Cryptography is the art and science of achieving security by encoding messages to make them non-readable.
Cryptanalysis is the technique of decoding messages from a non-readable format back to readable format without knowing how they were initially converted from readable format to non-readable format.
Cryptology is a combination of cryptography and cryptanalysis.
Principles of Security:-
1)Confidentiality
2)Integrity
3)Authentication
4)Access control
5)Availability
6)Non-repudiation
7)Ethical and legal issues
Types of attacks:-
1)General attacks-Criminal attacks,publicity attacks,legal attacks
2)Technical view-a)Theoretical concepts-
I)Passive attacks-i)release of message contents ii)traffic analysis
II)Active attacks-i)Interception,ii)Fabrication,iii)Modification,iv)Interruption
3)Program attack-
a)Virus- A virus is a computer program that attaches itself to another legitimate program and causes damage to the computer system or to the network.
During lifetime ,a virus goes through four phases:-
Dormant phase,Propagation phase,Triggering phase ,Execution phase.
b)Worm
A worm does not perform any destructive actions and instead ,only consumes system resources to bring it down.
c)Trojan Horse
It allows an attacker to obtain some confidential information about a computer or a network.
d)Specific attacks-
Sniffing and spoofing-cause packet level attacks.
Phishing-It is new attack which attempts to fool legitimate users to provide their confidential information to fake sites
Pharming /DNS spoofing -attack involves changing the DNS entries so that users are redirected to an invalid site,while they thinking that they have connected to the right site.
Cryptanalysis is the technique of decoding messages from a non-readable format back to readable format without knowing how they were initially converted from readable format to non-readable format.
Cryptology is a combination of cryptography and cryptanalysis.
Principles of Security:-
1)Confidentiality
2)Integrity
3)Authentication
4)Access control
5)Availability
6)Non-repudiation
7)Ethical and legal issues
Types of attacks:-
1)General attacks-Criminal attacks,publicity attacks,legal attacks
2)Technical view-a)Theoretical concepts-
I)Passive attacks-i)release of message contents ii)traffic analysis
II)Active attacks-i)Interception,ii)Fabrication,iii)Modification,iv)Interruption
3)Program attack-
a)Virus- A virus is a computer program that attaches itself to another legitimate program and causes damage to the computer system or to the network.
During lifetime ,a virus goes through four phases:-
Dormant phase,Propagation phase,Triggering phase ,Execution phase.
b)Worm
A worm does not perform any destructive actions and instead ,only consumes system resources to bring it down.
c)Trojan Horse
It allows an attacker to obtain some confidential information about a computer or a network.
d)Specific attacks-
Sniffing and spoofing-cause packet level attacks.
Phishing-It is new attack which attempts to fool legitimate users to provide their confidential information to fake sites
Pharming /DNS spoofing -attack involves changing the DNS entries so that users are redirected to an invalid site,while they thinking that they have connected to the right site.
No comments:
Post a Comment