...search for keywords in the encrypted data and use the encrypted data as an input to computation or comparison operations. Because decrypting data stored at the cloud servers may possibly expose its content to the provider servers at least, so it is advised that it is more secure to decrypt data only on trusted machines which are controlled by the user who is authorized to access the data. Figure 2.2 Basic Architecture for Preserving Data Privacy in the Cloud Figure 2.2 shows the basic architecture of encryption for privacy protection before sending it to the cloud server. The data remain encrypted in the cloud server and only authorized users can get the credential for accessing this encrypted data. The encrypted data can be decrypted only after the data are downloaded to an authorized user device or machine. In such scenario, the privacy of the data doesn’t depend on any implicit assumption of trust of the server or the service level of agreement (SLA). Instead, the protection of privacy or integrity completely depends on the encryption techniques used to protect the data [45ECC]. The other leftover issues are how to allow the authorized users and data owner to search...
Words: 1702 - Pages: 7
...Symmetric Cryptography Secret writings have been found in many civilizations dating back to thousands of years where wide spread writings were adopted. Some of these civilizations included the Egyptians with their use of hieroglyphics, the Greeks and Spartan and the use of Scytale, and the Romans with the use of the Caesar Cipher. All these encryption methods could be thought of as symmetric encryption, which uses the same key to encrypt and decrypt the ciphertext. With a more contemporary look at symmetric key encryption with computer data, we can classify it into two categories called block ciphers and stream ciphers. The data in a block cipher would be broken down into specific sizes, for example 64-bit blocks or 128-bit blocks, which then the blocks would be encrypted separately. In stream ciphers, data would be encrypted in a stream of bits as oppose to dividing the data into blocks of bits. The decryption process for these two classification of symmetric encryption, of course, would be to use the same encryption key. Differences and Similarities with Symmetric and Asymmetric The fundamental difference between symmetric and asymmetric cryptography would be that asymmetric uses two keys, a public and private key, for encryption and decryption. If a private key is used to encrypt, then a related public key would be used to decrypt. This could also work the other way around when a public key is used to encrypt, then a related private key would be used to decrypt. Unlike...
Words: 558 - Pages: 3
...Cryptography & Pretty Good Privacy (PGP) 1. The need for cryptography in electronic communications Cryptography has been around for centuries; as long as there has been communication, there has been the need for privacy and safe, secure methods of transmission. Although many types of difficult problems can be classified as cryptography problems, what we are mostly concerned with today is the ability to keep transmissions private through the use of data encryption techniques. This has become an even greater issue due to the changing nature of communications since the information revolution. More and more people rely on electronic communications for the transmission of sensitive or personal data; e-mail, e-commerce, FTP, and HTML are all examples of technology that have already filtered into the social consciousness as primary ways for disseminating and gathering information and for exchanging goods and services. While this technological shift has made communication faster, easier, and better in many ways, it has also brought along with it a whole host of difficult problems and social policy issues. The main problem that comes with electronic communications is the ease with which transmissions can be eavesdropped or impersonated. Paper communications obviously have security problems as well: documents can be stolen, steamed open, have forged signatures or changed contents. However, if someone is trying to catch a specific transmission (or type of communication), it is much...
Words: 498 - Pages: 2
...“PALLADIUM CRYPTOGRAPHY” 1: ABSTRACT As we tend towards a more and more computer centric world, the concept of data security has attained a paramount importance. Though present day security systems offer a good level of protection, they are incapable of providing a “trust worthy” environment and are vulnerable to unexpected attacks. Palladium is a content protection concept that has spawned from the belief that the pc, as it currently stands, is not architecturally equipped to protect a user forms the pitfalls and challenges that an all-pervasive network such as the Internet poses. As a drastic change in pc hardware is not feasible largely due to economic reasons, palladium hopes to introduce a minimal change in this front. A paradigm shift is awaited in this scenario with the advent of usage of palladium, thus making content protection a shared concern of both software and hardware. In the course of this paper the revolutionary aspects of palladium are discussed in detail. 2: INTRODUCTION Cryptography is the method in which a message or file, called plain text, is taken and encrypted into cipher text in such a way that only authorized people know how to convert it back to plain text. This is done commonly in four ways: Secret key cryptography, public key cryptography, one way function cryptography and digital signatures. Unless the encryption technique used is very complex it is possible, with some effort, for crackers to decrypt files. Palladium is the code name...
Words: 1940 - Pages: 8
...THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including: • Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.) • Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. • Integrity: Assuring the receiver that the received message has not been altered in any way from the original. • Non-repudiation: A mechanism to prove that the sender really sent this message. Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types...
Words: 442 - Pages: 2
...In the 20th- century cryptography was adopted by international government to protect private and sensitive information and for communication purposes. Cryptography is known as the science of secret writing that enables storage and transfer of information that is hidden from everyone, but only can read by those who are authorized. The concept of cryptography is to protect confidential information and to assure the identity of people who send electronic messages and conduct electronic transactions are who they say they are. There are also various types of cryptography for example symmetric keys or shared- secret cryptography, is when you use the same key to both encrypt and decrypt a message. The most common form of symmetric key cryptography is the data Encryption standard. The second type of cryptography is asymmetric key cryptography, two keys are needed. A message encrypted using one key can only be decrypted using the other and vice versa. One key is called public key and the other is called the private key. Cryptosystem disguises messages, allowing only selected people to see though the disguise. The mechanisms that make up a strong cryptosystem is the size and means used to protect cryptographic keys. The longer the key the harder it is to break the encryption. A cryptosystem is considered strong only until it’s cracked. Strong cryptosystems produce cipher text that always appears random to standard statistical test. They also resist all known attacks on cryptosystem. The...
Words: 349 - Pages: 2
...Tentative Syllabus CMSC 652 Cryptography and Data Security Instructor: Dr. Lomonaco 1. Classical cryptography 2. Abstract algebra: Groups, rings, fields 3. Linear feedback shift registers 4. Shannon theory, i.e., information theory 5. Block Ciphers and the AES 6. Cryptographic hash functions 7. The RSA crypto system 8. Public-key crypto and discrete logs 9. Signature Schemes 10. Pseudo-random number generators 11. Identification schemes and entity authentication 12. Key distribution 13. Key agreement schemes 14. Secret sharing schemes 15. Computational models and computational complexity 16. Zero-knowledge proof systems 17. Quantum cryptography Method of Evaluation: Homework: 25% ; Exam 1: 25% ; Exam 2: 25%; Final: 25%. All exams including the Final Exam will be with closed books, closed notes, and open mind. Late homework will not be accepted. Exams will be given only at the scheduled times. No makeup exams. Exceptions to this policy may be made in cases of extreme hardship. Academic Conduct: By enrolling in this course, each student assumes the responsibilities of an active participant in UMBC's scholarly community in which everyone's academic work and behavior are held to the highest standards of honesty. Cheating, fabrication, plagiarism, and helping others to commit these acts are all forms of academic dishonesty, and they are wrong. Academic misconduct could result in disciplinary action that may include, but is not limited to, suspension or dismissal. To read the full...
Words: 251 - Pages: 2
...of winning the grievance and associates his win with the lyrics of a song. What were the lyrics and who was the singer?Question #03: Kevin realizes that when he turns 21, he will no longer be under the jurisdiction of the Juvenile Court. He decides to hide and picks a name to use while hiding. What is the name and where did he get the name?Question #04: Kevin continues to hack Pacific Bell. His target is the Switching Control Center System (SCCS). Why did he choose that target? | | NIST 800-12 discussion of cryptography is remarkably up to date and correctly points out that cryptography depends on other controls for effective implementation.Question #05: Numerically list the 5 security controls that cryptography requires. In your own words, explain each control. | | Question #06: What is the main idea behind cryptography?Question #07: What is the main problem with symmetric cryptography?Question #08: What is the basic idea in asymmetric cryptography?Question #09: What does key length have to do with security?Question #10: What is a one-way hash function? Why is it used? SHA-1 is discussed...
Words: 1379 - Pages: 6
...SYNOPSIS NETWORK SECURITY USING CRYPTOGRAPHY TECHNIQUES IN NS-2 3rd YEAR, ECE BRANCH SUBMITTED BY - HARSHIT AGGARWAL (09102275) ANSHUL NARESH JAIN (09102232) SUPERVISOR - MR. JAWAID ALAM Submitted in partial fulfillment of the Degree Of Bachelor of Technology DEPARTMENT OF ELECTRONICS & COMMUNICATION JAYPEE INSTITUTE OF INFORMATION TECHNOLOGY UNIVERSITY, NOIDA AIM OF THE PROJECT NS-2 is an open source and very popular network simulation system. It provides support for IP protocols suite and many standard routing protocols for wire and wireless networks.Implementation of security on NS-2 is necessary in network simulation. However, currently, NS-2 does not support these features. Our project will aim to solve this issue.The purpose of the project is to find a way to add encryption/decryption features into network simulation program NS-2. GENERAL APPROACH TO PROJECT In order to experiment security features for network, we need to add security functions into NS-2. Our approach is to build a new protocol...
Words: 479 - Pages: 2
...individual? Something they have, something they are and something they know 2. What is Authorization and how is this concept aligned with Identification and Authentication? Authorization is the determination to if a user has the rights to perform specific tasks or actions on the network or system. Authorization is after Identification and Authorization where each verifies the user prior to verifying there role. 3. Provide at least 3 examples of Network Architecture Controls that help enforce data access policies at the LAN-to-WAN Domain level? 1. Smart Cards – A token CAC card that is used in tandem with a password 2. Passwords – User defined passwords that coincide with password standards. 3. Cognitive password – Pre-answered questions that hopefully only the user knows the answer to. 4. When a computer is physically connected to a network port, manual procedures and/or an automated method must exist to perform what type of security functions at the Network Port and Data Switch level for access control? Name and define at least three. Verify authorized access to the asset Verify the user is who they say they are through authentication Verify the configuration of the computer is compliant with local security standards.. 5. What is a Network Access Control (NAC) System? Explain its benefits in securing access control to a network. A NAC is the use of certain policy of the network information structure that temporarily limits access the certain recourses while...
Words: 536 - Pages: 3
...potential triggers for a context switch: • Multitasking: Most commonly, within some scheduling scheme, one process needs to be switched out of the CPU so another process can run.This context switch can be triggered by the process making itself unrunnable, such as by waiting for an I/O or synchronization operation to complete. On a pre-emptive multitasking system, the scheduler may also switch out processes from being starved of CPU time, preemptive schedulers often configure a timer interrupt to fire when a process exceeds its time slice.This interrupt ensures that the scheduler will gain control to perform a context switch. • Interrupt Handling Modern architectures are interrupt driven.This means that if the CPU requests data from a disk, for example, it does not need to busy-wait until the read is over, it can issue the request and continue with some other execution. When the read is over, the CPU can be interrupted and presented with the read. For interrupts, a program called an interrupt handler that handles the interrupt from the disk. When an interrupt occurs, the hardware automatically switches a part of the context (at least enough to allow the handler to return to the interrupted code). The handler may save additional context, depending on details of the particular hardware and software designs. Often only a minimal part of the context is changed in order to minimize the amount of time spent handling the interrupt. The kernel does not spawn...
Words: 991 - Pages: 4
...Question 1 a) The 6000 octet’s datagram itself comprise of a 20 octets header. Therefore, this means that only 5800-octetcs datagram comprise of the data field. Actual total data field = 6000 octets (data field) – 20 octets (header) = 5980 octets The Ethernet frame can take a payload of 1400 octets and every payload must go with a 20 octet’s header. This means that each payload will comprise 20 octet’s headers + 1380 octets’ data field. Each payload = 1380 octets (data field) + 20 octets (header) = 1400 octets With the 5980 octets of data field, we will slightly need more than 4 payloads. 5980/1480 = (4 x 1380) + 460 octets = 5520 octets + 460 octets = 5980 octets Be noted that the last 20 octets of data field will also go with a 20 octet’s header. Last payload = 460 octets (data field) + 20 octets (header) + padding = 480 octets + 920 octets (padding) = 1400 octets Finally, the IP fragments sequence will be as follow: Total Length = 1400More Flag = 1Offset = 0 | Total Length = 1400More Flag = 1Offset = 1380 | Total Length = 1400More Flag = 1Offset = 2760 | Total Length = 1400More Flag = 1Offset = 4140 | Total Length = 1400 More Flag = 0Offset = 5520 | b) Padding is a term used in cryptography. Normally, messages are to be encrypted in order to prevent the information in the message from leaking to other users. A number of random characters are added in the encryption...
Words: 1335 - Pages: 6
..."writing". Synonymous to abstraction, the art and science of hiding information by embedding messages within other, seemingly harmless messages. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data by replacing bits of useless or unused data in regular computer files (such as graphics, sound, text, HTML, or even floppy disks ) with bits of different, invisible information. This hidden information can be plain text, cipher text, or even images. Steganography sometimes is used when encryption is not permitted or, more commonly, is used to supplement encryption. An encrypted file may still hide information using steganography, so even if the encrypted file is deciphered, the hidden message is not seen. In modern digital steganography, data is first encrypted by the usual means and then inserted, using a special algorithm, into redundant (that is, provided but unneeded) data that is part of a particular file format such as a JPEG image. Think of all the bits that represent the same color pixels repeated in a row. By applying the encrypted data to this redundant data in some random or nonconspicuous way, the result will be data that appears to have the "noise" patterns of regular, nonencrypted data. A trademark or other identifying symbol hidden in software code is sometimes known as a...
Words: 6118 - Pages: 25
...purpose it makes things look messy and on top of that requires a lot of space. There is no noncable difference between png and gif apart from the size. So best choice is to go with gif just because it requires 1kb less of space. There are two protocols used to send data over that provide confidentiality, integrity and authenticity over network connection. I had to choose one of those to make my connection with google servers. So I done a research on those two protocols to make an...
Words: 527 - Pages: 3
...Unfortunately, there exist people who are always on the lookout for loopholes in the advances made in cryptography. As with other technologies, there are vulnerabilities in some areas of the system as they are tried and tested (Wobst, 2007). Many people hack systems that have been encrypted in order to access confidential information and use it for their advantage. This includes people’s private emails, messages, financial information, etc. it is therefore a never ending cycle of secure cryptology been developed, others trying to find loopholes in such systems and more developments made to address the loopholes and make the system more secure. Question Two: Symmetric-key cryptography refers to a method of encryption that uses a single key for both the encryption and the decryption. The receiver and the sender use keys that are related. The major drawback of this class of algorithms is that both parties are required to have accessibility to the secret key (Das & Madhavan 2009).The most common symmetric-key system is the Data Encryption Standard. It is useful in various applications such as email-privacy and encryption of ATMs The public-key cryptology uses two different keys. One key is private and functions to encrypt messages. The other one acts as a private key and functions to decrypt messages. Public-key cryptography solves the drawback of symmetric-key cryptography by creating a system...
Words: 630 - Pages: 3
