Wacwm: Twewm, W@&WW

_ v__....
‘ Yaw-w Iv—KHW-
. ‘
-.
4
W” TWEWM, W@&WW mar-7 Twas“.-

wacwm
__ (Cryptography & system Security) _.
‘ - Analysis by Topper’s Solutions Tam -
usr mam:PREPARATION:
Ezgineeringisaaotoriomiydcmandingfieldofstudy.Bdngmhdinen
A
gineafigmmm
am—Jimam—Inoflwodaudhmmflmdmmbwmmu
,
- «-7-. .
“Hy a“—
sematereramin engineering. Haveywhmeah’adygiven upthinfing'Whatthcbefl l and.
at this moment? Tomorrow is exam!” Think again! You are M madam & ha nigh:
i studies are a'exyenginecringsmdent’s epitome.
'Weaginmareémfbrawmfin‘g'
Don't Wonyentire'l‘oppn’s Solutions’l‘umis mrkingomforbettermmofm. Hague
some techniques about Cryptography & System Security ((38) Subject.
> W firsto marks:

Studyan xonc ofthebela wset andmakesureyou can wsilymanptanyqimionsfmmhdow
chapters included in partiallar set.
— Sim-ks Distribution —-
Chapter Name “'eighzage (Marl-Ls)
“15:54"; ; L I Mill-18 “
- 10
10
Key
m‘mogl'aph)‘
20
Cryptography
SET - 2
Chapter Name “'eightage (Marks)

-~ ' » ‘ ‘ ‘ ~ s f W? t.‘&."' 51ft! -‘
30'- '-
> ‘8: Firewalls , ‘
Hash Functions
Scanned by CamScanner
.'“ ' ‘ '7’ ': ~
MWMM 2
> "(2m
/ fl ’2
Study the following 3 chapters. t:
fl // Weightage (Marks)
Chapter Name / i
#
___________ 9
'.
;
1 Introduction 4““ 8 _ :-
,
i-
2 Basics of Cryptography
i
1 1‘
‘
Secret Key . . 13
7/
3/5 Cryptography/Cryptographic Hash
Functions
Note: If you want to score good marks, study ALL Chapters.

-___ a
“
I.
l r
r.
Please Note: The Above Analysis is suggest by Topper’s Solutions

Team. Don’t be I
completely dependent on it. It may change as per Univ

ersity of Mumbai Guidelines
Copyright © 2016 - 20
13 by Topper’s Solutions
Alel rights reserved. No
th part of this publi_catio
or by any means, inclu g, renco
ma
rdyinbe’ reproduced. di st. ri b
ding photocopyin ut ed , or tr an sm‘itt ed
in any form
J3
rt or written perm
ission of the publish
t. .ews
:ew and
Ier ex e 9 , C . ' -3nical.methcds without
certain other noncommerd
F ‘ W‘-vV -‘ n '
al u se s p0 1..
_...._
Co nt ac t No : 7 5 0 7 5
31198
hmail ID: Su pp
or t© T op pe rs So lu ti on
s
W
eh si te . .v w w
I ga !
.T o p p er sS ‘
o lu ti o n s co m
CHAPTER - 1: INTRODUCTION ,
01] Operating System Security.
Ans: - [5M — Dec15]
W
1. Security refers to providing a protection system to computer system resources.
2. Resources can be a CPU. memory. disk, software programs and most . importantly
data/information stored in the computer system.
Q55 §ECURITY¢
1. Operating System Security (08 security) is the process of ensuring OS integrity, confidentiality
and availability.
2. I f a computer program is run by an unauthorized user. then he/she may cause severe damage to
computer or data stored in it.
3. So a computer system must be protected against unauthorized access, threats, viruses, worms
and malwares.
Cnnflduufiallty
Availability S e c u ra System“
Figure 1.1: OS Security.
GOALS 0 F 0 5 SECURITY:
1)
EmsJJLiaJLm
‘3' I t is the best security policy.
> It assures that data is accessed by authorized user only.
1|)
integrity;
> It ensures that the data receivedby the receiver IS exactly same as the data send by sender.
3*
The data should not be modified b y a n y unauthorized entity.
m)
Amman
3"
It ensures that the data is always accessible/ available to authorizedpersons.
> Whenever an authorized 53’5“?!“ entity d e m a n d s for system resource.it must be accessible and
usable at all times by him/her.
flya { afar;
‘wfi . ‘r‘
I l gum/action 'Jmerfer-
7 75/010"?6,06%":
Q2 ] D e fi n 8 the goals of security and specify gmechanisms to archive each 30a].
Q3] List with example ‘ '~

the different mechanisms to at:h ievc securi ty .
An [Q2 l 5M — Dec15]&[Q3 l 5M -- Mam]
S3
Note: For Q3) Refer only Security Mechanism. Part,

SECURITYGoa LS:
I) C_onfidentialil_.y:
It is the bes t security policy. . d V

Confi denti ality assur es that data is acces sed by
auth orize d user only.
. No unauthorized party can have acce
ss to the data.
Acce ssing data m e a n s to read, to print or just
to know the exist ence o f data . -
It is also call ed a s sec rec y or priv
acy.
Con fide ntia lly can b e achi eved by mea
ns of encr ypti on, s o that e v e n thir d par
ty gets acce ss to the
mes sage , they can not reve al the exac
t mea ning of that mes sage .
Example: Figure 1.2 shows the exa
mple of Confidentiality. Consider tha
t A. 81. B wants to
communicate with each other._When
A sends a message “m" to B, only B
sho uld receive it. Only
then confidentially is maintained.
l_
A
VVVVZVV
[Sen der ]
a
(Receiver) I
c
(Attacker)
Figure 1.2: Example of Confidentiality.
n.) lam ‘
p
.
' integrity ensures that the data rec
eive d by the receiver is exactly same as
“V
the data sen d by sender.

Fa The data shoul d n o t be modifi ed by any unaut horize d entity
.
*2 Only authorized entity or person should be able
to modify or update the data.
‘2 Modification mean s modi ficat ion ofda ta throu
gh inser tion. delet ion or repla y ofda ta.
3; Integrity can be achieved by using checksuxn or
hashing methods such as MDS, SHA-l & Tiger
Hash.
Page .20/134
w "u" " '—-— ——v-—rr
.0
' ‘1 ' ‘ I
! I ”Mcfion 3makr~7 Topper? JoMom
A ideal Rent. or the manage B
[Sender] ‘ (Receiver)
Actual Route
(Attacker)
Figure 1.3: Example of Integrity.
u!) _ .t:
it ensures that the data is always accessible/ available to authorized persons.

Whenever an authorized system entity demands for system resource, it must be accessible and
usable at all times by him /her.
The information created and stored by an organization needs to be available to authorized
entities. Information is useless if it is not available.
Example; The situation can be difficult for a bank if the customer could not access their accounts
for transactions. Interruption puts t h e availability of resources in danger.
. l1 . .- ‘l .
(Sender)
J . J (Receiver)
Figure 1.4: Example ofAvailahility.‘
SECURITY MECHANISMS:
1) Encipherment:
V
This is hiding or covering of data which provides confidentiality.

‘17
It is also used to complement other mechanisms to provide other services.

Cryptography and Steganography are used for enciphering.
‘I
Ii] Digital Integrigg

T h e data integrity m e c h a n i s m a p p e n d s a s h o r t check value t o t h e d a t a t h a t h a s b e e n created by a
‘7
specific process from the data itself.

Data integrity is preserved by comparing check value received to the check valve generated.
"f
Ill) El 3 9i ' me
A digital signature is a means by which the sender can electronicaliysign the data and the receiver
can electronically verify the signature.
Public and private keys can be used.
Fags}0,934
i
WWW}
SW4 ' \"fiom \S'of i
(Misha/weft!” _/7 l
. . - ti to each other.
1") “MW messages to Prove their 1den
me ty
:r in this two entities exchange 5 ° . '
f"
v) M e bogus data into the data trafiic to thwart the adversa
> Traffic padding
. - ' som
means inserting .
attempt to use the traffic analyslS-

V1) W - ' ferent available routes beMeen
Routino., control ‘ d continuo usly changin g dlf
means selecting an ent from eavesdropping on a parti.cula r mum
sender and receiver to Pl"?vent the oppon
V“) W . . t d arty to control the communication
v
> Notarization means selecting a third trus e p bet weentw
0
entities.
> The receiver can involve a trusted third party to store the sender request 1“ order to Prevent the
sender from later denying that she has made a request.
V111) swam
» . - — ¢ ‘r.
> Access control used methods to prove that a user has access right
t o the data o r resources owned
by a system.
'
,-"-V. — ' . —A. ~ u -
> Examples of proofs are passwords and PINS
.
. Q4] Give exam ples of r epla). attacks

. . las
' t three gen
eral approaches 101 dealing With
‘-
replay attacks
..
-
Ans:
A‘.
M3318]
[5M -
REPLAY ATTAC KS:
1. Replay attack is also know

s as playback attack,
2. It is type of active security attack
‘
3. Replay attacks are the netwo
‘ h -- -
. er and takesmthe
attac ks inticat
Whicdh an
sender and receiv authen - attacker allies
~‘ the conve rsatio n between the
. r Wit
the receive . h tha
t key. e I n f 2- - ‘
0 mation e.g. sharing key and the
n con tactto'
4; ln repl
R e p l a ay attack, the at .
5 . t 1‘ tacker gives the proof O n i i s ident' '
6. i R y]at ac ' is
'. one of the low
1 er tier
.Aq-D
' V e r s i o n s ofa
‘ ’ lt‘ J and
aut hen tiC ' ‘ity.
“—
"M
. n e p ap tJ Attack. an attacker C a p t u r e ‘ ‘ - ' .
F‘ ‘ a n in the m i d d l e 'dtt ,. ..
lgtiie1.5.
data
S [he
__'
a _
an...
“no r e t r a n s m i t
. 3 l-l after some delay as slim/iml“r'
Y
E- nets:
‘
"Cr\=r T
F ' 00,000 to B Thl‘OUgh

A sends Rs.1.
. _, -Iv—
an :
‘> AnAttacker ca ‘ res t h i .s data a n d
. ptu Online
.ww
“end _ “ o n MT
. -
USSlcn
_\ ° 5‘t agai ‘i-
1111”" ft a w n — 9 w .
.
1'“r . — . _ . _ _ . .
6&0
‘ o-
' “W e time to p m d U C e . ed {fecls'

unauthoriz e -
e i
"I‘... W.- I
-———
( I 913M060» Tapper} J'ofilfiom
A [I
(Sender) (Rm-her)
Replay same message as A

alter some time
[Attacker]
Figure 1.5: Example of Replay Attack.
we]. APPgoncuss roe DEALING WITH REPLAY ATTACKS:

1) WWW
> A new message is accepted only i f its sequence number is in the proper order.
> Difficulty with this approach is that i t requires each party to keep track of the last sequence
number for each claimant i t has dealt with.
> Generally not used for authentication and key exchange because of overhead.
11)
Wes.
> Requires that clocks among the various participants be synchronized.
‘iv PartyA accepts a message as fresh only i f the message contains a timesta mp that, in A's judgment,
is close enough to A's knowledge or current time. '
Ill] Ch 1 e’ e nse:
Party A, expecting a fresh message from B, first sends B a nonce (challenge) and requires that the-
\/
subsequent message [response] received from B contain the correct nonce value.
Q5] List and explain various types of attacks on encrypted message
Ans: ' [5M -- MayiS]

CRYPTOGRAPHIC ATTACKS:
1. Attack is the action which exploits t h e vulnerability o f system.

2. ln cryptographic attacks the basic intention of an attacker is to break a cryptosystem and to find
the plaintext from the ciphertext.
3. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the
aigorithm is already i n public domain.
4. Hence, attacker applies maximum effort towards finding out the secret key used i n the
cryptosystem.
5. Once the attacker is able to determine the key. the attacked system is considered
as broken or compromised.
P4935afm
WWW} 30%»:
mm-
TYPES; “5)
.
ck [GOA]: .
I) We ci ph er te x .
et ho d, th e at ta ck er ha s access to a se t of
In this m
pl ai nt ex t.
Attacker doe s not hav e acc es
s to co rr es po nd in g
pl ai nt ex t ca n be de t ermined from a given Set
h e n t h e cor re sp on di ng
COA is said to be suc ces sfu l w
of ciphertext.
1!)
KW
for Some pa rts of the cip he rte xt.
> in this method , the attacke r knows the pla int ex t
inf orm ati on . .
> The task 13 to decrypt the rest of the ciphertext usin g thi s
r meth od.
> This may be done by determining the key or via seme othe
s again st black ciphe rs.
3“
The best exam ple o f this attack 15 l i n e a r crypta nalysi
III) Chosen Plaintext Attack [CPA]:

> I n this method, the attacker has the text of his choice encrypted.
So attacker has the ciphertext-p laintext pair of his choice.
This simplifies his task of determining the encryption key.
An example of this attack 15 differential eiyptanalysis applied against block ciphers as well a s hash
functions.
IV)‘ . Dictiona ry Attack:

' This attack h a s m a n y v a r i a n t s all of which involve compiling a "dictionary‘.
>‘ In simplest method of this attack, attacker builds a dictionary of cipher te ts a n d correspording
‘ plaintexts that h e h a s 1ea1 n t ove1 a p e r i o d o f time
> In future, when a n attacker gets the ciphertext, he refers the dictionary to find the correspond ing
plaintext. '
‘ Wk 'BFA :
In this method, the attacker tries to determin e the key by attemptin g all possible keys
l f t h e key is 8 bits long, then the number ofptissible keys is 2 8 -. 256 .
‘ The attacke r knows the cipherte xt and the algorith m n o w he attemp ts all the
2 5 6 keys 0 me 1)
o n e for decryption. 3
2 .. _ The time to complete the attack would be very high if the key is 10110.
V1)
Emmet;
>. A birthda y attack is a class ofbrut e force attack used agains t hashin g functio
ns.
i> , It is based on the "birth day parad ox"
of y a
. This state s that 1n .1 grou p of23 peop le, tnere is a t
. . _ . I.
least a 5 0 % prob abili ty that a t least two peop le ‘-
., . will share the s a m e birth day.
'In
' .
> . a grou p of 6 0 people, the prob abili ty is over
99% .
79598501’64 ..
'* * , —.'—
r l Wee/wade» J'smarfar - 7 Tapper} J'oficflom
VII ) W:
P The targets of this attack are mostly public key cryptosystems where key exchange is involved
before communication takes place.
Host A wants to communicate to host [3. hence requests public key of B.
An attacker intercepts this request and sends his public key instead.
Thus. whatever host A sends to host 8, the attacker is able to read.
in order to maintain communication, the attacker re-encrypts the data after reading with his
public key and sends to B.
The attacker sends his public key as A's public key so that B takes it as if it is takingit from A.
VIII) W
Side channel attack is used to exploit the weakness in physical implementation of the
cryptosyste m.
Side channel attacks are a type of attacks based on implementation details such as timing. power,
and radiation emissions. .
By carefully measuring the amount of time required to perform private key operations, attackers
may be able to find fixed Diffie-Hellman exponents. factor RSA keys, and break other
cryptosystems.
m)
Timing attack exploit the fact that different computations take different times to compute on
processor.
By measuring such timings, it is be possible to know about a particular computation the processor
is carrying out.
For example, ifthe encryptiontakes a longer time. it indicates that the secret key is long.
W
These attacks are similar to timing attacks except that the amount of power consumption is used
to obtain information about the nature oi‘the underlying computations.
.Eauit. anaixsumt'rasks;
in these attacks, errors are induced in the cryptosystem and the attacker studies the resulting
output for useful information.
-—-_._-——.———-I--I-:
Page7 3/34
Ilfibu/wfian Jamar!” - 7 Toff”? {0%
.. EXTRA QUESTIONS --
' Q1] Security Attacks.
Ans:
SECURITYA'ITAfi
1 Attack is the action which exploits the vulnerabi lity ofSYStem"

2 SecurityAttack is a method or technique that violates security policy of a system or organization.
3. While transferring an information, attack may occur.
4 This attack may be either active or passive.
Security Atta ck
Passive
Acflw
i , l l l I 1
"'
Release o f Traffic Analysis Masque rade
Message Content Replay Modification Denial
' Attack o f Message ofSorv ico
"r m ~ < ~ ‘
Figure 1.6: Types of Attacks.
PfiSSIVi-Z ATTACK:
. -—
‘QW—N54v n-yv-u
—n- —
I.
_ ..1 inPa ssive Attack, an attacker just obtains
an infor mati on bein g trans mitte d.
‘ ‘ ~ 2. it does not alter the message.
'-
i) ‘ Relea se o f Message Conten_t_:_
This Attack discloses the message informa
tion.
- ‘,~. - it may happen throug
h various ways such as: Listening to tele
phone co
nversation accessing e
mails or observing a transferre U j
d file which may contain sensiti

.
ve information
H). ' TrafficAnalysis:
> in Traffic Analysis, an attacke
, . r observes the network traffic
and tries to analyrm the net
communication. - -- ure 0 f
7;». ' , Encryption technique is used to pre ven
t Tra ffic Analysis.
ACTIVE A'FTACK:' ' . ,

I.
Active Attack is an Attack tha
‘
t modifies-the original Mess
age.
“U
Mfiqugrade; ‘
>' . ._‘
_ This attack occurs wh I
en unauthor.ized entit
y pretends to be an au
I > ' ,ho
Thmatag
ise.an attac. ker takes an t‘nomed entity
ide
" nt'ity of semenne
and acts. on behalf
of ith V .
._.__
em W‘ithout thei’ r
PW‘\\~—+
-__ .
.
‘P+¢v"“‘-
( I gamma» J'omarfor - 7 73”»?J’o/uflam
> Phishingis one of the variation of masquerade.
inlernoi
n
c C Masquerade: A
(Attacker)
Figure 1.7: Example of Masquerade.
11) 3.2mm
In Replay Attack, an attacker captures the data and retransmits it after some delay as shown in
Figure 1.8.
Example: A sends Rs. 1, 00,000 to B Through an online transmission.
An Attacker captures this data and sends it again after some time to produce unauthorized effects.
A Internet B
(Sender) (Receiver)
Replay same message as A

C
after some time
(Attach-I')
Figure 1.8: Example 0 fReplay Attack.
m) M o d i fi c a t i o n o f Messages;
in this technique, an attacker tries to modify the message.

NI
This modification may be in terms ofmessage alteration, delay or reordering.

EAL'DDJL I f the original message is Transfer Rs. 1, 00,000 from A to B, it may be modified to
Transfer Rs. 1, 00,000 from A to C.
A
Interim-i
‘5
0
)—_. R
(Snider) )-’ (Heals-or]
I
I
C
[Attacke r]
Figure 1.9: Modification of Message.
@69a
Some-[fer ~ 7 Tm: \VO/ulfo,’
I I guftwfucb'an
/
m
3.
D
Den ial ofS erv ice [DOS] i s also
I ihbinty Mac"
k n o w n as A v a ‘ t o System Communication
. faci litie s o r ms
. tting EICCE'Ss
k ' ' 1thor12ed users from ge “‘83.
overloadin it wi
>r iRt pl
mayevents at th8 metwork either by disabling the n e t w o r k or by
disrupt 3 th messag
> - cult to p r e v e n t .
Active Attacks are easy to detect but d1ffi
(322] Security Services

Ans:
a“
SECURITY SERVICES: '
,
1. Security serw.ce IS
. .
a serv1ce ’ E '
that enhances the sec unty 0f the. sy ste m or data transfer.
2. ’ They are intended to counter Security Attacks.
_—.w.u,' ‘ . - r
.3. Security Services make use of one or mor
_.._.—
e security mechanisms to pro vid e the
service.
4. Figu1 e 1.10 shows the Categories
ofSecu1ity Se1vices.
— ‘ 1 .. >
Security
um»
Services
rd ‘
u.
..
1. . l l ,
aut hen tica tion
Dat a Confidentially
, Dat a I n t e g r i t y
N o n -“lepudiation
i
Acc ess C o n t r o l
.
Figure 1.10: Categmi
‘
es of Se cu rit y Se rvi ce
I) Authentication: s
‘
‘> I t ensu es that the co
n t !' ‘-1
mmunicatmg entlty
IS the one c h u r n e d
‘ - " “ ~ qa
O ? Vvo-
ll) Da ta Confidentially:
< W - ¢ - ~‘b—nx
r i t pr ot ec ts the da
ta fro m unauthoriz
ed disclosure
111‘; D a t a Integrity:
- w m w - . ‘A
‘r I t --
assures
._ . that data receiv
i- ed
iqt ass enth 811..
.
author.lzed entity,
t
1V] y
f_
Hgn- Re pud ia tio n;

1 ‘
.
_
.,
-
'
.
.
3"
I" .
i t pr ot ec ts a ai ns
"8 t Den1a] by-
-1
one
.
ofthe parties In acC d m m

' ,
31!” m
_ V) . .
Ami—Clinical;
{v‘ 1.7!
.
ban-U
.
'14.";
.
, , unic 3th “
'_ .
‘_-
ioh“
"'--' 131' -
_
.
1-.
I t prevents fr
o m authorize
,.
d use o i a 1-
.: '
.- “Aw.-
‘
'
'
.
v.
«ht-1m"
"
r.
._m,,;wr!'
“(I
-
1 . - ..
-
‘
.."v
M.Ae' l - " ' 4:' -_- ¢
A
I
‘v
.
-
i v'
1‘
-
ffl'éajv'“
1I
‘
1 i‘n
.
-
1_ - «v : - -. ’ . -,
awash?”
Zr
I3n"a“ - 1 "
:2-
-‘
n
-.
«3h- . -a' ; s ,
u
~
o_
aweawe ‘mv _ e WMN‘OW
CHAPTER - 2: BASIC or caflmeaamfl
QI] Define the following examples:
(i) Substitution cipher.
(ii) Poly-alphabetic cipher.
02] With the help of suitable examples compare and contrast monoalphabetic
ciphers and polyalphabetic ciphers?
Ans: [Q1 I 5M -- Dec15] & [Qz | 5M - Dec17]
SUBSTITUTION CIPHER:
1. Substitution cipher is a method of encoding by which units of plaintext are replaced with cipher
text, according to a fixed system.
2 The "units" may be single letters, pairs ufletters, and triplets of letters or mixtures of the above.
3 The receiver deciphers the text by performing the inverse substitution.
4. In short. in Substitution, one symbol/letter is replaced by another.
5 Substitution Cipher can be divided as:
1)
Manual new
> A character in plain text is always changed to the s a m e character in the c i p h e r text regardless of
its position. - ,
> Example of this is the Ceaser Cipher which involves replacing each letter of the alphabet with
the letter standing three p l a c e s further down the alphabet.
I
I
Plain Text
'—]
CipherText DEFGHIIKLMNOPQIRS
Plain Text: ViVA Institute of Technology
Cipher Text: YLYD LQVWLWXWH RI WHFKQRORJB

“duh—w
ll) Pgiyaipha’pm
I» i n a poiyalphabetic cipher, multiple cipher alphabets a r e used.
> A poiyaiphabetic cipher uses a number ofsuhstitutions at different times in the message
‘3' in polyalphabetic cipher, relationship between characters in plain text to a character in cipher
text i s one-to-many.
> Example: Consider the previous example of Monoalphabetic Cipher. where ‘A’ is replaced by 'D’
at 4 different places.
figs «ofmfi’
--- . —.— a- _.0-
‘7?) 36'0/ ' '-
2 l Waffle/“WM
W"? . ”KM
t l e t ters. ,
’ w ill be re pl ac ed by 4 di' ff er en
ti c ci ph er ,I‘A
4’" l f w e us e p0 Iy a lp ha be
13}7 -
17
6 U
1..
14 15
Topper 19 21 -
Kc)’ 21 15
Sagar 18 0
Plain Text
14 “
Ci ph er LOVPV ‘ 37
Text
QQMPARISON:
' 8: Polya lphab etic' Cip
Table 2.1: Comp arison betwe en Mono alpha betic
' her
In m o o a l p h a b e t i c m p h e r smgl cipher alphabet I n p o l y a l p h b t i c cipher there are multiple cipher

i s used p e r message . text letters for each plaintext letter.
The relation ship between a characte r in the The relationship between a character in the
plainte xt a n d the charac ter in the cipher text is plaintext a n d t h e character i n the cipher text is
o e to o n e . o n e to m a n .
, Mono alphab etic c i p h e r is easy to break. Polya lphab etic ciph er is diffic ult to break as
com pare d to mon oalp hab etic ciph er.
A stream c i p h e r is a mono alpha betic ciphe r if the
A stre am ciph er is a mo noa lph abe tic
cip her i f t h e
value of ‘ki' does not depend on the position of the val ue of ‘ki' doe s dep end o n t h
e pos itio n of the
plain text c h a r a c t e r in the plain text strea m.
pla int ex t c h a r a c t e r in t h
e p l a i n t e x t str eam .
Mon oalp habe tic ciph er includes addi tive,
Po lya lph ab eti c cip he r inc
lud es au tok ey , pla yfa ir.
multi plicat ion, affine and mon oal pha bet ic vi ge ne re
, hill an d on e tim e pa
substit ution cipher. d ci ph er .
E x a m p l e : Refe r exam ple given abov e.

Example_. R ef er ex
.-
‘
v
am pl e gi ve n ab ov
'
e.
n u n - w :-
x
Q3] Exp lain with exa mp le, keyed and
mg-‘un-
k eyless tra ns po Si ti on
ci ph er s,
Ans :
;
‘fiim
.—
'flitSPOSlTlON CIPHfifl [5M Diana 6]
1. Transposition cipher is a metho
d of en cry pti on b
Ywhich th e po sit io ns he
are shi fte d according to a reg ld by un its of pla in tex
ula r sys tem , so tha t th e t
ciphel te xt co ns tit ut
pl ain tex t. es a pe rm ut at io n of
th e
‘_
2. That is, the order of th e un
its is changed.
3.. . Tr an sp os iti on cip he
r do es no t su bs tit ut e
0 n e sy m bo l fo r an ot
1 _7 ol' th e sy mb ol s. he r in st ea d it ch an
ge s th e lo ca ti on
4. . _ Tr an sp os iti on
Cipher can be divided
as ke yl es s an d keye
d tr an sp os iti on ci
.
.I'v
.
H
. -« ph er .
“X
ME“—
Page{2 af m N - \Mh' ‘
2 [Mofci-yplogmpfi‘y Sanerfer-7 _ Tapper? J’a/uflam
l) Wen
> i t is Simplest Transposition Cipher.
3. in first method the text is written into a table column by column and then row by row.
> For example, to send the message "Meet me at the park” to Bob, Alice writes
m e m a t e a k
The cipher text is created reading the patternrow by row.

Cipher text is “MEMATEAKETETHPR”.
> In the second method the text is written into the table row by row and then transmitted column
by column.
> For example, Alice and Bob can agree on the number of columns and use the second method.
> Alice writes the same plain text, row by row, in a table of four columns.
111 e e t
m e a t
I: h e p
a r k
The cipher text is created reading the pattern Column by Column.

Cipher text is "MMTAEEHREAEK’I‘TP".
ll) Keyed 'fl‘aLnsnosition Cipher:
,‘> In Keyed Transposition Cipher, plain text is divided into groups of predetermined size called
' blocks.
‘3» Then it use a key to permute the characters in each block separately.
> Example: Alice needs to send the message "Enemy attacks tonight" to Bob.
5" Let the block size be 5.
1e In i E J l l 1a IT It Ia ICI l l l t lo In 1 1: p m . .1
> The key used for encryption and decryption is a permutation key, which shows how the
characters are permuted.
Key:
Encryption 3 1 1 4- 5 2 TDecrypti—on
l 1 2 3 4. 5 T
5-! ‘ I
60%
W -—7 WM
‘2 l
M” #wmfl transpOSition
cipher.
ow s the e x am ple o f keyed
2.1 which sh
Consider the Figure Bob
— g
Alice _
Piainicxi
a” i k i .
1 a c s o
l’iainicxi J_ flight;
@— 1
enemyatiacksionish‘zl Read r o w b ‘
ym”
Write rowbyrow Ff
1r m y
c ’n c
m y c
c a c
a t t a
a i i a c s t o n
k i Z
a i a n A i g h
k h ‘ j
i 8
,, 3 1 4 5 2 .. L
g E:
.5
l l i 4l 5l a9 . l M Y N
i 2 3 l:
,. N L?
is i M Y
K" 'r A A c T
'i.‘ A A c 'r 0 N S
K
T K O N S G
ii i T Z
ii i 'i‘ / (i
Wriic column by colum
' Read column by column
ZN TSG
i‘SG
,.
, , , E'i’i'iiIZAKiii/iAO'i‘YCN
i M A O ' i ' Y C N Z N_ '
B T T I I E A K__ Imnsmissmn ___
.. (Jiphcricxi
(.iphcticxi
sitio n Ciph er.
Figure 2.1: Example of Key ed Tran spo
.-
pla y f a i r ciph er with keyword

Q4] Encrypt "The key is hidden und er the door" u s i n g
“do me stic ”
[5M - Du cts ]
Ans:
FLAYFMB Cii’iiifli;
1 Play Fair Cipher is one oftiie Muiti-l eticr Cipher.
2 Play Fair Cipher uses a 5 x 5 Matrix ofaiphabets containing a keywnrii or phrase
.3"
This cipher enciypts pair of ietiers instead nf single letter.
4 i t is difficult to break because frequency analysis does not work in Play Fair Cipher
E MMPLE:
Plain Text: The key'is hidden under the (ionr.
Key: Domestic,
:" “T: m a“ w. =7u#

'- ' 7 '." {xi—-
79a]:14 0/34
5512;199n -BW’fC“7 _ _ 4
Ml!
7%?”WW!
Pnlr Ina nlnln tut nlnhnlnnn In twin,
“
n: all ny In In an an nn no
N In; Ill! nr
2. ”any character In the plain mm
In 'I' Ilmn runluru II WIlll ’I‘.
fl
'l'll 0k 9y In In an an nn do rt
Im an or
3. i
Double lemr nr connurnnvnly run
nnt ml Innna Inlum urn unnnrmml by u
nr
'l'h cl: ny In In and an an do
rl no alnx nr
4. ll'nn odd character In loll nut pnlr
It MIN 2: nr 7..
Th 0'! ny In Ill all:no nu ml or III
ad onnr
5. Manama n mhlg ammo: nn Mnnnnlnlm
lmllc lnllln Inn lllln [ulna wlll In:5 n 5
tabla became ‘l' lé’l’ will
he mar ge logollmr. (Using Kay Lu.
llnnmullc)
rmcl ”7) "MW
e "g"
In
“"7 ' ' c" n 'b‘
"ni '“n ' u" ' I
ll. .p,._. Q I r u.”l
(1. Replace Ilm [1MP(JrCIH-Il'fll‘lt‘l'fiWllll the intersection, Il’the lntersc

cllon is not found follow the rule.
‘r If bnth letters me In the snmv mlnmn. mlw the letter below each
one (going back to the top ifat
Ilm lmllnrn)
‘1' lllmlll lnllm'n mm: In lln: Minn: mw, mkn ilv:letter to the right Ofeach one (going back
to [ h e lef:if
m the furthest rlgln)
'I ll nnllhnr nl'llm [ n ' m m l l n g two rules are true, form a rt’ectangle with the two
letters and take the
lullnrn nn lln‘:lmrlzmnnl nppnsllu corner of the rectangle.
'l'h nlc W Is In clx (It: nu ml or th ed ox or
AflflLADDMDlLLUUfli c f n r an lm gc mv ns
pn vt ny cl’so m w cp
I‘M.mammmfifclpher Twin ls: cl”nr

an be gc mv os pn vt ay cf so mw 5'
_l
w- W... ‘
‘m
M17595
(5 #234
l.I'-
m— ee
SMW“7 ____.. - ~
~
w} dab/””0 ”!
,. 5
. *m~‘é'l~“9uhflam
a piflyfflh‘ Cipher WI“! he,

flMOOIW—fising
A
]
easy toa [ 6 M ‘ [N e w
“. _. w
_ . ' _.v-_;‘..m
e s tr ing " This is on

,. ‘
0'5] Encrypt th ’
—- .- tA
"monarchy"
u
4
‘
Arts:
2mm r.
e of the MnIii-lette
r Ciphe
Play Fair Cipher is on d or phrase,
I.
5 M at r ix of alp ha be ts containing a keywor
x
'2. Play Fair Cipher use5 a 5
ietters instead of singl
e letter.
is cip he r encry pts pa ir of
. Th Pair Cipher.
ak bec aus e fre qu en cy an alysis does not work in Play
4. it is difficult to bre
I ‘.hl
EXAMPLE:
-4
IA"
Plain Text: This is an easy task.
Key:Monarchy
:‘
Sims;
- u.’-fi—'.~*.
ww“.m
1. Pair the plain text alphabets in two.

it»- . . .
‘- -
Th is is an ea sy ta 5k
-
.
-.A .4. .— w a d - n u . . . 4 ' - _ . . . A'
2. If any character in the plain text is '1' then replace it with 'l'. (in our case character '1’is not present}
. . . .._ ,.
Th is is an en sy ta sk I
-.
n
a...-
t
3‘. Double letter

a ' or consecutively
‘ v repeated same letters are separated by—
\ .7
' ‘\
x or z (in our case there is
'no consecutively repeated same letters) V -
Th is is an ea sy ta sk
. odd
Ifan ' characteVr is left outpai' r 11 Wi
' ' th x or z. (in our cas
. ethere is
' no od
. d chara cter)
Th is is an ea sy ta sk
.
‘ irepare a table same as Mono
V alphabetic table bu tt
his table w‘l‘ ’ b e c a u s e '1'
beamerge tOBEthel‘. (Using Key i.e. Monarchy] l I be 5 A 5 table 3i'i' will
M o
Smarter-7 v _; -. .. Tarmrfifme
31mm
BEES
the top if at
the letter below each one (golng bath to
> liboth letters are in the same column. tnke
.
the bottom)
if
r to the right of each one (golng back to the left
> lfhothletters are in the same row, take the lette
at the farthest right) I ‘
a rectangle with the two letters and take the
> If neither of the preceding two rules are true. form
the rectangle.
letters on the horizontal opposite corner of
Th Is is an en sy to SR
th-9Rule3-9pd
iséRuleZésx
is-)R ule2 ->sx
an-) Rule ‘1-> ra
ea 9 Rule-3 9 im
sy-9 Rule 3-9q b
ta-) Rule 3-}s r
sk-> Rule 3-9ti
WW pd sx sx re im qb sr ti
Therefore, Cipher Text is: p d sx sx ra i m q b sr ti
(26] Use the Play fair cipher with the keyword: "MEDICI NE" to encipher the messaae
O
"The greatest wealth is health ".

Mayrz}
AIL:‘ [5M -
P L A Y FAIR CIPHER:
1 Play Fair Cipher is one ofthe Multi—letter Cipher.

2 Play Fair Cipher uses a 5 x 5 Matrix of alphabets containing a keyword or phrase
?. This cipher encrypts pair of letters instead of single letter.
4 I t is difficult to break because frequency analysis does not work in Play Fair Cipher
exzmeug
Piain Text: The greatest wealth is health.
Key: MEDICINE
afoe
$455 '7
r-"
_
C '11"
Some!»..7 We?iii/em
0/
2 I We M5 W..."
I'M
5mm
abets in two.
1 Pair the plain text alph
hi sh an it.h
Th onre m: as. M an lt
~ n:3 chara
' ln out’ca cter’_i ’it notprm” 0
. ~e it with7l.(
n text is' I’ then replac
plai
2' If any characterln the
hl uh on it h
Th 03 re at as tw on it
' 0‘m' 68.66! mm H
‘
" rs are sepa
same lette rated by x or'4i (in
Double letter or consecutively repeated
3
d same letters)
no consecutively repeate
hi ah on I t h
'I‘h eg re at as tw en It
‘x’)
out pair it wi th x or 7.. (we pnlr it with
4. lfan odd character ls left
W
on It hx
'l‘h cg re at as tw an it hi sh
'l’ & T will
lphnbetlc table but this tab le will be S x 5 table because
5 ' Prepare a table same as Monoa
Key Le. Medicine)
be merge together. (Using
-
"M 72’— n 1/1 c

”a. “mat
Il o p
I»:
“inmaa.
h
Cl 1' S t u
«in;
y Z
V W I X
__1
I
d-
ifat -
letter below each one (going back to the top
I
Jr lfboth letters are in the same column, take the

the bottom]
each one [goingback to the left if
2 if both letters are in the same row, take the letter to the right of
Mu...-
“' 4f “i n k - “ “ l f ' fi fl
at the farthest right)

a rectangle with the two letters and take the
a...
If neither of the preceding two r u l e s are true, form

.‘. o ‘ .
.
__
letters on the horizontal opposite corner of the rectangle.

A
.wo—
w.- q . -
Th eg re at es tw ea lt hi sh ea lt hx
.—
‘m-A-.fi._-L__‘._
m
2* Rule 3 ‘9 no
(—1-.-
H.
‘th
cap, ~> Rule 3 -9 ca

_A'v‘.‘<
re ~> Rule 1 -'> we

_.
.(.:.
at -) Rule 3 -> fr
.“_.-a. ‘“. . . ._
es -) Rule 3 '9 dr
.
rat-‘5: ...-.
53V") Rulc3-)ry
9943:(8of13.4
.
.‘ ‘.
__.
-..
-.~
‘-
i
1.
'-
.h
HAL.-
‘_'-‘
--v
Jamar!”- 7 Tapper-’1So/ufiw:
51WeWaffle/fie
ea 9 Rule 3 9 alt
It 9 Rule 3 9 05
hi 9 Rule 3 9 om
sh 9 Rule 3 9 ql
ea 9 Rule 3 9 ak
it 9 Rule 3 9 as
hx 9 Rule 3 9 IV
05 iv
WEE-311153 qo aw a fr dr ry altos om ql ak
dr ry ak os om ql ak 03 iv
Therefore, Cipher Text is: go caw a fr
Compare and contrast: Block and stream ciphers.

Q7]
[5M — Dec16]
Ans:
& Stre am Cipher.
Table 2.2: Com paris on betw een Block
large“
Block Cipher operates on block of data
Stream Cipher operates on raller units of plain text
Slower than Stream Cipher.

Faster than Block Cipher.
Block Cipher has High Diffusion.

Stream Cipher has Low Diffusion.
Requires more code.

Requires less code.
It provide integrity protection or

it does not provide integrity protection or
authen tication .
auth entic ation .
e Block Cipher is more suitable for software

Stream Cipher is more suitable for hardwar
I implementation.
implementation.
—_— -1h
Reuse of key is possible.

- Key is used only once.
.” fl—fl—‘v
Example;One Time-Rad Example:DES

l Mun-v.—
9 Application:551. Application: Database, File Encryption.
L s
afar;
99H?
"“"M
Mf r-7 7;"
W4“.1'30
03} Block & Stream Cipher.

Ans: [5M ""
Decry]
. BLOCK L‘iPflEg:
Ca’lq
l. Bind: (Zip-her is a symmetric key cipher which operates on a fixed length group of bits
Nod:
'1 it camps entire block of message one at a time.
om cipher bit stream by an XOR Opel-35m
3% in this the plain text are combined with a pseudorand
bits one at a time. '
4~
Ciphermxtisgeneratedby encrypting the plain text
S Mmmmndmamoeslndm
SHEA.” m
er.
I. Stream Cipher is also called as state ciph
which operates on his] bytes.
2 his a symmetric keycipber,
am by an XOR Operation
with a pseudorandom cipher bit stre
3. In this the plain text are combined
e.
ting the plain text bits one at a tim
4.. Ember text is generated by encryp
4-
5 MAS/1. RC
Wfiflfiflfi
Refer Q‘E.
. u- 7 _.--M
Samaria:- ‘ _ flip/mi Jail/ion:
slé‘mflcgfieamfiz
CHAPTeg - 3: sacger KEY cflggmgflx
.3 01] IDEA.
Q2 ] Ke y gen era tio n i n IDEA.
Mario]
(Q: I am - h [02 I 5M - mm]
ion Algorithm.
m m stands for International Data Encrypt
It is Block Cipher Algorithm.
n Standard).
iDEA is the replacement of DES (Data Encryptio
IDEA Operates on 64-bit blocks using a 1.28 bit key.
operations from different groups like modular
IDEA derives much of its security by interleaving
(XOR).
addition and multiplication, and bitwise exclusive OR
f.‘ iYC-EENE
RATION:
if; > The 128 bit key is divided into 8 sub parts that is 16 bits each.
on, so by doing this we will have
> Then the 128 bit key is cyclically shifted to the left by 25 positi
one new 1 2 8 bit key.
used in next round.
Now similarly as above it is divided into 8 sub blocks and will be
from which the first 5 2 keys
The same process is performed 9 times and 56 keys are generated
will be used .
3.1.
So likewise from K1 to K52 keys are generated as shown in figure
P l a i n Text (64- H i t s )
L P, (16 Bits) P4 ( 1 6 Bits)

p . (16 Bits) 9 2 [ 1 6 Bits)
..
.. ., _
.L i I" “-1
Rou nd 1
1 K‘
Round 2
L “12
l 1 1 A. ,,
1 8
‘43
Round
3 “49
K49
‘
Output Transformation
K12
: '
—
,. 4,- .. i
c, [16 Bits] e; (16 Hits) 63 (16 Bits] c , ( 1 6 Hits)
‘7
I Cipher Text ( 6 4 B i t s )
Figure 3.1: [DEA Key Generation.
Page 2! of13-4“
._
5 IsmeGUMWQ “W“ 7 1% a
WW
1. Multiply P: and K2.
2. Add P; and second K2.
3. Add P3 and third K3. -
4 Multiply P4 and K4.
5. Step 1 63 step 3.
6 Step 2 63 step 4.
7. Multiply step 5 with K5.
8 Add result of step 6 and step 7.
9 Multiply result of step 8 with Ko.
10. Add result of step7 and step 9.
11. XOR result of steps ‘1and step 9.
12. XOR result ol'steps 3 and step 9.
13. XOR result ofsteps 2 and step 10.
14. XOR result of steps 4 and step 10.
Same oper ation s are perf orm ed in 8 roun

ds.
m—
l
o 3H2
‘
”—4.53 . Hi
v
«s-——-.--——»E3
G)
X
r'
as J 6
T ‘7 '\ 1r
- Figure 3.2: Encryption round o l E A .
figmence ofolgera tion in last round:
1. Multiply P1 With K49.

2 Add P2 and K5”.
3. Add P3 and K5].
4 Multiply P4 and K52.
J‘ I
Page22of34
3 lMW WM- 7 Y'afl/icr': J's/amt:
03] lilowflnh
Ansi [5M - Mayi7]
W
i. Blownsh is an encryption algorithm.
2. it can be used as n replacement for the DES or 1mm algorithms.
.3. it ls a symmetric block ciphor. |
4. it was designed in 1993 by Bruce Schnoior as on alternative to existing encryption algorithms.
5. it uses a variable-length ituy. from 32 hits to 448 hits.
6. it useful for both domestic nnd oxpurtnhlo use.
This symmetric cipher splits messages into blocks of 64 bits and encrypts them individually.
8. Blowflsh can he found in soi‘twnro cntogorios ranging from e-commorce platforms for securing
payments to password management tools. where it used to protect passwords.
Slfiufliuglj QF BLOWFl§ii ALQOISITHM:
| P (M um)
L n "
ls'r
i
>4, l
\ “1—“ OIII‘IIIIIIIIti-S’2‘ I I O I I I P I W E"! ! ‘ £ ! 3—] ES‘IIIIIInIIIIOIIIOII I‘l’IIIIII . a“° tui'u'
,, x;
“sti— “$3717.? F—jv—m- . _.. >
" 5 ---->IZ'I~‘_3-l:p_if:i----*- '- ’
{al‘tltllil agfifiginu‘nfiéilinvngluon-Itoonun‘r- CI; 1'! ’4
M
MW.
1 1511mm
. rounds
~--—-— MM---fl” Hilda IMt

II "I' “ m u m swap
Mp'
0.
put-0
"M -I
and ml.
. if - ’ wldltoninL'-
(:81: “3‘13 l\17-._—___§
r
., r: ( m hits)
._.....__ ._._.__..__._..___..__:i_
i
_
P-Piainlam; C-Ciplmiwt; Kx- F a n n y out”; .v

e _ 39, 83 In uiclitltm mod 2'3?
Figure 3.3: The Hostel structure of ilinwfish.
939923ofm
rI
3W _7 ' (JP/Jar} 60%
3 1mm WWW
block size.
h has a 6 4 -b it
Biowfis from 32 bits to 448 bits.
f anywhere
It has a key length o
estel cipher.
it is a 16-round Fi
pendent S-boxes.
It uses large key—de S-boxes.
ct ur e to CA ST -
12 8,which uses fixed
It is similar in st ru
bits.
Each line represents 32 fou r 25 6-e ntr y
5-b oxe s,
ry P-a rra y an d
ke y arrays: the 18—ent
The algorithm keeps two sub
t.
The S-boxes accept 8-bit input andproduce 32 -bi t outpu block
nd, and after the final round, each half of the
data
One entry of the P-array is used every rou
tries.
is XORed with one of the two remainingunused P-en
g K17 and K18 to the
Since Blowfish is a Fiestel network, it can b e inverted simpiy by XORin
ciphertext block, then using the P-entries in reverse order.
Figure 3.3 shows the action of Blowfish.
Q4] 3 Key generation in IDEA and Blowfish -

Ans: Dec17]
[5M -
KEYGENERATION IN IDEA: .
Refer Q2.
KEY GENERATION IN BLOWFISH:
Blowfish algorithm i s divided into two parts: Round

Structure and l’ey
. Expansnon Fu z1ct'ion.
0 Bound Structure [ D a t a Encry ption:
‘-_.._.._.,_,._.,._,
—-——-
_v‘
G.) zxcR L Plain Text 1 6 4 bit

‘
XL 1
l ‘
‘1 ER
P1 -
“(;>'—'—* I : l5. (+ )
\
‘_.
4:“ g
~F -—-—-—. +
i
13M ore ltet atiu ns ‘ .
.VVVVVVVVV
Fifi—o-
+ ._._____. I"
__ ‘_‘ +
”17 ---. 2L
( + >P18‘
l _J
.- . Cipher Text 64 bit
_, ' —\ Figure
fl
3.4:Data Encryption,
, , p ‘ _ -—-—~_____\\
@399 24 \\
ofgz NWW
3 IMKQ' m a 5m"? Topper}6'06l
Data Encryption has a function to iterate 16 times of network.
Each round consists of key-dependent permutation and a key and
data-dependent substitution.
All operations are XORs and additions on 32-bit words.
The only additional operations are four indexed array data lookup tables for each
round.
Alznflflmn
Divideit into two 32-bit halves: x‘L, xR
Fori = 1 to 16:
xL == XL XOR Pi
xR = F(XL)XOR xR
Swap x1.and xR.
Wrap XL and xR (Undo the last swap.)
XR = xR XOR P17
XL = XL XOR P18
Recombine XL and xR
11)
Waiting
sens. Shils 3b|ns sens
u
8-13t
!
S-box
i
S~box i S-box
1 2 3. 1 4
3:: bits 32bits 32 bits 321mg
('1
kg ,
l—I']
Figure 3.5: Key Expansion.
'3’ Key Expansion is used to convert a key of at most 448 bits into several subkey arrays toraling
4 1 6 8 bytes.
> These keys are generated earlier to any data encryption or decryption.
> The P-Array consists of 18 sub keys of32 bit. Le. P1- P18
3» Four 32-bit S-Boxes consists of 256 entries each i.e. Slo - 31255. 820 — 32255530 - $3255&S4n - S4255
William
1. initialize first the F-array and then the four S-boxes. in order, with a fixed string. This string
VVVV
consists ofthe hexadecimal digits ofpi (less the initial 3): P1 =- 0x2‘i3i6nr38, pg _—. 0x85.:308d3. p3
= 0x13198aZe, P4 = 0x03707344, etc.
2. XOR P1 with the first 32 bits ofthe key, XOR P2 with the second BIZ-bits of the key, and so on for
all bits of the key (possibly up to P14).
Page 25 #34
swam WW"%
i! SWW
(1)
3, - With the Blowftsh algorithm“5‘"3 the “We”
Encrypt thea II-zer 0 string describe”, inmp3
and (2). '
the out ut ol'step (3). .
wfish alg orithm with the modified subkeys.
2. 2:33: ftleadIudttlattl'ts (3) uZing the Blo
step (5).
5, Replace P3 and P4 with the output of
With
S-box es in order,
7. Continue the process, replacing all entries of the P array,and then all four
g Blowflsh algorithm.
the output of the continuously changin
required subkeys.
8. in total, 521iterations are required to generate all
Q5] Explain workingof DES.

Q6] Explain working of DES detailing the Fiestel structure.
Q7] Explain DES, detailing the Ficstcl structure and S-block design.
Ans: [Q5 1 10M — May16], [Qé l 10M - Dcc15] & [Q7 l 10M - Mam-7]
2.5.5;
1. DES stands for Data Encryption Standard.
2. it is also known as Data Encryption Algorithm or DEA - 1.
. 3. ‘ It is a symmetric—key block cipher published by the National Institute of Standards and ;
, Technology (NlS'l‘).
4. DES is an implementation ofn Feistel Cipher.
5. it uses 16 round Feistel structure.
6. DES is nothing but an algorithm developed by IBM based on “Lucifer".
7.
‘ The successor of DES are Triple DES, G - DES, DES - X,
8. DES algorithm is a powerful combination of two
basic encryption tech niqu es,
a. Confusion.
' by Diffusion.
_....,
.- -, _.
~ ”. . h i fi _
WORKING:
F
Figure 3.6 shows Working of DES.
L mun‘r-uan an.) ‘1
L-“Jllfl’lai Per—mutation UP} ‘1

.L...
.*.v
a":
——
I“; ‘ _- E --——
fl . 1'0 "M9011.
l .....
"Al“.-
, Fin al r'l'flflflll‘on
I
l r mph-r Tut (64 um}

I
4 ' 3-6:
“3”"! Working nf DES.
page
26 #64 5 MM" w w...“
...._._,,, .. W.
slew-fem
W4 +. WWW!
1) WW
3 Initial Permutation mea ns rear rang ing the hits of the plain text.
> Initial Permutation is performed over plain text.
> For mP- c 1010101010 -) 1111100000
> It produces two halves of the permuted
blocks i.e. Left Plain Tex
_ . - . _ _ . —. _ ._- . _ - . -
t (LP’I‘) 8: Right Plain Text (MT )
1!) Wm
_—. _- —
> Each Round in DES performs following
Steps as shown in Figure 3.7
32 Bit: 3" Bit:
L 1 L .41
.IUIOUCIU‘IIIIOUO
I...
L317" I [25771
Expansion 1
Permutation E lion Shlft (s) I ll.“ Shift (9) I
~18 i
.
E
I
__
.‘----l---
XOR ‘ ~ rI \
1r
,l 118
E Permutation]
l
Suhstitution/ 3
Choice (S~Box) '
Perm utati on
L lat-1
I ‘~ .
*1" r-
0,-1 7 L DH _|
Figure 3.7: Fies tel stru ctur e o f Det ail

o f o n e r o u n d i n DES .
11]) Rev Disc ardi ng Proc ess:
> 5 6 Bit Key is used durin g encry ption proc ess.

3'
ln Key Discarding Process. 56 bit key 15
transformed into 48 hit key by discarding
ever y 3:»: bit o f
init ial key .
W)
Wiley;
> in Exp ans ion Per mu tati on. the
right hal fis exp and ed fro m 3 2
3* bits to 4 8 bits .
Expansion permutation permutes ord
er of the bi t and repeats certain bits. so
of first XOR oper atio n are com para ble. that both the inputs
“ha
Page 27ofm fl“ *—
16‘m Im 0 mum-J _ 73f
P”1%!
5
v) SW0“
In: union Pun-mu tation
»
guy Tram-turn! in I 0 “ (fixpuz’id RP'!‘ 3 2 to w Black.)
(Cflll‘l’n'. M 60 to 4” ”I” "—— _
gamma»? 1
I xon 1o——--r
r fl-[omibnimiiuu j
Figure 3.8: S-Box Substitution.
Le S~Box Substitution is the process which accepts 48 hi t key and expanded right plain text of4a bit
which get XOR and produces 32 bit output as shown in figure 3.8
Vi)
' W
5" i t is similar to initial Permutatio n.
> in this step, the 32 b i t output from eight boxes is permu ted.
V")
WE:
In this Step, th e output of XOR operation‘be
comes new righ t pla in text a n d o l d
right. plain text:
beco mes new left plai n text.
The complete process is called as XO
R and swapping operations.
Original 6 4 b i t P l a i n Tex t
__ 1
F V
L 32 bit LPT Block I
‘
—— I 32 bit RPT Block I
—-— __
f... ______________
_____
_.fl ~ . I
I
a I i 393'
.. -; , .. Tran sfor mat ion
‘7
. . '"3- E
Sx poa xn sSi lol bns tPerm
:
,. . I
I. I. I -B l t u u o nutatio n i
-".:A
.
“a
I.
H ‘ .
.
'
, ,
.
.
.
+ _+
___71
I
i
’32 bit LI’TBlook

.
g 4'
———————
P-Box
""""""""""
Permutauau
...:
I
:
I
\—
' '.. .t , ‘- “l
32 b " RI‘T “N"
‘J Ne xt R o u n d
._
. I litigureagxo
-. . W"); Hummuaumn " “Wm
':y
.i I .- i,
.
.y‘ .
ilnaliermutatlonls pe
I. ) l
. ‘ -. -I'.
3? rformed after-success
.~ T .~
‘ . .
“l
.ltpioduces e4-bit encrypted block, mp'e
[l (‘0 ‘
3 ”WWeCoPM Sm-7 Town-3%
QB] With reference to DES comment on the following:
( i ) Block size and key size.
(ii) N e e d for expansion permutat ion.
(iii) Avalanc he and completeness effects.
(iv) \Veak keys and semi-weak keys.
’ (v) Role of 8-110):
Q9] What is the purpose of S-boxes in DES? Explain the avalanche effect?
[(28 l 10M ~De¢1718rlQ9 l 5M*M8718]
L.
1. DES stands for Data Encryption Standard .
2 It is also known as Data Encrypt ion Algorith m or DEA - 1.
3 It i s a symmetric-key block cipher publishe d by the National Institute of .1
Technology (N lST).
4. DES is an implementation of a Feistél Cipher.
BLOCK SIZE AND KEYSIZE:

> Key sizes: 5 6 bits (+8 parity bits)
> Block si2es: 64 bits
NEED FOR EXPANSION PERMUTATION:
> The heart of DES Cipher is the DES function.

1;: The DES function applies a 48-bit key to the rightmost 3 2 him to produce a 32-bit output.
> Since right input i s 32-bit and round key is a 48-bit, Expansion Permutation is med to expand
right input to 48 bits.
AVALANCHE AND COMPLETENESS EFFECTS:
> The DES satisfies both the desired properties of block cipher.
K
r These avalanche and completeness property make cipher very strong
- Avalanche Effect: A small change in plaintext results in the very great change: in the
cipher text.
. W Each bit of cipher text depends on many bits of plain text.
‘0,
WEAK KEY 1N DES:
Four out of 256 possible keys in DES are called Weak Keys.
v
A weak key is the one that, after pal ity drop operation. consists either of all Os. all 15., or half 0;;
and half 15.
> These keys are shown in Table 3.1.
toys 29affix);
r.
-w..._
F—qw
. V ' ‘ ' W" ' - IUIJFW'J'Q'O "
MMWWW‘J “m 7 k ke ys .
~ \M‘“
fl
Ta bl e 3 . 1 : W ea fl“.
”" A ct ua1 Rey0(055 bits)
0000
f“
drop (6 4 bl-tS) i
Keys before pariti es
' 000000
V
.0101 01010101
0101
if 000 000 FFFFFF
OEOE
l F l F 1F1F OEOE
FFF FFF F 0 0 0 0 0 0 0
EOEO EOEO F1F1 F1F1
FFF FFF F FFFFFFF
' FEFE FEFE FEFE FEFE fl
as
. The round keys created from any of these weak keys are the same and have the same Pattern
. the-cipher key. _
'> . Weakkey is the inverse of itself.
. SEMI-WEAK KE‘i’lN DES: .

‘9 There are six key pairs that are called semi-weak keys.
> ' These six pairs are shown in Table 3.2 [64-bit format before dropping the parity bits) I
Table 3.2: Semi-w eak keys.

_ ‘ F i r s t k e y i n the pair S e c o n d key i n the pair
_ OlFE OIFE OlFE OlFE FE01 FE01 FE01 FE01
' IRE-0 1FEO OEFZL OEF l I710E
E0117 E O l F F105
1 0 01E1
01E 4 1
01F 01F1 I
E001 E001 F101 F101
1FFE l F F E OEFE OEFE
F E l F F E- l F FEOE FEOE
. .—
-. .—
. - 0111. :0111e 010E 01012y
1F011F010501DE01
' - - EOFE EOFE FlFE FiFE ‘ “ ‘
_' - . r ' _ ‘ F5130 F E E W
. ' ’ Asemi-wp
'5
F
. ‘> . The s be
‘ . D I x e s p d l o h t h e real mixing (co nfu sion
" ES )
i usesBS - " h 0X ' ‘. V '
,1 _
'4
es. each With a 6-bit input and a
- ' 0
4‘ b'1L O u t p u t
If;
:1. "'1'”? HIS-Boxes -. l I ‘_ 7 ' 48—bit input
aim “R- xx 1
.'-.~.. 0,." §:BOX Jf SEElJQ- &
3 ' _ “ x
I \\ ‘ 32-bitpul
3 Ham!W Sonata»-7 f 722mm":d’aficliam
x. The 48-bit data from the second operation is divided into eight 6-bit chunks, and each chunk is
fed into a box.
The result of each box is a 4-bit chunk.
When these are combined the result is a 32~bit text.
For example, in 81, for input 011001. the row is 01 and the column is 1100.
The value in row 1. column 12 is 9. so the output is 1001.
Qlo] Describe triple DES with two DES keys. 18 man in the middle attack possible on
triple DES?
Ans: [5M - Dec16]
1. The DES algorithm uses a key length of 56 bits, with which becomes very easy for an attacker to
break the encryption.
2. To improve the security of DES at higher level Triple DES was proposed.
3. This uses three stages on DES for encryption and Decryption.
4. it has two versions: Triple DES with Two Keys and Triple DES with Three Keys.
F in this two keys are used.

3* in first and third stage Key K1 is used while in second stage Key K2 is used.
)- First the plain text is encrypted with key K1 then the output ofstage 1 is decrypted with key K2
and final output second step is encrypted again with key K1.
> Figure 3.8 shows the encryption & decryption using triple DES with 2 keys.
K1 K1 K2
K1 K2 [(1
rig—r.
c p_,_L_...-—+|:l—
~ C
Figure 3.10: Triple DES with 2 Keys.
P No Man-in-the-middle attack or Meet-in-the-midtiie attack is not possible in Triple DES.

EMU/pt
’ For the given known pair of plain text-cipher text (i‘, (I). the attacker will p W m . “H 23:.
possible keys for K1 (size oikey is 56 hits in DES) and Decrypt C with all 25" possible keys for K2.
“ E (K1, {1) -.-. D (K2, C) then K1, K2 are most likely the correct pair of keys.
‘f
‘4!
The attacker confirms this key pair by checking it with another pair of P, C.
7749193!0,934
73mm65%..
seam-7
W attack o r Mee
t~ iwthevmiddle attack. three
stages
.1
unter Man - in -t he om id dl e
in order to co .
>
w it h tw o h rent keys is used
diffe
ty p ti on ‘ . .. - ' I l a
encryption-- d ec ie attack to 2 “" Willem
,- ' .
id dl e at ta c k or Mee t-in- them udd

e m
st of the Man--in--t
This raises the co
w.
not practical for no leng
. it ha s th e dr aw ba ck of requiring a key
> However
.
somewhat unwieldy
d for less number of keys.
For this reason Triple DES with 2 keys is use
get the same cost of attacking
Us i113 Triple DES with 2 keys we
~ ther K1. _ $6 “350",,
One half has (K1. K2) and the o
s 2 op
g the firs t hal f cost s 2112 ope rat ions, attacking the second hal f cost
Attackin
key gene ratio n sche me in both these

2211] Compare DES and IDEA. Explain the round
algo rith ms.
[10M - Demo]
Ans:
COMPARISON BETWEEN DES dc IDEA:
T a b l e 3.3: Comparison b e t w e e n DES 8: iDEA.
‘.. 3;“. 31.1",— . {-f’‘ V ‘‘

.t - ,
_7_'=‘
DES Stands for Data Encryptton standard lDEA stands for Internation al Data Encryption
Algorithm. Algorithm.
it uses 56-bit key. it uses 128-b it key.
DES is now considered insecure (mainly due to a Considered to be a good and secu re algorithm. .
small key size of 56-bits). i 5
_ DES divides plain text/c ipher text'into 64 bits per IDEA divid es plain text/ ciph er text i n t o 64
_._—fl 3
bits per
blOC]\.
block. *
it has 16 rounds of encryption/dec i
ryption it has 8 rou nds ofen cry ptio n/d ecry ptio
process. n process '
,
foll owe d by a fina l rou nd o f mm?“1 l .

l
transformation.
11 Each « round us es di ffe re nt 48 -b E
it 5ub key Each o f t h e 8 r o u n d
.-
generated from the 56-bi s u s e s dif fer en ‘. 6 sub key and l

.—
t key.
o
i n different su b ke ys
last round uses 4 sub keys.
are used In DES M
“new... .
E55 !3 w ea ke rm 5 2 diifE ient st. [1 ke
than iDEA. M ys ar e us ed in [DEA
“fix a _. ‘
'”~‘ ‘1.5u. “ :
DES. %m*w-—-_._.___~_7_M_H
“up.“
Sli'0nger than
its
.
Round key ge ne ra MM
tio n scheme in DES'

t
.
e—- v- .' ' “ - u
‘~ Refer QS.
-*4
v.
IMM
-’ . ' CHI-p
-
_
‘—
"r
1— " _"0‘
'vr-v-r,- -,——.
V
slwfl gflm Jamaica--7 “PM?

A,
Round key generation scheme in IDEA:
'5 Refer Q2.
Q12] What are block ciphers? Explain with examples the CBC and ECB modes ofbloc;
ciphers
Ans: [5M - 0:136]
BL KC HIE : -
1. Block Cipher is a symmetric key cipher which Operates on a fixed length map of hits. cam
block.
2. It encrypts entire block of message one at a time.
3. i n this the plain text are combined with a pseudorandom cipher bit stream by an XOR operatim
4. Cipher text i s generated by encrypting the plain text bits one at a time.
5. W RSA. Diffie Hellman, DES and AES.
MODELS OF OPER ATION:

I) .B de:
Fe ECB Mode stands for Electronic Code Book Mode.
> It is simplest encrypti on m o d e .
> The message is divided into blocks. and each block is encrypted sepamteiy.
> if the size of plaintext is not a multiple of block size. padding is used to maintain uniform size of
block.
n and decryption of each bieck.
> Since it is symmetric, it uses same key for encryptio
as shown in figure 3.1L
> The encryption and decryption can be done as follows
Plaintext mama,“
Plaintext
' l ‘ ‘
-.
— a
. .
_
' ,. Mack ciphe r
block ciphe r
' encryption key ' encryption
K27
l max-1
l
11m
' rtcxt
Ciphe
-
ctPhMEA t
Cipheftext
ption
Eiectronic Code book (ECB) mod e encry
Client-den Cphertut 1
Ophertext
I
l
‘ "lh
r “ _. _ I b -a g"s ? ? ?4“
---—-"'1
Noel! oping
' Kt“ . ' "' plots 'cipher
"V "’ iron!“ I; " ‘1“"{""‘“ . “ " 3 " “"‘ u
l u
.
I
I
'
(1111 _
Hm!!!“ Mm:
names:
e decryption
Electronic Cod eboo k (ECB) mod
Fig ure 3.1 1 : ECB Mo de.

f’a jw
#64
3mm" 7 ‘ Topper?3:65.:
W“! 1
"i Mile: gMode
for Ciphe r Block Chainin
y CBC Mode Stands
it was invented by “3M fECB Mode
:9 -
ies o . ,
rcome the security de-ficienc being
XOR ed with the prev ious Ciphertext block before
> It ‘8 “sad to ove ch block of plaintext is
> in CBC mode, ea
.
encrypted. ed u to r t P; int.k
tha
h cipher text blo ck dep end s on all plaintext blocks process P
> This way, eac "St 0C
d In the
ke eac h mes sag e uni que, an init ialization vector (IV) must be use
3' To ma 2. 3.1
done as follows as shown in figure
-> The encryption and decryption can be
Plaintut Planter:
Maintain
$ é
initialization Vector ( M r————-—-—-.
,_¢n ‘W
m~ was my-—- m2: m—»

r
asst:
‘ ‘ bl ' h .
i—-—--mami——-- LIDIIIIEi UIII

Cipherten O'phcmxt Ciphertcxt
Cipher Block Chainlng (CBC) mode encryption
Ciphertut Ciphertut Ciphertext
fI 0111;111:
t‘ 1111] crummy:
:
w—~ hi .it
than: an-* ”42:35
i h
‘
.2: m--» ms:
i
initialization Vector ( M
W—* :4, _____,_____..é
mm W
Pisintut Plaintext
Cipher Block Cholnino (one) mode decryption

Figure 3.12: CBC Mode.
.
lithe first biock has index 1, the mathematical formula for CBC encryption is
q{vv..’'
‘ m r m““
Ct = Ex (Pi 6-) Ci- 1) and Co: lV
While the mathematical formula for CBC decryption is
P i : 050:1) 63 Cl.) and Co: W
'7 M.
013] ‘ Enc
g rypt the message "Cryptograp
H“
Lana—w
hy is fun
. " with a mu ltiplietttlvo
A 15. Decrypt to get back original cipher with km"
plain-tip
xi
‘7‘—
ns:
.g‘A
'
_
[SM n iicm'tl
-_ _ _ ‘ .
MEL—MP
'cam'fi ClPflfifi;
1. w ,, .
cipher cl ' hm ‘
' ..2J ”Ultipiic
it is similar f l pa
to caesar ‘3
atwe hetype
r °f3l1bstitution p
m...—
NH-
_--
,
1949‘” afot;
M ““WWWWW
IJWflcaMra/b/y Semarfar-7 bper': J’oficfiam
3
plication.
3. The only difference is instead of addition, we use multi
as:
4. Multiplicative cipher can represented mathematically
C = (P x K) mod 26
V P : (CxK-l) mod 26
.
5. Multiplicative cipher has only 12 possible keys
EXAMPLE:
Plain Text: Cryptography is fun
Key: 1 5
En mum
C = (P x K) m o d 2 6 Ciph er Text
Plai n Test Num ber
2 2 x 1 5 mod 26 = 4
C
1 7 x 1 5 mod 2 6 : 2 1 V
R 17
24 x 15 mod 26 = 2 2 W
Y 24
1 5 x 1 5 mod 2 6 : 1 7 R
P 15
1 9 x 1 5 mod 2 6 : 2 5 Z
19
___
T
14 x 15 mod 26 = 2 C
? 0 14
6 6x15mod26=12 M
G.
1 7 x 1 5 mod 2 6 : 2 1 V
R , 17
A
0 OX 15 mod 26 : 0
A
-w—rzl-w-v-w—q=l‘.’""“w"'___vr'_~
15 1 5 x 1 5 mod 2 6 : 1 7
_P
___ _ 7- 7x15m0d26=1
H
24 x 15 mod 26 = 2 2 W
Y 24
8x1 5mo d 2 6 : 1 6 Q
"F l 8
18x15 mod 26:10 K
S T?
5x15mod26=23‘ X
F 5
#7?!”— 20 20 x 15 mod 26 = 1.4 0
a"!
13 13 x 15 mod 26 = 13 N
" N
9.9mm ‘
P : (C x K4) mod 26 Plain Tex-t‘_——}
Ciph er T e s t ”7" Num ber
#'
4 4 x 7 mod 26 = 2 C
E ;___.
21x7mod 26: 17 R ’—
v “—Wfi 21
22x7mod 26:24 Y
W 22
17x7 mod 26=1 5 P
R 17
177479.935 0/64
"2
3”,n * denim-‘7 Tap/333%“
/ r/r' 25x7mod 26:19‘ - "71”“;‘1
m”
_ “rang;
2 x 7 mo d 2 6 = 1 4
iflnlt'dé'fjf;
’12x7mod 26:6 (i “"7 “ti
' 12
fl/
21 x7 mod 26 = 17' “if“ ‘7‘“c
Mfr/T“... l A ‘ “ ~\\%
Mfg/.61
0 x 7 mod 26 = 0 7 7 7
17 17x7 mod 26 = 1 5 M P’ 1 “it“J
_........_F R * ”fir-“mi
lx7 mo d 26 = 7 w — ‘
__ B 1 7““
22 x 7 mod 26 =5 Z4 W WWW it”
W 22
w w" ” 5 - . . l
16 1 6 x7 mod 2 6 2 B
"f Q
10x7mod 26278 ‘ s m
x 10
Eifimud 2‘63”” F
x 23
+14
x7 mod 26 a 20 u
o 14
7f 13 x7 mod 26:13 N
N 13
Th e key to be used is "h ill"

to encrypt the tex t "short".
Q14] Use Hill cipher
[10M -— M3318]
Ans:
HILL CIPHER:
ic sub stit uti on cip her .
1. Hill cip her is a pol ygr aph
l i n 1929.
2. - Inv ent ed by Le ste r S. Hil
a.
3. It i s ba sed o n lin ear alg ebr
ple of a blo ck cip he r.
4. The Hill cip he r is an ex am
du lo 26 .
represented by a number mo
5. In hill cipher, ea ch let ter is n. matrix. against
h blo ck of n let ter s is mu ltiplied by an invertible n x
6. To en cry pt a message, eac v
modulus 26.
rix use d for encryption
is multiplied by the inv erse of the mat
7. To dec ryp t the mes sag e, eac h block the set i
the cipher key. and it should be chosen randomly item
8. The matrix used for encryption is §
of invertible n x n ma tri ces (modulo 26 ).
Pla inte xt: short
Ke y: hill
F7773—
c D E F'
.— -m— .___ v__vv——_‘ .‘ v __ ——-
(
‘— '-
.9.
3 l Jam! W Samariu- - 7 Topper} d‘o/ut'lam
..
We have to encrypt the message ‘short’ (n It 5). The key is ‘hill'which can
be written as the n x n matrix:
fl_
”l”: I: “4171 181]
-v*i--}
.
. v l l ‘ q7 — w w fi -
5mm“?!
:2 :1” [178 1147 1o9
'1‘
The enciphered vector is given as:
"_
"M '
[171 181][178 1147 1091”" (294:3:
3:: $33] “0“(263
vw
"" [105 g 2]
nv’
Wm
--- EXTRA QUESTION --

Q1] Variant of DES
Ans:
DOUBLE DES:
1. The DES algorithm uses a key length of 56

bits, with which becomes very easy for
an attacker to
break the encryption.
2. Double DES is the encryption standard whi
ch provides greater security, sinc
e it uses key length
of 80 bits.
in this two keys are used say K; and K2.
it first performs DES on the original plain text
usingKey K1to get the encrypted text.
i t performs DES again on the encrypted text but
this time with the other key K2
.
The final output is the encryption of enc
rypted text with the original plain text
encrypted twice
with two different keys shown below in figure
3.13.
Egufl’}
- T" 5’1"”) _ C = wEK1{P))
Ensin
Oria na!(P)
Plain (PD
Text .- t empKey
orar(1') I
EuJ'yp y Cipher .__ Enclfpt ‘ Final Ciph
(C) er Kev
.
L l J I
K, K2
Figure 3 . 1 3 : Double DES.
Man in the middie attack is the draw

back of double DES.
P96370f134
‘
Jinnah-'7 _ i ”PM?we“
W \
5 was proposed.
1 cross at higher lev ple DEtion.
el TuD
To impr ove the securl Y ' cryp
1
'
2, This uses three stages
0“
, - " and e
DES for encrYPt'O
' 3, it has two versions:
1) W
P m this two keys areused. K2 is1used.

. d d
Key
In first and third stage K1 is
056d
whiie in second stage Key
>
} First the plain text is encrypted With key K1
the"
the output Of stage 15 ecrypte Withken
and final output second step is encrypted again- With key K L
>’ Figure3.12shows the encryption 8a decryption using triple DES “nth 2 keys.
K‘
K1. K2 “I T T
Figure 3.12: Triple DES with 2 Keys.
ii) Triple DES with Three Keys:
7-" in this three keys are used. . .

i} In first stage Key K1 is used while i n second stage Key K2 is used a
n d in t h i r d stage key K3.
fr" First the plain text is encrypted with key K1 then the output of stage 1 is decrypted With keyfi
and final output second step is encrypted again with key K3,
I
“‘ Fi gore 3.13 5h ows the encryption
‘ 8c decryption .-
- using .
triple DES with 3 keys.
K1 K2 K3 .
l V K: K2 K3
T47, J. I 1
P
“1—4“? .54L" c v
E . n A .
D' q -._‘.'L‘._.i
a .L {'D‘L.
1' .. c
Figure 3.13: Trip
le DES with 3 K
eys
: I .ye-twnv
i
_._WWW——1
w ‘— WW“, ~37 w.
4 I Puéfi‘cmm Smarter- 7 73”»?d‘ofirfiam

CHAPTER ‘ 4: PUBLIC KEY CRYPTOGRAPLIX
Q1] Elabo rate the steps of key gener ation using RSA Algor
ithm.
Ans:
[5M .- M n y 1 6 ]
35A:
1. RSA is a public key encryption algorithm.
2. RSA is derived from its inventors Rivest. Shamir and Adieman in 1978.
3. RSA works on the principle that says it is too difficult to find the factors
of large prime numbers.
4. it involv es multip lying two large prime numbe rs.
5. it is used for both public key encryption and digital signature.
6. RSA uses modular exponentlation for encrypting and decrypting the message.
ALGORITHM:
1. Choose two different large random prime numbers say "p" and "q".
2. Calculate n = p x q. Since “n" is the modulus for the public key and the private keys
3. Calculate the totient: a (n) = (p - 1 ) ( q - 1 )
4. Choose an integer "e" such that 1 < e < El (n) and ”e” is comrlmu to id (M) Le. "s" and (4 (it)
share
no factors other than 1.
5. Fmd out decryption key “d" such that e * d = 1 mod (p - l ) (q - l ) .
Encrypt the message “m" using encryption key e, c a me mmi n.
7. Decrypt the message "m" using decryption key ti, m n c"mmi ii.
In above algorithm, e and n are public whereas d is kept public.
Q2] Briefly define idea behind RSA and also explain

1) What i s the o n e way function in this system?
2) What i s the trap door in this?
3 ) Give P u b l i c key a n d Private Key.
4) Describe security i n t h i s system.
Ans: lioM = May”!
RSA:
Refe r Q1.
What is the o n e way function in this system?

> A one-way function is a function that is "easy" to compute and ”difficult" to fEVEl'QQ.
L;
-
---
0/434 a... ..——.-—-.- q
@659
fifp‘"&%
4 I’Puéfic Key Cgmmféz 3mm "' 7 , _, w , _____m__
' ' o f RSA.
' secu rtty
> There are two one-way functions involved'1n the
. Encryptio n Function-
- Multiplication of Two Primes.-
What is the trap door in this? _ - _. a , _ . A_ . _

> A trapdoor function is a function that is easy to perform one way, b u t has a secret that is requ;re
to perform the inverse calculation efficiently.
ii Trapdoor in RSA is the private key.
Give Public key and Private Key

> Refer RSA Algorithm from Q1.
Describe security in this system.

> i There are two one-way functions invo
lved in the security of RSA.
1. Encryption Function:
The encryption function is a trapdoor one -way function whose tra
pd oo r 15 the private key.
> ' T h e difficulty o f reversino - ' u t the trapdoor knowled
kno wn) to b e a s diff icu lt as fact
ge is believed (but not
oring.
, 2 . _- Multiplication ofTw ‘o Primes: --

_> _ " The dif ficu lty o f determ
ining an RSA private key from an RS
A p u b l i c k e y is known to be equivalent
to factoring n. . .
-> - An attacker th us
-c an no t use kn ow le dg e
of an RSA public ke
unless they can factor n. y to determine a n RSA private
‘ . '- ' ke
. _ 3"
Z‘r - . Because multiplication of two primes
is believed to be a on
e-- W ay fu nc tio n,
private key from an RSA public key 15 bel determining a
ieved to be very diff ic u lt ‘ ngRF-S
.
Q3] - r In an RSA \\
5378t the public key (3, 0f user .
defined as (7, 119)
n)
(1),,
A 18 \-
Calculate and private key 11. wh

m=1o,using the public .
key?
Ans:
Rsn~ ' , [1031‘ Dec151

Refe r Q1.
gamete:
Given;
Public Key (e, n) = (7, 119)
lIW G (n) and private key ‘6'.
“ ‘I‘D--- 0;.0-1. _ I ‘ A 4 a N“
4 l @662: Kg Cgpfqgmpfij Jana!” --7 Topper}50%
n = p x q ...........where p 8: q are two prime numbers

.-.p=17andq= 7
:-
‘ Now0[n) =(P'1)X(Q'1)-
1 = (17 - 1) x (7 _- 1)
3d.
. ‘3, = 16 x 6
‘
" . =96
E [n] = 9 6
Now Private Key 'd’ -- like—gm '

.1
_‘_ 1 + 4 (96)
V
‘ 7 .
= 385/7
= 55
d = 55 '
Thus, private key i s ( d . n ] = [ 5 5 . 1 1 9 ]
Then As given m = 1 0 _ _
Using formula for encryption key e: 'c = 1me mod n
‘ ; 1 0 7 m o d 119
. V = 73 .
Cipher Text (c) = 73.
Q (n) = 9 6 , d = 5 5 & Cipher Text (c) = 7 3

__
Q4] - A-and B wish to use RSA to commu nicate secfirel y. A choose s public key (0, n) as
- ' (7, 247) and B chooses publicpkey (e, n) as (5, 221). Cale ula te thei
r priv ate keys.
What will b e the cipher text sent} by A to B if A wishes to send message m =5
securely to B ? ' I ‘
[10M - May-'16]
EX AMPLE:
ID
wen;
A: Public Key (e, n) = (7. 2 4 7 )

' B: Public Key (e, n) = (5, 221)
To Calcu late: (2} (n) and priva te key 'd'-
*5
Page 4! 01’34
7W%
“WW WW7 #_
591mm
F93 A;
ea 7
n = 247
Since n = p x q ...........where p 8:q are two prime numbers

«p = 13 and q = 19
Nowflm) =(p-1)x(q-1)
=(13-1)x(19-1)
=12x18
= 216
-’-¢(n)= 216 .
Now Private Key d + k a 0‘)
-_—-. __...__1
' e
= 1 +1: (216)
“.7 ’
Whenk: 1, _
Private Key d = M
“up
' 7
-‘-d==31
'm.‘\Wz
FOR B:
:h1f “fi,fl w q r
e=5
3:221
<
Since n ==p x' q ......
.....where p & q are [W
;"P=13'andq=17
0 pl ‘ i m e numbers Q
NOW“ (fl) = (p ,_ 1) X (q .1.)

-
5(13'13XCI7-1)
‘=12x16
’
I
=192
"I
"401) z 192
Now .a
b'P-N
' Private Keyd w
\\
r' _
_‘,‘
r‘v‘
,
QMW W4 fem—“W
- I + 155192)»
5
Whenit - 1.
141—5922
Private Key d -
. 193/5
a 38.6 (which is not an integer)
WhenI: II 2,
2-3;!!!)
Private Key d I
I 385/5
- 77 (which is an integer)
nd-77
W221]
Now. A wishes to send message m a 5 to B.

A will encrypt the message usingpublic key of B (e. n) s (S, 221)
P u Plaintcxt =3 5
2:
C a: Ciphertext ?
C =2 P-‘ mod n
:2 (5)5 mod 221

= 31
05] A and B wish to use RSA to communicate securely. A chooses public key as (7,
1 1 9 ) and B chooses public key as (13, 2 2 1 ) . Calculate their private keys. A wishes
to send message m = 10 t o B . ‘Nliat will be the cipher text? \ " i t h what key will A.
encrypt the message "m" i f A needs to authenticate itself to B
5'15: ExoM - Been]
m
Refer Q1.
Digging:
m
A:Public Key (e,n) = (7. 119)
779643a
3i M W d’W‘ibré.Z-.--.._h_--..._
ii: Puliiic Kay (0, u) a ( l 3. 221 )
W... 737%?“
H
1W 9) (n) an d pri vat e key 'Ll‘.
Sninflnm
MA;
9 II 7 .
n n 119
Since n I p x q .....r......wherc
p 8:q are two prime numbers
.x p- V an dq - 17
NowflCn) -(p-1)x(q-1)
/
-( 7- 1) x( 17 .1 )
-6x16
:- 96
-‘- £501)- 96
Now Private Key d a ~U-L‘gfl—(Q
1 'i' ’4! (9(3)

h
7
When k u 1,
Private Key d = 3.279322
= 97/7
= 13.857 (which is not an integer)

Similarly, k = 2 8: k = 3 does not result an
integer.
When it = 4,
Private Key d == 337191)
== 385/?
= 55 (wh ich is an inte ger )
WWW=M
FEM};
e a: 13
i n I: 221
Since n r..— p x q ...........where
p 6’: q are two prime numbe
rs
.'.p=13andq 2—1—7
‘h—
*-
h PyaMoflg—K
7‘9
4 ”“55” “WWW smelter ~7 _.--_
,_ ”Wim
Now¢(n) =(p-1)x(q-1)
=(13-1)x(17-1)
= 1 2 x 16
=192
-'-fl(n)= 192
Now Private Key d =lfl2fl

e
= 1 + k (192)
13
When k = 1,
Priv ate Key C] = 231%};
= 193/13
= 14.84 (whic h is not an integ er)
When 1:: 9,
14%1322
Private Key (1 =
==1729/13
'= 1 3 3 (which i s a n integer)
‘.-.d=133' ' “-
‘ Thus. private key of A is (d. m = (133. 221 .1
Now, A wishes to send message m = 10 to B.

Awillencgzptthemessa eusin Dublic kevofB e n =
P = Plaintex t = 10
C = Ciphert ext é ?
C = Pe m o d n
-.=(10)13 mod 221’

== 62
17143945af-t54
i4 5W”
IMMWIy/Waféy _ ”PP-I'm
\ 4
Q6) In RSA system the public key of a given user 4:- : 7 & nu 187 N
key of this user? P

1) What is the private
wk.
2) If the intercepted CI‘:11 and sent to a user whose public key e=7 3;"=187,
is the PT? -
3) Elaborate various kinds of attacks on RSA algorithm? ’
Ans: I - ’ . ' [10M — M W
34223:.
. c1
Refer QI. '
EXAMPLE:
(1) Private key of this user?
Public Key (e, n) = (7. 187) (3
Since 11 = p x-q ...........where p &-q are two prime numbers P

V . a
-°.p=17 a n d q = 1 1 I)
Now 95 (n) = (p - 1) x (q ~ 1) a;
=(17-1)x(11:-1) ._ - _ _‘ i1
z‘ .'_fl
=16x10 . ~ ,_ . ' >
-.¢(n)=160 ’ I ' i ‘ i
: . ' -- . n
I , N e w Private Key d_ = 21—62% 7 - ‘ _‘ - ;.
- _'~ 1 + k (160) ' __
When k : 1, - _. . - Q
Private Key d. =_ Lip—170.1,): - ; , A
=- 1 6 1 / 7 9,1
‘ = 23 (which is an integer) 1-
d = 23 2.
‘ ' , 3.
Wye g) = (23 152) 4—
(2)
t h e If the interceP ted ('1‘:
Pl‘? _, . 1 1 .a n d s e n t to a u s e » whose public key (3:7 & 11:187.
What is S.
Cipher Text = 11 6:
. , 7-.
9 1 1 0 ] ] : Key ( e , n ) = ( 7 ‘ 1 8 7 )
‘P-rjvate key (d, n) = (23' 187) m
we“
3%}945 ofm “r ..
t '“‘W_.
w...“ 5 _ Jamel».-7 ., 7.0””? yam“!
Now. Based on llS/i decryption alg

orithm.
P'l‘ a ('d mod n
r l l “ mod iii“)
.- 79720245 mod 187
- tit!
We also can verify the correctness by the RSA encr
yption algorithm as the following:
(11‘ - P'i‘t mod n
I 887 mod 187
II 11
WWWW.
(3) Elabor ate various kinds of attacks on RSA algorithm?

Possible approaches to attacking the RSA algorithm are as follows:
0 BMW
89‘
li— "l‘his attack involves trying all possible private keys.

ll)
WM
3- This attack depend on factoring the product of two primes.
I II ) 11111a
‘iv 'i‘hls attack depend on the running time ol'the decryption algorithm.
IV)
ammmmmom
)- 'l‘his type ol’attack exploits properties of the RSA algorithm.
Q7] Explain how a key is shared between two parties using Dime-Hellman by
exchange algorithm. What is the drawback of this algorithm?
:91
[10M - Dcc15]
Ans'
DiFFn-HELLMAN‘ALGOEEITHM;
& Martin Hellman in 1976.
1 Dime-Hellman algorithm was developed by Whitfield Diffie
ofsy mme tric key encr yptio n.
2. i t is used to solve the key distr ibuti on prob lem
ptosystem.
3-
Diflie Hellman is a public key cry
4. It does not encrypt the message.
hanging keys.
It is a special method of exc
encrypting a message.
This algorithm ge nerates a secret key to be used for
message using
th the send er and race:ver can encrypt and decrypt the
Doc6 a key is decided, bo
same key.
M Phi—1:7rifts;—
W” pfm‘}
\ do“
W
W
d B ar e tw o users.
ConsiderA an
mb er s n 8: g .
0' ‘ H H
‘I
tw o l a rge pr im e nu
A and B w il l ta ke
er say x .
u M
om numb
-
A will choose any large rand

7
y
mod n.
y» A will then compute m = gx y‘ .
ll ch oo se an y indep en de nt lar ge random number say
> Similarly B wi
79 ll. the compute s = gymodn.
d “5” to A.
,‘> A will send “m" to B and B wil l sen
> Key for A: K1 = 5"mo d n .
> , Key for 3':K2 = mYm od n
’r Both the key K1 and K2 are equal i.e. K = K1= K2
‘l‘
EXAM PLE:
, ,. w gnflM
B choose y = 6
‘t’
A choose x = 3
M=g xmo d n. s=g ym0 d n.
= 76 mod n _
= 73mod n.
' '= 343 mod 11 = 1 1 7 6 4 9 mod 11
- M '= 2 ' ' s =4 '
‘f
.2 A s e n d s M = 2 toB. ~><\./,,—B send 5 z:4 toA
g‘K2=mymodn
"K1_='sxmodn '4'” ..
=43mod11- * zzémod 11
=64mod11 =64mod11
‘1
K2 = g
K1, 3 9
‘f
I..K= K1=I<2 = 9
DRAWBACKS: ,
-
' ' exchange IS
_ , key
Dil‘fie-l-lL.11man .
kr vulnerable to, a man m the middle attack.
Dime-Hellman Algorithm cannot be used to encr
3: it can only be-used to establish“
I
ypt message
a secret key. I
Expenswe exponential operations are inv
olved
This algorithm is also a lack ofa uth
ent ica tio n
——.-—v
E.
‘v ph"o n Du' ffie... l-l ctl l m a
‘ n Ke y ex ch an ge a
JR
l g o r i t h m wi ll suitable example. A15"

pla m the pr ob lem of M l M
at ta ck i n it
‘
[101“ - Mal“
DU"FIE-Human Kc
vgxcnlgneg ALGOB‘lIfl
M:
p , r V - ‘l
u ...-I
5' h—
‘1 ’ ‘
‘ 'v.' “
n3 -" ‘ ' '-
‘Ia‘ :u. ‘N' ' er
.5: ‘-',“".;Vv‘ , ' '
wI l g; { ‘ 3 ' E‘
J l . -
‘3
a
;. ' — a . ~ ' . . ' — — 4 r p q — - fi ’
4 I 914662 'Kgy Cgpbjrfly— J'marfer - 7
Tapper?J'a/ulfam
PROBLEM or MIM ATTACK m DlFFlE-HELLMAN KEY
.
EXCHANGE“ gleam
.
. ,
> MIM stands for Man in Middle Attack.
' 1 ’ “ . " ¥ : ‘ - ‘ .-".

> The Dim e-He llma n key exch ange is vuln
erable to n man -ln-t he-m idtllc attack.
F in this attack, an opponent Carol intercepts Alice
's public value and sends her own public valu
49.1..
e
to Bob.
> When Bob transmits his public value, Carol substitute
s i t with her own and sends it to Alice.
> Carol and Alice thus agree on one shared key and Carol
_
and Bob agree on another shared key.
"
> After this exchange, Carol simply decrypts any messages sent
out by Alice or Bob,and then reads
and possibly modifies them before re-encrypting with the appropriate key and transmitting them
aw.‘.‘
._
to the other party.
5 TI. :L‘cIEL...“
> This vulnerability is present because Diffie-H ellman key exchange does not authenticate the
participa nts.
r—v
-_
> Possible solutions include the use of digital signatures and other protocol variants.
"'1' 7-».'
> Figure 4.1 shows the MIM attack in Diffie Hellman Algorithm.
3-4
Alice Carol Bob
Choose a 3- Choose c Choose b
_ A
_ 3—“.— ..
3‘
Nfifime‘fiu‘g
gb
Compute (8‘)“
.. . n - ‘ l i r n ’ A I - x . i
gr Compute [tM
‘ Compute (8')”
C o m p u t e (3")3
O-fn.
Secret Key = g" Secret Key = gin:
<fi
JIAAII
.
' Figure 4.1: Man in Middle Attack in Diffie Hellman Algorithm.
mum-n1.“
.
Q0] A and B decide to use Diffie Hellman Algorithm to share a key.
’ Thcv choose P = 23 and G = 5 as the public param eters. Their secret keys are. t.
and 15 respectively. Compute the secret key that they share.

A [10M -- Mayio & liecm}
. US:
*”‘* Not e: Exp lain what lfie Hellman Algorithm

- is before solving any lfle Hellman Example. Fur Dime
Hellman Algorithm Theory refer Q7 ***
Given:
Public parameter [P = 23 8L G = 5)
Secret Keys 6 8e 1.. Le. X = 6 8:)! = 15
K
Mulate: Secret Key shared between A 8: B Le.
¥
r 1753? 4901’64
Jamar!”~7
4WW
_ my _; . “T 1 B
5mm".
- ho os ey zls
Bc
i oo se it = 6
I.A ch
S - grmod p,
M = g'mod p. .
= 5 ” mo d 2 3
=5 6m od 23
= 30517578125 mo d 23
= 15625 mod 23
S2 19
M =8
A sends M a: 8 tax » 8 send 5 = 1 9 will
Ka=sxmodp 'Kzz mrm odp

== 196 mod 23 = 8’5 m o d 2 3
= 47045881 mod 23 = 3518437 2088832 mod 2 3
K1
3'-
2 K2 2 2
.'.K= K 1 : K2 = 2
Therefore, A 8: B Share Secret Key as 2
Q10] What are the various ways in which public key distribution: is implement e.
Explain the workin g of public key certific ates clearly detailin g the role 4
certifica te authorit y.
Ans:
[10M - Mayt :
PUBLIC K E ? DISTRIBUTION:
> In public key cryptography, only public key needs to be distr
ibuted, whereas private ke i.- he
secret. _ y a I
h;
Following are the ways in which pub

lic key s can be distributed'
1)
WWW.
r One of the snnplest approach to distribute public
keys is to a n n o u n c e It put)" I
3'
One can die) . bli .
" /her pu
[ l a y Ins c key on his /he r we bs ite ' c 3"
"WWW”, or ad
- -ver
. ti so it: in local or nations
- 7' 0 " 53817111118
FNb” | When RuMai wants
to senda confide
) c tey either from her website or from "BWSp-z;ntia
e
l l message to'l’anvl, sl
to c.a.mhtaln TanVIS
5 the situation. a Encrypt the message "3108‘"
PH,
I’Mbiic Key ‘5 PM
' \\\.«w P o e m by,
l Hutu" M“...
1}?!"
W< ,
—“ k "V“Ii-u-qfi
“3““? 4' 2 ’ Ammo n ce m en t of p
u b li c k ey
afez;
“19050 M‘-
U W's-9%
" ":v:;a:mr.1-vl"'
.
M
~g—-.
A ’
“ W W W _ y _ m* m“’ 1 I
-. .fi_,_’/?’[£”IIJ0MM
UNWMGM
—"“‘-—— —~——__
~-.—--
(!
Hm « nnnnnan nnhln m mn lm nnuml Ln. nnnrln'llw-nnmlla mm» m mummy-
. . ~ t
N)
nuunen Amman» Imunlnryl
¥ Mwnm‘hm-nmvnnmmn ’ n-‘ In ummmm ‘ ‘ mm
- HV_nvalln
. a nnlnl’ HMW'nnMIékm,m»mg
n mu.-
“M.I M I a n n m m
\I ' '
l l l r w m n i i l n l n vntunnw
w ‘
Innlml . a”Ma'nn!
mum-nan:H 1
I Ulnmnln - aMU
lnnnn' dImW
nnwmw.
3 "H19 nun-um nr nn'nvlnry Ii an fnllnwn

I ‘I'hn n a n w mnlnlnn lnmnu. nnlnln Inn/j mm fur mil-H mm;
I lien-h w n mum: a n nnhlln iwy wllh olin'm:lunvunllmnw,
I A u m um nlan nnnlny Ilw nnnlw Inny ma mnl wlmn ”mum,
.4.
I ‘l‘hn llllM‘HII'y mn nlhn lm nnvnnml Mumnnlmlly by Man new”,
- ‘ I . . _- . _ _ ‘ . _
5 b‘lunrn M nlmwn nmlnlnnmn‘u ur‘ m u m lmv IHIMHH y‘
[23:33.3"; :(mmm. I IHIHW‘HHHI
nn/ \mn
1‘ 4
/ \ _
Mm: I
anln ‘]
.____,v______a .-
Immagm
dummy,
lfluln'n mm Maintenance utnnlmv hey
nxznwnucln user/11m,
my private key M alum-{my annmrnyannimpersonateMa
An lfiI‘fidl‘y/lllll’lltI N nmy aIlsnn
l m Intruder.
lllti mam-mun are [HmInm
III) linulnmylAuugmm d if tighter wmnA m

l nl ‘ w en rn y fu r [MIMIC My Ulstl‘llitltlun can be achieve
3
I A human lnvv
Imp/n“ In pruvnlen,
tllp‘lnllmnnn ufnnlallv nes pu nse. pubin- hey announcemen
ts Jfifiudg a
in“ mnl um cll flm lMm M [In
'11: nwvvnl hum-cum ority.
alumni by an auth
Il’nmnlnm'I'nwhich in e nu ln n kn yu!Tam”,she sends a time Stamped
rim-sag:
im am th
Hulnln wants:In
liunnxmuumIf amp]
nh nr ny m n ln lnmg (name, Unwsl
In Hm nnlnln lm y m urn/ate trey,
n m m a g e M MI } in entrypted by Using its
rnnmmnwghh
’I‘lm mnhm‘ily than
winw
mmw U m m m ; Mln
'l lw um swim! nn
ay,
I ‘l’mwt'n pnhln' M a.
u nm l m u m ! many by Nunn
I Url
1. .
g};
" ,ylmn
u n ny d e c ry u fijlm mgr-Eg
y:1111199391 11 .R
11,
,Mm "LVEFLQ M 17191510 04
I
I u .—-_. -_ v.r‘v
- - .
7'0 New.
fim‘hflflfim
V V ' W. ~-
7. firm—Ma x
lic key.
be Alter decryption. Rutuia gets Tanvi's pub
5 »
T h e prOCGd ore is tit-set ibed in figure 4. .
a t ' 4
g mum. H
\\
/_ .1 WA“
am"
trotted tit-titty
z.urn..|ru.|| minim" a l l -
Figure 4.4:Distribution of public key through authority.

Drawbacks
X» Public keys maintained by authority are vulnerable to modification.
> Public key authority gets overloaded if the number of requests is inrace.
' 1V) Whales:

> The alternative to previous approach is to create public key
certificates.
> Using the public key certificates. users can exchange
the keys without contacting a public kc
authority.
. > The certificates consists of:
. A public key. '
'- An identification ofkey owner.
.
> This certificate is signed by a certifica
te authority such as a government age
ncy, a finanisi‘a
institution or a state organization.
> Consider for Example;Rutuja wants to
distribute her public key in a secure ma
nner.
)4 She can present her public key to cer
tificate authority (CA), obtain a certific
ate and then publisl
the certificate.
r . Now, one who wants the pub
lic key of Rutuja, can obtain the cer
tificate and also verify that the
certificate has originated from
CA. (i.e. the certificate is valid
and original).
> One can also transmit a certific
ate to convey the key to those
who requested it.
> Figure 4.5 shows distribution
of public key using certifica
tes.
Certificat ‘
Authority (EA) . \ .
PUp /
I fi\\
/ Ln:1-: (paw . [mII iipun “' \
\rnT
1/ _ Cre
E (PRC... no, u no,“ \
" ca
l Rttmla
\ 2
\l
WNW
Tauvl
M W ! " ‘1‘
4 ' “W!"W m"?!
‘77
' .. .- W _Ir’£4¢@!’91~!_
Where,
P0. a While key of mama.
M112 Public lwy nf 'l'nnvl.
Cu5 Certificate Mum! Mr Nulum.
“aw—arm».
Cr :- Certificate Issued fur ‘l'mwi.
3:"
<W
»
0%.
_W_
, .
‘W
“A. ~ 'w4*-«*Ww:
r _v
n
‘44....
m...»- Aug-aw-“-
.-W M 1“,
Véo”0/04
W._ I ' 'l'l‘" -' “WW.
gunman - 5:CRYPTOGRAPHIC HA5" FUNCTm-S- i detai l.

algo rith m in {k
7 tal .signatur
\‘tmu s :1 digi . e? Explain any digital signature
01 j
[10M - May16 & 5M __ Dene“.
[-
n-zin‘tal Signature is a type of electronic signature. '3
it encrypts documents with digital codes that are particularly difficult to duplicate. ;
: A digital signature takes the concept of traditional paper-based signing and turns it into an"
electronic"fingerprint."
4-. This “fingerprint." or coded message is unique to both the documen t and the signer and binds
them together
S. It 1s used to valida te the authe nticity and integrity o f a message,
softwa re or digital document,
6. Digital signature technique IS based on public key cryptograp
hy with a differ ence. L
i“. in public key cryptography a pair of keys are used
one public key and o n e priv ate key.
8. The public key is often used for message
encryption, and the priv ate key is ofte
n used for
decrypting the. message.
9. However in case of digital signature, me
ssage is encrypted with the private key
and decrypted"
with the pubiic key.
1o. Only a specific person with the cor
responding private key can encryp
t the message or in other
words sign the message.
11.
i
However any party who has the
1 h"
signatmy
“‘4
.'. .
’s public key can encrypt the

me ssag e. in o t h e r w o r d
can verify the message. s
12. Figure 5.1 shows the processes
of Digital Signature.
Create
C Digital Sig na tur e
Bobs Pr im te Re.v
Send Over In
'* ternet
A
x
.
‘r _—_
.
_._
L
.
uP—u“r
8011
" r
's‘
g:
“51‘ .
?f'ik'v’h'fi"
Bobs Pub g";

li c K1:1‘ ‘11-.
a
i 7;
*-’7.~.’:‘."=.T7W
F
igure 5.1.. D
igital Signa
ture Proc
353.
“5640/84 -—-—
<. ‘7 1 ' . 10 . . . - -» ..
‘ ‘ Atom.” "7;: . 1.1" Jig-Lu . .‘ - m. 1 ,
t 1 . _. r- __ 1
1.4 A. A"
‘ ‘ '
Mmpfila Wash Window Jmubr- 7 f 70pm W
BSA:
1. BSA Stands for Digital Signature Algorithm.

2. BSA is a United States Federal Government standard for digitai signaturesi
3. it is used with Digital Signature Standard (D55).
4. The first part of the DSA algorithm is the public key and private key generation,
5. The second part of the USA algorithm is the signature generation and signature verification
"'—‘"'
W
3» Choose a prime number q, which is called the prime divisor.
> Choose another primer number p, such that p -1 mod q a 0. Where p is called the prime - ’ =
> Choose an integer 3, such that
1<g<m
gt! m o d p = 1,
g : 1 1 lip-Illa) m o d p,
,Mwn-e-tmv"‘l-'
> Choose a secret key x by some random method, where O < x < q.
> Compute public key y = g" m o d p.
.
> Package the public key a s {p, q, g, y}.
> Package the private key as {Y}.
SienamLLGeneratiem
-1 flash Encrypt Hash using

Algorithm Private Key
-_= _' 10 1100 _
_‘—’
= , 110101 5
5W
Electronic Pile H a s h Value Signer’s Private mm mt
Key
Figure 5.2: Signature Generation.
To generate a message signature, the sender can follow these steps:

ow,—
> Let 'h’ be the hashing function 8: ‘m’ the message.

P Generate a random number k, such that 0 < k < q.
3-
Compute r = (3k mod p) mod q.
‘r in the unlikely case that lfr = 0, start again with a different random k.
" Calculate s = It1 (”(113) + xr) "10d q
1'
in the unlikely case that ifs = 0, start again with a different random k.
-
> Package the digital signature as {n s}.

~
r
Peesiofm
' Simatumflflmm
- flush
,
3 .
A‘Inni‘.“‘."
108.100
I lfithj
f l
Iluuh’ WIN“
7
&/ mk- ° “ " "
If I”
user-y”! uni". Ilfiuor'u _ ,.,.""“"“*'|n.
_ ‘3'" Q; P u b l i c key "“M
swun'g‘; em 03 I00 ‘ a 101 too
110i0‘l 11010: i. "m"
fines-yuc ca Sin-noun a Hash Val“:
-
Figure 5.3: Signature Verification.
To verify a message signature. the "New” o r the message and the dig ital sign atu re {Ollou
can
these steps: -
\i
Let "h' be the hashing function 8: ‘m’ the message .

e Reiect the signature if 0 < r < q or 0 < S < q is “0'5
satisfied.
> ‘ Calculate w = 54 mod q.
> Com pute u1 = h (m) * w mod q.
1*- Compute u: = r_* w mo d q.
_
> Com put e v = ([(gu1)*(y°2)) mo d p) mo
d q.
> If\ == :3 the digital sig nat ure is val
id.
Q2] Wh y are Digital Sig nat ure s & Dlgllal certificates req ulr ed?
significance of Du al Sig nat ure ? Wh at is the
‘
Ans:
_ ‘ _ _ . ; . . , , ‘ [ 1 0 M - M a y i 7i l »
_
otgrmt Sienamgg ' - . ' - ' i' ‘
Ref er Digital Sig nat ure par t fro
m Q1.
Wh y Digital Sig nat ure s are
required: ,
f
To pro vid e Au the nti cit y, lnt
eg r it y a n d N on - re pu
"'5
n to el ec tr on 1c di at io
. .'
To u s e the I n t e r n e t a documents.
s the saf e a n d s e c
ure medium
fo r e - C o m m e
rc e and e-
Governance
D iG nL CEBTIFICATES: .
Dtgztat C er ti fi ca
te (DC) is a di gi
ta l file
l t r e r t i ‘. i e.s t h
ei d’ e n t l t y ' ‘ c‘.
a n 'm rl x v
iu u al‘' o r i n s
- b a se d i n f o l u -u t i U
‘ n . 'oI ‘ e v e
rmation . l ‘ i a r_o ui te.. r
I .I.‘
i V
.s
seeking acce
s s t o co m pu te
rT
fa)
tru v,
\ 2f..r:\ l C K 9)
inf:a s .2.
1%.: Ctun—2 (Pm). a
W M W Jamar!» - 7 Topper}tic/wow
A digital certificate may also be referred to as a publlc key certificate.
Why Digital Certificates are required:
a Digital Certificates can be used to identify a person or a device.

> Once identification is established. the Certificate is most frequently used to prove one person‘s,
or device‘s identity to another person or device.
> Because of the RSA system. they both know each other.
3 The Digital Certificate can now be used for signing and /or encrypting email or for providing two-
factor strong authentication.
figmaagg OF DUAL SIGNATURE:
:7? 1. Dual signature is a significant modernization of SET protocol.

2. The function of the dual signature is to guarantee the authenticity and integrity of data.
t
I; 3. The purpose of the dual signature is to link two messages that are intended for two differen
i recipients.
4. In this case, the customer wants to send the order informatio n (0!) to the merchant and the
payment information (Pl) to the bank.

5. The merchant does not need to know the custome r's credit-ca rd number. and the bank does not
need to know the details of the customer‘s order.
two items
6. The custome r is afforded extra protectio n in terms of privacy by keeping these
separate.
s if necessary .
. However. the two items must be linked in a way that can b e used to resolve dispute
this order and
. The link is needed so that the customer can prove that this payment is intended for
not for s o m e othe r goo ds o r serv ice.
nt two messages: a
9. To see the need for the link, suppose that the customers send the mercha
on to the bank.
signed 0] and a signed Pl. and the merchant passes the Pi
claim that this 0!
1a. if the merchant can capture another 01 from this customer. the merchant could
inal 01
goes with the Pl rath er than the orig
ii. The linkage prevents this.
12. Figure 5.4 shows the use ofa dual signature to meet the requirement ot‘the preceding paragraph
mam _ K
D u 1i
{g :3. we»
#j—LJ’ré-‘gggh
“—"ta , OIM I) /’
--l l l } m
o..— r .
E::
-_
Flgure 5.4: Use of a dual slunature.

‘_
._
fl-”— —
.— - 17.13957((04
-r__-..;..._.
-,~
__n-v
" .t ,r'- a d -
Jmufar-7 »\
In...».
,
'g..
-“""'h.w':(~.g°.
I""-
5 WM'W‘W‘W *
>
Where. OiMD = OI Message DigestMessage DJ
,.
3; POMD .-.- Payment Order

‘9 Pl = Payment Information.
A“;
KR‘
Wasomer's pmrate
Sim” it!
gConcatenation > = Cust
: H
> PlMD =PlMessageDig?“
\
"W ‘ ...._r
. .
03] SHA-1
' V I5M _ Ma”;
Ans:
SHA-1
.
1. SHA stands for Secure Hash Algorithm
hash functionproposed by NlST.
2. ln cryptography, SHA-1is a cryptographic
-O, SHA-1and SHA -2.
3. There are three SHA algorithm named as SHA
4. _ SHA-1 is
‘most
widely used SHA hash function.
produces a 160 bits output.
5. The input to SHA-1is message of length 264 bits and its
6. I t is similar to NUS with following differe nces:
a. - l t i s m o r e s c r e .
‘b'.' I t is little slower to execute than MDS.
. c, SHA—1makes 5 passes whereas MDS makes four passes.
'7.
SHA-1pads the message in similar way as MDS.
8. Similar to MDS,SHA-1also operates in stages.
ALGORITHM: .
§_tep - 1: AppendPaddingBits .
:.. The message is padded so that its length is congruent to 448 module
512
Message + Padding bits + 64 should be a multiple 0f512 bite
‘-
I mm1fmessage is 400 + 64 = 464

r
Hence padding -'.= 512 _- 464' = 48 padding bits.
Original
M essa l
‘ ge , *—‘ Padding
1, fl
OriginalMessage
Padding
Tapper:
ail/«1m
> 64 bit length is appended.

r The resultant message has a leng th that is an exac
t multiple of 512 bits
400 ‘3 64
..
I WW I Padding -U + ‘- Length
—an
Drill-DI] Lens“;
I M05333. Padding
.mq'u—A
9
— Data to be hushed -—-—-—-v
' .
‘I
gar-*‘4‘
Data to be hushed
av-
.— . _ _ - . _ - -
1 r
Block 1 Block 2 Block 3 .................... Block N
5 1 2 bit 512 bit 512 bit 51?. b i t
§gep - 4 : i n i t i a l i z e chaining variables
3 2 Bit A HEX 01 23 45 67
32 Bit B HEX 89 AB CD EF
3 2 Bit C HEX FE DC BA 98
3 2 Bit D HEX 76 54 32 10
E HEX C3 D2 E1 F0
3 2 Bit
Ste p - 5 : Pro ces s b l o c k

to five corresponding variables a. b. c, d and e.
5 . 1 : Co py chain ing variabie
a b c d 6
16 sub hlo cks.

512 b i t bl oc k in to
5.2: Divide current
Block 1 (512 bit]
__
‘. _ ' . : J . ‘ _ . . - . > n . .
......----.. I‘Sub blockN _

l Sub block 1 Sub blockz
M 32bn
32 bit 32!)" 7 , V ”warm-J
f” E/r Wig—6590f!”
———
‘1 5%- WWW M5 ”"163 .
”5.3: We h a v e four rounds
ln each round consist of:
‘ a) All 16 sub-block.
j b) Variables a,b,c. d and e.
c) Some constant.
I 1651:!)Blade J Other Constant:

' ‘
r One Round
;
6'
hum-9mm“ a b 9 d t[k]-)k=1t079
Process round ] In each roundprocess p I

1 (b A c] v [b' A d) I
2 I b e Ce d I
3 {b“¢)V[b d)V[c"clJ I
b66$d
‘i 4 }
bww _
lolalclvlsl
w\ '
I l. l.
fiEF
——-—-—
’ntA‘t‘Z‘*‘-",
”Mt
fi/
-
_ ‘
What are the pmpcrties of hash fimctinns? t a - .

.3.”
Q4] role
of a h a s h func tion in
t ‘ 5 ”36
‘ a‘ M
‘“lh‘ th- A
security?
Q.
‘
‘.
Ans: ‘ '
[5M— D6617};
-
‘‘
jjfiSfinCTIOfl:
1. A hash lancuon IS a mathematical function that converts a numerscal - , . he!
‘ ' ”1l va.lle mto anot
compressed numerical value,
The lnput to the hash function is ofarbltrary l e n g t h
buto
Values returned bya hash
function
are called messag utput is always of fixed length.
__ a digest or simply hash value
s.
MN“.—_-_M’dfl V
fibrin LII J... .
Two-3W ,
M”?
WWW
ar in almost all information secu rity applications.
Hash functions are extremely useful and appe
7‘
-
P59221155 0F HA SH FUNCTIOSS:
flu;
°‘ '
, 1 - .-.,.l ‘.. . . ‘ -
l) _ - °
ction.
putationally hard to reverse a hash fun
> This prOperty means that it shouldbe coin
difficult process
l..
uced a hash value 7. then it should be a
> In other words.i f a hash functionh prod
z
to find any input value x that hashes to
ng to find the
perty pro tect s aga inst an atta cke r who only has a hash value and is tryi
>1 This pm
‘o
n
input.
newly-1.3“
v w d w r1" w -
wwmww
II)
~ fi -m
W
find a different input with
t and its hash. it should be hard to
> This property means given an inpu
'
{m9
the same hash.
e h(x), then it should be
h for an input 1: produces hash valu
In other words, i f a hash function
'
>
.
e y such that My): h{x).
‘
difficult to find any other input valu
input value and its hash,
ects against an attacker who has an
> This prOperty of hash function prot
inal Input value.
e as legitimate value in place of orig
and wants to substitute different valu
11!) QWesistnnce:
collision free hash function.
> This pre per ty is also referred to as
that result in the
pert y mea ns i t sho uld be hard to find two different inputs of any length
> This pro
same hash.
inpu ts x and y suc h that
h . i t is har d to find any two different
> I n oth er wor ds, for a has h function
1101) = h(y).
es with the same hash.
for an attacker to find two input valu
‘5‘» This pro per ty makes i t very difficult
1V)
W
is small.
“ Compression: Output length
mpute for any x.
”P Efficiency:h(x) easy to co
]= y
be infeasible to find an x such that h(x
‘r Dne-way: Given a value v it should h(x)
ista nce : Giv en )1and l1(x ),1in feasible to find y l: x such that My ) =
P Weak collision res
ie to find any x and y, with x .'= y such that h [1:]: My)
> Strong collision res ista nce : Inteasib
ROLE
Pa ssw ord Storage;

e.
otection to password storag
Hash functions provide pr
rin g pa ss wo rd in clear,
31105“)!
all
1080“
Processes store the hash values of
Instead of sto
passwords in the file.
W #h 1916396 6! #64
\Vol‘
75””;
'1.
~7
H
7M ‘fimcfi'anr 5mm
.n
it "i i 5 l Cn/Jfiic I
l:
_ \
. In W
application 0 f the hash functions.
> Data integrity che ck i s a m o s t common
; ' g
cksums o n dat a files.
7' i t is use d to gen era te the che
ut correctness of the data.
i > It provides assurance to the user abo
hash function? Explain the 0

characteristics are needed in secure pa,“
fl! Q5] What
i of secure hash algorithm on 512 bit block
..
[10M -. Mag
Ans:
FUNCTION.
CHARACTERISTICS ARE NEEDED 1N SECURE HASH
Refer Q4 (Properties of Secure Hash Function Part)
BLOCK (SHA - l l: ‘
OPERATION OF SECURE HASH ALGORITHM ON 5 1 2 BIT
-
» Refer Q3.
List various techniques usedfe

Q6] What is the need for message authentication?
message authentication. Explain any one
[10M -— Mayité
Ans: _ ,
‘
NEED FOR.MESSAGE AUTHENTICATION:
a genuine identityand. nott‘.i
a 1. Message authen tication ensures that the message has been sent by
'‘ -.
i an imposter.
Message auth entic ation is used to verify:
ce.
3. Rece ived message i s from alleged sour
b. Message has n o t been alte red.
ence .
c. Ther e i s n o chan ge i n mes sage sequ
mg p j v v w fi e
d. Message is n o t delayed o r a replay.
("iu
Message authentication includes mechanism for non-repudiation by source ‘
aut hen tica tion is typically achieved by using message authentication

Message J ‘7.
u Q W " - ‘ g _ ~ ‘- "
(AB) or digital signatures.

codes (MACS), auth enti cate d encryption
1-.
AUTHENTlTlGN CODE (M AC ):
.‘5
' misses}:
._"
1. MAC algorithm is a s y m m e t r i c key cryptographi c technique.
_. 2, i t i s used to provid e message authe nticat im.

A MAC uses a keyed hash function that includes the symmetric key between the render
a)
all
. c
g
receiver when creating the digest.
4, For establishing MAC process, the sender and receiver share a symmetric key K
: I W {graphs M6 ‘Funcfiom Jenner --7 ‘ J_ “flipper-’1 «905460»!
Essentially, a MAC is an encrypted checksum generated on the underlying messag
e that is sent
along with a message t o ensure message authentic ation.
6. The process of using MAC for authentication is shown in figure 5.5.
Receive r
H
I Key“ I
c
MAC 7 F—_— l ,.
Puma-A- mud-{-
A—J‘
Algorithm I MAC I
Sender
Figure 5.5: MAC Process.
wm‘m—
WORKING:
Figure 5.5 shows how a sender uses a keyed hash function to authenti cate h i s message
and
how the receiver can verify the authenti city o f the message .
This system makes use of a symmetric key shared by sender and receiver.
Sender use the symmet ric key and a keyed hash function to generate s a MAC.
“V“
> Sender then sends this MAC along with the original message to receive r.
> Receiver receives the message and the MAC a n d separat es the m e s s a g
e from the MAC.
I > Receiver then applies the same keyed hash function to the messag e using
the same symme tric
key to get a fresh MAC.
.
> Receiver then compar es the MAC sent by sender with the newly generated MAC.
> i f they match, then the receiver accepts the m e s s a g e a n d assures himself
that the m e s s a g e has
been s e n t by the i n t e n d e d sender.
> if the comput ed MAC does not match the MAC sent by the sender. the receiver
cannot determ ine
whether i t is the message that h a s b e e n altered o r it i s the origin that h a s b e e n
falsified
i As a bottom-lin e. a receiver safely assumes that the message is not the genuine.
Q7] Compare and contrast: KDC versus CA.
Ans:
Table 5.1: Comparison between KDC versus CA.

.‘4
'KDC T' CA ‘w ““1

' _ .. i
l KDC Stands for Key Distribution Center. CA Stands for Certificate Authority
1Lit IS symmetric key solution againsta ctive attacks. i t is asymme tric key solution against active attacks
it is less secure. it is more secure.
‘Payc 63efee
.
‘n
u'. 1 . ‘
J> ' “ h - ( '
n
I.
* ' 7W}
J' 7'
WMWVMW, . ,1? “‘fi\:
1I'fiubohb
-v - ._.
- ”‘KIIIIIIIIWwMWI’fiofiage
”v vfiP M‘W
pomrfailura .
- _ ,5 .11 .
1W 333333 33333345 9”” 3!-..fmiurfl-
1- -1...“— o___;,_..M”—IIIIIIIIIIIII CA does no! have m be amine. ‘33
.. 1513333335”!!q ____ ______ , ___....... \; '
W ”5 -- ‘ “”‘IIIIIIIIIEA has better scalabllil)’
V3 hVnIdreds.
I “3313333333333; VII]: CA obtains "5W
393RIDE shares
73
secret Everyone who register with \
{03' its public key.
IIWWIIIIII IIIIIIIIIII IIIIIIIIIIIIII WI
III I IIIIIIIIII I I I It;islesIs expensive.
“fihfiifiifiiv; 3“
It 35 not performame senmwe.

- .‘ '
III 7—— IIFII
II
33 33 VQIermhIrIngéVIiiiws. II I I
I II
I I I I III
I
.- 1‘ _ ‘ W..._‘
I or WAN‘.
fl.
Preferred I
wq
WW
«aura-av. «— 3 m . . .
II.
Preferred {03'MM.
08] Differentiate lqn MD-n and BHA.
()9) MIN) warm 83M
Arm [QB 1534 -- Dacia, Dacia I: M93318]It [09 l 5M -- Dem,
Table 5.23033333333331e of MD-S #4 SIM.

.FWMM
.wmmsgarw '- vamv aw:- ,g:_ mm- "
5" W EV“!- ' r ’ . 1 _ A—
3 33333::. . 31033 “‘“'

3“: gupm, ”mm...
*3 ‘1': A '1c PI '
‘h‘...
MHMJVUWH 3333335133 1 1 2 8 3 3 3 3 3 1 1 0 0 8 3 3 5 . I III

Wt.1‘fi'TTfi*;):fl—g-1vu~fggrfi ':~"—.;-;-:-o. 70'1“?“3'fl ,7— _.-_.,,_...., ...._.... .~. .1- _,
__ _ ‘_ W
M..."
; W4.3”41/
1 4 3 41
3 3 4 7.4 5 1.3 1 3.4 .1
~. 3: ” g ' ”Wu-um-
1/3133 3'4/4. ( UNSN'CHCNI "1‘"? rec-um ",3“ MD}

v;_{<
--u,-_-.g'-fi“--': _,:.-—-:o-<--~*Ir r - ~ ' - ‘ 1 : ~ : : r ~ : ~ ‘ r . t — w . ; - r j
I‘. 555’" 1 r
V,
3"
_
~ 3 .: '.-'3"<-' :w" - - : - - ~ ~- ‘,' * --'- “"" v"
"r.- ’~ - - ‘ - ..
. -. .........,
,1 1,_%*aqm
5 “3'55WV ‘34“muons. snowm- :3"... 3m.r= m *

1, 3 ‘ 1
2m maniac-1 lam-1:1. 3-? :Wz-Varrp-cm- ‘13y.

Iaikifflf Ilkaiyyndj“ Iterflg‘f’ns I
. III III I I I III M...
13 3330373343 Vest")Vnsmro ”IT ‘I ‘
I; 033;":3 33133313333! 333343331 10 33333332...........
1,3111%, 313.13
I IIIIIIIM.” HIIIIII.’ “II-I III III “III MIIAIILIIIII'II
1 333331433; “Md “I'IIIIIIRJII‘W “ I “
4 butters; 0132 b”; gm h
"I "-‘fl- "" '3." -..’:nr...'...‘.en - A... _- ~.. .. .1;
‘ "" «'1‘ :1'“

I'IM «m.w......,.m.......-g
11W...“ ..._.m~w.m. w1‘dw¢ 3‘1""!
3 .5 u! 32 M b 3323 h II
”MI III; 11 ”’93“
wrallmm
JAIIIIIIIII/I
:1 (”%;“J IIIIIIIIIIIIIIIII
##9## III 2 m ’I’I’II'I U n 3 ‘ 3 r3
303333133331 33; [373II3IIIlIlII
”NBI J“U”'§ ,
' “5‘5"”
1113;13313133“ I
1"; £314)?
1 3} ”34/3 _ 1.5133530}. 333333314 333133!

mm.- m; r - .111n: «3-- 111%,”... $1.11CF11: ‘
I C”1111. 1'
I ’3 1,
I33
if)“
m, “4, ..._
I mmJ J 3’26 4 4334193,
"m ». 53’ a
n 'I‘I'I'Ii'i ‘5‘ 555555 ”355 W3
1‘17 1 11:211., ‘
# 1 1 1 1 1 1Wm”..-
1. 3...... , I W 1 _. (43mm1 11111111111 .. w . . . .
li._ Abram
1.1.11“, 1 {I2.1. 1
”433334543334:333333.33‘ 3'3.1%; 31,319 1.....-
III IIII II» VIIIIII I 2 ' .I'w ml. . ‘
‘ ”M3333
i I III II “‘I":»n-A¥w.'-u -» -~"
1:1“ 1“ fl 1 1 13121331,.
“ ;f1 4) ’I’yfltflflalyr 1:; “11111V1111"? 1.1 _ 1 , ~; “(I
lr}IP'aaybtv
I I M I I III III III III IIIIIIIIIIIIII" ~ '.4~:' 3 - w - {.31:1?) 4 I a ’ p to III
... 1 H
.tJfi "rwr‘ I1
.
1IIII’I
'. IW'”‘~¢%3W“ We“.

I
W4 5:: m, a?“ 11-.“ -
r . r I
.
:I-nI-
’
V ';I’\ - ' .
. . 1 ”-57.3. L132...
§ I‘ .&:1_p_ " _ 1 3
_ ’ «5—.(L‘Z313 '3' . . . ¢ _ _
“Ia II“
7'11 .- g 1*,_,' .1‘,v.'I I
- -_ ' 4 """‘“If:‘.‘ u’.1\" _,c‘$'I L”;- r’fl" I I
Tw‘im
CHAPTER - 6: AUTHENTICATION APPIJCATME
Qt] Give the format of 31.509 digital certificate and explain the use of a digital
slum-tum in it.
Ans:
[5M -- Beets]
m
1. X5309 is an important standard for a Public Key mm (FIG).
It is used to manage Digital Certificates & Public Key Etayption.
X509 ma the building blocks a FRI system that defines the standard
formats for certificates and
their use.
Figure 6.1 shows the fonnat of 35.509 Digital Certificate (CA - Cerfificate Authority]
F .
mm 1
Safiai Number
. .» I . m Nguihm: for
Signature “mm D *— Exanpue.‘Sal-HIM
Issuer (CA) 11509 Name *——— CA‘s may
WSW
Period «— man-issuer:
I
Stm{act K530 t‘lama 'l <——-— Usa‘s idezfliy
A! orithm EB
Sumac: P‘utfic 1 g 1:; User‘s Panic Key (Boom to
Keyinfo l Puttf’rc KayVaiua J55 E 5 L " H E “5)
Issuer Unique ID
Subiect Unique ID
. Other User We: $0! Example,
L 5mm J ' Slbfllflame. cop
(— CA Digital Signamra j 4——
Signed by CA‘s Private Key
Figure 6.1: Format of X509 Digital Certificate.
"55 0? DIGITAL SIGNATUR E;
Diuttal Signat'u e i n
a - $ t
Vi
v- " 509 nital Cemficatc can be used to access secured zones: of websvtcs.
It is used for verifica tion 8: validation purpose.
lt ensures confiden tiality of certificate.
It can also be used to verify validity period & Unique ID.
95566501334
...._...
i i _7 pper: 30/1601,
El “1 ".I ..
m»
m? How does it help to validate the authenticity of a
.3 $2.22”...W...
»
[ 1 0 M - Dec17]
mum. mmTE:
1. ow Ceflificae (DC) is a dig'tzl tile. _ - . .
a;
1 g“ cam is med bya trusted third party which proves sender's identity to the I'ECEIVer
ad radio’s identity to the sender.
3. ltis issued w a Certificate Authority (CA) to verify the identity of the certificate holder.
4. Ybe (”A issuesan enuypted digital certificate containing the applicant's public key and a variety
.l
' '
a? other idmtlfication' mt'orma'tion.
5. W We is used to am public key with a particular individual or an entity.
6. Signal ca'tificate (naming
a. flame of certificate hoider.

b. Serial numberwhich is used to uniquely identify a certificate, the individ
ual or the entity
idafiified by the certificate
r. Expitazion dates.
Copy ofceriifitate holder’ 5 public key.

e. Digital Signature ofthe certificate issuing authority.
CERTIFICJETE BED AMNHCATICK:
-__-\ .7‘
’ 1. Certificate based audientjcation is based on the digital certifi cates
A
o f t h e use r.
L01. u h ) » : ‘.‘.2"1..L.;‘...i.
2. In Public Key infrasmscture (PKI). the
digital certificates are us
ed for secure
.
digital
I
3. The digital oertifitates in PK]can
also be re-used for use r authen
4.
tication as we ll
This is a stronger mechanism as co
mpared to password ba I .
sed au th en tic at io n.
.
., ga te 6.2 shows mmlizate

| ‘
based authentication proce

mffifim_mx
9.
ss.
.
130m m:
.,
We #:1w
.
-
. I 31%
..
wads certificate
_\
. .
t
.-A_
i magnum:
-_
Hawk
‘
.
Gian
1V “
SSI,( ‘
.n
.;;1‘:
ion 1“” l—; , Suw* I .

-£
3) .gm.wr aut
f
cu .. A r . horize:
'.
:l
‘- -
-r
' IN
’W'
'
a
_'.
2), Hut.Wm pus-ate by art-ms {or

the
-
,.
& uses.“ to me aulhmltlmwd

.4
evidence reflifimm Iden tity

n w ” m "'0
'
(Mal We) _
I
3' to
“duke authenticate
h,
(In W: identity
Flam: 6.2: Cert“! can: base

'
‘
d authentication
p t nus:
'
"I
‘- uI
~: 3-3":
t‘
.........
at"!
*“yW m
“* M M M
‘1: ~
. Wmfi
.9
.~
"I‘fi
MW
_
_-..'
6'0"":mi ..
_
_
-
-.. _
3mm Tapper-'1d'ofidfom
. ___
L
.I
The “‘9'“”MN maint

published i n any c e fl l fi c a t e sains a database ith
‘
.‘ . n 7‘ o
-
i"
i.. . .‘ i i" l v n t c keys that correspon
.
2. d to the public keys
.-—
The Cl ien t asks for [h issued that
"W client.
-
. e apa thi s
s ss
thewo
fird
r ‘0
a g‘ven 5053“)“. such
t daiahase the First time the alall
l tW100 d9 t o a c c e s s
.
requires certifico time
ll (lul‘lnfl
te-based cliens the u s e ”
thentication.“lemme to access an SSel‘lfllflfiil server that
ll—
t au
3. After entering this
PassW or d- once. th
.
session. even when e user does not need
to enter it i i’ h
accessing other SSL-en .
can n or t e rest of the
4. The client unlocks the abletl servers.
d 3 th t i riv . ,
an o es
kp ate key
da tab as e.
retrieves the private key for
3
1:r vote 95'
‘0 Slfin
data rantlmnly-gencrated
the user's certificate.
the server. fro m input from both the cli
ent and
- This data and the d i g i t a l
signature are evidenc
Th e di e of the private key's va
gi ta l Signature can
be created only with
lidity.
COl‘i'ESPONdlUS that private key and can
be validated with th
public key against the signed data. which is uniqu e
7. The client sends both the e to the SSL session.
user's certificate and the ran
dtinny-generated data acros
Th e se rv er uses the ce
rtifica
s the network.
te and the signed data to
authenticate the user's ide
Th e se rve r ma y pe rfo ntity.
rm other authentication
tasks. such as checking
presented by the clie that the certificate
nt is stored in the user's entry in an
LDAP directory.
10. The ser ver then evaluates whe
ther the identified user is permit
ted to access the requested
resou rce.
I
11. if the result of the evaluation is positive
, the server allo ws the client to access the requested
resource.
.X-.__592.923112W
Refer Q1.
~—
03] Email Security.
,
Ans: [5M - M n y t é ]
EMAIL SECURITY;
« all.
‘-
1. E - M a i l S t a n d s for m a t r o n “ M d a l l p l l c a t i o n ( m the i n t e r a c t i n send a n d receive messag

1 . is
Electronic mail . most
.. Widely
use ‘ es t o
I-i’“:
+8.
Il'n.‘
other users. ~ has become an extremely important Issue.

« ofemail mesaa
Due to this the security fies
MW) ‘5‘used for email communicat
. ,on.
4
(5.
i‘er
The Simple Mail Trans Protocol (5
are as follows:
ail secu rity protocols us-etl
Th e three ma'm emc
' g“; ' 17q57#1317?
intern“:t
Figure 6.3:EmailSecm'ity.
Mm Enhanced Mail =
Privacy Enhenced Mail isan Internet Standa
rd for Protecting Email.
It was adopted by Internet Architecm:
-e Board (IAB).
_ PEM supports the three mai
n functions of encyption ,n urn-repudiation
In FEM, Message is DES Encrypted. and message may.
Authentication is provided using LID-5-
x?
Prettood Priva GP . ’
Pretty? Good Privacy (PG?)
is “3:1e used Email Gypto
system
_ P6P provides authemn'catio
n through the use of Di
gital Signature.
it provides confidentiality
through the use of Symmetric
it provides compression usi blo ck 313% on.
ng Zip Algorithm.
The most significant aSp
ects of PGP are that
it Supports
which is quite simple to the has; (requim
use and is free along' A
‘ifienssci
.. v I
v. V
6°69
m; 55.cure Mui tip um
os e
and documnufimm
In te rn et Mail Ex
‘3
tensions 1‘SLQIME‘I:
WME System extends the basic em
ail system be- perm
ema il system. itting insets to Send
- bi:
VV
‘75 “a £3» . q ,. i
“33 fies
mata- ‘
q
‘1’
SMME secunty
7
‘5 a enhancement to the MIML‘. In
" _ SWINE is similar to PG? which
ternet Emaii format Stem-g ' '' "
Pravides di oitai signatur
es and entry-pa
ss “fem-3
V
04]
an!“
96? [5M - Beats 8: Dec: 6 ]
pGP Stands for Pretty Good Priva
cy
I t is an Open-source, freely availab
l e software pack
ago for e-' mail secu
I t p r o v i d e s Aut
. hentication th roug rity
ofsymmetric bloc k encryption. h th e us e of digital signature and
confidentiality through the use
I t also provides Compressio
n using the ZIP algorithm
2.6.? ACHIEVE CONFIDENTIALITY AND AUTHENTICATION

IN E M A I L S :
Figure 6.4 shows the Confiden
V
tiality & Authentication in Emails

using PGP
FlrSt':1Signature ‘5 generated for the plaintext message and
Prepentled to the message
Then the pla inte xt message plu s sign
ature is encrypted using CAST-128
[or IDEA or 3DES)
Session key is then encr ypte d using RSA.
‘ In summary, w h e n borh services are used, the
sender first signs the message with its own private
key.
> Then the sende r encryp ts the message with a session key. and final]
y encry pts the session key
with the recipien t's public key.
PU»
PR.
1
P“"””‘"‘5’ i
- .
Encryption ”Pug-“J y c
PublicK
Decryption
‘ Hash Lfi '
Function CompressionUsing
- 1 ZIP Algorithm Inverse Compression
—>®—>[£l—+
Using
'' ZIP Algorithm
Emali Symmetric - .' "" E

[E] Public Key .. i if I '
Encry ption . Encryption
Symmetric
Decryption
PU. Public iiei'
\ \Decryphcn
.
® li, -- s
COIicztenatlon
'
‘ “on Key used in Symmetric Encryption Scheme

('5 ' l o
1—-
CONN”
‘6
pp_ = '
ey
ofuserA . . _,
P11:._.:""“‘°Key ofuserB _ I Hash ,
Pl] “but K”?
o f User A Function
of
my User 8 I Y E[PR..Hm}
i d e n t i a l i ty in FOP.
Figure
6.4: A u t h e n t i c a t i o n 8; C o n f _¢—o—-"——’ A
\
Pogo 6901(64
Will-"'-
7
ai ls be ,
g" l
ri th m to secure em
m a ils ? G ive a n alga
e
l ferent
'f threats to
06] What are the d ? 3
u se r A to use
from - [10M - Maylgl
sent
Ans:
_ 7
:
TYPES OF EMAIL Til EATS
J
r Types of Email Threats
. _
I
_—
— J r u m Day J ' Social "
at , my“
__ Exploits _ Engineerin'
S OfiDLI
FPO ['S PE UIJ l Loggers ' Eansmnware
Fhishing
1] Ph' i : ers , an d exploits

so cia l eng ine eri ng tec hn iqu es us ed to d e c e i v e us
)5 ' Phishing is an exa mp le of
wea kne sse s in web sec uri ty.
h as use rna me s, passwords,
t to obtain sen siti ve info rma tion suc
> ‘ Phisliing is the fraudulent attemp
:
u—n-‘vvv‘yw—
n for mal icio us rea son s.
— and credit card details (and money), ofte
-looking send er and a soci ally engineered
> _ A. phis‘ning attack usually consists of an authentic
age.
. I‘mess I
will open infected
‘ Many email recipients believe the message is from a trusted individual and
attachments or click on malicious links.
'
. ll) ‘ M'ofing. : 7 . - ' ' l
‘
i"
> , 'A' spoofing attack 15 a situation in which a person or program successfully m a s d a
. ue'a es 5
:
h . . l .
. . .
another by falmfymg data, to gain an illegitimate advantage q ‘

r ~- . '
> ' Beca use emai l roto c
o email a dd res ses , hackers ‘.
for
"Ng'
' " p 015 mm Qf‘emve mechanisms. authenticatino
. _able to use addresses
. - are ' ..
* and domains that are very similar to legitima t. e one s, dec elvm g VlCtlmS
‘1
,- d' d from a trusted
_ . into believing that fraudulent emails are
.. a nlviual.
> -.Cr1m.nals may spoof ‘ an individual mailbox eflgalW'
" FQtoppe
- .. rssoiutiflw
‘0
sagarnarkaae opperssolutio ns.com.
lll) ' , 52m

> . _ Despite a numb erof ways to filter out unw
anted email, sp am
e: 3.»- . £ ; .‘ ‘ ,.:.‘.L‘"..
rem ' i g n i f.i c.a n t

S.-
orga niza tion s; 3mg 3 challenge for
'
Q";
Wh ileo rdin ary- spam is sim p'y cou

‘A
. . ‘ ~ - F E a n u i side
sa d n c e . ls p a m. '
i s_ a l s o' fre q u e n t
._
.3
I
‘ malware. l y u s eVa' to deli!er

' somware’"* ‘é‘ , C o m-m “i
,3
{a2! “ }
>. -’ Ran ‘9.“ example,'

-
iS
S p. a m
most
d ao n
1 '- I - Spam
"and i t b b all fag
' 'ions to ‘carefiully evalu ate
for Vered Via
_ g mzat , e coves j
nger
- - '
'9'".
-
.
'5.
17395706.!{34
“NM“ ’ ...
.i’
.5 5 [Wfimfion ”pp/imam
Ze ro- day att ac ks are l

fre que ntl y del iv ere d via
ma lic iou s em ail s, a n
una uth oriz ed d hackers use them to gain
acc ess a n d ste al sen siti ve info rma tion
. -
VII) Soc ial Eng inee ring :
‘5' Cyb ercr imi nals u s e soci al. eng inee ring
to build trust before stealing user iogon
Credentials or
confidential data.
> in a social engineering attack. a comput er crimina l poses a s a trusted individ ual (IT support;
human resource , o u t s i d e contracto r, etc.) a n d engages in a conversa tion to gain access to a
> _
company’s network.
The attacker deceives the victim into divulging IDs. passwords. a n d sensitive information, or
dupes
them into perfor ming
' ' . c tion.
a fraudu lent transa
USER
ALGORITHM T0 SECURE EMAILS BEING SENT l-ROM
' A TOUSER 8 (P6P):
Refer Q4.
\
embly function in PGP (Pre tty Good Privacy)

Q7] Wh y is the seg me nta ti o n a n d reass
needed
‘
[5M — Mans]
Ans:
‘EMTION a 13:5s . .' ’CP:

th .
0 a m ax im um message le ng
. E-mail facilities are 0 {ten restnc‘ “’d t 11 h o w. the | mrel-net. imposea maximum length
' - mug I
go
i:OI' .- ' ' saCCB ssnble

example. many of the {aulme
95 50,000 octets.
¥~.--——— w
m
. ‘p v. flip/1W? .4
'6
lWfimflon App/imam Smart»- 7 r"
WW
ch ”W it-iii :15
y me ssa ge lon ger tha n that mu st be broken up into smaller seamen”,ea
3. An
is
subdivides a message {bet kw MW“ .il'iiy
4- '31:)::::1Ti:ii10tiate this restriction, PGP autom atica lly .
d via e-m aii. .
. segments that are small enough to sen
ding the radix-16”:MWYWW- .
5. The segmentation is done after all the other processing,inclu ine!
e component appear only once,git i338 “Wh
Thus the session key component and signatur
.5
'
.6.
the first segment.
soflrewisinahhieci
7. At thereceivingend.PGPmust strip offail e-rnailheaders andreassembled)?
before performing the steps illustrated in figure 6.5.
-
iT—i Convert radix‘64 '‘
Yes ' I.“ .... v.3. -
Signature Required? "'""""'" Generate Signature Coiifldentielly Required? . *- ii 90919641q H
* 1N0 * ' 1N0 """j‘

.-:
Compress : Decompreu .:————
I
.-
Yes
- 1
Confidentiolly
. S’BIWW" . Yes ., ~— —7
Required? : GWW‘W Signature Required? 3 — ” 'yt‘.i'.ft9"§i‘gtmtun9 i
1 N0 1 No 1
.p.
Convert radix (1+ : ' [- rn; I ._ i

..4' , . -
(A) Generic Transmission Diagram (From A) (B) Generic Reception Diagram ('1'i '
”'3?!
.- -
Figure 6.5: Transmission and Reception of PG?

messages .
. #—
. L v ... .. - .
Q8] Explain key rings in PGP I

.
-
....-.-
.. “<1...
.
-._»'
PER;
.. - ‘
‘
.
I I i
...—
i 1'. PGP Stands for Pretty Good Privacy.

-vr‘.' .‘p', .= "
_, . i t is an open SOUi ce, ircel y avail abie softw

ai e pack age for e-maii security
’o f ) “
g 3. i t provides Authentication through the use of digital signature and

confideEmmi“?
a . . ,
_
_ . _ : = of symmetric block encryption. " Wiring}. the 119‘:

V”
.. 4. i t also provides Compression'using the ZIP algorithm

_..
it; .
i. KLY RINGS 1N P6P:
—
5: 'i. - PGP uses key rings to identify the key pair

;t.‘- s 32. . s that a user own s 0r t: 'usts,
Private-key ring
.
,. , contains
“ publ ic/pr ivate k
.3 ‘ - t'5’ pairs
‘ ofke s . .
if he Owns.
r:
i:-.'
Public-key r i n g cont ains pub lic keys
)‘As;’
a. it.
{.3
.,
of othe rs he trus ts
'Pnge 7.2 of.“

. .v._.~_ :
.. 1
_..“
’
. V.
1‘
d I ”Madman””fimfim
4"”
219”," 7
Top/007’1 J'a/uflom
7<
.22..--
...)o-L‘ “ ’ *7. zfi—n
V.
- --
IIIII'II WV "WI" Imli II Imll‘ III"law I,IIIIIIII

..——-—“-"
(:1 -‘-_r‘- .v . Irv—I-
4. IIII IIIIIIII Imy film and

IIrIvaIa IIIIy I'IIIII.
II I!III.III¢.v.IIuII,.I'IIIIII
I I'III’ IIIIIIwII IIIIIIIIIIIII |IIIII|II'/|I|‘I\’IIIIJ
IIIIII “MPH IIH‘IIIII II
IIIIIIP.
II IIIIIII95 "NIP!" II IIIIIIIII IIIJyII' IIIIIIWII I‘Il
IIIIII IIIIIIII.
IIIIIIIIII IInyII I‘IIII IIII IIIIIIIIIIIIII III
VIII IIIIIH ways.
'i
.... IImm'n-ru.
r
. arc-:7“ ‘7': ta~vrswttzr~
' M
' " " “vu‘ ' JI—
=E a.- 1-.
' '
a -- A m
..nI: , 7’ .‘Y‘l :1— - W
. .
‘V 1 - ’- — j ‘—
IQ"? ' mm -‘III 1...“ ...Im ”..-...‘JI‘Z-v W .4
I‘I III) I I II III l 4"" I
KUI ' ‘ ‘
'I‘l‘llfi‘Lnfl I“
'
'
gI Ilsam l‘rIIat flagI 4'

‘ w ...,W
.
. ;- - ' ._ ,n.4 Lam—ww-

h"
I |
_ _ . .
(- 77—— t Wm
I I
w
W
mmmmmn |
I I
IMMEW" 2:21-23“: ---r::- «......
W I
1-,»;‘w—I—
‘ -- 1"
1“?
-- - r1771
WWW—r.- .
I 1
I *w >. “"
I I
- .. 152mm I
r: it'Z'fi”. .m - u-
I
m . "r I WV
L | .I. I.
I » “I - w .
I w ‘ I ~‘ ‘ I .- I
I I I v I W'—
11»!a
' I II
. ’
I‘IIIII
I .
I VIIIIIII IIII
‘
IIIII III‘)’ I I w n v I ' : I-IIIIIII
.
IIIIIIII hy IIIII use» when the IIserIInIIIIII a new public key.
51mm SlgIIIIIIIrmI IIIIIICIINI III Ilm IIIIy.
MUMWI 'l"I*II.~II vnlIIv III!" HII‘ UWIII’I‘ III‘ IIIIII RIQIIMIH‘fi attached III IIIII Imy
; "IIIIIIIIIIWII" valIIII Is
IIIIIIIIIIIIIII II‘Ilm owner III IIIII IIIIIIwn
KLIILIL‘IIII'IIIIIIII‘JIJI‘III? exInIII III WIIII‘II I‘I‘Il’l will II'IIIII
the RM“
II)
>- l‘t storm: UH) pIIlIlIC/III'IVIIIII IIIIII IIIIII'II IIWIIIIII lIy HIMIIIIIIII.
I Prlvale keys mg IIIII,IIIIII-II.I.III IIIIIIIII II Imy lII-IIIIIII on IIII: user's IIIIIIIIIIIII'IIIIII (SH/I hash code of the
pnssphrasa)
M "IIIITIWTIWI
m..--
[my II)"* .. EIIgIgpIaII PI'IVIIIII my ‘ ”mm-......”
UsuI‘ ID";
:- I“; I5.
1 “hi II i
. I.' M E I I I - 3 " “_‘ .
I- . .M-q-m-u
. “3. I “...-yum.
."""""~"""' \mwm— 1...: s
IPA-hm
“no,“ fimWau-u- “A "‘" "I"
, Tum—.....-
wmafi’flr’mw-r-
. -3 .L» t-: In; 1‘13“" ‘zfim‘e-mv‘mfiful’lwwm
.— 4”! "r" (hr...- 'WD
awn-”I11
I
_ ' wfi' wan-1! mm‘mv"w
9* ~"A h "'"4 5"
xme._ nah-M “mm" "'e Him-nun»:
h.‘ M
I
r . ‘—
I .....‘31'fi" ' '
:. _ -_ . - . ' ” I " l":.!’
"Hi-“m Hi fi'ili'u
:1". HIIII‘II “ \ l u I
IIUI IIIIII‘ lb
I- '. ~~ I n‘?¢4m;¥m'1'
"t“ "dfl‘o‘fl' ""‘ ‘" "
l'\\l. I
«I .;-;¢.-..: . 1.:2
"1J— , ‘ — v"
, »mah-2h-|v-fl- u”, a.“ d I“
I
. “...“,ng-I ..- a: M. ”Ma—iw’fl mun-v; ', Gui—IA
<.>II-I nan-x. .iv-
may
~ “...”:fi-Nm‘
a
.‘___> . “figs...” at“ "r' hum-4L .‘ l'
' ” ' « fi - 7 . , .7 u"v—‘;;,

at!
“W” i“ war-arm. «wit M‘u‘i
" . 1“ 7,3
....
- ww- w- I a: ‘ mum ’~-."k~‘V-"‘w":“ ' Nu - ."V‘fim‘wu 1d
drown-n.1- uni-1 v,...uu1..m‘< *-

M
L-w‘t W ans-Iv ufirvw-‘v‘fl'w““ "‘3“ 3x4 .9 ...-I- q. r

‘ L ' l ... u . - . . l u ~ ‘ ~ 6'7 r‘tmhy-‘U-u—‘m
Hl!’ 3"-
__A.._ WWW. -'
0/04
‘94rp\- -Wfl'ltmfl‘.“
.naidfi“~ 0-" au‘ W ‘~—'--I——--- "WVFWQQ-
way73'
rmvwfl'" W '
"
«w P.
ing of Kcrheros.
I 09] Explain the work
' cation
nti 'to d:'str ibut ed system
col that su pp or ts authe
010] Explain Kerheros proto I
‘
Ann :
W
guards the entrance to the Hades,
1 In Greek mythology. Kerberos is a three-headed dog that
entication protocol.
‘2.
Whereas in security. Kerberos is a network auth
ications by usingSea-emf).
3. it is designed to provide strong authentication for Client/Server Appl
(Symmetric Key) Cryptography.
4. Kerberos originated at MIT (Massachusetts institute of Technology) which was designed for
’ smaller scale use.
. 5. Kerberos is used for authentication and to establish a session key that can be used my
' confidentiality and integrity. ‘
Figure 6.6 shows the working of Kerberos.
:_/ '
4;: s...’
It New “ -
1 3 Sewer
,J .
.
R”“““'
T h User
2: " a ” -— T u g SeeTicitetfol‘Tt‘tS. .~.' i;
a; " ‘ St I"
F t. h. "
-
_ t I ‘. i t Sequest- t i c k e t “:1'1Q2r‘ie‘?‘ “(met tee-Tub». ‘1‘
" ' _ “~— 3 WW- Sewee

S~ ' t't h e.3 u ‘& . “ ¢ k fl .
. Amhmmmnm' ’i‘lclunr G r o u t i n g hen-t.“ essitx
mt l ‘
Service (A5) Service (T081 5: Request items,“
(1' Refine“ Grant
r
‘ A..1
“hm-F I
. Key DistributionContormnc) "‘
“‘5
1
.. A . . Figure 6.6: Working Whether” V ,

,- ny symmetric cipher mi” - -, , , _- ~ 1
- l he item] Wit] .
" ’ - - ' 1 kiirhumm } - i‘ i'é‘j
the.
' A
Data
"
Enriyptio
«a a .
n Standard
t
(DIES), . ' ]()\V
“AaF t the crypt-("i aifiill‘iihm i
i.
whit-"C un-ti .s "I:
r i There are four parties involved in

the Kerb-ems p
roton
0i:
m '1he one who uses the
cl ient workstation
I
:.
E:
i'
F‘.
I.. .
IL_
1L.
- M‘smfim Ma. «fin-WWMaWfi.
WWwfikfiemfimfimfieifimmwfim
fimz
‘mficfi mg
Yhé'fi'G’I 52:? BEW WEyf fi-x- Bin“; smhm fixem mnfim gmmg kq
* Wéfi’
W WWed firm Elfin: w e of; «.513: -1 £111.13}-
Afterthe rm 3 rewfiwesi @523: ant-525mm asks in: In?mm-
W gum mfifiemmngmfiemmmgmmm
Wamé 2.32 m 13:35 emzz fire 5?.5131213':‘53; 13:53 am? fir: Tm",
561‘:
’ Wamfw $659553, mmnmka SEE d fi m w m fi m
" F9!
151155
£59.27 needs a m m ammflfime misfit W.
kWfiWeWsWfimBMWfimfickfigrmtmgynw
I,
“55) my; mm sham: 19 giganwms m mmmmma mam same
”Wm my (V5; '
1
WitheTGSbsaisfiedaléwiréfiemk a! 1 3 m . fi r m m a m i'nj-KJ-E 3w fight 20
'
Ra
h"?— aseture
(W with See-mm
fltm
mfimfimmflsermwctmwmwwfsflmdmduififim
*2 .‘ -
ambammma'swmdmafimfimfimmm} __ J
flyfifll‘fl
WW ' ‘\
slamlrmW/
in) ter into a sessnon.
'
WW -
rd e r to en . forward KAB enc [e w i t h
I B to Server in . o WP d
>- User cannow send KA cu re . U ser can Simply
si red to be se
'r Since th ' exchange is also de
. is
«$1.,
rver.
Server's secret key to Se . .
n access KAB. >
- W-I" ensure that only Server ca w" Sends
It to
> This the “35““ KAB and
timestam p sent by User. encrypts
> Server row adds 1 to the 4 p
that the tim
EStam L
.‘
User. "
thi s pack et an d ve ri fy
ow KAB, User can open
Si nce User and Server kn t place.
sent to Server In the firs
>
er wa s indee d th e on e
incrementedby Serv encrypt
com mu nic ate sec ure ly using the shared secret key KAB to
Now User and Server can
1-
>
messages.
ther server, thanUser Will need another shared key {mm
> If User wants to communicate with ano
the TGS and specify the name in the message.
Q11] S/MIME
_
- Ans: [5M - May17]
: S/MIME:
12 E
s MIMStands
s/ for —
Secure/Multipurpose
- ' lnternet M a i l Extensions.
h'
.1} -
I t is a standard for P ublic key encryption . .
3 and Signing ofMlME data
3} [It was originally developedby RSA Data Security Inc,
security features by p r o V ‘’ d i . .
.4 S/MlM E enables email
n enC r y p' t l o' n , a U t h e nrt i c a t i o m
- 4 1 2I 1 :
- ’ other related services.
. y and g liiessagt
a . integrit
a
“a S. I. t ,,ensures that an email
- ' 15
rr.essage - sent by a legitimaqs' send _,
€53 , . ,_
i”:
er and provides encryption for
é . .-m"°mmg and OUtIUg messages,
' .
'-
”if I r 6; To enable S M ] -
Commumcatmm 3 u
‘ a"‘id receiVEI‘':- must in;
‘f‘
i d / MEbaSEd
k and si natur . the sender -. — be
. .
integra ted With p n h l i r
g _ ‘ ey
. . . 8. es i ssued from a certificate authorj r 57:1
__ _'
I?
gt
If. 'A-
d'g‘tal
S‘gnam re is used t or‘ .v a l i d a t e ’ a' senderL W .(LA). - .
3;”
. ,
A ' seCes. 3 I da. n t i “ : § Wherea s ..
f:
' encry nor) an
p ' d decm’mn - . key y mr“m
.f W 11:"
' '9 {While
Averv €90e way o-‘ e~ m a i l
7.
’-
; § ‘ } ' ? f « “ i % g F‘ i fi f fl ‘ fi lfl‘ i‘ifiJr ti 'si -'3fi9“''"v4?}
'e
encrypt- id . A _
p
-" ' ‘ " 5"

($13.5
‘
"
.‘ . -
n15 the S I. I '* . $12

v' »re L lfVIE protfitcl
5 ‘l c a t e ue r d
C 9 . t l' n
X.5 09 ‘ by S / M I M E
'm.»
Used .' 3
._<- ...‘ 1
1
dfld
canCreat- ‘
,10. T h e use r doe sn’t r; eed to
,
be ‘ ~.
‘5“ Wthe ,
:“
4
,
have any tech - a.‘ '. . '

-i-.“->
"..A
I___ _ a (Flip!
P,“ tn“!
'?‘:k.13a
11.
: _
ShOWS
S/MIME Enc , n
h. 1C3] k how'edge
(“11‘”t Hun“ (If
Figure 6.7
0n tn
t!-
1M
_ -' ' * ‘Y'P- Proiés‘s; $156 3/M E.-
-
-
-|-
.F
ii.
a “ '.
.
"T V
4'
L‘..
U s }5?‘ :
,,."‘J-
.
«flung;
l—_A.
_‘
i
_
i<; 2 . . ' . “ I f !.' ;f
.
' _ ' - ‘‘v
‘._"
l l _ V , L "L 0-;A
' ‘ ‘
’3'
- '; Wfifiio‘ WW“; “‘
N.
:.'<
-‘_.
‘_
5‘59?"
Figure 6.7:
[10M — MayiS]
NONCE iN KEY DISTRIBUTION:
A nonce is an arbitrary number that canbe used just once.

I t is often a random or pseudo-random number issued in an authentication protocol.
It ensure that old communications cannot be reused in replay attacks.
4.
Nonce can also be useful as initialization vectors and in cryptographic hash functions.
5 O
in key distribution scenario, nonce may be a timestamp. a counter, or a random number.
6-
The minimum requirement is that it differs with each request.
LBJDISTRIBUTION:
and networx
ortant aspect of the subject information
Key Distribution scenario is the imp
security.
t can be deployed in a number of ways.“
key distribution Concep
(\F
The
ernatives.
d B can ha ve va rious key distribution alt
TW O
parties A an
liver to B.
a. A ca n se le ct key and physically de
V
y to A 3:B.
Th ird pa rty ca n select & deliver ke t a new k9.“ & B
’ 'b .- et‘ b New A
_ municated prevanusly can use or \ 10 a 3
_ u~ke'toenCYYP
‘
wit“ a third party c. C can {clay key 6
- C. ‘fA & B have com
tn s
.r n
.. wwith the i\t\

I. , .
cure co rn m um ca
O
If
A 3: B ha ve se ‘r is'
u‘ e m'asu
r Sharer. a um'q
d'
u se
85 that n'otll
5!“
The
Key
Disrribution Scenario 3551
d i " figure 6.8.
distribution cen ter (KD C).
trate .
ution Scenario is Illus
‘ A WPical Key Distrib
f’
“MM MM WW "
ml
[1) II); II ll "1
EU‘v we
ll
we
II "a” H m (I. II DJ)
Key Distr ibuti on (2) [K- II
Step!
10.1)
(31 we.11:.11
9 14151191121
Authentication r - (5112111,.111112))
Stops
Figure 6.8: Key Distribution Scenario.
EELS;
1. A issues a request to the KDC for a session key.
0 Non ce is also sen t.
. Nonce includes identities of communica
ting parties and a uni que value.
- 2. ‘ -KDC sen ds a 1es pon se encrypted wit
h A's sec 1et key Ka
‘ -‘ . it includes one-time session key K5
- Original 1equest message, inc
luding the nonce.
e Message also includes
Ks and ID of A enc1 ypte
3. A stc1 es K5 and forwards d with KB intended
information for B1.e. ElKe.
or B
[KSlllDaD
4_ g B se nd s a no nc e to A en h .
cr yp ted wi th K5
5, A re sp on ds by perf
orming so m e functio
n on no nc e lik e 1
6. _ T h e l a s t tw o s t e
ps assure B that
the messag
e it 1 e c e iv e d “ c r e m e n fi n g
w a s n o t (1. r e
p la y
KEY DISTRlBUTION3111111115;
l) ' tr‘ i t '.
> l t p row' de s on e L1
~' n1e1sess1on ke
y to Valid use r's f 1 - V
.
"1
1}.
Wesson: '. menc" 5’pti011.
' '' '
l
I
_
I
l
Win-mill
7|Wfi95c i
W- 7
CHAPTER WM"
- 7. SE W‘wfl'.
011 Wha t i s a firewall? What
are t CURITY
Gt FIREWALLS
Ans: he fi ,
renall desrgn principle?
FIREWALL.
[5M - May16]
1 Firewall is the dEVice _
it can be h d 0"
SEt of devaces located at the
2 netw
a r ware, software or combinatio
netWorks from Outslde n f 011!gate way server.
3 i t protects private n h 0 both
4 E vorks
I t IS a network secun
traff h w system that monitors and con
1c ased on predetermined trols the :
security rule
3. “coming and Outgoing network
The rules are nothingbu
t the firewall securi
This policies specifies wh
ich traffic is authori"
.5}
S
-x
m
5!;
m
9.1
m
x
(D
:3
(D
m
n
a:
5
n
m
H
(D
:5
a
The pur pos e of firewall is to filter traffic an

.
Of a
9. Firewall i s like a secretary of network.

. ,
W
.
10. A firew al. typica lly establishes a barrie. r between a trusted, secur
e internal network and anoth er
outside network, such a s the Internet o r W i d e Area Netwo rk that is assumed not to be secure
or
trusted as shown in figure 7.3..
n.
"D
:J"
Private Nan-work I’ublu- Sflwork
Virtual!
Figure 7.1: Firewall.

5’.
WCHARACTERISTICS:
ed. depending on set of rules.
‘3 ewic e contr ol- Specifies what type of services canbe access
tion and flow of particular service.
ll)
Direction
con trol : Specifies the direction of manalisa
wed t o access a semce.
ill]
W Specifies which particular use r is allo
.
IV)
Bmflflflflmrol; Spe cifie s behavior of the servire
flew 22516::PRINCIPLE:
‘ e versa must ll . t Ipas;
' firewall.
. pas..-s through the
’
A"
traffir from inside to outside and vic eot -
1101“) will -‘ -:~. '0‘3
a ow
traffic as defined by the local security
‘ Only a u t h¢o r i z e ‘d H .
' -
7.» .. . A
To
EStablish
a Secure Control Lmk.
:1
‘ Int ern et- based attacks.

' ;
1‘»
7°
pro i the premises network from
L tect
Ru...
.2 " _.......—--—--‘- a'
. .
.‘v'
8'
. .
> __ . I“?! L; _}-‘L. D ' r ‘ -
' .k ‘3"
. 5 , -'
" ‘ n . r'' :' . | . ‘.a- n
Imwymmrfi TOPMW“
WW7s (If firewallsandme ntion[1‘el
Ip lIIlnIII! dlffonm type
0: I WIIIII IIH” firewall»? EI
"WW ”. 'I' How an! firewalls different from IDS?
Q.” WIImm.“ Hwy
m
IIIIII'IIIIII'III‘I‘I'" "ml'owflm [QBIIDM“’- n e c n é l t a l l o N l M‘IIII)
ANN!
MAL-LI
I'Mfil’I) I .
WMIIIMILM;
II
ImIIIIgIJLIlIamIILEImmflI , n own"
r .
It Apaclwl I'IlltII'IIIflfiI’IIWfl"Ififilflfl calladas “running rout er
)- II. III IIIIIIIIIIIIIII and mum q’acIIvu type of flmwall.
III II rillIII'III “It? |II1I3IIIIHIIIIIGII I'm I’IIIIIIwIng Informatlon:
II SIIIII‘L‘I‘ IIIIII IIIIIIIIIIIII'IIIII III address.
I SIIIIII'II IIIIII IIIIIIIIIIIIIIIIII IIIII'I address.
“VJ
I III III'IIIIII'III IIuld.
)- Paclwl I‘IIIIII'IIIII III'IIWIIII uxnmlnan packets up In the W and can only filter pack“
Imam! Im IIIII IIII‘III'IIIIIIIIIII IIIIII III IIVIIIIIIIIIII III the naIwurk layer.
5- A pnulwl HHI‘I' III-calm packets and IIIIIIIIIIII them Ihmuuh a sat uf
I'Ides.If they mmch the nI'Is.
thun III'I‘IIpI III‘ I'IIIIIIII.
[IDJIIIIIIIIIUIIIIlilllIllllllllllIIIIIlIIIIIU'I
IOIIDIIDIIIIIIOID
numnmg IIIICIIIIIII
IIHIII'IIIII ""'”'""""- I . "III'IIIVIII'IICIIM

NIIIWIII'II 2'
.............. r
MIIII yIIIII M ”
\ 1 . III com or um” IIIarIIoI
| I
III IIIIII II‘II IUIIII I'III’IIOI IIIIIIII‘
llllllltll IlllllllillllIOIIIIIIDIIIOIII
IIIIIIIIIIIIIIIII’OIIII.
b [Sfl‘lclvncy
> SImplIcIIy, IIIIII spend
III pn clmt [Il'nccsslng
‘r Low mm. '
5» Low Impact 0” network perfornIIII‘m
i
W28; A - -
I E
I They can be cumpltm
III IiIIIIflIIIIrIe
5' Have IIIIIIIIIII II
IIIIIIIIII II II In lI II II Ie II .
_ mm In the “I‘m!III a
“I'M hm,I‘IIIIIIIIIII
W.- uw*«‘m‘fl_‘ '10
«rwhiuuhnt ""‘..~"Ida~h..w
r](!“avn
D'g“!‘
9‘29.
80 #58:“ N “In. fmfih.“ - I 131‘!
‘1‘ NM
7|W93c “Wat/6
l'ets at the same

time.
k
Client IP Ad dre ss of 05 ] Model
192.168.!0.1 Server l P A d d
m”
“2.16.5.5
TC?
H From: 192.168.10.1 m,
"D W
To:1712.16.55 FTDM'
0
192 1 6 8 10 l
. . .
To:172.16.5.5 an—n'
TCP
“— m: 172.1 6.5.5 TCP
*— "-- From: 17116.55
To:192.168.104 #—
To:192.168.19.1
No uop Sent. Tap

No Protocol Match. ‘—- Frnm:172.16.5.5
UDP Rejecc _ «-
To. 192168.101
Figure 7.3:StatefulInspectionFirewall.
~. - -
, Prev ent m o r e kind s o f Do.)c attac1x than
' - 133cke t filter.
X.
F
Have m o r e rob ust log gin g-
Slower than packet filtering firewall.

>’
' It does not prevent application layer attack-‘3'
"'l MW .
; L ‘_ 'A proxy means acting on
your behalf Offometh-mg. ack all the way Up to the a P P ‘ i ‘ a ‘ i o n l a y e r '
ets
: 1 An application proxy firewall proc:ts:::tl2:3:l;1:npintermedial‘y between two hosts thatwam m
' ' This firewall contains a proxy 38.8 "‘
" ‘ Communicate
With Bad] Other. dl ct connection between the tWD hosts and it is transparent
’ ’ i A D D I i c a t i o n proxies never allow a re
" . to them, having
‘ I Us”! . “'"h the at" hemlcatlon
' dividua l network
' k ". 'Eachproxy nt authenticates each m
age 9““
cs.tok8" matchlng ""
_
”4 \ seV, e’ralfo nnes uch 3 5 , 1 1serlD andPassword'b'omem
i . ‘ - _ 4 -‘
; V‘ _ ‘ I' ‘.
> .
't, -\.
' . -v'- . '- .-’.-.~,~ : -. n.
cu ‘ 1‘
.
I ’
o 0‘ ‘ - _ J'- ‘ g i" . '. .
, - “j
"a I . -
7'. _ , ;_f-.‘ . u r . .
u u u- c. . .
o
\i
.-.’.< c. ”o; . .. ‘ . __ .
‘ ~ . ' _ . . - ,-r . - L
A " ' '
I llwvvgw Itvvrvvww . . __.c.. . , ' _.\ "'1‘
.. ~ .
> It also verifies the data

. in. side the packeet
081M0d8l ~
> It work on the War th
'
.
source Address ‘ Source Address
178.28.10.80 . . 178.20.10.60
IPPacket *’
'P paw “
“Side Host ‘
-
. ._
1 m
_ SM
I-TTP
P : Outside Host
ApplicationGateway
#
1? Address: 178.28.10.60
_ Figure 7.4:ApplicationProxy Fir

ewall.
Advantages:
‘> It has complete view

of connections and ap
plication data.
> ' It provides detailed lo
gg ing.
Disadvantages:‘
> . Reguires specialclie
nt so ftware: g l‘ ’
> , . ' Process'intensive. Th
. ev're
”. quires lot 01cCP
, ‘ . .-
see. . , .
U cycles an d m emor. y to
.
.
, _. . , , * _ A :
DI ocess every packet that they 1
‘ IV)" PersdnalFirewall:
.
.
> It 18 software applicat

-
ion used to fibre“

a Slng
1
> Personal fir ewall protec
tlon . l for
lS usefu Users e 1 t L I - ,
‘ n '.e rneL
. co unected c~o m p l,l t e r from intru
modem. der-‘1
x. Mth alw ay s-0 11 ’ C o n n e c t i o n s
r ‘, ' Thes i s are stodents
' e user
,hom.e User s
such 35._DSL or cable
d' - - ' ~.
F‘
Usin
.. g a seParat' a. St.ern Would*ln Widual
e fir ewall oy ' '
used.
be QY p e n s i v e k("31‘s,
small busmes
‘ ' To ta kl . sme n etc
> . Itis an 3—) ' atio
- n,
C ‘e th‘.n _ ‘
*,~ 1 phc
. Persof .1 f. , .. ’ ° W Oblem .9
_ Program W th runs o n a . pers
~ onalfre
l waua‘
> .a irewall can be used W i t h am"
.y
WorkstatiOn ' '
‘ to blo k
rt
.
‘ 3 e
from .
.HOWAREEW'FI'V
antec
MLéQlR
ji-‘mfiw
r
' S. MC'Af Come moi? effective and efficient
.. Refer Q4. . MOM - e persona] fir
ID
7 . ~7 73””? 50W
. Q4] Differ between Firewan and IDS
l
l Ans:
Table 7 1. c [5M - net-:5 a: Maynsl

, . . om pa ris on be tw
ee n F i r e w a l l a m s
3“
”Fl? iv .
' “-3355‘»: .7. ., {‘7‘ ~- ’ 3‘""i:¥"‘i.
"‘ "
may ”i" a “ alibi: ~ .32“ 'T 1'
“,
‘ “J“:I‘E‘f V3 «)T‘ " ""1. -‘ ’5' ‘ll '5’ ' ‘ ’ 0 ‘D :1." _ '71. IDS: ‘. :2.
“L...“ . 7'1“.v
nhtfi‘uflflm
. " " f“ ‘3?"
\m‘. 34W 5""?‘ in“.
ocated at the [D9 _,_;. ,Q-a-L, ,.....- - _.
S “i s a sof twa re or har dw are
dev ice installed
network gateway server.
the network or host.
W is used to protect private networks c

.rom -
IDS is used to detect and report
intrusion attempts
to the network.
-
Flrewal ' n block
l ca con nectlon.
‘
IDS cannot block connection.
It does not gives early warning o f an intrusion. I t gives early warning oi an intrusion
Firewall is more likely to be attacked then IDS. IDS is less likely to be attacked then Firewall.
It is not aware o f traffic i n the internal network. I t is aware of traffic in the internal network.
TYPES:
Types:
' 1. Packet Filtering Firewall. 1 Network IDS.
2-
Stateful-inspection Firewail. 2 Host IDS.
3. Network Address Translation Firewall. 3 Protocol Based EDS.
4-
L4. Application Based Firewall Anomaly Based ")5-
5. Hybrid Firewalls. 5 Misuse Based IDS.
6 Hybrid 1135.
W' It provides Protection from vulnerable Strengthil‘ca" dewupas‘w‘om(”Ckmg&dema‘

2' services. '
‘ s’31'Vlces. o
m l t a' t i o m l
F l a‘I-‘l. ' ‘ Dete .
‘ ctat ‘i‘. only
sntl “
“ ‘ I alter the,‘ 9 ban:9
ll . M‘-
give prot ectio n
W‘ ‘ - on: item: canno. nothing to stop
a .. - ‘ d‘ .
rough entered the network. and do
. 33"!“ all attack that docs not 9355 ’ mks
WM .- 'A,’ -m
W"
.W
.
M_ .
M‘
Diagram: Refer FIE;ure “5
' _ , .. ~ ._ .
_38‘T3m' Refer Figure 7. J L'Mf'W—v
-M‘W
flfliw
u.
-WW"""""”""'T
..-——vvv'-fr"
I
.
g Omar M ,
7
V
SW~
,
7 lwgac W:
SySstem for ‘ ia,
an In str u Deytection ID
ction mal
8%
{3.731
EXPIain the sigm'fic an ce of
based and arm
signature based
- network. Compare Sys tem ? C
of an Intrusion De tec tio n
co mp on en ts
Q6] “Th a t are the different
. 1 “39
based I D S
based IDS with anomaly
the working of signature
10M-- ltlzwn élfizm olmm. ..)E
Ans.
[Qsl
12.5;
1. [DS stand for Intrusion Detection System.
2.‘ It is the device which gives early warning of an intrusion.
3. ‘ So that the defensive action can be taken to prevent or minimize damage.
4. IDS detect unusual pattern of activity, which may be malicious or suspicious.
/ g
4*"
1:?
Fires-val]
“m”
‘-
IDS ter
=3 _
PC
Fig ur e 7.5: ID S.
CHARACTERISTICS: ‘
1
1 It must 1un continuously withou
t human sup erv isio n
2 It should not be m a black box.
3, It must resist subversion.
4 It must be fault tolerant.
ms SIGNIFICANCE:
1 , m s 15 used for Monitoring
an d analyzing both us
2.
e SJ
It hel ps m ass ess ing sys tem
and file Int 1'
311d SYS tem
egrity att iviIUe s
3A IDS det ect att ack wh ich may
harm the 5135m m
itprovides cross platform proterti'gn i bI . .. f
.
3 contmuously monit o , , _. I
_ . * rm it.
S.‘ . ltis used to track user policy V l o h t m
a a. g - . « x :15. .H i g
6. ID: per for m Analysns O f a b i " l b l ' m a l
a , r
. . , t‘ty Patternin
so
V COMPONENTS 01" RN IDS: ' rder t9 Secure
a networ k;
Figure 7.6 shows the
components of SIDS
fifi
we.*9?fit
Donn». n.4,.
Damion Col-IQ". Min.
V N
“lure 7.tit Co
mmitm ent oil.
il inane:
e. Packets:lieed
er a contain m
be important fo
r detecting intrusi
uns.
b. Lona: A chro
nolo gical set of record
In WWW s of system activity.
It collects and formats
m) the data to be analyzed
WW by the detection algorithm
it is based on the tietecti .
ou model. detect-t the dif
and int rus ive traffic. ference between "norma
l"
W) Aleruumn it let batted on the dec
ision critetin and the detected intrusi
ve activities, estimates
their severity and alerts the Opci'i‘il't
ii'flllfii
eniilg
responsive activities (usually blocki
ng).
mmmmmu ”ween M")Mowmwmz

Table 7 ‘2: Comparison between signature based and anomaly based IDS.
5’;
____
A; . Signature BasediDs Anmnaly BasedlDS
_. z, . . . __.-_
.*
M-W
. wednu 4', - '
sbas
life based on simple pat tern matchln I”
bclmvioroius.
yu- .
i-l-
Mllmaintain database of signature.
F ii dogs not maintain database of signature.
MM“ *mfi
it is less. efficient abf Lu

. wml’d d to Rumnaly 935” “ “it is' more.m‘mm
efficient as 7 3' red tu
" ' compa . Siutature
t,
rc
IDS. llztsed IDS.
”mm “NF-I‘m".
_._, —--:-- iy Paged illS monitors the system activity

s‘fiflaiure
“'5 . tome I .
Based ”)5 monitors the pdfkcl - vi -' tomalous
. 'lHCS-Lhcn ' *ituthertnutun.otai
‘ f
.. . '.1(lately-15¢?" . agate.»
"“k and compare them flgnlflhl based on nature.
heuristics rather than sig
. ”matures.
, urn-m m
l “fly-mew \h'Fr'." I. or
Jar-In"?
.vmgnmfifidwm'f“, “Jiltial
”awry" .. .
‘
hilb iiiL pt)
t‘) ‘lel‘. .[ Ill-\V
”8! : Precise ti Sn! 1 *' attach».

. ‘ _ unknown
MQrated. 4W .M"""' ' "FT:
: o n c n [ LwS Ultstiilfllht
M-.-v—— 'tluewtruthefl
alarme.
w.“
Weakness d:”mg the "mm.
1 i ”"in:
in Require; prlnr ' knowie d 3H”
’ d u m m. y ! ” innit) ' W . _.___................_.....
minty"
7*“ #WM‘
fl WW W
M/
Topper} 6'0/ 11
«for - 7 fl "‘70 '
7 i smykW/fi 3m \m
. . i
07] Viruses and their types.
'
cs of vir us es an d wo rm s? HoVw do they pi ()pugrme?
_ fer
What are the dif . t tvp
‘- en ,- .
Q8] [Q7 I 5 M - 00015] 8![QB l 10M - Dccm&
Doom.
Ans:
“ _ ‘ : . ' . ,. . - .
‘
. A computer virus is a type of malicious software program.
andi
it is a program or piece of code that is loaded onto the computer without user 5 knowledge
..
2.
-.-
runs against wishes of the user.

-.,_
- _Av4'—-
.,
3. Viruses can also replicate themselves.

‘ a—-k«'
“h_ogb-.—
4. All computer viruses are man-made.

5. Viruses can automatically copied and pasted from memory to memory over 8: over.
6. it can cause program to operate incorrectly or corrupt a computer's memory.
q ‘ J - w -\r“ - . . . ,
‘
7. Virus can spread itself by infecting files on a network file system that is accessed by Other _
w"2 la' g
4.;v hm
computers.
N'.
8. For Example; A virus might attach itself to a program such as

-.A
Excel. Now each time the Ereel

runs. the virus runs too.
TYPES or menses;
"
Types of Viruses
#
_ l _
.1... mi... 1
Execution Virus
i MemoryResident
Virus Macro ,
\ irus
1“ i
Email Virus Mixturitlh“
Figure 7.7: Type

s ofVlruses.
i} - WWW
7.. This type of virus execute
s only once.
at ino m". ex Virus sp
. '3c u t i io n ,
‘ reads its
h ' copy in order to
is W . . (a ' tiseiual icint 3
A virus that come
sesam e f f e c~
.. e-mail 1 t.
Spread ltoelf- attac hu Once
it gets executed and if
Opened.
tent. it is
Ill
hometown; .
5"
This type of virus infect
. s tl'it!»[mm ”Manx
n '‘
CD or DVD.
) . ,
:9 " ”09W tlislts.imrci duke and

Example of Boo
t Sector Virus ar
" a"l”,J?
other houtahie medi
e Form R; Sii)
noti .
”Harm W “3“": I.
_. _ .._,
-wwyvur
. r. . _‘
"Wrt : U
I '1'.
h '
I I
I
v
o
5 7‘ Security a; 'H‘rom/E 3mm” - 7 WWW?Jo/uflam i

- s
IF
part of a resident system program.
.V _ F This type o f virus lodg es in main m e m o r y as
.
y program that executes.
i F._ '1 From that point on. the virus infects ever
w—wv
'
ate frequently performed tasks and embedded
'9 F Macros are the blocks of the code written to autom
.—
I
l"
a Program file. 5
—-_.
f
3i. , ,
.F Mac ro Virus IS platform independent.
%
t Word docu ments.
_- F .‘ Virtually all of the macro viruses infect Micros’of l
8:Melissa.
l. F ‘ Examples of Macro virus are Relax,Babbles
E
This type of virus is transferred through Email.
.' F a
tacts, in hopes that
multiplies by sendingitself to other con
o . .
Generally this IS a macro Virus Wth

£19, . .
f
.‘ F3; ;
they will activate the virus as well.
5‘" 3;. N
" . L7?'
out the local area network and

created to quickly spread through
V 7152 . This type o f virus are uniquely
as well.
575
"7" generally across the internet 'I
ources like drivers and folders.
g I t typical moves within shared res ”9:4
' ‘~
.“
’ 'Lil-WORMS:
ter to another without
lici ous cod e tha t can spread from one compu
‘ 1. A worm is a piece of ma
requiring a ho st file to inf ec t.’ to transfer
i ':.-- two rk connectivity
m tha t replica tes itse lf and makes use of a PCS ne
:2 worm is a progra
t network. .
computers within tha
. a copy o f its elf to other
t any input from the user.
3’ l t is capable o f d o i n g this withou ,butlike viruses.
virus es in tha t the y do no r require ahostprogram to run
I 4 Worms are distinct from
e infected computer.
cause damage to th
they almost always
agating
Thus, they are self-prop
0F ‘ NOR ___S_:
l itsch.
S em ai l Client to spreai r, or it Will
A n em ai l w or
m s us es a PC
when clickeI d. wiil infect the compute
k w i t h i n th e co mii that.
se nd a l i n
i t will ei th er ill st ar t th e in fe ct
io n.
ened. w millions o f
at ta ch m en t tha t, w he n op YO U" w or m , w hi ch in fe ct ed
se nd a n or m is the "IL O
VE
ex am pl e o f th is typ e o f w
n 2 . ______...—-,
A well-know __
in 20 00 .
compute rs world wide
I Page 57—a
same:- _7 Tapper?J'a/uflam
7v—I 63¢q J:Wrestle/5 .1 ‘
- :. , Fa
0 ram _. 7 ‘
11) W
5’ internet worms are completely autonomous P 3 hi n achines - 1
' -
the int ernet for other vulnera e 1 ..
They use an infected mach ine to scan _r
ess again.
h or1n will infect it and begin the proc 1
-
a vulnerable machme is located. t e W
> When
,
. of the fact that file-sharers do not know exactly what they are
- haring worms take advantage
I>" ) l File-s
__
3) ll
downloading. . y u
er with an unassumingname.
2 The worm will copy itself into a shared fold
d folder, they willunwittingly y 1
2 When another user on the network downloads files from the share
y 1
ts the process.
download the worm. which then copies itself and repea
the ability y
5‘ in 2004.21worm called "Phatbot" infected millions of computers in this way. and had
ented 1 ‘
to steal personal information, including credit card details, and send spam on an unpreced
scale. ' )1
IV) ,
WNW
>- . These work in a similar way to email worms. - 2
3* The infected worm will use the contact list of the user's chat-room profile or instant-message ‘
program to send links to infected websites. . '2 E! I
2 ' These are not as effective as email worms as the recipient needs to accept the message and click ‘ if _Cons
.'
' the link. hulk/l
f ..
: ' ~ I.
- 2 They tend to effect only the users of the particular program
. - ~
‘ non_ll‘ldhClOllS
QO]‘ "With the he]p of examples explain
13"0grammino
errors. 2 2 ‘- #-
Ans: ‘‘ '.
[5M - Deal s] ’ '.
NON-sisucmus PROGRAMMINGERRORS:
1. _ Being Human, Programmers 81Other Developers make many I l l i s t a k e s ' i
2. Most of mistakes made are unintentional 8.; non malicious .fl ,. ,
Vul
3. Many such errors will not lend to more serious 1 ,_
“ e r a h i l i r i e s b u t fer : ‘ , 1 13-2., 3;}?
professionals in trouble. - \ will put many sec-ants
»
prl’gl‘al‘nmin t
_ . 4. There are three broad classes ofnon-malirim15
" ’.‘ they are as follows. 3 e r r “ 5 thathave security effects and

E I) I J, - .
.} E _ >- Abuffer is a space in which data can beheld

' é_ ‘r‘. A buffer resides in memory.
'3 ‘ 2 Because memor‘ is finite ' .
i 7 199755”... ‘
._
‘ t:71W9’7‘ W“
....~ Smarter 7 II-
Topper:J’s/noon:
.7
I '
w
1}" For this reason, 1n many programming langu
ages the programmer must declare the buffer's
ww
._...-
'. max1mum size so that the complier can set aside that amount of
space.
—"W
_ M, Example of Buffer Overflow in C Language:
q—m.
"- " Char Sample [5]
h? . The complier sets aside 5 bytes to store this buffer, one byte for each of the 5
elements of
. _- : 7' the array, sample [0] through sample [4].
C1
. ‘ .33: I Now w e execute the statement: Sample [5] = ‘A',
"
I The subscript is out of bounds and results in buffer overflow because it does not fall
' ' between 0 and 4. ' '
m w
1'2“v
1]) Incomplete Mediation:
-"
.h Incomplete Mediation means Incomplete Checking.
,|u’ .nL f-i t - ‘ 3 .

- l—
v3"
. Incomplete Mediation is easy to exploit and attackers use it to cause security problems.
m
-311u' !. 'r; u, lm
.q‘ffi'l
X In above example,buffer overflow will occur i f the length of the input is greater than the length
i“
ofbuffer.
‘«'-.
>" To prevent such abuffer overflow,theprogram validates the input by checking thelength ofinput
.
.-’ e
555,71;
. before attempting to write i t to buffer.
.
> Failure to do so is an example of Incomplete Mediation.
I Eghample:
'_.Consider URI
' the followmg
‘A_':«'-Ihttp:-/./www'loppersSolutions.com/index.asp?parm1=(555)8184567andparn12=2014Dec20
ely.
P a r m l 8:. P a r m 2 a r e t h e p a r a m e t e r s for Telephon e n u m b e r a n d a D a t e respectiv
I t is possible for the attacker to change this parameters in the URL as ParmZzllGOFebZO.
‘I
a n d give wrong result.

The r e c e i v i n g program m a y g i v e d a t a type error, o r 1t m a y execute
rs:
T i m e --co f- h e c k to T i m e --of—use Erro
rmed b y ‘'bait 8: switch” strategy
The Time--of—check to Time of-use (TOCTTOUJ Errors is perfo
01 seria lizat ion o r sync hron izati on flaw.
I t i s also know n as Race Con ditio n Erro rs
the timelagbetween the time we check and the time
Time of-check to Tin e-of-use errors exploits
weuse.
Nap Co mp uti ng Ex am ple :
lL'bait)
eep er sho ws buv er rea l Ro lex watch
I Shopk
Rolex watch to a forged one.
.- After buuer pays, shopkeeper switches real
C o m p u t i n g Ex am ple :
used.
between time access checked and time access
- Change of a resource- (e -g - Data)
#f 29419::8901934
_.ior.
.- —_——.—¢-
g—a.
Ma.—
em or y and midi-ens prot

ectiom
Qt o ) Wit3 t are th
e «trious more the m (W WW “it
‘flfi tit-Mention in
w for m em or y an d iltll’l't
What are th e various ne ac hi ev ed i n ( L S !
Q“! systems? H ow is au th en tic at io n
10 I am -- M‘ ny ‘to a: m in ~ be e-1 7]e Hm f «M .—_.W
Ans:
[Q
DE PO’C’ ‘
ORYdt
on a cotnmder.
1. it is a way to control memory access rights
ory that the 09 itéelf “#69 fl Well1 as: M .J «
2. Memory protection includes protection for the mem
I
memory ot‘user processes.
{I‘Ofi'ii
366mg“;
3. The main purpose of memory & address protection is it! pr’e‘vent it {#6t
memory that has not been allocated to it.
4. This prevents a bug or maiware within a process from affecting other mama, or the;6,m
system itself.
METHODS:
Memory Q Adora-n t’toiuiiou
Fume Bo $931923!
J: ttta‘ l
“min“ l l
Segmenta tion pm,
i] Egngg; 2"}?
> A fence or fence address is simple st form of memo ry protnc
ttor‘
_> it is designed for single user systems.
> A fence ~ - ar. address
IS a particul _ that users and their
paws.“ ca ‘-"
> Only the OS cten » one side ofthe fence and iiiii'fr“
i . . on
* opu‘att. “not' 6 m md"
‘ refit
V dare
ggj
H“?
- .. ' note to, ' A a”. -- ~
m EammLflnnndsmm the M I em.
> This type of protection can be used in multi u
. - "er@ W- t .r o n mie m a’
to be protected from the other é Where
on» “Wemgrm
I. o .. ‘j I
real"
. u”
> Each user has a base register which lo the i . .1

.
address limit.
- ow6 ' address
‘*
and :1 Bound ”Sim M
3'
tum;
" ..:7
The
I . bU t i l i d fi
t . —and
Inc? register .
‘ '-
t a
implicitly
"tmt' . ..in m e m o r y .
~ . moon.» ”mac“ ' assumES
t h a t the i1 "7
What 3:"
i.»
r
“ Tue
t 05. must determine D'I'Otecu .. d ' W
Wm space.
, - ‘r', .5-
‘ - , on to app! l‘
3'”
tn) mains.. . y ‘0 3 Spat-tnCmrmommmn
-
> ' . Problem of Base &[3O u n d s ' f1
Register "19?"
' is th allow an
data. at l l can ' if
“- fi t h e r ”IOdUIfi '0 at (:31,
g
“31 2 armor no .-§.;,-"‘
3‘ 90 fifty, -..._, M . T‘
“h" 4"."
z' u . 1
.'
A
7 l 3661019 3: Them/6
I
3% ~7 Tapper} Jammy
.4
> This problem is solved using Tagging.
«1 1 Tagging Specifies the protect ion for each individual address.
) I. i n this me tho d of pro rec tion eve
ry wo1d ofm ach ine me mo ry has
one 01 11101e ext1a bits to ide ntif y
'1? the access rights to that word.
) Only privileged instructio ns can set these access bits.
H
1?) This method divides the memory into logical units such as individual procedures or the data in
, f fir; . one array.
..
. _
‘) Once they are divided, appropriate access control can be enforced on each segment.
.L',‘
_- “it? ‘ Abenefit of segmentationis that any segment canbe placed in any memory location provided the
“W
WW
W?Q
location is large enough to hold it.
a
‘IW'II-fim’
‘hgim
Paging discards the disadvantage of segmentation.
in paging all segments are o f a fixed size called as pages and the memory divided is known as page
frames.
The advantages o f paging over segmentation include no fragmentation & improved efficiency.
‘The disadvantages are that there is, in general, no logical unity to pages, which makes i t more
difficult to determine the‘pmper access control to apply to a given page.
~ 110w AUTHENTICATION ACHIEVED IN0.5:

l 1. Authentication refers to identifying each user of the system.
2. ' — It is the responsibility ofthe Operating System to create a protection system which ensures that
a use1who is running a particular program is authentic.
3. Operating Systems generally authenticates users using following th1ee ways:
a. Username / Password: User need to enter a registered username and password with
Operating system to login into the system.
b. LI_s_er card [kev: User need to punch card i n card slot, or enter key generated by key
generator in option provided by operating system to login into the system.
c User attribute - fingerprinti eye retina pattern / signature: User need to pass his/her
attribute v13 designated input device used by operating system to logininto the system.
f @395 yr 0/254
J‘mW'7 M \
9'
‘7
WW” udintlm’ and chow with exam]? 0W each .
.11 Madurai”
n a n d new?”
thetttieniio
QM] Donne ou L.
one can he achieved. “5] ,.
Ana:
J
stem.
ch user 0i the sy ,
1. Authentic wation refers to idIentifying
ea
eu el ly0ba se d on a us er nameand passrd. _
u ho he
vidr‘el,W
nt ic atio n is pr oc es s of identifying on lndi ims to be. but says "tith
ing .. ,
Authe r sh e cla
dua 5
th en tic at io n m erely ensures that the indivi
Au
individual.
about the access rights of the ication would be to determine
al. the authent
s herself as Sneh
4. For Example; if the sender claim
not.
whether the sender is really Snehel or '
era lly aut hen tica tes use rs usi ng following three ways:
f 5. Operating Systems gen
r
and password With
a. W W W User need to enter a registered username
D
Operating system to login into the syste m.
fl:
key
b. W User need to punch card in card slot, o r enter key gener ated by
generator in option provided by operating system to login into the system.
c. umwmammmmumezflmtfiure- User need to 92,55 hiS/her
~
attribute via designated input device used by operating system to login into the system.
6. Figure 7.8 shows basic authentication process.
1 ) Reque Sts a protec ted resour ce
-"'
2 ] Req uest s user nam e 8: pas swo rd
A—
1
“"m-‘f'
Ciien t
3) Sen ds use rna me 8:. pas swo
rd Ser ver
_ 4) Re tu rn re qu es te
L;
‘-
d re so ur ce
..
_— Figure 7.8: Authentication Process
- ‘ -
H Qucgggp'gte'nogg ' .
1. Non-reputiietion is the
assurance that
2. Non-repudiation does no
t allow the s’ ‘
I)
se nd in g o r receiving
th at me ss' tg :
9i,
so.
0’1
{A
E.
a:
(D
H
D
0
U?
:3
m
D
’5
H
i:
in reference to securit
3
(D
n
a.-
y pudiation m e a n s
'
':-
sent and received by

tiltspawie - ’ that
.“I‘U‘
..—-
“ toe nENSUre
S
. g . g .
4 , Non'rePUdiotionisaway - Sciaimin
toguarantp .
”Etc have
t
a a transfer
. red message has been
.
.
atthe
the m es sa ge and th
at 7
the recip -e se
ie
.
nt c a n n o
'..'_¢.:.“
___...
.
__._.
t d any haw
ofBl;
8
.
125399 92 \\
..
r
-
” r . “ -2 , .
re-
if"). Non-repudiation can be obtained titrough the use of:
‘ a. Wm Function as a unique identifier for an individua
l, much like a written
_ p H __ signature.
. .9 ' .. b. W T M message transfer agent can create digital receipts
to indicate
"" j that messages were sent and/or received.
e. W Timestamps contain the date and time a document was compo
sed and
' f proves that a document existed at a certain time.
.4 6. Figure 7.9 shows non-repudiation process.
I Signed Message I
1i
Sign Signature Verification
. . Recipient
Initiator
Service's Public Client’s Private Client’s Public Service’s Private

Certificate Key Cerfifimte Key
Client’s Key Store Server’s Key Store
Figure 7.9: Non-repudiation Scenario.
M—w
ZJW‘W ...{EXTRA 005511014-- II N f
on
' Ans:
Malwnre
e.
a licious softwar tem.
harm the sys
st ands for m
1; Malwane c io u sin te n t to kn o w le d g e
it h m a li e vicc im's
mfl nag w
ings without th
2. It consists of progra d o m a li c io u5 th
at
gbut a soltware th
hown in fig
Malwaneis nothin ure 7.1 0
3.
on te g o ri e s as s
bdivided into many
4, Malware canbe su
Mm bywaguies
Figure 7.10: Types of Malware.
1) W
9 e a ' ‘ c.
H l - t
‘ l
i
i . I
‘7
, D D .I afllmlar “f I 00 ' i ‘ 1m .
‘ ‘ V ‘
I h
11}
'?
r '1 " I'
‘1
It is a com 33 Ul - l I I a S “'0'“
‘3’“;
‘ ‘ "
purercan sprea‘d its elf b y infecting
A virus nles on a network file SY stem' th a t i s aécessed by other
'ir'fi-‘u-wv‘
. -
-
‘ W ' v -pvm
‘1’
e l S anathes
A .
’ :
111) am:
. _ .A A
I t spreads itsel' f *.h." ough network to infect other computer
‘
SI
-V‘
- ‘ assistance ao “equ'ared by -
i t does not need' evade aa Virus. .
_V
Wank a rad - "Mom!

m
33’
be crash . E‘ .
t‘ :x
.
d e V ‘ w. as connected und
Operating d. 0th f
’ the. » Ssem _, __ ' an
A
same
network. ' er
the . ‘
. se
molas s _
1‘0 _
‘
i t i s the 1r.altar I : es “9
- are thatinv-‘t
_ I.
, . mch “13?c
. ain h armil-ll ‘ ’
Ih‘a
a
m
. or maliciousPafwd L“ .\
eff
51 1
s
‘ .
I
mahfiou
bYPHSsing hing ' .
mm: ~'method of
t is > "5
While the
victim is playing
normal 3 Lillian
access to a system. ,.‘ '
9’
“mute to. it allows unautllfiri’d
7
7-? l5
Mk m W7 Tint-3%
VI)
It is a malware which create
s many instances of them in ord
erto emanate sys
- tem
_ mo
. mes.
Unlike worms, it does not spread over
network.
It can exhaust system resources.
V") were;
I t is the type of malware that can be installed on computerandwhidimfieasidummm
users without their knowledge.
y. it monitors user’s computing.
.f ' ' ' '' 'I a E" I calling”,
', ‘ ' 3””, a 7 ' V . . _ . _ -.- -. .W;.:.: ~-—:-‘77:~"-'-TF:—r~r--..,MK
M ' '
_ 3 I ”6%
11’5“"
We;
‘1‘ ich a"
k ? W ital ar e the different way» in wh
t is a D en ia l of se rv ic e a t t a c
Ql] Wha sy st em ?
ca n m ou nt a DOS at ta ck o n a
attacker
De nia l ofaervice attacks.

02 ]
ta ck s? Ex pl ain an y th re e types 0! DOS attacks in

at
03] What are Denial of Service
deta il. .
Mm “ 10” Mam]
to: l mu - Dacia].[02 l 5M - “I $03I -
em:
DENlAl. 0 F SEBVIQE;
ity atta ck.
1. Denial of Service (D05) is also called as avai labil
to Its intended user .
2. ‘ DoS makes a computer or its resources unavailable
n l l n e accoun ts or other
3. in Dos, an attacker may prevent you from accessi ng email, website , o
"
services that rely an affected compute r. I
'4. The basic purpose of a DoS attack is simply to flood a network or change in the configurationssi
routers on the network.
i ' ' 5. These attacks sometimes have a specific target.
Forfiztamnlaz
' I
a. All message sent to specific recipient may be suppressed.
b. An entire network may be disrupted either by disabling the network o r by flooding it with
.; ‘ ‘ messages.
METHODS:
J . p .The different ways in which attackers can mount DoS attacks are-
7-.
11 sv Flo :1 Attack:
1r" _- S‘IN Flood Attack uses TCP protocol suite Wher 3 ’ W a l‘ands
d o n e with SYN and AC}; m e . , ea y . 0f . . -
“5336 as shown In figug-e 3 1 baking network connection”! is
Source SYN + ACK i:
'4.
ACK Destination .
g.
'
M-\—~g_ -
aufmm
> To initiate TCP Connection. the Slistem that Wishes to communicate
, Sends a SYN
messa ge
to_the
target system.
. ‘ .
'r l i t h e taro et 8 "Stem is l‘ -
o 3 Eddy to communicate.it sends SYN + ACK message to Source m a c h i n e
then responds . .
The source svstem
- With an ACK message to complete the communication
1“
' . '
SYN ACK attacker denies servnce to the target by
l . “00d attack,
.th sending_ many SYN message and not
rep ymg wi .
> This fills up the buffer space for SYN message on the target machine, which prevents other
systems on the network from communicating with target system.
SYN ‘
SYN + ACK
ACK
SYN + ACK
SYN
SYN + A C K
Figure 8.2:SYNFlood Attack
11) Pin of death:
' are larger

'kets that "'
' than 05.5 ' s t'o tl
35 byte 1e victim. -
. ds plng pac
' Asen "
‘f The ping of death simply 1
. _
ping -18 660 0Av icti m.o rg
‘P This DoS atta ck is as follows:
im’ s bandwidth. , if attacker is on
let’s saying 100 MB connection an;
i; ' t k
‘ a t ac. sat ura tes the vict
. .
This
. . y . _ - . .
7 ' victim is on10 MB connection. 100 MB
MB connection and VlCtlm IS on
A -> ’But th e att ack wou . succeed if attacker is on 10
. ld not
I . connection.
k: . .. ' ,. ,
.
. III) - Teardrop fiflfi. _
gmentation .eassemb h code.'
_ ing
is conductedby target TCP/lP fra ‘ .
' Tea rdrop Attack the hcst rec eipt
overlap one F a i lrson
anothe N,
f me nta tion packets to
. w 55 hm
.
> ses rag - . '

Thi s atta ck cau .
t to rec ons truc t the m during the prom
’ IS
r from
d3.3 one. system to another. The data
mp ‘ a d 300 0 byte s of .
; T h e hos
F : El . you reed to sen
atte
’5 For 42‘1“" e. J . .
enhalo
w: '
as giv
d‘vided and sent into smaller pac ket s
1 t
- Packet 1 carries byte31 ‘ 1000

0,
3 Packet 2 carries bytes 1001 - 200
,. Pack et 3 carrie s bytes 2 0 0 1 a 3000 h oth er.

V ., - 5 the bytes ' h eac
. Wit
Teardrop attack overlap 2000 a n d bytes 1500 _, 2500
> /’-—
_........
_ .
1000
>. . Bytes1 - 1300,bytes(“f/.—
‘
"'
—-*----' @ 97 a
FM.’
.
-au ‘0“
m'
.
M '1'“ .u .. '4-
”-9,:4-v-o‘v-w
' , _
M" ‘- ’ '
a,
“Quit: w
TOW" 1'
\ 306%
3W" 7
W)
' essage.
° ttaCk-
ed hr03 dcast n m
of“
3» It 'Is a. vari ation a
n target
system wa
.
Spoof ’ oadcast a d d r e s s o n the network addr
‘2 This attacker floods a third party 5br . . e33.

ing reques t to 3 . the" n response to the Vic'd
>, The attacker sends a p domain sends
"L
. . s broadcast
> Every system Within third part)” . ‘
- .3 d3 Echo requestto
[ Attacker :9;a in broadcast mode.
Amplifier
J.- 2. Hostreplyto
I victim.
_ #_____l_J 3. Victim geB saturated

Vichm
Figure 8.3: Smurf Attack.

V)
m
>- Echo chargen takes place between two hosts.
F Echo services repeat anything sent to it.
Fr Chargen service generates a continuous stream of data.
> if they are used together, they create an infinite loop
and results i n denial of service_
For
B exampl e an attacke r starts th' . .
‘5 Chargen process on host A which sends echo packets to host
3* Host
h . .B replies to stream of Pa~ke
c t5 generated by host A, by echomg them ‘
r This creates an endless loop betwee back to hos t A
n A and B
Q4] What IS access control: How does th "‘ _...--

control? e Bel] -
Li Padula mode] achieve access
Ans:
MESS co.V "'3 “01:: - [10M __ nia‘ltfl
1. Access control is a secu

ritv
. technique.
2. I t can he used
. t o re gula
o te w o
h or “'hat a
3. The act of access Can
- View or ‘ ‘
54. perrms .
. mm Il
to acc"‘8
essmay
a resmean
ouWeconsu
is ming.
Called: emerlng. “99 resources in 3 Computing
or using ermronme"
I
Access Control inc
ludes items: Corn
I
.
o
. »
_ .. 0 1 M a t “th-orium“.
I a
. .
nx & Access
Control
List
-- ? - .’ I a - . v. ‘ ' '- _.z’e . - ’
- - . - - ‘ - 3.- ..“, l. - . J ‘7- +1 ‘ _ J
- ' A i '. ‘ . X 4 j. v . . “ ‘ - . ». 1. i __ » V ' * ‘ a“! 3 1 . . ‘ , _' . t n - ' a u
u- ' '-‘ -.
r 45.. .x. . . _ l -" > . ' ‘ - : J . ‘ j A’1' , ".‘ ' . ,. r .’ . . * *“1‘2. . -_o "__,_ J ! _J a- - " ‘.. ‘ , w. . .' ‘__.
; .--. . - .. . '
_. ..vI . z.1 .,. A: _ ___
E’MWQ Smw~7 7’0””?
6'a
I / 599°5 5 g g n t r g l M a t r i x ;
- . ‘.
1,. Ii
A: 7 Access j 0»f authonzanon
Control Matrix gives a classic view
' ' ' used to restrr- i
5
:1 onzatlon IS ' . '
5: ? AUth Lt the actions of authenticated use”
~ 1
1-
Access control matrix has all relevant information - , :
3 Operatmg
”Stem to made a r 1'
1 P ' 'on about whic h users are a11owed
deast ,, .the
- “ by
new 1; 1.
s. . ~t° do what With the various system resources. .l
? Access Control Matrlx consmts of subjects and objects. f
’1;
), Subjects (users) are the index of rows. 1' ‘a
. l
1;
;. Objects (resources) are the index of columns. 5
ii,
P Figure 8.4 sh ows the example of Access Control Matrix where UNIX-style notation such as §
execute (x). read (r). and write (w) privileges are used. l
Payroll ‘
‘ OS Accounting Accounting Insurance
Program Data Data Data :
Bob rx rx r
rx
'rx
r 1W 111'
Alice
no: r 111' rw
Sam rwx
rx rw rw 111'
Accounting rx
Program
Mat rix.
Figure. 8.41 Example of Access ”Control
I!) W53 .
h a s all relevant information.
> Acc ess con tro l m a t r i x
use rs and 100 0’s of res our ces .
>1 This cou ld b e 10 00 ’s o f
’
0 0 0 , 0 0 0 ’ s o f entries.
‘P T h e n ma trix wit h 1,
nage such a large matrix.
V~
The pro ble m is h o w to ma o
mor e manageable pieces.

the Access Con trol Mat rix into
Th I5 can b e don e by por tion ing
r
I:‘ J >
:
it the Access Control Matrix
‘> There are tw o ways to spl . trol matrix by column.
Lis t stor es access con
Usin Acc ess Con trol List: Access Control
" ”pk—##J-
.7
“”“'T"P 05 Accounting
Program
Accounting
Data
Insn1 anc e
Data |
Pap 011
Dnta___
.
“
’
"‘_—-_-—
._.-——-_.__—-——-—-"""‘—---""
5‘11 I'X
1'
- 1 ___‘
____ ____ ____ ____
‘
Bob
l.
"1 1"1 :11
fl.
11' _
AliI ce '
J m
L_.____ r11:
WK._____..€__...s__L.__
1w
w- L-
' 1'
. ‘ rw 1 m l
TX r1. —— —-—‘—“
Accounting -———L——-——'—b
Program L’.__———-L._——————
We \“(
m ‘ _to
by
01
0] matrix row.
01
e Payro ll
,113 AccDountins in su ra nc Data
Account m Da m
Program
Sam
Accounting
BELL-LA PADULA MODEL:
Bell La Padula model is known as BLP Securi ty Model .

O
s for Mu lti-L eve l Security,

BLP security model was designe d to express essenti al r e q u x r e m e n t
B L P d e a l s with confidentiality.
It is used to prevent unauthorized reading.

Bell La Padula Model Supplement s the Access Matrix to provide Access Control 8: Information
Flow. '
Assume that O is an object, 3 is a subject.
Object O has a classification.
Subject S h a s a clearan ce.
Securit y level denote d L(0) a n d L(S)
10. B L P consists of:
. a. Simple Security Condition:

S can read 0 ifand only ifL(OJ <
L(S)
b Pro pe rtv [St ar Propertyfil:
S can wr ite 0 ifa nd on ]
11,- , No read up & no write down as yifL (s) 3 MO)
shown 1n figure 8 5
99”!”
1L Q
9 190
>0
No Read Up I
...'...___ ' ‘ , Howl-fie Down“-
Lonfidentiaz
14.01
“"daSSified .
\v.
- 1 5r.o. a r
‘z‘fi-zy
‘5
Flt-
3W~
.’>’
W?! 7 77’
.
' '
.
9|” ”a” 3061503
(Handshake Protocol.
b w f : . m m y m fl r , . q m , ‘ n r ‘ s é, v d
st the functions of the different protocols of
Expla in
fV . SSL. the handshake
:06] 30mm]
i [95 8‘ [Q6
._ p‘ ' ' I 5M '— May16] I 5M - Dec15]
“
.‘1’5:
r
?\
i. 551, stands for Secure Socket Layer (SSL).
fl.--g...
i 2. it is also known as Transport Layer Security (TLS).
3. 551. is layered on top of-TCP.
‘__.
4. -' It is a DTOtOCOl develOped by Netscape to protect communication between web browser and server.
5, URLs that require SSL connection start with https.
.
SSL ensures that all data passed between web server and browser remains private and secure. '
--':.
__...r-
FUNCTIONS OF THE DIFFERENT PROTOCOLS OF SSL:
.a—.-—._.i—-—u—
1. SSL Protoco ls Authenticates the End Points usually the servers.
2. . lt hides the data during transmission. .
-
information file and making
__-.._
3. lt provid es a way to validate or identify the website by creating the
the accessing possible.
sending of the data from one source to
4. it creat esan encrypted connection that provides the
ano ther u s i n g the SSL.
provided to the transaction and the data
S. ' SSL-provides a way to ensure that the security is being
' in use.
on the secure channel of
‘ '6. _ T h e l o c k i s used to display the browser s connecti on is closed or opened
‘ SSL or T LS.
HANDSHRKE EM
used in client and server to communicate using
1. Handshake Protocol is the first sub layer protocol
n.
a n SSL-Enabled Co nne ctio
s with each other with a hello before they
2, This is similar to how Alice & Bob would shake hand
star t c o n v e r s i n g .
een the clien t and
of four phas es whic h pass mess age betw
3, T h e Han dsha ke Prot ocol is mad e up
serv er.
ake protocol operation.
4-
Figure 8.6 shows the handsh
__ f
’P‘9efalpffilr
8 ”1’w1
PM”!
’0’-
no
.noa—a ......
nnnn
m2-
mandala/Jello
Serverfiayfleilo
Sendfiarfiflcate
Sendjerverfieyfixdmge
Certi ficate fiequ est
Sewe rfiell ofion e
Send _Cer tifica te
10 send_Client.Ke'/,Exchange
CertificateJ’e-rify
11 10. Sendfihangefiipherfipec
”“3534 — 19 11. Finished
.. 12. Send_Change,Cipher,$pec
13 ' 13. Finished
Figure 8.6: Handshake Protocol Operation.
1) Establish Securing. Capabilities ;
> This initiat es logical connections and establi shes capabi lities assoc
iated with that connertion.
i»
This consiSES oftwo messages that are the client hello and serve
r hello .
Fr : nt send
The che 1- '
s the cnen t hello mes sage to serv er and rece
ives a serv er hell o message from the
server a s a reply.
11) ' Server Authe nticati on and Key Excha nge;
> T h e serve r initia tes this phas e an d is

' th e so le se nd e
r of all ‘m es sa ges .
‘2 While clie nt is the sole recipient of all mes
sage s
> This phas e cont ains the following four Step s
' :er__L
tlfie_:a t Server.v ends its digita C e r t i f i c a t e
l to the Client f ‘
. ewe r Ex 3 e Ifser ver d
. *mg-m
mmm uefl oes o r auth enti cati on.
Th not send a certificate then
it send l| k
I e 581 V8!" r e q u e s t f o r t h e C l i e n t 5 d } ‘ l 8 ll}? p u ) 1C 9)”
WTMS message indic 8i :1 Celtii
ate Irate .
r‘Omplete Client
‘ 3 t0 the that it"
, 9. portio
. - ' n0 r lrello messe
l . s”
H!)
W‘
Ppsawrwwr
‘
3"
‘ The clie
)p Whilp5v nt initia‘t e s t his
' phase " ' sole
' and is the I l sender
' ‘ M'a n . _
> erver'is the sole recipient or all messages- "19.339393.
Thisphase contains the following
three steps; ‘
Ra“— 7\
17696“):a M. _ . ,» ....._—....-
. 5mm?“ 7
_
We
* ,
e
K ‘ 'fi Eligi- ThIS_lS an optio
nal and used only if th
x
Vb/J/Jer} J'ofitfiam
.
certificate. e server requested for
.
clients
’ digita
' ' l
,.
-
I WW: the client sends a symme
1- V v-rvr
tric key to the server.
I
. V . =T h i.s .
,
4 1”
.
a fi g | . “ - f.,‘ f _
. M
Inf-.159
Is needed onlyif the server demands client aut
hentication.
-
may
Einlilli
I
,
.
‘_‘_~:
l
‘1
The client initiates this phase of the Handshake which the server ends
.
.
.
.
g
The client sends change cipher specs and finishe d message to the
server.
,
V r v .vga:l:}v?f ~ , f e v”-— -
.
..:’_l,
fins—3“.“-',
.d
; 0n receivmg them the server sends change cipher specs and finishes
messages.
'
._4..
What are the different
.
Q7] protocols in SSL? How do the client and server establish
1 l - a r l '<a" '.- .
—.
an SSL connection
-."
‘<
Ans: [5M — Dec17]

‘'
Vw
. .u»- m ‘ n - y j - u .
l
Anna“
t
.4J .u.—
"
SSL:
.
"
”rm
r ‘ , 1 '“ “ 1. “ q
1. SSL stands for Secure Socket Layer (SSL).
w»
war
2. SSL ensures that all data passed between web server and browser remains private and secure.
L.
W
.
SSL PROTOCOLS: . _
l) SSL Handshake Protocol:
.55...“
:.
> A SSL Handshake Protocol is the most complex part of SSL.-
Te It is invoked before any application data is transmitted.
-4.
> . It creates SSL sessions between the client and the server.
” I : T V"AF T— ‘ f $ : : !
11) ChangeCipherSpec Protocol:
> i t is simplest part of SSL protocol
WW.
Wr‘wlmm-
> it comprises of a single message exchanged between tWo communicating entities, the client and
”ft-W
the server . '
“r As each entity sends the ChangeCi pherSpec message, it changes its side of the connection into the
secure state as agreed upon. ’
f.— The cipher parameters pending state is cepied into the current state.
is
7'
Exchange of this Message indicates all future data exchanges are encrypted and integrity
protected. '
I")
W
> This protocol is used to report errors —- such as unexpected message, bad record MAC, security
parameters negotiation failed, etc.
‘Paye{03of!“
flap/m-5'30/1430”:
ecu- ' . .I t J, g7
8 I W“. "9 1.. such 0m" P can n e c t i m 1
as n otify Cmm TC '" Ceiptof
> it is also used for other purposes
bad or unknown ‘
cernficate. 9 it.
H ' I7 ' Vl
. NECTION P 11
HOW CLIENT AND S ERVER ESTABLISH AN 55" C0D;
, . __
n .
Refer os (SSL Handshake Protoco'ifl/
\1
1 ,1\
Q3] lPSec Protocols for security
‘
tions and advantages of IPSec
Q9] Exp l ain IPS cc protocol In detail. Also write 313131“:a
_ . [Q8 l 5 M - _.May16] & [Q9 I 10M ~ Mam]
Ans: ‘ v . ' '
IPSEC PROTOCOL:
1. lPSec Stands for Internet. Protocol Security.
"at.
2.
-' Internet Protocol Communication.
It is a protocol suite for securmg
\J
3 It uses cryptographic security‘ services to protect commu nicatio
' ' ns over ‘ Intern et P]-O t o c o ]
net wor ks. (1P)
lPSec IS implemented at the IP Layer so it affects all upper
layers (i.e. TCP & UDP)
l t provides Authentication Confidentialit
y 81 Key Man agem ent.
Using lPSec it is possible to commun
icate secu rely acr oss a LAN acr oss
pu bl ic /p ri va te W
across the internet. AN and
'
lPSec1s use d to p1Ov1'de an
en to—end sec uri ty seI vic
es.
lPSec"1s usu all y installed
in 11etworkingde vi ce su
ch as ro ut er o r fir ew
Figure 8.1 sh ows lPSec Scena110, al l. I
' '
Public/Private
lPSecsystem
‘4
\4
\4
rhf"_."-'";‘I .
w i
33i/lgfl-5W'3ig
Jamarfer - 7 777M”?
3/ J’a/ufiam
...
so“. 8YIPSEC:
.
':_.
1W,—
.m-
Romeo
_
“.5
\oa,
.
..a
eceipt 3.3
Access C o n t r o l . . ‘
.
.33 connectionless Inte grit y.
,
Ji . . ' 3
3 confidentiality.
«um-d
.4 7 -
9:? Data Origin Authentication.
1
‘53 ; Rejection of Replayed Packets.
hi ..
'\ 7‘ ,
.r:~
/”——-—_— .
PSec
'7 P To provide system security solutions.
.-
> To have single security p01iC
he] Y-
(«arr
bY Pass
> 30th endpoints must agree to or protect traffic.
-..r .
ADVANTASES:
’
> l P S e c proVides security without a n y modifications to user computers.
[P] > 3 It can work indepe ndent of applica tions.

the perimete r.
> I n afirewal l / router, it provide s strong security to all traffic crossing
> It is below transport layer, hence transparent to applications.

3
«-
:7 'P It can b e tran spar ent to end user s.
base d secur ity.
1 ‘i‘v l P s e c allow s p e r flow o r p e r conn ectio n
icati on a n d tran spor t laye rs [ULP35).
33 “ i t prov ides seam less secu rity to appl
>
APPLICATIONS;
sss privat e a n d public
re. com mun icat ions acro ss a LAN, acro
‘,> IPSe c prov ides the capa bilit y to secu
a n d across the Int ern et.
t-
3WANs,
‘P ' Exa mp les of its use inc lud e:

ivity o v e r t h e Inte rnet .
33-; - Sec ure b r a n c h offic e con nect
h e lnte i net.
' I Sec ure rem ote acc ess ove r t
e;
lica tion s can be sec ure d. Exampl
3333-3 33 > Using lPSeC all dis trib ute d app
. Re mo te log on .
'
- Cl ien t/s erv er.
.3 I E-mail. 3
- File transfer.
' - We b acc ess

with partners-
It is used for e s t a b l i s h i n g extranel & intranet connectivity
7,
uritY-
“; Enhancing electronic commerce sec
—-— _..————'—
H
‘
—-.-ffl
'
0m ] mmmflw
“$148111“?
has...“
Ans:
Em
Reta-QR
1
K‘EED 0F §~
1
E
2‘.
l W
1 -. _
> The major purposi- ofan 851. cert! ~ ‘fiam ism WM iWO d— whm m
, ‘ tended aim.
>
. 1!
Infimnation submitted on lntemet forms PM a"
a g kc. the _ the
mating Its final nestisafiom and the more “stops it has It: '33 mm m firm;
third part1: scald obtain mess.
> An 53!. certificate inserts random diameters into the
mm! W Witt
inmprehensible to anyune nnthout the pmper Chin-3950“ he"
1!) \-‘ ' " ‘ ‘

3*
To make sure that the Inibmzminn an \vehsits
indnding customer imm gsms m, bibs
con-act sens? \i‘ithcmt being inleusptsd
‘3» This requires and\erntitratittm~
> When ebminiag an $31. certificsm 5
another mis- m"pmteflim called a W
imsd. W :isski» :
Ir This seriiiicats acts as a
median» bemsen lunms
em an d SI. W .2: to Slam ‘ EM wise $31
animate pmwd er can be trusted
Ill) s' i ‘ ‘
3- &1 also arts as a gnam‘ aga
ins t nh ish ing
75>
n hen users ca n I see the ism
signs in ~
mu m?1:33
“ :11» infamianon ms (In a sue the}; W
3TH
x is iiksis m swam susq' 11121::t
W}
W15;
5"
WAn 33! arr-mean: 1111131
the W'QFK‘T. u m Imus
03 a! 3133:3133 N3.
r “ Lemma» "'5'“? dill? .
tile 3‘43}.“Wrilrh‘ait‘
a'pmn and provides a prime mnnsuimis gym!“'1\ ‘ 3 ‘ ’3sMi
5‘3“?
"5”" was: in tam ms ; 1,3? 0
Mann] 3 1:31 a; '1 ' ’
information .
’3 mg? “m sequins WWW
> Without is W
a certificate tha t
3 ‘
'
‘I
Thflwy
/ Semester-7
flipper-Homo»:
W
' - Divides the data into bl ‘—
ocks of 214 bytes or less
.’1. WW .
Lossles
T s compression me
thods are used for compressin
M g tragmented data.
o preserve the integrity of
data SSL.uses a keyed-hash
function to create a
MAC.
y.“ MW”: Original data and the MAC are enc
rypted using symmetric key crypto
graphy.
1:
protects against Man-in-the-middle attack.

i
‘ Simple and well designed.
: 011] How is security achieved in the transport and tunnel modes of IPSec? Describe
; the role of AH and ESP.
-L'
'
[10M — De016]
1. lPsec Communication has two modes of functioning: transport and tunnel modes.
2. These modes can be used in combination or used individually depending upon the type of
communication desired.
'LRANSPORT MODE
> Transport mode is used for host-to-host communication. .

> i t only encrypts and optically authenticates 1P Payload and not the 1P header as shown in figure
as. '
Before lPSec \ 1P Header TCP Data
_ - ESP/AH . _ ESP/AH ESP/AH

After ‘ 9 5 “ I ? Header Header TCP Dd“
Trailer Authentication
Jag.”
Figure 8.8: Transport Mode.
“r That means, transport mode does not protect entire 1P packet.

Transport
mode is efficient, but since i t does not encrypts lP header. IP header is visible to
‘1
attacker.
LmsL nous.
1 Tunnel mode is used for network to network communication, host to network

communication and host to h o s t c o m m u n i c a t i o n .
.
2--
I n this mode, entire 1P packet is encrypted and optionally authenticated
@139 {07of134 I
TURF”? 6.04450”,
8 I 9PJ’mmy
"sent!!!”“‘7 . d \
”gt-r.
W": . . header, an then adds new
‘ ' ‘ th 1L9 [ P
if"
i 3. It takes the original IP packet W1
i header to encrypted p a y l o a d -
'1‘: E
i 4. i Refer 8.9 figure for tunnel mod e. :
r .1 -' . _ _
1 l
*- : Data
.' ‘ 7"
Before IPSec
.1: IP Header
.
. >
r___. ._ i Es, ,1”. I tiTSP/1m
“- I
’ , Data Trailer An enflcauon
EVIL" 1p Header TCP -
After lPSec New I P Header Header
‘Figure
8.9: Tunnel Mode.
, M. . ‘ i.
'1. AH stands for Authentication Head er.
t . tion of IP packe ts _a
2. The AH protocol provides service of data integrity and. authen ica d. M k
J ‘
i 3. V , . . -
It also protects against replay attacks by usmg Sliding window and discar
' ‘ .l mg O 133‘- as _
i I 4. It is based on use ofMAC.
_
' 5. The packe t forma t of AH is shown in figure 8.10.
c s ' i6 31
‘ Next Heade r Payload Length . . Reser ved
Secu rity Para mete r Inde x (SP1) .
~ Seq uenc e N u m b e r '
L Au the ntic atio n Data (Va

riab le)
Fi gu re 8.10: Au th
en tic ati on H e a d e
r.
Ne xt H e a d e r 8 b
i t : Iti de nt ifi es th e
ty pe of he ad er im m
ed ia te ly fo llo w in 1“
‘; g ....H
. . h e a d er .
.
Pa lo ad Le n h I B
bi tI: I t i s len gt h of au
th en tic at io n he ad er
i
M06 bi tI : It 13 re se rv ed
- - ' .DxA V. E - “ “ 2
fo r fu tu re us e.
mix-it! Parameter 3.
‘ Index [SPII {32 bitI: It identifie

s a security
Whlumber
I"
association
[ 8 bi tI: It IS used as
counter. V .
‘
A ut h nt ic at io n Da
' . . ‘ . ’ _ 1' -5" " - ' i z ‘
ta va ria hI eI :A va
1- ia bl e le ng th ‘fi el d th at
I
32 3‘ .5 n -
- .
"
Con V
3-
ESP: t a i' '

fil‘t-J
- - . ' . l‘ i i: .' i~
ms the ”1:93e
: e
che ck valu e.
imi ii-n"tw
4. . ESP sta nds for hnc aps ula ting Payload

Sec urit y
3. It IS us ed to pr
ov id e co
nf id en ti a lity da _
. , replay servic ta origin an
"”3
e and limited fl c o n fi d e u t
ow iality
connecnon
I “ less int eg rit ya n anti
'.V . ‘ 1 1 .,
‘h“.-¢‘-..
30mm:-
-7 7‘0””?
sS'a/ufiam
is shown in figure 3.11.
.
packe t format for ESP
The
-.
-—...\.’lr 5 0 8 16 24
p v r'" s _ 31
o
idS new 1
.,.~
..
ecnrity Parameter Index (SP!) :.
L—W
.
m
-_
. _’ Sequence Number
.
i15
.: n g
3 3 Payload (Variable)
1-.
"—3; fl
’3 u 2 Padding
...
_
; _ . . .
,-, l l Pad Length Next Header
Authentication (Variable)
.
..
g '
_p
Figure 8.11: ESP Packet Header.
‘
.. 1-}
-. -
fl
.
>
_._1_...I
I
v-‘
~“ -;z - r . .' ‘. ._.___A___,.--v
‘ ' Security Paramete rvlndex [SP1] ( 3 2 bit]; It identifies a security association.
.' .A_ ‘
Seguence Number [ 3 2 b i t ] : i t is u s e d as counter to provide anti-repla y function.
i
_ r."
‘._'u. . l
' fi « - 3 _ ‘ § : ' ¥ 7 " : f ‘5i n- .fl l ‘-—
- Payload [Varia ble L: lP Packet protect ed by encrypt ion.
A. . ‘a_ "
Paddi ng ( 0 - 2551;3Lteil; It is used for various reasons.
. .‘ - ' " I A ‘ " .'_- 7 "

5
Pad length [ a bit]: It indicates number ofpad bytes.
r in
in paylo ad data field by identifying the first heade
Next H e a d e r : It identi fies type of data conta ined
._
1‘....~h,,
that payl oad.
value which conta ins the integrity check value .
' Auth entica tion Data [Vari able] : A va1ia ble length
Lagging; It is used as padding bit.
tunnel mod es of IPSec? What are

Q12] How i s secu rity achi eved in the transport and
sec uri ty ass oci atio ns?
[10M — Dec17]
MODE 0F IPSEC:
___iN' TRANSPORT (it TUNNEL
Ref er Q 1 1 .
;
SECURITY ASSOCIATIONS
ty Association (SA).
cepts in IPSec is called a Securi
1.
One ofthe most important con
defined in RFC 18 25 .
Security Association are Destination Address.
ati on of a giv en Sec uri ty Parameter index (SP1) and
SAs are the combin
Page{09 or134
”fl--—
# ”—#
0%
8 l 91°Jet-«rig W
4-
SAs are one way. n nection.
e lP S e c c o
o f two 5A5 are reqllired for a singl
_ 5- A minimum
'6
. 'SAs
contain parameters including:
mode.
orithm and algorithm
’ - . Authentication alg
hm mode
' Encryption algorithm and algorit ion algorithm[s)
ticationlencrypt
'
K6315) used with the authen
I Lif etim e o f the key.
I ‘ Lifetime of the SA
- Source Address(es) of the SA.
classified)
_ - Sensitivity level (Le. Secret or Un
pieces of 1nformat10n
' 1. A security is a very complex set of 30bit):
t case in whi ch Alic e wan ts to hav e an association With
2.
However, we can show the simples
use in a two- way communication.
to Bob) and an inbound association(f0,
3. Alice can have an outbound association (for datagrams
datagrams from Bob).
Bob can have t h e same .
tables for both Alice and Bobas
in this case, the security assoc1ations are reduced to two small
shown in figure 8.12 .
1 Outbound SA
O u t b o u n d SA
To" ”
Protocol
Authenti cation E n c r y p t i o n ] . To Protocol Authent ication Enctyption
Bob, ESP SHA—Lx DES-.1; ] _ Alice AH M05 2 l
. Inbound SA
Inbound SA
h g‘From Protocol Authentication Encryption From Protocol Authentica tion EncryptionL
Bob AH MDS z ' - Alice ESP SHA~l.x 055.1»J‘l
' i i
Bob '
. I ‘Q l
!
Auth entic ate a:

Verify
1':
;_ “Ff, .- _ .
and encrypt 1.... Tmrr
'1' anddeCf-W‘
" " ' ”'?_51t;=i=m¢ket~ fieP
Verify - _ P W j'l; .— _ 'Authefjfi‘y

f":-"lP5éC'pa'”pk-at; . . '
‘ ~ ,—
4-:
—.q-
ASSOCIaIions
nm e 8.12: Example ofSeculity
b. 1 The figure 8.12 shows that when Alice needs to send a rlatagi 11111 to Bob ghe “3.5.3 the 5331 [1.0111121
' oflPSec.
7. . Authentication is done by using.SHA-l with key X,
‘ 8. The encryption is done by using DES with key Y.
sander-7 Toff”?
Gil/(diam
on 3"" needs to send a datagram ‘0 Alice, he uses the AH Protocol of lPSec

'
Kg, i- Aumen‘l‘a‘m“ is done by using MDS with key 2..
A
Not? dial the inbound associat ion for Bob is the same as the outbound ass oci
ati on for Alice, an d
vice"3753'
Differentiate between the transport mode and tunnel mode of IP See and explain
W”Mentictttion and confidentiality are achieved using IP Sec.
[10M - Dee15]
$.15"
0" Tuuufihmm
JWLM T “SPORT &
Table 8.1: Differentiate between the Newport mode and tunnel mode of li’ Sec.
.
. im . .
lllli .'
‘r‘.‘1ft..‘j,_-‘
...
i . 5 .,9
t..- -,-,".«
an» 4 .
. Protection Provide d it protects lPPayload only. it protects entire lP Packet.
i Authentication Header Authenticates only lP payload and Authenticates entire inner lP
ma-u
.2
selecte d portions of the 1P header. packet and selected portions of
fir," (All)
1 \ the outer lP header.
lt encry pts IP Payload and it encrypts and optio nally

, Encapsulation Secu rity
optio nally authe ntica tes it. authenticates the entir e inner 1P
‘ Paylo ad (ESP )
packet
3
it is used when w e need host- to- it is used when one or both ends.
Purpose
D.
host protection of data. of a security association are a
i
~
security gateway .
Lo».
p:
It provides protection to the entire
N
Pro tect ion M o d e ‘ it prov ides prot ectio n primarily
é
for uppe r layer prot ocols . 1P Packets.
1-
5 .
.mwgq.
_‘
- Comparatively higher.
Payload Message Service LESS
‘4 Sp eci fic ati on (MSS)
e. lPSec is placed
in this mode. lPSec is placedlin tl.is mod
Place in TCP/IP Model
k l betw een network layer and new
bet wee n ttan spo rt and networ
netwm k layer.
layer.
‘ Transp ort Layer
i Nehso rltlsiy er
'
Transport Lay-or I
its"
j '93"
‘ New .‘s‘chsorlt Layer l
Netwo rk Layer
_
fl.- Su pporled.
No t su pp mt- ed .
a NAT Tr av er sa l ' e \ ‘ PN Sc
Cl'ient- to-Sit
ena n o s .
_Ei—te-to-site VPN Sc en ar 'ios .
VP N
Sc e n a rio s o_ _
‘ ‘ __ if 'Paye17-!a
‘ b ' _
“my ,///;;Mmm:
.
Use
.
It is uSBd
SW
for
"' 7
end-'11"end
n
It !
722”»;
\
..
two between a hOSt and a router Of " 4.
‘ co m m un ic at io n
betwee
bet‘we‘i'n a 8%]
router
‘
summonnou mIPSEC: . . l _' _fy the identity of thesendinglPsecd .

> lPsec authenticationalgorithms use a shared key to vert 1h . MD5 and 5pm.] “lee,
3.
.‘> The lPsec protocol sui'te defin es tWO .. ' tion 3180“ ms.
anthe_nuca f MD5 and '
SHA—l- algo rith
- ms that Prov.
ide an
- > The Services Router uses a n HMAC variant 0 __ __ A ‘
additi onal level of hashing.
_ A
— -
> In an {Psec-enabled network, the Semces Router that sends an 1P p acket comp utesa MDS ors HA_
‘ 1 digital signature, and a d d s this digital signature to the PaCket
> ' s the ' ' »‘
The Services Router that receives the packet compute digit?l Signatur e a 11d c ompares ' -
Itwlth
the signatur e stored in the packet's header.
‘r" _ If the digital signatures match, the packet is authenticated. -
CONFlDENTIALITY IN IPSEC:
> ' . Confidentiality mean s encry ption Of data.
> Encryption enc ode s data into a secu re
format so that i t can not be dec iph ered by
unauthorized
. _ users. _ i . '' ‘ "
on
> Like aut hen tica tion alg orit hm s. enc
ryp tion alg ori thm s use a sha red
key to ver ify the aut hen tici tv
‘ of the iPSe c devi ces;
{Th e
> . . Ser vic es R o u t e r use s t h e fol
low ing enc ryp tion alg ori thr i.
ns:
a Data EncryptionStand
ard-cipher block chaini
ng (DES-C
BC).
_- Tr ip le Da ta En cr yp
tio n St an da rd -c ip he
r bl oc k ch ai ni ng (S 1
I AdVa nced En cry pti on Sta nd ard (A DES-LCBC]
E3) I . I -
. _
.
_. '
v
.
Jam“f0? .. 7 .Tapffl'} 60%!
[5M -- M33716]
A soft-ware flaws isa n error, bug, failure

or fault in a computer program or system
Most software flaws arise from mistakes and errors made in either a program's
source code or its
design. 01‘in components and O p e r a t i n g systems usedby suchprograms,
‘. r1 According to NationalInstitute of Standards and Technology (NIST), there are as many as
twenty
_ . z" flaws per thousand lines o f software code.
‘. Software Flaws can result in Denial of Service, Unauthorized Disclosure and
Unauthorized
I Modification of Data.
5 Following are some standard terminologies suggestedby IEEE:
i.
. l
Error: Human Action that produces an incorrect Result. ..

N I ‘21.
.‘51
.42.»
ii. ‘ Fault: I t is an incorrect step, process, command or data definition in a computer program. 3‘52-
. at '
. r3.
iii. MA failure is the inability of the system to perform its required behavior. .5. ';
- U
‘s ;.
Cl ' c ' f ftware Flaws: -'..

Li"
..
.
3: . .—
- ti
-” . _
7>,‘ } .
Son-“rare Flames . .
-‘.'-._..
‘."-
> J"
i
17: .
l
g-I‘ r
i}! "
Intentional . Inadvertent "5‘.
‘1»;
ir-
_
lei-m
it ’
l
Malicious Nan-lv‘lnllclous
fl
£2
.41
32V .,
0
..
i. .
-1\
i .
3.
1,
a
Figure 8.13: Classification of Software Flaws.
Example;
Consider the below programming code.

if:
CharArray [10]:
‘ For [i = 0;i < 10: Hi)
{
Array [1] a 34':
Army [10] = 'B’;
This Program has an Error,

‘1‘
This Error might cause a Fault.

l f a Fault occurs,it might lead to Failure.
We use the term Flaw for all the above case.
'3'... wwfl”
17499 ((3afm
: I .W"7
{IWJwfig //
015] Buffer overflow attack-
Ans:
were 0 L0 rt cu:
d.
1. A buffer is a space in which
.
data can be hel
Z. A buffer resides in memory.
fi ite.
3. ,
Because memory is finite. a buffers, capacfl)’
' is n
ffer than it can handle.
' to a bu
Buffer overflow is the result ofstufl‘ingmore data m
4. -
three gallonscap acit'3’ ]ug,
animmplg; ' some Water
5 Ifyou try topour four gallons of water into
is going to spill out.
:6.
It is also called as buffer overrun or smashing the stack.
7. It is the basis of many software vulnerabilities.
8. ' Assume a Web form that asks the user to enter data, such as name.
age and date o f birth.
9. The entered information is then
sent to a server and the server writ
es the data ent ere d to a buffer
that can hold N characters.
If the server software does not verify
that the length of the data is at mo
st N Characters, then a
A buffer overflow might occ
ur.
ISLAMPLE 0F BUFFER OV
ERFLOW IN C LANGUAGE
Int ma in 1)
Char Sample [5
] -
Sample [5} =
‘A’;
r Cnar Sample [5
] The compher
sets asude 5 byt
es to store this bu
ffe
.
I Now we execute the

statement Sample [5
-
> ] -— 'A’
r.
The subscrp
z t is out of bounds and results m bu
ffer 0‘!e f]
.l
and 4. ' V o.
be ca us e
> r 0 it does not fall heme?
' The buffer over "0
flow mightoverw
nte the use» d t‘
code, or it mig '
ht overwritesu l-
nused space '
‘
:w-
(=31:
?
3.
“7'W9 smm!” ._7 ' Tapper}
chi/Wow
f . ”if
f W6; k tsniffin
g an dpacket .
spoofing. EXplam session hijacking attack
\"m r» - ' ' [10M - May16]

r“
.3915] #6551.lF F[N61
Packet Sniffing is a technique of monitoring every packet that crosses the network.
It is a form of wiretap applied to computer. I '
Packet Sniffing is widely used by hackers and crackers to gather information illegally about
i ’7}. networks they intend to break into. I
.
S The software or device used to do this is called a Packet Sniffer.‘
A Packet Sniffer is a utility that sniffs without modifying the network’s packets in any ways.
7?":
er 3:5
n
:7
‘3: 5, There are two ways in which a Packet Sniffer can b e set:
af- '.
r
' 1 3 ' 3..“y‘”.-r "‘ w . J k fi. -g-a,‘"
‘
.- ,
a . Unfiltered: It captures all packets.
.,
1
;.“n
U - 7__k
b . Filtered: It captures only the packets with specific data items.
(WA
n
y of the solution means that
Packet Sniffing is difficul t to detect, but it can be done. But the difficult
'
v ‘ fl i ' j f k i ' v j . " N 1 2 41 ‘ 1
.
in practic e, it is rarely done.
I‘-
..
Figur e 8.14 shows exam ple of Packe t Sniffing.
.
'
"
fl;
C')
' “.é-' r -
M
‘. 5 '
E
3_. ;;
au ?r n" .
.-
Attack er
.‘
1 ‘y _ ’ _
User ,
.
'_
‘ .
'_ _
.
O
l ' Packe ts
M
é
— Router
—————-
User
' 4‘ w "
Figur e 8.14: Pack et Sniffi ng Exam ple. '
PA CKET SPO OF1N €12 .'c3fi. -k‘qfi5i ah £‘ fi V
11’ Spo ofin g.

1. Pac ket Spo ofin g is also kno wn as
the purp ose
pack ets with a false sour ce IP addr ess, for
2. i t is the crea tion of Inte rnet Prot ocol (IP)
ersonating another computing system.
of hiding the identity of the sen der or imp
server
to maintain anonymity is to use a proxy
3. One technique which a sen der may use
to the server which is
cker creates an 1? packet and sends
4-. As shown below in figure 8.15, atta
known as SYN request.
puts the own source address
The diff eren ce in the [P p acket
and normal packet is that the attacker
5.
‘L‘.
.
s in the newly created 1P packet
as ano the r com put ers IP add res ress.
se which travels to the forged IP add
6 The server respond s back with a SYN-ACK respon
4 — 174590.16 (1,134
. ».
We
“New
- ‘ i I
I
W r and ackn .
OWIedges It
.' »
”F
7b er}
7-
The attacker somehow acts this SYN-ACK response send by the serve so
to complete a connection With server- iI

h e server compute r.
Once this is done the attacker can try various command
S on t ks ARP spoofi ng atta
8.
SP0°fing at?“ DNs
9-
The most common methods include IP address Cks and
server spoofing'attacks.
8-2: If: 17115.1.6 ,

We. 11-:10.00.25 . 7
50W1? 172.15.1.6 :5
O Monti” ll": ”3.0.0.25
'1 .—
1 I.
. ' - serv er éjfi
ActualSonata1!:172.1405
spoutedsum 19:72.15.1411 50m 111572.1516
Death-lion1r: 10.0.0.25 Desfimm.nu- 10.0.0.25
Attacker
Figure 8.15: Packet Spoofing Exampie. ’

SiSSION
HIJACKING: . ' _ _ ' 7 I:.
1. Session Hijacking is also known as TCP session hijacking. . i'_
I' .A ' 2
2. i t i s a method of takmo over a secu
re/unsecm 9 web user sessionby secretly
obtainin
‘ g the
‘ sesls‘on ' "i'
3',
2.'
ID and masquerading as an authorized
user.
5.
C]
anything the user is authorized ‘
to do on the network as shown

1n figure 8.16
. Session ID:SAGZZZIZB
.“n -
: V /‘
‘
User * "E
Attacker ' ' ‘ I, I '

F '
. ., .- . _ ._
_ . H .- 1 . .7‘ _.
igure Exam
8 . 1 6 8658101] H u a c k l n g 1 , .f .- .. ‘ . . . ,, .
4. The session ID'15 stored withm a cookie
0,. URL ' pe '. i - h i v
5 m T? cookies are used for anth
ent * >-
userinformation. " — ' tracking
. ' 1011
' ’ .- _ state matin‘t
_ e n a nA
ce
‘ 'ng
and maintalm
. . . Session hijacking takes advantage of thisp C ' 3122:
7. Pra ctic e
_. . The intrusionmay or may b ' ' " ‘
not be detectab]e . y mtrudm ' rea
' gIn ' l tim' eitduringa 5 9 5 5 ” ”
\
'
-' f 311%
“99M" Janeen; WW W}
J’ofilfiam
fl, website does not respond in
a normal way to user i pu
t or stop: respondi
hijack ing may be the reason.
ng then session
n
/—
017] [P spoofing. ——
Afls: .
[5M - Doors]
Refer 016 Packet SpoofingPart.
,1
018] SessionHii acldng and Spoofing.
Ans: May17]
[5M -
Refer Q16 SessionHijacking and Packet SpoofingPart.
Q19] Define the following examples:

(i) Salami attack.
(ii) Session Hijacking.
_ ' [5M -- Dec15]

Ans:
SALAMI ATTACK:
1 Salami Attack is the series of small attacks which results in large attack.
2 i t works on "Collect 8: Round Off" Trick.
3. i A salami attack is when small attacks add up to one major attack that can go undetected.
4. i t also known as salami slicing or penny shaving.
Exampl e:
> Consider the example of banking system.

3;. The bank pays 9% interest on accounts deposited in the bank.
> In first month, let's say an account holder gets Rs. 102.25 and in second month lie/she gets Rs.
198.54
on value of residue.
> But because the bank deals only in Rupees, rounding is performed based
ise round down is performed.
> I f residue is half of rupees or more, round up is performed otherw
rupee in paise and add to its own
3"
Attacker tries to steal this 0.25 or 0.6 or some other fraction ufa
account.
holder or transaction, 2. bank makes a few lakh
> Even i f the value is negligible for one account
ct these fractional paise from all accounts or
transactions every day and an attacker may colle
__-
transa ction to add significant amoun t his account.
{-17
Page 01934
Toma-i605,5!
3 I apsmfig W! \
.-f,.4
_
SESSION HIJACKING:
Refer Q1 6 Session Hijacking part.

\
r:
Q20] Explain briefly with examples: how th
e followin g attacks occu
i ) Salam i attack
ii) Denial of Service attack
iii) Session hijacking attack
‘0
7
An iv) Cross-site Scripting attack. . [10}! ... 5]
s: Dem
SALAMI ATTACK:
Refe r Q 1 9 Salam i attack part.
9.x
'
DENIAL OF SERVICE Anacg
Refer Q1. I
‘yf'
SESSION HIJACKING: ‘
m
Refer Q19 Sessio n Hijacking part.
CROSS-SITE SCRIPTING ATTACK:
;
‘9
Perpe’trator injects the
website with a malicious
Website < \ 6.
script that steals each For each as“ m an
a
visitor's session cookies I website the malicious
_ -
7 script is activated
7 9 Visitors session cookie

. is sent to p-ernettater.
4“. . «s j:
—- -— —— ~_
"8-“'V r '3‘ -
Perp etrat or
' "'"""
_ _ Perpetrator discovers a We bsi ‘ " ‘
t e tor ~
‘ website having a vulnerabiiity ’_
the: enables script injection" ‘
‘7 .
‘
Fi gu re 8.17: W or ki
ng of X38.
-1. _ Cross-site scripting (XS-S)
’ is a type of com put e sew-"'U'Vuinefab‘
applications. -
a b
r ‘ ' ''
- i
-
" ‘ "b
Iou nd m ‘
l
lity typically W
2. _ XSS enables attackers to inject client-side scripts into \Vpb paws“ _

. .
' ~ ‘ 0 Viewed by oth
erusers.
Wf‘\'\_n A s __,__....
3' A cross-site scriptin
g vulnerability ma
b
same-origin policy. 1 To
Y 0 and by att ack en lob
4‘ The scripts referred ypassaccess controlsmchawn
here are mallclous
5. code.
in XSS. th e attacker does not di
rectly target theuse
6. Flrstly th
’ eattacker in‘je r
cts
the malicious co
the malicious code
' e Web
de into th
is delivered to the App whe th
victim's browser
7. The figure 8.18 sh m e "m mm an
ows the working of dM
XSS
021] Explain briefly with
examples,how the
followingattacks oc
cur: [10M] _
(a) Phishing attack
.
(b) Denial of Service attack.
(c) SQL injection attack.
(d) Cross-site scripting att

ack
Ans:
[10M - Decx7]
PHISHING ATTACK:
2-4.
Phishing is an example of social engineeringtechn

iques.
It is used to deceive users.
it exploits weaknesses in web security.
Phishing is the fraudulent attempt to obtain sensitive inform
ation such asusernames,passwords,
and credit card details [and money), often for malicious reasons.
Phishing is typically carried out by email spoofing or instant messa

ging,
A phishing attack usually consists of an authentic-looking
sender and a socially engineered
message.
7. Many email recipients believe the message is from a trusted individuai and
will Open infected
attachment s or click on malicious links.
Example:
' MyUniversity 1213 9!»! {SO mmtes ago:- is .

to see -
Dear network men
This email is meant to inform you that your Mym'rcersity network password
wiil expire in 24 hours.
Please ’ollow the link below to update yc or password
”1.:IEI"'-,[s"c::dllztpfl : on“
Figure 8.18:Phishing Attack Example.

A spoofed email as shown in figure 8.18 from myuniversityedu is mass-distributed to as many
faculty members aspossible.
N‘__
Wage {f9 #34

73””"fl
We: smear-7
The email claims that the user‘s password is about to emit?-
3. instructions are given to no to myuniversityedu/rcmwal to renew their password within 24
hours. _
4. The user is redirected to myunlversityedurenewalcom. a b o g u s page appearing exactly like the

"1““ renewal Page. where both new and existing passwords are r e q u e s t e d .
areas
5. The attacker. monitoring the page, hijacks the original password to gain access *0 secure-d
on the university network.
6. The user is sent to the actual password renewal page.
7. However, while being redirected. a malicious script activates in the background to hijack the
user's session cookie.
8. This results in a reflected XSS attack, giving the perpetrator privileged access to the university
network.
113N131. or sagvme ATTACK:
Refer Q L
’SQL lNJECTION ATTA CK:
SQL injection is a code injection technique.

2. it is used to attack data-driven applications.
3. SQL injection is a set of SQL commands that are placed in a URL string or in data structures in
ordet to retrieve a response that we want from the databases that are connected with the web
applications. I
This type oi attacks generally takes place on webpages developed using PHP or ASP.NET.
5 An SQL injection attack can be done with the following intentions:
- To dump the whole database ofa system.
i I T o modify the content o f t h e databases. .
, - To perform different queries that are not allowed by the application.
1. A typical {3 torc’s SQi. database query may look like the follow
ing:
ISELECT Item Nam e,ite cscr iptio n,
‘ FROM Item ‘ ,
WH ERE I t e m N u m b e r .= i t e m N
umber '
2. From this, the web application builds a string g u m
that '5 sent t0 the database as a singleS
QL
statement.
5.1.1
WWW?
A user~provided input 1% can
then generates
. A the following SQl. Query.
W ‘ . Page{20 of” ‘ __....
._r ‘9 ~
f"
satscr ltemNaIte
7 re 36'o
mme. Description
l’ROM
Item
WHERF. ltemNum
4. The above-mentione b
er = 99
d input. which pulls
lnt‘or ' 9 ~
read W W mam" for a Specific Pmduct. can be altered to
5. AS a ““5“"- the corresponding SQL que
ry looks like this:
SELECT ltemName. ltemDesc
rlption
FROM Item s
WHERE ltemNumber == 999 OR 1:1
6. And since the statement ‘1 = 1 IS
' alwa ys true, the query returns all of the product
names and
descriptions in the database, even those that you may not be eligible to access.
(BOSS-SITE SCRIPTING ATTACK:
Refer Q 2 0 .
Q22] \‘Vhy E-commerce transactions need security? Which tasks are performed by
payment gateway in E-commcrce transaction? Explain the. SET (Secure
Electronic Transactimi) protocol
Ans: [10M — May18]

IMPORTANCE OF INTERNET SECURITY:
1, Security is an essential part of any transaction that takes place over the internet.
2.. Customers will lose liis/her‘faith in e-business ifits security is compromised.
3. Following are the essential requirements for safe e-payments,’transactions:
- gonficientiality: Information should not be accessible to anunauthorizedperson.it should
not be intercepted during the transmission. ‘
. Integrigg: lnformation should not be altered during its transmission over the network.
- Availability; information should be available wherever and whenever required within a
time limit specified.
Authenticity; There should be a mechanism to authenticate a user before givinghim/her
an access to therequired information.
Non-Repudiability; l t is the protection against. the deniai of payment. Once a sender sends
a message, the sender should not be able to deny sending the message. Similarly. the
recipient of message should not be able to deny the receipt.
izedus 1'.
Encggption;Information should be encrypted and decrypted only by an author
audited for integrity
Auditabili : Data should be recorded in such a way that it can be
requirements.
{21
Page afar;
MW Jamar!” - 7 \ d'o/ufiam
Topper:
wvwn‘rl
wrw"
..-.
TASKS a E re FORMED BY PAYMENT annular 1N E-COMMERCE TRANSACTION:

Sewice
A PaYment gateway is a merchant service provided by an e commerce application :1
prOvider. . . .
2. Payment gateways facilitate transactions by transferring key information
between Payment
portals such as web-enabled mobile devices/Websites and the front end processor/bank.
3. When a customer places an order from an online store, the payment gateway Performs several
tasks to finalize the tran sac tion .
1)
311mm
‘5‘ The web browser encrypts the data to be sent betweenit and the vendor's web server.
> ’ The gateway then sends the transaction data to the payment processor utilized
by the vendor's
acquiring bank.
11) ' Authorization Request: .

> The payment processor sends the transaction data to a card association.
> The card's issuing bank views the authorization request and "approves” or “denies."
. .
DIXIE
III] Filiing the 1 '
“>9 . The processor'then forwar ds an authorization pertaining to the merch
ant and consumer to the
payment gatewa". ' '
> ' OnCe the gateway obtains this response, i t transmits i t to the
websi te/inte rface to process the
I payment.
> ' Here, i t is interpre ted and an appropriate response is generated.
> This seemingly complicated and lengthy process typically takes
only a few seconds at most.
> At this point the merchant fills the order. ' ' V
IV) Clearing Transactions: ‘ . . . 1
> The steps outlined above arerepeatedin aneffort to “clear".the author
ization via a consummation #_
ofthe transaction. ~ _ - ‘ . V ..
> l l o w e v e r , the clearing i s only triggere d once the mercha nt has actually
Cornple+ed the tmnbacfion .1
SECUgfiLECTRONIC TRANSACTION (SET) PROTOCOL;

1.1 Secure Electronic Transaction (SET) 15 a communications protocol Sta11dar g:
2. I t is used for securing c1edit card transactions over networks SPECifically,

the Internet. ' .
3. i t is a secure p1crocoi deveIOped by MasterCard and Visa 111 collabm ation
i:
4. SET protoco' rest! itts 1evealing of cred
it card details to 111e1cl1a11ts thus keeping
hacke1s and
'thieves at bay.
SET prorocol includes Ce1tificatlon Authorities

for makinguse oi StandardDigital Certificateslike
X. 509 Certificate.
ipqgomuW‘k ~» I
Mime/Elmo“!
«matter ..
W Viz/1’1”}3066b”:
> Slam Cu sto me r.
; issues C us to m er fin an
7‘;
ci al in st it ut io n
M erc ha nt. . - . '
> 1512113111111;
Merchant fin an ci
al ‘
> C OQ
M
XS 'fic a ) to
e Au
VB allthOt he
n 'r pa
: rti
A utdp
hoan
ritts.
y wlhi ch fa ll ows certam
' sta nd ard s‘ andI iss
' ues certifi
' cates (like
Wig;
> Pro vid e Au the nti cat ion
. ' ' -
> Pro vid e Me ssa ge Confidential
ity.
-
> ' Pro vid e Me ssa ge Inte grit y.

:.:_r-
SET WORKING:
."W
W '—
"'w,W"
B o t h cardh older s and merch ants m u s t regist er with

CA [certi ficate autho rity] first, befor e they can buy
, . . . ,
o r 5811 on the Intern et. Once registr ation 15 done. cardho lder and merch ant can start to d o transa
ctions
w h i c h involve 9 basic steps i n this protocol , which is simplifie d.
. 1. C u s t o m e r browses website a n d decides on what to purchase
2. Customer sends o r d e r and paymentinfo rmation, which includes 2 parts in one message
' a. MQLW This part is for merchant. ' ' ‘
b’. C a r d Information: This part is for merchant’s bank oniy.
Merchant forwards card information [part b] to their bank.
‘ ' Merchant’s b a n k checks With lsSuer for payment authorization.
I s s u e r s e n d authorization to Merchant’s hank.
Merchant’s b a n k s e n d authorization to merchant.
Merchant completes the o r d e r a n d s e n d s confirmation to the customer. I
Merchant captures the transaction from their bank.
Issuer prints credit card bill [invoice] to customer.
Mites/Encore J’emarller --7 fipfigfismw
MISCELLANEOUS
Q l ] Timing and Storage Covert Channel.
Am“
(Sm-- W W
COVERT CHMNEL:
1. Covert Channel is type of computer securit y attack.
2. It transfers information in a way that violates a security policy.
3. Covert channels have been defined by Lampson in 1 9 7 3 as a communication cli'an’net'
, nor"
designed for any kind of information transfer.
4. Consider there is group of students preparing for exam,- where questionsare of'objective‘
type
5. For each question there are four choice of answer: a, b, c, d and right answerhas
to be selected:
6. Now one who is clever in the group decides to help-others.
7. So he/she any reveal the answer by acting in accordance to a predetermined
protocoilike
coughing for answer "a", sighing for answer “b” and so on.
8. Covert channel is hidden communicationin Open channel.
TIMING COVERT CHANNEL:
Timing Covert Channel are memoryless channel.

2. in a covert timing channel, the information transmitted from the
sender must be sensed by the
receiver immediately, otherwise it will be lost.
3, The task o f identi fying and handling covert timing
channel in. a secure system is-mo re difficult
than storage covert channel.
4. Examples of timing channel are:
‘a. [ / 0 Scheduling Control.
b. Memory Resource Management Channel.
5. Figure 9.1 represents exampie of covert timing channel.
Spy
Semcr Service Stir
Service. Spy
Fragment“L Program i Program 1 Program ‘ Prop-an; , [lg-“gram ‘
" 1 j o l i l o l t l‘ -l eras—s.
Figure 9.; (al Normal,Scheduling
Sci“!!!6* 5""! 19“

5H" WY Salrice 5 it?
Pwfilam
Program Program flagrant Program nmn
A 1
' . Ir - l . JI - l1 '_ .. ll - ' l. . _ ‘
Figure 9.! (h) Sui-rm program romm

nnicnting i n :
Figure 9.1: Example of 'l lining cover; Channel.
6.
ce pro
gram
7. Aservn
. .
ce program makes use0 f ‘ . timing Channel and
. my s program15 shOWn.
usmg1t. Elther by usmg certa‘
m amount of tim e o r by not
3. ln multi programmed system t‘
. lme ISdivided 1
-
alternatively, nto blocks
anda l l o c a t e d to oneprocess and another
9, The processing tim e 18 rej ect ed b
A block 15 used by a Process t V a Process i f i t is waitm f
10_ g or an event to occur and IS idle.
0 Signal1 and i t is rejec
l ted to 518na10.
11. Figure 9.1 (a) shows first Situation of
norm a schedulin ~ - programand
are used alternately. ‘ ,. 3.Where serVice spy program
12. In figure 9-2(b). an '' tion

e secon d Situa ' ‘15 show.ed where . e progr
servnc am communicates101string
to SPY program.
STORRGE COVERT CHANNEL:
1'. A storage covert channel transfers information thrOugh the writing of bits by one program and
reading those bits by another.
2. Examples o f storage covert channel are:
a. File Lock Channel.
b. Printer Attachme nt Channel.
3. Figure 9.2 shows the example of Storage covert channel.
Attached?
l
Sender Process. , ' - ' .
b ' Attached (1) - " Yes:1
__. Spy
.
SeeCe _ r,
-- .
Pruner
,______, Program
>
x. P r a y Detached[0)- _' - N021
‘” ' , Receiver Process-
Data to be Printed
_______________
Figure 9 2 : Print er Attachment Cover t Channel. <
a system. a sending process
. l ‘ h cical printers or other I/O, devices are shared resources in
4-
When p
y”
1d otentially transfer information to a receiving process ‘R' a t a
‘S’ at a high security level c a. n p '- 'd . '7

for the .ev1ce.
level by Creatlflg c o n t e n U O fl l h .
-- security
iwower r ‘ - t0 svnc I‘oniZe. . ‘ g _. .
. . . "er m u s t have some vva,r ,
5. The sender and receiv see i f the p r i n t e r is attached and attaches if it is
ecks to
sender
- process simply ch
. d a 1 , the..
T0 se'1
net“ 5 attachedand detachesifit is attached.
ks to se e if th e printer .1.
ess ch ec ise.
r h e s e n d‘ e r pro c . erw
successful and a 1 oth
To send a the printer, receivmg a 0 if
J, t to a ttach . ' r‘ . was successful.
.- ' r I'OCe55 attempts .
Cd” 4__
The ‘ ecelVer p
p th n detaches the printer 1f the attath
ro
//
The receive
W737
. a
‘ guardian 'Papw' ‘ -.' Janufer - 7 ff 73PM”?W
Mumbai Uni vers ity — Dec 2015
Q1] (a) Define the following examples: [10]
(i) Substitution cipher.
(ii) Poly-alphabetic cipher.
(iii) Salami attack. '
(iv) Session Hija ckin g.
Ans:[Chapter- 2 | Page No.11 81Chapter- 8 l Page No.117]
(b) With thehelp of examples explain non--malicious programming errors [05]
Ans: [Chapter- 7 | Page No. 88]
(C) 985118 the goals of securlty and specify mechanisms to archive each goal. [05]
Ans: [Chapter - 1 | Page No. 2]
Q2] (a) I n an RSA system the public key (e, n) of user A is defined as [7, 119). Calculate (l-‘n
and private
d-
key what is the cipher text when'you encrypt message m=10, using the PUbliCkey? [10]
. Ans: [Chapter 4 - | P a g e No. 40]
‘
(b) Give the format of X 509 digital certificate and explain the use of a digital signatu
re in it. [05]
-:Ans [Chap ter— 6 | Page N o . 6 5 ]
(c) Encrypt''The key is hidden under the (1001" usingplay fair cipher with
keywm (1“domestic”
Ans: [Chapte1 — 2 l Page No.14 ] . .- _ _ _, [05]
(13]
' l (3) Explainhow'a key is shared betWeen two-parties using
Diffie-Hellman by exchange algorithm.
_‘
' What is the drawback of this algorithm?
' [10]
_
Ans: [Chapter — 4-| Page No. 4 7 ]
1.2.311. _ 11
. _ 1
(b) Differentiate between 1') MD-5 and SHA ii] Firewall and IDS.
' 41‘“.:f‘A‘u-t'nr ‘iFJI’l

[10}
Ans: [Chapter - 5 a 7 l Page No. 648183]
1
' '
_
_
Q4] [:0 Explain working of DES detailing the Fiestel structure.
“ I [10}
.__
Ans: [Chapter- 3 l Page No. 26]
4....
.
(b) Whatis a Denial of service attack?
.-
_ What are the different ways in which
an att1.
acker can11101
I 111 1~
3 DOS attack on a system? '

Ans: [Chapter - 8 | Page No. 9 6] [10]
‘
H“
the S
handgh k y .
. Q5] (a) List the functions oftbe d1fterentp10tocols 111331,.E xplain
"1.
1
.-
Ans.[Chapte1 8 : Page No.101] . E' w( 1 . a “e D .
1. rotoml. [0 l
illémafl
(b) How does PGP achleve confidennally and authentication q.
" -' "
1
Ans:[Chapter - 6 | Page No. 69] 1, 'n ‘ 5 [05]
between the transport modea‘nd

'A
.{c)'Differentiate
tunnel m
authentication and confidentlalityare achieved using 11’ Sec Ode of If) 566 and 9X93"?
1'
2.1":
how
[1°].
: . '_l
WyefZW‘x‘m _ A...
WPW
Ans:[Chapter-.mpmhlnl “7 TWEM
Q6] Write in brief about [a

ny four}
; (:0 Operating System Security,
[2”]
Page
Ans: [Chapter - 1! No. 1]
(b) Buffer overflow attack.

Ans: [Chapter .. 3 I page No. 114]
(C) I? Spoofing,
Ans:[Chapter - 8 | PageNo
.117]
(d) Viruses and their types,
Ans:[Chapter - 7 | PageNo. 86]
Key
(e) generationin IDEA.
Ans:[Chapter - 3 I PageNo.21]
i MumbaiUniversity - May 2016

E Q1] (3) Explain software flaws with example. [05]
1 Ans: [Chapter - 8 | Page No. 113]
I} ( h ) List with example the different mechanisms to achieve security. [05]
' Ans: {Chapter - 1 l Page No. 2}
; (c) Explain with example,keyed and keyless trans-position ciphers [05]
? Ans: [Chapter - 2 I Page No. 12]
" (d) Elaborate the steps of key generation using RS".Aigorithm. [05]
i.
‘‘ Ans:[Chapter - 4 | Page No. 39]
i
I Q2] (3) A and B decide to use Difiie Hellman Algorithm to share a key. They chose P= 23 andG = S as :1
the public parameters- Their secret keys are 6 and 1 5 respectively. Compute the secret key that
they share. 7 [10]
Ans:[Chapter - 4 | PageNo. 49] . A
I.
E (b) Explain working of D55. [10]
: Ans:[Chapter - 3 l Page 7“" 26} W

' ll la Pa'lula mode!achieve access control.- [ml -i 3
. aE Q3] [3) Whatis access control?How dices theBe a 1‘ ,3
i
2:15;: :3 digital signature?Explainany digital signature alga-mamin detail. [10] .5;
I Ans:[chapter " 5 I Page No.54] ' - 16) -.’ .- .5 _ - E

‘5‘
spoofing,Explain sessionhiiadfingattack . _ ZEZE “ L .i
Z; ‘ ket sniffingand packet
Q41(niecmparepac a ‘ ~—-:- =
Ans:[CMpwlflflflW‘”
v3"
ul‘ifitm 7; ‘;;’r";..
01mph» Papas 3mm:- - 7 Tapper}Sa/ufiom
_ [b] Explain working ofKerberos. no] .s
Ans: [Cha pter - 6 | Page No. 74]
QS] .
(a) What is a firewall? What are the firewall des1gn - - i
prinClP'E? [ 0 5]
Ans: [Chapter — 7 l Page No. 79]
[0
(b) What are the various ways for memory and address protection. 5]
Ans: [Ch apt er - 7 l Page No. 90]
. n Systern
(c) EXplain the significance of an instructi on Detectio ' for securing a _network. Comp3;
signature based and anomaly based IDS.
[1°]
Ans: [Chapter - 7 | Page No. 84-]
7 Q6] Write in brief about [any four): [20]

(a) Email Security.
Ans: [Chapter - 6 i Page No. 67]
(b) SSL han dsh ake pro toco l.
‘ Ans: [Chapter - 8 l Page No. 101]
' ’
(c) lPSec Protocols for security. ,
A h I
_ Ans: [Ch apte r — 8 l Page No. 104]
(d) Deni al of service attacks.
‘ Ans: [Cha pter — 8 [ Page No. 96]
(e) lDEA.
Ans: [Chapter -_ 3 [ Page No. 21]
Mu mb ai Un ive rsit y— D e c 2 0 1
6
Q1] (3) Whatare block ciphers? Exp
lain with examples the CBC and ECB mo des of blo ck cipher
' Ans:[Chapter— 3 | Page No.33] s. [05 ]
’ - _. _
[b] Encrypt the str ing ''This 13
an easy task" using a playfair cip
he1 wit
h k83"'t11011arch3"'. {05 }
Ans: [Ch apte r- 2 l Page No. 1 2 8 ]
‘
(c) Define authentication an
d non-repudiation and Sh
ow With exa mp les ho w eac
ach ieved. h on e can be
. . y ‘ I}. . ' ‘ ,Q [05} ‘
Ans: [Ch apte r - 7 l Page No. 9 2 ]
V ' ‘ _ ’
(d ) Describe triple DES wi
th tw o DES keys. ls man
in the middle attack po ssi
Ans:[Chapter - 3 l Page No. 31] bl e on triui‘e DES'NOS}
‘ ‘ ' .- - ’
qg}. [a] A and B decide to use Di
ffie Hellman algorithm to sh
are key They cho
public parameters. Their secret key ose p =2 4 and g=5 as the
s are 6 and 15 respectivel
y. Compute the secr
share. et key that they
17(19312801‘34 . _ K\~Mm
M» Pat/ms
Sham--7 flipper}Soweto
. Explain the round key

A n s : [ C h a p t e r — 3 l Page No. 3 2 ] generation scheme i n bot h these
algorithms. [10]
- _ .
(23] (a) What are the diffe

rent types of v‘
Ans: [Chapter — 7
| Page No. 86]
(b) What are the various wa
ys for memory and address pro
tection in Operating systems?
authentication achie HOW is
ved in 0.8?
Ans: [Chapter - 7 | Page No. 90 ]
Q4] (a) Explainbriefly with examples,how the

followingattacks occur:
i] Salami attack [10]
’
ii) Denial of Service attack
iii) Session hijacking attack
1 iv) Cross-cite scri ptin g attack
Ans: [Ch apte r - 8 l Page No. 118]
(b) H o w is secur ity achieved in the transport and tunnel
modes of lPSec? Describe the role ofAH
and ESP. ' l [10]
‘Ans: [Chap ter — 8 l Page No.107]
Q5] (a)'l-Iow isconfideritialiq’achieved in emails using either S/MIME or

PCP? [05]
Ans: [Chapter - 6 l Page No. 69]
(b) A'and B wish to use RSA to communicate securely. A chooses public key (e.
n) as (2, 24.7) and
B choose s p u b l i c key (e, n] as (5, 221). Calcula te t h e i r private
keys. W h a t w i l l b e the. Cipher text
sent byA to B ifA wishes to send message m =- 5 securely to B? [10]
(c) Whatis a digital signature?Explain any digital signature algorithm.
[05]
.Ans:
[Chapter —- 5 I Page No. 54]
Q6] (3) Compare and contrast (any two): {10]
1') Block and stream ciphers

ii) MD-S versus SHA
iii) KDC versus CA
Ans:[Chapter — 2a 5 .l Page No.19, 64& 53]
(b) What are firewalls? Explain
‘ ‘ the different
' ' ~of firewalls
* types “'a ‘ 9and Wm
. irtlelzwerlnwh
( i i .1 3; ich
they operate. [.10]
Ans: [Chapter - " l Page No.80]
i . I Y , A .. L
_ u
Wry‘r— . - "' v i I I -
- Vil'. , ‘T v I ‘ '- .
a > v: >
2 I ' ’ ' _ .r-I} ‘L.’ , . 5 .5 ,, "rd“. ,
- > ..
“‘96 ' ' ' .
-g- : “J:
-. rat-- ' a i .e
.V J .5" .' ‘. ut-
. , . _. -‘
- j _. "6th; ‘ . . _ 2 , 3: . ‘ "14””
' 3i: 1.. 7.
I l .01) ,1 1‘." ,"."", _ '._-. . . '.'.-. . . i . n W
Mumbai University - May 201 7
- .u
Qll (a) Use the Play fair cipher with the keyword: "MEDICINE to ~ h ~r the mes3 3 8 9 "T h e
emit) L greatest
‘
wealth is healih‘l‘. [05]
Ans:[Chapter -- 2 l Page No. 17]

(h) Explain key rings in PCP. ' [05 ]
Ans:[Chapter - 6 l Page No. 72]
(:3) Briefly define idea behind RSA and also explain [10]
i ) What is the one way functionin this system?
2) What is the trap door in this?
3 ) Give Public key and Private Key.
4) Describe security in this system.
(a) Explain DES, detailing the Fiesta] structure and S-block design [10]
Ans: [Chap ter - 3 | Page No. 26]
'
(b) Consider a Voter data management system in E-voting system with sensitive and non-
‘
sensitive attributes. ’ .' _
1) Show with sample queries how attacks (Direct, inference) are possible on such
data
'
H
,
sets. .
‘
.
V
2) Suggest 2 different ways to mitigate the problem. _ -' ' [10]
_'
.
y
Ans: [Not included]
.
.1,
.1
__
.v .
W.‘
1
(23]
«,
,4
(a) Explain Diffie- Hellman Key exchange algoxithm
1..
.
with suitable example. Also explain the
-
A
-
1
problemofMlMattackinit.
.
_ . ' , .. .
_
['10]
‘
1 '1‘
_‘
up
v Ans: [Chapter— 4 l Page No. 48]
:'
‘
(b) What are Denial ofService attacks? Explain any th:
ee types ofDOS attacks in detail
'
-.
[10}
'
" ‘r -
Ans: [Chapte1——8 l Page No.96]
.I ,t
A_
,
-.
.
.1
"_l
Q4} (a) lPSec offers security at n/w layer What is the need Of SSL? Explain the service tof
s SSL
'."
‘Y
protocol? 1
m. ‘
1 - _ [10]
.
_ .
Ans: [Chapter - 8 l Page No. 1 0 6 ]

'
V‘
('o) What are the types of firewalls?How are irew

ails d1f erent from IDS
<
{10]
Ans: [Chapter - 7 | Page No. 80]
05:' I (a‘J What are the various weY5 in whichPublic k

ey distlihiition is implemented Exp
working of public key certificate lain the
s cle arly detailing the role of cert1f1
cate authority r10]
Ans: [Chapter - 4 | Page No. 50] * ‘~ * ‘1
.
“
.10;
" " 6' ~ ;
‘1FTWr
PyteWéé A.
‘1 ,a
Paint“? “- W13” :WE- '
19¢”
,1 M- 7 Tapper-'3 60W
b) Why are D
( lgltal Signatures 8‘ Digital
Signature? certificates required? What is the
significance 0f Dual
Ans: [ C h a p t e r - [10]
5 l Page No. 5 6 ]
06] Attempt any 4

[20]
(a) SHA~1
Ans: [Ch apte r- 5 | PageNo.58]
[05]
(b) Timing an d Sto
rage Co ve rt Channel.
Ans: [Miscellaneous |
Page No. 124]
(c) Sesslon Hijacking an
d Spoofing.
Ans: [Chapter - 8 | Pa ge No. 117]
(d) Blowfish.
Ans: [Chapter - 3 l Page No
. 23]
(i) S/M lME
Ans: [Chapter - 6 i Page No. 76]
Mumb ai University - Dec 2017

Q1] (a) Encrypt the message "Cryptography is fun“ with a multiplicative cipher
with key = 15. Decrypt
to get back original plaintext.
[05]
Ans: [ C h a p t e r - 3 l Page No. 3 4 ]
(b) With the help of suitable examples compare and contrast monoa
lphabetic ciphers and
polyalphabetic ciphers?
[05}
(c) What are the properties of hash functions? Whatis the role of
a hash function in security? [05]
.45 .. Ans: [Chapter - S l Page No. 60}
(d) What are the different protocols in . S S L ? How do the client
and server establish an SSL
connection.
[05]
Ans: [Chapter - 8 I Page No. 103}
QZ] (a) What is a digital certificate? How does it help to validate the authen
ticity of a user? Explain
the X509 certificate format. [10]
Ans: [Chapter - 6 I Page No. 66]
(b) With reference to DES comment on the following: [10].
(1') Block size andkey size.
(ii) Need for expansion permutation.
(iii) Avalanche and completeness effects.
(iv) Weak keys and semi-weak keys.
7359‘
3: 0,154
(1') Role of&box
Ans:[Chapter~ 3 l Page No. 29]
Q3} (a) What are the different types ofviruses and wow? Ho w do they Pmpagate?
Ana [Chapter -- 7| Page No.86] [10]
(b) What are the van‘ous ways for memory andaddressP-mt

efifio"in OperatingSystem? [19]
AIR [Chapter - 7 | Page No. 90]
.,
Q4] (3] Emlain briefly with examples.how the
followingattacks occur: [10]
i) Phishing attack.
ii) -
Denial of Service attack.
iii) SQL injection attack.
Q».
iv)Cross-site scripting attack
Ans: [Miscellaneous | Page No
. 119]
(b) How is security achieved in the transpor
t and tunnel modes of lPSec? What are secu
rity
associations? .
[10]
Ans: [Chapter— 8 | Page No. 107]
Q5} (a) What are the different threats to emails?

Give an algo rithm to secure emails being sent from
userA to user 8. _
[1.0]
Ans: [Chapter - 6 | Page No. '70]
{b} A and B wish to use RSA to communicate
securely. A chooses public key as (7, 119 )
and B
chooses public key as (13. 221). Calculate
their private keys. A wishes to send mes
sage m = 10 to
B. What will be the ciphertext? With
what key will A encrypt the message “m“
i f A needs to
authenticate itself to B. [10]
Ans: [Chapter — 4 | Page No. 43] 4
(2:) Compare and contrast (any two]: * [10]

(i) lock and stream ciphers. ''
Ans: [Chapter - 2 i Page No. 19] ‘
“a
(ii) l-lD-S versus SHA

Ans: {Chapter -- S l Page No.64] .
(iii) Key generationin IDEA and Blowfish '
Ans: {Chapter - 3 l Page No. 24] _ t
(b) What are the different compon
ents. of an _ tection System.? Co
intrusion, De . mp
‘
‘ 0f signaturebased105 with anomaly based ”)3.
are. th
. e w ork'meg
* 0]
Abs: {Chapter - 7 | PageNo. 84]
- v—w
'3‘“
' ‘-'
.. :17 ' _I'I
..
v: ”‘5‘“!
---
* r.
—~ -
- . I
~ “31"". . . ere-'1.
1' it I W .
l‘,
mm . -- WWI-WW "‘1" "
.
mafia»PM 61m ._7 722mm“:Sedition!

Mumbai University - May 2018
Q1] - (a) What is the purpose ofS-hoxes
in DES? Explain the avalanche effect?
Ans:[Chapter - 3 l Page '05 ]
No. 29]
. (b) Give examples of replay attacks.
List three general approaches for dea
Ans: [Chapter - 1 | Pa ling with ”Phil “ “ 3 9 ” [05 ]
ge No. 4]
Why
(C) is the segmentation and reassembly functionin FOP
A“: (Pretty Good Privacy) needed? [05]
[Chapter - 6 | Page No. 71]
(d) List and explain various typ
es of attacks on encrypted messa
Ans:[Chapter - 1 | Page ge. [05]
No. 5]
Q2] (a) What is the need for message authentication
? LiSt various techniques used for message
authentication. Explain any one
.
Ans: [Chapter - 5 | Page No. 6 2 ] [10]
Kerb eros
(b) Explain protocol that supports authenticationindistribu
Ans: [Chapter - 6 l Page ted system. [19]
No. '74]
Q3] (3) What characteristics are needed in
secure hash function? Explain the Operatio
algorithm on 512 bit block. n oi'secure hash
Ans: [Chapter - 5 | Page No. 62] [10 ]
(b) Wha t is a nonce in key distribution scen
ario? Explain the key distribution scenario
to establish logical connection with B. A if A wishes
and B both have a master key which they
and key distribution share with itself
center. -
Ans: [Chapter — 6 | Page No. 77] [10]
Q4] (3] Why E—commerce transactions need

security? Which tasks are performed by
gateway in E-commerce transaction? Explain payment
the SET (Secure Electronic Transaction) proto
Ans: [Miscellaneous 1Page No. 121] col.
[10]
[b] In RSA system the public key ofa given user e =
7 8:n: 187 _ ' [10]
1) What is the private key of this user?
'
2) lfthe intercepted C T z l ] and sent to a user
whose public key e=7 8: n: 187. What is the
PT?
3) Elaborate various kinds of attacks on RSA algorithm?
Q5] (3) How can we achieve web security? Explain with example.
. [10]
Ans: [Not Included]
(b) Use Hill cipher to encrypt the text “short". The key to be used is
"hill". [10]
Q6_ (3) Explain lPSecprotocol in detail. Also write applications and

advantages oflPSec. {10]
(b) Differentiate between i) MD—S and SHA ii) Firewall and IDS.
[l0]
Ans:[Chapter - 5' & 7 I Page No. 64 8:. 83]

Wacwm: Twewm, W@&WW

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Wacwm: Twewm, W@&WW

Uploaded by

Copyright:

Available Formats

_ v__....

W” TWEWM, W@&WW mar-7 Twas“.-

> W ﬁrsto marks:

Chapter Name “'eightage (Marks)

Note: If you want to score good marks, study ALL Chapters.

Please Note: The Above Analysis is suggest by Topper’s Solutions

completely dependent on it. It may change as per Univ

Figure 1.1: OS Security.

Q3] List with example ‘ '~

Note: For Q3) Refer only Security Mechanism. Part,

It is the bes t security policy. . d V

Figure 1.2: Example of Conﬁdentiality.

the data sen d by sender.

! I ”Mcﬁon 3makr~7 Topper? JoMom

A ideal Rent. or the manage B

Figure 1.3: Example of Integrity.

it ensures that the data is always accessible/ available to authorized persons.

Figure 1.4: Example ofAvailahility.‘

This is hiding or covering of data which provides confidentiality.

It is also used to complement other mechanisms to provide other services.

Ii] Digital Integrigg

speciﬁc process from the data itself.

attempt to use the trafﬁc analyslS-

. Q4] Give exam ples of r epla). attacks

1. Replay attack is also know

F ' 00,000 to B Thl‘OUgh

' “W e time to p m d U C e . ed {fecls'

Replay same message as A

Figure 1.5: Example of Replay Attack.

we]. APPgoncuss roe DEALING WITH REPLAY ATTACKS:

Q5] List and explain various types of attacks on encrypted message

Ans: ' [5M -- MayiS]

1. Attack is the action which exploits t h e vulnerability o f system.

III) Chosen Plaintext Attack [CPA]:

IV)‘ . Dictiona ry Attack:

1 Attack is the action which exploits the vulnerabi lity ofSYStem"

d ﬁle which may contain sensiti

ACTIVE A'FTACK:' ' . ,

Figure 1.7: Example of Masquerade.

Replay same message as A

Figure 1.8: Example 0 fReplay Attack.

in this technique, an attacker tries to modify the message.

This modification may be in terms ofmessage alteration, delay or reordering.

Figure 1.9: Modiﬁcation of Message.

(322] Security Services

Hgn- Re pud ia tio n;

ofthe parties In acC d m m

Plain Text: ViVA Institute of Technology

Cipher Text: YLYD LQVWLWXWH RI WHFKQRORJB

I» i n a poiyalphabetic cipher, multiple cipher alphabets a r e used.

In m o o a l p h a b e t i c m p h e r smgl cipher alphabet I n p o l y a l p h b t i c cipher there are multiple cipher

E x a m p l e : Refe r exam ple given abov e.

The cipher text is created reading the patternrow by row.

The cipher text is created reading the pattern Column by Column.

ll) Keyed 'ﬂ‘aLnsnosition Cipher:

pla y f a i r ciph er with keyword

Plain Text: The key'is hidden under the (ionr.

:" “T: m a“ w. =7u#

(1. Replace Ilm [1MP(JrCIH-Il'ﬂl‘lt‘l'ﬁWllll the intersection, Il’the lntersc

'l'h nlc W Is In clx (It: nu ml or th ed ox or

I‘M.mammmﬁfclpher Twin ls: cl”nr

a piﬂyfﬂh‘ Cipher WI“! he,

e s tr ing " This is on