Some important parameters that network security needs to take care of:-
1. Confidentiality: Ram would like to ensure that no one else except Sita receives the envelope and even if some one receives it, he/she does not come to know about the details inside the envelope.
2. Integrity: Ram and Sita would further like to make sure that no one tampered with the contents.
3. Authentication: Sita would like to be assured that the message came from Ram and not from some else pretending to be Ram.
4. Non-Repudiation: Ram sends a BANK-CHECK to Sita. Sita withdraws the money. Ram now denies that he has not given any CHECKS to Sita. Now Sita should have signature of Ram to proof in court of her correctness.
Apart from these 4 basic requirements of Network Security other features are added up like ACCESS CONTROL, AVAILABILITY etc.
Few important points to remember:-
1. "INTERCEPTION" causes loss of message confidentiality.
2. "FABRICATION" can occur in the absence of proper authentication mechanism.
3. "MODIFICATION" causes loss of integrity.
4. "INTERRUPTION" directly hampers the availability constraint.
Now there are 2 types of attacks possible:-
1. Active attack: Here modification to the contents of the original message occurs. Eg. DOS (Denial of service), Masquerade attack, Replay attack, IP spoofing etc.
2. Passive attack: Here no modification to the contents of the original message occurs. Eg. Packet Sniffing etc.
Packet sniffing means keeping a copy of the sent message over the channel.
Now we will move on to cryptography.
1. Symmetric Key Cryptography (Private key cryptography):
Uses same key for both Encryption and Decryption.
If 'A' wants to send a message to 'B' and another message to 'C' then 'A' must use 2 different keys, i.e. one for 'B' and another for 'C'.
Eg. DES (Data Encryption Standard)
2. Asymmetric Key Cryptography (Public key cryptography):
Uses one key for encryption and another key for decryption.
Imp Note:
Here public key is used to encrypt plain-text and private key is used to decrypt cipher-text.
But in case of digital signatures private key is used to sign the document and public key is used to verify the signature. (We would be shortly discussing about digital signatures).
Eg. RSA algorithm
Note: Symmetric key cryptography is faster than Asymmetric key cryptography.
DIGITAL SIGNATURES:
If 'A' is the sender of a message and 'B' is the receiver, then 'A' signs the message with it's own private key and 'B' verifies it using A's public key.
NOTE:
It does not guarantee Confidentiality.
It provides message integrity and authentication.
1. Confidentiality: Ram would like to ensure that no one else except Sita receives the envelope and even if some one receives it, he/she does not come to know about the details inside the envelope.
2. Integrity: Ram and Sita would further like to make sure that no one tampered with the contents.
3. Authentication: Sita would like to be assured that the message came from Ram and not from some else pretending to be Ram.
4. Non-Repudiation: Ram sends a BANK-CHECK to Sita. Sita withdraws the money. Ram now denies that he has not given any CHECKS to Sita. Now Sita should have signature of Ram to proof in court of her correctness.
Apart from these 4 basic requirements of Network Security other features are added up like ACCESS CONTROL, AVAILABILITY etc.
Few important points to remember:-
1. "INTERCEPTION" causes loss of message confidentiality.
2. "FABRICATION" can occur in the absence of proper authentication mechanism.
3. "MODIFICATION" causes loss of integrity.
4. "INTERRUPTION" directly hampers the availability constraint.
Now there are 2 types of attacks possible:-
1. Active attack: Here modification to the contents of the original message occurs. Eg. DOS (Denial of service), Masquerade attack, Replay attack, IP spoofing etc.
2. Passive attack: Here no modification to the contents of the original message occurs. Eg. Packet Sniffing etc.
Packet sniffing means keeping a copy of the sent message over the channel.
Now we will move on to cryptography.
1. Symmetric Key Cryptography (Private key cryptography):
Uses same key for both Encryption and Decryption.
If 'A' wants to send a message to 'B' and another message to 'C' then 'A' must use 2 different keys, i.e. one for 'B' and another for 'C'.
Eg. DES (Data Encryption Standard)
2. Asymmetric Key Cryptography (Public key cryptography):
Uses one key for encryption and another key for decryption.
Imp Note:
Here public key is used to encrypt plain-text and private key is used to decrypt cipher-text.
But in case of digital signatures private key is used to sign the document and public key is used to verify the signature. (We would be shortly discussing about digital signatures).
Eg. RSA algorithm
Note: Symmetric key cryptography is faster than Asymmetric key cryptography.
DIGITAL SIGNATURES:
If 'A' is the sender of a message and 'B' is the receiver, then 'A' signs the message with it's own private key and 'B' verifies it using A's public key.
NOTE:
It does not guarantee Confidentiality.
It provides message integrity and authentication.
No comments:
Post a Comment