Course: MCA

Network Security and Cryptography

Module: 1
Preface
The Internet, a global communication network, has transformed our everyday lives in

various ways. A new way of doing business enables people to buy things online. The

World Wide Web (WWW) lets individuals share information.

Email technology connects folks from distant parts of the world. This unavoidable

change has led to a reliance on the Internet. As an open platform, the Internet has

brought about specific security challenges. To ensure a secure experience,

confidentiality, integrity, and authentication become crucial.

People want assurance that their online communications remain private. When

shopping online, they seek confirmation that the sellers are genuine. When sending

transaction requests to their banks, they desire assurance that the message's

integrity is maintained. Network security comprises protocols that allow us to use the

Internet without worrying about security threats.

Cryptography, an ancient technique that has given a new life to network security, is

the most common tool for ensuring network security. This book initially presents

readers with the basics of cryptography and subsequently applies these principles to

explain network security protocols.

.
Learning Objectives:

1. To understand Network Security.

2. To understand the Need for security.

Structure:

1.1 Introduction to Network Security

1.2 Need for Security

1.3 Policies of security

1.4 Summary

1.5 Keywords

1.6 Self-Assessment Questions

1.7 References
1.1 Introduction to Network Security

Network security means taking steps to keep your network and data safe. Any

company or organization dealing with lots of data has ways to defend against cyber

threats. Network security includes actions to keep your data and network safe and

valuable. It covers software, hardware, procedures, guidelines, and setups for

network use, access, and overall protection.

A simple example of network security is using a password chosen by the user.

Recently, it's become a major focus in cybersecurity, and many organizations are

looking for people skilled in this area. Network security solutions help protect

computer systems from vulnerabilities like users, locations, data, devices, and

applications.

1.2 Need for Security

Ensuring the security of our network is crucial to defend against attackers and

hackers. Network Security involves two main aspects: safeguarding data information

to prevent unauthorized access and loss and ensuring computer security to protect

data and thwart hackers. Network security isn't limited to a single network but

extends to any network or network of networks.

Now, our requirement for network security has evolved into two distinct needs:

information security and computer security.

On the internet or within an organization's network, a multitude of vital information

is exchanged daily, making it susceptible to misuse by attackers. Information security

is imperative for various reasons:

1. Safeguarding secret information accessible only to authorized users.

2. Preventing unauthorized editing, whether accidental or intentional.

3. Protecting information from loss and ensuring proper delivery.

4. Managing acknowledgement of received messages to prevent denial by the

sender, especially in specific situations like a customer ordering shares and

later denying the order due to market fluctuations.

5. Restricting users from sending messages with a third party's name prevents

deceptive practices.

6. Preventing unwanted delays in message transmission for timely delivery,

especially in urgent situations.

7. Avoiding data congestion caused by data or information packets wandering

indefinitely in the network if the destination machine fails to capture them

due to internal faults.

Another integral aspect of network security is computer security, which aims to

protect computer systems from damage caused by the network. Viruses and spyware

pose significant threats, capable of erasing information or causing hardware

problems. Protecting the network from such destructive software deployed by

individuals known as hackers is paramount. Computer security from hackers involves:

1. Protection against replicating and capturing viruses from infected files.

2. Proper defence against worms and bombs.

3. Protection from Trojan Horses, known for their potential danger to computer

systems.
Security approaches

● Firewalls: Firewalls act like a protective barrier between a trusted internal

network and external networks that might not be reliable. They control the flow

of network traffic entering and leaving, positioned at the network's edge to filter

and block any harmful traffic.

● Intrusion Prevention Systems (IPS): Intrusion Prevention Systems (IPS) monitor

the network or system activities for any malicious attempts or breaches of

security policies. They can identify and halt unauthorized access or attacks in real

time.

● VPN: Virtual Private Networks (VPNs) establish a secure online communication

pathway, enabling remote users to connect safely to a private network.

Encryption is employed to protect data during its journey, ensuring

confidentiality.

● NAC: Network Access Control (NAC) enforces rules regarding which devices can

access the network and under what conditions. It assesses the security status of

devices before allowing connection, ensuring compliance with security policies.

● SIEM: Security Information and Event Management (SIEM) systems collect and

analyze log data from various network devices and applications. This aids in

recognizing and responding to security incidents, providing a centralized view of

security events for monitoring and analysis.

1.3 Policies of security

Program policy

Program policies are like master plans for an organization’s info safety. They lay out

the program's purpose, scope, roles, and rules to follow. Also called master or

organizational policies, they're made with input from top managers and aren't tied to

a specific technology. They sometimes change because they're meant to stay

relevant, even with tech and organizational changes.

Issue-specific policy

Issue-specific policies build on general security policies and guide an organization’s

team more specifically. Examples are network security, bring-your-own-device

(BYOD), social media, or remote work policies. They focus on certain tech areas but

are usually broader. For instance, a remote access policy might say offsite access

needs an approved company VPN but won't name a specific VPN client. This way, the

company can switch vendors without significant updates.

System-specific policy

System-specific policies are super detailed IT security rules for a specific system, like

a firewall, web server, or even one computer. Unlike issue-specific policies, these are

more for tech folks maintaining them. NIST says they should have both security goals

and operational rules. IT and security teams help make, enforce, and implement

them, but top managers make the big decisions and rules.

1.4 Summary
❖ Network security means taking steps to keep your network and data safe.

❖ Network security includes actions to keep your data and network safe and

valuable. It covers software, hardware, procedures, guidelines, and setups for

network use, access, and overall protection.

❖ A simple example of network security is using a password chosen by the user.

❖ Network security solutions help protect computer systems from vulnerabilities

like users, locations, data, devices, and applications.

❖ Ensuring the security of our network is crucial to defend against attackers and

hackers.

❖ Network Security involves two main aspects: safeguarding data information to

prevent unauthorized access and loss and ensuring computer security to protect

data and thwart hackers.

❖ Another integral aspect of network security is computer security, which aims to

protect computer systems from damage caused by the network.

❖ Protecting the network from such destructive software deployed by individuals

known as hackers is paramount.

❖ Firewalls act like a protective barrier between a trusted internal network and

external networks that might not be reliable.

❖ Intrusion Prevention Systems (IPS) monitor the network or system activities for

any malicious attempts or breaches of security policies.

❖ Virtual Private Networks (VPNs) establish a secure online communication

pathway, enabling remote users to connect safely to a private network.

❖ Network Access Control (NAC) enforces rules regarding which devices can access

the network and under what conditions.

❖ Security Information and Event Management (SIEM) systems collect and analyze

log data from various network devices and applications.

❖ Program policies are like master plans for an organization’s info safety.

❖ Issue-specific policies build on general security policies and guide an

organization’s team more specifically.

❖ System-specific policies are super detailed IT security rules for a specific system,

like a firewall, web server, or even one computer.

❖ . IT and security teams help make, enforce, and implement them, but top

managers make the big decisions and rules.

1.5 Keywords

1. Firewalls: Firewalls act like a protective barrier between a trusted internal

network and external networks that might not be reliable. They control the flow

of network traffic entering and leaving, positioned at the network's edge to filter

and block any harmful traffic.

2. Intrusion Prevention Systems (IPS): Intrusion Prevention Systems (IPS) monitor

the network or system activities for any malicious attempts or breaches of

security policies. They can identify and halt unauthorized access or attacks in real

time.

3. VPN: Virtual Private Networks (VPNs) establish a secure online communication

pathway, enabling remote users to connect safely to a private network.

Encryption is employed to protect data during its journey, ensuring

confidentiality.
1.6 Self-Assessment Questions

1. What is the main purpose of a security policy?

2. What are major security policies?

3. Do I need to have a security policy?

4. How do I create a security policy?

5. Why is security essential in the realm of information technology and network

systems?

6. What are the primary objectives of implementing security measures in a

network environment?

7. Briefly explain the concept of confidentiality and how it relates to network

security.

8. How do security policies contribute to the overall protection of network

resources and sensitive information?

9. Discuss the importance of authentication in ensuring secure access to

network resources.

10. What are the common security approaches used to safeguard networks, and

how do they differ in their methodologies?

1.7 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 2
Learning Objectives:

1. To understand the Types of attacks.

2. To understand the Services.

Structure:

2.1 Types of attacks

2.2 Services

2.3 Summary

2.4 Keywords

2.5 Self-Assessment Questions

2.6 References
2.1 Types of attacks

Various types of attacks target network security. Let's explore the most common

ones:

1. Malware: Malware is speedy, malicious software crafted by hackers to disrupt

systems, damage networks, and gain unauthorized access for stealing data or

personal information. It gets automatically installed through the internet and

swiftly infects all connected computers.

2. Virus: Also, a malicious software, a virus needs user interaction to harm the

system. It can't replicate independently and relies on human involvement,

often through malicious links like email attachments containing harmful code.

Clicking on such links can corrupt files and lead to personal information theft.

3. Worm: A standalone computer malware, worms replicate without human

intervention, spreading through networks by exploiting system flaws. They

don't require a host file and can infiltrate a system through applications,

consuming processing power and causing unresponsiveness.

4. Man-in-the-middle: Man-in-the-middle attack occurs when a person

intercepts and takes away private information or changes it between two

gadgets, like a user's device and a server.

5. Distributed Denial of Service (DDoS): DDoS is a complex type of DoS attack

where the attacker employs many systems to flood the victim's server with

traffic, leading to malfunctions and blocking access. Identifying DDoS threats

is tricky because they originate from different infected systems and are

frequently employed for blackmail or revenge.

 Denial-of-service attacks include:

● Connection flooding

● Vulnerability attacks

● Bandwidth flooding

6. Phishing: Phishing is a sneaky trick used by hackers. They send fake emails to

fool people into giving away personal info like credit card details, online

banking info, usernames, and passwords. These emails look legit but have

harmful stuff hidden in them.

7. IP Spoofing: IP Spoofing is a crafty move by attackers. They change their

computer's ID to pretend they're someone trustworthy. This helps them

break into a system without being noticed.

8. Botnet: A Botnet is like a hacker's team of infected computers. These

computers do what the hacker wants, all working to attack different systems

simultaneously. It's like a zombie army controlled by the hacker.

9. Trojan horse: A seemingly harmless application that turns malicious when

installed, often embedded in games and spreading through social engineering

methods like emails. Trojans can give attackers access to sensitive

information.

10. Packet Sniffer: These tools capture and save transmission packets in a

network. Attackers use sniffers to gather sensitive information such as social

details, financial data, trade secrets, user IDs, and passwords by intercepting

network packets.
2.2 Services

When we discuss network security, the CIA triad emerges as a crucial model guiding

information security policies within an organization. CIA stands for Confidentiality,

Integrity, and Availability—critical objectives for securing a network.

Confidentiality

Confidentiality is about making sure only authorized people can access data. It's the

responsibility of users to keep control systems secure, like passwords for computers

and physical restrictions like ID cards. Employees need to be well-trained in

information security to avoid accidentally sharing data. It's crucial to limit data

sharing and set rules to maintain confidentiality.

Physical restrictions are equally important. Unauthorized access to your building can

lead to unauthorized data access. Door codes should never be written down, and

staff should be cautious to ensure no one is watching or recording them entering

codes. Many organizations require employees to wear ID badges, making it easier to

identify non-employees. ID badges should be worn only at work to prevent criminals

from using your details to gain access. Areas with sensitive information may have

extra access restrictions, like an additional door code.

Integrity

Integrity means ensuring data is accurate and up-to-date. An organisation's

trustworthiness and conscientiousness depend on the integrity of its data. One of the

fundamental principles in data protection is keeping data accurate and up-to-date.

Users must fulfil their legal duties to maintain data integrity. Assigning specific roles

and responsibilities for data integrity helps ensure everyone takes it seriously.

Availability

Availability ensures authorized personnel can reliably access information. Data must

be stored in a logical and secure system to be easily accessible. High availability

supports efficient business processing and benefits the organization. Every user is

responsible for organising desktop documents for future access. Paper copies should

be securely filed and not left unattended.

2.3 Summary

❖ Various types of attacks target network security.

❖ Malware is speedy, malicious software crafted by hackers to disrupt systems,

damage networks, and gain unauthorized access for stealing data or personal

information.

❖ malicious software, a virus needs user interaction to harm the system.

❖ Standalone computer malware, worms replicate without human intervention,

spreading through networks by exploiting system flaws.

❖ Man-in-the-middle attack occurs when a person intercepts and takes away

private information or changes it between two gadgets, like a user's device and a

server.

❖ DDoS is a complex type of DoS attack where the attacker employs many systems

to flood the victim's server with traffic, leading to malfunctions and blocking
 access.

❖ Phishing is a sneaky trick used by hackers. They send fake emails to fool people

into giving away personal info like credit card details, online banking info,

usernames, and passwords.

❖ IP Spoofing is a crafty move by attackers. They change their computer's ID to

pretend they're someone trustworthy.

❖ A Botnet is like a hacker's team of infected computers. These computers do what

the hacker wants, all working to attack different systems simultaneously.

❖ A seemingly harmless application that turns malicious when installed, often

embedded in games and spreading through social engineering methods like

emails.

❖ When we discuss network security, the CIA triad emerges as a crucial model

guiding information security policies within an organization.

❖ Confidentiality ensures that only authorized individuals or systems can access

sensitive or classified information transmitted over the network.

❖ Encryption techniques like AES (Advanced Encryption Standard) or DES (Data

Encryption Standard) are employed to thwart this.

❖ Moving on to Integrity, it ensures data remains unaltered. Data corruption

signifies a failure to maintain Integrity.

❖ Availability emphasizes the network's constant accessibility for users,

encompassing systems and data.

❖ Network administrators ensure availability by maintaining hardware,

implementing regular upgrades, establishing fail-over plans, and preventing

bottlenecks.
2.4 Keywords

1. Malware: Malware is speedy, malicious software crafted by hackers to disrupt

systems, damage networks, and gain unauthorized access for stealing data or

personal information. It gets automatically installed through the internet and

swiftly infects all connected computers.

2. Worm: A standalone computer malware, worms replicate without human

intervention, spreading through networks by exploiting system flaws. They don't

require a host file and can infiltrate a system through applications, consuming

processing power and causing unresponsiveness.

3. Phishing: Phishing is a sneaky trick used by hackers. They send fake emails to

fool people into giving away personal info like credit card details, online banking

info, usernames, and passwords. These emails look legit but have harmful stuff

hidden in them.

4. IP Spoofing: IP Spoofing is a crafty move by attackers. They change their

computer's ID to pretend they're someone trustworthy. This helps them break

into a system without being noticed.

5. Confidentiality: Confidentiality ensures that only authorized individuals or

systems can access sensitive or classified information transmitted over the

network. Unauthorized access poses a risk, as attackers may use various tools to

capture data.
2.5 Self-Assessment Questions

1. Break down the idea of phishing attacks and how they mess with keeping

things confidential.

2. How does a man-in-the-middle attack mess with the honesty of data when

it's being passed around?

3. Define ransomware and discuss how it messes with keeping things secret and

available.

4. What's SQL injection, and how does it sneak through weak spots to mess with

data honesty?

5. How can social engineering attacks mess with keeping secret info secret?

6. Explain what encryption does to keep data talks down low.

7. Why are access control mechanisms essential for keeping data honest?

8. How do buffer overflow attacks mess with a system's availability?

9. Define "zero-day exploit" and discuss how it throws a wrench in system

security.

10. How does multi-factor authentication help keep user accounts confidential?

2.6 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private
 Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 3
Learning Objectives:

1. To understand the Encryption Techniques.

2. To understand Encryption & Decryption.

Structure:

3.1 Encryption Techniques

3.2 Encryption & Decryption

3.3 Cryptographic attacks

3.4 Summary

3.5 Keywords

3.6 Self-Assessment Questions

3.7 References
3.1 Encryption Techniques

Encryption is a way to safeguard information by turning it into code that can only be

understood by someone with the correct key. It appears chaotic and unreadable if

unauthorized individuals try to access encrypted data.

When we talk about encryption, it's the process of changing data from a readable

form to a scrambled one. This is done to stop anyone from peeking at sensitive data

while it's being transmitted. Encryption can be applied to various things like

documents, files, messages, or any communication over a network.

Plain Text

In simple terms, encrypted communication transforms regular text into code using

cyphers or encryption methods. Plain text is any information that can be read

without a decryption key, including binary files. Everything intended to be encrypted

or already encrypted is considered plain text. A cryptographic system takes this plain

text, processes it, and produces code known as ciphertext. Algorithms help convert

ciphertext back into plain text and vice versa. This process ensures that only the

intended recipient can understand the data.

Protecting plain text stored in computer files is crucial because unauthorized access

can expose the information, leading to potential actions based on that data. To

ensure security, the storage medium, the device, its components, and any backups

must be secured.
Ciphertext

Ciphertext is the result of using encryption methods, often called ciphers. If someone

or something doesn't have the correct cipher, the data appears encrypted and cannot

be understood. The cipher is essential for interpreting the data. Algorithms are used

to transform regular text into ciphertext and vice versa, involving encryption and

decryption processes.

In simpler terms, substitution ciphers replace letters or groups of letters with other

letters, preserving the initial sequence. This cryptographic approach involves

substitutions rather than revealing the original elements.

Substitution Cipher Technique

In the Substitution Cipher technique, characters are replaced with other characters

or symbols, changing their identity but not their position in the string. This method

encrypts text by substituting letters or units of text. While basic substitution ciphers

became easy for computers to crack, some concepts persist in modern encryption.

Transposition Cipher Technique

In the Transposition Cipher Technique, each character's position shifts to a different

position. This encryption method arranges plaintext units predictably, creating a

permutation of the plaintext. One example is the Rail Fence encryption, where the

plaintext is written on imaginary "rails" of a fence and then read in a series of rows.

This technique follows a scytale-like pattern, an ancient Greek device for constructing

transposition ciphers. The Rail Fence Cipher encrypts by coiling a ribbon around a

cylinder, and decoding happens when the ribbon is uncoiled from a cylinder with the
same diameter as the encrypting cylinder.

3.2 Encryption & Decryption

Encryption

Encryption is like a secret code for data. It's a way of jumbling up regular information

(plaintext) so that only the right people can unscramble it back to its original form.

This jumbled-up version is called ciphertext. The idea is to keep unauthorized folks

from understanding the info even if they try to snoop around.

To do this, encryption uses a unique key (think of it as a secret codebreaker) created

by a computer algorithm. Even if someone tries to crack the code without the key, it's

super hard because it takes a lot of computer smarts and time. Only the person

supposed to get the info can easily unscramble it using the key. When data is

encrypted, it looks like a bunch of random letters and numbers.

Once data is locked up with encryption, the only way to open and reread it is by using

the right key. Encryption is crucial for keeping sensitive info safe when it's sent or

stored. There are different types of encryption, like stream ciphers that handle data

bit by bit and block ciphers that deal with larger chunks.

Decryption

Decryption is the opposite of encryption. It's the process of turning encrypted data

back to its original state. It's like using the secret codebreaker (key) to unlock the

jumbled-up info. Decryption needs this unique key or password, and only the right

person can use it to decode the data.

When info travels on the internet, there's a risk of sneaky people trying to peek at it.
That's why we use encryption – to stop data from being stolen. Email, text files,

pictures, and more can be encrypted to keep them safe. When someone needs to

decrypt the info, they usually get a pop-up or window asking for the password. This

ensures that only authorized users can access the protected data.

3.3 Cryptographic attacks

A cryptographic attack allows terrible actors to get around the security of a

cryptographic system by discovering weaknesses in its code, cipher, cryptographic

protocol, or key management scheme. This evasion is also known as "cryptanalysis."

So, these attacks focus on cryptographic or cipher systems that hide data so only a

few people can see it. There are six main types of these attacks, depending on the

cryptographic system and information available to the attacker:

● Brute force attacks: In brute force attacks, the person trying to break into a

system tests different keys to uncover a coded message. For instance, if the

critical size is 8 bits, there are 256 potential keys (2^8). To succeed, the

attacker must know the algorithm and test all 256 keys.

● Ciphertext-only attack: Ciphertext-only attacks happen when an intruder gets

hold of a bunch of coded messages. Even though they can't directly access

the original message, they can deduce it from the coded collection. This

method is typically less effective than brute force.

● Chosen plaintext attack: In chosen plaintext attacks, a cybercriminal

handpicks specific data to obtain the corresponding ciphertext, making it

more straightforward to figure out the encryption key.

 ● Chosen ciphertext attack: Chosen ciphertext attacks involve the attacker

trying to link the coded message to the original one, aiming to guess the key

and obtain secret details.

● Known plaintext attack: This occurs when the attacker already knows the

plaintext of some parts of the ciphertext through information-gathering

techniques.

● Dual key and algorithm attack: The attacker tries to recover the key used for

encryption or decryption by analyzing the cryptographic algorithm.

Active vs. Passive Cryptographic Attacks:

Besides these six types, cryptographic attacks can be either passive or active.

● Passive attacks: Passive attacks are launched to gain unauthorized access to

sensitive data by intercepting or eavesdropping on general communication.

Significantly, in passive attacks, the data and communication are not

tampered with; they remain intact.

● Active attacks: Involve modifying the data or communication. The attacker

gains access to the data and tampers with it.

Key range & Size

● Key range: In cryptography, the key range refers to all the potential values a

cryptographic key can have. A sufficiently sizable key range is crucial to make

it hard for attackers to guess or brute-force the correct key.

When the key range is more extensive, cryptographic algorithms become

 more complex, making it more challenging for attackers to carry out various

attacks, like brute-force attempts.

● Key Size: The key Size, usually measured in bits, is a specific numeric value

within the key range. It shows the length or complexity of the cryptographic

key. In simple terms, a larger key size means a higher level of security. For

instance, a 128-bit key offers more possible combinations than a 64-bit key,

making it more resilient against cryptographic attacks.

As computational power advances, cryptographic algorithms often need to

boost their key sizes to ensure a consistently high level of security.

3.4 Summary

❖ Encryption is a way to safeguard information by turning it into code that can only

be understood by someone with the correct key.

❖ When we talk about encryption, it's the process of changing data from a readable

form to a scrambled one.

❖ In simple terms, encrypted communication transforms regular text into code

using cyphers or encryption methods.

❖ Everything intended to be encrypted or already encrypted is considered plain

text.

❖ A cryptographic system takes this plain text, processes it, and produces code

known as ciphertext.

❖ Ciphertext is the result of using encryption methods, often called ciphers

❖ In the Substitution Cipher technique, characters are replaced with other

characters or symbols, changing their identity but not their position in the string.

❖ In the Transposition Cipher Technique, each character's position shifts to a

different position.

❖ The Rail Fence Cipher encrypts by coiling a ribbon around a cylinder, and

decoding happens when the ribbon is uncoiled from a cylinder with the same

diameter as the encrypting cylinder.

❖ Encryption is like a secret code for data. It's a way of jumbling up regular

information (plaintext) so that only the right people can unscramble it back to its

original form

❖ Once data is locked up with encryption, the only way to open and reread it is by

using the right key.

❖ Decryption is the opposite of encryption. It's the process of turning encrypted

data back to its original state.

❖ Decryption needs this unique key or password, and only the right person can use

it to decode the data.

❖ A cryptographic attack allows terrible actors to get around the security of a

cryptographic system by discovering weaknesses in its code, cipher, cryptographic

protocol, or key management scheme.

❖ In brute force attacks, the person trying to break into a system tests different keys

to uncover a coded message.

❖ Ciphertext-only attacks happen when an intruder gets hold of a bunch of coded

messages.

❖ Chosen ciphertext attacks involve the attacker trying to link the coded message to
 the original one, aiming to guess the key and obtain secret details.

❖ In cryptography, the key range refers to all the potential values a cryptographic

key can have.

❖ When the key range is more extensive, cryptographic algorithms become more

complex, making it more challenging for attackers to carry out various attacks,

like brute-force attempts.

❖ The key Size, usually measured in bits, is a specific numeric value within the key

range. It shows the length or complexity of the cryptographic key.

❖ As computational power advances, cryptographic algorithms often need to boost

their key sizes to ensure a consistently high level of security.

3.5 Keywords

1. Ciphertext: Ciphertext is the result of using encryption methods, often called

ciphers. If someone or something doesn't have the correct cipher, the data

appears encrypted and cannot be understood. The cipher is essential for

interpreting the data.

2. Encryption: Encryption is like a secret code for data. It's a way of jumbling up

regular information (plaintext) so that only the right people can unscramble it

back to its original form. This jumbled-up version is called ciphertext. The idea

is to keep unauthorized folks from understanding the info even if they try to

snoop around.

3. Brute force attacks: In brute force attacks, the person trying to break into a

system tests different keys to uncover a coded message. For instance, if the
 critical size is 8 bits, there are 256 potential keys (2^8). To succeed, the

attacker must know the algorithm and test all 256 keys.

4. Ciphertext-only attack: Ciphertext-only attacks happen when an intruder gets

hold of a bunch of coded messages. Even though they can't directly access

the original message, they can deduce it from the coded collection. This

method is typically less effective than brute force.

3.6 Self-Assessment Questions

1. What is plaintext in the context of encryption?

2. How do substitution techniques contribute to encryption methods?

3. Can you provide an example of a substitution cipher and how it works?

4. What is the role of transposition techniques in encryption?

5. Explain the difference between substitution and transposition techniques in

encryption.

6. How does encryption ensure secure communication and data protection?

7. Define cryptographic attacks and provide examples of common types.

8. What is the purpose of key range in encryption algorithms?

9. What are the potential vulnerabilities associated with encryption algorithms?

10. How do cryptographic keys enhance the security of encrypted data?

3.7 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.
2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 4
Learning Objectives:

1. To understand the Symmetric & Asymmetric Key Cryptography.

2. To understand Algorithm types & Modes.

Structure:

4.1 Symmetric & Asymmetric Key Cryptography

4.2 Summary

4.3 Keywords

4.4 Self-Assessment Questions

4.5 References
4.1 Symmetric & Asymmetric Key Cryptography

Symmetric Encryption:

The simplest way to keep information safe is using symmetric encryption. In this

method, a single secret key is used to both lock and unlock the data. It's an old but

effective technique involving a private key, which can be a number, a word, or a

random bunch of letters. This key mixes with the original message, changing its

content in a specific manner. To make this work, both the sender and receiver must

know the secret key for locking and unlocking the messages. Examples of symmetric

encryption methods are Blowfish, AES, RC4, DES, RC5, and RC6, with AES-128,

AES-192, and AES-256 commonly used. However, there's a catch–all parties involved

must share the key before they can unlock the information.

Pros and Cons of Symmetric Encryption:

Pros:

● Faster: Using a single key for encryption and decryption speeds up the

process.

● Identity verification: It employs password authentication for verifying the

receiver's identity.

● Easy to execute & manage: With only one key for encryption and decryption,

it's simple to implement and manage.

Cons:
 ● Secure key sharing is challenging, making it difficult to share keys securely.

● Symmetric encryption could be more scalable, making it unsuitable for

various users.

Asymmetric Encryption:

Asymmetric encryption, also known as public key cryptography, is a relatively recent

method compared to symmetric encryption. This technique utilizes two keys for

encrypting plain text and exchanging secret keys over the Internet or a network. This

prevents malicious individuals from misusing the keys. Notably, anyone possessing

the secret key can decrypt the message, prompting using two related keys to

enhance security. A public key is shared openly for message-senders, while the

second private key remains confidential. Messages encrypted with a public key

require a private key for decryption, and vice versa. With its heightened security,

asymmetric encryption is commonly employed in day-to-day communication

channels, especially over the Internet. Examples include EIGamal, RSA, DSA, Elliptic

curve techniques, and PKCS.

Pros and Cons of Asymmetric Encryption:

Pros:

● Dual keys - public and private - eliminate key distribution issues.

● Scalability: With a pair of keys, communication with multiple parties becomes

manageable in large networks.

Cons:

● Performance: Asymmetric encryption is slower than symmetric encryption.

● Complexity: Implementing and managing asymmetric encryption is more

challenging due to large key sizes.

Algorithm Types & Modes

● Symmetric Key Cryptography

Symmetric Key Cryptography involves encrypting and decrypting messages using a

shared key between the sender and receiver. While it's a faster and simpler system,

securely exchanging the key is the challenge. Notable examples of symmetric critical

cryptography systems include Data Encryption System (DES) and Advanced

Encryption System (AES).

● Hash Function

Hash Functions, on the other hand, don't use any key. They calculate a fixed-length

hash value based on the plaintext, making it nearly impossible to recover the original

content. Many operating systems employ hash functions for password encryption.

● Asymmetric Key Cryptography

In asymmetric key cryptography, also called public-key cryptography, there are two

keys: a private one for the receiver and a public one for everyone. These keys, linked
by math, come in pairs. The public key is open to everyone, while the private key is

only for the person who creates it.

● Digital Signatures

Moving on to Digital Signatures in Cryptography, they are comparable to handwritten

signatures and serve as electronic verifications of the sender. Digital signatures find

everyday use in software distribution and financial transactions, serving three

essential purposes: Authentication, proving the sender in cryptography;

non-repudiation, ensuring someone can't deny validity; and Integrity, maintaining the

quality of the sent and received messages.

Data Encryption Standard (DES):

Data Encryption Standard (DES) is vital in safeguarding data by acting as a block

cipher with a 56-bit key length. Over time, DES has been a critical player in ensuring

data security. However, its popularity has slightly waned due to discovering

vulnerabilities through powerful attacks.

DES operates as a block cipher when processing data, working on 64-bit blocks. This

means it transforms 64 bits of plaintext into 64 bits of ciphertext. Both encryption

and decryption employ the same algorithm and key, and the key has a critical length

of 56 bits.
International Data Encryption Algorithm (IDEA):

Created in 1991, the International Data Encryption Algorithm (IDEA) is a type of

encryption that keeps digital information safe. It uses a 64-bit block size and a 128-bit

key length. To transform regular text into a secret ciphertext code, IDEA uses

mathematical techniques such as modular arithmetic, bit shifting, and XOR

operations. It's good at defending against different attacks, like differential and linear

cryptanalysis. One of IDEA's strong points is that it works well in software and

hardware applications.

IDEA's speed, low memory requirement, and modest processing power make it

suitable for limited-resource applications. Despite being succeeded by newer

algorithms like AES, IDEA remains secure and is still used in some legacy systems and

applications.

Differential & Linear Cryptanalysis:

Cryptanalysis is the process of transforming encrypted communications into readable

format without access to the actual key. Unlike brute force attacks, cryptanalysis

seeks vulnerabilities within a cryptosystem. It involves a concentrated mathematical

attempt at decryption, utilizing available knowledge about the encryption scheme.

Linear Cryptanalysis:

Linear cryptanalysis is a common type of attack against block ciphers. It relies on

discovering affine approximations to a cipher's action to exploit weaknesses in the

encryption process.
Differential Cryptanalysis:

Differential cryptanalysis is a method applicable to block and stream ciphers and

cryptographic hash functions. It explores how changes in input information affect

subsequent differences in the output. In the context of block ciphers, it tracks

differences across transformations to identify non-random behavior and recover the

secret key. Cryptanalysis is crucial for breaking cryptographic security systems and

accessing encrypted messages, even with an unknown cryptographic key.

4.2 Summary

❖ The simplest way to keep information safe is using symmetric encryption. In this

method, a single secret key is used to both lock and unlock the data.

❖ To make this work, both the sender and receiver must know the secret key for

locking and unlocking the messages.

❖ Asymmetric encryption, also known as public key cryptography, is a relatively

recent method compared to symmetric encryption.

❖ Notably, anyone possessing the secret key can decrypt the message, prompting

using two related keys to enhance security.

❖ Messages encrypted with a public key require a private key for decryption, and

vice versa.

❖ Symmetric Key Cryptography involves encrypting and decrypting messages using

a shared key between the sender and receiver.

❖ Hash Functions, on the other hand, don't use any key. They calculate a
 fixed-length hash value based on the plaintext, making it nearly impossible to

recover the original content.

❖ In asymmetric key cryptography, also called public-key cryptography, there are

two keys: a private one for the receiver and a public one for everyone.

❖ Moving on to Digital Signatures in Cryptography, they are comparable to

handwritten signatures and serve as electronic verifications of the sender.

❖ Data Encryption Standard (DES) is vital in safeguarding data by acting as a block

cipher with a 56-bit key length.

❖ DES operates as a block cipher when processing data, working on 64-bit blocks.

❖ An exciting aspect of DES is its key manipulation process. Despite starting with a

64-bit key, DES discards every 8th bit before getting underway.

❖ To transform regular text into a secret ciphertext code, IDEA uses mathematical

techniques such as modular arithmetic, bit shifting, and XOR operations.

❖ One of IDEA's strong points is that it works well in software and hardware

applications.

❖ Cryptanalysis is the process of transforming encrypted communications into

readable format without access to the actual key.

❖ Linear cryptanalysis is a common type of attack against block ciphers. It relies on

discovering affine approximations to a cipher's action to exploit weaknesses in

the encryption process.

❖ Differential cryptanalysis is a method applicable to block and stream ciphers and

cryptographic hash functions.

❖ . In the context of block ciphers, it tracks differences across transformations to

identify non-random behaviour and recover the secret key.

❖ Cryptanalysis is crucial for breaking cryptographic security systems and accessing

encrypted messages, even with an unknown cryptographic key.

4.3 Keywords

1. Hash Functions: Hash Functions, on the other hand, don't use any key. They

calculate a fixed-length hash value based on the plaintext, making it nearly

impossible to recover the original content. Many operating systems employ hash

functions for password encryption.

2. DES: Data Encryption Standard (DES) is vital in safeguarding data by acting as a

block cipher with a 56-bit key length. Over time, DES has been a critical player in

ensuring data security. However, its popularity has slightly waned due to

discovering vulnerabilities through powerful attacks.

3. Linear Cryptanalysis: Linear cryptanalysis is a common type of attack against

block ciphers. It relies on discovering affine approximations to a cipher's action to

exploit weaknesses in the encryption process.

4. Differential Cryptanalysis: Differential cryptanalysis is a method applicable to

block and stream ciphers and cryptographic hash functions. It explores how

changes in input information affect subsequent differences in the output.

4.4 Self-Assessment Questions

1. What sets Symmetric and Asymmetric Key Cryptography apart at their core?

2. Can you list two standard symmetric key encryption algorithms?

3. Elaborate on the idea of block cipher modes in symmetric key cryptography.

 4. Tell me about DES and its functioning in symmetric key encryption.

5. Break down the IDEA algorithm and its importance in cryptography.

6. Mention a widely used block cipher mode in symmetric key cryptography and

clarify its workings.

7. Name two prevalent asymmetric key encryption algorithms.

8. Delve into the security pros and cons of symmetric key cryptography.

9. How does management differ in asymmetric key cryptography from

symmetric key cryptography?

10. Explain the role of cryptographic algorithms in ensuring data integrity in a

communication system.

4.5 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 5
Learning Objectives:

1. To understand the Authentication basics.

Structure:

5.1 Authentication basics

5.2 Summary

5.3 Keywords

5.4 Self-Assessment Questions

5.5 References
5.1 Authentication basics

Authentication is how we check if a person or information is who or what they claim

to be. When someone logs into a computer system, user authentication confirms

their identity. There are various types of authentication systems:

● Token Authentication: It's like a VIP pass for your online accounts. Once you

prove you're you, you get a unique token. Once that token is ready, you can

enter websites or apps without logging in.

● Password Authentication: This is the classic way. Remembering your

username and a secret code (password) is the key. The trick is that the fancier

and more often you change the password, the safer your account's.

● Biometric Authentication: Your body is the password here. Think of

fingerprints or the unique pattern of your iris. The system checks these in real

time against what it has on file. It's easy for you and super secure.

● Certificate-Based Authentication: Picture a digital ID card. This method uses

a digital certificate as your online ID. Without the secret key, it's impossible to

fake. This can prove who you are, what device you're using, or which service

you're accessing. Usually, it comes with a fancy cloud-based system to

manage everything.

● Multi-Factor Authentication (MFA): Double trouble for intruders! MFA means

using two or more of the above methods. It's like having two locks instead of

one. This makes messing with your accounts way more challenging for bad

guys.

● Password less Authentication: No more typing in passwords! You get into

 your app or system without them. Instead, you show other proofs like

fingerprints, a special badge, or codes from a little gadget. Sometimes, this

goes hand-in-hand with MFA and Single Sign-On (SSO), making your life easier

and more secure.

● Passwords: Users have a unique username and password. The system

compares entered credentials with stored ones for access.

5.2 Summary

❖ Authentication is how we check if a person or information is who or what they

claim to be. When someone logs into a computer system, user authentication

confirms their identity.

❖ Token Authentication is like a VIP pass for your online accounts. Once you prove

you're you, you get a unique token.

❖ Password Authentication is the classic way. Remembering your username and a

secret code (password) is the key.

❖ Biometric Authentication: Your body is the password here. Think of fingerprints

or the unique pattern of your iris.

❖ Multi-Factor Authentication (MFA) is Double trouble for intruders! MFA means

using two or more of the above methods.

❖ Users have a unique username and password. The system compares entered

credentials with stored ones for access.

5.3 Keywords

1. Token Authentication: It's like a VIP pass for your online accounts. Once you

prove you're you, you get a unique token. Once that token is ready, you can enter

websites or apps without logging in.

2. Password Authentication: This is the classic way. Remembering your username

and a secret code (password) is the key. The trick is that the fancier and more

often you change the password, the safer your account's.

3. Biometric Authentication: Your body is the password here. Think of fingerprints

or the unique pattern of your iris. The system checks these in real time against

what it has on file. It's easy for you and super secure.

4. Passwords: Users have a unique username and password. The system compares

entered credentials with stored ones for access.

5.4 Self-Assessment Questions

1. In what situations is adaptive helpful authentication, and how does it adapt

to different security risks?

2. How can organizations balance user convenience and the need for strong

authentication in their security policies?

3. What measures can be taken to guard against phishing attacks compromising

authentication credentials?

4. What does authentication mean, and why is it essential in cybersecurity?

5. How do passwords help with user authentication?

6. Explain why multi-factor authentication (MFA) is more secure than just one
 factor.

7. What are authentication tokens, and how do they make the authentication

process more secure?

8. Explain how certificate-based authentication works and its advantages over

the traditional password-based method.

9. Explain the role of Public Key Infrastructure (PKI) in certificate-based

authentication.

10. What are the risks associated with using weak or easily guessable passwords

for authentication?

5.5 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 6
Learning Objectives:

1. To understand Cryptography.

2. To understand Conventional Encryption Principles.

Structure:

6.1 Cryptography

6.2 Conventional Encryption Principles

6.3 Summary

6.4 Keywords

6.5 Self-Assessment Questions

6.6 References
6.1 Cryptography

Cryptography is like a secret language for messages. It's a way of hiding or changing

information so only the person meant to get the message can understand it. People

have been using cryptography to encode messages for ages. Nowadays, it's still

essential for things like bank cards, passwords, and online shopping.

In modern times, unique tricks and secret codes are called algorithms and ciphers for

encoding and decoding information. They use things like 128-bit and 256-bit keys to

keep things super safe. The Advanced Encryption Standard (AES) is one of these

codes that's hard to crack.

When we say cryptography, we mean turning information into secret codes to make

sure only the right person can read it. This cybersecurity trick, also called cryptology,

mixes different fields like computer science, engineering, and math to make

complicated codes that keep the real meaning of a message hidden.

Cryptography goes way back to ancient Egyptian hieroglyphics, but today, it's crucial

for keeping messages and information safe from nosy people. It uses fancy math and

codes to turn messages into puzzles that are tough to solve. Cryptographic keys and

digital signatures help keep data safe when we use credit cards, send emails, or

browse the internet.

Secure inter branch payment transactions

Safe money moves between different company parts, so secret codes are important.

They ensure the money info sent between branches stays private, reliable, and

accurate. These codes, called cryptography, use special tricks to keep sensitive details
safe from sneaky folks. Let's break down how cryptography keeps inter-branch

payments secure:

● Secret Codes: We use challenging secret codes to keep payment info safe

while it travels. Advanced encryption standards (AES) and secure socket layers

(SSL) are popular. These codes turn financial moves into a secret language

only the right people can understand.

● Key Pairs: Public Key Infrastructure (PKI) helps in safe talking by using pairs of

keys. These keys are like special codes - one is public, and the other is private.

They let branches check each other and talk privately.

● Digital Signatures: Consider digital signatures as a stamp of approval for

money moves. They check if the information is accurate and the right people

are involved. This helps stop fake money moves and keeps financial details

safe.

● Token Magic: To make things even safer, we can replace important info like

account numbers with tokens. Even if someone snatches the data, it's only

valid with the particular token system. This extra step helps protect against

sneaky data breaches.

● Double Check with MFA: For an added layer of safety, we use Multi-Factor

Authentication (MFA). This means users have to show multiple IDs before

making a money move. It keeps the system safe, even if someone knows the

login info.

● Safe Talk: Using secure ways to talk online (like HTTPS) or for big data

transfers adds more safety. These methods ensure the info stays unchanged

and secret while moving from one place to another.

 ● Keep Checking and Updating: Staying on top of security is a must. Regular

checks, audits, and quick updates to secret codes help catch and stop new

threats. It's like staying one step ahead to keep the codes solid and ready for

anything.

● Key Care: Taking good care of secret keys is super important. Keep them safe,

change them often, and make sure only the right people can use them. This

way, we stop bad guys from getting in and messing things up.

Conventional Encryption and Message Confidentiality

In conventional encryption, also called symmetric-key encryption, folks use the same

key for locking and unlocking info. This means both the person sending the message

and the one getting it need to know this secret key to keep their chat private. The key

stays hush-hush and acts as the shared secret between them.

There are two main kinds of these encryption tricks:

● Stream Ciphers: These encrypt bits of info one by one. They're handy for live

chats since they can jumble and unjumble data as it goes.

● Block Ciphers: These encrypt chunks of data with a set size. The data gets split

into blocks, and each block gets its code. Some popular ones are the

Advanced Encryption Standard (AES) and Triple DES (3DES).

Message Confidentiality:

One of the big aims of secret codes is to ensure messages stay private. This means

nobody who isn't supposed to can peek at or figure out what's in the locked-up
message. When folks use regular encryption, the message looks like a bunch of

random stuff to anyone who doesn't have the right key.

Conventional Encryption Principles

Traditional encryption, called conventional encryption, is the way people used to

secure information before everyone started using public-key cryptography. In this

method, there's a single key for both locking and unlocking the message. There are

two main kinds: symmetric-key encryption and transposition ciphers.

Symmetric-Key Encryption

Symmetric-key encryption, also known as secret-key encryption, relies on the same

key for locking and unlocking. Both the sender and receiver need to have this secret

key.

There are two types of symmetric-key encryption: stream ciphers and block ciphers.

● Stream Ciphers: In stream ciphers, data gets encrypted one bit or byte at a

time as it's sent. The key usually mixes with the original message to create the

secret code. An example is the RC4 algorithm.

● Block Ciphers: Block ciphers lock in fixed-size chunks of data (like 64 or 128

bits) simultaneously. DES (Data Encryption Standard) and AES (Advanced

Encryption Standard) are common examples. The original message is divided

into blocks, and each gets encrypted independently.

Transposition Ciphers

Transposition ciphers involve mixing up the order of characters in the original

message to create the coded message. The key shows how to rearrange the

characters. An example is the Rail Fence cipher, where characters zigzag in writing

and then get read off in rows.

● Strengths and Weaknesses: Symmetric-key encryption is fast when it comes

to processing lots of data. However, a big challenge is getting the key to both

parties safely. If someone intercepts the key during transmission, they can

unlock the entire conversation. Transposition ciphers are simpler but less

strong than modern block ciphers. They are vulnerable to frequency analysis.

● Key Management: Taking care of symmetric keys is vital for keeping encrypted

communication secure. Methods like crucial exchange protocols and critical

distribution systems help ensure that keys are shared safely between those

talking.

6.2 Conventional Encryption Principles

Conventional Encryption works by changing average messages into secret ones only

the intended receiver can understand. The sender and receiver agree on a private key

for encoding and decoding. Usually, they send this secret key using public essential

encryption methods.
In regular encryption, figuring out the original message from the secret one without

the key is impossible. So, it's super important to keep the key a secret.

These encryption methods are commonly used because they're good at encoding

and decoding quickly. But they have weaknesses. One weakness is related to the

number of keys available to choose from. More extensive key options make it harder

for attackers to guess the right one. Another area for improvement is the length of

the key, as longer keys make it more challenging for patterns to show up in the secret

message. The main aim of regular encryption is to create personal messages that are

truly random, making it challenging for someone to figure them out by analysing the

frequency of symbols or blocks in the secret message.

6.3 Summary

❖ Cryptography is like a secret language for messages. It's a way of hiding or

changing information so only the person meant to get the message can

understand it.

❖ In modern times, unique tricks and secret codes are called algorithms and ciphers

for encoding and decoding information.

❖ When we say cryptography, we mean turning information into secret codes to

make sure only the right person can read it.

❖ Cryptography goes way back to ancient Egyptian hieroglyphics, but today, it's

crucial for keeping messages and information safe from nosy people.

❖ Cryptographic keys and digital signatures help keep data safe when we use credit

cards, send emails, or browse the internet.

❖ Safe money moves between different company parts, so secret codes are

important.

❖ Public Key Infrastructure (PKI) helps in safe talking by using pairs of keys.

❖ Consider digital signatures as a stamp of approval for money moves. They check if

the information is accurate and the right people are involved.

❖ For an added layer of safety, we use Multi-Factor Authentication (MFA).

❖ Using secure ways to talk online (like HTTPS) or for big data transfers adds more

safety.

❖ In conventional encryption, also called symmetric-key encryption, folks use the

same key for locking and unlocking info.

❖ One of the big aims of secret codes is to ensure messages stay private.

❖ When folks use regular encryption, the message looks like a bunch of random

stuff to anyone who doesn't have the right key.

❖ Traditional encryption, called conventional encryption, is the way people used to

secure information before everyone started using public-key cryptography.

❖ Symmetric-key encryption, also known as secret-key encryption, relies on the

same key for locking and unlocking.

❖ Transposition ciphers involve mixing up the order of characters in the original

message to create the coded message.

❖ Conventional Encryption works by changing average messages into secret ones

only the intended receiver can understand.

❖ More extensive key options make it harder for attackers to guess the right one.

❖ The main aim of regular encryption is to create personal messages that are truly

random, making it challenging for someone to figure them out by analysing the
 frequency of symbols or blocks in the secret message.

6.4 Keywords

1. Cryptography: Cryptography is like a secret language for messages. It's a way

of hiding or changing information so only the person meant to get the

message can understand it. People have been using cryptography to encode

messages for ages.

2. Digital Signatures: Consider digital signatures as a stamp of approval for

money moves. They check if the information is accurate and the right people

are involved.

3. Stream Ciphers: These encrypt bits of info one by one. They're handy for live

chats since they can jumble and unjumble data as it goes.

4. Block Ciphers: These encrypt chunks of data with a set size. The data gets

split into blocks, and each block gets its code. Some popular ones are the

Advanced Encryption Standard (AES) and Triple DES (3DES).

6.5 Self-Assessment Questions

1. What are the pros and cons of regular encryption in securing payment

transactions?

2. Can you give examples of widely accepted regular encryption standards in the

financial sector?

3. How do encryption keys contribute to the security of encrypted messages

during transmission?
 4. What steps can be taken to improve the security of regular encryption

implementations?

5. How does regular encryption tackle the challenges of maintaining data

integrity in payment transactions?

6. What role does the initialization vector (IV) play in regular encryption

algorithms?

7. How can organizations ensure a secure key exchange for encrypting

inter-branch payment data?

8. What are the potential weaknesses associated with regular encryption in

payment systems?

9. How does regular encryption help with regulatory compliance in the financial

industry?

10. Can you discuss the importance of continuous monitoring and updates in

maintaining the security of regular encryption practices?

6.6 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 7
Learning Objectives:

1. To understand Key Distribution & Management.

2. To understand Kerberos and certificate authorities.

Structure:

7.1 Key Distribution & Management

7.2 Kerberos and certificate authorities

7.3 Summary

7.4 Keywords

7.5 Self-Assessment Questions

7.6 References
7.1 Key Distribution & Management

1. Key Management

In the world of secret codes, sharing keys between the person sending the message

and the one receiving it is tricky. The security plan falls apart if a sneaky third person

gets hold of the key (like a copycat or someone listening in). That's why it's essential

to keep the key exchange safe.

There are two key management things to think about:

● Giving out public keys.

● Using public-key tricks to share secrets.

Let's talk about handing out public keys:

● Public Announcement: This is like shouting the public key to everyone. The

problem here is anyone can pretend to be someone else and trick others. They

can keep fooling people until someone figures out the trick.

● Publicly Available Directory: In this way, the public key is saved in a public list.

People trust these lists with details like who's signed up, who can see what, and

the key they use. Even though these lists can be checked online, they're still at

risk of being tricked or messed with.

● Public Key Authority: It's a bit like the directory, but safer. It makes sure only the

right people get the keys from the list. Users have to know the public key for the

list. When they need the keys, they check the list in real time to get the one they

want.

● Public Certification: This is where a special authority gives a certificate (it ties a

name to the public key). This way, people can share keys without always checking
 the main list. The certificate has extra info like how long it's suitable for and what

it can be used for. The certificate authority's private key signs everything in the

certificate and can be checked by anyone with the public key.

When two people want to talk safely, they both ask the certificate authority for a

certificate. This certificate has a public key and more details. Then, they swap

certificates and start talking securely.

2. Key distribution

Sharing secret keys is crucial in cryptography. In the symmetric critical approach, both

parties need a private key. Getting this key to each other used to be tricky. People

had to meet face-to-face, use a trusted courier, or send the key through an existing

encryption channel. The first two are often not practical and always risky, while the

third relies on the security of a previous key exchange.

Public key cryptography solves this differently. Public keys are shared through public

key servers. When someone creates a key pair, they keep one key private and upload

the other, called the public key, to a server. Anyone can access it to send the user a

personal, encrypted message.

Secure Sockets Layer (SSL) uses Diffie–Hellman key exchange when the client lacks a

public-private key pair and a published certificate in the public key infrastructure. If

the user has both keys and the credential, Public Key Cryptography is used.

Key distribution is a big deal in wireless sensor network (WSN) design. Various

schemes exist in the literature to ensure easy and secure communication among

sensor nodes. The most accepted method in WSNs is key redistribution. This involves

placing secret keys in sensor nodes before deployment. These private keys create the
network once the nodes are in the target area.

KDC

A Key Distribution Center (KDC) is a system that automatically shares keys to enable

connections between users, which can be computers, processes, or applications.

Each user has a unique master key that they share with the KDC.

To grasp how a KDC works, we first need to understand key hierarchies. Key

hierarchies involve at least a two-level structure when using a KDC.

The master key is used to identify the user, and a second key, known as the session

key, encrypts user communication. The session key gets encrypted using the master

key and is then sent to the clients to establish a secure connection.

Each session has a unique key, providing an extra layer of security because different

keys encrypt different traffic.

If an attacker acquires one key, they won't be able to decrypt all messages—only

those encrypted with that specific key.

In cases with numerous users, it might be necessary to have multiple KDCs. This can

be managed by assigning specific areas or IP ranges/networks to each KDC, ensuring

keys are distributed within each KDC's designated area.

When users in different areas or under different KDCs need to communicate, the

request goes to a higher hierarchical level KDC, responsible for sharing the session

key between the two users.

However, there are drawbacks to using a KDC. The main one is that the KDC must be

trustworthy and protected at all levels. If the KDC's security is compromised, all

messages can be easily discovered.

One way to address this drawback is by employing a decentralized approach to key

distribution, which, while not practical for large networks, can be helpful in a local

network.

As an example of a KDC, consider Kerberos—an authentication service developed at

MIT. Kerberos addresses the challenge of authenticating users' access requests to

various servers in a network. This is especially crucial when numerous users need

access to services spread across different servers. Kerberos functions like a KDC in

this scenario, generating session keys to establish secure connections between users

and services.

7.2 Kerberos and certificate authorities

Kerberos

Kerberos is like a security guard for computer networks. It's a protocol that checks if

requests for services between computers are legit, especially when sending

messages over an unsafe place like the Internet. To do this, it uses secret codes and a

trusted helper to ensure that you are who you say you are when you're using apps or

services.

MIT, the clever folks at the Massachusetts Institute of Technology, came up with

Kerberos in the late 1980s. Now, it's the go-to security tech for Microsoft Windows,

and you can find it in other systems like Apple OS, FreeBSD, UNIX, and Linux.
What does Kerberos do?

Kerberos ensure the right people get into a network. Whether it's a company's

network, a school's network, or even an Internet service, Kerberos has three main

jobs:

● User Check: Kerberos ensures the people trying to access the network are

legit. Only the approved folks access specific services, systems, or data.

● Single Sign-On (SSO): This nifty feature lets you log in just once, and then you

can use many different services without repeatedly entering your info.

● Central Control: Kerberos makes things easy by having a central hub, like a

Key Distribution Centre (KDC), to keep everything in check.

Kerberos keeps things safe when your computer talks to a server. Here's how it

works:

● Ask the Authentication Server (AS): Your computer kicks things off by asking

the Authentication Server to get the party started. It shows who you are.

● Get the Ticket: If all is good, the AS checks you out and hands you a special

pass called a Ticket Granting Ticket (TGT). Your secret password helps lock it

up.

● Service Time: When you want to use a specific service, like checking your

email, you show the TGT to the Ticket Granting Server (TGS).

● Get the Service Ticket: The TGS checks your TGT and hands you a Service

Ticket (ST) for your desired service. It's locked up with that service's secret

code.

● Let's Do This: You show the ST to the service, and they ensure it's legit by

checking it with the AS. You get a secret key to start the party if all goes well.
Benefits

● Super Safe: It ensures logins and security follow the rules, making it easier to

control who gets in.

● Time Limits: Every pass has a timer. This helps control when people can get in,

reducing the chance of someone sneaking in later.

● Team Effort: Kerberos lets both sides – you and the service – check each other

out. It's like making sure you're both who you say you are.

● Reuse Power: Once you've proven you're you, you can keep using your pass

for more services without repeatedly typing your details.

Certificate Authorities

A Certification Authority is vital in maintaining security in today's digital world. It's a

trusted entity responsible for creating and endorsing digital certificates, a key Public

Key Infrastructure (PKI) element. Digital certificates issued by CAs confirm the

authenticity of websites, devices, and individuals.

So, what exactly does a Certification Authority do?

It's a reliable organization that issues digital certificates containing verified

identification information to people, companies, and other entities. These

certificates act as a way to establish credibility for those who may not directly know

you or your organization.

Now, let's talk about website security. A certificate authority follows a set of rules to

ensure the integrity of certificates. Before issuing a certificate, it thoroughly

investigates the requesting entity, examining records and documentation from

official sources to verify the authenticity of the business. Once approved, the CA

issues a digital certificate, allowing the company to encrypt and digitally sign its

software, websites, and email correspondence.

As a result, a Certification Authority helps you achieve the following for your

company:

● Substantiate your organization's identity.

● Verify the legitimacy of your organization.

● Confirm the authenticity of your online presence.

How do you identify a legitimate website?

That's where the Certification Authority comes in. CAs verify websites and

organizations, protecting you from sharing sensitive information with hackers.

When you visit a secure website, your browser's URL bar should display a lock icon.

Clicking on it reveals more information, including confirmation of the site's current

certificate. You can even inspect certificate details, such as who it's issued to, who

gave it, the validity period, fingerprints, and more.

If a website shows a warning that the connection is not private and the certificate is

untrusted or invalid, it's likely a fake and unsafe to open. For the system to work

effectively, all certificates must be issued by a reputable entity, be tamper-resistant,

and include information proving their legitimacy.

7.3 Summary

❖ In the world of secret codes, sharing keys between the person sending the

message and the one receiving it is tricky. The security plan falls apart if a sneaky

third person gets hold of the key (like a copycat or someone listening in).

❖ When two people want to talk safely, they both ask the certificate authority for a

certificate.

❖ Sharing secret keys is crucial in cryptography. In the symmetric critical approach,

both parties need a private key.

❖ Public key cryptography solves this differently. Public keys are shared through

public key servers.

❖ Secure Sockets Layer (SSL) uses Diffie–Hellman key exchange when the client

lacks a public-private key pair and a published certificate in the public key

infrastructure.

❖ Key distribution is a big deal in wireless sensor network (WSN) design.

❖ The most accepted method in WSNs is key redistribution. This involves placing

secret keys in sensor nodes before deployment.

❖ A Key Distribution Center (KDC) is a system that automatically shares keys to

enable connections between users, which can be computers, processes, or

applications.

❖ When users in different areas or under different KDCs need to communicate, the

request goes to a higher hierarchical level KDC, responsible for sharing the

session key between the two users.

❖ Kerberos is like a security guard for computer networks. It's a protocol that
 checks if requests for services between computers are legit, especially when

sending messages over an unsafe place like the Internet.

❖ Kerberos ensures the people trying to access the network are legit.

❖ A Certification Authority is vital in maintaining security in today's digital world.

It's a trusted entity responsible for creating and endorsing digital certificates, a

key Public Key Infrastructure (PKI) element.

❖ A certificate authority follows a set of rules to ensure the integrity of certificates.

❖ CAs verify websites and organizations, protecting you from sharing sensitive

information with hackers.

❖ If a website shows a warning that the connection is not private and the certificate

is untrusted or invalid, it's likely a fake and unsafe to open.

7.4 Keywords

1. Key Management: In the world of secret codes, sharing keys between the

person sending the message and the one receiving it is tricky. The security

plan falls apart if a sneaky third person gets hold of the key (like a copycat or

someone listening in). That's why it's essential to keep the key exchange safe.

2. Key distribution: Sharing secret keys is crucial in cryptography. In the

symmetric critical approach, both parties need a private key. Getting this key

to each other used to be tricky. People had to meet face-to-face, use a trusted

courier, or send the key through an existing encryption channel.

3. KDC: A Key Distribution Center (KDC) is a system that automatically shares

keys to enable connections between users, which can be computers,

 processes, or applications. Each user has a unique master key that they share

with the KDC.

4. Kerberos: Kerberos is like a security guard for computer networks. It's a

protocol that checks if requests for services between computers are legit,

especially when sending messages over an unsafe place like the Internet.

5. Certification Authority: A Certification Authority is vital in maintaining

security in today's digital world. It's a trusted entity responsible for creating

and endorsing digital certificates, a key Public Key Infrastructure (PKI)

element.

7.5 Self-Assessment Questions

1. What does a Key Distribution Center (KDC) do in security protocols?

2. How does Kerberos improve authentication and make communication safe in

a network?

3. How does Kerberos stop replay attacks in a network?

4. Explain giving and checking certificates in a Public Key Infrastructure (PKI).

5. What problems does Key Distribution face in extensive distributed systems,

and how does KDC deal with them?

6. What security advantages do certificate revocation lists (CRLs) bring in a PKI

infrastructure?

7. How does using session keys improve security in Kerberos-based

authentication?

8. What does the Ticket Granting Service (TGS) do in the Kerberos

 authentication model?

9. Explain the idea of trust hierarchy when it comes to certificate authorities.

10. How do you manage key distribution in asymmetric critical encryption

systems?

7.6 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 8
Learning Objectives:

1. To understand public Key Cryptography.

2. To understand Message Authentication.

Structure:

8.1 Public Key Cryptography and Message Authentication

8.2 Summary

8.3 Keywords

8.4 Self-Assessment Questions

8.5 References
8.1 Public Key Cryptography and Message Authentication

Public-key cryptography, also known as asymmetric cryptography, involves using pairs

of keys that are related. Each pair has a public key and a matching private key. These

keys are made using special math functions that only go one way. The safety of

public-key cryptography depends on keeping the confidential key secret, while the

public key can be shared openly without causing any security issues.

In a public-key encryption system, anyone with the public key can make a message

secret by encrypting it, turning it into ciphertext. But only those who have the

matching private key can change the ciphertext back to the original message. For

example, a journalist might put the public key on a website, letting sources send

secret messages to the news organization in ciphertext. With the private key, the

journalist can read the messages, keeping them safe from people trying to listen.

Public-key encryption is key because it doesn't keep secret details, such as the

message's origin or send time. It doesn't reveal the sender's identity either; it simply

conceals the message in a code requiring a private key.

In a digital signature setup, the sender uses a private key and the message to create a

signature. Armed with the matching public key, the recipient can check if the

signature aligns with the message. However, a forger lacking the private key cannot

produce a valid message/signature pair. For instance, a software publisher can create

a signature key pair, incorporating the public key in installed software. Updates

signed with the private key can be verified using the public key, ensuring the

authenticity of the update.

Public vital algorithms form the foundation of modern cryptosystems, ensuring

electronic communications and data storage confidentiality, authenticity, and

non-repudiability. They are integral to various Internet standards, including Transport

Layer Security (TLS), SSH, S/MIME, and PGP. Some algorithms facilitate key

distribution and secrecy, while others focus on digital signatures. Despite being

slower than symmetric encryption, asymmetric encryption is widely combined with

symmetric encryption in today's cryptosystems.

Applications:

Applications of public-key cryptography include encrypting communication for

confidentiality, where the sender encrypts a message using the recipient's public key.

Digital signatures provide sender authentication, while non-repudiation systems use

digital signatures to prevent disputes over the authorship of documents or

communications. Additional applications include digital cash,

password-authenticated vital agreements, time-stamping services, and

non-repudiation protocols.

Message Authentication

Message Authentication is about ensuring a message has been kept intact while it's

being sent. It's like double-checking to be sure the message is from who it says it's

from and that it has been fixed during its trip. The whole point is to guarantee the

message is genuine and has yet to be messed with. Ensuring authentic messages

come from the right source is essential for safe communication. Let's talk about a few

ways to do that and a quick look at a handshake thing:

● Digital Signatures: When you send a message with a digital signature, you use
 your secret key to make a unique mark. The person getting it can check this

mark using your public key, making sure the message is genuine and not

messed with.

● Message Authentication Codes (MACs): The sender and receiver share a

secret key. The sender uses it to make a code (MAC) for the message, and

they send it together. The receiver checks the code using the shared key,

making sure the message is safe.

● Hash Functions: Hash functions make a fixed-size code for a message. Even a

tiny change in the message makes a big difference in this code. People often

use hash functions with other methods to keep messages safe.

● Public Key Infrastructure (PKI): PKI uses digital certificates from a trusted

Certificate Authority (CA). The CA's signature on the certificate checks the

certificate owner's identity, ensuring communication between them is secure.

Handshake Mechanism

This is like a friendly chat between two parties to set up a secure way to talk. It goes

like this:

● Initialization: The talk starts with both sides saying they want to chat safely.

● Agreement on Parameters: They agree on how to keep the chat secret, like

what codes and keys to use.

● Key Exchange: They share secret keys safely so nobody else can grab them.

There are different ways to do this, like the Diffie-Hellman dance.

● Authentication: They check each other's IDs to ensure nobody sneaky is

jumping in. This could be with signatures, certificates, or further safety

 checks.

● Secure Communication: Once everything checks out, they start their safe chat

using the agreed-upon codes and keys.

8.2 Summary

❖ Public-key cryptography, also known as asymmetric cryptography, involves using

pairs of keys that are related.

❖ The safety of public-key cryptography depends on keeping the confidential key

secret, while the public key can be shared openly without causing any security

issues.

❖ In a public-key encryption system, anyone with the public key can make a

message secret by encrypting it, turning it into ciphertext.

❖ Public-key encryption is key because it doesn't keep secret details, such as the

message's origin or send time.

❖ In a digital signature setup, the sender uses a private key and the message to

create a signature.

❖ Public vital algorithms form the foundation of modern cryptosystems, ensuring

electronic communications and data storage confidentiality, authenticity, and

non-reputability.

❖ Applications of public-key cryptography include encrypting communication for

confidentiality, where the sender encrypts a message using the recipient's public

key.

❖ Message Authentication is about ensuring a message has been kept intact while
 it's being sent.

❖ Ensuring authentic messages come from the right source is essential for safe

communication.

❖ PKI uses digital certificates from a trusted Certificate Authority (CA).

8.3 Keywords

1. Public-key cryptography: Public-key cryptography, also known as asymmetric

cryptography, involves using pairs of keys that are related. Each pair has a

public key and a matching private key. These keys are made using special

math functions that only go one way.

2. Message Authentication: Message Authentication is about ensuring a

message has been kept intact while it's being sent. It's like double-checking to

be sure the message is from who it says it's from and that it has been fixed

during its trip.

3. Public Key Infrastructure (PKI): PKI uses digital certificates from a trusted

Certificate Authority (CA). The CA's signature on the certificate checks the

certificate owner's identity, ensuring communication between them is secure.

8.4 Self-Assessment Questions

1. What's public key cryptography, and how's it different from symmetric key

cryptography?

2. Tell me about message authentication and why it's crucial for secure

communication.
 3. Why do we use message authentication codes (MAC) in cryptographic

systems, and what are their primary goals?

4. Explain the basics of digital signatures in public key cryptography.

5. How does the handshake process help establish a secure communication

channel?

6. Compare symmetric key and asymmetric key algorithms in the context of

message authentication.

7. What role does a digital certificate play in public key cryptography message

authentication?

8. Define a one-way hash function and its importance in message

authentication.

9. How do hash functions ensure the integrity of messages in cryptographic

protocols?

10. What vulnerabilities might occur in message authentication, and how can we

deal with them?

8.5 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 9
Learning Objectives:

1. To understand Hash function.

2. To understand Public-Key Cryptography Principles.

Structure:

9.1 Hash function

9.2 Public-Key Cryptography Principles

9.3 Summary

9.4 Keywords

9.5 Self-Assessment Questions

9.6 References
9.1 Hash function

A hash function is like a virtual tool that uses math to change a bunch of letters

(called a "message") into a specific string with a set number of characters (known as

a hash value or just a hash).

So, hashing means you're feeding an input into a formula, and it spits out an output

message with a fixed length. No matter how long the input is, the output will always

have the same number of letters and numbers in a specific order.

People use hashing to make sure data is accurate. If you tweak the message even a

little, the hash value becomes different.

These hash functions are essential tools in fancy computer safety (cryptography).

They help check if transactions, messages, and digital signatures are legit.

Hashing is usually a one-way thing. Turning a message into a hash is easy, but it's

hard to go backwards and get the original message. That takes a lot of computer

power.

This difficulty is crucial for things like Bitcoin. It uses proof-of-work systems, and the

toughness of reversing hashes keeps its blockchain secure.

So, why do we even need hash functions?

● Standard Length: When you hash a message, whether your big or small file

doesn't matter. The math thing makes the output a set length.

● Ensure Data Is Real: Imagine sending a digital message or document. You want to

make sure it gets right on the way. You could send it many times for the other

person to check, but that's only possible if it's a small file. Hash functions make it
 easier. They turn the data into a shorter set of characters, and the sender and

receiver can quickly check if the data is the same by looking at the hashes.

● Verify It's Real: Think about sending an email. It could get grabbed easily,

especially on a not-safe Wi-Fi. The person getting the email won't know if

someone changed it on the way (a "Man-in-the-Middle" attack). But, if the

sender signs the email with their digital signature and mixes it with the email

contents using a hash function, the receiver can check the hash data. If the hash

they make matches the one from the sender, the email is acceptable. Something

changes if they don't match, and the email isn't real.

What are some types of hashing?

● SHA-1

Developed by the National Security Agency (NSA), SHA-1 is a Federal Information

Processing Standard. It is typically shown as a 40-digit hexadecimal number.

● MD5

MD5, or Message Digest Algorithm 5, is a popular hash function created by Ronald

Rivest. It generates a 128-bit hash value, usually shown as a 32-character

hexadecimal number. Like MD4, MD5 has some weaknesses, and people have

conducted collision attacks against it. Nowadays, it's not considered safe for

cryptographic use, and experts suggest using more secure hash functions such as

SHA-256 or SHA-3 for applications that need robust security.

 ● MD4

MD4 is short for Message Digest Algorithm 4. Ronald Rivest made it back in 1990,

and it's a special kind of tool for hiding information. Think of it like a magic recipe

that turns any number of words or data into a secret code with precisely 32 letters

and numbers, all in a particular format called hexadecimal. So, MD4 transforms

whatever you give it into a 128-bit hash value, like a secret code that's 32 characters

long.

9.2 Public-Key Cryptography Principles

Public key cryptography is crucial for keeping information private, mainly because it

deals with how keys are shared between users for secure connections. It also

involves digital signatures, which help verify the identities of users.

Public key cryptography originated from trying to solve problems with symmetric

encryption, which involved distributing keys. In symmetric encryption, both

communicants needed to share a key, creating the challenge of secure key

distribution.

On the other hand, public key cryptography uses asymmetric algorithms that rely on

two keys: one for encryption and another related key for decryption. The key

features of these algorithms are:

It's nearly impossible to determine the decryption key with only knowledge of the

algorithm and encryption key.

Two related keys: one for encryption and the other for decryption.
A public key encryption system includes:

● Plaintext: The readable message or information input into the algorithm.

● Encryption algorithm: Performs various transformations on the plaintext.

● Public and Private keys: A set of keys for encryption and decryption.

● Ciphertext: The scrambled message is generated as output, dependent on the

plaintext and key.

● Decryption Algorithm: Takes the ciphertext and matching key to produce the

original plaintext.

Keys in public key cryptography are extensive, such as 512, 1024, or 2048 bits, and

are stored in devices like USB tokens or hardware security modules.

A significant concern in public key cryptosystems is the potential for an attacker to

impersonate a legitimate user, replacing the public key with a fake one or

intercepting connections.

Public key cryptography is vital for online services like payment and e-commerce,

ensuring the authenticity of public keys and user signatures. Asymmetric

cryptosystems must handle security services like confidentiality, authentication,

integrity, and non-repudiation, with the public key supporting non-repudiation and

authentication. Privacy and integrity, considered part of the encryption process, are

maintained by the user's private key.

RSA and Digital Signatures

Digital Signature

Digital signatures are a modern way to sign documents electronically. They make sure

that the intended user sends the message without any changes from third parties
(attackers). In simple terms, digital signatures confirm the authenticity of

electronically sent messages.

RSA

RSA stands for Rivest-Shamir-Adleman, and it's a popular way to encrypt messages.

It's commonly used for creating digital signatures, too. Let's break down how RSA

works for digital signatures, step by step. Imagine there's a sender (A) and a receiver

(B). A wants to send a message (M) to B, along with a digital signature (DS) calculated

for the message.

● Step 1: A uses SHA-1 Message Digest Algorithm to figure out the message

digest (MD1) for the original message (M).

● Step 2: A then encrypts the message digest with its private key, creating the

Digital Signature (DS) of A.

● Step 3: A sends both the digital signature (DS) and the original message (M)

to B.

● Step 4: When B gets the Original Message (M) and Digital Signature (DS) from

A, it uses the same message-digest algorithm as A to calculate its own

Message Digest (MD2) for M.

● Step 5: B uses A's public key to decrypt the digital signature. This results in the

original Message Digest (MD1) calculated by A.

● Step 6: If MD1 equals MD2, it confirms two things: B accepts the original

message as correct from A, and it proves that the message came from A, not

someone pretending to be A.
This process shows that the original message wasn't tampered with. Even if someone

tries to alter the message, they can't sign it with A's private key because only A

knows it. So, RSA signatures are strong and reliable.

RSA Signature Attacks: While RSA is secure, attackers can attempt some attacks.

● Chosen-message Attack: Attacker convinces the user to sign two different

messages and combines them to claim the user signed a third message.

● Key-only Attack: Assumes the attacker has the public key and tries to make a

signature valid on a different message.

● Known-message Attack: Tries to combine signatures from two different

messages. RSA remains strong against these attacks.

● RSA for Digital Signatures: RSA is widely used for digital signatures due to its

strong security and efficiency. Digital signatures ensure document

authenticity by verifying they haven't been altered. The process involves

hashing, signing, and verification using public and private keys. RSA's security

relies on the complexity of factoring large prime numbers, making it suitable

for various applications like secure email and electronic commerce.

9.3 Summary

❖ A hash function is like a virtual tool that uses math to change a bunch of letters

(called a "message") into a specific string with a set number of characters (known

as a hash value or just a hash).

❖ Hashing is usually a one-way thing. Turning a message into a hash is easy, but it's

hard to go backwards and get the original message.

❖ When you hash a message, whether your big or small file doesn't matter.

❖ Developed by the National Security Agency (NSA), SHA-1 is a Federal Information

Processing Standard. It is typically shown as a 40-digit hexadecimal number.

❖ MD5, or Message Digest Algorithm 5, is a popular hash function created by

Ronald Rivest.

❖ MD4 is short for Message Digest Algorithm 4. Ronald Rivest made it back in 1990,

and it's a special kind of tool for hiding information.

❖ Public key cryptography is crucial for keeping information private, mainly because

it deals with how keys are shared between users for secure connections.

❖ Public key cryptography originated from trying to solve problems with symmetric

encryption, which involved distributing keys.

❖ Keys in public key cryptography are extensive, such as 512, 1024, or 2048 bits,

and are stored in devices like USB tokens or hardware security modules.

❖ A significant concern in public key cryptosystems is the potential for an attacker

to impersonate a legitimate user, replacing the public key with a fake one or

intercepting connections.

❖ Public key cryptography is vital for online services like payment and e-commerce,

ensuring the authenticity of public keys and user signatures.

❖ Privacy and integrity, considered part of the encryption process, are maintained

by the user's private key.

❖ Digital signatures are a modern way to sign documents electronically. They make

sure that the intended user sends the message without any changes from third

parties (attackers).

❖ RSA stands for Rivest-Shamir-Adleman, and it's a popular way to encrypt

 messages. It's commonly used for creating digital signatures, too.

9.4 Keywords

1. Hash function: A hash function is like a virtual tool that uses math to change a

bunch of letters (called a "message") into a specific string with a set number of

characters (known as a hash value or just a hash).

2. Public key cryptography: Public key cryptography is crucial for keeping

information private, mainly because it deals with how keys are shared between

users for secure connections. It also involves digital signatures, which help verify

the identities of users.

3. Digital signatures: Digital signatures are a modern way to sign documents

electronically. They make sure that the intended user sends the message without

any changes from third parties (attackers). In simple terms, digital signatures

confirm the authenticity of electronically sent messages.

4. RSA: RSA stands for Rivest-Shamir-Adleman, and it's a popular way to encrypt

messages. It's commonly used for creating digital signatures, too.

9.5 Self-Assessment Questions

1. Explain the term "collision" when talking about hash functions.

2. How is SHA-1 different from MD4 and MD5 regarding security, and how are

they used?

3. Why is the "160-bit" output in SHA-1 significant?

4. Tell me about the main characteristics of MD4 and MD5 hash algorithms.
 5. How does MD5's security get compromised, and why is it considered

outdated?

6. How does the RSA key size impact its encryption security?

7. Describe the process of creating a digital signature using RSA.

8. What challenges come with using MD5 in digital signatures?

9. How does the deprecation of SHA-1 affect digital signature security?

10. Can you give an example scenario where public-key cryptography and digital

signatures are crucial for secure communication?

9.6 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 10
Learning Objectives:

1. To understand Packet filters.

2. To understand Application-level gateways.

Structure:

10.1 Packet filters

10.2 Application-level gateways

10.3 Encrypted tunnels

10.4 Web security problem

10.5 Summary

10.6 Keywords

10.7 Self-Assessment Questions

10.8 References
10.1 Packet filters

This thing operates in the network part of the OSI Model. It looks at each packet and

checks some rules (based on what's in the IP and transport header fields). Depending

on what it finds, it sends the packet or tosses it away.

This packet filter firewall manages the entry to packets by looking at where they

come from and where they're going or by checking the specific type of transport

protocol. This happens at the OSI (Open Systems Interconnection) data link, network,

and transport layers. This packet filter firewall does its thing in the network layer of

the OSI model.

These packet filters only care about the most basic details of each packet, and they

don't have to remember anything about the traffic because they examine each

packet on its own. That's why they can decide what to do with a packet fast.

Here's an example: You can set it up to block all those UDP things and any Telnet

connections. Doing this stops folks from logging into the inside stuff using Telnet and

insiders from logging into stuff outside using Telnet connections.

10.2 Application-level gateways

An application-level gateway, also known as a bastion host, functions at the

application level. On a single host, multiple application gateways can run, with each

gateway operating as a distinct server having its processes.

These firewalls, often referred to as application proxies, offer a high level of security

for data connections. They can inspect every layer of communication, including

application data.
Let's take the example of an FTP service. This service uses commands like getting a

file, putting a file, listing files, and navigating through a directory tree. Some system

admins may block specific commands like "put" while allowing "get" commands,

restricting the listing to specific files, or preventing the user from changing out of a

particular directory. The proxy server acts as an intermediary, mimicking both sides

of this protocol exchange. For instance, it might accept "get" commands and reject

"put" commands.

Here's how it works:

Step 1: The user connects to the application gateway using a TCP/IP application like

HTTP.

Step 2: The application gateway inquires about the remote host the user wants to

connect to and requests the user ID and password needed to access the gateway's

services.

Step 3: After confirming the user's authenticity, the application gateway accesses the

remote host on behalf of the user to transmit the packets.

10.3 Encrypted tunnels

Securing networks is super important, and encrypted tunnels play a significant role.

They make a safe and private path for communication between two points, even on a

not-so-trustworthy network like the Internet. These tunnels protect your data from

prying eyes, tampering, and unauthorized access. Let's break down some critical

things about encrypted tunnels in network security:

Encrypted tunnels are set up to ensure that data travelling between two points on a

network stays private and untouched. They create a secure road for data to travel on,

making it challenging for anyone to intercept or mess with it.

Types of Encrypted Tunnels:

● Site-to-Site Tunnels: Connect entire networks securely, often used for joining

branch offices.

● Remote Access Tunnels: Let individual users connect safely to a network from

a far-off place, like in VPNs for people working from home or on the go.

● VPN (Virtual Private Network): VPNs are like the practical side of encrypted

tunnels. They make a secure connection over the Internet, and you can use

them for all sorts of things, like connecting remotely, linking up different sites,

and keeping communication safe in a spread-out organization.

● Tunneling Protocols: Tunnelling is the process of wrapping up and securing

data for the trip through an encrypted tunnel. There are different ways to do

this, like the Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling

Protocol (L2TP), and OpenVPN.

● Security Considerations: To keep encrypted tunnels safe, it's essential to keep

the encryption methods current, use robust cryptographic algorithms, and

handle keys properly. This helps make sure everything stays secure.
Cookies

When cruising the internet, a web server sends little messages called cookies to your

web browser. These cookies help the server keep tabs on what you're up to on a

specific website. A cookie is a tiny nugget of info that a website tucks away on your

computer. It comes into play when you revisit the site later. Your browser shoots this

info back to the website.

Your web browser stashes this message in a text file, and the message returns to the

server every time your browser asks for a page from that server. The whole point of

cookies is to recogniserecognizing users and create personalized web pages.

The name "cookie" comes from these things in UNIX called magic cookies. They're

like tokens attached to a user or program, changing based on where the user or

program goes.

But don't fret about cookies causing mischief on your computer. They're just plain

text files that are not fancy plugins or programs that can be deleted anytime. Cookies

can't pull off virus shenanigans, and they can't snoop around your hard drive.

They can't peek into your hard drive to dig up info about you. However, any personal

details you hand over to a website, like credit card info, end up stored in a cookie

unless you've switched off cookies for privacy reasons. But here's the catch: the

cookie only holds info you willingly share with the website.
10.4 Web security problem

The issue with web security has three main parts:

1 Securing the Web Server and Its Data: It's crucial to keep the web server

running smoothly. Also, we need to ensure that the information on the server

stays unchanged without proper authorization. Plus, we want to limit who gets

access to this information.

2 Securing Data Between the Web Server and the User: We want to guarantee

that the info users share with the web server (like usernames, passwords, or

financial details) remains confidential and untouched by others. Some network

technologies are at risk of eavesdropping, as the information is broadcast to

every computer on the local area network.

3 Securing the User's Computer: It's essential to assure users that downloading

information, data, or programs won't harm their systems. If they do, they

might be able to use the service. We also want to ensure that downloaded

information is controlled based on the user's license agreement and copyright.

Apart from these concerns, there are other challenges, like:

● Verifying User and Server Identities: Confirm that the user is who they claim

to be and that the server is legitimate.

● Ensuring Timely and Reliable Message Exchange: Messages between the

client and server should be passed promptly, reliably, and without replay.

● Logging and Auditing Transactions: Keeping records of transactions for billing,

conflict resolution, preventing denial of involvement, and investigating

 misuse.

● Balancing Load Among Multiple Servers: Distributing the workload efficiently

among several servers.

Addressing these concerns effectively involves collaborating with our three main

components and the underlying network and operating system framework.

10.5 Summary

❖ Packet filter firewall manages the entry to packets by looking at where they come

from and where they're going or by checking the specific type of transport

protocol.

❖ An application-level gateway, also known as a bastion host, functions at the

application level.

❖ The proxy server acts as an intermediary, mimicking both sides of this protocol

exchange.

❖ The user connects to the application gateway using a TCP/IP application like HTTP.

❖ The application gateway inquires about the remote host the user wants to

connect to and requests the user ID and password needed to access the

gateway's services.

❖ Securing networks is super important, and encrypted tunnels play a significant

role.

❖ Encrypted tunnels are set up to ensure that data travelling between two points

on a network stays private and untouched.

❖ Connect entire networks securely, often used for joining branch offices.
❖ Tunnelling is the process of wrapping up and securing data for the trip through an

encrypted tunnel.

❖ To keep encrypted tunnels safe, it's essential to keep the encryption methods

current, use robust cryptographic algorithms, and handle keys properly.

❖ When cruising the internet, a web server sends little messages called cookies to

your web browser.

❖ A cookie is a tiny nugget of info that a website tucks away on your computer.

❖ The name "cookie" comes from these things in UNIX called magic cookies.

❖ : It's crucial to keep the web server running smoothly.

10.6 Keywords

1. Packet filters: This thing operates in the network part of the OSI Model. It looks

at each packet and checks some rules (based on what's in the IP and transport

header fields). Depending on what it finds, it sends the packet or tosses it away.

2. Application-level gateway: An application-level gateway, also known as a bastion

host, functions at the application level. On a single host, multiple application

gateways can run, with each gateway operating as a distinct server having its

processes.

3. Encrypted tunnels: Securing networks is super important, and encrypted tunnels

play a significant role. They make a safe and private path for communication

between two points, even on a not-so-trustworthy network like the Internet.

4. Cookies: When cruising the internet, a web server sends little messages called

cookies to your web browser. These cookies help the server keep tabs on what

you're up to on a specific website.

10.7 Self-Assessment Questions

1. What's the primary job of packet filters in keeping networks safe?

2. How do packet filters work on the network layer to manage data flow?

3. Can packet filters look into the actual content of data packets, or do they

mainly check the headers?

4. Tell me about the part that application-level gateways play in network

security.

5. How are application-level gateways different from packet filters when it

comes to what they do?

6. Which types of applications and protocols do application-level gateways

usually support?

7. What's the purpose of encrypted tunnels in securing how networks

communicate?

8. How does using encrypted tunnels make sure that data transmission stays

confidential?

9. Tell me about the standard encryption protocols used to create secure

tunnels.

10. How do cookies make the web more secure, and what information do they

keep?
10.8 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 11
 Learning Objectives:

1. To understand Secure Communication.

2. To understand Distribution Lists and Key Management.

Structure:

11.1 The Secure Communication

11.2 Distribution Lists and Key Management

11.3 Summary

11.4 Keywords

11.5 Self-Assessment Questions

11.6 References
11.1 The Secure Communication

Group key management is a new technology used in an organization's internet and

intranet. Many applications and terminals share access to folders, videos,

multimedia, audio, and conferences. Members within and between groups can

exchange information through various channels like video conferencing, internet

relay chat, point-to-point, and multicast traffic.

The main challenge in group communication is the efficient generation of secure

keys. Supervisors in different departments (A, B, C, and D) have specific permissions.

For instance, if an employee in department A shares work progress, supervisors in B

and C cannot access or decrypt the message due to security measures. However, all

supervisors can securely share messages.

In another scenario, an organization with departments like sales, purchase, personal,

R&D, and accounts faces challenges in securely transmitting information between

teams. For example, when a personal team member needs to send information to

the accounts team, encryption with a shared key is essential. Only the accounts team

can decrypt the information, ensuring secure communication within and between

groups.

The key issues in group communication involve key regeneration and encryption with

shared keys, particularly for inter-group applications. When a member in one team

needs to send a message readable only by another team, a new shared key is

generated and shared. However, this process can lead to communication overhead.

In the related work section, various strategies for secure group communication are

discussed. Authors have proposed different protocols and mechanisms, highlighting

challenges and advantages. Centralized key management schemes face the single

point of failure problem, leading to the suggestion of forming subgroups within

groups, managed by a Group Security Agent (GSA).

The proposed polynomial-based key management introduces a scheme for securing

both inter-group and intra-group networks. Two types of polynomials (P and H(x)) are

used for intra-group and inter-group keys, respectively. The process involves dividing

intra-group members into subgroups, controlling each subgroup with a master,

sharing keys using polynomials, and securely transmitting information.

The evaluation section examines the security and efficiency of the proposed key

management. It addresses security against passive and active attacks, the creation of

group and subgroup controllers, and the overhead involved. The use of polynomials

helps minimize storage and communication overhead, providing a more efficient and

secure solution for group communication.

11.2 Distribution Lists and Key Management

Key management is crucial for securing data. Encryption keys play a vital role in

encrypting and decrypting data. If any encryption key is lost or compromised, it could

jeopardize the security measures in place. Keys also ensure secure data transmission

over the internet. Authentication methods, like code signing, can be exploited by

attackers pretending to be trusted services, leading to potential malware threats.

Keys also help in complying with standards and regulations, ensuring companies

follow best practices in safeguarding cryptographic keys. Well-protected keys are

accessible only to authorized users.

Types of Keys

There are two main types of cryptographic keys: symmetric and asymmetric.

Symmetric keys are used for data-at-rest, where data is stored in a static location, like

a database. Symmetric key encryption involves using the same key for both

encryption and decryption. Asymmetric keys, on the other hand, use two separate

keys – a public key for encryption and a private key for decryption. Asymmetric keys

focus on encrypting data-in-motion, which is data sent across a network connection.

How Key Management Works

Key management follows a lifecycle involving key generation, distribution, use,

storage, rotation, backup/recovery, revocation, and destruction. Secure key

generation is crucial, as weak algorithms or insecure locations can compromise keys.

Distribution should occur through secure TLS or SSL connections to prevent

unauthorized access. Keys are used by authorized users, and after encryption, they

must be securely stored, often in a Hardware Security Module (HSM) or CloudHSM.

Key rotation ensures keys are regularly replaced for enhanced security.

Compliance and Best Practices

Compliance standards and regulations, such as NIST, PCI DSS, FIPS, and HIPAA,

require adherence to best practices for key management. Some key practices include

avoiding hard-coding keys, applying the principle of least privilege, using HSMs for

secure key storage, implementing automation for key lifecycle processes, creating

and enforcing security policies, separating duties related to key management, and
splitting keys into multiple portions for added security.

Encryption Consulting Training and Blogs

Encryption Consulting offers various methods for establishing a successful encryption

key management system. Monthly webinars cover key management, public key

infrastructure (PKI), and more. Assessments and training are provided for HSMs, PKIs,

and compliance standards. Weekly blogs offer insights into best practices for key

management and different aspects of data security.

11.3 Summary

❖ Group key management is a new technology used in an organization's internet

and intranet. Many applications and terminals share access to folders, videos,

multimedia, audio, and conferences.

❖ The main challenge in group communication is the efficient generation of secure

keys. Supervisors in different departments (A, B, C, and D) have specific

permissions.

❖ In another scenario, an organization with departments like sales, purchase,

personnel, R&D, and accounts faces challenges in securely transmitting

information between teams.

❖ The key issues in group communication involve key regeneration and encryption

with shared keys, particularly for inter-group applications. When a member in

one team needs to send a message readable only by another team, a new shared

key is generated and shared.

❖ In the related work section, various strategies for secure group communication

are discussed. Authors have proposed different protocols and mechanisms,

highlighting challenges and advantages.

❖ The proposed polynomial-based key management introduces a scheme for

securing both inter-group and intra-group networks.

❖ The evaluation section examines the security and efficiency of the proposed key

management. It addresses security against passive and active attacks, the

creation of group and subgroup controllers, and the overhead involved.

❖ Key management is crucial for securing data. Encryption keys play a vital role in

encrypting and decrypting data. If any encryption key is lost or compromised, it

could jeopardize the security measures in place.

❖ There are two main types of cryptographic keys: symmetric and asymmetric.

Symmetric keys are used for data-at-rest, where data is stored in a static location,

like a database. Symmetric key encryption involves using the same key for both

encryption and decryption. Asymmetric keys, on the other hand, use two

separate keys – a public key for encryption and a private key for decryption.

Asymmetric keys focus on encrypting data-in-motion, which is data sent across a

network connection.

❖ Key management follows a lifecycle involving key generation, distribution, use,

storage, rotation, backup/recovery, revocation, and destruction. Secure key

generation is crucial, as weak algorithms or insecure locations can compromise

keys. Distribution should occur through secure TLS or SSL connections to prevent

unauthorized access.

❖ Compliance standards and regulations, such as NIST, PCI DSS, FIPS, and HIPAA,
 require adherence to best practices for key management.

❖ Encryption Consulting offers various methods for establishing a successful

encryption key management system. Monthly webinars cover key management,

public key infrastructure (PKI), and more

11.4 Keywords

1. Key Management: The primary focus of the entire text revolves around the

concept of key management. It encompasses the generation, distribution, use,

storage, rotation, and security measures associated with cryptographic keys used

in various applications and protocols.

2. Polynomial-based Key Management: The proposed method introduces a novel

approach using polynomials (P and H(x)) for securing both inter-group and

intra-group networks. This approach involves dividing intra-group members into

subgroups, controlling each subgroup with a master, sharing keys using

polynomials, and securely transmitting information.

3. Communication Overhead: One of the key challenges mentioned in group

communication is the occurrence of communication overhead, especially in the

context of key regeneration and encryption with shared keys. This emphasizes the

need to minimize unnecessary data traffic and processing for more efficient

group communication.

4. Compliance and Best Practices: The text underscores the importance of adhering

to compliance standards and best practices in key management. It discusses the

significance of avoiding hard-coding keys, implementing the principle of least

 privilege, using HSMs for secure storage, and other practices to ensure the

security and integrity of cryptographic keys.

11.5 Self-Assessment Questions

1. How does group key management contribute to secure communication in an

organization's internet and intranet?

2. What are the various challenges faced in group communication, particularly in

terms of generating efficient and secure keys?

3. In the context of departmental supervision, explain how the security measures

prevent unauthorized access to messages shared within different departments.

4. Can you elaborate on the role of encryption with shared keys in ensuring secure

communication between teams within an organization?

5. Discuss the key issues related to group communication, specifically focusing on

key regeneration and encryption with shared keys for inter-group applications.

6. How does the proposed polynomial-based key management scheme aim to

address the security concerns in both inter-group and intra-group networks?

7. What are the key components of the key management lifecycle, and why is

secure key generation considered crucial in this process?

8. Explain the significance of avoiding hard-coding keys and implementing the

principle of least privilege in compliance with key management best practices.

9. How do symmetric and asymmetric keys differ, and in what scenarios are they

used in cryptographic key management?

10. In what ways does Encryption Consulting provide methods and resources for
 establishing a successful encryption key management system, as mentioned in

the text?

11.6 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 12
 Learning Objectives:

1. To understand the Security Assurance in Communication

2. To understand the Pretty Good Privacy (PGP)

Structure:

12.1 Security Assurance in Communication

12.2 Summary

12.3 Keywords

12.4 Self-Assessment Questions

12.5 References
12.1 Security Assurance in Communication

With the expansion of telecommunication networks, communities become more

dependent on networks, exposing them to increased vulnerability to cyber-attacks

that may disrupt, degrade, or destroy essential services. The evolution of information

assurance has been a crucial response to this growing threat, tracing its roots back to

the 1950s with the development of WWMCCS military decision support systems.

Initially, information assurance primarily involved data backup. As data volumes

increased, automation became integral, reducing operator intervention and enabling

instant backups. The latest advancement includes distributed systems like SANs and

NAS, coupled with cloud computing technologies.

Information assurance is closely tied to the progress of information technologies,

categorized into three generations: preventing intrusions, detecting intrusions, and

ensuring survivability. It embodies a collaborative effort across sectors, facilitating

the free and equal exchange of ideas.

The five pillars of information assurance—availability, integrity, authentication,

confidentiality, and non-repudiation—are crucial in safeguarding systems while

efficiently providing services. These pillars are interconnected, impacting each

other's goals. They have evolved to be recognized as the pillars of Cyber Security,

emphasizing their significance in maintaining service and privacy balance.

Authentication involves verifying the validity of transmissions, originators, or

processes within an information system. It instills confidence in both the sender's

validity and the message's authenticity. Bolstering authentication includes personally

identifiable information, access to key tokens, or known information like passwords.

Integrity safeguards information from unauthorized alteration, aiming to ensure data

accuracy throughout its lifespan. User authentication plays a pivotal role in

maintaining information integrity, with redundant chip and software designs

mitigating risks.

Availability focuses on preserving data accessibility for authorized individuals.

Initially, information assurance primarily involved data backup. As data volumes

increased, automation became integral, reducing operator intervention and enabling

instant backups.

Information assurance is closely tied to the progress of information technologies,

categorized into three generations: preventing intrusions, detecting intrusions, and

ensuring survivability.

The five pillars of information assurance—availability, integrity, authentication,

confidentiality, and non-repudiation—are crucial in safeguarding systems while

efficiently providing services.

Authentication involves verifying the validity of transmissions, originators, or

processes within an information system. It instills confidence in both the sender's

validity and the message's authenticity.

Integrity safeguards information from unauthorized alteration, aiming to ensure data

accuracy throughout its lifespan. User authentication plays a pivotal role in

maintaining information integrity, with redundant chip and software designs

mitigating risks.

Availability focuses on preserving data accessibility for authorized individuals.

Measures such as backup power, spare data channels, and off-site capabilities

enhance information availability, guarding against potential breaches from power

outages or hardware failures.

Confidentiality, in contrast to integrity, shields against unauthorized access to data.

Cryptography and steganography are commonly employed for confidentiality,

adhering to regulations like HIPAA for information assurance in healthcare.

Non-repudiation ensures the integrity of data, preventing denial of actions.

Increasing non-repudiation reduces the chances of denying information from a

specific source, making it challenging to dispute data authenticity.

These pillars interact in a complex manner, sometimes impeding or boosting each

other. For example, increasing information availability can directly oppose the goals

of integrity, authentication, and confidentiality.

The information assurance process begins with enumerating and classifying assets,

followed by risk assessment. Vulnerabilities are identified, and threats capable of

exploiting assets are enumerated. A risk management plan proposes

countermeasures, involving prevention, detection, and response to threats.

Frameworks like NIST RMF guide this process, ensuring a cost-effective approach to

managing risks.

Managing risks in business involves three key processes: Risk Assessment, Risk

Mitigation, and Evaluation & Assessment. One of the methodologies businesses use

for effective risk management is Information Assurance. This approach is

implemented through information assurance policies like the "BRICK" framework,

ensuring compliance with federal and international laws, including HIPAA regulations.

Aligning information assurance with corporate strategies is crucial for effective risk

management. This alignment is achieved through training and awareness programs,

active involvement and support from senior management, and fostering

intra-organizational communication. These practices enhance internal control and

contribute to better business risk management.

Many security executives in various firms are increasingly relying on information

assurance to safeguard intellectual property, prevent potential data leakage, and

protect users from security risks. While information assurance is effective in ensuring

pillars like confidentiality and non-repudiation, there is a trade-off between security

and speed due to their conflicting nature. Incorporating information assurance into

the business model enhances reliable decision-making, builds customer trust,

ensures business continuity, and promotes good governance in both public and

private sectors.
Pretty Good Privacy:

PGP, or Pretty Good Privacy, was created by Phil Zimmermann with the aim of

providing comprehensive security for email communication. The four main security

aspects it focuses on are privacy, integrity, authentication, and non-repudiation in the

transmission of emails.

To ensure these security features, PGP employs a digital signature, combining

hashing and public key encryption. This approach guarantees integrity,

authentication, and non-repudiation. Additionally, PGP utilizes both secret key

encryption and public key encryption for privacy, involving one hash function, one

secret key, and two private-public key pairs in the digital signature process.

As an open-source software freely available for email security, PGP employs a digital

signature for authentication, symmetric block encryption for confidentiality, ZIP

algorithm for compression, and radix-64 encoding scheme for EMAIL compatibility.

At the sender's end, PGP follows specific steps to create a secure email:

1. The email message undergoes hashing using a hashing function to generate a

digest.

2. This digest is encrypted, forming a signed digest, using the sender's private key.

3. The original email message receives the signed digest as an addition.

4. Both the original message and the signed digest are encrypted using a one-time

secret key created by the sender.

5. The secret key is then encrypted using the receiver's public key.

6. The encrypted secret key and the encrypted combination of message and digest

are sent together for secure transmission.

12.2 Summary

❖ Information assurance primarily involved data backup.

❖ Availability focuses on preserving data accessibility for authorized individuals.

Initially, information assurance primarily involved data backup.

❖ Availability focuses on preserving data accessibility for authorized individuals.

❖ Confidentiality, in contrast to integrity, shields against unauthorized access to

data.

❖ These pillars interact in a complex manner, sometimes impeding or boosting each

other.

❖ Aligning information assurance with corporate strategies is crucial for effective

risk management.

❖ Many security executives in various firms are increasingly relying on information

assurance to safeguard intellectual property, prevent potential data leakage, and

protect users from security risks.

❖ PGP, or Pretty Good Privacy, was created by Phil Zimmermann with the aim of

providing comprehensive security for email communication.

❖ To ensure these security features, PGP employs a digital signature, combining

hashing and public key encryption.

12.3 Keywords

1. PGP - Pretty Good Privacy: PGP, created by Phil Zimmermann, focuses on privacy,

integrity, authentication, and non-repudiation in email transmission. It employs a

 digital signature, secret key encryption, and public key encryption for

comprehensive security.

12.4 Self-Assessment Questions

1. What's the main aim of ensuring security in communication?

2. How does keeping things private contribute to making communication secure?

3. Why is it crucial to confirm the source of information in secure communication?

4. What does non-repudiation do to make sure communication stays secure?

5. How does providing evidence of submitting something make communication

more secure?

6. What's message flow confidentiality, and why does it matter for secure

communication?

7. How does staying anonymous help keep communication protocols secure?

8. How can using secret codes make sure messages stay private in communication?

9. Explain end-to-end encryption and why it's essential for keeping messages

secure.

10. What difficulties come up when trying to make communication systems more

private?

12.5 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson
Course: MCA

Network Security and Cryptography

Module: 13
 Learning Objectives:

1. To understand the Knapsack algorithm.

2. To understand the Location of Encryption Devices.

Structure:

13.1 Knapsack algorithm

13.2 Location of Encryption Devices

13.3 Summary

13.4 Keywords

13.5 Self-Assessment Questions

13.6 References
13.1 Knapsack algorithm

The Knapsack Encryption Algorithm, also known as the Merkle-Hellman knapsack

cryptosystem, serves as a method to secure data and communications. It operates

through two keys: a public key and a private key.

History and Development:

Developed in 1978 by Ralph Merkle and Martin Hellman, the Knapsack Encryption

Algorithm gained recognition during the early days of public key cryptography. It was

considered a significant advancement due to its asymmetric-key nature, requiring

two separate keys for encryption and decryption.

However, the algorithm lost favour over time. In 1982, Adleman identified a

vulnerability exploitable with Lenstra's LLL algorithm, making knapsacks impractical.

New encryption techniques like RSA gained prominence, pushing knapsack-based

systems into historical footnotes.

Despite its decline, the Knapsack Encryption Algorithm played a vital role in shaping

modern cryptography practices, leaving a lasting impact on information security

approaches.

How it works:

The Knapsack Encryption Algorithm uses an asymmetric-key system with public and

private keys. Encryption involves converting plaintext into an unreadable form using

the public key, while decryption uses the private key to recover the original message.

The algorithm transforms information into bits multiplied with a sequence from
super-increasing integers. This produces an encrypted code, decipherable only by

someone with knowledge of the private key.

Knapsack Encryption offers quick computations compared to RSA but is vulnerable

when used alone, falling out of favour as encryption standards evolved.

Advantages and Disadvantages:

Security Features and Strengths:

The critical generation process's complexity enhances security. Private and public

keys require a challenging, super-increasing sequence to guess. Each message having

a unique random private key adds another layer of protection against known

plaintext attacks.

Knapsack encryption ensures high message confidentiality, as changing one bit

causes over half of the encrypted bits to change randomly. Brute force attacks are

impractical due to the large number of spaces, making them secure when used

correctly.

In summary, Knapsack Encryption Algorithm's security features, like complex key

generation and resistance to brute force attacks, make it suitable for cybersecurity

applications.

Potential Vulnerabilities and Weaknesses:

Despite its strengths, Knapsack Encryption has vulnerabilities. If attackers determine

a subset of the super increasing sequence in the public key, they could crack the

system. Weak random number generators or poor code implementation may also
compromise security.

Knapsack cryptography is susceptible to lattice-based cryptanalysis, where attackers

use the LLL algorithm to search for short lattice vectors. Careful implementation and

regular updates are suggested to address these vulnerabilities.

Despite concerns, knapsack encryption remains essential for information security

when properly implemented and secured against known threats.

13.2Location of Encryption Devices

Encryption devices are super important in the world of keeping information safe

online. They're like guardians placed in different spots on a computer network,

ensuring data stays private and secure from sneaky access.

One typical spot for these guardians is where the network begins and ends, like at

routers and firewalls. These devices turn data into a secret code before it leaves a

safe zone and then decode it when it reaches its destination. This way, important info

stays protected as it travels.

They're also smartly placed in communication pathways like wireless networks and

internet connections. Here, the devices turn data into code as it goes between

devices. This is super handy in case someone tries to eavesdrop. Even if they

intercept it, they will only understand something with the unique key to decode it.

These encryption guardians also hang out in storage areas, like servers or cloud

platforms. They make sure data stays safe even when it's not on the move. Turning

stored data into a secret code, even if someone breaks into the storage, they can

only understand something with the correct key.

And guess what? In private networks, like when using a VPN, these encryption

devices are there too. They make sure your chat with the network is super secure,

especially when you're dealing with hush-hush info over public networks.

13.3 Summary

❖ The Knapsack Encryption Algorithm, also known as the Merkle-Hellman knapsack

cryptosystem, serves as a method to secure data and communications.

❖ Developed in 1978 by Ralph Merkle and Martin Hellman, the Knapsack

Encryption Algorithm gained recognition during the early days of public key

cryptography.

❖ The algorithm lost favour over time. In 1982, Adleman identified a vulnerability

exploitable with Lenstra's LLL algorithm, making knapsacks impractical.

❖ Despite its decline, the Knapsack Encryption Algorithm played a vital role in

shaping modern cryptography practices, leaving a lasting impact on information

security approaches.

❖ The Knapsack Encryption Algorithm uses an asymmetric-key system with public

and private keys. Encryption involves converting plaintext into an unreadable

form using the public key, while decryption uses the private key to recover the

original message.

❖ Knapsack Encryption offers quick computations compared to RSA but is

vulnerable when used alone, falling out of favour as encryption standards

evolved.

❖ The critical generation process's complexity enhances security. Private and public
 keys require a challenging, super-increasing sequence to guess.

❖ Knapsack encryption ensures high message confidentiality, as changing one bit

causes over half of the encrypted bits to change randomly. Brute force attacks are

impractical due to the large number of spaces, making them secure when used

correctly.

❖ Despite its strengths, Knapsack Encryption has vulnerabilities. If attackers

determine a subset of the super increasing sequence in the public key, they could

crack the system.

❖ Encryption devices are super important in the world of keeping information safe

online.

❖ One typical spot for these guardians is where the network begins and ends, like

at routers and firewalls.

❖ In private networks, like when using a VPN, these encryption devices are there

too.

13.4 Keywords

1. Knapsack Encryption Algorithm: The Knapsack Encryption Algorithm, also known

as the Merkle-Hellman knapsack cryptosystem, serves as a method to secure

data and communications. It operates through two keys: a public key and a

private key.

2. Encryption Devices: Encryption devices are super important in the world of

keeping information safe online.

13.5 Self-Assessment Questions

1. What factors are important when solving a Knapsack problem?

2. How is dynamic programming applied in the Knapsack algorithm?

3. Explain the idea of optimal substructure in the Knapsack problem.

4. Why is the capacity constraint important in the Knapsack problem?

5. Explain backtracking and its role in solving the Knapsack problem.

6. How does the Knapsack problem connect to combinatorial optimization?

7. What challenges or limitations come with the Knapsack algorithm?

8. What part does the Branch and Bound technique play in optimizing the Knapsack

algorithm?

9. Discuss the trade-offs in choosing different strategies for the Knapsack problem.

10. Shifting to the Location of Encryption Devices, what factors are crucial for

strategically placing encryption devices in a network?

13.6 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson.
Course: MCA

Network Security and Cryptography

Module: 14
 Learning Objectives:

1. To understand the Viruses and malware.

Structure:

14.1 Viruses and malware

14.2 Summary

14.3 Keywords

14.4 Self-Assessment Questions

14.5 References
14.1 Viruses and malware

Malware is software that sneaks into your computer without asking and tries to take

your private information, like your bank details and passwords. It can also be

annoying by showing pop-up ads and changing your computer settings. Malware can

get into your system in different ways:

1. Free downloads

2. Clicking on suspicious links

3. Opening emails from the wrong sources

4. Visiting harmful websites

5. Not having an updated antivirus program

Different kinds of malware exist, including viruses, worms, logic bombs,

Trojans/backdoors, rootkits, advanced persistent threats, spyware, and adware.

A computer virus is a program that harms computer systems and deletes or damages

files. It copies itself to other programs, spreading on its own. The goal is to infect

weak systems, take control, and steal your sensitive data. Hackers create viruses to

trick online users. Signs that your computer might have a virus include:

● Letters falling on the screen.

● Slow performance.

● Less free memory.

● An entire hard disk.

● Boot failure.

Types of Computer Viruses:

1. Parasitic: Attaches to files and programs, e.g., Jerusalem.

 2. Boot Sector: Spreads through infected drives used to boot computers, e.g.,

Polyboot, Disk killer.

3. Polymorphic: Changes with each infection, making it hard for antivirus

programs to detect, e.g., Involutionary, Cascade.

4. Memory Resident: Installs in computer memory, damaging files when the OS

runs, e.g., Randex, CMJ.

5. Stealth: Hides after infection, making detecting it difficult, e.g., Frodo, Joshi.

6. Macro: Associated with software like Word and Excel, spreading through

infected documents, e.g., DMV, Melissa.

7. Hybrids: Combines features of various viruses, e.g., Happy99 (Email virus).

Preventing Malware: Use security solutions such as firewalls, antivirus, and data leak

prevention systems to prevent malware. Regular testing against the latest attacks

ensures effectiveness. The Cortex XDR agent provides multiple prevention methods,

independent of signatures, to stop known and unknown malware.

Malware Detection: Advanced tools like firewalls and Intrusion Prevention Systems

detect malware. Behavioural threat protection monitors endpoint activity, identifying

malicious event chains.

Malware Removal: Antivirus software removes standard infections, and Cortex XDR

allows administrators to take mitigation steps, such as isolating compromised

endpoints and blocking malicious files.

14.2 Summary

❖ People often use the terms "virus" and "malware" interchangeably, but they're

different.

❖ malware is like an umbrella term for any lousy software, no matter how it works,

what it's up to, or how it spreads.

❖ Viruses spread by hitching a ride on legitimate files and programs. They get

around through infected websites, flash drives, and emails.

❖ Adware bombards you with annoying ads, while spyware snoops around quietly

collecting info about you.

❖ To boost defences, IT pros can update and patch apps and systems. This is crucial

to fend off fileless malware, which targets app weaknesses and can't be easily

caught by antimalware.

❖ Encouraging good data security habits, like clever password use and limiting who

can access what, also helps prevent breaches.

14.3 Keywords

1. Worms: These are solo programs that copy themselves and spread through a

network. Unlike viruses, worms don't need your help; they find weak spots in

your system or come through emails pretending to be regular files. The first

worm, the Morris worm, showed up in 1988.

2. Boot Sector: Spreads through infected drives used to boot computers, e.g.,

Polyboot, Disk killer.

3. Polymorphic: Changes with each infection, making it hard for antivirus programs
 to detect, e.g., Involutionary, Cascade.

4. Memory Resident: Installs in computer memory, damaging files when the OS

runs, e.g., Randex, CMJ.

14.4 Self-Assessment Questions

1. What's a computer virus, and how is it different from malware?

2. Do viruses and malware work on any device, or are they specific to certain

types?

3. How do viruses and malware usually spread on computers?

4. What sets a worm apart from a trojan horse in the world of malware?

5. How do social engineering techniques contribute to the spread of viruses and

malware?

6. How can people shield themselves from catching viruses and malware?

7. Can you explain ransomware and how it takes advantage of computer users?

8. Are antivirus programs successful in stopping all sorts of viruses and malware?

9. What could be the impact of a denial-of-service (DoS) attack, and how is it

connected to malware?

10. How exactly do rootkits function, and why are they considered stealthy among

malwares?
14.5 References

1. Douglas Stinson, "Cryptography Theory and Practice", 2 nd Edition, Chapman &

Hall/CRC.

2. B. A. Forouzan, "Cryptography & Network Security", Tata Mc Graw Hill.

3. W. Stallings, "Cryptography and Network Security", Pearson Education.

4. Kaufman, C., Perlman, R., and Speciner, M., Network Security, Private

Communication in a public world, 2nd ed., Prentice Hall PTR., 2002.

5. Cryptography and Network Security; McGraw Hill; Behrouz A Forouzan.

6. Information Security Intelligence Cryptographic Principles and App. Calabrese

Thomson.