A paper on

Network Security & Cryptology

DEPARTMENT OF COMPUTER SCIENCE & ENGG.

ADITYA INSTITUTE OF TECHNOLOGY AND MANAGEMENT

TEKKALI, ANDHRA PRADESH

Presented by:

B.T.HANEESH III B.Tech. C.S.E.,

 e-mail ids: dkcswj@gmail.com haneesh93@gmail.com

D.K.CHAITANYA III B.Tech. C.S.E.,

Abstract
The present century has been one of many scientific In cryptography, we use different

discoveries and technological advancements. The algorithms like Diffie-Hellman etc., to provide security issue of security came with the advent of technology. to information via exchange of secret keys. As computing systems became more complicated, there was an increasing need for security. If the Basic Idea: The goal of cryptography is to make it possible that unauthorized disclosure or alteration of the two people to exchange a message in such a way that information could result in any negative impact, it other people cannot understand. There is no end that should be secured. number of ways this can be done, but here we will be Computer networking is the interconnection between concerned with the methods of altering the text in two or more computers. At this networking we may such a way that the recipient can undo the alteration deal with hackers. Thus we need a concept of and discover the original text. security.

Encryption and decryption:

This paper deals with cryptography, which is one of the methods to provide security. Cryptography means hidden secret, is the practice of study of hiding information. Data that can be read and understood without any special measures is called plaintext or clear text. The method of disguising plaintext in such a way as to hide its substance is called encryption. Encrypting plaintext results in unreadable gibberish called cipher text. You use encryption to make sure It involves the use of a cryptographic algorithm used that information is hidden from anyone for whom it is in the encryption and decryption process. Encryption not intended, even those who can see the encrypted is the science of changing data so that it is data. The process of reverting cipher text to its unrecognizable and useless to an unauthorized original plaintext is called decryption. person. Decryption is changing it back to its original form.

Figure 1-1 illustrates this process.

Figure 1-1. Encryption and decryption

Different types of threats to network:

y E-mail bombs - An e-mail bomb is usually a personal attack . Someone sends you the same e-mail hundreds or thousands of times until your email system cannot accept any more messages y Viruses - Probably the most well-known threat is computer viruses . A virus is a small program that can copy itself to other computers . This way it can y next. Viruses range from harmless

messages to erasing all of your data . Spam - Typically harmless but always annoying , spam is the electronic

equivalent of junk mail . Spam can be dangerous though. Quite often it

contains links to Web sites. Be careful of clicking on accidentally these because you may accept a cookie that

provides a backdoor to your computer

spread quickly from one system to the

Network security can be done by various methods. 1. Virtual Private Network:

A virtual private network ( VPN ) is a way to use a public telecommunication infrastructure , such as the Internet , to provide remote offices or individual users with secure access to their organization's network. The goal of a VPN is to provide the organization with the same capabilities , but at a much lower cost

Implementation of network security by VPN.

Step 1. - The remote user dials into

their local ISP and logs into the ISP s network as

Usual.

Step 2. - When connectivity to the

corporate network is desired, the user initiates a tunnel request to the destination Security server on the

corporate network. The security server authenticates the user and creates the other end of tunnel.

Fig: a) A leased line private network

b) A virtual private network

Step 3. - The user then sends data through the

tunnel which encrypted by the VPN software before being sent over the I SP connection.

Step4- The destination Security server

receives the encrypted data and

forwards the decrypted data packets onto the corporate network

decrypts. The Security server then

3. IPSec

- IPSec has two encryption

PC to router PC to server This computer is considered provides a the

modes: tunnel and transport. Tunnel encrypts the header and the payload of each packet while transport only encrypts the payload. Only systems that are IPSec compliant can take advantage of this Protocol Router to router Firewall to router

gateway because it

only point of access between your home network and the Internet .

Strong cryptography: Cryptography can be strong or weak, as explained text that is very difficult to decipher without above Cryptographic strength is measured in the time possession of the appropriate decoding tool. Given all and resources it would require to recover the of today s computing power and available time ven plaintext. The result of strong cryptography is cipher a billion computers doing a billion checks a second it

is not possible to decipher the result of strong cryptography before the end of the universe. How does cryptography work? A cryptographic algorithm, or cipher, is a The security of encrypted data is entirely dependent

mathematical function used in the encryption and on two things: the strength of the cryptographic decryption process. A cryptographic algorithm works algorithm and the secrecy of the key. A cryptographic in Combination with a key a word, number, or algorithm, plus all possible keys and all the protocols

phrase to encrypt the plaintext. The same plaintext that make it work, comprise a cryptosystem. PGP is a encrypts to different cipher text with different keys. cryptosystem.

Conventional cryptography In conventional cryptography, also called conventional cryptosystem that is widely employed by secret-key or symmetric-key encryption, one key is the U.S. government. Figure 1-2 is an illustration of used both for encryption and decryption. The Data the conventional encryption process. Encryption Standard (DES) is an example of a

Public key cryptography The difficulty with secret-key cryptosystems is problems of key distribution are solved by public key sharing a key between the sender and receiver cryptography. Public key cryptography is an

without anyone else compromising it. In a system asymmetric scheme that uses a pair of keys for supporting a large number of users the key encryption: management problems can become very severe. The a public key, which encrypts

data, and a corresponding private key (secret cannot decrypt it. Only the person who has the key) for decryption. It is computationally infeasible to corresponding deduce the private key from the public key. Anyone information. who has a public key can encrypt information but private key can decrypt the

The

primary

benefit

of

public

key conventional 128-bit key is equivalent to a 3000-bit

cryptography is that it allows people who have no public key. Again, the bigger the key, the more secure, preexisting security arrangement to exchange but the algorithms used for each type of cryptography

messages securely. The need for sender and receiver are very different. to share secret keys via some secure channel is While the public and private keys are mathematically eliminated; all communications involve only public related, it s very difficult to derive the private key keys, and no private key is ever transmitted or shared. given only the public key; however, deriving the A key is a value that works with a cryptographic private key is always possible given enough time and algorithm to produce a specific cipher text. Keys are computing power. This makes it very important to basically really, really, really big numbers. Key size is pick keys of the right size; large enough to be secure, measured in bits; but small enough to be applied fairly quickly. Larger The number representing a 2048-bit key is huge. In keys will be cryptographically secure for a longer public-key cryptography, the bigger the key, the more period of time. Keys are stored in encrypted form. secure the cipher text. However, public key size and PGP stores the keys in two files on your hard disk; one conventional cryptography s secret key size are totally for public keys and one for private keys. These files unrelated. A conventional 80-bit key has the are called key rings. equivalent strength of a 1024-bit public key. A

Digital signatures

A major benefit of public key cryptography is that it also provides non-repudiation, which means that it provides a method for employing digital signatures. prevents the sender from claiming that he or she did Digital signatures let the recipient of information not actually send the information. These features are verify the authenticity of the information s origin, and every bit as fundamental to cryptography as privacy, if also verify that the information was not altered while not more. A digital signature serves the same purpose in transit. Thus, public key digital signatures provide as a handwritten signature. authentication and data integrity. A digital signature

Hash functions The system described above has some problems. It is of bits and produces a fixed-length output; say, 160 slow, and it produces an enormous volume of data bits. The hash function ensures that, if the

at least double the size of the original information. An information is changed in any way even by just one improvement on the above scheme is the addition of bit an entirely different output value is produced. a one-way hash function in the process. A one-way hash function takes variable-length input in this case, the plaintext the user is signing. This generates a a message of any length, even thousands or millions fixed-length data item known as a message digest. PGP uses a cryptographically strong hash function on

CONCLUSION:
Everyone has a different idea of what security is, and what levels of risk are acceptable. The key for building a secure network is to define what security means to your organization. Once that has been defined, Security is everybody's business, and everything that goes on with the network can only with everyone's cooperation, an intelligent be evaluated with respect to that policy. policy, and consistent practices, will it be Projects and systems can then be broken down achievable. into their components, and it becomes much simpler to decide whether what is proposed will conflict practices. with your security policies and