Scribd
Upload
46 views28 pages

Cryptography and Network Security-Ppt-1 (Autosaved) .PPTM

Uploaded by

s190014 YANDRAPU JHYOSTNA

Copyright:

© All Rights Reserved
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt

Cryptography and Network Security-Ppt-1 (Autosaved) .PPTM

Uploaded by

s190014 YANDRAPU JHYOSTNA
46 views28 pages

Original Title

Cryptography and Network Security-ppt-1 [Autosaved].pptm

Copyright

© © All Rights Reserved

Available Formats

PPTX, PDF, TXT or read online from Scribd

Did you find this document useful?

Is this content inappropriate?

Copyright:

© All Rights Reserved
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
46 views28 pages

Cryptography and Network Security-Ppt-1 (Autosaved) .PPTM

Uploaded by

s190014 YANDRAPU JHYOSTNA

Copyright:

© All Rights Reserved
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
You are on page 1/ 28

Cryptography and Network

Security
What is computer security?
Computer security basically is the protection of computer systems and
information from harm, theft, and unauthorized use. It is the process
of preventing and detecting unauthorized use of your computer
system.
Types of security:
Computer security
Information security
Application security
Network security
Cyber security
Computer security threats

Computer security threats are possible dangers that can possibly


hamper the normal functioning of your computer. In the present
age, cyber threats are constantly increasing as the world is going
digital. The most harmful types of computer security are:
• Virus
• Worms
• Keylogger
• Rootkit
• Keylogger: Also known as a keystroke logger, keyloggers can track the
real-time activity of a user on his computer. It keeps a record of all the
keystrokes made by user keyboard. Keylogger is also a very powerful
threat to steal people’s login credential such as username and
password.
• Rootkit: A rootkit is a computer program designed to provide
continued privileged access to a computer while actively hiding its
presence. Once a rootkit has been installed, the controller of the
rootkit will be able to remotely execute files and change system
configurations on the host machine.
• Viruses: Computer virus is malicious program
• Worm: computer worm is a software
Some preventive steps for computer security:
• Secure your computer physically by:
 Installing reliable, reputable security and anti-virus software
 Activating your firewall, because a firewall acts as a security guard between the internet and
your local area network
• Stay up-to-date on the latest software and news surrounding your devices and perform
software updates as soon as they become available
• Avoid clicking on email attachments unless you know the source
• Change passwords regularly, using a unique combination of numbers, letters and case types
• Use the internet with caution and ignore pop-ups, drive-by downloads while surfing
• Taking the time to research the basic aspects of computer security and educate yourself on
evolving cyber-threats
• Perform daily full system scans and create a periodic system backup schedule to ensure your
data is retrievable should something happen to your computer.
Cyber security is preserving the integrity ,availability and confidentiality of information .

• Confidentiality : Only authorized people can read the data or see the data.
• Integrity: Data should not be changed or modified by unauthorized people.
• Availability: Data should be available or accessible at the time needed for authorized persons.
• Security attack – Any action that compromises the security of
information owned by an organization.
• Security mechanism – A mechanism that is designed to detect,
prevent or recover from a security attack.
• Security service – A service that enhances the security of the data
processing systems and the information transfers of an organization.
The services are intended to counter security attacks and they make
use of one or more security mechanisms to provide the service.
Security attacks

• Security attack – Any action that compromises the security of


information owned by an organization.
1.Passive attack: In passive attack ,the people who are attack, they only
read the data ,but doesn't do modification.
They are two type:
Release of message contents
Traffic analysis
2. Active attack : here the attacker modify the message.
They are divided in to 4 types
Masquerade
Reply
Modification message
Denial of services
Passive attack

1.Release of message contents: simply observe the data


2.Traffic analysis: sends encrypted data

The pattern of the encrypted data


Length of the message
Frequency of the message
Location of the communication channel
Active attack:
1.Masquerade

A masquerade attack is an attack that uses a fake identity, such as a network


identity, to gain unauthorized access to personal computer information through
legitimate access identification. If an authorization process is not fully protected,
it can become extremely vulnerable to a masquerade attack.
• Replay

• A replay attack is a category of network attack in which an attacker detects a


data transmission and fraudulently has it delayed or repeated.
• Replay attacks help attackers to gain access to a network, gain information
which would not have been easily accessible or complete a duplicate transaction.
• A replay attack is also known as a playback attack.
Modification of message:

In this attack attacker can modifies the message and send into the
destination.
Denial of services:

In this attack the attacker tries to put the resources in work .in this
attacker resources are busy.
Difference between passive and active attack
SECURITY SERVICES
Security service – A service that enhances the security of the data processing
systems and the information transfers of an organization. The services are
intended to counter security attacks and they make use of one or more security
mechanisms to provide the service.
The classification of security services are as follows:
Confidentiality: Ensures that the information in a computer system and transmitted
Information are accessible only for reading by authorized
Authentication: Ensures that the origin of a message or electronic document is
correctly identified, with an assurance that the identity is not false.
Integrity: Ensures that only authorized parties are able to modify computer system
assets and transmitted information. Modification includes writing, changing
status, deleting, creating and delaying or replaying of transmitted messages.
Availability: Requires that computer system assets be available to
authorized parties when needed
Non repudiation: Requires that neither the sender nor the receiver of a
message be able to deny the transmission.
Access control: Requires that access to information resources may be
controlled by or the target system.
Security services
• Authentication:
Peer authentication
Data origin authentication
• Access control:
• Data confidentiality
• Connection-oriented confidentiality
• Connection-less confidentiality
• Selective –field confidentiality
• Traffic flow confidentiality
• Data integrity :
Connection oriented integrity
Connection less data integrity
Selective field integrity
5.Non repudiation:
6.Availability:
Security mechanism

Security mechanism – A mechanism that is designed to detect, prevent


or recover from a security attack.

• Encipherment
• Digital signature
• Access control data integrity
• Authentication exchange
cryptography

Cryptography derived its name from Greek word called “krypto’s “


which means “secret”.
Cryptography is the science and art of transforming message to make
them secure and protected from attacks.
Cryptography is practice and study of hiding information.
It provides confidentiality ,integrity, availability.
Cryptography:

Plaintext
BOb message internet Alice

plaintext
encrypt
Cipher text decrypt
#$37jggh
hthr
• Encryption: The process of transforming or converting plaintext into
an unreadable format is called as encryption.
• Decryption: The process of converting cipher text into a plain text is
called as decryption.
• Keys: strings of bits used by cryptographic algorithm to transform
plain text into cipher text or vice versa.
• plaintext
• ciphertext
• encryption
• decryption
• confidentiality
• availability
• authentication
• access control
• clear text
• Integrity
• No repudiation
Applications of cryptography
 Defense services
Secure data manipulation
E-commerce
Business transactions
Internet payment systems
User identification systems
Access control
Data security

You might also like