secure communication
TRANSCRIPT
SECURE COM-MUNICATION
MEM-BERS TUSHAR SWAMI
VIKAS PRASAD
TANISH GARG
ACKNOWLEDGEMENT
We would like to express our special thanks of gratitude to our teacher Dr. Natasha who gave us the golden opportunity to present this wonderful presen-tation on the topic (Secure Communication), which also helped us in doing a lot of Research and we came to know about new things. We are really
thankful to her.
SECURE COMMUNICATION?When two entities are communicating and don’t want any third party to listen.
WHAT IS BEING DISCUSSED TILL NOW…effective ways to communicate
Communicat-ing Method Data Security
SUCCESSFUL COMMUNICA-TION
WHY DO WE NEED THIS? We are living in an information age. We need to keep information about every aspect of life,
so “INFORMATION IS AN ASSET”. Thus, needed to be secured from attacks and misuse.
Secured Information means What?
– ConfidentialityEnsuring that information is accessible only to those au-thorized to have access
– Integrity
Safeguarding the accuracy and completeness of information and processing methods
– Availability
Ensuring that authorized users have access to information and associated assets when re-quired
Threatening Attacks
BSe-cret
C
ASNOOPING
Threatening AttacksMODIFICATION
CCTransfer Rs.1000/- to B.
Transfer Rs.10000/- to C.
Ideal Route of the Message
Actual Route of the Message
A B
HOW TO ACHIEVE IT?
Most commonly used method : CRYPTOGRAPHY. It achieves security by encoding messages to make them un-
readable. Mathematical operations are applied on data to encrypt it. KEY – used for encryption and decryption of data.
CryptographySymmetric (one
key)
Asymmetric (two keys)
CRYPTOGRAPHY
Plaintext
Shared Secret Key Cipher-text
Encryp-tion Al-gorithm
Plaintext
Shared Secret KeyCiphertext
Decryp-tion Al-gorithm
Secure Key-exchange Channel
Insecure channel
Its Cipher text Message isKl Ekdudw,Krsh brxduhgrlqj ilqh.Krz derxw phhwlqj dw wkh wudlq vwdwlrq wklv Iulgdb dw5 sp?
Plaintext MessageHi Bharat,Hope you are doing fine. How about meeting at the train station this Friday at 5 pm?
DATA MASKING
DATA MASKING Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.
The purpose is to protect the actual data while having a func-tional substitute for occasions when the real data is not required.
The main reason for applying masking to a data field is to protect data that is classified as personal identifiable data, personal sensit-ive data.
EXAMPLE
TYPES OF DATA MASKING
DAT
A M
ASKI
NG
Static
On-the-fly
Dynamic
STATIC DATA MASKING - Static Data Masking is done on the golden copy of the data base. - Reduce the data set to a subset that holds the data necessary for a particular round of testing, apply necessary code changes from source control and push data to desired environment.
ON-THE-FLY DATA MASKING On-the-Fly Data Masking happens in the process of transfer- ring data from environment to environment without data touching the disk on its way.
DYNAMIC DATA MASKING Dynamic data masking happens at runtime, dynamically, and on-demand so that there need not be a second data source where to store the masked data dynamically.
TECHNIQUES OF DATA MASK-INGSubstitution Method
• It allows the masking to be performed in such a manner that another authentic look-ing value can be substituted for the existing value.
• 1: 1 mapping is done.
Shuffling Method
The shuffling method is a very common form of data obfuscation. It is sim-ilar to the substitution method but it derives the substitution set from the same column of data that is being masked.
MASKING OUT• Character scrambling or masking out of certain fields is also another simplistic yet very effective method of preventing sensitive informa-tion to be viewed. • This is commonly applied to credit card data in production systems. Example : Credit Card No. XXXX XXXX XXXX 6789. Applications1) Used in Application and Software testing.2) Used in various training programmes.3) Used in Banking Facilities.4) Used in customer service facilities like Call centres.
STEGANOGRAPHY
STEGANOGRAPHY Steganography refers to the art and science of hiding secret information in some other media.
The information to be hided is called the secret message.
The medium in which the information is hidden is called the cover document.
The cover document containing hidden message is called the s stego-document.
STEGANOGRAPHY
STEGANOGRAPHY AP-PROACHThere are two main approaches for Steganography.
SPATIAL DOMAIN APPROACHThe Data is hidden in the spatial domain of the cover docu-ment.
FREQUENCY DOMAIN APPROACHTransform domain methods hide messages in non-significant areas of the cover document.
APPLICATIONS1) PRINTER STEGANOGRAPHY Some modern printers use steganography, like HP laser printers
These printers add tiny yellow dots to each page.
2) Used by intelligence services and many other organisations.
DIGITAL WATERMARKING
• Act of hiding a message related to a digital signal within the signal itself
• Watermarking tries to hide a message related to the actual content of the digital signal
• In steganography the digital signal has no relation to the message
INTRODUCTION
APPLICATIONS1) Broadcast monitoring-
-To track when a specific video is being broadcast by a TV station. -Important to advertising agencies
Information used to identify individual videos could be embedded in the videos themselves using watermarking, making broadcast monitoring easier.
2) Owner identification-
-To identify the owner of a specific digital work of art(video or image)-Important task, especially in cases related to copyright infringement.
So, instead of including copyright notices with every image or song, we could use watermarking to embed the copyright in the image or the song itself.
Applications(contd.)
3) Transaction tracking-
-To record the recipient of every legal copy of a movie -By embedding a different watermark in each copy.
If the movie is then leaked to the Internet, the movie producers could identify which recipient of the movie was the source of the leak.
4) copy control-
-To prevent the illegal copying of songs
By embedding a watermark in them that would instruct a watermarking compatible DVD or CD writer to not write the song or movie because it is an illegal copy.
PROPERTIES • Effectiveness - Probability that the message in a watermarked image will be
correctly detected
• Image fidelity - Watermarking is a process that alters an original image to add a message to it
• The payload size - The size of embedded message is often important as many systems require a relatively big payload to be embedded in a cover work.
• The false positive rate - This is the number of digital works that are identi-fied to have a watermark embedded when in fact they have no watermark embedded.
• Robustness - A robust watermark should be able to withstand additive Gaussian noise, compression, printing and scanning, rotation, scaling, cropping, etc.
• very similar to the traditional models of communication systems
• Watermarking - a process of communicating a message from the watermarking embedder to the watermarking receiver.
• images, can be viewed as high-dimensional vectors, called the media space.
• For example a 512 X 512 image would be described as a 262144 elements vector in a 262144-dimensional space.
• useful to better visualize the watermarking process using a number of regions
WATERMARKING MODELS
Communication-based view
Geometric view
• The embedding region- all the possible images resulting from the embedding of a message inside an unwatermarked image
• The detection region - images from which a watermark can be successfully extracted
• The region of acceptable fidelity - images resulting from the embedding of a message into an unwatermarked image(identical to the original image)
• The embedding region for a given watermarking system lie in-
side the intersection of the detection region and the region of acceptable fidelity
GEOMETRIC MODEL
Communication-based Model• Sender on one side would encode a message
using encoding key• Then the message would be transmitted on a
communications channel, which would add some noise to encoded message
• The resulting noisy message would be received at the other end, which would decode it using a decoding key, to get the original message back
• Can be further divided into two sub-categories:• Uses side-information• Does not use side-information at all
The term side information refers to any auxiliary information except the input message itself, that can be used to better encode or decode it.
Watermarking without side-information
• The image is simply considered as another form of channel noise that distorts the message during its transmission
• The watermark embedder encodes a message using a watermark encoder and a key
• This is then added to the original image and transmitted over the communication channel which adds some noise
• The watermark detector at the other end receives the noisy watermarked image and decode the original image using a key
Watermarking with side-in-formation
• The only difference is the use of the original image
• The watermark embedder still encodes a message using not only a key but also the information provided by the original image
• The resulting encoded message is then added to the original image as in the case of the no-side-information model
• The watermarking detector tries to get the original message back using the original key and a detection algorithm
REAL WORLD APPLICATIONS
TELECOMMUNICATION
MOBILE PHONES
Signal most vulnerable to attack when go-ing from tower to mobile device.
Hence, encryption method is needed there.
To avoid eavesdropping, the cipher key is sent separately.
WHATSAPPFew months ago, WhatsApp em-ployed end-to-end encryption mechanism to ensure its users’ messages security.
SECURE NETWORK COMMUNICATIONSSECURE SOCKET LAYER (SSL) a public-key protocol for providing data security layered between TCP/IP. used for establishing an encrypted link between a server and a client. SSL allows sensitive information to be transmitted securely. SSL secures millions of peoples' data on the Internet every day, especially
when transmitting some confidential information.
HOW TO SPOT A SSL-SECURED WEBSITE
They have a lock icon being displayed or green address bar that comes with an extended val-idation for SSL-secured website.
SSL-secured websites also begin with https rather than http.
Numbers
Ex-changed
Diffie-Hellman Key Exchange
ExchangeKey = (Generator^SecretNumber) mod Prime
FinalKey = (ExchangeKey^SecretNumber) mod Prime
Majorly used techniques for data security explained. But attackers are getting advanced with time. Hence, this field requires constant development.
So that people can rely more on the new communication techniques rather than conventional methods, and our
PM’s dream of “DIGITAL INDIA” can be-come a propitious reality.
REFERENCES• https://www.cl.cam.ac.uk/teaching/0910/R08/work/essay-ma485-watermarking.pdf• https://hal.archives-ouvertes.fr/file/index/docid/86383/filename/TIP_DEC05.pdf• https://cryptomath.files.wordpress.com/2008/08/playfair-cipher.ppt• cc.ee.ntu.edu.tw/~farn/courses/BCC/NTUEE/2013.spring/projects/Team2.pptx• http://www.garykessler.net/library/crypto.html• http://www.ijcta.com/• https://www.scribd.com/doc/27154173/Project-Report-Sample• https://cyfor.engineering.nyu.edu/wp-content/uploads/2015/08/steg1.png• https://www.clear.rice.edu/elec301/Projects01/steganosaurus/background.html• http://media.merchantcircle.com/19869322/PLANSAHEAD_CROP_full.jpeg• https://cdn.instructables.com/FX0/FWT8/HMWOI1YJ/FX0FWT8HMWOI1YJ.MEDI.jpg• http://www.clipartkid.com/november-progress-december-intentions-jg8hyH-clipart/• http://www.clipartbest.com/cliparts/9iz/Ede/9izEdeGiE.jpeg • http://cliparts.co/cliparts/di4/LAX/di4LAXG5T.jpg
CONCLUSION