Scribd
Upload
52 views

Cryptography and Network Security Behrouz ch01 Slides

This chapter introduces the key concepts of information security. It defines three main security goals: confidentiality, integrity, and availability. These goals can be threatened by security attacks, which are categorized as either passive or active. The chapter also outlines common security services like authentication, access control, and non-repudiation, and how they relate to mechanisms like encryption, digital signatures, and firewalls. Finally, it presents cryptography and steganography as two important techniques for implementing security mechanisms. The rest of the book is organized into parts covering symmetric and asymmetric encryption, integrity and authentication, and network security.

Uploaded by

Christina Joseph
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
52 views

Cryptography and Network Security Behrouz ch01 Slides

This chapter introduces the key concepts of information security. It defines three main security goals: confidentiality, integrity, and availability. These goals can be threatened by security attacks, which are categorized as either passive or active. The chapter also outlines common security services like authentication, access control, and non-repudiation, and how they relate to mechanisms like encryption, digital signatures, and firewalls. Finally, it presents cryptography and steganography as two important techniques for implementing security mechanisms. The rest of the book is organized into parts covering symmetric and asymmetric encryption, integrity and authentication, and network security.

Uploaded by

Christina Joseph
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

Chapter 1

Introduction

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1.1
Chapter 1
Objectives
❑ To define three security goals
❑ To define security attacks that threaten security
goals
❑ To define security services and how they are
related to the three security goals
❑ To define security mechanisms to provide security
services
❑ To introduce two techniques, cryptography and
steganography, to implement security mechanisms.

1.2
1-1 SECURITY GOALS

This section defines three security goals.

Topics discussed in this section:


1.1.1 Confidentiality
1.1.2 Integrity
1.1.3 Security

1.3
1.1 Continued
Figure 1.1 Taxonomy of security goals

1.4
1.1.1 Confidentiality

Confidentiality is probably the most common aspect of


information security. We need to protect our confidential
information. An organization needs to guard against those
malicious actions that endanger the confidentiality of its
information.

1.5
1.1.2 Integrity

Information needs to be changed constantly. Integrity


means that changes need to be done only by authorized
entities and through authorized mechanisms.

1.6
1.1.3 Availability

The information created and stored by an organization


needs to be available to authorized entities. Information
needs to be constantly changed, which means it must be
accessible to authorized entities.

1.7
1-2 ATTACKS

The three goals of security⎯confidentiality, integrity,


and availability⎯can be threatened by security
attacks.

Topics discussed in this section:


1.2.1 Attacks Threatening Confidentiality
1.2.2 Attacks Threatening Integrity
1.2.3 Attacks Threatening Availability
1.2.4 Passive versus Active Attacks
1.8
1.2 Continued

Figure 1.2 Taxonomy of attacks with relation to security goals

1.9
1.2.1 Attacks Threatening Confidentiality

Snooping refers to unauthorized access to or interception


of data.

Traffic analysis refers to obtaining some other type of


information by monitoring online traffic.

1.10
1.2.2 Attacks Threatening Integrity

Modification means that the attacker intercepts the


message and changes it.

Masquerading or spoofing happens when the attacker


impersonates somebody else.

Replaying means the attacker obtains a copy


of a message sent by a user and later tries to replay it.

Repudiation means that sender of the message might later


deny that she has sent the message; the receiver of the
message might later deny that he has received the message.

1.11
1.2.3 Attacks Threatening Availability

Denial of service (DoS) is a very common attack. It may


slow down or totally interrupt the service of a system.

1.12
1.2.4 Passive Versus Active Attacks

Table 1.1 Categorization of passive and active attacks

1.13
1-3 SERVICES AND MECHANISMS

ITU-T provides some security services and some


mechanisms to implement those services. Security
services and mechanisms are closely related because a
mechanism or combination of mechanisms are used to
provide a service..

Topics discussed in this section:


1.3.1 Security Services
1.3.2 Security Mechanism
1.3.3 Relation between Services and Mechanisms

1.14
1.3.1 Security Services
Figure 1.3 Security services

1.15
1.3.2 Security Mechanism
Figure 1.4 Security mechanisms

1.16
1.3.3 Relation between Services and Mechanisms

Table 1.2 Relation between security services and mechanisms

1.17
1-4 TECHNIQUES

Mechanisms discussed in the previous sections are


only theoretical recipes to implement security. The
actual implementation of security goals needs some
techniques. Two techniques are prevalent today:
cryptography and steganography.

Topics discussed in this section:


1.4.1 Cryptography
1.4.2 Steganography

1.18
1.4.1 Cryptography

Cryptography, a word with Greek origins, means “secret


writing.” However, we use the term to refer to the science
and art of transforming messages to make them secure and
immune to attacks.

1.19
1.4.2 Steganography

The word steganography, with origin in Greek, means


“covered writing,” in contrast with cryptography, which
means “secret writing.”

Example: covering data with text

1.20
1.4.2 Continued

Example: using dictionary

Example: covering data under color image

1.21
1-5 THE REST OF THE BOOK

The rest of this book is divided into four parts.


Part One: Symmetric-Key Enciphermen

Part Two: Asymmetric-Key Encipherment

Part Three: Integrity, Authentication, and Key Management

Part Four: Network Security

1.22

You might also like