3. Definitions
• Computer Security - generic name for the collection
of tools designed to protect data from the hackers
• Network Security - measures to protect data during
their transmission.
• Internet Security - measures to protect data during
their transmission over a collection of interconnected
networks.
• our focus is on Internet Security
• which consists of measures to determine, prevent,
detect, and correct security violations that involve the
transmission & storage of information.
5. Security Attack
• any action that compromises the security of
information owned by an organization
• information security is about how to prevent attacks,
or failing that, to detect attacks on informationbased systems
• often threat & attack used to mean same thing
• have a wide range of attacks
• can focus of generic types of attacks
– passive
– active
8. contd.,
Cryptography- is a “Greek word” which means “Secret
writing”.
• We use this term to make secure and immune to attacks.
9. • Plaintext– the original (or) user message, before being
transformed is called plain text.
• Ciphertext – After wards the plaintext transformed, it is
called ciphertext. An encryption algorithm transforms the
plaintext into ciphertext; a decryption algorithm transforms
the ciphertext back into plaintext.
• The sender uses an encryption algorithm and the receiver
uses a decryption algorithm.
• Cipher – we refer both encryption and decryption
algorithms as cipher. it is also refers to different categories
of algorithms in cryptography.
• Key – a key is number(or set of numbers) used to make
cipher
10. Contd.,
• An encryption algorithm, need an encryption key and the
plaintext.[as same for decryption].
• Alice, Bob and Eve –in cryptography, normally used three
characters in an information exchange.
• Alice is a person who needs to send secure data.
• Bob- is the recipient of the data.
• Eve- is the person who somehow disturb the communication
between Alice and bob.
11. Two categories
• The ciphers( cryptography algorithm) into two groups:
– Symmetric key(also called secret key)
– Asymmetric( Also called Public key)
12. Symmetric key cryptography
• Here, the same key is used by both parties(the key is
shared).
• The sender uses this key and an encryption algorithm to
encrypt data;
• The receiver uses the same key and decryption algorithm to
decrypt the data.
13. Asymmetric key cryptography
• There are two keys; a private key and a public key.
• The private key is kept by the receiver.
• The public key is announced to the public.
14. Contd.,
• Imagine Alice wants to send a message to Bob. Alice uses
the public key to encrypt the message. The Bob use the
private key to decrypt the message.
15. Types of keys
• The secret key – is the shared key used in symmetric-key
cryptography.
• The Public and Private key – used in Asymmetric
cryptography.
16. comparison
• Encryption can be thought of as electronic locking;
decryption as electronic unlocking.
• The sender puts the message in a box and locks the box by
using a key; the receiver unlocks the box with a key and
takes the message.
• In symmetric key cryptography- same key used for both
locks and unlocks the box.
• In asymmetric key cryptography- one key used for lock the
box and another key needed to unlock it.
Discuss observed security trends (Stallings section 1.1 & Figure 1.2 above), noting growth in sophistication of attacks contrasting with decrease in skill & knowledge needed to mount an attack.
Expand on definition and use of “security attack”, as detailed above.
See Stallings Table 1.1 for definitions of threat and attack.
Have “passive attacks” which attempt to learn or make use of information from the system but does not affect system resources.
By eavesdropping on, or monitoring of, transmissions to:
+ obtain message contents (as shown above in Stallings Figure 1.3a), or
+ monitor traffic flows
Are difficult to detect because they do not involve any alteration of the data.
Also have “active attacks” which attempt to alter system resources or affect their operation.
By modification of data stream to:
+ masquerade of one entity as some other
+ replay previous messages (as shown above in Stallings Figure 1.4b)
+ modify messages in transit
+ denial of service
Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are difficult to detect, measures are available to prevent their success. On the other hand, it is quite difficult to prevent active attacks absolutely, because of the wide variety of potential physical,software,and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.