Submitted by:

Abdul Mateen Hashmi (roll#54)

Submitted to:

Ma’aM lubna Khan

Semester:

7th

Session:

2019-2023

Data& network

security

Date of submission:

3,April, 2023

University of poonch rawalakot, ajk

Dept. of cs and it
Question#1
What is birthday attack in cryptography? Discuss with an example.
The birthday attack is a type of cryptographic attack that exploits the probability of two randomly
selected values being the same. This attack is named after the birthday paradox, which states that
in a group of just 23 people, there is a 50% chance that two people will have the same birthday.
In the context of cryptography, the birthday attack can be used to find a collision in a hash
function. A hash function is a mathematical function that takes input data and produces a fixed-
size output, which is typically used to verify the integrity of data. A collision occurs when two
different inputs produce the same hash output, and finding a collision can enable an attacker to
bypass security measures that rely on the hash function.
Example:

Let's assume we have a hash function that produces a 32-bit output. If we randomly generate
input data and hash it, the chances of any two inputs producing the same output are relatively
low. However, if we generate a large number of random inputs and hash them, the probability of
finding a collision becomes much higher.

Specifically, if we generate 2^(n/2) inputs, where n is the number of bits in the hash function
output, the probability of finding a collision becomes greater than 50%. In the case of our 32-
bit hash function, we would need to generate approximately 2^16 (or 65,536) inputs to have a
greater than 50% chance of finding a collision.Therefore, an attacker could generate a large
number of inputs and compare their hash outputs, looking for collisions. If a collision is found,
the attacker can use it to their advantage to bypass security measures that rely on the hash
function. To prevent the birthday attack, it is important to use hash functions that are designed
to resist collision attacks, such as SHA-3 or BLAKE2. Additionally, it is important to use
sufficiently large hash output sizes to reduce the probability of collision attacks.
To prevent the birthday attack, it is important to use hash functions that are designed to resist
collision attacks, such as SHA-3 or BLAKE2. Additionally, it is important to use sufficiently
large hash output sizes to reduce the probability of collision attacks.
Question#2
What is DDoS attack? Briefly describe DDoS attack types.

A DDoS (Distributed Denial of Service) attack is a type of cyberattack where multiple

compromised systems are used to flood a target website or network with a high volume of traffic,
overwhelming its servers and making it inaccessible to legitimate users. The goal of a DDoS
attack is to disrupt the target's online services and cause damage to its reputation, revenue, or
operations.

DDoS attacks can take many forms, and different types of attacks may be more effective against
different targets. Here are some common DDoS attack types:
Volumetric Attacks: These attacks flood the target's network with a massive amount of traffic,
often using botnets, which are large networks of compromised computers under the control of a
single attacker. The traffic can be generated using various methods, such as amplification
attacks, where the attacker sends a small amount of traffic to a vulnerable server, which then
responds with a much larger volume of traffic to the target.
Protocol Attacks: These attacks exploit vulnerabilities in network protocols, such as TCP or
HTTP, to flood the target's network with a high number of connection requests, often exhausting
its resources and making it unable to respond to legitimate traffic.
Application Layer Attacks: These attacks target specific applications, such as web servers or
database servers, with the goal of exhausting their resources or exploiting vulnerabilities in their
code. Application layer attacks can be more difficult to detect and mitigate than other types of
attacks.
IoT-based Attacks: These attacks exploit vulnerable IoT (Internet of Things) devices, such as
routers, cameras, or smart home devices, to launch DDoS attacks. IoT-based attacks can be
particularly dangerous because many IoT devices have weak security and are easily
compromised.
DNS Amplification Attacks: These attacks use vulnerable DNS servers to amplify the attacker's
traffic, making it more difficult to detect and block. DNS amplification attacks can be very
effective because they allow the attacker to generate a large amount of traffic with a relatively
small number of machines.
To defend against DDoS attacks, it is important to have a comprehensive DDoS mitigation
strategy that includes both preventive measures, such as firewalls and intrusion detection
systems, as well as response plans for when attacks occur. This may involve working with a
specialized DDoS mitigation service or implementing network and application-layer defenses to
block or filter malicious traffic.