dependable expert writers

With experience gained since 2003, EssayPride successfully completes 98% of all incoming orders. Select options, proceed, and consider your paper done!

Assignment type

Deadline (UTC)

Pages

Search our huge database of over 200,000 free example essays and research papers nearly on any topic imaginable!

1 Private Secret Key Algorithm 2 Public example essay topic

3,835 words

An overview into the world of network security Prashant K Singh and Rohit Kam boj Department of computer engineering, Dr. Babasaheb Ambedkar Technological university Loner e-402 103, Ra igad, Maharashtra. Abstract In this paper we have tried to demonstrate the sensitivity of transferring data in a network. In doing so we have emphasized on the type of problems one could face while transferring the data in a network. Further we have tried to stress on the different types of security measures available to make the data transfer a secure phenomena on a network. In the present paper we have also listed some of the most common methodologies available for secure routing of information on a network. Introduction: The term computer network means a large number of inter-connected autonomous computers.

Two computers are inter-connected if they are able to exchange information with each other. With the advancement of technology computer network has become a widespread source of delivering data to individuals at home and at workplace. With the enormous use of computer network it is required to make the communication between the destination host and the source host a secure method. The topic of network security is a vast topic that covers a multitude of sins. Network security in its simplest form means that nosy people cannot read the message, or worse cannot modify the message meant for other recipient. It is concerned with people trying to access the remote services that they are not authorized to use.

Network security also deals with problems of legitimate messages being captured and replayed, and people trying to deny that they sent the message. Most of the network security problems are caused by malicious people trying to gain some benefit or harm someone. A few most common perpetrators of network security are as follows: . Students: Trying to have fun by snooping on people's email... Hackers: To test someone's security system and try to steal data... Business representatives: To get strategic plans of rivals...

Spy: To learn enemies military strength... Conman: To steal credit card numbers. Of all the above lawbreakers, hackers are the real enemies who try to destroy the entire network. The internet protocol system is based on two types of the protocol model. The first type is known as the International Standard Organization's Open System Interconnection Reference Model (OS RIM). The second type is known as TCP / IP internet layering Model.

ISO seven layer Open System Model (OSI): LAYER FUNCTIONALITY 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data link (Network interface) 1 Physical hardware connection. Physical layer: This is the first layer and specifies the physical layer interconnection including electrical / photonic characteristics... Data link layer: This is the second layer and specifies how the data travels between two end points of a communication link... Network layer: The network layer comprises the third layer and defines the basic unit of transfer across the network and includes the concept of multiplexing and routing...

Transport layer: This is the layer four and provides end to end reliability by having the destination host communicate with the source host to compensate for the fact that the multiple networks with different qualities of service may have been utilized... Session layer: This layer describes how protocol software can be organized to handle all functionality needed by the application programs... Presentation layer: This the sixth layer in ISO-OSI model and includes the function required for the basic encoding rules used in transferring information... Application layer: Layer seven is the application layer and includes the application programs such as electronic mail or file transfer programs. In the application layer there is a need for support protocols to allow real application function. The first real application is security, which is not a single protocol, but a large number of concepts and protocols that can be used to ensure privacy where needed.

The second is DNS, Domain Name System, which handles the naming within the Internet. The third support protocol is for network management. Earlier, corporate employees used network for sharing printers and further used network for sending email. Under these conditions security didn't get much of attention. With the advancement of technologies, ordinary people used computer network for banking, shopping, filling tax returns etc. Under these conditions the network security is looming on horizon as a potentially massive problem.

Routing sensitive data over Internet as shown in fig. 1 is problematic for two main reasons: . It is difficult to maintain privacy between to computers that are not directly connected... Third parties can illegally pose as computer in a conversation or transaction and intrude and eavesdrop on the information. This is known as spoofing. The client also sends and receives data The server sends and receives information via the internet without SSL and advanced security, any computer on the SERVER network can intercept the information as it routes from the server to the client and back Fig. 1: Routing information on the Internet The Internet does not provide inherently secure communication between the web browser and the web server.

Often this lack of security is the cause of concern. With the advanced use of Internet there is a demand of secure routing of information. There are several techniques being developed to address this problem. Two different protocols have been developed for the enhanced web security. Secure-HTTP and Secure Socket Layer (SSL). Secure-HTTP: Secure-HTTP or commonly called as S-HTTP, is an extension of HTTP that provides a variety of security enhancement for the web.

Message protection in S-HTTP is provided in three ways: . Signatures: This ensures the data received by the receiver was not changed and is received by the correct receiver... Authentication: This ensures that connection is established with the correct server... Encryption: This makes the data illegible to the intruders. S-HTTP is flexible and allows each application to configure the amount of security required. Secure Socket Layer: Secure Socket Layer or more commonly abbreviated, as SSL is a transport level security technique that can be applied to the HTTP as well as other TCP / IP based protocols.

SSL provides data protection in the following three ways: . Authentication: This ensures that the connection is established with a correct server... Encryption: This makes data unavailable to intruders... Data Verification: this verifies data between the sender and the receiver.

Network security problems can be divided into four intertwined areas, that is, Security, Authentication, Non Repudiation, and Integrity control, of which security deals with keeping out information out of reach of unauthorized control. Authentication deals with whom dealing is being done, Non Repudiation deals with signatures and Integrity controls ensures that the data that is being transferred is not modified when received by the receiver. The network security is not constrained to any one of the protocol layers. In the physical layer, enclosing the transmission lines in the sealed tubes containing argon gas at the high pressure can prevent wiretapping.

Any attempt to drill into a tube will release some gas, reducing the pressure and raising an alarm. This is mostly used in military purposes. In the data link layer, packets on point to point to line can be encoded as they leave one machine and decoded as they enter another. In the network layer, firewalls can be installed to keep packets in or keep packets out. In the transport layer, entire connections can be encrypted. With the above-mentioned techniques, the security issues can be solved but it is difficult to solve the authentication or the non-repudiation problem.

To tackle these problems the application layer provides many solutions which are discussed below. Encryption: This is the process by which sensitive information is modified so that it is unavailable to the eavesdropper. The encryption model is illustrated in fig. 2 Active Passive intruder Intruder intruder can just listens can alter messages Plaintext Plain text, P Cipher text, C = Ek (P) Encryption Key, K Decryption key Fig. 2: The Encryption Model The message to be encrypted, known as plaintext, are transformed by a function that is parameterized by a key. The output of the encryption process, known as the cipher text, is then transmitted. The enemy intrudes and copies the complete cipher text, but unlike the original recipient he does not know the decryption key and hence, he cannot decrypt the entire cipher text. The art of breaking the ciphers is called cryptanalysis.

The art of devising ciphers and breaking them is called cryptology. The encryption methods have been broadly divided into two categories, that is, substitution ciphers and transposition ciphers... Substitution ciphers In substitution cipher each letter or a group of letter replaces another letter or a group of letter. The oldest of this method is called the Caesar cipher. In this method a becomes D, b becomes E, c becomes F, ... z becomes C. For example, drbatu becomes GUEDWX. In the example, plain text is given in lowercase letter and uppercase letter denotes cipher text.

In this method, each cipher text is shifted to k positions from the plain text. (In the example k = 3) Another improvement in the Caesar cipher method is called mono alphabetic substitution. In this method each symbol in the plain text is mapped onto some other alphabet. For example: Plain text Cipher text Using the above notations drbatu becomes RKWZX... Transposition cipher: The transposition ciphers reorder the letters but do not disguise them. Encryption Algorithms: An encryption algorithm is used to encrypt the data using a key.

A similar algorithm and a key are used to decrypt the same message at the receivers end. The two types of the algorithm are 1) Private / secret key algorithm 2) public key algorithm... Secret Key Algorithm Modern cryptography uses the same basic idea as traditional cryptography, transposition and substitution, but its emphasis is different. Traditionally, cryptographers have used simple algorithms and relied on very long keys for there security. Transpositions and substitution can be implemented with simple circuits. The secret key algorithm circuit is shown in the fig. 3 P-box S-box Product Cipher S 1 S 5 S 9 P 1 S 2 P 2 S 6 P 3 S 10 P 4 S 3 S 7 S 11 S 4 S 8 S 12 (a) Decoder (b) Encoder (c) 3 to 8 8 to 3 Fig 3: Basic Element Of Product Cipher The figure shows a device, known as P-box where P stands for permutation, used to effect a transposition on an 8-bit input.

The substitution is performed by the S-block where S stands for substitution. In the fig. 3, a 3-bit plain text is the input and a 3-bit cipher text is the output. The third stage encodes input line in binary again. With the appropriate wiring any substitution can be accomplished. The real advantage of this method is seen when these product ciphers are cascaded. In simpler terms, the private or secret key algorithm uses an identical key to decrypt the message at the receiver's end that was used to encrypt the message the message at senders end.

The sender and the receiver agree on a common private key to encrypt the data. The private key is not transferred over public communication channel. Following are some algorithm that uses private key mechanism... Data Encryption Standard: This is most commonly known as DES.

The general outline of DES is shown in the fig. 4 64 bit plain text Initial Transposition... Inverse Transposition 64 bit cipher text Fig. 4 The encryption standard (a) general model; (b) Detailed Model The Plain text is encrypted in blocks of 64 bits, yielding 64 bits of cipher text. The algorithm that is parameterized by 56 bits has 19 distinct stages. The first stage is key independent transposition on 64-bit plain text. The last stage is exactly inverse of this transposition. The stage prior to the last stage exchanges the leftmost 32 bit with the rightmost 32 bit.

The remaining 16 stages are functionally identical but are parameterized by different functions of the key. The algorithm has been designed to allow decryption to be done with the same key as encryption. The steps are just run in reverse order. Each stage takes two 32-bit inputs and produces two 32-bit outputs. The left output is simply the copy of the right input. The right output is bit wise EXCLUSIVE-OR of the left input and the right input and the key for this stage is Kid.

This procedure is depicted in the fig. 4 b (4 b) Li-1 Ri-1 32 bits Li 32 bits Ri In each of the 16 iterations different key is used. Before the algorithm starts, a 56-bit transposition is applied to the key. Just before each iteration, the key is partitioned into two 28-bit units, each of which is rotated left by a number of bits dependent on the iteration number. Kid is derived from this rotated key by applying yet another 56-bit transposition to it...

International Data Encryption Standard: This is most commonly known as IDEA. This was designed to withstand differential cryptanalysis. The basic structure of the algorithm resembles Des in that 64 bit plain text input blocks are mangled in a sequence of parameterized iterations two produce 64 bit cipher text output blocks. In the procedure three operations are used, all on 16 bit numbers. These operations are EXCLUSIVE-OR, addition to the modulo 216, and multiplication modulo 216 +1. The operations have the property that does not follow the associative or the distributed law, making the cryptanalysis more difficult.

The 128-bit key is used to generate 52 sub keys of 16 bits each, 6 for the eight iterations and four for the final transformation. Decryption uses the same algorithm as the encryption, only with different sub keys... BLOWFISH: Blowfish uses variable key size, ranging from 32 bit-428 bit. It is similar to DES in nature. The performance of blowfish is much better than DES and IDEA and it's commonly used in public domain... Public Key Algorithm: Key distribution has always been the weak link in most cryptosystem.

The cryptosystem becomes useless if the intruder could steal the key. To prevent this a new type of cryptosystem was designed in which the encryption and the decryption key is different, and the decryption key is not derived from the encryption key. In this method the encryption algorithm, E, and the decryption algorithm, D, must satisfy the following three requirements: . D (E (P) ) = P... It is exceedingly difficult to deduce D from E...

E cannot be broken by chosen plain text attack. The first requirement means that if D is applied to an encrypted message, E (P), the original message, P, can be derived. The second requirement is self-explanatory. The third requirement is needed because the intruders continuously try to experiment with the algorithm a try to get the access of it and hence in no way we can make the encryption key public. This method in the following manner. A person wanting to receive a secret message first develops two algorithms, EA and DA, meeting the above requirement.

The encryption algorithm and the key, EA, is then made public and hence the name Public Key Algorithm. The decryption algorithm is again made public but the key is private. Thus, EA is public but DA is private. In general, suppose person A wants to communicate to person B securely. Both A's and B's encryption key is made public. Now A takes the first message, P, computes EB (P), and sends it to B. now B decrypts the message by applying its private key DB.

Nobody else can read the encrypted message, EB (P), because the encrypted system is assumed to be strong and it is difficult to drive the private key of B. Therefore, A and B can now communicate securely and safely. Authentication: Authentication is a technique by which a process verifies that its communication partner is a computer, which it desires, and not an imposter. Verifying the identity of a remote process in the face of the malicious, active intruder is surprisingly difficult and requires complex protocols based on cryptography. The general authentication model is described as follows: A sender X wants to establish a secure connection with the second user Y. Both X and Y is called the principals. X starts out by sending a message either to y or to a trusted key distribution center (KDC), which is always honest.

Several other messages are developed in both the directions. Using several protocols like the shared secret key or the public key X and y are ensured that they are communicating to each other and not to an intruder. Authentication using shared secret algorithm This protocol is based on a principle found in many authentication protocols where one party sends a random number to the other, who then transforms it in a special way and then returns the result. Such protocols are called challenge-response protocols. In this method, person 1 sends his identity, A, through message 1 to person 2 in a way that person 2 understands. Still, Person 2, has no way of knowing whether this message came from person 1 or from person 3, so he chooses a large random number, RB, and sends it back to "person 1" as message 2, in plaintext.

Person 2 then encrypts the message with the key he shares with person 2 and sends the cipher text, KAB (RB), back in message 3. When person 2 sees this message, he immediately knows that it came from person 1 because person 3 does not know KAB and thus could not have generated it. At this point, person 2 is sure he is talking to person 1, but person 1 is not sure of anything. All he knows that person 3 might have intercepted massage 1 and sent back RB in response.

To find out whom he is talking to, person 1 picks random number, RA and sends it to person 2 as plaintext, in message 4. When person 2 responds with KAB (RA), peron 1 knows he is talking to person 2. If they wish to establish a session key now, person 1 can pick one, KS, and send it to person 2 encrypted with KAB. The above explained challenge response method could be reduced to a shorter version where person 1 initiates the challenge-response protocol instead of waiting for person 2 to do it.

Similarly, while he is responding to person 1's challenge, person 2 sends his own. Thus the entire protocol can be reduced to a shorter message. Though, this new protocol is an improvement over the original challenge response protocol as it is shorter. But, unfortunately, it is also wrong because person 3 can defeat this protocol by using what is known as a reflection attack. Authentication using public key cryptography In authentication using public key algorithm, person 1 starts this process by encrypting his identity and a random number, RA, using person 2's public (or encryption) key, EB. When person 2 receives this message, he has no idea of whether it came from person 1 or from person 3, but still he sends person 1 back a message containing person 1's RA, his own random number, RB, and a proposed session key, KS.

When person 1 gets message 2, he decrypts it using his private key and receives RA in it and assumes that the message must have come from person 2, since person 3 has no way of determining RA. Thus, Person 1 agrees to the session by sending back message 3. When person 2 sees RB encrypted with the session key he just generated, he knows person 1 got message 2 and verified RA. However, this protocol does have a weakness that it assumes that person 1 and person 2 already know each other's public keys.

Signatures: The authentication of any document is verified by hand written signatures. In the same way the authentication of digitized data is verified using digital signatures. The digital signatures can be applied using two types of approaches. The first approach is called the secret key signature and the other way is called the public key signature. Secret key signature In this approach of digital signatures there is a central authority that knows everything and whom everyone trusts, say B. Each user then chooses a secret key and carries it by hand to B's office. Thus only person 1 and B know person 1's secret, KA, and so on.

When person 1 wants to send a signed plaintext message, P, to his banker, person 2, he generates KA (B, RA, t, P) and sends it. B sees that the message is from person 1, decrypts it, and sends a message to person 2. The message to person 2 contains the plain text of person 1's message and also the signed message KB (A, t, P), where t is a timestamp. Person 2 now carries out person 1's request.

Public Key Signature A structural problem with secret-key cryptography for digital signatures is that everyone has to agree to trust B. With public-key signature, the public key cryptography can make an important contribution. Let us assume that the public-key encryption and decryption algorithms have the property that E (D (P) ) = P in addition to their usual property that D (E (P) ) = P. under these circumstances, Person 1 sends a signed plaintext message, P, to person 2 by transmitting EB (DA (P) ). Here, person 1 knows his own (private) decryption key, DA, as well as person 2's public key, EB, so constructing this message is something person 1 can do. When person 2 receives the message, he transforms it using his private key, as usual, yielding DA (P). He stores this text in a safe place and then decrypts it using EA to get the original plaintext.

Bibliography

1. A. S Tanenbaum, Computer Networks, Prentice Hall of India, New Delhi, 3rd Edn., 2002.2. D. Minolli, 'Internet structure, Protocol and Acess within eye to intranet', In E-Buisness, ch. 1, pp. 1-91.3. D. Minolli, 'Internet and intranet web server technology, access and protocols', In E-Buisness, ch. 1, pp. 1-91.

P
Public Key

Things every student should keep in mind

Free example essays found anywhere online are available to anyone, which makes them used, re-used, paraphrased, and abused millions of times.
Watch out, some are poorly written!
We strongly discourage you to submit free essays or any of their parts for credit at your school -- they are easily detected by PLAGIARISM CHECKERS.
Get a brand-new, 100% original paper that will be written especially for you following YOUR EXACT instructions.

100% money back, no questions asked if you paper is plagiarized (this won't happen anyway).

We use a simple but effective principle: one satisfied customer will come back for more, but one who was cheated and misled will tell 10 others too.

Our clients are treated with the highest level of respect that a legitimate student deserves. You, as a customer, will feel this attitude starting from your first contact with our essay service and all the way through.

A significant percentage of cheap essay writing services have also been the source of complaints from students for selling cut and pasted work off the net -- this is a world away from the personalized essay service that EssayPride offers. All our guarantees are always kept -- we are nothing without quality, affordable prices, and the high degree of customer satisfaction!

What our customers say

Piotr S.
Toronto, Canada

I am an ESL student and I am only learning how to write good papers in English. Thanks to EssayPride I am mastering this skill much faster. They help me because they always respond any questions and explain me things I do not understand. They also strictly follow the deadlines and I am never late with my assignments. Thank you very much, guys, your hard work is appreciated. I will surely be ordering more.

Lindsay M.
Winston Salem, NC

Oh my Gosh! My life has become sooo much easier after I've come across this website. I am a working student, so sometimes I am too overwhelmed with so many things and I really need a hand with my papers. I am glad I have found a company I can trust. I have confidence in these guys, because they proved to be good quite a few times.

Kirk N.
Austin, TX

I never leave reviews for products or services because I am quite particular and picky. Surprisingly enough, EssayPride has managed to satisfy all of my requirements, even though I asked for several alterations to the paper they've sent initially. My assignments are quite complicated and it is essential to possess a certain level of knowledge in order to write a decent paper. These guys have managed, so I give them four stars.

Emma Ch.
Birmingham, UK

Customer service is very responsive to your queries, they answer any question within an hour. Even if you have a problem with an order, you can contact them and they will fix it promptly. The quality of writing is very good, writer knows what he is talking about. I had a very positive experience using this website, I will be a returning customer.

Travis J.
Perth, Australia

I used this website more than once and every time my experience turned out to be extremely positive. I think their price-quality ratio is very good, because I couldn't find anyone writing better than these guys, who would work for this money. Thank you!

Myung O.
Seoul, South Korea

I am a Korean student studying in the US. I would like to thank essaypride staff, especially writer Jeff P., for helping me out so much. My grades are good with all your help and I keep calm about the results of my year.

Boyi Zh.
St. Louis, MO

As probably any student, I was quite hesitant about asking somebody else to do my assignments at first. However, after EssayPride has sent me my first paper and I've read it, I understood that I could actually learn a lot from them. The research they've done was impressive and I understood the topic even better than after going to class and reading my textbook. I am not using this website to "cheat", I am using it as a tutoring service, they help me to understand the material better.

Order ANY essay at an affordable price!

Samples of professionally written essays produced by our company. Feel the difference!

Free example essays, top 50

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X-Z

Our website uses cookies. By continuing, you agree to their use. Learn more, including how to control cookies.