Web technology and commerce unit 5

UNIT : V

PREPARED BY ARUN PRATAP SINGH

WEB TECHNOLOGY AND COMMERCE (MCSE 201)

PREPARED BY ARUN PRATAP SINGH 1

1

ADVANCED TECHNOLOGIES FOR E-COMMERCE:

INTRODUCTION TO MOBILE AGENTS:

UNIT : V

PREPARED BY ARUN PRATAP SINGH 2

2

Mobile agents are defined as active objects (or clusters of objects) that have

behavior, state and location.

Mobility: Agents that can travel in network

Autonomy: Agent itself decides when and where to migrate next

A Mobile Agent, namely, is a type of software agent, with the feature of autonomy, social

ability, learning, and most significantly, mobility.

More specifically, a mobile agent is a process that can transport its state from one environment

to another, with its data intact, and be capable of performing appropriately in the new environment.

Mobile agents decide when and where to move. Movement is often evolved from RPC methods.

Just as a user directs an Internet browser to "visit" a website (the browser merely downloads a

copy of the site or one version of it in the case of dynamic web sites), similarly, a mobile agent

accomplishes a move through data duplication. When a mobile agent decides to move, it saves

its own state, transports this saved state to the new host, and resumes execution from the saved

state.

A mobile agent is a specific form of mobile code, within the field of code mobility. However, in

contrast to the Remote evaluation and Code on demand programming paradigms, mobile agents

are active in that they can choose to migrate between computers at any time during their

execution. This makes them a powerful tool for implementing distributed applications in

a computer network.

PREPARED BY ARUN PRATAP SINGH 3

3

An open multi-agent systems (MAS) is a system in which agents, that are owned by a variety of

stakeholders, continuously enter and leave the system.

PREPARED BY ARUN PRATAP SINGH 4

4

Comparison of 3 Network computing paradigm –

• A mobile agent contains the following 3 components:

• Code - the program (in a suitable language) that defines the agent's behavior.

• State - the agent's internal variables etc., which enable it to resume its activities

after moving to another host.

• Attributes - information describing the agent, its origin and owner, its movement

history, resource requirements, authentication keys etc. Part of this may be

accessible to the agent itself, but the agent must not be able to modify the attributes

MA System Arichitecture :

• The main components include

• mobile agents (defined before)

• places

• supports the execution of particular procedures and provides access to

local resources.

• agent systems

• Places inside an agent system may share resources, code, or security

mechanisms and, in general, have a privileged relationship with each other

and less expensive mobility.

PREPARED BY ARUN PRATAP SINGH 5

5

• Regions

• Agent systems may be grouped in regions. A region represents a security

domain where network-wide resources are accessed following a uniform

policy.

• Principals

• Agents, places, agent systems, and regions are associated with a number

of principals that represent real-world entities such as a person, an

organization, or a company.

Requirement of a MAS :

• Agent Execution Support,

• Management Support,

• Security Support,

PREPARED BY ARUN PRATAP SINGH 6

6

• Mobility Support,

• Unique Identification of Agents Support,

• Transaction Support, and

• Communication Support.

PREPARED BY ARUN PRATAP SINGH 7

7

PREPARED BY ARUN PRATAP SINGH 8

8

Mobile Agent vs. Remote Procedure Call(RPC) :

RPC:

• using Synchronous protocol-High Efficiency and low latency

• Scaling -- Multiple servers

Mobile Agent:

• Messaging(Asynchronous) :Robustness, especially in wide area network

• Every node is a server

Application Areas for Mobile Agents :

• Data collection from many places

• Searching and filtering

• Monitoring

• Negotiating

• Bartering

• Parallel processing

• Entertainment

• Targeted information dissemination

PREPARED BY ARUN PRATAP SINGH 9

9

WIRELESS APPLICATION PROTOCOL (WAP) :

Wireless Application Protocol (WAP) is a technical standard for accessing information over a

mobile wireless network. A WAP browser is a web browser for mobile devices such as mobile

phones that uses the protocol.

Before the introduction of WAP, mobile service providers had limited opportunities to offer

interactive data services, but needed interactivity to support Internet and Webapplications such

as:

Email by mobile phone

Tracking of stock-market prices

Sports results

News headlines

Music downloads

What is WAP?

• WAP stands for Wireless Application Protocol

• WAP is an application communication protocol

• WAP is used to access services and information

• WAP is inherited from Internet standards

• WAP is for handheld devices such as mobile phones

• WAP is a protocol designed for micro browsers

• WAP enables the creating of web applications for mobile devices.

• WAP uses the mark-up language WML (not HTML)

• WML is defined as an XML 1.0 application

The Wireless Application Protocol

• The WAP is the leading standard for information services on wireless terminals like digital

mobile phones.

• The WAP standard is based on Internet standards (HTML, XML and TCP/IP).

History of WAP

• WAP is published by the WAP Forum, founded in 1997 by Ericsson, Motorola, Nokia, and

Unwired Planet.

• Forum members now represent over 90% of the global handset market, as well as leading

infrastructure providers, software developers and other organizations.

PREPARED BY ARUN PRATAP SINGH 10

10

WAP Architecture :

WAP Application Server :

PREPARED BY ARUN PRATAP SINGH 11

11

How WAP Model Works?

When it comes to actual use, WAP works like this:

PREPARED BY ARUN PRATAP SINGH 12

12

WAP I – protocol stack :

PREPARED BY ARUN PRATAP SINGH 13

13

• WAP is designed in a layered fashion so that it can be extensible, flexible, and scalable.

As a result, the WAP protocol stack is divided into five layers.

Application Layer

• Wireless Application Environment (WAE). This layer is of most interest to content

developers because it contains, among other things, device specifications and the

content development programming languages, WML and WMLScript.

Session Layer

• Wireless Session Protocol (WSP). Unlike HTTP, WSP has been designed by the WAP

Forum to provide fast connection suspension and reconnection.

• WSP-The WAP session protocol (WSP) layer provides a lightweight session layer to

allow efficient exchange of data between applications.

Transaction Layer

• Wireless Transaction Protocol (WTP). The WTP runs on top of a datagram service such

as User Datagram Protocol (UDP) and is part of the standard suite of TCP/IP protocols

used to provide a simplified protocol suitable for low bandwidth wireless stations.

• WTP -- The WAP transaction protocol (WTP) layer provides transaction support, adding

reliability to the datagram service provided by WDP.

• WDP -- The WAP datagram protocol (WDP) is the transport layer that sends and

receives messages via any available bearer network, including SMS, USSD, CSD,

CDPD and GPRS.

Security Layer

Wireless Transport Layer Security (WTLS). WTLS incorporates security features that are based

upon the established Transport Layer Security (TLS) protocol standard. It includes data integrity

checks, privacy, service denial, and authentication services.

• WTLS -- Wireless transport layer security (WTLS), an optional security layer, has

encryption facilities that provide the secure transport service required by many

applications, such as e-commerce.

Transport layer

Wireless Datagram Protocol (WDP). The WDP allows WAP to be bearer-independent by

adapting the transport layer of the underlying bearer. The WDP presents a consistent data

format to the higher layers of the WAP protocol stack, thereby offering the advantage of bearer

independence to application developers.

• Each of these layers provides a well-defined interface to the layer. This means that

the internal workings of any layer are transparent or invisible to the layers. The layered

architecture allows other applications and services to utilize the features provided by the

WAP-stack as well. This makes it possible to use the WAP-stack for services and

applications that currently are not specified by WAP.

PREPARED BY ARUN PRATAP SINGH 14

14

What is the purpose of WAP?

• To enable easy, fast delivery of relevant information and services to mobile users.

• It consists of a WML language specification, a WMLScript specification, and a

Wireless Telephony Application Interface (WTAI) specification.

WAP-Environment :

• The Wireless Application Environment (WAE) provides an environment that enables a

wide range of applications to be used on wireless devices.

• "WAP - The wireless service enabler" the WAP WAE programming model was

introduced.

Goals

• device and network independent application environment

• for low-bandwidth, wireless devices

• considerations of slow links, limited memory, low computing power, small display,

simple user interface (compared to desktops)

• integrated Internet/WWW programming model

• high interoperability

WAE Components :

Architecture

– Application model, Microbrowser, Gateway, Server

User Agents

– WML/WTA/Others

– content formats: vCard, vCalendar, Wireless Bitmap, WML, ...

WML

– XML-Syntax, based on card stacks, variables, ...

WMLScript

– procedural, loops, conditions, ... (similar to JavaScript)

WTA

– telephone services, such as call control, text messages, phone book, ...

(accessible from WML/WMLScript)

Proxy (Method/Push)

PREPARED BY ARUN PRATAP SINGH 15

15

WAE: Logical Model :

WML: Wireless Markup Language :

Tag-based browsing language:

– Screen management (text, images)

– Data input (text, selection lists, etc.)

– Hyperlinks & navigation support

Takes into account limited display, navigation capabilities of devices

XML-based language

– describes only intent of interaction in an abstract manner

– presentation depends upon device capabilities

Cards and Decks

– document consists of many cards

– User interactions are split into cards

– Explicit navigation between cards

– cards are grouped to decks

– deck is similar to HTML page, unit of content transmission

Events, variables and state mgmt

PREPARED BY ARUN PRATAP SINGH 16

16

WML Script

• WMLScript is based on ECMA Script, the same scripting language that

JavaScript is based on.

• It can be used for enhancing services written in WML in the way that it to some

extent adds intelligence to the services, for example procedural logic, loops,

conditional expressions, and computational functions.

Wireless Telephony Application (WTA)

• A framework and programming interface for telephony services.

• The Wireless Telephony Application (WTA) environment provides a means to create

telephony services using WAP.

• Collection of telephony specific extensions

• designed primarily for network operators

PREPARED BY ARUN PRATAP SINGH 17

17

• Example

• calling a number (WML)

wtai://wp/mc;07216086415

• calling a number (WMLScript)

WTAPublic.makeCall("07216086415");

• Implementation

• Extension of basic WAE application model

• Extensions added to standard WML/WMLScript browser

• Exposes additional API (WTAI)

WTA Logical Architecture –

WAP - KEY BENEFITS :

Subscribers:

• It is crucial that the subscribers will benefit from using WAP based services, otherwise

there will be no incentive neither for WAP as a whole nor for any of the other groups

mentioned below. The key-benefits can be summarised as:

• Portability

PREPARED BY ARUN PRATAP SINGH 18

18

• Easy to use

• Access to a wide variety of services on a competitive market

• The possibility of having personalised services

• Fast, convenient, and efficient access to services

• To fulfil as many customers needs as possible, WAP devices will be available in various

form factors, e.g. pagers, handheld PCs, and phones

Operators:

• Many of the advantages mentioned under "Service Providers" are be applicable to

operators as well. The operator's benefits may include:

• Address new market segments of mobile users by enabling a wider range of mobile

VAS.

• Deploy telephony services that in contrast to traditional telephony services are easy to

create, update, and personalise

• Use the flexibility of WAP as a tool to differentiate from competitors

• Attractive interface to services will increase usage

• Increased revenues per user due to higher network utilization

• Convenient service creation and maintenance, including short time-to-market

• Replace expensive customer care centers with WAP based services (E-care)

• WAP services are designed to be independent of the network, implying that an operator

who runs different types of networks only have to develop its services ones

• An open standard means that equipment will be provided by many manufacturers

Service Providers:

• WAP opens new possibilities for service and content providers since they not

necessarily have to come to an agreement with a specific operator about providing

services to their customers. The gains are for example:

• Create a service once, make it accessible on a broad range of wireless networks

• Address new market segments by launching innovative mobile VAS. Keep old

customers by adapting existing Internet services to WAP

• Keep old customers by adapting existing Internet services to WAP

• Convenient service creation and maintenance

• Creating a WAP service is no harder than creating an Internet service today since WML

and WMLScript are based on well-known Internet technology

PREPARED BY ARUN PRATAP SINGH 19

19

• Use standard tools like ASP or CGI to generate content dynamically

• Utilise existing investments in databases etc that are the basis of existing Internet

services

Manufacturers:

• Mobile devices supporting WAP will be available in many different form factors, e.g.

cellular phones, pagers, and handheld PCs. Hardware manufacturers will also need to

supply operators etc with equipment, such as WAP Gateway/Proxys and WTA servers.

Manufacturer benefits are for example:

• WAP scales across a broad range of mobile networks, meaning that WAP

implementations can be used in devices supporting different types of networks.

• The expected wide adoption of WAP implies that economies of scales can be achieved,

meaning that the huge mass-market can be addressed

• The fact that WAP is designed to consume minimal amount of memory, and that the use

of proxy technology relieves the CPU, means that inexpensive components can be used

in the handsets

• Reuse the deep knowledge about wireless network infrastructure to develop advanced

servers that seamlessly integrates mobile VAS with telephony

• Seize the opportunity to introduce new innovative products

Tools Providers:

• Today there is a large amount of tools available for creating applications for the web.

Content developers have become used to the convenience that tools like FrontPage and

DreamWeaver provides. Tools providers will be able to:

• Reuse and modify existing products to support WAP, or even integrate WAP support in

existing tools.

• Address a new customer base in the wireless community.

WAP Push Services :

Web push

– Scheduled pull by client (browser)

• example: Active Channels

– no real-time alerting/response

PREPARED BY ARUN PRATAP SINGH 20

20

• example: stock quotes

Wireless push

– accomplished by using the network itself

• example: SMS

– limited to simple text, cannot be used as starting point for service

• example: if SMS contains news, user cannot request specific news item

WAP push

– Network supported push of WML content

• example: Alerts or service indications

– Pre-caching of data (channels/resources)

WAP Push Framework

PREPARED BY ARUN PRATAP SINGH 21

21

WEB SECURITY :

Many sensitive tasks are done through web

– Online banking, online shopping

– Database access

– System administration

Web applications and web users are targets of many attacks

– Cross site scripting

– SQL injection

– Cross site request forgery

– Information leakage

– Session hijacking

Web security is a tree branch of computer security specifically related to the Internet, often

involving browser security but also network security on a more general level as it applies to other

applications or operating systems on a whole. Its objective is to establish rules and measures to

use against attacks over the Internet. The Internet represents an insecure channel for exchanging

information leading to a high risk of intrusion or fraud, such as phishing.[2] Different methods have

been used to protect the transfer of data, including encryption.

Web Security blocks web threats to reduce malware infections, decrease help desk

incidents and free up valuable IT resources.

PREPARED BY ARUN PRATAP SINGH 22

22

Web Security Issues :

• Secure communications between client & server

– HTTPS (HTTP over SSL)

• User authentication & session management

– Cookies & other methods

• Active contents from different websites

– Protecting resources maintained by browsers

• Web application security

• Web site authentication (e.g., anti-phishing)

• Privacy concerns

HTTP: HyperText Transfer Protocol :

• Browser sends HTTP requests to the server

– Methods: GET, POST, HEAD, …

– GET: to retrieve a resource (html, image, script, css,…)

– POST: to submit a form (login, register, …)

– HEAD

• Server replies with a HTTP response

• Stateless request/response protocol

– Each request is independent of previous requests

– Statelessness has a significant impact on design and implementation of

applications

HTTP Authentication -

• Protect web content from those who don’t have a “need to know”

• Require users to authenticate using a userid/password before they are allowed access to

certain URLs

• HTTP/1.1 requires that when a user makes a request for a protected resource the server

responds with a authentication request header

– WWW-Authenticate

• contains enough pertinent information to carry out a “challenge-response”

session between the user and the server

PREPARED BY ARUN PRATAP SINGH 23

23

• Secure Sockets Layer (SSL)

– Invented by Netscape and made public domain for everyone’s use

– An additional layer to the TCP/IP stack that sits between the Application and

Transport layers

• ensures that all application data is encrypted but TCP/IP headers are not

• usually run on port 443 (default HTTPS port)

• Public Key Cryptography

– owner of a private key sends a public key to all who want to communicate with

him (keys are both prime factors of a large (1024 bit) number). Owner keeps the

private key secret and uses it to decrypt information sent to him that has been

encrypted with the public-key

– RSA algorithm is most notable public-key cipher algorithm

• Digital Certificates

– issued by a disinterested third party (ex. Verisign)

– the Certificate contains the public-key for the specific Web Server and a digital

signature of the certifying authority

• Cookies

– A cookie is a name/value pair created by a website to store information on your

computer

PREPARED BY ARUN PRATAP SINGH 24

24

Cookies Fields –

• An example cookie

– Name session-token

– Content "s7yZiOvFm4YymG….”

– Domain .amazon.com

– Path /

– Send For Any type of connection

– Expires Monday, September 08, 2031 7:19:41 PM

• Stored by the browser

• Used by the web applications

– used for authenticating, tracking, and maintaining specific information about

users

• e.g., site preferences, contents of shopping carts

– data may be sensitive

– may be used to gather information about specific users

• Cookie ownership

– Once a cookie is saved on your computer, only the website that created the

cookie can read it

Web Authentication via Cookies-

• HTTP is stateless

– How does the server recognize a user who has signed in?

• Servers can use cookies to store state on client

PREPARED BY ARUN PRATAP SINGH 25

25

– After client successfully authenticates, server computes an authenticator and

gives it to browser in a cookie

• Client cannot forge authenticator on his own (session id)

– With each request, browser presents the cookie

– Server verifies the authenticator

PREPARED BY ARUN PRATAP SINGH 26

26

Security threats :

With the emergence of Web 2.0, increased information sharing through social networking and

increasing business adoption of the Web as a means of doing business and delivering service,

websites are often attacked directly. Hackers either seek to compromise the corporate network

or the end-users accessing the website by subjecting them to drive-by downloading.

As a result, industry is paying increased attention to the security of the web

applications themselves in addition to the security of the underlying computer network and

operating systems.

The majority of web application attacks occur through cross-site scripting (XSS) and SQL

injection attacks which typically result from flawed coding, and failure to sanitize input to and

output from the web application. These are ranked in the 2009 CWE/SANS Top 25 Most

Dangerous Programming Errors. According the security vendor Cenzic, the top vulnerabilities in

March 2012 include:

Cross Site Scripting, 37%

SQL Injection, 16%

Path Disclosure, 5%

Denial of Service, 5%

Code Execution, 4%

Memory Corruption, 4%

Cross Site Request Forgery, 4%

Information Disclosure, 3%

Arbitrary File, 3%

Local File Include, 2%

Remote File Include, 1%

Buffer overflow, 1%

Other (PHP Injection, Javascript Injection, etc.), 15%

Security technology –

While security is fundamentally based on people and processes, there are a number of technical

solutions to consider when designing, building and testing secure web applications. At a high

level, these solutions include:

Black Box testing tools such as Web application security scanners, vulnerability

scanners and penetration testing software

White Box testing tools such as static source code analyzers

PREPARED BY ARUN PRATAP SINGH 27

27

Fuzzing Tools used for input testing

Web application firewalls (WAF) used to provide firewall-type protection at the web application

layer

Password cracking tools for testing password strength and implementation

ENCRYPTION SCHEMES :

The process of converting plain text into an unintelligible format (cipher text) is called Encryption.

In cryptography, encryption is the process of encoding messages or information in such a way

that only authorized parties can read it. Encryption doesn't prevent hacking but it reduces the

likelihood that the hacker will be able to read the data that is encrypted. In an encryption scheme,

the message or information, referred to as plaintext, is encrypted using an encryption algorithm,

turning it into an unreadable ciphertext. This is usually done with the use of an encryption key,

which specifies how the message is to be encoded. Any adversary that can see the ciphertext

should not be able to determine anything about the original message. An authorized party,

however, is able to decode the ciphertext using a decryption algorithm, that usually requires a

secret decryption key, that adversaries do not have access to. For technical reasons, an

encryption scheme usually needs a key-generation algorithm to randomly produce keys.

PREPARED BY ARUN PRATAP SINGH 28

28

ENCRYPTION SCHEMES-

People use encryption to change readable text, called plaintext, into an unreadable secret format,

called cipher text. Encrypting data provides additional benefits besides protecting the

confidentiality of a message. These advantages include ensuring that messages have not been

altered during transit and verifying the identity of the sender. All of these benefits can be realized

by using any of these encryption methods.

Hashing Encryption

The first encryption method, called hashing, creates a unique, fixed-length signature for a

message or data set. Hashes are created with an algorithm, or hash function, and people

commonly use them to compare sets of data. Since a hash is unique to a specific message, even

minor changes to that message result in a dramatically different hash, thereby alerting a user to

potential tampering.

A key difference between hashing and the other two encryption methods is that once the data is

encrypted, the process cannot be reversed or deciphered. This means that even if a potential attacker

were able to obtain a hash, he or she would not be able to use a decryption method to discover the

contents of the original message. Some common hashing algorithms are Message Digest 5 (MD5)

and Secure Hashing Algorithm (SHA).

Symmetric Methods

Symmetric cryptography, also called private-key cryptography, is one of the oldest and most

secure encryption methods. The term "private key" comes from the fact that the key used

toencrypt and decrypt data must remain secure because anyone with access to it can read the

coded messages. A sender encodes a message into ciphertext using a key, and the receiver uses

the same key to decode it.

People can use this encryption method as either a "stream" cipher or a "block" cipher, depending

on the amount of data being encrypted or decrypted at a time. A stream cipher encrypts data one

character at a time as it is sent or received, while a block cipher processes fixed chunks of data.

Common symmetric encryption algorithms include Data Encryption Standard (DES), Advanced

Encryption Standard (AES), and International Data Encryption Algorithm (IDEA).

Asymmetric Forms

Asymmetric, or public key, cryptography is, potentially, more secure than symmetric methods of

encryption. This type of cryptography uses two keys, a "private" key and a "public key," to perform

encryption and decryption. The use of two keys overcomes a major weakness in symmetric key

cryptography, since a single key does not need to be securely managed among multiple users.

In asymmetric cryptography, a public key is freely available to everyone and used to encrypt

messages before sending them. A different, private key remains with the receiver of ciphertext

messages, who uses it to decrypt them. Algorithms that use public key encryption methods

include RSA and Diffie-Hellman.

PREPARED BY ARUN PRATAP SINGH 29

29

Data encryption has become a sad necessity for responsible data managers. However

cryptography is jargon-heavy even by the discouraging standards of the IT world – symmetric

and asymmetric cryptosystems, public versus private keys, digital signatures, hash algorithms,

RSA, DES, Rijndael, PGP, MD5, SHA-1, https, secure sockets, Camellia, IDEA; what does it all

mean? What are the differences? Relative advantages and disadvantages? Hopefully this

article will clear some of the fog.

Substitution ciphers

Although we tend to use the words ‘code’ and ‘cipher’ interchangeably, technically they're two

entirely different things. When you substitute each letter in a message for a different symbol

that's a cipher. A code on the other hand means assigning a secret meaning to a word or

phrase.

For example, if "The birds are flying south" means "Flee! The police are on to us!" that's a code.

But the simple schoolboy “code”, 1 = 'A', 2 = 'B' etc. (invented, legend has it, by Julius Caesar),

is a cipher, a substitution cipher in fact. So the ASCII “code” is actually a kind of cipher for

example.

Substitution ciphers were good enough for nearly two thousand years but they eventually failed

in the face of improving technology. The Enigma cipher used by the German military during

World War II is a substitution cipher and it was broken long before the days of computers, both

by the Poles and more famously the British. Don’t, however, dismiss substitution ciphers. If you

just want to deter prying eyes a substitution cipher using multiple substitutions and several

different substitutions schemes offers a reasonable level of encryption for virtually no

computational effort. (This is the way Enigma works and after all, it did take Alan Turing to break

it).

Random substitution

There is a form of substitution cipher that does offer excellent security. By making random

substitutions, the patterns that make other substitution ciphers vulnerable are eliminated. The

simplest form of random substitution is to break a message into blocks of 4 bytes (4 ASCII

characters) and add a pseudo-random number to each block. To recover the plaintext (the input

message) subtract the same series of pseudo-random numbers from the ciphertext (the

encrypted message). The key is simply the seed value for the pseudo-random number

generator.

This form of encryption is widely used (the file encryption options offered by word processors

often use this method) as it’s simple, highly reliable and will defeat all but the most determined

and skillful attackers.

Symmetric cryptosystems: DES and AES

If, however, you need higher levels of security there are plenty of alternatives. Block ciphers

break the message into fixed-length blocks, then each block of plaintext is converted into a

block of ciphertext using a sequence of arithmetic operations and/or substitutions. The best

known of these is DES (the Data Encryption Standard), developed by the National Institute of

Standards and Technology in the US.

DES uses 64-bit blocks with a 64-bit key (although only 56 bits are significant; the other 8 are

parity bits). The bits within a block are shuffled and XOR’ed with the key in a sequence of 16

PREPARED BY ARUN PRATAP SINGH 30

30

substitutions called “rounds”, to create the ciphertext. Applying the same process (with the same

key) to the ciphertext restores the original plaintext, so the process is symmetric. It has been

very widely used, by the US government and commercial organisations around the world,

including many financial institutions. It is easy to code (and there are good public domain

implementations) and as it only involves bit-shifting operations combined with a few small look-

up tables it doesn’t impose too much of a computational load.

Unfortunately, while it was secure enough in 1976 when it was introduced, advances in

computer hardware mean the relatively short key is now vulnerable to a brute-force attack. A

decent supercomputer or Beowulf cluster could check all possible DES keys in just a few days

and the time can’t be far off when even a desktop PC will be enough to crack any DES-

encrypted message.

Consequently the National Institute of Standards and Technology (NIST) no longer

recommends DES and has instead proposed a successor, AES (Advanced Encryption

Standard, also known as Rijndael – pronounced "rein-dahl" – from the names of its two

inventors). AES is similar to DES in principle but uses much longer keys (128, 192 or 256 bits)

and is specifically designed to resist the most sophisticated cryptographic attacks, methods

such as timing analysis (looking for correlations between a plaintext and the time taken to

encrypt it) and power analysis (looking for variations in the processor power requirements for

encrypting different plaintexts). It has very low memory requirements so is particularly suited for

embedded applications such as smart cards.

DES and AES are by no means the end of the story as far as symmetric encryption systems go.

Microsoft uses a proprietary symmetric encryption system for Windows XP key validation and

other systems you may encounter include RC4, RC6 and IDEA, while the European Union’s

cryptography committee, NESSIE (New European Schemes for Signatures, Integrity and

Encryption), recommends the Japanese Camellia cipher as an alternative to AES.

Asymmetric cryptosystems and RSA

Symmetric block ciphers such as DES and AES can provide very high levels of security.

However they have one obvious weakness, in that both sender and receiver must share the

key, yet keep it secret from anyone else. This poses a particular problem for Internet commerce

since a secret key would no longer be secret if it were sent over the Internet, and if it was

embedded in a browser it could be discovered by reverse-engineering the program. On the

other hand without some way to encrypt web traffic, sensitive details such as credit card

numbers would be available to anyone with the slightest knowledge of TCP/IP.

The solution lies in an ingenious group of ciphers known as asymmetric or public key/private

key systems. In asymmetric systems the key used to encrypt a message is not the same as that

used to decrypt it. If a message has been encrypted using one key of a pair it cannot be

decrypted even by someone else who has that key (crucially, knowing one key doesn’t provide

knowledge of the other). Only the matching key of the pair can be used for decryption.

This seems rather extraordinary – almost magical on the face of it. If you know both the

encryption algorithm and the key, how is it possible that the encryption process can’t simply be

PREPARED BY ARUN PRATAP SINGH 31

31

reversed to recover the original message? Nonetheless, that’s exactly how it is. Given a pair of

keys, a message encrypted with one can only be decrypted with the other and vice-versa.

There are a number of asymmetric key systems but the best known and most widely used is

RSA, named for its (three) co-inventors. Originally patented, the patent expired in September

2000 and the algorithm is now in the public domain. The Secure Sockets Layer used for secure

communications on the Internet uses RSA (the https protocol is simply http over SSL).

Unfortunately, nothing in life is free, and so it is with asymmetric cryptosystems. Since d can be

computed from e given p and q, and p and q are the factors of N, they must be chosen so large

that N cannot be factorised in any reasonable time. As computer power has grown so too has

the ability to compute the factors of very large numbers. Current hardware means key lengths

should be 1024 bits for complete security.

Raising such very large numbers to very large exponents is computationally much more

demanding than the bit shifting and XOR'ing of symmetric cryptosystems such as DES, so

asymmetric encryption is really only practical for short messages. A common workaround when

encrypting long messages is to use RSA to encrypt a short preamble containing a DES or AES

key selected at random, then send the main body of the message encrypted with that key. A

recipient with the corresponding private key can decrypt the preamble and use the key it

contains to decipher the rest of the message. Modern web browsers use exactly this method to

conduct secure communications.

Digital signatures

An increasingly important use for asymmetric encryption is digital signing. A digital signature is

the reverse of public key encryption. Just like an ordinary signature it is used to prove the

identity of the sender of a message. This can happen in several ways. The simplest is to send a

random message as both plaintext and ciphertext. The recipient deciphers the ciphertext

version using the published public key and if the two versions match it proves the sender was in

possession of the private key.

One drawback of this form of signature is that it only verifies itself, not any message to which it

is attached. An alternative form uses a redundancy or hash function to create a message digest

from a message in order to verify the source and reliability of the message. Suppose A and B

(the Alice and Bob so beloved of cryptographers) want to exchange messages. A encrypts a

message using B’s public key and appends the hashed value of the message encrypted with

her own private key. On receiving the message B deciphers it using his private key, and also

deciphers the accompanying message digest using A’s public key. If it matches the hash value

he computes from the message he received, he can conclude that:

(a) The message originated from A (the only person who could have encrypted the digest

correctly) and

(b) The message has not been altered in transit.

The RSA algorithm has become the standard for digital signature applications and the company

founded by the co-inventors of RSA, RSA Data Security Inc, has developed (and published) a

PREPARED BY ARUN PRATAP SINGH 32

32

number of improvements on this basic scheme. Digital signatures on the Web are based on

RSA, as is the popular PGP – Pretty Good Privacy – package.

In detail :

SYMMETRIC KEY ENCRYPTION:

Symmetric-key cryptography is sometimes called secret-key cryptography. The most popular

symmetric-key system is the Data Encryption Standard (DES).

In the simpler types of cryptography, the same key is used to encrypt and decrypt information.

This key is sometimes called a symmetric key.

Everybody who is supposed to be able to read the information must have the key. The problem

with this sort of code is that the key has to be given to them over a secure line. If you're able to

give a key securely, why not send the whole message securely?

Thinking of the key as the key to a room may help explain this better. Everybody who should have

access to the room is given a copy of the key. Anybody who has that key can go in, put new

information in, take old information out, and lock the room again when they leave. Without the

key, you can't enter the room. Furthermore, if you send somebody a copy of the key by way of

the Post Office, somebody working at the Post Office could intercept this key, make a copy of it,

and then send it along. This would allow them to access this same locked room, and do the same

things with it. Now, think of sending the key over the Internet. That key could be intercepted by

anybody between you and the other machine, letting them read everything you locked up with

that key, even letting them modify it.

PREPARED BY ARUN PRATAP SINGH 33

33

PREPARED BY ARUN PRATAP SINGH 34

34

Symmetric key encryption is also known as shared-key, single-key, secret-key, and private-key

or one-key encryption. In this type of message encryption, both sender and receiver share the

same key which is used to both encrypt and decrypt messages. Sender and receiver only have

to specify the shared key in the beginning and then they can begin to encrypt and decrypt

messages between them using that key. Examples include AES (Advanced Encryption Standard)

and Triple DES (Data Encryption Standard).

PREPARED BY ARUN PRATAP SINGH 35

35

Advantages :

- Simple: This type of encryption is easy to carry out. All users have to do is specify and share

the secret key and then begin to encrypt and decrypt messages.

- Encrypt and decrypt your own files: If you use encryption for messages or files which you

alone intend to access, there is no need to create different keys. Single-key encryption is best for

this.

- Fast: Symmetric key encryption is much faster than asymmetric key encryption.

- Uses less computer resources: Single-key encryption does not require a lot of computer

resources when compared to public key encryption.

- Prevents widespread message security compromise: A different secret key is used for

communication with every different party. If a key is compromised, only the messages between a

particular pair of sender and receiver are affected. Communications with other people are still

secure.

Disadvantages :

- Need for secure channel for secret key exchange: Sharing the secret key in the beginning is

a problem in symmetric key encryption. It has to be exchanged in a way that ensures it remains

secret.

- Too many keys: A new shared key has to be generated for communication with every different

party. This creates a problem with managing and ensuring the security of all these keys.

- Origin and authenticity of message cannot be guaranteed: Since both sender and receiver

use the same key, messages cannot be verified to have come from a particular user. This may

be a problem if there is a dispute.

PUBLIC-KEY CRYPTOGRAPHY :

Asymmetric cryptography or public-key cryptography is cryptography in which a pair of keys is

used to encrypt and decrypt a message so that it arrives securely. Initially, a network user receives

a public and private key pair from a certificate authority. Any other user who wants to send an

encrypted message can get the intended recipient's public key from a public directory. They use

this key to encrypt the message, and they send it to the recipient. When the recipient gets the

message, they decrypt it with their private key, which no one else should have access to.

PREPARED BY ARUN PRATAP SINGH 36

36

Or we can say that Public-key cryptography, also known as asymmetric cryptography, is a

class of cryptographic algorithms which require two separate keys, one of which

is secret (or private) and one of which is public. Although different, the two parts of this key pair

are mathematically linked. The public key is used to encrypt plaintext or to verify a digital

signature; whereas the private key is used to decrypt ciphertext or to create a digital signature.

The term "asymmetric" stems from the use of different keys to perform these opposite functions,

each the inverse of the other – as contrasted with conventional ("symmetric") cryptography which

relies on the same key to perform both.

Public-key algorithms are based on mathematical problems which currently admit no efficient

solution that are inherent in certain integer factorization, discrete logarithm, and elliptic

curve relationships. It is computationally easy for a user to generate their own public and private

key-pair and to use them for encryption and decryption. The strength lies in the fact that it is

"impossible" (computationally unfeasible) for a properly generated private key to be determined

from its corresponding public key. Thus the public key may be published without compromising

security, whereas the private key must not be revealed to anyone not authorized to read

messages or perform digital signatures. Public key algorithms, unlike symmetric key algorithms,

do not require a secure initial exchange of one (or more) secret keys between the parties.

Message authentication involves processing a message with a private key to produce a digital

signature. Thereafter anyone can verify this signature by processing the signature value with the

signer's corresponding public key and comparing that result with the message. Success confirms

the message is unmodified since it was signed, and – presuming the signer's private key has

remained secret to the signer – that the signer, and no one else, intentionally performed the

signature operation. In practice, typically only a hash or digest of the message, and not the

message itself, is encrypted as the signature.

Public-key algorithms are fundamental security ingredients in cryptosystems, applications and

protocols. They underpin such Internet standards as Transport Layer Security (TLS), PGP,

and GPG. Some public key algorithms provide key distribution and secrecy (e.g.,Diffie–Hellman

key exchange), some provide digital signatures (e.g., Digital Signature Algorithm), and some

provide both (e.g., RSA).

Public-key cryptography finds application in, amongst others, the IT security discipline information

security. Information security (IS) is concerned with all aspects of protecting electronic information

assets against security threats.[1] Public-key cryptography is used as a method of assuring the

confidentiality, authenticity and non-repudiability of electronic communications and data storage.

PREPARED BY ARUN PRATAP SINGH 37

37

In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of

the paired private key can decrypt. Security depends on the secrecy of the private key.

In the Diffie–Hellman key exchange scheme, each party generates a public/private key pair and distributes the public

key. After obtaining an authentic copy of each other's public keys, Alice and Bobcan compute a shared secret offline.

The shared secret can be used, for instance, as the key for a symmetric cipher.

PREPARED BY ARUN PRATAP SINGH 38

38

Asymmetric key cryptography uses two separate keys: one private and one public.

General idea of asymmetric-key cryptosystem :

PREPARED BY ARUN PRATAP SINGH 39

39

Public-key cryptography is often used to secure electronic communication over an open

networked environment such as the internet. Open networked environments are susceptible to a

variety of communication security problems such as man-in-the-middle attacks and other security

threats. Sending a secure communication means that the communication being sent must not be

readable during transit (preserving confidentiality), the communication must not be modified

during transit (preserving the integrity of the communication) and to enforce non-repudiation or

non-denial of the sending of the communication. Combining public-key cryptography with an

Enveloped Public Key Encryption (EPKE) method, allows for the secure sending of a

communication over an open networked environment.

The distinguishing technique used in public-key cryptography is the use of asymmetric key

algorithms, where the key used to encrypt a message is not the same as the key used to decrypt it.

Each user has a pair of cryptographic keys – a public encryption key and a private decryption

key. Similarly, a key pair used for digital signatures consists of a private signing key and

a public verification key. The public key is widely distributed, while the private key is known only

to its proprietor. The keys are related mathematically, but the parameters are chosen so that

calculating the private key from the public key is either impossible or prohibitively expensive.

In contrast, symmetric-key algorithms – variations of which have been used for thousands of years

– use a single secret key, which must be shared and kept private by both the sender and the

receiver, for both encryption and decryption. To use a symmetric encryption scheme, the sender

and receiver must securely share a key in advance.

Because symmetric key algorithms are nearly always much less computationally intensive than

asymmetric ones, it is common to exchange a key using a key-exchange algorithm, then transmit

data using that key and a symmetric key algorithm. PGP and the SSL/TLS family of schemes use

this procedure, and are thus called hybrid cryptosystems.

PREPARED BY ARUN PRATAP SINGH 40

40

There are two main uses for public-key cryptography:

Public-key encryption, in which a message is encrypted with a recipient's public key. The

message cannot be decrypted by anyone who does not possess the matching private key,

who is thus presumed to be the owner of that key and the person associated with the public

key. This is used in an attempt to ensure confidentiality.

Digital signatures, in which a message is signed with the sender's private key and can be

verified by anyone who has access to the sender's public key. This verification proves that

the sender had access to the private key, and therefore is likely to be the person associated

with the public key. This also ensures that the message has not been tampered, as any

manipulation of the message will result in changes to the encoded message digest, which

otherwise remains unchanged between the sender and receiver.

An analogy to public-key encryption is that of a locked mail box with a mail slot. The mail slot is

exposed and accessible to the public – its location (the street address) is, in essence, the public

key. Anyone knowing the street address can go to the door and drop a written message through

the slot. However, only the person who possesses the key can open the mailbox and read the

message.

An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The

message can be opened by anyone, but the presence of the unique seal authenticates the sender.

A central problem with the use of public-key cryptography is confidence/proof that a particular

public key is authentic, in that it is correct and belongs to the person or entity claimed, and has

not been tampered with or replaced by a malicious third party. The usual approach to this problem

is to use a public-key infrastructure (PKI), in which one or more third parties – known as certificate

authorities – certify ownership of key pairs. PGP, in addition to being a certificate authority

structure, has used a scheme generally called the "web of trust", which decentralizes such

authentication of public keys by a central mechanism, and substitutes individual endorsements of

the link between user and public key. To date, no fully satisfactory solution to the "public key

authentication problem" has been found.

Forward Public Key Encryption

The goal of Forward Public Key Encryption (FPKE) encryption is to ensure that the communication

being sent is kept confidential during transit.

To send a message using FPKE, the sender of the message uses the public key of the receiver

to encrypt the contents of the message. The encrypted message is then transmitted electronically

to the receiver and the receiver can then use their own matching private key to decrypt the

message.

PREPARED BY ARUN PRATAP SINGH 41

41

The encryption process of using the receivers public key is useful for preserving the confidentiality

of the message as only the receiver has the matching private key to decrypt the message.

Therefore, the sender of the message cannot decrypt the message once it has been encrypted

using the receivers public key. However, FKPE does not address the problem of non-repudiation,

as the message could have been sent by anyone that has access to the receivers public key.

Inverse Public Key Encryption

The goal of Inverse Public Key Encryption (IPKE) is to ensure that the sender of the

communication that is being sent is known to the receiver and that the sender of the message

cannot refute that the message that they have sent was not sent by them. Therefore, the purpose

of IPKE is to ensure the non-repudiation of the message being sent. This is useful in a practical

setting where a sender wishes to make an electronic purchase of shares and the receiver wants

to confirm that it was indeed the actual sender requesting the purchase and not someone else.

IPKE is also known as a digital signature.

To send a message using IPKE, the message is encrypted using the senders private key which

serves as the senders digital signature. The digitally "signed" and encrypted message is then sent

to the receiver who can then use the senders public key to decrypt the message and reveal the

original contents.

IPKE is useful for applying ones digital signature to a message thus enforcing non-repudiation

however, when the message is transmitted it is possible for the message to be intercepted by an

unauthorized person and the unauthorized person could then use the senders public key to

decrypt the contents of the message thus not enforcing the confidentiality of the message being

sent.

Certification Authority

In order for Enveloped Public Key Encryption to be as secure as possible, there needs to be a

"gatekeeper" of public and private keys, or else anyone could publish their public key and

masquerade as the intended sender of a communication. This digital key "gatekeeper" is known

as a certification authority. A certification authority is a trusted third party that can issue public and

private keys thus certifying public keys.

Advantages

- Convenience: It solves the problem of distributing the key for encryption. Everyone publishes

their public keys and private keys are kept secret.

PREPARED BY ARUN PRATAP SINGH 42

42

- Provides for message authentication: Public key encryption allows the use of digital

signatures which enables the recipient of a message to verify that the message is truly from a

particular sender.

- Detection of tampering: The use of digital signatures in public key encryption allows the

receiver to detect if the message was altered in transit. A digitally signed message cannot be

modified without invalidating the signature.

- Provide for non-repudiation: Digitally signing a message is akin to physically signing a

document. It is an acknowledgement of the message and thus, the sender cannot deny it.

Disadvantages

- Public keys should/must be authenticated: No one can be absolutely sure that a public key

belongs to the person it specifies and so everyone must verify that their public keys belong to

them.

- Slow: Public key encryption is slow compared to symmetric encryption. Not feasible for use in

decrypting bulk messages.

- Uses up more computer resources: It requires a lot more computer supplies compared to

single-key encryption.

- Widespread security compromise is possible: If an attacker determines a person's private

key, his or her entire messages can be read.

- Loss of private key may be irreparable: The loss of a private key means that all received

messages cannot be decrypted.

PREPARED BY ARUN PRATAP SINGH 43

43

DATA ENCRYPTION STANDARD (DES) :

PREPARED BY ARUN PRATAP SINGH 44

44

PREPARED BY ARUN PRATAP SINGH 45

45

PREPARED BY ARUN PRATAP SINGH 46

46

PREPARED BY ARUN PRATAP SINGH 47

47

The Feistel function (F function) of DES

PREPARED BY ARUN PRATAP SINGH 48

48

The overall Feistel structure of DES

PREPARED BY ARUN PRATAP SINGH 49

49

PREPARED BY ARUN PRATAP SINGH 50

50

PREPARED BY ARUN PRATAP SINGH 51

51

PREPARED BY ARUN PRATAP SINGH 52

52

PREPARED BY ARUN PRATAP SINGH 53

53

PREPARED BY ARUN PRATAP SINGH 54

54

PREPARED BY ARUN PRATAP SINGH 55

55

PREPARED BY ARUN PRATAP SINGH 56

56

RSA ALGORITHM :

RSA is one of the first practicable public-key cryptosystems and is widely used for secure data

transmission. In such a cryptosystem, the encryption key is public and differs from the decryption

key which is kept secret. In RSA, this asymmetry is based on the practical difficulty of factoring the

product of two large prime numbers, the factoring problem. RSA stands for Ron Rivest, Adi

Shamir and Leonard Adleman, who first publicly described the algorithm in 1977. Clifford Cocks,

an English mathematician, had developed an equivalent system in 1973, but it

wasn't declassified until 1997.

A user of RSA creates and then publishes the product of two large prime numbers, along with an

auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the

public key to encrypt a message, but with currently published methods, if the public key is large

enough, only someone with knowledge of the prime factors can feasibly decode the

PREPARED BY ARUN PRATAP SINGH 57

57

message.[2] Breaking RSA encryption is known as the RSA problem. It is an open question

whether it is as hard as the factoring problem.

Complexity of operations in RSA

Encryption, decryption, and key generation in RSA

PREPARED BY ARUN PRATAP SINGH 58

58

PREPARED BY ARUN PRATAP SINGH 59

59

PREPARED BY ARUN PRATAP SINGH 60

60

PREPARED BY ARUN PRATAP SINGH 61

61

Example :

Here is an example of RSA encryption and decryption. The parameters used here are artificially

small, but one can also use OpenSSL to generate and examine a real keypair.

1. Choose two distinct prime numbers, such as

and

2. Compute n = pq giving

3. Compute the totient of the product as φ(n) = (p − 1)(q − 1) giving

4. Choose any number 1 < e < 3120 that is coprime to 3120. Choosing a prime number

for e leaves us only to check that e is not a divisor of 3120.

Let

5. Compute d, the modular multiplicative inverse of e (mod φ(n)) yielding

The public key is (n = 3233, e = 17). For a padded plaintext message m, the encryption function

is

The private key is (n = 3233, d = 2753). For an encrypted ciphertext c, the decryption function is

For instance, in order to encrypt m = 65, we calculate

To decrypt c = 2790, we calculate

Both of these calculations can be computed efficiently using the square-and-multiply

algorithm for modular exponentiation. In real-life situations the primes selected would be much

larger; in our example it would be trivial to factor n, 3233 (obtained from the freely available public

key) back to the primes p and q. Given e, also from the public key, we could then compute d and

so acquire the private key.

Practical implementations use the Chinese remainder theorem to speed up the calculation using

modulus of factors (mod pq using mod p and mod q).

The values dp, dq and qinv, which are part of the private key are computed as follows:

PREPARED BY ARUN PRATAP SINGH 62

62

Here is how dp, dq and qinv are used for efficient decryption. (Encryption is efficient by choice of

public exponent e)

PREPARED BY ARUN PRATAP SINGH 63

63

SECURE WEB DOCUMENTS :

PREPARED BY ARUN PRATAP SINGH 64

64

PREPARED BY ARUN PRATAP SINGH 65

65

PREPARED BY ARUN PRATAP SINGH 66

66

PREPARED BY ARUN PRATAP SINGH 67

67

Most of the data transfer in the current WWW is insecure. Clients simply connect to Web servers

and request the documents stored there. This approach is clearly vulnerable to man-in-the-middle

attacks, not to mention malicious caches. In such an attack scenario, an active attacker intercepts

the client’s request, and answers with his own document. Although such attacks are infrequent,

that is probably as much due to the lack of determination on the part of the attackers as to the

inherent security of the underlying network architecture. Furthermore, due to the possibility of

such attacks, the security of an HTTP request is downgraded to the security of the weakest

network link/router on the request path. In the current WWW, the most common protection against

such attacks is through TLS (Transport Layer Security). TLS uses public-key cryptography to

authenticate servers and establish secure channels between servers and clients.

The main problem with TLS is that it requires servers to be trusted. The secure channel between

the client and server does not help at all if a malicious server sends bogus data over it. For this

reason, TLS allows documents to be replicated only on trusted servers, which greatly restricts the

set of acceptable hosts.

Turning back to our GlobeDoc objects, we can see that a mechanism like TLS is clearly not suited

for ensuring data integrity. As mentioned in Section 2, GlobeDoc objects dynamically place their

replicas on (possibly) untrusted object servers close to where their client requests are coming

from. Our assumption is that most of these servers are honest, but we need to consider the

possibility that some of them may try to replace the documents they host with fake data. Therefore,

we need a security mechanism that enforces the following three properties on the replicated state

of a GlobeDoc:

• Authenticity - the document the client receives from a server has indeed been created by the

object’s owner. No attacker or malicious server should be able to pass off one of their own

documents as being part of the object.

• Freshness - the client is guaranteed to receive the most recent version of a document part of a

object. No attacker or malicious server should be able to pass off genuine but old versions of a

document and convince the client they are fresh.

• Consistency - the client is guaranteed to receive a document, part of the object, that is consistent

to what she has requested. No attacker or malicious server should be able to replace the

requested document with another fresh document part of the same object.

DIGITAL SIGNATURE :

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital

message or document. A valid digital signature gives a recipient reason to believe that the

message was created by a known sender, such that the sender cannot deny having sent the

message (authentication and non-repudiation) and that the message was not altered in transit

(integrity). Digital signatures are commonly used for software distribution, financial transactions,

and in other cases where it is important to detect forgery or tampering.

PREPARED BY ARUN PRATAP SINGH 68

68

OR

A digital signature scheme typically consists of three algorithms:

A key generation algorithm that selects a private key uniformly at random from a set of

possible private keys. The algorithm outputs the private key and a corresponding public key.

A signing algorithm that, given a message and a private key, produces a signature.

A signature verifying algorithm that, given a message, public key and a signature, either

accepts or rejects the message's claim to authenticity.

Two main properties are required. First, the authenticity of a signature generated from a fixed

message and fixed private key can be verified by using the corresponding public key. Secondly,

it should be computationally infeasible to generate a valid signature for a party without knowing

that party's private key.

PREPARED BY ARUN PRATAP SINGH 69

69

A diagram showing how a digital signature is applied and then verified.

Why Digital Signatures?

• To provide Authenticity, Integrity and Non-repudiation to electronic documents

• To use the Internet as the safe and secure medium for e-Commerce and e-Governance

PREPARED BY ARUN PRATAP SINGH 70

70

PREPARED BY ARUN PRATAP SINGH 71

71

PREPARED BY ARUN PRATAP SINGH 72

72

PREPARED BY ARUN PRATAP SINGH 73

73

PREPARED BY ARUN PRATAP SINGH 74

74

Digital signatures are often used to implement electronic signatures, a broader term that refers to

any electronic data that carries the intent of a signature, but not all electronic signatures use digital

signatures. In some countries, including the United States, India, Brazil, and members of

the European Union, electronic signatures have legal significance.

Digital signatures employ a type of asymmetric cryptography. For messages sent through a non

secure channel, a properly implemented digital signature gives the receiver reason to believe the

message was sent by the claimed sender. Digital signatures are equivalent to traditional

handwritten signatures in many respects, but properly implemented digital signatures are more

difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are

cryptographically based, and must be implemented properly to be effective. Digital signatures can

also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign

a message, while also claiming their private key remains secret; further, some non-repudiation

schemes offer a time stamp for the digital signature, so that even if the private key is exposed,

the signature is valid. Digitally signed messages may be anything representable as a bit string:

examples include electronic mail, contracts, or a message sent via some other cryptographic

protocol.

How they work :

To create RSA signature keys, generate an RSA key pair containing a modulus N that is the

product of two large primes, along with integers e and d such that e d ≡ 1 (mod φ(N)), where φ is

the Euler phi-function. The signer's public key consists of N and e, and the signer's secret key

contains d.

To sign a message m, the signer computes σ ≡ md (mod N). To verify, the receiver checks that

σe ≡ m (mod N).

As noted earlier, this basic scheme is not very secure. To prevent attacks, one can first apply

a cryptographic hash function to the message m and then apply the RSA algorithm described

above to the result. This approach can be proven secure in the so-called random oracle model.

Most early signature schemes were of a similar type: they involve the use of a trapdoor

permutation, such as the RSA function, or in the case of the Rabin signature scheme, computing

square modulo composite n. A trapdoor permutation family is a family of permutations, specified

by a parameter, that is easy to compute in the forward direction, but is difficult to compute in the

reverse direction without already knowing the private key. However, for every parameter there is

a "trapdoor" (private key) which when known, easily decrypts the message. Trapdoor

permutations can be viewed as public-key encryption systems, where the parameter is the public

PREPARED BY ARUN PRATAP SINGH 75

75

key and the trapdoor is the secret key, and where encrypting corresponds to computing the

forward direction of the permutation, while decrypting corresponds to the reverse direction.

Trapdoor permutations can also be viewed as digital signature schemes, where computing the

reverse direction with the secret key is thought of as signing, and computing the forward direction

is done to verify signatures. Because of this correspondence, digital signatures are often

described as based on public-key cryptosystems, where signing is equivalent to decryption and

verification is equivalent to encryption, but this is not the only way digital signatures are computed.

Used directly, this type of signature scheme is vulnerable to a key-only existential forgery attack.

To create a forgery, the attacker picks a random signature σ and uses the verification procedure

to determine the message m corresponding to that signature. In practice, however, this type of

signature is not used directly, but rather, the message to be signed is first hashed to produce a

short digest that is then signed. This forgery attack, then, only produces the hash function output

that corresponds to σ, but not a message that leads to that value, which does not lead to an

attack. In the random oracle model, this hash-then-sign form of signature is existentially

unforgeable, even against a chosen-plaintext attack.

There are several reasons to sign such a hash (or message digest) instead of the whole

document.

For efficiency: The signature will be much shorter and thus save time since hashing is

generally much faster than signing in practice.

For compatibility: Messages are typically bit strings, but some signature schemes operate

on other domains (such as, in the case of RSA, numbers modulo a composite number N). A

hash function can be used to convert an arbitrary input into the proper format.

For integrity: Without the hash function, the text "to be signed" may have to be split

(separated) in blocks small enough for the signature scheme to act on them directly. However,

the receiver of the signed blocks is not able to recognize if all the blocks are present and in

the appropriate order.

Applications of digital signatures –

As organizations move away from paper documents with ink signatures or authenticity stamps,

digital signatures can provide added assurances of the evidence to provenance, identity, and

status of an electronic document as well as acknowledging informed consent and approval by a

signatory. The United States Government Printing Office (GPO) publishes electronic versions of

the budget, public and private laws, and congressional bills with digital signatures. Universities

including Penn State, University of Chicago, and Stanford are publishing electronic student

transcripts with digital signatures.

Below are some common reasons for applying a digital signature to communications:

PREPARED BY ARUN PRATAP SINGH 76

76

Authentication-

Although messages may often include information about the entity sending a message, that

information may not be accurate. Digital signatures can be used to authenticate the source of

messages. When ownership of a digital signature secret key is bound to a specific user, a valid

signature shows that the message was sent by that user. The importance of high confidence in

sender authenticity is especially obvious in a financial context. For example, suppose a bank's

branch office sends instructions to the central office requesting a change in the balance of an

account. If the central office is not convinced that such a message is truly sent from an authorized

source, acting on such a request could be a grave mistake.

Integrity-

In many scenarios, the sender and receiver of a message may have a need for confidence that

the message has not been altered during transmission. Although encryption hides the contents

of a message, it may be possible to change an encrypted message without understanding it.

(Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.)

However, if a message is digitally signed, any change in the message after signature invalidates

the signature. Furthermore, there is no efficient way to modify a message and its signature to

produce a new message with a valid signature, because this is still considered to be

computationally infeasible by most cryptographic hash functions (see collision resistance).

Non-repudiation-

Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital

signatures. By this property, an entity that has signed some information cannot at a later time

deny having signed it. Similarly, access to the public key only does not enable a fraudulent party

to fake a valid signature.

Note that these authentication, non-repudiation etc. properties rely on the secret key not having

been revoked prior to its usage. Public revocation of a key-pair is a required ability, else leaked

secret keys would continue to implicate the claimed owner of the key-pair. Checking revocation

status requires an "online" check, e.g. checking a "Certificate Revocation List" or via the "Online

Certificate Status Protocol". Very roughly this is analogous to a vendor who receives credit-cards

first checking online with the credit-card issuer to find if a given card has been reported lost or

stolen. Of course, with stolen key pairs, the theft is often discovered only after the secret key's

use, e.g., to sign a bogus certificate for espionage purposes.

FIREWALLS :

A firewall is a system designed to prevent unauthorized access to or from a private network.

Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls

PREPARED BY ARUN PRATAP SINGH 77

77

are frequently used to prevent unauthorized Internet users from accessing private networks

connected to the Internet, especially intranets. All messages entering or leaving the intranet pass

through the firewall, which examines each message and blocks those that do not meet the

specified security criteria.

Firewalls can be either hardware or software but the ideal firewall configuration will consist of

both. In addition to limiting access to your computer and network, a firewall is also useful for

allowing remote access to a private network through secure authentication certificates and logins.

Hardware firewalls can be purchased as a stand-alone product but are also typically found in

broadband routers, and should be considered an important part of your system and network set-

up. Most hardware firewalls will have a minimum of four network ports to connect other computers,

but for larger networks, business networking firewall solutions are available.

Software firewalls are installed on your computer (like any software) and you can customize it;

allowing you some control over its function and protection features. A software firewall will protect

your computer from outside attempts to control or gain access your computer.

An illustration of where a firewall would be located in a network.

PREPARED BY ARUN PRATAP SINGH 78

78

Classification of Firewall :

Characterized by protocol level it controls in

Packet filtering

Circuit gateways

Application gateways

Combination of above is dynamic packet filter

Firewalls – Packet Filters –

Firewalls - Application Level Gateway (or Proxy) –

Firewalls - Circuit Level Gateway-

PREPARED BY ARUN PRATAP SINGH 79

79

Why use a firewall?

Protect a wide range of machines from general probes and many attacks.

Provides some protection for machines lacking in security.

First generation: packet filters

The first paper published on firewall technology was in 1988, when engineers from Digital

Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This

fairly basic system was the first generation of what is now a highly involved and technical internet

security feature. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin were continuing their

research in packet filtering and developed a working model for their own company based on their

original first generation architecture.

Packet filters act by inspecting the "packets" which are transferred between computers on the

Internet. If a packet matches the packet filter's set of filtering rules, the packet filter will drop

(silently discard) the packet or reject it (discard it, and send "error responses" to the source).

This type of packet filtering pays no attention to whether a packet is part of an existing stream of

traffic (i.e. it stores no information on connection "state"). Instead, it filters each packet based only

on information contained in the packet itself (most commonly using a combination of the packet's

source and destination address, its protocol, and, for TCP andUDP traffic, the port number).

TCP and UDP protocols constitute most communication over the Internet, and because TCP and

UDP traffic by convention uses well known ports for particular types of traffic, a "stateless" packet

filter can distinguish between, and thus control, those types of traffic (such as web browsing,

remote printing, email transmission, file transfer), unless the machines on each side of the packet

filter are both using the same non-standard ports.

PREPARED BY ARUN PRATAP SINGH 80

80

Packet filtering firewalls work mainly on the first three layers of the OSI reference model, which

means most of the work is done between the network and physical layers, with a little bit of

peeking into the transport layer to figure out source and destination port numbers.When a packet

originates from the sender and filters through a firewall, the device checks for matches to any of

the packet filtering rules that are configured in the firewall and drops or rejects the packet

accordingly. When the packet passes through the firewall, it filters the packet on a protocol/port

number basis (GSS). For example, if a rule in the firewall exists to block telnet access, then the

firewall will block the TCP protocol for port number 23.

Second generation: "stateful" filters

From 1989-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Janardan

Sharma, and Kshitij Nigam, developed the second generation of firewalls, calling themCircuit-

level gateways.

Second-generation firewalls perform the work of their first-generation predecessors but operate

up to layer 4 (transport layer) of the OSI model. This is achieved by retaining packets until enough

information is available to make a judgement about its state. Known as stateful packet inspection,

it records all connections passing through it and determines whether a packet is the start of a new

connection, a part of an existing connection, or not part of any connection. Though static rules

are still used, these rules can now contain connection state as one of their test criteria.

Certain denial-of-service attacks bombard the firewall with thousands of fake connection packets

in an attempt to overwhelm it by filling its connection state memory.

Third generation: application layer

Marcus Ranum, Wei Xu, and Peter Churchyard developed an Application Firewall known as

Firewall Toolkit (FWTK). In June 1994, Wei Xu extended the FWTK with the Kernel enhancement

of IP filter and socket transparent. This was known as the first transparent Application firewall,

released as a commercial product of Gauntlet firewall at TIS. Gauntlet firewall was rated one of

the number 1 firewalls during 1995-1998.

The key benefit of application layer filtering is that it can "understand" certain applications and

protocols (such as File Transfer Protocol (FTP), Domain Name System (DNS), orHypertext

Transfer Protocol (HTTP)). This is useful as it is able to detect if an unwanted protocol is

attempting to bypass the firewall on an allowed port, or detect if a protocol is being abused in any

harmful way. As of 2012, the so-called next-generation firewall (NGFW) is nothing more than the

"widen" or "deepen" inspection at application-stack. For example, the existing deep packet

inspection functionality of modern firewalls can be extended to include i) Intrusion prevention

PREPARED BY ARUN PRATAP SINGH 81

81

systems (IPS); ii) User identity integration (by binding user IDs to IP or MAC addresses for

"reputation"); and/or iii) Web Application Firewall (WAF). WAF attacks may be implemented in the

tool “WAF Fingerprinting utilizing timing side channels” (WAFFle).

Firewall Layer of Operation :

• Network Layer

• Application Layer

Network Layer :

• Makes decision based on the source, destination addresses, and ports in individual IP

packets.

• Based on routers

• Has the ability to perform static and dynamic packet filtering and stateful inspection.

Static & Dynamic Filtering-

• Static Packet Filtering looks at minimal information in the packets to allow or block traffic

between specific service ports

– Offers little protection.

• Dynamic Packet Filtering maintains a connection table in order to monitor requests and

replies.

Stateful Inspection –

• Compares certain key parts of the packet to a database of trusted information. Incoming

information is compared to outgoing information characteristics. Information is allowed

through only If comparison yields a reasonable match.

Application Layer :

• They are generally, hosts running proxy servers which perform logging and auditing of

traffic through the network.

• Logging and access control are done through software components.

Proxy Services –

• Application that mediates traffic between a protected network and the internet.

• Able to understand the application protocol being utilized and implement protocol specific

security.

• Application protocols include: FTP, HTTP, Telnet etc.