SECURE COM-MUNICATION

MEM-BERS TUSHAR SWAMI

VIKAS PRASAD

TANISH GARG

ACKNOWLEDGEMENT

We would like to express our special thanks of gratitude to our teacher Dr. Natasha who gave us the golden opportunity to present this wonderful presen-tation on the topic (Secure Communication), which also helped us in doing a lot of Research and we came to know about new things. We are really

thankful to her.

SECURE COMMUNICATION?When two entities are communicating and don’t want any third party to listen.

WHAT IS BEING DISCUSSED TILL NOW…effective ways to communicate

Communicat-ing Method Data Security

SUCCESSFUL COMMUNICA-TION

WHY DO WE NEED THIS? We are living in an information age. We need to keep information about every aspect of life,

so “INFORMATION IS AN ASSET”. Thus, needed to be secured from attacks and misuse.

Secured Information means What?

– ConfidentialityEnsuring that information is accessible only to those au-thorized to have access

– Integrity

Safeguarding the accuracy and completeness of information and processing methods

– Availability

Ensuring that authorized users have access to information and associated assets when re-quired

Threatening Attacks

BSe-cret

C

ASNOOPING

Threatening AttacksMODIFICATION

CCTransfer Rs.1000/- to B.

Transfer Rs.10000/- to C.

Ideal Route of the Message

Actual Route of the Message

A B

HOW TO ACHIEVE IT?

Most commonly used method : CRYPTOGRAPHY. It achieves security by encoding messages to make them un-

readable. Mathematical operations are applied on data to encrypt it. KEY – used for encryption and decryption of data.

CryptographySymmetric (one

key)

Asymmetric (two keys)

CRYPTOGRAPHY

Plaintext

Shared Secret Key Cipher-text

Encryp-tion Al-gorithm

Plaintext

Shared Secret KeyCiphertext

Decryp-tion Al-gorithm

Secure Key-exchange Channel

Insecure channel

Its Cipher text Message isKl Ekdudw,Krsh brxduhgrlqj ilqh.Krz derxw phhwlqj dw wkh wudlq vwdwlrq wklv Iulgdb dw5 sp?

Plaintext MessageHi Bharat,Hope you are doing fine. How about meeting at the train station this Friday at 5 pm?

DATA MASKING

DATA MASKING Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.

The purpose is to protect the actual data while having a func-tional substitute for occasions when the real data is not required.

The main reason for applying masking to a data field is to protect data that is classified as personal identifiable data, personal sensit-ive data.

EXAMPLE

TYPES OF DATA MASKING

DAT

A M

ASKI

NG

Static

On-the-fly

Dynamic

STATIC DATA MASKING - Static Data Masking is done on the golden copy of the data base. - Reduce the data set to a subset that holds the data necessary for a particular round of testing, apply necessary code changes from source control and push data to desired environment.

ON-THE-FLY DATA MASKING On-the-Fly Data Masking happens in the process of transfer- ring data from environment to environment without data touching the disk on its way.

DYNAMIC DATA MASKING Dynamic data masking happens at runtime, dynamically, and on-demand so that there need not be a second data source where to store the masked data dynamically.

TECHNIQUES OF DATA MASK-INGSubstitution Method

• It allows the masking to be performed in such a manner that another authentic look-ing value can be substituted for the existing value.

• 1: 1 mapping is done.

Shuffling Method

The shuffling method is a very common form of data obfuscation. It is sim-ilar to the substitution method but it derives the substitution set from the same column of data that is being masked.

MASKING OUT• Character scrambling or masking out of certain fields is also another simplistic yet very effective method of preventing sensitive informa-tion to be viewed. • This is commonly applied to credit card data in production systems. Example : Credit Card No. XXXX XXXX XXXX 6789. Applications1) Used in Application and Software testing.2) Used in various training programmes.3) Used in Banking Facilities.4) Used in customer service facilities like Call centres.

STEGANOGRAPHY

STEGANOGRAPHY Steganography refers to the art and science of hiding secret information in some other media.

The information to be hided is called the secret message.

The medium in which the information is hidden is called the cover document.

The cover document containing hidden message is called the s stego-document.

STEGANOGRAPHY

STEGANOGRAPHY AP-PROACHThere are two main approaches for Steganography.

SPATIAL DOMAIN APPROACHThe Data is hidden in the spatial domain of the cover docu-ment.

FREQUENCY DOMAIN APPROACHTransform domain methods hide messages in non-significant areas of the cover document.

APPLICATIONS1) PRINTER STEGANOGRAPHY Some modern printers use steganography, like HP laser printers

These printers add tiny yellow dots to each page.

2) Used by intelligence services and many other organisations.

DIGITAL WATERMARKING

• Act of hiding a message related to a digital signal within the signal itself

• Watermarking tries to hide a message related to the actual content of the digital signal

• In steganography the digital signal has no relation to the message

INTRODUCTION

APPLICATIONS1) Broadcast monitoring-

-To track when a specific video is being broadcast by a TV station. -Important to advertising agencies

Information used to identify individual videos could be embedded in the videos themselves using watermarking, making broadcast monitoring easier.

2) Owner identification-

-To identify the owner of a specific digital work of art(video or image)-Important task, especially in cases related to copyright infringement.

So, instead of including copyright notices with every image or song, we could use watermarking to embed the copyright in the image or the song itself.

Applications(contd.)

3) Transaction tracking-

-To record the recipient of every legal copy of a movie -By embedding a different watermark in each copy.

If the movie is then leaked to the Internet, the movie producers could identify which recipient of the movie was the source of the leak.

4) copy control-

-To prevent the illegal copying of songs

By embedding a watermark in them that would instruct a watermarking compatible DVD or CD writer to not write the song or movie because it is an illegal copy.

PROPERTIES • Effectiveness - Probability that the message in a watermarked image will be

correctly detected

• Image fidelity - Watermarking is a process that alters an original image to add a message to it

• The payload size - The size of embedded message is often important as many systems require a relatively big payload to be embedded in a cover work.

• The false positive rate - This is the number of digital works that are identi-fied to have a watermark embedded when in fact they have no watermark embedded.

• Robustness - A robust watermark should be able to withstand additive Gaussian noise, compression, printing and scanning, rotation, scaling, cropping, etc.

• very similar to the traditional models of communication systems

• Watermarking - a process of communicating a message from the watermarking embedder to the watermarking receiver.

• images, can be viewed as high-dimensional vectors, called the media space.

• For example a 512 X 512 image would be described as a 262144 elements vector in a 262144-dimensional space.

• useful to better visualize the watermarking process using a number of regions

WATERMARKING MODELS

Communication-based view

Geometric view

• The embedding region- all the possible images resulting from the embedding of a message inside an unwatermarked image

• The detection region - images from which a watermark can be successfully extracted

• The region of acceptable fidelity - images resulting from the embedding of a message into an unwatermarked image(identical to the original image)

• The embedding region for a given watermarking system lie in-

side the intersection of the detection region and the region of acceptable fidelity

GEOMETRIC MODEL

Communication-based Model• Sender on one side would encode a message

using encoding key• Then the message would be transmitted on a

communications channel, which would add some noise to encoded message

• The resulting noisy message would be received at the other end, which would decode it using a decoding key, to get the original message back

• Can be further divided into two sub-categories:• Uses side-information• Does not use side-information at all

The term side information refers to any auxiliary information except the input message itself, that can be used to better encode or decode it.

Watermarking without side-information

• The image is simply considered as another form of channel noise that distorts the message during its transmission

• The watermark embedder encodes a message using a watermark encoder and a key

• This is then added to the original image and transmitted over the communication channel which adds some noise

• The watermark detector at the other end receives the noisy watermarked image and decode the original image using a key

Watermarking with side-in-formation

• The only difference is the use of the original image

• The watermark embedder still encodes a message using not only a key but also the information provided by the original image

• The resulting encoded message is then added to the original image as in the case of the no-side-information model

• The watermarking detector tries to get the original message back using the original key and a detection algorithm

REAL WORLD APPLICATIONS

TELECOMMUNICATION

MOBILE PHONES

Signal most vulnerable to attack when go-ing from tower to mobile device.

Hence, encryption method is needed there.

To avoid eavesdropping, the cipher key is sent separately.

WHATSAPPFew months ago, WhatsApp em-ployed end-to-end encryption mechanism to ensure its users’ messages security.

SECURE NETWORK COMMUNICATIONSSECURE SOCKET LAYER (SSL) a public-key protocol for providing data security layered between TCP/IP. used for establishing an encrypted link between a server and a client. SSL allows sensitive information to be transmitted securely. SSL secures millions of peoples' data on the Internet every day, especially

when transmitting some confidential information.

HOW TO SPOT A SSL-SECURED WEBSITE

They have a lock icon being displayed or green address bar that comes with an extended val-idation for SSL-secured website.

SSL-secured websites also begin with https rather than http.

Numbers

Ex-changed

Diffie-Hellman Key Exchange

ExchangeKey = (Generator^SecretNumber) mod Prime

FinalKey = (ExchangeKey^SecretNumber) mod Prime

Majorly used techniques for data security explained. But attackers are getting advanced with time. Hence, this field requires constant development.

So that people can rely more on the new communication techniques rather than conventional methods, and our

PM’s dream of “DIGITAL INDIA” can be-come a propitious reality.

REFERENCES• https://www.cl.cam.ac.uk/teaching/0910/R08/work/essay-ma485-watermarking.pdf• https://hal.archives-ouvertes.fr/file/index/docid/86383/filename/TIP_DEC05.pdf• https://cryptomath.files.wordpress.com/2008/08/playfair-cipher.ppt• cc.ee.ntu.edu.tw/~farn/courses/BCC/NTUEE/2013.spring/projects/Team2.pptx• http://www.garykessler.net/library/crypto.html• http://www.ijcta.com/• https://www.scribd.com/doc/27154173/Project-Report-Sample• https://cyfor.engineering.nyu.edu/wp-content/uploads/2015/08/steg1.png• https://www.clear.rice.edu/elec301/Projects01/steganosaurus/background.html• http://media.merchantcircle.com/19869322/PLANSAHEAD_CROP_full.jpeg• https://cdn.instructables.com/FX0/FWT8/HMWOI1YJ/FX0FWT8HMWOI1YJ.MEDI.jpg• http://www.clipartkid.com/november-progress-december-intentions-jg8hyH-clipart/• http://www.clipartbest.com/cliparts/9iz/Ede/9izEdeGiE.jpeg • http://cliparts.co/cliparts/di4/LAX/di4LAXG5T.jpg

CONCLUSION