What is Wifi technology? How does it work?

- Wifi has emerged as a very popular technology. 

- This technology has enabled the electronic devices to exchange information between them and to share the internet connection without using any cables or wires. 

- It is a wireless technology. 

- This technology works with the help of the radio waves. 

- The Wifi is defined as a WLAN (wireless local area network) product by the wifi alliance that is based on the standards defined by IEEE (802.11 standards). 

- Most of the WLANs are based upon these standards only and so this technology has been named as wifi which is the synonymous with the term WLAN. 

- The wifi-certified trademark might be used by only those wifi products which have the complete certification for the wifi alliance inter-operability. 

- A number of devices now use wifi such as the PCs, smart phones, video game consoles, digital cameras, digital audio players, tablet computers and so on. 

- All these devices can connect to the network and access internet by means of a wireless network access point. 

- Such an access point is more commonly known as a ‘hotspot’. 

- The range of an access point is up to 20 m. 

- But it has a much greater range outside.  

- An access point can be installed in a single room or in an area of many square miles. 

- This can be achieved by using a number of overlapping access points. 

- However, the security of the wifi is less compared to the wired connections for example Internet.

- This is so because a physical connection is not required by an intruder. 

- The web pages using SSL have security but the intruders can easily access the non-encrypted files on the internet. 

- It is because of this, that the various encryption technologies have been adopted by the wifi. 

- The earlier WEP encryption was weak and so was easy to break.

- Later, came the higher quality protocols such as the WPA2 and WPA. 

- The WPS or the wifi protected set up was an optional feature that was added in the year of 2007. 

- This option a very serious flaw which is that it allowed the recovery of the password of the router by an attacker.

- The certification and the test plan has been updated by the wifi alliance for ensuring that there is resistance against attacks in all the devices that have been newly certified.

- For connecting to a wifi LAN, a wireless network interface controller has to be incorporated in to the computer system.

- This combination of the interface controller and the computer is often called as the station. 

- The same radio frequency communication channel is shared by all the stations.

- Also, all the stations receive any transmission on this channel. 

- Also, the user is not informed of the fact that the data was delivered to the recipient and so is termed as the ‘best–effort delivery mechanism’. 

- For transmitting the data packets, a carrier wave is used. 

- These data packets are commonly known as the ‘Ethernet frames’. 

- Each station regularly tunes in to the radio frequency channel for picking up the transmissions that are available. 

- A device that is wifi enabled can connect to the network if it lies in the range of the wireless network. 

- One condition is that the network should have been configured for permitting such a connection. 

- For providing coverage in a large area multiple hotspots are required. 

- For example, wireless mesh networks in London. 

- Through wifi, services can be provided in independent businesses, private homes, public spaces, high street chains and so on. 

- These hotspots have been set up either commercially or free of charge. 

- Free hotspots are provided at hotels, restaurants and airports. 

What is a transposition cipher method?

- The transposition cipher method is one of the cryptography methods used for securing the communication from eavesdroppers. 

- This method of encryption shifts the positions of the units or letters of the plain text based up on some regular system so that a permutation of the plain text is generated. 

- This permuted plain text is termed as the cipher text. 

- Thus, the cipher text is generated by changing the order of the units. 

- Mathematically the following functions are used:

Ø  Bijective function: For encryption of the character’s position and

Ø  Inverse function: For decrypting the message

Now we shall see about some of the implementations of the transposition cipher:

1. Rail fence cipher: 

- This form of the transposition cipher has been named so because of the way that it follows for encoding.

- Here, the characters of the plain text are written on the successive rails in a downwards manner of some imagined fence.

- Then, we move upwards once getting to the bottom. 

- For reading the message, it is taken in rows.

2. Route cipher: 

- In this form of transposition cipher, a grid of given dimensions is taken on which the characters of the plain text are written out. 

- Then, the message is read based up on the pattern mentioned in the key. 

- For example, the pattern might be inwards spiral in clockwise direction starting from topmost right.

- The route ciphers may use many keys unlike the rail fence cipher. 

- In fact, the number of keys used for enumerating the messages of reasonable length by modern machinery might be too great. 

- Also, it is not necessary that all the keys might be good in equal terms. 

- Excessive chunks of the plain text might be left if bad routes are chosen. 

- Also, the plain text might be simply reversed, thus giving a clue to the crypt analysts about the routes. 

- The union route cipher is a variation of the traditional route cipher. 

- The difference between the two is that this one transposed the whole words unlike route cipher which transposed individual letters.

- But since transposing the whole words could expose them, they were first hidden by a code.

- The entire null words might be added for adding humor to the cipher text.

3. Columnar transposition: 

- In this form of transposition cipher, a fixed length is determined for the rows in which the message is written. 

- But for reading the message a column by column approach is followed where some scrambled order if followed for choosing the columns. 

- A keyword is chosen which is used for defining the permutation of the columns as well as the width of the rows. 

- The spare spaces might be filled with the null characters in case of the regular columnar transposition. 

- On the other hand, in these spaces are left as such in the irregular columnar transposition cipher. 

- The keyword specifies some order following which the message is read column - wise. 

- The column lengths have to be worked out by the recipient for deciphering the message. 

- This is done based up on division of the length of the message specified by the key length.

4. Double transposition: 

- A single columnar transposition is vulnerable to attacks since the possible lengths of the column and anagrams can be guessed. 

- Therefore, a stronger version of it i.e., the double transposition is followed. 

- This is a two-time application of the columnar transposition. 

- For both the transpositions, either the same key might be used or different keys.

- This was the most complicated cipher before the coming of the VIC cipher. 

- It offered reliable operation under difficult conditions. 

What is a substitution cipher method?

There are two classic methods for cryptography namely transposition cipher method and the substitution cipher method. In this article we shall discuss about the latter one i.e., the substitution cipher method. 

- This method of encoding involves replacement of the units or letters of the plain text with some other units or letters. 

- The encoded text is then called as the cipher text. 

- The replacement of the units is made based up on some regular system. 

- These units might be individual letters, pairs or triplets of letters and so on. 

- On the receiver’s side, an inverse substitution is required for deciphering the text. 

- We can make a comparison between the transposition ciphers and the substitution ciphers. 

- In the former ciphers, the plain text units are rearranged unlike in substitution cipher where units are replaced.

- The order of rearrangement in the transposition ciphers is somewhat more complex than what is followed by the substitution ciphers and the units are not changed.

- On the other side, the sequence of the units remains same in the substitution cipher but they are themselves altered. 

There are various types of substitution cipher as mentioned below:

Ø  Simple substitution ciphers: 

- This involves substitution of the single letters and thus has been termed as the simple substitution. 

- The alphabet can be written out in some order so as to represent the substitution.

- This alphabet is referred to as the substitution alphabet. 

- This alphabet might be revered or shifted or scrambled in some complex manner. 

- In such cases, it is termed as the deranged alphabet or the mixed alphabet. 

- The creation of the mixed alphabets involves writing out a keyword while removing the repeating letters and then rewriting the leftovers in the same sequence. 

- For avoiding the transmission errors, the cipher text is written in block form and the spaces and the punctuation are omitted. 

- This also helps in creating disguises for the boundaries between the words.

Ø Homophonic substitution: 

- This method is followed for increasing the difficulty for the frequency analysis attacks. 

- The frequencies of the letters of the plain text are disguised by homophony. 

- Here the letters of the plain text are mapped to many symbols of the cipher text. 

- Normally the plain text symbols with highest frequencies are mapped with more equivalents when compared to their low frequency counterparts. 

- This leads to the flattening of the frequency distribution which in turn raises the difficulty of frequency analysis. 

- For the invention of larger alphabets a number of solutions are employed. 

- The simplest of these solutions is using a numeric substitution alphabet. 

- Another method uses the variations of the existing alphabet i.e., writing it upside down, or in upper case and lower case etc. 

- Nomenclature is also a variant of the homophonic substitution. 

- The other two types of homophonic ciphers namely straddling checker board and book cipher.

Ø Polyalphabetic substitution: 

- It involves the use of the multiple cipher alphabets. 

- For the facilitation of the encryption process, these alphabets are written out in a big table which is referred to as the tableau. 

- The particular poly alphabetic cipher is defined by the method with which the tableau is filled and the alphabet is chosen. 

- Some types of the polyalphabetic ciphers are:

             1. Beaufort cipher

             2. Gronsfeld cipher

             3. Running key cipher

             4. Autokey cipher

Ø  Polygraphic substitution: 

Here the letters of the plain text are substituted in terms of large groups instead of individual letter substitution.

Ø Mechanical substitution ciphers: 

Some examples of this type of substitution ciphers are enigma, rotor cipher machines etc.

Ø The one-time pad: 

This one is a special substitution cipher which has been proven that it is unbreakable mathematically.

What is Traditional Cryptography?

- Cryptography is the practice that involves study and application of the techniques for making communication secure with the adversaries or the third parties. 

To be more general, it involves construction and the analyzation of the protocols for overcoming the impact of the adversaries and other aspects concerning the information security such as the following:

Ø  Data confidentiality

Ø  Data integrity

Ø  Authentication

Ø  Non – repudiation

- The modern cryptography in contrast to the traditional cryptography intersects the computer science, mathematical and the engineering disciplines. 

There are various applications of cryptography as in the following:

Ø  ATM cards

Ø  Computer passwords

Ø  Electronic commerce

- The traditional cryptography was synonymous with the process of encryption which involves converting the information which is in readable state to such a state in which it appears like utter nonsense. 

- The one who generated the encrypted message also shared the technique for decoding the message only with the desired recipients, thus the unwanted people are precluded from doing so.

- Cryptography is in use since the World War I and the methods that were used then now have become so complex and eventually its application increased. 

- Modern cryptography’s foundation is based up on the computer science and the mathematical theory. 

- The designing of the cryptographic algorithms is done around the computational hardness assumptions. 

- In practice, this makes these algorithms quite hard to break by any third party. 

- However, theoretically it is possible to break in to such a system but for doing so any known practical means are in-feasible.

- That is why, all these schemes are considered to be computationally safe and secure. 

For the following, the continuous adaptation of these methods is required:

Ø  Improvements in the algorithms for the integer factorization.

Ø  Faster computing technology.

- Also, there are schemes that are information – theoretically secure and even with unlimited computing power, these schemes cannot be broken.

- One such scheme is one time pad. 

- Also, the implementation of these schemes is also quite difficult when compared to the schemes that are computationally secure but are theoretically breakable. 

- Traditionally cryptography referred only to the encryption which involves conversion of the ordinary info in to cipher text or unintelligible text. 

- The reverse process of this is decryption. 

- The pair of algorithms that carry out these two processes is called the cipher. - Each instance of the operation of the cipher is controlled by a key which is kept secret between the communicants. 

- The purpose of this key lies in decryption of the cipher text. 

- Earlier the encryption and the decryption process were carried out directly by the ciphers without involvement of any integrity or authentication checks. 

- Before the advent of the modern cryptography, the traditional cryptography was known to be concerned only with the message confidentiality i.e., converting the message from comprehensible text in to incomprehensible text and vice versa. 

- The message was thus unreadable for the eavesdroppers and the interceptors without key. 

- For ensuring the secrecy in the communications, the encryption process was used. 

- But now the field expands far beyond the confidentiality issues.

- It now consists of techniques for authentication and message integrity checking, secure computation techniques, interactive proofs, digital signatures and so on. 

- Earlier two types of classical ciphers were used namely substitution ciphers and the transposition ciphers. 

- The former type involved replacing the letters by some other letters.

- The transposition ciphers involved rearrangement of the letters. 

- Some examples of early ciphers are caeser cipher, atbash cipher etc. 

- The early ciphers were assisted by some other physical aids and devices. 

- Eventually more complex ciphers could be developed with the development of the digital computers. 

- Any kind of data that could be represented in binary format could be encrypted.

What is link encryption method?

- Link encryption method is one of the classic methods used in the digital communications for the application of the crypto.

- Link encryption method has been designed for hiding the secrets and preventing the forgery of data. 

- It is quite a simple concept that has been discussed here and it fits for all the types of existing applications and software used in the communication.  

- Even though this method does not works well enough for most of the applications, it is the simplest of all. 

- Link encryption method is a security measure that should be used only if your security objectives match with those of the link encryption method. 

- It is commonly used in the applications where a boundary has to be maintained between the internal users and the external users. 

- With the link encryption it gets easy for the internal users to share data whereas it is just the opposite for the external users. 

- It provides transparent protection except for the separation that is maintained between the two classes of the users. 

Below we mention some security objectives that can be met with the link encryption:

Ø  Maintaining confidentiality: Our systems of course store very sensitive data. While exchanging the data with other systems, it is required that the risk of leakage involved should be as minimum as possible.

Ø  Communication with the outsiders: Obviously, we do not want to share our data with the unwanted outsiders and unauthorized sites and so we want these to be blocked. Such exchanges should be prevented from happening even by carelessness or accident.

Ø  Hiding data traffic: As much as possible we want our data and its details to be shielded from the outsiders. This data might contain information about the destination host and other info necessary for communication control. However, here it is assumed that the information will not be leaked by the insiders.

Ø  Familiarity and safety: We rank these two factors above the cost.

Ø  Protection of the data transfers: We need protection for our data against any sort of tampering or forgery by the outsiders during the transition. An assurance is important.  This objective is unconditionally met by this link encryption method.

- From security standpoint, a design is yielded by the link encryption that is highly reliable. 

- If in your organization some security parameter has been established that is strong enough, link encryption is the best technique for its maintenance. 

- A strict control is kept over the flow of physical documents through this security parameter. 

- The link encryption provides a complementary protection for the flow of the electronic documents. 

- We can have an environment with every data link that traverses the boundary having encryptors. 

- The documents will be kept within the parameter limits. 

- The data leaving the parameter will be protector by means of the encryptors. 

- Link encryption method is being used since years in banking organizations and military communications for providing secure links. 

- The link encryption uses the in-line encryptors as its building blocks.

- This hardware devices takes plain text and converts it into cipher text.

The encryptors have their own vulnerabilities as mentioned below:

Ø  Rewrite attacks: It is also known as the plain-text attack, it is used for forging the messages. Few crypto algorithms are vulnerable to these attacks.

Ø  Replay attacks: Most of us think that the encrypted data is self-validating and so by matching the encryptor with its keys a sensibly de-crypting message can be generated. Since the encrypted data is accessible to the outsiders, they can also access the message that decrypts sensibly.

Ø  Covert signaling attacks: This attack is based on the idea that there is always a way to leak info if there exists an internal process that tries to do so. 

How can firewalls secure a network?

Firewalls in computer systems are either software based or hardware based. But they have the same purpose of keeping a control over the incoming as well as the outgoing traffic. 

In this article we discuss about how the network is secured by the firewalls. 

- This control is maintained through the analyzation of the data packets. 

- After analyzation, the firewall’s work is to determine whether to allow these packets to pass or not. 

- This decision is taken based up on some set of rules.

- With this set of rules, a barrier is established by the firewall between the external network that is not considered as secure and trusted and the internal network which is secure and trusted. 

- Most of the personal computer’s operating systems come with a built-in software based firewall for providing protection against the threats from external networks. 

- Some firewall components might also be installed in the intermediate routers in the network. 

- Also some firewalls have been designed to perform routing as well.

There are different types of firewalls which function differently.This classification of the firewalls is based up on the place where the communication is taking place i.e., whether at the network layer or the application layer.

Packet filters or network layer: 

- Firewalls used at the network layer are often termed as the packet filters. 

- This firewall operates at low level of the protocol stack of the TCP/ IP and so does not allow the packets to pass through it unless they satisfy all the rules. 

- These rules might be defined by the administrator of the firewall. 

- These firewalls can also be classified in to two categories namely the stateless firewalls and the state-ful firewall. 

- The former kind use less memory and operates faster in the simple filters, thus taking less time for filtering. 

- These firewalls are used for filtering the stateless network protocols i.e., the protocols which do not follow the session concept. 

- These firewalls are not capable of making complex decisions based up on the state of the communication. 

- The latter kind maintains the context of the active sessions. 

- This state info is used by these firewalls for speeding up the packet processing. 

- A connection is described using any of the properties such as the UDP or TCP ports, IP addresses and so on. 

- If a match is found between an existing connection and the packet, it is allowed to pass. 

- Today firewalls have capabilities of filtering the packets based up on attributes like IP addresses of source and destination hosts, protocols, originator’s netblock, TTL values and so on.

Application layer Firewalls: 

- Firewalls of this type work on the TCP/ IP stack’s application level. 

- All the packets traveling in and out of the application are intercepted by this firewall. 

- This leads to blocking of the other packets also. 

- Firstly, all the packets are inspected for any malicious content for preventing the outspread of the Trojans and worms. 

- Some additional inspection criteria might be used for adding some extra latency to the packet forwarding. 

- This firewall determines whether a given connection should be accepted by a process. 

- This function is established by the firewalls by hooking themselves in to the socket calls for filtering the connections. 

- These application layer firewalls are then termed as the socket filters.

- There way of working is somewhat similar to the packet filters except that the rules are applied to every process rather than connections. 

- Also, the rules are defined using the prompts for those processes that have not been provided with a connection. 

- These firewalls are implemented in combination with the packet filters.

What are the security problems faced by a network?

Making mistakes concerning the network security is very common. The same mistakes are repeated again and again. These problems cannot be solved without changing our working methods. In this article we discuss about some common security problems that are faced by a network.

ØUsing weak and non-complex passwords for accessing the network: 

- Brute forcing is an old school exploit to which many of the system network administrators are open to. 

- The very famous captcha technology has been implemented for correcting this vulnerability of the network security passwords. 

- In the common captcha, the user is required to type in the digits or the letters that are displayed on the screen in some sort of distorted image. 

- This technology has been designed to prevent the network to be accessed by unwanted internet bots.

- However, this is not as safe as it looks. 

- It just gives a false sense to the network admins for countering the brute forcing. 

- Complex password is the solution for this problem. 

- For creating a complex password, more than seven characters need to be combined with special characters and numbers. 

- Apart from the creation of the complex passwords, a password expiration system has to be implemented. 

- This system is for reminding the users for changing their passwords. 

- Also, care should be taken regarding the reuse of the passwords. 

- Cycling of the passwords should not be allowed.

Ø Using server application or software that is outdated: 

- The patches are released by the companies from time to time for ensuring that the system does not become vulnerable to the various threats. 

- Also, new exploits and threats are posed by the hackers that can harm the network if the patches are not properly used. 

- For ensuring the network administrator is kept informed of the new threats, the software or the applications have to be updated regularly.  

Ø Web cookies: 

- Even though the viruses and malware cannot be introduced in to the network through cookies, these cookies can be tracked by some third party cookies for compiling the records of the browsing histories of the individuals. 

- The cookies that are not encrypted pose a major threat because they make the system vulnerable to the cross site scripting (XSS) attacks, thus putting your privacy at risk. 

- The open cookies can provide access to the cookies with the log-in data which can be used by hackers for intruding in to your systems. 

- The solution to this problem is to use the encrypted cookies along with an encoded expiration time. 

- The admins might ask the users to re-log-in before accessing important network directories.

Ø Plain hashes: 

- Hashing is the technique used for indexing and retrieval purposes in the database. 

- In most of the encryption algorithms, the plain hashes are mostly used. 

- A type of encryption is the salt that might be added to the hashes for making the creation of a look-up table that might assist the brute force or directory attacks extremely difficult or let’s say almost impractical. 

- But this works only when large salt is used. 

- Usually a pre-computed look up table might not be used by the attacker in exploitation of the network. 

- This makes the network security system even more complex.

- So even if the attacker is able to break into your system, he won’t be able to access the information from the database. 

- The encryption key should be kept hidden.

Ø Shared web hosting: 

- This service is used by the websites that reside on one same server. 

- Each site is given its own partition. 

- This is economically feasible for most of the systems. 

- But here if the attacker breaches in to system of one website, he can get into other website’s security systems too.