Applied Cryptography in Network Systems Security for

Cyberattack Prevention
Abel Yeboah-Ofori1 Christian Kwame Agbodza2 Francisca Afua Opoku-Boateng3
School of Computing and Engineering Department of Education Beacom College of Computer and Cyber Sc
University of West London University of Brighton Dakota State University
London, UK Brighton, UK Madison, USA
abel.yeboah-ofori@uwl.ac c.agbodza@brighton.ac.uk francisca.opoku-boateng@dsu.edu

Iman Darvishi1 Fatim Sbai4

School of Computing and Engineering School of Computing and Engineering
University of West London University of West London
London, UK London, UK
21488578@student.uwl.ac.uk 21480906@student.uwl.ac.uk

Abstract-Application of cryptography and how various security, SSL/TSL for web application, IPSec/IKE for IP
encryption algorithms methods are used to encrypt and data security, SILC for conference services security and
decrypt data that traverse the network is relevant in securing SSH for terminal connection security with capabilities to
information flows. Implementing cryptography in a secure support digital signatures [14]. However, providing secure
network environment requires the application of secret keys,
public keys, and hash functions to ensure data confidentiality,
communications channels in a network system to prevent
integrity, authentication, and non-repudiation. However, interception, interruption, modification, and fabrication
providing secure communications to prevent interception, has become very challenging. Cyberattacks are deploying
interruption, modification, and fabrication on network various methods and techniques to break into network
systems has been challenging. Cyberattacks are deploying systems to exploit digital signatures, VPNs, and others.
various methods and techniques to break into network Attackers deploy various passive and active attacks on the
systems to exploit digital signatures, VPNs, and others. Thus, network systems. As a result, the threats and risks of
it has become imperative to consider applying techniques to interception, interruption, modification, and fabrication of
provide secure and trustworthy communication and information and communications traversing the network
computing using cryptography methods. The paper explores
applied cryptography concepts in information and network
have increased exponentially. The passive attacker deploys
systems security to prevent cyberattacks and improve secure reconnaissance and traffic analysis to stealthy observe the
communications. The contribution of the paper is threefold: information flows, data structures, then duplicate or copy
First, we consider the various cyberattacks on the different them, and sometimes use them in ID theft, intellectual
cryptography algorithms in symmetric, asymmetric, and property, and industrial espionage attacks. Further, in an
hashing functions. Secondly, we apply the various RSA active attack, the adversary uses brute force and other
methods on a network system environment to determine how methods to penetrate the systems masquerade, and covertly
the cyberattack could intercept, interrupt, modify, and tries to modify the systems, their contents, and sometimes
fabricate information. Finally, we discuss the secure causes replay and denial of service attacks, especially in a
implementations methods and recommendations to improve
security controls. Our results show that we could apply
distributed environment. These penetrations could lead to
cryptography methods to identify vulnerabilities in the RSA data tampering, alteration, modifications, deletions, and
algorithm in secure computing and communications diversions of delivery channels.
Buffer Overflow
networks. Malware
Buffer Overflow
Cross Site Virus
Malware
Keywords: Applied Cryptography, Network Security, RSA, Request DoS SQL
Passive Attacks Virus
Session Forgery Intrusion Injection
Interception, Interruption, Modification, Fabrication. Interception DoS
Interrruption Intrusion Hijacking
IP Spoofing Attack Attack Attack
I. INTRODUCTION Attack
Attack Attack
The application of cryptography has been relevant in
network security systems in securing information and
Laptop
communications in business-to-business, consumer-to-
business, and consumer-to-consumer environments.
Cryptography algorithms and different transposition Work station
DataEncrption
Encryption Key
Internal
systems have been used to secure data and networks in AttackMobil SSL External Login Screen
Firewall -User ID Firewall
Digital Deep Packet Application
points of sales systems, including electronic commerce, Deep Packet -Password Web Server
Certificates Inspection Server
Inspection
chip-based payment systems, password, digital currency Verication
5th Generation 5th Generation
Initiated Fire wall
systems, and others [1], [2]. The objective of applied Fire wall
cryptography includes using a secret key, public key, and Threat
hash functions to ensure data confidentiality, data integrity, Actor

authentication, and non-repudiation in a secure network Fig 1. Network Attack

communication environment [1], [2]. Several
cryptosystems such as Caesar Cipher, Vigenère Cipher, The objectives of applied cryptography focus on
Rivest-Shamir-Adleman (RSA), EI Gamal, Diffie ensuring confidentiality, integrity, authentication, and non-
Hermann, DES, SDES and other encryption algorithms repudiation of information and network systems. Thus, it
have been used to secure messages. The concepts consider has become imperative to provide a comprehensive study
plaintext encryption ciphertext decryption and plaintext of how to apply cryptographic methods and techniques to
[3]. The RSA security protocol such PGP for email provide secure and trustworthy communication and
computing. The paper explores applied cryptography encrypt and decrypt the RSA algorithm by indicating that
concepts in information and network systems security to the number factorization method in a serious threat against
prevent cyberattacks and improve secure communications. RSA [14]. However, RSA remains the most difficult to
The contribution of the paper is threefold: First, we attack and exploit if user secure the algorithm properly
consider the various cyberattacks on the different during implementation in commercial cryptosystems.
cryptography algorithms in symmetric, asymmetric, and
hashing functions. Secondly, we apply the various methods A. Security Objectives
on a network system environment to determine how We briefly discuss security objectives in applied
information could be intercepted, interrupted, modified, cryptography, including data confidentiality, data integrity,
and fabricated by the cyberattack. Finally, we discuss the authentication, and non-repudiation in a secure network
secure implementations methods and provide communication environment [8] [11].
recommendations to improve security controls. Our results
show that applied cryptography methods could be used to B. Data Confidentiality
identify vulnerabilities in secure computing and Data confidentiality considers preserving authorized
communications networks. restrictions on access and disclosure to information. The
objective is to protect and preserve personal privacy and
II. RELATED WORKS proprietary data in information sharing and network
This section provides an overview of the start of the art platforms. For instance, the attacker could deploy a
and related works in applied cryptography and network passive attack to covertly carry out reconnaissance, traffic
systems security. Applied cryptography considers various analysis, penetrations, intellectual property theft, industrial
symmetric, asymmetric and algorithms methods and espionage, and command and control attacks [8] [11].
hashing functions to transform and transpose data in a
secure format from senders and receivers. For instance, C. Data integrity
Jana et al. (2021) analyzed elliptic curve cryptography in Data integrity considers securing the network against
network security. The authors proposed some statistical improper information modification or destruction. For
results by using a small key size compared to RSA and instance, an attacker could deploy an active attack after
Diffie Hermann algorithms to reduce processing overhead penetration and intercept, modify and fabricate data that
[4]. Devi (2013) explored the applications of network could lead to information non-repudiation and authenticity.
security and cryptographic algorithms on information In addition, other attacks such as brute force, distributed
security by discussing the implications of digital signatures denial of service, and ransomware attacks could deploy,
in RSA and how various attacks are deployed on it [5]. leading to other cascading impacts on the information and
Further, Huang et al. (2007) proposed a generic network systems [8] [11].
transformation algorithm that converted any unforgeable
signatures scheme into strongly unforgeable ones and kept D. Data Authentication
the key pair of the signature schemes unchanged. They Data Authentications consider trusting the sources of the
used a strong one-time signature scheme based on a one- information and proper attribution to the owner or creator
way function, relevant in a trapdoor hash function [6]. of the data. In business process and information sharing, it
Additionally, Huang et al. (2014) proposed a partial key ensures that a system or person's authorizations, policies,
exposure attack on Takagi's variants of the RSA algorithm statements, and permissions issues are genuine. For
by considering the Coppersmith method to find the small instance, an attacker could exploit digital signatures when
roots of the modular polynomial equations. The authors use data authenticity is not enforced. Further, the attacker
three key scenarios: the most significant bits, the least would be violating the authenticity of an altered e-mail
significant bits, and the middle bits of the private exponent, message sent that appear to have come from a different e-
respectively, on RSA of Ernst et al., partial key exposure mail address than the source [8] [11].
attacks [3]. Lu et al. (2014) proposed a new partial key
exposure attack on CTR-RSA with large public exponents E. Non-Repudiation
by introducing two approaches using lattice-based attacks Non-repudiation provides the assurance that an object or
for the extended settings [7]. Yoneyama et al. 2014, a system cannot deny a previous commitment or action. It
proposed a password-based authentication Key exchange indicates that some data sources cannot deny that this is the
scheme without a centralized trust setup by focusing on a case to a third party. It is a most desirable property in
multi-string model that allows several authorities to transactions where there is the potential for a dispute to
provide some reference strings independently [8]. Zhang et arise over the exchange of information [8], [11].
al. (2014) proposed an all-but-one dual project hashing and All the works contribute to applied cryptography and
its applications by providing a simple construction of all network security. However, none of the works considered
but one lossy trapdoor function and constructing a chosen- applied cryptography and encryption algorithm from
text-attack secure determination encryption scheme in a interception, interruption, modification, and fabrications
standard model [9]. Finally, Keifer and Manulis (2014) from an information and network security perspective.
explored using a two-server password authentication key
exchange application by proposing an extended distributed III. APPROACH
smooth projective hash function. The authors used the The proposed approach considers the RSA cryptosystem
Cramer-Shoup cyphertexts method to compute distributed model within the network security systems domain. We use
hash values across several parties to authenticate key the algorithm to determine how attacks are deployed on the
exchange protocols [10]. Bakhatiari and Maarof (2012) encryption algorithms to cause interception, interruption,
posits that RSA cryptosystems have serious weakness in its modification, and fabrication attacks to data using RSA
implementation. The authors demonstrated a method to encryption and decryption methods [4] [5]. The strength of
the encryption used is dependent on the cryptographic The attacker diverts the communications flows to
algorithm and the number of decryption keys. We explain another source to prevent the authorised user from
the cryptography algorithms briefly as follows. accessing the information. Thus, causing information and
assets to become unusable or unavailable to use, either
A. Cryptographic Algorithms temporarily or permanently. This attack affects availability
Cryptographic algorithms could be considered from and data integrity. For instance, a DDoS attack on a mail
different classifications methods and categorized based on server could be classified as an availability attack. In
the key lengths used for the encryption and decryptions. addition, the attacker could manipulate the database
We categorize Cryptographic algorithms into three processes which a database runs to prevent access to data.
methods: symmetric, asymmetric, and hashing functions That could lead to an integrity attack and possible loss or
[1], [12]. We discuss the concepts briefly as follows using corruption of data or both.
Figure 2.
c. Modification Attack:
A. Symmetric Encryption Involves tampering, altering, and modifying data after
Symmetric encryption is a private key cryptosystem in the attacker has interrupted the information flows, business
which encryption and decryption are done in a processes, or delivery channels. These attacks lead to
conventional manner using the same key. The encryption integrity violations as it causes the data to be unavailable
transforms plaintext into ciphertext using a secret key and to legitimate users. For instance, accessing a file in an
an encryption algorithm. Then using the same key and a unauthorized manner and altering the data affects the
decryption algorithm, the plaintext is recovered from the integrity of the data contained in the file. A configuration
ciphertext. Symmetric encryption is susceptible to brute file acting as a Web server that manages how a service
force attacks as it uses transposition techniques [12]. performs might be affected by the availability and integrity
of that service by changing the file's contents. Altering the
B. Asymmetric Encryption Web server file configuration further affects how the server
Asymmetric encryption uses a public key cryptosystem deals with encrypted connections, leading to
to encrypt a message with one key and decrypt with another confidentiality and privacy attacks. A modification attack
key using pairs of keys for the public and private. The key on a database server is considered an interruption attack.
generation system relies on cryptographic algorithms and
uses a one-way function based on the mathematical method d. Fabrication Attack
[12]. For instance, in a cryptosystem, the RSA algorithm is Involves generating false data, processes, communications,
computationally infeasible to determine the decryption key or other similar activities within a system to fabricate the
when given only the knowledge of the cryptographic legitimate user after modifying the contents. The primary
algorithm and then the encryption key [12]. objective of fabrication attacks is to generate false
information in a database that primarily affects the
C. Hashing Functions integrity and availability attack. For instance, the attacker
Hashing functions are used as a cryptographic algorithm could modify and falsify an e-mail after interrupting and
to map random size data to a fixed-size value hash [12]. forward it to the recipient in a spoofing attack, propagating
The hash values are used to determine the integrity of data malware attacks. Further, the attacker could cause DDoS
storage and information retrievals. In addition, the hash attacks and an availability attack by generating enough
functions are used for checksums and error correction additional processes, network traffic, e-mail, web traffic to
codes for data optimization. consume resources and render the service that handles such
traffic unavailable to system users.
D. Interception, Interruption, Modification, and
Fabrication Attacks Original Message

The goal of applied cryptography in information and Send

network systems security is to ensure security mechanisms Receiver

Step 1 Interception
are implemented to prevent interception, interruption,
modification, and fabrication of data with the objectives of Sender Plaintext Receiver
Step 2 Interruption
enforcing confidentiality, integrity, authenticity, and non- Sender Plaintext Receiver

repudiation [8], [11]. In a network system, the attacker Attacker

penetrates a network system using interception, Step 3 Modification Attacker

interruption, modification, and fabrication attacks to Sender Receiver

Step 4 Replay
exploit victims [13]. We discuss the methods briefly as Sender Plaintext Receiver

follows. Attacker

Attacker

a. Interception Attack Step 5 Fabrication

Receiver
Sender
Allow unauthorized users to access data, applications, or
environments, and are primarily an attack against Attacker
confidentiality. Interception might take the form of
unauthorized file viewing or copying, eavesdropping on
Fig. 2. Interception Interruption Modification Fabrication Attacks Method
phone conversations, or reading e-mail, and can be
deployed against data at rest or in motion. Properly
IV. IMPLEMENTATION
executed, interception attacks can be challenging to detect.
V. This section considers the RSA cryptographic
implementation method discussed in section 3 and how
b. Interruption Attack
 the attacker deploys interception, interruption, and Encryption:
modification. Fabrication attacks methods on the network C = Me mod n
system [3], [7], [11], [13] using a modular arithmetic Decryption:
method. M = Cd mod n

A. The RSA Cryptosystems Deployment Steps A source A produces a message X intended for B in as,
1. Plaintext: The original message or data that will be X = {X1, X2 , …., Xn] (2)
inputted into the algorithm.
2. Encryption algorithm: The algorithm performs various The M elements of X are letters in some finite alphabet.
transpositions and transforms the plaintext ciphertext. Thus, B generates a related pair of public key PUb and
3. Public and private keys: Pairs of keys selected for private key PRP.
encryption or decryption depending on input and
transformation algorithm. Source A form a ciphertext with a message X and the
4. Ciphertext: The plaintext that is scrambled and encryption key PUb using the algorithm
generated as output depending on the plaintext and the
key. Y = [Y1, Y2, …., Yn] (3)
5. Decryption algorithm: The algorithm decrypts the Y = E(PUb,X)
ciphertext and produces a matching key for the
original plaintext message generated as output for the The recipient in possession of the private key can invert the
recipient transposition using the algorithm:
X = E(PRb,Y) (4)

RSA Encryption Private Key

Algorithm
C. Encryption
Input
Sender A wants to send a message to B with msg M = 10.
RSA RSA Output
Plaintext Encryption
Ciphertext
Decryption Plaintext A key value k is chosen randomly. For instance, k = 3
e
C = M mod n Data Encryption Key Data Encryption KeyM = C
d
mod n Sender A calculated C1 :
RSA Decryption
Public Key Algorithm C1 ≡ gk mod p (5)
≡ 113 mod 23
Public Keys
≡ 20 mod 23

Fig. 3. RSA Public Key Cryptosystem To complete the encryption, the sender must calculate C2:
C2 ≡ M x yk mod p (6)
Attack Steps: ≡ 10 x 93 mod 23
1. Pairs of Keys are generated for each user's message ≡ 22 mod 23
encryption and decryption
2. A public key will be placed in a public register for D. Decryption
accessibility, and the private key is kept by each user Receiver B receives the ciphertext (20; 23) (7)
and maintains a set of public keys acquired from The receiver starts by finding D ≡ C1x mod p
others. D ≡ 206 mod 23
3. If a sender wants to send a private message to a ≡ 16 mod 23
receiver, the sender encrypts the receiver's message
using the public key. Further, the receiver calculates D-1 mod p:
4. When the receiver gets the message, it decrypts it D-1 ≡ 16-1 mod 23 (8)
using the private key, known only by the receiver. ≡ 13 mod 23

B. The RSA Algorithm Finally, the receiver recovers message M:

The RSA algorithm method used for encryption and M ≡ C2 x D-1 mod p (9)
decryption comprises of Public and Private (p, q) keys: ≡ 22 x 13 mod 23
The setup randomly chooses large primes p; q as n = p,q, ≡ 10 mod 23
where n is the number of primes. The greatest common
divisor (gcd) is used to determine the encrypted message. E. RSA Encryption and Decryption Using OpenSSL Tool
We used the modular arithmetic formula to encrypt and The purpose of the RSA implementation is to encrypt and
decrypt the message in transition as follows: decrypt using Public and private keys in using SSL
• Message = M command in Mac operating system terminal in a network
• Key = k environment. The tool used for our RSA implementation is
• Encryption = e the Open SSL for encryption and decryption. We explain
• Ciphertext = C the implementation process and steps as follows:
• Decryption = D Step1: Create RSA Private Key default 2048 bit using
• Public Key = p OpenSSL:
Private key = q
Modular = mod

We choose a number e such that gcd (e; (p - 1)(q - 1)) = 1 Figure 4. Generating SSL using Privat Key
find d ≡ e-1 mod (p - 1)(q - 1) (1)
Public key = (n; e), private key = (p; q; d)
Step 2: Figure 4 explains how we create a file for the key
with a size of 4096 bit for the length of the size using
OpenSSL to make the private key (Pr) more secure by
typing the command: “genrsa -our private.pem 4096”

Fig 5. Create a File for Key Size Length

Step 3: Figure We create a public key using RSA

algorithm with the key based on the private key created in
step 2 (Pu) we have created:

Fig 6. Public Key Output

Step 4: To view the encrypted file content of our public Fig 8. Output of Cyphertext
key that we use, and to view the text in private.pem we use
Step 7: To Decrypt the file “demo_encrypt.txt” that
the command: OpenSSL rsa -text -in private.pem
contains the message “hello” from a decrypted version into
Figure 7displays the private key and public key
a plaintext, We used the same private key we created in
contents and the key component in plain text. The addition step 2 into a new file name called demo_decrypt.txt: e used
encoded version is used to encode with the key data but we
this command:
can find both of them here
Openssl rsautl -decrypt -in demo_encrypt.txt -inkey
private.pem -out demo_decrypt.txt

Step 8: Finally, we have decrypted our file to the original

message as in Figure 9. To view the file the content, we use
the following command:
Cat demo_decrypt.txt

Fig 9. Decrypted Text

F. Results
The results show that by using the OpenSSL tool, we
generated a private RSA key with a custom length of 4096,
Fig 7. Public Key
then we made a public key using the same RSA key, the
public key contains the key length plus the encoded details.
Step 5: In Figure 7, we created a file and encrypted it
Further, we created one file containing our sender message
using the public key in step 4 to decrypt the file later. We
we have encrypted the file using the public key and finally
typed the command: Vim hello.txt
we decrypted the file with its private key. Considering we
The command allows us to create a new file to use for
are encrypting using asymmetric, we must have the private
encryption and decryption.
key to be able to decrypt the encrypted message.
We type “Hello” in the file content as our message for
Several cryptosystems and other encryption algorithms
us to be able to encrypt.
have been used to secure messages such as RSA, EI Gamal,
Now to encrypt the “hello.txt” file using the public key
Diffie Hermann, DES, SDES. However, RSA is suitable
and put the output into a new file called demo_encrypt.txt:
for businesses and online payment transactions in a
by using the command:
symmetric key encryption. In addition, RSA is faster to
Openssl rsautl -encrypt -in hello.txt -pubin -inkey
encrypt, uses fewer resources, uses block cyphers, uses
public.pem -out demo_encrypt.txt
asymmetric keys and is more secure.
Step 6: Now to view the content of the hello.text file
VI. DISCUSSIONS
into the demo_encrypt.txt file, we used the command: xxd
A. Adversarial Attack on Data Confidentiality
demo_encrypt.txt.
The adversary's goal is to cause an attack on data
The figure provides us with a large key since we used
confidentiality by intercepting and interrupting network
a key size of 4096 bits for the length of the encryption and
and information flows to deny information preservation
decryption, as discussed in step 2.
and authorized restrictions to access and disclosure. For
example, the adversary can intercept message A by
targeting and observing Y and having access to PUb but Further, we have discussed how the RSA public-key
having access to PRb or X attempts to recover X and PRb cryptosystem can be compromised and how adversaries
using the algorithm. In an instant where the adversary's could attack the network systems and data encryption
only motive is to intercept the message, then the focus is to algorithms during transmission to corrupt the information's
recover message X by generating a plaintext estimate at confidentiality, integrity, and authenticity. Finally, the
n=X. The adversary knows the algorithm encryption key paper has shown how to identify vulnerabilities and apply
(E) and decryption (D). cryptography methods to prevent cyberattacks on network
In an instant where the adversary wants to Interrupt the communication systems.
message and modify it, the adversary recovers the PRb by Future works will consider information and network
generating the algorithms that attempt to modify the security using Homomorphic encryptions in a Cyber-
message. These attacks impact data protection and physical systems environment.
preservation of personal privacy and proprietary data on
network systems information-sharing platforms. REFERENCES
[1] W. Stallings, Cryptography and Network Security: Principles and
Practices. 2014.
B. Adversarial Attack on Data Authentication
[2] M. Leno, Cryptography Applications: What Is The Basic Principle
The adversary's goal is to cause an attack on data Of Cryptography?: Cryptography Number Theory. 2020.
authentication and deny trust in information integrity [3] Z. Huang, L. Hu, J. Xu, L. Peng, and Y. Xie, "Partial Key Exposure
where permissions are issues by a system or a person. An Attacks on Takagi's Variant of RSA," in Applied Cryptography and
Network Security, vol. 8479, I. Boureanu, P. Owesarski, and S.
adversary attacks a transmission source A where a private
Vaudenay, Eds. Cham: Springer International Publishing, 2014, pp.
key is used to prepare a message and send to source B to 134–150. doi: 10.1007/978-3-319-07536-5_9.
decrypt using the public key from A. For instance, a [4] B. Jana and J. Poray, "A performance analysis on elliptic curve
message that serves as a digital signature could be altered cryptography in network security," in 2016 International Conference
on Computer, Electrical & Communication Engineering (ICCECE),
when the attacker gets access to the private key owned by
Kolkata, India, Dec. 2016, pp. 1–7. doi:
A during transmission. Thus, compromising the 10.1109/ICCECE.2016.8009587.
authenticity and integrity of the source and contents of the [5] T. R. Devi, "Importance of Cryptography in Network Security," in
message from B, as data could be modified after being 2013 International Conference on Communication Systems and
Network Technologies, Gwalior, Apr. 2013, pp. 462–467. doi:
intercepted and fabricated.
10.1109/CSNT.2013.102.
[6] Q. Huang, D. S. Wong, and Y. Zhao, "Generic Transformation to
C. Security Factors to Consider when choosing Strongly Unforgeable Signatures," in Applied Cryptography and
Cryptographic Mechanisms Network Security, vol. 4521, J. Katz and M. Yung, Eds. Berlin,
Heidelberg: Springer Berlin Heidelberg, 2007, pp. 1–17. doi:
Due to varying organizational security requirements,
10.1007/978-3-540-72738-5_1.
different factors are considered when choosing [7] Y. Lu, R. Zhang, and D. Lin, "New Partial Key Exposure Attacks on
cryptographic mechanisms. For instance, an organization CRT-RSA with Large Public Exponents," in Applied Cryptography
security mechanism may consider the appropriateness of and Network Security, vol. 8479, I. Boureanu, P. Owesarski, and S.
Vaudenay, Eds. Cham: Springer International Publishing, 2014, pp.
the cryptosystem, security strength, and cost of
151–162. doi: 10.1007/978-3-319-07536-5_10.
implementation. Appropriateness to Organizational Goal: [8] K. Yoneyama, "Password-Based Authenticated Key Exchange
consider factors that determine cryptographic tools without Centralized Trusted Setup," in Applied Cryptography and
required for the organization goal. The appropriateness of Network Security, vol. 8479, I. Boureanu, P. Owesarski, and S.
Vaudenay, Eds. Cham: Springer International Publishing, 2014, pp.
the tools determines the importance and specific properties
19–36. doi: 10.1007/978-3-319-07536-5_2.
that a cryptographic mechanism will provide to ensure [9] Z. Zhang, Y. Chen, S. S. M. Chow, G. Hanaoka, Z. Cao, and Y. Zhao,
security and information assurance. "All-but-One Dual Projective Hashing and Its Applications," in
Security Strength: considers the type of security Applied Cryptography and Network Security, vol. 8479, I. Boureanu,
P. Owesarski, and S. Vaudenay, Eds. Cham: Springer International
requirements and cryptographic mechanism for a particular
Publishing, 2014, pp. 181–198. doi: 10.1007/978-3-319-07536-5_12.
network system. Different data security mechanisms are [10] F. Kiefer and M. Manulis, "Blind Password Registration for Two-
required for different levels of information protection. Server Password Authenticated Key Exchange and Secret Sharing
Cost Benefit and Return on Investment considers the Protocols," in Information Security, vol. 9866, M. Bishop and A. C.
A. Nascimento, Eds. Cham: Springer International Publishing, 2016,
security gains and financial worth
pp. 95–114. doi: 10.1007/978-3-319-45871-7_7.
Does that justify the costs of securing the systems and [11] W. Stallings, Cryptography and Network Security: Principles and
the information that traverses the network? An Practice. 2020.
organization may measure the cost of security in terms of [12] M. Jhuria, S. Singh, and R. Nigoti, "A Survey of Cryptographic
Algorithms for Cloud Computing," Int. J. Emerg. Technol. Comput.
ease of use of encryption algorithm and its efficiency for
Appl. Sci., May 2013.
the business operation. Security operations and [13] Engineering Libretext, "1.4 Attacks - Types of Attacks," Engineering
applications considerations use cost as a determinant of LibreTexts, Jan. 11, 2021.
their adopted security mechanisms instead of the strength https://eng.libretexts.org/Courses/Delta_College/Information_Securi
ty/01%3A_Information_Security_Defined/1.4_Attacks_-
of the cryptosystem of the security that the encryption
_Types_of_Attacks (accessed Sep. 12, 2021).
mechanism provides. [14] M. Bakhtiari and M. A. Mararof, “Serious Security Weakness in RSA
Cryptosystem” IJCSI International Journal of Computer Science
VII. CONCLUSION Issues, Semantic Scholar, 2012. Vol. 9, Issue 1, No 3,
Applying cryptography methods, encryption
techniques, and algorithms to provide secure and
trustworthy network communications and information
security has been challenging. The paper has discussed the
various attack methods such as interception, interruption
modification, and fabrication that adversaries deploy to
compromise network systems and information flows.