PKI Security Mechanisms

Verified

Added on 2019/09/21

AI Summary

The assignment content discusses the importance of securing data transmitted over the internet, using public key infrastructure (PKI), security protocols such as SSL and VPN, file encryption, file hashing, and backup and restoration. PKI uses asymmetric cryptographic techniques to ensure confidentiality, integrity, and authentication. Security protocols like SSL provide end-to-end communication while file encryption methods like block cipher and steam cipher are used for securing data. File hashing is a one-way compression method that reduces the time taken for encryption. Backup and restoration processes involve creating additional copies of data to avoid loss due to disasters or errors.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Table of Contents
Part 3: Cryptography security Assessment 2
Bibliography 6

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

PUBLIC KEY INFRASTRUCTURE
Requirements:
The growth of internet helps the business people to communicate easily. The communication
takes place through the public data network. The data transmitted should be checked for security.
To secure the data communication PKI (public key infrastructure) is used. Consider a data is
transmitted using internet tools such as WWW or email, the content of the data should be
secured. So the confidentiality of the data should be maintained. The data should be
authenticated only by the authorized person. The content of the data should be secured without
any changes being done by the third party member. So Integrity of the data should be
maintained. This process of securing the message between the third party members by using the
encryption techniques using the key is said to be Public Key Infrastructure.
Purpose:
In PKI, two different keys are used. They are public key and the private key. The private key is
kept secret and the public key is shared between the users. Hence this type of techniques is
asymmetric cryptographic techniques. If a message is encrypted with the public key it is
decrypted only with the private key. Likewise if a message is encrypted with the private key it is
decrypted only with the public key. Suppose if a person A wants to send a encrypted message to
person B the message is send along with the public key so that the person B can decrypt the
message using the private key of B. This type of security mechanism is followed in PKI.
Justification:
Since the Key pair mechanism is used in this infrastructure there will not be any confidentiality
issues key distribution. Only two keys are used to avoid ambiguity. It is very easy for
administration. This method uses mechanisms like digital signature algorithm and El - Gamal
using digital signature method. Key exchange algorithm such as Diffie – Hellman and RSA is
used for encryption and decryption method.
SECURITY PROTOCOL
Requirements:
The need for securing the information which is communicated via internet is increased.
Automatic tools are used for protecting the information. During the data communication traffic
occurs between the networks. So it must be secured by using SSL (Secured Socket Layer) or
VPN (Virtual private network). The aspect of security is to protect from the attack. The attack
may be active or passive attack. Passive attack is trying to access the information from the
system without affecting any resources of the system. Active attack is trying to access the system

information which affects the resources of the system. Other types of security threats are
interruption, interception, modification and fabrication.
Purpose:
SSL provides a secure end to end communication. It uses digital signature to authenticate the
information to make the data communication confidential. This protocol supports the variety of
cryptographic techniques such as DES, SHA, DSA, RSA, etc. It uses same key for encryption
and decryption. The secret key is also known as session key. PGP (Pretty Good Privacy) is used
for encrypting the email using the session key encryption. This encryption method can be done
for large volume of data.
Justification:
Cryptographic protocols are defined to secure the communication using single key encryption
techniques. Freshness mechanism such as Timestamps and nonce and Time based mechanism is
used to secure the communication without any data loss and data correction.
FILE ENCRYPTION
Requirements:
The main requirement for securing the information is secrecy, authentication and message
integrity. The message which is sent should be encrypted. Cipher is a method used for
encryption. The original message should be hidden by using other text. This method is called
encryption. Symmetric key and Asymmetric key is used for encryption. Symmetric key is using
the same key for both encryption and decryption. Asymmetric key is using the different key for
both encryption and decryption. For different scenario different encryption algorithms are used.
Purpose:
Symmetric algorithm uses Block cipher and steam cipher. Data encryption done by block of data
at a time is Block cipher. Data encryption done be bit by bit is Steam cipher. Each mechanism
use separate method for encrypting the data. Each encryption standard is determined by the
number of encryption keys. Substitution cipher such as caesar cipher, monoalphabetic cipher,
polyalphabetic cipher and Transposition Cipher such as columnar techniques and Rail fence
technique is used for encryption. Each technique has unique method for encryption of data.
Justification:
File encryption is used for securing the data with the basic security principles such as
confidentiality, integrity and availability. The data should be read only by the authorized users by
protecting it with the encryption techniques. The data in the file should not be altered by third

party member in order to ensure the integrity. The data should be available only for the necessary
users. These should be protected by using the encryption techniques.
FILE HASHING
Requirements:
For encrypting the large number of data, basic encryption techniques take long time for the
process. To reduce the encryption time, hash function can be used. Hashing is used for
compressing the string. The security requirements are deterministic hashing, hashing with the
random salt, hashing with the random messages, hashing with the secret key.
Purpose:
Hashing is one way method, there is no de-hashing where as encryption is two way
authentications, there is encryption and decryption. Three properties are used for hashing.
Preimage resistant, second preimage resistant, collision are used for hashing. Secure hash
algorithm is used for SHA-512 to compress the data. Two types of attacks are possible in the
hashing function. Brute force attack and crypt analysis are two possible attacks. Brute force
attack depends only on bit length where as crypt analysis focus on only specific algorithm.
Justification:
It reduces the method of compressing the data by using one way of compressing techniques. It
increases the security level of protecting the data. This method is simpler to process. It is secure
and fastest method of hashing function. Only limited number of attacks is possible with this hash
function. So hashing can be used for securing the data with confidentiality and integrity.
BACKUP AND RESTORATION
Requirements:
Back up is an additional copy of data which can be used for avoiding the data loss. It can be
created by simply copying the data or mirroring the data. Backup of data can be done manually
or through data traveler. There are three types of back up. They are full back up, differential
backup and incremental backup. Full back up is taking back up of entire system. Differential
back up is storing the last updated data. Incremental back up is storing the back up of archived
data. Back up of data can be created as Back up client, backup server and storage node.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Purpose:
The purpose of Backup is to protect the data from the disaster recovery, archival and operational.
There three methods of back up topologies. Direct attached based back up, LAN based backup
and SAN based backup. These back up are created to avoid the data loss and to recover the data
whenever necessary. It can be recovered from the backup server and the backup client.
Justification:
It is necessary to take back up for availability of data whenever necessary. If any data loss occurs
it can be recovered from backup server and back up client. It can be done by using software or
manual method as user convenience.

Bibliography:
“Implementing public key infrastructure using Microsoft windows server 2012 certificates”,
sans.org
“Understanding cryptography and encryption techniques”, techtarget.com
“Cryptography hashing”, tiptop security.com
“Cryptographic security and algorithms “

1 out of 6

PKI Security Mechanisms

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Enhanced OpenVPN Frame Structure

Hybrid Encryption

RSA ALGORITHM Name of the University Author Note RSA ALGORITHM Name of the Student Name of the University Author Note RSA ALGORITHM RSA ALGORITHM Name of the Author of the University

Secure Encryption Technologies: A Comprehensive Guide

SSL-TLS VPN Technologies

Public-Key Infrastructure (PKI) - Importance, Working, and Benefits

+13062052269

info@desklib.com