3 Major Concepts of Cryptography

December 21, 2015 | Views: 5966

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

3 Major Concepts of Cryptography

Let’s talk in detail about 3 major concepts:

  1. Computer Security
  2. OSI Security Architecture
  3. Cryptography

 

1. Computer Security

A definition of computer security consists of 3 points. We can name this as the CIA security concept (Confidentiality, Integrity and Availability):

1- Confidentiality: assure that confidential information is not available to unauthorized users.
2- Integrity: assure that information is only changed in a specified and authorized manner.
3- Availability: assure that services are available to authorized users.

 

2. OSI Security Architecture

OSI is an international standard that offers a systematic way of defining security requirements and characterizing the approaches to achieve these requirements. The OSI security architecture focus on security attacks, security mechanisms security services.

  • Security Attack: any action that compromises the security of information. The security attack consists of 2 classes:
    • Passive attack: The main goal of this attack is to collect information about the victim without touching the victim’s services or alter the data content, such as monitoring the transmission of data or traffic analysis. Passive attacks are very hard to detect because there’s no real communication with victim’s services or alteration of the data’s content.
    • Active attack: This type of attack involves touching the victim’s services or some alteration to the data’s content or creating a false data. Active attacks have a several forms, including:

Masquerades: The attacker pretends to be someone else. For example, the attacker wants to connect to a network with a firewall; the firewall only accepts a list of MAC address. The attacker will masquerade his MAC address (or spoof his MAC) to get access or to be authorized to use it.

Denial of service attack (DOS): The goal of these attacks are to prevent service/s on the victim’s machine by sending or redirecting a massive amount of data stream to the victim. This may block the service/s on this server until this action stops. Active attacks are not hard to detect, but it’s impossible to prevent this attack absolutely because it has a wide range of potential attacks (OSs, SW, HW, Web applications, services… etc).

 

  • Security Mechanism: a process that’s designed to detect, prevent and recover from a security attacks such as:
    • Digital Signature: a mechanism that proves the source and the integrity of information.
    • Access Control: a mechanism that allows only authorized users with a specific privileges.
    • Data Integrity: a mechanism that assure the integrity of data.
    • Cryptography: a mechanism that assures the secrecy of information or the secrecy of communication channels.
  • Security Services: a processing or communication service that enhances the security of information or information transfers.

 

3. Cryptography
Cryptography is characterized by 3 points:

  1. The type of operations used for transforming plaintext to ciphertext. All encryption algorithms are based on 2 principles:
    • Substitution: where the elements in the plaintext are mapped into another elements.
    • Transposition: where the elements in the plaintext are rearranged.
  2. The number of keys used:
    • If encryption and decryption algorithms use the same key, this system is symmetric.
    • If encryption and decryption algorithms use different keys, this system is asymmetric or public-key encryption.
  3. The way in which the plaintext is processed:
    • Block Cipher: The input is one block at a time and produces one block output for each input.
    • Stream Cipher: The input is one element at a time and produces one output for each one input.

 

Thanks. Please post your questions and comments below.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
12 Comments
  1. I want to add the CIA Traid further by stating that without Accountability it is not complete. So the CIA model should be CIAA with accountability to trace any user uniquely and held them responsible for their actions over the network.

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel