14-03-2011, 09:03 PM
Analysis And Implementation Of Message Digest For Network Security
Presented by
S.Naresh Kumar, G.Karanveer Dhiman
3rd Year B.TECH Depertment opf Information and technology
Adhiyamaan college of Engineering
Presented by
S.Naresh Kumar, G.Karanveer Dhiman
3rd Year B.TECH Depertment opf Information and technology
Adhiyamaan college of Engineering
[attachment=10138]
Abstract
With communication playing a vital role in our day-to-day life, computers are becoming more and more
important and since then networking of computers has become essential. Of course, most of the people
are hanging over the Internet for various communicational needs. Though authentication areas have
grown to a great extent, hacking and cracking have become very common in the Internet world and one is
not sure that information received is valid. The integrity of data has become a great question mark.
A common practice followed in maintaining the integrity of data is applying a message digest algorithm
to obtain the message digest for the required data and digitally signing it with digital signature
algorithms and then transmitting it for communication.In the above process, a certificate is issued for
validation and a private key is given to the signer with a common public key (for decryption purposes).
This clearly reveals that message digest is the one, which helps in data integrity.
Various message digest algorithms are used such as SHA, MD5, .etc. So, our approach is to take the
MD5 algorithm and to improve the “secureness” of data by eliminating the possible weaknesses of it. We
have chosen MD5 algorithm because it is most widely used and it is the proposed one for the emerging
IPv6 Standard.
Contents
Introduction
What is network security?
1. Secrecy
2. Authentication
• Message integrity
1. Digital signature
2. Message digest
3. Key management
• Key distribution and Certification
• Intrusion
• Message digests
• Message digest algorithm
• Terminology and notation
• MD5 algorithm description
• Error detection
• Merits
• Conclusion
• Bibliography
Introduction
In a race to improve security infrastructures faster
than hackers and stealers ,who invent to penetrate
passwords and firewalls, new technologies are being
developed to confirm authentication, secure
information transaction,...etc. Some of the factors
characterizing network security are secrecy,
authentication, message integrity, key distribution
and certification. Of these, message integrity is of
main concern because it helps in accurate information
transmission.
This is where‖MESSAGE DIGEST‖ comes into
action. After an overview of the present scenario in
network security, its threats, we will go on to
highlight what are message digests, the MD5
algorithm and the improvement of the message digest
scheme with MD5s proposed by us.
What is Network Security?
Secrecy: only sender, intended
receiver
should ―understand‖ msg contents
– sender encrypts msg
– receiver decrypts msg
Authentication: sender, receiver want
to confirm identity of each other
Message Integrity: sender, receiver
want to ensure message not altered (in
transit, or afterwards) without
detection
What Is Network Security?
The above block indicates the various
strategies in network security. We
shall discuss each one of them
separately as follows:
Secrecy: This is achieved through
cryptography -the process of securely
transmitting data over a network in
such a way that if the data is
intercepted, it cannot be read by
unauthorized users.
Cryptography involves two
complementary processes:
• Encryption is the process of taking
data and modifying it so that it cannot
be read by untrusted users.
• Decryption is the process of taking
encrypted data and rendering it
readable for trusted users.
Encryption and decryption are
performed using algorithms and keys.
An algorithm, a series of
mathematical steps that scrambles
data, is the underlying mathematical
process behind encryption.
Authentication: The process of
validating user‘s credentials to allow
them access to resources on a network.
Authentication can be classified
according to how the credentials are
passed over the network and include
the following methods:
1. Anonymous access: This method is
supported by Microsoft Internet
Information Services (IIS) and allows
anonymous users on the Internet
access to Web content on your server.
2. Basic Authentication: This method
transmits passwords as clear text and
is often used in UNIX networks and
for File Transfer Protocol (FTP)
services.
3. Windows NT Challenge/Response
Authentication: This is the standard
secure authentication method for
Windows NT domain controllers.
4. Kerberos v5 Security Protocol: This
is the standard secure authentication
method for Windows 2000 domain
controllers.
Message Integrity: This is managed
through the following
Digital Signatures: It is an encrypted
file accompanying a program that in
turn indicates exactly where the file is
coming from. In a Digital signature
private key is used for encryption and
a public key is used for decryption.
While signing an object, the signer
calculates a digest of the objects using
a message digest algorithm such as
MD5. The digest is used as a
fingerprint for the object.
This digest is in turn encrypted using
the private key to produce the object‘s
digital signature. The signature is
verified by decrypting the signature
using the signer‘s public key. As a
result of this decryption, the digest
value is produced.
The object‘s digest value is calculated
and in turn compared with the
decrypted digest value. If both the
values match i.e., object‘s digest value
and decrypted digest value, the
signature is verified. The document
representing this signature is called
‗Certificate‘.
Message Digests: Cryptographically
secure message digests, such as MD5
and SHA-1. These algorithms, also
called one-way hash algorithms, are
useful for producing "digital
fingerprints" of data, which are
frequently used in digital signatures
and other applications that need
unique and unforgivable identifiers for
digital data.
Key Management: A set of
abstractions for managing principles
(entities such as individual users or
groups), their keys, and their
certificates is key management. It
allows applications to design their own
key management systems, and to
interoperate with other systems at a
high level.
Get the report here: