CRYPTOGRAPHY AND NETWORK

SECURITY
Unit-1

Security services:
 Access control—prevent unauthorized access to resources.
 Authentication-verification of user identity.(after verification actual
communication should happen.)
 Confidentiality- providing security to the data sent through network.
 Data integrity-no modification should be done during the transmission.
 Non-repudiation-preventing from denial and service attacks.
Note: difference between authorization and authentication is as
follows-
authorization-what the user wants to do?
Eg: an atm card user is an authorized person to get the
services of the atm card.
Authentication-who is doing the actual work?
Eg: the person who knows the PIN of atm card can use the
particular atm card.
Computer network security consists of measures taken by a business or some organizations to
monitor and prevent unauthorised access from the outside attackers.

Different approaches to computer network security management have different requirements

depending on the size of the computer network.

For example, a home office requires basic network security, while large businesses require
high maintenance to prevent the network from malicious attacks.

Network Security Services

There are various services of network security which are as follows –

Access control:
 Access control is an essential part of any organization.
 Access control means preventing everyone from viewing or modifying some data.
 The principle of access control is determined by role management and rule
management.
 Role management determines who should access the data while rule management
determines up to what extent one can access the data.
 The information displayed is dependent on the person who is accessing it.
 It supports the avoidance of unauthorized use of a resource.

Authentication:
 Authentication means verifying the identity of a user.
 Authentication is almost present everywhere.
 It makes sure that a user is who they claim to be.
 To provide strong authentication, various cryptography concepts are used. Some
ideas include using one-time passwords, password strength detectors,
authenticators, and more.
 The authentication is mostly secured by using username and password.
 The authorized person whose identity is preregistered can prove his/her identity
and can access the sensitive information.

 In message authentication, the receiver needs to be sure of the sender's

identity.

Confidentiality:
 The degree of confidentiality determines the secrecy of the information.
 The principle specifies that only the sender and receiver will be able to access the
information shared between them.
 Confidentiality compromises if an unauthorized person is able to access a message.
 For example, let us consider sender A wants to share some confidential information
with receiver B and the information gets intercepted by the attacker C. Now the
confidential information is in the hands of an intruder C.
 It protects the transmitted data from passive attack.
  Confidentiality can be used at several levels on the basis of content of an information
to be transmitted. There are the following types of confidentiality which are as
follows −

 Connection Confidentiality − The protection of all user information on a connection.

 Connectionless Confidentiality − The security of all user data in an individual data
block.
 Traffic-flow Confidentiality − The protection of the information that can be derived
from observation of traffic flows.

Data integrity:
 Integrity means protecting data against unauthorized modification.
 If a person sends a file through a secure communication line, some third party cannot
tap into that line and change the file's content.
 If changes are made, mechanisms are incorporated to detect corruption in data.
 Integrity gives the assurance that the information received is exact and accurate.
 If the content of the message is changed after the sender sends it but before reaching
the intended receiver, then it is said that the integrity of the message is lost.
 There are 2 types of integrity,they are
 1)system integrity
 2)data integrity
 Data integrity is designed to secure information from modification, insertion, deletion
and rehashing by any entity.

Non repudiation:
 Non-repudiation means protecting against the denial of sending or receiving during
communication.
 An example where non-repudiation is implemented is a digital signature. Digital
signatures are used in online transactions to ensure that after the transaction is over,
one cannot deny that they have not sent the information required for the transaction or
the authenticity of the signature.
 In some cases the sender sends the message and later denies it. But the non-
repudiation does not allow the sender to refuse the receiver.

 For example, when a customer sends a message to transfer money from one account to
another, the bank must have proof that the customer actually requested this
transaction.

Cryptanalysis,types of cryptanalytic attacks ,cryptology:

 Cryptography: It is the science and art of creating secret codes.

 Cryptanalysis: It is the science and art breaking those codes.
The study of Cryptanalysis helps us to create better secret
codes.
 In simple words,Cryptanalysis is a technique of decoding messages from
a non readable format to the readable format without knowing the key.
 It is the science of recovering the plain text of the message without
having access to the key
 Cryptanalysis is used to break cryptographic security systems and gain
access to the contents of the encrypted messages,even if cryptographic
key is unknown.

Types of Cryptanalytic attacks:

There are mainly 4 types of cryptanalytic attacks,they are

1) Known cipher text only attack

2) Known plain text attack
3) Chosen plain text attack
4) Chosen cipher text only attack

Let us discuss about them in detail

Known cipher text only attack:

 In a ciphertext-only attack, the attacker only has access to one or more encrypted
messages but knows nothing about the plaintext data, the encryption algorithm
being used or any data about the cryptographic key being used.
 This is the type of challenge that intelligence agencies often face when they have
intercepted encrypted communications from an opponent.
 A known ciphertext-only attack is a type of cryptanalysis where the attacker has
access to one or more encrypted messages but does not have any corresponding
plaintext or information about the encryption key used.

 The goal of the attacker is to analyze the ciphertext to gain information about the
underlying plaintext or the encryption key.

 In this type of attack, only some cipher-text is known and the attacker tries to find
the corresponding encryption key and plaintext. Its the hardest to implement but is
 the most probable attack as only ciphertext is required.

Known plain text attack:

 This attack is easier to implement, compared to the ciphertext-only attack. With a
known plaintext attack, the analyst most likely has access to some or all the
ciphertext’s plaintext. The cryptanalyst's goal is to discover the key the target uses
to encrypt the message and use the key to decrypt the message. Once the key is
discovered, the attacker can decrypt every message encrypted with that specific key.
 Known plaintext attacks rely on the attacker finding or guessing all or part of an
encrypted message, or alternately, even the original plaintext's format.
 In this type of attack, some plaintext-ciphertext pairs are already known. Attacker
maps them in order to find the encryption key.
 This attack is easier to use as a lot of information is already available. In a known
plaintext attack, the analyst may have access to some or all of the plaintext of the
ciphertext;
 the analyst's goal in this case is to discover the key used to encrypt the message and
decrypt the message. Once the key is discovered, an attacker can decrypt all
messages that had been encrypted using that key.

Chosen plain text attack:

 In this type of attack, the attacker chooses random plaintexts and obtains the
corresponding ciphertexts and tries to find the encryption key.
 Its very simple to implement like Known Plaintext Attack , but the success rate is
quite low.
  In a chosen plaintext attack, the analyst either knows the encryption algorithm or
has access to the device used to do the encryption.
 The analyst can encrypt the chosen plaintext with the targeted algorithm to derive
information about the key.

Chosen cipher text only attack:

 A chosen ciphertext-only attack is a type of cryptanalysis in which the attacker has
the ability to choose a set of ciphertexts and obtain their corresponding plaintexts.
 Unlike a known ciphertext-only attack where the attacker only has access to pre-
existing ciphertexts without the corresponding plaintexts, in a chosen ciphertext-
only attack, the attacker can actively choose specific plaintexts and observe their
corresponding ciphertexts.
 Chosen ciphertext-only attacks are often more powerful than known ciphertext-only
attacks because the attacker has more control over the data used for analysis.

 Security protocols and encryption algorithms are designed to be resistant to chosen

ciphertext attacks, and a secure encryption scheme should remain secure even when
an adversary has the ability to choose ciphertexts for decryption.
Cryptology:
Cryptology has two parts namely, Cryptography which focuses on creating secret codes and
Cryptanalysis which is the study of the cryptographic algorithm and the breaking of those
secret codes. The person practicing Cryptanalysis is called a Cryptanalyst.

Cryptology is a field of study that encompasses both cryptography and cryptanalysis. These
two disciplines are closely related but have distinct goals:
  Cryptography: It is the science and art of creating secret codes.
 Cryptanalysis: It is the science and art breaking those codes.
The study of Cryptanalysis helps us to create better secret
codes.
Both cryptography and cryptanalysis are essential components of the broader field of
cryptology, which plays a crucial role in information security, data integrity, and privacy. The
field has applications in various domains, including secure communication, financial
transactions, data storage, and more.

Cryptography:
Cryptography is the science and practice of securing communication and information through
the use of codes and ciphers. The main goal of cryptography is to protect the confidentiality,
integrity, and authenticity of data. It involves designing and implementing techniques that
enable secure communication in the presence of potential adversaries or attackers.

Key aspects of cryptography include:

1. Encryption: Encryption is the process of converting plaintext (readable data) into

ciphertext (encoded data) using an algorithm and a secret key. The ciphertext can then
be transmitted or stored more securely, as only those with the correct key can
decipher and retrieve the original plaintext.
2. Decryption: Decryption is the reverse process of encryption. It involves converting
ciphertext back into plaintext using the appropriate decryption algorithm and the
secret key.
3. Key Management: The secure management of cryptographic keys is crucial in
ensuring the effectiveness of cryptographic systems. Keys are used to control the
encryption and decryption processes, and their compromise can lead to the
compromise of the entire system.
4. Authentication: Cryptography is used to verify the identity of parties involved in
communication. Digital signatures, for example, use cryptographic techniques to
provide a means of authentication and non-repudiation.
5. Integrity: Cryptographic hash functions are used to ensure the integrity of data. A
hash function generates a fixed-size string of characters (hash value) that represents
the data. Even a small change in the data should result in a significantly different hash
value.

Steganography:
 Steganography is the practice of concealing one piece of information within another in such a
way that it is difficult or impossible to detect the presence of the hidden information. Unlike
cryptography, which focuses on making the content of a message unreadable to unauthorized
users, steganography aims to hide the very existence of the message.

In steganography, the information to be hidden (the payload) is often embedded within an

innocuous-looking carrier, which could be an image, audio file, video, or any other type of
data. The resulting file, which contains both the carrier and the hidden information, is known
as the stego file. The carrier should appear normal and unchanged to casual observers, and
the hidden information should be extractable only by those who know how to uncover it.

Common methods of steganography include/types of steganography:

1. Text-based methods: Embedding information within the text of a document, often by

altering the spacing, font, or other subtle characteristics.
2. Image-based methods: Hiding information within the pixels of an image by subtly
altering the color values. This is often done in a way that is imperceptible to the
human eye.
3. Audio-based methods: Concealing information within the sound waves of an audio
file, typically by manipulating frequencies or amplitudes.
4. File-based methods: Embedding information within the structure of a file, such as
altering the least significant bits in a binary file.
5. Video Steganography − Video steganography is a method of secretly embedding
data or other files within a video file on a computer.
6. Network or Protocol Steganography − It involves concealing data by using a
network protocol like TCP, UDP, ICMP, IP, etc., as a cover object.

Steganography Examples Include

  Writing with invisible ink
 Embedding text in a picture
 Hiding an image in a video
 Backward masking a message in an audio file
 Embedding a secret message in either the green, blue, or red channels of an RRB image.

Steganography can be used both for constructive and destructive purposes. For
example, education and business institutions, intelligence agencies, the military, and
certified ethical hackers use steganography to embed confidential messages and
information in plain sight.
On the other hand, criminal hackers use steganography to corrupt data files or hide
malware in otherwise innocent documents

Difference between steganography and cryptography:

Factors Steganography Cryptography

It's a method to conceal the fact
It's a method for making information
Explanation that communication is taking
unintelligible
place
Maintain communication
Aim Enable data protection
security
Optional, but increases security
Key Necessary prerequisite
when utilized
Data
No Yes
Visibility
Once hidden information is You can recover the original message
Failure decoded, the data can be used by from the ciphertext if you can access the
anyone decryption key
Data Does not modify the data's
Modifies the overall data structure
Structure general structure
Steganography Techniques

Steganography techniques conceal messages to the best possible extent and reveal them only
at the desired destination. Below are a few concealing techniques used in Steganography:

1) LSB:
 The least significant bits of data are identified in the original file and
replaced with secret information or, in most cases, malicious code.
 The user who downloads the file will have the malware introduced in their
system allowing the attacker to access the device.
Sandboxes are capable of detecting such corrupt files. However, hackers
always find new means, such as sleep patching, to bypass detection
measures.
 In image-based steganography, the least significant bits of the pixel values in
an image are modified to encode the hidden information.
 Since the least significant bits have less impact on the overall appearance of
the image, these changes are often imperceptible to the human eye.
2) Spread Spectrum Technique:

This technique involves spreading the hidden information across the entire spectrum of a
signal (such as an audio file). The information is distributed in a way that it becomes
challenging to distinguish it from the normal signal.

3) Frequency Domain Techniques:

In image steganography, the frequency domain can be manipulated using techniques like
Discrete Cosine Transform (DCT) for JPEG images or Discrete Wavelet Transform (DWT)
for various image formats. Changes are made in the frequency domain, and the modified
image is then transformed back to the spatial domain.

4) Text Steganography:

Concealing information within the text of a document can involve various methods, such as
using invisible characters, modifying letter case, or hiding information within spaces and
punctuation.

5) Embedding in Metadata:

Information can be hidden within the metadata of files, such as the Exif data of an image.
This metadata often contains details about the file, and additional information can be
concealed within it without visibly affecting the content.

6) Whitespace Steganography:

Concealing information within the whitespace (spaces, tabs, line breaks) of a document. This
technique is often used in text-based steganography.

kinds of services are provided for data security:

Various services are provided to enhance data security, and they cover a range of aspects to protect
information from unauthorized access, alteration, or destruction. Here are some common types of
services related to data security:

 Encryption Services:

 Encryption involves transforming data into a secure form that can only be read by
someone with the appropriate decryption key. Services may include full-disk
encryption, file-level encryption, and secure communication protocols.

 Identity and Access Management (IAM):

 IAM services manage and control user access to systems and data. This includes user
authentication, authorization, and access monitoring to ensure that only authorized
individuals can access specific resources.

 Firewall and Network Security:

  Firewall services protect networks by monitoring and controlling incoming and
outgoing network traffic. They act as a barrier between a trusted internal network and
untrusted external networks, preventing unauthorized access

 Data Loss Prevention (DLP):

 DLP services aim to prevent unauthorized access, sharing, or leakage of sensitive

data. They monitor and control data transfers to ensure compliance with security
policies.

 Cloud Security Services:

 Cloud security services focus on securing data stored in cloud environments. This
includes identity management, encryption, access controls, and monitoring for cloud-
based resources.

 Training and Awareness Programs:

 Education and awareness services help train employees and users on security best
practices. This includes understanding phishing threats, password hygiene, and overall
security awareness.

 Backup and Disaster Recovery Services:

 These services involve regularly backing up data and implementing plans to recover
from data loss or system failures. This ensures data availability and business
continuity.

Plain text,cipher text,enciphering,deciphering:

Sure, let's define the terms plain text, cipher text, enciphering, and deciphering with an
example:

1. **Plain Text:**

- Plain text refers to the original, unencrypted, and human-readable form of a message or
data. It is the information as it exists before any encryption process.

2. **Cipher Text:**

- Cipher text is the result of encrypting plain text using an encryption algorithm and a key.
It is the transformed, typically unreadable, and secure form of the message or data. The
process of converting plain text into cipher text is known as encryption.

3. **Enciphering (Encryption):**
 - Enciphering, or encryption, is the process of converting plain text into cipher text using an
encryption algorithm and a key. This is done to protect the information from unauthorized
access or interception.

4. **Deciphering (Decryption):**

- Deciphering, or decryption, is the reverse process of encryption. It involves converting

cipher text back into plain text using the appropriate decryption algorithm and the correct
key. This process is performed by authorized parties to recover the original information.

**Example:**

Let's use a simple example with a Caesar cipher, a basic encryption technique where each
letter in the plain text is shifted by a fixed number of positions down the alphabet.

- **Plain Text:** "HELLO"

- **Encryption Key (Shift):** 3

Using a Caesar cipher, the encryption process (enciphering) would shift each letter in the
plain text by 3 positions:

-H+3=K

-E+3=H

-L+3=O

-L+3=O

-O+3=R

So, the cipher text would be "KHOOR."

Now, if someone intercepts the message "KHOOB" but doesn't know the key (3), they cannot
easily understand the original message. To decipher the message, the recipient would use the
key to shift each letter in the cipher text back to its original position:

-K-3=H

-H-3=E

-O-3=L

-O-3=L

-R-3=O

The deciphered message is "HELLO," which is the original plain text. This example
illustrates the basic concept of encryption (enciphering) and decryption (deciphering) using a
simple cipher. In practice, more complex encryption algorithms and keys are used for
enhanced security.

Aspects required for network security model:

Building a comprehensive network security model involves considering various aspects to
protect networks from unauthorized access, data breaches, and other security threats. Here are
key aspects required for a robust network security model:

Access Control:

 Access control means preventing everyone from viewing or modifying some data.
 The principle of access control is determined by role management and rule
management.
 Role management determines who should access the data while rule management
determines up to what extent one can access the data.
 The information displayed is dependent on the person who is accessing it.
 It supports the avoidance of unauthorized use of a resource.

Firewalls:

 Deploy firewalls to monitor and control incoming and outgoing network traffic based
on predetermined security rules. Firewalls act as a barrier between trusted internal
networks and untrusted external networks

Network Segmentation:

 Divide the network into segments to limit the potential impact of a security breach.
This can prevent lateral movement within the network and reduce the attack surface.

Virtual Private Network (VPN):

  Implement VPNs to secure communications over untrusted networks, such as the
internet. VPNs use encryption to protect data during transmission between remote
users and the corporate network.

Encryption:

 Use encryption to protect sensitive data during transmission and storage. Employ
protocols like SSL/TLS for securing web traffic, and consider end-to-end encryption
for communication between devices.

User Education and Awareness:

 Educate users about security best practices, social engineering threats, and the
importance of adhering to security policies. Users play a crucial role in maintaining a
secure network environment.

Authentication and Authorization:

 Implement strong authentication mechanisms, such as biometrics or smart cards, and

ensure proper authorization to control user access to resources. Regularly review and
update user permissions.

Backup and Disaster Recovery:

 Implement regular data backups and disaster recovery plans to ensure data availability
in the event of data loss or system failures.

Security goals:
The three fundamental goals of cybersecurity are as follows:

1. Confidentiality: Protect the confidentiality of data by keeping the sensitive data

private and accessible to only authorized users.

Now, we will discuss the tools for confidentiality.

 1. Encryption is the technique to convert the data into ciphertext using mathematical
methods and a password or key.
2. Access Control: It defines the rules and procedures to limit who can access the
system and resources. The users need to produce their credentials to access the
system. The credentials can be in any form ranging from id card to biometric
information. The non-transferable credentials are the most secure ones.
3. Authentication: It is the confirmation process of the user's credentials to provide
access to the system and resources. Authentication can be done using passwords or
fingerprints etc.
4. Authorization: It is used to determine whether the user is allowed to access a
particular level or not and based on that, the user is granted or refused access. This
process is preceded by Authentication. The authorization is checked only for
authenticated users.
5. Physical Security: It describes the methods designed to handle the physical threats to
the system like theft, vandalism, fire, etc. It keeps the system robust during hardware
failures as well.

2. Integrity: Preserve the Integrity of data by protecting it from unauthorized access and
ensuring its reliability, completeness, and correctness.

Now, we will discuss some tools to maintain the system's integrity.

1. Backups: It is a duplicate archive of the original data and is done periodically to

ensure that the data is safe even in case of loss of the actual information or if the files
are destroyed. It copies the original data and stores it for emergencies or statistical or
historical uses.
2. Checksums: It is a numerical value that is mapped to the contents of the files. This
numerical value is then compared, before and after the transmission, to ensure that the
data stays the same on both sides. It is designed so that even a tiny change in the file's
contents will change its numerical value and determine any data changes.
3. Data Correcting Codes: It is a method to handle the errors during a failed or
corrupted data transfer. It automatically corrects any changes that happen in the data
during transmission.
 3. Availability: Promote data availability for authorized users as and when required.

The tools required to maintain availability are given below:

1. Physical protection refers to safeguarding information to avoid theft or fire, etc. It

ensures that the data is housed in a safe place.
2. Computational redundancies: It makes the system tolerant to unwanted
modifications or accidental faults. It protects the storage devices that contain data by
making a fallback system in case of failures.

These goals form the CIA (Confidentiality, Integrity, and Availability) triad. The CIA
triad covers all the significant steps to maintain security goals. Now, we will discuss the CIA
triad in detail one by one.

Security mechanisms:
Network Security is field in computer technology that deals with ensuring security of computer
network infrastructure. As the network is very necessary for sharing of information whether it is
at hardware level such as printer, scanner, or at software level. Therefore security mechanism
can also be termed as is set of processes that deal with recovery from security attack. Various
mechanisms are designed to recover from these specific attacks at various protocol layers.

Types of Security Mechanism are :

1. Encipherment :
This security mechanism deals with hiding and covering of data which helps data to
become confidential. It is achieved by applying mathematical calculations or
algorithms which reconstruct information into not readable form. It is achieved by
 two famous techniques named Cryptography and Encipherment. Level of data
encryption is dependent on the algorithm used for encipherment.

2) Access Control –
Access control is an information security process that enables organizations to
manage who is authorized to access corporate data and resources.
Secure access control need policies that check users are who they claim to be and
support proper control access levels are allowed to users. There are several structure
are available that accomplish access rights to resources.
3) Notarization :
This security mechanism involves use of trusted third party in communication. It acts
as mediator between sender and receiver so that if any chance of conflict is reduced.
This mediator keeps record of requests made by sender to receiver for later denied.
4) Data Integrity :
This security mechanism is used by appending value to data to which is created by
data itself. It is similar to sending packet of information known to both sending and
receiving parties and checked before and after data is received. When this packet or
data which is appended is checked and is the same while sending and receiving data
integrity is maintained.

5) Authentication exchange :
This security mechanism deals with identity to be known in communication. This is achieved
at the TCP/IP layer where two-way handshaking mechanism is used to ensure data is sent or
not
6)Bit stuffing :
This security mechanism is used to add some extra bits into data which is being transmitted.
It helps data to be checked at the receiving end and is achieved by Even parity or Odd Parity.

7) Digital Signature :
This security mechanism is achieved by adding digital data that is not visible
to eyes. It is form of electronic signature which is added by sender which is
checked by receiver electronically. This mechanism is used to preserve data
which is not more confidential but sender’s identity is to be notified

cryptographic attacks:

A cryptographic attack allows the attacker to bypass the security of a cryptographic system
by assessing the weakness in its cipher, cryptographic protocol, and key management
scheme, a process also referred to as cryptanalysis.

There are many different attacks that the attacker uses to bypass the security of a system.
Some of these attacks are as follows:

 Known plain-text attack: In this case, the attacker knows the plain text and cipher text, and
they try to calculate the key by reverse engineering the cipher.
 Cipher-only attack: The attacker knows the cipher of different messages encrypted using the
key. They try to calculate the key using the ciphers provided.
  Chosen plain-text attack: This attack is similar to the known plain-text attack, but now the
attacker chooses a plain text of their own choice and then generates the cipher against them
using the key. Now the attacker tries to calculate the key using the chosen plain text and the
corresponding cipher.
 Chosen cipher-text attack: The attacker chooses a cipher text and decrypted text portion of
the cipher. The attacker then uses this to figure out the key.
 Replay attack: In this attack, the attacker captures some of the authentication information
and resubmits it to the server to gain access to the information meant for the original owner
only.
 Brute force: It is the method of trying all the possible combinations to figure out the key. It
may be relatively easier if the size of the key is smaller, but if the size of the key increases, it
becomes computationally infeasible to test all the options.

Types of cryptographic attacks

The attacks mentioned above help the attacker access the cryptographically encrypted
communication channel. After gaini

ess, the attacker can choose to eavesdrop on the communication channel or eavesdrop and
tamper with the messages. The cryptographic attacks can be classified into two categories
based on their use case:

 Active attacks
 Passive attacks

Active attacks

Active attacks occur when the attacker gets access to the communication channel between
the two entities. The attacker acts as the man in the middle and can eavesdrop and tamper
with the messages being sent on the channel between the entities. These attacks are relatively
easy to detect but still are considered to be the more dangerous of the two, as the attacker can
manipulate the data being shared and gain access or privileges.

Use cases of active attacks

 Masquerade: This attack occurs when the attacker pretends to be the sender, trying to
convince the receiver that it is the sender. This is possible if the authorization procedure is
not secure, as the attacker can pretend to be another entity using stolen passwords.
Modification of messages: Messages being shared between the two entities via a
communication channel can be tampered with if the attacker gets access to the key used to
encrypt/decrypt the messages.

Denial-of-Service: The attacker in the middle of both the entities can either completely stop
the messages from one entity from reaching another or overload an entity by relaying a
message multiple times to overload the receiving entity. Both these cases result in a denial of
service.

Passive attack

Passive attacks occur when the user gets access to the communication channel between the
two entities and can eavesdrop on the ongoing communication between the two entities.
However, the attacker can't tamper with the messages in this case as was possible in the
active attack. Passive attacks are harder to detect and cause little less damage than active
attacks, but the confidentiality of the messages is lost
Use cases of passive attacks

 Traffic analysis: The attacker analyzes the traffic data, the origin, and the destination IP
address of the message. They also monitor and analyze the human and machine identities
on both ends.
 Release of message contents: The attacker listens to the information being shared on the
compromised communication channel and releases the message's contents.

What is Cryptography | why cryptography:

Symmetric key cryptography is also called as conventional encryption.
Hash function is also called as message digest.

Symmetric vs Asymmetric Cryptography/conventional encryption vs

public key encryption:
 It provides confidentiality, authenticity, and
It only provides confidentiality.
non-repudiation

The length of key used is 2048

The length of key used is 128 or 256 bits
or higher

The Mathematical Representation is as The Mathematical Representation is as

follows- follows-
 P = D(Kd, E (Ke,P))
P = D (K, E(K, P))
where Ke –> encryption key
where K –> encryption and decryption key
Kd –> decryption key
P –> plain text
D –> Decryption
D –> Decryption
E(Ke, P) –> Encryption of plain text using
E(K, P) –> Encryption of plain text using K
encryption key Ke. P –> plain text

Security Goals:
(Refer the notes above)

Security Services:
(Refer the notes above)