Scribd
Upload
81 views30 pages

CNS 1

The document provides an introduction to information security, emphasizing the importance of protecting data from unauthorized access, modification, and destruction. It outlines the CIA triad (Confidentiality, Integrity, Availability) and discusses security attacks, services, and mechanisms, including cryptography and steganography as key techniques for implementation. The document also details various types of attacks and their implications on security goals, along with a brief overview of symmetric and asymmetric key encipherment and hashing.

Uploaded by

Roman Reign
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
81 views30 pages

CNS 1

The document provides an introduction to information security, emphasizing the importance of protecting data from unauthorized access, modification, and destruction. It outlines the CIA triad (Confidentiality, Integrity, Availability) and discusses security attacks, services, and mechanisms, including cryptography and steganography as key techniques for implementation. The document also details various types of attacks and their implications on security goals, along with a brief overview of symmetric and asymmetric key encipherment and hashing.

Uploaded by

Roman Reign
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 30

Introduction

to
Cryptography and
Network Security

Dr. Bimal Kumar Meher


Associate Professor. Dept. of CSE
Silicon Institute of Technology
What is Information Security?
 Information security (InfoSec), is the practice
of defending information from
 unauthorized access,
 disclosure,
 disruption,
 modification,
 inspection,
 recording,
 destruction.
Who needs Information Security?
 Government,
 Military,
 Corporations,
 Financial institutions,
 Hospitals
 Private businesses
 They have a great deal of
 confidential information about their employees,
customers, products, research and financial status.
Books for this Course
 Text Books:
 Cryptography and Network Security:
Principles and Practice- William Stallings, PHI.
 Network Security:Charlie Kaufman, Radia
Perlman, Mike Spencier, PHI
 Reference Book:
 Cryptography and Network Security- B.A.
Forouzan & D. Mukhopadhyay, McGraw Hill
Special Indian Edition.
Introduction
 Security goals or attributes called C I A Triad

 Three aspects of Security


Security attacks
Security services
Security mechanisms
 To introduce two techniques, Cryptography and
Steganography to implement security mechanisms
C I A Triad

C I A
Confidentiality

• Confidentiality is to maintain secrecy of the


information from any unintended/unauthorized
person or process.
• Probably the most common aspect of information
security.
Message
Now my Acc.
Balance 2Lac.

Sender Receiver

EVE
Eavesdropper
Integrity

• Information needs to be changed whenever


there is a need.
• Integrity means that changes need to be done
only by authorized entities and through
authorized mechanisms.
Message Message
I am fine I am not fine

Sender Receiver

EVE
Attacker
Availability

• The information created and stored by an


organization needs to be available to authorized
entities only.
• It is the most essential attribute for the critical
information which are stored remotely.
Message
I need your
help urgently

Sender Receiver

EVE
Attacker
Three Aspects of Security
 Security Attacks: Any action that
compromises the security of data owned
by an organisation
 Security Services: It ensures the security
of the data and its transfer by using some
of the security mechanisms.
 Security Mechanisms: Processes those
are designed to detect, prevent, or recover
from a security attack.
Security Attacks
The three goals of security-Confidentiality,
Integrity, and Availabilitycan be threatened by
security attacks.

1. Attacks on Confidentiality
2. Attacks on Integrity
3. Attacks on Availability

All these attacks can be broadly classified as


either Active or Passive attacks
Taxonomy of attacks with relation
to security goals
Attacks on Confidentiality

Snooping refers to unauthorized access to or


interception of data.

Traffic analysis refers to obtaining some specific


type of information by monitoring online traffic.
Attacks on Integrity

Modification means that the attacker intercepts the


message and changes it.

Masquerading or spoofing happens when the


attacker impersonates somebody else.
Attacks on Integrity

Replaying means the attacker obtains a copy


of a message sent by a user and later tries to replay
it.

Repudiation means that sender of the message


might later deny that he has sent the message; the
receiver of the message might later deny that he has
received the message.
Attacks on Availability

Denial of service (DoS) is a very powerful attack,


which may slow down or totally interrupt the service
of a system.
An attacker in DoS typically floods the targeted
machine (Server) with so many superfluous requests
that, the machine remains busy in servicing them;
As a result all legitimate requests from other systems
are prevented from servicing.
DDoS: More sophisticated attack using many
attack sources
Example of DoS Attack

Source: Cloudflare Inc. US


Active vs Passive Attacks

 Active attack may change the data or harm the


system.
 Passive attack is not to change the data or
harm the system, but to obtain the information.
 So it harms the sender and receiver of the message.
Active vs Passive
Eve

Eve
Active vs Passive Attacks(contd…)

Which one is difficult to detect?


Security Services

Peer-Entity Auth.

Data Origin Auth.

Access Control
Security
Confidentiality
Services

Data Integrity

Nonrepudiation

Availability
Security Mechanism
Relation between Services and Mechanisms
Mechanisms

Enciph Digital Access Data Auth. Traffic Routing Notari


Services erment Sign. Control Integrity Exch. Pad. Control zation

Peer-Entity Auth.
  
Data Origin Auth.
 
Access Control

Confidentiality
 
Data Integrity
  
Nonrepudiation
  
Availability
 
Security Implementation Techniques

• Mechanisms discussed in the previous


sections are only theoretical recipes to
implement security.
• The actual implementation of security goals
needs some techniques.
• Two techniques mostly used: Cryptography
and Steganography.
Cryptography

• Cryptography, a word with Greek origin, means


“secret writing.”
• Now this term is used as the science and art of
transforming messages to make them secure and
immune to attacks.
Cryptography(contd…)

• Although Cryptography, earlier referred to


encryption/decryption, but now it is
defined as three distinct mechanisms:

• Symmetric key Encipherment


• Asymmetric key Encipherment
• Hashing
Symmetric Key Encipherment
 Also called Symmetric key cryptography
 Or Secret Key Cryptography
 The sender of the message uses some predefined
algorithm and a shared secret key for encryption.
 The receiver uses the same shared secret key for
decryption.
 It is something like Alice puts the message in a
box and locks the box using a key whose duplicate
key is available with Bob who can open the box
and takes the message from the box.
 Example: Decrypt: uknkeqp, qgjgaml
Asymmetric Key Encipherment
 Also called Public key encipherment
 Or public key cryptography
 Unlike symmetric, it uses two keys
 They are named as: public key & private key
 To send a message to Bob, Alice first encrypts the
message by using Bob’s public key.
 To decrypt the message, Bob uses his own private
key.
 The algorithm used here is more complex than the
previous one.
Hashing

 It is a process by which a fixed length message


digest is created out of a variable length
message.
 It is much smaller than the message to be sent.
 This is essential in
 Data integrity
 Digital signature
 Authentication
THE REST OF YOUR SYLLABUS

The rest of your text book is divided into four parts.


Part One: Symmetric-Key Encipherment

Part Two: Asymmetric-Key Encipherment

Part Three: Integrity, Authentication, and Key Management

Part Four: Network Security

You might also like