This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In computers lot of sensitive information is stored and transmitted over the Internet, so we need to make sure information security and safety. In fact there is only one sure way to protect information using encryption.
Cryptography is a information of science and security, protecting the information by transforming data into unreadable format called as cipher text with the help of modern security protocols and ciphers . It is most associated with scrambling plaintext (ordinary text) into cipher text (a process called encryption), then back again (from cipher text to plain text is known as decryption).
There are two fundamental techniques for encrypting information-one is symmetric encryption (secret key encryption) and other is asymmetric encryption(public key encryption) both of them have advantages and disadvantages.
Encryption program uses an encryption algorithm for encrypting and decrypting the data. The encryption algorithm creates specific strings of data and that is used for encryption keys with the intention of long-standing strings of bits or binary numbers. If the key contains more number of bits then we will get more number of possible combinations of binary numbers and that make more hard to break the code. Then the encryption algorithm encrypt the data by combination of key bits with the data bits.
the same key is used for encrypting data and decrypting data in symmetric key encryption.
There are two types of symmetric algorithms one is stream ciphers and another one is block ciphers.
Stream ciphers encrypt the bits of information by bit-by-bit. Stream ciphers are smaller and too faster to implement than block ciphers. The most used stream cipher is RC4.
Block cipher encrypt the information by breaking it down into blocks. And encrypts data in each block commonly the block size 64 bits. The most used block ciphers are Triple DES,RC5,RC6(derived from RC5) and AES.
Asymmetric encryption uses different keys one is public key(every one knows ) for encryption and another one private key(only known to its holder) used for decryption.
Firstly coming to wireless network security between wireless access point to manger laptop, Manger needs a strong encryption to prevent data leakage, Wireless Equivalent Privacy (WEP) which is first generation encryption protocol and it was cracked with the help common hacking tool, WEP uses 40 bit RC4 stream cipher developed from RSA security. RC4 is a variable key size stream cipher.
WEP uses a pseudo random key stream that is generated by combining a Initialization Vector(IV) with a secret key.WEP Initialization Vector is only 24 bits. More detailed problems with RC4 and its implementation in WEP are widely recognized by a large number of experts. As a result of WEP's vulnerabilities, wireless networks using WEP are susceptible to man in the middle attacks.
WPA was able to improve security over WEP by implementing the Temporal key Integrity Protocol(TKIP). Based on the RC4 stream cipher with 128 bit key and 48 bit Initialization Vector. The TKIP algorithm is designed to overcome the security faults discovered in WEP by:
Stronger authentication: An 802.1x server, such as a Radius server, can authenticate by using users individually.
A longer key: WPA Initialization Vector to 48 bits and master key 128 bits
Different keys for each client and alters keys for each successive packet in Temporal Key Integrity Protocol generates.
A message integrity code verifies messages not been altered in transit ,protects against replay attempts.
To the broken WEP protocol, the IEEE only intended WPA protocol forWhilst these mechanisms would provide consumers with a secure alternative. WPA2 is alter of WPA's.Designed of completely new encryption protocol, WPA2 implemented a new algorithm known as Counter Mode with Cipher Block Chaining Message Authentication Protocol(CCMP). CCMP offer several enhancements to the TKIP standard including in the use of the Advanced Encryption Standard(AES) also known Rijndael. WPA2 was also given the ability to utilise backward compatibility in the TKIP encryption protocol .
The Virtual Private Network use a public telecommunication network like Internet, to allow the end user for the main network of organization. VPN employs virtual connections originating from the main network to route through the Internet to the remote sites thereby helping greatly for protecting the remotely deployed computers from illegal incursions.
VPN offers extra security data encryption in form of the coding at transmitting end and decoding at the receiving end that permits only authorizing employers to access the network of a company. The privacy factor is achieved through the adherence in prescribed security measures and by the implementing that the right computer network protocols.
For secure applications the key distribution mechanism of Kerberos protocol is used. authentication have One of the bases of secure network system. Kerberos protocol is the best authentication protocols and that is used widely in network applications. The Kerberos protocol is proposed by MIT.
The solution for authentication in client server architecture that is provided by the Kerberos protocol. The clients and servers need to authenticate the users identities to other side. So that It guarantees the authenticity of communication. By supporting the dynamic key generation and secure key distribution , the mechanism of the protocol provided. The improvements are performed to a public key cryptography to the protocol.
Kerberos ticket is a certificate issued by an authentication server, encrypted using the server key. The ticket contains the random session key that will be used for authentication of the principal to the verifier, the name of the principal to whom the session key issued and expiration time which after session key that is no longer valid. The ticket is not sent directly to the verifier, but is instead sent to the client who forwards it that verifies as part of the application request. Because the ticket is encrypted in server key, known only by the authentication server and intended verifier, that is not possible for the client to modify the ticket without detection.
In public key cryptography, encryption and decryption are performed by pair of keys such knowledge the one key that doesnt provide knowledge of the other key in the pair . One key is publishes so called as the public key and the other key is kept private which is private key.
Public key cryptography has several advantages over conventional cryptography when used for authentication. These include more natural support for authentication to multiple recipients, support for non repudiation and the elimination of secret encryption keys from the central authentication server.
Kerberos authentication proves that a client is running on behalf of a particular user, a more precise statement is that the client has knowledge of an encryption key that is known by only the user and the authentication server. In Kerberos, the user's encryption key is derived from and should be thought of a password; we will refer to it as such has this article. Similarly evey application server shares an encryption key with the authentication server; this will called the server key.
Encryption in the present implementation of Kerberos uses the data encryption standard . It is a property of DES that if cipher text is decrypted with the key to encrypt it the plaintext appears. If different encryption keys are used for encryption and decryption, or if the cipher text is modified, the result will be unintelligible and the checksum in the Kerberos message will not match the data. This combination of encryption and the checksum provides integrity and confidentiality for encrypted Kerberos messages.
Single sign in systems security that is improved by using the Kerberos
protocol. It can protect the authentication against drops and
attacks. For the eavesdropping attack that the intrudera can be obtain the
copies of messages exchanged between clients and servers. During the authentication the information is encrypted except clients identifiers.
An intruder cannot get any private information of the client, but it gets the data if it figures the client's private key in very short time. The further communications between valid clients and the server that also encrypted with the session key which will change in the next session. so the intruders little chances if it is hardly managed to interference in the authentication purpose.
In summary, Kerberos is a solution to your network security problems. It provides the tools of authentication and strong cryptography over the network to help you secure your information systems across your entire enterprise.