Network Security

Explain Symmetric cryptography and asymmetric cryptography algorithm.

Sr. No.	Symmetric Cryptography	Asymmetric Cryptography
1.	It requires a single key known only to the authorized parties.	It uses a pair of keys, one key is available publicly and second key is available privately.
2.	It uses the same key to both encrypt and decrypt.	It uses one key to encrypt and a different one to decrypt.
3.	It includes DES, 3DES, AES and RC4 symmetric encryption algorithms.	The most common asymmetric encryption algorithm is RSA.
4.	Symmetric encryption is an age old technique.	Asymmetric encryption is new technique.
5.	It is faster than asymmetric ciphers.	It is slower than symmetric cipher.
6.	It requires a dingle key that must be shared by the sender and the receiver.	It solves the key distribution problem by using two keys, one of which is perfectly fine to share.
7.	Encryption and decryption (confidentially), cannot be used for digital signatures (integrity and non-repudiation checks).	It can be used for encryption and decryption (confidentially) as well as for digital signatures (integrity and non-repudiation checks).
8.	Algorithm is less complex and faster.	Algorithm is more complex and slower.
9.	It computes incredibly fast, since the relatively simple operations executed very efficiently.	It computes slowly, using computationally heavy and complex operations, based on the difficulty of solving number-theoretic problems.

A. Symmetric Cryptography



B. Asymmetric Cryptography

• Compared to symmetric encryption, asymmetric encryption imposes a high computational burden, and tends to be much slower. Thus, it isn’t typically employed to protect payload data. Instead, its major strength is its ability to establish a secure channel over a non-secure medium (for example, the Internet). This is accomplished by the exchange of public keys, which can only be used to encrypt data. The complementary private key, which is never shared, is used to decrypt.

Explain RSA algorithm with an example.

What is RSA algorithm?

• RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who described this algorithm in 1978.
• It is an algorithm used by modern computers to encrypt and decrypt messages.
• RSA is an asymmetric cryptography algorithm.
• It involves a public key and private key.
• The public key can be known to everyone, it is used to encrypt messages. Messages encrypted using the public key can only be decrypted with the private key.
• The public key can be shared with everyone, whereas the private key must be kept secret.

How does it work?
In RSA cryptography, both the public and the private keys can encrypt a message. The opposite key from the one which is used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic communications and data storage.

Example of RSA
Mangala creates a pair of keys for herself. She chooses two primes: p=397 and q=401. She calculates n = p * q that is 159,197. The totient of n Φ (n)= (p-1)*(q-1) = 158,400. she chooses e = 343 and d=12,007. Show how Nikhil can send a message to Mangala if he knows e and n.

Solution
Suppose, Nikhil wants to send the message 'No' to Jeniffer. He changes each character to a number (from 00 to 25) with each character coded as two digits. He then concatenates the two coded characters and gets a four-digit number. The plain text is 1314. Nikhil then uses e and n to encrypt the message. The ciphertext is 1314³⁴³ = 33,677 mod 159,197. Mangala receives the message 33,677 and uses the decryption key 'd' to decipher it as 33,677^12,007 = 1314 mod 159,197. Mangala then decodes 1314 as the message 'NO'

Write a short note on SSL.

What is SSL?

• SSL stands for Secure Socket Layer.
• It is the standard secure technology for establishing an encrypted link between a web server and a browser.
• It is an industry standard which is used by millions of websites in the protection of their online transactions with their customers.
• It ensures that all data passed between the web server and browsers remain private and integral.
• All browsers have the capability to interact with secured web servers using the SSL protocol. However, the browser and the server need what is called an SSL Certificate to be able to establish a secure connection.

What Details are included in the SSL Certificate?

• The SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country.
• It will also contain the expiration date of the Certificate and details of the Certification Authority which is responsible for the issuance of the Certificate.

How does SSL Certificate work?

• To create an SSL connection a web server requires an SSL certificate.
• It has a key pair: a public key and private key.
• A public key is placed into a Certificate Signing Request (CSR) and it does not need to be secret.
• During the SSL Certificate application process, the Certification Authority will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL.
• Your web server will match your issued SSL Certificate to your Private Key and then they are able to establish an encrypted link between the website and your customer's web browser.
• The complexities of the SSL protocol remain invisible to your customers.
• Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it.
• All SSL Certificates are issued to either companies or legally accountable individuals.
• When a browser connects to a secure site it will retrieve the site's SSL Certificate and checks that it has not expired and is being used by the website for which it has been issued. If it fails on any one of these it checks the browser that display a warning to the end user letting them know that the site is not secured by SSL.