on the other hand, excel at key management. By the
9 nature of the public key approach, you can send a public key in an e-mai message or post it in a public directory. Only the corresponding private key, which presumably is kept private, can decrypt what has been encrypted with the public key. For both kinds of encryption, a key must be kept well secured. Once the symmetric or private key is known by an outsider, all messages written previously or in the future can be decrypted (and hence read or modified) by the outsider. So, for all encryption algorithms, key management is a major issue. It involves storing, safeguarding, and activating keys 7. Give the Overview of DES Algorithm. The most widely used encryption scheme is based on Data Encryption standard. Data Encryption Standard (DES), a system developed for the U.S. government, was intended for use by the general public The Data Encryption Standard (DES) specifies an algorithm to be implemented in electronic hardware devices and used for the cryptographic protection of computer data ... Encrypting data converts it to an unintelligible form called cipher. Decrypting cipher converts the data back to its original form. The algorithm... specifies both enciphering and deciphering operations which are based on a binary number called a key … Data can be recovered from cipher only by using exactly the same key used to encipher it.
10 The Data Encryption algorithm is a combination of both substitution as well as transposition technique. The strength of DES technique is improved when it uses both the techniques together. It uses both the technique repeatedly i.e., one on the top of other for a total of 16 cycles. The sheer complexity of tracing a single bit through 16 iterations of substitutions and transpositions has so far stopped researchers in the public from identifying more than a handful of general properties of the algorithm. The algorithm begins by encrypting the plaintext as blocks of 64 bits. The key is 64 bits long, but in fact it can be any 56-bit number. (The extra 8 bits are often used as check digits and do not affect encryption in normal implementations.) The user can change the key at will any time there is uncertainty about the security of the old key.
11 The iterative substitutions and permutations are performed as outlined in Figure DES uses only standard arithmetic and logical operations on numbers up to 64 bits long, so it is suitable for implementation in software on most current computers. Although complex, the algorithm is repetitive, making it suitable for implementation on a single-purpose chip. 8. Explain RSA technique with an example. RSA stands for Rivest, Shamir, and Adleman, the people who invented the algorithm at MIT in 1978 which uses two keys: a private key and a public key. Typically, private key algorithms such as DES can't protect against fraud by the sender or the receiver of a message
12 RSA is an exponentiation cipher. You have to follow the following two steps. 1. Choose two large prime numbers p and q, and let n = pq. The totient Ø(n) of n is the number of numbers less than n with no factors in common with n. Example: Let n = 10. The numbers that are less than 10 and are relatively prime to (have no factors in common with) n are 1, 3, 7, and 9. Hence, Ø (10) = 4. Similarly, if n = 21, the numbers that are relatively prime to n are 1, 2, 4, 5, 8, 10, 11, 13, 16, 17, 19, and 20. So Ø(21) = 12. 2. Choose an integer e < n that is relatively prime to Ø(n). Find a second integer d such that ed mod Ø(n) = 1. The public key is (e, n), and the private key is d. Let m be a message. Then: c = me mod n and m = cd mod n. Example: Let p = 7 and q = 11. Then n = 77 and Ø(n) = 60. Alice chooses e = 17, so her private key is d = 53. In this cryptosystem, each plaintext character is represented by a number between 00 (A) and 25 (Z); 26 represents a blank. Bob wants to send Alice the message "HELLO WORLD." Using the representation above, the plaintext is 07 04 11 11 14 26 22 14 17 11 03. Using Alice's public key, the ciphertext is 0717 mod 77 = 28 0417 mod 77 = 16 1117 mod 77 = 44
13 ... 0317 mod 77 = 75 or 28 16 44 44 42 38 22 42 19 44 75. RSA can provide data and origin authentication. If Alice enciphers her message using her private key, anyone can read it, but if anyone alters it, the (altered) ciphertext cannot be deciphered correctly. Example: Suppose Alice wishes to send Bob the message "HELLO WORLD" in such a way that Bob will be sure that Alice sent it. She enciphers the message with her private key and sends it to Bob. As indicated above, the plaintext is represented as 07 04 11 11 14 26 22 14 17 11 03. Using Alice's private key, the ciphertext is 0753 mod 77 = 35 0453 mod 77 = 09 1153 mod 77 = 44 ... 0353 mod 77 = 05
14 or 35 09 44 44 93 12 24 94 04 05. In addition to origin authenticity, Bob can be sure that no letters were altered. 9. Explain different approaches used in judging the quality of security. "secure”, it means that security implies some degree of trust that the program enforces expected confidentiality, integrity, and availability Fixing Faults One approach to judge quality in security is fixing faults. You might argue that a module in which 100 faults were discovered and fixed is better than another in which only 20 faults were discovered and fixed, suggesting that more rigorous analysis and testing had led to the finding of the larger number of faults. Early work in computer security was based on the paradigm of "penetrate and patch," in which analysts searched for and repaired faults. Often, a top- quality "tiger team" would be convened to test a system's security by attempting to cause it to fail. The test was considered to be a "proof" of security; if the system withstood the attacks, it was considered secure. Unfortunately, far too often the proof became a counterexample, in which not just one but several serious security problems were uncovered. The problem discovery in turn led to a rapid effort to "patch" the system to repair or restore the security. However, the patch efforts were largely useless, making the system less secure rather than more secure because they frequently introduced new faults. There are three reasons why.  The fault often had non-obvious side effects in places other than the immediate area of the fault.  The system functionality or performance would be affected if faults needs to be detected
15 properly.  The pressure to repair a specific problem encouraged a narrow focus on the fault itself and not on its context. In particular, the analysts paid attention to the immediate cause of the failure and not to the underlying design or requirements faults. Unexpected Behavior The inadequacies of penetrate-and-patch led researchers to seek a better way to be confident that code meets its security requirements. One way to do that is to compare the requirements with the behavior. That is, to understand program security, we can examine programs to see whether they behave as their designers intended or users expected. We call such unexpected behavior a program security flaw; it is inappropriate program behavior caused by a program vulnerability. There is no direct mapping of the terms "vulnerability" and "flaw" into the characterization of faults and failures. A flaw can be either a fault or failure, and a vulnerability usually describes a class of flaws, such as a buffer overflow. In spite of the inconsistency, it is important for us to remember that we must view vulnerabilities and flaws from two perspectives, cause and effect, so that we see what fault caused the problem and what failure (if any) is visible to the user 10. What are the different ways in which an operating system can assist or offer protection? Separating one user’s object from the other is the basic way of protection. Separation in an operating system can occur in several ways.  Logical separation: In which users operate under the illusion that no other processes exist, as when an operating system constrains a program's accesses so that the program cannot access objects outside its permitted domain
16  Physical separation: Each and every process has its own physical objects, such as separate printers for output requiring different levels of security.  Cryptographic separation: Each process will protect their data and computations in such a way that they are unintelligible to outside processes  Temporal separation: In which processes having different security requirements are executed at different times There are several ways an operating system can assist, offering protection at any of several levels.  Do not protect. Operating systems with no protection are appropriate when sensitive procedures are being run at separate times.  Isolate. An operating system providing Isolation feature allow different processes to run concurrently and are unaware of the presence of the each other. Each process has its own address space, files, and other objects. The operating system must confine each process somehow, so that the objects of the other processes are completely concealed.  Share all or nothing. Each user declare its objects either to be public or private. There by it will be either available to all users or only to the owners respectively.  Share via access limitation. With protection by access limitation, the operating system checks the allowability of each user's potential access to an object. That is, access control is implemented for a specific user and a specific object. Lists of acceptable actions guide the operating system in determining whether a particular user should have access to a
17 particular object. In some sense, the operating system acts as a guard between users and objects, ensuring that only authorized accesses occur.  Share by capabilities. An extension of limited access sharing, this form of protection allows dynamic creation of sharing rights for objects. The degree of sharing can depend on the owner or the subject, on the context of the computation, or on the object itself.  Limit use of an object. This form of protection limits not just the access to an object but the use made of that object after it has been accessed. For example, a user may be allowed to view a sensitive document, but not to print a copy of it. More powerfully, a user may be allowed access to data in a database to derive statistical summaries (such as average salary at a particular grade level), but not to determine specific data values (salaries of individuals).

More Related Content

PPT
Information Security & Cryptography
Arun ACE
 
DOC
Cryptography full report
harpoo123143
 
PDF
Computer Security (Cryptography) Ch01
Saif Kassim
 
PDF
Communication Security
Axis Communications
 
DOCX
Cryptography- "A Black Art"
Aditya Raina
 
DOCX
Seminar report on symmetric key
Rajat Tripathi
 
PPTX
Security in Data Communication and Networking
Zahidul Hossain
 
PDF
Cryptography
Izzatbek001
 
Information Security & Cryptography
Arun ACE
 
Cryptography full report
harpoo123143
 
Computer Security (Cryptography) Ch01
Saif Kassim
 
Communication Security
Axis Communications
 
Cryptography- "A Black Art"
Aditya Raina
 
Seminar report on symmetric key
Rajat Tripathi
 
Security in Data Communication and Networking
Zahidul Hossain
 
Cryptography
Izzatbek001
 

What's hot (20)

PPTX
PROJECT REPORT ON CRYPTOGRAPHIC ALGORITHM
saniacorreya
 
PPT
Network Security
Ramasubbu .P
 
ODP
Network Security
hj43us
 
PDF
Network security & cryptography full notes
gangadhar9989166446
 
PPTX
Cryptography ppt ,computer system security. PPT
ARYANUNIVERSE
 
PPTX
Cryptography.ppt
kusum sharma
 
PDF
Cryptology - The practice and study of hiding information
Bitcoin Association of Australia
 
PDF
Cryptography
Kalyani Government Engineering College
 
PPT
Cryptography basices
Siddique Ibrahim
 
PPTX
Cryptography by manisha jha
ManishaJha43
 
PPTX
Cryptography ppt
OECLIB Odisha Electronics Control Library
 
PDF
Cryptography and Network Lecture Notes
FellowBuddy.com
 
PPTX
Cryptanalysis 101
rahat ali
 
PDF
N45028390
IJERA Editor
 
PPTX
Crytography
Mostak Ahmed
 
PDF
Types of Cryptosystem and Cryptographic Attack
Mona Rajput
 
PDF
What is Cryptography?
Pratik Poddar
 
PPT
Cryptography
أحلام انصارى
 
PPTX
Cryptography
research30
 
PPTX
Cryptography
Sidharth Mohapatra
 
PROJECT REPORT ON CRYPTOGRAPHIC ALGORITHM
saniacorreya
 
Network Security
Ramasubbu .P
 
Network Security
hj43us
 
Network security & cryptography full notes
gangadhar9989166446
 
Cryptography ppt ,computer system security. PPT
ARYANUNIVERSE
 
Cryptography.ppt
kusum sharma
 
Cryptology - The practice and study of hiding information
Bitcoin Association of Australia
 
Cryptography
Kalyani Government Engineering College
 
Cryptography basices
Siddique Ibrahim
 
Cryptography by manisha jha
ManishaJha43
 
Cryptography ppt
OECLIB Odisha Electronics Control Library
 
Cryptography and Network Lecture Notes
FellowBuddy.com
 
Cryptanalysis 101
rahat ali
 
N45028390
IJERA Editor
 
Crytography
Mostak Ahmed
 
Types of Cryptosystem and Cryptographic Attack
Mona Rajput
 
What is Cryptography?
Pratik Poddar
 
Cryptography
أحلام انصارى
 
Cryptography
research30
 
Cryptography
Sidharth Mohapatra
 
Ad

Similar to Bt0088 cryptography and network security1 (20)

PPTX
Information Assurance and Security all in One Handout.pptx
fernandezpineda1016
 
PDF
A Survey on Cryptographic Techniques for Network Security.pdf
Yasmine Anino
 
DOCX
Unit 1 QB.docx
karthikaparthasarath
 
PDF
Different date block size using to evaluate the performance between different...
IJCNCJournal
 
PDF
Performance Comparison of File Security System using TEA and Blowfish Algorithms
ijtsrd
 
DOC
MAJOR PROJECT FORMAT--2013(new 1)
Neelabja Manna
 
PDF
UNIT 3 Information Security Sharad Institute
SatishPise4
 
PPTX
CRYPTOGRAPHY crytopgraphy wh is sd wkd ,w d .pptx
abduganiyevbekzod011
 
PDF
Cryptography System for Online Communication Using Polyalphabetic Substitutio...
Eswar Publications
 
PDF
Public key cryptography
Lilies DLiestyowati
 
PPTX
Cryptography and Network Security-ch1-4.pptx
SamiDan3
 
PDF
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
PDF
Comparative study of private and public key cryptography algorithms a survey
eSAT Publishing House
 
PDF
Analysis of Cryptographic Algorithms for Network Security
Editor IJCATR
 
PPT
Fundamentals of cryptography
Hossain Md Shakhawat
 
PDF
Analysis of Cryptography Techniques
editor1knowledgecuddle
 
PDF
Unit-2-IS (1).pdf
ShaikSameena24
 
ODP
Crpto unit1
Himanshu Awasthi
 
PDF
chapter 1-4.pdf
zerihunnana
 
PDF
information technology cryptography Msc chapter 1-4.pdf
wondimagegndesta
 
Information Assurance and Security all in One Handout.pptx
fernandezpineda1016
 
A Survey on Cryptographic Techniques for Network Security.pdf
Yasmine Anino
 
Unit 1 QB.docx
karthikaparthasarath
 
Different date block size using to evaluate the performance between different...
IJCNCJournal
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
ijtsrd
 
MAJOR PROJECT FORMAT--2013(new 1)
Neelabja Manna
 
UNIT 3 Information Security Sharad Institute
SatishPise4
 
CRYPTOGRAPHY crytopgraphy wh is sd wkd ,w d .pptx
abduganiyevbekzod011
 
Cryptography System for Online Communication Using Polyalphabetic Substitutio...
Eswar Publications
 
Public key cryptography
Lilies DLiestyowati
 
Cryptography and Network Security-ch1-4.pptx
SamiDan3
 
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Comparative study of private and public key cryptography algorithms a survey
eSAT Publishing House
 
Analysis of Cryptographic Algorithms for Network Security
Editor IJCATR
 
Fundamentals of cryptography
Hossain Md Shakhawat
 
Analysis of Cryptography Techniques
editor1knowledgecuddle
 
Unit-2-IS (1).pdf
ShaikSameena24
 
Crpto unit1
Himanshu Awasthi
 
chapter 1-4.pdf
zerihunnana
 
information technology cryptography Msc chapter 1-4.pdf
wondimagegndesta
 
Ad

More from Techglyphs (20)

PDF
Bt9002 Grid computing 2
Techglyphs
 
PDF
Bt9002 grid computing 1
Techglyphs
 
PDF
Bt8901 objective oriented systems2
Techglyphs
 
PDF
Bt0062 fundamentals of it(1)
Techglyphs
 
PDF
Bt0062 fundamentals of it(2)
Techglyphs
 
PDF
Bt0064 logic design1
Techglyphs
 
PDF
Bt0064 logic design2
Techglyphs
 
PDF
Bt0066 database management system1
Techglyphs
 
PDF
Bt0066 database management system2
Techglyphs
 
PDF
Bt0067 c programming and data structures2
Techglyphs
 
PDF
Bt0067 c programming and data structures 1
Techglyphs
 
PDF
Bt0068 computer organization and architecture
Techglyphs
 
PDF
Bt0068 computer organization and architecture 2
Techglyphs
 
PDF
Bt0070 operating systems 1
Techglyphs
 
PDF
Bt0070 operating systems 2
Techglyphs
 
PDF
Bt0072 computer networks 1
Techglyphs
 
PDF
Bt0072 computer networks 2
Techglyphs
 
PDF
Bt0074 oops with java2
Techglyphs
 
PDF
Bt0074 oops with java
Techglyphs
 
PDF
Bt0075 rdbms with mysql 1
Techglyphs
 
Bt9002 Grid computing 2
Techglyphs
 
Bt9002 grid computing 1
Techglyphs
 
Bt8901 objective oriented systems2
Techglyphs
 
Bt0062 fundamentals of it(1)
Techglyphs
 
Bt0062 fundamentals of it(2)
Techglyphs
 
Bt0064 logic design1
Techglyphs
 
Bt0064 logic design2
Techglyphs
 
Bt0066 database management system1
Techglyphs
 
Bt0066 database management system2
Techglyphs
 
Bt0067 c programming and data structures2
Techglyphs
 
Bt0067 c programming and data structures 1
Techglyphs
 
Bt0068 computer organization and architecture
Techglyphs
 
Bt0068 computer organization and architecture 2
Techglyphs
 
Bt0070 operating systems 1
Techglyphs
 
Bt0070 operating systems 2
Techglyphs
 
Bt0072 computer networks 1
Techglyphs
 
Bt0072 computer networks 2
Techglyphs
 
Bt0074 oops with java2
Techglyphs
 
Bt0074 oops with java
Techglyphs
 
Bt0075 rdbms with mysql 1
Techglyphs
 

Recently uploaded (20)

PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
PDF
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
PDF
FOISHS ANNUAL IMPLEMENTATION PLAN 2025.pdf
EllenJoyCaniya2
 
PDF
BP 505 T. PHARMACEUTICAL JURISPRUDENCE (UNIT 1).pdf
CMEmpire
 
PPTX
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
PPTX
Core Concepts of Personalized Learning and Virtual Learning Environments
Dr. Bushra Sumaiya
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PDF
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
PDF
Mucosal Drug Delivery system_NDDS_BPHARMACY__SEM VII_PCI.pdf
SabsKhan1
 
PDF
David L Page_DCI Research Study Journey_how Methodology can inform one's prac...
David L Page
 
PDF
LIFE & LIVING TRILOGY - PART (3) REALITY & MYSTERY.pdf
sureshkumarsoni26
 
PDF
Uderstanding digital marketing and marketing stratergie for engaging the digi...
afreenpeshmam
 
PDF
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
PDF
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
PDF
LIFE & LIVING TRILOGY - PART - (2) THE PURPOSE OF LIFE.pdf
sureshkumarsoni26
 
PDF
Environmental Education MCQ BD2EE - Share Source.pdf
Dr Raja Mohammed T
 
PDF
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
 
PPTX
What’s under the hood: Parsing standardized learning content for AI
Rustici Software
 
PDF
English Textual Question & Ans (12th Class).pdf
javaidpaswal33
 
PDF
Vision Prelims GS PYQ Analysis 2011-2022 www.upscpdf.com.pdf
navneetgupta711851
 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
FOISHS ANNUAL IMPLEMENTATION PLAN 2025.pdf
EllenJoyCaniya2
 
BP 505 T. PHARMACEUTICAL JURISPRUDENCE (UNIT 1).pdf
CMEmpire
 
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
Core Concepts of Personalized Learning and Virtual Learning Environments
Dr. Bushra Sumaiya
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
Mucosal Drug Delivery system_NDDS_BPHARMACY__SEM VII_PCI.pdf
SabsKhan1
 
David L Page_DCI Research Study Journey_how Methodology can inform one's prac...
David L Page
 
LIFE & LIVING TRILOGY - PART (3) REALITY & MYSTERY.pdf
sureshkumarsoni26
 
Uderstanding digital marketing and marketing stratergie for engaging the digi...
afreenpeshmam
 
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
LIFE & LIVING TRILOGY - PART - (2) THE PURPOSE OF LIFE.pdf
sureshkumarsoni26
 
Environmental Education MCQ BD2EE - Share Source.pdf
Dr Raja Mohammed T
 
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
 
What’s under the hood: Parsing standardized learning content for AI
Rustici Software
 
English Textual Question & Ans (12th Class).pdf
javaidpaswal33
 
Vision Prelims GS PYQ Analysis 2011-2022 www.upscpdf.com.pdf
navneetgupta711851
 

Bt0088 cryptography and network security1

  • 1. 1 Cryptography and Network Security BT0088 Part-1 By Milan K Antony
  • 2. 2 1. Explain the need for network security. Computer security is required because many organizations will be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:  Damage or destruction of computer systems.  Damage or destruction of internal data.  Loss of sensitive information to hostile parties.  Use of sensitive information to steal elements of monitary value.  Use of sensitive information against the customers which may result in legal action by customers against the organization and loss of customers.  Damage to the reputation of an organization.  Monitory damage, due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the reputation of the organization. The methods used to accomplish these unscrupulous objectives are many and varied depending on the circumstances. 2. What is security attack? Explain with examples. Any action that compromises the security of information owned by an organization is called security attack. Those who execute such actions, or cause them to be executed, are called attackers or opponents. Computer-based system has three interrelated and valuable components namely, hardware, software, and data. Each of these assets offers value to different members of the community affected by the system. To analyze security, we can
  • 3. 3 brainstorm about the ways in which the system or its information can experience some kind of loss or harm Vulnerability is a weakness in the security system, For example, you can see certain system does not verify a user's identity or password before allowing them to access the data. A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. The threats to computing system would be either human-initiated or computer-initiated. A human who exploits the vulnerability perpetrates an attack on the system. An attack can also be launched by another system, as when one system sends an overwhelming set of messages to another, virtually shutting down the second system's ability to function. we have seen this type of attack frequently, as denial-of-service attacks flood servers with more messages than they can handle. 3. What is the difference between substitution and transposition techniques? Substitutions are the simple form of encryption in which one letter is exchanged for another. A substitution is an acceptable way of encrypting text. Here is few examples.The Caesar cipher has an important place in history. Julius Caesar is said to have been the first to use this scheme, in which each letter is translated to a letter a fixed number of places after it in the alphabet. Caesar used a shift of 3, so that plaintext letter pi was enciphered as ciphertext letter ci by the rule .A one-time pad is sometimes considered the perfect cipher. The name comes from an encryption method in which a large, nonrepeating set of keys is written on sheets of paper, glued together into a pad. The Vernam Cipher is a type of one-time pad devised by Gilbert Vernam for AT&T. The Vernam cipher is immune to most cryptanalytic
  • 4. 4 attacks. The basic encryption involves an arbitrarily long nonrepeating sequence of numbers that are combined with the plaintext. Vernam's invention used an arbitrarily long punched paper tape that fed into a teletype machine. The tape contained random numbers that were combined with characters typed into the teletype. The sequence of random numbers had no repeats, and each tape was used only once. As long as the key tape does not repeat or is not reused, this type of cipher is immune to cryptanalytic attack because the available ciphertext does not display the pattern of the key .Example: transposition techniques The goal of substitution is confusion; the encryption method is an attempt to make it difficult for a cryptanalyst or intruder to determine how a message and key were transformed into cipher-text. A transposition is an encryption in which the letters of the message are rearranged. With transposition, the cryptography aims for diffusion, widely spreading the information from the message or the key across the ciphertext. Transpositions try to break established patterns. Because a transposition is a rearrangement of the symbols of a
  • 5. 5 message, it is also known as a permutation. A simplest transposition technique is Columnar Transpositions. The columnar transposition is a rearrangement of the characters of the plaintext into columns. The following set of characters is a five-column transposition. The plaintext characters are written in rows of five and arranged one row after another, as shown here. c1 c2 C3 c4 c5 c6 c7 C8 c9 c10 c11 c12 etc. You form the resulting ciphertext by reading down the columns Encipherment / Decipherment Complexity
  • 6. 6 This type is again arranging the letters and reading them off again. Therefore, the algorithm requires a constant amount of work per character, and the time needed to apply the algorithm is proportional to the length of the message. Digrams, Trigrams, and Other Patterns Just as there are characteristic letter frequencies, there are also characteristic patterns of pairs of adjacent letters, called digrams. Letter pairs such as -re-, -th-, -en-, and -ed- appear very frequently 4. Using Caesar Cipher encrypt the plaintext “Sikkim Manipal University” using key value Plaintext ABCDEFGHIJKLMNOPQRSTUVWXYZ Ciphertext d e f g h i j k l m n o p q r s t u v w x y z a b c SIKKIM MANIPAL UNIVERSITY would be encoded as SIKKIM MANIPAL UNIVERSITY vl nnl p pd qls do x q ly huv lwb
  • 7. 7 5. Explain different characteristics that identify a good encryption technique. 1. The implementation of the process should be as simple as possible. Principle 3 was formulated with hand implementation in mind: A complicated algorithm is prone to error or likely to be forgotten. With the development and popularity of digital computers, algorithms far too complex for hand implementation became feasible. Still, the issue of complexity is important. People will avoid an encryption algorithm whose implementation process severely hinders message transmission, thereby undermining security. And a complex algorithm is more likely to be programmed incorrectly 2. The enciphering algorithm and set of keys used should be less complex. This principle implies that we should restrict neither the choice of keys nor the types of plaintext on which the algorithm can work. For instance, an algorithm that works only on plaintext having an equal number of As and Es is useless. Similarly, it would be difficult to select keys such that the sum of the values of the letters of the key is a prime number. Restrictions such as these make the use of the encipherment prohibitively complex. If the process is too complex, it will not be used. Furthermore, the key must be transmitted, stored, and remembered, so it must be short. 3. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. Principle 1 is a reiteration of the principle of timeliness and of the
  • 8. 8 earlier observation that even a simple cipher may be strong enough to deter the casual interceptor or to hold off any interceptor for a short time. 4. Errors in ciphering should not propagate and cause corruption of further information in the message. Principle 4 acknowledges that humans make errors in their use of enciphering algorithms. One error early in the process should not throw off the entire remaining ciphertext. 5. The size of the original message and that of enciphered text should be at most same. 6. Compare Symmetric and Asymmetric Encryption Systems. The two basic kinds of encryption systems are key based and block based. Key based encryption is based on either single key or multiple keys. Block based encryption is based on either stream or block of characters We have two types of encryptions based on keys they are symmetric (also called "secret key") and asymmetric (also called "public key"). Symmetric algorithms use one key, which works for both encryption and decryption. Usually, the decryption algorithm is closely related to the encryption one The symmetric system means both encryption and the decryption are performed using the same key. They provide a two-way channel to their users: A and B share a secret key, and they can both encrypt information to send to the other as well as decrypt information from the other. As long as the key remains secret, the system also provides authentication, proof that a message received was not fabricated by someone other than the declared sender. Authenticity is ensured because only the legitimate sender can produce a message that will decrypt properly with the shared key. Public key systems, on the other hand, excel at key management. By the
  • 9. 9 nature of the public key approach, you can send a public key in an e-mai message or post it in a public directory. Only the corresponding private key, which presumably is kept private, can decrypt what has been encrypted with the public key. For both kinds of encryption, a key must be kept well secured. Once the symmetric or private key is known by an outsider, all messages written previously or in the future can be decrypted (and hence read or modified) by the outsider. So, for all encryption algorithms, key management is a major issue. It involves storing, safeguarding, and activating keys 7. Give the Overview of DES Algorithm. The most widely used encryption scheme is based on Data Encryption standard. Data Encryption Standard (DES), a system developed for the U.S. government, was intended for use by the general public The Data Encryption Standard (DES) specifies an algorithm to be implemented in electronic hardware devices and used for the cryptographic protection of computer data ... Encrypting data converts it to an unintelligible form called cipher. Decrypting cipher converts the data back to its original form. The algorithm... specifies both enciphering and deciphering operations which are based on a binary number called a key … Data can be recovered from cipher only by using exactly the same key used to encipher it.
  • 10. 10 The Data Encryption algorithm is a combination of both substitution as well as transposition technique. The strength of DES technique is improved when it uses both the techniques together. It uses both the technique repeatedly i.e., one on the top of other for a total of 16 cycles. The sheer complexity of tracing a single bit through 16 iterations of substitutions and transpositions has so far stopped researchers in the public from identifying more than a handful of general properties of the algorithm. The algorithm begins by encrypting the plaintext as blocks of 64 bits. The key is 64 bits long, but in fact it can be any 56-bit number. (The extra 8 bits are often used as check digits and do not affect encryption in normal implementations.) The user can change the key at will any time there is uncertainty about the security of the old key.
  • 11. 11 The iterative substitutions and permutations are performed as outlined in Figure DES uses only standard arithmetic and logical operations on numbers up to 64 bits long, so it is suitable for implementation in software on most current computers. Although complex, the algorithm is repetitive, making it suitable for implementation on a single-purpose chip. 8. Explain RSA technique with an example. RSA stands for Rivest, Shamir, and Adleman, the people who invented the algorithm at MIT in 1978 which uses two keys: a private key and a public key. Typically, private key algorithms such as DES can't protect against fraud by the sender or the receiver of a message
  • 12. 12 RSA is an exponentiation cipher. You have to follow the following two steps. 1. Choose two large prime numbers p and q, and let n = pq. The totient Ø(n) of n is the number of numbers less than n with no factors in common with n. Example: Let n = 10. The numbers that are less than 10 and are relatively prime to (have no factors in common with) n are 1, 3, 7, and 9. Hence, Ø (10) = 4. Similarly, if n = 21, the numbers that are relatively prime to n are 1, 2, 4, 5, 8, 10, 11, 13, 16, 17, 19, and 20. So Ø(21) = 12. 2. Choose an integer e < n that is relatively prime to Ø(n). Find a second integer d such that ed mod Ø(n) = 1. The public key is (e, n), and the private key is d. Let m be a message. Then: c = me mod n and m = cd mod n. Example: Let p = 7 and q = 11. Then n = 77 and Ø(n) = 60. Alice chooses e = 17, so her private key is d = 53. In this cryptosystem, each plaintext character is represented by a number between 00 (A) and 25 (Z); 26 represents a blank. Bob wants to send Alice the message "HELLO WORLD." Using the representation above, the plaintext is 07 04 11 11 14 26 22 14 17 11 03. Using Alice's public key, the ciphertext is 0717 mod 77 = 28 0417 mod 77 = 16 1117 mod 77 = 44
  • 13. 13 ... 0317 mod 77 = 75 or 28 16 44 44 42 38 22 42 19 44 75. RSA can provide data and origin authentication. If Alice enciphers her message using her private key, anyone can read it, but if anyone alters it, the (altered) ciphertext cannot be deciphered correctly. Example: Suppose Alice wishes to send Bob the message "HELLO WORLD" in such a way that Bob will be sure that Alice sent it. She enciphers the message with her private key and sends it to Bob. As indicated above, the plaintext is represented as 07 04 11 11 14 26 22 14 17 11 03. Using Alice's private key, the ciphertext is 0753 mod 77 = 35 0453 mod 77 = 09 1153 mod 77 = 44 ... 0353 mod 77 = 05
  • 14. 14 or 35 09 44 44 93 12 24 94 04 05. In addition to origin authenticity, Bob can be sure that no letters were altered. 9. Explain different approaches used in judging the quality of security. "secure”, it means that security implies some degree of trust that the program enforces expected confidentiality, integrity, and availability Fixing Faults One approach to judge quality in security is fixing faults. You might argue that a module in which 100 faults were discovered and fixed is better than another in which only 20 faults were discovered and fixed, suggesting that more rigorous analysis and testing had led to the finding of the larger number of faults. Early work in computer security was based on the paradigm of "penetrate and patch," in which analysts searched for and repaired faults. Often, a top- quality "tiger team" would be convened to test a system's security by attempting to cause it to fail. The test was considered to be a "proof" of security; if the system withstood the attacks, it was considered secure. Unfortunately, far too often the proof became a counterexample, in which not just one but several serious security problems were uncovered. The problem discovery in turn led to a rapid effort to "patch" the system to repair or restore the security. However, the patch efforts were largely useless, making the system less secure rather than more secure because they frequently introduced new faults. There are three reasons why.  The fault often had non-obvious side effects in places other than the immediate area of the fault.  The system functionality or performance would be affected if faults needs to be detected
  • 15. 15 properly.  The pressure to repair a specific problem encouraged a narrow focus on the fault itself and not on its context. In particular, the analysts paid attention to the immediate cause of the failure and not to the underlying design or requirements faults. Unexpected Behavior The inadequacies of penetrate-and-patch led researchers to seek a better way to be confident that code meets its security requirements. One way to do that is to compare the requirements with the behavior. That is, to understand program security, we can examine programs to see whether they behave as their designers intended or users expected. We call such unexpected behavior a program security flaw; it is inappropriate program behavior caused by a program vulnerability. There is no direct mapping of the terms "vulnerability" and "flaw" into the characterization of faults and failures. A flaw can be either a fault or failure, and a vulnerability usually describes a class of flaws, such as a buffer overflow. In spite of the inconsistency, it is important for us to remember that we must view vulnerabilities and flaws from two perspectives, cause and effect, so that we see what fault caused the problem and what failure (if any) is visible to the user 10. What are the different ways in which an operating system can assist or offer protection? Separating one user’s object from the other is the basic way of protection. Separation in an operating system can occur in several ways.  Logical separation: In which users operate under the illusion that no other processes exist, as when an operating system constrains a program's accesses so that the program cannot access objects outside its permitted domain
  • 16. 16  Physical separation: Each and every process has its own physical objects, such as separate printers for output requiring different levels of security.  Cryptographic separation: Each process will protect their data and computations in such a way that they are unintelligible to outside processes  Temporal separation: In which processes having different security requirements are executed at different times There are several ways an operating system can assist, offering protection at any of several levels.  Do not protect. Operating systems with no protection are appropriate when sensitive procedures are being run at separate times.  Isolate. An operating system providing Isolation feature allow different processes to run concurrently and are unaware of the presence of the each other. Each process has its own address space, files, and other objects. The operating system must confine each process somehow, so that the objects of the other processes are completely concealed.  Share all or nothing. Each user declare its objects either to be public or private. There by it will be either available to all users or only to the owners respectively.  Share via access limitation. With protection by access limitation, the operating system checks the allowability of each user's potential access to an object. That is, access control is implemented for a specific user and a specific object. Lists of acceptable actions guide the operating system in determining whether a particular user should have access to a
  • 17. 17 particular object. In some sense, the operating system acts as a guard between users and objects, ensuring that only authorized accesses occur.  Share by capabilities. An extension of limited access sharing, this form of protection allows dynamic creation of sharing rights for objects. The degree of sharing can depend on the owner or the subject, on the context of the computation, or on the object itself.  Limit use of an object. This form of protection limits not just the access to an object but the use made of that object after it has been accessed. For example, a user may be allowed to view a sensitive document, but not to print a copy of it. More powerfully, a user may be allowed access to data in a database to derive statistical summaries (such as average salary at a particular grade level), but not to determine specific data values (salaries of individuals).