Cryptography and

Network Security
(BTIT13502)
Module 01 : Introduction
Teaching Scheme
Syllabus
Syllabus…
Syllabus…
Reference Books
Outline
■ Computer Security Concepts
■ Security attacks
■ Security services
■ Security mechanisms
■ A Model for Network Security
Background
■ Information Security requirements have changed in recent times
■ traditionally provided by physical and administrative
mechanisms
■ computer use requires automated tools to protect files and other
stored information
■ use of networks and communications links requires measures to
protect data during transmission
 9
n
t
Definitions
r
o ■ Computer Security - generic name for the collection of tools
d designed to protect data and to thwart hackers
u
c
■ Network Security - measures to protect data during their
t transmission
■ Internet Security - measures to protect data during their
o
n
transmission over a collection of interconnected networks
1
n
0
t
Aspects of Security
r
o ■ consider 3 aspects of information security:
d
u • security attack
c • security mechanism
t
• security service
o
n
1
n
1
t
Security Attack
r
o
d
■ any action that compromises the security of
u information owned by an organization
c
t ■ information security is about how to prevent attacks, or
o failing that, to detect attacks on information-based
n
systems
■ often & used to mean same thing
■ have a wide range of attacks
■ can focus of generic types of attacks
• passive
• active
1
n
2
t
Passive Attacks
r
o
d
u
c
t

o
n
1
n
3
t
Passive Attacks
r
o ■ Release of Message content
d
u ■ Traffic Analysis
c
t

o
n
1
n
4
t
Active Attacks
r
o
d
u
c
t

o
n
1
n
5
t
Active Attacks
r
o ■ Masquerade
d
u ■ Replay
c
t ■ Modification of Message
o ■ Denial of Service
n
1
n
6
t
Security Services
r
o ■ enhance security of data processing systems and information
d
u transfers of an organization
c
t
■ intended to counter security attacks
■ using one or more security mechanisms
o
n ■ often replicates functions normally associated with physical
documents
which, for example, have signatures, dates; need protection from disclosure,
tampering, or destruction; be notarized or witnessed; be recorded or licensed
1
n
7
t
Security Services (X.800)
r
o ■ Authentication - assurance that the communicating entity is the
d one claimed
u
c
■ Access Control - prevention of the unauthorized use of a
t resource
■ Data Confidentiality –protection of data from unauthorized
o
n
disclosure
■ Data Integrity - assurance that data received is as sent by an
authorized entity
■ Non-Repudiation - protection against denial by one of the parties
in a communication
1
n
8
t
Security Mechanism
r
o ■ feature designed to detect, prevent, or recover from a security
d attack
u
c
■ no single mechanism that will support all services required
t ■ however one particular element underlies many of the security
mechanisms in use:
o
n
• cryptographic techniques
■ hence our focus on this topic
1
n
9
t
Security Mechanisms (X.800)
r
o
d
■ specific security mechanisms:
u • encipherment, digital signatures, access controls, data integrity,
c authentication exchange, traffic padding, routing control, notarization
t
■ pervasive security mechanisms:
o • trusted functionality, security labels, event detection, security audit trails,
n security recovery
2
n
0
t
Model for Network Security
r
o
d
u
c
t

o
n
2
n
1
t
Model for Network Security
r
o ■ using this model requires us to:
d 1. design a suitable algorithm for the security transformation
u
c 2. generate the secret information (keys) used by the algorithm
t 3. develop methods to distribute and share the secret information
o 4. specify a protocol enabling the principals to use the
n transformation and secret information for a security service
Model for Network Security
Trusted third party
(e.g., arbiter, distributer
of secret information)

Sende Recipient
r Security -related Info. Security -related
Channel

Message

Message
Message

Message
Transformation Transformation

Secure
Secure

Secret Secret
Information Opponent Information
(Attacker)
Encryption and Decryption

Hello f7#er Decryptio Hello Receive