Visit: www.geocities.com/chinna_chetan05/forfriends.

html

NETWORK SECURITY

1 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

ABSTRACT
Now a day’s people are using networks in all fields, mainly for
Banking, Shopping, Business applications, and filing their tax returns and day
by day Internet and its applications are also increasing at rapid rate. Therefore
the growing Net requires security for their data and authentication. So the
network security got a lot of attention. To provide security for the people who
are losing sleep trying to protect the endless terabytes of data contained in
millions of networked computers from prowling hackers, virus writers and
information stealers, cryptography was evolved. It provides a solution to the
electronic security and privacy issue.
Public Key cryptography is a system for supporting digital
signatures and document encryption for an organization. It is fast becoming
essential for an effective secure commerce and to fulfill general security and
authentication requirements over non-secure networks. The banking services
are the most popular usage of this technology, which is quickly spreading
over all the applications that need security to be fully operational.
If electronic signatures were used to secure the data then security
could easily be compromised. The objective of this paper is to briefly describe
about how this problem can avoided using Digital signature mechanism and
digital signature associated with encryption.

2 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

INTRODUCTION
Network security measures are needed to protect data during their
transmission, and to generate guarantee that data transmissions are authentic.
Malicious people trying to gain some benefit, get attention, or to harm
someone intentionally cause most security problems. The most common
security problems in networks are as listed below:

ADVERSARY GOAL
Student To have fun snooping on people’s e-mail
Cracker To test out someone’s security system; steal data
Businessma To discover a competitor’s strategic marketing plan
n
Accountant To embezzle money from a company
Conman To steal credit card numbers for sale
Spy To learn an enemy’s military or industrial secrets
Terrorist To steal germ warfare secrets.

The essential technology underlying virtually all automated network

and computer security applications is encrypting the data using cryptography,
and it was introduced by Julius Caesar.
Unlike an individual's handwriting, electronic information is easy to
duplicate. If electronic signatures were used in the same way as written
signatures security could easily be compromised. To avoid this exposure, the
digital signature process has been developed.
As the name suggests, digital signatures are the electronic equivalent of
traditional handwritten signatures. Handwritten signatures provide a security
service because the uniqueness of individuals' handwriting makes signatures
hard to forge.
Cryptography
Cryptography is the art and science of keeping messages secure.
It is derived from the two Greek words -'crypto' which means 'secret' and
'graph' which means 'writing'. The art of devising ciphers and breaking them
collectively is known as cryptography. Cryptography is used whenever
someone wants to send a secret message to someone else, in a situation where
anyone might be able to get hold of the message and read it. It was often used
by generals to send orders to their armies. The most famous encryption

3 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

machine invented was the Enigma, used in the Second World War to send
military messages.

Types of Cryptosystems
There are two kinds of cryptosystems:
1. Secret key crypto system (Symmetric)
2. Public key crypto system (Asymmetric)
Symmetric (Private Key) Encryption
Symmetric encryption is the simpler of the two classes of key-based
encryption algorithms. In this class, the same key is used to encrypt and
decrypt the message. Taking our example, Alice would encrypt her message
using a key, and then send the message to Bob. Alice would separately
communicate the key to Bob to allow him to decrypt the message. To
maintain security and privacy, Alice and Bob need to ensure that the key
remains private to them. A simple example of this is the use of a password as

4 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

the key. If the password is compromised, then the message is no longer

secure. There are two requirements for secure use of symmetric
encryption.1.We need strong encryption algorithm.2.Sender and receiver must
have obtained copies of the secret key in a secure fashion and must keep the
key secure.
Symmetric encryption algorithms: Data Encryption Standard (DES),
Advanced Encryption Standard (AES), Triple DES, Rijndael, Blowfish, RC2,
RC4, Triple DES, CAST.

Asymmetric(PublicKey)Encryption
Asymmetric, or Public Key, encryption differs from symmetric
encryption by using a pair of keys instead of a single key. One of the keys is
kept private while the second one is made public so that it can be accessed by
anyone. The key-pair works in a complementary manner – information
encrypted by one key can only be decrypted using the other. This property of
the key-pair can be used to perform two functions, encryption and digital
signatures.

Fig. asymmetric encryption.

In using key-pairs for encryption, the public key of the recipient is used
to encrypt the message before it is sent to the recipient. The complementary
nature of the key-pair means that only the recipient’s private key can decrypt
the message. As long as the private key remains secure, then the sender can
be use that only the intended recipient can possibly read the message.
Referring to example, where Alice is sending a message to Bob. Alice
creates her message then encrypts it using Bob’s public key. When Bob
receives the encrypted message he uses his secret, private key to decrypt it.

5 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

As long as Bob’s private key has not been compromised, then both Alice and
Bob know that the message is secure.
Asymmetric key encryption algorithms: RSA, Elliptic curve cryptography
(ECC), Cipherunicorn-A,GNU privacy guard,sigma 2000
Digital Signatures
The principle of public/private key-pairs can be used by the sender to
digitally sign a message. The process of digitally signing a message starts
with the creation of a unique identifier for the message. The unique identifier
can be created using a mathematical technique called Hashing. Hashing is the
method used to obtain a "digital fingerprint" (hash) for a given Message A
hash function uses a mathematical algorithm to convert the message into a
short fixed-length string of bits, often referred to as a ‘hash value’ or
‘message digest’, that uniquely represents the message used to create it. The
hash value is specific to the contents of the message, thus any change to the
message contents will change the hash value that would be generated by the
hash function.

Fig. Hashing
Digital signature mechanism
In this mechanism, Sender applies receiver’s public key to encrypt the
message using a digital signature algorithm to generate a digital signature. He
then sends the message along with the digital signature to receiver. Receiver
checks, or verifies, the signature by applying receiver’s private key to the
signature using a digital signature verification algorithm. This confirms that
the message came from the sender and no-one else, as long as the receiver’s
private key remains secure. The message can be re-hashed and compared with
the decrypted hash value – if the values do not match then the message has
been altered since it was sent.
Digital signatures can be used to deliver three of the cryptographic
services authentication, non repudiation, and data integrity. These are
generally the most critical security services for smart card applications. ECC

6 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

can be used to generate strong digital signatures with only a small amount of
processing power.

Fig.Digital signature mechanism

At first the message is hashed (1), creating a digital fingerprint which is

encrypted using the receivers public key (2) creating a digital signature. The
clear message is combined with the digital signature (3), and the result (an
Authenticated message) is sent (4). After the reception, the message is
separated from the digital signature (5) which is decrypted using the receiver's
private key (6). The message is hashed into a "temporary" digital fingerprint
(7) which is used to validate the received fingerprint (8). If the message has
not been modified during the transfer process, it's authenticated.

Digital Signature associated with Message Encryption

The two functions of encryption and digital signatures can be combined
during the sending of a message. The result is an encrypted message with an
attached encrypted hash that only the intended recipient can read and that can
be checked for both the sender’s identity and for any evidence of tampering.
Ostensibly the same key-pair can be used for both encryption and digital
signatures

7 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

The digital signature validates if the message has not been corrupted
during the transmission (Integrity).

Fig. Digital signature with message encryption

The message is encrypted using a random key (1). This random key is then
encrypted using the receiver's public key (2). This encrypted random key will
be combined with the digital signature and the encrypted message (3). This
package is sent via an unsecured network (4).
Digital Signature associated with Message Decryption
After reception to ensure the confidentiality the receiver must execute
following steps:

8 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

Fig. Digital signature with message decryption

After the reception, the encrypted message and random key are
separated from the digital signature (5). The random key is decrypted using
the receiver's private key (6). The message is decrypted using the random key
(7) and after hashed into a "temporary" digital fingerprint which is used to
validate the received fingerprint (8). If the message has not been modified
during the transfer process, it's authenticated.
Advantages of cryptography:
1. Security to our data (secret key).
2. Digital signs authentication (public key cryptography).
3. Secure management (private key).
4. Avoiding unauthorized person’s access.
5. Avoiding insertion or deletion or modification of data by unauthorized
persons.
6. Sender’s authentication.
7. It also proves the receiver’s authentication

9 Email: chinna_chetan05@yahoo.com
Visit: www.geocities.com/chinna_chetan05/forfriends.html

CONCLUSION
Security is a very difficult topic. Everyone has a different idea of what
“security” is, and what levels of risk are acceptable. The key for building a
secure network is to define what security means to our organization. Once
that has been defined, everything that goes on with the network can be
evaluated with respect to that policy. Many people pay great amounts of lip
service to security, but do not want to be bothered with it when it gets in their
way. It's important to build systems and networks in such a way that the user
is not constantly reminded of the security system around him. Users who find
security policies and systems too restrictive will find ways around them.
Cryptography provides a solution to the problem of information
security and privacy. For electronic communications, the techniques of
private and public key cryptography are becoming increasingly popular. The
implementation of public key cryptography requires several supporting
components to handle key creation, distribution and revocation.
Security is everybody's business, and only with everyone's cooperation,
an intelligent policy, and consistent practices, will it be achievable.

REFERENCES
- Andrew S Tanenbaum, “Computer networks”

- William Stallings, “Data and computer Communications”

-James Martin ”Computer Networks and Distributed processing”

-vol.7, no.1, Feb 2004,”ACM transactions on Information and System

security”

10 Email: chinna_chetan05@yahoo.com