Department of

Information and
Communication
Technology
Unit no: 1
Unit title: Security in
Computing Environment
Subject Name:
Cryptography and
Network Security

Harshul Yagnik
 Important Data lost every year due to black holes in network.

Black hole refers to places in network where incoming and outgoing

traffic is silently discarded, without informing source that data did
Department of not reach its intended recipient.
Information and
Communication Loss of important data. e.g. Credit Card, ATM Card
Technology
Confidential information of business have been stolen by
Need of Security competitors.

Important data stolen from military .

Information Theory and Coding 2

 It is vital component in information security for securing all
Department of information passed through computers network.
Information and
Communication
Technology
It provide management policy for access controls protection for
H/W, S/W & information in networking.
Need of Security

Information Theory and Coding 3

 Confidentiality
• It specifies that only sender and intended recipient(s) should be
able to access the contents of message.
• e.g.: e-mail send by person A to person B.
Authentication
Department of • It help to establish proof of identities.
Information and • e.g. : Login using Userid and Password.
Communication Integrity
Technology • Integrity means that changes need to be done only by authorized
entities and through authorized mechanisms.
• e.g. Updating bank account information
Need of Security
Non-repudiation
• Non- repudiation does not allow the sender or receiver of a
message to refuse the claim of not sending or receiving that
message.

Information Theory and Coding 4

 Passive Attack
• A passive attack make use of information from
Department of the system but does not affect system resource.
Information and • Release of Message Contents, Traffic Analysis
Communication
Technology Active Attack
Classification of • It involve some modification of data stream or
creation of a false stream.
Security Attacks
• Replay, Modification, Denial of Service,
Masquerade

Information Theory and Coding 5

 Department of
Information and
Communication
Technology

Release of
Message
Contents

Information Theory and Coding 6

 Department of
Information and
Communication
Technology

Traffic Analysis

Information Theory and Coding 7

 It involves passive capture of data unit and its
subsequent retransmission to produce an unauthorized
effect.

Department of
Information and
Communication
Technology

Replay

Information Theory and Coding 8

 In which some portion of message is altered or that
message are delayed or reordered to produce an
unauthorized affect.

Department of
Information and
Communication
Technology

Modification

Information Theory and Coding 9

 It have a specific target (Server), in which prevents or
inhabits the normal use or management of
communication facilities.

Department of
Information and
Communication
Technology

Denial of
Service

Information Theory and Coding 10

 A masquerade is a type of attack where the attacker act
as an authorized user system in order to gain access to it
or to gain greater privileges than they are authorized for.

Department of
Information and
Communication
Technology

Masquerade

Information Theory and Coding 11

 Computer Security
• generic name for the collection of tools designed
Department of to protect data and to thwart hackers
Information and Network Security
Communication
Technology • measures to protect data during their transmission

Internet Security
Security
• measures to protect data during their transmission
over a collection of interconnected networks

Information Theory and Coding 12

 Security attack
• Any action that compromises the security of information
owned by an organization.

Department of Security mechanism

Information and • A mechanism that is designed to detect, prevent or
Communication recover from a security attack.
Technology Security service
• A service that enhances the security of the data
Security processing systems and the information transfers of an
organization. The services are intended to counter
security attacks and they make use of one or more
security mechanisms to provide the service.

Information Theory and Coding 13

 Cryptography
• The art or science encompassing the principles and
methods of transforming an intelligible message
into one that is unintelligible, and then
Department of retransforming that message back to its original
Information and form
Communication
Technology Plaintext
• The original intelligible message
Security
Cipher text
• The transformed message

Information Theory and Coding 14

 Cipher
• An algorithm for transforming an intelligible message into one
that is unintelligible by transposition and/or substitution methods

Department of Key
Information and • Some critical information used by the cipher, known only to the
sender& receiver
Communication
Technology Encipher
• The process of converting plaintext to cipher text using a cipher
and a key
Security Decipher
• The process of converting cipher text back into plaintext using a
cipher and a key

Information Theory and Coding 15

 Cryptanalysis
• The study of principles and methods of transforming
an unintelligible message back into an intelligible
Department of message without knowledge of the key. Also called
code breaking
Information and
Communication Cryptology
Technology
• Both cryptography and cryptanalysis

Security Code
• An algorithm for transforming an intelligible message
into an unintelligible one using a code-book

Information Theory and Coding 16