Cryptography: Instructor: DR - Maaz Bin Ahmad
Cryptography: Instructor: DR - Maaz Bin Ahmad
Instructor:
Dr.Maaz bin ahmad.
[email protected]
1
Recall: Tasks involved in sending
Message
2
Recall: OSI Layers
3
Need for Cryptography
• To securely transfer the message from
Sender to Receiver
• To hide the actual message from Interceptor
• To offer strongest methods to resist against
Crypt Analysis attacks
4
Basic Terms to Remember
6
Aim of Course
• our focus is on Internet Security
7
Outline
8
Computer Security Concepts
11
According to NIST……
14
Attacks, Services and
Mechanisms
• Security Attack: Any action that
compromises the security of information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances
the security of data processing systems and
information transfers. A security service
makes use of one or more security mechanisms.
15
Security Attacks
17
Security Attack
• any action that compromises the security of
information owned by an organization
• information security is about how to prevent
attacks, or failing that, to detect attacks on
information-based systems
• have a wide range of attacks
• can focus of generic types of attacks
• note: often threat & attack mean same
18
Security Attacks
19
Security Attacks
• Interruption: This is an attack on
availability
• Interception: This is an attack on
confidentiality
• Modification: This is an attack on
integrity
• Fabrication: This is an attack on
authenticity
20
Classify Security Attacks as
• passive attacks - eavesdropping on, or
monitoring of, transmissions to:
– obtain message contents, or
– monitor traffic flows
• active attacks – modification of data
stream to:
– masquerade of one entity as some other
– replay previous messages
– modify messages in transit
– denial of service
21
22
Security Services
23
Security Service
– is something that enhances the security of the
data processing systems and the information
transfers of an organization.
24
Security Services
• Authentication - assurance that the
communicating entity is the one claimed
• Access Control - prevention of the
unauthorized use of a resource
• Data Confidentiality –protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is
as sent by an authorized entity
• Non-Repudiation - protection against denial by
one of the parties in a communication 25
Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
26
Security Mechanism
27
Security Mechanism
• a mechanism that is designed to detect,
prevent, or recover from a security attack
• no single mechanism that will support all
functions required
• however one particular element underlies
many of the security mechanisms in use:
cryptographic techniques
• hence our focus on this area
28
Security Mechanism
• specific security mechanisms:
29
Model for Network Security
30
31
Model for Network Security
• using this model requires us to:
– design a suitable algorithm for the security
transformation
– generate the secret information (keys) used by
the algorithm
– develop methods to distribute and share the
secret information
– specify a protocol enabling the principals to use
the transformation and secret information for a
security service
32
33
Model for Network Access Security
34