COMPUTER NETWORK SECURITY -----601

UNIT-1-----------------------------

What is Network Security?

 Every company or organization that handles a large amount
of data, has a degree of solutions against many cyber
threats.
 The most basic example of Network Security is password
protection which the user of the network chooses. In recent
times, Network Security has become the central topic of
cyber security with many organizations inviting applications
from people who have skills in this area
 The network security solutions protect various
vulnerabilities of the computer systems such as users,
location, data, devices, and applications.
 Network security is defined as the activity created to
protect the integrity of your network and data.
 Network security is the practice of protecting a computer
network from unauthorized access, misuse, or attacks. It
involves using tools, technologies, and policies to ensure
that data traveling over the network is safe and secure,
keeping sensitive information away from hackers and other
threats.

How Does Network Security Work?

 Physical Network Security: This is the most basic
level that includes protecting the data and network
through unauthorized personnel from acquiring control
over the confidentiality of the network. The same can be
achieved by using devices like biometric systems.
 Technical Network Security: It primarily focuses on
protecting the data stored in the network or data
involved in transitions through the network. This type
 serves two purposes. One is protected from unauthorized
users, and the other is protected from malicious
activities.
 Administrative Network Security: This level of
network security protects user behavior like how the
permission has been granted and how the authorization
process takes place. This also ensures the level of
sophistication the network might need for protecting it
through all the attacks. This level also suggests
necessary amendments that have to be done to the
infrastructure.

The OSI Security Architecture :-

OSI (Open Systems Interconnection) security refers to a set
of protocols, standards, and techniques used to ensure the
security of data and communications in a network
environment based on the OSI model.
The International Organisation for Standardisation (ISO)
established this model to provide a conceptual framework
for understanding how different networking protocols
interact within a layered architecture.
It focuses on three major concepts: security attacks,
security mechanisms, and security services, which are
critical in protecting data and communication processes. In
this article, we will discuss OSI Security Architecture.
The OSI model can be considered a universal language for
computer networking. It is based on the concept of divide and
conquer, it splits up the communication system into 7 abstract
layers, and the layer is stacked upon the previous layer. OSI
model has seven layers which are as follows:
 The Physical Layer
 The Data Link Layer
 The Network Layer
 The Transport Layer
 The Session Layer
 The Presentation Layer
 The Application Layer
Classification of OSI Security Architecture
The OSI (Open Systems Interconnection) Security
Architecture defines a systematic approach to providing
security at each layer. It defines security services and
security mechanisms that can be used at each of the seven
layers of the OSI model to provide security for data
transmitted over a network.\
SI Security Architecture focuses on these concepts:
 Security Attack
 Security mechanism
 Security Service

1. Security Attacks

A security attack is an attempt by a person or entity to gain

unauthorized access to disrupt or compromise the security of a
system, network, or device. These are defined as the actions that
put at risk an organization’s safety. They are further classified
into 2 sub-categories:
1)Passive Attack: Attacks in which a third-party intruder tries
to access the message/ content/ data being shared by the sender
and receiver by keeping a close watch on the transmission or
eave-dropping the transmission is called Passive Attacks.
Passive attacks are further divided into two parts based on their
behavior:
 Eavesdropping: Eavesdropping involves the attacker
intercepting and listening to communications between
two or more parties without their knowledge or consent.
Eavesdropping can be performed using a variety of
techniques, such as packet sniffing, or man-in-the-middle
attacks.
 Traffic analysis: This involves the attacker analyzing
network traffic patterns and metadata to gather
information about the system, network, or device. Here
the intruder can’t read the message but only understand
the pattern and length of encryption. Traffic analysis can
be performed using a variety of techniques, such as
network flow analysis, or protocol analysis.\

2) Active Attacks:
Active attacks refer to types of attacks that involve the attacker
actively disrupting or altering system, network or device activity.
Active attacks are typically focused on causing damage or
disruption rather than gathering information or intelligence.
Here, both the sender and receiver have no clue that their
message/ data is modified by some third-party intruder. The
message/ data transmitted doesn’t remain in its usual form and
shows deviation from its usual behavior.
Active attacks are further divided into four parts based on their
behavior:
 Masquerade: Masquerade is a type of attack in which
the attacker pretends to be an authentic sender in order
to gain unauthorized access to a system. This type of
attack can involve the attacker using stolen or forged
credentials, or manipulating authentication or
authorization controls in some other way.
 Replay: Replay is a type of active attack in which the
attacker intercepts a transmitted message through a
passive channel and then maliciously or fraudulently
replays or delays it at a later time.
 Modification of Message: Modification of Message
involves the attacker modifying the transmitted message
and making the final message received by the receiver
 look like it’s not safe or non-meaningful. This type of
attack can be used to manipulate the content of the
message or to disrupt the communication process.
 Denial of service (DoS): Denial of Service attacks
involve the attacker sending a large volume of traffic to a
system, network, or device in an attempt to overwhelm it
and make it unavailable to users.

2. Security Mechanism
he mechanism that is built to identify any breach of security or
attack on the organization, is called a security mechanism.
Security Mechanisms are also responsible for protecting a
system, network, or device against unauthorized access,
tampering, or other security threats.
 Encipherment (Encryption): Encryption involves the
use of algorithms to transform data into a form that can
only be read by someone with the appropriate decryption
key. Encryption can be used to protect data it is
transmitted over a network, or to protect data when it is
stored on a device.
 Digital signature: Digital Signature is a security
mechanism that involves the use of cryptographic
techniques to create a unique, verifiable identifier for a
digital document or message, which can be used to
ensure the authenticity and integrity of the document or
message.
 Traffic padding: Traffic Padding is a technique used to
add extra data to a network traffic stream in an attempt
to obscure the true content of the traffic and make it
more difficult to analyze.
 Routing control: Routing Control allows the selection of
specific physically secure routes for specific data
transmission and enables routing changes particularly
when a gap in security is suspected.
3. Security Services
Security services refer to the different services available for
maintaining the security and safety of an organization. They help
in preventing any potential risks to security. Security services
are divided into 5 types:
 Authentication: Authentication is the process of
verifying the identity of a user or device in order to grant
or deny access to a system or device.
  Access control: Access Control involves the use of
policies and procedures to determine who is allowed to
access specific resources within a system.
 Data Confidentiality: Data Confidentiality is
responsible for the protection of information from being
accessed or disclosed to unauthorized parties.
 Data integrity: Data Integrity is a security mechanism
that involves the use of techniques to ensure that data
has not been tampered with or altered in any way during
transmission or storage.
 Non- repudiation: Non-repudiation involves the use
of techniques to create a verifiable record of the origin
and transmission of a message which can be used to
prevent the sender from denying that they sent the
message.
Benefits of OSI Security Architecture
 Providing Security: OSI Architecture in an organization
provides the needed security and safety preventing
potential threats and risks.
 Organising Task: The OSI architecture makes it easy
for managers to build a security model for the
organization based on strong security principles.
 Meets International Standards: Security services are
defined and recognized internationally meeting
international standards.
 Interoperability: The OSI model divides network
functions into multiple levels makes it easier for
different hardware and software components to work
together.
 Scalability: The layered method makes networks
scalable. New technologies and protocols can be
seamlessly added without interrupting the overall
system.
 Flexibility: Each layer can evolve separately and
provide flexibility for technology and application
changes.

 Model for Network Security

When we send our data from the source side to the destination
side we have to use some transfer method like the internet or
any other communication channel by which we are able to send
our message.
The two parties, who are the principals in this transaction, must
cooperate for the exchange to take place. When the transfer of
data happened from one source to another source some logical
information channel is established between them by defining a
route through the internet from source to destination and by the
cooperative use of communication protocols (e.g., TCP/IP) by the
two principals. When we use the protocol for this logical
information channel the main aspect of security has come. who
may present a threat to confidentiality, authenticity, and so on.
All the techniques for providing security have two components:
1. A security-related transformation on the information to
be sent.
2. Some secret information is shared by the two principals
and, it is hoped, unknown to the opponent.

CLASSICAL ENCRYPTION TECHNIQUES-

An original message is
known as the plaintext,
while the
coded message is called
the ciphertext. The
process of converting
from plaintext to
ciphertext is known
as enciphering or
encryption; restoring the
plaintext from the
ciphertext is deciphering
or decryption.
The many schemes used
for encryption constitute
the area of study known
as cryptography. Such a
scheme is known as a
cryptographic system or
a cipher. Techniques
used for deciphering a
message
without any knowledge
of the enciphering
details fall into the area
of cryptanalysis.
Cryptanalysis is
what the layperson calls
"breaking the code." The
areas of cryptography
and cryptanalysis
together are
called cryptology.
An original message is
known as the plaintext,
while the
coded message is called
the ciphertext. The
process of converting
from plaintext to
ciphertext is known
as enciphering or
encryption; restoring the
plaintext from the
ciphertext is deciphering
or decryption.
The many schemes used
for encryption constitute
the area of study known
as cryptography. Such a
scheme is known as a
cryptographic system or
a cipher. Techniques
used for deciphering a
message
without any knowledge
of the enciphering
details fall into the area
of cryptanalysis.
Cryptanalysis is
what the layperson calls
"breaking the code." The
areas of cryptography
and cryptanalysis
together are
called cryptology.
 The process of converting from plaintext to ciphertext
is known as enciphering or encryption; restoring the
plaintext from the ciphertext is deciphering or
decryption.
 The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is
known as a cryptographic system or a cipher.
Techniques used for deciphering a message
 without any knowledge of the enciphering details fall
into the area of cryptanalysis. Cryptanalysis is
what the layperson calls "breaking the code." The areas
of cryptography and cryptanalysis together are
called cryptology.

Symmetric Cipher Model:

A symmetric encryption scheme has five ingredients (Figure):
Plaintext: This is the original intelligible message or data
that is fed into the algorithm as input. Encryption algorithm:
The encryption algorithm performs various substitutions
and transformations on the plaintext. Secret key: The secret
key is also input to the encryption algorithm. The key is a value
independent of the plaintext and of the algorithm. The
algorithm will produce a different output depending on the
specific key being used at the time. The exact substitutions
and transformations performed by the algorithm depend on
the key.\\

Cipher text: This is the

scrambled message
produced as output. It
depends on the
plaintext and the
secret key. For a given
message, two different
keys will produce two
different cipher texts.
The cipher
text is an apparently
random stream of data
and, as it stands, is
unintelligible.
Decryption algorithm:
This is essentially the
encryption algorithm run
in reverse. It takes the
cipher text and the
secret key
and produces the
original plaintext
Cipher text: This is the scrambled message produced as
output. It depends on the plaintext and the secret key. For a
given message, two different keys will produce two different
cipher texts. The cipher text is an apparently random stream of
data and, as it stands, is unintelligible. Decryption algorithm:
This is essentially the encryption algorithm run in reverse. It
takes the cipher text and the secret key and produces the
original plaintext

Cryptography
 Cryptography is the technique that is used for secure
communication between two parties in a public
environment where unauthorized users and malicious
attackers are present.
 In cryptography, there are two processes i.e. encryption
and decryption performed at the sender and receiver end
respectively.
 Encryption is the process where simple multimedia
data is combined with some additional data (known as a
key) and converted into an unreadable encoded format
known as a Cipher. Decryption is the reverse method of
encryption where the same or different additional data
(key) is used to decode the cipher and it is converted into
real multimedia data.
 

Features Of Cryptography
 Confidentiality: Information can only be accessed by
the person for whom it is intended and no other person
except him can access it.
 Integrity: Information cannot be modified in storage or
transition between sender and intended receiver without
any addition to information being detected.
 Non-repudiation: The creator/sender of information
cannot deny his intention to send information at a later
stage.
 Authentication: The identities of the sender and
receiver are confirmed. As well destination/origin of the
information is confirmed.
 Interoperability: Cryptography allows for secure
communication between different systems and
platforms.
 Adaptability: Cryptography continuously evolves to
stay ahead of security threats and technological
advancements.
Types Of Cryptography
1. Symmetric Key Cryptography
It is an encryption system where the sender and receiver of a
message use a single common key to encrypt and decrypt
messages. Symmetric Key cryptography is faster and simpler but
the problem is that the sender and receiver have to somehow
exchange keys securely. The most popular symmetric key
cryptography systems are Data Encryption Systems
(DES) and Advanced Encryption Systems (AES) .

2. Hash Functions
There is no usage of any key in this algorithm. A hash value with
a fixed length is calculated as per the plain text which makes it
impossible for the contents of plain text to be recovered. Many
operating systems use hash functions to encrypt passwords.
3. Asymmetric Key Cryptography
In Asymmetric Key Cryptography, a pair of keys is used to
encrypt and decrypt information. A sender’s public key is used
for encryption and a receiver’s private key is used for decryption.
Public keys and Private keys are different. Even if the public key
is known by everyone the intended receiver can only decode it
because he alone knows his private key. The most popular
asymmetric key cryptography algorithm is the RSA algorithm.
Applications of Cryptography
 Computer passwords: Cryptography is widely utilized
in computer security, particularly when creating and
maintaining passwords. When a user logs in, their
password is hashed and compared to the hash that was
previously stored. Passwords are hashed and encrypted
before being stored. In this technique, the passwords are
encrypted so that even if a hacker gains access to the
password database, they cannot read the passwords.
 Digital Currencies: To protect transactions and prevent
fraud, digital currencies like Bitcoin also use
cryptography. Complex algorithms and cryptographic
keys are used to safeguard transactions, making it nearly
hard to tamper with or forge the transactions.
 Secure web browsing: Online browsing security is
provided by the use of cryptography, which shields users
from eavesdropping and man-in-the-middle assaults.
 Public key cryptography is used by the Secure Sockets
Layer (SSL) and Transport Layer Security (TLS) protocols
to encrypt data sent between the web server and the
client, establishing a secure channel for communication.
 Electronic Signatures: Electronic signatures serve as
the digital equivalent of a handwritten signature and are
used to sign documents. Digital signatures are created
using cryptography and can be validated using public
key cryptography. In many nations, electronic signatures
are enforceable by law, and their use is expanding
quickly.
 Authentication: Cryptography is used for
authentication in many different situations, such as when
accessing a bank account, logging into a computer, or
using a secure network. Cryptographic methods are
employed by authentication protocols to confirm the
user’s identity and confirm that they have the required
access rights to the resource.
 Cryptocurrencies: Cryptography is heavily used by
cryptocurrencies like Bitcoin and Ethereum to protect
transactions, thwart fraud, and maintain the network’s
integrity. Complex algorithms and cryptographic keys are
used to safeguard transactions, making it nearly hard to
tamper with or forge the transactions.
 End-to-end Internet Encryption: End-to-end
encryption is used to protect two-way communications
like video conversations, instant messages, and email.
Even if the message is encrypted, it assures that only the
intended receivers can read the message. End-to-end
encryption is widely used in communication apps like
WhatsApp and Signal, and it provides a high level of
security and privacy for users.
What is Plaintext?
 Plaintext is an encryption technique, that converts an
encrypted message. It refers to any readable data,
including binary files, that can be seen or used without the
requirement for a decryption key or device.
 Plain text is often used for several tasks, such as document
creation, coding, and email communication. Plaintext
implies any communication, document, or file that is meant
to be or has already been encrypted. A cryptosystem
 accepts plaintext as input and produces ciphertext as
output.


What is Cipher?
A cipher is a technique that is used in transforming the readable
data (plaintext) into coded data (ciphertext) and the other way
round. The first step in converting regular text into an
unrecognizable form is encryption and the process of converting
the encoded text back into regular text is decryption. Ciphers are
able to perform these transformation using keys; specific pieces
of information. It guarantees that only the right person can get to
the primary data

Primary Terminologies
 Cipher: A method or a set of rules for performing
encryption or decryption of information – a step by step
process.
 Encryption: The transformation of plaintext to the
ciphertext through the use of a cipher.
 Decryption: The act of moving from the encrypted text
to the original text.
 Plaintext: The source or plain data or text that has to be
converted into cipher text before sending it over a
channel.
 Ciphertext: The coded message that cannot be
comprehended in its original form without the usage of
decryption.
 Key: An item of data that a cipher employs to engage in
the conversion of plaintext into ciphertext and vice
versa.
Cryptanalysis and Types of Attacks
Cryptology has two parts namely, Cryptography which
focuses on creating secret codes and Cryptanalysis which is the
study of the cryptographic algorithm and the breaking of those
secret codes.
The person practicing Cryptanalysis is called a Cryptanalyst. It
helps us to better understand the cryptosystems and also helps
us improve the system by finding any weak point and thus work
on the algorithm to create a more secure secret code.
Types of Cryptanalytic attacks :

 Known-Plaintext Analysis (KPA) : In this type of

attack, some plaintext-ciphertext pairs are already
known. Attacker maps them in order to find the
encryption key. This attack is easier to use as a lot of
information is already available.
 Chosen-Plaintext Analysis (CPA) : In this type of
attack, the attacker chooses random plaintexts and
obtains the corresponding ciphertexts and tries to find
the encryption key. Its very simple to implement like KPA
but the success rate is quite low.
 Ciphertext-Only Analysis (COA) : In this type of
attack, only some cipher-text is known and the attacker
tries to find the corresponding encryption key and
plaintext. Its the hardest to implement but is the most
probable attack as only ciphertext is required.
 Man-In-The-Middle (MITM) attack : In this type of
attack, attacker intercepts the message/key between two
communicating parties through a secured channel.
 Adaptive Chosen-Plaintext Analysis (ACPA) : This
attack is similar CPA. Here, the attacker requests the
 cipher texts of additional plaintexts after they have
ciphertexts for some texts.
 Birthday attack: This attack exploits the probability of
two or more individuals sharing the same birthday in a
group of people. In cryptography, this attack is used to
find collisions in a hash function.
 Side-channel attack: This type of attack is based on
information obtained from the physical implementation
of the cryptographic system, rather than on weaknesses
in the algorithm itself. Side-channel attacks include
timing attacks, power analysis attacks, electromagnetic
attacks, and others.
 Brute-force attack: This attack involves trying every
possible key until the correct one is found. While this
attack is simple to implement, it can be time-consuming
and computationally expensive, especially for longer
keys.
 Differential cryptanalysis: This type of attack involves
comparing pairs of plaintexts and their corresponding
ciphertexts to find patterns in the encryption algorithm.
It can be effective against block ciphers with certain
properties.
 Difference Between Cryptography and
Cryptanalysis
Aspect Cryptography Cryptanalysis

Ensures secure
Involves breaking
Definition communication through
cryptographic systems
encryption

Protects data
Reveals plaintext or
Objective confidentiality and
decryption keys
integrity

Converts plaintext to Analyzes and deciphers

Process
ciphertext ciphertext

Tools and Encryption algorithms, Brute force attacks,

Techniques keys frequency analysis

Goal Maintain data security Identify weaknesses

Aspect Cryptography Cryptanalysis

and privacy and vulnerabilities

Focuses on deciphering
Prevents unauthorized
Focus ciphertext to access
access to plaintext
plaintext

Ensures secure
Challenges cryptographic
Role communication and
systems for vulnerabilities
information protection

Essential for evaluating

Crucial for securing
Importance and improving
sensitive information
cryptographic systems

Mitigates risks of data

Poses a threat to data
Impact breaches and
security if successful
unauthorized access

Encryption Decryption

While decryption is the process

Encryption is the process of
of converting meaningless
converting a normal message
messages into their original
into a meaningless message.
form,.

While decryption is the process

Encryption is the process that
that takes place at the receiver’s
takes place at the sender’s end.
end,.

Its major task is to convert the While its main task is to convert
plain text into cipher text. the cipher text into plain text,.

Any message can be encrypted Whereas the encrypted message

with either a secret key or a can be decrypted with either a
public key. secret key or a private key,.

In the encryption process, the Whereas in the decryption

sender sends the data to the process, the receiver receives
Encryption Decryption

the information (cipher text) and

receiver after encrypting it.
converts it into plain text.

The only single algorithm used

The same algorithm with the
for encryption and decryption is
same key is used for the
a pair of keys, each used for
encryption-decryption process.
encryption and decryption.

Encryption is used to protect the

Decryption is used to reverse the
confidentiality of data by
encryption process and convert
converting it into an unreadable
the ciphertext back into
form that can only be read by
plaintext.
authorized parties.

The output of encryption is a

ciphertext that is unintelligible The output of decryption is the
to anyone who does not have original plaintext message.
the decryption key.

Public Key Encryption

 Public key cryptography provides a secure way to exchange
information and authenticate users by using pairs of keys.
 The public key is used for encryption and signature
verification, while the private key is used for decryption and
signing. When the two parties communicate with each other
to transfer the intelligible or sensible message, referred to
as plaintext, is converted into apparently random
unreadable for security purposes referred to
as ciphertext.
 

Applications of the Public Key Encryption

 Encryption/Decryption: Confidentiality can be
achieved using Public Key Encryption. In this the Plain
text is encrypted using receiver public key. This will
ensure that no one other than receiver private key can
decrypt the cipher text.
 Digital signature: Digital signature is for senders
authentication purpose. In this sender encrypt the plain
text using his own private key. This step will make sure
the authentication of the sender because receiver can
decrypt the cipher text using senders public key only.
 Key exchange: This algorithm can use in both Key-
management and securely transmission of data.
Digital Signatures and Certificates
Digital signatures and certificates are two key technologies
that play a crucial role in ensuring the security and authenticity
of online activities. They are essential for activities such as
online banking, secure email communication, software
distribution, and electronic document signing. By providing
mechanisms for authentication, integrity, and non-repudiation,
these technologies help protect against fraud, data breaches,
and unauthorized access.

Digital Signature
A digital signature is a mathematical technique used to validate
the authenticity and integrity of a message, software, or digital
document. These are some of the key features of it.
1. Key Generation Algorithms: Digital signatures are
electronic signatures, which assure that the message
was sent by a particular sender. While performing digital
transactions authenticity and integrity should be
assured, otherwise, the data can be altered or someone
can also act as if he were the sender and expect a reply.
2. Signing Algorithms: To create a digital signature,
signing algorithms like email programs create a one-way
hash of the electronic data which is to be signed. The
signing algorithm then encrypts the hash value using the
private key (signature key). This encrypted hash along
with other information like the hashing algorithm is the
digital signature. This digital signature is appended with
the data and sent to the verifier. The reason for
encrypting the hash instead of the entire message or
document is that a hash function converts any arbitrary
input into a much shorter fixed-length value. This saves
time as now instead of signing a long message a shorter
hash value has to be signed and hashing is much faster
than signing.
3. Signature Verification Algorithms: The Verifier
receives a Digital Signature along with the data. It then
uses a Verification algorithm to process the digital
signature and the public key (verification key) and
generates some value. It also applies the same hash
function on the received data and generates a hash
value. If they both are equal, then the digital signature is
valid else it is invalid.
Assurances About Digital Signatures
The definitions and words that follow illustrate the kind of
assurances that digital signatures offer.
1. Authenticity: The identity of the signer is verified.
2. Integration: Since the content was digitally signed, it
hasn’t been altered or interfered with.
3. Non-repudiation: demonstrates the source of the
signed content to all parties. The act of a signer denying
any affiliation with the signed material is known as
repudiation.
4. Notarization: Under some conditions, a signature in a
Microsoft Word, Microsoft Excel, or Microsoft PowerPoint
document that has been time-stamped by a secure time-
stamp server is equivalent to a notarization.
Benefits of Digital Signatures
 Legal documents and contracts: Digital signatures
are legally binding. This makes them ideal for any legal
document that requires a signature authenticated by one
or more parties and guarantees that the record has not
been altered.
 Sales contracts: Digital signing of contracts and sales
contracts authenticates the identity of the seller and the
buyer, and both parties can be sure that the signatures
are legally binding and that the terms of the agreement
have not been changed.
 Financial Documents: Finance departments digitally
sign invoices so customers can trust that the payment
request is from the right seller, not from a attacker trying
to trick the buyer into sending payments to a fraudulent
account.
 Health Data: In the healthcare industry, privacy is
paramount for both patient records and research data.
Digital signatures ensure that this confidential
information was not modified when it was transmitted
between the consenting parties.
Drawbacks of Digital Signature
 Dependency on technology: Because digital
signatures rely on technology, they are susceptible to
crimes, including hacking. As a result, businesses that
use digital signatures must make sure their systems are
safe and have the most recent security patches and
upgrades installed.
 Complexity: Setting up and using digital signatures can
be challenging, especially for those who are unfamiliar
 with the technology. This may result in blunders and
errors that reduce the system’s efficacy. The process of
issuing digital signatures to senior citizens can
occasionally be challenging.
 Limited acceptance: Digital signatures take time to
replace manual ones since technology is not widely
available in India, a developing nation.
 Digital Certificate
 Digital certificate is issued by a trusted third party which
proves sender’s identity to the receiver and receiver’s
identity to the sender. A digital certificate is a certificate
issued by a Certificate Authority (CA) to verify the identity
of the certificate holder. Digital certificate is used to attach
public key with a particular individual or an entity.
Encryption – Process of converting electronic data into another
form, called ciphertext, which cannot be easily understood by
anyone except the authorized parties. This assures data
security.
Decryption– Process of translating code to data.
 The message is encrypted at the sender’s side using
various encryption algorithms and decrypted at the
receiver’s end with the help of the decryption algorithms.
 When some message is to be kept secure like username,
password, etc., encryption and decryption techniques are
used to assure data security.
Types of Encryption
Data encryption transforms information into a code that is only
accessible to those with a password or secret key, sometimes
referred to as a decryption key. Data that has not been
encrypted is referred to as plaintext, whereas data that has been
encrypted is referred to as ciphertext. In today’s business sector,
encryption is one of the most popular and effective data
protection solutions. By converting data into ciphertext, which
can only be decoded with a special decryption key generated
either before or at the time of the encryption, data encryption
serves to protect the secrecy of data.
 Symmetric Encryption
Data is encrypted using a key and the decryption is also
done using the same key. There are a few strategies
used in cryptography algorithms . For encryption and
decryption processes, some algorithms employ a unique
key. In such operations, the unique key must be secured
since the system or person who knows the key has
 complete authentication to decode the message for
reading.

Symmetric Encryption

 Asymmetric Encryption
Asymmetric Cryptography is also known as public-key
cryptography. It uses public and private keys for the
encryption and decryption of message. One key in the
pair which can be shared with everyone is called the
public key. The other key in the pair which is kept secret
and is only known by the owner is called the private key.

Authentication
Authentication is the process of verifying the identity of a user
or information. User authentication is the process of verifying the
identity of a user when that user logs in to a computer system.
There are different types of authentication systems which are: –
1. Single-Factor authentication: – This was the first method of
security that was developed. On this authentication system, the
user has to enter the username and the password to confirm
whether that user is logging in or not. Now if the username or
password is wrong, then the user will not be allowed to log in or
access the system.
Advantage of the Single-Factor Authentication System: –
 It is a very simple to use and straightforward system.
 it is not at all costly.
 The user does not need any huge technical skills.
The disadvantage of the Single-Factor Authentication
 It is not at all password secure. It will depend on the
strength of the password entered by the user.
 The protection level in Single-Factor Authentication is
much low.
2. Two-factor Authentication: – In this authentication system, the
user has to give a username, password, and other information.
There are various types of authentication systems that are used
by the user for securing the system. Some of them are: –
wireless tokens and virtual tokens. OTP and more.
Advantages of the Two-Factor Authentication
 The Two-Factor Authentication System provides better
security than the Single-factor Authentication system.
 The productivity and flexibility increase in the two-factor
authentication system.
 Two-Factor Authentication prevents the loss of trust.
Disadvantages of Two-Factor Authentication
 It is time-consuming.
3. Multi-Factor authentication system,: – In this type of
authentication, more than one factor of authentication is needed.
This gives better security to the user. Any type of keylogger or
phishing attack will not be possible in a Multi-Factor
Authentication system. This assures the user, that the
information will not get stolen from them.
The advantage of the Multi-Factor Authentication System are: –
 No risk of security.
 No information could get stolen.
 No risk of any key-logger activity.
 No risk of any data getting captured.
The disadvantage of the Multi-Factor Authentication System are:
–
 It is time-consuming.
 it can rely on third parties. The main objective of
authentication is to allow authorized users to access the
computer and to deny access to unauthorized users.
Operating Systems generally identify/authenticates users
using the following 3 ways: Passwords, Physical
identification, and Biometrics. These are explained as
following below.
1. Passwords: Password verification is the most
popular and commonly used authentication
technique. A password is a secret text that is
supposed to be known only to a user. In a
password-based system, each user is assigned a
valid username and password by the system
administrator. The system stores all usernames
and Passwords. When a user logs in, their user
name and password are verified by comparing
them with the stored login name and password. If
the contents are the same then the user is
allowed to access the system otherwise it is
rejected.
2. Physical Identification: This technique
includes machine-readable badges(symbols),
cards, or smart cards. In some companies,
badges are required for employees to gain
access to the organization’s gate. In many
systems, identification is combined with the use
of a password i.e the user must insert the card
and then supply his /her password. This kind of
authentication is commonly used with ATMs.
Smart cards can enhance this scheme by keeping
the user password within the card itself. This
allows authentication without the storage of
passwords in the computer system. The loss of
such a card can be dangerous.
3. Biometrics: This method of authentication is
based on the unique biological characteristics of
each user such as fingerprints, voice or face
recognition, signatures, and eyes.
4. A scanner or other devices to gather the
necessary data about the user.
5. Software to convert the data into a form that can
be compared and stored.
6. A database that stores information for all
authorized users.
7. Facial Characteristics – Humans are
differentiated on the basis of facial
 characteristics such as eyes, nose, lips,
eyebrows, and chin shape.
8. Fingerprints – Fingerprints are believed to be
unique across the entire human population.
9. Hand Geometry – Hand geometry systems
identify features of the hand that includes the
shape, length, and width of fingers.
10. Retinal pattern – It is concerned with the
detailed structure of the eye.
11. Signature – Every individual has a unique
style of handwriting, and this feature is reflected
in the signatures of a person.
12. Voice – This method records the frequency
pattern of the voice of an individual speaker.

Unit-2 : Network security

Network Security protects your network and data from
breaches, intrusions and other threats.\
his is a vast and overarching term that describes hardware
and software solutions as well as processes or rules and
configurations relating to network use, accessibility, and
overall threat protection.

Network Security involves access control, virus and

antivirus software, application security, network analytics,
types of network-related security (endpoint, web, wireless),
firewalls, VPN encryption and more.

Types of Network Security

1)Email Security:
Email Security is defined as the process designed to
protect the Email Account and its contents safe from
unauthorized access. For Example, you generally see,
fraud emails are automatically sent to the Spam folder.
because most email service providers have built-in
features to protect the content.

2) Network Segmentation:
Network segmentation defines boundaries
between network segments where assets within
the group have a common function, risk or role
within an organization. For instance, the
perimeter gateway segments a company network
from the Internet. Potential threats outside the
network are prevented, ensuring that an
organization’s sensitive data remains inside.
Organizations can go further by defining
additional internal boundaries within their
network, which can provide improved security
and access control.

3)Access Control: Your network should not be

accessible to every user. You need to identify every
user and every device in order to keep out any
attackers. You can then put your security policies into
effect. Noncompliant endpoint devices might either
 have their access restricted or blocked. Network
access control (NAC) is this process.

4)Sandboxing: Sandboxing is a cybersecurity

technique in which files are opened or code is
performed on a host computer that simulates end-user
operating environments in a secure, isolated
environment. To keep threats off the network,
sandboxing watches the code or files as they are
opened and searches for harmful activity.
5)Firewalls Security:- A firewall is a network
security device, either hardware or software-based,
which monitors all incoming and outgoing traffic and
based on a defined set of security rules accepts,
rejects, or drops that specific traffic. Before Firewalls,
network security was performed by Access Control
Lists (ACLs) residing on routers.

6)Data Loss Prevention (DLP):-

Data loss prevention (DLP) is a cybersecurity
methodology that combines technology and best
practices to prevent the exposure of sensitive
information outside of an organization, especially
regulated data such as personally identifiable
information (PII) and compliance related data:
HIPAA, SOX, PCI DSS, etc.
 7)Intrusion Prevention Systems (IPS):-
IPS technologies can detect or prevent network
security attacks such as brute force attacks,
Denial of Service (DoS) attacks and exploits of
known vulnerabilities. A vulnerability is a
weakness for instance in a software system and
an exploit is an attack that leverages that
vulnerability to gain control of that system. When
an exploit is announced, there is often a window
of opportunity for attackers to exploit that
vulnerability before the security patch is applied.
An Intrusion Prevention System can be used in
these cases to quickly block these attacks.

8)Cloud Network Security:-

Applications and workloads are no longer
exclusively hosted on-premises in a local data
center. Protecting the modern data center requires
greater flexibility and innovation to keep pace with
the migration of application workloads to the cloud.
Software-defined Networking (SDN) and Software-
defined Wide Area Network (SD-WAN) solutions
enable network security solutions in private, public,
hybrid and cloud-hosted Firewall-as-a-Service
(FWaaS) deployments.
9) VPN Security
A virtual private network (VPN) encrypts the connection between a
device and a network, usually over the internet. A remote-access VPN
commonly uses IPsec or Secure Sockets Layer (SSL) to verify and
secure the communication between the device and the network. This
encryption ensures that data transmitted between the device and the
network remains private and secure from unauthorized access.

Robust Network Security Will Protect

Against
1)Virus:
 2)Worms
3)Trojan
4)Spyware
5)Adware
6)Ransomware

Authentication Application
Authentication is the act of establishing identity via the
presentation of information that allows the verifier to know
the presenter is who or what it claims. This identity could
be any number of things, including:

 People
 Systems
 Applications
 Messages

Authentication is the process of verifying the identity

of a user or information. User authentication is the
process of verifying the identity of a user when that
user logs in to a computer system.

Types of Authentication
 Basic, single-factor authentication
 Multi-factor authentication
 Cryptographic authentication

Basic Authentication

Basic authentication is a commonly used term that most

people probably understand already. It refers to password-
based authentication. A password can be any information
that is used to verify the identity of a presenter. Common
examples that fall into this category are:
  The common password
 Host or system names
 Application names
 Numerical IDs

Basic authentication has the following benefits. It is:

 Easy to manage within an application

 Easy to deploy across applications
 Easy for end users to use

Multi-Factor Authentication

Multi-factor authentication is the use of a combination of

authentication methods to validate identity. The most
commonly used description of multi-factor authentication is
the use of information that is known only by the person,
combined with something in his or her possession. These
are typically:

 The name and password

 Some form of token

Different types of tokens used in multi-factor

authentication are:

 Smart cards
 One-time password/phrases
 Single-use PINs or pseudo-random numbers
 Biometric information

Cryptographic Authentication

The final form of authentication outlined here is that which

utilizes cryptography. This includes the following forms:

 Public Key Authentication

 Digital Signatures
  Message Authentication Code
 Password permutation

Public Key Authentication

Public key authentication occurs when the owner of a key

pair (private and public) communicates the public key, in
some form, to the authenticating party, at which point it is
verified to be true. There are a couple of methods for
public key authentication worth discussing:

 The use of the public key itself

 Public key certificates
 Message Authentication Codes (MACs)
 A message authentication code is created when a
secret key is used in combination with the message or
information to be proved authentic. The MAC can be
generated by using a hashing algorithm or symmetric
encryption. MACs can be used to provide integrity
verification as well as authenticity to those possessing
the secret key.

Kerberos
Kerberos is a computer network security
protocol that authenticates service requests
between two or more trusted hosts across an
untrusted network, like the internet. It uses
secret-key cryptography and a trusted third party
for authenticating client-server applications and
verifying users’ identities.
Kerberos provides a centralized authentication server
whose function is to authenticate users to servers and
servers to users.
The main components of Kerberos are:
  Authentication Server (AS): The Authentication
Server performs the initial authentication and ticket for
Ticket Granting Service.

 Database: The Authentication Server verifies the access

rights of users in the database.
 Ticket Granting Server (TGS): The Ticket Granting
Server issues the ticket for the Server
 Working of Kerberos
 Step-1: User login and request services on the host. Thus
user requests for ticket-granting service.
Step-2: Authentication Server verifies user’s access right
using database and then gives ticket-granting-ticket and
session key. Results are encrypted using the Password of
the user.
Step-3: The decryption of the message is done using the
password then send the ticket to Ticket Granting Server.
The Ticket contains authenticators like user names and
network addresses.
Step-4: Ticket Granting Server decrypts the ticket sent by
User and authenticator verifies the request then creates the
ticket for requesting services from the Server.
Step-5: The user sends the Ticket and Authenticator to the
Server.
Step-6: The server verifies the Ticket and authenticators
then generate access to the service. After this User can
access the services.
Applications of Kerberos
 User Authentication:
 Single Sign-On (SSO):
 Mutual Authentication:
 Authorization:
 Network Security:.

X.509
 X.509 is a standard defining the format of
public-key certificates. X.509 certificates are
used in many Internet protocols, including
TLS/SSL, which is the basis for HTTPS, the
secure protocol for browsing the web. They are
also used in offline applications, like electronic
signatures.
 An X.509 (also called digital) certificate
contains a public key and an identity (a
hostname, or an organization, or an individual),
and is either signed by a certificate authority or
self-signed.
 X.509 digital certificate is a certificate-based
authentication security framework that can be used
for providing secure transaction processing and
private information.
 .509 is a digital certificate that is built on top of a
widely trusted standard known as ITU or
International Telecommunication Union X.509
standard, in which the format of PKI certificates is
defined.
Format of X.509 Authentication Service
Certificate:

 Version number: It defines the X.509 version that

concerns the certificate.
 Serial number: It is the unique number that the
certified authority issues.
 Signature Algorithm Identifier: This is the algorithm
that is used for signing the certificate.
 Issuer name: Tells about the X.500 name of the
certified authority which signed and created the
certificate.
 Period of Validity: It defines the period for which the
certificate is valid.
  Subject Name: Tells about the name of the user to
whom this certificate has been issued.
 Subject’s public key information: It defines the
subject’s public key along with an identifier of the
algorithm for which this key is supposed to be used.
 Extension block: This field contains additional standard
information.
 Signature: This field contains the hash code of all other
fields which is encrypted by the certified authority
private key.
Applications of X.509 Authentication Service
Certificate:
Many protocols depend on X.509 and it has many applications,
some of them are given below:
 Document signing and Digital signature
 Web server security with the help of Transport Layer
Security (TLS)/Secure Sockets Layer (SSL) certificates
 Email certificates
 Code signing
 Secure Shell Protocol (SSH) keys
 Digital Identities

Directory Authentication
service
Authentication is the process of validating users. During
authentication, the server asks itself, “Is the user who he or
she says they are?”

Each DSA has one or more authentication levels. The

authentication levels assigned to a DSA define what
credentials a user must present to bind to and query that
DSA.

Directory supports three levels of authentication:

 Anonymous authentication
 Clear-password authentication
  SSL authentication

Anonymous Authentication:-

Anonymous authentication lets users connect to a directory

without providing credentials.This is useful for public
directory services, because user identification is usually not
important.

Clear-Password Authentication

Clear-password authentication (sometimes

called simple authentication) allows users to connect or
bind to a directory by providing a username and password.

The following conditions are required for clear-password

authentication to work:

 The name corresponds to a real entry in the directory.

 That entry has a password attribute.
 The user supplies a username and password.
 The minimum authentication of all the DSAs must not
include the value ssl-auth.

Authentication fails and the bind is refused in the following

cases:

 The entry named by the user cannot be found.

 The entry named by the user name does not contain a
password attribute.
 The password provided does not match the password
value of the attribute in the entry named by the user
name.
SSL Authentication:-

Strong authentication uses SSL certificates to protect LDAP

and X.500 access by encrypting data with Secure Sockets
Layer (SSL) security. When certificate-based authentication
is used, all communication on the binding set up by the
bind use SSL encryption.

SSL certificate based authentication is typically used in

environments where personal or company data requires
protection, for example, an online banking environment.

SSL authentication has two parts:

 The SSL connection

 The directory connection (using a bind)

Two variants are allowed:

 Simple SSL
 Authenticated SSL
Simple SSL authenticates the server only, while
Authenticated SSL authenticates both the client and the
server.

Pretty Good Privacy

Pretty Good Privacy (PGP) is a security program used to
decrypt and encrypt email and authenticate email
messages through digital signatures and file encryption.
Pretty Good Privacy (PGP) is an encryption software designed to
ensure the confidentiality, integrity, and authenticity of virtual
communications and information. It is considered as one of the
best methods for securing digital facts.
The following are the services offered by PGP:
1. Authentication
2. Confidentiality
3. Email Compatibility
4. Segmentation
1. Authentication in PGP
Authentication means something that is used to validate
something as true or real. To login into some sites sometimes we
give our account name and password, that is an authentication
verification procedure. In the email world, checking the
authenticity of an email is nothing but to check whether it
actually came from the person it says. In emails, authentication
has to be checked as there are some people who spoof the
emails or some spams and sometimes it can cause a lot of
inconvenience.

2. Confidentiality in PGP
Sometimes we see some packages labelled as ‘Confidential’,
which means that those packages are not meant for all the
people and only selected persons can see them. The same
applies to the email confidentiality as well. Here, in the email
service, only the sender and the receiver should be able to read
the message, that means the contents have to be kept secret
from every other person, except for those two.

How Does PGP Encryption Work?

1. Step 1: PGP generates a huge, one-time-use public
encryption algorithm that cannot be guessed, which
becomes the random session key.
2. Step 2: The session key is then encrypted using the
recipient’s public key, which protects the message
while being transmitted. The recipient shares that key
with anyone they want to receive messages from.
3. Step 3: The message sender submits their session key,
then the recipient can decrypt the message using their
private key.
4. There are two public key versions of PGP:
5. Rivest-Shamir-Adleman (RSA): RSA is one of the
first public-key cryptosystems, which encrypts a short
key created using the International Data Encryption
Algorithm (IDEA). This sees users create and publish
public keys based on two prime numbers, which are
required for anyone to decode, and use the message-
digest algorithm (MD5) to create a hash code.
6. The RSA algorithm is effectively considered
unbreakable, to the point where it has been used in
highly sophisticated malware strands such as
CryptoLocker. However, it is a fairly slow algorithm,
which means it is not appropriate for encrypting user
data.
 7. Diffie-Hellman: The Diffie-Hellman version enables
two users to generate shared private keys through
which they can exchange data on insecure channels. It
encrypts the message with a short key using the CAST
algorithm and the Secure Hash Algorithm (SHA-1) to
create a hash code.

Uses of PGP Encryption

Encrypting Emails

Digital Signature Verification

Encrypting Files

What is S/MIME?
 S/MIME stands for Secure/Multipurpose Internet Mail
Extensions. Through encryption, S/MIME offers protection
for business emails.

 S/MIME comes under the concept of Cryptography.

S/MIME is a protocol used for encrypting or decrypting
digitally signed E-mails. This means that users can digitally
sign their emails as the owner(sender) of the e-mail.

 S/MIME means Secure/Multipurpose Internet Mail

Extensions. It is a technology that allows us to encrypt
the content of our e-mails, so that they are not
vulnerable to cyber attacks. In other
words, S/MIME keeps our e-mails safe and makes sure
 that the only person who reads them is the intended
receiver.

Advantages of S/MIME
1. It offers verification.
2. It offers integrity to the message.
3. By the use of digital signatures, it facilitates non-
repudiation of origin.
4. It offers seclusion.
5. Data security is ensured by the utilization of encryption.
6. Transfer of data files like images, audio, videos,
documents, etc. in a secure manner.
Services of S/MIME
1. Digital Signature, which can maintain data integrity.
2. S/MIME can be used in encrypting messages.
3. By using this we can transfer our data using an e-mail
without any problem.
Versions of S/MIME Versions
 1st Version: 1995
 2nd Version: 1998
 3rd Version: 1999

COMPLETED -2