Unlocking Digital Signature Legitimacy for Public Relations in India

How to eSign a document: digital signature legitimacy for Public Relations in India

from hydrate the current situation makes it very necessary online and in turn protect privacy realizing these facts we the department of computer science sanders institute of management and science in association with iqac ict academy and csi local chapter have organized the national level symposium on cyber awareness cap01 as its first project let us begin a small teaser video on event followed by briefing of the same by professor aykasi you rashmi i'm very much happy uh to take this opportunity to launch or to introduce our program gap that is cyborg awareness program 28th january is celebrated as data protection day on this occasion sound area institute of management and science department of computer science has initiated a program on cyber awareness in this regard i extend my greeting on behalf of santeria institute of management and science department of computer science to all the delegates who are present here and also i extend my warm greetings to the parents the students and the faculty fraternity who have joined this program then why this program what is the necessity of having this program because whenever we start doing any program we should know the reason or the objective behind it and the objective is we all know that we are in the world of digital era and hence it is not just getting connected and taking the benefit of the digitization but it is a responsibility as a responsible citizen to understand the threats that happening in the special world and it is rightly quoted that every education institution should make a cyber security a priority we all know that students are our future workforce there are future teachers and there are parents the impact of their security aware behavior will be a significant and far reaching to the society realizing these facts the department of computer science as bca has designed an institutional social responsibility project called cap cap stands for a cyber awareness program at zero one so this is our first project which we have intended to do for a complete one year so that we can educate the students on cyber attacks and also how to protect themselves and their community from these potential attacks this entire program we are executing in an online platform through various events such as webinars quiz symposium panel discussion short movies e-collage and debate as a part of our first project we have come out with three different programs first being a collage we have requested students to do a collage based on cyber attacks and cyber prevention and upload it to an online the best attend collages will be awarded so that is one medium of educating or creating an awareness among the students and second being our symposium which has been organized today and the third is a short movie so very happy to share that the students of bca have designed movies by doing a lot of researching on various uh case studies that has been evolved in the online platforms so they have taken those case studies they have scripted those case studies and they have designed an animated movie so these are the three initial steps the cap program has initiated so through this our aim is to educate at least this year we want to educate one lakh people on this cyber security and make them to understand that we are no more in a safe world we need to be very cautious and we need to be very alert and it is one of the responsible uh as a responsible citizen it is a duty of us to understand the threats that is happening around us and how best we can protect ourselves and also protect our environment so this is our objective uh with this i request a present sir kindly play a promo video where our students have developed to project their awareness program through this platform on cyberbullying [Music] a serious growing problem we all have heard the recent news about increase in bullying in schools colleges bullying among children has always been around what is changing is the nature of bullying cyber bullying is newer form of bullying it involves using the internet to attack insult threaten and spread rumors about other people as more kids spend more time online and texting some of them are taking their conflicts online it used to be that bullies use playgrounds in schools to prey on their victims the internet has made their playground a whole lot bigger cyber bullying makes it easier for children to hide their identities so bullies are not necessarily the biggest kid around sometimes they are just kids filled with anger or hatred there are different types of cyber ruling some kids are creating websites that involve some form of attack on others sometimes they are posting hurtful messages images or information cell phones are also being used texts photos or videos are being used to blackmail others some bullies are looking for a broader audience and even capture physical attacks on videos and post them online further 68 of youngsters have reported cyberbullying in the last few decades bullying should be taken seriously children who are bullied can feel very lonely and emotionally they can also have long lasting may even repeat the abusive pattern in their adult relationships the vast majority of kids are neither the bunny or the victim they are the bystanders and they often feel very confused about how to handle the situation adults must partner with children to help them create a social network in support of them we need to be talking to schools about our concerns we have certainly had enough of wake-up call to take bullying seriously it's time to take stand hence we the students of sangara institute of management and science department of computer science bca has initiated cyber awareness program taking animated short movies as one of its medium do lend a hand and creating awareness for watching the short movie on sims official youtube channel and also join us for symposium on 28 january 2022 at 10 pm thank you wow that's a wonderful start i should must congratulate my students fair friends who have taken their first step in a very beautiful way i i agree uh you know the effort what you are making would be truthful and it will be fruitful unless and until we take a pledge that we will educate ourselves and also educate our society and at last i thank all the delegates who have joined us for this a great course let's all together make this space a cypher uh you know free space that is thread free space and make our end minds to get aware about not to be attacked because you know uh this innocence the ignorance all these are the causes of these attacks so i want the students to take a a great step take an initiative in being more aware about these attacks and we are responsible citizens so with this i um greet all the students community here for all the best for your project and also i request all the delegates for uh you know i extend my sincere gratitude to all the delegates who have accepted our invitation and joined their hands for this great project thank you thank you very much and go with you thank you thank you mom i now request mrs bhagna prabhu student of second year bca and mr rahul kini student of third year bca for the welcome address [Music] thank you rashmi it's an honor to welcome our guest of former mr shashan shekhar garuda sir is a big bce from bit scenery with mba marketing from ignou he has domain experience of process automation save and smart cities and critical infrastructure and has served power oil gas steel defense telecom sectors in project management business development and business operations for close to four decades mr shushan started his career from teaching more to psu private mncs and served fertilizer indulge abb datamatics g4s its hfcl is one of the fond members of isa delhi section sir is also a motivational speaker an influencer and relationship management become behavioral science trainer we welcome you sir i take immense pleasure in welcoming our today's keynote speaker mr balaji venkateshwar sir is a technology business executive with co-specialization in cyber defense he has architected and operationalized multiple cyber security capability centers in last 25 years mr balaji has also mentored more than 30 000 plus cyber defense experts so far and has one painting granted and nine more paintings filled in cyber and technology space sir has served in various cyber defense and related senior positions at sbi bipro bpo pwc qualcomm and idfc fastback he has taken voluntary retirement from corporate life after serving as cis idfc first bank and decided to devote his life for nation building on behalf of saudi institution of management and science and bca department we welcome you sir i am profusely elated to welcome dr balaji rajendran sir has 21 plus years of research and development experience in network information systems currently leading the center of excellence in dna security and national level effort for adoption of digital signatures and public key infrastructure in india dr balaji has architected and established a critical information infrastructure for production site foreign organization created an indian academic networking portal a first of its kind and its time for sharing of academic courses and events he also led development of the community information system and carried out pilot developments sir has specialization in building technology-led platforms and fostering user communities design and development of user support systems applied ai trading agents intelligent to touring systems email security player for applied research and training and community computing initiatives on behalf of saundering center of management and science department of computer science the external warfare welcome to you sir it's my privilege to invite dr mahabharati sir is an associate director at center of development of advanced computing sir is a b graduate from gulbarga university has completed his mtech from jawaharlal nehru technological university and also hold phd in computer science and engineering in the same university in the field of network security dr muhammad has also been staff scientist technical officer principal technical officer and joint director in cadvc sir has done industry knowledge on cyber security algorithms security training and many more some more of the skills that sir holds are cloud security information security awareness key authentication adaptive authentication and many others on behalf of saudi institution and management and bcca department we welcome you sir with pleasure i extend my bomb welcome to ceo mr keaton kumar director of administration mr mathai our principal dr suresh vice principal professor kumar ganachari iqac coordinator mr ashwin kumar hod of various departments and teaching fraternities of various colleges our student friends across pan india we welcome you all thank you rahul and bhagna relying on the government to protect privacy is like asking a peeping tom to your window mines with that thinking node may i request mr shashank shekhar garudyan chairman cyber vidya p to take over this issue over to you sir thank you rashmi can you allow me to share the screen yes [Music] okay [Music] hindi couplet i would like to start because we are building the nation uh we are working on that particular hank so one small couplet [Music] with this i would like to thank once again the organizers madame breaker who gave me the gave us the opportunity to become part of this wonderful show of cyber awareness program as you all we all are living in this world of cyber attack and it has become part of our life and every day the attack is getting complex and we have to we are left over with only one choice strategize strategize strategize to mitigate the challenges neutralize the attackers and the attacks so with that i would like to start my thought like how we made this particular process in place like why we should be going for this kind of an issue wherein we are going to help our nation to have at least one million cyber defenders in next four years time and this cannot be done in one year two years and it cannot be done in a college and that is how the concept started like we should and we this was a blessing in disguise like we were all passing through this uh challenge of covert 19. so so naturally all courses were going online and that is what we utilized got the help from the country certain and everyone who gave us the hands-on and we started training the ingenious upcoming engineers at the budding level itself third year final year students and in the first program itself we found like around 4 000 engineers joined online because we were having the platform for more than 10 000 we could take in one go so we handling this particular number with this particular kind of infrastructure was becoming very easy and we all people from corporate world around 16 people we left the various organizations and joined hand together with the mission help our nation held the voting talents to avoid this whatever void is available because we need 10 lakh people right away and whereas we are hardly having 3 000 people this course was launched by aict in two years back but hardly 19 issues are the taker and even if they graduate it will take four years time whereas the challenges is right now so only thing was live with this strategize yourself work on it and train more and more budding talents and at the same time the corporate people so that whoever are facing the challenges at corporate level in the industry infrastructure side they are also equally kept and at the same time the number game is taken care of you know like in 1995 then this world was open for i.t and how the space was taken over by we people the indians the bhartiya so naturally the same time has come for us wherein the world is looking towards india because the numbers of the young professionals in india is too too high so naturally if they are equipped to that level wherein they become the cyber defenders at the fastest pace which is hardly four months we are taking to equip them to make the real cyber defenders and that is what we are doing we are partnering with various institutes for this particular thing because how we will be reaching to those kind of engineers so naturally we are reaching to various issues starting from iit nits and uh class you can say c-class city shoots also wherein people are more focused to get more and more vocational training so the answer comes the vocational and the new education policy also if you see it says whatever gap is there whatever void is there it should be filled by taking the help of ngos and that is how we made this organization cyber vidya pete as a vocatio a vocational education trainer organization herein we are around 16 people at the helm of total affair we do have all kind of facility wherein we are training the people one is the trainers at the same time we do have sas based simulator for hands-on exposure because like you might have seen in the flight like captains are trained 90 training happens only you can say theoretical or experiences only or on the simulator only 10 is finally on the real flight same way we thought we should also have the facility wherein we get give the students the hands-on exposure on simulators and that is what we have already signed off with a couple of companies on this particular thing wherein we will be getting the facility at a very lower rate and this training of ingenious we are hardly or training of bca or mca people we are hardly charging anything because we wanted that we should be working towards nation building yes we are taking payments from the corporate world or the teachers the trainers wherein we have to train make them to that level wherein they are equipped to handle such numbers of students day in day out our whole system is blended with 5e model wherein the effectiveness of like you might be seeing like every day we are having the courses online whether the students are available or not available we do have the machine learning capability available wherein we are working with that we know whether those students are available with us or not what they are doing every 10 minutes we get the give the pop-up questions they have to answer and it's a very very serious kind of a training and uh yes it is true that people are leaving also because uh when you are having tough challenges it is a kind of a commando challenge commander training so commando type training every everywhere you are going to be thrown out means if you are not adequately ready to face that challenge so naturally they are getting dropped also but once they are again ready to take the challenge they are entering into the project from zero and then entering for the training so it is like a situation wherein uh we do have the 22 doors and any door if you fail you are out you have to come back from gate one only so naturally it's a very tough challenge for every student but at the same time who are passionate who are serious about it they are really trained getting trained and are getting a very good salary also after getting this training so i would like to not take much of time on this particular thing already we have taken this course 10 000 students batch as an internship we can take we have already trained people for that particular thing wherein they are available in the market and they are working rather employed with various organic corporate worlds we are also going to have this one-year post-graduate diploma in cyber defense which is uh already in discussion with a couple of good issues and we are expecting that by july we will be starting the full program for it and train the trainer is already available we are working on it and from the state uh 21st of february we are having the program wherein for the corporate world also we are doing and online live classroom all these kind of training will be available for you every now and then we are working on innovative things and getting the inputs from the students also getting the inputs from the corporate world too how to get equipped more and more and really strategizing on this whole thing so thank you i i would not take much of time on this because i would like that my next gentleman should be speaking more on this balaji should be there so that he he should be taking care of the real approach of whole thing so thank you very rashmi and thank you rikaji and the team organizers thank you thank you sir [Music] thank you sir but indeed brought us a step closer to our own cyber security if you put a key under the map for the cops a burglar can find it too criminals are using every technological tool at their disposal to hack people's account if they know there's a key hidden somewhere they won't stop until they find it so it becomes very important for us as users to be very aware of what data is being shared and to whom with that thought i now request mr balaji venkateshwar chief mentor cyber vidya p to take over the session over to you sir at the onset you know i think i must congratulate that the nature of this program uh [Music] a next interesting thought because are you all able to see my screen and hear me you know because i was just saying some yes we can see your screen you can go ahead now we are able to see your screen sir opportunity unlimited cyber defensive perfect perfect yes so you know uh nothing can be as opportune time for really uh organizing cyber awareness program and that too for a year year long program covering 100 000 people and plus i think this is an awesome thought the reason is that you know the world is breathing in pain there are two risks that i see country at risk corporate at risk and citizen at risk there are three things blended together you know i think there is a need for changing the game plans where awareness becomes the minimum bare minimum things and you know as i go into the statistics you know it will be something very startling in statistics you know i just you know created for you you people to have a look of it and you know then you will realize that what an important work this organizers are doing for making a real good impact and here is a definitely a good target to start such programs because it cannot be in just one or two so it has to be a long program so let me take you through the two journey okay one is that country at risk and then i'll take your citizen address so the country at risk you know as we speak you know the the russian rails is reading in pain almost all the rails were stand still they were unable to move the belarus rail you know company has been severely you know under attack by the ransomware and the group said that they want to release the 50 you know ailing patients it's a political attack so if you release them i'll give you the key i don't want to make you die but you know i can give you the key if you release some of them and i was surprised you know the audacity of these you know attackers the level of the ways they have attacked the entire journey i think it is something unimaginable same time a week back you know 10 days back ukraine's almost all government department has become dysfunctional they were unable to access the files they were unable to take any decisions online digitalization was everywhere but digital was not being used i call it is a country at risk we also suffered you know in 2019 we suffered a major attack on our power systems you know people don't talk much about it but we know that you know it was a cyber attack and if you look into the attack pattern in the corporate world almost everywhere the prototype is being tested so when you need it most it won't work so recent attacks uh is just a reminder that digital world is going in a very different world while it is going to make the life easier for the people at the same time it's going to create a mess if you don't do things right at the in substance of the design level so a lot of stories you know a lot of serious stories you know i think one of the serious story which impacted the life of millions of people [Music] was the colonial pipeline attack in u.s where the gas were not available and the country where the gas was required to be they were under minus 20 degree temperature and gas was being utilized for actually doing the heating in the house think about it you are living in minus 20 degree not prepared to leave like that without a heating elements and the power is not there it was a absolute messy messy type of attacks and there are so many of attack you know i can't count you you know it is more than 6 000 attack which has been reported in public large attack in the last 300 days so almost 20 major attack is happening every day on same time you know if you look into the citizens at risk the attackers are you know are predators and the cyber space is like a jungle boys and girls very young girls taking advantage of the systems and related vulnerabilities they are making calls eliciting the otps the passwords ids of the people those who do not understand that you know under panic they go and give it in india alone if you you know i've got the data from the delhi crime cell you know cyber crime sales as well bombay crime cells together it is 2 400 crore of laws reported i'm just talking reported minded there are many which are not reported almost 2400 crore of losses to the senior citizens the old old people the normal people smart people young people significant significant amount of loss and i call them the people are educated but many of them are digitally illiterate and that is the reason i said at the onset of the program today that that job you know swandary institute of management has taken and the team those who are behind the thought it's an imaging state because we have to make the people digitally literate and we have to make them you know lot lot better than just digitally literate but you know we have to go start the journey so journey will start at three layer the first layer is the awareness layer second is the training layer and third is the education layer so we have to really think in a very strategic manner how to go ahead with that program where we start with awareness build some theme around the trainings and then educate the masses who write the code correctly at the onset so that the attack cannot take place and the citizens are secured if you look into the significant amount of you know the attack which is happening you know we don't have the data from the india but if you look into this attack in the last five year crime data it is stalking actually it's very very big you know i can't tell you how big it is but you know it looks like you know it's significantly big and i again i am talking about the reported crime and from individuals it is 30 13.3 billion losses has been reported in last year time in u.s alone i'm not talking about the global so the estimate says that number of losses you know caused by the severe attack is almost or a parallel economy in the you know dark web is almost like a 5 trillion dollar just to remind you our economy size the entire gdp is 3.1 trillion dollars so to india can be accommodated in cyber crime money which is being traded in the car you know in the cyber jungles its legitimate is significantly large large losses that is being incurred by the corporate world and monetary losses are very small losses think about it you know i always think that we must think about the negative things so that we understand the risk and the role of the engineering graduates role of the bcs and mcas role of the professor and the teachers role of the mentors of the i.t you know organizations there is a significant amount of work to do before we go back to sleep forever many methods you know the situation at risk many methods some of them are for losses and some of them are absolutely weird so let's take an example today we have got 1.6 million you know 16 million people 1.6 crore people in india having pacemakers all of you are aware about the pacemaker if the pacemaker doesn't work for two minutes the person will die and the pacemaker is connected with a wi-fi entity for repairs and maintenance and that signals it keeps emanating the signals if somebody hacks into those signals and it is i have seen that it is a very much doable it does not require super skills it requires a very simple skills to hack into those pacemakers because the they use you know old wi-fi signals with no encryption almost like a clear text format 1.6 crore people if a malware gets injected to because every machine every pacemakers is in the heart and the person is carrying a mobile phone or a broadband connection next to them the way the stuxness has happened in 2008 similar thing can happen for the pacemaker 1.6 crore people life will be at death at the mercy of the tigers think about the gas pipeline the oxygen gas pipeline being being supplied to the hospitals millions of them across the globe in india alone we have got more than 30 000 you know hospitals connected with gas pipelines now suppose if the oxygen supply gets stopped choked because the scada system which is vulnerable can be attacked remotely what will happen in the hospital at a time we have more than six hundred thousand people in the icus across the country their life will be at a stake legitimate you know there's not time to see this is a challenge it is time for us to see as an opportunity so i'll let me take you through you know some of the very critical dimension of what is opportunity you know because these are the challenges but what are the opportunity because many of you are students many of you are professors many of your teachers it's a good time to really understand how the market is feeling about the security requirements frankly speaking the cyber dimensions cyber security dimension is a serious engineering problem the engineer those who have created the tool they have not created it correctly that is the reason exploits are being written and it is being misutilized so if the cyber defense has to be there it has to be engineered solution it cannot be a next button clicks which are coming from microsoft gui graphical user interfaces we need to go back to the drawing board we should know how to write the code correctly at the inception how to write a hardware design correctly how to write a bios correctly how to do the interactions between the bios and the kernels using the ufi is done correctly we need to go back to the engineering table who will do that it has to be done by the you the young generation and the pro professor of the academy those who are in this space and it is your solomon duty to see that you know we create the right telling pool at the inception as i speak today the michael page the world's largest hr company they say they have got 3.1 million job open globally and there is no taker for that 3.1 million jobs government of india in the last parliament session the 13 has submitted a report under the wrap of you know national cyber security secretariat under the prime minister's office that we need 1.5 million cyber engineer today 1.5 million engineer is needed today alone in india if you want to bridge the gap globally we have to produce 3 million cyber engineers today which is significantly large and there is need for you know thinking in that direction if you look into you know a very interesting cyber defense market which is a 100 billion dollar opportunity available for the country who can bridge this gap by 2025 we need globally around 10 million cyber engineers 10 million if europe wants are you in u.s one they cannot produce that much of child in a in five year windows forget about engineers so if this bridge is to be bridged by someone it can be only india nobody else what we did so sanji was saying it rightly in 1995 what we did was a magic the market needed severance you know i.t engineers and we created the id engineers the engineering colleges across the country mushroomed over a period of time there was significant amount of demand and we were able to match the gap the time has come when we need to create cyber defender the cyber rachet to meet that gap actually our success lies on the soldier of academy and the students of the next generation if you are looking for an opportunity the opportunity is waiting for you in cyberspace just have a look of it you know the number this is the current current you know one million cybersecurity as per the current design it is michael page said around 1.5 million cyber engineers are required today in india for a country that supports a majority of the world's technology outsourcing requirement it's enlarging to see that india's talent shortage is nine percent higher than the global average cyberspace as india grapples with the state spate of cyber attacks and growing skills shortage in cyber security the need to rethink the strategies to develop and improve the existing cyber workforce has never been more material than today trust me india is grappling in a real crisis in cyberspace if you don't know how to manage the systems we are in trouble if we don't have the resources to manage the system is a bigger turbo and the resources that we have today at compute level it is from adversary in essence it is an os layer which is coming from adversary nations there is no one his friend ladies and gentlemen and nobody is enemy in diplomatic stage everybody is fighting for their own lesson let's understand it united nation is a useless organization in my opinion because the personal interest of a country is more important than anything else we want we produce the highest amount of you know talent pool in i.t today in fortune 500 companies 273 companies are having leadership level indians only in i.t space the ctos are almost all 273 of them are id from india but we don't take the privilege of producing cyber defense kits we don't produce computers we don't produce operating system which is doable but we never done that we did bharat operating system i think some folks are there see that they know that they have done it country has spent significant amount of money on it but it will not take off we don't produce the application where the source code is ours how do you trust the source codes how do you trust the dot net the compiler does not have a date codes how do you trust the java which has been created in department defense in u.s it does not have the back doors and these are serious challenge the android phone on an average has got 250 zero development is which is not fixed by the government agencies purposely so that you can be swoofed you can be you know your voice can be heard your video can be seen by the intelligence agencies across the globe those who are creator of the androids the modem that you use whether it is lte or is a 4g or 5g is created by adversaries they are not been created by your country you can't trust them so we are really grappling with real crisis in cyberspace we create i'm sorry to use that word we create id coolings we don't create id engineers we produce seven millions i.t professionals every year if you add bca mca masters in computer science btec bsc it all together we produce 7 million id professionals time has come that we need to create every layer and delay the foreign adversary tools from the country there is a significant amount of opportunities are available and we don't have death of talent pools we produce reports we produce papers we put it in the google scholars and somebody in the google scholar team from the behind in u.s they read your papers and they create a patent out of it don't put a paper in public space unless you have a patent on it go for a patent filing in india it's much cheaper it's five thousand ten thousand rupees is not bad and there are nice on those who are doing it we need to fix the issues at many layers and young boys and girls those who are listening my you know deliberations today my humble request to each one of you create things indigenous fighter why can't we create a dotnet in country which you can trust the compiler will behave the way you want it to behave and you can do it it's no rocket science stop using your you know the window systems go into the black and white screens start learning the low level machine language write your own compilers make it behave make it dance the way you want it to dance nobody else can do it we have missed our generation we have created a mess we expect the next generations to take the charge the frauds are happening because our software has not been designed correctly and you are the engineers you are the students who is going to fix it it won't happen unless you do it yourself cyber is a engineering problem and it requires engineered solutions by 2025 even if you don't do anything will increase 35 billion dollar revenue but if you train in the college at internship level five months internship course in cyber defense can change the paradigm altogether to 200 billion dollars in next five years time aict has im as sasanji has said aict has already introduced to syllabus for b tech in cyber security only 20 or 30 colleges are open except those private colleges they have already introduced the btec syllabus and hardly there are 20 30 50 people some colleges large colleges like srm they are having five or ten students in that space there is a need for a large chunk of and the syllabus is outdated the worst is that syllabus is five to seven year old aict has published last year it doesn't national education policy which is supposed to carry the flavor of our future does not have a word established cyber defense or cyber security is a part of the program set it aside don't wait for government or government entity to do anything for you just go by the market paradigm what is the demand and what is the supply demand for cyber defense engineer is very high and supply is negligible if you are in that paradigm you will be chosen by the market on your own and you will be able to double the salaries in next two to four three to five years time so there is a significant opportunity exist in cyberspace and it is a good time to really look in india can produce shortfall by 2025 10 million cyber defenders or cyber russia can be produced in india and india can be the savior for the world india has potential to be the world leader in cyber defense workforce creation because nobody else can create that much of masses india can take 35 billion of additional potential opportunity by 2024 even at the current pace if you can create 5 millions cyber engineers using an internship model using a public private partnership using an skill development program as a vocational training and we can partner with you to make it happen we can create 200 billion dollar opportunity and i'll give you a simple thing if the 5 million people can be placed outside the country at the rate of 100 000 even if the 10 000 is set by the students and the earning send back to the country our gdp will grow by 200 billion dollars that's a significant money why do we require government intervention i think we have educational institution has to play a much bigger role and the student they have to participate in those roles to make it happen i won't take much of time i know i'm running out of the time but we need to act now for world leaders position in cyber ready workforce we are talking we want to be the vist guru and i think it is a good time to be the witch to be the cyber you know guru for the world and we have the necessary to tell input let's join the head and make it happen i'll be more than happy to participate in any effort that you are doing in cyber education space and training space uh everness space you know i leave it to you people to run it but you know at education space as well as training space i'll be more than happy to partner with you guys need significant alignment with market and need significant change in ict syllabus and we have the syllabus available which are market ready and we use blended education during the internship four month internship you know intensive internship if you are committed to the goal and you are passionate about learning and cracking something in four months you will be able to really take your education forward to a next realm altogether that is where i am you know thank you so much organizers really appreciate giving us an opportunity to speak and wish you all the best for your cap program because i think this is something which is definitely needed at all layers but i believe that you know as a institution you need to go beyond awareness program embed security as a part of the curriculum and will definitely do a small partnership with you to make it happen if you have a dream i commit you that my team will work together with you to realize the dream at any cost thank you so much ladies and gentlemen thanks for being with us today thank you thank you very much thank you sir there are inside some threats people face in digital world recent attacks the possible attacks we could face and the alarming increase in recent times help us take a leap in cyber awareness well now it's time to launch our first multimedia short movie on cyber security this short movie is intended to create a sense of cyber awareness to general public and ensure they don't fall for such traps in your future and here it is prasad processor i request you to play our first video and these are my key members who have created the video prasad [Music] engagement institutions future teachers i'm sorry for the interruption education institutions need to make cyber security a priority students are the future workforce future teachers and parents the impact of their security aware behavior will be significant and far-reaching for the society realizing the above fact the department of computer science bca has designed an institutional social responsibility isr project cyber awareness program cap it is a year-long program aimed to educate students on cyber attacks and how to protect themselves and their community from the potential attacks mode of executing the cap program is through online mode by conducting various activities such as webinars quiz panel discussion short movie z collage debate and more today i will be narrating a story of a girl who was very excited about her phone and ended up falling in trouble while texting casually over social media fury finally got my phone um let's create accounts on social media and make new friends this this and this hello how are you you look very impressive in your photos can you please share the photos with me wow got my first friend on facebook he seems interesting let's talk well i wonder which pick should i send him um not this no not this too got it this would be perfect i am sure i would impress him with this now that sweaty has exchanged pictures she does not know what the future has in stake for her let's see what is in store for sweta yes i finally got a bait now i can use her photos and she will never know oh my god to what situation i brought myself into this is a trap sweater thinks about the matter deeply she loses herself thinking about her image and future only to lose her mental health her mother observes her state for a few days and later confronts her daughter about the matter swetta firstly is very frightened to tell her mother but she musters all courage and inform her mother about the matter without any delay her mother consults the police regarding the issue tell me madam how can i help you sir my daughter sweta has fallen into deep trouble we gifted her a phone for her 18th birthday in excitement she has shared her pictures to a random person online and he is now misusing her pictures with strange kind of edits sir please catch the guy as soon as possible do not worry madam we will find the guy you please register the fir and we will redirect this to the cyber crime branch the police then contacts the cyber crime branch and inform them about the issue the cyber police and the police officer assures the parent on finding the guy and punishing him sir we have got a lead in the case my team has figured out the criminal and is already set to catch him he will be behind bars by evening that's a great news indeed sir i will inform the parent on our update oh no where did i end up into i just wanted to bully that girl for fun i messed hard with my life so this is how a small act of sharing pictures online can lead us into big trouble it is always recommended to not share private or sensitive information online to any random stranger so until the next time be alert and be aware that in need of good effort to spread awareness to the general public i thank and of course congratulate the team for their efforts if you make customers unhappy in the physical world they might tell six friends if you make customers unhappy on the internet they can each tell six thousand friends with that note i would now ask dr balaji rajendra associate director c dag to address the session over to you sir can i share the screen yes [Music] is the screen visible yes sir thank you so this is a session on um thank you for the wonderful introduction and the background of the program being given by the dignitary members and that's also as soon as the beautiful animation film that was shown so this is one this session is will help you in understanding what is electronic trust and what factors are essential for the electronic trust and the most fundamental element for achieving electronic trust is a digital signature so what uh in this session you will see how it all works together okay so that is objective of this session so with that basic introduction let me get into the session directly because the time available for me is very less actually only given 13 minutes so let me try and recover as much as possible [Music] so first let us see that uh let me just give you a very traditional comparison between a physical document and electronic document so in a physical document the attack on integrity can happen okay so uh when i say integrity somebody after you have typed and signed it somebody can alter the content or somebody can uh let me change the signatures or add something and things like that or forge your signature all these things can happen anything you want to say madam am i audible hello [Music] yes sir you are audible okay fine so then uh [Music] attack on identity so this is one thing where somebody tried to impersonate you so somebody has looked at your signature they want to try to copy your signature and impersonate you so the process of verifying a person signature against a specific signature is called authentication in the physical world see when you present a check uh the uh the banker or the person who is in in the bank will verify the signature in the check with the specimen signature of the the same person who when he enrolled as a customer in the bank the two signature matches then only you process the check so this process is basically called authentication [Music] and this terminology of authentication is being carried forward in the electronic world also now let me show you a small example what difference do you see between these two [Music] do you see any difference [Music] there is one small e difference between the first one as well as the right hand side am i right not approved became notable okay so that is one thing then second thing [Music] so this is basically called an attack on the integrity of the top so here can you see one small difference between the two documents [Music] there is a difference between one zero here okay six thousand has become sixty thousand okay so of course these are only for examples so in the electronic world also the same problems can persist okay attack it's not that electronic world is foolproof here also problems are there so when a wants to talk to b okay so when a wants to talk to b obviously uh an intermediary ferru can come in the picture and then they can try to see what is happening okay so we have to protect this communication second thing is when two people are communicating in an office scenario the data is actually traversing through several servers and several networking equipments so an attacker can come in the middle and can try to see what the communication is all about so data can happen then a message can be altered okay so for example if the message is support depositing online rupees in a person's account the attacker can come in the middle and can probably change the values okay he can divert the fund so all these things can happen and they have to ensure that these things are not happening [Music] and one more interesting and important thing is nowadays we are all working from work from home scenarios now let us say that the attacker just in this example we can call him as governor are working in the same organization and that they are working from home scenario so now gabbar sends a mail to view sorry governor sends a mail to jay saying pretending to be you asking him to send some confidential communication now jay if he does not have a mechanism of whether the messages really come from bureau or not he'll be just be trapped by the messages from number and you'll be sending all the confidential information so they should have a proper mechanism for verifying whether the mail has really originated from zero or so this is a big challenge and this challenge exists even today okay so basically in these examples what we have to understand is when two people are communicating we have to ensure that nobody else is able to know what these two people are communicating that is called confidentiality or secrets only those two people should be aware of what they are communicating with so that policy or that principle is called confidentiality okay so that is one thing then second thing is basically authenticity so authenticity is what do you mean by authenticity suppose if i am communicating with you you should be sure that i should be sure that i am communicating really with you and similarly you should also be sure that you are communicating so when a is communicating with b a should be sure that a is really communicating with b and b is also very sure that is really communicating with a and not somebody who is pretending to be so that is called authenticity mutual authentication is required third thing is integrity when two people are communicating it should be very much sure that nobody is coming and altering the content of the so that is called internet the last one is basically non-repudiation so when we say non-repudiation you should [Music] this is little tricky in the sense that suppose if i have done something in the online world i should not be able to go back and deny that later okay so that is called non-duplication ensuring that i am unable to deny whatever i have done that is called non-repetition okay so these four properties are essential for assuring trust in a system okay for assuring trustedness so privacy authenticity integrity and non-equation are the four elements or four properties which are to be assured in any electronic transaction okay and we have to ensure that this is taken care of and as of today the only technology that supports or assures you all these four properties is called as public key infrastructure pki there is no other technology which is currently existing which can achieve all the four properties in a very reliable and acceptable way to all the parties so that is the thing and public infrastructure is a technology which has been existing in the world for more than 30 years now okay so it's not a new technology but its adoption has been only increasing and ease of use has been increasing for a long time so when i say public infrastructure it is not only a pure technology it is also about the uh the standards which have been defined okay so that anyone can trust or use the system then also it is about the policy okay see if we need policies and laws to somebody to violate to catch out of the violators of the technology or violators of this thing so policy and laws are very much important the last one is basically implementation the technology as such should be implemented okay should be implemented [Music] as application because that is how the end users realize them okay so pki public infrastructure is basically uh not a pure technology solution technology efficient is also a mixture of technology policy implementation and standards okay so first let me uh go and illustrate or describe what is a digital signatures a digital signature is nothing but it's a value it's a value which is derived from a secret which is known only to you and a digital fingerprint of the message which is being signed please remember that i just have to clear the illusion that when when i say digital signature people think that it is a scan of your signature handwritten signature no it is not okay that is only the appearance of the signature okay when we say digital signature it is a value mathematical value okay which is derived from a secret which is known only to you and based on a digital fingerprint of the message which is being signed okay so right now just hold these two things in your mind i will just illustrate in the period of time in a moment of time so in digital signatures can assure you authenticity integrity and non-definition so what are the four properties that you are saying for trust we are talking about confidentiality authenticity integrity and non-deprivation but digital signature can give assure you three properties authenticity integrity and non-reflection confidentiality is not required because say for example i am sending some message to you okay so i am digitally signing that message means i want it to be verified okay so confidentially whenever required we can bring it in later but as far as now we just stick with these three properties digital signatures can assure you only this authenticity integrity and non-duplication okay so now first thing is uh first the seek how do you get the how do you achieve a secret because i said that digital signature is something which is based on your scene say first let us understand why do we need a secret so for example in the case of a handwritten word in the physical document you are putting your signature physically right it is your signature that you are applying okay your handwritten signature is there now what is the issue with that is nobody can try to replicate the signature see even if you simply write abc it is extremely difficult for any third party to write abc in the same style as you would because the curves that you use the strokes that you apply the pressure that you apply on the pen is extremely difficult for any third party to replicate okay even a person sees you how you write abc it is very difficult to do it in the same way any moment of time of course for people who try to cheat you they take several hours of practice and then they try to they may try to do in a similar way but then that also can be caught by a trained eye okay so how this has happened is this got the right the way of writing abc that whatever your signature may be got imbibed in your dna okay so it is extremely difficult for anybody to do that even though they may be your twins or brothers or sisters or even your children nobody will be able to replicate your signature exactly okay so this is the issue so now what we have to do is so this same concept we need to bring it in the real world also so how do you bring it in the real world in the real world sorry in the digital world we also need to emulate it how will you emulate in the digital world digital world we are saying that you have to have some secret okay so how do you have some secret so for example i can have some secret like let us say numbers are secret okay some number let us say a small number like 22 9 okay so then i can try to do something but that will not work out okay because you should have some secret and it should not be known to the third person but at the same time i should be able to verify that you are the owner of that secret so this is the challenge okay basically what i'm trying to say is now let us say that you are having some number which is with you okay which you are not going to give it to anybody okay and you are doing some operation on using that particular value and i should know that you are the holder of that secret but at the same time i should not know that you are the owner of that i should not know your secret okay so this is a big challenge which is posed in the problem of cryptography okay so uh what we do is we go into the form of prime numbers big prime numbers okay uh we have some sort something called as a key here okay we call this numbers as keys okay so now what we do is as every user you have something called as a private okay you have something called as a private key [Music] okay which is known only to you okay which is a secret which is known on 18. okay it's a big number okay do not take a small number it should be at least 150 digit plus okay then there should be another key which will automatically should be derived from the private key or whatever it may be it's called as a public key and which can be distributed to anybody [Music] now the magical uh just this listen carefully the magical uh the magic happens okay the private key and public key are in such a way that they are mathematically related with each other okay they are mathematically related with each other now assume some sort of lock which you have okay assume some sort of lock which you have now in this lock let us say that if you are using private key for lucky okay then you cannot use the same private key for unlock you have to use the corresponding public key for unlocking okay so that is a scenario just imagine a log where you can use your private key for walking but you have to use the public key for unknown okay you cannot use the same key for both locking as well traditionally what we do is we take a key and use both meaning the key is used for both locking as well as unboxing but in this scenario what we are doing is we are using different keys okay pair of keys that is if you lock it with private key then you have to unlock with public publicly okay and vice versa also is true that is if you are locking with the public key then you have to unlock with the private key okay so this is one of the thing so if one of the key in a key pair is used for encryption then the other key there is a private key is used for decryption okay so that is a thing so this you have to remember it very well so based on this further under this understanding we will go and try to understand further [Music] digitally sign and document the signer uses his private key and verifier basically when you digitally sign a document the verifier will use your public key okay the signers public key okay that is very important the signers public is being used okay the science factor is changed [Music] [Music] now whatever we discussed is basically called as a symmetric cryptography i am not going to go into more into math but i am just going to tell you what is the basic concepts are very very basic concepts so now you may be wondering that i told you that publicly can be shared with everybody and anybody anybody and everybody in privately i said that you have to keep it secret and these two keys that is publicly as well as private key are are related with each other mathematically related with each other so now you may be wondering if you are distributing your public key to the whole world how can ah a person who is holding your public key will not be able to find out your private key because they are mathematically related it's a question that may crop up in your mind okay so what i am going to say is i am going to say it is not impossible but i am going to tell you that it is [Music] it is going to be computationally interesting okay so that's what i'm going to do that is what i'm going to say is if you are having a public key and you want to find the privacy of the person it is not impossible there are algorithms but you need a huge computational power okay in today's standards of 4096 bit key you need at least 50 plus years of computation power unless there is a quantum computer comes into picture and you basically made a super computer which needs to run for 50 plus years continuously which is not going to be worthwhile for doing it okay you know the cost of super computing and you know how much power and energy it is going to consume and 50 plus years of consumption is going to take a huge amount of time and effort [Music] so to find out yes there is a way but it is not visible computationally it is invisible to derive a private key from a given public key okay so this is very important to understand so now when i am talking about keys i am actually talking about this kind of numbers basically which great bigger numbers which are represented in some notation okay so that is what we have done [Music] now to reinforce the concepts let me tell you the same thing let us say that there is a piece of text with us and if i have to encrypt it then i have to use let us say i am using the private key for us i am using the public key for encryption okay then it provides me encrypted text and now what should i do is i should use the private key for decrypting okay i should use the private key for decryption okay so that is the thing i need to do then uh next thing is suppose now let us say that i am encrypting the private key then i use the public key for decryption okay i have to use the alternate okay i cannot use the same say for example if i'm encrypting public key trying to decrypt the same public key it will not work it will change if i am trying to encrypt the privacy and trying to decrypt the same private key it will not work okay so this will fail okay so this is one thing we need to understand [Music] now [Music] let us go to the next step which is involving digital sign first thing we need to do is whenever you have message which we have to digitally sign we need to use the cryptographic hashing okay algorithmic hashing bottom which will produce a fingerprint of the message okay so this will produce a fingerprint of the message okay [Music] see you might have heard the word fingerprint several times so what is fingerprint fingerprint is a unique representation am i right it's a unique representation of an individual nobody no two persons in the world have identical fingerprints though they may be closely related or even co-joined twins also the fingerprints will be different okay so fingerprints are unique to your person okay that is number one second thing is just imagine the sunset you are in a crime scene you are seeing the fingerprint of some probable criminal over it [Music] so what you do is you take the copy of the theme of it and by using the fingerprint can you build a picture of the person who was involved in the crime it is impossible basically what you have to do is you would have already had some database of fingerprints and then you have to run this fingerprint whichever you collected in the crime scene with the fingerprints in the database and then match it and then find out probably who might be the criminal who might have done that particular crime okay so this is the uh mechanism so by using your fingerprint you cannot bring out the person okay you cannot actually uh you will not be able to draw the picture or bring out the person directly you are trying to make some assumptions you are doing some comparison of fingerprint to fingerprint and then you are finding out who the person could be okay so this is the scenario so same thing is involved here also okay so here what are we going to do is here basically there is a [Music] information which is basically there that is which are to be digitally signed so what we do is mathematically there is a something in algorithm which is called as a cryptographic hashing algorithm which is widely used today okay knowingly or unknowingly everybody is using you know when you are even using a password you are using this algorithm okay from block change to everywhere this is being widely used okay so this is algorithm that is being used that will generate a message transistor if you pass on the message to cryptography caching or down it generates a message which is nothing but the digital fingerprint of the message okay so now please have a look at this example [Music] what difference do you see between these two messages there is one small dot at the right hand side okay one dot is there so that [Music] this particular dot is giving you a totally different messages okay this dot actually gives you a totally different message digest if you can look at this one this is basically the fingerprints are totally different because of one small not okay so this is the algorithm that can generate a fingerprint of a given message now let us say instead of the dot there is one blank space is there then also you will totally get a different value okay so this is an interesting property of the cryptographic hashing acronym now these are one way outcome what do you mean by one way is from a fingerprint you cannot bring a meaning reconstruct a person's image or something like that similarly by using a fingerprint of a message you'll not be able to reconstruct the message back again okay so that is why we say it is a one way order so what do we mean by that is if there is a fingerprint and i am passing to a [Music] cryptographic hashing algorithm i will not be able to get the original message instead i will be only getting an another fingerprint okay because this is this has become this has become basically a message here input message to the cryptography allowance which produces another [Music] another fingerprint okay so that is what is sam okay so this we need to understand [Music] next is uh yeah hash function is basically a cryptographic mechanism that operates as a one-way function and very interesting thing about this one is it produces a fixed size up so what do you mean by a fixed size output whatever the size of the input may be the output size is going to be the same the input size can of the hashing algorithm the input text can be anything okay input can be one character or even billions of characters or even several gbs or tvs also but output is only going to be 256 bits okay we say binary digits or something like that r26 beats me 256 bits 512 means final two bits okay any small change in the input message will produce a different digest okay there are several lashing algorithms so have a look at this okay these are different algorithms any small input change will produce a totally different algo output and not only that there are different algorithms are there short two 512 is the latest algorithm that everybody uses okay whatever the size of the input the output will be 512 bits okay now the second step in digital signing is you have then generated a fingerprint of the message now what you have to do is you have to encrypt the message digest with the private key with your private key okay so you are having your private key so now you need to encrypt the message with