Unit1 - CNSNotes (03 08 2023)

CS8792 CRYPTOGRAPHY AND NETWORK SECURITY L T P C 3 0 0 3
UNIT-1 INTRODUCTION
Security trends - Legal, Ethical and Professional Aspects of Security, Need for
Security at Multiple levels, Security Policies - Model of network security – Security
attacks, services and mechanisms – OSI security architecture – Classical encryption
techniques: substitution techniques, transposition techniques, steganography).-
Foundations of modern cryptography: perfect security – information theory – product
cryptosystem – cryptanalysis
OBJECTIVE:
To understand OSI security architecture and classical encryption techniques.
CRYPTOGRAPHY [2-Marks]
Cryptography is the art of protecting information by transforming it into an
unreadable format
Why Cryptography is needed?

 Computer data often transmitted from one computer to another, leaving the safety of its
projected physical surroundings.
 Once the data is out of hand, people with bad intention could modify or forge the data,
amusement or for their own benefit.
 Cryptography can reformat and transform our data it safer on its trip between
computers.
 The technology is based on the essentials of codes, augmented by modern mathematics
that our data in powerful ways.
Definitions
CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -1

 Computer Security - generic name for the collection of tools designed to protect data
from hackers
 Network Security - measures to protect data during their transmission
 Internet Security - measures to protect data during their transmission over a
collection of interconnected networks
Three key objectives of the computer security are confidentially, integrity and
availability.
1.Confidentiality-Only the intended receiver can understand the information.

Ensures that the information in a computer system and transmitted information are
accessible only by authorized parties.
(i)Data confidentiality – assures that private or confidential information is not
made available or disclose(make known) to unauthorized individuals.
(ii)Privacy:-
It assures that individuals control what information related to them
may be collected and stored.
It also assures that information may be disc by whom and to whom.
2.Integrity [2-marks]
Ensures that only authorized parties are able to modify the stored information
and transmitted information.
(i).Data integrity -assures that information and programs are changed only in a
specified and authorized manner.
(ii).System integrity:-
Assures that system performs to proposed functions in an undamaged manner.
Free from purposed unauthorized manipulate of the system.
3.Availability-assures that system works promptly and service is not denied to
authorized Users.
Challenges of computer security
Computer security and network security both are attractive and complex.
1.Security is not as simple for beginners. The major requirements for computer
security is (1). Confidentiality, (2). Authentication, (3). Non repudiation, (4).
Integrity.
But the mechanisms used to meet those requirements can be very complex.
2.There are many security mechanisms or algorithm are developed. Even though,
there are many successful attacks, this shows an weakness in the mechanisms.
3.It is necessary to decide where to use the mechanisms. i.e physical placement [at
what point in a mode] and logical sense[what layers or layers of architecture].
4.Security mechanisms.
Security mechanisms involves not only algorithm protocol. It requires
(1). Secret information, (2). Transmit time.
1.Secret Information : (i)Key creation (ii) Key distribution(iii)Protection of secret
information.
2.Transmit time:- transmitting message from sender to receiver.

5.Incomputer security, there is a battle between designer and hacker. The hacker
tries to find the holes in the algorithm. There is a challenge for the designer to find
and eliminate all the weakness to achieve security.
6.Users and System managers has to invest little amount for security.
7.Security requires constant monitoring and this is difficult in today’s short term.
8.Security should be incorporated into a system after the design is complete instead
of part of the design process.
9.Security is the barrier for user friendly operation of an information system or
use of information.
1.1 Security Trends
In 1990 to 2001.
In 1990 Intruders(Hackers) knowledge is high so they easily hack our data.So we
started to invent many techniques and software to overcome the hacking.

In 1990 Internet Social Engineering attacks –How they can hack the social
engineering in Internet.
In 1991
Sniffing is a process of monitoring and capturing all data packets passing through
given network.
In 1992- IP Spoofing or Packet Spoofing

In 1992- IP Spoofing a hacker uses tools to modify the source address in the
packet header to make the receiving computer system think the packet is from a
trusted source,such as another computer on a network and accept it.

Hijacking sessions- Hijacking the valid session
Automated Probes /Scans

Site scanning/probing is the initial phase of any attack on Web applications.
During this phase, the attacker gathers information about the structure of the Web
application (pages, parameters, etc.) and the supporting infrastructure (operating
system, databases, etc.).
Automated widespread attacks-
Most frequently used automated attacks are (i)Credential stuffing (ii)Scraping
(iii)Application layer DDOS.
Credential stuffing
Credential stuffing is a type of cyberattack in which the attacker collects stolen
account credentials, typically consisting of lists of usernames or email addresses
and the corresponding passwords.
DOS Attack
DOS Attack-Denial of Service attack is an attack meant to shut down a machine
or network,making it inaccessible to the intended users.

Executable Code Attacks

Executable attack-Email attachment containing mailicious executable code
Vuls attack-Vulnerability(affected) Scanner
Vuls attack-Vulnerability(affected) Scanner-It is an open source written in GO.It
is mainly for security purpose but few are not for the purpose.
Widespread Attack
Hijacking huge volume of email passwords and other sensitive data from multiple
governments and private companies.

NNTP attack –Network news transfer protocol Attack hacking takes place.
Stealth /Advanced Scanning Technique
Stealth-Robbery
Port Scanning-Used to list open ports and services
Network scanning-Used to list IP addresses.
Vulnerability Scanning-It is used to discover the presence of known vulnerabilities.
Window-based remote controllable Trojans
Trojan is a type of malware that is used to attack the system.

Email Propagation
Email Propagation –By sending email stealing the data and passwords,deleting
document files.

Distributed Attack tools
LOIC,HULK,Pyloris,Tor’s Hammer,Tor’s Hammer
Home users targeted

Through Internet,printers and copiers hackers attack the home users.

Anti-forensic techniques
 It is used to cover the digital foot prints.
 Steganography,Tunneling Onion Routing

Increase in Worms
Worms can modify and delete files in the computer.

Sophisticated command and control
A command and control server is a computer controlled by an attacker.

1.2 Legal, Ethical and Professional Aspects of Security
1. Cybercrime and Computer Crime
i. Types of Computer Crime
ii. Law Enforcement Challenges
iii. Working With Law Enforcement
2. Intellectual Property
i. Types of Intellectual Property
ii. Intellectual Property Relevant to Network and Computer Security
iii. Digital Millennium Copyright Act
iv. Digital Rights Management
3. Privacy
i. Privacy Law and Regulation
ii. Organizational Response
iii. Privacy and Data Surveillance
4. Ethical Issues
i. Ethics and the IS Professions
ii. Ethical Issues Related to Computers and Information Systems
iii. Codes of Conduct

1. Cybercrime and Computer Crime
Computer crime, or cyber crime, is a term used broadly to describe criminal activity
in which computers or computer networks are a tool, a target, or a place of criminal
activity.
These categories are not exclusive, and many activities can be characterized as falling
in one or more categories.
The term cybercrime has a connotation of the use of networks Ospecifically, whereas
computer crime may or may not involve networks
Types of Computer Crime
Computers as targets:
This form of crime targets a computer system, to acquire information stored on that
computer system, to control the target system without authorization or payment
(theft of service), or to alter the integrity of data or interfere with the availability of
the computer or server.
Computers as storage devices:
Computers can be used to further unlawful activity by using a computer or a
computer device as a passive storage medium.
For example, the computer can be used to store stolen password lists credit card or
calling card numbers, proprietary corporate information, pornographic image files, or
"warez" (pirated commercial software)
Computer as communications tools:
Many of the crimes falling within this category are simply traditional crimes that are
committed online.
Example:
Illegal Sale Of Prescription Drugs,Controlled Substances,Alcohol,And
Guns;Fraud;Gambling;And Child Pornography.
Law Enforcement Challenges
The deterrent effect of law enforcement on computer and network attacks correlates
with the success rate of criminal arrest and prosecution.

The nature of cybercrime is such that consistent success is extraordinarily difficult.
Working With Law Enforcement

Executive management and security administrators need to look upon law
enforcement as another resource and tool, alongside technical, physical, and human-
factor resources.
The successful use of law enforcement depends much more on people skills than
technical skills.
Management needs to understand the criminal investigation process, the inputs that
investigators need, and the ways in which the victim can contribute positively to the
investigation.
2. Intellectual Property
Three primary types of property:
• Real property: Land and things permanently attached to the land, such as trees,
buildings, and stationary mobile homes.

• Personal property: Personal effects, moveable property and goods, such as cars,
bank accounts, wages, securities, a small business, furniture, insurance policies,
jewelry, patents, pets, and season baseball tickets.
• Intellectual property: Any intangible asset that consists of human knowledge and
ideas. Examples include software, data, novels, sound recordings, the design of a new
type of mousetrap, or a cure for a disease.
COPYRIGHTS
Copyright law protects the tangible or fixed expression of an idea, not the idea itself.
A creator can claim copyright, and file for the copyright at a national government
copyright office, if the following conditions are fulfilled:
• The proposed work is original.
• The creator has put this original idea into a concrete form, such as hard copy
(paper), software, or multimedia form
COPYRIGHTS - INFRINGEMENT
Reproduction right: Lets the owner make copies of a work

Modification right: Also known as the derivative-works right, concerns modifying a
work to create a new or derivative work
Distribution right: Lets the owner publicly sell, rent, lease, or lend copies of the
work.
Public-performance right: Applies mainly to live performances
Public-display right: Lets the owner publicly show a copy of the work directly or by
means of a film, slide, or television image.
COPYRIGHTS - EXAMPLES
 Literary works: Novels, nonfiction prose, poetry, newspaper articles and
newspapers, magazine articles and magazines, catalogs, brochures, ads (text), and
compilations such as business directories.
 Musical works: Songs, advertising jingles, and instrumentals.
 Pantomimes and choreographic works: Ballets, modern dance, jazz dance, and
mime works
 Pictorial, graphic, and sculptural works: Photographs, posters, maps,
paintings, drawings, graphic art, display ads, cartoon strips and cartoon
characters, stuffed animals, statues, paintings, and works of fine art.
TRADEMARKS
A trademark is a word, name, symbol, or device that is used in trade with goods to
indicate the source of the goods and to distinguish them from the goods of others.
PATENTS
A patent for an invention is the grant of a property right to the inventor.
The right conferred by the patent grant is, in the language of the U.S. statute and of
the grant itself, "the right to exclude others from making, using, offering for sale, or
selling" the invention in the United States or "importing" the invention into the
United States.
Similar wording appears in the statutes of other nations.
Three types of patents:

1. Utility patents: May be granted to anyone who invents or discovers any new and
useful process, machine, article of manufacture, or composition of matter, or any new
and useful improvement thereof.
2. Design patents: May be granted to anyone who invents a new, original, and
ornamental design for an article of manufacture.
3. Plant patents: May be granted to anyone who invents or discovers and asexually
reproduces any distinct and new variety of plant.
Intellectual Property Relevant To Network And Computer Security
Software:
This includes programs produced by vendors of commercial software (e.g., operating
systems, utility programs, applications) as well as shareware, proprietary software
created by an organization for internal use, and software produced by individuals.
For all such software, copyright protection is available if desired. In some cases, a
patent protection may also be appropriate.
Databases: A database may consist of data that is collected and organized in such a
fashion that it has potential commercial value. An example is an economic
forecasting database. Such databases may be protected by copyright.
Digital content: This category includes audio files, video files, multimedia,
courseware, Web site content, and any other original digital work that can be
presented in some fashion using computers or other digital devices.
Algorithms: An example of a patentable algorithm is the RSA public-key
cryptosystem.
Digital Millennium Copyright Act (DMCA)
The U.S. Digital Millennium Copyright Act (DMCA) has had a profound effect on
the protection of digital content rights in both the United States and worldwide.
The DMCA encourages copyright owners to use technological measures to protect
copyrighted works.

Digital Rights Management (DRM)
Digital Rights Management (DRM) refers to systems and procedures that ensure that
holders of digital rights are clearly identified and receive the stipulated payment for
their works.
OBJECTIVES OF DRM
1. Provide persistent content protection against unauthorized access to the digital
content, limiting access to only those with the proper authorization.
2. Support a variety of digital content types (e.g., music files, video streams, digital
books, images).
3. Support content use on a variety of platforms, (e.g., PCs, PDAs, iPods, mobile
phones).
4. Support content distribution on a variety of media, including CD- ROMS, DVDs,
and flash memory.
DRM COMPONENTS
Content provider: Holds the digital rights of the content and wants to protect these
rights. Examples are a music record label and a movie studio.
Distributor: Provides distribution channels, such as an online shop or a Web retailer.
For example, an online distributor receives the digital content from the content
provider and creates a Web catalog presenting the content and rights metadata for the
content promotion.
Consumer: Uses the system to access the digital content by retrieving downloadable
or streaming content through the distribution channel and then paying for the digital
license. The player/viewer application used by the consumer takes charge of initiating
license request to the clearinghouse and enforcing the content usage rights
Clearinghouse: Handles the financial transaction for issuing the digital license to the
consumer and pays royalty fees to the content provider and distribution fees to the
distributor accordingly. The clearinghouse is also responsible for logging license
consumptions for every consumer.

3. PRIVACY
The scale and Interconnectedness Of Personal Information collected in Information
Systems Has Increased Dramatically, Motivated By Law Enforcement, National
Security, And Economic Incentives
Privacy Law and Regulation
Two initiatives
i. EUROPEAN UNION DATA PROTECTION DIRECTIVE
ii. UNITED STATES PRIVACY INITIATIVES
Organizational Response
Organizations need to deploy both management controls and technical measures to
comply with laws and regulations concerning privacy as well as to implement
corporate policies concerning employee privacy.
Privacy and Data Surveillance
*Data transformation
*Anonymization
*Selective revelation
*Immutable audit
*Associative memory

4. ETHICAL ISSUES
Ethics refers to a system of moral principles that relates to the benefits and harms of
particular actions, and to the rightness and wrongness of motives and ends of those
actions
Codes of Conduct
(1) Dignity and worth of other people
(2) Personal integrity and honesty
(3) responsibility for work
(4) confidentiality of information
(5) public safety, health, and welfare
(6) participation in professional societies to improve standards of the profession
(7) the notion that public knowledge and access to technology is equivalent to social
power.
1.3 Need for Security at Multiple Levels
 Having information of different security levels on the same computer systems poses a
real threat.(danger)
 Some organizations go as far as to purchase dedicated systems for each security level.
This is often prohibitively expensive,
 However. A mechanism is required to enable users at different security levels to
access systems simultaneously, without fear of information contamination.
 The term multi-level arises from the defense community's security classifications:
Confidential, Secret, and Top Secret
 Individuals must be granted appropriate clearances before they can see classified
information. Those with Confidential clearance are only authorized to view
Confidential documents; they are not trusted to look at Secret or Top Secret
information. The rules that apply to data flow operate from lower levels to higher
levels, and never the reverse.
 Data can flow between like levels, for example between "Secret" and "Secret", or
from a lower level to a higher level. This means that users at level "Secret" can share

data with one another, and can also retrieve information from Confidential-level
(i.e., lower-level), users.
 However, data cannot flow from a higher level to a lower level.
 This prevents processes at the "Secret" level from viewing information classified as
"Top Secret".
 It also prevents processes at a higher level from accidentally writing information to a
lower level. This is referred to as the "no read up, no write down" model.
Why Multi-Level Security
 A system have more than one security level is called Multi-Level Security.
 It permits concurrent access by users who differs in security clearance.
 It is able to prevent each user from accessing resources for which the user lacks
authorization.

Bell –La Padula Model (BLP)
The Context for the use of multilevel Security

Providing Security to System and its application
Security Level,Objects and Subjects
Security Level,Which consists of two entities
(i)Sensitivity –A hierarchical attribute such as Secret or Top Server.
(ii)Categories-A set of non-hierarchical attributes such as US
Security levels on objects are called classifications
Security levels on subjects are called Clearances.
1.4 SECURITY POLICIES
The Cryptography Policy sets out when and how encryption should be used. It
includes protection of sensitive information and communications, key management,
and procedures to ensure encrypted information can be recovered by the organisation if
necessary.

Role of the Security Policy in Setting up Protocols
Following are some pointers which help in setting protocols for the security policy of
an organization.
 Who should have access to the system?
 How it should be configured?
 How to communicate with third parties or systems?
Policies are divided in two categories:
 User policies
 IT policies.
User policies generally define the limit of the users towards the computer resources
in a workplace.
For example,what are they allowed to install in their computer,if they can use
removable storages?
IT policies are designed for IT department, to secure the procedures and
functions of IT fields.
 General Policies − This is the policy which defines the rights of the staff and
access level to the systems. Generally, it is included even in the
communication protocol as a preventive measure in case there are any
disasters.
 Server Policies − This defines who should have access to the specific server and
with what rights. Which software’s should be installed, level of access to
internet, how they should be updated?
 Firewall Access and Configuration Policies − It defines who should have
access to the firewall and what type of access, like monitoring, rules change.
Which ports and services should be allowed and if it should be inbound or
outbound?
 Backup Policies − It defines who is the responsible person for backup, what
should be the backup, where it should be backed up, how long it should be kept
and the frequency of the backup.
 VPN Policies − These policies generally go with the firewall policy; it defines
those users who should have a VPN access and with what rights. For site-to-site
connections with partners, it defines the access level of the partner to your
network, type of encryption to be set.
Structure of a Security Policy
When you compile a security policy you should have a basic structure in order to
make something practical.
 Description of the Policy and what is the usage for?
 Where this policy should be applied?
 Functions and responsibilities of the employees that are affected by this policy.
 Procedures that are involved in this policy.
 Consequences if the policy is not compatible with company standards.
Types of Policies
Permissive Policy − It is a medium restriction policy where we as an administrator
block just some well-known ports of malware regarding internet access and just some
exploits are taken in consideration.
Prudent Policy − This is a high restriction policy where everything is blocked
regarding the internet access, just a small list of websites is allowed, and now extra
services are allowed in computers to be installed and logs are maintained for every
user.
Acceptance User Policy − This policy regulates the behavior of the users towards a
system or network or even a webpage, so it is explicitly said what a user can do and
cannot in a system. Like are they allowed to share access codes, can they share
resources, etc.
User Account Policy − This policy defines what a user should do in order to have or
maintain another user in a specific system. For example, accessing an e-commerce
webpage.
To create this policy, you should answer some questions such as −
o Should the password be complex or not?
o What age should the users have?
o Maximum allowed tries or fails to log in?
o When the user should be deleted, activated, blocked?
Information Protection Policy − This policy is to regulate access to information, hot
to process information, how to store and how it should be transferred.

Remote Access Policy − This policy is mainly for big companies where the user and
their branches are outside their headquarters. It tells what should the users access,
when they can work and on which software like SSH, VPN, RDP.
Firewall Management Policy − This policy has explicitly to do with its
management, which ports should be blocked, what updates should be taken, how to
make changes in the firewall, how long should be the logs be kept.
Special Access Policy − This policy is intended to keep people under control and
monitor the special privileges in their systems and the purpose as to why they have
it. These employees can be team leaders, managers, senior managers, system
administrators, and such high designation based people.
Network Policy − This policy is to restrict the access of anyone towards the network
resource and make clear who all will access the network. It will also ensure whether
that person should be authenticated or not. This policy also includes other aspects
like, who will authorize the new devices that will be connected with network? The
documentation of network changes. Web filters and the levels of access. Who should
have wireless connection and the type of authentication, validity of connection
session?
Email Usage Policy − This is one of the most important policies that should be done
because many users use the work email for personal purposes as well. As a result
information can leak outside. Some of the key points of this policy are the employees
should know the importance of this system that they have the privilege to use. They
should not open any attachments that look suspicious. Private and confidential data
should not be sent via any encrypted email.
Software Security Policy − This policy has to do with the software’s installed in the
user computer and what they should have. Some of the key points of this policy are
Software of the company should not be given to third parties. Only the white list of
software’s should be allowed, no other software’s should be installed in the
computer. Warez and pirated software’s should not be allowed
A network security policy(NSP) is a generic document that outlines rules for
computer network access,determines how policies are enforced and lays out some of
the basic architecture of the company security network security environment.

This document contains several pages and is written by a committee.
A security policy goes far beyond the simple idea “Keep the bad guys out”;
It specifies the rules for individuals or group of individuals throughtout the company.
Four Types of Policies
1.Cryptography and compliance 2.Use of Encryption 3.Managing electronic
keys 4.Using and receiving digital signatures
1.Cryptography and compliance
All the data will be encrypted to provide appropriate level of protection.
2.Use of Encryption
How the encrypted data can be managed.
3.Managing electronic Keys
The electronic keys are used for encryption and decryption
4.Using and receiving digital signatures
Any information communicated electronically shall be authenticated by the digital
signatures.
1.5A MODEL FOR NETWORK SECURITY
 A message is to be transferred from one party to another across some sort of internet.
 The two parties, who are the principals in this transaction, must cooperate for the
exchange to take place.
When the transfer of data happened from one source to another source some
logical information channel is established between them by defining a route
through the internet from source to destination and by the cooperative use of
communication protocols (e.g., TCP/IP) by the two principals.
When we use the protocol for this logical information channel the main aspect of
security has come. who may present a threat to confidentiality, authenticity, and
so on.
All the techniques for providing security have two components:
 A security-related transformation on the information to be sent.

 Some secret information is shared by the two principals and, it is hoped,
unknown to the opponent.
 A trusted third party may be needed to achieve secure transmission.

 For example, a third party may be responsible for distributing the secret
information to the two principals while keeping it from any opponent.
 This general model shows that there are four basic tasks in designing
a particular security service:
 Design a suitable algorithm for the security transformation

 Generate the secret information (keys) used by the algorithm
 Develop methods to distribute and share the secret information
 Specify a protocol enabling the principals to use the transformation and secret
information for a security service
Two kinds of Threats
Information access threats: Intercept or modify data on behalf of users who should
not have access to that data.
Service threats: Exploit service flaws in computers to inhibit use by legitimate(real)
Users.
 Viruses and worms are two examples of software attacks
The security mechanisms needed to cope with unwanted access fall into two
broad categories
1.The first category might be termed a gatekeeper function. [Functions or
Responsibility of GateKeeper]
It includes password-based login procedures that are

(i)designed to deny access to all but authorized users and screening logic
(Checking whether the user is authorised or unauthorised)
(ii)designed to detect and reject worms, viruses, and other similar attacks. (To
check any worms /virus are going to attack the database]
2. Once either an unwanted user or unwanted software gains access, the second line
of defense consists of a variety of internal controls that monitor activity and analyze
stored information in an attempt to detect the presence of unwanted intruders
Topic 1.5 Model Network Security

1.7 OSI(Open System Interconnection) SECURITY ARCHITECTURE
 OSI architecture provides a systematic way to organize the security.
 OSI architecture focuses on (1). Security attacks, (2). SecurityMechanisms, (3).
Security service.
Threat[2-marks]
A potential for violation of security, because of
(1). Circumstances, (2). Capability, (3). Action or event that break security and cause
harm.
Threat is possible that might create Vulnerability.
Attack[2-marks].
It is an intelligent act that is a deliberate attempt to
(1). Avoid security services and (2). Violate the security policy of a system.
1.6 Security attacks, services and mechanisms.
Security attack
Any action that compromises the security of information owned by an organization.
Security mechanism
A mechanism that is designed to detect, prevent or recover from a security attack.
Security service.
A service that enhances the security of the
(1). Data processing systems and
(2). The information transfers of an organization.
The services are proposed to oppose security attacks and they make use of one or more
security mechanisms to provide the service.
1.6.1 Security Attack(Altering the message and resending again)

Any action that compromises the security of information owned by an organization.
Passive Attack do not involve any modification to the contents of an original message
(eaves dropping.)
It is very difficult to detect because they do not involve any alteration of the data..So we
can’t tell they have been attacked.
Types of Passive attacks are
(i) Release of message content
(ii)Traffic Analysis
(i) Release of message content
(i)A telephone conversation,

(ii)an electronic mail message, and
(iii)a transferred file may contain sensitive or confidential information.
 We would like to prevent an opponent from learning the contents of these
transmissions.
Example
Bob sends message to Alice ,Darth (Unauthorized person) listening the link and gets
a copy of all the messages from Bob and Alice.
Drawbacks
The confidentiality of message is not maintained.
Solution
Encryption is needed.
(ii)Traffic Analysis
 Observer the pattern of message from Sender to Receiver [Bob to Alice]
 Watch the flow of data
 The opponent could determine the location and identity of communication hosts
and could observe the frequency and length of messages being exchanged.
 This information might be useful in guessing the nature of communication that was
taking place.

Solution
 A good encryption algorithm,which is difficult to analyze but requires lot of
resources that are infeasible.
 Passive attacks are very difficult to detect, because they do not involve any
alteration of the data.
 Typically,the message traffic is sent and received in an apparently normal
fashion,and neither the sender nor receiver is aware that a third party has read the
messages or observed the traffic pattern.
 However,it is feasible to prevent the success of these attacks,usually by means
of encryption.
2.Active Attack
It involves some modification of the data stream or the creation of a false stream
and can be subdivided into four categories:
(i)masquerade,(ii)0replay,(iii)modification of messages,and (iv)denial of service.
(i),Masquerade
Unauthorized person acts as authorized person to send some unwanted
messages.
Example
Message from Darth to Alice where Alice thinks of message send by Bob.
(ii)Replay
The attacker sends same information again and again.
(iii)Modification of
Messages
 Modification of messages
simply means that some portion of a legitimate(valid) message is altered, or that
messages are delayed or reordered,to produce an unauthorized effect.
 It means that some portion of a message is altered by Darth and send to Alice.

Attacking the targeted person in the network.
Active Attack Passive Attack

It involves some modification of the It does not involve any modification to
data stream or the correction of a false the contents of an original message.
stream
It is easy to detect not to prevent Prevention is easy than detection
(i)Masquerading (ii)Replay (i)Release of message contents
(iii)Modification of messages
(ii)Traffic analysis
(iv)Denial of Service

Example Example
Cracking the password Some one listening on
telecommunication exchanges
1.6.3 Security Services.

 X800 defines a security service as a service that is provided by a protocol layer of
communicating open systems and that ensures adequate security of the systems or
of data transfers.
 A processing or communications service that its provide by a system to give a
specific kind of protected to system resources, security services implement security
policies and are implemented by security mechanisms.
 X. 800 divides these services int o(1). 5 catagories and 14 specific services. The five
categories are
(1). Authentication (2). Access control (3). Data confidentiality (4). Data integrity
(5). Non repudiation.

1.Authentication
Ensures that the origin of a message or electronic document is correctly identified,
with and assurance that the identity is not false.
(1). Pear entity authentication, (2). Data origin authentication.
Peer entity authentication
It is used in association with a logical connection to provide
confidence in the identity of the connected.
Data origin authentication.
 It is connection less transfer.
 It provides assurance that the source of received data is as sent.
(2). Access control
Access control is the prevention of unauthorized of a resource. i.e this service
controls who can have access a resource under what conditions access can occur.
(3). Data confidentiality.
The confidentiality is the protection of data from unauthorized access.
 Connection confidentiality
 Connection less confidentiality
 Traffic flow confidentiality
 Selective field confidentiality
1.Connection confidentiality.
The protection of all users data on a connection.
2.Connectionless confidentiality.
The protection of all users data in a single data.
3.Traffic flow confidentiality.
The protection of the information that might be derived from observation of traffic
flows.
4.Selective field confidentiality.

The confidentiality of selective fields within the user data in a connection or in a
single data blocks.
(4).Data integrity
This gives the assurances that the data received are not modified/deleted/updated
1.Connection integrity with recovery.
2.Connection integrity without recovery.
3.Selectivw field connection integrity.
4.Connection less integrity.
5.Selective field connection less integrity.
(1).Connection integrity with recovery
Provides for the integrity of all users data on a connection and detects any modification,
insertion, deletion or replay of any data within an entire data sequence.
(2).Connection integrity without recovery
It provides detection without recovery.
(3)Selective field connection integrity.
Determines whether the selected fields have been modified, inserted, deleted or
replayed.
(4).Connection less integrity
It provides integrity for a single connection data block.
(5).Selective field connection less integrity
It provides the integrity of selected fields within a single connection less data block.
5.Non repudiation
It requires that neither the sender nor the receiver of a message able to deny the
transmission.
(i).Non repudiation, origin.
It provides proof that the message was sent by the specified party.
(ii)Non repudiation, destination
It provides proof that the message was received by specified party.
Note:There are situations where a user sends a message and later on refuses that she
had sent that message.
1.6 .3 Security Mechanism
Refer Handwritten Notes
1.7Classical Encryption Techniques
Substitution Techniques
Refer Class Notes
Hill Cipher

Poly alphabetic -Vernam Cipher

Transposition Techniques
1.7 Foundations of modern cryptography: perfect security
Refer Note book

Unit1 - CNSNotes (03 08 2023)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Unit1 - CNSNotes (03 08 2023)

Uploaded by

Copyright:

Available Formats

CS8792 CRYPTOGRAPHY AND NETWORK SECURITY L T P C 3 0 0 3

Why Cryptography is needed?

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -1

1.Confidentiality-Only the intended receiver can understand the information.

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -3

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -4

In 1992- IP Spoofing or Packet Spoofing

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -5

Automated Probes /Scans

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -7

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -8

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -9

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -11

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -12

Home users targeted

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -13

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -14

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -15

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -16

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -17

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -18

Working With Law Enforcement

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -19

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -20

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -21

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -22

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -23

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -26

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -27

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -28

The Context for the use of multilevel Security

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -29

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -31

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -32

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -33

 A trusted third party may be needed to achieve secure transmission.

 Design a suitable algorithm for the security transformation

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -34

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -35

1.6.1 Security Attack(Altering the message and resending again)

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -43

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -44

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -46

Active Attack Passive Attack

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -47

1.6.3 Security Services.

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -48

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -49

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -51

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -63

CS8792-CRYPTOGRAPHY AND NETWORK SECURITY UNIT -1 PAGE NO -65

You might also like