Network security and cryptography

50 %
50 %
Information about Network security and cryptography
Education

Published on March 3, 2014

Author: rampalliraj

Source: slideshare.net

Description

This ppt describes network security concepts and the role of cryptography. Difference in Symmetric Key Cryptography and Public Key Cryptography. Uses of Digital Certificates. What is the use of Digital Signature and how it ensure authenticity, Integrity and Non-repudiation. How security features should be ensured for any transactions using cryptography.

By Raj Kumar Rampelli

  Need for Network security Classification of Network Attacks ◦    Possible Attacks Security Features Security Mechanism: Cryptography Types of Encryption-Decryption techniques ◦ Symmetric: Shared Key Type ◦ Asymmetric: Public/Private Key Type  Public Key Infrastructure   Digital Signature Public Key Infrastructure implementation and its factors ◦ ◦ ◦ ◦  Generation of key pair Obtain Digital certificate Encryption/Decryption analysis Digital certificate role Conclusion Raj Kumar Rampelli 3/3/2014 2

 What is a Network ? ◦ Data Carrier  Data ? ◦ Anything which conveys something between 1st person (sender/receiver) and 2nd person (receiver/sender)  Categories of Data ? ◦ Normal ◦ Confidential  Data can’t be enclosed to 3rd person.  Goal ? ◦ Protection of DATA i.e. Information Security. ◦ Preventing compromise or loss of DATA from unauthorized access Raj Kumar Rampelli 3/3/2014 3

 What is Network Attack ?  Categories of Attacks ◦ An action that compromises the security of DATA ◦ Passive     Learn from DATA and make use of system information Do not alter the DATA Very difficult to identify the attack Ex: Eavesdropping (Interception) ◦ Active  Modifies the DATA  Ex: Denial of Service  Possible Attacks ◦ ◦ ◦ ◦ Interruption Interception Modification Fabrication Raj Kumar Rampelli 3/3/2014 4

 Normal Flow Sender  Receiver Interruption Sender Disturb Receiver ◦ Attack on “availability”  Disconnection of a wireless or wired internet connection  Unavailability of a particular web site  Inability to access any web site Raj Kumar Rampelli 3/3/2014 5

 Interception (No Privacy) Intruder Sender Receiver ◦ Attack on “confidentiality” ◦ Packet Analyzer software  Intercept and log traffic passing over a network  Captures each Packet and decodes the data  Ex: Microsoft Network Monitor ◦ Man in the middle attack ◦ Wiretapping: capture the data ◦ Intruder can be a person or a program or a computer Raj Kumar Rampelli 3/3/2014 6

 Modification ◦ Attacker modifies the data sent by the sender ◦ Gain access to a system and make changes  Alter programs so that it performs differently ◦ Attack on “Integrity”  Fabrication ◦ Attacker acts like Sender ◦ Gain access to a person’s email and sending messages ◦ Attack on “Authenticity” ◦ Lack of mutual authentication Raj Kumar Rampelli 3/3/2014 7

 A Transaction/Communication (or a service) is secure if and only if the following security features are provided ◦ ◦ ◦ ◦  Confidentiality Integrity Authenticity (Mutual Authentication) Non-repudiation Cryptography ◦ Symmetric key Cryptography ◦ Public Key Infrastructure Raj Kumar Rampelli 3/3/2014 8

String of information that binds the unique identifier of each user to his/her corresponding public key. Services •Provide security features Digital Certificate Symmetric Key Cryptography •Data Encryption Standard (DES) •Triple DES •Advanced ES Cryptography Public Key Infrastructure Digital Signature •Public-Private Key •RSA A mathematical scheme for demonstrating the authenticity, non-repudiation and integrity of a digital message Encryption and Decryption •ECC •Cypher Text Raj Kumar Rampelli 3/3/2014 9

 Symmetric Key scenario Sender (plain text)  SK(plain text)  Cipher Text (Encrypted text) Receiver SK(Cipher text)  Plain text Public-Private Key scenario Sender (plain text)  PubKey(plain text) Cipher Text (Encrypted text) Receiver PrivKey(Cipher text)  Plain text Raj Kumar Rampelli 3/3/2014 10

• Generation of Public-Private key pair Performance factors at client • Generation of certificate request message • Receive and store digital certificates • Encryption and Decryption • Generation and verification of digital signature message • Verification of Digital certificate Raj Kumar Rampelli 3/3/2014 11

  Generate public and private key pair at client Check the following details using different Public Key Cryptography (PKC) algorithms ◦ Time taken for key pair generation ◦ Storage space required for storing the key pair ◦ Repeat above two steps by changing the key size in the algorithm ◦ Analyze the results and choose optimal algorithm suitable for your application.  PKC algorithms ◦ RSA ◦ ECC Raj Kumar Rampelli 3/3/2014 12

 Generate certificate request message (CRM) using public-private key pair Apply for new Digital Certificate  CA verifies the requester credentials  ◦ Send CRM and user/app credentials to Certificate Authority (CA) ◦ Approves/Rejects the application ◦ If approved,  Generate Digital Certificate using requester credential with public key information  Store it in Digital certificate data base locally  Send Digital certificate to requester  Receive Digital certificate from CA and store locally. Raj Kumar Rampelli 3/3/2014 13

     String of information that binds the unique identifier of each client to his/her corresponding public key. Pre-requite for obtaining Digital certificate ◦ Generate public-private key pair locally ◦ Generate certificate request message Digital certificate used to authenticate server credentials during mutual authentication process Mutual authentication process: ◦ a client authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others' identity [wiki] Authenticating an entity using its Digital certificate: ◦ Check the validity period of certificate ◦ Verify the digital signature of CA on the certificate using CA’s public key Raj Kumar Rampelli 3/3/2014 14

  Client encrypts the message using server’s public key The time taken for encryption of fixed size message ◦ Using server’s ECC public key ◦ Using server’s RSA public key ◦ Analyze the results.   Client decrypts the received message (from server) using client’s private key The time taken for decryption of fixed size message ◦ Using client’s ECC private key ◦ Using client’s RSA private key ◦ Analyze the results. Raj Kumar Rampelli 3/3/2014 15

Performance factor-4: Digital signature generation & verification A valid digital signature gives a recipient reason to believe that the message was created by a known sender (Authenticity), such that the sender cannot deny having sent the message (Non-repudiation) and that the message was not altered in transit (Integrity). Raj Kumar Rampelli 3/3/2014 16

 A method to Secure “Data transactions” between users is needed ◦ Should ensure all desired security features for any transaction.  Cryptography: collections of standards/techniques for securing the Data. ◦ PKI ensures all security features     As the key size increases, the more difficult to crack the data. Analyze PKI Implementation factors using different cryptographic algorithms with different key sizes Digital certificate: Mainly used for authenticity Digital signature: Mainly used for Integrity of data Raj Kumar Rampelli 3/3/2014 17

  Have a Look at: My PPTs:  http://www.slideshare.net/rampalliraj/  My Tech Blog:  http://practicepeople.blogspot.in/ Raj Kumar Rampelli 3/3/2014 18

Add a comment

Related presentations

Related pages

Cryptography and Network Security - Department of Computer ...

CS595-Cryptography and Network Security Attacks, Services and Mechanisms! Security Attacks " Action compromises the information security! Security Services
Read more

Web Communication: Cryptography and Network Security ...

Cryptography, which translates as "secret writing," refers to the science of concealing the meaning of data so only specified parties understand a ...
Read more

Cryptography and Network Security: Principles and Practice ...

Cryptography and Network Security: Principles and Practice: Amazon.de: William Stallings: Fremdsprachige Bücher
Read more

Cryptography

CRYPTOGRAPHY AND NETWORK SECURITY, SIXTH EDITION New topics for this edition include SHA-3, key wrapping, elliptic curve digital signature algorithm (ECDSA ...
Read more

Cryptography and Network Security, 3e eBook: Atul Kahate ...

Kindle-Shop Kindle kaufen Kindle eBooks Englische eBooks Kindle Unlimited eBook Deals Kindle Singles Kostenlose Kindle Lese-Apps Zeitungen & Zeitschriften ...
Read more

NPTEL :: Computer Science and Engineering - Cryptography ...

Cryptography and Network Security (Video) Introduction; ... An Introduction to Elliptic Curve Cryptography; Application of Elliptic Curves to Cryptography;
Read more

Security and Cryptography for Networks - Buchhandel.de - Buch

Security and Cryptography for Networks 9th International Conference, SCN 2014, Amalfi, Italy, September 3-5, 2014. Proceedings
Read more

Cryptography for Network and Information Security

Cryptography is a cornerstone of the modern electronic security technologies used today to protect valuable information resources on intranets, extranets ...
Read more

Cryptography and Network Security - McGraw Hill Education

In this new first edition, well-known author Behrouz Forouzan uses his accessible writing style and visual approach to simplify the difficult concepts of ...
Read more

Cryptography and Network Security, Fourth Edition

Last updated: Appendices and Documents Appendix C through Appendix H, in PDF format, are available for download here. Applied Cryptography and Data Security.
Read more