CS6004 Notes Rejinpaul PDF

www.rejinpaul.
com
CS6004 / CYBER FORENSICS
UNIT I NETWORK LAYER SECURITY &TRANSPORT LAYER SECURITY
IPSec Protocol – IP Authentication Header – IP ESP – Key Management Protocol for
IPSec. Transport layer Security: SSL protocol, Cryptographic Computations – TLS
Protocol.
Part-A
1.Define IPsec Protocol.
The IPsec protocol is a set of security extensions developed by the IETF and it
provides Privacy and authentication services at the IP layer by using modern
cryptography. To protect the contents of an IP datagram, the data is transformed
using encryption algorithms.
There are two main transformation types that form the basics of IPsec,
1. The Authentication Header (AH).
2. The Encapsulating Security Payload (ESP).
 Both AH and ESP are two protocols that provide connectionless integrity, data
origin authentication, confidentiality and an anti-replay service.
2. write the basic components of IPsec architecture Protocol.
The basic components of the IPsec security architecture are explained in terms of the
following functionalities:
• Security Protocols for AH and ESP
• Security Associations for policy management and traffic processing
• Manual and automatic key management for the Internet Key Exchange
(IKE), the Oakley key determination protocol and ISAKMP.
• Algorithms for authentication and encryption
3.Define IPsec Protocol Documents
The seven-group documents describing the set of IPsec protocols are explained in the
following:
Architecture:
The main architecture document covers the general concepts, security
Requirements, definitions and mechanisms defining IPsec technology.
ESP:
This document covers the packet format and general issues related to the use
of the ESP for packet encryption and optional authentication.
AH:
This document covers the packet format and general issue related to the use of
Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 1

www.rejinpaul.com
AH for packet authentication.
Encryption algorithm:
This is a set of documents that describe how various encryptions algorithms are
used for ESP.
Authentication algorithm:
This is a set of documents that describe how various authentication algorithms
are used for AH and for the authentication option of ESP.
Key management:
This is a set of documents that describe key management schemes. These
documents also provide certain values for the DOI. Currently the key management
represents the Oakley, ISAKMP and Resolution protocols.
DOI :
This document contains values needed for the other documents to relate each
other. These include identifiers for approved encryption and authentication
algorithms, as well as operational parameters such as key lifetime.
4. Define Security Associations (SAs)
An SA is a simplex connection between a sender and receiver that affords
security services to the traffic carried on it. If both AH and ESP protection are applied
to a traffic stream, then two SAs are required for two-way secure exchange.
An SA is uniquely identified by three parameters as follows:
 Security Parameters Index (SPI)
 IP Destination Address
 Security Protocol Identifier
5. Define Hashed Message Authentication Code (HMAC)
 A mechanism that provides a data integrity check based on a secret key is
usually called the Message Authentication Code (MAC).
 An HMAC mechanism can be used with any iterative hash functions in
combination with a secret key.
 MACs are used between two parties (e.g. client and server) that share a secret
key in order to validate information transmitted between them. An MAC
mechanism based on a cryptographic hash function is called HMAC. MD5 and
SHA-1 are examples of such hash functions. HMAC uses a secret key for
computation and verification of the message authentication values.
6. Define IP Authentication Header.
 The IP AH is used to provide data integrity and authentication for IP packets.

www.rejinpaul.com
 It also provides protection against replays. The AH provides authentication for
the IP header, as well as for upper-level protocol (TCP, UDP) data.
 But some IP header fields may change in transit and the sender may not be
able to predict the value of these fields when the packet arrives at the receiver.
 The AH can be used in conjunction with ESP or with the use of tunnel mode.
Security services can be provided between a pair of hosts, between a pair of
security gateway or between a security gateway and a host.
7. Draw AH Format.
8. Define IP ESP.
 The ESP header is designed to provide security services in IPv4 and IPv6.
ESP can be applied alone, in combination with the IP AH or through the use
of tunnel mode.
 Security services are provided between a pair of hosts, between a pair of
security gateways or between a security gateway and a host.
 The ESP header is inserted after the IP header and before the upper-layer
protocol header (transport mode) or before an encapsulated IP header
(tunnel mode).
 ESP is used to provide confidentiality (encryption), data authentication,
integrity and anti-replay service, and limited traffic flow confidentiality.
Confidentiality could be selected independent of all other services.
9. Define Packet Format

www.rejinpaul.com
8. Define Key Management Protocol for IPSec.

 The key management mechanism of IPsec involves the determination and
distribution of a secret key. Key establishment is at the heart of data protection
that relies on cryptography.
 A secure key distribution for the Internet is an essential part of packet
protection.
 Prior to establishing a secure session, the communicating parties need to
negotiate the terms that are defined in the SA. An automated protocol is needed
in order to establish the SAs for making the process feasible on the Internet.
This automated process is the IKE.
 IKE combines ISAKMP with the Oakley key exchange. We begin our discussion
with an overview of Oakley and then look at ISAKMP.
1. OAKLEY Key Determination Protocol
2. ISAKMP
9. List out the different types of Payload Types for ISAKMP.
1. Security Association Payload
2. Proposal Payload
3. Transform Payload
4. Key Exchange Payload
5. Identification Payload

www.rejinpaul.com
6. Certificate Payload
7. Certificate Request Payload
8. Hash Payload
9. Signature Payload
10. Nonce Payload
11. Notification Payload
12. Delete Payload
13. Vendor ID Payload
10.Define SSL Protocol.
 SSL is a layered protocol. It is not a single protocol but rather two layers of
protocols.
 At the lower level, the SSL Record Protocol is layered on top of some reliable
transport protocol such as TCP.
 The SSL Record Protocol is also used to encapsulate various higher level
protocols. A higher-level protocol can layer on top of the SSL protocol
transparently.
11.Draw the SSL Protocol Overview stack.
12.Difference between SSL Session and SSL Connection.
SSL Session SSL Connection

An SSL session is an association between A connection is a transport (in the OSI
a client and a server. layering model definition) that provides a
suitable type of service.
They define a set of cryptographic security For SSL, such connections are peer-to-
parameters, which can be shared among peer relationships.

www.rejinpaul.com
multiple connections.
Sessions are created by the Handshake The connections are transient.
Protocol.
An SSL session coordinates the states of Every connection is associated with one
the client and server. session.
13.List out the SSL session elements.
1. Session identifier
2. Peer certificate
3. Compression method
4. Cipher spec:
5. Master secret
6. Is resumable
14. List out the SSL Connection elements.
1. Server and client random

2. Server write MAC secret
3. Client write MAC secret
4. Server write key
5. Client write key
6. Initialization vectors
7. Sequence numbers
15.Define SSL Record Protocol format.
16. List out the phases of SSL Handshake Protocol.
 Phase 1: Hello Messages for Logical Connection

 Phase 2: Server Authentication and Key Exchange

www.rejinpaul.com
 Phase 3: Client Authentication and Key Exchange
 Phase 4: End of Secure Connection
17.How to compute the master-secret for Diffie–Hellman.
master_secret = MD5(pre_master_secret||SHA(‘A’||
pre_master_secret||ClientHello.random||
ServerHello.random))||
MD5(pre_master_secret||SHA(‘BB’||
MD5(pre_master_secret||SHA(‘CCC’||
ServerHello.random))
18. Define HMAC-Algorithm and how to calculate the HMAC Algorithm.
A Keyed-hashing Message Authentication Code (HMAC) is a secure digest of some data
protected by a secret. Forging the HMAC is infeasible without knowledge of the MAC
secret. HMAC can be used with a variety of different hash algorithms, namely MD5
and SHA-1, denoting these as HMAC MD5(secret, data) and HMAC SHA-1(secret,
data).
HMAC = H[(K ⊕ opad)||H[(K ⊕ ipad)||M]]
where
ipad = 00110110(0x36) repeated 64 times (512 bits)
opad = 01011100(0x5c) repeated 64 times (512 bits)
H = one-way hash function for TLS (either MD5 or SHA-1)
M = message input to HMAC
K = padded secret key equal to the block length of the hash code
(512 bits for MD5 and SHA-1)
19. List out the ISAKMP Payload Processing.
1. General Message Processing

2. ISAKMP Header Processing
3. Generic Payload Header Processing
4. Security Association Payload Processing
5. Proposal Paylaod Processing
6. Proposal Paylaod Processing
7. Transform Payload Processing
8. Key Exchange Payload Processing

www.rejinpaul.com
9. Identification Payload Processing
10. Certificate Payload Processing
11. Certificate Request Payload Processing
12. Hash Payload Processing
13. Signature Payload Processing
14. Delete Payload Processing
15. Nonce Payload Processing
16. Notification Payload Processing
20. Define Cryptographic Computations.
 The key exchange, authentication, encryption and MAC algorithms are

determined by the cipher suite selected by the server and revealed in the server
hello message.
 The compression algorithm is negotiated in the hello messages, and the random
values are exchanged in the hello messages.
 The creation of a shared master secret by means of the key exchange and the
generation of cryptographic parameters from the master secrete.
Part-B
1. Explain in detail about the IPsec Protocol.

The IPsec protocol is a set of security extensions developed by the IETF and it
provides Privacy and authentication services at the IP layer by using modern
cryptography. To protect the contents of an IP datagram, the data is transformed
using encryption algorithms.
There are two main transformation types that form the basics of IPsec,
3. The Authentication Header (AH).
4. The Encapsulating Security Payload (ESP).
 Both AH and ESP are two protocols that provide connectionless integrity, data
origin authentication, confidentiality and an anti-replay service.
 These protocols may be applied alone or in combination to provide a desired set
of security services for the IP layer.
 They are configured in a data structure called a Security Association (SA).
The basic components of the IPsec security architecture are explained in terms of the
following functionalities:
• Security Protocols for AH and ESP
• Security Associations for policy management and traffic processing

www.rejinpaul.com
• Manual and automatic key management for the Internet Key Exchange
(IKE), the Oakley key determination protocol and ISAKMP.
• Algorithms for authentication and encryption
 An IPsec implementation operates in a host or a security gateway environment,

affording protection to IP traffic.
 The protection offered is based on requirements defined by a Security Policy
Database (SPD) established and maintained by a user or system administrator.
1.1 IPsec Protocol Documents
The seven-group documents describing the set of IPsec protocols are explained in the
following:
Architecture:
The main architecture document covers the general concepts, security
Requirements, definitions and mechanisms defining IPsec technology.
ESP:
This document covers the packet format and general issues related to the use
of the ESP for packet encryption and optional authentication. This protocol document
also contains default values if appropriate, and dictates some of the values in the
Domain of Interpretation (DOI).
AH:
This document covers the packet format and general issue related to the use of
AH for packet authentication. This document also contains default values such as the
default padding contents, and dictates some of the values in the DOI document.
Encryption algorithm:
This is a set of documents that describe how various encryptions algorithms are
used for ESP. Specifically:
– Specification of the key sizes and strengths for each algorithm.
– Any available estimates on performance of each algorithm.
– General information on how this encryption algorithm is to be
used in ESP.

www.rejinpaul.com
When these encryption algorithms are used for ESP, the DOI document has to indicate
certain values, such as an encryption algorithm identifier, so these documents provide
input to the DOI.
Authentication algorithm:
This is a set of documents that describe how various authentication algorithms
are used for AH and for the authentication option of ESP.
Specifically:
– Specification of operating parameters such as number of rounds, and
input or output block format.
– Implicit and explicit padding requirements of this algorithm.
– Identification of optional parameters/methods of operation.
– Defaults and mandatory ranges of the algorithm.
– Authentication data comparison criteria for the algorithm.
Key management:

www.rejinpaul.com
This is a set of documents that describe key management schemes. These
documents also provide certain values for the DOI. Currently the key management
represents the Oakley, ISAKMP and Resolution protocols.
DOI :
This document contains values needed for the other documents to relate each
other. These include identifiers for approved encryption and authentication
algorithms, as well as operational parameters such as key lifetime.
1.2 Security Associations (SAs)
An SA is a simplex connection between a sender and receiver that affords
security services to the traffic carried on it. If both AH and ESP protection are applied
to a traffic stream, then two SAs are required for two-way secure exchange.
An SA is uniquely identified by three parameters as follows:
Security Parameters Index (SPI):
 This is assigned to each SA, and each SA is identified through an SPI.
 A receiver uses the SPI to identify the security association for a packet.
 Before a sender uses IPsec to communicate with a receiver, the sender must
know the index value for a particular SA.
 The sender then places the value in the SPI field of each outgoing datagram.
The SPI is carried in AH and ESP headers to enable the receiver to select the SA
under which a received packet is processed.
IP Destination Address:
 Because, at present, unicast addresses are only allowed by IPsec SA
management mechanisms, this is the address of the destination endpoint of
the SA. The destination endpoint may be an end-user system or a network
system such as a firewall or router.
Security Protocol Identifier:
 This identifier indicates whether the association is an AH or ESP security
association.
There are two nominal databases in a general model for processing IP traffic relative to
SAs, namely, the Security Policy Database (SPD) and the Security Association Database
(SAD).
Security policy database
 The SPD, which is an essential element of SA processing, specifies what
services are to be offered to IP datagrams and in what fashion.

www.rejinpaul.com
 The SPD is used to control the flow of all traffic (inbound and outbound)
through an IPsec system, including security and key management traffic (i.e.
ISAKMP). The SPD contains an ordered list of policy entries.
 Each policy entry is keyed by one or more selectors that define the set of all
IP traffic encompassed by this entry.
 Each entry encompasses every indication mechanism for bypassing,
discarding or IPsec processing.
 The entry for IPsec processing includes SA (or SA bundle) specification,
limiting the IPsec protocols, modes and algorithms to be employed.
Security association database
 The SAD contains parameters that are associated with each security
association. Each SA has an entry in the SAD.
 For outbound processing, entries are pointed to by entries in the SPD. For
inbound processing, each entry in the SAD is indexed by a destination IP
address, IPsec protocol type and SPI.
Transport mode SA
 There are two types of SAs to be defined: a transport mode SA and a tunnel
mode SA.
 A transport mode provides protection primarily for upper-layer protocols, i.e. a
TCP packet or UDP segment or an Internet Control Message Protocol (ICMP)
packet, operating directly above the IP layer.
 A transport mode SA is a security association between two hosts.
 When a host runs AH or ESP over IPv4, the payload is the data that normally
follows the IP header.
 For IPv6, the payload is the data that normally follows both the IP header and
any IPv6 extension headers.
 In the case of AH, AH in transport mode authenticates the IP payload and the
protection is also extended to selected portions of the IP header, selected
portions of IPv6 extension headers and the selected options.
 In the case of ESP, ESP in transport mode primary encrypts and optionally
authenticates the IP payload but not the IP header.
 A transport mode SA provides security services only for higher-layer protocols,
not for the IP header or any extension headers proceeding the ESP header.
Tunnel mode SA
 Tunnel mode provides protection to the entire IP packet.

www.rejinpaul.com
 A tunnel mode SA is essentially an SA applied to an IP tunnel.
 Whenever either end of an SA is a security gateway, the SA must be tunnel
mode, as is an SA between a host and a security gateway.
 Note that a host must support both transport and tunnel modes, but a security
gateway is required to support only tunnel mode.
 If a security gateway supports transport mode, it should be used as an acting
host. But in this case, the security gateway is not as acting a gateway.
 When the entire inner (original) packet travels through a tunnel from one point
of the IP network to another, routers along the path are unable to examine the
inner IP header because the original inner packet is encapsulated.
1.3Hashed Message Authentication Code (HMAC)
 A mechanism that provides a data integrity check based on a secret key is
usually called the Message Authentication Code (MAC).
 An HMAC mechanism can be used with any iterative hash functions in
combination with a secret key.
 MACs are used between two parties (e.g. client and server) that share a secret
key in order to validate information transmitted between them.
 An MAC mechanism based on a cryptographic hash function is called HMAC.
MD5 and SHA-1 are examples of such hash functions. HMAC uses a secret key
for computation and verification of the message authentication values.
 The MAC mechanism should allow for easy replacement of the embedded hash
function in case faster or more secure hash functions are found or required.
HMAC can be proven as secure provided that the underlying hash function has
some reasonable cryptographic strengths.
HMAC Structure
 HMAC is a secret-key authentication algorithm which provides both data
integrity and data origin authentication for packets sent between two parties.
 Its definition requires a cryptographic hash function H and a secret key K. H
denotes a hash function where the message is hashed by iterating a basic
compression function on data blocks.
 Let b denote the block length of 64 bytes or 512 bits for all hash functions such
as MD5 and SHA-1. h denotes the length of hash values, i.e. h = 16 bytes or
128 bits for MD5 and 20 bytes or 160 bits for SHA-1.
 The secret key K can be of any length up to b = 512 bits. To compute HMAC
over the message, the HMAC equation is expressed as follows:

www.rejinpaul.com
where
ipad is inner padding opad is outer padding
The following explains the HMAC equation:
1.Append zeros to the end of K to create a b-byte string (i.e. if K = 160 bits in
length and b = 512 bits, then K will be appended with 352 zero bits or 44 zero
bytes 0x00).
2. XOR (bitwise exclusive-OR) K with ipad to produce the b-bit block computed
in step 1.
3. Append M to the b-byte string resulting from step 2.
4. Apply H to the stream generated in step 3.
5. XOR (bitwise exclusive-OR) K with opad to produce the b-byte string
computed in step 1.
6. Append the hash result H from step 4 to the b-byte string resulting from
step5.
7. Apply H to the stream generated in step 6 and output the result.
2.Explain in detail about the IP Authentication Header.

 The IP AH is used to provide data integrity and authentication for IP packets.
 It also provides protection against replays. The AH provides authentication for
the IP header, as well as for upper-level protocol (TCP, UDP) data.
 But some IP header fields may change in transit and the sender may not be
able to predict the value of these fields when the packet arrives at the receiver.
 The AH can be used in conjunction with ESP or with the use of tunnel mode.
Security services can be provided between a pair of hosts, between a pair of
security gateway or between a security gateway and a host.
 The ESP provides a confidentiality service.

www.rejinpaul.com
2.1 AH Format
The IPsec AH format is shown in Figure 7.4. The following six fields comprise the
AH format:
Next header (8 bits): This field identifies the type of the next payload after the AH.
The value of this field is chosen from the set of IP numbers defined in the Internet
Assigned Number Authority (IANA).
Payload length (8 bits):

www.rejinpaul.com
 This field specifies the length of the AH in 32-bit words, minus 2.
 The default length of the authentication data field is 96 bits, or three 32-bit
words.
 With a three-word fixed header, there are a total of six words in the header,
and the payload length field has a value of 4.
Reserved (16 bits):
 This field is reserved for future use. It must be set to ‘zero’.
SPI (32 bits):
 This field uniquely identifies the SA for this datagram, in combination with the
destination IP address and security protocol (AH).
 The set of SPI values in the range 1–255 is reserved by the IANA for future use.
The SPI value of zero (0) is reserved for local, implementation-specific use.
Sequence number (32 bits):
 This field contains the monotonically increasing counter value which provides
an anti-replay function.
 Even if the sender always transmits this field, the receiver need not act on it,
i.e. processing of the sequence number field is at the discretion of the receiver.
 The sender’s counter and the receiver’s counter are initialized to zero when an
SA is established.
 The first packet sent using a given SA will have a sequence number of 1. The
sender increments the sequence number for this SA and inserts the new value
into the sequence number field.
 If anti-replay is enabled, the sender checks to ensure that the counter has not
cycled before inserting the new value in the sequence number field.
 If the counter has cycled, the sender will set up a new SA and key.
 If the anti-replay is disabled, the sender does not need to monitor or reset the
counter. However, the sender still increments the counter and when it reaches
the maximum value, the counter rolls over to zero.
Authentication data (variable):
 This field is a variable-length field that contains the Integrity Check Value (ICV)
or MAC for this packet. This field must be an integral Multiple of 32-bit words.
It may include explicit padding. This padding is included to Ensure that the
length of AH is an integral multiple of 32 bits (IPv4) or 64 bits (IPv6).
2.2 AH Location
 Either AH or ESP is employed in two ways: transport mode or tunnel mode.

www.rejinpaul.com
 The transport mode is applicable only to host implementations and provides
protection for upper-layer protocols.
 In the transport mode, AH is inserted after the IP header and before an upper
layer protocol (TCP, UDP or ICMP), or before any other IPsec header that may
have already been inserted.
 In the IPv4 context, AH is placed after the original IP header and before the
upper-layer protocol TCP or UDP.
 Authentication covers the entire packet, excluding mutable fields in the IPv4
header that are set to zero for MAC computation.
 The positioning of AH transport mode for an IPv4 packet is illustrated in Figure
7.5(a).
 In the IPv6 context, AH should appear after hop-to-hop, routing and
fragmentation extension headers.
 The destination options extension header(s) could appear either before or after
AH, depending on the semantics desired.
 Authentication again covers the entire packet, excluding mutable fields that are
set to zero for MAC computation.
 The positioning of AH transport mode for an IPv6 packet is illustrated in Figure
7.5(b).
 Tunnel mode AH can be employed in either hosts or security gateways.
3. Explain in detail about the IP ESP.

 The ESP header is designed to provide security services in IPv4 and IPv6.
ESP can be applied alone, in combination with the IP AH or through the use
of tunnel mode.
 The ESP header is inserted after the IP header and before the upper-layer
protocol header (transport mode) or before an encapsulated IP header
(tunnel mode).
 ESP is used to provide confidentiality (encryption), data authentication,
integrity and anti-replay service, and limited traffic flow confidentiality.
Confidentiality could be selected independent of all other services.

www.rejinpaul.com
ESP Packet Format

 Figure 7.6 shows the format of an ESP packet and the fields in the header
format are defined in the following.

www.rejinpaul.com
SPI (32 bits):

 The SPI is an arbitrary 32-bit value that uniquely identifies an SA for
this datagram.
 The set of SPI values in the range 1–255 is reserved by the IANA for
future use.
The SPI field in the ESP packet format is mandatory and always present.
Sequence number (32 bits):
 This field contains a monotonically increasing counter value. This provides
an anti-replay function.
 It is mandatory and is always present even if the receiver does not elect to
enable the anti-replay service for a specific SA.
 If anti-replay is enabled, the transmitted sequence number must not be
allowed to cycle.
 Thus, the sender’s counter and the receiver’s counter must be reset prior to
the transmission of the 232nd packet on an SA.
Payload data (variable):
 This variable-length field contains data described by the next header field.
The field is an integral number of bytes in length. If the algorithm requires
an initialization vector (IV) to encrypt payload, then this data may be carried
explicitly in the payload field.

www.rejinpaul.com
 Any encryption algorithm that requires such IP data must indicate the
length, structure and location of this data by specifying how the algorithm is
used with ESP. For some IP-based modes of operation, the receiver treats
the IP as the start of the ciphertext, feeding it into the algorithm directly.
Padding: This field for encryption requires several factors:
 If an encryption algorithm requires the plaintext to be a multiple number of
bytes, the padding field is used to fill the plaintext to the size required by the
algorithm. The plaintext consists of the payload data, pad length and next
header field, as well as the padding (see Figure 7.6)
 Padding is also required to ensure that the ciphertext terminates on a 32-bit
boundary.
 Specifically, the pad length and next header fields must be right aligned
within a 32-bit word to ensure that the authentication data field is aligned
on a 32-bit boundary.
Pad length: This field indicates the number of pad bytes immediately preceding
it.The range of valid values is 0–255, where a value of 0 indicates that no
padding bytes are present. This field is mandatory.
Next header (8 bits): This field identifies the type of data contained in the
payload data field, i.e. an extension header in IPv6 or an upper-layer protocol
identifier. The value of this field is chosen from the set of IP numbers defined by
the IANA. The next header field is mandatory.
Authentication data (variable):
 This is a variable-length field containing an ICV computed over the ESP
packet minus the authentication data.
 The length of this field is specified by the authentication function selected.
The field is optional and is included only if the authentication service has
been selected for the SA in question.
 The authentication algorithm must specify the length of the ICV and the
comparison rules and processing steps for validation.
3.2 ESP Header Location
 ESP is also employed in the two transport or tunnel modes. The transport
mode is applicable only to host implementations and provides protection for
upper protocols, but not the IP header.

www.rejinpaul.com
 In the transport mode, ESP is inserted after the IP header and before an upper-
layer protocol (TCP, UDP or ICMP), or before any other IPsec headers that have
already been inserted.
 In the IPv4 context, ESP is placed after the IP header, but before the upper-layer
protocol. The ESP trailer encompasses any padding, plus the pad length, and next
header fields.
In the IPv6 context, the ESP appears after hop-by-hop, routing and fragmentation
extension headers. The destination options extension header(s) could appear either
before or after the ESP header depending on the semantics desired. However, since
ESP protects only fields after the ESP header, it is generally desirable to place the

www.rejinpaul.com
destination options header(s) after the ESP header. Figure 7.7(b) illustrates ESP
transport mode positioning for a typical IPv6 packet.
3.3 Encryption and Authentication Algorithms
 ESP is applied to an outbound packet associated with an SA that calls for
ESP processing.
 The encryption algorithm employed is specified by the SA, as is the
authentication algorithm.
3.3.1 Encryption
 ESP is designed for use with symmetric algorithms like a triple DES in CBC
mode. However, a number of other algorithms have been assigned identifiers
in the DOI document.
 These algorithms for encryption are: RC5, IDEA, CAST and Blowfish.
 For encryption to be applied, the sender encapsulates the ESP payload field, adds
any necessary padding, and encrypts the result (i.e. payload data, padding, pad
length and next header).
 The sender encrypts the fields (payload data, padding, pad length and next header)
using the key, encryption algorithm, algorithm mode indicated by the SA and an IV
(cryptographic synchronization data).
 If the algorithm to be encrypted requires an IV, then this data is carried explicitly
in the payload field.
 The payload data field is an integral number of bytes in length. Since ESP provides
padding for the plaintext, encryption algorithms employed by ESP exhibit either
block or stream mode characteristics.
 The encryption is performed before the authentication and does not encompass the
authentication data field.
 The order of this processing facilitates rapid detection and rejection of
replayed or bogus packets by the receiver, prior to decrypting the packet.
Therefore, it will reduce the impact of service attacks.
 At the receiver, parallel processing of packets is possible because decryption
can take place in parallel with authentication.
 For successive blocks, the previous ciphertext block is XORed with the
current plaintext before it is encrypted. Triple DES, known as DES–EDE3,
processes each block three times, each time with a different key.
 Therefore, the triple DES algorithm has 48 rounds. In DES–EDE3-CBC, an
IV is XORed with the first 64-bit plaintext block (P1). Some cipher

www.rejinpaul.com
algorithms allow for a variable-sized key (RC5), while others only allow a
specific key size (DES, IDEA).
3.3.2 Decryption
 The receiver decrypts the ESP payload data, padding, pad length and next
header using the key, encryption algorithm, algorithm mode and IV data.
 If explicit IV data is indicated, it is taken from the payload field and input to
the decryption algorithm.
 If implicit IV data is indicated, a local version of the IV is constructed and
input to the decryption algorithm.
The exact steps for reconstructing the original datagram depend on the mode
(transport or tunnel) and are described in the Security Architecture document. The
receiver processes any padding as given in the encryption algorithm specification.
For transport mode, the receiver reconstructs the original IP datagram from the
original IP header plus the original upper-layer protocol information in the ESP
payload field. For tunnel mode, the receiver reconstructs the tunnel IP header plus
the entire IP datagram in the ESP payload field.
3.3.3 Authentication

www.rejinpaul.com
 The authentication algorithm employed for the ICV computation is specified
by the SA.
 For communication between two points, suitable authentication algorithms
include Keyed Message Authentication Codes (MACs) based on symmetric
encryption algorithms (i.e. DES) or on one-way hash function (i.e. MD5 or
SHA-1).
 For multicast communication, one-way hash algorithms combined with
asymmetric signature algorithms are appropriate.
 If authentication is selected for the SA, the sender computes the ICV over the ESP
packet minus the authentication data.
3.3.4 ICV
 Once the SA selects the authentication algorithm, the sender computes the
ICV over the ESP packet minus the authentication data.
 The ICV is an MAC or a truncated value of a code produced by an MAC
algorithm.
 As with AH, ESP supports the use of an MAC with a default length of 96
bits. The current specification for use of the HMAC computation must
support:
HMAC–MD5–96
HMAC–SHA-1–96
4.Explain in detail about the Key Management Protocol for IPSec.
 The key management mechanism of IPsec involves the determination and
distribution of a secret key. Key establishment is at the heart of data protection
that relies on cryptography.
 A secure key distribution for the Internet is an essential part of packet
protection.
 IKE combines ISAKMP with the Oakley key exchange. We begin our discussion
with an overview of Oakley and then look at ISAKMP.
4.1 OAKLEY Key Determination Protocol
 The Diffie–Hellman key exchange algorithm provides a mechanism that
allows two users to agree on a shared secret key without requiring
encryption.
 This shared key is immediately available for use in encrypting subsequent
data transmission.

www.rejinpaul.com
 Oakley is not only a refinement of the Diffie–Hellman key exchange
algorithm, but a method to establish an authentication key exchange.
 The Oakley protocol is truly used to establish a shared key with an assigned
identifier and associated authenticated identities for the two parties.
 Oakley can be used directly over the IP protocol or over UDP protocol using
a well-known port number assignment available.
4.2 ISAKMP
 ISAKMP defines a framework for SA management and cryptographic key
establishment for the Internet.
 This framework consists of defined exchange, payloads and processing
guidelines that occur within a given DOI.
 ISAKMP defines procedures and packet formats to establish, negotiate,
modify and delete SAs.
 It also defines payloads for exchanging key generation and authentication
data.
 These payload formats provide a consistent framework for transferring key
and authentication data which is independent of the key generation
technique, encryption algorithm and authentication mechanism.
ISAKMP is intended to support the negotiation of SAs for security protocols at all
layers of the network stack. By centralizing the management of the SAs, ISAKMP
reduces the amount of duplicated functionality within each security protocol.
(I) ISAKMP Payloads
ISAKMP payloads provide modular building blocks for constructing ISAKMP
messages.The presence and ordering of payloads in ISAKMP are defined by and
dependent upon the Exchange Type Field located in the ISAKMP Header.
ISAKMP Header
The ISAKMP header fields are fined as shown in Figure 7.9.
Initiator Cookie (64 bits) - This field is the cookie of entity that initiated SA
establishment, SA notification, or SA deletion.
Responder Cookie (64 bits) - This field is the cookie of entity that is corresponded
to an SA establishment request, SA notification, or SA deletion.
Next Payload (8 bits) - This field indicates the type of the first payload in the
message.

www.rejinpaul.com
Major Version (4 bits) - This field indicates the Major version of the ISAKMP
protocol in use. Set the Major version to 1 according to ISAKMP Internet-Draft.
Minor Version (4 bits) -- This field indicates the Minor version of ISAKMP protocol
in use. Set the Minor version to 0 according to implementations based on the
ISAKMP Internet-Draft.
Exchange Type (8 bits) - This field indicates the type of exchange being used. This
dictates the message and payload orderings in the ISAKMP exchanges.
Flags (8 bits) - This field indicates specific options that are set for the ISAKMP
exchange. The Flags are specified in the Flags field beginning with the least
significant bit: the encryption bit is bit 0 of the Flags field, the commit bit is bit 1,
and authentication only bit is bit 2 of the Flags field. The remaining bits of the
Flags field must be set to 0 prior to transmission.
Message ID (32 bits) - Message ID is used to identify protocol state during Phase 2
negotiations. This value is randomly generated by the initiator of the phase 2
negotiation. During Phase 1 negotiation, this value must be set to 0.
Length (32 bits) - Length of total message (header || payload) is 32 bits.
Encryption can expand the size of an ISAKMP message.
Generic Payload Header
 Each ISAKMP payload begins with a generic header which provides a
payload chaining capability and clearly defines the boundaries of a payload.
 The generic payload header fields in 32 bits are defined as follows:

www.rejinpaul.com
Next Payload (8 bits) - This field is identifier for the payload type of the next
payload in the message. If the current payload is the last in the message, then this
field will be 0. This field provides the chaining capability.
Reserved (8 bits) - This field is not used and set to 0.
Payload Length (16 bits) - This field indicates the length in bytes of the current
payload, including the generic payload header.
(II) Payload Types for ISAKMP
ISAKMP defines several types of payloads that are used to transfer information
such as SA data or key exchange data in DOI-defined formats.
Security Association Payload
 The Security Association Payload is used to negotiate security attributes and to
identify the Domain of Interpretation (DOI, 32 bits) under which negotiation is
taking place.
 A DOI value of 0 during a Phase 1 exchange specifies a Generic ISAKMP which can
be used for any protocol during the Phase 2 exchange. A DOI value of 1 is assigned
to the IPsec DOI.
The Security Association Payloads are defined as follows:
 The Next Payload field (8 bits) is the identifier for the payload type of the
next payload in the message. This field has a value of 0 if this is the last
payload in the message.
 The Reserved field (8 bits) is unused, set to 0.
 The Payload Length field (16 bits) indicates the length in octets of the entire
Security Association payload, including the SA payload, all Proposal
payloads, and all Transform payloads associated with the proposed SA
Proposal Payload
The Proposal Payload is used to build ISAKMP message for the
negotiation and establishment of SAs. The Proposal Payload field contains
information used during SA negotiation for securing the communications
channel. The payload type for the Proposal Payload is two(2).
The Proposal Payload fields are defined as follows:
next payload in the message.
 This field must only contain the value 2 or 0. This field will be 2 for
additional Proposal Payloads in the message and 0 when the current
Proposal Payload is the last within the SA proposal.

www.rejinpaul.com
 The Reserved field (8 bits) is set to 0 and is reserved it for the future use.
 The Payload Length field (16 bits) is the length in octets of the entire
Proposal payload, including generic payload header, the Proposal
Payload, and all Transform payloads associated with this proposal.
 The Proposal # field (8 bits) identifies the proposal number for the current
payload.
 The Protocol-id field (8 bits) specifies the protocol identifier for the current
negotiation.
Examples might include IPsec ESP, IPsec AH, OSPF, TLS, etc.
Transform Payload
 The Transform Payload contains information used during Security
Association negotiation.
 The Transform Payload consists of a specific security mechanism to be
used to secure the communications channel.
 The Transform Payload also contains the security association attributes
associated with the specific transform.
 These SA attributes are DOI-specific. The Transform Payload allows the
initiating entity to present several possible supported transforms for that
proposed protocol.
The Transform Payload field s are defined as follows:
next payload in the message.
 This field must only contain the value 3 or 0. This field is 3 when there
are additional Transform payloads in the proposal. This field is 0 when
the current Transform Payload is the last within the proposal.
 The Reserved field (8 bits) is for unused, set to 0.
 The Transform # field (8 bits) identifies the Transform number for the
current payload.
 If there is more than one transform within the Proposal Payload, then
each Transform Payload has a unique Transform number.
 The Transform-id field (8 bits) specifies the Transform identifier for the
protocol within the current proposal.
 The Reserved 2 field (16 bits) is for unused, set to 0.
Key Exchange Payload
The Key Exchange Payload supports a variety of key exchange techniques. Example

www.rejinpaul.com
key exchanges are Oakley, Diffie-Hellman, the enhanced D-H key exchange, and the
RSA-based key exchange used by PGP.
The Key Exchange Payload fields are defined as follows:
 The Next Payload field (8 bits) is the identifier for the payload type of the next
payload in the message. If the current payload is the last in the message, then
this field will be 0.
 The Reserved field (8 bits) is unused for the future use, set to 0.
 The Payload Length field (16 bits) is the length in octets of the current payload,
including the generic payload header.
 The Key Exchange Data field (variable length) is the data required to generate a
session key. The interpretation of this data is specified by the DOI and the
associated Key Exchange algorithm. This field may also contain pre-placed key
indicators.
Identification Payload
The Identification Payload contains DOI-specific data used to exchange identification
information. This information is used for determining the identities of communication
partners and may be used for determining authenticity of information.
The Identification Payload fields are described as follows:
 The Next Payload field (8 bits) is the identifier for the payload type of the Next
Payload in the message. If the current payload is the last in the message, then
 The Reserved field (8 bits) is not used, but set to 0.
 The ID type field (8 bits) specifies the type of identification being used. This field
is DOI-dependent.
 The DOI specific ID Data field (24 bits) contains DOI specific identification data.
If unused, then this field must be set to 0.
Certificate Payload
The Certificate Payload provides a mean to transport certificates via ISAKMP and can
appear in any ISAKMP message. Certificate payloads should be included in an
exchange whenever an appropriate directory service is not available to distribute
certificates. The Certificate payload must be accepted at any point during an
exchange.
The Certificate Payload fields are defined as follows:

www.rejinpaul.com
 The Next Payload field (8 bits) is the identifier for the Payload type of the next
payload in the message. If the current payload is the last in the message, then
 The Reserved field (8 bits) is unused, set to 0.
 The Certificate Encoding field (8 bits) indicates the type of certificate or
certificate-related information contained in the Certificate Data field.
Certificate Type Value
NONE 0
PKCS #7 wrapped X.509 certificate 1
PGP Certificate 2
DNS Signed Key 3
X.509 Certificate-Signature 4
X.509 Certificate-Key Exchange 5
Kerberos Tokens 6
Certificate Revocation List (CRL) 7
Authority Revocation List (ARL) 8
SPKI Certificate 9
X.509 Certificate-Attribute 10
Reserved 11–255
Certificate Request Payload
 The Certificate Request Payload provides a mean to request certificate via
ISAKMP and can appear in any message. Certificate Request Payloads should
be included in an exchange whenever an appropriate directory service is not
available to distribute certificates.
 The Certificate Request Payload must be accepted at any point during the
exchange.
 The responder to the Certificate Request payload must send its certificate, if
certificates are based on the values contained in the payload. If multiple
certificates are required, then multiple Certificate Request Payloads should be
transmitted.
Hash Payload
 The Hash Payload contains data generated by the hash function over some part
of the message and/or ISAKMP state. This payload possibly be used to verify

www.rejinpaul.com
the integrity of the data in an ISAKMP message or for authentication of the
negotiating entities.
Signature Payload
 The Signature Payload contains data generated by the digital signature
function, over some part of the message and/or ISAKMP state. This payload is
used to verify the integrity of the data in the ISAKMP message, and may be of
use for non-repudiation services.
Nonce Payload
 The Nonce Payload contains random data used to guarantee liveness during an
exchange and protect against replay attacks. If nonce are used by a particular
key exchange, the use of the Nonce Payload wil be dictated by the key
exchange. The nonces may be transmitted as part of the key exchange data, or
as a separate payload. However, this is defined by the key exchange, not by
ISAKMP.
Notification Payload
 The Notification Payload can contain both ISAKMP and DOI-specific data and is
used to transmit information data, such as error conditions to an ISAKMP peer.
It is possible to send multiple Notification Payloads in a single ISAKMP
message. Notification which occurs during a Phase 1 negotiation is identified by
the Initiator and Responder cookie pair in the ISAKMP Header.
 Notification which occurs during a Phase 2 negotiation is identified by the
Initiator and Responder cookie pair in the ISAKMP header and the Message ID
and SPI associated with the current negotiation.
Delete Payload
 The Delete Payload contains a protocol-specific security association identifier
that the sender has removed from its SA database. Therefore, the sender is no
longer valid. It is possible to send multiple SPIs in a Delete Payload. But each
SPI must be for the same protocol.
Vendor ID Payload
 The Vendor ID Payload contains a vendor defined constant. The constant is
used by vendors to identify and recognize remote instances of their
implementations. This mechanism allows a vendor to experiment with new
features while maintaining backwards compatibility.
(III) ISAKMP Exchanges

www.rejinpaul.com
 ISAKMP supplies the basic syntax of a message exchange. ISAKMP allows the
creation of exchanges for SA establishment and key exchange. There are
currently five default Exchange Types defined for ISAKMP. Exchanges define the
content and ordering of ISAKMP messages during communications between
peers. Most exchanges includes all the basic payload types: SA (Security
Association Payload), KE (Key Exchange Payload), ID (Identity Payload), SIG
(Signature Payload), etc. The primary difference between exchange types is the
ordering of messages and the payload ordering within each message.
Base Exchange
 The Base Exchange is designed to allow the Key Exchange and Authentication-
related information to be transmitted together. Combining the Key Exchange
and Authentication related information into one message reduces the number
of round-trips at the expense of not providing identity protection.
Identity Protection Exchange
 The Identity Protection Exchange is designed to separate the Key Exchange
information from the Identity and Authentication-related information.
Authentication Only Exchange
 The Authentication Only Exchange is designed to allow only Authentication-
related information to be transmitted.
 The benefit of this exchange is the ability to perform only authentication
without the computational expense of computing keys.
 Using this exchange during negotiation, none of the transmitted information
will be encrypted. But the authentication only exchange will be encrypted by
the ISAKMP SA, negotiated in the first phase.
Aggressive Exchange
 The Aggressive Exchange is designed to allow the Security Association, Key
Exchange and Authentication-related payloads to be transmitted together.
Combining these SA, KE, and Auth information into one message reduces the
number of round-trips at the expense of not providing identity protection.
Identity protection is not provided because identities are exchanged before a
common shared secret has been established.
Informational Exchange
 The Information Exchange is designed as a one-way transmittal of information
that can be used for security association management.

www.rejinpaul.com
 If the Informational Exchange occurs prior to the exchange of keying material
during an ISAKMP Phase 1 negotiation, there will be no protection provided for
the Information Exchange.
(IV) ISAKMP Payload Processing
 The ISAKMP payloads are used in the exchanges described in Part III above and
can be used in exchanges defined for a specific DOI.
General Message Processing
 Every ISAKMP message has basic processing applied to insure protocol
reliability and to minimize threats such as denial of services and replay attacks.
All processing should include packet length checks to insure the packet
received is at least as long as the length given in the ISAKMP Header.
ISAKMP Header Processing
 When an ISAKMP message is created at the transmitting entity, the initiator
(transmitter) must create the respective cookie, determine the relevant security
characteristics of the session, construct an ISAKMP Header with fields, and
transmit the message to the destination host (responder).
 When an ISAKMP is received at the receiving entity, the responder (receiver)
must verify the Initiator and Responder cookies, check the Next Payload field to
confirm it is valid, check the Major and Minor Version fields to confirm they are
correct, check the Exchange Type field to confirm it is valid, check the Flags
field to ensure it contains correct values, and check the Message ID field to
ensure it contains correct values.
Generic Payload Header Processing
 When any of the ISAKMP Payloads are created, a Generic Payload Header is
placed at the beginning of these payloads.
 When creating the Generic Payload Header, the transmitting entity (initiator)
must place the value of the Next Payload in the Next Payload field, place the
value zero(0) in the Reserved field, place the length (in octets) of the payload in
the Payload Length field, and construct the payloads.
Security Association Payload Processing
 When a Security Association Payload is created, the transmitting entity
(initiator) must determine the Domain of Interpretation (DOI) for which this
negotiation is being preformed, determine the situation within the determined
DOI for which this negotiation is being formed, determine the proposal(s) and

www.rejinpaul.com
transform(s) within the situation, construct a Security Association payload, and
transmit the message to the receiving entity (responder).
Proposal Paylaod Processing
 When a Proposal Payload is created, the transmitting entity (initiator) must
determine the Protocol for this proposal, determine the number of proposals to
be offered for this proposal and the number of transform for each proposal,
generate a unique pseudo-random SPI, and construct a Proposal payload.
Transform Payload Processing
 When a Transform payload is received, the receiving entity (responder) must do
as follows: Determine if the Transform is supported. If the Transform-ID field
contains an unknown or unsupported value, then that Transform payload must
be ignored. Ensure Transforms are presented according to the details given in
the Transform Payload and Security Association Establishment. Finally, process
the subsequent Transform and Proposal payloads as defined by the Next
Payload field.
Key Exchange Payload Processing
 When creating a Key Exchange payload, the transmitting entity (initiator) must
determine the Key Exchange to be used as defined by the DOI, determine the
usage of Key Exchange Data field as defined by the DOI, and construct a Key
Exchange payload. Finally, transmit the message to the receiving entity
(responder).
Identification Payload Processing
 When an Identification Payload is created, the transmitting entity (initiator)
must determine the Identification information to be used as defined by the DOI,
determine the usage of the Identification Data field as defined by the DOI,
construct an Identification payload, and finally transmit the message to the
receiving entity.
Certificate Payload Processing
 When a Certificate Payload is created, the transmitting entity (initiator) must
determine the Certificate Encoding which is specified by the DOI, ensure the
existence of a certificate formatted as defined by the Certificate Encoding,
construct a Certificate payload, and then transmit the message to the receiving
entity (responder).

www.rejinpaul.com
 When a Certificate payload is received, the receiving entity (responder) must
determine if the Certificate Encoding is supported. If the Certificate Encoding is
not supported, the payload is discarded.
Certificate Request Payload Processing
 When creating a Certificate Request Payload, the transmitting entity (initiator)
must determine the type of Certificate Encoding to be requested, determine the
name of an acceptable Certificate Authority, construct a Certificate Request
payload, and then transmit the message to the receiving entity (responder).
 When a Certificate Request payload is received, the receiving entity (responder)
must determine if the Certificate Encoding is supported. If the Certificate
Encoding is invalid, the payload is discarded.
Hash Payload Processing
 When creating a Hash Payload, the transmitting entity (initiator) must
determine the Hash function to be used as defined by the SA negotiation,
determine the usage of the Hash Data field as defined by the DOI, construct a
Hash payload, and then transmit the message to the receiving entity
(responder).
 When a Hash Payload is received, the receiving entity (responder) must
determine if the Hash is supported. If the Hash determination fails, the message
is discarded.
Signature Payload Processing
 When a Signature Payload is created, the transmitting entity(initiator) must
determine the Signature function to be used as defined by the SA negotiation,
determine the usage of the Signature Data filed as defined by the DOI,
construct a Signature payload, and finally transmit the message to the receiving
entity (responder).
 When a Signature payload is received, the receiving entity must determine if the
Signature is supported. If the Signature determination fails, the message is discarded.
Nonce Payload Processing
 When creating a Nonce Payload, the transmitting entity (initiator) must create
unique random values to be used as a nonce, construct a Nonce payload, and
transmit the message to the receiving entity.
 When a Nonce Payload is received, the receiving entity (responder) must do as
follows:

www.rejinpaul.com
 There are no specific procedures for handling Nonce payloads. The
procedures are defined by the exchange types and possibly the DOI and Key
Exchange descriptions.
Notification Payload Processing
 When a Notification Payload is created, the transmitting entity (initiator)
must determine the DOI for this Notification, determine the Protocol-ID for
this Notification, determine the SPI size based on the Protocol-ID field,
determine the Notify Message Type based on the error or status message
desired, determine the SPI which is associated with this notification,
determine if additional Notification Data is to be included, construct a
Notification Payload, and finally transmit the messages to the receiving
entity.
Delete Payload Processing
 When a Delete Payload is created, the transmitting entity (initiator) must
determine the DOI for this Deletion, determine the Protocol-ID for this
Deletion, determine the SPI size based on the Protocol-id field, determine the
# of SPIs to be deleted for this protocol, determine the SPI(s) which is (are)
associated with this deletion, construct a Delete payload, and then transmit
the message to the receiving entity.
5. Explain in detail about the SSL protocol.

 SSL is a layered protocol. It is not a single protocol but rather two layers of
protocols. At the lower level, the SSL Record Protocol is layered on top of
some reliable transport protocol such as TCP.
 The SSL Record Protocol is also used to encapsulate various higher level
protocols. A higher-level protocol can layer on top of the SSL protocol
transparently.Figure 8.1 illustrates the overview of the SSL protocol stack.

www.rejinpaul.com
Session and Connection States

There are two defined specifications: SSL session and SSL connection.
SSL session
 An SSL session is an association between a client and a server. Sessions are
created by the Handshake Protocol.
 They define a set of cryptographic security parameters, which can be shared
among multiple connections. Sessions are used to avoid the expensive
negotiation of new security parameters for each connection.
 An SSL session coordinates the states of the client and server.
The session state is defined by the following elements:
Session identifier: This is a value generated by a server that identifies an active or
reusable session state.
Peer certificate: This is an X.509 v3 certificate of the peer. This element of the state
may be null.
Compression method: This is the algorithm used to compress data prior to
encryption.
Cipher spec: This specifies the bulk data encryption algorithm (such as null, DES,
etc.) and a hash algorithm (such as MD5 or SHA-1) used for MAC computation. It
also defines cryptographic attributes such as the hash size.
Master secret : This is a 48-byte secret shared between the client and server. It
represents secure secret data used for generating encryption keys, MAC secrets and
IVs.
Is resumable: This designates a flag indicating whether the session can be used to
initiate new connections.
SSL connection

www.rejinpaul.com
 A connection is a transport (in the OSI layering model definition) that provides a
suitable type of service. For SSL, such connections are peer-to-peer
relationships. The connections are transient. Every connection is associated
with one session.
The connection state is defined by the following elements:
Server and client random: These are byte sequences that are chosen by the server
and client for each connection.
Server write MAC secret : This indicates the secret key used in MAC operations on
data sent by the server.
Client write MAC secret : This represents the secret key used in MAC operations on
data sent by the client.
Server write key: This is the conventional cipher key for data encrypted by the server
and decrypted by the client.
Client write key:
This is the conventional cipher key for data encrypted by the client and decrypted by
the server.
Initialisation vectors: When a block cipher in CBC mode is used, an IV is
maintained for each key. This field is first initialised by the SSL Handshake Protocol.
Sequence numbers: Each party maintains separate sequence numbers for
transmitted and received messages for each connection. When a party sends or
receives a change cipher spec message, the appropriate sequence number is set to
zero. Sequence numbers may not exceed 264 − 1.
SSL Record Protocol
 The SSL Record Protocol provides basic security services to various higher-layer
protocols.
 Three upper-layer protocols are defined as part of SSL: the Handshake Protocol,
the Change Cipher Spec Protocol and the Alert Protocol.
 Two layers of SSL protocols are shown in Figure 8.1. The SSL Record Layer
receives data from higher layers in blocks of arbitrary size.
 The SSL Record Protocol takes an application message to be transmitted,
fragments the data into manageable blocks, optionally compresses the data,
applies an MAC, encrypts, adds a header, and transmits the result in a TCP
segment.
Fragmentation: A higher-layer message is fragmented into blocks (SSLPlaintext
records) of 214 bytes or less.

www.rejinpaul.com
Compression and decompression:

 All records are compressed using the compression algorithm defined in the
current session state. The compression algorithm translates an SSL Plaintext
structure into an SSL Compressed structure.
 Compression must be lossless and may not increase the current length by
more than 1024 bytes.
 If the decompression function encounters an SSL Compressed. fragment that
would decompress to a length in excess of 214 = 16 348 bytes, it should issue
a fatal decompression failure alert.
MAC: The MAC is computed before encryption. The computation of an MAC over the
compressed data is illustrated in Figure 8.3. Using a shared secret key, the calculation

www.rejinpaul.com
is defined as follows:
H1 = hash(MAC-write-secret || pad-1 || seq-num || SSLCompressed.type ||
SSLCompressed.length || SSLCompressed.fragment)
H = hash(MAC-write-secret || pad-2 ||H1)

www.rejinpaul.com
The compressed message plus the MAC are encrypted using symmetric encryption.
The block ciphers being used as encryption algorithms are:
DES(56), Triple DES(168), IDEA(128),
RC5(variable) and Fortezza(80)
where the number inside the brackets indicates the key size. Fortezza is a PCMCIA
card that provides both encryption and digital signing.
Append SSL record header: The final processing of the SSL Record Protocol is to
append an SSL record header. The composed fields consist of:
Content type (8 bits): This field is the higher-layer protocol used to process the
enclosed fragment.
Major version (8 bits): This field indicates the major version of SSL in use. For
SSLv3, the value is 3.
Minor version (8 bits): This field indicates the minor version of SSL in use. For
SSLv3, the value is 0.
Compressed length (16 bits): This field indicates the length in bytes of the plaintext
fragment or compressed fragment if compression is required. The maximum
value is 214 + 2048.
SSL Change Cipher Spec Protocol
 The Change Cipher Spec Protocol is the simplest of the three SSL-specific
protocols.
 This protocol consists of a single message, which is compressed and encrypted
under the current CipherSpec. The message consists of a single byte of value 1.

www.rejinpaul.com
SSL Alert Protocol
 One of the content types supported by the SSL Record Layer is the alert type.
Alert messages convey the severity of the message and a description of the alert.
Alert messages consist of 2 bytes.
 The first byte takes the value warning or fatal to convey the seriousness of the
message. If the level is fatal, SSL immediately terminates the connection. In this
case, other connections on the same session may continue, but the session
identifiers must be invalidated, preventing the failed session from being used to
establish new connections.
The second byte contains a code that indicates the specific alert. As with other
applications that use SSL, alert messages are compressed and encrypted, as specified
by the current connection state.
A specification of SSL-related alerts that are always fatal is listed in the
following:
Unexpected-message: An inappropriate message was received. This alert is always
fatal.
Bad-record-mac: This alert is returned if a record is received with an incorrect MAC.
This message is always fatal.
Decompression-failure: The decompression function received improper input (i.e.
data that would expand to a length that is greater than the maximum allowable
length). This message is always fatal.
No-certificate: This alert message may be sent in response to a certificate request if
no appropriate certificate is available.
Bad-certificate: A received certificate was corrupt, i.e. contained a signature that did
not verify correctly.
Unsupported certificate: The type of the received certificate is not supported.
Certificate-revoked: A certificate has been revoked by its signer.
Certificate-expired: A certificate has expired or is not currently valid.
Certificate-unknown: This means some other unspecified issue arose in processing
the certificate, rendering it unacceptable.
Illegal-parameter: A field in the handshake was out of range or inconsistent with
other fields. This is always fatal.
close-notify: This message notifies the recipient that the sender will not send any
more messages on this connection. The session becomes unreasonable if any
connection is terminated without proper close-notify messages with level equal to

www.rejinpaul.com
warning. Each party is required to send a close-notify alert before closing the write
side of the connection. Either party may initiate a close-notify alert. Any data received
after a closure alert is ignored.
SSL Handshake Protocol
 The SSL Handshake Protocol being operated on top of the SSL Record Layer is
the most important part of SSL. This protocol provides three services for SSL
connections between the server and client.
 The Handshake Protocol allows the client/server to agree on a protocol version,
to authenticate each other by forming an MAC, and to negotiate an encryption
algorithm and cryptographic keys for protecting data sent in an SSL record
before the application protocol transmits or receives its first byte of data.
The Handshake Protocol consists of a series of messages exchanged by the client
and server. Figure 8.5 shows the exchange of handshake messages needed to
establish a logical connection between client and server. The contents and significance
of each message are presented in detail in the following sections.
Phase 1: Hello Messages for Logical Connection
 The client sends a client hello message to which the server must respond with a
server hello message, or else a fatal error will occur and the connection will fail.
The client hello and server hello are used to establish security enhancement
capabilities between client and server. The client hello and server hello establish
the following attributes: protocol version, random values (ClientHello.random
and ServerHello.random), session ID, cipher suite and compression method.
Hello messages
 The hello phase messages are used to exchange security enhancement
capabilities between client and server.
Hello request:
 This message is sent by the server at any time, but may be ignored by the client
if the Handshake Protocol is already underway. A client who receives a hello
request while in a handshake negotiation state should simply ignore the
message.

www.rejinpaul.com
Client hello: The exchange is initiated by the client. A client sends a client hello
message using the session ID of the session to be resumed. The server then checks its
session cache for a match. If a match is found, the server will send a server hello
message with the same session ID value. The client sends a client hello message with
the following parameters:
Client version: This is the version of the SSL protocol in which the client
wishes to communicate during this session. This should be the most recent
(highest-valued) version supported by the client. The value of this version will
be 3.0.

www.rejinpaul.com
Random: This is a client-generated random structure with 28 bytes generated
by a secure random number generator.
Session ID: This is the identity of a session when the client wishes to use this
connection. A nonzero value indicates that the client wishes to update the
parameters of an existing connection or create a new connection in this session.
Cipher suites: This is a list of the cryptographic options supported by the
client, with the client’s first preference first. The single cipher suite is an
element of a list selected by the server from the list in ClientHello.cipher suites.
Compression method: This is a list of the compression methods supported by
the client, sorted by client preference. If the session ID field is not empty, it
must include the compression method from that session.
Server hello: The server will send the server hello message in response to a client
hello message when it has found an acceptable set of algorithms. If it is unable to find
such a match, it will respond with a handshake failure alert.
The structure of this message consists of: server version, random, session ID,
cipher suite and compression method.
Server version: This field will contain the lower-valued version suggested by
the client in the client hello and the highest-valued version supported by the
server. The value of this version is 3.0.
Random: This structure is generated by the server and must be different from
ClientHello.random.
Session ID: This field represents the identity of the session corresponding to
this connection. If the ClientHello. session id is non-empty, the server will look
in its session cache for a match
Cipher suite: This is the single cipher suite selected by the server from the list
in ClientHello.cipher suites. For a resumed session, this field is the value from
the state of the session being resumed.
Compression method: This is the single compression algorithm selected by the
server from the list in ClientHello.compression methods. For a resumed
sessions, this field is the value from the resumed session state.
Phase 2: Server Authentication and Key Exchange
The server is authenticated, it may request a certificate from the client, if that is
appropriate to the cipher suite selected. Then the server will send the server hello done
message, indicating that the hello message phase of the handshake is complete. The

www.rejinpaul.com
server will then wait for a client response. If the server has sent a certificate request
message, the client must send the certificate message.
Server certificate:
 If the server is to be authenticated, it must send a certificate immediately
following the server hello message.
 The certificate type must be appropriate for the selected cipher suite’s key
exchange algorithm, and is generally an X.509 v3 certificate.
 It must contain a key which matches the key exchange method. The signing
algorithm for the certificate must be the same as the algorithm for the
certificate key.
Server key exchange message: The server key exchange message is sent by the
server only when it is required. This message is not used if the server certificate
contains Diffie–Hellman parameters, or RSA key exchange is to be used for a
signatureonly RSA.
– params: the server’s key exchange parameters.
– signed-params: for non-anonymous key exchange, a hash of the
corresponding params value, with the signature appropriate to that hash
applied.
As usual, a signature is created by taking the hash of the message and encrypting it
with the sender’s public key. Hence, the hash is defined as:
md5-hash : MD5(ClientHello.random||ServerHello.random||serverParams)
sha-hash : SHA(ClientHello.random||ServerHello.random||serverParams)
enum {anonymous, rsa, dsa} SignatureAlgorithm;
For a DSS signature, the hash is performed using the SHA-1 algorithm. In the case
of an RSA signature, both an MD5 and an SHA-1 hash are calculated, and the
concatenation of the two hashes is encrypted with the server’s public key.
Certificate request message: A non-anonymous server can optionally request a
certificate from the client, if appropriate for the selected cipher suite. This message
includes two parameters, certificate type and certificate authorities. Its structure is as
follows:
enum{
rsa_sign(1), des_sign(2), rsa_fixed_dh(3),
dss_fixed_dh(4),
rsa_ephemeral_dh(5), dss_ephemeral_dh(6),
fortezza_dms(20), (255)

www.rejinpaul.com
} ClientCertificateType;
opaque DistinguishedName<1..216-1>;
struct {
ClientCertificateType certificate_types<1..28-1>;
DistinguishedName certificate_authorities<3..216-1>
} CertificateRequest;
certificate types: This field is a list of the types of certificates requested, sorted
in order of the server’s preference.
certificate authorities: This is a list of the distinguished names of acceptable
certificate authorities. These distinguished names may specify a desired distinguished
name for a root CA or for a subordinate CA; thus, this message can be used to
describe both known roots and a desired authorization space.
Phase 3: Client Authentication and Key Exchange
Client certificate message: This is the first message the client can send after
receiving a server hello done message. This message is sent only when the server
requests a certificate. If no suitable certificate is available, the client should send a
certificate message containing no certificates.
Client key exchange message: This message is always sent by the client. It will
immediately follow the client certificate message, if it is sent. Otherwise it will be the
first message sent by the client after it receives the server hello done message.
Certificate verify message: This message is used to provide explicit verification of a
client certificate. The message is only sent following any client certificate that has
signing capability (i.e. all certificates except those containing fixed Diffie–Hellman
parameters).
Phase 4: End of Secure Connection
Change cipher spec messages: The client sends a change cipher spec message and
copies the pending CipherSpec in the current CipherSpec.
This message is immediately sent after the certificate verify message that is used to
provide explicit verification of a client certificate.
It is essential that a change cipher spec message is received between the other
handshake messages and the finished message. It is a fatal error if a change cipher
spec message is not preceded by a finished message at the appropriate point in the
handshake.

www.rejinpaul.com
Finished message: This is always sent immediately after a change cipher spec
message to verify that the key exchange and authentication processes were successful.
The content of the finished message is the concatenation of two hash values:
MD5(master_secret||pad2||MD5(handshake_messages||Sender||
master_secret||pad1))
SHA(master_secret||pad2||SHA(handshake_messages||Sender||
master_secret||pad1))
where ‘Sender’ is a code that identifies that the sender is the client and ‘handshake
messages’ is code that identifies the data from all handshake messages up to
but not including this message.
6. Explain in detail about the Cryptographic Computations

The key exchange, authentication, encryption and MAC algorithms are determined by
the cipher suite selected by the server and revealed in the server hello message. The
compression algorithm is negotiated in the hello messages, and the random values are
exchanged in the hello messages.
Computing the Master Secret
 For all key exchange methods, the same algorithm is used to convert the
premaster secret into the master secret.
 In order to create the master secret, a premaster secret is first exchanged
between two parties and then the master secret is calculated from it.
 The master secret is always exactly 48 bytes (384 bits) shared between the
client and server. But the length of the premaster secret is not fixed and will
vary depending on the key exchange method.
There are two ways for the exchange of the premaster secret:
RSA: When RSA is used for server authentication and key exchange, a 48-byte
premaster secret is generated by the client, encrypted with the server’s public key and
sent to the server. The server decrypts the ciphertext (of the premaster secret) using its
private key to recover the premaseter secret. Both parties then convert the premaster
secret into the master secret as specified below.
Diffie–Hellman: A conventional Diffie–Hellman computation is performed. Both
client and server generate a Diffie-Hellman common key. This negotiated key is used
as the premaster secret and is converted into the master secret, as specified below.
The client and server then compute the master secret as follows:

www.rejinpaul.com
master_secret = MD5(pre_master_secret||SHA(‘A’||
MD5(pre_master_secret||SHA(‘BB’||
MD5(pre_master_secret||SHA(‘CCC’||
ServerHello.random))
Converting the Master Secret into Cryptographic Parameters

www.rejinpaul.com
CipherSpec specifies the bulk data encryption algorithm and a hash algorithm used
for MAC computation, and defines cryptographic attributes such as the hash size.
To generate the key material, the following is computed:
key_block = MD5(master_secret||SHA(‘A’||master_secret||
ServerHello.random||ClientHello.random))||
MD5(master_secret||SHA(‘BB’||master_secret||
ServerHello.random||ClientHello.random))||
MD5(master_secret||SHA(‘CCC’||master_secret||
ServerHello.random||ClientHello.random))||. . .

www.rejinpaul.com
7. Explain in detail about the TLS Protocol.
TLS Protocol
 The TLSv1 protocol itself is based on the SSLv3 protocol specification as
published by Netscape. Many of the algorithm-dependent data structures and
rules are very close so that the differences between TLSv1 and SSLv3 are not
dramatic. The current work on TLS is aimed at producing an initial version as
an Internet standard. It is recommended that readers examine the comparative
studies between the TLSv1 of RFC 2246 and SSLv3 of Netscape. In this section,
we will not repeat every detailed step of identical protocol contents, but only
highlight the differences.
HMAC Algorithm
 A Keyed-hashing Message Authentication Code (HMAC) is a secure digest of
some data protected by a secret. Forging the HMAC is infeasible without
knowledge of the MAC secret. HMAC can be used with a variety of different
hash algorithms, namely MD5 and SHA-1, denoting these as HMAC
MD5(secret, data) and HMAC SHA-1(secret, data).
There are two differences between the SSLv3 and TLSMAC schemes. TLS makes use
of the HMAC algorithm defined in RFC 2104. HMAC was fully discussed in Chapters 4
and 7 and defined as:
where
H = one-way hash function for TLS (either MD5 or SHA-1)
M = message input to HMAC
K = padded secret key equal to the block length of the hash code
(512 bits for MD5 and SHA-1)
The following explains the HMAC equation:
1. Append zeros to the end of K to create a b-byte string (i.e. if K = 160 bits in length
and b = 512 bits, then K will be appended with 352 zero bits or 44 zero bytes 0x00).
2. XOR (bitwise exclusive-OR) K with ipad to produce the b-bit block computed in
step 1.
3. Append M to the b-byte string resulting from step 2.
4. Apply H to the stream generated in step 3.
5. XOR (bitwise exclusive-OR) K with opad to produce the b-byte string computed in

www.rejinpaul.com
step 1.
6. Append the hash result H from step 4 to the b-byte string resulting from step 5.
7. Apply H to the stream generated in step 6 and output the result.
1. Append zeros to K to create a b-bit string K, where b = 512 bits.

2. XOR K (padding with zero) with ipad to produce the b-bit block.

www.rejinpaul.com
3. Apply the compression function f(IV, K_⊕ ipad) to produce (IV)i = 128 bits.
4. Compute the hash code h with (IV)i and Mi .
5. Raise the hash value computed from step 4 to a b-bit string.
6. XOR K _ (padded with zeros) with opad to produce the b-bit block.
7. Apply the compression function f(IV, K _⊕ opad) to produce (IV)o = 128 bits.
8. Compute the HMAC with (IV)o and the raised hash value resulting from step 5.
Pseudo-random Function
 TLS utilizes a pseudo-random function (PRF) to expand secrets into blocks of
data for the purposes of key generation or validation. The PRF takes relatively
small values such as a secret, a seed and an identifying label as input and
generates an output of arbitrary longer blocks of data.
P_hash(secret, seed) = HMAC_hash (secret, A(1)||seed) ||
HMAC_hash (secret, A(2)||seed) ||
HMAC_hash (secret, A(3)||seed) ||. . .
where A() is defined as:
A(0) = seed
A(i) = HMAC hash(secret, A(i-1)) and || indicates concatenation.

www.rejinpaul.com
Thus, if the original secret is an odd number of bytes long, the last bytes of S1 will be
the same as the first byte of S2:
L S = length in bytes of secret
L S1 = L S2 = ceil(L S/2)
The PRF is then defined as the result of mixing the two pseudo-random streams by
XORing them together. The PRF is defined as:
PRF(secret, label, seed) = P MD5(S1, label||seed) ⊕ P SHA − 1(S2, label||seed)
The label is an ASCII string. Figure 8.11 illustrates the PRF generation scheme to
expand secrets into blocks of data.
Example 8.3 Refer to Figure 8.11. Suppose the following parameters are given:
seed = 0x 80 af 12 5c 7e 36 f3 21
label = rocky mountains = 0x 72 6f 63 6b 79 20 6d 6f 75 6e 74 61 69 6e 73
secret = 0x 35 79 af 12 c4
Then
label||seed = 0x 72 6f 63 6b 79 20 6d 6f 75 6e 74 61 69 6e 73 80 af 12 5c 7e 36 f3 21
= A(0)
S1 = 0x 35 79 af for P MD5, S2 = 0x af 12 c4 for P SHA − 1
Data expansion by P MD5:
A(1) = HMAC MD5(S1, A(0))
= d0 de 36 53 79 78 04 a0 21 b8 6f f8 29 60 d5 f7

www.rejinpaul.com
HMAC MD5(S1, A(1)||A(0))
= 32 fd b3 70 eb 36 11 70 a4 3b 50 a9 fb ea 2a ec
A(2) = HMAC MD5(S1, A(1))
= 8c ce 5b 50 02 af 75 91 e7 20 cd 86 d9 3e 67 9d
HMAC MD5(S1, A(2)||A(0))
= 1f a8 4c af 5d e1 20 01 ea b0 38 6a a5 76 f9 8e
A(3) = HMAC MD5(S1, A(2))
= 45 48 5d 00 4e 64 07 45 eb 2c 18 60 7c e6 fa 1f
HMAC MD5(S1, A(3)|| A(0))
= f0 23 29 d9 5e 89 4b 70 cc 45 f8 aa 1f 58 8e 55
A(4) = HMAC MD5(S1, A(3))
= 87 39 c6 d3 7a b f8 e3 29 79 3a ae 63 24 6a ff
HMAC MD5(S1, A(4)|| A(0))
= 2e 0c 27 26 d0 b4 78 85 09 a2 69 1c 1b 1b d7 8d
A(5) = HMAC MD5(S1, A(4))
= 3a 2c aa d8 b3 ec 2e 5d 40 1c 39 bd 3e 48 1a d9
HMAC MD5(S1, A(5)|| A(0))
= 92 f2 63 5d 88 3a dd bf 8d ec e1 cf 0c 5c 8f 4c
where S1 = 0x 35 79 af = first half of the secret, and
A(0) = label||seed
Thus, P MD5 equals:
32 fd b3 70 eb 36 11 70 a4 3b 50 a9 fb ea 2a ec
1f a8 4c af 5d e1 20 01 ea b0 38 6a a5 76 f9 8e
f0 23 29 d9 5e 89 4b 70 cc 45 f8 aa 1f 58 8e 55
2e 0c 27 26 d0 b4 78 85 09 a2 69 1c 1b 1b d7 8d
92 f2 63 5d 88 3a dd bf 8d ec e1 cf 0c 5c 8f 4c (80 bytes)
Data expansion by P SHA-1 :
A(1) = HMAC SHA1(S2, A(0))
= aa ea 46 1b a6 ad 43 34 51 f8 c6 ef 70 dd f4 60 ca b9 40 2f
HMAC SHA1(S2, A(1)|| A(0))
= d0 8a d5 07 e0 b8 30 78 70 d9 c8 bb dd ba f5 a3 d0 77 49 e8
A(2) = HMAC SHA1(S2, A(1))
= 33 fd 23 41 01 ce 06 f8 c0 2b b3 e6 54 21 1c f4 6c 88 ab da
HMAC SHA1(S2, A(2)|| A(0))
= 64 b5 cc 3f 79 31 5b 5d e6 e4 4f eb 98 a8 bf 3f 97 13 38 e1

www.rejinpaul.com
A(3) = HMAC SHA1(S2, A(2))
= 86 1f a3 a5 37 58 41 71 f1 9f a5 f3 48 2e 5d 84 7c a8 b6 52
HMAC SHA1(S2, A(3)|| A(0))
= 03 26 11 02 ce 69 74 4a 21 f4 76 55 13 af 77 80 2d fb 2f 36
A(4) = HMAC SHA1(S2, A(3))
= 9c 4d 01 3a 8c 48 54 42 68 07 4d f1 f0 a9 78 c3 6f ab d8 b4
HMAC SHA1(S2, A(4)|| A(0))
= 48 56 04 b5 b4 5f 9b d8 c7 2f 28 f6 9e 1d 8a c4 72 9a b9 32
where S2 = 0x af 12 c4 = second half of the secret, and
A(0) = label||seed
Thus, P SHA1 equals:
d0 8a d5 07 e0 b8 30 78 70 d9 c8 bb dd ba f5 a3
d0 77 49 e8 64 b5 cc 3f 79 31 5b 5d e6 e4 4f eb
98 a8 bf 3f 97 13 38 e1 03 26 11 02 ce 69 74 4a
21 f4 76 55 13 af 77 80 2d fb 2f 36 48 56 04 b5
b4 5f 9b d8 c7 2f 28 f6 9e 1d 8a c4 72 9a b9 32 (80 bytes)
Finally, P MD5 ⊕ P SHA − 1 equals:
e2 77 66 77 0b 8e 21 08 d4 e2 98 12 26 50 df 4f
cf df 05 47 39 54 ec 3e 93 81 63 37 43 92 b6 65
68 8b 96 e6 c9 9a 73 91 cf 63 e9 a8 d1 31 fa 1f
0f f8 51 73 c3 1b 0f 05 24 59 46 2a 53 4d d3 38
26 ad f8 85 4f 15 f5 49 13 f1 6b 0b 7e c6 36 7e (80 bytes)
Error Alerts
 The Alert Protocol is classified into the closure alert and the error alert. One of
the content types supported by the TLS Record Layer is the alert type. Alert
messages convey the severity of the message and a description of the alert. Alert
messages with a fatal level result in the immediate termination of the
connection.
 The client and the server must share knowledge that the connection is ending
in order to avoid a truncation attack. Either party may initiate a close by
sending a close notify alert. This message notifies the recipient that the sender
will not send any more messages on this connection.
 Error handling in the TLS Handshake Protocol is very simple. When an error is
detected, the detecting party sends a message to the other party. Upon transmission
or receipt of a fatal alert message, both parties immediately close the connection.

www.rejinpaul.com
TLS supports all of the error alerts defined in SSLv3 with the exception of additional
alert codes defined in TLS. The additional error alerts are described in the following:
Decryption failed: A TLS ciphertext is decrypted in an invalid way: either it was not
an even multiple of the block length or its padding values, when checked, were
incorrect. This message is always fatal.
Record overflow: A TLS record was received with a ciphertext whose length exceeds
214 + 2048 bytes, or the ciphertext decrypted to a TLS compressed record with more
than 214 + 1024 bytes. This message is always fatal.
unknown ca: A valid certificate chain or partial chain was received, but the certificate
was not accepted because the CA certificate could not be located or could not be
matched with a known, trusted CA. This message is always fatal.
access denied: A valid certificate was received, but when access control was applied,
the sender decided not to proceed with the negotiation. This message is always fatal.
Decode error: A message could not be decoded because a field was out of its specified
range or the length of the message was incorrect. This message was incorrect. It is
always fatal.
decrypt error: A handshake cryptographic operation failed, including being unable to
verify a signature, decrypt a key exchange or validate a finished message.
export restriction: A negotiation not in compliance with export restrictions was
detected; for example, attempting to transfer a 1024-bit ephemeral RSA key for the
RSA EXPORT handshake method. This message is always fatal.
protocol version: The protocol version the client has attempted to negotiate is
recognized but not supported due to the fact that old protocol versions might be
avoided for security reasons. This message is always fatal.
insufficient security: Returned instead of hanshake failure when a negotiation has
failed specifically because the server requires ciphers more secure than those
supported by the client. This message is always fatal.
internal error: An internal error unrelated to the peer or the correctness of the
protocol, such as a memory allocation failure, makes it impossible to continue. This
message is always fatal.
user canceled: This handshake is being cancelled for some reason unrelated to a
protocol failure. If the user cancels an operation after the handshake is complete, just
closing the connection by sending a close notify is more appropriate. This alert should
be followed by a close notify. This message is generally a warning.
no renegotiation: This is sent by the client in response to a hello request or by the

www.rejinpaul.com
server in response to a client hello after initial handshaking. Either of these messages
would normally lead to renegotiation, but this alert indicates that the sender is not
able to renegotiate. This message is always a warning.
Certificate Verify Message
Recall that the hash computations for SSLv3 are included with the master secret, the
handshake message and pads. In the TLS certificate verify message, the MD5 and
SHA-1 hashes are calculated only over handshake messages as shown below:
CertificateVerify.signature.md5_hash
MD5(handshake_message)
CertificateVerify.signature.sha_hash
SHA(handshake_message)
Here handshake messages refer to all handshake messages sent or received starting at
client hello up to, but not including, this message, including the type and length fields
of the handshake messages.
Finished Message
A finished message is always sent immediately after a change cipher spec message to
verify that the key exchange and authentication processes were successful. It is
essential that a change cipher spec message be received between the other handshake
messages and the finished message. As with the finished message in SSLv3, the
finished message in TLS is a hash based on the shared master secret, the previous
handshake messages, and a label that identifies client and server. However, the TLS
computation for verify data is somewhat different from that of the SSL calculation as
shown below:
PRF(master_secret, finished_label, MD5(handshake_message)||
SHA-1(handshake_message))
where
 The finished label indicates either the string ‘client finished’ sent
by the client or the string ‘server finished’ sent by the server,
respectively.
 The handshake message includes all handshake messages
starting at client hello up to, but not including, this finished
message. This is only visible at the handshake layer and does not
include record layer headers.
Cryptographic Computations (for TLS)

www.rejinpaul.com
 In order to begin connection protection, the TLS Record Protocol requires
specification of a suite of algorithms, a master secret, and the client and server
random values.
 All that remains is to compute the master secret and the key block. The
premaster secret for TLS is calculated in the same way as in SSLv3. The
presmater_ secret should be deleted from memory once the master secret has
been computed. As in SSLv3, the master secret in TLS in calculated as a hash
function of the premaster secret and two hello random numbers. The TLS
master secret computation is different from that of SSLv3 and is defined as
follows:
master_secret = PRF(premaster_secret, ‘‘master secret’’,
ClientHello.random||ServerHello.random)
The master secret is always exactly 48 bytes (384 bits) in length. The length of the
premaster secret will vary depending on key exchange method:
RSA: When RSA is used for server authentication and key exchange, a 48-byte
premaster secret is generated by the client, encrypted with the server’s public key, and
sent to the server. The server uses its private key to decrypt the premaster secret.
Both parties then convert the premaster secret into the master secret, as specified
above.
Diffie–Hellman: A conventional Diffie–Hellman computation is performed. The
negotiated key Z is used as the premaster secret, and is converted into the master
secret, as specified above.
The computation of the key block parameters (MAC secret keys, session encryption
keys and IVs) is defined as follows:
key_block = PRF(master_secret, ‘‘key expansion’’,
SecurityParameters.server_random||SecurityParameters.client_random)
until enough output has been generated. As with SSLv3, key block is a function of the
master secret and the client and server random numbers, but for TLS the actual
algorithm is different.
On leaving this chapter, it is recommended that readers search for and find any other
small differences between SSL and TLS.

www.rejinpaul.com
Important Questions
Part-A
1.Define IPsec Protocol.
2. write the basic components of IPsec architecture Protocol.
3.Define IPsec Protocol Documents
4. Define Security Associations (SAs)
5. Define Hashed Message Authentication Code (HMAC)
6. Define IP Authentication Header.
7. Draw AH Format.
8. Define IP ESP.
9. Define Packet Format
8. Define Key Management Protocol for IPSec.
9. List out the different types of Payload Types for ISAKMP.
10.Define SSL Protocol.
11.Draw the SSL Protocol Overview stack.
12.Difference between SSL Session and SSL Connection.
13.List out the SSL session elements.
14. List out the SSL Connection elements.
15.Define SSL Record Protocol format.
16. List out the phases of SSL Handshake Protocol.
17.How to compute the master-secret for Diffie–Hellman.
18. Define HMAC-Algorithm and how to calculate the HMAC Algorithm.
19. List out the ISAKMP Payload Processing.
20. Define Cryptographic Computations.
Part-B
1. Explain in detail about the IPSec Protocol.

2. Write short notes on the following protocol:
 IP Authentication Header
 IP ESP
3. Explain in detail about the Key Management Protocol for IPSec.
4. Explain in detail about the SSL protocol in Transport layer Security.
5. Explain in detail about the Cryptographic Computations in Transport layer
Security.
6. Explain in detail about the TLS Protocol in Transport layer Security.

www.rejinpaul.com
UNIT II
E-MAIL SECURITY & FIREWALLS
PGP – S/MIME – Internet Firewalls for Trusted System: Roles of Firewalls - Firewall
related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce
Transactions.
Part-A
1.What is application level gateway?
An application level gateway also called a proxy server; act as a relay of
application-level traffic. The user contacts the gateway using a TCP/IP application,
such as Telnet or FTP, and the gateway asks the user for the name of the remote host
to be accessed.
2. List the design goals of firewalls?
1. All traffic from inside to outside, and vise versa, must pass through the firewall.
2. Only authorized traffic, as defined by the local security policy, will be allowed to
pass.
3. The firewall itself is immune to penetration.
3.What is mean by SET? What are the features of SET?
Secure Electronic Transaction (SET) is an open encryption and security specification

designed to protect credit card transaction on the internet. Features are:
1. Confidentiality of information
2. Integrity of data
3. Cardholder account authentication
4. Merchant authentication
4. What are the steps involved in SET Transaction?
1. The customer opens an account
2. The customer receives a certificate
3. Merchants have their own certificate
4. The customer places an order.

www.rejinpaul.com
5. The merchant is verified.
6. The order and payment are sent.
7. The merchant requests payment authorization.
8. The merchant confirm the order.
9. The merchant provides the goods or services.
10. The merchant requests payment.
5.Define S/MIME?
Secure/Multipurpose Internet Mail Extension(S/MIME) is a security enhancement to

the MIME Internet E-mail format standard, based on technology from RSA Data
Security.
6. What are the headers fields define in MIME?
MIME version. Content type.
Content transfer encoding. Content id.
Content description.
7. What is MIME content type and explain?
It is used to declare general type of data. Subtype define particular format for that type
of the data. It has 7 content type & 15 subtypes. They are,
1. Text type Plain text. Enriched.
2. Multipart type
Multipart/mixed. Multipart/parallel. Multipart/alternative. Multipart/digest.
3. Message type
Message/RFC822. Message/partial. Message/external.
4. Image type
JPEG. CIF.
5. Video type.
6. Audio type.
7. Application type
Post script. Octet stream.

www.rejinpaul.com
8. What are the key algorithms used in S/MIME?
1.Digital signature standards.
2.Diffi Hellman.
3.RSA algorithm.
9. Give the steps for preparing envelope data MIME?
1. Generate Ks.
2. Encrypt Ks using recipient’ s public key. RSA algorithm used for encryption.
Prepare the ‘recipient info block’ .
3. Encrypt the message using Ks.
10.What are the services provided by PGP services

 Digital signature Message encryption Compression
 E-mail compatibility
 Segmentation
11. Explain the reasons for using PGP?
a) It is available free worldwide in versions that run on a variety of platforms, including
DOS/windows, UNIX, Macintosh and many more.
b) It is based on algorithms that have survived extensive public review and are
considered extremely secure.
E.g.) RSA, DSS and Diffie-Hellman for public key encryption, CAST-128, IDEA, 3DES
for conventional encryption, SHA-1for hash coding.
c) It has a wide range of applicability from corporations that wish to select and enforce
a standardized scheme for encrypting files and communication.
d) It was not developed by nor is it controlled by any governmental or standards
organization.
12. Why E-mail compatibility function in PGP needed?
Electronic mail systems only permit the use of blocks consisting of ASCII text. To
accommodate this restriction PGP provides the service converting the row 8- bit binary
stream to a stream of printable ASCII characters. The scheme used for this purpose is
Radix-64 conversion.
13. Name any cryptographic keys used in PGP?
a) One-time session conventional keys. b) Public keys.
c) Private keys.
d) Pass phrase based conventional keys.

www.rejinpaul.com
14.What is meant by S/MIME? (A/M-12)
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key

encryption and signing of MIME data. S/MIME is on an IETF standards track and
defined in a number of documents, most importantly RFCs (3369, 3370, 3850, 3851).
S/MIME was originally developed by RSA Data Security Inc. The original specification
used the IETF MIME specification with the de facto industry standard PKCS secure
message format. Change control to S/MIME has since been vested in the IETF and the
specification is now layered on cryptographic message syntax.
15.List out the types of firewalls.
1. Packet Filters
2. Circuit-Level Gateways
3. Application-Level Gateways
Part-B
1.Explain in detail about the PGP.

 PGP used data encryption software that ensures integrity, security, and
privacy of data and messages sent over the internet.
 It uses two digital equivalents of physical keys: a public key used for
'locking' (encrypting) data that can be given by its owner to anyone who
wants to send a secure transmission; and a private key used for 'unlocking'
(decrypting) the data and known only to its owner.
 It is also used to digitally 'sign' an electronic document, thus authenticating
its origin.
1.1 Confidentiality via Encryption
PGP provides confidentiality by encrypting messages to be transmitted or data files to
be stored locally using a conventional encryption algorithm such as IDEA, 3DES or
CAST- 128. In PGP, each symmetric key, known as a session key, is used only once. A
new session key is generated as a random 128-bit number for each message. Since it
is used only once, the session key is bound to the message and transmitted with it. To
protect the key, it is encrypted with the receiver’s public key. Figure 9.1 illustrates the
sequence, which is described as follows:
 The sender creates a message.
 The sending PGP generates a random 128-bit number to be used
as a session key for this message only.

www.rejinpaul.com
 The session key is encrypted with RSA, using the recipient’s public
key.
 The sending PGP encrypts the message, using CAST-128 or IDEA
or 3DES, with the session key. Note that the message is also
usually compressed.
 The receiving PGP uses RSA with its private key to decrypt and
recover the session key.
 The receiving PGP decrypts the message using the session key. If
the message was compressed, it will be decompressed.
Both digital signature and confidentiality services may be applied to the same
message. First, a signature is generated from the message and attached to the
message. Then the message plus signature are encrypted using a symmetric session
key. Finally, the session key is encrypted using public-key encryption and prefixed to
the encrypted block.
1.2 Authentication via Digital Signature
The digital signature uses a hash code of the message digest algorithm, and a public-
key signature algorithm. Figure 9.2 illustrates the digital signature service provided by
PGP.
The sequence is as follows:
 The sender creates a message.
 SHA-1 is used to generate a 160-bit hash code of the message.

www.rejinpaul.com
 The hash code is encrypted with RSA using the sender’s private key and a
digital signature is produced.
 The binary signature is attached to the message.
 The receiver uses RSA with the sender’s public key to decrypt and recover the
hash code.
 The receiver generates a new hash code for the received message and compares
it with the decrypted hash code. If the two match, the message is accepted as
authentic.
The combination of SHA-1 and RSA provides an effective digital signature scheme.
As an alternative, signatures can be generated using DSS/SHA-1.
1.3 Compression
 PGP compresses the message after applying the signature but before
encryption.
 The placement of Z for compression and Z −1 for decompression is shown in
Figures 9.1 and 9.2.
 This compression algorithm has the benefit of saving space both for e-mail
transmission and for file storage.
 PGP makes use of a compression package called ZIP which is functionally
equivalent to PKZIP developed by PKWARE, Inc. The zip algorithm is perhaps
the most commonly used cross-platform compression technique.
Two main compression schemes, named after Abraham Lempel and Jakob Ziv, were

www.rejinpaul.com
first proposed by them in 1977 and 1978, respectively. These two schemes for text
compression (generally referred to as lossless compression) are broadly used because
they are easy to implement and also fast.
 Huffman compression is a statistical data compression technique which
reduces the average code length used to represent the symbols of an alphabet.
Huffman code is an example of a code which is optimal when all symbols
probabilities are integral powers of 1/2.
 A technique related to Huffman coding is Shannon–Fano coding. This coding
divides the set of symbols into two equal or almost equal subsets based on the
probability of occurrence of characters in each subset.
 The first subset is assigned a binary 0, the second a binary 1. Huffman
encoding always generates optimal codes, but Shannon–Fano sometimes uses a
few more bits.
 Decompression of LZ77-compressed text is simple and fast. Whenever a
(position, length) pair is encountered, one goes to that position in that window
and copies length bytes to the output.
1.4 Radix-64 Conversion
 When PGP is used, usually part of the block to be transmitted is encrypted. If
only the signature service is used, then the message digest is encrypted (with
the sender’s private key).
 If the confidentiality service is used, the message plus signature (if present) are
encrypted (with a one-time symmetric key).
The scheme used for this purpose is radix-64 conversion. Each group of three octets
of binary data is mapped into four ASCII characters. This format also appends a CRC
to detect transmission errors. This radix-64 conversion is a wrapper around the binary
PGP messages, and is used to protect the binary messages during transmission over
non-binary channels, such as Internet e-mail.
1.5 Packet Headers
 A PGP message is constructed from a number of packets. A packet is a chunk
of data which has a tag specifying its meaning. Each packet consists of a packet
header of variable length, followed by the packet body.
 The first octet of the packet header is called the packet tag as shown in Figure
9.4. The MSB is ‘bit 7’ (the leftmost bit) whose mask is 0x80 (10000000) in
hexadecimal. PGP 2.6.x only uses old format packets.

www.rejinpaul.com
1.5.1 Packet Tags

The packet tag denotes what type of packet the body holds. The defined tags (in
decimal) are:
0–Reserved
1–Session key packet encrypted by public key
2–Signature packet
3–Session key packet encrypted by symmetric key
4–One-pass signature packet
5–Secret-key packet
6–Public-key packet
7–Secret-subkey packet
8–Compressed data packet
9–Symmetrically encrypted data packet
10–Marker packet
11–Literal data packet
12–Trust packet
13–User ID packet
14–Public subkey packet
60 ∼ 63–Private or experimental values
1.6 PGP Packet Structure
A PGP file consists of a message packet, a signature packet and a session key packet.
1.6.1 Message Packet

www.rejinpaul.com
This packet includes the actual data to be transmitted or stored as well as a header
that includes control information generated by PGP such as a filename and a
timestamp. A timestamp specifies the time of creation. The message component
consists of a single literal data packet.
1.6.2.Signature Packet (Tag 2)
This packet describes a binding between some public key and some data. The most
common signatures are a signature of a file or a block of text, and a signature that is a
certification of a user ID.
Two versions of signature packets are defined. PGP 2.6.x only accepts version 3
signature. Version 3 provides basic signature information, while version 4 provides an
expandable format with sub packets that can specify more information about the
signature. It is reasonable to create a v3 signature if an implementation is creating an
encrypted and signed message that is encrypted with a v3 key.
The signature includes the following components:
 Timestamp
 Message digest (or hash code)
 Leading two octets of hash code
 Key ID of sender’s public key
Session Key Packets (Tag 1)
 This component includes the session key and the identifier of the receiver’s
public key that was used by the sender to encrypt the session key.
 A public-key-encrypted session key packet, EKPb (Ks), holds the session key
used to encrypt a message.
 The symmetrically encrypted data packets are preceded by one public-key-
encrypted session key packet for each PGP 5.x key to which the message is
encrypted.
 The message is encrypted with the session key, and the session key is itself
encrypted and stored in the encrypted session key packet. The recipient of the
message finds a session key that is encrypted to its public key, decrypts the
session key, and then uses the session key to decrypt the message.

www.rejinpaul.com
The body of this session key component consists of:
 A one-octet version number which is 3.

 An eight-octet key ID of the public key that the session key is encrypted to.
 A one-octet number giving the public key algorithm used.
 A string of octets that is the encrypted session key.
This string’s contents are dependent on the public-key algorithm used:

– Algorithm-specific fields for RSA encryption: multiprecision integer (MPI) of
RSA encrypted value me-mod n.
– Algorithm-specific fields for ElGamal encryption: MPI of ElGamal value gk
mod p; MIP of ElGamal value myk mod p. The value ‘m’ is derived from the
session key.

www.rejinpaul.com
Key Material Packet
A key material packet contains all the information about a public or private key. There
are four variants of this packet type and two versions.
Key Packet Variants
There are:
• Public-key packet (tag 6): This packet starts a series of packets that forms a PGP
5.x key.
• Public subkey packet (tag 14): This packet has exactly the same format as a
publickey packet, but denotes a subkey. One or more subkeys may be associated with
a top-level key.
• Secret-key packet (tag 5): This packet contains all the information that is found in a
public-key packet, including the public-key materials, but also includes the secret-key
material after all the public-key fields.
• Secret-subkey packet (tag 7): A secret-subkey packet is the subkey analogous to the
secret-key packet and has exactly the same format.
Public-key Packet Formats

www.rejinpaul.com
There are two variants of version 3 packets and version 2 packets. Version 3 packets
were originally generated by PGP 2.6. Version 2 packets are identical in format to
version 3 packets, but are generated by PGP 2.5.
A v3 key packet contains:
• A one-octet version number (3).
• A four-octet number denoting the time that the key was created.
• A two-octet number denoting the time in days that this key is valid.
• A one-octet number denoting the public-key algorithm of this key.
• A series of multiprecision integers (MPIs) comprising the key material: an MPI
of RSA public module n; an MPI of RSA public encryption exponent e.
Secret-key Packet Formats
The secret-key and secret-subkey packets contain all the data of public-key and
publicsubkey packets in encrypted form, with additional algorithm-specific key data
appended.
The secret-key packet contains:
• A public-key or public-subkey packet, as described above.
• One octet indicating string-to-key (S2K) usage conventions: 0 indicates that
the secretkey data is not encrypted; 255 indicates that an S2K specifier is being
given. Any other value specifies a symmetric-key encryption algorithm.
• If the S2K usage octet was 255, a one-octet symmetric encryption algorithm
(optional).
• If the S2K usage octet was 255, an S2K specifier (optional). The length of the
S2K specifier is implied by its type, as described above.
• If secret data is encrypted, an eight-octet IV (optional).
1.8 Algorithms for PGP 5.x

www.rejinpaul.com

www.rejinpaul.com
2.Explain in detail about the MIME.

 Secure/Multipurpose Internet Mail Extension (S/MIME) provides a consistent
means to send and receive secure MIME data.
 S/MIME, based on the Internet MIME standard, is a security enhancement to
cryptographic electronic messaging.
 Further, S/MIME not only is restricted to e-mail, but can be used with any
transport mechanism that carries MIME data, such as HTTP.
MIME
 MIME was defined to allow transmission of non-ASCII data through e-mail. MIME
allows arbitrary data to be encoded in ASCII and then transmitted in a standard e-
mail message.
 It is a supplementary protocol that allows non-ASCII data to be sent through
SMTP.

www.rejinpaul.com
 The MIME standard provides a general structure for the content type of Internet
messages and allows extensions for new content-type applications.
MIME Description
 MIME transforms non-ASCII data at the sender’s site to NVT ASCII data and
delivers it to the client SMTP to be sent through the Internet. The server
SMTP at the receiver’s site receives the NVT ASCII data and delivers it to
MIME to be transformed back to the original non-ASCII data.
MIME Header
MIME defines five headers that can be added to the original SMTP header section:
• MIME Version
• Content Type
• Content Transfer Encoding
• Content Id
• Content Description
The MIMI header is shown in Figure 9.7 and described below.

MIME Version
This header defines the version of MIME used. The current version is 1.0.
Content Type
This header defines the type of data used in the message body. The content type and
the content subtype are separated by a slash. MIME allows seven different types of
data:

www.rejinpaul.com
• Text: The original message is in 7-bit ASCII format.

• Multipart: The body contains multiple, independent parts. The multipart header
needs to define the boundary between each part. Each part has a separate content
type and encoding.
Definition of multipart/signed:
– MIME type name: multipart
– MIME subtype name: signed.
– Required parameters: boundary, protocol and micalg
– Optional parameters: none
– Security considerations: must be treated as opaque while in transit.
Definition of multipart/encrypted:
– MIME type name: multipart
– MIME subtype name: encrypted
– Required parameters: boundary and protocol
– Optional parameters: none
– Security considerations: none.
Content Transfer Encoding
This header defines the method to encode the messages into ones and zeros for
transport.
There are the five types of encoding: 7 bit, 8 bit, binary, Base64 and Quoted-printable.
Table 9.3 describes the Content Transfer Encoding by the five types.
Note that lines in the header identify the type of the data as well as the encoding used.
• 7 bit: This is 7-bit NVT ASCII encoding. Although no special transformation is
needed, the length of the line should not exceed 1000 characters.
• 8 bit: This is 8-bit encoding. Non-ASCII characters can be sent, but the length of the

www.rejinpaul.com
line still should not exceed 1000 characters. Since the underlying SMTP is able to
transfer 8-bit non-ASCII characters, MIME does not do any encoding here.
• Binary: This is 8-bit encoding. Non-ASCII characters can be sent, and the length of
the line can exceed 1000 characters. MIME does not do any encoding here; the
underlying SMTP must be able to transfer binary data.
• Base64 : This is a solution for sending data made of bytes when the highest bit is
not necessarily zero.
• Quoted-printable: Base64 is a redundant encoding scheme. The 24-bit non-ASCII
data becomes four characters consisting of 32 bits.
Content Id
This header uniquely identifies the whole message in a multiple message environment:
Content Id: id = <content id>
Content Description
This header defines whether the body is image, audio or video:
Content Description: <description>
MIME Security Multiparts
 The basic MIME by itself does not specify security protection.
 Accordingly, a MIME agent must provide security services by employing a
security protocol mechanism, by defining two security subtypes of the MIME
multipart content type: signed and encrypted.
 The multipart/signed content type specifies how to support authentication and
integrity services via digital signature. The multipart/singed content type
contains exactly two body parts.
 The first body part is the one over which the digital signature was created,
including its MIME headers.
 The second body part contains the control information necessary to verify the
digital signature.
MIME Security with OpenPGP
PGP can generate either ASCII Armor or a stream of arbitrary 8-bit octets when
encrypting data, generating a digital signature, or extracting public-key data. The
ASCII Armor output is the required method for data transfer. When the data is to
be transmitted in many parts, the MIME message/partial mechanism should be

www.rejinpaul.com
used rather than the multipart ASCII Armor OpenPGP format. Before OpenPGP
encryption, the data is written in MIME canonical format (body and headers).
When the OpenPGP digital signature is generated:
 The data to be signed must first be converted to its content-type

specific canonical form.
 An appropriate Content Transfer Encoding is applied. In particular,
line endings in the encoded data must use the canonical <CR><LF>
sequence where appropriate.
 MIME content headers are then added to the body, each ending with
the canonical <CR><LF> sequence.
 Any trailing white space must be removed from the signed material.
 The digital signature must be calculated over both the data to be
signed and its set of content headers.
 The signature must be generated as detached from the signed data so
that the process does not alter the signed data in any way.
3.Explain in detail about the S/MIME.

S/MIME
 S/MIME provides a way to send and receive 7-bit MIME data. S/MIME can be
used with any system that transports MIME data.
 It can also be used by traditional mail user agents (MUAs) to add cryptographic
security services to mail that is sent, and to interpret cryptographic security
services in mail that is received.
The S/MIME agent represents user software that is a receiving agent, a sending agent,
or both. S/MIME version 3 agents should attempt to have the greatest interoperability
possible with S/MIME version 2 agents.
3.1 Cryptographic Message Syntax (CMS) Options
CMS allows for a wide variety of options in content and algorithm support. This
subsection puts forth a number of support requirements and recommendations in
order to achieve a base level of interoperability among all S/MIME implementations.
CMS provides additional details regarding the use of the cryptographic algorithms.

www.rejinpaul.com
DigestAlgorithmIdentifier
This type identifies a message digest algorithm which maps the message to the
message digest. Sending and receiving agents must support SHA-1. Receiving agents
shouldsupport MD5 for the purpose of providing backward compatibility with MD5-
digested S/MIME v2 SignedData objects.
SignatureAlgorithmIdentifier
Sending and receiving agents must support id-dsa defined in DSS. Receiving agents
should support rsaEncryption, defined in PRCS-1.
KeyEncryptionAlgorithmIdentifier
A key-encryption algorithm supports encryption and decryption operations. The

encryption operation maps a key string to another encrypted key string under the
control of a key encryption key. Sending and receiving agents must support Diffie–
Hellman key exchange. Receiving agents should support rsaEncryption. The size of the
private key is determined during key generation. Sending agents should support
rsaEncryption.
General syntax
CMS defines multiple content types. Of these, only the data, signed data and
enveloped data types are currently used for S/MIME.
• Data content type: This type is arbitrary octet strings, such as ASCII text files.
Such strings need not have any internal structure. The data content type should have
ASN.1 type Data:
Data ::= OCTET STRING
Sending agents must use the id-data content-type identifier to indicate the message
content which has had security services applied to it.
Signed-data content type: This type consists of any type and encrypted message
digests of the content for zero or more signers. Any type of content can be signed by
any number of signers in parallel. The encrypted digest for a signer is a digital
signature on the content for that signer.

www.rejinpaul.com
Enveloped-data content type: An application/prcs7-mime subtype is used for the

enveloped- data content type. This content type is used to apply privacy protection to a
message. The type consists of encrypted content of any type and encrypted-content
encryption keys for one or more recipients. The combination of encrypted content and
encrypted content-encryption key for a recipient is called a digital envelope for that
recipient.
Enhanced Security Services for S/MIME
 The security services described in this section are extensions to S/MIME

version 3. Some of the features of each service use the concept of a triple
wrapped message.
 A triple wrapped message is one that has been signed, then encrypted and then
signed again.
 The S/MIME specification does not limit the number of nested encapsulations,
so there may be more than three wrappings.
The inside signature is used for content integrity, non-repudiation with proof of origin,
and binding attributes to the original content.
The outside signature provides authentication and integrity for information that is
processed hop by hop, where each hop is an intermediate entity such as a mail list
agent.
Triple Wrapped Message
The steps to create a triple wrapped message are as follows:
1. Start with the original content (a message body).
2. Encapsulate the original content with the appropriate MIME content-type

headers.
3. Sign the inner MIME headers and the original content resulting from step 2.
4. Add an appropriate MIME construct to the signed message from step 3. The
resulting message is called the inside signature.

www.rejinpaul.com
5. Encrypt the step 4 result as a single block, turning it into an

application/pkcs7- mime object.
6. Add the appropriate MIME headers: a content type of application/pkcs7-

mime with parameters, and optional MIME headers such as Content-Transfer-
Encoding and Content-Disposition.
Signed Receipts
The interaction steps in a typical transaction are:
1. Sender creates a signed message including a receipt request attribute.
2. Sender transmits the resulting message to the recipient(s).
3. Recipient receives message and determines if there are a valid signature and
receipt request in the message.
4. Recipient creates a signed receipt.
5. Recipient transmits the resulting signed receipt message to the sender.
6. Sender receives the message and validates that it contains a signed receipt
for the original message.
Receipt Request Creation
Multilayer S/MIME messages may contain multiple SignedData layers. Receipts are
requested only for the innermost SignedData layer in a multilayer S/MIME message
such as a triple wrapped message. Only one receipt request attribute can be included
in the signedAttributes of SignerInfo.
4. Explain in detail about following topics of the Internet Firewalls for Trusted
Systems:
1. Roles of Firewalls
2. Firewall related terminology
Roles of Firewalls

www.rejinpaul.com
 The firewall imposes restrictions on packets entering or leaving the private

network.
 All traffic from inside to outside, and vice versa, must pass through the firewall,
but only authorised traffic will be allowed to pass.
 Firewalls create checkpoints (or choke points) between an internal private
network and an untrusted Internet.
 The firewall may filter on the basis of IP source and destination addresses and
TCP port number.
 Firewalls may block packets from the Internet side that claim a source address
of a system on the intranet, or they may require the use of an access
negotiation and encapsulation protocol like SOCKS to gain access to the
intranet.
 The firewall also enforces logging, and provides alarm capacities as well. By
placing logging services at firewalls, security administrators can monitor all
access to and from the Internet.
 Firewalls may block TELNET or RLOGIN connections from the Internet to the
intranet.
 The firewall provides protection from various kinds of IP spoofing and routing
attacks.
 A firewall can limit network exposure by hiding the internal network systems
and information from the public Internet.
 The firewall is a convenient platform for security-unrelated events such as a
network address translator (which maps local addresses to Internet addresses)
and has a network management function that accepts or logs Internet usage.
 The firewall certainly has some negative aspects: it cannot protect against
internal threats such as an employee who cooperates with an external attacker;
 A firewall can effectively implement and control the traversal of IP multicast
traffic.
 Some firewall mechanisms such as SOCKS are less appropriate for multicast
because they are designed specifically for unicast traffic.
Firewall related terminology
1. Bastion Host
2. Proxy Server

www.rejinpaul.com
3. SOCKS
4. Choke Point
5. De-militarised Zone (DMZ)
6. Logging and Alarms
7. VPN
Bastion Host
 A bastion host is a publicly accessible device for the network’s security, which
has a direct connection to a public network such as the Internet.
 The bastion host serves as a platform for any one of the three types of firewalls:
packet filter, circuit-level gateway or application-level gateway.
 Bastion hosts must check all incoming and outgoing traffic and enforce the
rules specified in the security policy.
The bastion host’s role falls into the following three common types:
1. Single-homed bastion host

2. Dual-homed bastion host
3. Multihomed bastion host
Proxy Server
 Proxy servers are used to communicate with external servers on behalf of
internal clients.
 A proxy service is set up and torn down in response to a client request, rather
than existing on a static basis.
 The term proxy server typically refers to an application-level gateway, although
a circuit-level gateway is also a form of proxy server.
 Each proxy is independent of other proxies on the bastion host.
 If there is a problem with the operation of any proxy, or if future vulnerability is
discovered, it is easy to replace the proxy without affecting the operation of the
proxy’s applications.
 If the support of a new service is required, the network administrator can easily
install the required proxy on the bastion host.
 A proxy generally performs no disk access other than to read its initial
configuration file.
 This makes it difficult for an intruder to install Trojan horse sniffers or other
dangerous files on the bastion host.

www.rejinpaul.com
SOCKS
 The SOCKS protocol version 4 provides for unsecured firewall traversal for TCP-
based client/server applications, including HTTP, TELNET and FTP.
 The new protocol extends the SOCKS version 4 model to include UDP, and
allows the framework to include provision for generalized strong authentication
schemes, and extends the addressing scheme to encompass domain name and
IPv6 addresses.
 When a TCP-based client wishes to establish a connection to an object that is
reachable only via a firewall, it must open a TCP connection to the appropriate
SOCKS port on the SOCKS server system.
 The SOCKS service is conventionally located at TCP port 1080.
 If the connection request succeeds, the client enters negotiation for the
authentication method to be used, authenticates with the chosen method, and
then sends a relay request.
 The SOCKS server evaluates the request, and either establishes the appropriate
connection or denies it.
Choke Point
 A choke point is the point at which a public internet can access the internal
network.
 The most comprehensive and extensive monitoring tools should be configured
on the choke points.
 Proper implementation requires that all traffic be funnelled through these choke
points.
 Since all traffic is flowing through the firewalls, security administrators, as a
firewall strategy, need to create choke points to limit external access to their
networks.
 Once these choke points have been clearly established, the firewall devices can
monitor, filter and verify all inbound and outbound traffic.
 Since a choke point is installed at the firewall, a prospective hacker will go
through the choke point.
De-militarised Zone (DMZ)

www.rejinpaul.com
 The DMZ is an expression that originates from the Korean War. It meant a strip
of land forcibly kept clear of enemy soldiers.
 In terms of a firewall, the DMZ is a network that lies between an internal
private network and the external public network.
 DMZ networks are sometimes called perimeter networks.
 A DMZ is used as an additional buffer to further separate the public network
from the internal network.
 A gateway is a machine that provides relay services to compensate for the
effects of a filter.
 The network inhabited by the gateway is often called the DMZ.
 A gateway in the DMZ is sometimes assisted by an internal gateway.
Logging and Alarms
 Logging is usually implemented at every device in the firewall, but these
individual logs combine to become the entire record of user activity.
 Packet filters normally do not enable logging by default so as not to degrade
performance. Packet filters as well as circuit-level gateways log only the most
basic information. Since a choke point is installed at the firewall, a prospective
hacker will go through the choke point.
 The user can then tell exactly what a hacker is doing, and have such
information available for audit.
 The audit log is an essential tool for detecting and terminating intruder
attacks.
 Many firewalls allow the user to preconfigure responses to unacceptable
activities.
 The firewall should alert the user by several means. The two most common
actions are for the firewall to break the TCP/IP connection, or to have it
automatically set off alarms.
VPN
 VPNs are appropriate for any organization requiring secure external access to
internal resources.
 All VPNs are tunneling protocols in the sense that their information packets or
payloads are encapsulated or tunneled into the network packets.

www.rejinpaul.com
 All data transmitted over a VPN is usually encrypted because an opponent with
access to the Internet could eavesdrop on the data as it travels over the public
network.
 The VPN encapsulates all the encrypted data within an IP packet.
Authentication, message integrity and encryption are very important
fundamentals for implementing a VPN.
 Without such authentication procedures, a hacker could impersonate anyone
and then gain access to the network.
 Message integrity is required because the packets can be altered as they travel
through the Internet. Without encryption, the information may become truly
public. Several methods exist to implement a VPN.
5.Explain in detail about the Types of Firewalls.

4. Packet Filters
5. Circuit-Level Gateways
6. Application-Level Gateways
Packet Filters
 Packet filters are one of several different types of firewalls that process network
traffic on a packet-by-packet basis.
 A packet filter’s main function is to filter traffic from a remote IP host, so a
router is needed to connect the internal network to the Internet.
 A packet filter is a device which inspects or filters each packet at a screening
router for the content of IP packets.
Packet filters typically set up a list of rules that are sequentially read line by line.
Filtering rules can be applied based on source and destination IP addresses or
network addresses, and TCP or UDP ports. Packet filters are read and then treated on

www.rejinpaul.com
a rule-by-rule basis. A packet filter will provide two actions, forward or discard. If the
action is in the forward process, the action takes place to route the packet as normal if
all conditions within the rule are met.
Packet-Filtering Rules
 A packet filter applies a set of rules to each incoming IP packet and then
forwards or discards the packet.
 The packet filter typically sets up a list of rules which may match fields in the
IP or TCP header. If there is a match to one of the rules, that rule is able to
determine whether to forward or discard the packet.
 If there is no match to any rule, then two default actions (forward and discard)
will be taken.
TELNET packet filtering
 TELNET is a simple remote terminal access that allows a user to log onto a
computer across an internet. TELNET establishes a TCP connection, and then
passes keystrokes from the user’s keyboard directly to the remote computer as
if they had been typed on a keyboard attached to the remote machine.
 TELNET also carries output from the remote machine back to the user’s screen.
TELNET client software allows the user to specify a remote machine either by
giving its domain name or IP address.
 TELNET can be used to administer a UNIX machine. Windows NT does not
provide a TELNET serve with the default installation, but a third-party service
can be easily added.
 TELNET sends all user names and passwords in plaintext. Experienced hackers
can hijack a TELNET session in progress.
 TELNET should only be used when the user can verify the entire network
connecting the client and server, not over the Internet.
 All TELNET traffic should be filtered at the firewall. TELNET runs on TCP port
23.
FTP packet filtering
 With FTP, two TCP connections are used: a control connection to set up the file
transfer and a data connection for the actual file transfer.
 The data connection uses a different port number to be assigned for the
transfer.

www.rejinpaul.com
 Remember that most servers live on low-numbered ports, but most outgoing
calls tend to use higher-numbered ports, typically above 1024.
 FTP is the first protocol for transferring or moving files across the Internet. Like
many of the TCP/IP protocols, FTP was not designed with security in mind.
 Each FTP server has a command channel, where the requests for data and
directory listings are issued, and a data channel, over which the requested data
is delivered.
 FTP operates in two different modes (active and passive).
 In active mode, an FTP server receives commands on TCP/IP port 21 and
exchanges data with the client.
SMTP packet filtering
 SMTP is a store/forward system, and such systems are well suited to firewall
applications.
 SMTP receivers use TCP port 25; SMTP senders use a randomly selected port
above 1023. Most e-mail messages are addressed with hostnames instead of IP
addresses, and the SMTP server uses DNS (Directory and Naming Services) to
determine the matching IP address.
 If the same machines handle internal and external mail delivery, a hacker who
can spoof DNS information may be able to cause mail that was intended for
internal destinations to be delivered to an external host.
Circuit-Level Gateways
 The circuit-level gateway represents a proxy server that statically defines what
traffic will be forwarded.
 Circuit proxies always forward packets containing a given port number if that
port number is permitted by the rule set.
 A circuit-leval gateway operates at the network level of the OSI model.
 This gateway acts as an IP address translator between the Internet and the
internal system.
 The main advantage of a proxy server is its ability to provide Network Address
Translation (NAT). NAT hides the internal IP address from the Internet.
Application-Level Gateways
 The application-level gateway represents a proxy server, performing at the
TCP/IP application level, that is set up and torn down in response to a client
request, rather than existing on a static basis.

www.rejinpaul.com
 Application proxies forward packets only when a connection has been

established using some known protocol.
 When the connection closes, a firewall using application proxies rejects
individual packets, even if the packets contain port numbers allowed by a rule
set.
 The application gateway analyses the entire message instead of individual
packets when sending or receiving data.
When an inside host initiates a TCP/IP connection, the application gateway receives
the request and checks it against a set of rules or filters. The application gateway (or
proxy server) will then initiate a TCP/IP connection with the remote server.
6. Explain in detail about the Firewall Designs.

 The primary step in designing a secure firewall is obviously to prevent the
firewall devices from being compromised by threats.
 To provide a certain level of security, the three basic firewall designs are
considered:

www.rejinpaul.com
 A single-homed bastion host,

 A dual-homed bastion host
 A screened subnet firewall.
 The first two options are for creating a screened host firewall, and the third
option contains an additional packet-filtering router to achieve another level of
security.
Screened Host Firewall (Single-Homed Bastion Host)
 Single-homed bastion hosts can be configured as either circuit-level or
application-level gateways. When using either of these two gateways, each of
which is called a proxy server, the bastion host can hide the configuration of
the internal network.
 NAT is essentially needed for developing an address scheme internally. It is a
critical component of any firewall strategy.
 It translates the internal IP addresses to IANA registered addresses to access
the Internet.
 The screened host firewall is designed such that all incoming and outgoing
information is passed through the bastion host.
 The screening router is also configured to route outgoing traffic only if it
originates from the bastion host.
 A single-homed implementation may allow a hacker to modify the router not to
forward packets to the bastion host.
Screened Host Firewall (Dual-Homed Bastion Host)
The configuration of the screened host firewall using a dual-homed bastion host adds
significant security, compared with a single-homed bastion host.
This firewall implementation is secure due to the fact that it creates a complete break
between the internal network and the external Internet.

www.rejinpaul.com
As with the single-homed bastion, all external traffic is forwarded directly to the
bastion host for processing. However, a hacker may try to subvert the bastion host
and the router to bypass the firewall mechanisms. Even if a hacker could defeat either
the screening router or the dual-homed bastion host, the hacker would still have to
penetrate the other. Nevertheless, a dual-homed bastion host removes even this
possibility. It is also possible to implement NAT for dual-homed bastion hosts.
Screened Subnet Firewall

 The third implementation of a firewall is the screened subnet, which is also
known as a DMZ.

www.rejinpaul.com
 This firewall is the most secure one among the three implementations, simply
because it uses a bastion host to support both circuit- and application-level
gateways.
 This DMZ then functions as a small isolated network positioned between the
Internet and the internal network.
 The screened subnet firewall contains external and internal screening routers.
Each is configured such that its traffic flows only to or from the bastion host.
This arrangement prevents any traffic from directly traversing the DMZ
subnetwork.
 The external screening router uses standard filtering to restrict external access
to the bastion host, and rejects any traffic that does not come from the bastion
host.
 This router also uses filters to prevent attacks such as IP spoofing and source
routing.
 The internal screening router also uses rules to prevent spoofing and source
routing.
7. Explain in detail about the SET for E-Commerce Transactions.
The Secure Electronic Transaction (SET) is a protocol designed for protecting credit
card transactions over the Internet. It is an industry-backed standard that was formed
by MasterCard and Visa (acting as the governing body) in February 1996.
Business Requirements for SET
This section describes the major business requirements for credit card transactions by
means of secure payment processing over the Internet. They are listed below:
1. Confidentiality of information (provide confidentiality of payment and order

information):
2. Integrity of data (ensure the integrity of all transmitted data):
3. Cardholder account authentication (provide authentication that a cardholder is a
legitimate customer of a branded payment card account):
4. Merchant authentication (provide authentication that a merchant can accept credit
card transactions through its relationship with an acquiring financial institution):

www.rejinpaul.com
5. Security techniques (ensure the use of the best security practices and system
design techniques to protect all legitimate parties in an electronic commerce
transaction):
6. Creation of brand-new protocol (create a protocol that neither depends on
transport security mechanisms nor prevents their use):
7. Interoperability (facilitate and encourage interoperability among software and
network providers):
SET System Participants
A discrepancy is found between an SET transaction and a retail or mail order

transaction: in a face-toface retail transaction, electronic processing begins with the
merchant or the acquirer, but, in an SET transaction, the electronic processing begins
with the cardholder.
1. Cardholder:
2. Issuer:
3. Merchant:
4. Acquirer:
5. Payment gateway:
6. Certification Authority:

www.rejinpaul.com
Figure 11.1 illustrates the SET hierarchy which reflects the relationships between the
participants in the SET system, described in the preceding paragraphs. In the SET
environment, there exists a hierarchy of CAs. The SET protocol specifies a method of
trust chaining for entity authentication. This trust chain method entails the exchange
of digital certificates and verification of the public keys by validating the digital
signatures of the issuing CA.
Cryptographic Operation Principles
SET is the Internet transaction protocol providing security by ensuring confidentiality,
data integrity, authentication of each party and validation of the participant’s identity.
To meet these requirements, SET incorporates the following cryptographic principles:
• Confidentiality:
• Integrity:
• Authentication:
Dual Signature and Signature Verification
SET introduced a new concept of digital signature called dual signatures. A dual
signature is generated by creating the message digest of two messages: order digest
and payment digest.

www.rejinpaul.com
Referring to Figure 11.2, the customer takes the hash codes (message digests) of both
the order message and payment message by using the SHA-1 algorithm. Computation
of the dual signature (DS) is shown as follows:
DS = EKsc(h)
where h = H(H(OM)||H(PM))
= H(ho||hp)
EKsc (= dc) is the customer’s private signature key.
Authentication and Message Integrity
When user A wishes to sign the plaintext information and send it in an encrypted
message (ciphertext) to user B, the entire encryption process is as configured in Figure
11.4. The encryption/decryption processes for message integrity consist of the
following steps.

www.rejinpaul.com
1. Encryption process:
 User A sends the plaintext through a hash function to produce the message
digest that is used later to test the message integrity.
 A then encrypts the message digest with his or her private key to produce the
digital signature.
 Next, A generates a random symmetric key and uses it to encrypt the plaintext,
A’s signature and a copy of A’s certificate, which contains A’s public key. To
decrypt the plaintext later, user B will require a secure copy of this temporary
symmetric key.
 B’s certificate contains a copy of his or her public key. To ensure secure
transmission of the symmetric key, A encrypts it using B’s public key. The
encrypted key, called the digital envelope, is sent to B along with the encrypted
message itself.
 A sends a message to B consisting of the DES-encrypted plaintext, signature
and A’s public key, and the RSA-encrypted digital envelope.
2. Decryption process:
 B receives the encrypted message from A and decrypts the digital envelope with
his or her private key to retrieve the symmetric key.
 B uses the symmetric key to decrypt the encrypted message, consisting of the
plaintext, A’s signature and A’s public key retrieved from A’s certificate.
 B decrypts A’s digital signature with A’s public key that is acquired from A’s
certificate. This recovers the original message digest of the plaintext.
 B runs the plaintext through the same hash function used by A and produces a
new message digest of the decrypted plaintext.
 Finally, B compares his or her message digest to the one obtained from A’s
digital signature.
Payment Processing
1. Cardholder Registration
2. Merchant Registration
3. Purchase Request
4. Payment Authorization
5. Payment Capture

www.rejinpaul.com
Cardholder Registration
The cardholder must register with a CA before sending SET messages to the merchant.
The cardholder needs a public/private-key pair for use with SET. The scenario of
cardholder registration is described in the following.
1. Registration request/response processes:
The registration process can be started when the cardholder requests a copy of the

www.rejinpaul.com
CA certificate. When the CA receives the request, it transmits its certificate to the
cardholder. The cardholder verifies the CA certificate by traversing the trust chain
to the root key. The cardholder holds the CA certificate to use later during the
registration process.
 The cardholder sends the initiate request to the CA.
 Once the initiate request is received from the cardholder, the CA generates the
response and digitally signs it by generating a message digest of the response
and encrypting it with the CA’s private key.
 The CA sends the initiate response along with the CA certificate to the
cardholder.
 The cardholder receives the initiate response and verifies the CA certificate by
traversing the trust chain to the root key.
 The cardholder verifies the CA certificate by decrypting it with the CA’s public
key and comparing the result with a newly generated message digest of the
initiate response.
2. Registration form process:
 The cardholder generates the registration form request.
 The cardholder encrypts the SET message with a random symmetric key
(No. 1).
 The DES key, along with the cardholder’s account number, is then
encrypted with the CA’s public key.
 The cardholder transmits the encrypted registration form request to the CA.
 The CA decrypts the symmetric DES key (No. 1) and cardholder’s account
number with the CA’s private key. The CA then decrypts the registration
form request using the symmetric DES key (No. 1).
 The CA determines the appropriate registration form and digitally signs it by
generating a message digest of the registration form and encrypting it with
the CA’s private key.
 The CA sends the registration form and the CA certificate to the cardholder.
 The cardholder receives the registration form and verifies the CA certificate
by traversing the trust chain to the root key.
 The cardholder verifies the CA’s signature by decrypting it with the CA’s
public key and comparing the result with a newly generated message digest

www.rejinpaul.com
of the registration form. The cardholder then completes the registration

form.
3. Certificate request/response processes:

 The cardholder generates the certificate request, including the information
entered into the registration form.

www.rejinpaul.com
 The cardholder creates a message with request, the cardholder’s public key and
a newly generated symmetric key (No. 2), and digitally signs it by generating a
message digest of the cardholder’s private key.
 The cardholder encrypts the message with a randomly generated symmetric key
(No. 3). This symmetric key, along with the cardholder’s account information, is
then encrypted with the CA’s public key.
 The cardholder transmits the encrypted certificated request messages to the
CA.
 The CA decrypts the No. 3 symmetric key and cardholder’s account information
with the CA’s private key, and then decrypts the certificate request using this
symmetric key.
 The CA verifies the cardholder’s signature by decrypting it with the cardholder’s
public key and comparing the result with a newly generated message digest of
the certificate requested.
 The CA verifies the certificate request using the cardholder’s account
information and information from the registration form.
 The CA generates the certificate response and digitally signs it by generating a
message digest of the response and encrypting it with the CA’s private key.
Merchant Registration
Merchants must register with a CA before they can receive SET payment instructions
from cardholders. In order to send SET messages to the CA, the merchant must have a
copy of the CA’s public key which is provided in the CA certificate.
1. Registration form process:
The registration process starts when the merchant requests the appropriate
registration form.
o The merchant sends the initiate request of the registration form to the
CA.
o To register, the merchant fills out the registration form with information
such as the merchant’s name, address and ID.
o The CA receives the initiate request.
o The CA selects an appropriate registration form and digitally signs it by
generating a message digest of the registration form and encrypting it
with the CA’s private key.

www.rejinpaul.com
o The CA sends the registration form along with the CA certificate to the
merchant.
o The merchant verifies the CA’s signature by decrypting it with the CA’s
public key and comparing the result with a newly computed message
digest of the registration form.
o The merchant creates two public/private-key pairs for use with SET: key
encryption and signature.
2. Certificate request/create process:
o The merchant generates the certificate request.
o The merchant creates the message with request and both merchant
public keys and digitally signs it by generating a message digest of the
certificate request and encrypting it with the merchant’s private key.
o The merchant encrypts the message with a random symmetric key (No.
1). This symmetric key, along with the merchant’s account data, is then
encrypted with the CA’s public key.
o The merchant transmits the encrypted certificate request message to the
CA.
o The CA decrypts the symmetric key (No. 1) and the merchant’s account
data with the CA’s private key, and then decrypts the message using the
symmetric key (No. 1).
o The CA verifies the merchant’s signature by decrypting it with the
merchant’s public key and comparing the result with a newly computed
message digest of the certificate request.
o The CA confirms the certificate request using the merchant information.
o Upon verification, the CA creates the merchant certificate digitally
signing the certificate with the CA’s private key.
o The CA generates the certificate response and digitally signs it by
generating a message digest of the response and encrypting it with the
CA’s private key.
o The CA transmits the certificate response to the merchant.
o The merchant receives the certificate response from the CA. The
merchant decrypts the digital envelope to obtain the symmetric key. This
key is used to decrypt the registration response containing the
certificates.

www.rejinpaul.com
o The merchant verifies the certificates by traversing the trust chain to the
root key.
o The merchant verifies the CA’s signature by decrypting it with the CA’s
public key and comparing the result with a newly computed message
digest of the certificate response.
o The merchant stores the certificates and information from the response
for use in future e-commerce transactions.
Purchase Request
The purchase request exchange should take place after the cardholder has completed
browsing, selecting and ordering. Before the end of this preliminary phase occurs, the
merchant sends a completed order form to the cardholder (customer).
1. Initiate request:
• The cardholder sends the initiate request to the merchant.
• The merchant receives the initiate request.
• The merchant generates the response and digitally signs it by generating a message
digest of the response and encrypting it with the merchant’s private key.
• The merchant sends the response along with the merchant and payment gateway
certificates to the cardholder.
2. Initiate response:
• The cardholder receives the initiate response and verifies the certificates by
traversing the trust chain to the root key.
• The cardholder verifies the merchant’s signature by decrypting it with the
merchant’s public key and comparing the result with a newly computed message
digest of the response.
. The cardholder creates the order message (OM) using information from the shopping
phase and payment message (PM). At this step the cardholder completes
payment instructions.
3. Purchase request:
o The cardholder generates a dual signature for the OM and PM by
computing the message digests of both, concatenating the two digests,
computing the message digest of the result and encrypting it using the
cardholder’s private key.

www.rejinpaul.com
 The cardholder generates a random symmetric key (No. 1) and uses it to

encrypts the PM. The cardholder then encrypts his or her account number as
well as the random symmetric key used to encrypt the PM in a digital envelope
using the payment gateway’s key.
o The cardholder transmits the OM and the encrypted PM to the merchant.
 The merchant verifies the cardholder certificate by traversing the trust chain to
the root key.
o The merchant verifies the cardholder’s dual signature on the OM by
decrypting it with the cardholder’s public key and comparing the result
with a newly computed message digest of the concatenation of the
message digests of the OM and PM.
 The merchant processes the request, including forwarding the PM to the
payment gateway for authorisation.
4. Purchase response:
 The merchant creates the purchase response including the merchant signature
certificate and digitally signs it by generating a message digest of the purchase
response and encrypting it with the merchant’s private key.
o The merchant transmits the purchase response to the cardholder.
o If the transaction was authorised, the merchant fulfils the order to the
cardholder.
 The cardholder verifies the merchant signature certificate by traversing the
trust chain to the root key.
o The cardholder verifies the merchant’s digital signature by decrypting it
with the merchant’s public key and comparing the result with a newly
computed message digest of the purchase response.
o The cardholder stores the purchase response.
Payment Authorisation
1. Authorisation request:
o The merchant creates the authorisation request.
 The merchant digitally signs an authorisation request by generating a message
digest of the authorisation request and encrypting it with the merchant’s
private key.
 The merchant encrypts the authorisation request using a random symmetric
key (No. 2), which in turn is encrypted with the payment gateway public key.

www.rejinpaul.com
o The merchant transmits the encrypted authorisation request and the

encrypted PM from the cardholder purchase request to the payment
gateway.
o The gateway verifies the merchant certificate by traversing the trust
chain to the root key.
o The payment gateway decrypts the digital envelope of the authorisation
request to obtain the symmetric encryption key (No. 2) with the gateway
private key. The gateway then decrypts the authorisation request using
the symmetric key (No. 2).
o The gateway verifies the merchant’s digital signature by decrypting it
with the merchant’s public key and comparing the result with a newly
computed message digest of the authorisation request.
o The gateway verifies the cardholder’s certificate by traversing the trust
chain to the root key.
o The gateway decrypts the symmetric key (No. 1) and the cardholder
account information with the gateway private key. It uses the symmetric
key to decrypt the PM.
o The gateway verifies the cardholder’s dual signature on the PM by
decrypting it with the cardholder’s public key and comparing the result
with a newly computed message digest of the concatenation of the
message digest of the OM and the PM.
o The gateway ensures consistency between the merchant’s authorisation
request and the cardholder’s PM.
o The gateway sends the authorisation request through a financial network
to the cardholder’s financial institution (issuer).
2. Authorisation response:
o The gateway creates the authorisation response message and digitally
signs it by generating a message digest of the authorisation response and
encrypting it with the gateway’s private key.
o The gateway encrypts the authorisation response with a new randomly
generated symmetric key (No. 3). This key is then encrypted with the
merchant’s public key.

www.rejinpaul.com
 The gateway creates the capture token and digitally signs it by generating a
message digest of the capture token and encrypting it with the gateway’s private
key.
o The gateway encrypts the capture token with a new symmetric key (No.
4). This key and the cardholder account information are then encrypted
with the gateway’s public key.
o The gateway transmits the encrypted authorisation response to the
merchant.
 The merchant verifies the gateway certificate by traversing the trust chain to
the root key.
 The merchant decrypts the symmetric key (No. 3) with the merchant’s private
key and then decrypts the authorisation response using the symmetric key (No.
3).
1. Capture request:
• The merchant creates the capture request.
• The merchant embeds the merchant certificate in the capture request and digitally
signs it by generating a message digest of the capture request and encrypting it with
the merchant’s private key.
• The merchant encrypts the capture request with a randomly generated symmetric
key (No. 5). This key is then encrypted with the payment gateway’s public key.
• The merchant transmits the encrypted capture request and encrypted capture token
previously stored from the authorisation response to the payment gateway.
• The gateway verifies the merchant certificate by traversing the trust chain to the
root key.
• The gateway decrypts the symmetric key (No. 5) with the gateway’s private key
and then decrypts the capture request using the symmetric key (No. 5).
• The gateway verifies the merchant’s digital signature by decrypting it with the
merchant’s public key and comparing the result with a newly computed message
digest of the capture request.
• The gateway decrypts the symmetric key (No. 4) with the gateway’s private key
and then decrypts the capture token using the symmetric key (No. 4).
• The gateway ensures consistency between the merchant’s capture request and the
capture token.

www.rejinpaul.com
• The gateway sends the capture request through a financial network to the
cardholder’s issuer (financial institution).
2. Capture response:
• The gateway creates the capture response message, including the gateway signature
certificate, and digitally signs it by generating a message digest of the capture
response and encrypting it with the gateway’s private key.
• The gateway encrypts the capture response with a newly generated symmetric key
(No. 6). This key is then encrypted with the merchant’s public key.
• The gateway transmits the encrypted capture response to the merchant.
• The merchant verifies the gateway certificate by traversing the trust chain to the root
key.
• The merchant decrypts the symmetric key (No. 6) with the merchant’s private key
and then decrypts the capture response using the symmetric key (No. 6).

www.rejinpaul.com
Important Questions
Part-A
1.What is application level gateway?
2. List the design goals of firewalls?
3.What is mean by SET? What are the features of SET?
4. What are the steps involved in SET Transaction?
5.Define S/MIME?
6. What are the headers fields define in MIME?
7. What is MIME content type and explain?
8. What are the key algorithms used in S/MIME?
9. Give the steps for preparing envelope data MIME?
10.What are the services provided by PGP services
11. Explain the reasons for using PGP?
12. Why E-mail compatibility function in PGP needed?
13. Name any cryptographic keys used in PGP?
14.What is meant by S/MIME? (A/M-12)
15.List out the types of firewalls.
Part-B
1.Explain in detail about the PGP.
2.Explain in detail about the S/MIME.
3.Explain in detail about the Types of Firewalls in Internet Firewalls for Trusted
System.
4. Explain in detail about the Firewall related terminology in Internet Firewalls for
Trusted System.
5.Explain in detail about the SET for E-Commerce Transactions.

www.rejinpaul.com
UNIT III
INTRODUCTION TO COMPUTER FORENSICS
Introduction to Traditional Computer Crime, Traditional problems associated with

Computer Crime. Introduction to Identity Theft & Identity Fraud. Types of CF
techniques – Incident and incident response methodology – Forensic duplication and
investigation. Preparation for IR: Creating response tool kit and IR team. – Forensics
Technology and Systems – Understanding Computer Investigation - Data Acquisition.
Part-A
1.Define computer crime.

 Computer crime is any criminal offense, activity or issue that involves
computers
 Computer misuse tends to fall into two categories.
 Computer is used to commit a crime
 Computer itself is a target of a crime. Computer is the victim. Computer
Security Incident.
 Computer Incident Response
2. Define computer forensics.
 Computer Forensics involves the preservation, identification, extraction,
documentation and interpretation of computer data [1]
 Computer Forensics is the application of science and engineering to the legal
problem of digital evidence. It is a synthesis of science and law.
 Computer forensics, still a rather new discipline in computer security, focuses
on finding digital evidence after a computer security incident has occurred .
 The goal of computer forensics is to do a structured investigation and find out
exactly what happened on a digital system, and who was responsible for it.
3.List out the Traditional problems associated with Computer Crime.
1. Physicality and Jurisdictional Concerns

2. Perceived Insignificance, Stereotypes, and Incompetence
3. Prosecutorial Reluctance
4. Lack of Reporting
5. Lack of Resources
6. Jurisprudential Inconsistency
4.Define identify theft.
 The generic term identity theft has been utilized to describe any use of stolen
personal information. However, such characterization fails to provide a
comprehensive picture of the totality of possibilities surrounding that construct
known as identity.

www.rejinpaul.com
5. Define Identity fraud.

 Identity fraud, which encompasses identity theft within its purview, may be
defined as the use of a vast array of illegal activities based on fraudulent use of
identifying information of a real or fictitious person.
6.List out the Typologies of Identity Theft/Fraud

a. Assumption of Identity
b. Theft for Employment and/or Border Entry
c. Criminal Record Identity Theft/Fraud
d. Virtual Identity Theft/Fraud
e. Credit Identity Theft/Fraud
7.List out the Physical Methods of Identity Theft
a. Mail Theft
b. Dumpster Diving
c. Theft of Computers
d. Bag Operations
e. Child Identity Theft
f. Insiders
g. Fraudulent or Fictitious Companies
h. Card Skimming, ATM Manipulation, and Fraudulent Machines
8.How to prepare a computer investigation.
prepare a computer investigation
• Digital investigations fall into two categories:
– Public-sector investigations
– Private-sector investigations
• Public-sector investigations involve government agencies responsible for
criminal investigations and prosecution
• Fourth Amendment to the U.S. Constitution
– Restrict government search and seizure
9.What are the Steps for problem solving
Steps for problem solving
– Make an initial assessment about the type of case you are investigating
– Determine a preliminary design or approach to the case
– Create a detailed checklist
– Determine the resources you need
– Obtain and copy an evidence drive
– Identify the risks
– Mitigate or minimize the risks
– Test the design
– Analyze and recover the digital evidence

www.rejinpaul.com
– Investigate the data you recover

– Complete the case report
– Critique the case
10.Write the steps for Planning Your Investigation
• A basic investigation plan should include the following activities:
– Acquire the evidence
– Complete an evidence form and establish a chain of custody
– Transport the evidence to a computer forensics lab
– Secure evidence in an approved secure container
– Prepare your forensics workstation
– Retrieve the evidence from the secure container
– Make a forensic copy of the evidence
– Return the evidence to the secure container
– Process the copied evidence with computer forensics tools
11.List out the forensics technology.
1. Types of Military Computer Forensic Technology
2. Types of Law Enforcement: Computer Forensic Technology
3. Types of Business Computer Forensic Technology
12.List out the forensics system.
 Internet security systems
 Intrusion detection systems
 Firewall security systems
 Storage area network security systems
 Network disaster recovery systems
 Public key infrastructure security systems
 Wireless network security systems
 Satellite encryption security systems
 Instant messaging (IM) security systems
 Net privacy systems
 Identity management security systems
 Identity theft prevention systems
 Biometric security systems
 Homeland security systems
13.Draw the internet security hierarchy.
14.Define Intrusion Detection.

www.rejinpaul.com
 Intrusion detection systems help computer systems prepare for and deal
with attacks.
 Monitoring and analysis of user and system activity
 Auditing of system configurations and vulnerabilities
 Assessing the integrity of critical system and data files
 Recognition of activity patterns reflecting known attacks
 Statistical analysis of abnormal activity patterns
 Operating system audit trail management, with recognition of user
activity reflecting policy violations
15.write the benefits of firewalls.
Benefits of Firewalls
 Protection from vulnerable services
 Controlled access to site systems
 Concentrated security
 Enhanced privacy
 Logging and statistics on network use and misuse
 Policy enforcement
Part-B
1. Explain in detail about the computer crime.
 Computer crime is any criminal offense, activity or issue that involves
computers
 Computer misuse tends to fall into two categories.
 Computer is used to commit a crime
 Computer itself is a target of a crime. Computer is the victim. Computer
Security Incident.
 Computer Incident Response.
 Computer Forensics involves the preservation, identification, extraction,
documentation and interpretation of computer data [1]
 Computer Forensics is the application of science and engineering to the legal
problem of digital evidence. It is a synthesis of science and law.
 Computer forensics, still a rather new discipline in computer security, focuses
on finding digital evidence after a computer security incident has occurred .
 The goal of computer forensics is to do a structured investigation and find out
exactly what happened on a digital system, and who was responsible for it.
Introduction
 The introduction of the Internet has created unparalleled opportunities for
commerce, research, education, entertainment, and public discourse. A global
marketplace has emerged, in which fresh ideas and increased appreciation for
multiculturalism have flourished.

www.rejinpaul.com
 The introduction of computerized encyclopedias, international consortia,

worldwide connectivity, and communications has greatly enhanced quality of
life for many individuals.
 Indeed, the Internet can be utilized as a window to the world, allowing
individuals to satiate their curiosity and develop global consciousness. It allows
individuals to experience those things that they have only dreamed about.
 Interested parties can visit the Louvre, devouring priceless artifacts at their
leisure or take an African safari without the heat or mosquitoes. They can find
answers to the most complex legal or medical questions or search for their soul
mates.
 They can download coupons for their favorite restaurants or search for recipes
to their favorite dishes.
 In addition, individuals, corporations, public organizations, and institutions can
more effectively advertise their products or services, using graphically
highlighted information and providing links to supplemental information or
support.
 In fact, computerized access to unprecedented information has cut across
traditional boundaries of communication.
Cyberspace and Criminal Behavior
 Cyberspace may be defined as the indefinite place where individuals transact
and communicate. It is the place between places.
 Telephonic conversations, occurring across time and space, were pre-dated by
wire exchanges. However, the new medium known as the Internet has
monumentally increased the physicality of the virtual world, outpaced only by
the exponential growth in the number of users.
 No other method of communication converges audio, video, and data entities so
effectively.
 Unlike traditional methods, the Internet combines mail, telephone, and mass
media. As stated previously, it exposes individuals to a myriad of new ideas and
may serve as a social gathering place, a library, or a place to be alone.
 In fact, the two created the Electronic Frontier Foundation (EFF) offering to
―fund, conduct, and support legal efforts to demonstrate that the Secret Service
has exercised prior restraint on publications, limited free speech, conducted
improper seizure of equipment and data, used undue force, and generally

www.rejinpaul.com
conducted itself in a fashion which is arbitrary, oppressive and

unconstitutional.‖
 While early actions by the U.S. Secret Service may validate some of these early
concerns, the efforts of the EFF have often overlooked the negative potentiality of
this global marketplace that has reunited a society that had increasingly removed
itself through suburbanization. Just as the Industrial Revolution enhanced threats
to national security and created an environment conducive to street/predatory
crime through the concentration of the urban population, the Information or
Digital Revolution has created a new forum for both terrorist activity and criminal
behavior. Indeed, this latest technological era has exacerbated the vulnerabilities of
government institutions and personal residences alike. Critical infrastructures,
increasingly characterized by tight couplings and interdependency of IT, emergency
services, public utilities, banking sectors, food supplies, and transportation
systems, have resulted in an interconnectivity inconsistent with traditional security
strategies. Such myopia has similarly impacted private citizens who have failed to
employ rudimentary measures of cyberprotection even as they add additional
doorlocks and alarm systems to insulate themselves from physical attacks.
Clarification of Terms
 Just as debates rage over the appropriate codification of crime committed via
electronic means, controversy surrounds the actual semantics associated with
the phenomenon.
 For clarification purposes, then, it is necessary to define the historical usage of
terms associated with technological or electronic crimes. Computer crime has
been traditionally defined as any criminal act committed via computer.
Computer-related crime has been defined as any criminal act in which a
computer is involved, even peripherally.
 Cybercrime has traditionally encompassed abuses and misuses of computer
systems or computers connected to the Internet which result in direct and/or
concomitant losses. Finally, digital crime, a relatively new term, includes any
criminal activity which involves the unauthorized access, dissemination,
manipulation, destruction, or corruption of electronically stored data. As data
may be accessed or stored in a variety of ways and in a variety of locations,
digital crime may be characterized as any of the three depending on case
characteristics.

www.rejinpaul.com
 While computer crime and computer related crime will be used interchangeably
throughout the text, cybercrime will only be used to describe that criminal activity
which has been facilitated via the Internet.
 Just as confusion exists regarding the appropriate terminology for crimes involving
computers, the nomenclature of the science developed to investigate such activity
lacks universality.
 For clarification purposes in this text, computer forensic science, computer
forensics, and digital forensics may be defined as the methodological, scientific,
and legally sound process of examining computer media and networks for the
identification, extraction, authentication, examination, interpretation, preservation,
and analysis of evidence.
2. Explain in detail about the Traditional problems associated with Computer

Crime.
8. Physicality and Jurisdictional Concerns
9. Perceived Insignificance, Stereotypes, and Incompetence
10. Prosecutorial Reluctance
11. Lack of Reporting
12. Lack of Resources
Physicality and Jurisdictional Concerns
 The physical environment that breeds computer crime is far different from
traditional venues.
 In fact, the intangible nature of computer interaction and subsequent
criminality poses significant questions for investigative agents.
 The lack of physical boundaries and the removal of traditional jurisdictional
demarcations allow perpetrators to commit multinational crime with little fear
(or potential) of judicial sanctions.
 For the first time, criminals can cross international boundaries without the use
of passports or official documentation.
 Whereas traditional criminal activity required the physical presence of the
perpetrators, cybercrime is facilitated by international connections that enable
individuals to commit criminal activity in England while sitting in their offices
in Alabama. In addition, electronic crime does not require an extensive array of
equipment or tools.
Perceived Insignificance, Stereotypes, and Incompetence
 Investigators and administrators have displayed great reluctance to pursue
computer criminals.

www.rejinpaul.com
 A lack of knowledge coupled with general apathy toward cyber criminality has
resulted in an atmosphere of indifference.
 Many stereotype computer criminals as nonthreatening, socially challenged
individuals (i.e., nerds or geeks) and fail to see the insidious nature of computer
crime;
 In addition, those administrators and investigators who grudgingly admit the
presence and danger of electronic crime tend to concentrate exclusively on child
pornography, overlooking motivations and criminal behaviors apart from sexual
gratification.
 Even in situations where law enforcement authorities recognize the insidious
nature of computer or cybercrime, many do not perceive themselves or others in
their department to be competent to investigate such criminal activity.
Prosecutorial Reluctance
 As media focus has increasingly highlighted the dangers of cyberspace,
including those involving cyber bullying and child exploitation, public
awareness has heightened an urgency to protect children’s virtual
playgrounds.
 In response, federal and state resources have often been allocated to fund
specialized units to investigate and prosecute those offenses which affect the
safety of American children.
 For example, the Federal Bureau of Investigation maintains a partnership
with the Child Exploitation and Obscenity Section of the Department of
Justice.
 This organization is composed of attorneys and computer forensic specialists
who provide expertise to U.S. Attorney’s Offices on crimes against children
cases.
Lack of Reporting
 The number of reported incidents handled by Carnegie-Mellon University’s
Computer Emergency Response Team (CERT) has increased threefold, from
24,097 in 2006 to 72,065 in 2008.13 In their annual survey, CSO Magazine (in
conjunction with the U.S. Secret Service; CERT, and Deloitte) reported that 58
percent of the organizations surveyed perceived themselves to be more prepared
to prevent, detect, respond to, or recover from a cybercrime incident compared
to the previous year.
 However, only 56 percent of respondents actually had a plan for reporting and
responding to a crime.14 In 2011, it was reported that over 75 percent of all
insider intrusions were handled internally without notification of authorities.
 Underreporting on the part of businesses and corporations may be attributed to
a variety of reasons, but perhaps the most common are exposure to financial

www.rejinpaul.com
losses, data breach liabilities, damage to brand, regulatory issues, and loss of
consumer confidence.
 Contemporary society, characterized by increased reliance on paperless
transactions, demands assurances that the company’s infrastructure is
invulnerable and that confidential information remains inviolate.
Lack of Resources
 Computer intrusions have proven to be problematic within the corporate world,
such institutions’ unwillingness or inability to effectively communicate with
judicial authorities has led to an increase in computer crime.
 Unfortunately, law enforcement and corporate entities desperately need to
cooperate with one another.
 Unlike their civil service counterparts, the business communities have the
resources (both financial and legal) necessary to effectively combat computer
crimes.
 First, these companies, through their system administrators, have far more
leeway in monitoring communications and system activities, and they have the
ability to establish policies which enable wide-scale oversight.
Jurisprudential Inconsistency
 Unfortunately, the Supreme Court has remained resolutely averse to
deciding matters of law in the newly emerging sphere of cyberspace.
 They have virtually denied cert on every computer privacy case to which
individuals have appealed and have refused to determine appropriate
levels of Fourth Amendment protections of individuals and computer
equipment.
 This hesitation has become even more pronounced with the emergence of
wireless communications, social networking sites, and smart phones.
 As such, obvious demarcations of perception, application, and
enforcement of computer crime laws vary widely across the country, and
a standard of behavior in one jurisdiction may supersede or even negate
legal standards in another.
 Traditionally, trial and appellate courts evaluated the constitutionality of
computer crime statutes, searches, and investigations through the lens
of the First and Fourth Amendment.
 Evaluating appropriate boundaries for free speech and establishing
standards of reasonableness have varied across state and federal rulings,
and an inconsistent patchwork of guidelines has resulted.

www.rejinpaul.com
3. Explain in detail about the Identify theft and identify fraud.

 The generic term identity theft has been utilized to describe any use of stolen
personal information. However, such characterization fails to provide a
comprehensive picture of the totality of possibilities surrounding that construct
known as identity.
 Identity fraud, which encompasses identity theft within its purview, may be
defined as the use of a vast array of illegal activities based on fraudulent use of
identifying information of a real or fictitious person.
Typologies of Identity Theft/Fraud
c. Criminal Record Identity Theft/Fraud
e. Credit Identity Theft/Fraud
 This is the rarest form of identity theft/fraud and occurs when an individual
simply assumes the identity of his or her victim, including all aspects of the
victim’s lives.
 It must be noted that this type of activity is atypical as it is significantly more
difficult to accomplish.
 Even if a thief could identically duplicate the physical characteristics and
appearance of his intended target, the likelihood of mastering personal
histories, intimate relationships, and communication nuances is extremely
remote.
 However, it is important to note that this type of identity fraud has occurred
even in cases where the plausibility of such assumption borders on the
ridiculous.
 This type of identity theft/fraud is increasingly common due to the growth of
illegal immigration and alien smuggling. It involves the fraudulent use of stolen
or fictitious personal information to obtain employment or to gain entry into the
United States.
 The documents most frequently intercepted by officials included alien
registration cards, nonimmigrant visas, passports and citizenship documents,
and border crossing cards. These documents were presented by aliens who were

www.rejinpaul.com
attempting to enter the United States in search of employment or other

immigration benefits, like naturalization or permanent residency status.
Here are some recent examples of identity theft for employment:
• 2008—Agriprocessors, Inc.—CEO, company managers, and human resource
employees were charged with multiple counts of federal immigration violations. Among
other charges, the meat processing company was charged with harboring illegal aliens
for profit, document fraud, bank fraud, and aggravated identity theft.
• 2009—George’s Processing, Inc.—Company paid nearly half a million dollars after
136 illegal aliens were found working at the Missouri plant.
• 2008—Columbia Farms—Approximately 300 individuals, including eleven
supervisors and one human resources manager, were arrested by federal authorities
after a ten-month investigation revealed charges relating to identity theft for
employment. The arrests in Greenville, South Carolina, followed earlier arrests of
nearly two dozen plant managers.
Criminal Record Identity Theft/Fraud
 This type is often overlooked in discussions of identity theft, perhaps because it
is not as common or because the immediate financial repercussions are not
significant.
 It has been used historically by individuals attempting to evade capture or
criminal prosecution.
 Reverse criminal record identity theft occurs when a criminal uses a victim’s
identity not to engage in criminal activity but to seek gainful employment.
Unfortunately, criminal record identity theft/fraud is especially insidious as it
often remains undiscovered until the victim is pulled over for a routine traffic
violation. Unlike other types of identity fraud, in this case many victims are
horrified to discover that they have been victimized by a friend or relative.
Virtual Identity Theft/Fraud
 A relatively new phenomenon, virtual identity theft/fraud involves the use of
personal, professional, or other dimensions of identity toward the development
of a fraudulent virtual personality.
 As in the previous types discussed, motivations range from the relatively
innocuous to extreme malevolence.

www.rejinpaul.com
 Unlike physical identities which are tied to social networks, legal

documentation, and biological characteristics, virtual identities are largely
personally constructed.
 Indeed, many individuals develop a virtual identity which is antithetical to their
physical one—making themselves taller, richer, younger, more charismatic, and
so on.
 In other words, virtual identities are often far removed from reality.
 As such, they are inherently less veracious and less trustworthy. They are often
used for online dating, role-playing, and accessing deviant sites or locations
containing questionable content.
 Although many individuals create virtual identities to explore forbidden areas or
satisfy their curiosity behind a veil of anonymity, most do not cross the line
between the legal and the illegal worlds.
Credit Identity Theft/Fraud
 It may be defined as the use of stolen personal and financial information to
facilitate the creation of fraudulent accounts.
 This definition, specific by design, requires the affirmative act of securing
additional credit.
 It does not include traditional activities like the illegal use of a stolen credit
card, as that activity is more appropriately situated under statutes concerning
credit card fraud.
 It is also not defined under identity theft, as the primary incentive is instant
gratification.
 As credit cards are treated as cash by consumers and merchants alike, the use
of a stolen one may be likened to purse snatching or pick-pocketing without
physical contact.
Physical Methods of Identity Theft
a. Mail Theft
b. Dumpster Diving
c. Theft of Computers
d. Bag Operations
e. Child Identity Theft
f. Insiders
g. Fraudulent or Fictitious Companies

www.rejinpaul.com
h. Card Skimming, ATM Manipulation, and Fraudulent Machines

a. Mail Theft
 Although it is hard to identify which method of identity theft/fraud is most
commonly employed, the theft of information from physical mailboxes is
certainly one of the most common.
 Unfortunately, numerous documents containing personal and financial
information are deposited in unlocked containers on the side of the road until it
is retrieved.
 Oftentimes, such retrieval is conducted by someone other than the intended
recipient and is used to generate illicit profit or to facilitate criminal activities.
Physical mailboxes can contain a plethora of valuable information.
 Even as the government cautions citizens to take measures to protect their
personal and financial information, they themselves are delivering government
identification documents through U.S. Mail. Many times, they even mail breeder
documents.
Dumpster Diving
 As the name implies, dumpster diving is the practice of sifting through
commercial or residential trash or waste for information deemed valuable. Such
information ranges widely, but may include account numbers, social security or
tax payer identification numbers, and passwords.
 It may be located on discarded computer media or in paper form, and may be
housed in personnel records, accounting spreadsheets, receipts, invoices, or the
like.

www.rejinpaul.com
 Fortunately, both consumers and businesses have increasingly taken measures

to prevent the misuse of discarded information. Many now employ paper
shredders and disk-wiping software.
 Diving for information has been practiced by criminals and law enforcement
alike. Early hackers found the trash to be especially helpful toward their
exploitation of computer vulnerabilities. Passwords, computer systems, and
software could be located there.
Theft of Computers
 Physical theft of computers is among the most common techniques employed by
identity thieves, as it alleviates the need to analyze and organize voluminous
paper documents.
 As the majority of individuals necessarily store personal information on their
computer, identity fraudsters are all but guaranteed a score.
 Even those individuals without technical expertise recognize that the computer
as a warehouse of information has significant value on the black market, even if
they themselves are incapable of retrieving the data.
 Areas vulnerable to such activity are limited only by the criminal mind.
Bag Operations
 Another tactic historically utilized by intelligence agents which is currently used
by identity thieves and fraudsters is known as a ―bag operation,‖ and it involves
the surreptitious entry into hotel rooms to steal, photograph, or photocopy
documents; steal or copy magnetic media; or download information from laptop
computers.
 Almost routine in many countries, bag operations are typically conducted by
the host government’s security or intelligence services, frequently with the
cooperation of the hotel staff. They are most often committed when guests leave
their room.
Child Identity Theft
 Increasingly, law enforcement authorities are reporting startling numbers of
parents stealing their children’s identities. According to the Federal Trade
Commission, more than 140,000 children were victims of identity theft in
2011.28 This represented a marked increase in numbers released by the same
group in 2003.

www.rejinpaul.com
 Unfortunately, this type of identity theft or fraud is especially difficult to recognize

and prosecute.
 The primary problem, of course, is the delayed identification of the victimization, as
credit reports are usually not generated until the first application for credit, which
usually occurs after the individual reaches the age of 18.
 Second, the theft itself is not characterized as either child abuse or exploitation, so
the primary investigative agency for children
Insiders
 Many authorities suggest that corporate and government insiders pose the
greatest risk to identity theft. As in other areas of computer crime, motivations
vary and the facilitation of fraud is not always intentional.
 In fact, careless employees account for a large amount of the identity theft in
the United States. Such negligence has been committed by both individual
employees and corporate divisions.
 In 2005, for example, Bank of America reported that the personal information of
1.2 million U.S. government employees, including U.S. senators, had been
compromised when tapes were lost during shipment. In the same year,
CitiGroup reported that UPS had lost the personal financial information of
nearly 4 million Citigroup customers.
Fraudulent or Fictitious Companies
 Recently, a more sophisticated method of identity theft/fraud involves the
creation of shell companies.
 Almost always conducted by an organized ring of criminals, fake companies are
established which are engaged in the processing or collection of personal
financial information.
 These fictitious businesses range from debt collection to insurance agents. In a
highly visible case, over 145,000 consumers were put at risk by Choice point,
an Atlanta-based company, which is one of the largest data aggregators and
resellers in the country.
 Among other things, it compiles, stores, and sells information on the vast
majority of American adults with over 19 billion records.
Card Skimming, ATM Manipulation, and Fraudulent Machines
 A more sophisticated method of data theft involves the reading and recording of

www.rejinpaul.com
Personal information encoded on the magnetic strip of an automated teller machine

(ATM) or credit card.
 Once stored, the stolen data is re-coded onto the magnetic strip of a secondary
or dummy card.
 This process, known as card skimming, results in a dummy card, which is a
full-service credit or debit card indistinguishable from the original while
purchasing.
 While card skimming was traditionally reserved to facilitate credit card fraud, it
is increasingly being employed with the collection of other personal information
to create additional accounts.
 Card skimmers come in a variety of shapes and sizes (most often miniaturized
cameras or copiers and can be mounted on retail and ATMs).
 In some cases, thieves have actually developed fraudulent ATMs. Thus,
consumers are strongly encouraged to only use those machines that are
maintained by financial institutions, and to be alert for any suspicious
equipment or appendage.
4. Explain in detail about the understanding Computer Investigation.

• Explain how to prepare a computer investigation
• Apply a systematic approach to an investigation
• Describe procedures for corporate high-tech investigations
• Explain requirements for data recovery workstations and software
• Describe how to conduct an investigation
• Explain how to complete and critique a case
prepare a computer investigation
• Digital investigations fall into two categories:
– Public-sector investigations
– Private-sector investigations

www.rejinpaul.com
• Public-sector investigations involve government agencies responsible for

criminal investigations and prosecution
• Fourth Amendment to the U.S. Constitution
– Restrict government search and seizure
• The Department of Justice (DOJ) updates information on computer search and
seizure regularly
• Private-sector investigations focus more on policy violations
Understanding Law Enforcement Agency Investigations
• When conducting public-sector investigations, you must understand laws on
computer-related crimes including:
– Standard legal processes
– Guidelines on search and seizure
– How to build a criminal case
• The Computer Fraud and Abuse Act was passed in 1986
– Specific state laws were generally developed later
Following Legal Processes
• A criminal investigation usually begins when someone finds evidence of or
witnesses a crime
– Witness or victim makes an allegation to the police
• Police interview the complainant and writes a report about the crime
• Report is processed and management decides to start an investigation or log the
information in a police blotter
– Blotter is a historical database of previous crimes
• Digital Evidence First Responder (DEFR)
– Arrives on an incident scene, assesses the situation, and takes
precautions to acquire and preserve evidence
• Digital Evidence Specialist (DES)
– Has the skill to analyze the data and determine when another specialist
should be called in to assist
• Affidavit - a sworn statement of support of facts about or evidence of a crime
– Must include exhibits that support the allegation
Understanding Private-Sector Investigations
• Private-sector investigations involve private companies and lawyers who
address company policy violations and litigation disputes
– Example: wrongful termination
• Businesses strive to minimize or eliminate litigation
• Private-sector crimes can involve:
– E-mail harassment, falsification of data, gender and age discrimination,
embezzlement, sabotage, and industrial espionage
• Businesses can reduce the risk of litigation by publishing and maintaining
policies that employees find easy to read and follow
• Most important policies define rules for using the company’s computers and
networks
– Known as an ―Acceptable use policy‖

www.rejinpaul.com
• Line of authority - states who has the legal right to initiate an investigation,
who can take possession of evidence, and who can have access to evidence
• Business can avoid litigation by displaying a warning banner on computer
screens
– Informs end users that the organization reserves the right to inspect
computer systems and network traffic
• Sample text that can be used in internal warning banners:
– Use of this system and network is for official business only
– Systems and networks are subject to monitoring at any time by the
owner
– Using this system implies consent to monitoring by the owner
– Unauthorized or illegal users of this system or network will be subject to
discipline or prosecution
• Businesses are advised to specify an authorized requester who has the power
to initiate investigations
• Examples of groups with authority
– Corporate security investigations
– Corporate ethics office
– Corporate equal employment opportunity office
– Internal auditing
– The general counsel or legal department
• During private investigations, you search for evidence to support allegations of
violations of a company’s rules or an attack on its assets
• Three types of situations are common:
– Abuse or misuse of computing assets
– E-mail abuse
– Internet abuse
• A private-sector investigator’s job is to minimize risk to the company
• The distinction between personal and company computer property can be
difficult with cell phones, smartphones, personal notebooks, and tablet
computers
• Bring your own device (BYOD) environment
– Some companies state that if you connect a personal device to the
business network, it falls under the same rules as company property
Maintaining Professional Conduct
• Professional conduct - includes ethics, morals, and standards of behavior
• An investigator must exhibit the highest level of professional behavior at all
times
– Maintain objectivity
– Maintain credibility by maintaining confidentiality
• Investigators should also attend training to stay current with the latest
technical changes in computer hardware and software, networking, and
forensic tools
Preparing a Digital Forensics Investigation

www.rejinpaul.com
• The role of digital forensics professional is to gather evidence to prove that a

suspect committed a crime or violated a company policy
• Collect evidence that can be offered in court or at a corporate inquiry
– Investigate the suspect’s computer
– Preserve the evidence on a different computer
• Chain of custody
– Route the evidence takes from the time you find it until the case is closed
or goes to court
Taking a Systematic Approach
• Steps for problem solving
– Make an initial assessment about the type of case you are investigating
– Determine a preliminary design or approach to the case
– Create a detailed checklist
– Determine the resources you need
– Obtain and copy an evidence drive
– Identify the risks
– Mitigate or minimize the risks
– Test the design
– Analyze and recover the digital evidence
– Investigate the data you recover
Assessing the Case
• Systematically outline the case details
– Situation
– Nature of the case
– Specifics of the case
– Type of evidence
– Known disk format
– Location of evidence
• Based on these details, you can determine the case requirements
Planning Your Investigation
• A basic investigation plan should include the following activities:
– Acquire the evidence
– Complete an evidence form and establish a chain of custody
– Transport the evidence to a computer forensics lab
– Secure evidence in an approved secure container
– Prepare your forensics workstation
– Retrieve the evidence from the secure container
– Make a forensic copy of the evidence
– Return the evidence to the secure container
– Process the copied evidence with computer forensics tools

www.rejinpaul.com
–
Securing Your Evidence
Use evidence bags to secure and catalog the evidence
– Use computer safe products when collecting computer evidence
– Antistatic bags
– Antistatic pads
– Use well padded containers
– Use evidence tape to seal all openings
– CD drive bays
– Insertion slots for power supply electrical cords and USB cables
• Write your initials on tape to prove that evidence has not been tampered with
• Consider computer specific temperature and humidity ranges
– Make sure you have a safe environment for transporting and storing it
until a secure evidence container is available
Procedures for Private-Sector High-Tech Investigations
• As an investigator, you need to develop formal procedures and informal
checklists
– To cover all issues important to high-tech investigations

www.rejinpaul.com
– Ensures that correct techniques are used in an investigation

Employee Termination Cases
• The majority of investigative work for termination cases involves employee
abuse of corporate assets
• Incidents that create a hostile work environment are the predominant types of
cases investigated
– Viewing pornography in the workplace
– Sending inappropriate e-mails
• Organizations must have appropriate policies in place
Internet Abuse Investigations
• To conduct an investigation you need:
– Organization’s Internet proxy server logs
– Suspect computer’s IP address
– Suspect computer’s disk drive
– Your preferred computer forensics analysis tool
– Use standard forensic analysis techniques and procedures
– Use appropriate tools to extract all Web page URL information
– Contact the network firewall administrator and request a proxy server log
– Compare the data recovered from forensic analysis to the proxy server log
– Continue analyzing the computer’s disk drive data
E-mail Abuse Investigations
• To conduct an investigation you need:
– An electronic copy of the offending e-mail that contains message header
data
– If available, e-mail server log records
– For e-mail systems that store users’ messages on a central server, access
to the server
– Access to the computer so that you can perform a forensic analysis on it
– Your preferred computer forensics analysis tool
– Use the standard forensic analysis techniques
– Obtain an electronic copy of the suspect’s and victim’s e-mail folder or
data
– For Web-based e-mail investigations, use tools such as FTK’s Internet
Keyword Search option to extract all related e-mail address information
– Examine header data of all messages of interest to the investigation
Attorney-Client Privilege Investigations
• Under attorney-client privilege (ACP) rules for an attorney
– You must keep all findings confidential
• Many attorneys like to have printouts of the data you have recovered
– You need to persuade and educate many attorneys on how digital
evidence can be viewed electronically
• You can also encounter problems if you find data in the form of binary files
• Steps for conducting an ACP case

www.rejinpaul.com
– Request a memorandum from the attorney directing you to start the

investigation
– Request a list of keywords of interest to the investigation
– Initiate the investigation and analysis
– For disk drive examinations, make two bit-stream images using different
tools for each image
– Compare hash signatures on all files on the original and re-created disks
• Steps for conducting an ACP case (cont’d)
– Methodically examine every portion of the disk drive and extract all data
– Run keyword searches on allocated and unallocated disk space
– For Windows OSs, use specialty tools to analyze and extract data from
the Registry
– For binary data files such as CAD drawings, locate the correct software
product
– For unallocated data recovery, use a tool that removes or replaces
nonprintable data
– Consolidate all recovered data from the evidence bit-stream image into
folders and subfolders
• Other guidelines
– Minimize written communications with the attorney
– Any documentation written to the attorney must contain a header stating
that it’s ―Privileged Legal Communication—Confidential Work Product‖
– Assist the attorney and paralegal in analyzing data
Industrial Espionage Investigations
• All suspected industrial espionage cases should be treated as criminal
investigations
• Staff needed
– Computing investigator who is responsible for disk forensic examinations
– Technology specialist who is knowledgeable of the suspected
compromised technical data
– Network specialist who can perform log analysis and set up network
sniffers
– Threat assessment specialist (typically an attorney)
• Guidelines when initiating an investigation
– Determine whether this investigation involves a possible industrial
espionage incident
– Consult with corporate attorneys and upper management
– Determine what information is needed to substantiate the allegation
– Generate a list of keywords for disk forensics and sniffer monitoring
– List and collect resources for the investigation
– Determine goal and scope of the investigation
– Initiate investigation after approval from management
• Planning considerations
– Examine all e-mail of suspected employees

www.rejinpaul.com
– Search Internet newsgroups or message boards

– Initiate physical surveillance
– Examine facility physical access logs for sensitive areas
– Determine suspect location in relation to the vulnerable asset
– Study the suspect’s work habits
– Collect all incoming and outgoing phone logs
• Steps to conducting an industrial espionage case
– Gather all personnel assigned to the investigation and brief them on the
plan
– Gather resources to conduct the investigation
– Place surveillance systems at key locations
– Discreetly gather any additional evidence
– Collect all log data from networks and e-mail servers
– Report regularly to management and corporate attorneys
– Review the investigation’s scope with management and corporate
attorneys
Interviews and Interrogations in High-Tech Investigations
• Becoming a skilled interviewer and interrogator can take many years of
experience
• Interview
– Usually conducted to collect information from a witness or suspect
• About specific facts related to an investigation
• Interrogation
– Process of trying to get a suspect to confess
• Role as a computing investigator
– To instruct the investigator conducting the interview on what questions
to ask
• And what the answers should be
• Ingredients for a successful interview or interrogation
– Being patient throughout the session
– Repeating or rephrasing questions to zero in on specific facts from a
reluctant witness or suspect
– Being tenacious
Understanding Data Recovery Workstations and Software
• Investigations are conducted on a computer forensics lab (or data-recovery lab)
– In data recovery, the customer or your company just wants the data back
• Computer forensics workstation
– A specially configured PC
– Loaded with additional bays and forensics software
• To avoid altering the evidence use:
– Write-blockers devices
• Enable you to boot to Windows without writing data to the
evidence drive
Setting Up Your Workstation for Digital Forensics

www.rejinpaul.com
• Basic requirements
– A workstation running Windows XP or later
– A write-blocker device
– Digital forensics acquisition tool
– Digital forensics analysis tool
– Target drive to receive the source or suspect disk data
– Spare PATA or SATA ports
– USB ports
• Additional useful items
– Network interface card (NIC)
– Extra USB ports
– FireWire 400/800 ports
– SCSI card
– Disk editor tool
– Text editor tool
– Graphics viewer program
– Other specialized viewing tools
Conducting an Investigation
• Gather resources identified in investigation plan
• Items needed
– Original storage media
– Evidence custody form
– Evidence container for the storage media
– Bit-stream imaging tool
– Forensic workstation to copy and examine your evidence
– Securable evidence locker, cabinet, or safe
Gathering the Evidence
• Avoid damaging the evidence
• Steps
– Meet the IT manager to interview him
– Fill out the evidence form, have the IT manager sign
– Place the evidence in a secure container
– Carry the evidence to the computer forensics lab
– Complete the evidence custody form
– Secure evidence by locking the container
Analyzing Your Digital Evidence
• Your job is to recover data from:
– Deleted files
– File fragments
– Complete files
• Deleted files linger on the disk until new data is saved on the same physical
location
• Tools can be used to retrieve deleted files
– ProDiscover Basic

www.rejinpaul.com
• Steps to analyze a USB drive

– Start ProDiscover Basic
– Create a new case
– Type the project number
– Add an Image File
• Steps to display the contents of the acquired data
– Click to expand Content View
– Click All Files under the image filename path
• Steps to display the contents of the acquired data (cont’d)
– Click letter1 to view its contents in the data area
– In the data area, view contents of letter1
• Analyze the data
– Search for information related to the complaint
• Data analysis can be most time-consuming task
• WithProDiscover Basic you can:

– Search for keywords of interest in the case
– Display the results in a search results window
– Click each file in the search results window and examine its content in
the data area
– Export the data to a folder of your choice
– Search for specific filenames

www.rejinpaul.com
– Generate a report of your activities

Completing the Case
• You need to produce a final report
– State what you did and what you found
• Include ProDiscover report to document your work
• Repeatable findings
– Repeat the steps and produce the same result
• If required, use a report template
• Report should show conclusive evidence
– Suspect did or did not commit a crime or violate a company policy
• Keep a written journal of everything you do
– Your notes can be used in court
• Answer the six Ws:
– Who, what, when, where, why, and how
• You must also explain computer and network processes
Critiquing the Case
• Ask yourself the following questions:
– How could you improve your performance in the case?
– Did you expect the results you found? Did the case develop in ways you
did not expect?
– Was the documentation as thorough as it could have been?
– What feedback has been received from the requesting source?
• Ask yourself the following questions (cont’d):
– Did you discover any new problems? If so, what are they?
– Did you use new techniques during the case or during research?
5.Explain in detail about the forensics technology in cyber forensics.
4. Types of Military Computer Forensic Technology
5. Types of Law Enforcement: Computer Forensic Technology
6. Types of Business Computer Forensic Technology
7. Specialized Forensics Techniques
8. Hidden Data and How to Find It
9. Spyware and Adware
10. Encryption Methods and Vulnerabilities
11. Protecting Data from Being Compromised
12. Internet Tracing Methods
13. Security and Wireless Technologies
14. Avoiding Pitfalls with Firewalls
15. Biometric Security Systems
Types of Military Computer Forensic Technology
 The U.S. Department of Defense (DoD) cyber forensics includes evaluation and
indepth examination of data related to both the trans- and post-cyberattack
periods.

www.rejinpaul.com
 Key objectives of cyber forensics include rapid discovery of evidence, estimation

of potential impact of the malicious activity on the victim, and assessment of
the intent and identity of the perpetrator.
 Real-time tracking of potentially malicious activity is especially difficult when
the pertinent information has been intentionally hidden, destroyed, or modified
in order to elude discovery.
 The information directorate’s cyber forensic concepts are new and untested.
 The directorate entered into a partnership with the National Institute of Justice
via the auspices of the National Law Enforcement and Corrections Technology
Center (NLECTC) located in Rome, New York, to test these new ideas and
prototype tools.
 The Computer Forensics Experiment 2000 (CFX-2000) resulted from this
partnership.
 This first of- a-kind event represents a new paradigm for transitioning cyber
forensic technology from military research and development (R&D) laboratories
into the hands of law enforcement.
 The experiment used a realistic cyber crime scenario specifically designed to
exercise and show the value added of the directorate-developed cyber forensic
technology.
The cyber forensic tools involved in CFX-2000 consisted of commercial offthe- shelf
software and directorate-sponsored R&D prototypes. The Synthesizing Information
from Forensic Investigations (SI-FI) integration environment, developed under contract
by WetStone Technologies, Inc. [2], was the cornerstone of the technology
demonstrated. SI-FI supports the collection, examination, and analysis processes
employed during a cyber forensic investigation. The SI-FI prototype uses digital

www.rejinpaul.com
evidence bags (DEBs), which are secure and tamperproof containers used to store
digital evidence.
Types of Law Enforcement: Computer Forensic Technology
 Law enforcement and military agencies have been involved in processing
computer evidence for years.
 This section touches very briefly on issues dealing with Windows NTR,
WindowsR 2000, XP and 2003 and their use within law enforcement computer
forensic technology.
 Windows XP and Windows 2003 are operating systems that are often used on
notebook and desktop computers in corporations and government agencies.
Thus, they are currently the operating systems most likely to be encountered in
computer investigations and computer security reviews.
 Be advised that this chapter does not cover the use of black box computer
forensics software tools. Those tools are good for some basic investigation tasks,
but they do not offer a full computer forensics solution.
Computer Evidence Processing Procedures
 Processing procedures and methodologies should conform to federal computer
evidence processing standards. Computer processing procedures have also been
developed for the U.S. Treasury Department.
 Training and certification programs have also been developed for the
International Association of Computer Investigation Specialists (IACIS). For
these reasons, computer forensic trainers and instructors should be well
qualified to teach the correct computer-processing methods and procedures.
Preservation of Evidence
Computer evidence is fragile and susceptible to alteration or erasure by any number
of occurrences. Computer forensic instructors should expose their trainees to bit
stream backup theories that ensure the preservation of all storage levels that may
contain evidence.
Trojan Horse Programs
 The need to preserve the computer evidence before processing a computer
should be clearly demonstrated by the computer forensic instructor through the
use of programs designed to destroy data and modify the operating systems.
The participant should be able to demonstrate his or her ability to avoid
destructive programs and traps that can be planted by computer users bent on
destroying data and evidence.

www.rejinpaul.com
Computer Forensics Documentation

 The documentation of forensic processing methodologies and findings is
important.
 This is even true concerning computer security risk assessments and internal
audits, because without proper documentation, it is difficult to present findings.
 If the security or audit findings become the object of a lawsuit or a criminal
investigation, then documentation becomes even more important.
File Slack
 Techniques and automated tools that are used to capture and evaluate file
slack should be demonstrated in a training course. Such data is the source of
potential security leaks regarding passwords, network logons, email, database
entries, and word processing documents. These security and evidence issues
should also be discussed and demonstrated during the training course.
Data-Hiding Techniques
o Trade secret information and other sensitive data can easily be secreted using
any number of techniques. It is possible to hide diskettes within diskettes and
to hide entire computer hard disk drive partitions. These issues should be
discussed in any computer forensics training course from a detection
standpoint, as well as from a security risk standpoint.
Erased Files
 The training participant should be shown how previously erased files can be
recovered by using DOS programs and by manually using data-recovery
techniques.
 These techniques should also be demonstrated by the participant, and cluster
chaining will become familiar to the participant.
Internet Abuse Identification and Detection
 The participant should be shown how to use specialized software to identify
how a targeted computer has been used on the Internet. This process will focus
on computer forensics issues tied to data that the computer user probably
doesn’t realize exists (file slack, unallocated file space, and Windows swap files).
The Boot Process and Memory Resident Programs
 The participant should be able to take part in a graphic demonstration of how the
operating system can be modified to change data and destroy data at the whim of the
person who configured the system. Such a technique could be used to covertly

www.rejinpaul.com
capture keyboard activity from corporate executives, for example. For this reason, it is
important that the participants understand these potential risks and how to identify
them.
Disk Structure
 Participants should be able to leave a training course with a good
understanding of how computer hard disks and floppy diskettes are structured
and how computer evidence can reside at various levels within the structure of
the disk.
 They should also demonstrate their knowledge of how to modify the structure
and hide data in obscure places on floppy diskettes and hard disk drives.
Data Encryption
 A computer forensics course should cover, in general, how data is encrypted; it
should also illustrate the differences between good encryption and bad encryption.
 Furthermore, demonstrations of password-recovery software should be given
regarding encrypted WordPerfect, Excel, Lotus, Microsoft Word, and PKZIP files.
 The participant should become familiar with the use of software to crack
security associated with these different file structures.
Matching a Diskette to a Computer
 New Technology Inc. has also developed specialized techniques and tools that make it
possible to conclusively tie a diskette to a computer that was used to create or edit
files stored on it. Unlike some special government agencies, New Technology Inc.
relies on logical rather than physical data storage areas to demonstrate this
technique. Each participant is taught how to use special software tools to complete
this process.
Dual-Purpose Programs
 Programs can be designed to perform multiple processes and tasks at the same
time.
 They can also be designed for delayed tasking. These concepts should be
demonstrated to the training participants during the course through the use of
specialized software.
 The participant should also have hands-on experience with these programs.
Text Search Techniques

www.rejinpaul.com
 New Technology Inc. has also developed specialized search techniques and tools
that can be used to find targeted strings of text in files, file slack, unallocated
file space, and Windows swap files.
 Each participant will leave their training class with a licensed copy of their
TextSearch PlusTM software and the necessary knowledge to conduct computer
security reviews.
TYPES OF BUSINESS COMPUTER FORENSIC TECHNOLOGY
1. Remote monitoring of target computers
2. Creating trackable electronic documents
3. Theft recovery software for laptops and PCs
4. Basic forensic tools and techniques
5. Forensic services available
Remote Monitoring of Target Computers
 Data Interception by Remote Transmission (DIRT) from Codex Data Systems (CDS),
Inc. [7] is a powerful remote control monitoring tool that allows stealth monitoring of
all activity on one or more target computers simultaneously from a remote command
center. No physical access is necessary.
Creating Trackable Electronic Documents
There are so many powerful intrusion detection tools that allow the user to create
trackable electronic documents.
In general, most of these tools identify (including their location) unauthorized
intruders who access, download, and view these tagged documents. The tools also
allow security personnel to trace the chain of custody and chain of command of all
who possess the stolen electronic documents.
Theft Recovery Software for Laptops and PCs
According to a recent FBI report, 98% of stolen computers are never recovered.
According to Safeware Insurance, 1,201,000 PCs and laptops were stolen in 2002 and
2003, costing owners $7.8 billion dollars [9]. According to a recent joint Computer
Security Institute/FBI survey, 72% of the Fortune 1000 companies experienced laptop
theft.
Basic Forensic Tools and Techniques
 Today, many computer forensics workshops have been created to familiarize
investigators and security personnel with the basic techniques and tools

www.rejinpaul.com
necessary for a successful investigation of Internet and computer-related

crimes.
 So many workshops have been created that it is beyond the scope of this
chapter to mention them all. However, throughout the book, a number of them
will be mentioned in detail.
 Workshop topics normally include: types of computer crime, cyber law basics,
tracing email to its source, digital evidence acquisition, cracking passwords,
monitoring computers remotely, tracking online activity, finding and recovering
hidden and deleted data, locating stolen computers, creating trackable files,
identifying software pirates, and so on.
Forensic Services Available
 Through computer forensic evidence acquisition services, forensic experts for
companies like Capitol Digital Document Solutions [10] can provide
management with a potent arsenal of digital tools at its disposal. They have the
necessary software and hardware to travel to designated sites throughout the
world to acquire an exact image of hard drives, tapes, etc.
 This image is an exact duplication of the source media and allows evaluation
within their laboratories with minimal disruption to others. Services include but
are not limited to
1. Lost password and file recovery
2. Location and retrieval of deleted and hidden files
3. File and email decryption
4. Email supervision and authentication
5. Threatening email traced to source
6. Identification of Internet activity
7. Computer usage policy and supervision
8. Remote PC and network monitoring
9. Tracking and location of stolen electronic files
10. Honeypot sting operations
11. Location and identity of unauthorized software users
12. Theft recovery software for laptops and PCs
13. Investigative and security software creation
14. Protection from hackers and viruses (see sidebar, ―Virus/Trojan/Worm
Protection‖)

www.rejinpaul.com
6.Explain in detail about the forensics system in cyber forensics.

 Internet security systems
 Intrusion detection systems
 Firewall security systems
 Storage area network security systems
 Network disaster recovery systems
 Public key infrastructure security systems
 Wireless network security systems
 Satellite encryption security systems
 Instant messaging (IM) security systems
 Net privacy systems
 Identity management security systems
 Identity theft prevention systems
 Biometric security systems
 Homeland security systems
INTERNET SECURITY SYSTEMS
 Internet security can provide a more secure solution, as well as one that is
faster and less expensive than traditional solutions to security problems of
employees photocopying proprietary information, faxing or mailing purchase
orders, or placing orders by phone.
General Internet Security Principles and Architecture
 The first step in defining a corporate Internet security policy is to draft a high-
level management policy statement establishing a framework and context for
security within an organization.
 The next step is to start a systematic analysis of the assets of an organization,
determining the value of information, or the possible damage to reputation
should it be disclosed, along with possible risks.
Security Hierarchy

www.rejinpaul.com
 Information such as trade secrets, vault and authorization codes, and lock and
key information are clearly of a mission critical nature, and their unintended
disclosure could cause severe loss to a business or operation.
 Departmental information is typically data that is private to a particular
department, such as payroll information in finance and medical records in
personnel. There may be legal requirements for securing this information.
 Company private information varies from company to company but typically
consists of information that should only be disclosed to employees and partners
of a company, such as policy and procedure manuals.
 Public information is information such as product literature, brochures, and
catalogs that needs to be freely available to anyone, but whose integrity needs
to be assured to prevent unauthorized alteration. This information is often
provided to customers and interested parties by means of the Internet
INTRUSION DETECTION SYSTEMS
 Intrusion detection systems help computer systems prepare for and deal with
attacks.
 They collect information from a variety of vantage points within computer
systems and networks and analyze this information for symptoms of security
problems.
 Vulnerability assessment systems check systems and networks for system
problems and configuration errors that represent security vulnerabilities.
 Both intrusion detection and vulnerability assessment technologies allow
organizations to protect themselves from losses associated with network
security problems.
 This section explains how intrusion detection and vulnerability assessment fits
into the overall framework of security products and techniques used in
computer forensics.
Intrusion Detection Defined
 Intrusion detection systems help computer systems prepare for and deal
with attacks.
 Monitoring and analysis of user and system activity
 Auditing of system configurations and vulnerabilities
 Assessing the integrity of critical system and data files
 Recognition of activity patterns reflecting known attacks
 Statistical analysis of abnormal activity patterns
 Operating system audit trail management, with recognition of user
activity reflecting policy violations
Vulnerability Assessment and Intrusion Detection

www.rejinpaul.com
 Vulnerability assessment products (also known as scanners) perform

rigorous examinations of systems in order to determine weaknesses that
might allow security violations.
 These products use two strategies for performing these examinations.
First, passive, host-based mechanisms inspect system configuration
files for unwise settings, system password files for weak passwords, and
other system objects for security policy violations.
FIREWALL SECURITY SYSTEMS
 A firewall is a system or group of systems that enforces an access control policy
between two networks. The actual means by which this is accomplished varies
widely, but in principle, the firewall can be thought of as a pair of mechanisms:
one that blocks traffic and one that permits traffic.
 Some firewalls place a greater emphasis on blocking traffic, while others
emphasize permitting traffic. Probably the most important thing to recognize
about a firewall is that it implements an access control policy.
The Reason for Firewalls
 The general reasoning behind firewall usage is that without a firewall, a
subnet’s systems are exposed to inherently insecure services such as Network
File System (NFS) or Network Information Service (NIS) and to probes and
attacks from hosts elsewhere on the network.
The Need For Firewalls
These attacks come from three basic groups:
 Persons who see attacking a corporation’s information system as a
technological challenge
 Persons with no identified political or social agenda who see attacking a
corporation’s information system as an opportunity for high-tech vandalism
 Persons associated with a corporate competitor or political adversary who see
the corporation’s information system as a legitimate strategic target
 Data Integrity: Absolute verification that data has not been modified
 Confidentiality: Privacy with encryption, scrambled text
 Authentication: Verification of originator on contract
 Non-Repudiation: Undeniable proof-of-participation
 Availability: Assurance of service demand
Benefits of Firewalls
 Protection from vulnerable services
 Controlled access to site systems
 Concentrated security
 Enhanced privacy
 Logging and statistics on network use and misuse
 Policy enforcement

www.rejinpaul.com
STORAGE AREA NETWORK SECURITY SYSTEMS

 SANs are a relatively new methodology for attaching storage, whereby a
separate network (separate from the traditional LAN) connects all storage and
servers. This network would be a high-performance implementation, such as a
fiber channel, that encapsulates protocols such as a small computer system
interface (SCSI). These are more efficient at transferring data blocks from
storage and have hardware implementations offering buffering and delivery
guarantees. This is not available using TCP/IP.
SAN Benefits
1. Centralized Management
2. Scalability
3. Reliability
4. Performance
NETWORK DISASTER RECOVERY SYSTEMS
 The high availability of mission-critical systems and communications is a major
requirement for the viability of the modern organization.
 A network disaster could negate the capability of the organization to provide
uninterrupted service to its internal and external customers.
 Network disaster recovery (NDR) is the ability to respond to an interruption in
network services by implementing a disaster recovery plan to restore an
organization’s critical business functions.
 NDR is not a new idea. In recent years, data has become a vitally important
corporate asset essential to business continuity. A fundamental requirement of
economic viability is the ability to recover crucial data quickly after a disaster.
PUBLIC KEY INFRASTRUCTURE SYSTEMS
 A PKI enables users of an insecure public network such as the Internet to
securely and privately exchange data through the use of a public and a private

www.rejinpaul.com
cryptographic key pair that is obtained and shared through a trusted authority.
The PKI provides for digital certificates that can identify individuals or
organizations and directory services that can store and, when necessary, revoke
them.
 PKI is the underlying technology that provides security for the secure sockets
layer (SSL) and hyper text transfer protocol secure sockets (HTTPS) protocols,
which are used extensively to conduct secure e-business over the Internet.
A PKI consists of
 A certificate authority that issues and verifies digital certificates
 A registration authority that acts as the verifier for the certificate authority
before a digital certificate is issued to a requestor
 One or more directories where the certificates (with their public keys) are
held
 A certificate management system
PKI is complicated but is a sound solution to a difficult problem, namely enabling
two parties to exchange data securely over an insecure medium without the benefit of
prior communication. It has been adopted by the popular Web browsers and is widely
used for one-off business-to-customer (B2C) transactions. In general, however, PKI
still faces challenges in terms of application support, interoperability between vendors,
differing government legislation, and practical key management.
WIRELESS NETWORK SECURITY SYSTEMS
 wireless network security vendors (even giants like IBM) are busy developing
products to fight the viruses and security breaches of the future.
 Among them are those that head off problems on a wireless network level,
within applications and on devices.
 The widely used wireless LAN standard, 802.11, came under fire recently when
researchers at the University of California at Berkeley figured out how to crack
its builtin encryption.
 Still, there is some hope, because developers addressed wireless network
security from the start and are working to beef it up before wireless LANs
become more pervasive.
 Companies will also have to secure wireless transactions. There will be attacks
on the devices themselves, but they quickly will be focused on transactions.
SATELLITE ENCRYPTION SECURITY SYSTEMS
 The boom in satellite communications is changing the way we work and live,
but it is becoming a security nightmare for those organizations and
governments whose survival depends on the protection of intellectual property
distribution, electronic commerce, electronic battlefields and national security.

www.rejinpaul.com
 The ability to securely exchange information between billions of users around

the globe involving perhaps trillions of transactions is vital to the continued
growth and usefulness of satellite communications as well as the Internet and
intranets.
Current and Future Satellite Technology
 High-Tech Mayhem
 High-Tech Highwaymen
 Prevention versus Detection
 Odd Person Out Attacks
Satellite Encryption Secure Exchange
 An encryption infrastructure can be effectively designed to solve most of the
confidentiality and authentication concerns of satellite transmission with the
Internet. However, secure exchange can be either a one-way or a two-way
encounter, and the satellite encryption requirements and strategies are quite
different for each.
 A one-way transaction is typified by email transmissions to and from satellites
over the Internet. Although email messages are frequently answered, each
message transmission is a unique, stand-alone event.
Pretty Good Privacy
 PGP uses the RSA (Rivest, Shamir, Adelman) public key encryption scheme and
the MD5 (Message Digest 5) one-way hash function to form a digital signature,
which assures the recipient that an incoming satellite transmission or message
is authentic— that it not only comes from the alleged sender but also has not
been altered.
The sequence for this is as follows:
1. The sender creates a private message.
2. MD5 generates a 128-bit hash code of the message.
3. The hash code is encrypted with RSA using the sender’s
private key, and the result is attached to the message.
4. The receiver uses RSA with the sender’s public key to decrypt
and recover the hash code.
5. The receiver generates a new hash code for the message and
compares it to
the decrypted hash code. If the two match, the message is
accepted as authentic.
This session key is bound to the message and transmitted with it as follows:
1. The sender generates a message and a random 128-bit number to be
used as a session key for this message only.
2. The message is encrypted, using IDEA with the session key.

www.rejinpaul.com
3. The session key is encrypted with RSA using the recipient’s public
key and is prepended (to prefix a string or statement with another or to
place a word or set of numbers in front of an existing word or set of
numbers; for example, to prepend “sub” to “net” would yield
“subnet”) to the message.
4. The receiver uses RSA with its private key to decrypt and recover the
session key.
5. The session key is used to decrypt the message.
INSTANT MESSAGING (IM) SECURITY SYSTEMS
 The security threats from IM are straightforward. Since deployment isn’t
controlled, the enterprise can’t keep a rein on how the systems are used. With
the public IM networks, the individual employee registers for service.
Securing IM
 IM management and security systems act as proxies for IM traffic going into the
network, which imposes policies before letting traffic through.
 Besides addressing security, this architecture puts the IM management and
security vendors in a position to deal with the pesky problem of the lack of
interoperability among networks.
NET PRIVACY SYSTEMS
 Privacy is a social, political, and economic issue. Privacy protection for the
individual was born with democracy and was originally designed to keep
oppressive governments from intruding on individual freedoms.
 In a world of advanced industrial societies where most major countries are at
peace with each other, the violation of privacy and civil liberties has come under
new threats.
 People still have every reason to keep a tight reign on snoopy governments (like
the use of the Patriot Act), but now they must also be concerned about the
commercial violation of individual privacy rights and desires.
 Some private companies have made a business out of selling information about
individuals, groups, and organizations. This has raised considerable concern
among privacy advocates.
IDENTITY MANAGEMENT SECURITY SYSTEMS
 Identity management is the creation, management, and use of online, or digital,
identities.
 Hundreds of millions of people around the world now use the Internet daily at
home and at work, facing a multiplicity of corporate applications and e-
business interfaces.
 Many such applications and interfaces require a unique user name, and as a
result, an individual typically possesses not one but several digital identities.
The Challenges of Managing Digital Identities
 Aggregation
 Web Services
 Online Partnerships

www.rejinpaul.com
User Concerns and Business Issues

 Security
 Convenience
 Privacy
Business Issues: Trust, Control, and Accountability
 Trust via Authentication
 Control via Access Management
 Accountability via Audit
Approaches to Identity Management
 Silo
 Closed Community
 Federated
IDENTITY THEFT
 Identity theft is the appropriation of an individual’s personal information in
order to impersonate that person in a legal sense. stealing someone’s identity
enables the thief to make a frightening number of financial and personal
transactions in someone else’s name, leaving the victim responsible for what
may turn out to be mind-boggling turmoil in his or her life.
 Identity theft can still be done by such low-tech means as knowing someone
else’s basic identifying information and initiating personal transactions in that
person’s name, but today, identities can also be stolen using highly technical
and sophisticated means of obtaining the personal data of a stranger.
How Identity Theft Is Done
The following are some of the ways imposters can get and use your personal
information and take over your identity:
 They steal wallets and purses containing your identification and credit and
bank cards.
 They steal your mail, including your bank and credit card statements,
preapproved credit offers, telephone calling cards, and tax information.
 They complete a change of address form to divert your mail to another location.
They rummage through your trash, or the trash of businesses, for personal data
in a practice known as “dumpster diving.”
 They get your business or personnel records at work.
 They find personal information in your home.
 They use personal information you share on the Internet.
BIOMETRIC SECURITY SYSTEMS
 A biometric system is the computer hardware and software used to recognize or
verify an individual. Although there are many variations in how specific
products and systems work, there are a number of common processing
elements.
Collection

www.rejinpaul.com
 As a first step, a system must collect or ―capture‖ the biometric to be used. One
essential difference between the various techniques is the characteristic (body
part or function) being analyzed.
Extraction
 Commercially available biometric devices generally do not record full images of
biometrics the way law enforcement agencies collect actual fingerprints.
Instead, specific features of the biometric are ―extracted.‖ Only certain
attributes are collected (particular measurements of a fingerprint or pressure
points of a signature).
Comparison and Matching
 To use a biometric system, the specific features of a person’s biometric
characteristic are measured and captured each time he presents his ―live‖
biometric.
 This extracted information is translated into a mathematical code using the
same method that created the template. The new code created from the live
scan is compared against a central database of templates in the case of a one-
to-many match, or to a single stored template in the case of a one-to-one
match.
HOMELAND SECURITY SYSTEMS
 The terms homeland security and homeland defense have received increased
attention since the tragic events of September 11, 2001.
 While these terms are relatively new, the concepts behind them are not.
Homeland security is defined as the deterrence, prevention, and preemption of
and defense against aggression targeted at U.S. territory, sovereignty,
population, and infrastructure as well as the management of the consequences
of such aggression and other domestic emergencies.
 Homeland defense on the other hand is a subset of homeland security.
Homeland Security Today
Security has the following organizational structure:
 Border and transportation security
 Emergency preparedness and response
 Chemical, biological, radiological, and nuclear countermeasures
 Information analysis and infrastructure protection
7. Explain in detail about the Data Acquisition.
• List digital evidence storage formats
• Explain ways to determine the best acquisition method

www.rejinpaul.com
• Describe contingency planning for data acquisitions

• Explain how to use acquisition tools
• Explain how to validate data acquisitions
• Describe RAID acquisition methods
• Explain how to use remote network acquisition tools
• List other forensic tools available for data acquisitions
Understanding Storage Formats for Digital Evidence
• Data in a forensics acquisition tool is stored as an image file
• Three formats
– Raw format
– Proprietary formats
– Advanced Forensics Format (AFF)
Raw Format
• Makes it possible to write bit-stream data to files
• Advantages
– Fast data transfers
– Ignores minor data read errors on source drive
– Most computer forensics tools can read raw format
• Disadvantages
– Requires as much storage as original disk or data
– Tools might not collect marginal (bad) sectors
Proprietary Formats
• Most forensics tools have their own formats
• Features offered
– Option to compress or not compress image files
– Can split an image into smaller segmented files
– Can integrate metadata into the image file
• Disadvantages
– Inability to share an image between different tools
– File size limitation for each segmented volume
• The Expert Witness format is unofficial standard
Advanced Forensics Format
• Developed by Dr. Simson L. Garfinkel as an open-source acquisition format
• Design goals
– Provide compressed or uncompressed image files
– No size restriction for disk-to-image files
– Provide space in the image file or segmented files for metadata
– Simple design with extensibility
– Open source for multiple platforms and Oss
– Internal consistency checks for self-authentication

www.rejinpaul.com
–File extensions include .afd for segmented image files and .afm for AFF
metadata
– AFF is open source
Determining the Best Acquisition Method
• Types of acquisitions
– Static acquisitions and live acquisitions
• Four methods of data collection
– Creating a disk-to-image file
– Creating a disk-to-disk
– Creating a logical disk-to-disk or disk-to-data file
– Creating a sparse data copy of a file or folder
• Determining the best method depends on the circumstances of the investigation
• Creating a disk-to-image file
– Most common method and offers most flexibility
– Can make more than one copy
– Copies are bit-for-bit replications of the original drive
– ProDiscover, EnCase, FTK, SMART, Sleuth Kit, X-Ways, iLookIX
• Creating a disk-to-disk
– When disk-to-image copy is not possible
– Tools can adjust disk’s geometry configuration
– EnCase, SafeBack, SnapCopy
• Logical acquisition or sparse acquisition
– Can take several hours; use when your time is limited
– Logical acquisition captures only specific files of interest to the case
– Sparse acquisition collects fragments of unallocated (deleted) data
– For large disks
– PST or OST mail files, RAID servers
• When making a copy, consider:
– Size of the source disk
• Lossless compression might be useful
• Use digital signatures for verification
– When working with large drives, an alternative is using tape backup
systems
– Whether you can retain the disk

www.rejinpaul.com
Contingency Planning for Image Acquisitions

• Create a duplicate copy of your evidence image file
• Make at least two images of digital evidence
– Use different tools or techniques
• Copy host protected area of a disk drive as well
– Consider using a hardware acquisition tool that can access the drive at
the BIOS level
• Be prepared to deal with encrypted drives
– Whole disk encryption feature in Windows called BitLocker makes
static acquisitions more difficult
– May require user to provide decryption key
Using Acquisition Tools
• Acquisition tools for Windows
– Advantages
• Make acquiring evidence from a suspect drive more convenient
– Especially when used with hot-swappable devices
– Disadvantages
• Must protect acquired data with a well-tested write-blocking
hardware device
• Tools can’t acquire data from a disk’s host protected area
• Some countries haven’t accepted the use of write-blocking devices
for data acquisitions
Mini-WinFE Boot CDs and USB Drives
• Mini-WinFE
– Enables you to build a Windows forensic boot CD/DVD or USB drive so
that connected drives are mounted as read-only
• Before booting a suspect’s computer:
– Connect your target drive, such as a USB drive
• After Mini-WinFE is booted:
– You can list all connected drives and alter your target USB drive to read-
write mode so you can run an acquisition program
Acquiring Data with a Linux Boot CD
• Linux can access a drive that isn’t mounted
• Windows OSs and newer Linux automatically mount and access a drive

www.rejinpaul.com
• Forensic Linux Live CDs don’t access media automatically

– Which eliminates the need for a write-blocker
• Using Linux Live CD Distributions
– Forensic Linux Live CDs
• Contain additionally utilities
• Using Linux Live CD Distributions (cont’d)
– Forensic Linux Live CDs (cont’d)
• Configured not to mount, or to mount as read-only, any connected
storage media
• Well-designed Linux Live CDs for computer forensics
• Penguin Sleuth
• F.I.R.E
• CAINE
• Deft
• Kali Linux
• Knoppix
• SANS Investigative Toolkit
• Preparing a target drive for acquisition in Linux
– Current Linux distributions can create Microsoft FAT and NTFS partition
tables
– fdisk command lists, creates, deletes, and verifies partitions in Linux
– mkfs.msdos command formats a FAT file system from Linux
– If you have a functioning Linux computer, follow steps starting on page
99 to learn how to prepare a target drive for acquisition
• Acquiring data with dd in Linux
– dd (―data dump‖) command
• Can read and write from media device and data file
• Creates raw format file that most computer forensics analysis
tools can read
– Shortcomings of dd command
• Requires more advanced skills than average user
• Does not compress data
– dd command combined with the split command
• Segments output into separate volumes

www.rejinpaul.com
• Acquiring data with dd in Linux (cont’d)

– Follow the step starting on page 104 in the text to make an image of an
NTFS disk on a FAT32 disk
• Acquiring data with dcfldd in Linux
– The dd command is intended as a data management tool
• Not designed for forensics acquisitions
• Acquiring data with dcfldd in Linux (cont’d)
– dcfldd additional functions
• Specify hex patterns or text for clearing disk space
• Log errors to an output file for analysis and review
• Use several hashing options
• Refer to a status display indicating the progress of the acquisition
in bytes
• Split data acquisitions into segmented volumes with numeric
extensions
• Verify acquired data with original disk or media data
Capturing an Image with ProDiscover Basic
• Connecting the suspect’s drive to your workstation
– Document the chain of evidence for the drive
– Remove the drive from the suspect’s computer
– Configure the suspect drive’s jumpers as needed
– Connect the suspect drive to write-blocker device
– Create a storage folder on the target drive
• Using ProDiscover’s Proprietary Acquisition Format
– ProDiscover creates image files with an .eve extension, a log file (.log
extension), and a special inventory file (.pds extension)
– If the compression option was selected, ProDiscover uses a .cmp rather
than an .eve extension on all segmented volumes
• Using ProDiscover’s Raw Acquisition Format
– Follow the same steps as for the proprietary format, but select the ―UNIX
style dd‖ format in the Image Format list box
– Raw acquisition saves only the image data and hash value
– The raw format creates a log file (.pds extension) and segmented volume
files

www.rejinpaul.com
Capturing an Image with Access Data FTK Imager Lite

• Included with AccessData Forensic Toolkit
• Designed for viewing evidence disks and disk-to-image files
• Makes disk-to-image copies of evidence drives
– At logical partition and physical drive level
– Can segment the image file
• Evidence drive must have a hardware write-blocking device
– Or run from a Live CD, such as Mini-WinFE

www.rejinpaul.com
• FTK Imager can’t acquire a drive’s host protected area

• Use a write-blocking device and follow these steps
– Boot to Windows
– Connect evidence disk to a write-blocker
– Connect target disk to write-blocker
– Start FTK Imager Lite
– Create Disk Image - use Physical Drive option
– See Figures on the following slides for more steps

www.rejinpaul.com
Validating Data Acquisitions

• Validating evidence may be the most critical aspect of computer forensics
• Requires using a hashing algorithm utility
• Validation techniques
– CRC-32, MD5, and SHA-1 to SHA-512
Linux Validation Methods
• Validating dd acquired data
– You can use md5sum or sha1sum utilities
– md5sum or sha1sum utilities should be run on all suspect disks and
volumes or segmented volumes
• Validating dcfldd acquired data
– Use the hash option to designate a hashing algorithm of md5, sha1,
sha256, sha384, or sha512
– hashlog option outputs hash results to a text file that can be stored with
the image files
– vf (verify file) option compares the image file to the original medium
Windows Validation Methods
• Windows has no built-in hashing algorithm tools for computer forensics
– Third-party utilities can be used
• Commercial computer forensics programs also have built-in validation features
– Each program has its own validation technique
• Raw format image files don’t contain metadata

www.rejinpaul.com
– Separate manual validation is recommended for all raw acquisitions

Performing RAID Data Acquisitions
• Acquisition of RAID drives can be challenging and frustrating because of how
RAID systems are
– Designed
– Configured
– Sized
• Size is the biggest concern
– Many RAID systems now have terabytes of data
Understanding RAID
• Redundant array of independent (formerly ―inexpensive‖) disks (RAID)
– Computer configuration involving two or more disks
– Originally developed as a data-redundancy measure
• RAID 0
– Provides rapid access and increased storage
– Biggest disadvantage is lack of redundancy
• RAID 1
– Designed for data recovery
– More expensive than RAID 0
• RAID 2
– Similar to RAID 1
– Data is written to a disk on a bit level
– Has better data integrity checking than RAID 0
– Slower than RAID 0

www.rejinpaul.com
• RAID 3
– Uses data stripping and dedicated parity
• RAID 4
– Data is written in blocks
• RAID 5
– Similar to RAIDs 0 and 3
– Places parity recovery data on each disk
• RAID 6
– Redundant parity on each disk
• RAID 10, or mirrored striping
– Also known as RAID 1+0
– Combination of RAID 1 and RAID 0
Acquiring RAID Disks

• Address the following concerns

www.rejinpaul.com
– How much data storage is needed?

– What type of RAID is used?
– Do you have the right acquisition tool?
– Can the tool read a forensically copied RAID image?
– Can the tool read split data saves of each RAID disk?
• Copying small RAID systems to one large disk is possible
• Vendors offering RAID acquisition functions
– Technology Pathways ProDiscover
– Guidance Software EnCase
– X-Ways Forensics
– AccessData FTK
– Runtime Software
– R-Tools Technologies
• Occasionally, a RAID system is too large for a static acquisition
– Retrieve only the data relevant to the investigation with the sparse or
logical acquisition method
Using Remote Network Acquisition Tools
• You can remotely connect to a suspect computer via a network connection and
copy data from it
• Remote acquisition tools vary in configurations and capabilities
• Drawbacks
– Antivirus, antispyware, and firewall tools can be configured to ignore
remote access programs
– Suspects could easily install their own security tools that trigger an
alarm to notify them of remote access intrusions
Remote Acquisition with ProDiscover
• ProDiscover Incident Response additional functions
– Capture volatile system state information
– Analyze current running processes
– Locate unseen files and processes
– Remotely view and listen to IP ports
– Run hash comparisons
– Create a hash inventory of all files remotely
• PDServer remote agent

www.rejinpaul.com
– ProDiscover utility for remote access

– Needs to be loaded on the suspect
• PDServer installation modes
– Trusted CD
– Preinstallation
– Pushing out and running remotely
• PDServer can run in a stealth mode
– Can change process name to appear as OS function
• Remote connection security features
– Password Protection
– Encryption
– Secure Communication Protocol
– Write Protected Trusted Binaries
– Digital Signatures
Remote Acquisition with EnCase Enterprise
• Remote acquisition features
– Remote data acquisition of a computer’s media and RAM data
– Integration with intrusion detection system (IDS) tools
– Options to create an image of data from one or more systems
– Preview of systems
– A wide range of file system formats
– RAID support for both hardware and software
Remote Acquisition with R-Tools R-Studio
• R-Tools suite of software is designed for data recovery
• Remote connection uses Triple Data Encryption Standard (3DES) encryption
• Creates raw format acquisitions
• Supports various file systems
Remote Acquisition with WetStone US-LATT PRO
• US-LATT PRO
– Part of a suite of tools developed by WetStone
– Can connect to a networked computer remotely and perform a live
acquisition of all drives connected to it
Remote Acquisition with F-Response
• F-Response

www.rejinpaul.com
– A vendor-neutral remote access utility

– Designed to work with any digital forensics program
– Sets up a security read-only connection
• Allows forensics examiners to access it
• Four different version of F-Response
– Enterprise Edition, Consultant + Convert Edition, Consultant Edition,
and TACTICAL Edition
Using Other Forensics-Acquisition Tools
• Other commercial acquisition tools
– PassMark Software ImageUSB
– ASRData SMART
– Runtime Software
– ILookIX Investigator IXimager
– SourceForge
PassMark Software ImageUSB
• PassMark Software has an acquisition tool called ImageUSB for its OSForensics
analysis product
• To create a bootable flash drive, you need:
– Windows XP or later
– ImageUSB downloaded from the OSForensics Web site
ASRData SMART
• ASRData SMART
– A Linux forensics analysis tool that can make image files of a suspect
drive
– Can produce proprietary or raw format images
• Capabilities:
– Data reading of bad sectors
– Can mount drives in write-protected mode
– Can mount target drives in read/write mode
– Compression schemes to speed up acquisition or reduce amount of
storage needed
Runtime Software
• Runtime Software offers shareware programs for data acquisition and recovery:
– DiskExplorer for FAT and NTFS

www.rejinpaul.com
• Features:
– Create a raw format image file
– Segment the raw format or compressed image for archiving purposes
– Access network computers’ drives
ILook Investigator IXimager
• IXimager
– Runs from a bootable floppy or CD
– Designed to work only with ILook Investigator
– Can acquire single drives and RAID drives
– Supports:
• IDE (PATA)
• SCSI
• USB
• FireWire
8.Explain in detail about the Incident and incident response methodology.

Incident Response
 Business Continuity Planning: deals with
 Outage: Due to natural disasters, electrical failures, …
 Incident Response: deals with
 Adverse events that threaten security.
 CIA related incidents:
 Confidentiality
 Integrity
 Availability
 Other Types
 Reconnaissance Attacks
 Repudiation
 Someone takes action and denies it later on.
 Harassment
 Extortion
 Pornography Traficking
 Organized Crime Activity
 Subversion

www.rejinpaul.com
 Bogus financial server

 Hoaxes
Incident Response Risk Analysis
 Risk Categories:
 Break-in.
 Break-in in a single system at NASA delayed a launch.
 System was mission critical.
 Needed to be recertified before launch.
 Unauthorized execution of programs or commands.
 Privilege Escalation.
 Exploitation of CGI
 Web servers have frequently cgi scripts installed for demonstration
purposes.
 These have known weaknesses
 Determining Risk Probabilities
 Collect data within the organization.
 Collect data by other organizations.
 CERT Coordinating Center
 National Infrastructure Protection Center NPIC
 Vulnerability Analysis
 CERT, ALLDAS, ANTIONLINE
Incident Response Methodology
 Structure and Organization
 Incidents create pandemonium
 Incidents occur in bursts
 Efficiency
 Facilitates the process of responding to incidents.
 Facilitates dealing with the unexpected.
 Legal Considerations.
 Preparation
 Setting up a reasonable set of defenses and controls based on threads.
 Creating a set of procedures to deal with the incident efficiently.
 Obtaining the resources and personnel to deal with the problem.
 Establish an infrastructure to support incident response activity.

www.rejinpaul.com
 Detection
 Intrusion Detection Systems
 Detection Software
 Reporting
 Containment
 Strategies
 Shutting down a system
 Disconnect from the network
 Change filtering rules of firewalls
 Disabling or deleting compromised accounts
 Increasing monitoring levels
 Setting traps
 Striking back at the attacker’s system 
 Adhering to containment procedures.
 Record all actions
 Define acceptable risks in advance
 Eradication: Eliminate the cause of the incident.
 Software available for most virus, worm attacks.
 Procedures are very important.
 Eradication in UNIX System

www.rejinpaul.com
Eradication in Windows 2000
 Recovery: Return compromised systems back to its normal mission status.

 Advise appropriate people of major developments that might affect them.
 Adhere to policy regarding media contact.
 Return logging to normal level.
 Install patches for any exploited vulnerability.
Summary:
 Methodology is needed to deal with quickly evolving, chaotic situations.
 Takes time to implement and to learn.
 Use mock events for training.

www.rejinpaul.com
 Stages flow into each other.

 Methodology needs to be tailored to situation.
 Follow-up needed to improve and adapt methodology
Important Question
Part-A
1.Define computer crime.
2. Define computer forensics.
3.List out the Traditional problems associated with Computer Crime.
4.Define identify theft.
5. Define Identity fraud.
6.List out the Typologies of Identity Theft/Fraud
7.List out the Physical Methods of Identity Theft
8.How to prepare a computer investigation.
9.What are the Steps for problem solving
10.Write the steps for Planning Your Investigation
11.List out the forensics technology.
12.List out the forensics system.
13.Draw the internet security hierarchy.
14.Define Intrusion Detection.
15.write the benefits of firewalls.
Part-B
1. Explain in detail about the Traditional problems associated with Computer Crime.
2. Explain in detail about the Introduction to Identity Theft & Identity Fraud.
3. Explain in detail about the Incident and incident response methodology.
4. Explain in detail about the Forensics Technology and Systems.
5. Discuss about the Understanding Computer Investigation.
6. Discuss about the Data Acquisition.

www.rejinpaul.com
UNIT IV
EVIDENCE COLLECTION AND FORENSICS TOOLS
Processing Crime and Incident Scenes - Working with Windows and DOS Systems.
Current Computer Forensics Tools: Software/ Hardware Tools.
Part-A
1.Write the rule for the rules for controlling digital evidence.
• Comply with your state’s rules of evidence or with the Federal Rules of Evidence
• Evidence admitted in a criminal case can be used in a civil suit, and vice versa
• Keep current on the latest rulings and directives on collecting, processing,
storing, and admitting digital evidence
• Data you discover from a forensic examination falls under your state’s rules of
evidence
2.Define Best evidence rule states:
 To prove the content of a written document, recording, or photograph,
ordinarily the original writing, recording, or photograph is required
3. Define Federal Rules of Evidence
 Allow a duplicate instead of originals when it is produced by the same
impression as the original
4. How to collect evidence at private-sector incident scenes.
• Private-sector organizations include:
• Non-government organizations (NGO) must comply with state public disclosure
and federal Freedom of Information Act (FOIA) laws
• FOIA allows citizens to request copies of public documents created by federal
agencies
5. Define Processing Law Enforcement Crime Scenes
• Law enforcement officer may search for and seize criminal evidence only with
probable cause
– Refers to the standard specifying whether a police officer has the right to
make an arrest, conduct a personal or property search, or obtain a
warrant for arrest
• With probable cause, a police officer can obtain a search warrant from a judge

www.rejinpaul.com
– That authorizes a search and seizure of specific evidence related to the

criminal complaint
6.How to prepare for a search in criminal case.
Preparing for a Search
• Preparing for a computer search and seizure
– Probably the most important step in computing investigations
• To perform these tasks
– You might need to get answers from the victim and an informant
• Who could be a police detective assigned to the case, a law
enforcement witness, or a manager or coworker of the person of
interest to the investigation
7. Determining Whether You Can Seize Computers and Digital Devices in
processing crime.
• The type of case and location of the evidence
– Determine whether you can remove digital evidence
• Law enforcement investigators need a warrant to remove computers from a
crime scene
– And transport them to a lab
• If removing the computers will irreparably harm a business
– The computers should not be taken offsite
• Additional complications:
– Files stored offsite that are accessed remotely
– Availability of cloud storage, which can’t be located physically
• Stored on drives where data from many other subscribers might
be stored
8.How are the tools are used in processing crime and incident scene.
• Prepare tools using incident and crime scene information
• Create an initial-response field kit
– Should be lightweight and easy to transport
• Create an extensive-response field kit
– Includes all tools you can afford to take to the field
– When at the scene, extract only those items you need to acquire evidence
9.How to prepare for a Preparing the Investigation Team
• Before initiating the search:

www.rejinpaul.com
– Review facts, plans, and objectives with the investigation team you have
assembled
• Goal of scene processing
– To collect and secure digital evidence
• Digital evidence is volatile
– Develop skills to assess facts quickly
• Slow response can cause digital evidence to be lost
10.List out the Storing Digital Evidence.
• The media you use to store digital evidence usually depends on how long you
need to keep it
• CDs, DVDs, DVD-Rs, DVD+Rs, or DVD-RWs
• Magnetic tapes - 4-mm DAT
• Super Digital Linear Tape (Super-DLT or SDLT)
• Smaller external SDLT drives can connect to a workstation through a SCSI card
• Don’t rely on one media storage method to preserve your evidence
11.How to Reviewing a Case.
Reviewing a Case
• General tasks you perform in any computer forensics case:
– Identify the case requirements
– Plan your investigation
– Conduct the investigation
12.Define file system.
• File system
– Gives OS a road map to data on a disk
• Type of file system an OS uses determines how data is stored on the disk
• When you need to access a suspect’s computer to acquire or inspect data
You should be familiar with both the computer’s OS and file systems.
13.List out the disk drive components.
• Disk drive components
– Geometry
– Head
– Tracks

www.rejinpaul.com
– Cylinders
– Sectors
• Properties handled at the drive’s hardware or firmware level
– Zone bit recording (ZBR)
– Track density
– Areal density
– Head and cylinder skew
14.Define Solid-State Storage Devices.
• All flash memory devices have a feature called wear-leveling
– An internal firmware feature used in solid-state drives that ensures even
wear of read/writes for all memory cells
• When dealing with solid-state devices, making a full forensic copy as soon as
possible is crucial
– In case you need to recover data from unallocated disk space
15.Define NTFS Encrypting File System (EFS)
• Encrypting File System (EFS)
– Introduced with Windows 2000
– Implements a public key and private key method of encrypting files,
folders, or disk volumes
• When EFS is used in Windows 2000 and later
– A recovery certificate is generated and sent to the local Windows
administrator account
16. Define NTFS Disks
• NT File System (NTFS)
• Improvements over FAT file systems
• NTFS was Microsoft’s move toward a journaling file system
– It records a transaction before the system carries it out
• In NTFS, everything written to the disk is considered a file
• On an NTFS disk
• NTFS results in much less file slack space
• Clusters are smaller for smaller disk drives
• NTFS also uses Unicode
17.Define Deleting NTFS Files
• When a file is deleted in Windows NT and later

www.rejinpaul.com
– The OS renames it and moves it to the Recycle Bin

• Can use the Del (delete) MS-DOS command
– Eliminates the file from the MFT listing in the same way FAT does
18.List out the Third-Party Disk Encryption Tools.
• Some available third-party WDE utilities:
– PGP Full Disk Encryption
– Voltage SecureFile
– Utimaco SafeGuard Easy
– Jetico BestCrypt Volume Encryption
– TrueCrypt
19. Explain how the Windows Registry works
• Registry
– A database that stores hardware and software configuration information,
network connections, user preferences, and setup information
• To view the Registry, you can use:
– Regedit (Registry Editor) program for Windows 9x systems
– Regedt32 for Windows 2000, XP, and Vista
– Both utilities can be used for Windows 7 and 8
20.List out the registry terminology.
• Registry terminology:
– Registry
– Registry Editor
– HKEY
– Key
– Subkey
– Branch
– Value
– Default value
– Hives
21.How to create a virtual machine.
Creating a Virtual Machine
• Popular applications for creating virtual machines
– VMware Server, VMware Player and VMware Workstation, Oracle VM
VirtualBox, Microsoft Virtual PC, and Hyper-V

www.rejinpaul.com
• Using VirtualBox
– An open-source program that can be downloaded at
www.virtualbox.org/wiki/Downloads
• Consult with your instructor before doing the activities using VirtualBox
22.List out the digital forensics tools.
Types of Digital Forensics Tools
• Hardware forensic tools
– Range from single-purpose components to complete computer systems
and servers
• Software forensic tools
– Types
• Command-line applications
• GUI applications
– Commonly used to copy data from a suspect’s disk drive to an image file
23.List the types of task performed by digital forensics tools.
• Five major categories:
– Acquisition
– Validation and verification
– Extraction
– Reconstruction
– Reporting
24.Define Validation and Verification
– Validation
• A way to confirm that a tool is functioning as intended
– Verification
• Proves that two sets of data are identical by calculating hash
values or using another similar method
• A related process is filtering, which involves sorting and searching
through investigation findings to separate good data and
suspicious data.
25. List out the Linux Forensics Tools

• UNIX
• Linux

www.rejinpaul.com
• SMART
• Helix 3
• Kali Linux
• Autopsy and SleuthKit
Part-B
1. Explain in detail about the concepts Processing Crime and Incident Scenes.
• Explain the rules for controlling digital evidence
• Describe how to collect evidence at private-sector incident scenes
• Explain guidelines for processing law enforcement crime scenes
• List the steps in preparing for an evidence search
• Describe how to secure a computer incident or crime scene
• Explain guidelines for seizing digital evidence at the scene
• List procedures for storing digital evidence
• Explain how to obtain a digital hash
• Review a case to identify requirements and plan your investigation
1.1 Explain the rules for controlling digital evidence
Identifying Digital Evidence
• Digital evidence
– Can be any information stored or transmitted in digital form
• U.S. courts accept digital evidence as physical evidence
– Digital data is treated as a tangible object
• Groups such as the Scientific Working Group on Digital Evidence (SWGDE) set
standards for recovering, preserving, and examining digital evidence
• General tasks investigators perform when working with digital evidence:
– Identify digital information or artifacts that can be used as evidence
– Collect, preserve, and document evidence
– Analyze, identify, and organize evidence
– Rebuild evidence or repeat a situation to verify that the results can be
reproduced reliably
• Collecting digital devices and processing a criminal or incident scene must
be done systematically
Understanding Rules of Evidence
• Consistent practices help verify your work and enhance your credibility
• Comply with your state’s rules of evidence or with the Federal Rules of Evidence

www.rejinpaul.com
• Evidence admitted in a criminal case can be used in a civil suit, and vice versa
• Keep current on the latest rulings and directives on collecting, processing,
storing, and admitting digital evidence
• Data you discover from a forensic examination falls under your state’s rules of
evidence
 Or the Federal Rules of Evidence (FRE)
• Digital evidence is unlike other physical evidence because it can be changed
more easily
 The only way to detect these changes is to compare the original data with
a duplicate
• Most federal courts have interpreted computer records as hearsay evidence
 Hearsay is secondhand or indirect evidence
• Business-record exception
 Allows “records of regularly conducted activity,” such as business
memos, reports, records, or data compilations
• Generally, digital records are considered admissible if they qualify as a business
record
• Computer records are usually divided into:
 Computer-generated records
 Computer-stored records
• Computer and digitally stored records must be shown to be authentic and
trustworthy
 To be admitted into evidence
• Computer-generated records are considered authentic if the program that
created the output is functioning correctly
 Usually considered an exception to hearsay rule
• Collecting evidence according to the proper steps of evidence control helps
ensure that the computer evidence is authentic
• When attorneys challenge digital evidence
 Often they raise the issue of whether computer-generated records were
altered or damaged
• One test to prove that computer-stored records are authentic is to demonstrate
that a specific person created the records

www.rejinpaul.com
 The author of a Microsoft Word document can be identified by using file

metadata
• Follow the steps starting on page 141 of the text to see how to identify file
metadata
• The process of establishing digital evidence’s trustworthiness originated with
written documents and the “best evidence rule”
• Best evidence rule states:
 To prove the content of a written document, recording, or photograph,
ordinarily the original writing, recording, or photograph is required
• Federal Rules of Evidence
 Allow a duplicate instead of originals when it is produced by the same
impression as the original
• As long as bit-stream copies of data are created and maintained properly
 The copies can be admitted in court, although they aren’t considered
best evidence
• Example of not being able to use original evidence
 Investigations involving network servers
 Removing a server from the network to acquire evidence data could cause
harm to a business or its owner, who might be an innocent bystander to
a crime or civil wrong
1.2 Describe how to collect evidence at private-sector incident scenes
Collecting Evidence in Private-Sector Incident Scenes
Private-sector organizations include:
– Businesses and government agencies that aren’t involved in law
enforcement
• Non-government organizations (NGO) must comply with state public
disclosure and federal Freedom of Information Act (FOIA) laws
– And make certain documents available as public records
• FOIA allows citizens to request copies of public documents created by
federal agencies
• A special category of private-sector businesses includes ISPs and other
communication companies
• ISPs can investigate computer abuse committed by their employees, but not by
customers

www.rejinpaul.com
– Except for activities that are deemed to create an emergency situation

• Investigating and controlling computer incident scenes in the corporate
environment
– Much easier than in the criminal environment
– Incident scene is often a workplace
• Typically, businesses have inventory databases of computer hardware and
software
– Help identify the computer forensics tools needed to analyze a policy
violation
• And the best way to conduct the analysis
• Corporate policy statement about misuse of digital assets
– Allows corporate investigators to conduct covert surveillance with little or
no cause
– And access company systems without a warrant
• Companies should display a warning banner and publish a policy
– Stating that they reserve the right to inspect computing assets at will
• Corporate investigators should know under what circumstances they can
examine an employee’s computer
– Every organization must have a well-defined process describing when an
investigation can be initiated
• If a corporate investigator finds that an employee is committing or has
committed a crime
– Employer can file a criminal complaint with the police
• Employers are usually interested in enforcing company policy
– Not seeking out and prosecuting employees
• Corporate investigators are, therefore, primarily concerned with protecting
company assets
• If you discover evidence of a crime during a company policy investigation
– Determine whether the incident meets the elements of criminal law
– Inform management of the incident
– Stop your investigation to make sure you don’t violate Fourth
Amendment restrictions on obtaining evidence
– Work with the corporate attorney on how to respond to a police request
for more information

www.rejinpaul.com
1.3 Explain guidelines for processing law enforcement crime scenes

Processing Law Enforcement Crime Scenes
• You must be familiar with criminal rules of search and seizure
• You should also understand how a search warrant works and what to do when
you process one
• Law enforcement officer may search for and seize criminal evidence only with
probable cause
– Refers to the standard specifying whether a police officer has the right to
make an arrest, conduct a personal or property search, or obtain a
warrant for arrest
• With probable cause, a police officer can obtain a search warrant from a judge
– That authorizes a search and seizure of specific evidence related to the
criminal complaint
• The Fourth Amendment states that only warrants “particularly describing the
place to be searched, and the persons or things to be seized” can be issued
Understanding Concepts and Terms Used in Warrants
• Innocent information
– Unrelated information
– Often included with the evidence you’re trying to recover
• Judges often issue a limiting phrase to the warrant
– Allows the police to separate innocent information from evidence
• Plain view doctrine
– Objects falling in plain view of an officer who has the right to be in
position to have that view are subject to seizure without a warrant and
may be introduced in evidence
– Three criteria must be met:
• Officer is where he or she has a legal right to be
• Ordinary senses must not be enhanced by advanced technology in
any way
• Any discovery must be by chance
• The plain view doctrine’s applicability in the digital forensics world is being
rejected
• Example - In a case where police were searching a computer for evidence
related to illegal drug trafficking:

www.rejinpaul.com
– If an examiner observes an .avi file and find child pornography, he must

get an additional warrant or an expansion of the existing warrant to
continue the search for child pornography
1.4 List the steps in preparing for an evidence search
Preparing for a Search

• Preparing for a computer search and seizure
– Probably the most important step in computing investigations
• To perform these tasks
– You might need to get answers from the victim and an informant
• Who could be a police detective assigned to the case, a law
enforcement witness, or a manager or coworker of the person of
interest to the investigation
Identifying the Nature of the Case
• When you’re assigned a digital investigation case
– Start by identifying the nature of the case
• Including whether it involves the private or public sector
• The nature of the case dictates how you proceed
– And what types of assets or resources you need to use in the
investigation
Identifying the Type of OS or Digital Device
• For law enforcement
– This step might be difficult because the crime scene isn’t controlled
• If you can identify the OS or device
– Estimate the size of the drive on the suspect’s computer
• And how many devices to process at the scene
• Determine which OSs and hardware are involved
Determining Whether You Can Seize Computers and Digital Devices
• The type of case and location of the evidence
– Determine whether you can remove digital evidence
• Law enforcement investigators need a warrant to remove computers from a
crime scene
– And transport them to a lab
• If removing the computers will irreparably harm a business

www.rejinpaul.com
– The computers should not be taken offsite

• Additional complications:
– Files stored offsite that are accessed remotely
– Availability of cloud storage, which can’t be located physically
• Stored on drives where data from many other subscribers might
be stored
• If you aren’t allowed to take the computers to your lab
– Determine the resources you need to acquire digital evidence and which
tools can speed data acquisition
Getting a Detailed Description of the Location
• Get as much information as you can about the location of a digital crime
• Identify potential hazards
– Interact with your HAZMAT (hazardous materials) team
• HAZMAT guidelines
– Put the target drive in a special HAZMAT bag
– HAZMAT technician can decontaminate the bag
– Check for high temperatures
Determining Who Is in Charge
• Corporate computing investigations
– Usually require only one person to respond to an incident
• Law enforcement agencies
– Typically handle large-scale investigations
• Designate lead investigators in large-scale investigations
– Anyone assigned to the scene should cooperate with the designated
leader to ensure the team addresses all details when collecting evidence
Using Additional Technical Expertise
• Determine whether you need specialized help to process the incident or crime
scene
• You may need to look for specialists in:
– OSs
– RAID servers
– Databases
• Finding the right person can be a challenge
• Educate specialists in investigative techniques

www.rejinpaul.com
– Prevent evidence damage

Determining the Tools You Need
• Prepare tools using incident and crime scene information
• Create an initial-response field kit
– Should be lightweight and easy to transport
• Create an extensive-response field kit
– Includes all tools you can afford to take to the field
– When at the scene, extract only those items you need to acquire evidence

www.rejinpaul.com
Preparing the Investigation Team

• Before initiating the search:
– Review facts, plans, and objectives with the investigation team you have
assembled
• Goal of scene processing
– To collect and secure digital evidence
• Digital evidence is volatile
– Develop skills to assess facts quickly
• Slow response can cause digital evidence to be lost
1.5 Describe how to secure a computer incident or crime scene
Securing a Computer Incident or Crime Scene
• Goals
– Preserve the evidence
– Keep information confidential
• Define a secure perimeter

www.rejinpaul.com
– Use yellow barrier tape

– Legal authority for a corporate incident includes trespassing violations
– For a crime scene, it includes obstructing justice or failing to comply with
a police officer
• Professional curiosity can destroy evidence
– Involves police officers and other professionals who aren’t part of the
crime scene processing team
• Automated Fingerprint Identification System (AFIS)
– A computerized system for identifying fingerprints that’s connected to a
central database
– Used to identify criminal suspects and review thousands of fingerprint
samples at high speed
• Police can take elimination prints of everyone who had access to the crime
scene
1.6 Explain guidelines for seizing digital evidence at the scene
Seizing Digital Evidence at the Scene

• Law enforcement can seize evidence
– With a proper warrant
• Corporate investigators might have the authority only to make an image of the
suspect’s drive
• When seizing digital evidence in criminal investigations
– Follow U.S. DoJ standards for seizing digital data
• Civil investigations follow same rules
– Require less documentation though
• Consult with your attorney for extra guidelines
Preparing to Acquire Digital Evidence
• The evidence you acquire at the scene depends on the nature of the case
– And the alleged crime or violation
• Ask your supervisor or senior forensics examiner in your organization the
following questions:
– Do you need to take the entire computer and all peripherals and media
in the immediate area?

www.rejinpaul.com
– How are you going to protect the computer and media while transporting
them to your lab?
– Is the computer powered on when you arrive?
• Ask your supervisor or senior forensics examiner in your organization the
following questions (cont’d):
– Is the suspect you’re investigating in the immediate area of the
computer?
– Is it possible the suspect damaged or destroyed the computer,
peripherals, or media?
– Will you have to separate the suspect from the computer?
Processing an Incident or Crime Scene
• Guidelines
– Keep a journal to document your activities
– Secure the scene
• Be professional and courteous with onlookers
• Remove people who are not part of the investigation
– Take video and still recordings of the area around the computer
• Pay attention to details
– Sketch the incident or crime scene
– Check state of computers as soon as possible
– Don’t cut electrical power to a running system unless it’s an older
Windows 9x or MS-DOS system
– Save data from current applications as safely as possible
– Record all active windows or shell sessions
– Make notes of everything you do when copying data from a live suspect
computer
– Close applications and shut down the computer
– Bag and tag the evidence, following these steps:
• Assign one person to collect and log all evidence
• Tag all evidence you collect with the current date and time, serial
numbers or unique features, make and model, and the name of
the person who collected it
• Maintain two separate logs of collected evidence

www.rejinpaul.com
• Maintain constant control of the collected evidence and the crime

or incident scene
• Guidelines (cont’d)
– Look for information related to the investigation
• Passwords, passphrases, PINs, bank accounts
– Collect documentation and media related to the investigation
• Hardware, software, backup media, documentation, manuals
Processing Data Centers with RAID Systems
• Sparse acquisition
– Technique for extracting evidence from large systems
– Extracts only data related to evidence for your case from allocated files
• And minimizes how much data you need to analyze
• Drawback of this technique
– It doesn’t recover data in free or slack space
Using a Technical Advisor
• A technical advisor can help:
– List the tools you need to process the incident or crime scene
– Guide you about where to locate data and helping you extract log records
• Or other evidence from large RAID servers
– Create the search warrant by itemizing what you need for the warrant
• Responsibilities
– Know all aspects of the seized system
– Direct investigator handling sensitive material
– Help secure the scene
– Help document the planning strategy
– Conduct ad hoc trainings
– Document activities
– Help conduct the search and seizure
Documenting Evidence in the Lab
• Record your activities and findings as you work
– Maintain a journal to record the steps you take as you process evidence
• Your goal is to be able to reproduce the same results
– When you or another investigator repeat the steps you took to collect
evidence

www.rejinpaul.com
• A journal serves as a reference that documents the methods you used to

process digital evidence
Processing and Handling Digital Evidence
• Maintain the integrity of digital evidence in the lab
– As you do when collecting it in the field
• Steps to create image files:
– Copy all image files to a large drive
– Start your forensics tool to analyze the evidence
– Run an MD5 or SHA-1 hashing algorithm on the image files to get a
digital hash
– Secure the original media in an evidence locker
1.7 List procedures for storing digital evidence
Storing Digital Evidence

• The media you use to store digital evidence usually depends on how long you
need to keep it
• CDs, DVDs, DVD-Rs, DVD+Rs, or DVD-RWs
– The ideal media
– Capacity: up to 17 GB
– Lifespan: 2 to 5 years
• Magnetic tapes - 4-mm DAT
– Capacity: 40 to 72 GB
– Lifespan: 30 years
– Costs: drive: $400 to $800; tape: $40
• Super Digital Linear Tape (Super-DLT or SDLT)
– Specifically designed for large RAID data backups
– Can store more than 1 TB of data
• Smaller external SDLT drives can connect to a workstation through a SCSI card
• Don’t rely on one media storage method to preserve your evidence
– Make two copies of every image to prevent data loss
– Use different tools to create the two images
Evidence Retention and Media Storage Needs
• To help maintain the chain of custody for digital evidence
– Restrict access to lab and evidence storage area

www.rejinpaul.com
• Lab should have a sign-in roster for all visitors

– Maintain logs for a period based on legal requirements
• You might need to retain evidence indefinitely
– Check with your local prosecuting attorney’s office or state laws to make
sure you’re in compliance
Documenting Evidence
• Create or use an evidence custody form
• An evidence custody form serves the following functions:
– Identifies the evidence
– Identifies who has handled the evidence
– Lists dates and times the evidence was handled
• You can add more information to your form
– Such as a section listing MD5 and SHA-1 hash values
• Include any detailed information you might need to reference
• Evidence bags also include labels or evidence forms you can use to document
your evidence
– Use antistatic bags for electronic components
1.8 Explain how to obtain a digital hash
Obtaining a Digital Hash

• Cyclic Redundancy Check (CRC)
– Mathematical algorithm that determines whether a file’s contents have
changed

www.rejinpaul.com
– Not considered a forensic hashing algorithm

• Message Digest 5 (MD5)
– Mathematical formula that translates a file into a hexadecimal code
value, or a hash value
– If a bit or byte in the file changes, it alters the hash value, which can be
used to verify a file or drive has not been tampered
• Three rules for forensic hashes:
– You can’t predict the hash value of a file or device
– No two hash values can be the same
– If anything changes in the file or device, the hash value must change
• Secure Hash Algorithm version 1 (SHA-1)
– A newer hashing algorithm
– Developed by the National Institute of Standards and Technology
(NIST)
• In both MD5 and SHA-1, collisions have occurred
• Most digital forensics hashing needs can be satisfied with a nonkeyed hash set
– A unique hash number generated by a software tool, such as the Linux
md5sum command
• Keyed hash set
– Created by an encryption utility’s secret key
• You can use the MD5 function in FTK Imager to obtain the digital signature of a
file
– Or an entire drive

www.rejinpaul.com
1.9 Review a case to identify requirements and plan your investigation
Reviewing a Case
• General tasks you perform in any computer forensics case:
– Identify the case requirements
– Plan your investigation
– Conduct the investigation
Sample Civil Investigation
• Most cases in the corporate environment are considered low-level
investigations
– Or noncriminal cases
• Common activities and practices
– Recover specific evidence
• Suspect’s Outlook e-mail folder (PST file)
– Covert surveillance
• Its use must be well defined in the company policy
• Risk of civil or criminal liability
– Sniffing tools for data transmissions
Sample Criminal Investigation
• Computer crimes examples
– Fraud
– Check fraud
– Homicides
• Need a warrant to start seizing evidence
– Limit searching area
Reviewing Background Information for a Case

• Throughout the book, you use data files from the hypothetical M57 Patents
case
– A new startup company doing art patent searches

www.rejinpaul.com
– A computer sold on Craigslist was discovered to contain “kitty” porn

– It was traced back to M57 Patents
1.9 Review a case to identify requirements and plan your investigation
Planning Your Investigation

• Background information on the case
– Main players:
• Pat McGoo, CEO
• Terry, the IT person
• Jo and Charlie, the patent researchers
• Police made forensic copies of:
– The image of the computer sold on Craigslist
– Images of five other machines found at M57
– Images of four USB drives found at M57
• Police made forensic copies of (cont’d):
– RAM from the imaged machines
– Network data from the M57 Patents servers
2.Explain in detail about the Working with Windows and DOS Systems.
• Explain the purpose and structure of file systems
• Describe Microsoft file structures
• Explain the structure of NTFS disks
• List some options for decrypting drives encrypted with whole disk
encryption
• Explain how the Windows Registry works
• Describe Microsoft startup tasks
• Explain the purpose of a virtual machine
2.1 Explain the purpose and structure of file systems.

Understanding File Systems
• File system
– Gives OS a road map to data on a disk
• Type of file system an OS uses determines how data is stored on the disk
• When you need to access a suspect’s computer to acquire or inspect data

www.rejinpaul.com
– You should be familiar with both the computer’s OS and file systems
Understanding the Boot Sequence
• Complementary Metal Oxide Semiconductor (CMOS)
– Computer stores system configuration and date and time information in
the CMOS
• When power to the system is off
• Basic Input/Output System (BIOS) or Extensible Firmware Interface (EFI)
– Contains programs that perform input and output at the hardware level
• Bootstrap process
– Contained in ROM, tells the computer how to proceed
– Displays the key or keys you press to open the CMOS setup screen
• CMOS should be modified to boot from a forensic floppy disk or CD
Understanding Disk Drives

• Disk drives are made up of one or more platters coated with magnetic material
• Disk drive components
– Geometry
– Head
– Tracks
– Cylinders
– Sectors

www.rejinpaul.com
• Properties handled at the drive’s hardware or firmware level

– Zone bit recording (ZBR)
– Track density
– Areal density
– Head and cylinder skew
Solid-State Storage Devices
• All flash memory devices have a feature called wear-leveling
– An internal firmware feature used in solid-state drives that ensures even
wear of read/writes for all memory cells
• When dealing with solid-state devices, making a full forensic copy as soon as
possible is crucial
– In case you need to recover data from unallocated disk space
2.2 Describe Microsoft file structures
Exploring Microsoft File Structures
• In Microsoft file structures, sectors are grouped to form clusters
– Storage allocation units of one or more sectors
• Clusters range from 512 bytes up to 32,000 bytes each
• Combining sectors minimizes the overhead of writing or reading files to a disk
• Clusters are numbered sequentially starting at 0 in NTFS and 2 in FAT
– First sector of all disks contains a system area, the boot record, and a file
structure database
• OS assigns these cluster numbers, called logical addresses
• Sector numbers are called physical addresses
• Clusters and their addresses are specific to a logical disk drive, which is a disk
partition

www.rejinpaul.com
Disk Partitions
• A partition is a logical drive
• Windows OSs can have three primary partitions followed by an extended
partition that can contain one or more logical drives
• Hidden partitions or voids
– Large unused gaps between partitions on a disk
• Partition gap
– Unused space between partitions
• The partition table is in the Master Boot Record (MBR)

– Located at sector 0 of the disk drive
• MBR stores information about partitions on a disk and their locations, size, and
other important items
• In a hexadecimal editor, such as WinHex, you can find the first partition at
offset 0x1BE
– The file system’s hexadecimal code is offset 3 bytes from 0x1BE for the
first partition

www.rejinpaul.com
Examining FAT Disks

• File Allocation Table (FAT)
– File structure database that Microsoft originally designed for floppy disks
• FAT database is typically written to a disk’s outermost track and contains:
– Filenames, directory names, date and time stamps, the starting cluster
number, and file attributes
• Three current FAT versions
– FAT16, FAT32, and exFAT (used by Xbox game systems)
• Cluster sizes vary according to the hard disk size and file system
• Microsoft OSs allocate disk space for files by clusters

– Results in drive slack
• Unused space in a cluster between the end of an active file and
the end of the cluster
• Drive slack includes:
– RAM slack and file slack

www.rejinpaul.com
• An unintentional side effect of FAT16 having large clusters was that it reduced
fragmentation
– As cluster size increased
• When you run out of room for an allocated cluster

– OS allocates another cluster for your file, which creates more slack space
on the disk
• As files grow and require more disk space, assigned clusters are chained
together
– The chain can be broken or fragmented
• When the OS stores data in a FAT file system, it assigns a starting cluster
position to a file
Data for the file is written to the first sector of the first assigned cluster
• When this first assigned cluster is filled and runs out of room
– FAT assigns the next available cluster to the file
• If the next available cluster isn’t contiguous to the current cluster
– File becomes fragmented
Deleting FAT Files

www.rejinpaul.com
• In Microsoft OSs, when a file is deleted

– Directory entry is marked as a deleted file
• With the HEX E5 character replacing the first letter of the filename
• FAT chain for that file is set to 0
• Data in the file remains on the disk drive
• Area of the disk where the deleted file resides becomes unallocated disk space
– Available to receive new data from newly created files or other files
needing more space
2.3 Explain the structure of NTFS disks
NTFS Disks
• NT File System (NTFS)
– Introduced with Windows NT
– Primary file system for Windows 8
• Improvements over FAT file systems
– NTFS provides more information about a file
– NTFS gives more control over files and folders
• NTFS was Microsoft’s move toward a journaling file system
– It records a transaction before the system carries it out
• In NTFS, everything written to the disk is considered a file
• On an NTFS disk
– First data set is the Partition Boot Sector
– Next is Master File Table (MFT)
• NTFS results in much less file slack space
• Clusters are smaller for smaller disk drives
• NTFS also uses Unicode
– An international data format

www.rejinpaul.com
NTFS System Files

• MFT contains information about all files on the disk
– Including the system files the OS uses
• In the MFT, the first 15 records are reserved for system files
• Records in the MFT are called metadata
MFT and File Attributes

• In the NTFS MFT
– All files and folders are stored in separate records of 1024 bytes each
• Each record contains file or folder information
– This information is divided into record fields containing metadata
• A record field is referred to as an attribute ID
• File or folder information is typically stored in one of two ways in an MFT
record:
– Resident and nonresident
• Files larger than 512 bytes are stored outside the MFT
– MFT record provides cluster addresses where the file is stored on the
drive’s partition
• Referred to as data runs

www.rejinpaul.com
• Each MFT record starts with a header identifying it as a resident or nonresident

attribute

www.rejinpaul.com
• When a disk is created as an NTFS file structure

– OS assigns logical clusters to the entire disk partition
• These assigned clusters are called logical cluster numbers (LCNs)
– Become the addresses that allow the MFT to link to nonresident files on
the disk’s partition
• When data is first written to nonresident files, an LCN address is assigned to
the file
– This LCN becomes the file’s virtual cluster number (VCN)

www.rejinpaul.com
MFT Structures for File Data

• For the header of all MFT records, the record fields of interest are as follows:
– At offset 0x00 - the MFT record identifier FILE
– At offset 0x1C to 0x1F - size of the MFT record
– At offset 0x14 - length of the header (indicates where the next attribute
starts)
– At offset 0x32 and 0x33 - the update sequence array, which stores the
last 2 bytes of the first sector of the MFT record

www.rejinpaul.com

www.rejinpaul.com
NTFS Alternate Data Streams

• Alternate data streams
– Ways data can be appended to existing files

www.rejinpaul.com
– Can obscure valuable evidentiary data, intentionally or by coincidence

• In NTFS, an alternate data stream becomes an additional file attribute
– Allows the file to be associated with different applications
• You can only tell whether a file has a data stream attached by examining that
file’s MFT entry
NTFS Compressed Files

• NTFS provides compression similar to FAT DriveSpace 3 (a Windows 98
compression utility)
• Under NTFS, files, folders, or entire volumes can be compressed
• Most computer forensics tools can uncompress and analyze compressed
Windows data
NTFS Encrypting File System (EFS)
• Encrypting File System (EFS)
– Introduced with Windows 2000

www.rejinpaul.com
– Implements a public key and private key method of encrypting files,

folders, or disk volumes
• When EFS is used in Windows 2000 and later
– A recovery certificate is generated and sent to the local Windows
administrator account
• Users can apply EFS to files stored on their local workstations or a remote
server
EFS Recovery Key Agent
• Recovery Key Agent implements the recovery certificate
– Which is in the Windows administrator account
• Windows administrators can recover a key in two ways: through Windows or
from an MS-DOS command prompt
• MS-DOS commands
– cipher
– copy
– efsrecvr (used to decrypt EFS files)
Deleting NTFS Files
• When a file is deleted in Windows NT and later
– The OS renames it and moves it to the Recycle Bin
• Can use the Del (delete) MS-DOS command
– Eliminates the file from the MFT listing in the same way FAT does
Resilient File System
• Resilient File System (ReFS) - designed to address very large data storage needs
– Such as the cloud
• Features incorporated into ReFS’s design:
– Maximized data availability
– Improved data integrity
– Designed for scalability
• ReFS uses disk structures similar to the MFT in NTFS
2.4 List some options for decrypting drives encrypted with whole disk
encryption.
Understanding Whole Disk Encryption
• In recent years, there has been more concern about loss of

www.rejinpaul.com
– Personal identity information (PII) and trade secrets caused by

computer theft
• Of particular concern is the theft of laptop computers and other handheld
devices
• To help prevent loss of information, software vendors now provide whole disk
encryption
• Current whole disk encryption tools offer the following features:
– Preboot authentication
– Full or partial disk encryption with secure hibernation
– Advanced encryption algorithms
– Key management function
• Whole disk encryption tools encrypt each sector of a drive separately
• Many of these tools encrypt the drive’s boot sector
– To prevent any efforts to bypass the secured drive’s partition
• To examine an encrypted drive, decrypt it first
– Run a vendor-specific program to decrypt the drive
– Many vendors use a bootable CD or USB drive that prompts for a one-
time passphrase
Examining Microsoft BitLocker
• Available Vista Enterprise/Ultimate, Windows 7 and 8 Professional/Enterprise,
and Server 08 and 12
• Hardware and software requirements
– A computer capable of running Windows Vista or later
– The TPM microchip, version 1.2 or newer
– A computer BIOS compliant with Trusted Computing Group (TCG)
– Two NTFS partitions
– The BIOS configured so that the hard drive boots first before checking
other bootable peripherals
Examining Third-Party Disk Encryption Tools
• Some available third-party WDE utilities:
– PGP Full Disk Encryption
– Voltage SecureFile
– Utimaco SafeGuard Easy
– Jetico BestCrypt Volume Encryption

www.rejinpaul.com
– TrueCrypt
2.5 Explain how the Windows Registry works
• Registry
– A database that stores hardware and software configuration information,
network connections, user preferences, and setup information
• To view the Registry, you can use:
– Regedit (Registry Editor) program for Windows 9x systems
– Regedt32 for Windows 2000, XP, and Vista
– Both utilities can be used for Windows 7 and 8
Exploring the Organization of the Windows Registry
• Registry terminology:
– Registry
– Registry Editor
– HKEY
– Key
– Subkey
– Branch
– Value
– Default value
– Hives
2.6 Describe Microsoft startup tasks.

Understanding Microsoft Startup Tasks
• Learn what files are accessed when Windows starts
• This information helps you determine when a suspect’s computer was last
accessed
– Important with computers that might have been used after an incident
was reported
Startup in Windows 7 and Windows 8
• Windows 8 is a multiplatform OS
– Can run on desktops, laptops, tablets, and smartphones
• The boot process uses a boot configuration data (BCD) store
• The BCD contains the boot loader that initiates the system’s bootstrap process
– Press F8 or F12 when the system starts to access the Advanced Boot
Options
Startup in Windows NT and Later

www.rejinpaul.com
• All NTFS computers perform the following steps when the computer is turned
on:
– Power-on self test (POST)
– Initial startup
– Boot loader
– Hardware detection and configuration
– Kernel loading
– User logon
• Startup Files for Windows Vista:
– The Ntldr program in Windows XP used to load the OS has been replaced
with these three boot utilities:
• Bootmgr.exe
• Winload.exe
• Winresume.exe
– Windows Vista includes the BCD editor for modifying boot options and
updating the BCD registry file
– The BCD store replaces the Windows XP boot.ini file
• Startup Files for Windows XP:
– NT Loader (NTLDR)
– Boot.ini
– Ntoskrnl.exe
– Bootvid.dll
– Hal.dll
– BootSect.dos
– NTDetect.com
– NTBootdd.sys
– Pagefile.sys
• Windows XP System Files

www.rejinpaul.com
• Contamination Concerns with Windows XP

– When you start a Windows XP NTFS workstation, several files are
accessed immediately
• The last access date and time stamp for the files change to
the current date and time
– Destroys any potential evidence
• That shows when a Windows XP workstation was last used
2.7 Describe MS-DOS startup tasks
 MS-DOS uses three files when starting, with the same names as in Windows
9x/Me: Io.sys, Msdos.sys, and Command.com.
 Two other files are then used to configure MS-DOS at startup: Config.sys and
Autoexec.bat.
 Although MS-DOS and Windows 9x use some of the same startup filenames,
there are some important differences between the files in these OSs.
 Io.sys is the first file loaded after the ROM bootstrap loader finds the disk drive.
Io.sys then resides in RAM and provides the basic input and output service for
all MS-DOS functions.
 Msdos.sys is the second program to load into RAM immediately after Io.sys.
 As mentioned, this file is the actual OS kernel, not a text file as in Windows 9x
and Me.

www.rejinpaul.com
 After Msdos.sys finishes setting up DOS services, it looks for the Config.sys file
to configure device drivers and other settings.
 Config.sys is a text file containing commands that typically run only at system
startup to enhance the computer’s DOS configuration.
 Msdos.sys then loads Command.com, which contains the same internal DOS
commands in MS-DOS 6.22 as in Windows 9x. As the loading of Command.com
nears completion, Msdos.sys looks for and loads Autoexec.bat, a batch file
containing customized settings for MS-DOS that runs automatically.
 In this batch file, you can define the default path and set environmental
variables, such as temporary directories. MS-DOS then accesses and resets the
last access dates and times on files when powered up.
2.8 Describe about virtual machine.
• Virtual machine
– Allows you to create a representation of another computer on an existing
physical computer
• A virtual machine is just a few files on your hard drive
– Must allocate space to it
• A virtual machine recognizes components of the physical machine it’s loaded on
– Virtual OS is limited by the physical machine’s OS
• In digital forensics
– Virtual machines make it possible to restore a suspect drive on your
virtual machine
• And run nonstandard software the suspect might have loaded

www.rejinpaul.com
• From a network forensics standpoint, you need to be aware of some potential

issues, such as:
– A virtual machine used to attack another system or network
Creating a Virtual Machine
• Popular applications for creating virtual machines
– VMware Server, VMware Player and VMware Workstation, Oracle VM
VirtualBox, Microsoft Virtual PC, and Hyper-V
• Using VirtualBox
– An open-source program that can be downloaded at
www.virtualbox.org/wiki/Downloads
• Consult with your instructor before doing the activities using VirtualBox
3.Explain in detail about the Software/ Hardware Tools in Current Computer
Forensics Tools.
• Explain how to evaluate needs for digital forensics tools
• Describe available digital forensics software tools
• List some considerations for digital forensics hardware tools
• Describe methods for validating and testing forensics tools
3.1 Explain how to evaluate needs for digital forensics tools.
Evaluating Digital Forensics Tool Needs
• Consider open-source tools; the best value for as many features as possible
• Questions to ask when evaluating tools:
– On which OS does the forensics tool run
– What file systems can the tool analyze?
– Can a scripting language be used with the tool to automate repetitive
functions?
– Does it have automated features?
– What is the vendor’s reputation for providing support?
Types of Digital Forensics Tools
• Hardware forensic tools
– Range from single-purpose components to complete computer systems
and servers
• Software forensic tools
– Types
• Command-line applications

www.rejinpaul.com
• GUI applications
– Commonly used to copy data from a suspect’s disk drive to an image file
Tasks Performed by Digital Forensics Tools
• Follow guidelines set up by NIST’s Computer Forensics Tool Testing (CFTT)
program
• ISO standard 27037 states: Digital Evidence First Responders (DEFRs) should
use validated tools
• Five major categories:
– Acquisition
– Validation and verification
– Extraction
– Reconstruction
– Reporting
Acquisition
– Making a copy of the original drive
• Acquisition subfunctions:
– Physical data copy
– Logical data copy
– Data acquisition format
– Command-line acquisition
– GUI acquisition
– Remote, live, and memory acquisitions
– Two types of data-copying methods are used in software acquisitions:
• Physical copying of the entire drive
• Logical copying of a disk partition
– The formats for disk acquisitions vary
• From raw data to vendor-specific proprietary
You can view the contents of a raw image file with any hexadecimal editor
– Creating smaller segmented files is a typical feature in vendor acquisition
tools
– Remote acquisition of files is common in larger organizations
• Popular tools, such as AccessData and EnCase, can do remote
acquisitions of forensics drive images on a network
Validation and Verification

www.rejinpaul.com
– Validation
• A way to confirm that a tool is functioning as intended
– Verification
• Proves that two sets of data are identical by calculating hash
values or using another similar method
• A related process is filtering, which involves sorting and searching
through investigation findings to separate good data and
suspicious data.
– Subfunctions
• Hashing
– CRC-32, MD5, SHA-1 (Secure Hash Algorithms)
• Filtering
– Based on hash value sets
• Analyzing file headers
– Discriminate files based on their types
– National Software Reference Library (NSRL) has compiled a list of known
file hashes
• For a variety of OSs, applications, and images
– Validation and discrimination
– Many computer forensics programs include a list of common header
values
• With this information, you can see whether a file extension is
incorrect for the file type
– Most forensics tools can identify header values

www.rejinpaul.com
• Extraction
– Recovery task in a digital investigation
– Most challenging of all tasks to master
– Recovering data is the first step in analyzing an investigation’s data
– Subfunctions of extraction
• Data viewing
• Keyword searching
• Decompressing or uncompressing
• Carving
• Decrypting
• Bookmarking or tagging
– Keyword search speeds up analysis for investigators
– From an investigation perspective, encrypted files and systems are a
problem
– Many password recovery tools have a feature for generating potential
password lists
• For a password dictionary attack
– If a password dictionary attack fails, you can run a brute-force attack
• Reconstruction
– Re-create a suspect drive to show what happened during a crime or an
incident
– Methods of reconstruction
• Disk-to-disk copy
• Partition-to-partition copy
• Image-to-disk copy
• Image-to-partition copy
• Rebuilding files from data runs and carving
– To re-create an image of a suspect drive
• Copy an image to another location, such as a partition, a physical
disk, or a virtual machine
• Simplest method is to use a tool that makes a direct disk-to-image
copy
– Examples of disk-to-image copy tools:
• Linux dd command

www.rejinpaul.com
• ProDiscover
• Voom Technologies Shadow Drive
• Reporting
– To perform a forensics disk analysis and examination, you need to create
a report
– Subfunctions of reporting
• Bookmarking or tagging
• Log reports
• Report generator
– Use this information when producing a final report for your investigation

www.rejinpaul.com
Other Considerations for Tools

• Considerations
– Flexibility
– Reliability
– Future expandability
• Create a software library containing older versions of forensics utilities,
OSs, and other programs
3.2 Describe available digital forensics software tools.
Digital Forensics Software Tools
• The following sections explore some options for command-line and GUI tools in
both Windows and UNIX/Linux
Command-line Forensics Tools
• The first tools that analyzed and extracted data from floppy disks and hard
disks were MS-DOS tools for IBM PC file systems
• Norton DiskEdit
• One of the first MS-DOS tools used for computer investigations
• Command-line tools require few system resources
• Designed to run in minimal configurations
• Current programs are more powerful and have many more capabilities
Linux Forensics Tools
• UNIX has been mostly replaced by Linux
– You might still encounter systems running UNIX
• Linux platforms are becoming more popular with home and business end users
• SMART
– Designed to be installed on numerous Linux versions
– Can analyze a variety of file systems with SMART
– Many plug-in utilities are included with SMART
– Another useful option in SMART is its hex viewer
• Helix 3
– One of the easiest suites to begin with
– You can load it on a live Windows system
• Loads as a bootable Linux OS from a cold boot
– **Some international courts have not accepted live acquisitions as a valid
forensics practice

www.rejinpaul.com
• Kali Linux
– Formerly known as BackTrack
– Includes a variety of tools and has an easy-to-use KDE interface
• Autopsy and SleuthKit
– Sleuth Kit is a Linux forensics tool
– Autopsy is the GUI browser interface used to access Sleuth Kit’s tools
Other GUI Forensics Tools
• GUI forensics tools can simplify digital forensics investigations
• Have also simplified training for beginning examiners
• Most of them are put together as suites of tools
• Advantages
– Ease of use
– Multitasking
– No need for learning older OSs
• Disadvantages
– Excessive resource requirements
– Produce inconsistent results
– Create tool dependencies
• Investigators’ may want to use only one tool
• Should be familiar with more than one type of tool
3.3 List some considerations for digital forensics hardware tools
Digital Forensics Hardware Tools
• Technology changes rapidly
• Hardware eventually fails
– Schedule equipment replacements periodically
• When planning your budget consider:
– Amount of time you expect the forensic workstation to be running
– Failures
– Consultant and vendor fees
– Anticipate equipment replacement
Forensic Workstations
• Carefully consider what you need
• Categories
– Stationary workstation

www.rejinpaul.com
– Portable workstation
– Lightweight workstation
• Balance what you need and what your system can handle
– Remember that RAM and storage need updating as technology advances
• Police agency labs
– Need many options
– Use several PC configurations
• Keep a hardware library in addition to your software library
• Private corporation labs
– Handle only system types used in the organization
• Some vendors offer workstations designed for digital forensics
• Examples
– F.R.E.D. unit from Digital Intelligence
– Hardware mounts from ForensicPC
• Having vendor support can save you time and frustration when you have
problems
• Can mix and match components to get the capabilities you need for your
forensic workstation
Using a Write-Blocker
• Write-blocker
– Prevents data writes to a hard disk
• Software-enabled blockers
– Typically run in a shell mode (Windows CLI)
– Example: PDBlock from Digital Intelligence
• Hardware options
– Ideal for GUI forensic tools
– Act as a bridge between the suspect drive and the forensic workstation
• You can navigate to the blocked drive with any application
• Discards the written data
– For the OS the data copy is successful
• Connecting technologies
– FireWire
– USB 2.0 and 3.0
– SATA, PATA, and SCSI controllers

www.rejinpaul.com
Recommendations for a Forensic Workstation

• Determine where data acquisitions will take place
• With Firewire and USB write-blocking devices
– You can acquire data easily with Digital Intelligence FireChief and a
laptop computer
– FireWire
• If you want to reduce hardware to carry:
– WiebeTech Forensic DriveDock with its regular DriveDock FireWire
bridge or the Logicube Talon
• Recommendations when choosing stationary or lightweight workstation:
– Full tower to allow for expansion devices
– As much memory and processor power as budget allows
– Different sizes of hard drives
– 400-watt or better power supply with battery backup
– External FireWire and USB 2.0 ports
– Assortment of drive adapter bridges
– Ergonomic keyboard and mouse
– A good video card with at least a 17-inch monitor
– High-end video card and dual monitors
• If you have a limited budget, one option for outfitting your lab is to use high-
end game PCs
3.4 Describe methods for validating and testing computer forensics tools
Validating and Testing Forensic Software
• It is important to make sure the evidence you recover and analyze can be
admitted in court
• You must test and validate your software to prevent damaging the evidence
Using National Institute of Standards and Technology Tools
• NIST publishes articles, provides tools, and creates procedures for
testing/validating forensics software
• Computer Forensics Tool Testing (CFTT) project
– Manages research on computer forensics tools
• NIST has created criteria for testing computer forensics tools based on:
– Standard testing methods
– ISO 17025 criteria for testing items that have no current standards

www.rejinpaul.com
• Your lab must meet the following criteria

– Establish categories for digital forensics tools
– Identify forensics category requirements
– Develop test assertions
– Identify test cases
– Establish a test method
– Report test results
• ISO 5725 - specifies results must be repeatable and reproducible
• NIST created the National Software Reference Library (NSRL) project
– Collects all known hash values for commercial software applications and
OS files
• Uses SHA-1 to generate a known set of digital signatures called
the Reference Data Set (RDS)
– Helps filtering known information
– Can use RDS to locate and identify known bad files
Using Validation Protocols
• Always verify your results by performing the same tasks with other similar
forensics tools
• Use at least two tools
– Retrieving and examination
– Verification
• Understand how forensics tools work
• One way to compare results and verify a new tool is by using a disk editor
– Such as Hex Workshop or WinHex
• Disk editors do not have a flashy interface, however they:
– Are reliable tools
– Can access raw data
• Computer Forensics Examination Protocol
– Perform the investigation with a GUI tool
– Verify your results with a disk editor
– Compare hash values obtained with both tools
• Digital Forensics Tool Upgrade Protocol
– Test
• New releases
• OS patches and upgrades
– If you find a problem, report it to forensics tool vendor
• Do not use the forensics tool until the problem has been fixed
– Use a test hard disk for validation purposes
– Check the Web for new editions, updates, patches, and validation tests
for your tools.

www.rejinpaul.com
Important Question
Part-A
1.Write the rule for the rules for controlling digital evidence.
2.Define Best evidence rule states:
3. Define Federal Rules of Evidence
4. How to collect evidence at private-sector incident scenes.
5. Define Processing Law Enforcement Crime Scenes
6.How to prepare for a search in criminal case.
7. Determining Whether You Can Seize Computers and Digital Devices in processing
crime.
8.How are the tools are used in processing crime and incident scene.
9.How to prepare for a Preparing the Investigation Team
10.List out the Storing Digital Evidence.
11.How to Reviewing a Case.
12.Define file system.
13.List out the disk drive components.
14.Define Solid-State Storage Devices.
15.Define NTFS Encrypting File System (EFS)
16. Define NTFS Disks
17.Define Deleting NTFS Files
18.List out the Third-Party Disk Encryption Tools.
20.List out the registry terminology.
Part-B
1. Explain the rules for controlling digital evidence
2. Describe how to collect evidence at private-sector incident scenes
3. Explain guidelines for processing law enforcement crime scenes
4. List the steps in preparing for an evidence search
5. Describe how to secure a computer incident or crime scene
6. Describe Microsoft file structures
7. Explain the structure of New Technology File System (NTFS) disks
8. List some options for decrypting drives encrypted with whole disk encryption
10. Describe Microsoft startup tasks
11. Describe MS-DOS startup tasks
12. Describe available computer forensics software tools
13. List some considerations for computer forensics hardware tools
14. Describe methods for validating and testing computer forensics tools

www.rejinpaul.com
UNIT V
ANALYSIS AND VALIDATION
Validating Forensics Data -Data Hiding Techniques - Performing Remote Acquisition –
Network Forensics -Email Investigations - Cell Phone and Mobile Devices Forensics
Part-A
1. Define bit-shifting
 The process of shifting one or more digits in a binary number to the left or right
to produce a different value. key escrow A technology designed to recover
encrypted data if users forget their passphrases or if the user key is corrupted
after a system failure.
2. Define Known File Filter (KFF).
 A database containing the hash values of known legitimate and suspicious files.
It’s used to identify files for evidence or eliminate them from the investigation if
they are legitimate files. scope creep The result of an investigation expanding
beyond its original description because the discovery of unexpected evidence
increases the amount of work required.
3. Define steganography.
 A cryptographic technique for embedding information in another file for the
purpose of hiding that information from casual observers.
4. Define network forensics.
 The process of collecting and analyzing raw network data and systematically
tracking network traffic to determine how security incidents occur.
5. Define client/server architecture.
 A network architecture in which each computer or process on the network is a
client or server. Clients request services from a server, and a server processes
requests from clients.
6. Define Enhanced Simple Mail Transfer Protocol (ESMTP) .
 An enhancement of SMTP for sending and receiving e-mail messages. ESMTP
generates a unique, non repeatable number that’s added to a transmitted e-
mail. No two messages transmitted from an e-mail server have the same ESMTP
value.
7. Define Multipurpose Internet Mail Extensions (MIME)

www.rejinpaul.com
 A specification for formatting non-ASCII messages, such as graphics, audio,

and video, for transmission over the Internet. phishing A type of e-mail scam
that’s typically sent as spam soliciting personal identity information that
fraudsters can use for identity theft.
8. Define spoofing
 Transmitting an e-mail message with its header information altered so that its
point of origin appears to be from a different sender. Spoofed e-mails are also
referred to as forged e-mail. Spoofing is typically used in phishing and
spamming to hide the sender’s identity.
9.How to Validating with Computer Forensics Programs
• Commercial computer forensics programs have built-in validation features
• ProDiscover’s .eve files contain metadata that includes the hash value
– Validation is done automatically
• Raw format image files (.dd extension) don’t contain metadata
– So you must validate raw format image files manually to ensure the
integrity of data
• In AccessData FTK Imager
– When you select the Expert Witness (.e01) or the SMART (.s01) format
• Additional options for validating the acquisition are displayed
– Validation report lists MD5 and SHA-1 hash values
10.List out the Addressing Data-hiding Techniques
• File manipulation
– Filenames and extensions
– Hidden property
• Disk manipulation
– Hidden partitions
– Bad clusters
• Encryption
– Bit shifting
– Steganography
11. DefineCode Division Multiple Access (CDMA)
 A widely used digital cell phone technology that makes use of spread-
spectrum modulation to spread the signal across a wide range of
frequencies.

www.rejinpaul.com
12.Define Electronically erasable programmable read-only memory (EEPROM)

 A type of nonvolatile memory that can be reprogrammed electrically, without
having to physically access or remove the chip.
13.Define fourth-generation (4G)
 The next generation of mobile phone standards and technologies promises
higher speeds and improved accuracy. Sprint Nextel introduced 4G in 2009,
and other major carriers intend to follow suit between now and 2012.
14.Define Global System for Mobile Communications (GSM)
 A second-generation cellular network standard; currently the most popular
cellular network type in the world.
15.Define Orthogonal Frequency Division Multiplexing (OFDM)
 A 4G technology that uses radio waves broadcast over different frequencies;
it’s considered to use power more efficiently and be more immune to
interference.
16. How to Exploring the Role of E-mail in Investigations
• With the increase in e-mail scams and fraud attempts with phishing or spoofing
– Investigators need to know how to examine and interpret the unique
content of e-mail messages
• Phishing e-mails are in HTML format
– Which allows creating links to text on a Web page
• One of the most noteworthy e-mail scams was 419, or the Nigerian Scam
• Spoofing e-mail can be used to commit fraud
17. How to Exploring the Roles of the Client and Server in E-mail
• Send and receive e-mail in two environments
– Internet
– Controlled LAN, MAN, or WAN
• Client/server architecture
– Server OS and e-mail software differs from those on the client side
• Protected accounts
– Require usernames and passwords
18.List out E-Mail Headers.
• Learn how to find e-mail headers
– GUI clients
– Command-line clients

www.rejinpaul.com
– Web-based clients
• After you open e-mail headers, copy and paste them into a text document
• Headers contain useful information
• Outlook
• Outlook Express
• Pine and ELM
• AOL headers
• Hotmail
• Apple Mail
19. List out the E-mail Forensics Tools
• Tools include:
– AccessData’s Forensic Toolkit (FTK)
– FINALeMAIL
– Sawmill-GroupWise
– DBXtract
– Fookes Aid4Mail and MailBag Assistant
– Paraben E-Mail Examiner
– Ontrack Easy Recovery EmailRepair
– R-Tools R-Mail
• Tools allow you to find:
– E-mail database files
– Personal e-mail files
– Offline storage files
– Log files
20.Define SIM Card Readers
 SIM Card Readers With GSM phones and many newer models of mobile
devices, the next step is accessing the SIM card, which you can do by using a
combination hardware/ software device called a SIM card reader.
 The general procedure is as follows:
1. Remove the back panel of the device.
2. Remove the battery.
3. Under the battery, remove the SIM card from its holder.

www.rejinpaul.com
4. Insert the SIM card into the card reader, which you insert into your
forensic workstation’s USB port.
Part-B
1. Determine what data to analyze in a computer forensics investigation.
Determining What Data to Collect and Analyze
• Examining and analyzing digital evidence depends on:
– Nature of the case
– Amount of data to process
– Search warrants and court orders
– Company policies
• Scope creep
– Investigation expands beyond the original description
• Right of full discovery of digital evidence
Approaching Computer Forensics Cases
• Some basic principles apply to almost all computer forensics cases
– The approach you take depends largely on the specific type of case you’re
investigating
• Basic steps for all computer forensics investigations
– For target drives, use only recently wiped media that have been
reformatted
• And inspected for computer viruses
• Basic steps for all computer forensics investigations (continued)
– Inventory the hardware on the suspect’s computer and note the
condition of the computer when seized
– Remove the original drive from the computer
• Check date and time values in the system’s CMOS
– Record how you acquired data from the suspect drive
– Process the data methodically and logically
– List all folders and files on the image or drive
– If possible, examine the contents of all data files in all folders
• Starting at the root directory of the volume partition
– For all password-protected files that might be related to the investigation
• Make your best effort to recover file contents

www.rejinpaul.com

– Identify the function of every executable (binary or .exe) file that doesn’t
match known hash values
– Maintain control of all evidence and findings, and document everything
as you progress through your examination
Refining and Modifying the Investigation Plan
• Considerations
– Determine the scope of the investigation
– Determine what the case requires
– Whether you should collect all information
– What to do in case of scope creep
• The key is to start with a plan but remain flexible in the face of new evidence
Using AccessData Forensic Toolkit to Analyze Data
• Supported file systems: FAT12/16/32, NTFS, Ext2fs, and Ext3fs
• FTK can analyze data from several sources, including image files from other
vendors
• FTK produces a case log file
• Searching for keywords
– Indexed search
– Live search
– Supports options and advanced searching techniques, such as stemming
• Analyzes compressed files

www.rejinpaul.com
• You can generate reports

– Using bookmarks
2.Explain tools used to validate data.

Validating Forensic Data
• One of the most critical aspects of computer forensics
• Ensuring the integrity of data you collect is essential for presenting evidence in
court
• Most computer forensic tools provide automated hashing of image files
• Computer forensics tools have some limitations in performing hashing
– Learning how to use advanced hexadecimal editors is necessary to
ensure data integrity
Validating with Hexadecimal Editors
• Advanced hexadecimal editors offer many features not available in computer
forensics tools
– Such as hashing specific files or sectors
• Hex Workshop provides several hashing algorithms
– Such as MD5 and SHA-1
– See Figures 9-4 through 9-6
• Hex Workshop also generates the hash value of selected data sets in a file or
sector

www.rejinpaul.com
• Using hash values to discriminate data

– AccessData has a separate database, the Known File Filter (KFF)
• Filters known program files from view, such as MSWord.exe, and
identifies known illegal files, such as child pornography
– KFF compares known file hash values to files on your evidence drive or
image files
– Periodically, AccessData updates these known file hash values and posts
an updated KFF
Validating with Computer Forensics Programs
• Commercial computer forensics programs have built-in validation features
• ProDiscover’s .eve files contain metadata that includes the hash value
– Validation is done automatically
• Raw format image files (.dd extension) don’t contain metadata
– So you must validate raw format image files manually to ensure the
integrity of data
• In AccessData FTK Imager
– When you select the Expert Witness (.e01) or the SMART (.s01) format
• Additional options for validating the acquisition are displayed
– Validation report lists MD5 and SHA-1 hash values

www.rejinpaul.com
3.Explain common data-hiding techniques.

Data hiding involves changing or manipulating a file to conceal information. Data-
hiding techniques include hiding entire partitions, changing file extensions, setting file
attributes to hidden, bit-shifting, using encryption, and setting up password
protection.
Addressing Data-hiding Techniques
• File manipulation
– Filenames and extensions
– Hidden property
• Disk manipulation
– Hidden partitions
– Bad clusters
• Encryption
– Bit shifting
– Steganography
Hiding Partitions
• Delete references to a partition using a disk editor
– Re-create links for accessing it
• Use disk-partitioning utilities
– GDisk
– PartitionMagic
– System Commander
– LILO
• Account for all disk space when analyzing a disk

www.rejinpaul.com
Marking Bad Clusters

• Common with FAT systems
• Place sensitive information on free space
• Use a disk editor to mark space as a bad cluster
• To mark a good cluster as bad using Norton Disk Edit
– Type B in the FAT entry corresponding to that cluster
Bit-shifting
• Old technique
• Shift bit patterns to alter byte values of data
• Make files look like binary executable code
• Tool
– Hex Workshop
Using Steganography to Hide Data
• Greek for ―hidden writing‖
• Steganography tools were created to protect copyrighted material
– By inserting digital watermarks into a file
• Suspect can hide information on image or text document files
– Most steganography programs can insert only small amounts of data into
a file
• Very hard to spot without prior knowledge
• Tools: S-Tools, DPEnvelope, jpgx, and tte
Examining Encrypted Files
• Prevent unauthorized access
– Employ a password or passphrase
• Recovering data is difficult without password
– Key escrow
• Designed to recover encrypted data if users forget their
passphrases or if the user key is corrupted after a system failure
– Cracking password
• Expert and powerful computers
– Persuade suspect to reveal password
Recovering Passwords
• Techniques
– Dictionary attack

www.rejinpaul.com
– Brute-force attack
– Password guessing based on suspect’s profile
• Tools
– AccessData PRTK
– Advanced Password Recovery Software Toolkit
– John the Ripper
• Using AccessData tools with passworded and encrypted files
– AccessData offers a tool called Password Recovery Toolkit (PRTK)
• Can create possible password lists from many sources
– Can create your own custom dictionary based on facts in the case
– Can create a suspect profile and use biographical information to generate
likely passwords
• Using AccessData tools with passworded and encrypted files (continued)
– FTK can identify known encrypted files and those that seem to be
encrypted
• And export them
– You can then import these files into PRTK and attempt to crack them
4.Describe methods of performing a remote acquisition.

Performing Remote Acquisitions
• Remote acquisitions are handy when you need to image the drive of a computer
far away from your location
– Or when you don’t want a suspect to be aware of an ongoing
investigation
Remote Acquisitions with Runtime Software
• Runtime Software offers the following shareware programs for remote
acquisitions:
– DiskExplorer for FAT
– DiskExplorer for NTFS
– HDHOST
• Preparing DiskExplorer and HDHOST for remote acquisitions
– Requires the Runtime Software, a portable media device (USB thumb
drive or floppy disk), and two networked computers
• Making a remote connection with DiskExplorer

www.rejinpaul.com
– Requires running HDHOST on a suspect’s computer

– To establish a connection with HDHOST, the suspect’s computer must
be:
• Connected to the network
• Powered on
• Logged on to any user account with permission to run
noninstalled applications
• HDHOST can’t be run surreptitiously
• Making a remote acquisition with DiskExplorer

– After you have established a connection with DiskExplorer from the
acquisition workstation
• You can navigate through the suspect computer’s files and folders
or copy data
– The Runtime tools don’t generate a hash for acquisitions

www.rejinpaul.com
5. Explain in detail about the network forensics.

 Network forensics is the process of collecting and analyzing raw network data
and tracking network traffic systematically to ascertain how an attack was
carried out or how an event occurred on a network.
 Because network attacks are on the rise, there’s more focus on this field and an
increasing demand for skilled technicians.
 Labor forecasts predict a shortfall of 50,000 network forensics specialists in
law enforcement, legal firms, corporations, and universities.
 When intruders break into a network, they leave a trail behind. Being able to
spot variations in network traffic can help you track intrusions, so knowing
your network’s typical traffic patterns is important.
 For example, the primary ISP in Windhoek, Namibia, has peak hours of use
between 6 a.m. and 6 p.m. because most people in that city have Internet access
only at work.
 Network forensics can also help you determine whether a network is truly
under attack or a user has inadvertently installed an untested patch or custom
program, for example. A lot of time and resources can be wasted determining

www.rejinpaul.com
that a bug in a custom program or an untested open-source program caused

the ―attack.‖
Securing a Network
 Network forensics is used to determine how a security breach occurred;
however, steps must be taken to harden networks before a security breach
happens, particularly with recent increases in network attacks, viruses, and
other security incidents.
 Hardening includes a range of tasks, from applying the latest patches to using a
layered network defense strategy, which sets up layers of protection to hide the
most valuable data at the innermost part of the network.
 It also ensures that the deeper into the network an attacker gets, the more
difficult access becomes and the more safeguards are in place.
 The National Security Agency (NSA) developed a similar approach, called the
defense in depth (DiD) strategy. DiD has three modes of protection:
• People
• Technology
• Operations
If one mode of protection fails, the others can be used to thwart the attack. Listing
people as a mode of protection means organizations must hire well-qualified people
and treat them well so that they have no reason to seek revenge.
 In addition, organizations should make sure employees are trained adequately
in security procedures and are familiar with the organization’s security policy.
Physical and personnel security measures are included in this mode of
protection.
The technology mode includes choosing a strong network architecture and using
tested tools, such as intrusion detection systems (IDSs) and firewalls. Regular
penetration testing coupled with risk assessment can help improve network security,
too. Having systems in place that allow quick and thorough analysis when a security
breach occurs is also part of the technology mode of protection.
Finally, the operations mode addresses day-to-day operations. Updating security
patches, antivirus software, and OSs falls into this category, as does assessment and
monitoring procedures and disaster recovery plans.
6.Explain in detail about the E-mail investigation.

www.rejinpaul.com
Explain the role of e-mail in investigations

Describe client and server roles in e-mail
Describe tasks in investigating e-mail crimes and violations
Explain the use of e-mail server logs
Describe some available e-mail computer forensics tools
Exploring the Role of E-mail in Investigations
• With the increase in e-mail scams and fraud attempts with phishing or spoofing
– Investigators need to know how to examine and interpret the unique
content of e-mail messages
• Phishing e-mails are in HTML format
– Which allows creating links to text on a Web page
• One of the most noteworthy e-mail scams was 419, or the Nigerian Scam
• Spoofing e-mail can be used to commit fraud
Exploring the Roles of the Client and Server in E-mail
• Send and receive e-mail in two environments
– Internet
– Controlled LAN, MAN, or WAN
• Client/server architecture
– Server OS and e-mail software differs from those on the client side
• Protected accounts
– Require usernames and passwords
• Name conventions
– Corporate: john.smith@somecompany.com

www.rejinpaul.com
– Public: whatever@hotmail.com
– Everything after @ belongs to the domain name
• Tracing corporate e-mails is easier
– Because accounts use standard names the administrator
establishes
Investigating E-mail Crimes and Violations
• Similar to other types of investigations
• Goals
– Find who is behind the crime
– Collect the evidence
– Present your findings
– Build a case
• Depend on the city, state, or country
– Example: spam
– Always consult with an attorney
• Becoming commonplace
• Examples of crimes involving e-mails
– Narcotics trafficking
– Extortion
– Sexual harassment
– Child abductions and pornography
Examining E-mail Messages
• Access victim’s computer to recover the evidence
• Using the victim’s e-mail client
– Find and copy evidence in the e-mail
– Access protected or encrypted material
– Print e-mails
• Guide victim on the phone
– Open and copy e-mail including headers
• Sometimes you will deal with deleted e-mails
• Copying an e-mail message
– Before you start an e-mail investigation

www.rejinpaul.com
• You need to copy and print the e-mail involved in the crime or
policy violation
– You might also want to forward the message as an attachment to another
e-mail address
• With many GUI e-mail programs, you can copy an e-mail by dragging it to a
storage medium
– Or by saving it in a different location
Viewing E-mail Headers
• Learn how to find e-mail headers
– GUI clients
– Command-line clients
– Web-based clients
• After you open e-mail headers, copy and paste them into a text document
– So that you can read them with a text editor
• Headers contain useful information
– Unique identifying numbers, IP address of sending server, and sending
time
• Outlook
– Open the Message Options dialog box
– Copy headers
– Paste them to any text editor
• Outlook Express
– Open the message Properties dialog box
– Select Message Source
– Copy and paste the headers to any text editor
• Novell Evolution

www.rejinpaul.com
– Click View, All Message Headers

– Copy and paste the e-mail header
• Pine and ELM
– Check enable-full-headers
• AOL headers
– Click Action, View Message Source
– Copy and paste headers
• Hotmail
– Click Options, and then click the Mail Display Settings
– Click the Advanced option button under Message Headers
• Apple Mail
– Click View from the menu, point to Message, and then click Long Header
• Yahoo
– Click Mail Options
– Click General Preferences and Show All headers on incoming messages

www.rejinpaul.com
Examining E-mail Headers

• Gather supporting evidence and track suspect
– Return path
– Recipient’s e-mail address
– Type of sending e-mail service
– IP address of sending server
– Name of the e-mail server
– Unique message number
– Date and time e-mail was sent
– Attachment files information
Examining Additional E-mail Files
• E-mail messages are saved on the client side or left at the server
• Microsoft Outlook uses .pst and .ost files
• Most e-mail programs also include an electronic address book
• In Web-based e-mail
– Messages are displayed and saved as Web pages in the browser’s cache
folders
– Many Web-based e-mail providers also offer instant messaging (IM)
services
Tracing an E-mail Message
• Contact the administrator responsible for the sending server

www.rejinpaul.com
• Finding domain name’s point of contact

– www.arin.net
– www.internic.com
– www.freeality.com
– www.google.com
• Find suspect’s contact information
• Verify your findings by checking network e-mail logs against e-mail addresses
Using Network E-mail Logs
• Router logs
– Record all incoming and outgoing traffic
– Have rules to allow or disallow traffic
– You can resolve the path a transmitted e-mail has taken
• Firewall logs
– Filter e-mail traffic
– Verify whether the e-mail passed through
• You can use any text editor or specialized tools
Understanding E-mail Servers
• Computer loaded with software that uses e-mail protocols for its services
– And maintains logs you can examine and use in your investigation
• E-mail storage
– Database
– Flat file
• Logs
– Default or manual
– Continuous and circular
• Log information
– E-mail content
– Sending IP address
– Receiving and reading date and time
– System-specific information
• Contact suspect’s network e-mail administrator as soon as possible
• Servers can recover deleted e-mails
– Similar to deletion of files on a hard drive
Examining UNIX E-mail Server Logs

www.rejinpaul.com
• /etc/sendmail.cf
– Configuration information for Sendmail
• /etc/syslog.conf
– Specifies how and which events Sendmail logs
• /var/log/maillog
– SMTP and POP3 communications
• IP address and time stamp
• Check UNIX man pages for more information
Examining Microsoft E-mail Server Logs

• Microsoft Exchange Server (Exchange)
– Uses a database
– Based on Microsoft Extensible Storage Engine
• Information Store files
– Database files *.edb
• Responsible for MAPI information
– Database files *.stm
• Responsible for non-MAPI information
• Transaction logs
– Keep track of e-mail databases
• Checkpoints
– Keep track of transaction logs
• Temporary files
• E-mail communication logs
– res#.log
• Tracking.log
--Tracks messages

www.rejinpaul.com
• Troubleshooting or diagnostic log

– Logs events
– Use Windows Event Viewer
– Open the Event Properties dialog box for more details about an event
Examining Novell GroupWise E-mail Logs
• Up to 25 databases for e-mail users
– Stored on the Ofuser directory object
– Referenced by a username, an unique identifier, and .db extension
• Shares resources with e-mail server databases
• Mailboxes organizations
– Permanent index files
– QuickFinder
• Folder and file structure can be complex
– It uses Novell directory structure
• Guardian
– Directory of every database
– Tracks changes in the GroupWise environment
– Considered a single point of failure
• Log files
– GroupWise generates log files (.log extension) maintained in a standard
log format in GroupWise folders
Using Specialized E-mail Forensics Tools
• Tools include:
– AccessData’s Forensic Toolkit (FTK)
– FINALeMAIL
– Sawmill-GroupWise
– DBXtract
– Fookes Aid4Mail and MailBag Assistant
– Paraben E-Mail Examiner
– Ontrack Easy Recovery EmailRepair
– R-Tools R-Mail
• Tools allow you to find:
– E-mail database files

www.rejinpaul.com
– Personal e-mail files

– Offline storage files
– Log files
• Advantage
– Do not need to know how e-mail servers and clients work
• FINALeMAIL
– Scans e-mail database files
– Recovers deleted e-mails
– Searches computer for other files associated with e-mail
Using AccessData FTK to Recover E-mail
• FTK
– Can index data on a disk image or an entire drive for faster data retrieval
– Filters and finds files specific to e-mail clients and servers
• To recover e-mail from Outlook and Outlook Express
– AccessData integrated dtSearch
• dtSearch builds a b-tree index of all text data in a drive, an image
file, or a group of files
Using a Hexadecimal Editor to Carve E-mail Messages
• Very few vendors have products for analyzing e-mail in systems other than
Microsoft
• mbox format
– Stores e-mails in flat plaintext files
• Multipurpose Internet Mail Extensions (MIME) format
– Used by vendor-unique e-mail file systems, such as Microsoft .pst or .ost
• Example: carve e-mail messages from Evolution
7. Explain the basic concepts of mobile device forensics.
Understanding Mobile Device Forensics
 People store a wealth of information on cell phones, and the thought of losing
your cell phone and, therefore, the information stored on it can be a frightening
prospect.
 Despite this concern, not many people think about securing their cell phones,
although they routinely lock and secure laptops or desktops. Depending on
your phone’s model, the following items might be stored on it:
• Incoming, outgoing, and missed calls

www.rejinpaul.com
• Text and Short Message Service (SMS) messages

• E-mail
• Instant messaging (IM) logs
• Web pages
• Pictures
• Personal calendars
• Address books
• Music files
• Voice recordings
Despite the usefulness of these devices in providing clues for investigations,
investigating cell phones and mobile devices is one of the most challenging tasks in
digital forensics. No single standard exists for how and where cell phones store
messages, although many phones use similar storage schemes. In addition, new
phones come out about every six months, and they’re rarely compatible with previous
models. Therefore, the cables and accessories you have might become obsolete in a
short time.
Mobile Phone Basics
Since the 1970s, when Motorola introduced cell phones, mobile phone technology has
advanced rapidly. Gone are the days of two-pound cell phones that only the wealthy
could afford. In the past 40 years, mobile phone technology has developed far beyond
what the inventors could have imagined.
Up to the end of 2008, there have been three generations of mobile phones: analog,
digital personal communications service (PCS), and third-generation (3G). 3G offers
increased bandwidth, compared with the other technologies:
• 384 Kbps for pedestrian use
• 128 Kbps in a moving vehicle
• 2 Mbps in fixed locations, such as office buildings
4G networks can use the following technologies:
• Orthogonal Frequency Division Multiplexing (OFDM)—The Orthogonal Frequency
Division Multiplexing (OFDM) technology uses radio waves broadcast over different
frequencies, uses power more efficiently, and is more immune to interference (―What
You Need to Know About 4G,‖ www.networkworld.com/news/2007/052107-
specialfocus- 4g.html).

www.rejinpaul.com
• Mobile WiMAX—This technology uses the IEEE 802.16e standard and Orthogonal
Frequency Division Multiple Access (OFDMA) and is expected to support transmission
speeds of 12Mbps. Sprint has chosen this technology for its 4G network, although
some argue it’s not true 4G.
• Ultra Mobile Broadband (UTMS)—Also known as CDMA2000 EV-DO, this
technology is expected to be used by CDMA network providers to switch to 4G and
support transmission speeds of 100 Mbps.
• Multiple Input Multiple Output (MIMO)—This technology, developed by Airgo and

acquired by Qualcomm, is expected to support transmission speeds of 312 Mbps.
• Long Term Evolution (LTE)—This technology, designed for GSM and UMTS
Although digital networks use different technologies, they operate on the same basic
principles. Basically, geographical areas are divided into cells resembling honeycombs.

www.rejinpaul.com
As described in NIST SP 800-101 (mentioned earlier in this section), three main

components are used for communication with these cells:
• Base transceiver station (BTS)—This component is made up of radio transceiver
equipment that defines cells and communicates with mobile phones; it’s sometimes
referred to as a cell phone tower, although the tower is only one part of the BTS
equipment.
• Base station controller (BSC)—This combination of hardware and software
manages BTSs and assigns channels by connecting to the mobile switching center.
• Mobile switching center (MSC)—This component connects calls by routing digital
packets for the network and relies on a database to support subscribers. This central
database contains account data, location data, and other key information needed
during an investigation. If you have to retrieve information from a carrier’s central
database, you usually need a warrant or subpoena.
Inside Mobile Devices
 Mobile devices can range from simple phones to small computers, also called
smart phones.
 The hardware consists of a microprocessor, ROM, RAM, a digital signal
processor, a radio module, a microphone and speaker, hardware interfaces
(such as keypads, cameras, and GPS devices), and an LCD display. Many have
removable memory cards, and Bluetooth and Wi-Fi are now included in some
mobile devices, too.
 Most basic phones have a proprietary OS, although smart phones use the same
OSs as PCs (or stripped-down versions of them). These OSs include Linux,
Windows Mobile, RIM OS, Palm OS, Symbian OS, and, with the introduction of
the Apple iPhone, a version of Mac OS X.
 Typically, phones store system data in electronically erasable programmable
read only memory (EEPROM), which enables service providers to reprogram
phones without having to access memory chips physically.
SIM Cards Subscriber identity module (SIM) cards are found most commonly in
GSM devices and consist of a microprocessor and 16 KB to 4 MB EEPROM. There are
also high-capacity, high-density, super, and mega SIM cards that boast as high as 1
GB EEPROM. SIM cards are similar to standard memory cards, except the connectors
are aligned differently.

www.rejinpaul.com
The SIM card is necessary for the ME to work and serves these additional
purposes:
• Identifies the subscriber to the network
• Stores personal information
• Stores address books and messages
• Stores service-related information
SIM cards come in two sizes, but the most common is the size of a standard U.S.
postage stamp and about 0.75 mm thick. Portability of information is what makes SIM
cards so versatile.
By switching a SIM card between compatible phones, users can move their
information to another phone automatically without having to notify the service
provider.
Inside PDAs
Personal digital assistants (PDAs) can still be found as separate devices from mobile
phones. Most users carry them instead of a laptop to keep track of appointments,
deadlines, address books, and so forth. Palm Pilot and Microsoft Pocket PC were
popular models when PDAs came on the market in the 1990s, and standalone PDAs
are still made by companies such as Palm, Sharp, and HP.
A number of peripheral memory cards are used with PDAs:
• Compact Flash (CF)—CF cards are used for extra storage and work much the same
way as PCMCIA cards.
• MultiMedia Card (MMC)—MMC cards are designed for mobile phones, but they can
be used with PDAs to provide another storage area.
• Secure Digital (SD)—SD cards are similar to MMCs but have added security
features to protect data.
8.Describe procedures for acquiring data from cell phones and mobile
Devices.
Understanding Acquisition Procedures for Cell Phones and Mobile Devices
All mobile devices have volatile memory, so making sure they don’t lose power before
you can retrieve RAM data is critical. At the investigation scene, determine whether
the device is on or off. If it’s off, leave it off, but find the recharger and attach it as
soon as possible. If the device is on, check the LCD display for the battery’s current

www.rejinpaul.com
charge level. Because mobile devices are often designed to synchronize with
applications on a user’s PC, any mobile device attached to a PC via a cable or
cradle/docking station should be disconnected from the PC immediately.
The alternative is to isolate the device from incoming signals with one of the
following options:
• Place the device in a paint can, preferably one that previously contained radio wave–
blocking paint.
• Use the Paraben Wireless StrongHold Bag (www.paraben-forensics.com/catalog),
which conforms to Faraday wire cage standards.
• Use eight layers of antistatic bags (for example, the bags that new hard drives are
wrapped in) to block the signal.
When you’re back in the forensics lab, you need to assess what can be retrieved.
Knowing where information is stored is critical. You should check these four areas:
• The internal memory
• The SIM card
• Any removable or external memory cards
• The system server
 Memory storage on a mobile device is usually implemented as a combination of
volatile and nonvolatile memory.
 Volatile memory requires power to maintain its contents, but nonvolatile
memory does not.
 Although the specific locations of data vary from one phone model to the next,
volatile memory usually contains data that changes frequently, such as missed
calls, text messages, and sometimes even user files.
 Nonvolatile memory, on the other hand, contains OS files and stored user data,
such as a personal information manager (PIM) and backed-up files.

www.rejinpaul.com
You can retrieve quite a bit of data from a SIM card. The information that can be
retrieved falls into four categories:
• Service-related data, such as identifiers for the SIM card and
subscriber
• Call data, such as numbers dialed
• Message information
• Location information
Mobile Forensics Equipment
 Mobile forensics is such a new science that many of the items you’re
accustomed to retrieving from computers, such as deleted files, aren’t available
on mobile devices.
 The biggest challenge is dealing with constantly changing models of cell phones.
This section gives you an overview of procedures for working with mobile
forensics software, and specific tools are discussed in the following sections.
 The first step is identifying the mobile device. Most users don’t alter their
devices, but some file off serial numbers, change the display to show misleading
data, and so on.
 When attempting to identify a phone, you can make use of several online
sources, such as www. cellphoneshop.com, www.phonescoop.com, and
www.mobileforensicscentral.com.
 The next step is to attach the phone to its power supply and connect the correct
cables.
 Often you have to rig cables to connect to devices because cables for the model
you’re investigating are not available. U.S. companies usually don’t supply
cables for phones not commonly used in the United States, but the reverse is
true for companies based in Europe.
 Some vendors have toolkits with an array of cables you can use (discussed later
in ―Mobile Forensics Tools‖).
 After you’ve connected the device, start the forensics program and begin
downloading the available information.
SIM Card Readers
 SIM Card Readers With GSM phones and many newer models of mobile
devices, the next step is accessing the SIM card, which you can do by using a
combination hardware/ software device called a SIM card reader.

www.rejinpaul.com
 The general procedure is as follows:

1. Remove the back panel of the device.
2. Remove the battery.
3. Under the battery, remove the SIM card from its holder.
4. Insert the SIM card into the card reader, which you insert into your
forensic workstation’s USB port.
iPhone Forensics
 iPhone Forensics Because the iPhone is so popular, its features are copied in
many other mobile devices. The wealth of information that can be stored on this
device makes iPhone forensics particularly challenging.
 At first, many researchers and hackers tried to find a way to ―crack‖ the iPhone
but were unsuccessful because the device is practically impenetrable.
 A more fruitful approach was hacking backup files. However, this method does
have limitations: You can access only files included in a standard backup, so
deleted files, for example, can’t be accessed.
Mobile Forensics Tools
 Mobile Forensics Tools Paraben Software (www.paraben.com), a leader in
mobile forensics software, offers several tools, including Device Seizure, used to
acquire data from a variety of phone models. Paraben also has the Device
Seizure Toolbox containing assorted cables, a SIM card reader, and other
equipment for mobile device investigations. DataPilot (www.datapilot.com) has a
similar collection of cables that can interface with Nokia, Motorola, Ericsson,
Samsung, Audiovox, Sanyo, and others.
SIMCon’s features include the following:
• Reads files on SIM cards
• Analyzes file content, including text messages and stored numbers
• Recovers deleted text messages
• Manages PIN codes
• Generates reports that can be used as evidence
• Archives files with MD5 and SHA-1 hash values
• Exports data to files that can be used in spreadsheet programs
• Supports international character sets

www.rejinpaul.com
Important Questions
Part-A
1. Define bit-shifting
2. Define Known File Filter (KFF).
3. Define steganography.
4. Define network forensics.
5. Define client/server architecture.
6. Define Enhanced Simple Mail Transfer Protocol (ESMTP).
7. Define Multipurpose Internet Mail Extensions (MIME)
8. Define spoofing
9.How to Validating with Computer Forensics Programs
10.List out the Addressing Data-hiding Techniques
11. Define Code Division Multiple Access (CDMA)
12.Define Electronically erasable programmable read-only memory (EEPROM)
13.Define fourth-generation (4G).
14.Define Global System for Mobile Communications (GSM).
15.Define Orthogonal Frequency Division Multiplexing (OFDM).
16. How to Exploring the Role of E-mail in Investigations.
17. How to Exploring the Roles of the Client and Server in E-mail.
18.List out E-Mail Headers.
19. List out the E-mail Forensics Tools
20.Define SIM Card Readers
Part-B
1. Determine what data to analyze in a computer forensics investigation
2. Explain tools used to validate data
3. Explain common data-hiding techniques
4. Describe methods of performing a remote acquisition
5. Explain standard procedures for network forensics
6. Describe the use of network tools
7. Describe the importance of network forensics
8. Explain the basic concepts of mobile device forensics
9. Describe procedures for acquiring data from cell phones and mobile devices
10.Explain in detail about the E-Mail Investigations.

CS6004 Notes Rejinpaul PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CS6004 Notes Rejinpaul PDF

Uploaded by

Copyright:

Available Formats

www.rejinpaul.

1.Define IPsec Protocol.

3.Define IPsec Protocol Documents

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 1

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 2

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 3

8. Define Key Management Protocol for IPSec.

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 4

12.Difference between SSL Session and SSL Connection.

SSL Session SSL Connection

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 5

13.List out the SSL session elements.

14. List out the SSL Connection elements.

1. Server and client random

15.Define SSL Record Protocol format.

16. List out the phases of SSL Handshake Protocol.

 Phase 1: Hello Messages for Logical Connection

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 6

1. General Message Processing

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 7

 The key exchange, authentication, encryption and MAC algorithms are

1. Explain in detail about the IPsec Protocol.

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 8

 An IPsec implementation operates in a host or a security gateway environment,

1.1 IPsec Protocol Documents

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 9

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 10

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 11

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 12

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 13

2.Explain in detail about the IP Authentication Header.

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 14

Payload length (8 bits):

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 15

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 16

3. Explain in detail about the IP ESP.

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 17

ESP Packet Format

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 18

SPI (32 bits):

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 19

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 20

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 21

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 22

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 23

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 24

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 25

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 26

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 27

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 28

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 29

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 30

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 31

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 32

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 33

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 34

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 35

5. Explain in detail about the SSL protocol.

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 36

Session and Connection States

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 37

Prepared By: Mr X.MARTIN LOURDURAJ AP/CSE ,ST.ANNESCET 38

Compression and decompression: