1.0 Introduction
The development of the public key cryptography is the greatest and perhaps the only true revolution in the entire history of the cryptography. From its earliest beginning to modern times virtually all cryptography systems have been based on the elementary tools of substitution and permutation . after millennium of working with algorithms that could essentially be calculated by hand, a major advance in symmetric cryptography occur with the development of the rotor encryption/decryption machine. The electro-mechanical rotor enable the development of fiendishly complex cipher systems with the availability of computers, even more complex systems where device the most prominent of which was the Lucifer effort at IBM that culminated in the data encryption standard (DES). But both rotor machine and DES, although representing significant advances.
The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live and work. But a major concern has been just how secure the Internet is, especially when you're sending sensitive information through it.
The term cryptography is the art of protecting information by encrypting in into such a format that only the who has the decrypting mechanism can decode it and get original information.
the crypto graphic system are characterized along three independent dimension:
1. The type of operations used for transforming plaintext into cipher text.
All encryption algorithm are based on two general principals: substitution, in which element in the plaintext is mapped into another element, and transposition, in which element in the plain text are rearranged.
2. The number of keys used.
If both sender and receiver use the same key, the system is referred to as symmetric, single key, or conventional encryption. If the sender and receiver each uses a different key, the system is referred to as symmetric, two key, or public key encryption.
3. The way in which the plain text is processed.
A block cipher processes the input one block of element as a time, producing an output block for each input block. A stream cipher process the input elements continuously, producing output one element at a time, as it goes along.
>> Let's face it, there's a whole lot of information that we don't want other people to see, such as:
Credit-card informatio
Social Security number
Private correspondenc
Personal details
Sensitive company information
Bank-account information
>> Information security is provided on computers and over the Internet by a variety of methods. A simple but straightforward security method is to only keep sensitive information on removable storage media like floppy disks.
>> But the most popular forms of security all rely on encryption, the process of encoding information in such a way that only the person (or computer) with the key can decode it.
>> Computer encryption is based on the science of cryptography, which has been used throughout history.
>> Before the digital age, the biggest users of cryptography were governments, particularly for military purposes.
>> The existence of coded messages has been verified as far back as the Roman Empire. But most forms of cryptography in use these days rely on computers, simply because a human-based code is too easy for a computer to crack.
1.1 Data confidentiality
Confidentiality is the protection of transmitted data from passive attacks .with respect to the content of a data transmission, several levels of protection can be identified. The broadcast service protects all users data transmitted between two users over a period of time.
1. Connection confidentiality
The protection of all user data on a connection.
2. Connectionless confidentiality
The protection of all user data in a single data block.
3. Selective-field confidentiality
The confidentiality of a selected fields within the user data on a connection or in a single data block.
4. Traffic flow confidentiality
The protection of the information that might be derived observation of traffic flows.
1.2 Data integrity
1. Connection integrity with recovery.
2. Connection integrity without recovery.
3. Selective field connection integrity.
4. Connectionless integrity.
5. Selective field connectionless integrity.
1.3 security mechanism
A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in term of passive attack and active attack. A passive attack attempts to learn or make use of information from the system but does not affect system resources.
Passive attacks
passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.
the goal of the opponent is to obtain information that is being transmitted.
two types of passive attacks.
Release of message contents
the release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. We would like to prevent the opponent from learning the contents of those transmissions.
Traffic analysis
the traffic analysis, is subtler. Suppose that we had a way of masking the captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages.
Passive attacks are very difficult to detect because they do not involve any alteration of the data. However, it is feasible to prevent the success of these attacks, usually by means of encryption.
Active attacks
Active attacks involves some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, reply, modification of message, and denial of service.
