Note for Cryptography And Network Security - CNS By Dr. D. Jagadeesan
- Cryptography And Network Security - CNS
- Note
- 1278 Views
- 48 Offline Downloads
- Uploaded 1 year ago
Text from page-1
SREENIVASA INSTITUTE of TECHNOLOGY and MANAGEMENT STUDIES (Autonomous) Chittoor IV Year - B.Tech - I – Semester. Cryptography and Network Security Unit – I INTRODUCTION TO COMPILING - ADVANCED ENCRYPTION STANDARD
Text from page-2
SITAMS – B.Tech – IV Year - I Sem CSE 13CSE 414 – Cryptography and Network Security Dr. D. Jagadeesan, B.E., M.Tech., Ph.D., Professor in CSE, Unit – I UNIT - 1: INTRODUCTION TO COMPILING - ADVANCED ENCRYPTION STANDARD Security attacks - Security services and mechanisms - Classical encryption techniques Symmetric cipher model - Substitution techniques - Transposition techniques - Block ciphers and the data encryption standard - Block cipher principles - The data encryption standard The strength of DES - Evaluation criteria for AES - The AES cipher - More on symmetric ciphers - Multiple encryption and triple DES - Block cipher modes of operation. Introduction The OSI (open systems interconnection) security architecture provides a systematic framework for defining security attacks, mechanisms, and services. o Security attacks are classified as either passive attacks, which include unauthorized reading of a message of file and traffic analysis; and active attacks, such as modification of messages or files, and denial of service. o Security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocols. o Security services include authentication, access control, data confidentiality, data integrity, non-repudiation, and availability. Security attacks A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms of passive attacks and active attacks. o A passive attack attempts to learn or make use of information from the system but does not affect system resources. o An active attack attempts to alter system resources or affect their operation. Passive Attacks o Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. o The goal of the opponent is to obtain information that is being transmitted. o Two types of passive attacks are Release of message contents The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions. 2 / 26
Text from page-3
SITAMS – B.Tech – IV Year - I Sem CSE 13CSE 414 – Cryptography and Network Security Dr. D. Jagadeesan, B.E., M.Tech., Ph.D., Professor in CSE, Unit – I Traffic analysis It is subtler, that is masking the contents of messages or other information traffic from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. o Passive attacks are very difficult to detect because they do not involve any alteration of the data. Active Attacks o Active attacks involve some modification of the data stream or the creation of a false stream. o Four types of active attacks are Masquerade It takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges. 3 / 26
Text from page-4
SITAMS – B.Tech – IV Year - I Sem CSE 13CSE 414 – Cryptography and Network Security Dr. D. Jagadeesan, B.E., M.Tech., Ph.D., Professor in CSE, Unit – I Replay It involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. Modification of messages Some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. For example, a message meaning "Allow John Smith to read confidential file accounts" is modified to mean "Allow Fred Brown to read confidential file accounts". Denial of service Prevents or inhibits the normal use or management of communications facilities. For example, an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. 4 / 26
Leave your Comments