Scribd
Upload
68 views

1 Introduction To Network Security PDF

The document discusses network security and its key requirements: confidentiality, integrity, authentication, and availability. It outlines four major network threats: interception, modification, fabrication, and interruption. Cryptography is presented as the best way to achieve network security through encryption and decryption using keys. The two main types of cryptography discussed are private key cryptography and public key cryptography. Digital signatures are described as providing integrity, authentication, and non-repudiation on networks.

Uploaded by

sam
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
68 views

1 Introduction To Network Security PDF

The document discusses network security and its key requirements: confidentiality, integrity, authentication, and availability. It outlines four major network threats: interception, modification, fabrication, and interruption. Cryptography is presented as the best way to achieve network security through encryption and decryption using keys. The two main types of cryptography discussed are private key cryptography and public key cryptography. Digital signatures are described as providing integrity, authentication, and non-repudiation on networks.

Uploaded by

sam
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

Network Security

By: Sanjeev Rana


Networking

• Concept of exchanging information


between system

• Effective utilization of resources

• Increase the reliability


Goal of Network Security
The main security requirements of a secure
system are:
1. Confidentiality : Information must be kept
secret.
2. Integrity : Information must arrive at the
receiver exactly as they were
sent.
3. Authentication : Person who is sending the
information is the genuine
person.
4. Availability : Ability to access the information
Network Threats
Four major threats on the network for security are:

1. Interception : If someone intercept the information.


It cause threat to confidentiality
service.

A B

Interception
Network Threats

2. Modification : If A send information to B, but on the


way C modify the information. It cause
threat to the Integrity service.

A B

Modification
Network Threats Contd..
3. Fabrication : If C send information to B postulating
as A. It treat to the Authentication
service.

A B

Fabrication
Network Threats Contd..
4. Interruption : If A wants to send information to B,
but somehow either not able to or
interrupted by somebody on the
network. It cause threat to the
Availability service.

A B

Interruption
Cryptography

The best way to achieve network services is Cryptography.

• Cryptography is the art and science of concealing the


information and make it secure from attacks.

or

• It is a technique to make the information unintelligible


on the network except the intended receiver.
Cryptography Contd..
Basic component of cryptography is cryptosystem.

A Cryptosystem is a 5-tuple system

{ E, D, K, P, C }

Where,
P is a plaintext.
C is a ciphertext.
K is a set of Keys or Key space.

E:P*KC is a set of enciphering functions


D:C*KP is a set of deciphering functions
Model of a Conventional cryptosystem
X’
Cryptanalysis K’

X Y X
Sender Encryption Decryption Receiver

Secure Channel
K

Key source
Types of Cryptography

Two Types of Cryptography:

1. Private Key Cryptography


2. Public Key Cryptography
Private Key Cryptography

1. In this, sender and receiver use same key


for cipher algorithms.
2. Algorithm used for decryption is inverse of the
encryption algorithm. Thus, algorithms are
efficient and takes less time for information
transformation.
Private Key Cryptography contd..

3. The problem with private key cryptography is key

management. For n user, we need n(n-1)/2 keys.

4. One famous algorithm used in private key


cryptography is DES.
Public Key Cryptography
1. There is a keys pair for each user:
public key & private key.
Public key is known to everybody but only owner
knows the private key.
2. Encryption use public key and decryption use
private key.
Public Key Cryptography contd..
3. Algorithm used are complex in nature. So, takes
more time to transform the information.
4. Same key pair can be used for communication

with other parties. Thus, key distribution is easy.


5. The association between the user and its public

key must be verified.


6. One famous algorithm used for public key
cryptography is RSA
Digital Signature
Example:
Suppose user A want to transfer $500 to user B account.
Bank did the same and next day user A deny that he has not
sent the message.

So, what bank will do.


One more network service required on the network & that is:

• Non-repudiation: Receiver must be able to prove that a


received message came from a specific
sender. The sender must not be able to
deny sending a message that he did send.

Digital signature is the technique which provide integrity,


authentication and non-repudiation services.
Digital Signature contd..
User A
User B
Keys: Ra, Ua
Keys: Rb, Ub

E Encrypted D
M M
Message

KRa KUa

Integrity, Authentication & Non Repudiation


Digital Signature with Privacy

User A User B
Keys: Ra, Ua Keys: Rb, Ub

M E C E C D D
C M

KRb KUa
EKRa(M) EKRa(M)
KRa KUb
EKRa(M)

Integrity, Authentication, Non Repudiation & Privacy

You might also like