TECHNOLOGY SOLUTIONS:
Today’s threat landscape is dynamic. The wealth of disruptive technologies solutions mobile, social, cloud and big data has been increasingly impacting protect strategies. These technologies will continue to add to the complexity and security needs of the IT infrastructure and information assets. They will challenge integrity of current security controls and will risk enterprise data solutions tellectual property (IP). Thus, it’s important that businesses have a start deliver effective enterprise security risk management and situational awareness -in-depth strategies, monitoring, analysis and reporting.
Protecting Internet communications:
Today we all communicate constantly over the internet Some people say we too much time on our mobile devices, and we do not interact enough with the and with the people around us. Here we discuss how we keep our internet communications secure from eavesdropping.
SOLUTION ENCRYPTION:
Encryption is the coding of information using a mathematical-based program and secret key. Encryption transforms clear text into cipher text. So that unauthorized person cannot decrypt the message without the decoding key. The purpose of encryption is (a) to secure stored information and (b) to secure information transmission. Encryption can provide four of the six key dimensions of e-commerce security.
- Message integrity-provides assurance that the message has not been altered. the user from denying he or she sent the message. Authentication- provides verification of the identity of the person (or computer) Sending the message.
- Confidentiality gives assurance that the message was not read by others In computing. ,unencrypted data is also known as plaintext, and encrypted data is called clip hypertext.
Formulas used to encode and decode messages are called encryption algorithms or ciphers. The science of encrypting and decrypting information is called cryptography In a substitution cipher, every occurrence of a given letter is replaced systematically by another letter.
For instance, if we used the cipher “letter plus two”- meaning place every letter in a word with a new letter two places forward-then the word “Hello” in plain text would be transformed into the following cipher text: “JGNNQ. A transposition cipher, the ordering of the letters in each word is changed in some systematic way.
Private Key encryption (symmetric encryption):
In order to decipher these messages, the receiver would have to know the secret Cipher that was used to encryption the plain text. This is called symmetric key encryption or secret key encryption.
As shown in figure, sender and receiver both uses same (common) key for encryption at sender side and for decryption at receiver side. Encoding and decoding message using symmetric- encryption is very fast and efficient.
the key is made public or if key is identified then all messages sent previously using that key are vulnerable. While symmetric encryption is an older method of encryption, it is faster and more efficient than asymmetric encryption, which takes a toll on networks due to performance issues with data size and heavy CPU use.
Due to the better performance and faster speed of symmetric encryption (compared to asymmetric), system cryptography is typically used for bulk encryption encrypting large amounts for database encryption. In the case of a database, the secret key might only be available to the database itself to encrypt or decrypt. Some examples of symmetric
Table of Contents
symmetric cryptography is used are:
Payment applications, such as card transactions where Pll needs to be protected to prevent identity theft or fraudulent charges Validations to confirm that the sender of a message is who he claims to be Random number generation or hashing Modern encryption systems are digital. The cipher’s or keys used to transform plain text into cipher text are digital strings.
Computers store text or other data as binary composed of 0s and 1s. For instance, the binary representation of the capital letter “A” in ASCIl computer code is accomplished with eight binary digits (bits): 1000001. One way in which digital strings can be transformed into cipher text is by multiplying each letter by another binary number, say, an eight-bit key number 1010101.
The Data Encryption Standard (DES) was developed by the National Security Agency (NSA) and IBM in the 1950s. DES uses a 56-bit encryption key. To cope with much faster computers, it has been improved by simple decent essentially encrypting the message three times, each with a separate key. Today, the most widely used symmetric key encryption algorithm is Advanced Encryption Standard (AES), which offers key sizes of 128, 192, and 256 bits.
AES had been considered to be relatively secure, but in August 2011, researchers from Microsoft and a Belgian university announced that they had discovered a way to break the algorithm, and with this work the “safety margin” of AES continues to erode. There arc also many other symmetric key systems that are currently less widely used, with keys up to 2,048 bits. Public key encryption (Asymmetric encryption):
- It encodes message by using two mathematically related numeric keys. Out of these two keys- one is known as private key and other is known as public key.
- As the name suggest, public key is freely distributed to the public. Private Key is a secret key which is used to encrypt and decrypt messages.
- Sender and receiver of the message has their private keys and they know each other’s public key. Each message from sender to receiver is encrypted by using receiver’s public key and Which is decrypted only by receiver’s private key.
A wants to send email to B A must know B’s email id so email id works as public key. Message sent to B is in mail box which can be read by only B by using his Take an example a want to send message to B using public key encryption. As shown in figure, A performs encryption by using B’s public key. A has B’s key because public key is freely distributed.
Then encrypted text is travelled to destination B performs decryption of message using his own private key and get original message with B’s private key which is secret and kept only with B. So it provides secure Public Key Encryption Using Digital
Signatures and Hash Digests:
To check the integrity of a message and ensure it bas not been altered hash function is used first to create a digest of the message.
Hash function Mathematical algorithm that at produces fixed-length number called message or hash digest A HAS FUNCTION CEN BE SIMPLE, AND COUNT THE NUMBER OF DIGITAL IS IN A MESSAGE, OR It can be more complex, and produce a 128 bit number that reflects the number of 0s and 1s, the number 00s 11s, and so on.
Example: MD4, MDS, SHA-1, SHA-2
Hash digest of message sent to recipient along with message to (verify integrity digest and message) encrypted with recipient’s public key Entire cipher text then encrypted with digital signature (e – signature)-for authenticity, nonrepudiation A digital signature or “signed” cipher text that can be sent over the Internet. A digital signature isa close parallel to a handwritten signature. Like a handwritten signature, a digital signature is unique.
When used with a hash function, the digital signature is even more unique than a handwritten signature. And changes for every document The receiver of this signed cipher (message + message digest) first uses the send – public key to authenticate the message. Once Authenticate, the recipient uses his her private key to obtain the hash result (message digest) and original message.
At final step, the recipient applies the same hash function to the original text (original message) and compares the result with the result sent by the sender. If the results same (Send message digest = receiver message digest) the receiver now knows message has not been changed during transmission the message has integrity.
Digital envelops:
A digital envelope is a secure electronic data container that is used to protect message through encryption and data authentication. A digital envelope allows use to encrypt data with the speed of secret key encryption and the convenience security of public key encryption. A digital envelope is also known as a digital Wrapper. A digital envelope uses two layers for encryption: Secret (symmetric)
and public key encryption. Secret key encryption is used for message encoding a decoding. Public key encryption is used to send a secret key to a receiving party a network. This technique does not require plain text communication. Digital Certificates and Public Key.
Infrastructure (PKI):
For analogy, a certificate can be considered as the ID card issued to the person People use ID cards such as a driver’s license, passport to prove their identity. digital certificate does the same basic thing in the electronic world, but with on difference.
Digital Certificates are not only issued to people but they can be issued to computer software packages or anything else that need to prove the identity in the electro world.
A digital certificate is a digital document issued by a trusted third-party institution known as a certification authority (CA) that contains the name of the subject company, the subject’s public key, a digital certificate serial number, an expiration date, an issuance date, the digital signature of the certification authority (the name the CA encrypted using the CA’s private key), and other identifying information.
digitally signs this entire information and includes digital signature in the Anyone who needs the assurance about the public key and associated information client, he carries out the signature validation process using CA’s public the person whose details are given in the certificate.
There are several ways the certificates are used in commerce. Before and transaction, the customer can request the signed digital certificate of the decrypt it using the merchant’s public key to obtain both the message digest add certificate as issued. If the message digest matches the certificate, then the action.
NEW POST
FOLLOW ON TWITTER
