Scribd
Upload
13 views9 pages

Cns Set 2

The document outlines key principles of security, including confidentiality, integrity, authentication, non-repudiation, access control, availability, and ethical/legal issues. It also explains symmetric and asymmetric key cryptography, detailing their features and examples such as AES and RSA. Additionally, it describes the RSA algorithm and the Diffie-Hellman key exchange method, illustrating their processes and applications in secure communications.

Uploaded by

byramani04
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views9 pages

Cns Set 2

The document outlines key principles of security, including confidentiality, integrity, authentication, non-repudiation, access control, availability, and ethical/legal issues. It also explains symmetric and asymmetric key cryptography, detailing their features and examples such as AES and RSA. Additionally, it describes the RSA algorithm and the Diffie-Hellman key exchange method, illustrating their processes and applications in secure communications.

Uploaded by

byramani04
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

7) Principles of Security?

a) The main principles of security ensure that data and


systems are protected from unauthorized access, misuse, or
attacks.
They include:
1) Confidentiality:
Ensures that only authorized users can access
sensitive information.
Example: When A sends a $100 check to B, only B
should be able to see its contents.
2) Integrity:
Protects data from being tampered with. A and B
must ensure the check's amount, date, or signature isn’t
altered during transit. This is the principles of integrity.
3) Authentication:
Confirms the identity of users. B must verify the
check is truly from A, not someone pretending to be A.
This the principles of authentication.
4) Non-repudiation:
Prevents denial of actions. A cannot later deny
sending the check because A’s signature proves the action.
5) Access-Control:
Defines who can access or modify data. For
example, user A may only view a database, while user B
can update it.

Access Control is broadly related to two areas

a) Role Management- Concentrate on the user side.

b) Rule Management- It focuses on the resources side

6) Availability:
Ensures systems and data are accessible to
authorized users when needed.

For example, a denial-of-service (DoS) attack can


violate this.

7) Ethical&Legal-Issues:
Involves respecting user privacy and complying
with laws. There’s a balance between individual rights and
the greater good of society.

Example: Company, Society


8) Explain in detail about?
1) symmetric key cryptography 2) Asymmetric key cryptography
1) Symmetric Key Cryptography:
o In symmetric key cryptography, the same key is used for
both encryption and decryption.

o It is also called secret-key cryptography because the key


must be kept secret between sender and receiver.

o The sender uses the key to encrypt the message, and the
receiver uses the same key to decrypt it.

o It is fast and suitable for encrypting large amounts of data.

o A major challenge is secure key sharing, as both parties


must have access to the same secret key.

Features:

• Speed: Very fast and suitable for real-time communication.

• Simplicity: Uses only one key.

• Security depends on key secrecy.

Example: AES (Advanced Encryption Standard)


DES (Data Encryption Standard)
2) Asymmetric Key Cryptography:
o In asymmetric key cryptography, two keys are used: a public
key and a private key.

o The public key is shared with everyone, while the private


key is kept secret by the owner.

o If a message is encrypted with the public key, it can only be


decrypted with the corresponding private key, and vice
versa.

o This method is more secure for communication, but slower


than symmetric cryptography.

o It also provides digital signatures and authentication.

Features:

• Key Pair: Public key (shared), Private key (kept secret).

• Secure Key Exchange: No need to share secret keys.

• Supports Digital Signatures.

Example: RSA (Rivest–Shamir–Adleman)


ECC (Elliptic Curve Cryptography)
10) Explain RSA algorithm with a neat diagram?
a)
RSA (Rivest-Shamir-Adleman) Algorithm:
RSA is a widely used asymmetric key cryptographic algorithm
that uses a pair of keys: a public key for encryption and a private key
for decryption. It is based on the mathematical difficulty of factoring
large prime numbers.
Steps in RSA Algorithm:
1. Key Generation:
• Choose two large prime numbers: p and q
• Compute n = p × q
• Compute Euler’s totient: φ(n) = (p-1)(q-1)
• Choose e such that 1 < e < φ(n) and gcd (e, φ(n)) = 1
• Compute d such that (d × e) mod φ(n) = 1
• Public Key: (e, n)
• Private Key: (d, n)

2. Encryption:
• Sender uses recipient’s public key (e, n)
• Plaintext message M is encrypted as:
C = M^e mod n

3. Decryption:
• Receiver uses their private key (d, n)
• Ciphertext C is decrypted as:
M = C^d mod n
Example:
Let p = 61, q = 53
• n = 61 × 53 = 3233
• φ(n) = 60 × 52 = 3120
• Choose e = 17, then d = 2753
• Public key: (17, 3233)
• Private key: (2753, 3233)
Encrypt message
M = 72 (H):
• C = 72^17 mod 3233 = 2103
Decrypt message:
• M = 2103^2753 mod 3233 = 72 → H
Applications of RSA:
• Secure key exchange
• Digital signatures and certificates
• HTTPS / SSL (web encryption)
• Secure email and VPNs
11) DIFFI HELLMAN key exchange algorithm example?
a)
Diffie-Hellman is a key exchange algorithm used to
securely share a secret key between two people over a public
network.
It allows both users to generate a common key used for
encryption, even if an attacker is listening.
Steps:
1) Two people, Alice and Bob, agree on two public numbers:
o A prime number p
o A base g (called generator)
2) Alice chooses a private number a and calculates:
A = (g^a) mod p and sends A to Bob.
3) Bob chooses a private number b and calculates:
B = (g^b) mod p and sends B to Alice.
4) Now both calculate the shared secret key:
o Alice: S = (B^a) mod p
o Bob: S = (A^b) mod p
Both get the same key S, without sending it directly!
Example:
Let:
• p = 23 (a prime)
• g = 5 (a primitive root of 23)
Step 1: Private Keys
• Alice chooses a = 6
• Bob chooses b = 15
Step 2: Public Keys
• Alice computes A = 5^6 mod 23 = 15625 mod 23 = 8
• Bob computes B = 5^15 mod 23 = 30517578125 mod 23
=2
Step 3: Exchange Public Keys
• Alice sends 8 to Bob
• Bob sends 2 to Alice
Step 4: Shared Secret
• Alice computes S = 2^6 mod 23 = 64 mod 23 = 18
• Bob computes S = 8^15 mod 23 = 18
Both got the same secret key: 18
Applications:
• Used in SSL/TLS (web security)
• VPNs
• Secure messaging (e.g., WhatsApp)

You might also like