File Name: on cryptography and network security.zip
A short summary of this paper. It compares and contrasts the research pointing out overall trends in what has already been published on this subject. It analyzes the role that cryptography has played and will play in the future relative to security.
This review addresses cryptography around the central theme of the security that it provides or should provide individuals, corporations, and others in the modern age of computing technology, networking, and Web-based ecommerce.
By reviewing both scholarly and non- scholarly works, it is our objective to make a case that continuing research into the use of cryptography is paramount in preserving the future of electronic data security and privacy as well as the continuing development of Web-based applications that will permit the growth of ecommerce business worldwide to be conducted over the Internet. Modern Cryptography Unlike the original use of cryptography in its classical roots where it was implemented to conceal both diplomatic and military secrets from the enemy, the cryptography of today, even though it still has far- reaching military implications, has expanded its domain, and has been designed to provide a cost-effective means of securing and thus protecting large amounts of electronic data that is stored and communicated across corporate networks worldwide.
There have been many advances in the area of modern cryptography that have emerged beginning in the s as the development of strong encryption-based protocols and newly developed cryptographic applications began to appear on the scene. On January, , the National Bureau of Standards NBS adopted a data encryption standard called the Data Encryption Standard DES , which was a milestone in launching cryptography research and development into the modern age of computing technology.
Following this milestone was yet another when a new concept was proposed to develop Public Key Cryptography PKC , which is still undergoing research development today Levy, Cryptography is considered not only a part of the branch of mathematics, but also a branch of computer science. There are two forms of cryptosystems: symmetric and asymmetric. Symmetric cryptosystems involve the use of a single key known as the secret key to encrypt and decrypt data or messages.
Asymmetric cryptosystems, on the other hand, use one key the public key to encrypt messages or data, and a second key the secret key to decipher or decrypt those messages or data. For this reason, asymmetric cryptosystems are also known as public key cryptosystems. The problem that symmetric cryptosystems have always faced is the lack of a secure means for the sharing of the secret key by the individuals who wish to secure their data or communications.
Public key cryptosystems solve this problem through the use of cryptographic algorithms used to create the public key and the secret key, such as DES, which has already been mentioned, and a much stronger algorithm, RSA.
The RSA algorithm involves the process of generating the public key by multiplying two very large digits or more randomly chosen prime numbers, and then, by randomly choosing another very large number, called the encryption key.
The public key would then consist of both the encryption key and the product of those two primes. Ron Rivest then developed a simple formula by which someone who wanted to scramble a message could use that public key to do so.
The plaintext would then be converted to ciphertext, which was transformed by an equation that included that large product. Using this encryption key would unravel the ciphertext and transform it back into its original plaintext.
What makes the RSA algorithm strong is the mathematics that is involved. Ascertaining the original randomly chosen prime numbers and the large randomly chosen number encryption key that was used to form the product that encrypted the data in the first place is nearly impossible Levy, The strength of the keys that are created to encrypt and decrypt data or communications is a function of the length of those keys.
Typically the longer the key, the stronger that key is. For example, a bit key consisting of 56 bits of data would not be as strong as a bit key.
And, consequently, a bit key would not be as strong as a or bit key. Cryptography and Network Security 7 Introduction - Overall Trends in the Research In reviewing the research that has already been published with regard to cryptography and network security since the s, some noteworthy trends have emerged. There is a prevailing myth that secrecy is good for security, and since cryptography is based on secrets, it may not be good for security in a practical sense Schneier, ; Baker, The mathematics involved in good cryptography is very complex and often difficult to understand, but many software applications tend to hide the details from the user thus making cryptography a useful tool in providing network and data security Robinson, Many companies are incorporating data encryption and data loss prevention plans, based on strong cryptographic techniques, into their network security strategic planning programs Companies Integrate, Cryptographic long-term security is needed but is often difficult to achieve.
Cryptography serves as the foundation for most IT security solutions, which include: 1 Digital signatures that are used to verify the authenticity of updates for computer operating systems, such as Windows XP; 2 Personal banking, ecommerce, and other Web-based applications that rely heavily on Secure Sockets Layer SSL and Transport Layer Security TLS for authentication and data security; and 3 The introduction of health cards that allow access to medical history, prescription history, and medical records in countries such as Germany, which contain the electronic health information of its citizens and which depend on digital signature and other encryption schemes for security and privacy of critical data Perspectives for, The ubiquity of the Internet makes it extremely difficult to trace and identify intruders of corporate networks and Internet-based businesses involved in ecommerce with the public domain.
Primary security concerns are confidentiality, data integrity, data origin authenticity, agent authenticity, non- repudiation, and so on. Current cryptographic techniques, such as smart cards, PINs, password authentication, etc. Security is an important aspect of any network, but in particular to wireless ad-hoc networks where mobile applications are deployed to perform specific tasks.
Since these networks are wireless, the potential for hacking into them using mobile devices is greater as there is no clear line of defense for protecting them.
The development of the Mobile Application Security System MASS utilizing a layered security approach and strong cryptographic techniques is seen as a viable low-cost solution to protecting these application-based wireless networks Floyd, And, finally, a new concept in cryptographic security known as Quantum Encryption, which uses quantum fluctuations of laser light at the physical layer introduced into existing network transmission lines is seen as a means of enabling ultra-secure communications and near perfect security Hughes, It is the intent of this review of the literature to look at what has been published regarding cryptography in recent years from the standpoint of network and data security and privacy, and to specifically address the role that cryptography plays in enabling this security.
Cryptography and Network Security 10 Scholarly Literature There is much skepticism surrounding cryptography. Fagin et al. Additionally, the Department of Defense DoD has enacted policy directives requiring Information Assurance IA professionals to receive information security training in addition to basic IA training for all of its DoD employees Fagin et al.
Bhargav-Spantzel et al. The study conducted by Bhargav- Spantzel et al. In the former approach, a user only maintains relationships with identity providers IDPs and thus every transaction providing identity information is conveyed to the appropriate IDP. In the latter approach, the user must obtain long-term credentials and store them in a local provider database. One solution to this dilemma offered by Bhargav-Spantzel et al. The open research question offered by Bhargav-Spantzel et al.
The study also supports their approach in unifying the notions in user-centricity that could be useful in the field of user-centric federated identity management systems FIMS. The study conducted by Bohli et al. The framework introduced by Bohli et al. Furthermore, Bohli et al. In the Tafaroji et al. A combination of encrypted and unencrypted M-sequence is used as the spreading code to mitigate system performance.
Thus Tafaroji et al. This secure spectrum-spreading method prevents eavesdroppers from hearing an intercepted message, and further prevents them from attempting to decipher the communication using the most powerful means. These were: access-control, information flow, and application-programming interface conformance. Static analysis techniques were used to analyze two major areas of access-control: stack-based and role-based access control. Static analysis techniques were also used to address integrity violations and confidentiality violations, which comprise information flow.
The study also discussed how static analysis could be used to verify the correct usage of security libraries and interfaces for component-based systems.
Furthermore, by instantiating their constructions using known IBE constructions, Boneh et al. Research conducted by Callas covered such topics as the social expectations of cryptography, the myth of non-repudiation, the paradox of stronger keys, cryptography and reliability, rights management, privacy enhancing technologies, new cryptographic ciphers, and legal changes regarding cryptography.
This relies on current laws, customs, regulations, and what we as a society expect cryptography to do. Callas indicates that there are gaps in the research that are left to future researchers to address. The research goes on to explain that stronger cryptographic keys does not necessarily make the system more secure since stronger cryptography in a chaotic system might actually promote the chaotic state; thus the paradox of stronger keys.
Callas differentiates between secure cryptography and reliability in safety systems by noting that security systems protect against intelligent attackers while reliability systems protect against unintelligent attackers. Furthermore, Callas shows that there is another myth that there needs to be tradeoffs between security and privacy in the use of cryptography.
They demonstrate that a cryptosystem can be private while being secure. New ciphers such as elliptic curve, bi-linear, and quantum cryptography are introduced in the study. And, finally, Callas points out that the way people think about data and communications privacy and security is a reflection of changes in the law that have come about by events like the terrorist attacks of September, , and ubiquitous cryptography has played a major role in that shift.
As a result, cryptography will play a critical role in protecting information now and in the future. Cryptography and Network Security 14 Walters proposes a draft IS security curriculum that should be incorporated into the core body of knowledge of the business curriculum, and proposes that additional practical guidance to Accounting Information Security AIS educators who would like to incorporate IS security into their existing curriculum needs to be undertaken.
This signature protocol is shown to be distributed, adaptive, and robust while remaining subject to tight security and architectural constraints. The study reveals that the robustness of this protocol scheme can be enhanced by involving only a fraction of the nodes on the network. Zanin et al. Not only is security important in wired networks, but it is an important factor in any network, including wireless networks.
Floyd devised a cryptographic solution to securing mobile ad-hoc networks that are especially vulnerable to malicious attacks since they possess no clear line of defense. This system was shown to prevent unauthorized modifications of mobile applications by other running applications and other hosts on the wireless network, by ensuring the mobile code was both authentic and authorized. Employing encryption based on cryptographic algorithms to secure consumer data is of paramount importance today, especially in the area of ecommerce on the Internet.
Toubba shows that corporations that store, transmit, and use consumer data must take steps to choose strong cryptographic solutions to protect this data, and to employ complementary network security procedures to maximize the overall effectiveness of the encryption product. Strong key management and granular access control are viewed as the complementary network security procedures.
Furthermore, in another study conducted by Kodaganallur , it was shown that the use of public key cryptography based on asymmetric key ciphers overcomes the shortcomings of using symmetric key ciphers in isolation by enabling confidentiality, message integrity, and authentication.
Limitations in computer platform security in the use of cryptography are demonstrated in the study conducted by Young, This study showed the experimental results of launching a crypto-viral payload on the Microsoft Windows platform, specifically on the Microsoft Cryptographic API. The study revealed that using eight types of API calls and 72 lines of C code, the payload was able to hybrid encrypt sensitive data and hold it hostage.
The researchers in this study were able to develop a countermeasure to the crypto-viral attack, which forces the API caller to show that an authorized party can successfully recover the asymmetrically encrypted data.
In a study conducted by Li.
In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience.
Save my name, email, and website in this browser for the next time I comment. Single Blog Title This is a single blog caption. Research paper on cryptography and network security pdf If scientists come with ways of securing information, hackers who are geniuses in their own right come up with ways of breaking the security layers and robbing the information In this paper we proposed a secure design and implementation of a network and system using Windows environment. An outsider might be in charge of appropriating the mystery data to. Rittiaghouse and William M.
Campbell biology pdf online free zx spectrum basic manual pdfReply
Consonant blends worksheets for grade 2 pdf oracle peoplesoft enterprise financial management 9 1 implementation pdf free downloadReply
2010 mitsubishi lancer repair manual pdf living with art getlein pdfReply
Financial analysis a business decision guide pdf the hindu free daily pdf kolkataReply