Scribd Logo
Upload

Welcome to Scribd!

  • CNS-3rd Session

    Uploaded by

    Sadhana V
    5 views31 pages
    Cryptography and Network Security Unit 1

    Original Title

    CNS-3rd session

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Cryptography and Network Security Unit 1

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views31 pages

    CNS-3rd Session

    Uploaded by

    Sadhana V
    Cryptography and Network Security Unit 1

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 31

    PSG Institute of Technology and Applied Research

    Neelambur, Coimbatore – 641 062


    Department of Computer Science and Engineering

    CS8792 Cryptography and


    Network Security
    Session 3
    Dr.I.Kala
    Associate Professor/CSE
    PSGiTECH
    Outline of the presentation
    • OSI security architecture
    • Security attacks, services and mechanisms

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 2


    OSI Security Architecture
    • ITU-T X.800 Security Architecture for OSI
    • defines a systematic way of defining and providing security
    requirements
    • for us it provides a useful, if abstract, overview of concepts
    we will study

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 3


    Services, Mechanisms, Attacks

    • need systematic way to define requirements


    • consider three aspects of information security:
    – security attack
    – security mechanism
    – security service
    • consider in reverse order

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 4


    Security Attack
    • any action that compromises the security of
    information owned by an organization
    • information security is about how to prevent attacks,
    or failing that, to detect attacks on information-based
    systems
    • often threat & attack used to mean same thing
    • have a wide range of attacks
    • can focus of generic types of attacks
    – passive
    – active

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 5


    Classify Security Attacks as

    • passive attacks - eavesdropping on, or monitoring of,


    transmissions to:
    – obtain message contents – Release of message contents
    – monitor traffic flows - Traffic analysis
    • active attacks – modification of data stream to:
    – masquerade of one entity as some other
    – replay previous messages
    – modify messages in transit
    – denial of service

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 6


    Passive Attacks

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 7


    Active Attacks

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 8


    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 9
    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 10
    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 11
    Types of Cryptanalytic Attacks

    • ciphertext only
    – only know algorithm / ciphertext, statistical, can identify
    plaintext
    • known plaintext
    – know/suspect plaintext & ciphertext to attack cipher
    • chosen plaintext
    – select plaintext and obtain ciphertext to attack cipher
    • chosen ciphertext
    – select ciphertext and obtain plaintext to attack cipher
    • chosen text
    – select either plaintext or ciphertext to en/decrypt to attack
    cipher

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 12


    POLL 1

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 13


    Security Services
    • Authentication
    – assurance that the communicating entity is the one claimed
    • Access Control
    – prevention of the unauthorized use of a resource
    • Data Confidentiality
    – protection of data from unauthorized disclosure
    • Data Integrity
    – assurance that data received is as sent by an authorized entity
    • Non-Repudiation
    – protection against denial by one of the parties in a
    communication
    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 14
    Security Services
    • Authentication
    – assurance that the communicating entity is the one claimed
    • Access Control
    – prevention of the unauthorized use of a resource
    • Data Confidentiality
    – protection of data from unauthorized disclosure
    • Data Integrity
    – assurance that data received is as sent by an authorized entity
    • Non-Repudiation
    – protection against denial by one of the parties in a
    communication
    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 15
    Security Mechanism
    • feature designed to detect, prevent, or recover from a
    security attack
    • no single mechanism that will support all services required
    • however one particular element underlies many of the
    security mechanisms in use:
    – cryptographic techniques

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 16


    Security Mechanisms (X.800)
    – encipherment, digital signatures, access controls,
    data integrity, authentication exchange, traffic
    padding, routing control, notarization

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 17


    Privacy Mechanisms

    1. Encryption (Encipherment)
    It is the process of encoding information into a secret
    code by using a special key.
    To read an encrypted file, you must have the key of the
    decoding that enables you to decrypt it.
    By using an algorithm for encryption we can protect our
    personal information that we don’t want other people to
    see such as:
    - Credit-card information
    - Bank-account information
    - Medical information

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 18


    Privacy Mechanisms

    2. Digital Signature
    A digital signature is basically a way to ensure that an
    electronic document is authentic. Authentic means that
    you know who created the document and that it has not
    been altered.

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 19


    Privacy Mechanisms
    This figure tells us that 3. Hash Functions and
    a hash function
    creates a fixed length Message Digest
    string from a block
    of data. It is also
    called a message
    digest function.

    These (fast)
    functions analyze a
    message and
    produce a fixed
    length digest which
    is practically unique.
    It is used to create a
    signature for a
    message which can
    be used to verify its
    integrity

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 20


    Privacy Mechanisms

    4. Access Control
    Access control is way of talking about controlling access
    to a web resource. Access can be granted or denied based
    on a wide variety of criteria, such as the network address
    of the client, the time of day, or the browser which the
    visitor is using.

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 21


    Privacy Mechanisms
    5. Traffic Padding
    • It is the process of intercepting and examining messages in
    order to deduce information from patterns in
    communication.
    • The attacker might not know what A and B were talking
    but he could know that they were talking and how much
    they talked.
    • Padding messages is a way to make it harder to do traffic
    analysis. A number of random bits are appended to the end
    of the message.

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 22


    Privacy Mechanisms
    6. Routing control
    Enables selection of a particular physically secure route for
    certain data and allows routing changes, especially when a
    breach of security is suspected.
    7. Notarization
    It’s the use of a third party to assure the other party.

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 23


    QUIZ 1 – ASSESSMENT CONNECTIONS

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 24


    Recap of key terms in this session

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 25


    Recap of key terms in this session

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 26


    Recap of key terms in this session

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 27


    Recap of key terms in this session

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 28


    Recap of key terms in this session

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 29


    FEEDBACK ALONG WITH ATTENDANCE

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 30


    Interaction

    9/1/2020 CS8792: Cryptography and Network Security / Dr I Kala, Associate Professor/CSE 31

    You might also like