Home » Cryptography

Cryptography Security: Goals, Attacks, and Principles

In this tutorial, we will learn about the security goals which are the main aim and reason behind the cryptography, what these goals are that are to be met while ensuring data security. Also, we would be studying the principles of security. By Monika Sharma Last updated : May 24, 2023

Security Goals

The security goals include different measures to secure the data, like confidentiality, integrity, authentication, etc. However, the main goal of keeping the data secure is to prevent the data from various types of security attacks.

Security Attacks

The security attacks can be defined as an attempt by an outsider who is not an authenticate person to receive the data, but tries to get it by breaking into the system and applying different techniques and methods to get the valid information. The security attacks can be further classified as follows.

Classification of Security Attacks:

The security attacks are classified into 2 types,

1. Active Attacks

In an active attack, the attacker tries to modify the information. Due, to the modification, this attack can be easily detected because of visibility.

Examples:

1. Masquerade: One entity pretends to be a different entity.
2. Replay: Before going to the receiver, the attacker receives the message and transmits some other information over the network.
3. Denial of service: Breakdown of communication system or the entire network system.
4. Modification of message: The message is modified before it is received by the user at the receiver end.

2. Passive Attacks

In the passive attacks, the attacker tries to obtain the information and not to modify it. Due to this, these types of attacks are difficult to attack because no sign of intervention is seen in the data.

Examples:

1. Release of message content: The sensitive content in the messages is released among the unauthorized people.
2. Traffic analysis: In this, the attacker monitors and observes the transmission in order to understand the pattern of transmission.

If our encryption technique is strong enough that no outsider or attacker can break the code or algorithm used for encryption under any of the above-mentioned attacks, then this means that we are successful in meeting the data security goals.

To ensure that the security goals are met, certain principles were proposed which must be met to ensure the complete security of data.

The following five principles of data security are known to ensure the security,

Principles of Security

The following are the principles of security:

1. Data confidentiality: This means the privacy of data. Only the person who is the sole bearer of the data can access and read it.
2. Data Integrity: This means that no insertion, deletion or modification has been done in the information. The data is present in its original form as it was sent by the sender.
3. Data availability: This means that the data is always available for access whenever required.
4. Authentication: This ensures that the communication is being held among the right individuals.
5. Non-repudiation: According to this, the sender or the receiver cannot deny being responsible for the data being transmitted.