By Raul Bernardino
Introduction:
Nowadays,
in the global communication infrastructure is allowing everyone is connecting
through the private networks in which have integrated with global networks such
as internet and emails. With this global communication infrastructure is
allowing almost everyone to communicate easily and effective in anytime and
anywhere. More than 34% of the world populations are using the internet. The
cross boarder communication and the virtual communication are becoming a
concern of everyone on how to secure the communication and how to ensure those
transactions are reaching to the right destination with the right information.
“Therefore, securing the
communication is becoming a priority with the following properties; such as the
confidentiality, end point authentication, message integrity, and operational
security,” Kurose J. and Ross K., (2010, P. 714-715).
The confidentiality:
The confidentiality perceives as secure communication. First, the sender has to
understand the contain of the information that willing to transmit to the
intent receiver. Second, the eavesdropper may be intercepting the messages.
Therefore, the message has to be encrypted before it sends.
The
end point authentication: The authentication means to confirm the identity of
the both receiver and sender before transmitting the message. It is not simple
authentication like face to face meeting. In the virtual situation it’s
difficult to recognize. For instance, we got a message from the friend and
maybe it is not coming from the intend person.
The
message integrity: The integrity of the message is important, therefore, it is
need to be rechecked with the sender if the message contain is correct even
though the both receiver and sender are authenticated.
The
operational security: The security on
the operational is important because almost all companies and other
institutions are connecting their networks with the public network or internet.
Therefore, we have to secure communication from the private to the public,
because we did not know who is in the public network.
As
it shows in below diagram:
There
are several methods of encrypting the data communication such as triple DES
(3DES) which is standing for Data Encryption Standard, AES which is standing
for Advance Encryption Standard, and RSA. The “RSA algorithm are form from
the names of the persons namely Ron Rivest, Adi Shamir, and Leonard Adleman,” Kurose
J. and Ross K., (2010, P. 722-727). The diagram below shows the security
association between two routers (R1 and R2).
The R1 stores for SA as follows:
·
The security
parameter index (SPI) uses 32 bit identifier
·
The interface of
the source of security association is 200.168.1.100
·
The interface of the
destination of security association is 193.68.2.23
·
The encryption types
can be used such as 3 DES with cipher block chaining (CBC)
·
The key of the encryption
·
The integrity check type such as MD5
·
The key of the authentication
In the SA Database (SAD) as follow:
·
During the process
, the end point holding the state
·
If there is a VPN
connections with n salespersons then 2 +2n SA in the R1 of the security
association database
·
The sending of the
IPsec datagram; the R1 is accessing the SAD in order to determine which and how
to process datagram
·
Arrived in the R2,
the R2 examines the SPI in the IPsec datagram and process datagram accordingly
The 3DES is using 64 bit of block
and 56 key while the AES is using 128 bit of block. The AES can be operating in
128 bit, 196 bit, and 256 bit. The key algorithms determine in internal
algorithms from mini table mapping and permutation. For instance n key length
has 2n possible keys. “The 56 bit key of the DES is 256 possible
keys and it can be crack in a second, and 128 bit key of AES can be crack in
149 trillion years,” Kurose J.
and Ross K., (2010, P. 723). The Kaufman diagram table of the 64 bit as it show
in the below table:
How to make DES more secure:
The 3DES has three times encryption
with three different keys such as actual encrypt, decrypt, and encrypt.
The RSA has most similarity with
public keys by using modulo n arithmetic as shows below:
Another RSA property is:
In September 2000, RSA claimed and patented in USA by
Public Key Partner (PKP), Inc.
References list:
- Kurose, J.F. & Ross, K.W. (2010) Computer Networking: A Top-Down Approach. 5th ed. Boston: Addison Wesley
- University of Liverpool/Laureate Online Education (2011) Lecture notes from Computer Networking Module Seminar 7 [Online]. Available from: University of Liverpool/Laureate Online Education VLE (Accessed: 9 September 2011)
- Internet World Statistic, [Online]. Available from: http://www.internetworldstats.com/stats.htm (Accessed: 25 August 2013)
- Security in the Network, [Online]. Available from: http://www.informit.com/articles/article.aspx?p=31339&seqNum=2 (Accessed: 25 August 2013)
- Symmetric vs. asymmetric algorithms, [Online]. Available from: http://www.suse.de/~garloff/Writings/mutt_gpg/node3.html (Accessed: 25 August 2013)
- Algorithms Used by SSH, [Online]. Available from: http://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch03_09.htm (Accessed: 25 August 2013)
Very useful amount of detail is provided in this article. Both the encryption algorithms are good ways of securing information online. And you have provided the main facts with respect to each in this article. Thank you.
ReplyDeletedigital signatures
Thanks for the comment and its useful for you.
ReplyDelete