Professional Documents
Culture Documents
‘ Yaw-w Iv—KHW-
. ‘
-.
4
A
gineafigmmm
am—Jimam—Inoflwodaudhmmflmdmmbwmmu
,
- «-7-. .
“Hy a“—
sematereramin engineering. Haveywhmeah’adygiven upthinfing'Whatthcbefl l and.
at this moment? Tomorrow is exam!” Think again! You are M madam & ha nigh:
i studies are a'exyenginecringsmdent’s epitome.
'Weaginmareémfbrawmfin‘g'
Don't Wonyentire'l‘oppn’s Solutions’l‘umis mrkingomforbettermmofm. Hague
some techniques about Cryptography & System Security ((38) Subject.
— Sim-ks Distribution —-
Chapter Name “'eighzage (Marl-Ls)
“15:54"; ; L I Mill-18 “
- 10
10
Key
m‘mogl'aph)‘
20
Cryptography
SET - 2
Hash Functions
Scanned by CamScanner
.'“ ' ‘ '7’ ': ~
MWMM 2
> "(2m
/ fl ’2
Study the following 3 chapters. t:
fl // Weightage (Marks)
Chapter Name / i
#
___________ 9
'.
;
1 Introduction 4““ 8 _ :-
,
i-
2 Basics of Cryptography
i
1 1‘
‘
Secret Key . . 13
7/
3/5 Cryptography/Cryptographic Hash
Functions
l r
r.
Copyright © 2016 - 20
13 by Topper’s Solutions
Alel rights reserved. No
th part of this publi_catio
or by any means, inclu g, renco
ma
rdyinbe’ reproduced. di st. ri b
ding photocopyin ut ed , or tr an sm‘itt ed
in any form
J3
rt or written perm
ission of the publish
t. .ews
:ew and
Ier ex e 9 , C . ' -3nical.methcds without
certain other noncommerd
F ‘ W‘-vV -‘ n '
al u se s p0 1..
_...._
Co nt ac t No : 7 5 0 7 5
31198
hmail ID: Su pp
or t© T op pe rs So lu ti on
s
W
eh si te . .v w w
I ga !
.T o p p er sS ‘
o lu ti o n s co m
Scanned by CamScanner
CHAPTER - 1: INTRODUCTION ,
01] Operating System Security.
Ans: - [5M — Dec15]
W
1. Security refers to providing a protection system to computer system resources.
2. Resources can be a CPU. memory. disk, software programs and most . importantly
data/information stored in the computer system.
Q55 §ECURITY¢
1. Operating System Security (08 security) is the process of ensuring OS integrity, confidentiality
and availability.
2. I f a computer program is run by an unauthorized user. then he/she may cause severe damage to
computer or data stored in it.
3. So a computer system must be protected against unauthorized access, threats, viruses, worms
and malwares.
Cnnflduufiallty
Availability S e c u ra System“
GOALS 0 F 0 5 SECURITY:
1)
EmsJJLiaJLm
‘3' I t is the best security policy.
> It assures that data is accessed by authorized user only.
1|)
integrity;
> It ensures that the data receivedby the receiver IS exactly same as the data send by sender.
3*
The data should not be modified b y a n y unauthorized entity.
m)
Amman
3"
It ensures that the data is always accessible/ available to authorizedpersons.
> Whenever an authorized 53’5“?!“ entity d e m a n d s for system resource.it must be accessible and
usable at all times by him/her.
flya { afar;
‘wfi . ‘r‘
Scanned by CamScanner
I l gum/action 'Jmerfer-
7 75/010"?6,06%":
Q2 ] D e fi n 8 the goals of security and specify gmechanisms to archive each 30a].
l_
A
VVVVZVV
[Sen der ]
a
(Receiver) I
c
(Attacker)
n.) lam ‘
p
.
' integrity ensures that the data rec
eive d by the receiver is exactly same as
“V
Page .20/134
Scanned by CamScanner
w "u" " '—-— ——v-—rr
.0
' ‘1 ' ‘ I
[Sender] ‘ (Receiver)
Actual Route
(Attacker)
u!) _ .t:
. l1 . .- ‘l .
(Sender)
J . J (Receiver)
SECURITY MECHANISMS:
1) Encipherment:
V
Ill) El 3 9i ' me
A digital signature is a means by which the sender can electronicaliysign the data and the receiver
can electronically verify the signature.
Public and private keys can be used.
Fags}0,934
Scanned by CamScanner
i
WWW}
SW4 ' \"fiom \S'of i
(Misha/weft!” _/7 l
. . - ti to each other.
1") “MW messages to Prove their 1den
me ty
:r in this two entities exchange 5 ° . '
f"
v) M e bogus data into the data trafiic to thwart the adversa
> Traffic padding
. - ' som
means inserting .
v
> Notarization means selecting a third trus e p bet weentw
0
entities.
> The receiver can involve a trusted third party to store the sender request 1“ order to Prevent the
sender from later denying that she has made a request.
V111) swam
» . - — ¢ ‘r.
> Access control used methods to prove that a user has access right
t o the data o r resources owned
by a system.
'
,-"-V. — ' . —A. ~ u -
> Examples of proofs are passwords and PINS
.
‘-
replay attacks
..
-
Ans:
A‘.
M3318]
[5M -
REPLAY ATTAC KS:
' V e r s i o n s ofa
‘ ’ lt‘ J and
aut hen tiC ' ‘ity.
“—
"M
. n e p ap tJ Attack. an attacker C a p t u r e ‘ ‘ - ' .
F‘ ‘ a n in the m i d d l e 'dtt ,. ..
lgtiie1.5.
data
S [he
__'
a _
an...
“no r e t r a n s m i t
. 3 l-l after some delay as slim/iml“r'
Y
E- nets:
‘
"Cr\=r T
an :
‘> AnAttacker ca ‘ res t h i .s data a n d
. ptu Online
.ww
“end _ “ o n MT
. -
USSlcn
_\ ° 5‘t agai ‘i-
1111”" ft a w n — 9 w .
.
1'“r . — . _ . _ _ . .
6&0
‘ o-
"I‘... W.- I
Scanned by CamScanner
-———
( I 913M060» Tapper} J'ofilfiom
A [I
(Sender) (Rm-her)
subsequent message [response] received from B contain the correct nonce value.
P4935afm
Scanned by CamScanner
WWW} 30%»:
mm-
TYPES; “5)
.
ck [GOA]: .
I) We ci ph er te x .
et ho d, th e at ta ck er ha s access to a se t of
In this m
pl ai nt ex t.
Attacker doe s not hav e acc es
s to co rr es po nd in g
pl ai nt ex t ca n be de t ermined from a given Set
h e n t h e cor re sp on di ng
COA is said to be suc ces sfu l w
of ciphertext.
1!)
KW
for Some pa rts of the cip he rte xt.
> in this method , the attacke r knows the pla int ex t
inf orm ati on . .
> The task 13 to decrypt the rest of the ciphertext usin g thi s
r meth od.
> This may be done by determining the key or via seme othe
s again st black ciphe rs.
3“
The best exam ple o f this attack 15 l i n e a r crypta nalysi
‘ Wk 'BFA :
In this method, the attacker tries to determin e the key by attemptin g all possible keys
l f t h e key is 8 bits long, then the number ofptissible keys is 2 8 -. 256 .
‘ The attacke r knows the cipherte xt and the algorith m n o w he attemp ts all the
2 5 6 keys 0 me 1)
o n e for decryption. 3
2 .. _ The time to complete the attack would be very high if the key is 10110.
V1)
Emmet;
>. A birthda y attack is a class ofbrut e force attack used agains t hashin g functio
ns.
i> , It is based on the "birth day parad ox"
of y a
. This state s that 1n .1 grou p of23 peop le, tnere is a t
. . _ . I.
least a 5 0 % prob abili ty that a t least two peop le ‘-
., . will share the s a m e birth day.
'In
' .
> . a grou p of 6 0 people, the prob abili ty is over
99% .
79598501’64 ..
'* * , —.'—
Scanned by CamScanner
r l Wee/wade» J'smarfar - 7 Tapper} J'oficflom
VII ) W:
P The targets of this attack are mostly public key cryptosystems where key exchange is involved
before communication takes place.
Host A wants to communicate to host [3. hence requests public key of B.
An attacker intercepts this request and sends his public key instead.
Thus. whatever host A sends to host 8, the attacker is able to read.
in order to maintain communication, the attacker re-encrypts the data after reading with his
public key and sends to B.
The attacker sends his public key as A's public key so that B takes it as if it is takingit from A.
VIII) W
Side channel attack is used to exploit the weakness in physical implementation of the
cryptosyste m.
Side channel attacks are a type of attacks based on implementation details such as timing. power,
and radiation emissions. .
By carefully measuring the amount of time required to perform private key operations, attackers
may be able to find fixed Diffie-Hellman exponents. factor RSA keys, and break other
cryptosystems.
m)
Timing attack exploit the fact that different computations take different times to compute on
processor.
By measuring such timings, it is be possible to know about a particular computation the processor
is carrying out.
For example, ifthe encryptiontakes a longer time. it indicates that the secret key is long.
W
These attacks are similar to timing attacks except that the amount of power consumption is used
to obtain information about the nature oi‘the underlying computations.
.Eauit. anaixsumt'rasks;
in these attacks, errors are induced in the cryptosystem and the attacker studies the resulting
output for useful information.
-—-_._-——.———-I--I-:
Page7 3/34
Scanned by CamScanner
Ilfibu/wfian Jamar!” - 7 Toff”? {0%
.. EXTRA QUESTIONS --
' Q1] Security Attacks.
Ans:
SECURITYA'ITAfi
Security Atta ck
Passive
Acflw
i , l l l I 1
"'
Release o f Traffic Analysis Masque rade
Message Content Replay Modification Denial
' Attack o f Message ofSorv ico
"r m ~ < ~ ‘
Figure 1.6: Types of Attacks.
PfiSSIVi-Z ATTACK:
. -—
‘QW—N54v n-yv-u
—n- —
I.
_ ..1 inPa ssive Attack, an attacker just obtains
an infor mati on bein g trans mitte d.
‘ ‘ ~ 2. it does not alter the message.
'-
i) ‘ Relea se o f Message Conten_t_:_
This Attack discloses the message informa
tion.
- ‘,~. - it may happen throug
h various ways such as: Listening to tele
phone co
nversation accessing e
mails or observing a transferre U j
ve information
H). ' TrafficAnalysis:
> in Traffic Analysis, an attacke
, . r observes the network traffic
and tries to analyrm the net
communication. - -- ure 0 f
7;». ' , Encryption technique is used to pre ven
t Tra ffic Analysis.
em W‘ithout thei’ r
PW‘\\~—+
-__ .
.
‘P+¢v"“‘-
Scanned by CamScanner
( I gamma» J'omarfor - 7 73”»?J’o/uflam
> Phishingis one of the variation of masquerade.
inlernoi
n
c C Masquerade: A
(Attacker)
11) 3.2mm
In Replay Attack, an attacker captures the data and retransmits it after some delay as shown in
Figure 1.8.
Example: A sends Rs. 1, 00,000 to B Through an online transmission.
An Attacker captures this data and sends it again after some time to produce unauthorized effects.
A Internet B
(Sender) (Receiver)
m) M o d i fi c a t i o n o f Messages;
A
Interim-i
‘5
0
)—_. R
(Snider) )-’ (Heals-or]
I
I
C
[Attacke r]
@69a
Scanned by CamScanner
Some-[fer ~ 7 Tm: \VO/ulfo,’
I I guftwfucb'an
/
m
3.
D
Den ial ofS erv ice [DOS] i s also
I ihbinty Mac"
k n o w n as A v a ‘ t o System Communication
. faci litie s o r ms
. tting EICCE'Ss
k ' ' 1thor12ed users from ge “‘83.
overloadin it wi
>r iRt pl
mayevents at th8 metwork either by disabling the n e t w o r k or by
disrupt 3 th messag
> - cult to p r e v e n t .
Active Attacks are easy to detect but d1ffi
a“
SECURITY SERVICES: '
,
1. Security serw.ce IS
. .
a serv1ce ’ E '
that enhances the sec unty 0f the. sy ste m or data transfer.
2. ’ They are intended to counter Security Attacks.
_—.w.u,' ‘ . - r
.3. Security Services make use of one or mor
_.._.—
e security mechanisms to pro vid e the
service.
4. Figu1 e 1.10 shows the Categories
ofSecu1ity Se1vices.
— ‘ 1 .. >
Security
um»
Services
rd ‘
u.
..
1. . l l ,
aut hen tica tion
Dat a Confidentially
, Dat a I n t e g r i t y
N o n -“lepudiation
i
Acc ess C o n t r o l
.
Figure 1.10: Categmi
‘
es of Se cu rit y Se rvi ce
I) Authentication: s
‘
‘> I t ensu es that the co
n t !' ‘-1
mmunicatmg entlty
IS the one c h u r n e d
‘ - " “ ~ qa
O ? Vvo-
ll) Da ta Confidentially:
< W - ¢ - ~‘b—nx
r i t pr ot ec ts the da
ta fro m unauthoriz
ed disclosure
111‘; D a t a Integrity:
- w m w - . ‘A
‘r I t --
assures
._ . that data receiv
i- ed
iqt ass enth 811..
.
author.lzed entity,
t
1V] y
f_
.,
-
'
.
.
3"
I" .
i t pr ot ec ts a ai ns
"8 t Den1a] by-
-1
one
.
_ V) . .
Ami—Clinical;
{v‘ 1.7!
.
ban-U
.
'14.";
.
, , unic 3th “
'_ .
‘_-
ioh“
"'--' 131' -
_
.
1-.
I t prevents fr
o m authorize
,.
d use o i a 1-
.: '
.- “Aw.-
‘
'
'
.
v.
«ht-1m"
"
r.
._m,,;wr!'
“(I
-
1 . - ..
-
‘
.."v
M.Ae' l - " ' 4:' -_- ¢
A
I
‘v
.
-
i v'
1‘
-
ffl'éajv'“
1I
‘
1 i‘n
.
-
1_ - «v : - -. ’ . -,
awash?”
Zr
I3n"a“ - 1 "
:2-
-‘
n
-.
«3h- . -a' ; s ,
u
~
o_
Scanned by CamScanner
aweawe ‘mv _ e WMN‘OW
CHAPTER - 2: BASIC or caflmeaamfl
QI] Define the following examples:
(i) Substitution cipher.
(ii) Poly-alphabetic cipher.
02] With the help of suitable examples compare and contrast monoalphabetic
ciphers and polyalphabetic ciphers?
Ans: [Q1 I 5M -- Dec15] & [Qz | 5M - Dec17]
SUBSTITUTION CIPHER:
1. Substitution cipher is a method of encoding by which units of plaintext are replaced with cipher
text, according to a fixed system.
2 The "units" may be single letters, pairs ufletters, and triplets of letters or mixtures of the above.
3 The receiver deciphers the text by performing the inverse substitution.
4. In short. in Substitution, one symbol/letter is replaced by another.
5 Substitution Cipher can be divided as:
1)
Manual new
> A character in plain text is always changed to the s a m e character in the c i p h e r text regardless of
its position. - ,
> Example of this is the Ceaser Cipher which involves replacing each letter of the alphabet with
the letter standing three p l a c e s further down the alphabet.
I
I
Plain Text
'—]
CipherText DEFGHIIKLMNOPQIRS
ll) Pgiyaipha’pm
> A poiyaiphabetic cipher uses a number ofsuhstitutions at different times in the message
‘3' in polyalphabetic cipher, relationship between characters in plain text to a character in cipher
text i s one-to-many.
> Example: Consider the previous example of Monoalphabetic Cipher. where ‘A’ is replaced by 'D’
at 4 different places.
figs «ofmfi’
--- . —.— a- _.0-
Scanned by CamScanner
‘7?) 36'0/ ' '-
2 l Waffle/“WM
W"? . ”KM
t l e t ters. ,
’ w ill be re pl ac ed by 4 di' ff er en
ti c ci ph er ,I‘A
4’" l f w e us e p0 Iy a lp ha be
13}7 -
17
6 U
1..
14 15
Topper 19 21 -
Kc)’ 21 15
Sagar 18 0
Plain Text
14 “
Ci ph er LOVPV ‘ 37
Text
QQMPARISON:
' 8: Polya lphab etic' Cip
Table 2.1: Comp arison betwe en Mono alpha betic
' her
‘
v
am pl e gi ve n ab ov
'
e.
n u n - w :-
x
Q3] Exp lain with exa mp le, keyed and
mg-‘un-
k eyless tra ns po Si ti on
ci ph er s,
Ans :
;
‘fiim
.—
'flitSPOSlTlON CIPHfifl [5M Diana 6]
1. Transposition cipher is a metho
d of en cry pti on b
Ywhich th e po sit io ns he
are shi fte d according to a reg ld by un its of pla in tex
ula r sys tem , so tha t th e t
ciphel te xt co ns tit ut
pl ain tex t. es a pe rm ut at io n of
th e
‘_
2. That is, the order of th e un
its is changed.
3.. . Tr an sp os iti on cip he
r do es no t su bs tit ut e
0 n e sy m bo l fo r an ot
1 _7 ol' th e sy mb ol s. he r in st ea d it ch an
ge s th e lo ca ti on
4. . _ Tr an sp os iti on
Cipher can be divided
as ke yl es s an d keye
d tr an sp os iti on ci
.
.I'v
.
H
. -« ph er .
“X
ME“—
Page{2 af m N - \Mh' ‘
Scanned by CamScanner
2 [Mofci-yplogmpfi‘y Sanerfer-7 _ Tapper? J’a/uflam
l) Wen
> i t is Simplest Transposition Cipher.
3. in first method the text is written into a table column by column and then row by row.
> For example, to send the message "Meet me at the park” to Bob, Alice writes
m e m a t e a k
> In the second method the text is written into the table row by row and then transmitted column
by column.
> For example, Alice and Bob can agree on the number of columns and use the second method.
> Alice writes the same plain text, row by row, in a table of four columns.
111 e e t
m e a t
I: h e p
a r k
,‘> In Keyed Transposition Cipher, plain text is divided into groups of predetermined size called
' blocks.
‘3» Then it use a key to permute the characters in each block separately.
> Example: Alice needs to send the message "Enemy attacks tonight" to Bob.
5" Let the block size be 5.
1e In i E J l l 1a IT It Ia ICI l l l t lo In 1 1: p m . .1
> The key used for encryption and decryption is a permutation key, which shows how the
characters are permuted.
Key:
Encryption 3 1 1 4- 5 2 TDecrypti—on
l 1 2 3 4. 5 T
Scanned by CamScanner
5-! ‘ I
60%
W -—7 WM
‘2 l
M” #wmfl transpOSition
cipher.
ow s the e x am ple o f keyed
2.1 which sh
Consider the Figure Bob
— g
Alice _
Piainicxi
a” i k i .
1 a c s o
l’iainicxi J_ flight;
@— 1
enemyatiacksionish‘zl Read r o w b ‘
ym”
Write rowbyrow Ff
1r m y
c ’n c
m y c
c a c
a t t a
a i i a c s t o n
k i Z
a i a n A i g h
k h ‘ j
i 8
,, 3 1 4 5 2 .. L
g E:
.5
l l i 4l 5l a9 . l M Y N
i 2 3 l:
,. N L?
is i M Y
K" 'r A A c T
'i.‘ A A c 'r 0 N S
K
T K O N S G
ii i T Z
ii i 'i‘ / (i
Wriic column by colum
' Read column by column
ZN TSG
i‘SG
,.
, , , E'i’i'iiIZAKiii/iAO'i‘YCN
i M A O ' i ' Y C N Z N_ '
B T T I I E A K__ Imnsmissmn ___
.. (Jiphcricxi
(.iphcticxi
sitio n Ciph er.
Figure 2.1: Example of Key ed Tran spo
.-
FLAYFMB Cii’iiifli;
1 Play Fair Cipher is one oftiie Muiti-l eticr Cipher.
2 Play Fair Cipher uses a 5 x 5 Matrix ofaiphabets containing a keywnrii or phrase
.3"
This cipher enciypts pair of ietiers instead nf single letter.
4 i t is difficult to break because frequency analysis does not work in Play Fair Cipher
E MMPLE:
Key: Domestic,
79a]:14 0/34
Scanned by CamScanner
5512;199n -BW’fC“7 _ _ 4
Ml!
7%?”WW!
Pnlr Ina nlnln tut nlnhnlnnn In twin,
“
n: all ny In In an an nn no
N In; Ill! nr
2. ”any character In the plain mm
In 'I' Ilmn runluru II WIlll ’I‘.
fl
'l'll 0k 9y In In an an nn do rt
Im an or
3. i
Double lemr nr connurnnvnly run
nnt ml Innna Inlum urn unnnrmml by u
nr
'l'h cl: ny In In and an an do
rl no alnx nr
4. ll'nn odd character In loll nut pnlr
It MIN 2: nr 7..
Th 0'! ny In Ill all:no nu ml or III
ad onnr
5. Manama n mhlg ammo: nn Mnnnnlnlm
lmllc lnllln Inn lllln [ulna wlll In:5 n 5
tabla became ‘l' lé’l’ will
he mar ge logollmr. (Using Kay Lu.
llnnmullc)
rmcl ”7) "MW
e "g"
In
“"7 ' ' c" n 'b‘
"ni '“n ' u" ' I
ll. .p,._. Q I r u.”l
‘r If bnth letters me In the snmv mlnmn. mlw the letter below each
one (going back to the top ifat
Ilm lmllnrn)
‘1' lllmlll lnllm'n mm: In lln: Minn: mw, mkn ilv:letter to the right Ofeach one (going back
to [ h e lef:if
m the furthest rlgln)
'I ll nnllhnr nl'llm [ n ' m m l l n g two rules are true, form a rt’ectangle with the two
letters and take the
lullnrn nn lln‘:lmrlzmnnl nppnsllu corner of the rectangle.
AflflLADDMDlLLUUfli c f n r an lm gc mv ns
pn vt ny cl’so m w cp
_l
w- W... ‘
‘m
M17595
(5 #234
Scanned by CamScanner
l.I'-
m— ee
SMW“7 ____.. - ~
~
w} dab/””0 ”!
,. 5
. *m~‘é'l~“9uhflam
]
easy toa [ 6 M ‘ [N e w
“. _. w
_ . ' _.v-_;‘..m
0'5] Encrypt th ’
—- .- tA
"monarchy"
u
4
‘
Arts:
2mm r.
e of the MnIii-lette
r Ciphe
Play Fair Cipher is on d or phrase,
I.
5 M at r ix of alp ha be ts containing a keywor
x
'2. Play Fair Cipher use5 a 5
ietters instead of singl
e letter.
is cip he r encry pts pa ir of
. Th Pair Cipher.
ak bec aus e fre qu en cy an alysis does not work in Play
4. it is difficult to bre
I ‘.hl
EXAMPLE:
-4
IA"
Key:Monarchy
:‘
Sims;
- u.’-fi—'.~*.
ww“.m
Th is is an ea sy ta 5k
-
.
-.A .4. .— w a d - n u . . . 4 ' - _ . . . A'
2. If any character in the plain text is '1' then replace it with 'l'. (in our case character '1’is not present}
. . . .._ ,.
Th is is an en sy ta sk I
-.
n
a...-
t
' ‘\
x or z (in our case there is
'no consecutively repeated same letters) V -
Th is is an ea sy ta sk
. odd
Ifan ' characteVr is left outpai' r 11 Wi
' ' th x or z. (in our cas
. ethere is
' no od
. d chara cter)
Th is is an ea sy ta sk
.
‘ irepare a table same as Mono
V alphabetic table bu tt
his table w‘l‘ ’ b e c a u s e '1'
beamerge tOBEthel‘. (Using Key i.e. Monarchy] l I be 5 A 5 table 3i'i' will
M o
Scanned by CamScanner
Smarter-7 v _; -. .. Tarmrfifme
31mm
BEES
the top if at
the letter below each one (golng bath to
> liboth letters are in the same column. tnke
.
the bottom)
if
r to the right of each one (golng back to the left
> lfhothletters are in the same row, take the lette
at the farthest right) I ‘
a rectangle with the two letters and take the
> If neither of the preceding two rules are true. form
the rectangle.
letters on the horizontal opposite corner of
Th Is is an en sy to SR
th-9Rule3-9pd
iséRuleZésx
is-)R ule2 ->sx
an-) Rule ‘1-> ra
ea 9 Rule-3 9 im
sy-9 Rule 3-9q b
ta-) Rule 3-}s r
sk-> Rule 3-9ti
WW pd sx sx re im qb sr ti
(26] Use the Play fair cipher with the keyword: "MEDICI NE" to encipher the messaae
O
exzmeug
Piain Text: The greatest wealth is health.
Key: MEDICINE
afoe
$455 '7
r-"
_
Scanned by CamScanner
C '11"
Some!»..7 We?iii/em
0/
2 I We M5 W..."
I'M
5mm
abets in two.
1 Pair the plain text alph
hi sh an it.h
Th onre m: as. M an lt
~ n:3 chara
' ln out’ca cter’_i ’it notprm” 0
. ~e it with7l.(
n text is' I’ then replac
plai
2' If any characterln the
hl uh on it h
Th 03 re at as tw on it
' 0‘m' 68.66! mm H
‘
" rs are sepa
same lette rated by x or'4i (in
Double letter or consecutively repeated
3
d same letters)
no consecutively repeate
hi ah on I t h
'I‘h eg re at as tw en It
‘x’)
out pair it wi th x or 7.. (we pnlr it with
4. lfan odd character ls left
W
on It hx
'l‘h cg re at as tw an it hi sh
'l’ & T will
lphnbetlc table but this tab le will be S x 5 table because
5 ' Prepare a table same as Monoa
Key Le. Medicine)
be merge together. (Using
-
Il o p
I»:
“inmaa.
h
Cl 1' S t u
«in;
y Z
V W I X
__1
I
d-
ifat -
letter below each one (going back to the top
I
.
__
Th eg re at es tw ea lt hi sh ea lt hx
.—
‘m-A-.fi._-L__‘._
m
2* Rule 3 ‘9 no
(—1-.-
H.
‘th
at -) Rule 3 -> fr
.“_.-a. ‘“. . . ._
es -) Rule 3 '9 dr
.
rat-‘5: ...-.
53V") Rulc3-)ry
9943:(8of13.4
.
.‘ ‘.
__.
-..
-.~
‘-
i
1.
'-
.h
HAL.-
‘_'-‘
--v
Scanned by CamScanner
Jamar!”- 7 Tapper-’1So/ufiw:
51WeWaffle/fie
ea 9 Rule 3 9 alt
It 9 Rule 3 9 05
hi 9 Rule 3 9 om
sh 9 Rule 3 9 ql
ea 9 Rule 3 9 ak
it 9 Rule 3 9 as
hx 9 Rule 3 9 IV
05 iv
WEE-311153 qo aw a fr dr ry altos om ql ak
dr ry ak os om ql ak 03 iv
Therefore, Cipher Text is: go caw a fr
large“
Block Cipher operates on block of data
Stream Cipher operates on raller units of plain text
L s
afar;
99H?
Scanned by CamScanner
"“"M
Mf r-7 7;"
W4“.1'30
. BLOCK L‘iPflEg:
Ca’lq
l. Bind: (Zip-her is a symmetric key cipher which operates on a fixed length group of bits
Nod:
'1 it camps entire block of message one at a time.
om cipher bit stream by an XOR Opel-35m
3% in this the plain text are combined with a pseudorand
bits one at a time. '
4~
Ciphermxtisgeneratedby encrypting the plain text
S Mmmmndmamoeslndm
SHEA.” m
er.
I. Stream Cipher is also called as state ciph
which operates on his] bytes.
2 his a symmetric keycipber,
am by an XOR Operation
with a pseudorandom cipher bit stre
3. In this the plain text are combined
e.
ting the plain text bits one at a tim
4.. Ember text is generated by encryp
4-
5 MAS/1. RC
Wfiflfiflfi
Refer Q‘E.
Scanned by CamScanner
. u- 7 _.--M
Samaria:- ‘ _ flip/mi Jail/ion:
slé‘mflcgfieamfiz
CHAPTeg - 3: sacger KEY cflggmgflx
.3 01] IDEA.
Q2 ] Ke y gen era tio n i n IDEA.
Mario]
(Q: I am - h [02 I 5M - mm]
ion Algorithm.
m m stands for International Data Encrypt
It is Block Cipher Algorithm.
n Standard).
iDEA is the replacement of DES (Data Encryptio
IDEA Operates on 64-bit blocks using a 1.28 bit key.
operations from different groups like modular
IDEA derives much of its security by interleaving
(XOR).
addition and multiplication, and bitwise exclusive OR
f.‘ iYC-EENE
RATION:
if; > The 128 bit key is divided into 8 sub parts that is 16 bits each.
on, so by doing this we will have
> Then the 128 bit key is cyclically shifted to the left by 25 positi
one new 1 2 8 bit key.
used in next round.
Now similarly as above it is divided into 8 sub blocks and will be
from which the first 5 2 keys
The same process is performed 9 times and 56 keys are generated
will be used .
3.1.
So likewise from K1 to K52 keys are generated as shown in figure
P l a i n Text (64- H i t s )
.. ., _
.L i I" “-1
Rou nd 1
1 K‘
Round 2
L “12
l 1 1 A. ,,
1 8
‘43
Round
3 “49
K49
‘
Output Transformation
K12
: '
—
,. 4,- .. i
c, [16 Bits] e; (16 Hits) 63 (16 Bits] c , ( 1 6 Hits)
‘7
I Cipher Text ( 6 4 B i t s )
Page 2! of13-4“
Scanned by CamScanner
._
5 IsmeGUMWQ “W“ 7 1% a
WW
1. Multiply P: and K2.
2. Add P; and second K2.
3. Add P3 and third K3. -
4 Multiply P4 and K4.
5. Step 1 63 step 3.
6 Step 2 63 step 4.
7. Multiply step 5 with K5.
8 Add result of step 6 and step 7.
9 Multiply result of step 8 with Ko.
10. Add result of step7 and step 9.
11. XOR result of steps ‘1and step 9.
12. XOR result ol'steps 3 and step 9.
13. XOR result ofsteps 2 and step 10.
14. XOR result of steps 4 and step 10.
m—
l
o 3H2
‘
”—4.53 . Hi
v
«s-——-.--——»E3
G)
X
r'
as J 6
T ‘7 '\ 1r
Page22of34
Scanned by CamScanner
3 lMW WM- 7 Y'afl/icr': J's/amt:
03] lilowflnh
Ansi [5M - Mayi7]
W
i. Blownsh is an encryption algorithm.
2. it can be used as n replacement for the DES or 1mm algorithms.
.3. it ls a symmetric block ciphor. |
4. it was designed in 1993 by Bruce Schnoior as on alternative to existing encryption algorithms.
5. it uses a variable-length ituy. from 32 hits to 448 hits.
6. it useful for both domestic nnd oxpurtnhlo use.
This symmetric cipher splits messages into blocks of 64 bits and encrypts them individually.
8. Blowflsh can he found in soi‘twnro cntogorios ranging from e-commorce platforms for securing
payments to password management tools. where it used to protect passwords.
| P (M um)
L n "
ls'r
i
>4, l
\ “1—“ OIII‘IIIIIIIIti-S’2‘ I I O I I I P I W E"! ! ‘ £ ! 3—] ES‘IIIIIInIIIIOIIIOII I‘l’IIIIII . a“° tui'u'
,, x;
“sti— “$3717.? F—jv—m- . _.. >
" 5 ---->IZ'I~‘_3-l:p_if:i----*- '- ’
{al‘tltllil agfifiginu‘nfiéilinvngluon-Itoonun‘r- CI; 1'! ’4
M
MW.
1 1511mm
. rounds
and ml.
. if - ’ wldltoninL'-
(:81: “3‘13 l\17-._—___§
r
., r: ( m hits)
._.....__ ._._.__..__._..___..__:i_
i
_
939923ofm
Scanned by CamScanner
rI
3W _7 ' (JP/Jar} 60%
3 1mm WWW
block size.
h has a 6 4 -b it
Biowfis from 32 bits to 448 bits.
f anywhere
It has a key length o
estel cipher.
it is a 16-round Fi
pendent S-boxes.
It uses large key—de S-boxes.
ct ur e to CA ST -
12 8,which uses fixed
It is similar in st ru
bits.
Each line represents 32 fou r 25 6-e ntr y
5-b oxe s,
ry P-a rra y an d
ke y arrays: the 18—ent
The algorithm keeps two sub
t.
The S-boxes accept 8-bit input andproduce 32 -bi t outpu block
nd, and after the final round, each half of the
data
One entry of the P-array is used every rou
tries.
is XORed with one of the two remainingunused P-en
g K17 and K18 to the
Since Blowfish is a Fiestel network, it can b e inverted simpiy by XORin
ciphertext block, then using the P-entries in reverse order.
Figure 3.3 shows the action of Blowfish.
Refer Q2.
XL 1
l ‘
‘1 ER
P1 -
“(;>'—'—* I : l5. (+ )
\
‘_.
4:“ g
~F -—-—-—. +
i
13M ore ltet atiu ns ‘ .
.VVVVVVVVV
Fifi—o-
+ ._._____. I"
__ ‘_‘ +
”17 ---. 2L
( + >P18‘
l _J
.- . Cipher Text 64 bit
_, ' —\ Figure
fl
3.4:Data Encryption,
, , p ‘ _ -—-—~_____\\
@399 24 \\
ofgz NWW
Scanned by CamScanner
3 IMKQ' m a 5m"? Topper}6'06l
Data Encryption has a function to iterate 16 times of network.
Each round consists of key-dependent permutation and a key and
data-dependent substitution.
All operations are XORs and additions on 32-bit words.
The only additional operations are four indexed array data lookup tables for each
round.
Alznflflmn
Divideit into two 32-bit halves: x‘L, xR
Fori = 1 to 16:
xL == XL XOR Pi
xR = F(XL)XOR xR
Swap x1.and xR.
Wrap XL and xR (Undo the last swap.)
XR = xR XOR P17
XL = XL XOR P18
Recombine XL and xR
11)
Waiting
sens. Shils 3b|ns sens
u
8-13t
!
S-box
i
S~box i S-box
1 2 3. 1 4
3:: bits 32bits 32 bits 321mg
('1
kg ,
l—I']
'3’ Key Expansion is used to convert a key of at most 448 bits into several subkey arrays toraling
4 1 6 8 bytes.
> These keys are generated earlier to any data encryption or decryption.
> The P-Array consists of 18 sub keys of32 bit. Le. P1- P18
3» Four 32-bit S-Boxes consists of 256 entries each i.e. Slo - 31255. 820 — 32255530 - $3255&S4n - S4255
William
1. initialize first the F-array and then the four S-boxes. in order, with a fixed string. This string
VVVV
consists ofthe hexadecimal digits ofpi (less the initial 3): P1 =- 0x2‘i3i6nr38, pg _—. 0x85.:308d3. p3
= 0x13198aZe, P4 = 0x03707344, etc.
2. XOR P1 with the first 32 bits ofthe key, XOR P2 with the second BIZ-bits of the key, and so on for
all bits of the key (possibly up to P14).
Page 25 #34
Scanned by CamScanner
swam WW"%
i! SWW
(1)
3, - With the Blowftsh algorithm“5‘"3 the “We”
Encrypt thea II-zer 0 string describe”, inmp3
and (2). '
the out ut ol'step (3). .
wfish alg orithm with the modified subkeys.
2. 2:33: ftleadIudttlattl'ts (3) uZing the Blo
step (5).
5, Replace P3 and P4 with the output of
With
S-box es in order,
7. Continue the process, replacing all entries of the P array,and then all four
g Blowflsh algorithm.
the output of the continuously changin
required subkeys.
8. in total, 521iterations are required to generate all
2.5.5;
1. DES stands for Data Encryption Standard.
2. it is also known as Data Encryption Algorithm or DEA - 1.
. 3. ‘ It is a symmetric—key block cipher published by the National Institute of Standards and ;
, Technology (NlS'l‘).
4. DES is an implementation ofn Feistel Cipher.
5. it uses 16 round Feistel structure.
6. DES is nothing but an algorithm developed by IBM based on “Lucifer".
7.
‘ The successor of DES are Triple DES, G - DES, DES - X,
8. DES algorithm is a powerful combination of two
basic encryption tech niqu es,
a. Confusion.
' by Diffusion.
_....,
.- -, _.
~ ”. . h i fi _
WORKING:
F
L mun‘r-uan an.) ‘1
I“; ‘ _- E --——
fl . 1'0 "M9011.
l .....
"Al“.-
, Fin al r'l'flflflll‘on
I
4 ' 3-6:
“3”"! Working nf DES.
page
26 #64 5 MM" w w...“
...._._,,, .. W.
Scanned by CamScanner
slew-fem
W4 +. WWW!
1) WW
3 Initial Permutation mea ns rear rang ing the hits of the plain text.
> Initial Permutation is performed over plain text.
> For mP- c 1010101010 -) 1111100000
> It produces two halves of the permuted
blocks i.e. Left Plain Tex
_ . - . _ _ . —. _ ._- . _ - . -
t (LP’I‘) 8: Right Plain Text (MT )
1!) Wm
_—. _- —
> Each Round in DES performs following
Steps as shown in Figure 3.7
L 1 L .41
.IUIOUCIU‘IIIIOUO
I...
L317" I [25771
Expansion 1
Permutation E lion Shlft (s) I ll.“ Shift (9) I
~18 i
.
E
I
__
.‘----l---
XOR ‘ ~ rI \
1r
,l 118
E Permutation]
l
Suhstitution/ 3
Choice (S~Box) '
Perm utati on
L lat-1
I ‘~ .
*1" r-
0,-1 7 L DH _|
“ha
Page 27ofm fl“ *—
Scanned by CamScanner
16‘m Im 0 mum-J _ 73f
P”1%!
5
v) SW0“
In: union Pun-mu tation
»
guy Tram-turn! in I 0 “ (fixpuz’id RP'!‘ 3 2 to w Black.)
(Cflll‘l’n'. M 60 to 4” ”I” "—— _
gamma»? 1
I xon 1o——--r
r fl-[omibnimiiuu j
Le S~Box Substitution is the process which accepts 48 hi t key and expanded right plain text of4a bit
which get XOR and produces 32 bit output as shown in figure 3.8
Vi)
' W
5" i t is similar to initial Permutatio n.
> in this step, the 32 b i t output from eight boxes is permu ted.
V")
WE:
In this Step, th e output of XOR operation‘be
comes new righ t pla in text a n d o l d
right. plain text:
beco mes new left plai n text.
The complete process is called as XO
R and swapping operations.
Original 6 4 b i t P l a i n Tex t
__ 1
F V
L 32 bit LPT Block I
‘
—— I 32 bit RPT Block I
—-— __
f... ______________
_____
_.fl ~ . I
I
a I i 393'
.. -; , .. Tran sfor mat ion
‘7
. . '"3- E
Sx poa xn sSi lol bns tPerm
:
,. . I
I. I. I -B l t u u o nutatio n i
-".:A
.
“a
I.
H ‘ .
.
'
, ,
.
.
.
+ _+
___71
I
i
———————
P-Box
""""""""""
Permutauau
...:
I
:
I
\—
' '.. .t , ‘- “l
32 b " RI‘T “N"
‘J Ne xt R o u n d
._
. I litigureagxo
-. . W"); Hummuaumn " “Wm
':y
.i I .- i,
.
.y‘ .
ilnaliermutatlonls pe
I. ) l
. ‘ -. -I'.
3? rformed after-success
.~ T .~
‘ . .
“l
.ltpioduces e4-bit encrypted block, mp'e
[l (‘0 ‘
Scanned by CamScanner
3 ”WWeCoPM Sm-7 Town-3%
QB] With reference to DES comment on the following:
( i ) Block size and key size.
(ii) N e e d for expansion permutat ion.
(iii) Avalanc he and completeness effects.
(iv) \Veak keys and semi-weak keys.
’ (v) Role of 8-110):
Q9] What is the purpose of S-boxes in DES? Explain the avalanche effect?
[(28 l 10M ~De¢1718rlQ9 l 5M*M8718]
L.
1. DES stands for Data Encryption Standard .
2 It is also known as Data Encrypt ion Algorith m or DEA - 1.
3 It i s a symmetric-key block cipher publishe d by the National Institute of .1
Technology (N lST).
4. DES is an implementation of a Feistél Cipher.
> The DES satisfies both the desired properties of block cipher.
K
r These avalanche and completeness property make cipher very strong
- Avalanche Effect: A small change in plaintext results in the very great change: in the
cipher text.
. W Each bit of cipher text depends on many bits of plain text.
‘0,
Four out of 256 possible keys in DES are called Weak Keys.
v
A weak key is the one that, after pal ity drop operation. consists either of all Os. all 15., or half 0;;
and half 15.
> These keys are shown in Table 3.1.
toys 29affix);
r.
-w..._
F—qw
Scanned by CamScanner
. V ' ‘ ' W" ' - IUIJFW'J'Q'O "
MMWWW‘J “m 7 k ke ys .
~ \M‘“
fl
Ta bl e 3 . 1 : W ea fl“.
”" A ct ua1 Rey0(055 bits)
0000
f“
drop (6 4 bl-tS) i
Keys before pariti es
' 000000
V
.0101 01010101
0101
if 000 000 FFFFFF
OEOE
l F l F 1F1F OEOE
FFF FFF F 0 0 0 0 0 0 0
EOEO EOEO F1F1 F1F1
FFF FFF F FFFFFFF
' FEFE FEFE FEFE FEFE fl
as
. The round keys created from any of these weak keys are the same and have the same Pattern
. the-cipher key. _
. ' ’ Asemi-wp
'5
F
. ‘> . The s be
‘ . D I x e s p d l o h t h e real mixing (co nfu sion
" ES )
i usesBS - " h 0X ' ‘. V '
,1 _
'4
es. each With a 6-bit input and a
- ' 0
4‘ b'1L O u t p u t
If;
aim “R- xx 1
.'-.~.. 0,." §:BOX Jf SEElJQ- &
3 ' _ “ x
I \\ ‘ 32-bitpul
Scanned by CamScanner
3 Ham!W Sonata»-7 f 722mm":d’aficliam
x. The 48-bit data from the second operation is divided into eight 6-bit chunks, and each chunk is
fed into a box.
The result of each box is a 4-bit chunk.
When these are combined the result is a 32~bit text.
For example, in 81, for input 011001. the row is 01 and the column is 1100.
The value in row 1. column 12 is 9. so the output is 1001.
Qlo] Describe triple DES with two DES keys. 18 man in the middle attack possible on
triple DES?
Ans: [5M - Dec16]
1. The DES algorithm uses a key length of 56 bits, with which becomes very easy for an attacker to
break the encryption.
2. To improve the security of DES at higher level Triple DES was proposed.
3. This uses three stages on DES for encryption and Decryption.
4. it has two versions: Triple DES with Two Keys and Triple DES with Three Keys.
K1 K1 K2
K1 K2 [(1
rig—r.
c p_,_L_...-—+|:l—
~ C
Figure 3.10: Triple DES with 2 Keys.
The attacker confirms this key pair by checking it with another pair of P, C.
7749193!0,934
Scanned by CamScanner
73mm65%..
seam-7
W attack o r Mee
t~ iwthevmiddle attack. three
stages
.1
unter Man - in -t he om id dl e
in order to co .
>
w it h tw o h rent keys is used
diffe
ty p ti on ‘ . .. - ' I l a
encryption-- d ec ie attack to 2 “" Willem
,- ' .
DES Stands for Data Encryptton standard lDEA stands for Internation al Data Encryption
Algorithm. Algorithm.
it uses 56-bit key. it uses 128-b it key.
DES is now considered insecure (mainly due to a Considered to be a good and secu re algorithm. .
small key size of 56-bits). i 5
_ DES divides plain text/c ipher text'into 64 bits per IDEA divid es plain text/ ciph er text i n t o 64
_._—fl 3
bits per
blOC]\.
block. *
it has 16 rounds of encryption/dec i
ryption it has 8 rou nds ofen cry ptio n/d ecry ptio
process. n process '
,
t key.
o
i n different su b ke ys
last round uses 4 sub keys.
are used In DES M
“new... .
E55 !3 w ea ke rm 5 2 diifE ient st. [1 ke
than iDEA. M ys ar e us ed in [DEA
“fix a _. ‘
'”~‘ ‘1.5u. “ :
DES. %m*w-—-_._.___~_7_M_H
“up.“
Sli'0nger than
its
.
Round key ge ne ra MM
‘~ Refer QS.
-*4
v.
IMM
-’ . ' CHI-p
-
Scanned by CamScanner
_
‘—
"r
1— " _"0‘
'vr-v-r,- -,——.
V
Q12] What are block ciphers? Explain with examples the CBC and ECB modes ofbloc;
ciphers
BL KC HIE : -
1. Block Cipher is a symmetric key cipher which Operates on a fixed length map of hits. cam
block.
2. It encrypts entire block of message one at a time.
3. i n this the plain text are combined with a pseudorandom cipher bit stream by an XOR operatim
4. Cipher text i s generated by encrypting the plain text bits one at a time.
5. W RSA. Diffie Hellman, DES and AES.
' l ‘ ‘
-.
— a
. .
_
' ,. Mack ciphe r
block ciphe r
' encryption key ' encryption
K27
l max-1
l
11m
' rtcxt
Ciphe
-
ctPhMEA t
Cipheftext
ption
Eiectronic Code book (ECB) mod e encry
Client-den Cphertut 1
Ophertext
I
l
‘ "lh
r “ _. _ I b -a g"s ? ? ?4“
---—-"'1
Noel! oping
' Kt“ . ' "' plots 'cipher
"V "’ iron!“ I; " ‘1“"{""‘“ . “ " 3 " “"‘ u
l u
.
I
I
'
(1111 _
Hm!!!“ Mm:
names:
e decryption
Electronic Cod eboo k (ECB) mod
Scanned by CamScanner
3mm" 7 ‘ Topper?3:65.:
W“! 1
"i Mile: gMode
for Ciphe r Block Chainin
y CBC Mode Stands
it was invented by “3M fECB Mode
:9 -
ies o . ,
rcome the security de-ficienc being
XOR ed with the prev ious Ciphertext block before
> It ‘8 “sad to ove ch block of plaintext is
> in CBC mode, ea
.
encrypted. ed u to r t P; int.k
tha
h cipher text blo ck dep end s on all plaintext blocks process P
> This way, eac "St 0C
d In the
ke eac h mes sag e uni que, an init ialization vector (IV) must be use
3' To ma 2. 3.1
done as follows as shown in figure
-> The encryption and decryption can be
Plaintut Planter:
Maintain
$ é
initialization Vector ( M r————-—-—-.
,_¢n ‘W
fI 0111;111:
t‘ 1111] crummy:
:
w—~ hi .it
than: an-* ”42:35
i h
‘
.2: m--» ms:
i
initialization Vector ( M
W—* :4, _____,_____..é
mm W
Pisintut Plaintext
.
lithe first biock has index 1, the mathematical formula for CBC encryption is
q{vv..’'
‘ m r m““
Ct = Ex (Pi 6-) Ci- 1) and Co: lV
'7 M.
013] ‘ Enc
g rypt the message "Cryptograp
H“
Lana—w
hy is fun
. " with a mu ltiplietttlvo
A 15. Decrypt to get back original cipher with km"
plain-tip
xi
‘7‘—
ns:
.g‘A
'
_
[SM n iicm'tl
-_ _ _ ‘ .
MEL—MP
'cam'fi ClPflfifi;
1. w ,, .
cipher cl ' hm ‘
' ..2J ”Ultipiic
it is similar f l pa
to caesar ‘3
atwe hetype
r °f3l1bstitution p
m...—
NH-
_--
,
1949‘” afot;
M ““WWWWW
Scanned by CamScanner
IJWflcaMra/b/y Semarfar-7 bper': J’oficfiam
3
plication.
3. The only difference is instead of addition, we use multi
as:
4. Multiplicative cipher can represented mathematically
C = (P x K) mod 26
V P : (CxK-l) mod 26
.
5. Multiplicative cipher has only 12 possible keys
EXAMPLE:
Plain Text: Cryptography is fun
Key: 1 5
En mum
C = (P x K) m o d 2 6 Ciph er Text
Plai n Test Num ber
2 2 x 1 5 mod 26 = 4
C
1 7 x 1 5 mod 2 6 : 2 1 V
R 17
24 x 15 mod 26 = 2 2 W
Y 24
1 5 x 1 5 mod 2 6 : 1 7 R
P 15
1 9 x 1 5 mod 2 6 : 2 5 Z
19
___
T
14 x 15 mod 26 = 2 C
? 0 14
6 6x15mod26=12 M
G.
1 7 x 1 5 mod 2 6 : 2 1 V
R , 17
A
0 OX 15 mod 26 : 0
A
-w—rzl-w-v-w—q=l‘.’""“w"'___vr'_~
15 1 5 x 1 5 mod 2 6 : 1 7
_P
___ _ 7- 7x15m0d26=1
H
24 x 15 mod 26 = 2 2 W
Y 24
8x1 5mo d 2 6 : 1 6 Q
"F l 8
18x15 mod 26:10 K
S T?
5x15mod26=23‘ X
F 5
#7?!”— 20 20 x 15 mod 26 = 1.4 0
a"!
13 13 x 15 mod 26 = 13 N
" N
9.9mm ‘
P : (C x K4) mod 26 Plain Tex-t‘_——}
Ciph er T e s t ”7" Num ber
#'
4 4 x 7 mod 26 = 2 C
E ;___.
21x7mod 26: 17 R ’—
v “—Wfi 21
22x7mod 26:24 Y
W 22
17x7 mod 26=1 5 P
R 17
177479.935 0/64
"2
Scanned by CamScanner
3”,n * denim-‘7 Tap/333%“
/ r/r' 25x7mod 26:19‘ - "71”“;‘1
m”
_ “rang;
2 x 7 mo d 2 6 = 1 4
iflnlt'dé'fjf;
’12x7mod 26:6 (i “"7 “ti
' 12
fl/
21 x7 mod 26 = 17' “if“ ‘7‘“c
Mfr/T“... l A ‘ “ ~\\%
Mfg/.61
0 x 7 mod 26 = 0 7 7 7
17 17x7 mod 26 = 1 5 M P’ 1 “it“J
_........_F R * ”fir-“mi
lx7 mo d 26 = 7 w — ‘
__ B 1 7““
22 x 7 mod 26 =5 Z4 W WWW it”
W 22
w w" ” 5 - . . l
16 1 6 x7 mod 2 6 2 B
"f Q
10x7mod 26278 ‘ s m
x 10
Eifimud 2‘63”” F
x 23
+14
x7 mod 26 a 20 u
o 14
7f 13 x7 mod 26:13 N
N 13
modulus 26.
rix use d for encryption
is multiplied by the inv erse of the mat
7. To dec ryp t the mes sag e, eac h block the set i
the cipher key. and it should be chosen randomly item
8. The matrix used for encryption is §
Ke y: hill
F7773—
c D E F'
Scanned by CamScanner
.— -m— .___ v__vv——_‘ .‘ v __ ——-
(
‘— '-
.9.
3 l Jam! W Samariu- - 7 Topper} d‘o/ut'lam
..
We have to encrypt the message ‘short’ (n It 5). The key is ‘hill'which can
be written as the n x n matrix:
fl_
”l”: I: “4171 181]
-v*i--}
.
. v l l ‘ q7 — w w fi -
5mm“?!
:2 :1” [178 1147 1o9
'1‘
The enciphered vector is given as:
"_
"M '
[171 181][178 1147 1091”" (294:3:
3:: $33] “0“(263
vw
"" [105 g 2]
nv’
Wm
DOUBLE DES:
Egufl’}
- T" 5’1"”) _ C = wEK1{P))
Ensin
Oria na!(P)
Plain (PD
Text .- t empKey
orar(1') I
EuJ'yp y Cipher .__ Enclfpt ‘ Final Ciph
(C) er Kev
.
L l J I
K, K2
P96370f134
‘
Scanned by CamScanner
Jinnah-'7 _ i ”PM?we“
W \
5 was proposed.
1 cross at higher lev ple DEtion.
el TuD
To impr ove the securl Y ' cryp
1
'
2, This uses three stages
0“
, - " and e
DES for encrYPt'O
1) W
K‘
K1. K2 “I T T
K1 K2 K3 .
l V K: K2 K3
T47, J. I 1
P
“1—4“? .54L" c v
E . n A .
D' q -._‘.'L‘._.i
a .L {'D‘L.
1' .. c
Figure 3.13: Trip
le DES with 3 K
eys
: I .ye-twnv
i
Scanned by CamScanner
_._WWW——1
w ‘— WW“, ~37 w.
35A:
1. RSA is a public key encryption algorithm.
2. RSA is derived from its inventors Rivest. Shamir and Adieman in 1978.
3. RSA works on the principle that says it is too difficult to find the factors
of large prime numbers.
4. it involv es multip lying two large prime numbe rs.
5. it is used for both public key encryption and digital signature.
6. RSA uses modular exponentlation for encrypting and decrypting the message.
ALGORITHM:
1. Choose two different large random prime numbers say "p" and "q".
2. Calculate n = p x q. Since “n" is the modulus for the public key and the private keys
3. Calculate the totient: a (n) = (p - 1 ) ( q - 1 )
4. Choose an integer "e" such that 1 < e < El (n) and ”e” is comrlmu to id (M) Le. "s" and (4 (it)
share
no factors other than 1.
5. Fmd out decryption key “d" such that e * d = 1 mod (p - l ) (q - l ) .
Encrypt the message “m" using encryption key e, c a me mmi n.
7. Decrypt the message "m" using decryption key ti, m n c"mmi ii.
RSA:
Refe r Q1.
@659
Scanned by CamScanner
fifp‘"&%
4 I’Puéfic Key Cgmmféz 3mm "' 7 , _, w , _____m__
' ' o f RSA.
' secu rtty
> There are two one-way functions involved'1n the
. Encryptio n Function-
1. Encryption Function:
The encryption function is a trapdoor one -way function whose tra
pd oo r 15 the private key.
> ' T h e difficulty o f reversino - ' u t the trapdoor knowled
kno wn) to b e a s diff icu lt as fact
ge is believed (but not
oring.
Q3] - r In an RSA \\
5378t the public key (3, 0f user .
defined as (7, 119)
n)
(1),,
A 18 \-
gamete:
Given;
“ ‘I‘D--- 0;.0-1. _ I ‘ A 4 a N“
Scanned by CamScanner
4 l @662: Kg Cgpfqgmpfij Jana!” --7 Topper}50%
‘ Now0[n) =(P'1)X(Q'1)-
1 = (17 - 1) x (7 _- 1)
3d.
. ‘3, = 16 x 6
‘
" . =96
E [n] = 9 6
_‘_ 1 + 4 (96)
V
‘ 7 .
= 385/7
= 55
d = 55 '
Then As given m = 1 0 _ _
Using formula for encryption key e: 'c = 1me mod n
‘ ; 1 0 7 m o d 119
. V = 73 .
Cipher Text (c) = 73.
Q4] - A-and B wish to use RSA to commu nicate secfirel y. A choose s public key (0, n) as
- ' (7, 247) and B chooses publicpkey (e, n) as (5, 221). Cale ula te thei
r priv ate keys.
What will b e the cipher text sent} by A to B if A wishes to send message m =5
securely to B ? ' I ‘
[10M - May-'16]
EX AMPLE:
ID
wen;
*5
Page 4! 01’34
Scanned by CamScanner
7W%
“WW WW7 #_
591mm
F93 A;
ea 7
n = 247
=12x18
= 216
-’-¢(n)= 216 .
Now Private Key d + k a 0‘)
-_—-. __...__1
' e
= 1 +1: (216)
“.7 ’
Whenk: 1, _
Private Key d = M
“up
' 7
-‘-d==31
'm.‘\Wz
FOR B:
:h1f “fi,fl w q r
e=5
3:221
<
Since n ==p x' q ......
.....where p & q are [W
;"P=13'andq=17
0 pl ‘ i m e numbers Q
5(13'13XCI7-1)
‘=12x16
’
I
=192
"I
"401) z 192
Now .a
b'P-N
\\
Scanned by CamScanner
r' _
_‘,‘
r‘v‘
,
QMW W4 fem—“W
- I + 155192)»
5
Whenit - 1.
141—5922
Private Key d -
. 193/5
a 38.6 (which is not an integer)
WhenI: II 2,
2-3;!!!)
Private Key d I
I 385/5
- 77 (which is an integer)
nd-77
W221]
C =2 P-‘ mod n
05] A and B wish to use RSA to communicate securely. A chooses public key as (7,
1 1 9 ) and B chooses public key as (13, 2 2 1 ) . Calculate their private keys. A wishes
to send message m = 10 t o B . ‘Nliat will be the cipher text? \ " i t h what key will A.
encrypt the message "m" i f A needs to authenticate itself to B
m
Refer Q1.
Digging:
m
A:Public Key (e,n) = (7. 119)
779643a
Scanned by CamScanner
3i M W d’W‘ibré.Z-.--.._h_--..._
ii: Puliiic Kay (0, u) a ( l 3. 221 )
W... 737%?“
H
Sninflnm
MA;
9 II 7 .
n n 119
Since n I p x q .....r......wherc
p 8:q are two prime numbers
.x p- V an dq - 17
NowflCn) -(p-1)x(q-1)
/
-( 7- 1) x( 17 .1 )
-6x16
:- 96
-‘- £501)- 96
7
When k u 1,
= 97/7
== 385/?
= 55 (wh ich is an inte ger )
WWW=M
FEM};
e a: 13
i n I: 221
Since n r..— p x q ...........where
p 6’: q are two prime numbe
rs
.'.p=13andq 2—1—7
‘h—
*-
h PyaMoflg—K
Scanned by CamScanner
7‘9
4 ”“55” “WWW smelter ~7 _.--_
,_ ”Wim
Now¢(n) =(p-1)x(q-1)
=(13-1)x(17-1)
= 1 2 x 16
=192
-'-fl(n)= 192
= 1 + k (192)
13
When k = 1,
= 193/13
= 14.84 (whic h is not an integ er)
When 1:: 9,
14%1322
Private Key (1 =
==1729/13
'= 1 3 3 (which i s a n integer)
‘.-.d=133' ' “-
‘ Thus. private key of A is (d. m = (133. 221 .1
P = Plaintex t = 10
C = Ciphert ext é ?
C = Pe m o d n
17143945af-t54
Scanned by CamScanner
i4 5W”
IMMWIy/Waféy _ ”PP-I'm
\ 4
Q6) In RSA system the public key of a given user 4:- : 7 & nu 187 N
34223:.
. c1
Refer QI. '
EXAMPLE:
(1) Private key of this user?
Public Key (e, n) = (7. 187) (3
Now 95 (n) = (p - 1) x (q ~ 1) a;
=(17-1)x(11:-1) ._ - _ _‘ i1
z‘ .'_fl
=16x10 . ~ ,_ . ' >
-.¢(n)=160 ’ I ' i ‘ i
: . ' -- . n
I , N e w Private Key d_ = 21—62% 7 - ‘ _‘ - ;.
When k : 1, - _. . - Q
Private Key d. =_ Lip—170.1,): - ; , A
=- 1 6 1 / 7 9,1
‘ = 23 (which is an integer) 1-
d = 23 2.
‘ ' , 3.
Wye g) = (23 152) 4—
(2)
t h e If the interceP ted ('1‘:
Pl‘? _, . 1 1 .a n d s e n t to a u s e » whose public key (3:7 & 11:187.
What is S.
Cipher Text = 11 6:
. , 7-.
9 1 1 0 ] ] : Key ( e , n ) = ( 7 ‘ 1 8 7 )
we“
3%}945 ofm “r ..
Scanned by CamScanner
t '“‘W_.
w...“ 5 _ Jamel».-7 ., 7.0””? yam“!
WWWW.
0 BMW
89‘
Q7] Explain how a key is shared between two parties using Dime-Hellman by
exchange algorithm. What is the drawback of this algorithm?
:91
[10M - Dcc15]
Ans'
DiFFn-HELLMAN‘ALGOEEITHM;
& Martin Hellman in 1976.
1 Dime-Hellman algorithm was developed by Whitfield Diffie
ofsy mme tric key encr yptio n.
2. i t is used to solve the key distr ibuti on prob lem
ptosystem.
3-
Diflie Hellman is a public key cry
4. It does not encrypt the message.
hanging keys.
It is a special method of exc
encrypting a message.
This algorithm ge nerates a secret key to be used for
message using
th the send er and race:ver can encrypt and decrypt the
Doc6 a key is decided, bo
same key.
M Phi—1:7rifts;—
Scanned by CamScanner
W” pfm‘}
\ do“
W
W
d B ar e tw o users.
ConsiderA an
mb er s n 8: g .
0' ‘ H H
‘I
tw o l a rge pr im e nu
A and B w il l ta ke
er say x .
u M
om numb
-
y
mod n.
y» A will then compute m = gx y‘ .
ll ch oo se an y indep en de nt lar ge random number say
> Similarly B wi
79 ll. the compute s = gymodn.
d “5” to A.
,‘> A will send “m" to B and B wil l sen
> Key for A: K1 = 5"mo d n .
> , Key for 3':K2 = mYm od n
’r Both the key K1 and K2 are equal i.e. K = K1= K2
‘l‘
EXAM PLE:
, ,. w gnflM
B choose y = 6
‘t’
A choose x = 3
M=g xmo d n. s=g ym0 d n.
= 76 mod n _
= 73mod n.
' '= 343 mod 11 = 1 1 7 6 4 9 mod 11
- M '= 2 ' ' s =4 '
‘f
.2 A s e n d s M = 2 toB. ~><\./,,—B send 5 z:4 toA
g‘K2=mymodn
"K1_='sxmodn '4'” ..
=43mod11- * zzémod 11
=64mod11 =64mod11
‘1
K2 = g
K1, 3 9
‘f
I..K= K1=I<2 = 9
DRAWBACKS: ,
-
' ' exchange IS
_ , key
Dil‘fie-l-lL.11man .
kr vulnerable to, a man m the middle attack.
Dime-Hellman Algorithm cannot be used to encr
3: it can only be-used to establish“
I
ypt message
a secret key. I
Expenswe exponential operations are inv
olved
This algorithm is also a lack ofa uth
ent ica tio n
——.-—v
E.
‘v ph"o n Du' ffie... l-l ctl l m a
‘ n Ke y ex ch an ge a
JR
Scanned by CamScanner
‘3
a
;. ' — a . ~ ' . . ' — — 4 r p q — - fi ’
4 I 914662 'Kgy Cgpbjrfly— J'marfer - 7
Tapper?J'a/ulfam
PROBLEM or MIM ATTACK m DlFFlE-HELLMAN KEY
.
EXCHANGE“ gleam
.
. ,
49.1..
e
to Bob.
> When Bob transmits his public value, Carol substitute
s i t with her own and sends it to Alice.
> Carol and Alice thus agree on one shared key and Carol
_
and Bob agree on another shared key.
"
> After this exchange, Carol simply decrypts any messages sent
out by Alice or Bob,and then reads
and possibly modifies them before re-encrypting with the appropriate key and transmitting them
aw.‘.‘
._
to the other party.
5 TI. :L‘cIEL...“
> This vulnerability is present because Diffie-H ellman key exchange does not authenticate the
participa nts.
r—v
-_
> Possible solutions include the use of digital signatures and other protocol variants.
"'1' 7-».'
> Figure 4.1 shows the MIM attack in Diffie Hellman Algorithm.
3-4
Alice Carol Bob
_ A
_ 3—“.— ..
3‘
Nfifime‘fiu‘g
gb
Compute (8‘)“
.. . n - ‘ l i r n ’ A I - x . i
gr Compute [tM
‘ Compute (8')”
C o m p u t e (3")3
O-fn.
Secret Key = g" Secret Key = gin:
<fi
JIAAII
.
' Figure 4.1: Man in Middle Attack in Diffie Hellman Algorithm.
mum-n1.“
.
Q0] A and B decide to use Diffie Hellman Algorithm to share a key.
’ Thcv choose P = 23 and G = 5 as the public param eters. Their secret keys are. t.
Public parameter [P = 23 8L G = 5)
Secret Keys 6 8e 1.. Le. X = 6 8:)! = 15
K
Mulate: Secret Key shared between A 8: B Le.
¥
r 1753? 4901’64
Scanned by CamScanner
Jamar!”~7
4WW
_ my _; . “T 1 B
5mm".
- ho os ey zls
Bc
i oo se it = 6
I.A ch
S - grmod p,
M = g'mod p. .
= 5 ” mo d 2 3
=5 6m od 23
= 30517578125 mo d 23
= 15625 mod 23
S2 19
M =8
.'.K= K 1 : K2 = 2
Therefore, A 8: B Share Secret Key as 2
Q10] What are the various ways in which public key distribution: is implement e.
Explain the workin g of public key certific ates clearly detailin g the role 4
certifica te authorit y.
Ans:
[10M - Mayt :
PUBLIC K E ? DISTRIBUTION:
> In public key cryptography, only public key needs to be distr
ibuted, whereas private ke i.- he
secret. _ y a I
h;
l Hutu" M“...
1}?!"
W< ,
—“ k "V“Ii-u-qfi
“3““? 4' 2 ’ Ammo n ce m en t of p
u b li c k ey
afez;
“19050 M‘-
U W's-9%
" ":v:;a:mr.1-vl"'
.
M
Scanned by CamScanner
~g—-.
A ’
“ W W W _ y _ m* m“’ 1 I
-. .fi_,_’/?’[£”IIJ0MM
UNWMGM
—"“‘-—— —~——__
~-.—--
(!
Hm « nnnnnan nnhln m mn lm nnuml Ln. nnnrln'llw-nnmlla mm» m mummy-
. . ~ t
N)
nuunen Amman» Imunlnryl
¥ Mwnm‘hm-nmvnnmmn ’ n-‘ In ummmm ‘ ‘ mm
- HV_nvalln
. a nnlnl’ HMW'nnMIékm,m»mg
n mu.-
“M.I M I a n n m m
\I ' '
l l l r w m n i i l n l n vntunnw
w ‘
Innlml . a”Ma'nn!
mum-nan:H 1
I Ulnmnln - aMU
lnnnn' dImW
nnwmw.
.4.
I ‘l‘hn llllM‘HII'y mn nlhn lm nnvnnml Mumnnlmlly by Man new”,
- ‘ I . . _- . _ _ ‘ . _
5 b‘lunrn M nlmwn nmlnlnnmn‘u ur‘ m u m lmv IHIMHH y‘
nn/ \mn
1‘ 4
/ \ _
Mm: I
anln ‘]
.____,v______a .-
Immagm
dummy,
lfluln'n mm Maintenance utnnlmv hey
nxznwnucln user/11m,
my private key M alum-{my annmrnyannimpersonateMa
An lfiI‘fidl‘y/lllll’lltI N nmy aIlsnn
l m Intruder.
lllti mam-mun are [HmInm
I u .—-_. -_ v.r‘v
- - .
Scanned by CamScanner
7'0 New.
fim‘hflflfim
V V ' W. ~-
7. firm—Ma x
lic key.
be Alter decryption. Rutuia gets Tanvi's pub
5 »
T h e prOCGd ore is tit-set ibed in figure 4. .
a t ' 4
g mum. H
\\
/_ .1 WA“
am"
trotted tit-titty
z.urn..|ru.|| minim" a l l -
Certificat ‘
Authority (EA) . \ .
PUp /
I fi\\
/ Ln:1-: (paw . [mII iipun “' \
\rnT
1/ _ Cre
E (PRC... no, u no,“ \
" ca
l Rttmla
\ 2
\l
WNW
Tauvl
Scanned by CamScanner
M W ! " ‘1‘
4 ' “W!"W m"?!
‘77
' .. .- W _Ir’£4¢@!’91~!_
Where,
P0. a While key of mama.
M112 Public lwy nf 'l'nnvl.
Cu5 Certificate Mum! Mr Nulum.
“aw—arm».
Cr :- Certificate Issued fur ‘l'mwi.
3:"
<W
»
0%.
_W_
, .
‘W
“A. ~ 'w4*-«*Ww:
r _v
n
‘44....
m...»- Aug-aw-“-
.-W M 1“,
Véo”0/04
Scanned by CamScanner
W._ I ' 'l'l‘" -' “WW.
[-
it encrypts documents with digital codes that are particularly difficult to duplicate. ;
: A digital signature takes the concept of traditional paper-based signing and turns it into an"
electronic"fingerprint."
4-. This “fingerprint." or coded message is unique to both the documen t and the signer and binds
them together
S. It 1s used to valida te the authe nticity and integrity o f a message,
softwa re or digital document,
6. Digital signature technique IS based on public key cryptograp
hy with a differ ence. L
i“. in public key cryptography a pair of keys are used
one public key and o n e priv ate key.
8. The public key is often used for message
encryption, and the priv ate key is ofte
n used for
decrypting the. message.
9. However in case of digital signature, me
ssage is encrypted with the private key
and decrypted"
with the pubiic key.
1o. Only a specific person with the cor
responding private key can encryp
t the message or in other
words sign the message.
11.
i
However any party who has the
1 h"
signatmy
“‘4
.'. .
Create
C Digital Sig na tur e
Bobs Pr im te Re.v
Send Over In
'* ternet
A
x
.
‘r _—_
.
_._
L
.
uP—u“r
8011
" r
's‘
g:
“51‘ .
?f'ik'v’h'fi"
F
igure 5.1.. D
igital Signa
ture Proc
353.
“5640/84 -—-—
<. ‘7 1 ' . 10 . . . - -» ..
‘ ‘ Atom.” "7;: . 1.1" Jig-Lu . .‘ - m. 1 ,
t 1 . _. r- __ 1
1.4 A. A"
‘ ‘ '
Scanned by CamScanner
Mmpfila Wash Window Jmubr- 7 f 70pm W
BSA:
"'—‘"'
W
3» Choose a prime number q, which is called the prime divisor.
> Choose another primer number p, such that p -1 mod q a 0. Where p is called the prime - ’ =
> Choose an integer 3, such that
1<g<m
gt! m o d p = 1,
g : 1 1 lip-Illa) m o d p,
,Mwn-e-tmv"‘l-'
> Choose a secret key x by some random method, where O < x < q.
> Compute public key y = g" m o d p.
.
> Package the public key a s {p, q, g, y}.
> Package the private key as {Y}.
SienamLLGeneratiem
Peesiofm
Scanned by CamScanner
' Simatumflflmm
- flush
,
3 .
A‘Inni‘.“‘."
108.100
I lfithj
f l
Iluuh’ WIN“
7
&/ mk- ° “ " "
If I”
user-y”! uni". Ilfiuor'u _ ,.,.""“"“*'|n.
_ ‘3'" Q; P u b l i c key "“M
swun'g‘; em 03 I00 ‘ a 101 too
110i0‘l 11010: i. "m"
fines-yuc ca Sin-noun a Hash Val“:
-
To verify a message signature. the "New” o r the message and the dig ital sign atu re {Ollou
can
these steps: -
\i
Q2] Wh y are Digital Sig nat ure s & Dlgllal certificates req ulr ed?
significance of Du al Sig nat ure ? Wh at is the
‘
Ans:
_ ‘ _ _ . ; . . , , ‘ [ 1 0 M - M a y i 7i l »
_
otgrmt Sienamgg ' - . ' - ' i' ‘
Ref er Digital Sig nat ure par t fro
m Q1.
Wh y Digital Sig nat ure s are
required: ,
f
To pro vid e Au the nti cit y, lnt
eg r it y a n d N on - re pu
"'5
n to el ec tr on 1c di at io
. .'
To u s e the I n t e r n e t a documents.
s the saf e a n d s e c
ure medium
fo r e - C o m m e
rc e and e-
Governance
D iG nL CEBTIFICATES: .
Dtgztat C er ti fi ca
te (DC) is a di gi
ta l file
l t r e r t i ‘. i e.s t h
ei d’ e n t l t y ' ‘ c‘.
a n 'm rl x v
iu u al‘' o r i n s
- b a se d i n f o l u -u t i U
‘ n . 'oI ‘ e v e
rmation . l ‘ i a r_o ui te.. r
I .I.‘
i V
.s
seeking acce
s s t o co m pu te
rT
fa)
tru v,
\ 2f..r:\ l C K 9)
inf:a s .2.
1%.: Ctun—2 (Pm). a
Scanned by CamScanner
W M W Jamar!» - 7 Topper}tic/wow
A digital certificate may also be referred to as a publlc key certificate.
mam _ K
D u 1i
{g :3. we»
#j—LJ’ré-‘gggh
“—"ta , OIM I) /’
--l l l } m
o..— r .
E::
-_
fl-”— —
.— - 17.13957((04
-r__-..;..._.
-,~
__n-v
Scanned by CamScanner
" .t ,r'- a d -
Jmufar-7 »\
In...».
,
'g..
-“""'h.w':(~.g°.
I""-
5 WM'W‘W‘W *
>
Where. OiMD = OI Message DigestMessage DJ
,.
KR‘
Wasomer's pmrate
Sim” it!
gConcatenation > = Cust
: H
> PlMD =PlMessageDig?“
\
"W ‘ ...._r
. .
03] SHA-1
' V I5M _ Ma”;
Ans:
SHA-1
.
1. SHA stands for Secure Hash Algorithm
hash functionproposed by NlST.
2. ln cryptography, SHA-1is a cryptographic
-O, SHA-1and SHA -2.
3. There are three SHA algorithm named as SHA
4. _ SHA-1 is
‘most
widely used SHA hash function.
produces a 160 bits output.
5. The input to SHA-1is message of length 264 bits and its
6. I t is similar to NUS with following differe nces:
a. - l t i s m o r e s c r e .
‘b'.' I t is little slower to execute than MDS.
. c, SHA—1makes 5 passes whereas MDS makes four passes.
'7.
SHA-1pads the message in similar way as MDS.
8. Similar to MDS,SHA-1also operates in stages.
ALGORITHM: .
§_tep - 1: AppendPaddingBits .
:.. The message is padded so that its length is congruent to 448 module
512
Message + Padding bits + 64 should be a multiple 0f512 bite
‘-
Original
M essa l
‘ ge , *—‘ Padding
1, fl
OriginalMessage
Padding
Scanned by CamScanner
Tapper:
ail/«1m
400 ‘3 64
..
I WW I Padding -U + ‘- Length
—an
Drill-DI] Lens“;
I M05333. Padding
.mq'u—A
9
— Data to be hushed -—-—-—-v
' .
‘I
gar-*‘4‘
Data to be hushed
av-
.— . _ _ - . _ - -
1 r
3 2 Bit A HEX 01 23 45 67
32 Bit B HEX 89 AB CD EF
3 2 Bit C HEX FE DC BA 98
3 2 Bit D HEX 76 54 32 10
E HEX C3 D2 E1 F0
3 2 Bit
a b c d 6
Scanned by CamScanner
‘1 5%- WWW M5 ”"163 .
‘ a) All 16 sub-block.
j b) Variables a,b,c. d and e.
c) Some constant.
r One Round
;
6'
hum-9mm“ a b 9 d t[k]-)k=1t079
3 {b“¢)V[b d)V[c"clJ I
b66$d
‘i 4 }
bww _
lolalclvlsl
w\ '
I l. l.
fiEF
——-—-—
’ntA‘t‘Z‘*‘-",
”Mt
fi/
-
_ ‘
Q4] role
of a h a s h func tion in
t ‘ 5 ”36
‘ a‘ M
‘“lh‘ th- A
security?
Q.
‘
‘.
Ans: ‘ '
[5M— D6617};
-
‘‘
jjfiSfinCTIOfl:
1. A hash lancuon IS a mathematical function that converts a numerscal - , . he!
‘ ' ”1l va.lle mto anot
compressed numerical value,
The lnput to the hash function is ofarbltrary l e n g t h
buto
Values returned bya hash
function
are called messag utput is always of fixed length.
__ a digest or simply hash value
s.
MN“.—_-_M’dfl V
fibrin LII J... .
Scanned by CamScanner
Two-3W ,
M”?
WWW
ar in almost all information secu rity applications.
Hash functions are extremely useful and appe
7‘
-
P59221155 0F HA SH FUNCTIOSS:
flu;
°‘ '
, 1 - .-.,.l ‘.. . . ‘ -
l) _ - °
ction.
putationally hard to reverse a hash fun
> This prOperty means that it shouldbe coin
difficult process
l..
uced a hash value 7. then it should be a
> In other words.i f a hash functionh prod
z
to find any input value x that hashes to
ng to find the
perty pro tect s aga inst an atta cke r who only has a hash value and is tryi
>1 This pm
‘o
n
input.
newly-1.3“
v w d w r1" w -
wwmww
II)
~ fi -m
W
find a different input with
t and its hash. it should be hard to
> This property means given an inpu
'
{m9
the same hash.
e h(x), then it should be
h for an input 1: produces hash valu
In other words, i f a hash function
'
>
.
e y such that My): h{x).
‘
difficult to find any other input valu
input value and its hash,
ects against an attacker who has an
> This prOperty of hash function prot
inal Input value.
e as legitimate value in place of orig
and wants to substitute different valu
11!) QWesistnnce:
collision free hash function.
> This pre per ty is also referred to as
that result in the
pert y mea ns i t sho uld be hard to find two different inputs of any length
> This pro
same hash.
inpu ts x and y suc h that
h . i t is har d to find any two different
> I n oth er wor ds, for a has h function
1101) = h(y).
es with the same hash.
for an attacker to find two input valu
‘5‘» This pro per ty makes i t very difficult
1V)
W
is small.
“ Compression: Output length
mpute for any x.
”P Efficiency:h(x) easy to co
]= y
be infeasible to find an x such that h(x
‘r Dne-way: Given a value v it should h(x)
ista nce : Giv en )1and l1(x ),1in feasible to find y l: x such that My ) =
P Weak collision res
ie to find any x and y, with x .'= y such that h [1:]: My)
> Strong collision res ista nce : Inteasib
ROLE
W #h 1916396 6! #64
Scanned by CamScanner
\Vol‘
75””;
'1.
~7
H
7M ‘fimcfi'anr 5mm
.n
it "i i 5 l Cn/Jfiic I
l:
_ \
. In W
application 0 f the hash functions.
> Data integrity che ck i s a m o s t common
; ' g
cksums o n dat a files.
7' i t is use d to gen era te the che
ut correctness of the data.
i > It provides assurance to the user abo
BLOCK (SHA - l l: ‘
OPERATION OF SECURE HASH ALGORITHM ON 5 1 2 BIT
-
» Refer Q3.
[10M -— Mayité
Ans: _ ,
‘
NEED FOR.MESSAGE AUTHENTICATION:
a genuine identityand. nott‘.i
a 1. Message authen tication ensures that the message has been sent by
'‘ -.
i an imposter.
Message auth entic ation is used to verify:
ce.
3. Rece ived message i s from alleged sour
b. Message has n o t been alte red.
ence .
c. Ther e i s n o chan ge i n mes sage sequ
mg p j v v w fi e
d. Message is n o t delayed o r a replay.
("iu
Message authentication includes mechanism for non-repudiation by source ‘
AUTHENTlTlGN CODE (M AC ):
.‘5
' misses}:
._"
Scanned by CamScanner
: I W {graphs M6 ‘Funcfiom Jenner --7 ‘ J_ “flipper-’1 «905460»!
Essentially, a MAC is an encrypted checksum generated on the underlying messag
e that is sent
along with a message t o ensure message authentic ation.
6. The process of using MAC for authentication is shown in figure 5.5.
Receive r
H
I Key“ I
c
MAC 7 F—_— l ,.
Puma-A- mud-{-
A—J‘
Algorithm I MAC I
Sender
wm‘m—
WORKING:
Figure 5.5 shows how a sender uses a keyed hash function to authenti cate h i s message
and
how the receiver can verify the authenti city o f the message .
This system makes use of a symmetric key shared by sender and receiver.
Sender use the symmet ric key and a keyed hash function to generate s a MAC.
“V“
> Sender then sends this MAC along with the original message to receive r.
> Receiver receives the message and the MAC a n d separat es the m e s s a g
e from the MAC.
I > Receiver then applies the same keyed hash function to the messag e using
the same symme tric
key to get a fresh MAC.
.
> Receiver then compar es the MAC sent by sender with the newly generated MAC.
> i f they match, then the receiver accepts the m e s s a g e a n d assures himself
that the m e s s a g e has
been s e n t by the i n t e n d e d sender.
> if the comput ed MAC does not match the MAC sent by the sender. the receiver
cannot determ ine
whether i t is the message that h a s b e e n altered o r it i s the origin that h a s b e e n
falsified
i As a bottom-lin e. a receiver safely assumes that the message is not the genuine.
Ans:
‘Payc 63efee
.
‘n
u'. 1 . ‘
J> ' “ h - ( '
n
Scanned by CamScanner
I.
* ' 7W}
J' 7'
WMWVMW, . ,1? “‘fi\:
1I'fiubohb
-v - ._.
- ”‘KIIIIIIIIWwMWI’fiofiage
”v vfiP M‘W
pomrfailura .
- _ ,5 .11 .
1W 333333 33333345 9”” 3!-..fmiurfl-
1- -1...“— o___;,_..M”—IIIIIIIIIIIII CA does no! have m be amine. ‘33
.. 1513333335”!!q ____ ______ , ___....... \; '
W ”5 -- ‘ “”‘IIIIIIIIIEA has better scalabllil)’
V3 hVnIdreds.
I “3313333333333; VII]: CA obtains "5W
393RIDE shares
73
secret Everyone who register with \
{03' its public key.
IIWWIIIIII IIIIIIIIIII IIIIIIIIIIIIII WI
III I IIIIIIIIII I I I It;islesIs expensive.
“fihfiifiifiiv; 3“
33 33 VQIermhIrIngéVIiiiws. II I I
I II
I I I I III
I
.- 1‘ _ ‘ W..._‘
I or WAN‘.
fl.
Preferred I
wq
WW
«aura-av. «— 3 m . . .
II.
Preferred {03'MM.
‘h‘...
; W4.3”41/
1 4 3 41
3 3 4 7.4 5 1.3 1 3.4 .1
~. 3: ” g ' ”Wu-um-
1:1“ 1“ fl 1 1 13121331,.
“ ;f1 4) ’I’yfltflflalyr 1:; “11111V1111"? 1.1 _ 1 , ~; “(I
lr}IP'aaybtv
I I M I I III III III III IIIIIIIIIIIIII" ~ '.4~:' 3 - w - {.31:1?) 4 I a ’ p to III
... 1 H
.tJfi "rwr‘ I1
.
1IIII’I
Scanned by CamScanner
Tw‘im
CHAPTER - 6: AUTHENTICATION APPIJCATME
Qt] Give the format of 31.509 digital certificate and explain the use of a digital
slum-tum in it.
Ans:
[5M -- Beets]
m
1. X5309 is an important standard for a Public Key mm (FIG).
It is used to manage Digital Certificates & Public Key Etayption.
X509 ma the building blocks a FRI system that defines the standard
formats for certificates and
their use.
Figure 6.1 shows the fonnat of 35.509 Digital Certificate (CA - Cerfificate Authority]
F .
mm 1
Safiai Number
. .» I . m Nguihm: for
Signature “mm D *— Exanpue.‘Sal-HIM
Issuer (CA) 11509 Name *——— CA‘s may
WSW
Period «— man-issuer:
I
Stm{act K530 t‘lama 'l <——-— Usa‘s idezfliy
A! orithm EB
Sumac: P‘utfic 1 g 1:; User‘s Panic Key (Boom to
Keyinfo l Puttf’rc KayVaiua J55 E 5 L " H E “5)
Issuer Unique ID
Subiect Unique ID
. Other User We: $0! Example,
L 5mm J ' Slbfllflame. cop
(— CA Digital Signamra j 4——
Signed by CA‘s Private Key
Diuttal Signat'u e i n
a - $ t
Vi
v- " 509 nital Cemficatc can be used to access secured zones: of websvtcs.
It is used for verifica tion 8: validation purpose.
lt ensures confiden tiality of certificate.
It can also be used to verify validity period & Unique ID.
95566501334
...._...
Scanned by CamScanner
i i _7 pper: 30/1601,
El “1 ".I ..
m»
m? How does it help to validate the authenticity of a
.3 $2.22”...W...
»
[ 1 0 M - Dec17]
mum. mmTE:
1. ow Ceflificae (DC) is a dig'tzl tile. _ - . .
a;
1 g“ cam is med bya trusted third party which proves sender's identity to the I'ECEIVer
ad radio’s identity to the sender.
3. ltis issued w a Certificate Authority (CA) to verify the identity of the certificate holder.
4. Ybe (”A issuesan enuypted digital certificate containing the applicant's public key and a variety
.l
' '
a? other idmtlfication' mt'orma'tion.
5. W We is used to am public key with a particular individual or an entity.
6. Signal ca'tificate (naming
-__-\ .7‘
’ 1. Certificate based audientjcation is based on the digital certifi cates
A
o f t h e use r.
L01. u h ) » : ‘.‘.2"1..L.;‘...i.
2. In Public Key infrasmscture (PKI). the
digital certificates are us
ed for secure
.
digital
I
3. The digital oertifitates in PK]can
also be re-used for use r authen
4.
tication as we ll
This is a stronger mechanism as co
mpared to password ba I .
sed au th en tic at io n.
.
ss.
.
130m m:
.,
We #:1w
.
-
. I 31%
..
wads certificate
_\
. .
t
.-A_
i magnum:
-_
Hawk
‘
.
Gian
1V “
SSI,( ‘
.n
.;;1‘:
3) .gm.wr aut
f
cu .. A r . horize:
'.
:l
‘- -
-r
' IN
’W'
'
a
_'.
(Mal We) _
I
3' to
“duke authenticate
h,
(In W: identity
d authentication
p t nus:
'
"I
‘- uI
~: 3-3":
t‘
.........
at"!
*“yW m
“* M M M
‘1: ~
Scanned by CamScanner
. Wmfi
.9
.~
"I‘fi
MW
_
_-..'
6'0"":mi ..
_
_
-
-.. _
3mm Tapper-'1d'ofidfom
. ___
L
.I
-
i"
i.. . .‘ i i" l v n t c keys that correspon
.
.-—
The Cl ien t asks for [h issued that
"W client.
-
. e apa thi s
s ss
thewo
fird
r ‘0
a g‘ven 5053“)“. such
t daiahase the First time the alall
l tW100 d9 t o a c c e s s
.
requires certifico time
ll (lul‘lnfl
te-based cliens the u s e ”
thentication.“lemme to access an SSel‘lfllflfiil server that
ll—
t au
3. After entering this
PassW or d- once. th
.
session. even when e user does not need
to enter it i i’ h
accessing other SSL-en .
can n or t e rest of the
4. The client unlocks the abletl servers.
d 3 th t i riv . ,
an o es
kp ate key
da tab as e.
retrieves the private key for
3
1:r vote 95'
‘0 Slfin
data rantlmnly-gencrated
the user's certificate.
the server. fro m input from both the cli
ent and
- This data and the d i g i t a l
signature are evidenc
Th e di e of the private key's va
gi ta l Signature can
be created only with
lidity.
COl‘i'ESPONdlUS that private key and can
be validated with th
public key against the signed data. which is uniqu e
7. The client sends both the e to the SSL session.
user's certificate and the ran
dtinny-generated data acros
Th e se rv er uses the ce
rtifica
s the network.
te and the signed data to
authenticate the user's ide
Th e se rve r ma y pe rfo ntity.
rm other authentication
tasks. such as checking
presented by the clie that the certificate
nt is stored in the user's entry in an
LDAP directory.
10. The ser ver then evaluates whe
ther the identified user is permit
ted to access the requested
resou rce.
I
11. if the result of the evaluation is positive
, the server allo ws the client to access the requested
resource.
.X-.__592.923112W
Refer Q1.
~—
03] Email Security.
,
Ans: [5M - M n y t é ]
EMAIL SECURITY;
« all.
‘-
i‘er
The Simple Mail Trans Protocol (5
are as follows:
ail secu rity protocols us-etl
Th e three ma'm emc
Scanned by CamScanner
intern“:t
Figure 6.3:EmailSecm'ity.
Mm Enhanced Mail =
Privacy Enhenced Mail isan Internet Standa
rd for Protecting Email.
It was adopted by Internet Architecm:
-e Board (IAB).
_ PEM supports the three mai
n functions of encyption ,n urn-repudiation
In FEM, Message is DES Encrypted. and message may.
Authentication is provided using LID-5-
x?
Prettood Priva GP . ’
Pretty? Good Privacy (PG?)
is “3:1e used Email Gypto
system
_ P6P provides authemn'catio
n through the use of Di
gital Signature.
it provides confidentiality
through the use of Symmetric
it provides compression usi blo ck 313% on.
ng Zip Algorithm.
The most significant aSp
ects of PGP are that
it Supports
which is quite simple to the has; (requim
use and is free along' A
‘ifienssci
.. v I
v. V
6°69
m; 55.cure Mui tip um
os e
and documnufimm
In te rn et Mail Ex
‘3
tensions 1‘SLQIME‘I:
WME System extends the basic em
ail system be- perm
ema il system. itting insets to Send
- bi:
VV
‘75 “a £3» . q ,. i
“33 fies
mata- ‘
q
‘1’
SMME secunty
7
‘5 a enhancement to the MIML‘. In
" _ SWINE is similar to PG? which
ternet Emaii format Stem-g ' '' "
Pravides di oitai signatur
es and entry-pa
ss “fem-3
V
Scanned by CamScanner
04]
an!“
96? [5M - Beats 8: Dec: 6 ]
pGP Stands for Pretty Good Priva
cy
I t is an Open-source, freely availab
l e software pack
ago for e-' mail secu
I t p r o v i d e s Aut
. hentication th roug rity
ofsymmetric bloc k encryption. h th e us e of digital signature and
confidentiality through the use
I t also provides Compressio
n using the ZIP algorithm
PU»
PR.
1
P“"””‘"‘5’ i
- .
Encryption ”Pug-“J y c
PublicK
Decryption
‘ Hash Lfi '
Function CompressionUsing
- 1 ZIP Algorithm Inverse Compression
—>®—>[£l—+
Using
'' ZIP Algorithm
® li, -- s
COIicztenatlon
'
Ans:
_ 7
:
TYPES OF EMAIL Til EATS
J
r Types of Email Threats
. _
I
_—
— J r u m Day J ' Social "
at , my“
__ Exploits _ Engineerin'
S OfiDLI
FPO ['S PE UIJ l Loggers ' Eansmnware
Fhishing
:
u—n-‘vvv‘yw—
n for mal icio us rea son s.
— and credit card details (and money), ofte
-looking send er and a soci ally engineered
> _ A. phis‘ning attack usually consists of an authentic
age.
. I‘mess I
will open infected
‘ Many email recipients believe the message is from a trusted individual and
attachments or click on malicious links.
'
. ll) ‘ M'ofing. : 7 . - ' ' l
‘
i"
> , 'A' spoofing attack 15 a situation in which a person or program successfully m a s d a
. ue'a es 5
:
h . . l .
. . .
"Ng'
' " p 015 mm Qf‘emve mechanisms. authenticatino
. _able to use addresses
. - are ' ..
* and domains that are very similar to legitima t. e one s, dec elvm g VlCtlmS
‘1
,- d' d from a trusted
_ . into believing that fraudulent emails are
.. a nlviual.
> -.Cr1m.nals may spoof ‘ an individual mailbox eflgalW'
" FQtoppe
- .. rssoiutiflw
‘0
sagarnarkaae opperssolutio ns.com.
. . ‘ ~ - F E a n u i side
sa d n c e . ls p a m. '
i s_ a l s o' fre q u e n t
._
.3
I
-
.
'5.
17395706.!{34
“NM“ ’ ...
.i’
Scanned by CamScanner
.5 5 [Wfimfion ”pp/imam
USER
ALGORITHM T0 SECURE EMAILS BEING SENT l-ROM
' A TOUSER 8 (P6P):
Refer Q4.
\
¥~.--——— w
m
Scanned by CamScanner
. ‘p v. flip/1W? .4
'6
lWfimflon App/imam Smart»- 7 r"
WW
ch ”W it-iii :15
y me ssa ge lon ger tha n that mu st be broken up into smaller seamen”,ea
3. An
is
subdivides a message {bet kw MW“ .il'iiy
4- '31:)::::1Ti:ii10tiate this restriction, PGP autom atica lly .
d via e-m aii. .
. segments that are small enough to sen
ding the radix-16”:MWYWW- .
5. The segmentation is done after all the other processing,inclu ine!
e component appear only once,git i338 “Wh
Thus the session key component and signatur
.5
'
.6.
the first segment.
soflrewisinahhieci
7. At thereceivingend.PGPmust strip offail e-rnailheaders andreassembled)?
before performing the steps illustrated in figure 6.5.
-
I
.-
Yes
- 1
Confidentiolly
. S’BIWW" . Yes ., ~— —7
Required? : GWW‘W Signature Required? 3 — ” 'yt‘.i'.ft9"§i‘gtmtun9 i
1 N0 1 No 1
.p.
(A) Generic Transmission Diagram (From A) (B) Generic Reception Diagram ('1'i '
”'3?!
.- -
. #—
. L v ... .. - .
PER;
.. - ‘
‘
.
I I i
...—
it; .
i. KLY RINGS 1N P6P:
—
,. , contains
“ publ ic/pr ivate k
.3 ‘ - t'5’ pairs
‘ ofke s . .
if he Owns.
r:
i:-.'
Public-key r i n g cont ains pub lic keys
)‘As;’
a. it.
{.3
.,
of othe rs he trus ts
.. 1
_..“
’
. V.
Scanned by CamScanner
1‘
d I ”Madman””fimfim
4"”
219”," 7
Top/007’1 J'a/uflom
7<
.22..--
...)o-L‘ “ ’ *7. zfi—n
V.
- --
'i
.... IImm'n-ru.
r
. arc-:7“ ‘7': ta~vrswttzr~
' M
' " " “vu‘ ' JI—
=E a.- 1-.
' '
a -- A m
..nI: , 7’ .‘Y‘l :1— - W
. .
‘V 1 - ’- — j ‘—
IQ"? ' mm -‘III 1...“ ...Im ”..-...‘JI‘Z-v W .4
I‘I III) I I II III l 4"" I
KUI ' ‘ ‘
'I‘l‘llfi‘Lnfl I“
'
'
mmmmmn |
I I
IMMEW" 2:21-23“: ---r::- «......
W I
1-,»;‘w—I—
‘ -- 1"
1“?
-- - r1771
WWW—r.- .
I 1
I *w >. “"
I I
- .. 152mm I
r: it'Z'fi”. .m - u-
I
m . "r I WV
L | .I. I.
I » “I - w .
I w ‘ I ~‘ ‘ I .- I
I I I v I W'—
11»!a
' I II
. ’
I‘IIIII
I .
I VIIIIIII IIII
‘
IIIII III‘)’ I I w n v I ' : I-IIIIIII
.
IIIIIIII hy IIIII use» when the IIserIInIIIIII a new public key.
51mm SlgIIIIIIIrmI IIIIIICIINI III Ilm IIIIy.
MUMWI 'l"I*II.~II vnlIIv III!" HII‘ UWIII’I‘ III‘ IIIIII RIQIIMIH‘fi attached III IIIII Imy
; "IIIIIIIIIIWII" valIIII Is
IIIIIIIIIIIIIII II‘Ilm owner III IIIII IIIIIIwn
KLIILIL‘IIII'IIIIIIII‘JIJI‘III? exInIII III WIIII‘II I‘I‘Il’l will II'IIIII
the RM“
II)
>- l‘t storm: UH) pIIlIlIC/III'IVIIIII IIIIII IIIIII'II IIWIIIIII lIy HIMIIIIIIII.
I Prlvale keys mg IIIII,IIIIII-II.I.III IIIIIIIII II Imy lII-IIIIIII on IIII: user's IIIIIIIIIIIII'IIIIII (SH/I hash code of the
pnssphrasa)
M "IIIITIWTIWI
m..--
UsuI‘ ID";
:- I“; I5.
1 “hi II i
. I.' M E I I I - 3 " “_‘ .
I- . .M-q-m-u
. “3. I “...-yum.
."""""~"""' \mwm— 1...: s
IPA-hm
“no,“ fimWau-u- “A "‘" "I"
, Tum—.....-
wmafi’flr’mw-r-
. -3 .L» t-: In; 1‘13“" ‘zfim‘e-mv‘mfiful’lwwm
.— 4”! "r" (hr...- 'WD
awn-”I11
I
_ ' wfi' wan-1! mm‘mv"w
9* ~"A h "'"4 5"
xme._ nah-M “mm" "'e Him-nun»:
h.‘ M
I
r . ‘—
I .....‘31'fi" ' '
:. _ -_ . - . ' ” I " l":.!’
"Hi-“m Hi fi'ili'u
:1". HIIII‘II “ \ l u I
IIUI IIIIII‘ lb
I- '. ~~ I n‘?¢4m;¥m'1'
"t“ "dfl‘o‘fl' ""‘ ‘" "
l'\\l. I
«I .;-;¢.-..: . 1.:2
"1J— , ‘ — v"
, »mah-2h-|v-fl- u”, a.“ d I“
I
. “...“,ng-I ..- a: M. ”Ma—iw’fl mun-v; ', Gui—IA
<.>II-I nan-x. .iv-
may
~ “...”:fi-Nm‘
a
.‘___> . “figs...” at“ "r' hum-4L .‘ l'
0/04
‘94rp\- -Wfl'ltmfl‘.“
.naidfi“~ 0-" au‘ W ‘~—'--I——--- "WVFWQQ-
way73'
rmvwfl'" W '
"
Scanned by CamScanner
«w P.
ing of Kcrheros.
I 09] Explain the work
' cation
nti 'to d:'str ibut ed system
col that su pp or ts authe
010] Explain Kerheros proto I
‘
Ann :
W
guards the entrance to the Hades,
1 In Greek mythology. Kerberos is a three-headed dog that
entication protocol.
‘2.
Whereas in security. Kerberos is a network auth
ications by usingSea-emf).
3. it is designed to provide strong authentication for Client/Server Appl
(Symmetric Key) Cryptography.
4. Kerberos originated at MIT (Massachusetts institute of Technology) which was designed for
’ smaller scale use.
. 5. Kerberos is used for authentication and to establish a session key that can be used my
' confidentiality and integrity. ‘
:_/ '
4;: s...’
It New “ -
1 3 Sewer
,J .
.
R”“““'
T h User
2: " a ” -— T u g SeeTicitetfol‘Tt‘tS. .~.' i;
a; " ‘ St I"
F t. h. "
-
_ t I ‘. i t Sequest- t i c k e t “:1'1Q2r‘ie‘?‘ “(met tee-Tub». ‘1‘
“hm-F I
. Key DistributionContormnc) "‘
“‘5
1
Scanned by CamScanner
I
:.
E:
i'
F‘.
I.. .
IL_
1L.
WWwfikfiemfimfimfieifimmwfim
fimz
‘mficfi mg
Yhé'fi'G’I 52:? BEW WEyf fi-x- Bin“; smhm fixem mnfim gmmg kq
* Wéfi’
W WWed firm Elfin: w e of; «.513: -1 £111.13}-
Afterthe rm 3 rewfiwesi @523: ant-525mm asks in: In?mm-
W gum mfifiemmngmfiemmmgmmm
Wamé 2.32 m 13:35 emzz fire 5?.5131213':‘53; 13:53 am? fir: Tm",
561‘:
" F9!
151155
£59.27 needs a m m ammflfime misfit W.
kWfiWeWsWfimBMWfimfickfigrmtmgynw
I,
“55) my; mm sham: 19 giganwms m mmmmma mam same
”Wm my (V5; '
1
WitheTGSbsaisfiedaléwiréfiemk a! 1 3 m . fi r m m a m i'nj-KJ-E 3w fight 20
'
Ra
h"?— aseture
(W with See-mm
fltm
mfimfimmflsermwctmwmwwfsflmdmduififim
*2 .‘ -
ambammma'swmdmafimfimfimmm} __ J
flyfifll‘fl
Scanned by CamScanner
WW ' ‘\
slamlrmW/
in) ter into a sessnon.
'
WW -
rd e r to en . forward KAB enc [e w i t h
I B to Server in . o WP d
>- User cannow send KA cu re . U ser can Simply
si red to be se
'r Since th ' exchange is also de
. is
«$1.,
rver.
Server's secret key to Se . .
n access KAB. >
- W-I" ensure that only Server ca w" Sends
It to
> This the “35““ KAB and
timestam p sent by User. encrypts
> Server row adds 1 to the 4 p
that the tim
EStam L
.‘
User. "
thi s pack et an d ve ri fy
ow KAB, User can open
Si nce User and Server kn t place.
sent to Server In the firs
>
er wa s indee d th e on e
incrementedby Serv encrypt
com mu nic ate sec ure ly using the shared secret key KAB to
Now User and Server can
1-
>
messages.
ther server, thanUser Will need another shared key {mm
> If User wants to communicate with ano
the TGS and specify the name in the message.
Q11] S/MIME
_
- Ans: [5M - May17]
: S/MIME:
12 E
s MIMStands
s/ for —
Secure/Multipurpose
- ' lnternet M a i l Extensions.
h'
.1} -
I t is a standard for P ublic key encryption . .
3 and Signing ofMlME data
3} [It was originally developedby RSA Data Security Inc,
security features by p r o V ‘’ d i . .
.4 S/MlM E enables email
n enC r y p' t l o' n , a U t h e nrt i c a t i o m
- 4 1 2I 1 :
- ’ other related services.
. y and g liiessagt
a . integrit
a
“a S. I. t ,,ensures that an email
- ' 15
rr.essage - sent by a legitimaqs' send _,
€53 , . ,_
i”:
er and provides encryption for
é . .-m"°mmg and OUtIUg messages,
' .
'-
”if I r 6; To enable S M ] -
Commumcatmm 3 u
‘ a"‘id receiVEI‘':- must in;
‘f‘
i d / MEbaSEd
k and si natur . the sender -. — be
. .
integra ted With p n h l i r
g _ ‘ ey
. . . 8. es i ssued from a certificate authorj r 57:1
__ _'
I?
gt
If. 'A-
d'g‘tal
S‘gnam re is used t or‘ .v a l i d a t e ’ a' senderL W .(LA). - .
3;”
. ,
A ' seCes. 3 I da. n t i “ : § Wherea s ..
f:
' encry nor) an
p ' d decm’mn - . key y mr“m
.f W 11:"
' '9 {While
Averv €90e way o-‘ e~ m a i l
7.
’-
; § ‘ } ' ? f « “ i % g F‘ i fi f fl ‘ fi lfl‘ i‘ifiJr ti 'si -'3fi9“''"v4?}
'e
encrypt- id . A _
p
‘
"
.‘ . -
Used .' 3
._<- ...‘ 1
1
dfld
canCreat- ‘
,10. T h e use r doe sn’t r; eed to
,
be ‘ ~.
‘5“ Wthe ,
:“
4
,
I___ _ a (Flip!
P,“ tn“!
'?‘:k.13a
11.
: _
ShOWS
S/MIME Enc , n
h. 1C3] k how'edge
(“11‘”t Hun“ (If
Figure 6.7
0n tn
t!-
1M
_ -' ' * ‘Y'P- Proiés‘s; $156 3/M E.-
-
-
-|-
.F
ii.
a “ '.
.
"T V
4'
L‘..
U s }5?‘ :
,,."‘J-
.
«flung;
l—_A.
_‘
i
_
i<; 2 . . ' . “ I f !.' ;f
.
' _ ' - ‘‘v
‘._"
l l _ V , L "L 0-;A
' ‘ ‘
’3'
- '; Wfifiio‘ WW“; “‘
N.
:.'<
-‘_.
Scanned by CamScanner
‘_
5‘59?"
Figure 6.7:
[10M — MayiS]
NONCE iN KEY DISTRIBUTION:
LBJDISTRIBUTION:
and networx
ortant aspect of the subject information
Key Distribution scenario is the imp
security.
t can be deployed in a number of ways.“
key distribution Concep
(\F
The
ernatives.
d B can ha ve va rious key distribution alt
TW O
parties A an
liver to B.
a. A ca n se le ct key and physically de
V
y to A 3:B.
Th ird pa rty ca n select & deliver ke t a new k9.“ & B
’ 'b .- et‘ b New A
_ municated prevanusly can use or \ 10 a 3
_ u~ke'toenCYYP
‘
wit“ a third party c. C can {clay key 6
- C. ‘fA & B have com
tn s
.r n
cure co rn m um ca
O
If
A 3: B ha ve se ‘r is'
u‘ e m'asu
r Sharer. a um'q
d'
u se
85 that n'otll
5!“
The
Key
Disrribution Scenario 3551
d i " figure 6.8.
distribution cen ter (KD C).
trate .
ution Scenario is Illus
‘ A WPical Key Distrib
Scanned by CamScanner
f’
“MM MM WW "
ml
[1) II); II ll "1
EU‘v we
ll
we
II "a” H m (I. II DJ)
Key Distr ibuti on (2) [K- II
Step!
10.1)
(31 we.11:.11
9 14151191121
Authentication r - (5112111,.111112))
Stops
EELS;
1. A issues a request to the KDC for a session key.
0 Non ce is also sen t.
. Nonce includes identities of communica
ting parties and a uni que value.
- 2. ‘ -KDC sen ds a 1es pon se encrypted wit
h A's sec 1et key Ka
‘ -‘ . it includes one-time session key K5
- Original 1equest message, inc
luding the nonce.
e Message also includes
Ks and ID of A enc1 ypte
3. A stc1 es K5 and forwards d with KB intended
information for B1.e. ElKe.
or B
[KSlllDaD
4_ g B se nd s a no nc e to A en h .
cr yp ted wi th K5
5, A re sp on ds by perf
orming so m e functio
n on no nc e lik e 1
6. _ T h e l a s t tw o s t e
ps assure B that
the messag
e it 1 e c e iv e d “ c r e m e n fi n g
w a s n o t (1. r e
p la y
KEY DISTRlBUTION3111111115;
> l t p row' de s on e L1
~' n1e1sess1on ke
y to Valid use r's f 1 - V
.
"1
1}.
Wesson: '. menc" 5’pti011.
' '' '
l
I
_
I
Scanned by CamScanner
l
Win-mill
7|Wfi95c i
W- 7
CHAPTER WM"
- 7. SE W‘wfl'.
011 Wha t i s a firewall? What
are t CURITY
Gt FIREWALLS
Ans: he fi ,
renall desrgn principle?
FIREWALL.
[5M - May16]
1 Firewall is the dEVice _
it can be h d 0"
SEt of devaces located at the
2 netw
a r ware, software or combinatio
netWorks from Outslde n f 011!gate way server.
3 i t protects private n h 0 both
4 E vorks
I t IS a network secun
traff h w system that monitors and con
1c ased on predetermined trols the :
security rule
3. “coming and Outgoing network
The rules are nothingbu
t the firewall securi
This policies specifies wh
ich traffic is authori"
.5}
S
-x
m
5!;
m
9.1
m
x
(D
:3
(D
m
n
a:
5
n
m
H
(D
:5
a
.
10. A firew al. typica lly establishes a barrie. r between a trusted, secur
e internal network and anoth er
outside network, such a s the Internet o r W i d e Area Netwo rk that is assumed not to be secure
or
trusted as shown in figure 7.3..
n.
"D
:J"
Virtual!
WCHARACTERISTICS:
ed. depending on set of rules.
‘3 ewic e contr ol- Specifies what type of services canbe access
tion and flow of particular service.
ll)
Direction
con trol : Specifies the direction of manalisa
wed t o access a semce.
ill]
W Specifies which particular use r is allo
.
IV)
Bmflflflflmrol; Spe cifie s behavior of the servire
flew 22516::PRINCIPLE:
‘ e versa must ll . t Ipas;
' firewall.
. pas..-s through the
’
A"
traffir from inside to outside and vic eot -
1101“) will -‘ -:~. '0‘3
a ow
traffic as defined by the local security
‘ Only a u t h¢o r i z e ‘d H .
' -
7.» .. . A
To
EStablish
a Secure Control Lmk.
:1
. .
> __ . I“?! L; _}-‘L. D ' r ‘ -
' .k ‘3"
. 5 , -'
" ‘ n . r'' :' . | . ‘.a- n
Scanned by CamScanner
Imwymmrfi TOPMW“
WW7s (If firewallsandme ntion[1‘el
Ip lIIlnIII! dlffonm type
0: I WIIIII IIH” firewall»? EI
"WW ”. 'I' How an! firewalls different from IDS?
Q.” WIImm.“ Hwy
m
IIIIII'IIIIII'III‘I‘I'" "ml'owflm [QBIIDM“’- n e c n é l t a l l o N l M‘IIII)
ANN!
MAL-LI
I'Mfil’I) I .
WMIIIMILM;
II
ImIIIIgIJLIlIamIILEImmflI , n own"
r .
It Apaclwl I'IlltII'IIIflfiI’IIWfl"Ififilflfl calladas “running rout er
)- II. III IIIIIIIIIIIIIII and mum q’acIIvu type of flmwall.
III II rillIII'III “It? |II1I3IIIIHIIIIIGII I'm I’IIIIIIwIng Informatlon:
II SIIIII‘L‘I‘ IIIIII IIIIIIIIIIIII'IIIII III address.
I SIIIIII'II IIIIII IIIIIIIIIIIIIIIIII IIIII'I address.
“VJ
I III III'IIIIII'III IIuld.
)- Paclwl I‘IIIIII'IIIII III'IIWIIII uxnmlnan packets up In the W and can only filter pack“
Imam! Im IIIII IIII‘III'IIIIIIIIIII IIIIII III IIVIIIIIIIIIII III the naIwurk layer.
5- A pnulwl HHI‘I' III-calm packets and IIIIIIIIIIII them Ihmuuh a sat uf
I'Ides.If they mmch the nI'Is.
thun III'I‘IIpI III‘ I'IIIIIIII.
[IDJIIIIIIIIIUIIIIlilllIllllllllllIIIIIlIIIIIU'I
IOIIDIIDIIIIIIOID
numnmg IIIICIIIIIII
b [Sfl‘lclvncy
> SImplIcIIy, IIIIII spend
III pn clmt [Il'nccsslng
‘r Low mm. '
5» Low Impact 0” network perfornIIII‘m
i
W28; A - -
I E
I They can be cumpltm
III IiIIIIflIIIIrIe
5' Have IIIIIIIIIII II
IIIIIIIIII II II In lI II II Ie II .
_ mm In the “I‘m!III a
“I'M hm,I‘IIIIIIIIIII
W.- uw*«‘m‘fl_‘ '10
«rwhiuuhnt ""‘..~"Ida~h..w
r](!“avn
D'g“!‘
9‘29.
80 #58:“ N “In. fmfih.“ - I 131‘!
‘1‘ NM
Scanned by CamScanner
7|W93c “Wat/6
TCP
“— m: 172.1 6.5.5 TCP
*— "-- From: 17116.55
To:192.168.104 #—
To:192.168.19.1
Figure 7.3:StatefulInspectionFirewall.
~. - -
, Prev ent m o r e kind s o f Do.)c attac1x than
' - 133cke t filter.
X.
F
Have m o r e rob ust log gin g-
"'l MW .
; L ‘_ 'A proxy means acting on
your behalf Offometh-mg. ack all the way Up to the a P P ‘ i ‘ a ‘ i o n l a y e r '
ets
: 1 An application proxy firewall proc:ts:::tl2:3:l;1:npintermedial‘y between two hosts thatwam m
' ' This firewall contains a proxy 38.8 "‘
" ‘ Communicate
With Bad] Other. dl ct connection between the tWD hosts and it is transparent
’ ’ i A D D I i c a t i o n proxies never allow a re
" . to them, having
‘ I Us”! . “'"h the at" hemlcatlon
' dividua l network
' k ". 'Eachproxy nt authenticates each m
age 9““
cs.tok8" matchlng ""
_
”4 \ seV, e’ralfo nnes uch 3 5 , 1 1serlD andPassword'b'omem
i . ‘ - _ 4 -‘
; V‘ _ ‘ I' ‘.
> .
't, -\.
' . -v'- . '- .-’.-.~,~ : -. n.
cu ‘ 1‘
.
I ’
o 0‘ ‘ - _ J'- ‘ g i" . '. .
, - “j
"a I . -
7'. _ , ;_f-.‘ . u r . .
u u u- c. . .
o
\i
.-.’.< c. ”o; . .. ‘ . __ .
‘ ~ . ' _ . . - ,-r . - L
A " ' '
Scanned by CamScanner
I llwvvgw Itvvrvvww . . __.c.. . , ' _.\ "'1‘
.. ~ .
IPPacket *’
'P paw “
“Side Host ‘
-
. ._
1 m
_ SM
I-TTP
P : Outside Host
ApplicationGateway
#
1? Address: 178.28.10.60
Scanned by CamScanner
7 . ~7 73””? 50W
. Q4] Differ between Firewan and IDS
l
l Ans:
“L...“ . 7'1“.v
nhtfi‘uflflm
. " " f“ ‘3?"
\m‘. 34W 5""?‘ in“.
ocated at the [D9 _,_;. ,Q-a-L, ,.....- - _.
S “i s a sof twa re or har dw are
dev ice installed
network gateway server.
the network or host.
-
Flrewal ' n block
l ca con nectlon.
‘
IDS cannot block connection.
It does not gives early warning o f an intrusion. I t gives early warning oi an intrusion
Firewall is more likely to be attacked then IDS. IDS is less likely to be attacked then Firewall.
It is not aware o f traffic i n the internal network. I t is aware of traffic in the internal network.
TYPES:
Types:
' 1. Packet Filtering Firewall. 1 Network IDS.
2-
Stateful-inspection Firewail. 2 Host IDS.
3. Network Address Translation Firewall. 3 Protocol Based EDS.
4-
L4. Application Based Firewall Anomaly Based ")5-
5. Hybrid Firewalls. 5 Misuse Based IDS.
6 Hybrid 1135.
WM .- 'A,’ -m
W"
.W
.
M_ .
M‘
Diagram: Refer FIE;ure “5
' _ , .. ~ ._ .
_38‘T3m' Refer Figure 7. J L'Mf'W—v
-M‘W
flfliw
u.
-WW"""""”""'T
..-——vvv'-fr"
I
.
Scanned by CamScanner
g Omar M ,
7
V
SW~
,
7 lwgac W:
SySstem for ‘ ia,
an In str u Deytection ID
ction mal
8%
{3.731
EXPIain the sigm'fic an ce of
based and arm
signature based
- network. Compare Sys tem ? C
of an Intrusion De tec tio n
co mp on en ts
Q6] “Th a t are the different
. 1 “39
based I D S
based IDS with anomaly
the working of signature
10M-- ltlzwn élfizm olmm. ..)E
Ans.
[Qsl
12.5;
1. [DS stand for Intrusion Detection System.
2.‘ It is the device which gives early warning of an intrusion.
3. ‘ So that the defensive action can be taken to prevent or minimize damage.
4. IDS detect unusual pattern of activity, which may be malicious or suspicious.
/ g
4*"
1:?
Fires-val]
“m”
‘-
IDS ter
=3 _
PC
Fig ur e 7.5: ID S.
CHARACTERISTICS: ‘
1
1 It must 1un continuously withou
t human sup erv isio n
2 It should not be m a black box.
3, It must resist subversion.
4 It must be fault tolerant.
ms SIGNIFICANCE:
1 , m s 15 used for Monitoring
an d analyzing both us
2.
e SJ
It hel ps m ass ess ing sys tem
and file Int 1'
311d SYS tem
egrity att iviIUe s
3A IDS det ect att ack wh ich may
harm the 5135m m
itprovides cross platform proterti'gn i bI . .. f
.
3 contmuously monit o , , _. I
_ . * rm it.
S.‘ . ltis used to track user policy V l o h t m
a a. g - . « x :15. .H i g
6. ID: per for m Analysns O f a b i " l b l ' m a l
a , r
. . , t‘ty Patternin
so
V COMPONENTS 01" RN IDS: ' rder t9 Secure
a networ k;
Figure 7.6 shows the
components of SIDS
fifi
Scanned by CamScanner
we.*9?fit
Donn». n.4,.
V N
“lure 7.tit Co
mmitm ent oil.
il inane:
e. Packets:lieed
er a contain m
be important fo
r detecting intrusi
uns.
b. Lona: A chro
nolo gical set of record
In WWW s of system activity.
It collects and formats
m) the data to be analyzed
WW by the detection algorithm
it is based on the tietecti .
ou model. detect-t the dif
and int rus ive traffic. ference between "norma
l"
W) Aleruumn it let batted on the dec
ision critetin and the detected intrusi
ve activities, estimates
their severity and alerts the Opci'i‘il't
ii'flllfii
eniilg
responsive activities (usually blocki
ng).
fl WW W
M/
Scanned by CamScanner
Topper} 6'0/ 11
«for - 7 fl "‘70 '
7 i smykW/fi 3m \m
. . i
07] Viruses and their types.
'
cs of vir us es an d wo rm s? HoVw do they pi ()pugrme?
_ fer
What are the dif . t tvp
‘- en ,- .
Q8] [Q7 I 5 M - 00015] 8![QB l 10M - Dccm&
Doom.
Ans:
“ _ ‘ : . ' . ,. . - .
‘
. A computer virus is a type of malicious software program.
andi
it is a program or piece of code that is loaded onto the computer without user 5 knowledge
..
2.
-.-
.,
7. Virus can spread itself by infecting files on a network file system that is accessed by Other _
w"2 la' g
4.;v hm
computers.
N'.
TYPES or menses;
"
Types of Viruses
#
_ l _
.1... mi... 1
Execution Virus
i MemoryResident
Virus Macro ,
\ irus
1“ i
Email Virus Mixturitlh“
”Harm W “3“": I.
Scanned by CamScanner
_. _ .._,
-wwyvur
. r. . _‘
"Wrt : U
I '1'.
h '
I I
I
v
o
IF
part of a resident system program.
.V _ F This type o f virus lodg es in main m e m o r y as
.
y program that executes.
i F._ '1 From that point on. the virus infects ever
w—wv
'
ate frequently performed tasks and embedded
'9 F Macros are the blocks of the code written to autom
.—
I
l"
a Program file. 5
—-_.
f
3i. , ,
.F Mac ro Virus IS platform independent.
%
t Word docu ments.
_- F .‘ Virtually all of the macro viruses infect Micros’of l
8:Melissa.
l. F ‘ Examples of Macro virus are Relax,Babbles
E
This type of virus is transferred through Email.
.' F a
tacts, in hopes that
multiplies by sendingitself to other con
o . .
0F ‘ NOR ___S_:
l itsch.
S em ai l Client to spreai r, or it Will
A n em ai l w or
m s us es a PC
when clickeI d. wiil infect the compute
k w i t h i n th e co mii that.
se nd a l i n
i t will ei th er ill st ar t th e in fe ct
io n.
ened. w millions o f
at ta ch m en t tha t, w he n op YO U" w or m , w hi ch in fe ct ed
se nd a n or m is the "IL O
VE
ex am pl e o f th is typ e o f w
n 2 . ______...—-,
A well-know __
in 20 00 .
compute rs world wide
I Page 57—a
Scanned by CamScanner
same:- _7 Tapper?J'a/uflam
7v—I 63¢q J:Wrestle/5 .1 ‘
- :. , Fa
0 ram _. 7 ‘
11) W
5’ internet worms are completely autonomous P 3 hi n achines - 1
' -
the int ernet for other vulnera e 1 ..
They use an infected mach ine to scan _r
ess again.
h or1n will infect it and begin the proc 1
-
a vulnerable machme is located. t e W
> When
,
. of the fact that file-sharers do not know exactly what they are
- haring worms take advantage
I>" ) l File-s
__
3) ll
downloading. . y u
er with an unassumingname.
2 The worm will copy itself into a shared fold
d folder, they willunwittingly y 1
2 When another user on the network downloads files from the share
y 1
ts the process.
download the worm. which then copies itself and repea
the ability y
5‘ in 2004.21worm called "Phatbot" infected millions of computers in this way. and had
ented 1 ‘
to steal personal information, including credit card details, and send spam on an unpreced
scale. ' )1
IV) ,
WNW
>- . These work in a similar way to email worms. - 2
3* The infected worm will use the contact list of the user's chat-room profile or instant-message ‘
program to send links to infected websites. . '2 E! I
2 ' These are not as effective as email worms as the recipient needs to accept the message and click ‘ if _Cons
.'
' the link. hulk/l
f ..
: ' ~ I.
- 2 They tend to effect only the users of the particular program
. - ~
‘ non_ll‘ldhClOllS
QO]‘ "With the he]p of examples explain
13"0grammino
errors. 2 2 ‘- #-
Ans: ‘‘ '.
[5M - Deal s] ’ '.
NON-sisucmus PROGRAMMINGERRORS:
1. _ Being Human, Programmers 81Other Developers make many I l l i s t a k e s ' i
2. Most of mistakes made are unintentional 8.; non malicious .fl ,. ,
Vul
3. Many such errors will not lend to more serious 1 ,_
“ e r a h i l i r i e s b u t fer : ‘ , 1 13-2., 3;}?
professionals in trouble. - \ will put many sec-ants
»
prl’gl‘al‘nmin t
_ . 4. There are three broad classes ofnon-malirim15
i 7 199755”... ‘
Scanned by CamScanner
._
‘ t:71W9’7‘ W“
....~ Smarter 7 II-
Topper:J’s/noon:
.7
I '
w
1}" For this reason, 1n many programming langu
ages the programmer must declare the buffer's
ww
._...-
'. max1mum size so that the complier can set aside that amount of
space.
—"W
_ M, Example of Buffer Overflow in C Language:
q—m.
"- " Char Sample [5]
h? . The complier sets aside 5 bytes to store this buffer, one byte for each of the 5
elements of
. _- : 7' the array, sample [0] through sample [4].
C1
. ‘ .33: I Now w e execute the statement: Sample [5] = ‘A',
"
I The subscript is out of bounds and results in buffer overflow because it does not fall
' ' between 0 and 4. ' '
m w
1'2“v
1]) Incomplete Mediation:
-"
.h Incomplete Mediation means Incomplete Checking.
m
-311u' !. 'r; u, lm
.q‘ffi'l
X In above example,buffer overflow will occur i f the length of the input is greater than the length
i“
ofbuffer.
‘«'-.
>" To prevent such abuffer overflow,theprogram validates the input by checking thelength ofinput
.
.-’ e
555,71;
. before attempting to write i t to buffer.
.
> Failure to do so is an example of Incomplete Mediation.
I Eghample:
'_.Consider URI
' the followmg
‘A_':«'-Ihttp:-/./www'loppersSolutions.com/index.asp?parm1=(555)8184567andparn12=2014Dec20
ely.
P a r m l 8:. P a r m 2 a r e t h e p a r a m e t e r s for Telephon e n u m b e r a n d a D a t e respectiv
I t is possible for the attacker to change this parameters in the URL as ParmZzllGOFebZO.
‘I
rs:
T i m e --co f- h e c k to T i m e --of—use Erro
rmed b y ‘'bait 8: switch” strategy
The Time--of—check to Time of-use (TOCTTOUJ Errors is perfo
01 seria lizat ion o r sync hron izati on flaw.
I t i s also know n as Race Con ditio n Erro rs
the timelagbetween the time we check and the time
Time of-check to Tin e-of-use errors exploits
weuse.
Nap Co mp uti ng Ex am ple :
lL'bait)
eep er sho ws buv er rea l Ro lex watch
I Shopk
Rolex watch to a forged one.
.- After buuer pays, shopkeeper switches real
C o m p u t i n g Ex am ple :
used.
between time access checked and time access
- Change of a resource- (e -g - Data)
#f 29419::8901934
Scanned by CamScanner
_.ior.
.- —_——.—¢-
g—a.
Ma.—
METHODS:
Memory Q Adora-n t’toiuiiou
Fume Bo $931923!
J: ttta‘ l
“min“ l l
Segmenta tion pm,
i] Egngg; 2"}?
> A fence or fence address is simple st form of memo ry protnc
ttor‘
_> it is designed for single user systems.
> A fence ~ - ar. address
IS a particul _ that users and their
paws.“ ca ‘-"
> Only the OS cten » one side ofthe fence and iiiii'fr“
i . . on
* opu‘att. “not' 6 m md"
‘ refit
V dare
ggj
H“?
- .. ' note to, ' A a”. -- ~
m EammLflnnndsmm the M I em.
> This type of protection can be used in multi u
. - "er@ W- t .r o n mie m a’
to be protected from the other é Where
on» “Wemgrm
I. o .. ‘j I
real"
. u”
‘ - , on to app! l‘
3'”
tn) mains.. . y ‘0 3 Spat-tnCmrmommmn
-
> ' . Problem of Base &[3O u n d s ' f1
Register "19?"
' is th allow an
data. at l l can ' if
“- fi t h e r ”IOdUIfi '0 at (:31,
g
“31 2 armor no .-§.;,-"‘
3‘ 90 fifty, -..._, M . T‘
“h" 4"."
Scanned by CamScanner
z' u . 1
.'
A
7 l 3661019 3: Them/6
I
3% ~7 Tapper} Jammy
.4
> This problem is solved using Tagging.
«1 1 Tagging Specifies the protect ion for each individual address.
) I. i n this me tho d of pro rec tion eve
ry wo1d ofm ach ine me mo ry has
one 01 11101e ext1a bits to ide ntif y
'1? the access rights to that word.
) Only privileged instructio ns can set these access bits.
H
1?) This method divides the memory into logical units such as individual procedures or the data in
, f fir; . one array.
..
. _
‘) Once they are divided, appropriate access control can be enforced on each segment.
.L',‘
_- “it? ‘ Abenefit of segmentationis that any segment canbe placed in any memory location provided the
“W
WW
W?Q
location is large enough to hold it.
a
‘IW'II-fim’
‘hgim
Paging discards the disadvantage of segmentation.
in paging all segments are o f a fixed size called as pages and the memory divided is known as page
frames.
The advantages o f paging over segmentation include no fragmentation & improved efficiency.
‘The disadvantages are that there is, in general, no logical unity to pages, which makes i t more
difficult to determine the‘pmper access control to apply to a given page.
f @395 yr 0/254
Scanned by CamScanner
J‘mW'7 M \
9'
‘7
WW” udintlm’ and chow with exam]? 0W each .
.11 Madurai”
n a n d new?”
thetttieniio
QM] Donne ou L.
one can he achieved. “5] ,.
Ana:
J
stem.
ch user 0i the sy ,
1. Authentic wation refers to idIentifying
ea
eu el ly0ba se d on a us er nameand passrd. _
u ho he
vidr‘el,W
nt ic atio n is pr oc es s of identifying on lndi ims to be. but says "tith
ing .. ,
Authe r sh e cla
dua 5
th en tic at io n m erely ensures that the indivi
Au
individual.
about the access rights of the ication would be to determine
al. the authent
s herself as Sneh
4. For Example; if the sender claim
not.
whether the sender is really Snehel or '
era lly aut hen tica tes use rs usi ng following three ways:
f 5. Operating Systems gen
r
and password With
a. W W W User need to enter a registered username
D
Operating system to login into the syste m.
fl:
key
b. W User need to punch card in card slot, o r enter key gener ated by
generator in option provided by operating system to login into the system.
c. umwmammmmumezflmtfiure- User need to 92,55 hiS/her
~
attribute via designated input device used by operating system to login into the system.
6. Figure 7.8 shows basic authentication process.
-"'
2 ] Req uest s user nam e 8: pas swo rd
A—
1
“"m-‘f'
Ciien t
3) Sen ds use rna me 8:. pas swo
rd Ser ver
_ 4) Re tu rn re qu es te
L;
‘-
d re so ur ce
..
_— Figure 7.8: Authentication Process
- ‘ -
H Qucgggp'gte'nogg ' .
1. Non-reputiietion is the
assurance that
2. Non-repudiation does no
t allow the s’ ‘
I)
se nd in g o r receiving
th at me ss' tg :
9i,
so.
0’1
{A
E.
a:
(D
H
D
0
U?
:3
m
D
’5
H
i:
in reference to securit
3
(D
n
a.-
y pudiation m e a n s
'
':-
“ toe nENSUre
S
. g . g .
4 , Non'rePUdiotionisaway - Sciaimin
toguarantp .
”Etc have
t
a a transfer
. red message has been
.
.
atthe
the m es sa ge and th
at 7
the recip -e se
ie
.
nt c a n n o
'..'_¢.:.“
___...
.
__._.
t d any haw
ofBl;
8
.
125399 92 \\
..
r
-
” r . “ -2 , .
re-
Scanned by CamScanner
if"). Non-repudiation can be obtained titrough the use of:
‘ a. Wm Function as a unique identifier for an individua
l, much like a written
_ p H __ signature.
. .9 ' .. b. W T M message transfer agent can create digital receipts
to indicate
"" j that messages were sent and/or received.
e. W Timestamps contain the date and time a document was compo
sed and
' f proves that a document existed at a certain time.
.4 6. Figure 7.9 shows non-repudiation process.
I Signed Message I
1i
. . Recipient
Initiator
Scanned by CamScanner
M—w
ZJW‘W ...{EXTRA 005511014-- II N f
on
' Ans:
Malwnre
e.
a licious softwar tem.
harm the sys
st ands for m
1; Malwane c io u sin te n t to kn o w le d g e
it h m a li e vicc im's
mfl nag w
ings without th
2. It consists of progra d o m a li c io u5 th
at
gbut a soltware th
hown in fig
Malwaneis nothin ure 7.1 0
3.
on te g o ri e s as s
bdivided into many
4, Malware canbe su
Mm bywaguies
1) W
9 e a ' ‘ c.
H l - t
‘ l
i
i . I
‘7
, D D .I afllmlar “f I 00 ' i ‘ 1m .
‘ ‘ V ‘
I h
11}
'?
r '1 " I'
‘1
It is a com 33 Ul - l I I a S “'0'“
‘3’“;
‘ ‘ "
purercan sprea‘d its elf b y infecting
A virus nles on a network file SY stem' th a t i s aécessed by other
'ir'fi-‘u-wv‘
. -
-
‘ W ' v -pvm
‘1’
e l S anathes
A .
’ :
111) am:
. _ .A A
I t spreads itsel' f *.h." ough network to infect other computer
‘
SI
-V‘
- ‘ assistance ao “equ'ared by -
i t does not need' evade aa Virus. .
_V
t‘ :x
.
d e V ‘ w. as connected und
Operating d. 0th f
’ the. » Ssem _, __ ' an
A
same
network. ' er
the . ‘
. se
molas s _
1‘0 _
‘
i t i s the 1r.altar I : es “9
- are thatinv-‘t
_ I.
, . mch “13?c
. ain h armil-ll ‘ ’
Ih‘a
a
m
. or maliciousPafwd L“ .\
eff
51 1
s
‘ .
I
mahfiou
bYPHSsing hing ' .
mm: ~'method of
t is > "5
While the
victim is playing
normal 3 Lillian
access to a system. ,.‘ '
9’
“mute to. it allows unautllfiri’d
Scanned by CamScanner
7
7-? l5
Mk m W7 Tint-3%
VI)
It is a malware which create
s many instances of them in ord
erto emanate sys
- tem
_ mo
. mes.
Unlike worms, it does not spread over
network.
It can exhaust system resources.
V") were;
I t is the type of malware that can be installed on computerandwhidimfieasidummm
users without their knowledge.
y. it monitors user’s computing.
Scanned by CamScanner
.f ' ' ' '' 'I a E" I calling”,
', ‘ ' 3””, a 7 ' V . . _ . _ -.- -. .W;.:.: ~-—:-‘77:~"-'-TF:—r~r--..,MK
M ' '
_ 3 I ”6%
11’5“"
We;
‘1‘ ich a"
k ? W ital ar e the different way» in wh
t is a D en ia l of se rv ic e a t t a c
Ql] Wha sy st em ?
ca n m ou nt a DOS at ta ck o n a
attacker
'4. The basic purpose of a DoS attack is simply to flood a network or change in the configurationssi
routers on the network.
i ' ' 5. These attacks sometimes have a specific target.
Forfiztamnlaz
' I
a. All message sent to specific recipient may be suppressed.
b. An entire network may be disrupted either by disabling the network o r by flooding it with
.; ‘ ‘ messages.
METHODS:
J . p .The different ways in which attackers can mount DoS attacks are-
7-.
11 sv Flo :1 Attack:
1r" _- S‘IN Flood Attack uses TCP protocol suite Wher 3 ’ W a l‘ands
d o n e with SYN and AC}; m e . , ea y . 0f . . -
“5336 as shown In figug-e 3 1 baking network connection”! is
'4.
ACK Destination .
g.
'
M-\—~g_ -
Scanned by CamScanner
aufmm
> To initiate TCP Connection. the Slistem that Wishes to communicate
, Sends a SYN
messa ge
to_the
target system.
. ‘ .
'r l i t h e taro et 8 "Stem is l‘ -
o 3 Eddy to communicate.it sends SYN + ACK message to Source m a c h i n e
then responds . .
The source svstem
- With an ACK message to complete the communication
1“
' . '
SYN ACK attacker denies servnce to the target by
l . “00d attack,
.th sending_ many SYN message and not
rep ymg wi .
> This fills up the buffer space for SYN message on the target machine, which prevents other
systems on the network from communicating with target system.
SYN ‘
SYN + ACK
ACK
SYN + ACK
SYN
SYN + A C K
k: . .. ' ,. ,
.
. III) - Teardrop fiflfi. _
gmentation .eassemb h code.'
_ ing
is conductedby target TCP/lP fra ‘ .
' Tea rdrop Attack the hcst rec eipt
overlap one F a i lrson
anothe N,
f me nta tion packets to
. w 55 hm
.
_........
_ .
1000
>. . Bytes1 - 1300,bytes(“f/.—
‘
"'
—-*----' @ 97 a
FM.’
.
-au ‘0“
m'
.
M '1'“ .u .. '4-
”-9,:4-v-o‘v-w
' , _
M" ‘- ’ '
a,
Scanned by CamScanner
“Quit: w
TOW" 1'
\ 306%
3W" 7
W)
' essage.
° ttaCk-
ed hr03 dcast n m
of“
3» It 'Is a. vari ation a
n target
system wa
.
Spoof ’ oadcast a d d r e s s o n the network addr
Amplifier
J.- 2. Hostreplyto
I victim.
3* Host
h . .B replies to stream of Pa~ke
c t5 generated by host A, by echomg them ‘
r This creates an endless loop betwee back to hos t A
n A and B
. »
_ .. 0 1 M a t “th-orium“.
I a
. .
nx & Access
Control
List
-- ? - .’ I a - . v. ‘ ' '- _.z’e . - ’
- - . - - ‘ - 3.- ..“, l. - . J ‘7- +1 ‘ _ J
- ' A i '. ‘ . X 4 j. v . . “ ‘ - . ». 1. i __ » V ' * ‘ a“! 3 1 . . ‘ , _' . t n - ' a u
u- ' '-‘ -.
r 45.. .x. . . _ l -" > . ' ‘ - : J . ‘ j A’1' , ".‘ ' . ,. r .’ . . * *“1‘2. . -_o "__,_ J ! _J a- - " ‘.. ‘ , w. . .' ‘__.
; .--. . - .. . '
_. ..vI . z.1 .,. A: _ ___
Scanned by CamScanner
E’MWQ Smw~7 7’0””?
6'a
I / 599°5 5 g g n t r g l M a t r i x ;
- . ‘.
1,. Ii
A: 7 Access j 0»f authonzanon
Control Matrix gives a classic view
' ' ' used to restrr- i
5
:1 onzatlon IS ' . '
5: ? AUth Lt the actions of authenticated use”
~ 1
1-
Access control matrix has all relevant information - , :
3 Operatmg
”Stem to made a r 1'
1 P ' 'on about whic h users are a11owed
deast ,, .the
- “ by
new 1; 1.
s. . ~t° do what With the various system resources. .l
? Access Control Matrlx consmts of subjects and objects. f
’1;
), Subjects (users) are the index of rows. 1' ‘a
. l
1;
;. Objects (resources) are the index of columns. 5
ii,
P Figure 8.4 sh ows the example of Access Control Matrix where UNIX-style notation such as §
execute (x). read (r). and write (w) privileges are used. l
Payroll ‘
‘ OS Accounting Accounting Insurance
Program Data Data Data :
Bob rx rx r
rx
'rx
r 1W 111'
Alice
no: r 111' rw
Sam rwx
rx rw rw 111'
Accounting rx
Program
Mat rix.
Figure. 8.41 Example of Access ”Control
I!) W53 .
h a s all relevant information.
> Acc ess con tro l m a t r i x
use rs and 100 0’s of res our ces .
>1 This cou ld b e 10 00 ’s o f
’
0 0 0 , 0 0 0 ’ s o f entries.
‘P T h e n ma trix wit h 1,
nage such a large matrix.
V~
The pro ble m is h o w to ma o
I:‘ J >
:
it the Access Control Matrix
‘> There are tw o ways to spl . trol matrix by column.
Lis t stor es access con
Usin Acc ess Con trol List: Access Control
" ”pk—##J-
.7
“”“'T"P 05 Accounting
Program
Accounting
Data
Insn1 anc e
Data |
Pap 011
Dnta___
.
“
’
"‘_—-_-—
._.-——-_.__—-——-—-"""‘—---""
5‘11 I'X
1'
- 1 ___‘
____ ____ ____ ____
‘
Bob
l.
"1 1"1 :11
fl.
11' _
AliI ce '
J m
L_.____ r11:
WK._____..€__...s__L.__
1w
w- L-
' 1'
. ‘ rw 1 m l
TX r1. —— —-—‘—“
Accounting -———L——-——'—b
Program L’.__———-L._——————
Scanned by CamScanner
We \“(
m ‘ _to
by
01
0] matrix row.
01
e Payro ll
,113 AccDountins in su ra nc Data
Account m Da m
Program
Sam
Accounting
1L Q
9 190
>0
No Read Up I
...'...___ ' ‘ , Howl-fie Down“-
Lonfidentiaz
14.01
“"daSSified .
\v.
Scanned by CamScanner
- 1 5r.o. a r
‘z‘fi-zy
‘5
Flt-
3W~
.’>’
W?! 7 77’
.
' '
.
9|” ”a” 3061503
(Handshake Protocol.
b w f : . m m y m fl r , . q m , ‘ n r ‘ s é, v d
st the functions of the different protocols of
Expla in
fV . SSL. the handshake
:06] 30mm]
i [95 8‘ [Q6
._ p‘ ' ' I 5M '— May16] I 5M - Dec15]
“
.‘1’5:
r
?\
fl.--g...
i 2. it is also known as Transport Layer Security (TLS).
‘__.
4. -' It is a DTOtOCOl develOped by Netscape to protect communication between web browser and server.
.
SSL ensures that all data passed between web server and browser remains private and secure. '
--':.
__...r-
FUNCTIONS OF THE DIFFERENT PROTOCOLS OF SSL:
.a—.-—._.i—-—u—
1. SSL Protoco ls Authenticates the End Points usually the servers.
2. . lt hides the data during transmission. .
-
information file and making
__-.._
3. lt provid es a way to validate or identify the website by creating the
the accessing possible.
sending of the data from one source to
4. it creat esan encrypted connection that provides the
ano ther u s i n g the SSL.
provided to the transaction and the data
S. ' SSL-provides a way to ensure that the security is being
' in use.
on the secure channel of
‘ '6. _ T h e l o c k i s used to display the browser s connecti on is closed or opened
‘ SSL or T LS.
HANDSHRKE EM
used in client and server to communicate using
1. Handshake Protocol is the first sub layer protocol
n.
a n SSL-Enabled Co nne ctio
s with each other with a hello before they
2, This is similar to how Alice & Bob would shake hand
star t c o n v e r s i n g .
een the clien t and
of four phas es whic h pass mess age betw
3, T h e Han dsha ke Prot ocol is mad e up
serv er.
ake protocol operation.
4-
Figure 8.6 shows the handsh
__ f
’P‘9efalpffilr
Scanned by CamScanner
8 ”1’w1
PM”!
’0’-
no
.noa—a ......
nnnn
m2-
mandala/Jello
Serverfiayfleilo
Sendfiarfiflcate
Sendjerverfieyfixdmge
Certi ficate fiequ est
Sewe rfiell ofion e
Send _Cer tifica te
10 send_Client.Ke'/,Exchange
CertificateJ’e-rify
11 10. Sendfihangefiipherfipec
”“3534 — 19 11. Finished
.. 12. Send_Change,Cipher,$pec
13 ' 13. Finished
> This initiat es logical connections and establi shes capabi lities assoc
iated with that connertion.
i»
This consiSES oftwo messages that are the client hello and serve
r hello .
Fr : nt send
The che 1- '
s the cnen t hello mes sage to serv er and rece
ives a serv er hell o message from the
server a s a reply.
‘
3"
‘ The clie
)p Whilp5v nt initia‘t e s t his
' phase " ' sole
' and is the I l sender
' ‘ M'a n . _
> erver'is the sole recipient or all messages- "19.339393.
Thisphase contains the following
three steps; ‘
Ra“— 7\
17696“):a M. _ . ,» ....._—....-
Scanned by CamScanner
. 5mm?“ 7
_
We
* ,
e
K ‘ 'fi Eligi- ThIS_lS an optio
nal and used only if th
x
Vb/J/Jer} J'ofitfiam
.
.
clients
’ digita
' ' l
,.
-
I WW: the client sends a symme
1- V v-rvr
tric key to the server.
I
. V . =T h i.s .
,
4 1”
.
a fi g | . “ - f.,‘ f _
. M
Inf-.159
Is needed onlyif the server demands client aut
hentication.
-
may
Einlilli
I
,
.
‘_‘_~:
l
‘1
The client initiates this phase of the Handshake which the server ends
.
.
.
.
g
The client sends change cipher specs and finishe d message to the
server.
,
V r v .vga:l:}v?f ~ , f e v”-— -
.
..:’_l,
fins—3“.“-',
.d
; 0n receivmg them the server sends change cipher specs and finishes
messages.
'
._4..
.
Q7] protocols in SSL? How do the client and server establish
1 l - a r l '<a" '.- .
—.
an SSL connection
-."
‘<
Vw
. .u»- m ‘ n - y j - u .
l
Anna“
t
.4J .u.—
"
SSL:
.
"
”rm
r ‘ , 1 '“ “ 1. “ q
1. SSL stands for Secure Socket Layer (SSL).
w»
war
2. SSL ensures that all data passed between web server and browser remains private and secure.
L.
W
.
SSL PROTOCOLS: . _
l) SSL Handshake Protocol:
.55...“
:.
> A SSL Handshake Protocol is the most complex part of SSL.-
Te It is invoked before any application data is transmitted.
-4.
> . It creates SSL sessions between the client and the server.
” I : T V"AF T— ‘ f $ : : !
11) ChangeCipherSpec Protocol:
WW.
Wr‘wlmm-
> it comprises of a single message exchanged between tWo communicating entities, the client and
”ft-W
the server . '
“r As each entity sends the ChangeCi pherSpec message, it changes its side of the connection into the
secure state as agreed upon. ’
f.— The cipher parameters pending state is cepied into the current state.
is
7'
Exchange of this Message indicates all future data exchanges are encrypted and integrity
protected. '
I")
W
> This protocol is used to report errors —- such as unexpected message, bad record MAC, security
parameters negotiation failed, etc.
‘Paye{03of!“
Scanned by CamScanner
flap/m-5'30/1430”:
ecu- ' . .I t J, g7
8 I W“. "9 1.. such 0m" P can n e c t i m 1
as n otify Cmm TC '" Ceiptof
> it is also used for other purposes
bad or unknown ‘
cernficate. 9 it.
H ' I7 ' Vl
. NECTION P 11
HOW CLIENT AND S ERVER ESTABLISH AN 55" C0D;
, . __
n .
Refer os (SSL Handshake Protoco'ifl/
\1
1 ,1\
Q3] lPSec Protocols for security
‘
tions and advantages of IPSec
Q9] Exp l ain IPS cc protocol In detail. Also write 313131“:a
_ . [Q8 l 5 M - _.May16] & [Q9 I 10M ~ Mam]
Ans: ‘ v . ' '
IPSEC PROTOCOL:
"at.
2.
-' Internet Protocol Communication.
It is a protocol suite for securmg
\J
3 It uses cryptographic security‘ services to protect commu nicatio
' ' ns over ‘ Intern et P]-O t o c o ]
net wor ks. (1P)
lPSec IS implemented at the IP Layer so it affects all upper
layers (i.e. TCP & UDP)
l t provides Authentication Confidentialit
y 81 Key Man agem ent.
Using lPSec it is possible to commun
icate secu rely acr oss a LAN acr oss
pu bl ic /p ri va te W
across the internet. AN and
'
lPSec1s use d to p1Ov1'de an
en to—end sec uri ty seI vic
es.
lPSec"1s usu all y installed
in 11etworkingde vi ce su
ch as ro ut er o r fir ew
Figure 8.1 sh ows lPSec Scena110, al l. I
' '
Public/Private
lPSecsystem
‘4
\4
\4
Scanned by CamScanner
rhf"_."-'";‘I .
w i
33i/lgfl-5W'3ig
Jamarfer - 7 777M”?
3/ J’a/ufiam
...
so“. 8YIPSEC:
.
':_.
1W,—
.m-
Romeo
_
“.5
\oa,
.
..a
eceipt 3.3
Access C o n t r o l . . ‘
.
.33 connectionless Inte grit y.
,
Ji . . ' 3
3 confidentiality.
«um-d
.4 7 -
9:? Data Origin Authentication.
1
‘53 ; Rejection of Replayed Packets.
hi ..
'\ 7‘ ,
.r:~
/”——-—_— .
PSec
'7 P To provide system security solutions.
.-
> To have single security p01iC
he] Y-
(«arr
bY Pass
> 30th endpoints must agree to or protect traffic.
-..r .
ADVANTASES:
’
> l P S e c proVides security without a n y modifications to user computers.
«-
:7 'P It can b e tran spar ent to end user s.
base d secur ity.
1 ‘i‘v l P s e c allow s p e r flow o r p e r conn ectio n
icati on a n d tran spor t laye rs [ULP35).
33 “ i t prov ides seam less secu rity to appl
>
APPLICATIONS;
sss privat e a n d public
re. com mun icat ions acro ss a LAN, acro
‘,> IPSe c prov ides the capa bilit y to secu
a n d across the Int ern et.
t-
3WANs,
.3 I E-mail. 3
- File transfer.
—-— _..————'—
H
‘
—-.-ffl
'
Scanned by CamScanner
0m ] mmmflw
“$148111“?
has...“
Ans:
Em
Reta-QR
1
K‘EED 0F §~
1
E
2‘.
l W
1 -. _
> The major purposi- ofan 851. cert! ~ ‘fiam ism WM iWO d— whm m
, ‘ tended aim.
>
. 1!
Infimnation submitted on lntemet forms PM a"
a g kc. the _ the
mating Its final nestisafiom and the more “stops it has It: '33 mm m firm;
third part1: scald obtain mess.
> An 53!. certificate inserts random diameters into the
mm! W Witt
inmprehensible to anyune nnthout the pmper Chin-3950“ he"
Ill) s' i ‘ ‘
3- &1 also arts as a gnam‘ aga
ins t nh ish ing
75>
n hen users ca n I see the ism
signs in ~
mu m?1:33
“ :11» infamianon ms (In a sue the}; W
3TH
x is iiksis m swam susq' 11121::t
W}
W15;
5"
WAn 33! arr-mean: 1111131
the W'QFK‘T. u m Imus
03 a! 3133:3133 N3.
r “ Lemma» "'5'“? dill? .
tile 3‘43}.“Wrilrh‘ait‘
a'pmn and provides a prime mnnsuimis gym!“'1\ ‘ 3 ‘ ’3sMi
5‘3“?
"5”" was: in tam ms ; 1,3? 0
Mann] 3 1:31 a; '1 ' ’
information .
’3 mg? “m sequins WWW
> Without is W
a certificate tha t
3 ‘
Scanned by CamScanner
'
‘I
Thflwy
/ Semester-7
flipper-Homo»:
W
' - Divides the data into bl ‘—
ocks of 214 bytes or less
.’1. WW .
Lossles
T s compression me
thods are used for compressin
M g tragmented data.
o preserve the integrity of
data SSL.uses a keyed-hash
function to create a
MAC.
y.“ MW”: Original data and the MAC are enc
rypted using symmetric key crypto
graphy.
1:
: 011] How is security achieved in the transport and tunnel modes of IPSec? Describe
; the role of AH and ESP.
-L'
'
[10M — De016]
1. lPsec Communication has two modes of functioning: transport and tunnel modes.
2. These modes can be used in combination or used individually depending upon the type of
communication desired.
'LRANSPORT MODE
attacker.
LmsL nous.
@139 {07of134 I
Scanned by CamScanner
TURF”? 6.04450”,
8 I 9PJ’mmy
"sent!!!”“‘7 . d \
”gt-r.
W": . . header, an then adds new
‘ ' ‘ th 1L9 [ P
if"
i 3. It takes the original IP packet W1
i header to encrypted p a y l o a d -
'1‘: E
i 4. i Refer 8.9 figure for tunnel mod e. :
r .1 -' . _ _
1 l
*- : Data
.' ‘ 7"
Before IPSec
.1: IP Header
.
. >
r___. ._ i Es, ,1”. I tiTSP/1m
“- I
’ , Data Trailer An enflcauon
EVIL" 1p Header TCP -
After lPSec New I P Header Header
‘Figure
8.9: Tunnel Mode.
, M. . ‘ i.
'1. AH stands for Authentication Head er.
t . tion of IP packe ts _a
2. The AH protocol provides service of data integrity and. authen ica d. M k
J ‘
i 3. V , . . -
It also protects against replay attacks by usmg Sliding window and discar
' ‘ .l mg O 133‘- as _
i I 4. It is based on use ofMAC.
_
' 5. The packe t forma t of AH is shown in figure 8.10.
c s ' i6 31
‘ Next Heade r Payload Length . . Reser ved
Fi gu re 8.10: Au th
en tic ati on H e a d e
r.
Ne xt H e a d e r 8 b
i t : Iti de nt ifi es th e
ty pe of he ad er im m
ed ia te ly fo llo w in 1“
‘; g ....H
. . h e a d er .
.
Pa lo ad Le n h I B
bi tI: I t i s len gt h of au
th en tic at io n he ad er
i
M06 bi tI : It 13 re se rv ed
- - ' .DxA V. E - “ “ 2
fo r fu tu re us e.
mix-it! Parameter 3.
association
[ 8 bi tI: It IS used as
counter. V .
‘
A ut h nt ic at io n Da
' . . ‘ . ’ _ 1' -5" " - ' i z ‘
ta va ria hI eI :A va
1- ia bl e le ng th ‘fi el d th at
I
32 3‘ .5 n -
- .
"
Con V
3-
- - . ' . l‘ i i: .' i~
ms the ”1:93e
: e
che ck valu e.
imi ii-n"tw
3. It IS us ed to pr
ov id e co
nf id en ti a lity da _
. , replay servic ta origin an
"”3
e and limited fl c o n fi d e u t
ow iality
connecnon
I “ less int eg rit ya n anti
Scanned by CamScanner
'.V . ‘ 1 1 .,
‘h“.-¢‘-..
30mm:-
-7 7‘0””?
sS'a/ufiam
is shown in figure 3.11.
.
packe t format for ESP
The
-.
-—...\.’lr 5 0 8 16 24
p v r'" s _ 31
o
idS new 1
.,.~
..
ecnrity Parameter Index (SP!) :.
L—W
.
m
-_
. _’ Sequence Number
.
i15
.: n g
3 3 Payload (Variable)
1-.
"—3; fl
’3 u 2 Padding
...
_
; _ . . .
,-, l l Pad Length Next Header
Authentication (Variable)
.
..
g '
_p
Figure 8.11: ESP Packet Header.
‘
.. 1-}
-. -
fl
.
>
_._1_...I
I
v-‘
~“ -;z - r . .' ‘. ._.___A___,.--v
‘ ' Security Paramete rvlndex [SP1] ( 3 2 bit]; It identifies a security association.
.' .A_ ‘
Seguence Number [ 3 2 b i t ] : i t is u s e d as counter to provide anti-repla y function.
i
_ r."
‘._'u. . l
' fi « - 3 _ ‘ § : ' ¥ 7 " : f ‘5i n- .fl l ‘-—
- Payload [Varia ble L: lP Packet protect ed by encrypt ion.
A. . ‘a_ "
Paddi ng ( 0 - 2551;3Lteil; It is used for various reasons.
._
1‘....~h,,
that payl oad.
value which conta ins the integrity check value .
' Auth entica tion Data [Vari able] : A va1ia ble length
MODE 0F IPSEC:
___iN' TRANSPORT (it TUNNEL
Ref er Q 1 1 .
;
SECURITY ASSOCIATIONS
ty Association (SA).
cepts in IPSec is called a Securi
1.
One ofthe most important con
defined in RFC 18 25 .
Security Association are Destination Address.
ati on of a giv en Sec uri ty Parameter index (SP1) and
SAs are the combin
Page{09 or134
”fl--—
# ”—#
Scanned by CamScanner
0%
8 l 91°Jet-«rig W
4-
SAs are one way. n nection.
e lP S e c c o
o f two 5A5 are reqllired for a singl
_ 5- A minimum
'6
. 'SAs
contain parameters including:
mode.
orithm and algorithm
’ - . Authentication alg
hm mode
' Encryption algorithm and algorit ion algorithm[s)
ticationlencrypt
'
K6315) used with the authen
I Lif etim e o f the key.
I ‘ Lifetime of the SA
- Source Address(es) of the SA.
classified)
_ - Sensitivity level (Le. Secret or Un
pieces of 1nformat10n
' 1. A security is a very complex set of 30bit):
t case in whi ch Alic e wan ts to hav e an association With
2.
However, we can show the simples
use in a two- way communication.
to Bob) and an inbound association(f0,
3. Alice can have an outbound association (for datagrams
datagrams from Bob).
Bob can have t h e same .
tables for both Alice and Bobas
in this case, the security assoc1ations are reduced to two small
shown in figure 8.12 .
1 Outbound SA
O u t b o u n d SA
To" ”
Protocol
Authenti cation E n c r y p t i o n ] . To Protocol Authent ication Enctyption
. Inbound SA
Inbound SA
h g‘From Protocol Authentication Encryption From Protocol Authentica tion EncryptionL
Bob AH MDS z ' - Alice ESP SHA~l.x 055.1»J‘l
' i i
Bob '
. I ‘Q l
!
ASSOCIaIions
nm e 8.12: Example ofSeculity
b. 1 The figure 8.12 shows that when Alice needs to send a rlatagi 11111 to Bob ghe “3.5.3 the 5331 [1.0111121
' oflPSec.
7. . Authentication is done by using.SHA-l with key X,
‘ 8. The encryption is done by using DES with key Y.
Scanned by CamScanner
sander-7 Toff”?
Gil/(diam
Differentiate between the transport mode and tunnel mode of IP See and explain
W”Mentictttion and confidentiality are achieved using IP Sec.
[10M - Dee15]
$.15"
0" Tuuufihmm
JWLM T “SPORT &
Table 8.1: Differentiate between the Newport mode and tunnel mode of li’ Sec.
.
. im . .
lllli .'
‘r‘.‘1ft..‘j,_-‘
...
i . 5 .,9
t..- -,-,".«
an» 4 .
ma-u
.2
selecte d portions of the 1P header. packet and selected portions of
fir," (All)
1 \ the outer lP header.
D.
host protection of data. of a security association are a
i
~
security gateway .
Lo».
p:
N
Pro tect ion M o d e ‘ it prov ides prot ectio n primarily
é
for uppe r layer prot ocols . 1P Packets.
1-
5 .
.mwgq.
_‘
- Comparatively higher.
Payload Message Service LESS
‘4 Sp eci fic ati on (MSS)
e. lPSec is placed
in this mode. lPSec is placedlin tl.is mod
Place in TCP/IP Model
k l betw een network layer and new
bet wee n ttan spo rt and networ
netwm k layer.
layer.
‘ Transp ort Layer
i Nehso rltlsiy er
'
Transport Lay-or I
its"
j '93"
‘ New .‘s‘chsorlt Layer l
Netwo rk Layer
_
fl.- Su pporled.
No t su pp mt- ed .
a NAT Tr av er sa l ' e \ ‘ PN Sc
Cl'ient- to-Sit
ena n o s .
_Ei—te-to-site VPN Sc en ar 'ios .
VP N
Sc e n a rio s o_ _
‘ ‘ __ if 'Paye17-!a
Scanned by CamScanner
‘ b ' _
“my ,///;;Mmm:
.
Use
.
It is uSBd
SW
for
"' 7
end-'11"end
n
It !
722”»;
\
..
‘ co m m un ic at io n
betwee
bet‘we‘i'n a 8%]
router
‘
CONFlDENTIALITY IN IPSEC:
> ' . Confidentiality mean s encry ption Of data.
> Encryption enc ode s data into a secu re
format so that i t can not be dec iph ered by
unauthorized
. _ users. _ i . '' ‘ "
on
> Like aut hen tica tion alg orit hm s. enc
ryp tion alg ori thm s use a sha red
key to ver ify the aut hen tici tv
‘ of the iPSe c devi ces;
{Th e
> . . Ser vic es R o u t e r use s t h e fol
low ing enc ryp tion alg ori thr i.
ns:
a Data EncryptionStand
ard-cipher block chaini
ng (DES-C
BC).
_- Tr ip le Da ta En cr yp
tio n St an da rd -c ip he
r bl oc k ch ai ni ng (S 1
I AdVa nced En cry pti on Sta nd ard (A DES-LCBC]
E3) I . I -
. _
.
_. '
v
.
Scanned by CamScanner
Jam“f0? .. 7 .Tapffl'} 60%!
[5M -- M33716]
.‘51
.42.»
ii. ‘ Fault: I t is an incorrect step, process, command or data definition in a computer program. 3‘52-
. at '
. r3.
iii. MA failure is the inability of the system to perform its required behavior. .5. ';
- U
‘s ;.
i
17: .
l
g-I‘ r
i}! "
Intentional . Inadvertent "5‘.
‘1»;
ir-
_
lei-m
it ’
l
Malicious Nan-lv‘lnllclous
fl
£2
.41
32V .,
0
..
i. .
-1\
i .
3.
1,
a
Example;
{
Array [1] a 34':
Army [10] = 'B’;
17499 ((3afm
Scanned by CamScanner
: I .W"7
{IWJwfig //
015] Buffer overflow attack-
Ans:
were 0 L0 rt cu:
d.
1. A buffer is a space in which
.
data can be hel
Z. A buffer resides in memory.
fi ite.
3. ,
Because memory is finite. a buffers, capacfl)’
' is n
ffer than it can handle.
' to a bu
Buffer overflow is the result ofstufl‘ingmore data m
4. -
three gallonscap acit'3’ ]ug,
animmplg; ' some Water
5 Ifyou try topour four gallons of water into
is going to spill out.
:6.
It is also called as buffer overrun or smashing the stack.
7. It is the basis of many software vulnerabilities.
8. ' Assume a Web form that asks the user to enter data, such as name.
age and date o f birth.
9. The entered information is then
sent to a server and the server writ
es the data ent ere d to a buffer
that can hold N characters.
If the server software does not verify
that the length of the data is at mo
st N Characters, then a
A buffer overflow might occ
ur.
ISLAMPLE 0F BUFFER OV
ERFLOW IN C LANGUAGE
Int ma in 1)
Char Sample [5
] -
Sample [5} =
‘A’;
r Cnar Sample [5
] The compher
sets asude 5 byt
es to store this bu
ffe
.
> ] -— 'A’
r.
The subscrp
z t is out of bounds and results m bu
ffer 0‘!e f]
.l
and 4. ' V o.
be ca us e
> r 0 it does not fall heme?
' The buffer over "0
flow mightoverw
nte the use» d t‘
code, or it mig '
ht overwritesu l-
nused space '
‘
:w-
(=31:
?
Scanned by CamScanner
3.
“7'W9 smm!” ._7 ' Tapper}
chi/Wow
f . ”if
f W6; k tsniffin
g an dpacket .
spoofing. EXplam session hijacking attack
Packet Sniffing is widely used by hackers and crackers to gather information illegally about
i ’7}. networks they intend to break into. I
.
S The software or device used to do this is called a Packet Sniffer.‘
A Packet Sniffer is a utility that sniffs without modifying the network’s packets in any ways.
7?":
er 3:5
n
:7
‘3: 5, There are two ways in which a Packet Sniffer can b e set:
af- '.
r
' 1 3 ' 3..“y‘”.-r "‘ w . J k fi. -g-a,‘"
‘
.- ,
a . Unfiltered: It captures all packets.
.,
1
;.“n
U - 7__k
b . Filtered: It captures only the packets with specific data items.
(WA
n
y of the solution means that
Packet Sniffing is difficul t to detect, but it can be done. But the difficult
'
v ‘ fl i ' j f k i ' v j . " N 1 2 41 ‘ 1
.
in practic e, it is rarely done.
I‘-
..
Figur e 8.14 shows exam ple of Packe t Sniffing.
.
'
"
fl;
C')
' “.é-' r -
M
‘. 5 '
E
3_. ;;
au ?r n" .
.-
Attack er
.‘
1 ‘y _ ’ _
User ,
.
'_
‘ .
'_ _
.
O
l ' Packe ts
M
é
— Router
—————-
User
' 4‘ w "
Figur e 8.14: Pack et Sniffi ng Exam ple. '
.
s in the newly created 1P packet
as ano the r com put ers IP add res ress.
se which travels to the forged IP add
6 The server respond s back with a SYN-ACK respon
4 — 174590.16 (1,134
Scanned by CamScanner
. ».
We
“New
- ‘ i I
I
W r and ackn .
OWIedges It
.' »
”F
7b er}
7-
The attacker somehow acts this SYN-ACK response send by the serve so
server spoofing'attacks.
1 I.
. ' - serv er éjfi
ActualSonata1!:172.1405
spoutedsum 19:72.15.1411 50m 111572.1516
Death-lion1r: 10.0.0.25 Desfimm.nu- 10.0.0.25
Attacker
C]
. Session ID:SAGZZZIZB
.“n -
: V /‘
‘
User * "E
-' f 311%
Scanned by CamScanner
“99M" Janeen; WW W}
J’ofilfiam
fl, website does not respond in
a normal way to user i pu
t or stop: respondi
hijack ing may be the reason.
ng then session
n
/—
017] [P spoofing. ——
Afls: .
[5M - Doors]
Refer 016 Packet SpoofingPart.
,1
Ans: May17]
[5M -
1 Salami Attack is the series of small attacks which results in large attack.
2 i t works on "Collect 8: Round Off" Trick.
3. i A salami attack is when small attacks add up to one major attack that can go undetected.
4. i t also known as salami slicing or penny shaving.
Exampl e:
Scanned by CamScanner
Toma-i605,5!
3 I apsmfig W! \
.-f,.4
_
SESSION HIJACKING:
r:
Q20] Explain briefly with examples: how th
e followin g attacks occu
i ) Salam i attack
ii) Denial of Service attack
iii) Session hijacking attack
‘0
7
An iv) Cross-site Scripting attack. . [10}! ... 5]
s: Dem
SALAMI ATTACK:
Refe r Q 1 9 Salam i attack part.
9.x
'
DENIAL OF SERVICE Anacg
Refer Q1. I
‘yf'
SESSION HIJACKING: ‘
m
Refer Q19 Sessio n Hijacking part.
;
‘9
Perpe’trator injects the
website with a malicious
Website < \ 6.
script that steals each For each as“ m an
a
visitor's session cookies I website the malicious
_ -
7 script is activated
Perp etrat or
' "'"""
_ _ Perpetrator discovers a We bsi ‘ " ‘
t e tor ~
‘ website having a vulnerabiiity ’_
the: enables script injection" ‘
‘7 .
‘
Fi gu re 8.17: W or ki
ng of X38.
-1. _ Cross-site scripting (XS-S)
’ is a type of com put e sew-"'U'Vuinefab‘
applications. -
a b
r ‘ ' ''
- i
-
" ‘ "b
Iou nd m ‘
l
lity typically W
Wf‘\'\_n A s __,__....
Scanned by CamScanner
3' A cross-site scriptin
g vulnerability ma
b
same-origin policy. 1 To
Y 0 and by att ack en lob
4‘ The scripts referred ypassaccess controlsmchawn
here are mallclous
5. code.
in XSS. th e attacker does not di
rectly target theuse
6. Flrstly th
’ eattacker in‘je r
cts
the malicious co
the malicious code
' e Web
de into th
is delivered to the App whe th
victim's browser
7. The figure 8.18 sh m e "m mm an
ows the working of dM
XSS
021] Explain briefly with
examples,how the
followingattacks oc
cur: [10M] _
(a) Phishing attack
.
(b) Denial of Service attack.
Example:
This email is meant to inform you that your Mym'rcersity network password
wiil expire in 24 hours.
Please ’ollow the link below to update yc or password
”1.:IEI"'-,[s"c::dllztpfl : on“
Refer Q L
1. A typical {3 torc’s SQi. database query may look like the follow
ing:
ISELECT Item Nam e,ite cscr iptio n,
‘ FROM Item ‘ ,
WH ERE I t e m N u m b e r .= i t e m N
umber '
2. From this, the web application builds a string g u m
that '5 sent t0 the database as a singleS
QL
statement.
5.1.1
WWW?
A user~provided input 1% can
then generates
. A the following SQl. Query.
Scanned by CamScanner
._r ‘9 ~
f"
satscr ltemNaIte
7 re 36'o
mme. Description
l’ROM
Item
WHERF. ltemNum
4. The above-mentione b
er = 99
d input. which pulls
lnt‘or ' 9 ~
read W W mam" for a Specific Pmduct. can be altered to
5. AS a ““5“"- the corresponding SQL que
ry looks like this:
SELECT ltemName. ltemDesc
rlption
FROM Item s
WHERE ltemNumber == 999 OR 1:1
6. And since the statement ‘1 = 1 IS
' alwa ys true, the query returns all of the product
names and
descriptions in the database, even those that you may not be eligible to access.
Refer Q 2 0 .
Q22] \‘Vhy E-commerce transactions need security? Which tasks are performed by
payment gateway in E-commcrce transaction? Explain the. SET (Secure
Electronic Transactimi) protocol
. Integrigg: lnformation should not be altered during its transmission over the network.
- Availability; information should be available wherever and whenever required within a
time limit specified.
Authenticity; There should be a mechanism to authenticate a user before givinghim/her
an access to therequired information.
Non-Repudiability; l t is the protection against. the deniai of payment. Once a sender sends
a message, the sender should not be able to deny sending the message. Similarly. the
recipient of message should not be able to deny the receipt.
izedus 1'.
Encggption;Information should be encrypted and decrypted only by an author
audited for integrity
Auditabili : Data should be recorded in such a way that it can be
requirements.
{21
Page afar;
Scanned by CamScanner
MW Jamar!” - 7 \ d'o/ufiam
Topper:
wvwn‘rl
wrw"
..-.
ipqgomuW‘k ~» I
Scanned by CamScanner
Mime/Elmo“!
«matter ..
W Viz/1’1”}3066b”:
> Slam Cu sto me r.
; issues C us to m er fin an
7‘;
ci al in st it ut io n
M erc ha nt. . - . '
> 1512113111111;
Merchant fin an ci
al ‘
> C OQ
M
XS 'fic a ) to
e Au
VB allthOt he
n 'r pa
: rti
A utdp
hoan
ritts.
y wlhi ch fa ll ows certam
' sta nd ard s‘ andI iss
' ues certifi
' cates (like
Wig;
> Pro vid e Au the nti cat ion
. ' ' -
> Pro vid e Me ssa ge Confidential
ity.
-
SET WORKING:
."W
W '—
"'w,W"
Scanned by CamScanner
Mites/Encore J’emarller --7 fipfigfismw
MISCELLANEOUS
Q l ] Timing and Storage Covert Channel.
Am“
(Sm-- W W
COVERT CHMNEL:
1. Covert Channel is type of computer securit y attack.
2. It transfers information in a way that violates a security policy.
3. Covert channels have been defined by Lampson in 1 9 7 3 as a communication cli'an’net'
, nor"
designed for any kind of information transfer.
4. Consider there is group of students preparing for exam,- where questionsare of'objective‘
type
5. For each question there are four choice of answer: a, b, c, d and right answerhas
to be selected:
6. Now one who is clever in the group decides to help-others.
7. So he/she any reveal the answer by acting in accordance to a predetermined
protocoilike
coughing for answer "a", sighing for answer “b” and so on.
8. Covert channel is hidden communicationin Open channel.
Spy
Semcr Service Stir
Service. Spy
Fragment“L Program i Program 1 Program ‘ Prop-an; , [lg-“gram ‘
" 1 j o l i l o l t l‘ -l eras—s.
Scanned by CamScanner
6.
ce pro
gram
7. Aservn
. .
ce program makes use0 f ‘ . timing Channel and
. my s program15 shOWn.
usmg1t. Elther by usmg certa‘
m amount of tim e o r by not
3. ln multi programmed system t‘
. lme ISdivided 1
-
alternatively, nto blocks
anda l l o c a t e d to oneprocess and another
9, The processing tim e 18 rej ect ed b
A block 15 used by a Process t V a Process i f i t is waitm f
10_ g or an event to occur and IS idle.
0 Signal1 and i t is rejec
l ted to 518na10.
11. Figure 9.1 (a) shows first Situation of
norm a schedulin ~ - programand
are used alternately. ‘ ,. 3.Where serVice spy program
1'. A storage covert channel transfers information thrOugh the writing of bits by one program and
reading those bits by another.
2. Examples o f storage covert channel are:
a. File Lock Channel.
b. Printer Attachme nt Channel.
3. Figure 9.2 shows the example of Storage covert channel.
Attached?
l
Sender Process. , ' - ' .
b ' Attached (1) - " Yes:1
__. Spy
.
SeeCe _ r,
-- .
Pruner
,______, Program
>
x. P r a y Detached[0)- _' - N021
‘” ' , Receiver Process-
Data to be Printed
_______________
Figure 9 2 : Print er Attachment Cover t Channel. <
a system. a sending process
. l ‘ h cical printers or other I/O, devices are shared resources in
4-
When p
y”
1d otentially transfer information to a receiving process ‘R' a t a
//
The receive
W737
. a
Scanned by CamScanner
‘ guardian 'Papw' ‘ -.' Janufer - 7 ff 73PM”?W
Mumbai Uni vers ity — Dec 2015
Q1] (a) Define the following examples: [10]
(i) Substitution cipher.
(ii) Poly-alphabetic cipher.
(iii) Salami attack. '
(iv) Session Hija ckin g.
Ans:[Chapter- 2 | Page No.11 81Chapter- 8 l Page No.117]
(b) With thehelp of examples explain non--malicious programming errors [05]
Ans: [Chapter- 7 | Page No. 88]
(C) 985118 the goals of securlty and specify mechanisms to archive each goal. [05]
Ans: [Chapter - 1 | Page No. 2]
Q2] (a) I n an RSA system the public key (e, n) of user A is defined as [7, 119). Calculate (l-‘n
and private
d-
key what is the cipher text when'you encrypt message m=10, using the PUbliCkey? [10]
. Ans: [Chapter 4 - | P a g e No. 40]
‘
(b) Give the format of X 509 digital certificate and explain the use of a digital signatu
re in it. [05]
-:Ans [Chap ter— 6 | Page N o . 6 5 ]
(c) Encrypt''The key is hidden under the (1001" usingplay fair cipher with
keywm (1“domestic”
Ans: [Chapte1 — 2 l Page No.14 ] . .- _ _ _, [05]
(13]
' l (3) Explainhow'a key is shared betWeen two-parties using
Diffie-Hellman by exchange algorithm.
_‘
' What is the drawback of this algorithm?
' [10]
_
Ans: [Chapter — 4-| Page No. 4 7 ]
1.2.311. _ 11
. _ 1
(b) Differentiate between 1') MD-5 and SHA ii] Firewall and IDS.
1
' '
_
_
Q4] [:0 Explain working of DES detailing the Fiestel structure.
“ I [10}
.__
Ans: [Chapter- 3 l Page No. 26]
4....
.
(b) Whatis a Denial of service attack?
.-
_ What are the different ways in which
an att1.
acker can11101
I 111 1~
the S
handgh k y .
. Q5] (a) List the functions oftbe d1fterentp10tocols 111331,.E xplain
"1.
1
.-
Ans.[Chapte1 8 : Page No.101] . E' w( 1 . a “e D .
1. rotoml. [0 l
illémafl
(b) How does PGP achleve confidennally and authentication q.
" -' "
1
.{c)'Differentiate
tunnel m
authentication and confidentlalityare achieved using 11’ Sec Ode of If) 566 and 9X93"?
1'
2.1":
how
[1°].
: . '_l
WyefZW‘x‘m _ A...
Scanned by CamScanner
WPW
Ans:[Chapter-.mpmhlnl “7 TWEM
(C) I? Spoofing,
Ans:[Chapter - 8 | PageNo
.117]
(d) Viruses and their types,
Ans:[Chapter - 7 | PageNo. 86]
Key
(e) generationin IDEA.
Ans:[Chapter - 3 I PageNo.21]
" (d) Elaborate the steps of key generation using RS".Aigorithm. [05]
i.
‘‘ Ans:[Chapter - 4 | Page No. 39]
i
I Q2] (3) A and B decide to use Difiie Hellman Algorithm to share a key. They chose P= 23 andG = S as :1
the public parameters- Their secret keys are 6 and 1 5 respectively. Compute the secret key that
they share. 7 [10]
Ans:[Chapter - 4 | PageNo. 49] . A
I.
E (b) Explain working of D55. [10]
v3"
ul‘ifitm 7; ‘;;’r";..
Scanned by CamScanner
01mph» Papas 3mm:- - 7 Tapper}Sa/ufiom
_ [b] Explain working ofKerberos. no] .s
Ans: [Cha pter - 6 | Page No. 74]
QS] .
(a) What is a firewall? What are the firewall des1gn - - i
prinClP'E? [ 0 5]
Ans: [Chapter — 7 l Page No. 79]
[0
(b) What are the various ways for memory and address protection. 5]
Ans: [Ch apt er - 7 l Page No. 90]
. n Systern
(c) EXplain the significance of an instructi on Detectio ' for securing a _network. Comp3;
signature based and anomaly based IDS.
[1°]
Ans: [Chapter - 7 | Page No. 84-]
Mu mb ai Un ive rsit y— D e c 2 0 1
6
Q1] (3) Whatare block ciphers? Exp
lain with examples the CBC and ECB mo des of blo ck cipher
' Ans:[Chapter— 3 | Page No.33] s. [05 ]
’ - _. _
[b] Encrypt the str ing ''This 13
an easy task" using a playfair cip
he1 wit
h k83"'t11011arch3"'. {05 }
Ans: [Ch apte r- 2 l Page No. 1 2 8 ]
‘
(c) Define authentication an
d non-repudiation and Sh
ow With exa mp les ho w eac
ach ieved. h on e can be
. . y ‘ I}. . ' ‘ ,Q [05} ‘
Ans: [Ch apte r - 7 l Page No. 9 2 ]
V ' ‘ _ ’
(d ) Describe triple DES wi
th tw o DES keys. ls man
in the middle attack po ssi
Ans:[Chapter - 3 l Page No. 31] bl e on triui‘e DES'NOS}
‘ ‘ ' .- - ’
qg}. [a] A and B decide to use Di
ffie Hellman algorithm to sh
are key They cho
public parameters. Their secret key ose p =2 4 and g=5 as the
s are 6 and 15 respectivel
y. Compute the secr
share. et key that they
17(19312801‘34 . _ K\~Mm
Scanned by CamScanner
M» Pat/ms
Sham--7 flipper}Soweto
i . I Y , A .. L
_ u
Wry‘r— . - "' v i I I -
- Vil'. , ‘T v I ‘ '- .
a > v: >
2 I ' ’ ' _ .r-I} ‘L.’ , . 5 .5 ,, "rd“. ,
- > ..
“‘96 ' ' ' .
-g- : “J:
-. rat-- ' a i .e
.V J .5" .' ‘. ut-
. , . _. -‘
- j _. "6th; ‘ . . _ 2 , 3: . ‘ "14””
' 3i: 1.. 7.
I l .01) ,1 1‘." ,"."", _ '._-. . . '.'.-. . . i . n W
Scanned by CamScanner
Mumbai University - May 201 7
- .u
Qll (a) Use the Play fair cipher with the keyword: "MEDICINE to ~ h ~r the mes3 3 8 9 "T h e
emit) L greatest
‘
wealth is healih‘l‘. [05]
(a) Explain DES, detailing the Fiesta] structure and S-block design [10]
Ans: [Chap ter - 3 | Page No. 26]
'
(b) Consider a Voter data management system in E-voting system with sensitive and non-
‘
sensitive attributes. ’ .' _
1) Show with sample queries how attacks (Direct, inference) are possible on such
data
'
H
,
sets. .
‘
.
V
2) Suggest 2 different ways to mitigate the problem. _ -' ' [10]
_'
.
y
Ans: [Not included]
.
.1,
.1
__
.v .
W.‘
1
(23]
«,
,4
(a) Explain Diffie- Hellman Key exchange algoxithm
1..
.
with suitable example. Also explain the
-
A
-
1
problemofMlMattackinit.
.
_ . ' , .. .
_
['10]
‘
1 '1‘
_‘
up
v Ans: [Chapter— 4 l Page No. 48]
:'
‘
(b) What are Denial ofService attacks? Explain any th:
ee types ofDOS attacks in detail
'
-.
[10}
'
" ‘r -
Ans: [Chapte1——8 l Page No.96]
.I ,t
A_
,
-.
.
.1
"_l
Q4} (a) lPSec offers security at n/w layer What is the need Of SSL? Explain the service tof
s SSL
'."
‘Y
protocol? 1
m. ‘
1 - _ [10]
.
_ .
{10]
Ans: [Chapter - 7 | Page No. 80]
‘1FTWr
PyteWéé A.
‘1 ,a
Scanned by CamScanner
Paint“? “- W13” :WE- '
19¢”
,1 M- 7 Tapper-'3 60W
b) Why are D
( lgltal Signatures 8‘ Digital
Signature? certificates required? What is the
significance 0f Dual
Ans: [ C h a p t e r - [10]
5 l Page No. 5 6 ]
QZ] (a) What is a digital certificate? How does it help to validate the authen
ticity of a user? Explain
the X509 certificate format. [10]
Ans: [Chapter - 6 I Page No. 66]
(b) With reference to DES comment on the following: [10].
(1') Block size andkey size.
(ii) Need for expansion permutation.
(iii) Avalanche and completeness effects.
(iv) Weak keys and semi-weak keys.
7359‘
3: 0,154
Scanned by CamScanner
(1') Role of&box
Ans:[Chapter~ 3 l Page No. 29]
Q3} (a) What are the different types ofviruses and wow? Ho w do they Pmpagate?
Ana [Chapter -- 7| Page No.86] [10]
.,
Q4] (3] Emlain briefly with examples.how the
followingattacks occur: [10]
i) Phishing attack.
ii) -
Denial of Service attack.
iii) SQL injection attack.
Q».
iv)Cross-site scripting attack
Ans: [Miscellaneous | Page No
. 119]
(b) How is security achieved in the transpor
t and tunnel modes of lPSec? What are secu
rity
associations? .
[10]
Ans: [Chapter— 8 | Page No. 107]
Scanned by CamScanner
- v—w
'3‘“
' ‘-'
.. :17 ' _I'I
..
v: ”‘5‘“!
---
* r.
—~ -
- . I
~ “31"". . . ere-'1.
1' it I W .
l‘,
mm . -- WWI-WW "‘1" "
.
Q5] (3) How can we achieve web security? Explain with example.
. [10]
Ans: [Not Included]
(b) Use Hill cipher to encrypt the text “short". The key to be used is
"hill". [10]
Ans: [Chapter - 3 l Page No. 36]
Scanned by CamScanner