09-07-2014, 11:33 AM
NETWORK SECURITY AND CRYPTOGRAPHY
NETWORK SECURITY AND CRYPTOGRAPHY.docx (Size: 179.59 KB / Downloads: 18)
ABSTRACT
For the first few decades of their existence, computer networks were primarily used by university researchers for sending e-mail and by corporate employees for sharing printers. Under these conditions, security did not get a lot of attention. But now, as millions of ordinary citizens are using networks for banking, shopping, and filing their tax returns, network security is looming on the horizon as a potentially massive problem.
The requirements of information security within an organisation have undergone two major changes in the last several decades.before the widespread use of data processing equipment ,the security of information felt to be valuable to an organization was provided primarily by physical and administrative means .
.with the introduction of computer the need for automated tools for protecting files and other information stored on the computer became an evident .this is especially the case for a shared system,such as time sharing system and the need is even more acute for systems that can be accessed for a public telephone or a data network..the generic name for the collection of tools to protect data and to thwart hackers is “computer security”.
Network Security
Security is a broad topic and covers a multitude of sins. In its simplest form, it is concerned with making sure that nosy people cannot read, or worse yet, secretly modify messages intended for other recipients. It is concerned with people trying to access remote services that they are not authorized to use. Most security problems are intentionally caused by malicious people trying to gain some benefit, get attention, or to harm someone. Network security problems can be divided roughly into four closely intertwined areas: secrecy, authentication, nonrepudiation, and integrity control. Secrecy, also called confidentiality, has to do with keeping information out of the hands of unauthorized users. This is what usually comes to mind when people think about network security. Authentication deals with determining whom you are talking to before revealing sensitive information or entering into a business deal. Nonrepudiation deals with signatures.
Cryptography
Cryptography comes from the Greek words for ''secret writing.'' It has a long and colorful history going back thousands of years. Professionals make a distinction between ciphers and codes. A cipher is a character-for-character or bit-for-bit transformation, without regard to the linguistic structure of the message. In contrast, a code replaces one word with another word or symbol. Codes are not used any more, although they have a glorious history
The messages to be encrypted, known as the plaintext, are transformed by a function that is parameterized by a key. The output of the encryption process, known as the ciphertext, is then transmitted, often by messenger or radio. We assume that the enemy, or intruder, hears and accurately copies down the complete ciphertext. However, unlike the intended recipient, he does not know what the decryption key is and so cannot decrypt the ciphertext easily. Sometimes the intruder can not only listen to the communication channel (passive intruder) but can also record messages and play them back later, inject his own messages, or modify legitimate messages before they get to the receiver (active intruder). The art of breaking ciphers, called cryptanalysis, and the art devising them (cryptography) is collectively known as cryptology
Substitution Ciphers
In a substitution cipher each letter or group of letters is replaced by another letter or group of letters to disguise it. One of the oldest known ciphers is the Caesar cipher, attributed to Julius Caesar. In this method, a becomes D, b becomes E, c becomes F, ... , and z becomes C. For example, attack becomes DWWDFN.
The next improvement is to have each of the symbols in the plaintext, say, the 26 letters for simplicity, map onto some other letter. For example,
plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
ciphertext: Q W E R T Y U I O P A S D F G H J K L Z X C V B N M
Public key algorithm
While there may be many algorithms and keys that have this property, the RSA algorithm (named after its founders, Ron Rivest, Adi Shamir, and Leonard Adleman) has become almost synonymous with public keycryptography.
In order to choose the public and private keys, one must do the following:
Choose two large prime numbers, p and q. How large should p and q be? The larger the values, the
more difficult it is to break RSA but the longer it takes to perform the encoding and decoding. RSA
Laboratories recommends that the product of p and q be on the order of 768 bits for personal use and
1024 bits for corporate use .
Compute n = pq and z = (p-1)(q-1).
Choose a number, e, less than n, which has no common factors (other than 1) with z. (In this case, e
and z are said to be relatively prime). The letter 'e' is used since this value will be used in encryption.
Find a number, d, such that ed -1 is exactly divisible (i.e., with no remainder) by z. The letter 'd' is
used because this value will be used in decryption. Put another way, given e, we choose d such that the
integer remainder when ed is divided by z is 1. (The integer remainder when an integer x is divided by
the integer n, is denoted x mod n).
The public key that Bob makes available to the world is the pair of numbers (n,e); his private key is the
pair of numbers (n,d).