NSHM KNOWLEDGE CAMPUS, DURGAPUR-GOI

(College Code: 273)

Continuous Assessment 1

Cryptographic security protocols

Presented By
Student Name: SHIBDAS CHAKRABORTY
University Roll No.: 27300119060
University Registration No.: 018069 OF 2019-20
Branch: Computer Science and Engineering
Year: 4th
Semester: 8th
Paper Name: Cryptography & Network Security
Paper Code: PEC-CS801B
 INTRODUCTION
• Cryptographic protocols provide secure connections, enabling two parties to communicate with
privacy and data integrity. The Transport Layer Security (TLS) protocol evolved from that of the
Secure Sockets Layer (SSL). IBM® MQ supports both SSL and TLS.
• The primary goals of both protocols is to provide confidentiality, (sometimes referred to
as privacy ), data integrity, identification, and authentication using digital certificates.
• Although the two protocols are similar, the differences are sufficiently significant that SSL 3.0
and the various versions of TLS do not interoperate.
• Cryptographic security protocols are a set of rules and procedures for secure communication
over a network. They use mathematical algorithms to encrypt and decrypt messages, ensuring
that data is protected from unauthorized access and tampering. Some common examples of
cryptographic protocols include:
• SSL/TLS: secure communication between a client and server
• IPSec: secure communication between devices over an IP network
• SSH: secure shell access to a remote system
• PGP: encrypted email communication
• These protocols are widely used to protect sensitive information transmitted over the internet,
such as passwords, credit card numbers, and personal data.
 Importance of Secure Communication
• Protects sensitive information from unauthorized access
or theft.
• Maintains privacy and confidentiality.
• Prevents tampering or interference with communication.
• Ensures authenticity of messages.
• Meets legal and regulatory compliance requirements.
 Overview of Common Cryptographic Protocols
• SSL/TLS: Secure Socket Layer/Transport Layer Security for secure data transmission
over the internet.
• AES: Advanced Encryption Standard for symmetric encryption.
• RSA: A public-key encryption algorithm for secure data transmission.
• DH: Diffie-Hellman key exchange for secure communication between two parties.
• SHA: Secure Hash Algorithm for creating digital signatures and verifying data integrity.
• ECC: Elliptic Curve Cryptography for efficient encryption.
• PGP: Pretty Good Privacy for secure email communication.
• HMAC: Keyed-Hash Message Authentication Code for message authentication.
 SSL/TLS
• SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic
protocols that provide secure communication over the internet. They are used to establish
an encrypted connection between a client and a server, typically between a web browser
and a web server. This encrypted connection protects sensitive information such as login
credentials, credit card numbers, and other personal data from being intercepted and
misused. SSL and TLS use certificate-based authentication and asymmetric encryption to
secure the connection. TLS is the successor to SSL and is the widely used protocol for
secure web communication today.
 AES
• AES stands for Advanced Encryption Standard, it is a symmetric
encryption algorithm that is widely used for encrypting and decrypting
sensitive information. It was adopted by the US government as a standard
encryption algorithm in 2001 and is considered one of the most secure
encryption algorithms. AES uses fixed block sizes (128, 192, or 256 bits)
and key sizes (128, 192, or 256 bits) to encrypt and decrypt data.
 IPSec
• IPSec (Internet Protocol Security) is a protocol suite that provides secure
communication on the Internet by ensuring confidentiality, integrity, and
authenticity of data. It operates at the network layer of the OSI model and
is used to secure communication between networks, typically over the
Internet. IPSec uses a combination of protocols, including Authentication
Header (AH) and Encapsulating Security Payload (ESP), to provide the
desired level of security for the transmitted data. IPSec can be used in
either Transport mode or Tunnel mode, depending on the desired level of
security and the specific use case.
 SSH
• SSH (Secure Shell) is a cryptographic network protocol for operating
network services securely over an unsecured network. It provides secure
encrypted communications between two untrusted hosts over an insecure
network. SSH is widely used for remote login, file transfers (SCP, SFTP),
and remote command execution. It replaces clear text protocols such as
Telnet and FTP, which transmit data in clear text and are vulnerable to
eavesdropping and tampering. SSH uses encryption and authentication to
protect the confidentiality and integrity of data in transit and to verify the
identity of the remote host.
 PGP
• PGP (Pretty Good Privacy) is a data encryption and decryption computer
program that provides cryptographic privacy and authentication for data
communication. It is used for signing, encrypting, and decrypting texts, e-
mails, files, directories, and whole disk partitions and to increase the
security of e-mail communications. PGP is often used for signing,
encrypting, and decrypting e-mails to increase the security of e-mail
communications. It uses a combination of symmetric-key encryption and
public-key encryption to secure the data. The user's public key is used to
encrypt messages and only the recipient with the corresponding private
key can decrypt the messages.
 Conclusion
• Cryptography is the practice of secure communication in the presence of
third parties. Its objective is to make it difficult for an eavesdropper to
understand the communication. Cryptography is used in a variety of
applications, including email, file sharing, and secure communications.
• The conclusion of cryptography is that it is a powerful tool for secure
communication, but it is not perfect. There are a number of ways to attack
a cryptographic system, and new attacks are constantly being discovered.
Cryptography is an important part of security, but it is not the only factor to
consider.