The Role Of Cryptography In Network Security Computer Science Essay

The Role Of Cryptography In net profit gage Computer Science EssayNe 2rk auspices is concerned with the protection of meshing resources against alteration, destruction and unauthorized drill, cryptogram and encoding are most critical components of intercommunicate certification. In my assignment, as a net income protective cover manager, I will try to research explore the performance of various cryptographic schemes and evaluate weather vane security and the security of radiocommunication network arranging. dischargeworks take all kind of sensitive data and security play a vital role of any wireless network system. Security certify level of data integrity and data confidentiality as maintain wired network, without accurately implement security measures and wireless network adapter have intercourse within range of the network adapter. Security is high lack, laziness, and lack of knowledge and employee are not aware of these things, especially in small force-up and h ome, any transcription need to aware and training for employees cartridge holder to time.Cryptology has two components, kryptos and logos. Cryptographic methods to certify the uprightty and security of communication and main goal is practicer authentication, data authentication such as integrity and authentication, non-repudiation of origin, and confidentiality and it has two functions encipherion and decipherion.In my research, as a network security manager, I will die cryptography, web security, and security of wireless network system to implement the network security strategies for the organisation in future.1. Explore and explain different types of cryptography and pass judgment the role of cryptography in network security.Cryptography has different methods for taking clear, readable data, and converts into unreadable data of set up communication and likewise modifys it back. Cryptography is also use to authenticate account of message source and certify integrity o f it. Cipher aim message and use cryptical code. The cipher scrambles the message so that it toiletnot be understood by anyone other than the vector and receiver. Only the receiver who has the secret code scum bag decipher the original message, thus ensuring confidentiality. (Citrix-system, 2010)Type of cryptographyFollowing three super C types of cryptography as belowSecret list cryptography is identified as symmetric blusher cryptography. Both sender and receiver know same secret code described the key and messages are enrolled by the sender and use key, decrypted by the receiver. It use single key for both encoding and decryption. This method works healthy if you are communicating with only a limited number of people, yet it becomes impractical to ex win over secret keys with large numbers of people. Secret key cryptography use is such as data encoding standard, advance encryption standard, Cast-128/256, international data encryption algorithm, and rivest ciphers etc.tera (Citrix-system, 2010)Public key cryptography is called asymmetric encryption and use couple of keys one for encryption and another for decryption. find work in pairs of coordination world and secluded keys. Public key can freely distributed the mysterious key. If senders and receivers dont have to communicate keys openly, they can give private key to communication confidentially. Public key cryptography use for key exchange and digital signatures such as RSA, digital signature algorithm, public-key cryptography standard etc.Hash functions use a mathematical transformation to permanently encrypt information. It also called message digests and one way encryption. Hash function use to entrust a digital re cause of charge contents and it is putting greenly employed by many operating system to encrypt discussions and it provide measure of the integrity of a file. It is also use message digest, respectable hash algorithm, RIPEMD etc. (Kessler, G,2010)The role of cryptog raphyMany feature combine to throw network security to the give-up the ghost issues in the organisation and face IS professional daily. Nowadays business operation decentralization and correspondence growth of computer network is the number one driver of concern roughly the network security. As far as security concern, many organisation networks are accidently waiting to occur, such accident will occur is impossible to venture but security breaches will occur. When organisation network security chooses is 100% involve cryptography technology. The following five basic uses of cryptography in network security solution areConfidentiality Cryptography gives confidentiality by dint of changing or hiding a message and protects confidential data from unauthorized advance and use cryptographic key techniques to critically protect dataAccess control Only authorized substance abusers (login countersignature) can entranceway to protect confidential data etc. Access would be possible for those individual that had access to the correct cryptographic keys (Mitchell, M, 1995)Integrity Cryptographic tools give integrity verify that permit a recipient role to authenticate that message transformed and cannot prevent a message from being transformed but effective to identify either planned and unplanned change of the messageAuthentication is the ability to verify who sent a message. It done through the control key because those with access to the key are able to encrypt a message. Cryptographic function use different methods to certify that message is not changed or altered. These hash functions, digital signatures and message authentication codes.2. Explore encryption for network security.Encryption for network securityEncryption is the most effective method to reduce data loss or theft to encrypt the data on the network security. Encryption is a process of network security to apply crypto services at the network transfer layer on top of the data link level and unde r the exertion level. Network encryption other name network layer or network level encryption. The network transfer layers are layers 2 and 4 of the open systems inter tie inions (OSI) is the colligateence model, the layers responsible for connectivity and routing between two end points. Using the existing network services and application software, network encryption is invisible to the end user and operates independently of any other encryption processes used. Data is encrypted only while in transit, existing as plaintext on the originating and receiving hosts.Encryption for network security execute through internet protocol security and set of open internet engineering task hug (IETF) standard and apply in combination and build structure for confidential communication over IP networks. Internet protocol security works through the network architecture and encrypted packets show to be the same to unencrypted packets and rout through any IP network easily. Network encryption produ ct and services provide several companies such as Cisco, Oracle etc. (Search security, 2010)http//www.cipheroptics.com/images/network-encryption-big.jpgFigure 1 Network Encrypted3. Critically review the key and password management in legal injury of network system security.The key managementInformation become essential assets and protects it and availability is vital for business success. Encryption is the technology for doing so and become remarkable part of network system security. Encryption key is very helpful to secure data and information. There are two types of key public and private key use to secure the information and network. These key used in cryptographic system as belowPublic Key it was invented in 1976 and refer to cypher architecture type and apply two key pairs is encrypt and decrypt. It can use to encrypt message and corresponding private key to decrypt it. Public key encryption believe extremely secure because it does not need secret shared key among the sende r and receiver. It is helpful for keeping private emails and stored on mail servers for many years. It programs such as PGP has digital signature ability built message sent can digitally signed.Private Key it also called secret key and encryption/decryption key to exchange secret messages and shared by the communicators so that each can encrypt and decrypt messages. Public key uses with private key together. (Search-security 2010) rallying cry managementPassword is the most important aspect to login into the system and the network. Organisation should allow only authorize users to access to the network and every user access individual login and passwords to enter the network, its conclusion increase the security aspects. There are following necessary things to secure password in the network system as belowLong Password every user need to long password because short password can very quickly compromised and analyse the permutation based on the password lengthChange password anyti me employee should change password regularly, nobody sop up easily and helpful for security breaches of the networkAvoid utilize similar password dont use the same password for different accounts because it would naive for administrator to see and employee should use different password for safety and security for network systemNecessity to changing password regularly employees also gradually more access their work accounts from remote location, user need to educate/awareness on the required of altering the password frequently. (Storts, J, 2010)4. Compare symmetric and asymmetric encryption systems and their pic to attack.Symmetric encryption systems and their vulnerabilitySymmetric encryption system use same secret key is used to encrypt and decrypt information and transform between two keys. Secret key concern to information to transform the content because both can use encrypts and decrypts traffic. Symmetric encryption system has two types areStream ciphers it is bits of i nformation one at a time and operates on 1 bit of data at a time. It is faster and small to implement and have an important security gap. Certain types of attacks may cause the information to be revealedBlock ciphers it is encrypts information by breaking it down into blocks and encrypt data in each block and this data is fixed sized commonly 64 bit and mostly use in triple diethylstilbestrol and AES. (Encryptionanddecryption, 2010)Symmetric encryption algorithms including Des, 3DES, AES, and RC4 etc. 3DES and AES are normally used in IP sec and other types of VPNs. RC4 is used on wireless networks and used by WEP and WPA for encryption. Symmetric encryption algorithms can be extremely fast, and their relatively low complexity allows for easy implementation in hardware. However, they require that all hosts participating in the encryption have already been configured with the secret key through some external means. (Stretch, J, 2010)Symmetric Encryption Vulnerabilities areTo break symmetric encryption system through brute force and cryptanalysisFigure-2 Symmetric encryption system abstemious password can break symmetric encryption systemsPassword always keep in mind or make a backup copy of the passwordExchange secret keys in secure elan and stored properly. (Encryptionanddecryption, 2010)To leaking and spying out password.symmetric_encryption.pngAsymmetric encryption systems and their vulnerabilityAsymmetric encryption system use two keys one for encryption use for public, anyone can encrypt a message and another for decryption use for private and only receiver can decrypt a message, normally set up a key pair within a network and involve in six main elements arePlaintext Text message applied in algorithmEncryption algorithm it performs mathematical operation to conduct substitutions and transform to the plaintextPublic and Private keys the keys pair where one use for encryption and other decryptionCiphertext produce encrypt message by applying algorith m to plaintext message through using keyDecryption Algorithm generates ciphertext and match key to produce the plaintext. (Encryptionanddecryption, 2010)Most common asymmetric encryption is RSA and if compare with symmetric encryption it is much slower but its capability to establish secure channel over a non-secure modal(a) such as internet. This is accomplished by the exchange of public keys, which can only be used to encrypt data. The complementary private key, which is never shared, is used to decrypt. (Stretch, J, 2010) asymmetric_encryption.pngAsymmetric Encryption Vulnerabilities areFigure-3 Asymmetric encryption systemPublic key can be distributed freelyIt is computing intensiveIt process very slowlyWeak password can easily stealWeak encryption to break this systemCrash digital signatureSecurity breach at the time of key exchange.5. Explain and critically assess web security and critically list down different type web security tools and technologies.Web securityWeb is very vital role in our daily life such as online searching, surfing, customers, vendors, co-staffs, email, etc but need to be web security and personal identity theft protection. Web security has many problems like spam, viruses, security breaches theft etc. This problem with web security is the part of network of attack computers and servers send out spam messages without knowing it and email / passwords produce and re-sale to competitor.In my research, security expert says that shows you how to do something in five minutes and conveniently neglect to conjure up the security implications of their advice. If it sounds too easy to be true, it probably is. A perfect example of this is PHP solutions that use a file for data storage and ask you to make it writable to the world. This is easy to implement, but it means that any spammer can write to this file. (Heilmann, 2010)Web security has many risk and attacks such as IP address identify the computer, Fixed IP address is larger security risk, share network, staff unaware security leak in the network setting, SQL injection attacks, exploits browsers and websites, remote file inclusion (RFI), phishing etc. (Heilmann, 2010)Web Security Tools and TechnologiesThe following list down of different type of web security tools and technologies as belowSpike representativeIt is a professional grade tool for looking for application level vulnerabilities in web application and cover SQL injection and cross-site-scriptingPower fuzzerIt capable of spidering website and identifying inputs and common web vulnerabilities such as XSS, SQL injection and support https. Written in pythonSec point penetratorIt network security tools based, penetration testing appliance or web based service give vulnerability scan pen testing and can change IP address to scan and reportNet sparkerIt allows users to exploit the identified vulnerabilities and see real impact of the problem. It capable false positive free, handling of websites that rely on AJAX and JavaScriptOWASPIt uses multiple techniques such as conditional errors injection, blind injection based on integers, strings/statements, MS-SQL verbose error message and identify database version and gather informationGama SecIt is modify online website vulnerability assessment delivers test to web servers, web based application and web-interfaced system and support HTTP authentication schemes, HTTP protocol, BASIC etcNIkto ScannerOpen source web server scanner and perform complete tests against web servers for multiple items, dangerous files, CGIs, and problems of the serverPerimeter checkit analyze external network devices such as servers, websites, firewalls, routers and security vulnerabilities and also lead to interrupted service, data theft, system destruction and help immediately remedy security problem. (Hower, R, 2010).6. Identify vulnerabilities and mis-configurations in wireless networks. picture and mis-configuration describe as some event that exposes organisat ion and network security has ability to work efficiently its required confidentiality level and protects lack of the systems.Wireless networks vulnerabilities nigh of the following common wireless networks vulnerabilities as belowNo set physical boundaries wireless access points can lose signals, due to doors, walls, floors, and insulation etc undisciplined users setting up unauthorized networks and workstation untrained users who either are uninformed and therefore unaware of security measures that must be taken when deploying wireless, or whose hope to have wireless is so strong that it completely overshadows the rules set by the organization to ensure that systems are secure. (Lane, H, 2005)Rogue access points this attack consist of connecting wrong access point on the networkLack of monitoring every organisation has some loopholes in monitoring but intrusion detection tools can use continuously monitor to secure the network systemMAC address filtering it is unique number assigned and wireless LANs allows access point to connect to network. Filtering can result in security breach as user change MAC address, it result identity theftInsufficient encryption standards swooning encryption standard say that users will not enable it and harmful to wireless LAN as weak encryptionEasy to eavesdrop wireless use airwaves to listen easy on network traffic or connect to network and it results the data is encrypted with strong encryption. If WEP encryption use, hack writers can some attack to decrypt the informationUnsecure holes in network hacker can enter wireless LAN by circumventing firewalls and allow other to come, as a result confidential data lost or may compromise on the networkDenial-of-service attacks external causes based is Denial-of-service attacks and make network unproductive and forcefully user to disconnect continually disrupting operation in the organisation such as jamming (jam a radio network), rush access (overload network with malicio us connection), spoofed de-authentication frames etc. (Lane, H, 2005)Wireless network mis-configurationMis-matched software and hardware it is problem arises for network infrastructure that is vulnerable to wide range of attacks. Sometime function work properly but awfully mis-configuredService Set ID (SSID) SSID is a configurable identification mechanism to enables a client to communicate with the correct base-station. Configured properly with SSID otherwise attacker can exploit the SSID in attempt to access base station and change SSID password and change 802.11 security settings for authentication. (Spam-laws, 2009)7. Demonstrate how to keep wireless network system safe.Nowadays, wireless network become more common called Wi-Fi /802.11 and allow computer to connect to another without cables and using computer easier and more convenient than ever onwards with fast internet connection and wireless router and surf internet, data transfer, print documents, email, download informat ion etc but unhappily, it also make easy for outsider/hacker to do the same. Organisation should following points to keep wireless network system safe and secure as belowKeep-out undesirable wireless guests wireless network restrict access through encryption is easy through which encoding or scrambling information to receive and send, only those can access with right password or encryption key and restrict wireless network to normal office hours. Some encryption protect wireless network such as wired equivalent protection (WEP), Wi-Fi protected access (WPA), WPA2 etcChoose strong password in my research, I found some basic guideline when hold a wireless network password isPassword should be longer (20 characters) it takes someone to figure it outUse mixture lowercase and uppercase letterInsert numbers in between lettersChange password every 3 monthsWrite password down and keep in safe (in case of forget).Use the firewall it is front security and secures network, computers and da ta from snooping eyes (Bryan, S, 2010)Dont show the name of the network (SSID)Change default SSID, dont use name to identify the organisationUse MAC filtering because each network card is unique code known MAC address and access points to restrict access to assured have on and use built-in encryption to prevent eavesdropRestrict user ability (network administrators) to setup quick and dirty wireless network, even temporarily. mavin rogue access point can undo all the good work you do on the othersCertify all security measures are in place, it result defence against intruders (Microsoft, 2010)Turn off the wireless network when it isnt useHide/keep safe place confidential files/data.ConclusionI come together that security of wireless network system play key role in every organisation and also implement all network security strategies for the organisation in present and future and secure network resources against alteration, destruction, and unauthorized use. Cryptography tools and w eb security tools are also very helpful to secure the network system and protect IT assets, confidential data and information.RecommendationI recommend some of the important points as belowBetter education and stronger security implementationWireless network awareness and training for employees timelyUpdate wireless network security timelyCertify to secure wireless access point with a strong passwordWhen it need implement WEP authentication methodMake sure all users have proper key or password configured on their systemMake sure all service provide to users are protected by end to end encryptionUse SSID, MAC address filtering allows to configure wireless APs.