TAKUDZWA CHITUNGO

SYSTEMS SECURITY AND CRYPOTOGRAPHY

H180409C
COMPUTER SCIENCE
ASSIGNMENT 2
DUE 7 NOV 2021

QUESTION ONE
1. What is the services IPsec provide? Explain Oakley key determination
protocol. [10]
IPsec short for Internet Protocol Security is a set of standards (protocols) when used
altogether they encrypt communication and connection between devices. IPsec protects the
confidentiality, integrity and authentication of data communication over an Internet Protocol
network (IP Network).
IPsec mainly provides three services which are:
1. Message Confidentiality – it makes user a third party cannot intercept and have access
to information it is not authorized to see or receive.
2. Traffic Analysis Protection – if there is an unauthorized third-party person monitoring
the data traffic, he or she will not be able to tell apart the people communicating, the
amount of data in transit and also how often the communication between the parties is
occurring.
3. Message Integrity – IPsec protects data in transit from parties that will alter the data
whether it was intended or not. It uses a Message Authentication Code which if the
data is altered will have a different value from the first generated hence it will be
noticed.

Oakley Key Determination Protocol

It uses the Diffie-Hellman key exchange algorithm to allow authenticated users to exchange
keying material across a secure and protected network. The Oakley aims to strengthens the
weaknesses of the Diffie-Hellman algorithm. The OKDT is characterized by the following
features:
 It employs a mechanism known as cookies to thwart clogging attacks.

 It enables the two parties to negotiate a group; this, in essence, specifies the global
parameters of the Diffie-Hellman key exchange.

 It uses nonces to ensure against replay attacks.

  It enables the exchange of Diffie-Hellman public key values.

 It authenticates the Diffie-Hellman exchange to thwart man-in-the-middle attacks.

QUESTION 2

What is SSL and SET? What is the difference between SSL connection and SSL
session? Discuss SSL protocol architecture. How does SET work? Describe dual
signature for SET and its purpose. [10]
Secure Security Lock (SSL) is the basic technology that aims to protect and establish an
encrypted communication between the internet server and browser. It ensures that any
communication done between the two stays personal and integral.
Secure Electronic Transactions – similar to SSL but SET main aim is to protect and guarantee
the safe transfer of money on digital environments i.e., payment of your Netflix account via
their website.
Differences
SSL SET
It doesn’t protect against all security hazards Comprehensive protocol not widely used as it
and it is basically simple to use. requires a special card reader for the user,
offers integrity, confidentiality and
authenticity.

SSL protocol secures data transmissions with SET uses dual signatures to secure a
a combination of public-key and symmetric- transaction
key encryption.
SSL protocol always begins with a handshake The design of SET protocol requires the
that allows the server to authenticate itself to installation of an e-wallet on the client.
the client. If the server cannot be
authenticated, the connection cannot be
established.
SSL Record Protocol mainly aims at providing just two main services to the Secure Socket
Layer which are – Message integrity and confidentiality.
Handshake Protocol – this is for facilitating communication between client and server for
establishing sessions by sending each other messages.
Change Cipher Spec Protocol – Consists of one single message, 1 byte, which can only be
one value. It’s main purpose it to cause the pending state to be copied to the current state.
Alert Protocol – used to pass on SSL-related alerts to the peer entity
How does SET work
1. Creation of an account by the user e.g., a bank visa card which supports electronic
transactions
2. Account Verification – account is verified by the Certificate Authority
3. Merchant Gets a certificate – the intended recipient of the amount must perform a
process of digital certificate.
4. Customer places an order
5. Merchant is verified
6. The details are sent
7. Merchant then requests authorization for payment
8. Authorization of Payment Gateway
9. Order is confirmed by Merchant
10. Goods and Services are provided by the merchant
11. Request of payment by merchant

Describe dual signature for SET and its purpose.

The dual signature is a significant new feature in SET. The dual signature's goal is to connect
two messages meant for two different recipients. In this example, the client wishes to transmit
the merchant the order information (OI) and the bank the payment information (PI). The bank
does not need to know the contents of the customer's order, and the merchant does not need
to know the customer's credit card information. By keeping these two items distinct, the
customer has additional privacy protection. The two elements must, however, be linked in a
way that allows them to be utilized to resolve disagreements if necessary. The link is required
so that the consumer may demonstrate that this is the case. Dual signatures are another
approach to keep tabs on and manage your company's cash flow internally. It also signifies
those two persons agree that the payment is valid. Someone could draft checks to themself or
another corporate organization if a one-signature rule is in place.
QUESTION THREE
What are the types of Firewalls? Explain them.
1. Packet Filtering Firewall - Packet filtering firewalls are installed inline at the places
where equipment like routers and switches perform their functions. These firewalls,
on the other hand, do not route packets; instead, they check each one to a list of pre-
defined criteria, such as authorized IP addresses, packet type, port number, and other
features of the packet protocol headers. Troublesome packets are often dropped
indiscriminately, that is, they are not forwarded and therefore cease to exist.
2. Circuit Level Gateway - Circuit-level gateways monitor TCP handshakes and other
network protocol session initiation messages across the network as they are
established between the local and remote hosts to determine whether the session being
initiated is legitimate — whether the remote system is considered trusted. This is
another relatively quick way to identify malicious content. They do not, however,
inspect the packets themselves.
3. Application-Level Gateway – Also known as Proxy firewalls. Proxy firewalls filter
incoming traffic between your network and the traffic source at the application layer,
hence the name "application-level gateway." A cloud-based solution or another proxy
device is used to offer these firewalls. Instead of allowing traffic to connect directly,
the proxy firewall establishes a connection with the traffic source and inspects the
incoming data packet.
4. Stateful Inspection Firewall - State-aware devices not only evaluate each packet, but
also keep note of whether it is part of a running TCP or other network session. This
provides higher security than packet filtering or circuit monitoring alone, albeit at the
expense of network performance. The multilayer inspection firewall, which considers
the flow of transactions in progress across multiple protocol layers of the seven-layer
Open Systems Interconnection (OSI) model, is another version of stateful inspection.
5. Web Application Firewalls - Filtering, monitoring, and blocking data packets as they
flow in and out of websites or web applications is the responsibility of web
application firewalls (WAF). A WAF is often deployed in front of one or more
websites or apps and might be located on the network, at the host, or in the cloud.
Server plugins, cloud services, and network appliances are all options for WAFs. A
WAF is similar to a proxy firewall, but it is designed to protect against application
layer web-based attacks.