You are on page 1of 12


Paper Presentation

Submitted By

E-mail :

Department of
Computer Science
(Affiliated to JNTU, Anantapur)


Reg . No : 083G1A0520 Topic : NETWORK

Name : D.HARITHA Course :1I1-B.Tech


asymmetric-RSA, ECC.
Generally, the logical conclusion
Abstract is to use both kind of algorithms
SECURITY” in this and their combinations to achieve
contemporary scenarios has optimal speed and security levels.
become a more sensible issue It is hoped that the reader will
either it may be in “REAL have a wider perspective on
WORLD” or in the “CYBER security in
WORLD” .in this world as
opposed to the cyber world an
attack is often preceded by
information gathering.
general, and better
Network security is a understand how to reduce and
complicated subject, historically manage risk personally.
only tackled by well-trained and
experienced experts. However, as
more and more people become 1. Introduction
”wired'', an increasing number of 2. Popular networks
people need to understand the 3. Security services
basics of security in a networked 4. Security threats
world. Our paper covers different 5. Where do they come from?
kinds of threats & firewalls in the 6. Preventing security disasters
network by implementation of 7. Firewalls
different security services using • Types of firewalls
various security mechanisms. The • Point of failure
security mechanisms are primarily • Security mechanisms
based on cryptographic algorithms
like symmetric-DES, AES,

Popular networks:
8. Cryptography
UUCP: (Unix-to-Unix Copy) was
Types of cryptography originally developed to connect
• Secret key UNIX (surprise!) hosts together.
Internet: The Internet is the
cryptography world's largest network of
• public key cryptography networks.
Services for security:
• Hash algorithms
The services are intended to
9. Conclusion
counter security attacks, and they
10. Bibliography
make use of one or more
Security mechanisms to provide
the service.
1. Confidentiality: Ensure that the
Introduction: information in a computer system
and transmitted information are
A basic understanding of
accessible only for reading by
computer networks is requisite in
authorized parties. This type of
order to understand the principles
access includes printing
of network security. In this
displaying and other forms of
section, we'll cover some of the
disclosure, including simply
foundations of computer
revealing the existence of an
networking, then move on to an
overview of some popular
2. Authentication: Ensure that the
networks. The impressive
origin of a message or electronic
development of computer
document is correctly
networks has reached the point,
with an assurance that the identity
where security becomes essential.
is not false;
Users want to exchange data in a
3. Integrity: Ensures that only
secure way. The problem of
authorized parties are able to
network security is a complex
modify computer systems assets
issue. Network security means a
and transmitted information.
protection of the network assets.
Modification includes writing,

changing, changing status,

deleting, creating and delaying or
replaying of transmitted messages.
4. Non-repudiation: Requires that
neither the sender nor the receiver
of a message is able to deny the
5. Access control: Require that
access to information resources
may be controlled by or for the
target system.
6. Availability: Require that
computer systems assets be
available to authorized parties
when needed.

Attacks on the security of a
computer system or network are
best characterized by viewing the
function of a computer system as
provided information. This normal
flow is depicted in figure:

Security threats:

Categorization of these attacks is

passive attacks and active attacks.
Passive attacks: In this the goal
of the attacker is to obtain

information that is being

transmitted. Two types of passive
attacks are release of message
Unauthorized Access:
contents and traffic analysis. ``Unauthorized access'' is a
Active attacks:. These attacks very high-level term that can refer
involve some modification of the to a number of different sorts of
data stream or the creation of false attacks. The goal of these attacks
stream and can be sub divided into is to access some resource that
4 categories: Masquerade, Replay, your machine should not provide
Modification of messages, and the attacker. These can take the
denial of service. form of a virus, worm, or Trojan
Denial of service: Do S (Denial- horse. One of the most publicized
of-Service) attacks are probably threats to security is intruder.
the nastiest, and most difficult to Generally referred to as a hacker
address. Such attacks were fairly or cracker, and some other threats
common in late 1996 and early are executing commands illicitly,
1997, but are now becoming less confidential breaches, destructive
popular. Some things that can be behavior.
done to reduce the risk of being
Where do the attacks come
stung by a denial of service attack
include from? How, though, does an
• Not running your visible-to-the- attacker gain access to your

world servers at a level too close equipment?

to capacity Through any connection that you

• Using packet filtering to prevent have to the outside world. This

obviously forged packets from includes Internet connections,

entering into your dial-up modems, and even

network address space. physical access.

• Keeping up-to-date on security- Preventing security disasters:

related patches for your hosts' • Hope you have backups

operating systems.

• Stay current with relevant and build a firewall architecture

operating system patches that best implements that policy.
• Don't put data where it doesn't Points of Failure: Any time there
need to be is only one component paying
• Avoid systems with single points attention to what's going on
of failure between the internal and external
• Watch for relevant security networks, an attacker has only one
advisories thing to break (or fool!) in order to
Firewalls: gain complete access to your
internal networks.
Firewalls can be an Security Mechanisms: A
effective means of protecting a mechanism that is designed to
local system or network of detect, prevent, or recover from a
systems from network based security attack. Cryptography and
security threats while at the same Steganographic are such two
time, a firewall is simply a group techniques. Hence we focus on
of components that collectively development, use and
form a barrier between two management of Cryptographic
networks. techniques.
Types of firewalls: What is Cryptography?
• Application Gateways
The word “cryptography”
• Packet Filtering
is derived from Greek and when
• Hybrid systems
literally translated, means “secret
Best for me: Lots of options are
writing.” The study of enciphering
available, and it makes sense to
and encoding (on the sending
spend some time with an expert,
end), and decoding (on the
either in-house, or an experienced
receiving end) is called
consultant who can take the time
cryptography. Although the
to understand your organization's
distinction is fuzzy, ciphers are
security policy, and can design
different from codes. When you

mix up or substitute existing

letters, you are using a cipher.
Encryption refers to the
transformation of data in “plain
text” form into a form called
“cipher text,” .The recovery of
plain text requires the key, and
this process is known as
decryption. This key is meant to You can construct a secret
be secret information and the message from the above table.
privacy of the text depends on the Relative substitutions can be done.
cryptographic strength of the key. So, the message “ Meet me after
Ciphers are broken into two main school behind the gym,” would
categories, substitution ciphers read
and transposition ciphers. “DTTZ DT QYZTK LEIGGS
Substitution ciphers replace letters WTIOFR ZIT UND.”
in the plaintext with other letters Five letters are customary in the
or symbols, keeping the order in spy biz, so your message comes
which the symbols fall the same. out like this:
Transposition ciphers keep all of DTTZD TQYZT KLEIG GSWTI
the original letters intact, but mix OFRZI TUNDM
up their order. Transposition cipher: Text
Substitution cipher: chosen in one form can be
Plaintext letter enciphered choosing a different

route. To decipher, you fill the in
OP Q RST UV WX Y Z box following the zigzag route
Cipher text letter and read the message using the
spiral route.
G HJ K LZX C V B NM The cipher text becomes:

Types of Cryptography: send messages to one another on a

medium that can be tapped,
There are three types of
without worrying about
cryptographic algorithms:
eavesdroppers. All we need to do
1. Secret Key Cryptography.
is have the sender encrypt the
2. Public Key Cryptography. messages and the receiver decrypt
3. Hash Algorithms. them using the key. An
Secret Key Cryptography: eavesdropper will only see
unintelligible data. Some of the
Secret key cryptography
secret key cryptography
involves the use of single key.
algorithms are - DES, 3-DES,
Given a message (Plain text) and
blowfish, IDEA, AES, RC2, RC4,
the key, encryption produces
RC5, ECB etc.
cipher text, which is about the
same length as the plain text was.
Decryption is the reverse of Advantages of Secret Key
encryption, and uses the same key Cryptography:
o Very fast relative to public key
as encryption.
o Considered secure, provided the
Plain text------------------> cipher
key is relatively strong.
o The cipher text is compact (i.e.,
encryption does not add excess
Cipher text------------------> plain
“Baggage” to the cipher text).
o Widely used and very popular.
Secret key cryptography is Disadvantages of Secret
sometimes referred to as Key Cryptography:
symmetric cryptography or o The administration of the keys
conventional cryptography. If can become extremely
sender and receiver agree on a complicated.
shared secret key, then by using o A large number of keys are
secret key cryptography we can needed to communicate securely

with a large group of People. Private key

o The key is subject to Cipherkey-----------------------------
interception by hackers. ---> plain text
Public Key Cryptography: Decryption
Public key cryptography Public key cryptography can do
sometimes also referred to as anything secret key cryptography
asymmetric cryptography. The can do like- transmitting the data
public key need not be kept secret, over an insecure channel, secure
and, in fact, may be widely storage on insecure media,
available, only its authenticity is authentication purposes and
required to guarantee that A is digital signatures. Some Public
indeed the only party who knows key cryptography algorithms are
the co-responding private key. A RSA, Elliptic Curve Cryptography
primary advantage of such (ECC), ElGamal, DH, DSA/DSS
systems is that providing authentic etc.
public keys is generally easier Advantages of Public key
than distributing secret keys Cryptography:
securely, as required in symmetric
o Considered very secure, and
key systems. The main objective
easy to configure these systems.
of public-key encryption is to
o No form of secret sharing is
provide privacy or confidentiality.
required, thus reducing key
Public-key encryption schemes
administration to a Minimum.
are typically substantially slower
o Supports non-repudiation.
than symmetric-key encryption
o The number of keys managed by
algorithms such as DES.
each user is much less compared
The private key and the public key to secret key
are mathematically linked. Cryptography.
Encryption Disadvantages of Public
Plaintext------------------------------- key Cryptography:
--> cipher text
Public key

o Much slower compared to secret protect the integrity of a message

key cryptography. transmitted over insecure media.
o The ciphertext is much larger Message fingerprint: We can
than the plaintext, relative to know whether some data stored
secret key Cryptography. has been modified from one day to
Hash Algorithms: the next, if we save that data

Hash algorithms are also structure with a hash function. We

known as message digests or one- can compare the hash function

way transformations. A data structure with the message on

cryptographic hash function is a the message data. If the message

mathematical transformation that digest has not changed, you can be

takes a message of arbitrary length sure that none of the data is

and computes from it a fixed changed.

length number. Digital Signatures: can be

The following things can be done efficiently implemented using

using hash algorithms. hash functions.

Implementation Issues
Password Hashing: When a user
Key Size:
types a password, the system must
This has major role for amount of
store the password encrypted
security. If the algorithm is
because someone else can use it.
inherently strong, then it can be
To avoid this problem hashing is
assumed that the larger the key
used. When a password is
size for the ciphers, the harder it is
supplied, it computes the
for a hacker to perform an attack
password hash and compares it
on the cipher text. But, larger keys
with the stored value if they
lead to lower levels of
match; the password is taken to be
performance. Thus there are,
trade-offs, which are traditionally
Message Integrity: Cryptographic
made between the level of security
hash functions can be used to
and other factors, like

Hybrid Systems: o Douglas R.Stinson.

Just one crypto-system will not Cryptography: theory and
solve every problem. Most practice: 2nd edition
systems in use today employ a o A.Menezes, P.van Oorschot and
hybrid system. S.Vanstone:Handbook of Applied
Conclusion: o Smith, Laurence Dwight.

Everyone has a different Cryptography, the Science of

idea of what ``security'' is, and Secret Writing

what levels of risk are acceptable.

It's important to build systems and
networks in such a way that the
user is not constantly reminded of
the security system around him.
As and when new security
methods are developed, breaking
of these methods has increased. So
measures have to be taken to fill
the loopholes, of which
cryptography has and is
playing a major role.
Cryptography is evergreen and
developments in this area are a
better option.

o William Stallings: Cryptography
and Network security: principles
and practice: 2nd edition.
o J.P. Holbrook, J.K. Reynolds.
``Site Security Handbook.''