• No results found

REVIEW ON CRYPTOGRAPHY IN NETWORK SECURITY

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "REVIEW ON CRYPTOGRAPHY IN NETWORK SECURITY"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

Available Online at www.ijpret.com 1198

INTERNATIONAL JOURNAL OF PURE AND

APPLIED RESEARCH IN ENGINEERING AND

TECHNOLOGY

A PATH FOR HORIZING YOUR INNOVATIVE WORK

REVIEW ON CRYPTOGRAPHY IN NETWORK SECURITY

SHRUTI A. JARI1, PROF. NIKHIL S. BAND2, DR. HEMANT R. DESHMUKH3 1.Student of Master of Engineering in (CSE), IBSS college of Engineering and Technology, Amravati, India.

2.Assistant professor Department of (CSE), IBSS College of Engineering and Technology, Amravati, India. 3.Head of the Department of (CSE), IBSS College of Engineering and Technology, Amravati, India.

Accepted Date: 05/03/2015; Published Date: 01/05/2015

Abstract:This paper aims to provide a broad review of network security and cryptography, with particular regard to digital signatures. Network security and cryptography is a subject too wide ranging to coverage about how to protect information in digital form and to provide security services. However, a general overview of network security and cryptography is provided and various algorithms are discussed. A detailed review of the subject of network security and cryptography in digital signatures is then presented. The purpose of a digital signature is to provide a means for an entity to bind its identity to a piece of information. The common attack on digital signature was reviewed. The first method was the RSA signature scheme, which remains today one of the most practical and versatile techniques available. Fiat-Shamir signature schemes, DSA and related signature schemes are two other methods reviewed. Digital signatures have many applications in information security, including authentication, data integrity, and non-repudiation was reviewed.

Keywords:Network Security, Cryptography, Digital Signatures

Corresponding Author: MS. SHRUTI A. JARI

Access Online On:

www.ijpret.com

How to Cite This Article:

Shruti A. Jari, IJPRET, 2015; Volume 3 (9): 1198-1203

(2)

Available Online at www.ijpret.com 1199

INTRODUCTION

The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications). This definition introduces three key objectives that are at the heart of computer security: Confidentiality: This term covers two related concepts: Data1 confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Integrity: This term covers two related concepts Data integrity: Assures that information and programs are changed only in a specified and authorized manner System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or Availability: Assures that systems work promptly and service is not denied to authorized users. The Challenges of Computer Security Computer and network security is both fascinating and complex. Some of the reasons follow:

1. Security is not as simple as it might first appear to the novice. The requirements seem to be straightforward; indeed, most of the major requirements for security services can be given self-explanatory, one-word labels: confidentiality, authentication, nonrepudiation, or integrity. But the mechanisms used to meet those requirements can be quite complex, and understanding them may involve rather subtle reasoning.

2. In developing a particular security mechanism or algorithm, one must always consider potential attacks on those security features. In many cases, successful attacks are designed by looking at the problem in a completely different way, therefore exploiting an unexpected weakness in the mechanism Authentication :Both the sender and receiver need to confirm the identity of other party involved in the communication - to confirm that the other party is indeed who or what they claim to be. Face-to-face human communication solves this problem easily by visual recognition. When communicating entities exchange messages over a medium where they cannot "see" the other party, authentication is not so simple.

II.SECURITY ATTACKS

Passive Attacks

(3)

Available Online at www.ijpret.com 1200 attacks are the release of message contents and traffic analysis. The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions. Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion, and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection

Active Attacks

Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service. A masquerade takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.

III. SYMMETRIC CIPHER MODEL

A symmetric encryption scheme has five ingredients

(4)

Available Online at www.ijpret.com 1201 • Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.

• Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.

• Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible.

Fig: symmetric cipher model

IV.STEGANOGRAPHY

We conclude with a discussion of a technique that (strictly speaking), is not encryption, namely, steganography. A plaintext message may be hidden in one of two ways. The methods of steganography conceal the existence of the message, whereas the methods of cryptography render the message unintelligible to outsiders by various transformations of the text.10A simple form of steganography, but one that is time-consuming to construct, is one in which an arrangement of words or letters within an apparently innocuous text spells out the real message. For example, the sequence of first letters of each word of the overall message spells out the hidden message. Various other techniques have been used historically; some examples are the following

Character marking: Selected letters of printed or typewritten text are overwritten in pencil.The marks are ordinarily not visible unless the paper is held at an angle to bright light

(5)

Available Online at www.ijpret.com 1202 Pin punctures: Small pin punctures on selected letters are ordinarily not visible unless the paper is held up in front of a light.

Typewriter correction ribbon: Used between lines typed with a black ribbon, the results of typing with the correction tape are visible only under a strong light.

V.CRYPTOGRAPHY

In the information age, cryptography has become one of the major methods for protection in all applications. Cryptography allows people to carry over the confidence found in the physical world to the electronic world. It allows people to do business electronically without worries of deceit and deception. In the distant past, cryptography was used to assure only secrecy. Wax seals, signatures, and other physical mechanisms were typically used to assure integrity of the message and authenticity of the sender.

When people started doing business online and needed to transfer funds electronically, the applications of cryptography for integrity began to surpass its use for secrecy. Hundreds of thousands of people interact electronically every day, whether it is through e-mail, e-commerce (business conducted over the Internet), ATM machines, or cellular phones. . This is the classical concept of secrecy, wherein we attempt to prevent information from reaching an enemy in a usable form. Secrecy is viewed by many as the central issue in the field of information protection. Secure communication is the most straightforward use of cryptography. Two people may communicate securely by encrypting the messages sent between them. While secure communication has existed for centuries, the key management problem has prevented it from becoming commonplace. Thanks to the development of public-key cryptography, the tools exist to create a large-scale network of people who can communicate securely with one another even if they had never communicated before.

VI. CONCLUSION

(6)

Available Online at www.ijpret.com 1203 worries about bad implementations. A further worry is that users are integral to securing communications, since they must provide appropriate keys.

VII. REFERENCES

1. Simmonds, A; Sandilands, P; van Ekert, L (2004). "An Ontology for Network Security

Attacks". Lecture Notes in Computer Science. Lecture Notes in Computer Science 3285: 317– 323. doi:10.1007/978-3-540-30176-9_41. ISBN 978-3-540-23659-7

2. A Role-Based Trusted Network Provides Pervasive Security and Compliance - interview

with Jayshree Ullal, senior VP of Cisco

3. Dave Dittrich, Network monitoring/Intrusion Detection Systems (IDS), University of

Washington.

4. Honeypots, Honeynets''". Honeypots.net. 2007-05-26. Retrieved 2011-12-09.

5. Wright, Joe; Jim Harmening (2009) "15" Computer and Information Security Handbook

Morgan Kaufmann Publications Elsevier Inc p. 257

6. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf.

7. R. Anderson, and M. Roe. A5, 1994. Available at http://jya.com/crack-a5.htm

8. Bluetooth CIG, Specification of the Bluetooth system, Version 1.1, February 22, 2001.

References

Download now ( PDF - 6 Page - 615.07 KB )

Related documents

CS549: Cryptography and Network Security

Cryptography & Network Security Firewalls.

The effect of carbohydrate and marine peptide hydrolysate co-ingestion on endurance exercise metabolism and performance

Although the addition of hydrolyzed marine peptides appeared to influence metabolism during endurance exercise in the current study, it did not provide an ergogenic benefit as

PGM Catalyst Handbook USA

A102023-5 Carbon Powder 5 Hydrogenation of alkynes, alkenes, aromatic rings, nitro and nitroso compounds, imines, nitriles, aromatic carbonyls, reductive alkylation,

Shifting Winds: Using Ancestry DNA to Explore Multiracial Individuals\u27 Patterns of Articulating Racial Identity

This study explored how genotype information affects identification narratives of multiracial individuals. Twenty-one multiracial individuals completed individual interviews

Case: 3:13-cv GFVT-EBA Doc #: 24 Filed: 02/04/14 Page: 1 of 21 - Page ID#:

(internal quotations omitted). For the same reason, the Court will not dismiss the unjust enrichment claim here. As in Villaspring, the Complaint in this case “has alleged

Overview of computer and communications security

The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service [Cryptography and Network Security, 4/E

Genetic Improvement of Pinus koraiensis in China: Current Situation and Future Prospects

Considerable conventional breeding work has been carried out over the last three decades, including evaluation of provenance and genetic variations, selection of elite families