[go: up one dir, main page]
Scribd
Upload
4 views29 pages

Network Security Extra

The document outlines key concepts in network security, including five essential services: message confidentiality, integrity, authentication, nonrepudiation, and entity authentication. It explains cryptography, distinguishing between symmetric and asymmetric key methods, and details the process of creating and verifying digital signatures to ensure message authenticity and integrity. Overall, it emphasizes the importance of secure communication in digital transactions.

Uploaded by

adi.jain.hsp
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
4 views29 pages

Network Security Extra

The document outlines key concepts in network security, including five essential services: message confidentiality, integrity, authentication, nonrepudiation, and entity authentication. It explains cryptography, distinguishing between symmetric and asymmetric key methods, and details the process of creating and verifying digital signatures to ensure message authenticity and integrity. Overall, it emphasizes the importance of secure communication in digital transactions.

Uploaded by

adi.jain.hsp
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 29

Network Security

• Security Services
• Cryptography
• Public and Private key
• Digital Signatures

2
Security Services

3
Security Services

 Network security includes five services:

 Four of these services are related to message exchanged using the network:

• Message confidentiality

• Integrity

• Authentication

• Nonrepudiation

 The fifth service provides entity authentication or identification.

4
Security Services

5
Security Services

 Message Confidentiality:

• Message confidentiality or privacy means that the sender and the receiver
expect confidentiality.

• The transmitted message must make sense to only the intended receiver.

• To all others, the message must be garbage.

• When a customer communicates with his bank, he expects that the


communication is totally confidential.

6
Security Services
 Message Integrity:

• Message integrity means that the data must arrive at the receiver exactly as
they were sent.

• There must be no changes during the transmission, neither accidentally nor


maliciously.

• As more and more monetary exchanges occur over the Internet, integrity is
crucial.

• For example, it would be disastrous if a request for transferring $100


changed to a request for $10,000 or $100,000. The integrity of the message
must be preserved in a secure communication.

7
Security Services

 Message Authentication:

• In message authentication the receiver needs to be sure of the sender's identity


and that an imposter has not sent the message.

 Message Nonrepudiation:

• Message nonrepudiation means that a sender must not be able to deny sending a
message that he or she, in fact, did send.

• For example, when a customer sends a message to transfer money from one
account to another, the bank must have proof that the customer actually
requested this transaction.
8
Security Services

 Entity Authentication:

• In entity authentication (or user identification) the entity or user is verified


prior to access to the system resources (files, for example).

• For example, a student who needs to access her university resources needs to
be authenticated during the logging process. This is to protect the interests of
the university and the student.

9
Cryptography

10
What is Cryptography?
• Cryptography derived its name from a Greek word called
“krypto’s” which means “Hidden Secrets”.

• Cryptography is the practice and study of hiding information. It is the Art


or Science of converting a plain intelligible data into an unintelligible
data and again retransforming that message into its original form.

11
Types of Cryptography
Symmetric Key Cryptography or Shared Key Cryptography

•Same key is used for encryption as well as decryption.


•But sending the key to the receiver for decrypting the data is risky. This is known as
key exchange problem.

Asymmetric Key Cryptography or Public Key/Private Key Cryptography

•In this method, the key is never shared or exchanged.


•For example,

12
Symmetric Key
Cryptography

13
CRYPTOGRAPHY

• Consider two parties Alice and Bob.

• Now, Alice wants to send a message m to Bob over a secure channel.

• The sender’s message or sometimes called the Plaintext, is converted into


an unreadable form using a Key k.

• The resultant text obtained is called the Ciphertext. This process is


known as Encryption.

• At the time of receiving , the Ciphertext is converted back into the


plaintext using the same Key k, so that it can be read by the receiver.
This process is known as Decryption.

14
CRYPTOGRAPHY

Here, C refers to the Ciphertext, m is the original message, while E and D are the
Encryption and Decryption algorithms respectively.

Let’s consider the case of Caesar Cipher or Shift Cipher as an example.


As the name suggests, in Caesar Cipher or Shift Cipher, each character in a
word is replaced by another character under some defined rules. For
example, each character in the word would be shifted by a position of 1.

Input Text: AABBHHEEKK

Output Text: BBCCIIFFLL


15
Types of Ciphers

16
Types of Ciphers
1(a). Mono-alphabetic Cipher
In mono-alphabetic ciphers, each symbol in plain-text (eg; ‘o’ in
‘follow’) is mapped to one cipher-text symbol. No matter how many
times a symbol occurs in the plain-text, it will correspond to the same
cipher-text symbol. For example, if the plain-text is ‘follow’ and the
mapping is :
f -> g
o -> p
l -> m
w -> x
The cipher-text is ‘gpmmpx’.

17
Types of Ciphers
1(b). Poly-alphabetic Cipher
In poly-alphabetic ciphers, every symbol in plain-text is mapped to a different cipher-text
symbol regardless of its occurrence. Every different occurrence of a symbol has different
mapping to a cipher-text. For example, in the plain-text ‘follow’, the mapping is :
f -> q
o -> w
l -> e
l -> r
o -> t
w -> y
Thus, the cipher text is ‘qwerty’.

18
Types of Ciphers
2. Transposition Cipher:
The transposition cipher does not deal with substitution of one symbol with another. It focuses on
changing the position of the symbol in the plain-text. A symbol in the first position in plain-text may
occur in fifth position in cipher-text.
Two of the transposition ciphers are:

19
Public and Private key

20
Asymmetric Key
Cryptography
Private Key / Public Key Cryptography :

In this, two keys are used, one key is used for encryption and
another key is used for decryption.

One key (public key) is used for encrypt the plain text to convert
it into cipher text, and another key (private key) is used by
receiver to decrypt the cipher text to read the message.

21
Use of Keys
• Private keys are used for decrypting.
• Public keys are used for encrypting.

22
Use of Keys

23
Digital Signatures

24
Digital Signature
A digital signature is a mathematical technique used to validate
the authenticity and integrity of a message, software, or digital
document.
Key Generation Algorithms: Digital signature is electronic signature,
which assures that the message was sent by a particular sender. While
performing digital transactions, authenticity and integrity should be
assured, otherwise, the data can be altered or someone can also act as if
he was the sender and expect a reply.
Signing Algorithms: To create a digital signature, signing algorithms
create a one-way hash of the electronic data which is to be signed. The
signing algorithm then encrypts the hash value using the private key
(signature key). This encrypted hash is the digital signature. This digital
signature is then appended with the data and sent to the verifier.

25
Digital Signature
The reason for encrypting the hash instead of the entire message or
document is that a hash function converts any arbitrary input into a much
shorter fixed-length value.
This saves time as now instead of signing a long message, a shorter hash
value has to be signed and moreover hashing is much faster than signing.

Signature Verification Algorithms : Verifier receives Digital Signature


along with the data. It then uses Verification algorithm to process on the
digital signature using the public key (verification key), and generates
some value. It also applies the same hash function on the received data
and generates a hash value. Then the hash value and the output of the
verification algorithm are compared. If they both are equal, then the
digital signature is valid else it is invalid.

26
Digital Signature

27
Digital Signature
The steps followed in creating digital signature are :
• Message digest is computed by applying hash function on the message
and then message digest is encrypted using private key of sender to form
the digital signature. [[digital signature = encryption (private key of
sender, message digest) and message digest = message digest
algorithm(message)]].
• Digital signature is then transmitted with the message.(message + digital
signature is transmitted)
• Receiver decrypts the digital signature using the public key of sender.
(This assures authenticity, as only sender has his private key so only
sender can encrypt using his private key which can thus be decrypted by
sender’s public key).
• The receiver now also has the message digest.

28
Digital Signature
• The receiver can also compute the message digest from the
message (actual message is sent with the digital signature).
• The message digest computed by receiver and the message
digest (got by decryption on digital signature) need to be
same for ensuring integrity.

29

You might also like