Cryptography & Network Security

Unit – I
OSI Security Architecture

OSI Security architecture provides the following concepts.

1. Security Attack:
Attack is defined as an action that compromises the security of information owned by the
organization.

2. Security Service :
A service that enhances the security of data processing system.

3. Security Mechanism :
A process that is designed to detect, prevent or recover from a security attack.

Threat :
Threat is a possible danger that exploit vulnerability.

Attack :
Attack is an intelligent act that is deliberate to evade security and violate the security policy of
a system.

1.1 Security Attack :

Classification :
1. Passive Attack
2. Active Attack
Passive Attack:

The operation wants to obtain the information that is being transmitted across the network and
involves no alteration.

Characteristics :
❖ Passive attacks are difficult to detect.
❖ It is possible to prevent the passive attack by encryption.
❖ The message to be transmitted should be prevented from eaves dropping.
❖ The intruder watching the frequency, length of message exchanged between the Traffic
Analysis.
 Active Attacks
• Active attacks involve alteration to the data.
Characteristics :
❖ It is difficult to prevent active attacks.
❖ Detection is feasible and can be recovered from the after effects caused by them.
Classification :
1. Masquerade :-
❖ Masquerade occurs when one entity pretends to be a different entity.
❖ Here the attacker captures the authentication and impersonifies the sender.
❖ Generates and transmits the message or replay the message.

Attacker
C

A Internet B
Sender Receiver

Masquerade
2. Replay :-
Here the attacker captures the message and retransmits the message without any modification
to produce unauthorized effect.

Attacker C

A B
Internet
Sender Receiver

Replay
 3. Modification of Messages
Here the attacker captures the message and retransmits the message with
modification or delays or recorder the message to produce unauthorized effect.

Attacker
C

A B
Internet
Sender Receiver

4. Denial of Service
This attack has specific target like suppress all the messages directed
to a user or disable the network, degrade the performance.
5. Software Attack :
Software attacks are those which can be introduced into the systems
or networks.
Example : Viruses.

1.2 Security Services

1. Authentication – Assuring the communicating entity.
2. Access Control – Prevention of unauthorized use of a resource.
3.Data confidentiality – Protection of data from unauthorized
disclosure
4. Data Integrity – This gives the assurance that the data received are
not modified/replayed/deleted/updated.
5. Non-Reputation – This provides the protection against the denial
full or part of communication.

1.3 Security Mechanism :

1.Encipherment – Transform data into another form.
2.Digital Signatures – Protection against forgery.
3.Access Control – Provides the integrity of the data.
4. Data Integrity – Assures the integrity of the data.
5.Traffic Padding – False opinion on the traffic analysis.
6. Notarization – Trusted third party to assure the data exchange.

*********************
 A Model for Network Security
• Principals :
The two parties involved in the transaction are the principals. They are the sender and the
receiver. They co-operate for the exchange to take place.
• Opponent :
The opponent is an attacker who gives threat to confidentiality, authentication etc.

• Trusted Third Party :

❖ Trusted third party is needed to achieve secure transmission
❖ The Trusted Third party should arbitrate disputes between the two principals for
authentication.
• Tasks needed to generate security service :
❖ Design an algorithm to do transformation.
❖ Generate the secret information to be used with the algorithm.
❖ Develop methods for distribution and sharing of secret information.
❖ The protocol to be used by 2 principals which makes use of security algorithm and secret
information.

• Classification of Threat :
1. Information Access Threat :
Intercepts / Modifies data on behalf of the user who should not have access to the data.
2. Service Threats :
Exploits the service flaws.
• Terms used in Security :
1. Plain Text : The original Message is known as Plain text.
2. Cipher Text : The coded message is called the Cipher text.
3. Encryption or Enciphering : The Process of converting from plain text to cipher text is
called as Encryption or Enciphering.
4. Decryption or Deciphering : The process of converting from cipher text to plain text is
called as Decryption or Deciphering.
5. Cryptography : The area of study of the Encryption is called as Cryptography.

Crypt Analysis :
The techniques used for deciphering a message without the knowledge of enciphering is called
as
“ Crypt Analysis “ .

Cryptology :
Cryptography + Crypt Analysis = Cryptology.
 Encryption Decryption Plain
Plain Text Algorithm
Algorithm Text

Secret Key Cipher Text Secret

Key
Transmitted