0% found this document useful (0 votes)
81 views31 pages

Cryptography: Instructor: DR - Maaz Bin Ahmad

This document discusses cryptography and network security. It provides definitions for cryptography, cryptanalysis, computer security, network security, and information security. It outlines the goals of ensuring confidentiality, integrity, and availability of data. It describes common security attacks like interruption, interception, modification, and fabrication. It also discusses security services like authentication, access control, data confidentiality, data integrity, and non-repudiation. Finally, it presents models for providing network security using mechanisms like encryption, digital signatures, and access controls to detect and prevent security attacks.

Uploaded by

Ahmed Mujtaba
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
81 views31 pages

Cryptography: Instructor: DR - Maaz Bin Ahmad

This document discusses cryptography and network security. It provides definitions for cryptography, cryptanalysis, computer security, network security, and information security. It outlines the goals of ensuring confidentiality, integrity, and availability of data. It describes common security attacks like interruption, interception, modification, and fabrication. It also discusses security services like authentication, access control, data confidentiality, data integrity, and non-repudiation. Finally, it presents models for providing network security using mechanisms like encryption, digital signatures, and access controls to detect and prevent security attacks.

Uploaded by

Ahmed Mujtaba
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 31

Cryptography

Instructor:
Dr.Maaz bin ahmad.
[email protected]

1
Recall: Tasks involved in sending
Message

2
Recall: OSI Layers

3
Need for Cryptography
• To securely transfer the message from
Sender to Receiver
• To hide the actual message from Interceptor
• To offer strongest methods to resist against
Crypt Analysis attacks

4
Basic Terms to Remember

• Cryptography: The science of secret writing


with a goal of hiding the meaning of message
• Cryptanalysis: The science/Art of breaking
cryptosystems. 5
Definitions
• Computer Security - generic name for the
collection of tools designed to protect data
and to stop attackers
• Network Security - measures to protect
data during their transmission
• Information Security – Computer sec +
Network sec

6
Aim of Course
• our focus is on Internet Security

• consists of measures to prevent, detect, and


correct security violations that involve the
transmission of information.

7
Outline

8
Computer Security Concepts

11
According to NIST……

• Confidentiality: Preserving authorized


restrictions on information access and disclosure.
• Integrity: Guarding against improper
information modification or destruction.
• Availability: Ensuring timely and reliable access
to and use of information.
12
CIA Triad
• Confidentiality:
– Data Confidentiality: Assures that private on
confidential information is not made available or
disclosed to unauthorized individuals
– Privacy: Assures that individual controls what
information related to them.
• Integrity
– Data Integrity: Assures that information and programs
are changed in specified manner.
– System Integrity: Assures that system performs its
intended function.
• Availability: Assures that system works promptly and
13
service is not denied.
OSI Security Architecture

14
Attacks, Services and
Mechanisms
• Security Attack: Any action that
compromises the security of information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances
the security of data processing systems and
information transfers. A security service
makes use of one or more security mechanisms.

15
Security Attacks

17
Security Attack
• any action that compromises the security of
information owned by an organization
• information security is about how to prevent
attacks, or failing that, to detect attacks on
information-based systems
• have a wide range of attacks
• can focus of generic types of attacks
• note: often threat & attack mean same
18
Security Attacks

19
Security Attacks
• Interruption: This is an attack on
availability
• Interception: This is an attack on
confidentiality
• Modification: This is an attack on
integrity
• Fabrication: This is an attack on
authenticity
20
Classify Security Attacks as
• passive attacks - eavesdropping on, or
monitoring of, transmissions to:
– obtain message contents, or
– monitor traffic flows
• active attacks – modification of data
stream to:
– masquerade of one entity as some other
– replay previous messages
– modify messages in transit
– denial of service
21
22
Security Services

23
Security Service
– is something that enhances the security of the
data processing systems and the information
transfers of an organization.

– intended to counter security attacks.

– make use of one or more security mechanisms


to provide the service.

24
Security Services
• Authentication - assurance that the
communicating entity is the one claimed
• Access Control - prevention of the
unauthorized use of a resource
• Data Confidentiality –protection of data from
unauthorized disclosure
• Data Integrity - assurance that data received is
as sent by an authorized entity
• Non-Repudiation - protection against denial by
one of the parties in a communication 25
Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
– Denial of Service Attacks
– Virus that deletes files
26
Security Mechanism

27
Security Mechanism
• a mechanism that is designed to detect,
prevent, or recover from a security attack
• no single mechanism that will support all
functions required
• however one particular element underlies
many of the security mechanisms in use:
cryptographic techniques
• hence our focus on this area
28
Security Mechanism
• specific security mechanisms:

– encipherment, digital signatures, access


controls, authentication exchange, traffic
padding, routing control etc..

29
Model for Network Security

30
31
Model for Network Security
• using this model requires us to:
– design a suitable algorithm for the security
transformation
– generate the secret information (keys) used by
the algorithm
– develop methods to distribute and share the
secret information
– specify a protocol enabling the principals to use
the transformation and secret information for a
security service
32
33
Model for Network Access Security

• using this model requires us to:


– select appropriate gatekeeper functions to
identify users

– implement security controls to ensure only


authorised users access designated information
or resources

34

You might also like