SEMINAR

ON
NETWORK SECURITY AND
CRYPTOGRAPHY
PREPARED BY
BASSEY BASSEY TEMPUS
NOU211104255

SUBMITTED TO
DEPARTMENT OF INFORMATION
TECHNOLOGY
FACULTY OF SCIENCES

NATIONAL OPEN UNIVERSITY OF

NIGERIA
UYO STUDY CENTRE

APRIL, 2024
 Abstract

This paper aims to provide a broad review of network security and

cryptography. Network security and cryptography is a subject too wide
ranging to coverage about how to protect information in digital form and to
provide security services. However, a general overview of network security
and cryptography is provided.
Network security is a complicated subject, historically only tackled by
well-trained and experienced experts. When many systems are connected in
a network it is very important to safeguard the data in each system.
However, as more and more people become” wired'', an increasing number
of people need to understand the basics of security in a networked world.
Our paper covers different kinds of threats & firewalls in the network by
implementation of different security services using various security
mechanisms. Generally, the logical conclusion is to use both kind of
algorithms and their combinations to achieve optimal speed and security
levels. It is hoped that the reader will have a wider perspective on security
in general, and better understand how to reduce and manage risk
personally.
Introduction
A basic understanding of computer networks
is requisite in order to understand the principles
of network security. In this section, we'll cover
some of the foundations of computer
networking, then move on to an overview of
some popular networks. The impressive
development of computer networks has reached
the point, where security becomes essential.
Users want to exchange data in a secure way.
The problem of network security is a complex
issue. Network security means a protection of
the network assets.

Popular networks:
UUCP: (Unix-to-Unix Copy) was originally
developed to connect UNIX hosts together.
Internet: The Internet is the world's largest
network of networks.
Services for security:
The services are intended to counter security attacks, and they make
use of one or more security mechanisms to provide the service.
Confidentiality: Ensure that the information in a computer system and
transmitted information are accessible only for reading by authorized
parties. This type of access includes printing displaying and other forms
of disclosure, including simply revealing the existence of an object.
Authentication: Ensure that the origin of a message or electronic
document is correctly with an assurance that the identity is not
false;
Integrity: Ensures that only authorized parties are able to modify
computer systems assets and transmitted information. Modification
includes writing, changing, changing status, deleting, creating and
delaying or replaying of transmitted messages.
Non-repudiation: Requires that neither the sender nor the receiver of a
message is able to deny the transmission.
Access control: Require that access to information resources may be
controlled by or for the target system.
Security threats
Categorization of these attacks is passive attacks and active
attacks.
Passive attacks: In this the goal of the attacker is to obtain
information that is being transmitted. Two types of passive attacks
are release of message contents and traffic analysis.
Active attacks:. These attacks involve some modification of the data
stream or the creation of false stream and can be sub divided into 4
categories: Masquerade, Replay, Modification of messages, and
denial of service.
Denial of service: DoS (Denial-of-Service) attacks are probably the
nastiest, and most difficult to address. Such attacks were fairly
common in late 1996 and early 1997, but are now becoming less
popular. Some things that can be done to reduce the risk of being
stung by a denial of service attack include
Not running your visible-to-the-world servers at a level too close to
capacity
Using packet filtering to prevent obviously forged packets from
entering into your network address space.
Keeping up-to-date on security-related patches for your hosts'
operating systems.
Unauthorized Access :
``Unauthorized access'' is a very high-level
term that can refer to a number of different
sorts of attacks. The goal of these attacks is to
access some resource that your machine should
not provide the attacker. These can take the
form of a virus, worm, or Trojan horse. One of
the most publicized threats to security is
intruder. Generally referred to as a hacker or
cracker, and some other threats are executing
commands illicitly, confidential breaches,
destructive behavior.
Where do the attacks come from? How, though,
does an attacker gain access to your
equipment? Through any connection that you
have to the outside world. This includes
Internet connections, dial-up modems, and
even physical access.
Preventing security disasters:
Hope you have backups

Stay current with relevant operating system pat

ches
Don't put data where it doesn't need to be
Avoid systems with single points of failure
Watch for relevant security advisories
Firewalls:
Firewalls can be an effective means of
protecting a local system or network of systems
from network based security threats while at
the same time, a firewall is simply a group of
components that collectively form a barrier
between two networks.
Types of firewalls:
Application Gateways
Packet Filtering
Hybrid systems
Best for me: Lots of options are available, and
it makes sense to spend some time with an
expert, either in-house, or an experienced
consultant who can take the time to understand
your organization's security policy, and can
design and build a firewall architecture that
best implements that policy.
Points of Failure: Any time there is only one
component paying attention to what's going on
between the internal and external networks, an
attacker has only one thing to break (or fool!)
in order to gain complete access to your
internal networks.
Security Mechanisms: A mechanism that is
designed to detect, prevent, or recover from a
security attack. Cryptography and
Steganographic are such two techniques. Hence
we focus on development, use and management
of Cryptographic techniques.
What is Cryptography?
The word “cryptography” is derived from
Greek and when literally translated, means
“secret writing.” The study of enciphering and
encoding (on the sending end), and decoding
(on the receiving end) is called cryptography.
Although the distinction is fuzzy, ciphers are
different from codes. When you mix up or
substitute existing letters, you are using a
cipher.
Encryption refers to the transformation of data
in “plain text” form into a form called “cipher
text,” .The recovery of plain text requires the
key, and this process is known as decryption.
Transposition cipher: Text chosen in one form
can be enciphered choosing a different route.
To decipher, you fill the in box following the
zigzag route and read the message using the
spiral route. The cipher text becomes:
Types of Cryptography:
There are three types of cryptographic
algorithms:
Secret Key Cryptography.
Public Key Cryptography.
Hash Algorithms.
Secret Key Cryptography:
Secret key cryptography involves the
use of single key. Given a message (Plain text)
and the key, encryption produces cipher text,
which is about the same length as the plain text
was. Decryption is the reverse of encryption,
and uses the same key as encryption.
Decryption

Secret key cryptography is sometimes referred to as symmetric

cryptography or conventional cryptography. If sender and
receiver agree on a shared secret key, then by using secret key
cryptography we can send messages to one another on a
medium that can be tapped, without worrying about
eavesdroppers. All we need to do is have the sender encrypt the
messages and the receiver decrypt them using the key. An
eavesdropper will only see unintelligible data. Some of the
secret key cryptography algorithms are - DES, 3-DES, blowfish,
IDEA, AES, RC2, RC4, RC5, ECB etc.
Advantages of Secret Key Cryptography:
o Very fast relative to public key cryptography.
o Considered secure, provided the key is relatively strong.
o The cipher text is compact (i.e., encryption does not add
excess “Baggage” to the cipher text).
o Widely used and very popular.
Disadvantages of Secret Key Cryptography:

o The administration of the keys can become

extremely complicated.
o A large number of keys are needed to
communicate securely with a large group of
People.
o The key is subject to interception by
hackers.

Public Key Cryptography:

Public key cryptography sometimes also

referred to as asymmetric cryptography. The
public key need not be kept secret, and, in fact,
may be widely available, only its authenticity is
required to guarantee that A is indeed the only
party who knows the co-responding private
key.
The private key and the public key are mathematically linked.

Encryption
Plain text ---------------------------------> cipher text

Public key

Private key

Cipherkey --------------------------------> plain text

Decryption

Public key cryptography can do anything secret key cryptography can do

like- transmitting the data over an insecure channel, secure storage on
insecure media, authentication purposes and digital signatures. Some Public
key cryptography algorithms are RSA, Elliptic Curve Cryptography (ECC),
ElGamal, DH, DSA/DSS etc.
Hash Algorithms:
Hash algorithms are also known as
message digests or one-way transformations. A
cryptographic hash function is a mathematical
transformation that takes a message of arbitrary
length and computes from it a fixed length
number.
The following things can be done using hash
algorithms.
Password Hashing: When a user types a
password, the system must store the password
encrypted because someone else can use it. To
avoid this problem hashing is used. When a
password is supplied, it computes the password
hash and compares it with the stored value if
they match; the password is taken to be correct.
Message Integrity: Cryptographic hash
functions can be used to protect the integrity of
a message transmitted over insecure media.
Message fingerprint: We can know whether
some data stored has been modified from one
day to the next, if we save that data structure
with a hash function. We can compare the hash
function data structure with the message on the
message data. If the message digest has not
changed, you can be sure that none of the data
is changed.
Implementation Issues
Key Size:
This has major role for amount of security. If the
algorithm is inherently strong, then it can be
assumed that the larger the key size for the ciphers,
the harder it is for a hacker to perform an attack on
the cipher text. But, larger keys lead to lower levels
of performance. Thus there are, trade-offs, which are
traditionally made between the level of security and
other factors, like performance.
Hybrid Systems:
Just one crypto-system will not solve
every problem. Most systems in use today employ a
hybrid system.
 Conclusion:
Everyone has a different idea of what
``security'' is, and what levels of risk are
acceptable. It's important to build systems and
networks in such a way that the user is not
constantly reminded of the security system
around him. As and when new security
methods are developed, breaking of these
methods has increased. So measures have to be
taken to fill the loopholes, of which
cryptography has and is playing a major role.
Cryptography is evergreen and developments
in this area are a better options
 References:
William Stallings: Cryptography and Network
security: principles and practice: 2nd edition.
J.P. Holbrook, J.K. Reynolds.
``Site Security Handbook.''
Douglas R.Stinson. Cryptography: theory and
practice: 2nd edition
A.Menezes, P.van Oorschot and S.Vanstone:
Handbook of Applied Cryptography.
Smith, Laurence Dwight. Cryptography, the
Science of Secret Writing.
Speciner, M. Perlman, R: Network security,
Englewood Cliffs, NJ