Professional Documents
Culture Documents
ABSTRACT
This paper introduces Cryptography All these methods and means of communication
Techniques. Cryptography is “The science of have
protecting data” & Network Security played an important role in our lives, but in the
“keeping information private and Secure from
unauthorized Users”.
past
This paper gives the Fundamental few years, network communication, especially over
Requirements for the Data Transmission, the the Internet, has emerged as one of the most
security attacks like Interruption, powerful
Interception and Modification of the data Methods of communication with an overwhelming
Transmission. The Cryptographic Process Impact on our lives. Such rapid advances in
explaining through a generalized function is Communications technology have also given rise
discussed through which encryption and
to
decryption is done by the various algorithms
like RSA algorithm, Hash Functions and
Security threats to individuals and organizations.
many cryptographic algorithms.
Fundamental Requirements
Introduction
Confidential: Is the process of keeping
The Cryptanalysis is the process of information
attempting to discover the plain text and/ or private and Secret so that only the intended
the key. recipient
Applications of Various is able to understand the information.
Cryptographic Technologies. Authentication: Is the process of providing proof
of
Why & How to Provide Network Security in the identity of the sender to the recipient, so that the
Certificates issuing, The Validity & Trust for recipient can be assured that the person sending
Certificate the
Services, Certificate Revocation in the Internet, information is who and what he or she claims to
Intranet and other Network Communications, the be.
Applications of Network Security to the various Integrity: Is the method to ensure that information
Data is
Transfer techniques and protocols. not tampered with during its transit or its storage
From the dawn of civilization, to the highly on
networked societies that we live in Today the network. Any unauthorized person should not
communication has always been an be
integral part of our existence. able to tamper with the information or change the
· Radio communication Information during transit Non-repudiation: Is the
· Network communication method to ensure that information cannot be
· Mobile communication disowned. Once the non-repudiation
· Telephonic communication
process is in place, the sender cannot
deny being the originator of the data.
Cryptographic Technologies
Based on Layers
· Link layer encryption
· Network layer encryption
· IPSEC, VPN, SKIP RSA: Multiplication of two large prime
· Transport layer numbers is easy but factoring the resulting product
· SSL, PCT(Private Communication is
Technology) practically impossible
· Application layer
· PEM (Privacy Enhanced Mail)
· PGP (Pretty Good Privacy) Public Key Infrastructure (PKI)
· SHTTP
Cryptographic process can be implemented Introduction
at various
layers starting from the link Layer all the way up to The term public key infrastructure (PKI) is
the used to describe the policies, standards, and
application layer. The most popular encryption software
scheme is SSL and it is implemented at the that regulate or manipulate certificates and public
transport and
layer. If the encryption is done at the transport private keys. In practice, PKI refers to a system of
layer, digital certificates, certification authorities (CA),
any application that is running on the top of and
the transport layer can be protected. other registration authorities that verify and
authenticate the validity of each party
Based on Algorithms involved
in an electronic transaction. Standards for PKI
are still evolving, even as they are being
widely
implemented as a necessary element of certificate is in compliance with the
electronic commerce. This section will help you criteria established
understand what by the CA policy.
a PKI is and what services are required to build Certificate enrollment: The procedure that an
a PKI. end
entity follows to request and receive a certificate
PKI concepts on Certificates from
a CA. The certificate request provides identity
Certificate: A public key certificate is a digitally information to the CA
signed statement used for authentication and Certificate Revocation: Certificates have a
secure specified
exchange of information on the networks. lifetime, but CAs can reduce this lifetime by the
The issuer process known as certificate revocation. The CAs
and signer of the certificate is known as publishes a certificate revocation list (CRL) that
a certification lists
authority (CA). Certificate has No, Validity, Uses serial numbers of certificates that it considers no
of the Key pair (Public & Secret) longer usable.
Certification Authority: A certification authority Certificate Chain Validation: In a network, when
(CA) we
is an entity trusted to issue certificates to a generate a request for a new certificate, the
requesting information in that request is first passed from the
entity. A CA verifies the requester's information requesting program to Certificate Authority (CA)
according to the policy of the CA, and then uses then
its private key to apply its digital signature to the passes the appropriate data to a program known
certificate. as a
cryptographic service provider (CSP) A CSP is an
CA Policy: A CA issues certificates to requesters independent software module that performs
based on a set of established criteria. The set of cryptography operations, such as secret-key
criteria that a CA uses when processing exchange, digital signing of data, and public-key
certificate requests is referred to as CA policy. authentication. Chain-building mechanism
Typically, a CA attempts to
publishes its policy in a document known as a build a certification path (a certificate chain) from
Certification Practice Statement (CPS). the
end-entity certificate, such as a user certificate, up
Types of Certification Authorities to
a CA root certificate.
Self-signed CA: The public key in the certificate
and Attacking Cryptography Cryptanalysis
the key used to verify the certificate are the same
Subordinate CA: The public key in certificate and Cryptanalysis is the process of attempting to
the discover the plaintext and/ or the key. The types of
key used to verify the certificates are different. Cryptanalysis attacks are
Rooted CA: This is trusted unconditionally by a
client Differential Cryptanalysis Attack:
and is at top of a certification hierarchy.
Registration: Registration is the process by which The differential cryptanalysis attack looks
a specifically at
certificate is issued to the subject, provided pairs of cipher texts whose plaintext has some
that the
specific differences. It analyzes these
differences as
the plaintext propagates through various rounds describes the cryptographic concepts of symmetric
of Data Encryption Standards (DES) when they key
are encrypted with the same key. encryption, public-key encryption, types of
encryption algorithms, hash algorithms, digital
Linear Cryptanalysis Attack: signatures, and key exchange. The Cryptography
Attacking techniques like Cryptanalysis and Brute
Linear Cryptanalys is attack was invented by Force Attack. This Paper provides information of
Mitsuru Matsui in 1993. This method is based on Network Security Needs and Requirements.
the concept that if you XOR some of the plaintext Cryptography is a particularly interesting field
bits together, XOR some cipher text bits because of the amount of work that is, by
together, and then XOR the results, you will get a necessity,
single bit that is the XOR of some of the key bits. done in secret. The irony is that today, secrecy is
A large number of such plain/cipher texts pairs not
are used to guess the values of the key bits the key to the goodness of a cryptographic
algorithm.
Brute Force Attack Regardless of the mathematical theory behind an
algorithm, the best algorithms are those that are
The simplest attack to decipher a DES key is well known
the brute force attack. The brute force attack and well-documented because they are also
on the well-tested and well-studied! In fact, time is the
DES algorithm is feasible because of the only
relatively small key length (56 bit) and ever- true test of good cryptography; any cryptographic
increasing computational power of the computers. scheme that stays in use year after year is most
It can break likely
through any cipher by trying all keys that a good one. The strength of cryptography lies in
possibly exist. However, in brute force attacks, the
the time taken choice (and management) of the keys; longer keys
to break a cipher is directly proportional to the will resist attack better than shorter keys.
length
of the key. In a brute force attack, keys References:
are randomly · Cryptography and Network Security –By
generated and applied to the cipher text until the William Stallings.
legitimate key is generated. The Average Time · Introduction to Cryptography –By Aysel
Required for Exhaustive Key Search Ozgur
· www.en.wikipedia.org.
Conclusion · http://www-users.cs.umn.edu/
http:/
Cryptography protects users by providing
functionality for the encryption of data and
authentication of other users. This technology
lets the
receiver of an electronic message verify the
sender,
ensures that a message can be read only by the
intended person, and assures the recipient that a
message has not be altered in transit. This paper