Network Security & Cryptography: Paper ON
Network Security & Cryptography: Paper ON
Network Security & Cryptography: Paper ON
ON
PRESENTED
TO
STEPCONE ‘06
(A NATIONAL LEVEL TECHNICAL SYMPOSIUM)
SUBMITTED
BY
V.Suneetha
P.S.P.V.Santhi
Department of computer science & engineering
Shri Vishnu engineering college for women.
BHIMAVARAM
EMAIL ID’S:
vsuneethabtech@yahoo.co.in
siri_beautiful@yahoo.com
Abstract
Contents
• Introduction to Networking
o What is a Network?
o What are some Popular Networks?
UUCP
The Internet
• TCP/IP: The Language of the Internet
o IP
o TCP
o UDP
• Types And Sources Of Network Threats
o Loss of privacy
o Loss of data integrity
o Identity spooling
o Denial of service
• Cryptography
• Conclusions
• References
Introduction to Networking
What is a Network?
Over the last 25 years or so, a number of networks and network protocols
have been defined and used. We're going to look at two of these networks, both of
which are ``public'' networks. Anyone can connect to either of these networks, or
they can use types of networks to connect their own hosts (computers) together,
without connecting to the public networks. Each type takes a very different
approach to providing network services.
UUCP
The Internet is the world's largest network of networks. When you want to access
the resources offered by the Internet, you don't really connect to the Internet; you
connect to a network that is eventually connected to the Internet backbone, a
network of extremely
fast (and incredibly overloaded!) network components. This is an important point:
the Internet is a network of networks -- not a network of hosts.
IP
As noted, IP is a ``network layer'' protocol. This is the layer that allows the hosts
to actually ``talk'' to each other. Such things as carrying data grams, mapping the
Internet address to a physical network address, and routing, which takes care of
making sure that all of the devices that have Internet connectivity can find the
way to each other.
TCP
The Internet provides amazing opportunities but not with out some risk. With out
the proper control your data is subjects to several types of attacks. These problem
areas are discussed in the section that follows:
Loss of privacy
A perpetrator may observe confidential data as it transfers the internet. This
ability is probably the largest inhibitor business_to_business communications.
Today with out encryption an unauthorized party as shown in the fig.a1: may read
every messagesent.
My password dap
banker.ban.org
User name. Ban
Password:
Customer Bank
Identity Spooling
Moving beyond the protection of data itself, you must also be careful to protect
your identity on the internet.
Denial of service
An organization take advantage of the Internet, they must take measure to ensure
that their systems are available. Over the last several years’ attackers have found
deficiencies in the TCP/IP protocol suite that allows then to arbitrarily cause
computer systems to crash.
Disk crash
Disk crash
Network problems can be divided roughly into four internet wined areas:
Secrecy
It has to do with keeping information out of unauthorized users.
Authentication
It deals with determining whom you are taking to before revealing sensitive
information or entering into a business deal.
Non-repudiation
It deals with signatures secrecy and integrity are achieved by using register mail
and locking documents up.
Cryptography is the science of writing in secret code and is an ancient art; the
first documented use of cryptography in writing dates back to circa 1900 B.C. In
data and telecommunications, cryptography is necessary when communicating
over any untrusted medium, which includes just about any network, particularly
the Internet.
Cryptography, then, not only protects data from theft or alteration, but can also be
used for user authentication. There are, in general, three types of cryptographic
schemes typically used to accomplish these goals: secret key (or symmetric)
cryptography, public-key (or asymmetric) cryptography, and hash functions, each
of which is described below. In all cases, the initial unencrypted data is referred to
as plaintext. It is encrypted into ciphertext, which will in turn (usually) be
decrypted into usable plaintext.
• Secret Key Cryptography (SKC): Uses a single key for both encryption
and decryption
• Public Key Cryptography (PKC): Uses one key for encryption and another
for decryption
• Hash Functions: Uses a mathematical transformation to irreversibly
"encrypt" information
So, why are there so many different types of cryptographic schemes? Why can't
we do everything we need with just one?
The answer is that each scheme is optimized for some specific application(s).
Hash functions, for example, are well-suited for ensuring data integrity because
any change made to the contents of a message will result in the receiver
calculating a different hash value than the one placed in the transmission by the
sender. Since it is highly unlikely that two different messages will yield the same
hash value, data integrity is ensured to a high degree of confidence.
FIGURE 2: Sample application of the three cryptographic techniques for secure communication.
Figure 2 puts all of this together and shows how a hybrid cryptographic scheme
Conclusions
Security is a very difficult topic. Everyone has a different idea of what ``security''
is, and what levels of risk are acceptable. The key for building a secure network is
to define what security means to your organization. Once that has been defined,
everything that goes on with the network can be evaluated with respect to that
policy. Projects and systems can then be broken down into their components, and
it becomes much simpler to decide whether what is proposed will conflict with
your security policies and practices. The irony is that today, secrecy is not the key
to the goodness of a cryptographic algorithm. Regardless of the mathematical
theory behind an algorithm, the best algorithms are those that are well-known and
well-documented because they are also well-tested and well-studied! In fact, time
is the only true test of good cryptography; any cryptographic scheme that stays in
use year after year is most likely a good one. The strength of cryptography lies in
the choice (and management) of the keys; longer keys will resist attack better than
shorter keys
References
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: