Transcript
04/12/23 1
CryptographyA necessity for internet security
Anu-3304APJIMTC
Introductionto
Web Security and Cryptography
Information security is basically a term that refers to the security level about keeping your information over the internet.
04/12/23 2
Following aspects are strictly to be maintained for information security over internet:IntegrityConfidentialityAuthentication
Availability , access control etc. are some other aspects to be followed.
04/12/23 3
Authentication
Availability
Confidentiality
Integrity
Cryptography –Web security Mechanism
It is an art of transforming messages to make them secure and immune to attacks.For example: scytale,Caesar cipher etc.Cryptography word has
originated from Greek word kryptos means hidden and graphy means writing.
04/12/23 4
Internet Security with Cryptography
Why we need Cryptography
Assurance of confidentiality and security of their information and need such a mechanism that can’t be compromised.
Encryption is needed so that business
organizations and individuals can rely
on internet for their sensitive and
confidential information sharing.
04/12/23 5
Vulnerabilities and attacks on information
securityKERCKHOFF’s Principle states that a system is secure even when everything ,except secret key, is known to the adversary.Cryptanalytic Attacks/Brute-Force Attack
According to above principle ,adversary has knowledge of everything except the key used to encrypt the text.In this approach,attacker can benefit from the mathematical weakness of algorithm.•Ciphertext-only attack•Known plaint-text attack•Chosen plain-text attack•Chosen cipher-text attack
04/12/23 6
Non-Cryptanalytic Attacks
In this approach,Mathematical weakness of algorithms are not explored.These attacks are passive attacks.
04/12/23 7
Following types of passive attacks are there:Snooping
unauthorized user views secret files.
DOS
Denial of service due to multiple requests.Masquerading
IP spoofing.Interception
illegal monitoring of network
traffic.
04/12/23 8
Techniques of Cryptography
Following mechanisms are used for encryption and decryption today:Symmetric-key Encipherment
A single key is used. Both sender and receiver communicates using this key.
04/12/23 9
Asymmetric Technique Two keys : Public key and private key is used. Public key of receiver is used by senders and private key is used
by him only.
04/12/23 10
Hashing Technique A fixed length digest is produced on the basis of input. Message is complete after combination of both the fixed
length digest and inputted message.
04/12/23 11
Quantum Cryptography
Quantum encryption uses light particles called photons instead of bits for transmission.
A photon can have four orientations either horizontal,vertical,45 diagonal and -45 diagonal which is used to represent a bit – and / represents a 0 bit and | and \ represents a 1 bit.
04/12/23 12
Each bit in a message is randomly translated into one of the two orientations connected with that bit.Actual message is then transmitted using fiber optics.
The receiver has filters on his end that converts message.
04/12/23 13
Merits of cryptography
• Secrecy in transmission.• Secrecy in storage.• Integrity in transmission.• Authentication of identity.
04/12/23 14
Demerits of Cryptography
Encryption is an expensive process. Doesn’t guarantees the security of information all times. Fastest Hardware is required . A trained administrator would be required . Not all operating systems are supported by EFS
04/12/23 15
04/12/23 16