NETWORK SECURITY

INTRODUCTION:
 Computer Security means to protect information. It deals with
prevention and detection of unauthorized actions by users of a
computer.
 In Simple words Security is defined as “Protecting information
system from unintended access.”
 Network Security is protection of the access to files and directories
in a computer network against hacking, misuse and unauthorized
changes to the system. Network Security consists of the policies and
practices adopted to prevent and monitor unauthorized
access,misuse,modification, or denial of a computer network and
network-accessible resources.
 Network Security involves the authorization of access to data in a
network, which is controlled by the network administrator.
NETWORK SECURITY ISSUES/THREATS
Network Security threats fall into two categories:
1. Passive Threats
a. Release of message contents
b.Traffic analysis
2. Active Threats
a. Masquerade
b. Replay
c. Modification of message contents
d. Denial of Service
 1) Passive Threats, sometimes referred to as eavesdropping , involve
attempts by an attacker to obtain information relating to
communication.
(a) Release of message contents
 A telephone conversation, an e-mail message and a
transferred file may contain sensitive or confidential
information.
 We would like to prevent the opponent from learning the
content of these transmissions.
(b) Traffic analysis
 It is a kind of attack done on encrypted messages.
 The opponent might be able to observe the pattern of each
encrypted message.
 The opponent could determine the location and identity of
communicating hosts and could observe the frequency and
length of messages being exchanged.
2. Active Threats, involve modification of the data stream or the
creation of the false
Stream.

(a) Masquerade
 It takes place when one entity pretends to be a different
entity.
 A masquerade attack usually includes one of the other forms
of active attack.
 For e.g., authentication sequences can be captured and
replayed after a valid authentication sequence has taken
place, thus enabling an authorized entity with few privileges
to obtain extra privileges by impersonating an entity that has
those privileges.
(b) Replay
 It involves the passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect.
(c) Modification of message
 It means that some position of a message is altered, or that
messages are delayed or reordered, to produce an
unauthorized effect.
(d) Denial of service(DOS)
 A denial of service attack takes place when the availability to
a resource is intentionally blocked or degraded by an attacker.
 In this way the normal use or management of communication
facilities is inhibited.
 This attack may have a specific target. For e.g., an entity may
suppress all messages directed to a particular destination.
 Another form of service denial is the disruption of an entire
network, either by disabling the network or by overloading it
with messages so as to degrade performance.

SECURITY SERVICES
Network Security can provide the following services related to
a message and entity.

1. Message Confidentiality
 It means that the content of a message when transmitted
across a network must remain confidential, i.e. only the
intended receiver and no one else should be able to read the
message.
 The users, therefore, want to encrypt the message they send
so that an eavesdropper on the network will not be able to
read the contents of the message.
2. Message Integrity
 It means the data must reach the destination without any
adulteration i.e. exactly as it was sent.
 There must be no changes during transmission, neither
accidentally nor maliciously.
  Integrity of a message is ensured by attaching a checksum to
the message.
 The algorithm for generating the checksum ensures that an
intruder cannot alter the checksum or the message.
3. Message Authentication
 In message authentication the receiver needs to be sure of
the sender’s identity i.e. the receiver has to make sure that
the actual sender is the same as claimed to be.
 There are different methods to check the genuineness of the
sender:
1. The two parties share a common secret code word. A
party is required to show the secret code word to the
other for authentication.
2. Authentication can be done by sending digital signature.
3. A trusted third party verifies the authenticity. One such
way is to use digital certificates issued by a recognized
certification authority.
4. Message non-repudiation
 Non-repudiation means that a sender must not be able to
deny sending a message that it actually sent.
 The burden of proof falls on the receiver.
 Non-repudiation is not only in respect of the ownership of the
message; the receiver must prove that the contents of the
message are also the same as the sender sent.
 Non-repudiation is achieved by authentication and integrity
mechanisms.
5. Entity Authentication
 In entity authentication (or user identification) the entity or
user is verified prior to access to the system resources.

CRYPTOGRAPHY
 Cryptography is a technique to provide message
confidentiality.
 The term cryptography is a Greek word which means “secret
writing”.
 It is an art and science of transforming messages so as to
make them secure and immune to attacks.
 Cryptography involves the process of encryption and
decryption. This process is depicted in the following fig:
  The terminology used in cryptography is given below:
1) Plaintext. The original message or data that is fed into the
algorithm as input is called plaintext.
2) Encryption algorithm. The encryption algorithm is the
algorithm that performs various substitutions and
transformations on the plaintext. Encryption is the process
of changing plaintext into cipher text.
3) Ciphertext. Ciphertext is the encrypted form of the
message. It is the scrambled message produced as output.
It depends upon the plaintext and the key.
4) Decryption algorithm. The process of changing
ciphertext into plaintext is known as decryption. Decryption
algorithm is essentially the encryption algorithm run in
reverse. It takes the ciphertext and the key and produces
the original plaintext.
5) Key. It also acts as input to the encryption algorithm. The
exact substitutions and transformations performed by the
algorithm depend on the key. Thus a key is a number or a
set of number that the algorithm uses to perform
encryption and decryption.
 There are two different approaches to attack an encryption
scheme:
1) Cryptanalysis
2) Brute-force attack
1. Cryptanalysis:
 The process of attempting to discover the plaintext or key is
known as cryptanalysis.
  The strategy used by cryptanalyst depends on the nature of
the encryption scheme and the information available to the
cryptanalyst.
 Cryptanalyst can do any or all of six different things:
1) Attempt to break a single message.
2) Attempt to recognise patterns in encrypted messages, to be
able to break subsequent ones by applying a straight forward
decryption algorithm.
3) Attempt to infer some meaning without even breaking the
encryption, such as noticing an unusual-frequency of
communication or determining something by whether the
communication was short or long.
4) Attempt to deduce the key, in order to break subsequent
messages easily.
5) Attempt to find weaknesses in the implementation or
environment of use encryption.
6) Attempt to find general weaknesses in an encryption
algorithm without necessarily having intercepted any
messages.
2. Brute-force attack
 This method tries every possible key on a piece of ciphertext
until an intelligible translation into plaintext is obtained.
 On an average, half of all possible keys must be tried to
achieve the success.
Data Encryption Methods or Traditional Ciphers
The traditional ciphers are character-oriented and are organized into
two categories:
1) Substitution ciphers
2) Transposition ciphers

Substitution ciphers
 In substitution ciphers each letter or group of letters is
replaced by another letter or group.
  For example, we can replace character A with E and character
S with W. If the symbols are digits (0 to 9), we can replace 3
with 5, 4 with 7.
 Substitution ciphers are of two types: Monoalphabetic and
Polyalphabetic ciphers.
Monoalphabetic cipher
 In monoalphabetic cipher a character symbol in the plaintext
is always changed to the same character.
 For example if character A is changed to character D, every
occurrence of character A should always be changed with
character D.
 There exists one-to-one relationship between the characters
in the plaintext and the ciphertext.
 For example, each letter in the plaintext is mapped to some
other letter as shown below:
Plaintext : abcdefghijklmnopqrstuvwx
yz
Ciphertext : Q W E R T Y U I O P A S D F G H J K L Z X C
VBNM
 In such a system, a plaintext “Hello” would be changed into a
ciphertext “ITSSG”.
Plaintext: Hello
Ciphertext: ITSSG
Polyalphabetic cipher
 In polyalphabetic cipher, each occurrence of a character can
have different substitute.
 The relationship between a character in the plaintext to a
character in the ciphertext is a one-to-many relationship.
 Character A could be changed to D in the beginning of the
text, but it could be changed to N at the middle. Thus the
relationship between the character A in the plaintext to
characters D&N in ciphertext is one-to-many.
 For example, a plaintext “Hello” changed to a ciphertext
“ABNZF” represent the polyalphabetic cipher because each
occurrence of L in the plaintext is encrypted by different
character. The first L is encrypted as N and the second L as Z.
Shift Cipher
 Shift cipher is monoalphabetic cipher.
 In this cipher, the encryption algorithm is “shift key character
down”, with key equal to some number.
 The decryption algorithm is “shift key character up”.
  Example of shift cipher is the Caesar cipher attribute to Julius
Caesar. In this method a becomes D, b becomes E and c
becomes F,..... and z becomes C.
In Caesar cipher the “attack” becomes “DWWDFN”.
Plaintext: attack
Ciphertext: DWWDFN
Transposition Cipher
 Transposition cipher does not substitute a character with
another character, rather it reorders the letters to change
their locations.
 A character in first position of plaintext may appear in the
tenth position of the ciphertext. A character in the eighth
position may appear in first position.
 Thus a transposition cipher reorders the symbols in a
block of symbols.
 Transposition cipher makes use of keys. The key provides the
mapping between the position of the symbols in the plaintext
and the ciphertext.
 The key is usually a phrase or word that does not contain any
repeated letters.
 In our example, we take”BOENTIKA” as a key(see in the fig.)
B O E N T I K A
2 7 3 6 8 4 5 1

p l e a s e t r

a n s f e r t e

n t h o u s a n

d r u p e e s t

o m y s w i s s

b a n k a c c o

u n t s e v e n

z e r o z e r o
2 7 3 6 8 4 5 1

Plaintext : Please transfer ten thousand rupees to my swiss

bank account seven zero zero.
Ciphertext:
RENTSONOPANDOBUZESHUYNTRERSEICVETTASSCERAFOPSK
SO
LNTRMANESEUEWAEZ
 Fig: Transposition Cipher
 The purpose of key is to number the columns. Column 1 is
usually made under that key letter which is closest to the start
of alphabet and so on..
 The plaintext is written horizontally, in rows. The rows can also
be padded to fill the matrix if required.
 The ciphertext is read out by columns, starting with column
whose key letter is lowest.
 The transposition encryption can be broken down. If the
snooper guesses the right number of columns, the
permutation and combinations can produce the right output.

CRYPTOGRAPHY ALGORITHMS:
 The cryptography algorithms are grouped into following two
categories:
1) Symmetric key or secret key algorithm
2) Asymmetric key or public key algorithm

Symmetric or Secret key cryptography

 Symmetric key algorithms are those algorithms in which both
sender and receiver uses the same key.
 The sender uses the same key and encryption algorithm to
encrypt the data; the receiver uses the same key and the
corresponding decryption algorithm to decrypt the data.

 Example of secret key algorithms are as follows:

1. Data Encryption Standard(DES)
2. Triple DES
3. Advanced Encryption Standard(AES)
ASymmetric or Public key cryptography
 Asymmetric algorithms are those algorithms in which sender
and receiver use different keys.
 Public key encryption algorithms are asymmetric in the sense
that the encryption and decryption keys are different.
 Each user is assigned a pair of keys- public key and private
key.
 The public key is used for encryption and the private key is
used for decryption. Decryption cannot be done using public
key.
 The two keys are linked but the private key cannot be derived
from public key.
 The public key is well known but the private key is secret and
known only to the user who owns the key.
 This means, that everybody can send a message to the user
using his (user’s) public key. But the user can only decrypt the
message using his private key.
 The public key algorithm operates in the following manner.

1. The data to be sent is encrypted by sender A using the

public key of the intended receiver B.
2. B decrypts the received ciphertext using the private key
which is known only to B. B replies to A encrypting its
message using A’s public key.
3. A decrypts the received ciphertext using his private key
which is known only to him.
 Examples of public key encryption algorithm are:
1. RSA
2. Diffie-Hellman