BCS- CRYPTOGRAPHY AND NETWORK SECURITY (3-0-1) Credit-4 Module I ( 12 LECTURES) Introduction to the Concepts of Security: The need for security, Security Approaches, Principles of Security, Types of Attacks. Cryptographic Techniques: Plain Text and Cipher Text, Substitution Techniques, Transposition Techniques, Encryption and Decryption, Symmetric and Asymmetric Key Cryptography, Steganography, Key Range and Key Size, Possible Types of Attacks. Module II ( 8 LECTURES) Computer-based Symmetric Key Cryptographic Algorithms: Algorithm Types and Modes, An overview of Symmetric Key Cryptography, DES, International Data Encryption Algorithm (IDEA), RC5, Blowfish, AES, Differential and Linear Cryptanalysis. Module III ( 8 LECTURES) Computer-based Asymmetric Key Cryptography: Brief History of Asymmetric Key Cryptography, An overview of Asymmetric Key Cryptography, The RSA Algorithm, Symmetric and Asymmetric Key Cryptography Together, Digital Signatures, Knapsack Algorithm, Some other Algorithms. Module IV ( 12 LECTURES) Public Key Infrastructure: Digital Certificates, Private Key Management, The PKIX Model, Public Key Cryptography Standards, XML, PKI and Security. Internet Security Protocols: Basic Concepts, Secure Socket Layer, SHTTP, Time Stamping Protocol, Secure Electronic Transaction, SSL versus SET, 3-D Secure Protocol, Electronic Money, E-mail Security, Wireless Application Protocol (WAP) Security, Security in GSM. Text Books: 1. Cryptography and Network Security – by Atul Kahate – TMH. 2. Data Communications and Networking- by Behourz A Forouzan Reference Book: 1. Cyber Security Operations Handbook – by J.W. Rittiaghouse and William M.Hancok – Elseviers.
MODULE - I INTRODUCTION Computer data often travels from one computer to another, leaving the safety of its protected physical surroundings. Once the data is out of hand, people with bad intention could modify or forge your data, either for amusement or for their own benefit. Cryptography can reformat and transform our data, making it safer on its trip between computers. The technology is based on the essentials of secret codes, augmented by modern mathematics that protects our data in powerful ways. • Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers • Network Security - measures to protect data during their transmission • Internet Security - measures to protect data during their transmission over a collection of interconnected networks Security Attacks, Services and Mechanisms To assess the security needs of an organization effectively, the manager responsible for security needs some systematic way of defining the requirements for security and characterization of approaches to satisfy those requirements. One approach is to consider three aspects of information security: Security attack – Any action that compromises the security of information owned by an organization. Security mechanism – A mechanism that is designed to detect, prevent or recover from a security attack. Security service – A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks and they make use of one or more security mechanisms to provide the service.
Basic Concepts Cryptography The art or science encompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form Plaintext The original intelligible message Cipher text The transformed message Cipher An algorithm for transforming an intelligible message into one that is unintelligible by transposition and/or substitution methods Key Some critical information used by the cipher, known only to the sender& receiver Encipher (encode) The process of converting plaintext to cipher text using a cipher and a key Decipher (decode) the process of converting cipher text back into plaintext using a cipher and a key Cryptanalysis The study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called code breaking Cryptology Both cryptography and cryptanalysis Code An algorithm for transforming an intelligible message into an unintelligible one using a code-book Cryptography Cryptographic systems are generally classified along 3 independent dimensions: Type of operations used for transforming plain text to cipher text All the encryption algorithms are based on two general principles: substitution, in which each element in the plaintext is mapped into another element, and transposition, in which elements in the plaintext are rearranged. The number of keys used If the sender and receiver uses same key then it is said to be symmetric key (or) single key (or) conventional encryption. If the sender and receiver use different keys then it is said to be public key encryption. The way in which the plain text is processed A block cipher processes the input and block of elements at a time, producing output block for each input block.