What is Network Security?

Network Security consists of the provisions and policies adapted by network

Administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer
network and network-accessible resources.
What is Cryptography? Cryptography is the study of secure communications techniques that allow only
the sender and intended recipient of a message to view its contents.
Network Security - Terminology
• Plaintext - the original message
• Cipher text - the coded message
• Cipher - algorithm for transforming plaintext to cipher text
• Key - info used in cipher known only to sender/receiver
• Encipher (Encrypt) - converting plaintext to cipher text
• Decipher (Decrypt) - recovering cipher text from plaintext
• Cryptography - study of encryption principles/methods
Security Goals:
 Keep data and communication secret
 Privacy of personal records
 Protect reliability of data against tampering
Security Mechanism:
• Encipherment: The use of mathematical algorithms to transform data into a form that is not readily
understandable
• Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of data
units.
• Digital Signature: A digital signature is an Asymmetric Key or public key cryptographic output used
to verify the authenticity of data. A digital signature algorithm allows two distinct operations: (i) a signing
operation, which uses a signing key to produce a signature over raw data and (ii) a verification operation,
where the signature can be validated by a party who has no knowledge of the signing key. The main
purpose of a digital signature is the verification of the integrity of the signed data.
• Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of
information exchange.
Types of Cryptography:
(i) Symmetric Key Cryptography
(ii) Asymmetric Key Cryptography
Symmetric Key Cryptography: It is a type of encryption
scheme in which the similar key is used both to encrypt and
decrypt messages. Symmetric key cryptography is called
private key cryptography.
In private key cryptography both parties share the
same key (which is kept secret). Before communications
begin, both parties must exchange the shared secret key.
Each pair of communicating entities requires a unique
shared key. So if there are n entries, then it requires n(n-1)/2
private keys. The key is not shared with other
communication partners. A private key is a large, randomly-generated number with hundreds of digits.
For simplicity, they are usually represented as strings of alphanumeric characters.

Asymmetric Key Cryptography: Asymmetric key

cryptography is called public key cryptography. In
public key cryptography, different keys are used for
encryption and decryption. Each party possesses two
keys – (i) a unique decryption key, generally referred to
as his private key and (ii) an encryption key, referred to
as his public key. The public key of a party is known by
all other parties. But the private key is non-sharable.
Whenever the sender wants to send some
encrypted message it will be encrypted with the receiver’s public key. And when the intended receiver
will receive the message, then only with his private key, he can decrypt the message. So that in the path
no other party can decrypt it, and data will be secured. Here for n parties only 2n keys are required.

RSA Algorithm in Cryptography: The system was invented by three scholars Ron Rivest, Adi Shamir,
and Len Adleman and hence, it is termed as RSA cryptosystem. RSA algorithm is an asymmetric
cryptography algorithm. Asymmetric actually means that it works on two different keys i.e. Public Key
and Private Key. As the name describes that the Public Key is given to everyone and the Private Key is
kept private.
The idea of RSA is based on the fact that it is difficult to factorize a large integer. The public key
consists of two numbers where one number is a multiplication of two large prime numbers. And private
key is also derived from the same two prime numbers. So if somebody can factorize the large number, the
private key is compromised. Therefore encryption strength totally lies on the key size and if we double or
triple the key size, the strength of encryption increases exponentially.
Algorithm: Each person or a party who desires to participate in communication using encryption needs
to generate a pair of keys, namely public key and private key.
Generate the RSA modulus (n)
STEP 1: Select two large prime numbers p and q and they should not be equal
STEP 2: Generate the RSA modulus (n) by multiplying p and q. For strong unbreakable encryption,
let n be a large number, typically a minimum of 512 bits.
n = p*q
Find Derived Number (e)
STEP 3: ɸ(n) = (p-1) * (q-1)
STEP 4: Derived Number (e) will be selected such that e is relatively prime to ɸ(n)
i.e. gcd (e, ɸ(n)) =1 and 1<e<ɸ(n)
Form the public key and private key
STEP 5: calculate ed = 1 mod ɸ(n)
STEP 6: public key = {e,n}, private key ={d,n}
RSA Encryption
Suppose the sender wish to send some text message to someone whose public key is (n, e).
The sender then represents the plaintext as a series of numbers less than n.
To encrypt the first plaintext P, which is a number modulo n. The encryption process is simple
mathematical step as:
STEP 7: Find the cipher text using the formula
C = Pe mod n, where P<n
Where, C = Cipher text, P = plain text, e = Encryption key or public key, n=block size
In other words, the cipher text C is equal to the plaintext P multiplied by itself e times and then
reduced modulo n. This means that C is also a number less than n.
RSA Decryption
STEP 8: Find the plain text from the cipher text using the formula
P = Cd mod n, where d = Decryption key or private key.
Numerical example: In a RSA cryptosystem A uses two prime numbers p=13 and q=17 to generate his
public and private keys. If the public key of A is 35 then determine what will be the private key of A.
Solution: RSA Modulus:
n = p*q = 13 * 17 = 221
Now ɸ(n)=(p-1) *(q-1) = 12*16= 192
Value of public key (e) of A is given as = 35
So, according to RSA algorithm,
ed = 1 mod ɸ(n)
so, d = [(ɸ(n)*i)+1]/e
= (192+1)/35 = 5.5 (for i =1)
we have to increment the value of i until we get the integer value of d.
so for i=2,
d = [(192*2)+1]/35 =11

So, the private key of A will be 11.

Symmetric Key Cryptography Asymmetric Key Cryptography

It only requires a single key for both encryption and It requires two keys, a public key and a private key, one
decryption. to encrypt and the other one to decrypt.

The size of cipher text is the same or smaller than The size of cipher text is the same or larger than the
the original plain text. original plain text.

It is used when a large amount of data is required to It is used to transfer small amounts of data.
transfer.

In symmetric key encryption, resource utilization is In asymmetric key encryption, resource utilization is
low as compared to asymmetric key encryption. high.

Security is less as only one key is used for both It is more secure as two keys are used here- one for
encryption and decryption purposes. encryption and the other for decryption.

Symmetric key cryptography is also known as Asymmetric key cryptography is also known as public-
secret-key cryptography or private key key cryptography or a conventional cryptographic
cryptography. system.

Symmetric encryption is fast technique Asymmetric encryption is slower in terms of speed.