Sei sulla pagina 1di 10




Presented by

Abstract on security in general, and better
understand how to reduce and

“SECURITY” in this manage risk personally.

contemporary scenarios has become

a more sensible issue either it may
be in “REAL WORLD” or in the Contents:
“CYBER WORLD” .in this world
 Introduction
as opposed to the cyber world an
Popular networks
attack is often preceded by
 Security services
information gathering.
 Security threats
Network security is a
 Where do they come
complicated subject, historically
only tackled by well-trained and
 Preventing security
experienced experts. However, as
more and more people
 Firewalls
become”wired'', an increasing
 Types of firewalls
number of people need to
Point of failure
understand the basics of security in
a networked world. Our paper  Security mechanisms

covers different kinds of threats &  Cryptography

firewalls in the network by  Types of cryptography

implementation of different security  Secret key cryptography
services using various security  Public key cryptography
mechanisms. The security  Hash algorithms
mechanisms are primarily based on  Conclusion
cryptographic algorithms like  Bibliography
symmetric-DES, AES, asymmetric-
RSA, ECC. Generally, the logical
conclusion is to use both kind of
A basic understanding of
algorithms and their combinations
computer networks is requisite in order
to achieve optimal speed and
to understand the principles of network
security levels. It is hoped that the
security. In this section, we'll cover
reader will have a wider perspective
some of the foundations of computer including simply revealing the
networking, then move on to an existence of an object.
overview of some popular networks. 2. Authentication: Ensure that the
The impressive development of origin of a message or electronic
computer networks has reached the document is correctly
point, where security becomes essential. with an assurance that the
Users want to exchange data in a secure identity is not false;
way. The problem of network security 3. Integrity: Ensures that only
is a complex issue. Network security authorized parties are able to
means a protection of the network modify computer systems assets
assets. and transmitted information.
Modification includes writing,

Popular networks: changing, changing status,

deleting, creating and delaying
UUCP: (Unix-to-Unix Copy) was
or replaying of transmitted
originally developed to connect UNIX
(surprise!) hosts together.
4. Non-repudiation: Requires that
Internet: The Internet is the world's
neither the sender nor the
largest network of networks.
receiver of a message is able to
deny the transmission.
Services for security:
5. Access control: Require that
The services are intended to
access to information resources
counter security attacks, and they
may be controlled by or for the
make use of one or more security
target system.
mechanisms to provide the service.
6. Availability: Require that
1. Confidentiality: Ensure that the
computer systems assets be
information in a computer
available to authorized parties
system and transmitted
when needed.
information are accessible only
for reading by authorized
parties. This type of access
Attacks on the security of a
includes printing displaying and
computer system or network are
other forms of disclosure,
best characterized by viewing the
function of a computer system as being transmitted. Two types of passive
provided information. This normal attacks are release of message contents
flow is depicted in figure: and traffic analysis.
Active attacks:. These attacks involve
some modification of the data stream or
the creation of false stream and can be
Information information
Source destination sub divided into 4 categories:
(a) Normal flow Masquerade, Replay, Modification of
messages, and denial of service.
Denial of service: DoS (Denial-of-
Service) attacks are probably the
(b) Interruption nastiest, and most difficult to address.
Such attacks were fairly common in late
1996 and early 1997, but are now
becoming less popular. Some things
that can be done to reduce the risk of
being stung by a denial of service attack
(c) Interception

• Not running your visible-

(d) Modification to-the-world servers at a level
too close to capacity
• Using packet filtering to
prevent obviously forged
packets from entering into your
(e) Fabrication
network address space.
• Keeping up-to-date on
Security threats
security-related patches for your
Categorization of these attacks is
hosts' operating systems.
passive attacks and active attacks.
Passive attacks: In this the goal of the
attacker is to obtain information that is
Unauthorized Access : Firewalls can be an effective
``Unauthorized access'' is a very means of protecting a local system or
high-level term that can refer to a network of systems from network based
number of different sorts of attacks. The security threats while at the same time,
goal of these attacks is to access some a firewall is simply a group of
resource that your machine should not components that collectively form a
provide the attacker. These can take the barrier between two networks.
form of a virus, worm, or Trojan horse. Types of firewalls:
One of the most publicized threats to • Application Gateways
security is intruder. Generally referred • Packet Filtering
to as a hacker or cracker, and some • Hybrid systems
other threats are executing commands Best for me: Lots of options are
illicitly, confidential breaches, available, and it makes sense to spend
destructive behavior. some time with an expert, either in-
Where do the attacks come from? How, house, or an experienced consultant
though, does an attacker gain access to who can take the time to understand
your equipment? Through any your organization's security policy, and
connection that you have to the outside can design and build a firewall
world. This includes Internet architecture that best implements that
connections, dial-up modems, and even policy.
physical access. Points of Failure: Any time there is
Preventing security disasters: only one component paying attention to
• Hope you have backups what's going on between the internal
• Stay current with relevant and external networks, an attacker has
operating system patches only one thing to break (or fool!) in
• Don't put data where it order to gain complete access to your
doesn't need to be internal networks.
• Avoid systems with single
points of failure
Security Mechanisms: A
• Watch for relevant security
mechanism that is designed to detect,
prevent, or recover from a security
attack. Cryptography and
Firewalls: Steganographic are such two
techniques. Hence we focus on of the original letters intact, but mix
development, use and management of up their order.
Cryptographic techniques.

Substitution cipher:
Plaintext letter A B C D
What is Cryptography?
The word “cryptography” is
derived from Greek and when literally
Cipher text letter Q W E R
translated, means “secret writing.” The
study of enciphering and encoding (on
the sending end), and decoding (on the
You can construct a secret message
receiving end) is called cryptography.
from the above table. Relative
Although the distinction is fuzzy,
substitutions can be done. So, the
ciphers are different from codes. When
message “ Meet me after school behind
you mix up or substitute existing letters,
the gym,” would read
you are using a cipher.
Encryption refers to the
transformation of data in “plain text”
Five letters are customary in the spy
form into a form called “cipher
biz, so your message comes out like
text,” .The recovery of plain text
requires the key, and this process is
known as decryption. This key is
meant to be secret information and the
Transposition cipher: Text chosen in
privacy of the text depends on the
one form can be enciphered choosing a
cryptographic strength of the key.
different route. To decipher, you fill the
Ciphers are broken into two main
in box following the zigzag route and
categories, substitution ciphers and
read the message using the spiral route.
transposition ciphers. Substitution
The cipher text becomes:
ciphers replace letters in the plaintext
with other letters or symbols, keeping
the order in which the symbols fall the
same. Transposition ciphers keep all
Secret key cryptography is sometimes
referred to as symmetric cryptography
or conventional cryptography. If
sender and receiver agree on a shared
secret key, then by using secret key
cryptography we can send messages to
one another on a medium that can be
tapped, without worrying about
eavesdroppers. All we need to do is
have the sender encrypt the messages
Types of Cryptography: and the receiver decrypt them using the
There are three types of cryptographic key. An eavesdropper will only see
algorithms: unintelligible data. Some of the secret
1. Secret Key Cryptography. key cryptography algorithms are - DES,
2. Public Key Cryptography. 3-DES, blowfish, IDEA, AES, RC2,
3. Hash Algorithms. RC4, RC5, ECB etc.
Secret Key Cryptography: Advantages of Secret Key
Secret key cryptography Cryptography:
involves the use of single key. Given a o Very fast relative to public key
message (Plain text) and the key, cryptography.
encryption produces cipher text, which o Considered secure, provided the key
is about the same length as the plain is relatively strong.
text was. Decryption is the reverse of o The cipher text is compact (i.e.,
encryption, and uses the same key as encryption does not add excess
encryption. “Baggage” to the cipher text).
Encryption o Widely used and very popular.
Plain text ------------------> cipher Disadvantages of Secret Key
text Cryptography:
o The administration of the keys can
Cipher text------------------> become extremely complicated.
plain text
o A large number of keys are needed Public key
to communicate securely with a large
group of People. Private key
o The key is subject to interception by
hackers. Cipherkey
--------------------------------> plain
Public Key Cryptography: text
Public key cryptography sometimes
also referred to as asymmetric Public key cryptography can do
cryptography. The public key need not anything secret key cryptography can
be kept secret, and, in fact, may be do like- transmitting the data over an
widely available, only its authenticity is insecure channel, secure storage on
required to guarantee that A is indeed insecure media, authentication purposes
the only party who knows the co- and digital signatures. Some Public key
responding private key. A primary cryptography algorithms are RSA,
advantage of such systems is that Elliptic Curve Cryptography (ECC),
providing authentic public keys is ElGamal, DH, DSA/DSS etc.
generally easier than distributing secret
keys securely, as required in symmetric Advantages of Public key
key systems. The main objective of Cryptography:
public-key encryption is to provide o Considered very secure, and easy to
privacy or confidentiality. Public-key configure these systems.
encryption schemes are typically o No form of secret sharing is
substantially slower than symmetric-key required, thus reducing key
encryption algorithms such as DES. administration to a Minimum.
The private key and the public key are o Supports non-repudiation.
mathematically linked. o The number of keys managed by
each user is much less compared to
Encryption secret key Cryptography.
Plain text---------------------------------> Disadvantages of Public key
cipher text Cryptography:
o Much slower compared to secret Message fingerprint: We can know
key cryptography. whether some data stored has been
o The cipher text is much larger than modified from one day to the next,
the plaintext, relative to secret key if we save that data structure with a
Cryptography. hash function. We can compare the
hash function data structure with
the message on the message data. If
Hash Algorithms:
the message digest has not
Hash algorithms are also known changed, you can be sure that none
as message digests or one-way of the data is changed.
transformations. A cryptographic hash Digital Signatures: can be efficiently
function is a mathematical implemented using hash functions.
transformation that takes a message of Implementation Issues
arbitrary length and computes from it a Key Size:
fixed length number. This has major role for amount of
The following things can be done using security. If the algorithm is inherently
hash algorithms. strong, then it can be assumed that the
Password Hashing: When a user types larger the key size for the ciphers, the
a password, the system must store the harder it is for a hacker to perform an
password encrypted because someone attack on the cipher text. But, larger
else can use it. To avoid this problem keys lead to lower levels of
hashing is used. When a password is performance. Thus there are, trade-offs,
supplied, it computes the password hash which are traditionally made between
and compares it with the stored value if the level of security and other factors,
they match; the password is taken to be like performance.
correct. Hybrid Systems:
Message Integrity: Cryptographic hash Just one crypto-system will not
functions can be used to protect the solve every problem. Most systems in
integrity of a message transmitted over use today employ a hybrid system.
insecure media.

Everyone has a different idea of
what ``security'' is, and what levels of
risk are acceptable. It's important to Cryptography is evergreen and
build systems and networks in such a developments in this area are a better
way that the user is not constantly option.
reminded of the security system around
him. As and when new security References:
methods are developed, breaking of
these methods has increased. So
measures have to be taken to fill the
loopholes, of which cryptography has
and is playing a major role.

o Douglas R.Stinson.
Cryptography: theory and
practice: 2nd edition
o A.Menezes, P.van Oorschot and
S.Vanstone: Handbook of
Applied Cryptography.
o Smith, Laurence Dwight.
Cryptography, the Science of
Secret Writing.
o Speciner, M. Perlman, R:
Network security, Englewood
Cliffs, NJ
o William Stallings:
Cryptography and Network
security: principles and
practice: 2nd edition.
o J.P. Holbrook, J.K. Reynolds.
``Site Security Handbook.''