Lecture-1 ISC
Lecture-1 ISC
Cryptography
Courtesy:
Behrouz A Forouzan, Debdeep Mukhopadhyay
and William Stallings
Standalone
Earlier Days: Physical file storage Computer
Distributed or Network
CS302 Information Security and Cryptography
4
Dr. Balu L. Parne
Taxonomy of Security Goals
Information needs to be changed constantly. Integrity means
that changes need to be done only by authorized entities and
through authorized mechanisms.
• In a bank, when a customer deposits or withdraws money,
the balance of his account needs to be changed
• Integrity violation is not necessarily the result of a
malicious act, an interruption to the system, such as power
surge, may also create unwanted changes in the system.
Confidentiality is probably the most common aspect of
information security. We need to protect our confidential The information created and stored by an organization needs
information. An organization needs to guard against those to be available to authorized entities. Information needs to be
malicious actions that endanger the confidentiality of its constantly changed, which means it must be accessible to
information. authorized entities.
• In military, concealment of sensitive information is the • Information is useless if it is not available.
major concern. • The unavailability of information is just as harmful for an
• In Industry, hiding some information from competitors is organization as the lack of confidentiality and integrity.
crucial to the operations of the organization. • Imagine in a bank, if a customer couldn’t access his
• In banking, customer information need to be kept account for transactions.
secret.
Passive Active
➢ Hashing
➢ A fixed-length message digest is created out of a variable-length message.
secret messages between the lines of the covering message or on the back of
the paper; the secret message was exposed when heated or treated with another
substance.
◼ Image Cover
◼ Other Covers
• Such hidden information is not necessarily used for secrecy; it can also be
used to protect copyright, prevent tampering, or add extra information.
➢ Video