Post on 03-Jan-2016
Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet.
System connected to the internet are potential target for eavesdropping and destruction/tempering of the data stored in them.
Website offering services on the internet is vulnerable to attacks.
Introduction
Authorized e-commerce and e-governance transactions could be modified or replayed for commercial gain.
Unauthorized use of computing systems compromise of data and financial losses.
Systems, networks and data have to be protected to guard against such attacks which could originate from within the organization or from outside.
Contd…..
Trojan sometimes referred to as a Trojan horse, is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user's computer system.
computer virus a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability.
Cyber Attacks
Worm A computer worm is a self-replicating Malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention.
E-mail spam also known as junk e-mail, is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail.
Cyber Attack
Externally accessible systems are targets of hacking.
Hackers can deface websites and steal valuable information from systems resulting in a significant loss of revenue if it is a financial institution or an e-commerce site.
Phishing is the creation of e-mail message referencing web pages that are replicas of existing sites to make users believe that these are authentic sites.
Hacking
IP Spoofing IP spoofing is used by intruders to gain unauthorized access to computers. Message are sent to the computer with the sender IP address of a trusted system.
Packet headers of the message are modified to make it appear that the message is coming from a trusted system.
Hacking
For externally accessible systems such as web, e-mail and FTP servers, protection can be accorded in following ways:
ScanningDemilitarised zone(DMZ)Turn on system and firewall logsImplement intrusion Detection Systems.Establish proxy serversEstablish an additional networks as a buffer
between the internal and external networks.SSL( Secure sockets layer)
Protection Technologies
Three Pillars of a Secure CommunicationPrivacy
A secure conversation should be private. In other words, only the sender and the receiver should be able to understand the conversation.
IntegrityA secure communication should ensure the integrity of
the transmitted message. This means that the receiving end must be able to know for sure that the message he is receiving is exactly the one that the transmitting end sent him.
authenticationA secure communication should ensure that the parties
involved in the communication are who they claim to be.
Secure communication
Cryptography is "the art of writing in secret characters". Encrypting is the act of translating a 'normal message' to a message written with 'secret characters' (also known as the encrypted message).
Decrypting is the act of translating a message written with 'secret characters' into a readable message (the unencrypted message).
Cryptography-based Solutions
A key-based algorithm uses an encryption key to encrypt the message. This means that the encrypted message is generated using not only the message, but also using a 'key':
Key-based algorithms
The receiver can then use a decryption key to decrypt the message. Again, this means that the decryption algorithm doesn't rely only on the encrypted message. It also needs a 'key':
Key-based algorithms
Symmetric KeyThese type of algorithm uses the same key for
encryption and decryption.Symmetric cryptosystems began in 1977 when
the Data encryption standard(DES) was adopted as a United States federal standard.
Symmetric system operate either in the block cipher(fixed size block) or in the stream cipher(data of any size).
In block cipher data is encrypted in 64-bit block using a 56-bit key.
Triple-DES follows the same algorithms as DES, using three 56-bit keys. 64-bit data block are first encrypted using key1. the result is encrypted using key 2and again using key 3
Symmetric and asymmetric key-based algorithms
Although this type of algorithms are generally very fast and simple to implement, they also have several drawbacks.
The main drawback is that they only guarantee privacy
Another drawback is that both the sender and the receiver need to agree on the key they will use throughout the secure conversation (this is not a trivial problem).
Pros and cons of symmetric Cryptosystems
Public-key algorithms are asymmetric algorithms and, therefore, are based on the use of two different keys, instead of just one.
In public-key cryptography, the two keys are called the private key and the public keyPrivate key: This key must be know only by its
owner.Public key: This key is known to everyone (it is
public)Relation between both keys: What one key
encrypts, the other one decrypts, and vice versa. That means that if you encrypt something with my public key (which you would know, because it's public :-), I would need my private key to decrypt the message.
Public key cryptography
In a basic secure conversation using public-key cryptographythe sender encrypts the message using the
receiver's public keyThe encrypted message is sent to the receiving
end, who will decrypt the message with his private key.
Only the receiver can decrypt the message because no one else has the private key.
Also, notice how the encryption algorithm is the same at both ends: what is encrypted with one key is decrypted with the other key using the same algorithm.
A secure conversation using public-key cryptography
There is no need to agree on a common key for both the sender and the receiver
if someone wants to receive an encrypted message, the sender only needs to know the receiver's public key
As long as the receiver keeps the private key secret, no one but the receiver will be able to decrypt the messages encrypted with the corresponding public key.
unlike symmetric algorithms, public-key systems can guarantee integrity and authentication, not only privacy.
The main disadvantage of using public-key systems is that they are not as fast as symmetric algorithms.
Pros and cons of public-key systems
Electronic Record
1.Very easy to make copies2.Very fast distribution3.Easy archiving and retrieval4.Copies are as good as original5.Easily modifiable
Why Digital Signatures?•To provide Authenticity, Integrity and Non-repudiation to electronic documents•To use the Internet as the safe and secure medium for e-Commerce and e-Governance
Integrity is guaranteed in public-key systems by using digital signatures.
A digital signature is a piece of data which is attached to a message and which can be used to find out if the message was tampered with during the conversation
Digital signatures: Integrity in public-key systems
The digital signature for a message is generated in two steps:A message digest is generated. A message digest is a
'summary' of the message we are going to transmit, and has two important properties: (1) It is always smaller than the message itself and (2) Even the slightest change in the message produces a different digest. The message digest is generated using a set of hashing algorithms.
The message digest is encrypted using the sender's private key. The resulting encrypted message digest is the digital signature.
Digital Signatures
The digital signature is attached to the message, and sent to the receiver. The receiver then does the following:Using the sender's public key, decrypts the digital
signature to obtain the message digest generated by the sender.
Uses the same message digest algorithm used by the sender to generate a message digest of the received message.
Digital Signature Process
Compares both message digests (the one sent by the sender as a digital signature, and the one generated by the receiver). If they are not exactly the same, the message has been tampered with by a third party. We can be sure that the digital signature was sent by the sender (and not by a malicious user) because only the sender's public key can decrypt the digital signature (which was encrypted by the sender's private key; remember that what one key encrypts, the other one decrypts, and vice versa). If decrypting using the public key renders a faulty message digest, this means that either the message or the message digest are not exactly what the sender sent.
Digital Signature Process(1)
A digital certificate is a digital document that certifies that a certain public key is owned by a particular user.
This document is signed by a third party called the certificate authority (or CA).
Certificates and certificate authorities
Public-Key Certification
Signed by using
CA’sprivate
key
UserName &
other credentials
UserName &
other credentials
User’s Public
key
User’s Public
key
User Certificate
Certificate Database
PublishCertificateRequest
User Name
User’s Public Key
CA’s Name
Validity
Digital Signature of CA
Certificate Class
User’s EmailAddress
Serial No.
Key pair Generation
Private
Public
Web site of CA
User 1 certificate
User 2 certificate.
Public
License issued by CCA
An X.509 certificate is a plain text file which includes a lot of information in a very specific syntax.
four most important things we can find in an X.509 certificate:Subject: This is the 'name' of the user. It is encoded
as a distinguished name (the format for distinguished names will be explained next)
Subject's public key: This includes not only the key itself, but information such as the algorithm used to generate the public key.
Issuer's Subject: CA's distinguished name.Digital signature: The certificate includes a digital
signature of all the information in the certificate. This digital signature is generated using the CA's private key. To verify the digital signature, we need the CA's public key (which can be found in the CA's certificate).
X.509 certificate format
Eavesdropping is the act of secretly listening to the private conversation of others without their consent.
Destruction is the concept of damage to an object, system.
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.
Espionage or spying involves individual obtaining information that is considered secret or confidential without the permission of the holder of the information.
An intruder is a person or animal who undesirably enters someone else's putative territory.
A cipher is an algorithm for performing encryption or decryption
Terminologies