Cryptography in Internet Security

Question: Describe about the Cryptography in Internet Security? Answer: Executive Summary Internet now days are an inseparable part in our daily life. With the increase in popularity of internet, the increase in awareness about the security of the internet is also increasing in a rapid pace. So, for securing the data and to avoid redundancy of data and information, cryptography is used. Though it is a long and a complicated process, still the usage of it prevents the tampering of data at any point of data transfer. Chapter 1: Introduction 1.1 Requirement of the project Isaiyarasi Sankarasubramanian (2012) commented on the fact that in this modern era of technology and with the advancement of internet, the requirement and necessity of securing the internet has become an essential part. Internet is always prone towards the attack of the viruses, worms, spyware, Trojan Horse etc. that needs a strong prevention to protect the data and information from getting redundant and modified. According to Doshi (2012) one of the most essential parts of the internet security system is done through cryptography which has now become an inseparable as well as strong safety measure. 1.2 Problem statement Day by day the internet and technology is becoming advanced thereby increasing the number of loopholes for the internet attacks. This report will be discussing the ways of dealing with these loopholes and the use of cryptography for a high level security. 1.3 Research Questions What is the requirement of securing the internet according to you? What can be ways for having the internet secured? How Cryptography works for securing the internet? 1.4 Structure of the research proposal 1st chapter: Introduction: This chapter has discussed about the necessity of implementing cryptography in internet security along with the problems of the internet security. 2nd chapter: Literature Review: The different concepts are discussed that facilitated the researcher to understand the working of cryptography for internet security. 3rd chapter: Research Methodology: This section will be discussing regarding the research design, sampling population and methods of collecting data. 4th chapter: Discussions: This chapter discusses about the quantitative questions that are asked to the users that the researcher has set for the users. 5th Chapter: Recommendations and Conclusion: This chapter shows the importance of internet security and the functions of cryptography in securing the internet along with ways to enhance the security. Chapter 2: Literature Review 2.1 Introduction Camp (2000) commented that cryptography plays a pivotal role in securing the internet and maintaining the data integrity. The designing as well as implementing cryptography in data security requires an in-depth understanding and knowledge in number theory and discrete mathematics. Khan (2013) had a saying regarding this that a cryptographic encryption algorithm better known as cipher transforms plain text into cipher text for securing the data and maintains the integrity. 2.2 Types of attacks There are several types of attacks regarding security are discussed- Worm attack- Nazario Kristoff (2012) commented that the worms are the programs that attacks the host computer and thereby replicates them causing harm to the network bandwidth. Virus attack- According to Rhee (2003) viruses are the programs that spread through emails, internet, external hard disks that causes damages to the system by deleting or crashing the files. The viruses attack the computer memory initially and spread itself throughout the system. Trojan Horse- Singh, Gupta K Singh (2013) had a view that the Trojan horse are the programs that are malicious in nature and causes loss or modification of data and enters the users system through internet. 2.3 Levels of security The computer security is one of the major issues that need to be concerned in order to maintain the data integrity and security. The levels of security are thereby mentioned below- Firewalls- Temple Regnault (2002) commented on the fact that firewalls are the network devices that allows the messages to pass in the most selective way and screen out the entrusted network. IPSec- Here the IP level is secured using the methods of cryptography and can be used without the knowledge of application. Moreover, Walk et al. (2013) had a view that it is a Host-to-host encryption process and uses public and private key cryptography, digital certificates as well as keyed-hash algorithm. Application level security- According to Leiba (2012) this refers to the protection of Web applications at the layer of application against unauthorized attacks and access. This protects the system from parameter tampering, hacking and cross- site scripting that are caused through worms along with other vulnerable. 2.4 Internet Security and Cryptography Public Key Cryptography- Merkow Breithaupt (2000) commented on the fact that the internet users use TCP/IP for conducting all kind of communication. It allows the information to pass from one system to another without the interference of the third party that can occur through eavesdropping, impersonation, spoofing, tampering as well as misrepresentation. Li (2013) also had a view regarding this that it is also known as asymmetric encryption that takes into account both private key and public key for authentication and for encrypting the data. RSA is generally used for encrypting the entire data into blocks which contains both encoding terminal and decoding terminal. Private Key Cryptography- This is also referred to as Symmetric encryption or secret key cryptography that takes into account the same key for encryption as well as decryption. Nitaj Ould Douh (2013) commented on the fact that it contains DES or Data Encryption Standard that encrypts a 64 bit block data by means of a 56 bit key. The IDEA or International Data Encryption Algorithm that encrypts a 64- bit blocks of plain text by using 128 bit length key XOR operations. Moreover, Muiz Laud (2013) also had a view that Blowfish which is a symmetric block cipher that takes a key length from 32 bits to 448 bits. This method is extremely secured and is relatively fast. This can be shown as follows: If ct= encryption (pt, key) Then, pt= decryption (ct, key) Digital Signatures- According to Threepak et al. (2010) the digital signature is another powerful method that helps in authenticating the recipient that the sender has sent it. In this method, initially the sender computes a single way hash of the text or document. The sender encrypts the hash with the private key and then it turns out to be the signature of the document. In addition to this, Spamhaus (2013) commented on the fact that this document is then sent to the receiver where the receiver decrypts the signature with the senders public key and then compares the values. It is done to authenticate whether the document is sent by the sender and whether it is tampered in between the transmission. 2.5 Alignment with corporate business objective Ahmadian Ramaki (2012) commented on the fact that the cryptography is thereby used in the corporate world for controlling risk, managing security and maintaining compliances. Moreover it is also used for a secure transaction in the banking sectors and within the organizations for maintaining the data security and integrity. In todays digitalized world, Dent Mitchell (2004) also had a view that where the computer systems and internet have taken an important part within the organization, there Cryptography also plays a pivotal role in securing the network system. It is used in Ultra-secure voting; secure communications with space, quantum internet as well as in smarter power grid. 2.6 Conclusion It can be concluded from the following that now days, cryptography is been used majorly for internet security and the securing the computer systems. There are several types of cryptography that can be used for security purpose are- Public and private key cryptography and digital signatures. Usage of these methods keeps the data and information integrated and also maintains the authentication between the sender and receiver and prevents the tampering of the data. Chapter 3: Research Methodology 3.1 Introduction According to Al-Bahadili (2013) the research method consists of a series of steps that help the researcher in successful completion of the research in a most suitable way. In this section the researcher collects a huge amount of data that are focused on the research design and sampling for understanding the usage of cryptography in internet security. 3.2 Research design Though there are 3 types of research design, the researcher has adopted descriptive research design process for the completion of the project. Goth (2012) commented on the fact that this research design is so adopted that helps the researcher in understanding the issues related to internet security and the usage of cryptography in decreasing this risk. 3.3 Data collection methods Data is important for a researcher for the successful completion of the project. The data is collected from both the primary as well as secondary sources to have an in-depth knowledge regarding the topic. Konheim (2007) had a view regarding the collection of primary data is that these data are collected through direct interaction with the customers. The pen ended questionnaires are thereby set by the researcher for the internet users that will be taken as a sample for the research purpose. On the other hand, according to Bays et al. (2015) the secondary data, information and facts are collected from the journals, magazines and analyzed reports that already has been done that are in relation to the given research topic. 3.4 Sampling In this research work, the researcher has taken a sample of 100 customers that uses internet and are concerned with the security issues regarding the internet. Ziegeldorf, Morchon and Wehrle (2013) commented on the fact that analyzing this sample size, the researcher can come to a conclusion on the basis of this topic that depicts the usage of cryptography in the internet security. 3.5 Summary In this section, the research design, the methods of collecting the data and sampling is done. This helps the researcher in clear understanding of the internet security and the usage of cryptography in securing the internet. Chapter 4: Discussion 4.1 Introduction In this section, data are collected by the researcher through the quantitative questionnaire that will be helping the researcher in getting a clear idea of the research topic. 4.2 Quantitative Analysis (For Users) 1) For nearly how many years you are using internet? a) Less than 1 year b) 1-3 years c) 4-7 years d) 8- 11 years e) More than 11 years 2) How far you are concerned regarding the internet security? a) Very likely b) Likely c) Medium Knowledge d) Less Likely e) Not at all 3) How far you are concerned about cryptography regarding internet security? a) Very Likely b) Likely c) So-So Knowledge d) Less likely e) Not at all Chapter 5: Recommendations and Conclusion For securing the internet in the most modernized and effective way, cryptography has taken a pivotal role. Though sometimes this method is a tough and a complicated method, still it is used in order to secure the data properly. Cryptography takes a pretty long time for encoding and decoding the data so, it will be better if the time taken can be reduced to an extent. The knowledge regarding cryptography is limited so, the process need to be made easier so that every user can use it for securing the data. It can be concluded that overall cryptography plays a strong role in securing the data and raising the awareness among the users of the internet. Though there are several methods of internet attack, there are several cryptographic methods that can be used for maintaining the integrity of the data. References Ahmadian Ramaki, A. (2012). Language-Based Security to Apply Computer Security. International Journal On Cryptography And Information Security, 2(3), 37-47. doi:10.5121/ijcis.2012.2303 Al-Bahadili, H. (2013). A Secure Block Permutation Image Steganography Algorithm. International Journal On Cryptography And Information Security, 3(3), 11-22. doi:10.5121/ijcis.2013.3302 Camp, L. (2000). Trust and risk in Internet commerce. Cambridge, Mass.: MIT Press. Dent, A., Mitchell, C. (2004). User's guide to cryptography and standards. Boston, MA: Artech House. Doshi, N. (2012). A Novel Approach for Cryptography Technique on Perturbed Data for Distributed Environment. International Journal On Cryptography And Information Security, 2(3), 101-106. doi:10.5121/ijcis.2012.2309 Goth, G. (2012). Mobile Security Issues Come to the Forefront. IEEE Internet Comput., 16(3), 7-9. doi:10.1109/mic.2012.54 Isaiyarasi, T., Sankarasubramanian, K. (2012). A new key exchange protocol using two layers of security. Journal Of Discrete Mathematical Sciences And Cryptography, 15(2-3), 125-133. doi:10.1080/09720529.2012.10698369 Khan, A. (2013). Cryptography, security and privacy (CrySP) research group. XRDS: Crossroads, The ACM Magazine For Students, 20(2), 62-63. doi:10.1145/2541668 Konheim, A. (2007). Computer security and cryptography. Hoboken, N.J.: Wiley-Interscience. Leiba, B. (2012). Aspects of Internet Security. IEEE Internet Comput., 16(4), 72-75. doi:10.1109/mic.2012.75 Li, C. (2013). A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card. IET Information Security, 7(1), 3-10. doi:10.1049/iet-ifs.2012.0058 Merkow, M., Breithaupt, J. (2000). The complete guide to Internet security. New York: AMACOM. Muiz, M., Laud, P. (2013). Strong Forward Security in Identity-Based Signcryption. Journal Of Discrete Mathematical Sciences And Cryptography, 16(4-5), 235-258. doi:10.1080/09720529.2013.821367 Nazario, J., Kristoff, J. (2012). Internet Infrastructure Security. IEEE Security Privacy Magazine, 10(4), 24-25. doi:10.1109/msp.2012.99 Nitaj, A., Ould Douh, M. (2013). A New Attack on RSA With a Composed Decryption Exponent. International Journal On Cryptography And Information Security, 3(4), 11-21. doi:10.5121/ijcis.2013.3402 Rhee, M. (2003). Internet security. Chichester, West Sussex, England: J. Wiley. Sharma, A. (2012). Performance of Error Filters in Halftone Visual Cryptography. International Journal On Cryptography And Information Security, 2(3), 143-159. doi:10.5121/ijcis.2012.2313 Singh, H., L. Gupta, D., K Singh, A. (2013). Entropy Security in Quantum Cryptography. International Journal Of Computer Applications, 81(5), 19-24. doi:10.5120/14008-2057 Spamhaus (2013). DDoS attack fails to take down Internet. Network Security, 2013(4), 1-2. doi:10.1016/s1353-4858(13)70045-x Temple, R., Regnault, J. (2002). Internet and wireless security. London: Institution of Electrical Engineers. Threepak, T., Mitatha, S., Luangvilay, X., Yupapin, P. (2010). Quantum cryptography via a wavelength router for internet security. Microwave And Optical Technology Letters, 52(11), 2505-2509. doi:10.1002/mop.25523 Walk, N., Ralph, T., Symul, T., Lam, P. (2013). Security of continuous-variable quantum cryptography with Gaussian postselection. Physical Review A, 87(2). doi:10.1103/physreva.87.020303 Bays, L., Oliveira, R., Barcellos, M., Gaspary, L., Mauro Madeira, E. (2015). Virtual network security: threats, countermeasures, and challenges.J Internet Serv Appl,6(1). doi:10.1186/s13174-014-0015-z Ziegeldorf, J., Morchon, O. and Wehrle, K. (2013) Privacy in the Internet of Things: threats and challengesSecurity Comm. Networks, 7(12), pp.2728-2742