The common use of technology has raised the issue of how secure is the data stored online. The way information is being handled need to include high levels of data protection whether the data is in storage or it is on transit. With the advancements in the modern technologies, several companies have designed their business models in a manner that it utilizes technology. This means customer information and all information concerning the business operation are stored in the online servers. There have been threats on the theft of data unauthorized access and denial of service from hackers. Hackers have utilized the opportunity to hack most of the sensitive system in the world and compromising the information (Siponen & Willison, 2016). Information protection is not only wanted to function in the third parties, but it needs to ensure there internal data protection too. Therefore, high security systems are significant.
The common method advocated for protection of information is the use of cryptographic algorithms. However, these systems does not guarantee high security. The cryptography algorithms are used according to the needs of the organizations. It also depends on the features and availability of resources (Tipton & Nozaki, 2017). The best assessment of security on the organization depends on the evaluation of various existing security algorithms and protocols, so that the best algorithms can be used to secure data (Siponen & Willison, 2016). Additionally, it is clear that the roles of selecting the best security protocol cannot be taken for granted. The important part is to ensure a security consultant is involved in the decision-making process of selecting which security protocol is suitable for a particular organization.
The correspondence framework in a cryptographic domain may end up helpless against assaults if the cryptographic bundles don’t meet their proposed objectives. This current ace’s proposition is focused towards the objective of assessing contemporary cryptographic algorithms and conventions on the whole named as cryptographic bundles according to security needs of the association with the accessible assets. The security prerequisites are described by the standard model TCP/IP Protocol Suit which is then mapped upon the cryptographic bundles regarding accessible assets. The job in charge of this assessment is the security expert of the association. I have utilized this hypothetical model for the assessment.
Due to the high trend in the communication of sensitive data over the internet, information security issue has been on demand. Individuals utilize basic administrations over the shaky worldwide communication framework of Internet, for example, web based business, banking, ticketing and so on (Tipton & Nozaki, 2017). This has prompted to the exposure the conveying gatherings to extreme dangers, for example, secrecy breaking, information and data fraud, respectability infringement and absence of certainty between communication parties (Siponen & Willison, 2016). This is one of the primary reasons of putting extreme interest on the security of data and correspondence frameworks.
Cryptography gives answer for the issues of integrity, confidentiality, verification and key administration. The arrangements can be actualized in various types of uses. These applications might be independent or running on the World Wide Web, the Internet (Tipton & Nozaki, 2017). The serious issue is the choice of a cryptographic bundle as per the necessities and accessible assets of the association. The best cryptographic bundle doesn’t generally turn out to be a decent arrangement. On the off chance that the bundle doesn’t meet its proposed objective of giving security given accessible assets then it surely is going to prompt extreme issues (Siponen & Willison, 2016). One of the techniques to assess cryptography solution is by simulating its environment according to the resources available and the security parameters in place. Upon realizing the result, the result can be implemented on the operational environmental. The only demerit with this approach is that the current simulation software is relying on the traditional security protocols and lacks support of cryptography.
The other possible approach that can be used is the solving of the problem as a package. The evaluation role is dedicated to one individual. The person is able to use the systematic security requirements to satisfy the requirements and bearing in mind to utilize the resources available in the organization. This is the best theoretical model that is suitable to solve the security issues in the modern world (Siponen & Willison, 2016). The approach offers the option to select the best problem solving technique. Also, some simulation environment can be required to solve the issue of verification and testing of the security protocol recommended (Siponen & Willison, 2016). This research will evaluate some of the best cryptography algorithms that will offer the best security of data in the modern cyber world.
Communication over the internet has been popular in the contemporary world. Therefore, it is evident that there needs to be data integrity and confidentiality to ensure data protection is achieved. Some of the operations and online communications like the e-commerce activities requires a lot of information security because of the huge sensitivity associated with that information (Tipton & Nozaki, 2017). The information security tools, protocols and algorithms that help to protect data while on transit over the internet is what amounts to information security, computer security or network security in general (Siponen & Willison, 2016). Therefore, the terms can be used interchangeably. All these security requirements can be summed up in a CI+A criteria which stands for confidentiality, integrity and authentication. The following shows how the security is addressed through the CI+A criteria and its security parameters.
Information confidentiality means that data is protected from the unauthorized disclosure. The disclosure may happen when data is stored in a computer or when it is transported over a network. Therefore, the aspect of data confidentiality addresses static data and data that is on transit. Data on transit can be controlled through the TCP or IP communication regulations or rather information routing. Data confidentiality has very few fundamentals. The first and unquestionably progressively imperative one is the physical insurance of unprotected information (Tipton & Nozaki, 2017). The second prerequisite is encryption of physically unprotected information. Access control must be executed in the PC frameworks. Furthermore, the last one is the safe and right usage of security systems. Asset holding is another part of secrecy, which isn’t managed in this report essentially (Siponen & Willison, 2016). The answers for the confidentiality issue are encryption and access control systems, which is the fundamental subject of this report. I have isolated the entrance control part and named it confirmation which is explained in the subsections in this manner (Tipton & Nozaki, 2017). Security and mystery are different terms utilized in a similar setting yet with little contrast. Here, the accentuation is on the client. Security more often than not is the insurance of individual information while secrecy ordinarily is the assurance of hierarchical information.
Data integrity means that information is protected from unauthorized modifications or the untrustworthiness of sources of information. The source integrity is significant as data integrity is. We must be sure of the source where the data is obtained from. If the source of data provider is not trustworthy, there is no need to believe in that data, the integrity of that data must be questionable (Tipton & Nozaki, 2017). Integrity means information must be secured, origin integrity implies that information source is trusted (Siponen & Willison, 2016). Integrity of information can be divided into two sections namely prevention and detection.
Prevention: this mechanism ensures that integrity is maintained by blocking any unauthorized access to information. Any attempt of data modification by malicious people is blocked (Tipton & Nozaki, 2017). This access can be either by trying to change system passwords or any hacking attempts.
Detection: These mechanisms does not prevent unauthorized access into these systems. What is does is reporting to the information managers that the data is no longer secure (Siponen & Willison, 2016). The mechanisms detects by evaluating the logs, system events or the data to detect anomalies.
Integrity ensure data remains the same form the point it was sent to the receiver. In this case, it ensures that data that was sent does not undergo any modifications while on transit. The modification can either be modification, deletion, insertion and replay (Siponen & Willison, 2016). The best strategy is the connection-oriented integrity service which deals with stream of messages and ensures there is data integrity while the information is on transit. Connectionless integrity deals with individual texts’ modification only.
In the context of communication between two parties, authentication means assurance that the communicating entity is the one that is supposed to be communication. This is basically aimed to ensure that communication is authentic. Authentication can be divided into two categories namely peer entity and data origin authentication. In peer entity authentication means that the entity is not another on trying masquerade as the intended communicating entity (Nadeem & Javed, 2015). An authorized replay is done to verify this. The process is done in the connection establishment step of communication between two parties. During the transfer stage, the same associations are strictly maintained to prevent reply of previous communication (Nadeem & Javed, 2015). Data origin authentication means that the source of the information sent is the one that it claim to be, or it is the intended one.
Threats are possible security violations to information. The action that can lead to violation of data security is called an attack and the one executing the action is called an attacker. Data Security attacks can be delegated as either active or passive. Passive information attack work without influencing the frameworks assets and utilizing some framework data to rupture the security; while active attacks adjust the framework assets or because the activity to be irritated (Nadeem & Javed, 2015). Arrival of message substance is a kind of aloof assault in which the interloper learns the message substance by seizing a functioning session (Nadeem & Javed, 2015). The substance may have delicate or private data, for instance a document or email. Traffic examination is uninvolved attack in which traffic designs are broke down to deduct essential data. These assaults can be anticipated by encryption yet can’t be recognized when they happen. Listening stealthily is another structure in which the aggressor utilizes some sniffer programming to watch out for the correspondence. Wiretapping implies direct physical perusing of signals amid interchanges.
Active attacks tries to affect data by modifying data stream or by creating false streams of data. These attacks can be divided into various categories. Spoofing is the impersonation of a communicating entity (Nadeem & Javed, 2015). Delegation is a type of spoofing whereby the second entity functions like the other. Replay works by capturing data units and retransmitting it to other parties (Nadeem & Javed, 2015). Denial of service is where the attacker prevents the use of available data. Smurf attack makes sure there is no data available for access. Therefore, after realizing the data security parameters and the possible threats. The solution for information security is employing modern cryptography algorithms as discussed below:
Cryptography ensures there is secure communication by secreting sending the information. The information is secured by ensures the discussed parameters like confidentiality, integrity and authentication are achieved (Lee & Chiu, 2012). Crypto means secret writing. Cryptography therefore, ensures the data in transits in in secret format. Therefore, cryptography ensure when data is sent over the network is encrypted using secret keys which are required also by the receiver to decrypt the data into readable format.
The crypto system are characterized into three forms:
The following are the major and critical cryptography types that have revolutionized the data security concept in the modern technology.
This is an algorithm that is used to ensure there is data confidentiality on public networks like the internet. In this algorithm, data is encrypted by encrypting a plain text message P, using a symmetric-key algorithm cipher and a secret key, K (Lee & Chiu, 2012). there are five components that makes up the symmetric key cryptography. The following shows the components in detail:
Plain text: This is the initial message to be communicated
Encryption Algorithm: The function used to perform transformation of the plain text. This is typically the process of encrypting the message.
Secret key: This is the value attached to the plaintext as an independent input for encryption. The output of encryption depend on this key.
Cipher text: This is the final output of the encryption process. This is the new form of text after the application of the algorithm with a secret key (Lee & Chiu, 2012).
Decryption Algorithm: this is the reverse of what happens during encryption. This algorithm is used to decrypt the message after it has arrived at the receiver. The general technique used is cryptanalysis and brute force.
Cryptanalysis: in this case, the attacker uses the nature of the used algorithm or some skills of the plain text. The sole goal is to fine the key or manage to deduct some plain text form the cipher text.
Brute force attack: In this case, the attacker tries all possible keys to get some comprehensible plain text form the cipher text.
The cipher-text, which is now the encrypted message is sent to the receiver where decryption is done using the same secret key and same cipher. This method is very fast and then it allows large information to be encrypted within the shortest time possible (Nadeem & Javed, 2015). Secondly, the tools and algorithms for symmetric encryption is easily available. The only weakness with this type of cryptography is the limited security and the key management (Lee & Chiu, 2012). There are five types of attacks on the encrypted data, it can be cipher text only, plain text that is known, chosen plain text, chosen cipher text, and the chosen text only. The encryption not only allows confidentiality of information but also facilitates data integrity.
Asymmetric cryptography uses a pair of keys instead of one key. The two keys issued are related to one another mathematically. It uses a trap-door one-way function whereby the inverse direction is easy to give a particular piece of information (Nadeem & Javed, 2015). The public key contains information about a certain instance. The private key gives information about the trap door. Therefore, whoever has the access to the trap door can compute that function easily (Mahajan & Sachdeva, 2013). If one does not have the trap door, he cannot perform any forward direction function. This type of cryptography enables execution of digital signatures and efficient encryption. It has also the advantage of scalability. The weakness associated with this is that it is intensive to compute. The best algorithms commonly used to ensure data security are as follows:
The IDEA cipher encrypts data in 64 bits into a 64-bit ciphertext locks. The key used is the 128-bit input key. The algorithms comprises of 8 similar computational rounds followed by transformation of the output. The round r, uses six 16-bit sub keys to transform 64-bit input in to a 16-bit blocks, which are used as input in the next round (Mahajan & Sachdeva, 2013). The rounds are repeated to ensure the final cipher-text is attained. The algorithm is one of the strongest security mechanism which has not reported any successful attack on it (Mahajan & Sachdeva, 2013). However, it has its own weaknesses in that there is weak keys involved.
The algorithms does its encryption and decryption in 64-bit blocks. It also employs a 64-bit key. It takes the inputs of 64-bit and outputs a 64-bit cipher text. As it is uses same blocks, it outputs and uses both permutations in the algorithm. DES acts a block cipher and a product cipher (Mahajan & Sachdeva, 2013). It has a weakness of cipher design and cipher key. Some of the possible applicable attacks on DES include the Brute force attack, differential cryptanalysis and linear cryptanalysis.
This algorithms works by combining two key technologies. That is, the cryptographic key transmission capable of sensing the eavesdropping using the quantum properties of a single photon. Secondly, it is the single-use key that is proven to be secure, a one-time pad. The working of this algorithm is displayed in the figure below:
This algorithm encrypts and decrypts data of 128 bits. It always uses a 10, 12 or 14 rounds. Key size can be either 256 or 128 depending on the number of rounds involved. It uses several rounds in that in each round, there is several stages involved (Mahajan & Sachdeva, 2013). The weaknesses associated with this algorithm is that it involves several cycles as it takes more code. In the software simulation, the code and the inverse makes use of different codes (Mahajan & Sachdeva, 2013). The attacks possible for this algorithm include XSL attack only.
Technology advancements has led to the close monitoring of how data is stored and transmitted online. This has raised the issue of information security. The nature of information stored online is sensitive and therefore, it is crucial to control access of this information from unauthorized persons. There are three parameters of information security which include confidentiality, integrity and authentication. If all these three parameters are well strategized, them all information in the modern systems will be well secured. Therefore, cryptography comes in to the rescue of securing data stored online. Cryptography ensures data on transit is encrypted with secret keys to ensure it reaches the receiver as it was sent. The most useful algorithms used to secure information include AES, DES, quantum cryptography and IDEA algorithm.
Lee, K. H., & Chiu, P. L. (2012). An extended visual cryptography algorithm for general
access structures. IEEE transactions on information forensics and security, 7(1), 219-229.
Mahajan, P., & Sachdeva, A. (2013). A study of encryption algorithms AES, DES and RSA
for security. Global Journal of Computer Science and Technology.
Nadeem, A., & Javed, M. Y. (2015). A performance comparison of data encryption
algorithms. In 2005 international Conference on information and communication technologies (pp. 84-89). IEEE.
Siponen, M., & Willison, R. (2016). Information security management standards: Problems
and solutions. Information & Management, 46(5), 267-270.
Tipton, H. F., & Nozaki, M. K. (2017). Information security management handbook. CRC