Cryptography is the science of using the mathematics to encrypt and decrypt data. Cryptography enables you to store sensitive information or transmit it across the insecure networks(like the internet) so that cannot be read by anyone except the intend recipient.
NEED FOR NETWORK SECURITY:
In the past, hackers were highly skilled programmers who understood the details of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These complicated attack tools and generally open networks have generated an increased need for network security and dynamic security policies.
The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a connection to public networks.
Because they have no Internet connectivity, networks designed in this way can be considered safe from Internet attacks. However, internal threats still exist.
There is a estimates that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse has taken place.
With the development of large open networks, security threats have increased significantly in the past 20 years. Hackers have discovered more network vulnerabilities, and because you can now download applications that require little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used maliciously and pose severe threats.
A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.
ENCRYPTION AND DECRYPTION TECHNIQUES:
Data that can be read and understood without any special measures is called plaintext or cleartext. The method of disguising plaintext in such a way as to hide its substance is called encryption. Encrypting plaintext results in unreadable gibberish called ciphertext. You use encryption to ensure that information is hidden from anyone for whom it is not intended, even those who can see the encrypted data. The process of reverting cipher text to its original plaintext is called decryption.
SYMMETRIC KEY GENERATION METHODS:
Symmetric-key algorithms can be divided into stream ciphers and block ciphers. Stream ciphers encrypt the bits of the message one at a time, and block ciphers take a number of bits and encrypt them as a single unit. Blocks of 64 bits have been commonly used. The Advanced Encryption Standard (AES) algorithm approved by NIST in December 2001 uses 128-bit blocks.
Some examples of popular and well-respected symmetric algorithms include Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, 3DES, and IDEA.
ADVANTAGES OF SYMMETRIC:
Faster and easier to implement
Lower overhead on system resources
DISADVANTAGES OF SYMMETRIC:
symmetric-key encryption are secret-key, single-key, shared-key, one-key, and private-key encryption. Use of the last and first terms can create ambiguity with similar terminology used in public-key cryptography.
ASYMMETRIC KEY GENERATION METHODS:
Public-key algorithms are asymmetric algorithms and, therefore, are based on the use of two different keys, instead of just one. In public-key cryptography, the two keys are called the private key and the public key
Private key: This key must be know only by its owner.
Public key: This key is known to everyone (it is public)
Relation between both keys: What one key encrypts, the other one decrypts, and vice versa. That means that if you encrypt something with my public key (which you would know, because it's public :-), I would need my private key to decrypt the message.
Public-key cryptography is a cryptographic approach which involves the use of asymmetric key algorithms instead of or in addition to symmetric key algorithms. Unlike symmetric key algorithms, it does not require a secure initial exchange of one or more secret keys to both sender and receiver. The asymmetric key algorithms are used to create a mathematically related key pair: a secret private key and a published public key. Use of these keys allows protection of the authenticity of a message by creating a digital signature of a message using the private key, which can be verified using the public key. It also allows protection of the confidentiality and integrity of a message, by public key encryption, encrypting the message using the public key, which can only be decrypted using the private key.
ADVANTAGES OF SYMMETRIC:
Scalable and does not require much administration
Easier for users to use
DISADVANTAGES OF ASYMMETRIC:
Asymmetric encryption is also known as "public key encryption" because for every encryption and decryption process there are two separate keys: One that encrypts and one that decrypts. Usually, these are known as the public and private keys. You can encrypt a message with someone else's public key and only that person will be able to decrypt it because only they are in possession of their private key.
SYMMETRIC AND ASYMMETRIC ALGORITHMS DIFFERENCE:
Symmetric algorithms (Symmetric-key algorithm) use the same key for Encryption and Decryption. Symmetric algorithms require that both the sender and the receiver agree on a key before they can exchange messages securely. Symmetric-key algorithms can be divided into stream algorithms (Stream ciphers) and Block algorithms (Block ciphers). Asymmetric algorithms use a different key for encryption and decryption, and the decryption key cannot be derived from the encryption key.
The hardness of RSA is related to the integer factorization problem, while Diffieââ‚¬"Hellman and DSA are related to the discrete logarithm problem. More recently, elliptic curve cryptography has developed in which security is based on number theoretic problems involving elliptic curves. Because of the difficulty of the underlying problems, most public-key algorithms involve operations such as modular multiplication and exponentiation, which are much more computationally expensive than the techniques used in most block ciphers, especially with typical key sizes. As a result, public-key cryptosystems are commonly hybrid cryptosystems, in which a fast high-quality symmetric-key encryption algorithm is used for the message itself, while the relevant symmetric key is sent with the message, but encrypted using a public-key algorithm. Similarly, hybrid signature schemes are often used, in which a cryptographic hash function is computed, and only the resulting hash is digitally signed.
REPORT EFFICIENT METHOD:
As mobile networks expand their bandwidth, mobile phones, as with any other Internet device, become substantially exposed to Internet security vulnerabilities. Since mobile phones are becoming popular and widely distributed, they are increasingly used for financial transactions and related electronic commerce. Consequently, they will feature applications that also demand adequate security functions. In this regard, the prevailing security system in wired networks could be extended to wireless networks as well. There are many schemes for enforcing security, of which, the most efficient is the public key infrastructure (PKI), employing public key cryptography. Extension of PKI to wireless networks demands for a modification of the existing technologies. In this paper, we propose an idea for implementing public key cryptography in mobile phones, by means of a comprehensive design, with due consideration for the hardware aspects as well. Public key cryptography deals with a secure way of encrypting documents, by the use of public and private keys. PKI, of which public key cryptography forms the essential part, ensures more protection and privacy than the existing methods like IDs and passwords. A mobile phone with public key cryptography capabilities can also act as an authentication device for access-control systems, based on the challenge-response mechanism. Introducing a highly advanced security concept such as PKI to the wireless Internet will facilitate the rapid market adoption of secure, web-based transaction and authentication services such as mobile banking, mobile brokerage and mobile payment. The freedom of the wire free world combined with the security and authentication made possible by PKI will change the face of commerce for businesses and consumers alike.
As the Internet as become an integral part of companies' business operations, security on the Internet has also become an important issue for companies. It is no longer enough for companies to be concerned only with employee data or customer data that is contained completely within the standalone computers that characterized the corporate world in the 1970s and 1980s. With the rise of the Internet, computer networks are now open to the entire world, and customers, vendors and employees are demanding that companies safeguard their information. This research considers the issues that surround Internet security and how companies are approaching these issues.