Tag: security

QKD – How Quantum Cryptography Key Distribution Works

QKD – Quantum key distribution is the magic part of quantum cryptography. Every other part of this new cryptography mechanism remains the same as in standard cryptography techniques currently used.

By using quantum particles which behave under rules of quantum mechanics, keys can be generated and distributed to receiver side in completely safe way. Quantum mechanics principle, which describes the base rule protecting the exchange of keys, is Heisenberg’s Uncertainty Principle.

Heisenberg’s Uncertainty Principle states that it is impossible to measure both speed and current position of quantum particles at the same time. It furthermore states that the state of observed particle will change if and when measured. This fairly negative axiom which says that measurement couldn’t be done without perturbing the system is used in positive way by quantum key distribution.

| Continue Reading.. |

Introduction to Quantum Cryptography

Quantum cryptography is a new technique of securing computer network communication channel. Existing standard crypto systems are using advanced algorithms to create key pairs which are extremely hard to inverse engineer. Quantum cryptography avoids any mathematical algorithm and uses principles of quantum physics.

Quantum crypto implements a new technique of generating and exchanging crypto keys which makes it impossible for third party entities to get those keys by snooping or to create man in the middle by snooping and sending copies of original key. Keys generated in this way will automatically destroy themselves if read by third-party interferer.

When generated between two sides, using quantum key distribution, secret keys will be used with standard and well known symmetric encryption. The key generation process is the only part which uses quantum principles to work, from there, using this “hyper-secure key” already existing symmetric encryption will be used to encrypt and decrypt data, which will be sent over standard, currently available, optic data networks.

| Continue Reading.. |

Cryptography

If you want to send or store data and be sure it is safe from being intercepted, you will use Cryptography. Cryptography uses chipper as mathematical virtual lock to make data scrambled so that is not understandable if intercepted by unauthorized third parties.

There are different cryptography techniques, some of them are: encryption, hashing, and steganography.

Cryptography can be differentiated by usage of different key types:

  • Symmetric Key Encryption
  • Asymmetric Key Encryption

Symmetric Key Encryption is sometimes known as Secret Key Cryptography. Main characteristic of this type of cryptography is the same key usage in encryption and decryption of transferred data. Every change in the secret key will make data decryption impossible.

Asymmetric Key Encryption is known as Public Key Cryptography technique. Main characteristic of this type of cryptography is usage of two sets of keys which are generated for the process. One key is public and other is private. Public key encrypts the data. We can only decrypt that data using appropriate private key. The best part of asymmetric cryptography is that is giving us a technique to share encrypted data and enable the receiver to decrypt that data without sending the decryption key across unsecured network.

| Continue Reading.. |

Control Plane Protection in Cisco IOS

CoPP – Control Plane Protection or better Control Plain Policing. It is the only option to make some sort of flood protection or QoS for traffic going to control plane.

In the router normal operation the most important traffic is control plain traffic. Control plane traffic is traffic originated on router itself by protocol services running on it, destined to other router device on the network. In order to run properly, routers need to speak with each other. They speak with each other by rules defined in protocols and protocols are running in shape of router services.

Examples for this kind of protocols are routing protocols like BGP, EIGRP, OSPF or some other non-routing protocols like CDP etc..

CoPP

Control Plane Policing is QoS applied on ingress sub-interfacess towards Route Processor

When router is making BGP neighbour adjacency with the neighbouring router, it means that both routers are running BGP protocol service on them. BGP service is generating control plane traffic, sending that traffic to BGP neighbour and receiving control plane traffic back from the neighbour.

Usage of Control Plane Protection is important on routers receiving heavy traffic of which to many packets are forwarded to Control Plane. In that case, we can filter traffic based on predefined priority classes that we are free to define based on our specific traffic pattern.

| Continue Reading.. |

How Encryption of Network Traffic Works?

I recently started studying again, this time as an attempt of deep-diving into some security concepts for one of my PhD courses. It’s interesting how, as much as you try to escape from it, mathematics will sooner or later catch you somewhere and you will need to learn a bit more of it. At least that happened to me…

In this process I realised that if you go beyond simple security theory and network device configuration all other stuff is pure mathematics.

The reason behind my unplanned course in mathematics is explained through the rest of this text. It will explain what is network security and where is the math needed to get network communication secure. In the end, it was actually fun.

Encryption

Encryption

If you want two distant computers to talk with each other so that nobody else can see what they are talking about, you want to make a secure network connection between them. Security in this case means that you need to connect those machines to the network and be able to make the communication a secret communication. Secret communication through public communication system is possible by using encryption.

| Continue Reading.. |