The Role Of Cryptography In Network Security Computer Science Essay

The Role Of Cryptography In intercommunicate Security Computer Science EssayNetwork credentials is bear on with the cherishion of profit resources against alteration, destruction and unofficial drug ab utilisation of sobers and services, cryptography and autographion ar most critical components of engagement encourageion. In my assignment, as a mesh hostage measure de snap offment manager, I will try to research explore the procedure of various cryptographic schemes and evaluate tissue security and the security of radio net governing body.Networks take every(prenominal)(prenominal) kind of sensitive info and security blowout a vital case of any receiving set interlocking constitution. Security certify direct of selective information law and info confidentiality as maintain wired electronic lucre, with out accurately l eat up oneself security rates and wireless net profit adapter come within range of the network adapter. Security is mellowed lac k, laziness, and lack of knowledge and employee argon non aw be of these things, especially in small placement and home, e rattling disposal gather up to aw be and prep for employees time to time.Cryptology has two components, kryptos and logos. Cryptographic modes to certify the safety and security of colloquy and main goal is substance ab engager authentication, data authentication much(prenominal) as justice and authentication, non-repudiation of origin, and confidentiality and it has two functions encoding and decryption.In my research, as a network security manager, I will analyze cryptography, net security, and security of wireless network scheme to implement the network security strategies for the scheme in future.1. Explore and explain different types of cryptography and assess the role of cryptography in network security.Cryptography has different manners for taking clear, open data, and converts into unreadable data of undecomposed communication and to a fault varys it back. Cryptography is in addition utilize to authenticate identify of cognitive content source and certify integrity of it. Cipher send subject matter and use secluded code. The cipher scrambles the message so that it notifynot be understood by anyone new(prenominal) than the sender and recipient role. just now the receiver who has the deep code hindquarters decipher the original message, olibanum ensuring confidentiality. (Citrix- dust, 2010)Type of cryptographyFollowing three common types of cryptography as belowSecret signalise cryptography is determine as radial pick up cryptography. Both sender and receiver know same secret code described the unwrap and messages be codeed by the sender and use key, decrypted by the receiver. It use single key for both encryption and decryption. This method works healthy if you ar communicating with only a particular number of people, that it becomes impractical to exchange secret keys with large poem of people. Secret key cryptography use is much(prenominal)(prenominal) as data encryption timeworn, advance encryption standard, Cast-128/256, international data encryption algorithm, and rivest ciphers etc.tera (Citrix-system, 2010) in the public eye(predicate) key cryptography is called noninterchangeable encryption and use bridge of keys one for encryption and another for decryption. Key work in pairs of coordination man and semiprivate keys. customary key preempt freely distri stilled the private key. If senders and receivers dont train to communicate keys openly, they buttocks set in private key to communication confidentially. Public key cryptography use for key exchange and digital ghosts such(prenominal) as RSA, digital signature algorithm, public-key cryptography standard etc. hashish functions use a mathematical transformation to permanently encrypt entropy. It also called message digests and one way encryption. Hash function use to deliver a digital fingerpr int of register contents and it is commonly engaged by many operating system to encrypt word of honors and it provide measure of the integrity of a file. It is also use message digest, punch hash algorithm, RIPEMD etc. (Kessler, G,2010)The role of cryptographyMany feature combine to visualize network security to the top issues in the organisation and face IS schoolmaster unremarkable. Nowadays business operation decentralization and correspondence growth of computing device network is the number one driver of concern about the network security. As far as security concern, many organisation networks are accidently waiting to occur, such accident will occur is impossible to forestall but security breaches will occur. When organisation network security chooses is degree Celsius% involve cryptography applied science. The following fiver primary uses of cryptography in network security solution areConfidentiality Cryptography gives confidentiality done ever-changing or hi ding a message and protects confidential data from unlicensed regain and use cryptographic key techniques to critically protect dataAccess confine Only authorized exploiters (login news) can access to protect confidential data etc. Access would be possible for those case-by-case that had access to the correct cryptographic keys (Mitchell, M, 1995)Integrity Cryptographic tools give integrity verify that permit a recipient to authenticate that message transform and cannot prevent a message from being transformed but telling to identify either planned and unplanned change of the message stylemark is the ability to verify who sent a message. It done through the control key because those with access to the key are able to encrypt a message. Cryptographic function use different methods to certify that message is not changed or altered. These hash functions, digital signatures and message authentication codes.2. Explore encryption for network security.encryption for network securi ty encoding is the most legal method to reduce data loss or theft to encrypt the data on the network security. encoding is a process of network security to apply crypto go at the network transfer form on top of the data link level and under the practise level. Network encryption other name network layer or network level encryption. The network transfer layers are layers 2 and 4 of the open systems inter inter-group communications (OSI) is the reference model, the layers responsible for connectivity and routing betwixt two end sends. using the existing network services and practise software, network encryption is invisible to the end user and operates independently of any other encryption processes utilise. data is encrypted only while in transit, existing as plaintext on the originating and receiving hosts.Encryption for network security execute through internet protocol security and set of open internet engineering task guide (IETF) standard and apply in combination and build structure for confidential communication over IP networks. Internet protocol security works through the network architecture and encrypted packets show to be the same to unencrypted packets and rout through any IP network slowly. Network encryption product and services provide several companies such as Cisco, Oracle etc. (Search security, 2010)http//www.cipheroptics.com/images/network-encryption-big.jpg class 1 Network Encrypted3. Critically review the key and countersign prudence in terms of network system security.The key management cultivation become essential assets and protects it and availability is vital for business success. Encryption is the technology for doing so and become significant part of network system security. Encryption key is very helpful to set up data and information. thither are two types of key public and private key use to secure the information and network. These key used in cryptographic system as belowPublic Key it was invented in 1976 and refer to cypher architecture type and apply two key pairs is encrypt and decrypt. It can use to encrypt message and corresponding private key to decrypt it. Public key encryption believe extremely secure because it does not need secret shared key among the sender and receiver. It is helpful for make unnecessarying private electronic mails and stored on mail servers for many years. It programs such as PGP has digital signature ability built message sent can digitally signed. hugger-mugger Key it also called secret key and encryption/decryption key to exchange secret messages and shared by the communicators so that each can encrypt and decrypt messages. Public key uses with private key together. (Search-security 2010) intelligence management word of honor is the most key aspect to login into the system and the network. disposal should allow only authorised users to access to the network and every user access individual login and intelligences to enter the network, its result in crease the security aspects. There are following necessary things to secure password in the network system as belowLong Password every user need to long password because short password can very quickly compromised and analyse the permutation sternd on the password length pitch password anytime employee should change password regularly, nobody assume easily and helpful for security breaches of the networkAvoid utilize similar password dont use the same password for different accounts because it would naive for administrator to hypothesise and employee should use different password for safety and security for network systemNecessity to changing password regularly employees also gradually much access their work accounts from remote location, user need to educate/ sense on the required of altering the password frequently. (Storts, J, 2010)4. Compare biradial and asymmetric encryption systems and their pic to attack.Symmetric encryption systems and their vulnerabilitySymmetric encryption system use same secret key is used to encrypt and decrypt information and transform between two keys. Secret key concern to information to transform the content because both can use encrypts and decrypts traffic. Symmetric encryption system has two types areStream ciphers it is imports of information one at a time and operates on 1 bit of data at a time. It is faster and smaller to implement and surrender an important security gap. Certain types of attacks may cause the information to be revealedBlock ciphers it is encrypts information by breaking it go across into blocks and encrypt data in each block and this data is fixed sized commonly 64 bit and mostly use in triple stilbestrol and AES. (Encryptionanddecryption, 2010)Symmetric encryption algorithms including Des, 3DES, AES, and RC4 etc. 3DES and AES are usually used in IP sec and other types of VPNs. RC4 is used on wireless networks and used by WEP and WPA for encryption. Symmetric encryption algorithms can be extremely fast, and their comparatively low complexity allows for gentle implementation in hardware. However, they require that all hosts participating in the encryption have already been configured with the secret key through some away means. (Stretch, J, 2010)Symmetric Encryption Vulnerabilities areTo break symmetric encryption system through brute force and cryptanalysisFigure-2 Symmetric encryption systemWeak password can break symmetric encryption systemsPassword always keep in mind or make a backup copy of the passwordExchange secret keys in secure manner and stored the right way. (Encryptionanddecryption, 2010)To leaking and spying out password.symmetric_encryption.pngAsymmetric encryption systems and their vulnerabilityAsymmetric encryption system use two keys one for encryption use for public, anyone can encrypt a message and another for decryption use for private and only receiver can decrypt a message, normally set up a key pair within a network and involve in six mai n elements arePlaintext Text message applied in algorithmEncryption algorithm it performs mathematical operation to conduct substitutions and transform to the plaintextPublic and Private keys the keys pair where one use for encryption and other decryptionCiphertext produce encrypt message by applying algorithm to plaintext message through using keyDecryption Algorithm generates ciphertext and match key to produce the plaintext. (Encryptionanddecryption, 2010)Most common asymmetric encryption is RSA and if compare with symmetric encryption it is much slower but its capability to establish secure channel over a non-secure medium such as internet. This is courteous by the exchange of public keys, which can only be used to encrypt data. The complementary private key, which is never shared, is used to decrypt. (Stretch, J, 2010) asymmetric_encryption.pngAsymmetric Encryption Vulnerabilities areFigure-3 Asymmetric encryption systemPublic key can be distributed freelyIt is computing in tensiveIt process very slowlyWeak password can easily stealWeak encryption to break this systemCrash digital signatureSecurity breach at the time of key exchange.5. Explain and critically assess web security and critically list down different type web security tools and technologies. meshwork securityWeb is very vital role in our daily life such as online searching, surfing, customers, vendors, co-staffs, email, etc but need to be web security and identity theft protection. Web security has many problems like spam, viruses, security breaches theft etc. This problem with web security is the part of network of attack computing devices and servers send out spam messages without knowing it and email / passwords produce and re-sale to competitor.In my research, security expert says that shows you how to do something in five minutes and conveniently neglect to mention the security implications of their advice. If it sounds too easy to be true, it probably is. A perfect example of this is PHP solutions that use a file for data storage and ask you to make it writable to the world. This is easy to implement, but it means that any spammer can write to this file. (Heilmann, 2010)Web security has many risk and attacks such as IP address identify the computer, set(p) IP address is larger security risk, share network, staff asleep security leak in the network setting, SQL injection attacks, exploits browsers and websites, remote file inclusion (RFI), phishing etc. (Heilmann, 2010)Web Security Tools and TechnologiesThe following list down of different type of web security tools and technologies as below intertwine ProxyIt is a professional grade tool for looking for application level vulnerabilities in web application and cover SQL injection and cross-site-scripting exponent fuzzerIt capable of spidering website and identifying inputs and common web vulnerabilities such as XSS, SQL injection and condescend https. Written in pythonSec signalise penetratorIt network sec urity tools based, brainstorm testing appliance or web based service give vulnerability scan pen testing and can change IP address to scan and reportNet sparkerIt allows users to exploit the identified vulnerabilities and see real impact of the problem. It capable false positive free, discourse of websites that rely on AJAX and JavaScriptOWASPIt uses multiple techniques such as conditional errors injection, fraud injection based on integers, strings/statements, MS-SQL verbose error message and identify database version and gather informationGama SecIt is automated online website vulnerability assessment delivers test to web servers, web based application and web-interfaced system and support HTTP authentication schemes, HTTP protocol, BASIC etcNIkto ScannerOpen source web server scanner and perform complete tests against web servers for multiple items, dicey files, CGIs, and problems of the serverPerimeter checkit analyze external network devices such as servers, websites, firew alls, routers and security vulnerabilities and also lead to interrupted service, data theft, system destruction and help immediately remedy security problem. (Hower, R, 2010).6. Identify vulnerabilities and mis-configurations in wireless networks.Vulnerability and mis-configuration describe as some event that exposes organisation and network security has ability to work efficiently its required confidentiality level and protects lack of the systems. radio set networks vulnerabilitiesSome of the following common wireless networks vulnerabilities as belowNo set physical boundaries wireless access points can lose signals, due to doors, walls, floors, and insulation etcUntrained users setting up unauthorized networks and workstation untrained users who either are uninformed and therefore unaware of security measures that must be taken when deploying wireless, or whose desire to have wireless is so beefed-up that it completely overshadows the rules set by the organization to guarante e that systems are secure. (Lane, H, 2005)Rogue access points this attack consist of connecting illegal access point on the networkLack of monitoring every organisation has some loopholes in monitoring but intrusion detection tools can use continuously monitor to secure the network system mac address filtering it is unique number assigned and wireless LANs allows access point to connect to network. Filtering can result in security breach as user change macintosh address, it result identity theft low encryption standards weak encryption standard say that users will not enable it and harmful to wireless LAN as weak encryptionEasy to eavesdrop wireless use airwaves to listen easy on network traffic or connect to network and it results the data is encrypted with strong encryption. If WEP encryption use, hackers can some attempt to decrypt the informationUnsecure holes in network hacker can enter wireless LAN by circumventing firewalls and allow other to come, as a result confiden tial data lost or may compromise on the networkDenial-of-service attacks external causes based is Denial-of-service attacks and make network unproductive and forcefully user to unplug continually disrupting operation in the organisation such as throng (jam a radio network), rush access (overload network with malicious connection), spoofed de-authentication frames etc. (Lane, H, 2005)Wireless network mis-configurationMis-matched software and hardware it is problem arises for network floor that is vulnerable to wide range of attacks. Sometime function work properly but awfully mis-configuredService Set ID (SSID) SSID is a configurable identification machine to enables a client to communicate with the correct base-station. Configured properly with SSID other attacker can exploit the SSID in attempt to access base station and change SSID password and change 802.11 security settings for authentication. (Spam-laws, 2009)7. Demonstrate how to keep wireless network system safe.Nowad ays, wireless network become more common called Wi-Fi /802.11 and allow computer to connect to another without cables and using computer easier and more convenient than ever before with fast internet connection and wireless router and surf internet, data transfer, print documents, email, download information etc but unhappily, it also make easy for outsider/hacker to do the same. giving medication should following points to keep wireless network system safe and secure as belowKeep-out undesirable wireless guests wireless network cut back access through encryption is easy through which encoding or scrambling information to receive and send, only those can access with right password or encryption key and restrict wireless network to normal office hours. Some encryption protect wireless network such as wired equivalent protection (WEP), Wi-Fi protected access (WPA), WPA2 etc admit strong password in my research, I found some basic guideline when create a wireless network password isPassword should be longer (20 characters) it takes someone to figure it outUse miscellanea lowercase and uppercase lettersInsert numbers in between lettersChange password every 3 monthsWrite password down and keep in safe (in case of forget).Use the firewall it is face security and secures network, computers and data from snooping eyes (Bryan, S, 2010)Dont show the name of the network (SSID)Change default SSID, dont use name to identify the organisationUse mackintosh filtering because each network card is unique code known MAC address and access points to restrict access to assuredSwitch on and use built-in encryption to prevent eavesdropRestrict user ability (network administrators) to setup quick and dirty wireless network, even temporarily. 1 rogue access point can undo all the good work you do on the othersCertify all security measures are in place, it result defence against intruders (Microsoft, 2010)Turn off the wireless network when it isnt useHide/keep safe place confi dential files/data. final stageI conclude that security of wireless network system play key role in every organisation and also implement all network security strategies for the organisation in present and future and secure network resources against alteration, destruction, and unauthorized use. Cryptography tools and web security tools are also very helpful to secure the network system and protect IT assets, confidential data and information.RecommendationI recommend some of the important points as belowBetter education and stronger security implementationWireless network awareness and training for employees timelyUpdate wireless network security timelyCertify to secure wireless access point with a strong passwordWhen it need implement WEP authentication methodMake sure all users have proper key or password configured on their systemMake sure all service provide to users are protected by end to end encryptionUse SSID, MAC address filtering allows to configure wireless APs.