FCS_Unit_5_notes

Unit 5 Cryptography and Network Security

Introduction to Cryptography

Cryptography is the science and art of securing communication and information from adversaries. It involves techniques and methods for ensuring the confidentiality, integrity, and authenticity of data. Cryptography plays a crucial role in various fields, including computer security, information technology, and communication systems.

In Cryptography, an Adversary is a malicious entity, which aims to retrieve precious information or data thereby undermining the principles of information security. Data Confidentiality, Data Integrity, Authentication and Non-repudiation are core principles of modern-day cryptography.

  1. Confidentiality refers to certain rules and guidelines usually executed under confidentiality agreements which ensure that the information is restricted to certain people or places.
  2. Data integrity refers to maintaining and making sure that the data stays accurate and consistent over its entire life cycle.
  3. Authentication is the process of making sure that the piece of data being claimed by the user belongs to it.
  4. Non-repudiation refers to the ability to make sure that a person or a party associated with a contract or a communication cannot deny the authenticity of their signature over their document or the sending of a message.

Symmetric key Cryptography

Symmetric key cryptography, also known as secret key cryptography, is a type of cryptographic system that uses the same key for both the encryption and decryption of data. In other words, a single secret key is shared between two parties: the sender and the receiver. The security of the system relies on keeping the key secret.

Here are key characteristics and components of symmetric key cryptography:

  1. Single Key:
    • In symmetric key cryptography, there is only one key that is used for both encryption and decryption. This key must be kept confidential to ensure the security of the communication.
  2. Algorithm:
    • Symmetric key algorithms, also called ciphers, are mathematical functions that define how the encryption and decryption processes take place. Common symmetric key algorithms include DES (Data Encryption Standard), 3DES (Triple DES), AES (Advanced Encryption Standard), and Blowfish.
  3. Key Management:
    • Key management is a critical aspect of symmetric key cryptography. It involves securely distributing and managing keys among communicating parties. The challenge is to find secure methods for key exchange to prevent unauthorized access to the key.
  4. Confidentiality:
    • The primary goal of symmetric key cryptography is to ensure the confidentiality of data. When a message is encrypted using a symmetric key, only the party with the corresponding key can decrypt and access the original message.
  5. Efficiency:
    • Symmetric key algorithms are generally faster and more computationally efficient than their asymmetric counterparts. This makes them suitable for encrypting large amounts of data.

Asymmetric key Cryptography

Asymmetric key cryptography, also known as public-key cryptography, is a cryptographic system that uses a pair of keys for secure communication: a public key and a private key. Unlike symmetric key cryptography, where the same key is used for both encryption and decryption, asymmetric key cryptography uses separate keys for these operations. The security of the system is based on the mathematical relationship between the public and private keys.

Here are key characteristics and components of asymmetric key cryptography:

  1. Key Pairs:
    • Each participant in asymmetric key cryptography has a pair of keys: a public key and a private key. The public key is shared openly, while the private key is kept secret.
  2. Encryption and Decryption:
    • The public key is used for encryption, and only the corresponding private key can decrypt the encrypted data. Similarly, the private key is used for digital signatures, and the corresponding public key is used for signature verification.
    • Public Key Infrastructure (PKI):Public Key Infrastructure is a set of hardware, software, policies, and standards that manage the generation, distribution, and revocation of public and private keys. It helps establish trust in the public keys and their associated digital certificates.
  3. Confidentiality and Authentication:
    • Asymmetric key cryptography provides confidentiality by allowing users to encrypt messages using the recipient's public key. It also enables authentication and digital signatures, as the sender can use their private key to sign a message, and anyone with the corresponding public key can verify the signature.
  4. Key Distribution:
    • One of the advantages of asymmetric key cryptography is that the public keys can be freely distributed without compromising security. Users can publish their public keys in directories or attach them to messages.
  5. Common Algorithms:
    • RSA (Rivest-Shamir-Adleman):One of the earliest and widely used asymmetric key algorithms. It is used for encryption, digital signatures, and key exchange.
    • Elliptic Curve Cryptography (ECC):Provides strong security with shorter key lengths compared to RSA, making it more efficient in terms of computation and bandwidth.
    • Diffie-Hellman:Primarily used for secure key exchange over an insecure channel, allowing two parties to agree on a shared secret key without having to exchange it directly.

Message Authentication

Message authentication is a cryptographic process used to verify the origin, integrity, and authenticity of a message or data. It ensures that the information has not been altered during transmission and that it indeed comes from the purported sender. Message authentication is crucial in secure communication to prevent unauthorized modification or tampering of data.

Here are key concepts and methods related to message authentication:

  1. Hash Functions:
    • Hash functions are fundamental in message authentication. They take input data and produce a fixed-size string of characters, commonly known as a hash value or message digest. A slight change in the input data should result in a significantly different hash value.
  2. Message Digest:
    • The hash value generated by a hash function is often referred to as the message digest. This digest serves as a unique identifier for the input data.

Digital Signatures

A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software. It's the digital equivalent of a handwritten signature or stamped seal, but it offers far more inherent security. A digital signature is intended to solve the problem of tampering and impersonation in digital communications.

Digital signatures can provide evidence of origin, identity and status of electronic documents, transactions or digital messages. Signers can also use them to acknowledge informed consent. In many countries, including the U.S., digital signatures areconsidered legally bindingin the same way as traditional handwritten document signatures.

How do digital signatures work?

Digital signatures are based on public key cryptography, also known asasymmetric cryptography. Using a public key algorithm -- such as Rivest-Shamir-Adleman, or RSA-- two keys are generated, creating a mathematically linked pair of keys: one private and one public.

Digital signatures work through public key cryptography's twomutually authenticating cryptographic keys. For encryption and decryption, the person who creates the digital signature uses aprivate keyto encrypt signature-related data. The only way to decrypt that data is with the signer's public key.

If the recipient can't open the document with the signer's public key, that indicates there's a problem with the document or the signature. This is how digital signatures are authenticated.

Digital certificates, also calledpublic key certificates, are used to verify that the public key belongs to the issuer. Digital certificates contain the public key, information about its owner, expiration dates and the digital signature of the certificate's issuer. Digital certificates are issued by trusted third-party certificate authorities (CAs), such as DocuSign or GlobalSign, for example. The party sending the document and the person signing it must agree to use a given CA.

Applications of Cryptography

Cryptography has a wide range of applications in modern-day communication, including:

  • Secure online transactions:Cryptography is used to secure online transactions, such as online banking and e-commerce, by encrypting sensitive data and protecting it from unauthorized access.
  • Digital signatures:Digital signatures are used to verify the authenticity and integrity of digital documents and ensure that they have not been tampered with.
  • Password protection:Passwords are often encrypted using cryptographic algorithms to protect them from being stolen or intercepted.
  • Military and intelligence applications:Cryptography is widely used in military and intelligence applications to protect classified information and communications.

Overview of Firewalls-

A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. The primary purpose of a firewall is to establish a barrier between a trusted internal network and untrusted external networks, such as the internet. By enforcing a set of rules, firewalls help prevent unauthorized access, secure sensitive data, and protect against various cyber threats.

Types of Firewalls

  1. Packet Filtering Firewalls:
    • Examines packets of data and filters them based on predefined rules (such as IP addresses, ports, and protocols). This type operates at the network layer (Layer 3) of the OSI model.
  2. Stateful Inspection Firewalls:
    • Keeps track of the state of active connections and makes decisions based on the context of the traffic. Stateful firewalls are aware of the state of the connection and can make more informed decisions about whether to allow or block traffic.
  3. Proxy Firewalls:
    • Acts as an intermediary between internal and external systems. It intercepts requests and forwards them on behalf of the client, making it more difficult for attackers to directly target internal systems.
  4. Application Layer Firewalls:
    • Operate at the application layer (Layer 7) of the OSI model. They can understand and filter traffic based on specific applications or services, providing more granular control over network traffic.
  5. Next-Generation Firewalls (NGFW):
    • Combine traditional firewall functionalities with additional features, such as intrusion prevention, deep packet inspection, and application-layer filtering. NGFWs aim to provide more advanced threat protection capabilities.

VPN Security Security Protocols: -

Virtual Private Networks (VPNs) are crucial for ensuring secure communication over the internet, especially in scenarios where sensitive data needs to be transmitted between remote locations or users. VPNs use various security protocols to establish secure and encrypted connections.

Security at the Application Layer-

PGP, or Pretty Good Privacy, is a data encryption and decryption program that provides cryptographic privacy and authentication for data communication. It is often used for securing emails but can also be applied to other types of communication.

Here are some key aspects of PGP:

  1. Encryption: PGP uses a combination of symmetric-key and public-key cryptography to provide confidentiality. When you want to send an encrypted message, PGP generates a random symmetric key, which is used to encrypt the actual message. This symmetric key is then encrypted using the recipient's public key.
  2. Public and Private Keys: Each user has a pair of keys—a public key that is shared openly, and a private key that is kept secret. The public key is used for encrypting messages that are meant for the owner of the corresponding private key. The private key is used for decrypting messages that were encrypted with the corresponding public key.
  3. Digital Signatures: PGP also provides a way to create digital signatures. When a user signs a message with their private key, others can verify the signature using the sender's public key. This ensures the authenticity of the sender and the integrity of the message.

S/MIME

S/MIME is a security-enhanced version of Multipurpose Internet Mail Extension (MIME). In this,public key cryptography is used for digital sign, encrypt or decrypt the email. User acquires a public-private key pair with a trusted authority and then makes appropriate use of those keys with email applications.

How Does S/MIME Address Email Security Problems?

An S/MIME certificate is an end-to-end encryption solution for MIME data, a.k.a. email communications, as shown in the preceding sections. The use of asymmetric cryptography by S/MIME certificates prevents the message's integrity from being compromised by a third party. In basic English, a digital signature is used to hash the message. The mail is then encrypted to protect the message's secrecy.

S/MIME employs public encryption to protect communications that can only be decoded with the corresponding private key obtained by the authorized mail receiver, according to GlobalSign, a company that provides specialized Public Key Infrastructure (PKI) solutions to businesses.

Security at Transport Layer-

SSL

SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLSencryption used today.

A website that implements SSL/TLS has "HTTPS" in its URL instead of "HTTP."

How does SSL/TLS work?

  • In order to provide a high degree ofprivacy, SSL encrypts data that is transmitted across the web. This means that anyone who tries to intercept this data will only see a garbled mix of characters that is nearly impossible to decrypt.
  • SSL initiates anauthentication process called a handshake between two communicating devices to ensure that both devices are really who they claim to be.
  • SSL also digitally signs data in order to provide data integrity, verifying that the data is not tampered with before reaching its intended recipient.

TLS

Transport Layer Security, or TLS, is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between web applications and servers, such as web browsers loading a website. TLS can also be used to encrypt other communications such as email, messaging, andvoice over IP (VoIP)

What does TLS do?

There are three main components to what the TLS protocol accomplishes:Encryption,Authentication, and Integrity.

  • Encryption:hides the data being transferred from third parties.
  • Authentication:ensures that the parties exchanging information are who they claim to be.
  • Integrity:verifies that the data has not been forged or tampered with.

How does TLS work?

A TLS connection is initiated using a sequence known as the TLS handshake. When a user navigates to a website that uses TLS, the TLS handshake begins between the user's device (also known as the client device) and the web server.

During the TLS handshake, the user's device and the web server:

  • Specify which version of TLS (TLS 1.0, 1.2, 1.3, etc.) they will use
  • Decide on which cipher suites (see below) they will use
  • Authenticate the identity of the server using the server's TLS certificate
  • Generate session keys for encrypting messages between them after the handshake is complete

Security at Network Layer-

IPSec

IPSec is a set of communication rules or protocols for setting up secure connections over a network. Internet Protocol (IP) is the common standard that determines how data travels over the internet. IPSec adds encryption and authentication to make the protocol more secure. For example, it scrambles the data at its source and unscrambles it at its destination. It also authenticates the source of the data.

Why is IPSec important?

The Internet Engineering Task Force developed IPSec in the 1990s to ensure data confidentiality, integrity, and authenticity when accessing public networks. For example, users connect to the internet with an IPSecvirtual private network (VPN)to access company files remotely. The IPSec protocol encrypts sensitive information to prevent unwanted monitoring. The server can also verify that the received data packets are authorized.

What are the uses of IPSec?

IPsec can be used to do the following:

  • Provide router security when sending data across the public internet.
  • Encrypt application data.
  • Authenticate data quickly if the data originates from a known sender.
  • Protect network data by setting up encrypted circuits, called IPsec tunnels, that encrypt all data sent between two endpoints.

No comments:

Post a Comment

Subscribe to: Posts (Atom)

A distinctive water purification technique has been developed by a research team led by IIT Madras.

IIT Madras, in partnership with Tel Aviv University in Israel, has created an aerogel adsorbent designed for th...