Net

NETWORK SECURITY

INTRODUCTIONNETWORK is an interconnected collection of

autonomous computers

Two computers are said to be interconnected, if they are able to exchange information

If one computer can forcibly start or stop or control another one, then the computers are

not autonomous.

A typical Computer Network

ADVANTAGE OF NETWORKSInformation can be send quickly through

different computers and can share dataFor Example, A Company can share files or

data without need to use some external devices to carry the data.

DIS-ADVANTAGE OF NETWORKS

When we are sending the data between the computers any other person may watches or modifies confidential message.

For Example, some unauthorized user may get access over the network and may perform any illegal functions like deleting those data etc…

NETWORK SECURITY:-To overcome the disadvantage of Networks,

we are giving security to the network that is known as NETWORK SECURITY.

Network Security is protection of networks and their services from unauthorized modification, destruction or disclosure and provision of assurance that the network perform its critical functions correctly and there are no harmful side effects.

IMPORTANCE OF SECURITYEnforcing data security is top priority for

both governments and businesses worldwide. Recent legislation in many countries has set

new standards for protecting customer information.

There are standards for the security of medical records and standards for the financial industry regarding privacy and security of customers’ personal financial information.

TERMINOLOGY IN NETWORK SECURITY CRYPTOGRAPHY:-Study of all encryption and decryption

algorithms.ENCRYPTION:-A process of encoding a message so that its

meaning is not obvious.DECRYPTION:-• A process of decoding the encoded message

i.e it’s the reverse process of Encryption.

TERMINOLOGY IN NETWORK SECURITYCRYPTANALYSIS:-• Without knowing algorithm and key

converting cipher text into plane text.CRYPTOLOGY:-• Study of both cryptanalysis and cryptology.

DIMENSIONS OF CRYPTOGRAPHY1.OPERATIONS INVOLVED:- TRANSPOSITION:

Sender side: 12345678910

f i l e no. 05 ----> Plaintext

9875 10 32164 ----> Key0 .o 5 l ifne --------> Ciphertext

DIMENSIONS OF CRYPTOGRAPHY Receiver side:-

12345678910 0.o 5 li f ne -----> Planetext

9875103216 4 -------> Key1 234 5678910

file no.05---------> Original text

DIMENSIONS OF CRYPTOGRAPHY• SUBSTITUTION:- Simple Substitution:- Substitution Table-------->

Example:-

A B C D E F …….

X Y Z

1 2 3 4 5 6 …….

24 25 26

A C E

1 3 5

DIMENSIONS OF CRYPTOGRAPHYSubstituting a character in plane text by new

character in cipher text is called Substitution.

Substitution is done by using Substitution table.

Substitution table should be there at sender and receiver then only substitution can be done.

2)NO. OF KEYS USED:-

A) Symmetric Key:It uses single key.Ex: IDE algorithm

b)Asymmetric Key: It uses Two keys. Ex: RSA Algorithm.

3.The Way By which Plaintext Is Processed:- a)Stream-Bit Oriented:• Data is send as bit by bit.• Bit= 0 or 1 b)Character Oriented:-• Data is send character through character.c)Blocks:-Data is send through blocks(Group of characters).Padding: A string, typically added when the plaintext

block is short. For example, if the block length is 4 bytes and the cipher requires 16 bytes, then 12 bytes of padding must be added. The padding string may contain zeros, alternating zeros and ones, or some other pattern.

Concepts in Network Security1) AUTHENTICATION: Sending the message from authorized

person. Ex: Sending message from mail2) CONFIDENTIALITY: Unauthorized person (unknown person)

cannot know what is going between two persons.(Coding/Decoding)

3) NON-REPUTATION: Providing third person between two persons.

(Delaying)

Concepts in Network Security4) AVAILABILITY: The person is authorized but the person

can’t use or access the data.5) ACCESS CONTROL: The person cannot change or modify the

data.6) DATA INTEGRITY: Sender and Receiver receives same message.

SECURITY ATTACKS1) INTERRUPTION: Stopping the data while the data is sending

to other person. It effects on the concept of Availability. Sender Receiver

Intruder

SECURITY ATTACKS2) INTERCEPTION:- Unknown person hearing the data which is

going between two persons but he cant modifies the data.

It effects the concept of Confidentiality.

Sender Receiver

Intruder

SECURITY ATTACKS3) MODIFICATION:-The data which is sending to the receiver ,

that data ia changed by the Intruder and sends to Sender receiver.

This effects the concept of Data-Integrity.

Sender

Receiver

Intruder

SECURITY ATTACKS4)FABRICATION: While the data is sending to receiver from

sender, the intruder hacks the data and modify or change those data and send to receiver in the form of sender.

This effects the concept of Authentication.Sender Receiver

Intruder

SERVICES OF NETWORK SECURITY

1) PASSIVE ATTACK: Here Intruder does not modifies the data

but they listens the data.

2) ACTIVE ATTACK: Here Intruder changes the data or

information.

RSA ALGORITHMby Rivest, Shamir & Adleman of MIT in 1977

best known & widely used public-key scheme

uses large integers (e.g., 1024 bits)

This is Asymmetric key i.e it consists two keys

RSA Key Setupeach user generates a public/private key pair

by: selecting two large primes at random - p,q computing their system modulus n=p*q

-define ø(n)=(p-1)*(q-1) selecting at random the encryption key e

where 1<e<ø(n), gcd(e,ø(n))=1

solve following equation to find decryption key d d*e mod ø(n)=1 and 0≤d≤n

publish their public encryption key: PU={e,n} keep secret private decryption key: PR={d,n}

RSA Useto encrypt a message M the sender:

obtains public key of recipient PU={e,n} computes: C = Me mod n, where 0≤M<n

to decrypt the ciphertext C the owner:uses their private key PR={d,n} computes: M = Cd mod n

note that the message M must be smaller than the modulus n (block if needed)

RSA Example - Key Setup1. Select primes: p=17 & q=112. Compute n = pq =17 x 11=1873. Compute ø(n)=(p–1)(q-1)=16 x 10=1604. Select e: gcd(e,160)=1; choose e=75. Determine d: de=1 mod 160 and d < 160

Value is d=23 since 23x7=161= 10x160+16. Publish public key PU={7,187}7. Keep secret private key PR={23,187}

RSA Example - En/Decryptionsample RSA encryption/decryption is: given message M = 88 encryption:

C = 887 mod 187 = 11 decryption:

M = 1123 mod 187 = 88

IDEA ALGORITHMAcronym for IDEA is International Data

Encryption AlgorithmDesigned in 1991 by Swiss Federal Institute

of TechnologyUses 128-bit keyIDEA was used as the symmetric cipher in

early versions of the Pretty Good Privacy cryptosystem

DESCRIPTIONIn this algorithm, we use 3 operations: 1.XOR 2.MOD ADDITION 3.MOD MULTIPLICATIONIDEA is a block cipher which uses a 128-bit

length key to encrypt successive 64-bit blocks of plaintext.

DESCRIPTIONThe procedure is quite complicated using sub

keys generated from the key to carry out a series of modular arithmetic and XOR operations on segments of the 64-bit plaintext block.

The encryption scheme uses a total of fifty –two 16-bit sub keys.

OPERATIONSThe three operations used in IDEA are: Bit-by-bit exclusive-OR of two 16-bit sub-

blocks; denoted as “XOR”. Addition of integers modulo 216 where the 16-

bit sub-block is treated as an unsigned integer; the resulting operation is denoted as “+”.

Multiplication of integers modulo 216+1 where the 16-bit sub-block is treated as an unsigned integer except that the all-zero sub-block is treated as representing 216; the resulting operation is denoted as “x”.

DESCRIPTIONThese are generated from the 128-bit sub key as follows: The 128-bit key is split into eight 16-bit keys which are the

first eight sub keys. The digits of the 128-bit key are shifted 25 bits to the left to

make a new key which is split into the next eight 16-bit sub keys

The second step is repeated until the fifty two sub keys have been generated.

The encryption involves modular multiplication with a modules of ((2^16) + 1) and addition with a modules of (2^16).

The 64-bit plaintext block is split into four 16-bit segments which we’ll call x1, x2, x3 and x4.

The sub keys are z1, z2, z3, z4………z52.

The encryption consists of eight rounds with each round involving the following steps:

x1 x z1 -- > w1 x2 + z2 -- >w2 x3 + z3 -- >w3 w1 XOR w9 -- >w11

w3 XOR w9 -- >w12

w2 XOR w10 -- >w13

• w4 XOR w10 -- >w14 • x4 x z4 -- >w4

w1 XOR w3 -- >w5 w2 XOR w4 -- >w6 w5 x z5 -- >w7 w6 + w7 -- >w8 w8 x z6 -- > w9 w7 + w9 -- >w10

The IDEA basic structure is shown in Above Figure. After this process the output blocks w12, w13 are exchanged

so that wi11, w13, w12 and w14 are used as input to the next round (in that order) along with the next 6 subkeys, z7 to z12.

This procedure is followed for eight rounds in total giving four output blocks which we’ll call w81, w82, w83 and w84.

Four more steps using the last four subkeys complete the encryption:

e1 x z49 -- >y1e2 + z50 -- >y2e3 + z51 -- >y3e4 x z52 -- >y4

Note: For the purpose of the algorithm, a key of all zeros is

defined as being equal to 2^16 for modular multiplication steps .

Conclusion Of IDEA AlgorithmAs electronic communications grow in

importance, there is also an increasing need for data protection

When PGP was designed, the developers were looking for maximum security. IDEA was their first choice for data encryption

The fundamental criteria for the development of IDEA were military strength for all security requirements and easy hardware and software implementation .

Message Sending using Secret key Exchange1. KEY EXCHANGE:- (a) At Sender:- Take 128 bit key(binary bits) from keyboard. Divide them into 16 rows and 8 columns. Each row convert into decimal value, we will

get 16 elements. Apply RSA Encryption Algorithm(C=Me mod

n) on each element we will get 16 cipher values which is known as KEY.

Send this KEY to receiver.

(b) At Receiver:- Receiver receives that 16 cipher values i.e

KEY , then apply RSA Decryption Algorithm(M=Cd mod n) on each value.

The result will be 16 decimal values.Convert each decimal value into binary bit.Place them in each row of matrix we will get

16 rows and 8 columns matrix.Combine row after row then we will get 128

bit key.

Secret Key Exchange can be done by RSA Algorithm and Message Passed between Sender and Receiver by IDEA Algorithm.

Like Key Exchange Message will also Exchange but procedure is different.

CONCLUSION IDEA is a well-known cipher that has been analyzed by

many researchers for the past decade, and, yet, no attack against five or more of its 8.5 rounds has been found.

Due to its strength against cryptanalytic attacks and due to its inclusion in several popular cryptographic packages, IDEA is widely used.

The system was developed to offer the industry a set of well-proven and tested crypto tools for faster and optimized implementation of IDEA into security products. It supports standard programming languages and allows the implementation of the IDEA algorithm without extensive knowledge in cryptography.

The system provides fast and well – known algorithm covering all aspects of cryptography with optimized modules for encryption/decryption.

CONCLUSIONThe system comes with key generator.The system is specified with respect to secret

key cryptography standards.The system is suitable for use in a wide range

of application.The system allows for faster implementations

of encryption into security products.

The project can be extended to provide encryption to videos, photos and audio to enable security exchange of information through them.

In this way providing security to various means of communication can be possible and helps in effective communication through a network.

THE END