During the early days of the internet, its use was restricted to the military and universities for research and development. Later, when all of the networks came together to become the internet, the data used to go over the public transportation network.. People from all walks of life may provide information that is potentially highly sensitive, such as their bank credentials, username and passwords, personal documents, online shopping information, and private documents.
All security threats are deliberate, in the sense that they only occur when they are deliberately activated. These are the kind of security dangers that can be found in the world today:
- Interruption
When the availability of resources is threatened, this is referred to as an interruption in security. For example, a user may be unable to access its web-server, or the web-server may have been hijacked by an attacker.
- Privacy-Breach
A user’s privacy can be violated in this situation. Someone who is not allowed to access or intercept data sent or received by the originally authenticated user has gained access to or intercepted the data.
- Integrity
Any alteration or modification to the original context of communication falls under this kind of threat. The attacker intercepts and gets the data transmitted by the sender, and the attacker then either modifies or generates false data, which the attacker then sends to the intended recipient. The data is received by the receiver under the assumption that it has been sent by the original Sender.
- Authenticity
This type of hazard occurs when an attacker or a security offender impersonates a legitimate person and gains access to resources or communicates with other legitimate users.
There is no technology available now that can guarantee 100 percent security. However, some procedures may be taken to protect data when it is traveling over an unsecured network or the internet. Cryptography is the technology that is most extensively employed.
Cryptography
In cryptography, plaintext data is encrypted using a technique that makes it difficult to read and interpret the data. There are various cryptographic methods available today, which are detailed in greater detail below:
- Key to the Kingdom
- Key that is available to the public
- Digest of Messages
Secret Key Encryption
Both the sender and the receiver own the same secret key. This secret key is used to encrypt the data at the sender’s end, and it is never revealed. After the data has been encrypted, it is transmitted to the recipient over the public network. Because the recipient is aware of and possesses the Secret Key, decryption of the encrypted data packets is straightforward.
The Data Encryption Standard (DES) is an example of secret key encryption (DES). Secret Key encryption necessitates the creation of a separate key for each host on the network, which makes it difficult to maintain the key pool.
Public Key Encryption
In this encryption method, each user has his or her own Secret Key, which is not stored in the common database. The secret key is never made available to the general public. Along with a secret key, each user has a unique yet public key of their own. The public key is always publicly available to the public and is used by Senders to encrypt the data they are sending. When the user receives the encrypted data, he or she may quickly decrypt it by using the Secret Key that was provided to him or her.
Rivest-Shamir-Adleman encryption is an example of public-key encryption (RSA).
Message Digest
It is not necessary to send actual data while using this method; instead, a hash value is calculated and delivered. The second end-user then computes its hash value and compares it to the one that was just received in the previous step. If both hash values match, the message is accepted; otherwise, the message is refused.
The MD5 hashing algorithm is an example of a Message Digest. It is most commonly used in authentication when the user’s password is compared to the one that has been stored on the server.
