Understanding Subnetting

What is Subnetting?
Subnetting is a technique used in networking to divide a larger IP network into smaller,
more manageable sub-networks, called subnets. This process helps optimize the use of IP
addresses, improving efficiency and preventing address wastage. It also enhances network
security by isolating different segments, reducing the impact of potential security breaches, and
boosting network performance by controlling traffic within subnets. Additionally, subnetting
simplifies network management, making it easier to scale and organize a network. By using a
subnet mask, subnetting determines how an IP address is split between the network and host
portions, enabling more effective control and allocation of resources.
What is an IP Address?
An IP address (Internet Protocol address) is a unique numerical identifier
assigned to each device connected to a network, such as a computer, printer, or smartphone. It
serves two primary purposes: identifying the device and enabling it to communicate with other
devices over the internet or local network. In networking, IP addresses are essential because
they allow devices to send and receive data to specific destinations. They act as an address for
devices to locate each other within a network, ensuring that information is routed accurately and
efficiently. Without IP addresses, devices wouldn’t be able to communicate or share resources,
making them fundamental to the functioning of both local networks and the internet.
What is an IP Address?
Here are some examples of IP addresses:
1. IPv4 Address Examples:
• 192.168.1.1 – A common private IP address used by home routers to identify the local
network's gateway.
• 10.0.0.5 – Another private IP address used within large organizations or private
networks.
• 172.16.0.10 – A private IP address from the 172.16.0.0 - 172.31.255.255 range, used in
medium to large-sized private networks.
• 8.8.8.8 – A public IP address used by Google’s DNS service.
2. IPv6 Address Example:
• 2001:0db8:85a3:0000:0000:8a2e:0370:7334 – An example of an IPv6 address, which
is the next generation of IP addresses, offering a larger address space compared to
IPv4.
What is a Subnet Mask?
A subnet mask is a 32-bit value used in networking to divide an IP address into
network and host portions, determining which part identifies the network and which part
identifies individual devices. For example, in the subnet mask 255.255.255.0, the first three
octets (255.255.255) define the network, while the last octet (0) represents the host. Subnet
masks are essential for efficient IP address allocation, reducing network congestion, and
improving security by segmenting networks. They also play a crucial role in routing by helping
devices determine whether a destination is within the same network or requires forwarding
through a router. Using Classless Inter-Domain Routing (CIDR) notation, subnet masks can
be represented more concisely (e.g., /24 instead of 255.255.255.0). Additionally, they help
define the network address (first IP in a subnet) and broadcast address (last IP used for
communication with all devices in the subnet). Subnet masks also support subnetting (dividing
networks into smaller subnets) and supernetting (combining networks) for optimized IP
management.

7 Attributes of Subnetting
1. Network ID
A Network ID is the first address in a subnet, which represents the entire
network rather than an individual device. It is determined by the combination of the IP address
and the subnet mask. The Network ID is used by routers and other networking devices to
identify and route traffic to specific subnets. Since it refers to the network as a whole, it cannot
be assigned to any device within that network. It is reserved for network identification purposes
and is typically the lowest address in a subnet range.
2. Broadcast IP
A Broadcast ID is the last address in a subnet, used to send messages to all
devices within that subnet at once. It is determined by the IP address and subnet mask, and it
allows for communication to every host within the network without specifying individual devices.
This address is reserved for broadcasting and cannot be assigned to any device as it has a
special function in networking. When a device sends a message to the Broadcast ID, all devices
in the subnet receive it, making it an essential part of network communication for tasks like
service discovery or network-wide notifications.
3. First Host IP
The First Host IP is the first usable IP address in a subnet, immediately following
the Network ID. It marks the beginning of the range of addresses that can be assigned to
devices (hosts) within the subnet. While the Network ID is reserved for identifying the network
itself and cannot be assigned to a device, the First Host IP is available for assignment to the first
device in the subnet. It is the first address that can be used for host communication, and it plays
an important role in addressing devices within a network.
4. Last Host IP
The Last Host IP is the final usable IP address in a subnet, located just before
the Broadcast ID. It is the highest address that can be assigned to a device within the subnet.
Like the First Host IP, it is part of the usable address range and is commonly assigned to hosts
such as computers, routers, or servers. The Broadcast ID that follows it is reserved for network-
wide communication and cannot be assigned to a device.
5. Next Network
 The Next Network is the starting address of the subnet that comes immediately after the
current subnet. It is calculated by adding the block size (determined by the subnet mask) to the
current Network ID. This address becomes the Network ID of the next subnet and defines the
beginning of a new range of IP addresses. It is not part of the current subnet and cannot be
assigned to any device within it. Knowing the Next Network is useful when planning or
organizing multiple subnets, especially in larger networks that require efficient IP address
allocation.
6. Number of IP Addresses
The Number of IP Addresses in a subnet represents the total count of IP addresses
available within that subnet range. This includes every address from the Network ID to the
Broadcast ID. Although the Network ID and Broadcast ID are reserved and cannot be assigned
to individual devices, they are still counted in the total. The remaining addresses in the range
are usable for assigning to hosts such as computers, routers, printers, and other networked
devices. Understanding the total number of IP addresses in a subnet is essential for proper
network planning and ensuring that there are enough addresses to support all the devices within
that subnet.
7. CIDR/Subnet
The CIDR/Subnet refers to the way a network's size is defined using either CIDR
notation (Classless Inter-Domain Routing) or a subnet mask. CIDR notation uses a slash
followed by a number (e.g., /24) to indicate how many bits are used for the network portion of
the IP address. The subnet mask is the traditional dotted-decimal format (e.g., 255.255.255.0)
that shows which part of the IP address is reserved for the network and which part is for host
devices. Both formats describe how an IP address is divided and help determine the size and
structure of the subnet.

Subnetting is a network management technique that divides a large network into

smaller, more efficient subnets. It optimizes IP address utilization, especially in IPv4 where
address space is limited, and improves network performance by reducing broadcast traffic.
Subnetting also enhances security by isolating sensitive data and systems, minimizing the risk
of unauthorized access. It simplifies network management, making it easier to monitor,
troubleshoot, and scale networks. In real-world applications, subnetting is used in corporate
networks to segment departments or locations. In ISPs and data centers, it is used to allocate IP
addresses to customers. In educational institutions, it is used to organize campus networks. In
home networks, it is used to segregate smart devices for better security and efficiency. These
are just a few examples of subnetting's wide range of applications. Overall, subnetting is crucial
for creating efficient, secure, and scalable networks, benefiting businesses, service providers,
and personal networks alike..

NETWORK SECURITY
What is Network Security?
Network Security is a set of rules and configurations designed to protect the integrity,
confidentiality, and accessibility of computer networks and data. It includes both hardware and
software technologies.

Importance of Network Security

• Prevents unauthorized access to data
• Protects against cyber threats (e.g., viruses, ransomware, phishing)
• Maintains trust between users and systems
• Keeps business operations running smoothly
• Ensures compliance with laws (e.g., Data Privacy Act, GDPR)
Quality of Service (QoS) in Network Security
QoS ensures that critical applications get the bandwidth and priority they need.
Key QoS Techniques:
• Traffic Prioritization: Real-time traffic (like voice or video) gets higher priority.
• Bandwidth Allocation: Assigning specific bandwidth to certain applications.
• Latency Control: Reducing delay to avoid interruptions.
• Packet Shaping: Managing flow and congestion in the network.
Structure of a Network Security
Core Devices:
• Routers , Switches, Access Points
• Servers (Web, Mall Application, Database)
Security Layers:
• Firewalls
Types:
⚬ Packet-Filtering Firewall - Filters traffic by IP, port, and protocol. Basic and
fast but limited.
⚬ Stateful Inspection Firewall - Tracks active connections for smarter
filtering.
⚬ Proxy Firewall - Acts as middleman, filtering traffic at the application level.
⚬ Next-Generation Firewall (NGFW) - Combines traditional features with
deep inspection, intrusion prevention, etc.
⚬ NAT Firewall - Hides internal IPs, blocks unsolicited traffic.
 ⚬ Cloud Firewall (FWaaS) - Cloud-based, scalable, and managed remotely.
⚬ Web Application Firewall (WAF) - Protects web apps from attacks like
XSS and SQL injection.
Structure of a Network Security
• Intrusion Detection & Prevention Systems (IDPS)
• Virtual Private Networks (VPNs)
• Security Information & Event Management (SEIM)
User Access Control:
• Authentication Servers
• Multi-factor Authentication (MFA)
• Role-Based Access

CIA Trial: The Pillars of Network System

The CIA trial is a fundamental model in information security, representing three core principles:
Confidentiality, Integrity, and Availability. These principles guide organizations in protecting their
data and systems. The CIA trial is not related to the Central Intelligence Agency (CIA), but is an
acronym for the three key concepts.
CONFIDENTIALITY
Ensures that information is accessible only to authorized individuals. This means protecting
sensitive data from unauthorized disclosure, whether intentional or accidental.
INTEGRITY
Guarantees that data is accurate, reliable, and trustworthy. It involves preventing unauthorized
modification or destruction of data.
AVAILABILITY
Ensures that data and systems are accessible to authorized users when needed. This means
preventing outages or disruptions that would prevent authorized users from accessing
information.

SECURITY PROTOCOLS YOU SHOULD KNOW

SFTP: A secure version of FTP that uses SSH to encrypt file transfers.
802. 1X: An IEEE standard for port-based Network Access Control, often used to authenticate
devices in a LAN or Wi-Fi network.
RADIUS: Remote Authentication Dial-In User Service - provides centralized Authentication,
Authorization, and Accounting (AAA) for users accessing a network.
TACACS+: Terminal Access Controller Access-Control System Plus - Cisco protocol similar to
RADIUS but separates the AAA functions, offering more control and encryption.

Common Network Security Threats

Malware: Viruses, worms, trojans
Phishing: Deceptive emails to steal data
Denial of Service (DoS/DDoS): Overloading systems to cause shutdown
Ransomware: Locks data until a ransom is paid
Social Engineering: Manipulating people access systems

END GAME Plan - How to Keep Data Secured

E - Encrypt: Protect data at rest and in transit
N - Network Segmentation: Isolate sensitive systems
D - Deploy Security Systems: Firewalls, IDPS, Antivirus
G - Give Training: Educate users against cyber risks
A - Access Control: Use strong authentication
M - Monitor: Use logs, alerts, and threat detection
E - Evaluate: Regular security audits and updates

Dos and DON’Ts in Network Security

Dos:
· Use strong, complex passwords
· Back up data regularly
· Update software and firmware
· Use multi-factor authentication
· Monitor user activity
· Practice least privilege access
· Conduct penetration tests

DON’Ts:
· Reuse passwords across platforms
· Connect to unsecured networks without VPN
· Open suspicious attachments
· Ignore system updates
· Share personal info carelessly
· Leave systems unattended and unlocked

Recent real-world cyber attacks from late 2023 to early 2025:

UnitedHealth Group (Change Healthcare) – February 2024
· Type: Ransomware (ALPHV/BlackCat group)
· Impact: One of the largest healthcare cyberattacks in U.S. history. Disrupted claims processing
and pharmacy services across the U.S.
· Data Breach: Potential exposure of sensitive patient data.
Microsoft (Midnight Blizzard) – January 2024
· Type: Nation-state espionage (Russian APT29)
· Impact: Hackers accessed internal emails of senior leadership and cybersecurity staff using a
stolen password and a lack of MFA.
· Purpose: Intelligence gathering.
Colonial Pipeline – Ongoing Impacts into 2024
· Although the initial attack was in 2021, repercussions and investigations continued into 2024,
including updates on U.S. critical infrastructure resilience.
MGM Resorts – September 2023
· Type: Ransomware (Scattered Spider/ALPHV)
· Impact: Hotel and casino operations disrupted for over a week. Lockouts on digital room keys,
slot machines, and systems.
· Estimated Loss: Over $100 million.
Capita (UK) – March 2023 (Effects into 2024)
· Type: Ransomware (Black Basta group)
· Impact: Compromised systems handling pensions and government contracts. Personal data of
customers leaked.
· Fallout: Regulatory investigation and loss of client trust.
UNDERSTANDING
COMPUTER NETWORK AND QOS (QUALITY OF SERVICE)
WHAT IS CLOUD NETWORK?
Cloud networking offers connectivity to and between applications and workloads across
clouds, cloud services, on-premises data centers, and edge networks. It's vital to performance,
security, and efficient management of hybrid cloud and multi-cloud environments.
HOW CLOUD NETWORKING WORKS?
Cloud networking utilizes a network of interconnected resources and services hosted in
the cloud, enabling organizations to create and manage their networks remotely. This allows for
the creation of complex networks using an internet connection, shifting network management
from on-premises to the cloud.
CLOUD NETWORKING TYPES:
PUBLIC CLOUD NETWORKING
Public cloud networking is the use of network services and resources provided by a third-party
cloud provider over the Internet.
These services and resources can include software applications, virtual machines, storage,
databases, and network management tools.
Public cloud providers such as AWS, Google Cloud Platform, or Microsoft Azure own and
operate the underlying infrastructure and offer different service models such as SaaS, PaaS,
and IaaS. This cloud computing can offer various benefits such as cost savings, scalability,
availability, and innovation to organizations of all sizes and sectors.
PRIVATE CLOUD NETWORKING
Private cloud-based networking is the use of network services and resources that are dedicated
to a single organization and accessible only by its authorized users. These services and
resources can be hosted on-premises in the organization’s own data center or off-premises by a
third-party provider.
Private cloud-powered networking can also be based on virtualization technologies that abstract
the physical hardware and create logical pools of network resources that can be allocated to
different users and applications.
HYBRID CLOUD NETWORKING
A hybrid cloud network is the integration of public and private cloud networks to create a unified
network environment that supports the movement of data and applications across different
platforms.
It can also involve the use of on-premises or edge networks that connect to the cloud networks.
This cloud computing enables organizations to leverage the best features of both public and
private clouds while addressing their limitations.
MULTI CLOUD NETWORKING
Multicloud networking is the use of network services and resources from more than one public
cloud provider.
This is a subset of hybrid cloud computing that focuses on the connectivity between different
public clouds. It allows organizations to diversify their network portfolio and take advantage of
the best offerings from each provider.
Key components of cloud networking include Virtual Private Clouds (VPCs), subnets, load
balancers, firewalls, Virtual Private Networks (VPNs), and Content Delivery Networks (CDNs).
These components work together to enable secure, fast, and reliable data flow between cloud
resources and external systems.
VIRTUAL PRIVATE CLOUDS (VPCS):
VPCs are isolated sections of a cloud environment that allows users to create their own network
within the cloud, providing a degree of isolation and control.
SUBNETS:
Subnets divide a VPC into smaller, isolated networks, enabling further segmentation and
resource allocation.
LOAD BALANCERS:
Load balancers distribute incoming traffic across multiple servers or instances, ensuring high
availability and performance.
FIREWALLS:
Firewalls act as a security barrier, filtering network traffic and protecting cloud resources from
unauthorized access.
VIRTUAL PRIVATE NETWORKS (VPNS):
VPNs create secure, encrypted connections between users or devices and the cloud network,
enabling secure remote access.
CONTENT DELIVERY NETWORKS (CDNS):
CDNs distribute content across a network of servers, minimizing latency and improving user
experience.

QUALITY OF SERVICE
Quality of service (QoS) is a set of technologies that work on a network to guarantee its ability to
dependably run high-priority applications and traffic under limited network capacity.
QoS is typically applied to networks that carry traffic for resource-intensive systems. Common
services for which it is required include internet protocol television (IPTV), online gaming,
streaming media, videoconferencing, video on demand (VOD), and Voice over IP (VoIP).
ADVANTAGES OF QOS
 UNLIMITED APPLICATION PRIORITIZATION: QoS guarantees that businesses’
most mission-critical applications will always have priority and the necessary
resources to achieve high performance.
 BETTER RESOURCE MANAGEMENT: QoS enables administrators to better
manage the organization’s internet resources.
 ENHANCED USER EXPERIENCE: The end goal of QoS is to guarantee the high
performance of critical applications, which boils down to delivering optimal user
experience.
 POINT-TO-POINT TRAFFIC MANAGEMENT: Managing a network is vital however
traffic is delivered, be it end to end, node to node, or point to point.
 PACKET LOSS PREVENTION: Packet loss can occur when packets of data are
dropped in transit between networks.
 LATENCY REDUCTION: Latency is the time it takes for a network request to go
from the sender to the receiver and for the receiver to process it.
HOW DOES QOS WORKS?
Quality of Service (QoS) is a set of techniques used in networking to manage and
prioritize network traffic, ensuring that critical or time-sensitive data is transmitted efficiently. It
helps maintain the performance of applications like VoIP (Voice over IP), video conferencing,
and online gaming by controlling bandwidth, latency, jitter, and packet loss.
WHY QOS MATTERS IN CLOUD NETWORKS
Quality of Service (QoS) is crucial in cloud networking because it ensures that critical
applications and services receive adequate bandwidth and performance, preventing
performance degradation and improving the overall user experience. By prioritizing certain
traffic flows, QoS mechanisms allow cloud providers and users to allocate resources efficiently,
guaranteeing reliable service delivery
HOW QOS CONNECTS TO CLOUD NETWORKING
PRIORITIZATION AND BANDWIDTH ALLOCATION:
QoS allows for the differentiation of network traffic, enabling prioritization of critical applications
and services.
TRAFFIC SHAPING:
QoS mechanisms can shape and control traffic flows, preventing congestion and ensuring a
smooth and reliable user experience.
POLICY ENFORCEMENT:
Cloud network firewalls can enforce QoS policies that prioritize traffic based on the cloud
environment's needs, such as prioritizing VoIP over web browsing.
IMPROVED PERFORMANCE AND RELIABILITY:
By managing traffic effectively, QoS enhances overall network performance and reliability,
especially for cloud-based applications that rely on a stable and efficient network connection.
RESOURCE OPTIMIZATION:
QoS allows for efficient resource allocation, ensuring that critical applications receive the
bandwidth they need, while less critical applications can be managed without impacting
performance.
ENSURING SERVICE LEVEL AGREEMENTS (SLAS):
QoS helps cloud providers meet their SLAs by guaranteeing a certain level of performance and
availability for their services
OPTIMIZED CLOUD NETWORK FIREWALL FUNCTIONALITY:
QoS and traffic prioritization in cloud network firewalls contribute to better network efficiency and
security by managing and controlling cloud-based network traffic.
ADAPTABILITY TO CLOUD ENVIRONMENTS:
QoS is adaptable to the dynamic nature of cloud environments, allowing for changes in traffic
patterns and resource needs without causing significant disruption to service delivery,

GOALS OF NETWORK SECURITY

The primary goal of network security are Confidentiality, Integrity, and Availability. These three
pillars of Network Security are often represented as CIA triangle.
• Confidentiality. The function of confidentiality is to protect precious business data from
unauthorized persons. Confidentiality part of network security makes sure that the data is
available only to the intended and authorized persons.
• Integrity. This goal means maintaining and assuring the accuracy and consistency of
data. The function of integrity is to make sure that the data is reliable and is not changed by
unauthorized persons.
• Availability. The function of availability in Network Security is to make sure that the
data, network resources/services are continuously available to the legitimate users, whenever
they require it.
When designing a secure network, the following factors must be considered:
•Access– Authorized users are given the ability to communicate to and from a specific network.
•Confidentiality– Data in the network is kept private.
•Authentication – Ensure that network users are who they claim to be.
•Integrity – Ensure that the message has not been altered in transit.
•Nonrepudiation – Ensure that the user does not deny using the network.
An effective network security plan is developed with an understanding of security issues,
potential attackers, required level of security, and factors that make a network vulnerable to
attack.

A. THREAT LANDSCAPE OVERVIEW

The threat landscape is the entirety of potential and identified cyberthreats affecting a
particular sector, group of users, time period, and so forth.
1. Cybersecurity Threats:
 Malware: Malicious software designed to disrupt, damage, or gain unauthorized
access to computer systems. This includes viruses, worms, Trojans,
ransomware, and spyware.
 Phishing: Attempts to obtain sensitive information such as usernames,
passwords, and credit card details by disguising as a trustworthy entity in
electronic communication.
 Data breaches: Unauthorized access or disclosure of sensitive information,
often resulting in financial loss, identity theft, or reputational damage.
 Distributed Denial of Service (DDoS): Deliberate overload of a system or
network to disrupt services and make them unavailable to users.
 Insider threats: Malicious activities carried out by individuals within an
organization, such as employees or contractors, with access to sensitive data or
systems.
2. Emerging Technologies and Threats:
 Internet of Things (IoT) vulnerabilities: Security weaknesses in IoT devices
and networks that can be exploited for malicious purposes, including
surveillance, data theft, and disruption of critical services.
 Artificial Intelligence (AI) misuse: Misuse of AI algorithms for malicious
activities such as deep fakes, automated phishing attacks, and targeted
propaganda.
 5G security challenges: New security risks introduced by the adoption of 5G
networks, including potential vulnerabilities in network infrastructure and
increased attack surface.
3. Geopolitical and Social Engineering Threats:
 Nation-state cyberattacks: Cyber espionage, sabotage, and warfare conducted
by nation-states for political, economic, or military purposes.
  Supply chain attacks: Targeting vulnerabilities in the supply chain to
compromise trusted software or hardware components and infiltrate target
systems.
 Social engineering: Psychological manipulation techniques used to deceive
individuals or employees into divulging confidential information or performing
actions that compromise security.
4. Regulatory and Compliance Risks:
 Data privacy regulations: Compliance requirements such as the General Data
Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)
impose legal obligations on organizations to protect personal data and mitigate
privacy risks.
 Industry-specific regulations: Regulations such as the Health Insurance
Portability and Accountability Act (HIPAA) in healthcare and the Payment Card
Industry Data Security Standard (PCI DSS) in finance impose additional security
requirements on organizations handling sensitive data.
I. CRYPTOGRAPHY AND ENCRYPTION TECHNIQUES

 Cryptography is the practice and study of techniques for secure communication in the
presence of third parties. It is also used to set up a secure connection between two
systems.
 Uses mathematics (primarily arithmetic and number theory) to provide confidentiality,
integrity, and authenticity for messages under certain conditions. It includes
confidentiality by ensuring that information cannot be read or tampered with in transit,
where unauthorized parties could intercept and read.
 Cryptography is sometimes used by criminals to avoid detection and allow illicit
messages to be passed along without interception. It is also used by public-key
cryptosystems such as RSA, which are widely used in security protocols.
 The study of cryptography has been active since the invention of electronic digital
communications. Today, cryptography has become indispensable in almost all areas of
life. From banking and government to transportation, telecommunications, and even
shopping malls, cryptography helps keep our data secure against spying and hacking.
 The basic idea behind cryptography is to use an encryption key to encrypt information so
that only those who have access to it can read it. All other people will see random letters
instead of the original message. To decrypt a message, all you need is the correct key.
 Cryptography is not limited to computer science or mathematics; it involves mathematics
from other fields, such as economics, statistics, and physics. It also requires engineering
because most cryptographic algorithms are based on mathematical principles such as
linear algebra (matrixes) and number theory (arithmetic).
 Cryptography has played an essential role in every significant technological
development, including: Chipped-Stone Technology, Invention of Paper Money, Creation
of Printing Presses, Vision of Guns (Firearms), Design of Paper Currency (Paper
Money)
 A. Encryption Algorithms
A cryptography algorithm is a method of encryption and decryption that uses a mathematical
formula to convert plain text into cipher text and back again. The cryptography encryption
algorithm is a type of cipher used for data confidentiality and integrity in a computer system. It
uses an encryption key to convert plaintext into ciphertext, which is then sent over a network,
such as the Internet, to a destination where the receiver will decrypt it.
Cryptography encryption algorithms are commonly used in commercial electronic commerce,
online banking, and other applications where confidentiality is essential. These encryption
algorithms include Data Encryption Standard (DES), Triple DES, Blowfish, and CAST-256.
There are several types of encryption algorithms; these include block ciphers and stream
ciphers.
 A block cipher encrypts blocks of plaintext and decrypts them one at a time.
 A stream cipher encodes multiple characters or characters from a file in a single
operation.
B. How do Various Cryptographic Algorithms Work?
Cryptographic algorithms have a basic algorithm that produces a key, and then they each use
this key to encrypt and decrypt information. But there are many ways to go about it.
 One way is to use a block cipher, which takes several bytes and converts them into a
more extended sequence of bytes. This process is called encryption.
 The other way is to take a block cipher, convert it into something smaller, and then
convert it back into the original block size. This process is called decryption (or
deciphering).
These algorithms can be symmetric or asymmetric, depending on the algorithm used.
 Symmetric algorithms use the same key to encrypt and decrypt the data, while
asymmetric algorithms use two separate keys, one to encrypt and one to interpret the
data.
 The algorithms also use a message authentication code (MAC) to ensure the message's
integrity.

C. Cryptography and its Types

Cryptography is the practice and study of techniques for securing communications, information,
and data in an unreadable format for unauthorized users. It protects information and
communications through codes so only those for whom the information is intended can read and
process it.
There are three main types of cryptography: symmetric key encryption, asymmetric key
encryption, and public-key encryption.
 1. Symmetric key encryption: This type of encryption uses the same key to encrypt and
decrypt messages. The keys used in this type of encryption must be kept secret by both
parties, making them vulnerable to attack by hackers. Symmetric keys are most
commonly used for public key systems.
2. Asymmetric key encryption: This type of encryption uses two keys instead of one.
One key is used for encryption, and another key is used for decryption. These keys do
not have to be kept secret because they are only used once per message and can be
reused multiple times. Asymmetric keys are most commonly used in public-key systems.
3. Public-key encryption: Public-key systems use a pair of mathematically related keys
that cannot be derived from each other without knowing the different keys (a process
known as factoring). This means that even if someone finds your private key, they will
only be able to derive your public key (and vice versa).
The most commonly used techniques in cryptography, are,
 Symmetric Key Cryptography
 Asymmetric Key Cryptography,
 Hashing,
 Secret Sharing,
 Digital Signatures,
 Elliptic Curve Cryptography,
 Quantum Cryptography,
 Steganography,
 Zero-Knowledge Proofs,
 Homomorphic Encryption.

D. Features of Cryptography
Some of the crucial features of cryptography are,
 Authentication: Authentication is the process of verifying the identity of a person or
entity. It ensures that only authorized personnel can access confidential data or personal
networks.
 Confidentiality: Confidentiality is keeping data or information secret from unauthorized
individuals or entities. It is used to ensure that the data is only accessible by authorized
personnel.
 Integrity: Integrity ensures that data is not modified, corrupted, or tampered with during
transmission or storage.
 Non-repudiation: Non-repudiation ensures that the sender or receiver cannot deny a
transaction or communication at a later date.
  Authorization: Authorization is the process of allowing authorized personnel access to
specific data or networks.
 Key Management: Key management securely stores, distributes, and manages
cryptographic keys.

E. Types Of Cryptography
The following are the crucial types of cryptography:
 Symmetric Key Cryptography
 Asymmetric Key Cryptography
 Hash Functions
 Digital Signatures
 Message Authentication Codes
 Elliptic Curve Cryptography
 Quantum Cryptography

F. Applications Of Cryptography
The following applications are more crucial one,
 Electronic Commerce: Cryptography is used in e-commerce to protect data from theft
and misuse. Digital signatures, encryption, and authentication protocols secure online
transactions.
 Secure Storage: Encryption is used to store data securely on storage devices like
external hard drives, USBs, memory cards, etc.
 Wireless Network Security: Cryptography secures wireless networks from attacks. It is
used to authenticate users and encrypts data transmitted over the web.
 Online Banking: Cryptography is used to secure online banking transactions. It is used
to authenticate users, encrypt data, and securely transfer funds.
 Secure Email: Cryptography is used to send emails securely. It is used to authenticate
users, encrypt data, and ensure that emails are transmitted securely.