What are the different types of attacks that network face?

With a lack of security measures and checks in the right place, we put our data to risk of various types of attacks, with many of these attacks of the level that there could be significant data loss, as well as the data could be stolen (and when this data is something sensitive such as credit card numbers or social security numbers, then it is a very serious matter).
Attacks are of two types namely active attacks and passive attacks. The active attacks involve altering the information with an intention of destroying or corrupting the network and the data. If you do not have a security plan in place your network and data are vulnerable to these types of attacks. In this article we discuss about few of such attacks:
- Eavesdropping: Generally most of the network communications occur in a format that is very unsecure (i.e., clear text). This gives a chance to the attacker to gain access to all the available data paths in that network for interpreting or listening to the traffic. Eavesdropping on someone’s communication is referred to as snooping or sniffing. The eavesdropper gets a great chance for monitoring the whole network which has become a great cause of concern for the administrator of an enterprise. There are services that are based on cryptography and can prevent this type of attack. With a lack of strong encryption data can be read or traversed by the eavesdropper.
- Data modification: After the data has been read by the attacker or eavesdropper, altering this data is his/ her next step. Without coming to the knowledge of the receiver and the sender, the data in the packet can be modified by the attacker. Even if confidentiality is not required in all the communications, it is a must that any of the messages should not get modified in the transition.
- IP address spoofing (identity spoofing): The computer’s IP address is used by most of the operating systems and the network for identifying whether an entry is valid or not. In some cases, a false assumption of the IP address is possible. This is called identity spoofing. Some special programs might be used by the attacker for constructing the IP packets that might seem to come from the systems that are inside the intranet of the corporate. After the attacker gains the access to a network having a valid IP address, he/ she might reroute, delete or modify the data.
- Attacks based up on passwords: Password based access control is a common denominator of many network security plans and operating systems. By this we mean that your user ID and password determine your access rights. However, it is possible that protection to this identity information is not provided by older applications as they might be validated when passed through the network. This might give a chance to the eavesdropper who poses as an authorized user for gaining access to the data. Whenever a valid user account is found by the attacker, he/ she gets the exact rights which are possessed by the real user. Now suppose if the user is admin of the network, then attacker gets the same rights as the admin and can create accounts for subsequent use. After gaining access to an account, the attacker can get lists of the authorized users and network info. He can make changes in the configurations, routing tables and access controls of the networks and servers.
- Denial – of – service attack: This attack prevents a valid user from using the network or the computer. By means of this attack the attention of the staff can be diverted from the internal information systems so that they don’t get to know about the intrusion. In the meantime attacker can make more attacks. Invalid data can be sent to the network services or applications. He can even overload the whole network so that it shut down.

What are secret-key and public-key signatures?

- Asymmetric cryptography is often referred to as the public-key cryptography. 

- It is a cryptographic algorithm which makes use of two individual keys namely the secret key and the public key. 

- The secret is kept private and the public key is open. 

- Even though these two keys are different, there is some mathematical link between the two. 

- The key which is used for the encryption of the plain text and verification of the digital signature is the public key. 

- So, the private key is one that is used for the decryption of the cipher text in to plain text or for creation of a digital signature. 

- Both these keys are contrast of each other unlike in the symmetric cryptography where the same key serves both the purposes. 

- The public keys are created based up on some mathematical problems for which presently there is no efficient solution such as the following:

Ø  Elliptic curve relationships

Ø  Discrete logarithms

Ø  Integer factorization

- Generating the public and the private key pair is computationally easy for the users. 

- The strength of the public keys lies in the fact that determining the private key from its public key is computationally in feasible or almost impossible. 

- Thus, without fearing any compromise with the security, the public key can be published whereas the private key is kept hidden from everyone so as not to reveal it to anyone who does not has authorization for performing the digital signatures or reading the messages. 

- Unlike for the symmetric key algorithms, a secure initial exchange of the secret keys is not required for the public key algorithms. 

- In the process of message authentication, a private key is used for processing a message for producing the digital signature. 

- After doing so, the signature can be verified by anyone by processing the value of the signature using the corresponding public key of the signer. 

- The result is then compared with the message. 

- The unmodified nature of the message is confirmed a success signal. 

- Also, it is presumed that the private key of the signer has been kept hidden from the others. 

- However, in practical applications, the message’s digest or hash is encrypted and used as the signature. 

- The fundamental security components of the cryptosystems, protocols and applications are the public key algorithms.

These systems underpin the following internet standards:

Ø  PGP

Ø  GPG

Ø  TLS or transport layer security

- Secrecy as well as Key distribution is provided by some of the public key algorithms such as the Diffie-Hellman key exchange algorithm while some algorithms like Digital signature algorithm provide the digital signature and some others offer both the things.

- An example of such algorithm is RSA. 

- All these algorithms have been widely accepted. 

- A pair of cryptographic keys (i.e., a public key for encryption and a private key for decryption) is provided to each of the users. 

- Similarly, for digital signatures the pair of keys consists of a private key for signing and a public key for verification. 

- The concept of the private key has been introduced so as to ensure the confidentiality. 

- The digital signatures can be verified by anyone possessing the corresponding public key. 

- With such a confirmation it is confirmed the private key is possessed by the sender. 

- This is also a way to confirm that no tampering has been done to the message. 

- If the message has been tampered, it will introduce changes in the encoded message digest. 

- Mail box having a mail slot and a personal wax seal can be taken as an analogy to public – key encryption and digital signatures respectively. 

What are two fundamental cryptography principles?

In this article we shall discuss about the two fundamental principles that govern a cryptographic system. 

1. Redundancy

- Some redundancy must be there in all the encrypted messages. 

- By redundancy here, we mean the information that is not required for understanding the message reducing the chances for a passive intruder to make attacks. 

- Passive intruder attacks involve putting the stolen information to misuse without understanding it. 

- This can be more easily understood by an example of a credit card. 

- The credit card number is not alone sent over the internet rather it is accompanied by other side info such as the DOB of the card holder, its validity date and so on. 

- Including such info with the card number cuts down on the changes for making up the number. 

- Adding a good amount of redundancy prevents the active intruders from sending garbage values and then getting it verified as some valid message. 

- The recipient must be capable of determining whether the message is valid or not by  doing some inspection and simple calculation. 

- Without redundancy the attackers would simply send junk message and the recipient will decode it as a valid message. 

- However, there is a little concern also with this. 

- N number of zeroes must not be put at the beginning or the end of the message for redundancy because such messages become easy to be predicted thus facilitating the crypt analysts work.

- Instead of zeroes, a CRC polynomial can be used because it proves to be more work. 

- Using cryptographic hash might be even better.

- Redundancy has also got a role to play in quantum cryptography. 

- Some redundancy is required in the messages for the bob to determine if the message has been tampered. 

- Repetition of the message twice is a crude form of redundancy.

- If the two copies are found to be identical, the bob states that somebody is interfering with the transmission or there is a lot of noise. 

- But such repetition process to be expensive. 

- Therefore, for error detection and correction the methods used are reed Solomon and hamming codes.

2. Update

- Measures must be compulsorily taken for the prevention of the attacks by active intruders who might play back the old messages. 

- The longer an encrypted message is held by an active intruder, the more is the possibility that he can break in to it. 

- One good example of this is the UNIX password file.

- For anybody who has an account on the host, the password is accessible. 

- A copy of this file can be obtained by the intruders and they can then easily de-crypt the password.

- Also, the addition of the redundancy allows the simplification of the messages’ decryption.

- It must be checked whether the message has been sent recently or is an old one. 

- One measure for doing so is including a time stamp of few seconds in the message. 

- This message then can be saved by the recipient for that many seconds and can be used for comparing with the incoming messages and filtering the duplicates.

- Messages which exceed this time period will be rejected as being too old.

Apart from the above two principles the following are some other principles of cryptography:

Ø Authentication: For ensuring that the message was generated by the sender itself and no one else so that no outsider can claim as being the owner of the message.

Ø Integrity: In cryptography, the integrity of the messages must be preserved while sending the message from one host to another. This involves ensuring that the message is not altered on the way. Using cryptographic hash is a way to achieve this.

Ø  Non-repudiation

What is Traditional Cryptography?

- Cryptography is the practice that involves study and application of the techniques for making communication secure with the adversaries or the third parties. 

To be more general, it involves construction and the analyzation of the protocols for overcoming the impact of the adversaries and other aspects concerning the information security such as the following:

Ø  Data confidentiality

Ø  Data integrity

Ø  Authentication

Ø  Non – repudiation

- The modern cryptography in contrast to the traditional cryptography intersects the computer science, mathematical and the engineering disciplines. 

There are various applications of cryptography as in the following:

Ø  ATM cards

Ø  Computer passwords

Ø  Electronic commerce

- The traditional cryptography was synonymous with the process of encryption which involves converting the information which is in readable state to such a state in which it appears like utter nonsense. 

- The one who generated the encrypted message also shared the technique for decoding the message only with the desired recipients, thus the unwanted people are precluded from doing so.

- Cryptography is in use since the World War I and the methods that were used then now have become so complex and eventually its application increased. 

- Modern cryptography’s foundation is based up on the computer science and the mathematical theory. 

- The designing of the cryptographic algorithms is done around the computational hardness assumptions. 

- In practice, this makes these algorithms quite hard to break by any third party. 

- However, theoretically it is possible to break in to such a system but for doing so any known practical means are in-feasible.

- That is why, all these schemes are considered to be computationally safe and secure. 

For the following, the continuous adaptation of these methods is required:

Ø  Improvements in the algorithms for the integer factorization.

Ø  Faster computing technology.

- Also, there are schemes that are information – theoretically secure and even with unlimited computing power, these schemes cannot be broken.

- One such scheme is one time pad. 

- Also, the implementation of these schemes is also quite difficult when compared to the schemes that are computationally secure but are theoretically breakable. 

- Traditionally cryptography referred only to the encryption which involves conversion of the ordinary info in to cipher text or unintelligible text. 

- The reverse process of this is decryption. 

- The pair of algorithms that carry out these two processes is called the cipher. - Each instance of the operation of the cipher is controlled by a key which is kept secret between the communicants. 

- The purpose of this key lies in decryption of the cipher text. 

- Earlier the encryption and the decryption process were carried out directly by the ciphers without involvement of any integrity or authentication checks. 

- Before the advent of the modern cryptography, the traditional cryptography was known to be concerned only with the message confidentiality i.e., converting the message from comprehensible text in to incomprehensible text and vice versa. 

- The message was thus unreadable for the eavesdroppers and the interceptors without key. 

- For ensuring the secrecy in the communications, the encryption process was used. 

- But now the field expands far beyond the confidentiality issues.

- It now consists of techniques for authentication and message integrity checking, secure computation techniques, interactive proofs, digital signatures and so on. 

- Earlier two types of classical ciphers were used namely substitution ciphers and the transposition ciphers. 

- The former type involved replacing the letters by some other letters.

- The transposition ciphers involved rearrangement of the letters. 

- Some examples of early ciphers are caeser cipher, atbash cipher etc. 

- The early ciphers were assisted by some other physical aids and devices. 

- Eventually more complex ciphers could be developed with the development of the digital computers. 

- Any kind of data that could be represented in binary format could be encrypted.

What is link encryption method?

- Link encryption method is one of the classic methods used in the digital communications for the application of the crypto.

- Link encryption method has been designed for hiding the secrets and preventing the forgery of data. 

- It is quite a simple concept that has been discussed here and it fits for all the types of existing applications and software used in the communication.  

- Even though this method does not works well enough for most of the applications, it is the simplest of all. 

- Link encryption method is a security measure that should be used only if your security objectives match with those of the link encryption method. 

- It is commonly used in the applications where a boundary has to be maintained between the internal users and the external users. 

- With the link encryption it gets easy for the internal users to share data whereas it is just the opposite for the external users. 

- It provides transparent protection except for the separation that is maintained between the two classes of the users. 

Below we mention some security objectives that can be met with the link encryption:

Ø  Maintaining confidentiality: Our systems of course store very sensitive data. While exchanging the data with other systems, it is required that the risk of leakage involved should be as minimum as possible.

Ø  Communication with the outsiders: Obviously, we do not want to share our data with the unwanted outsiders and unauthorized sites and so we want these to be blocked. Such exchanges should be prevented from happening even by carelessness or accident.

Ø  Hiding data traffic: As much as possible we want our data and its details to be shielded from the outsiders. This data might contain information about the destination host and other info necessary for communication control. However, here it is assumed that the information will not be leaked by the insiders.

Ø  Familiarity and safety: We rank these two factors above the cost.

Ø  Protection of the data transfers: We need protection for our data against any sort of tampering or forgery by the outsiders during the transition. An assurance is important.  This objective is unconditionally met by this link encryption method.

- From security standpoint, a design is yielded by the link encryption that is highly reliable. 

- If in your organization some security parameter has been established that is strong enough, link encryption is the best technique for its maintenance. 

- A strict control is kept over the flow of physical documents through this security parameter. 

- The link encryption provides a complementary protection for the flow of the electronic documents. 

- We can have an environment with every data link that traverses the boundary having encryptors. 

- The documents will be kept within the parameter limits. 

- The data leaving the parameter will be protector by means of the encryptors. 

- Link encryption method is being used since years in banking organizations and military communications for providing secure links. 

- The link encryption uses the in-line encryptors as its building blocks.

- This hardware devices takes plain text and converts it into cipher text.

The encryptors have their own vulnerabilities as mentioned below:

Ø  Rewrite attacks: It is also known as the plain-text attack, it is used for forging the messages. Few crypto algorithms are vulnerable to these attacks.

Ø  Replay attacks: Most of us think that the encrypted data is self-validating and so by matching the encryptor with its keys a sensibly de-crypting message can be generated. Since the encrypted data is accessible to the outsiders, they can also access the message that decrypts sensibly.

Ø  Covert signaling attacks: This attack is based on the idea that there is always a way to leak info if there exists an internal process that tries to do so.