You are on page 1of 16

Marking Scheme : CAT I: Network Security Question I. True or False (5 pts: 0.

5 pts each)
a) Symmetric encryption remains by far the most widely used of the two types of encryption => True b) With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key => True c) The encryption algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. => True d) When using symmetric encryption it is very important to keep the algorithm secret. => False e) Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet. => True f) The Fiestel cipher structure, based on Shannons proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use => True g) DES uses a 56-bit block and a 64-bit key => False h) Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart(hinder/prevent) attempts to deduce the key => False i) All other things being equal, smaller block sizes mean greater security => False j) AES uses Fiestel structure => False k) DES is a block cipher intended to replace AES for commercial applications => False l) In the AES the decryption algorithm is identical to the encryption algorithm => False

Question 2 (4 pts)
What is the difference between specific security mechanism and pervasive security mechanism? Give 3 examples for each.

Specific security mechanisms are security mechanisms that are implemented in a specific protocol layer whereas pervasive security mechanisms that are not implemented to a specific layer , they are kind of general. Examples of specific security mechanisms: encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Examples of pervasive security mechanisms: trusted functionality, security labels, event detection, security audit trails, security recovery.

Question 3 (5 pts)
Give and define the types of cryptanalytic attacks based on what is known to the attacker.

Type of Attack Known to Cryptanalyst

Type of Attack Ciphertext only

Known to Cryptanalyst

Encryption algorithm Ciphertext Encryption algorithm Ciphertext One or more plaintext-ciphertext pairs formed with the secret key Encryption algorithm Ciphertext Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key Encryption algorithm Ciphertext Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key Encryption algorithm Ciphertext Plaintext message chosen by cryptanalyst, together with its corresponding ciphertext generated with the secret key Purported ciphertext chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with the secret key

Known plaintext

Chosen plaintext

Chosen ciphertext

Chosen text

Question 4 (5 pts)
What are the parameters and design features of the Fiestel structure? What is the difference between link and end-to-end encryption?


Parameters and design features of a Fiestel structure: block size key size number of rounds subkey generation algorithm round function fast software en/decryption ease of analysis

Qn 5. The difference between link encryption and end-to-end encryption is as follow:

Link encryption is a placement alternative such that: encryption occurs independently on every link implies must decrypt traffic between links requires many devices, but paired keys End-to-end encryption is a placement alternative such that: encryption occurs between original source and final destination need devices at each end with shared keys CAT 1B 1. Give and explain the two general approach of cryptanalysis There are two general approaches: A. Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plaintext-ciphertext pairs. B. Brute-force attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. 2. Briefly discuss about the three strength of DES 1. Strength of DES Key Size 56-bit keys have 256 = 7.2 x 1016 values brute force search looks hard recent advances have shown is possible 2. 3. Strength of DES Analytic Attacks now have several analytic attacks on DES these utilise some deep structure of the cipher generally these are statistical attacks include differential cryptanalysis linear cryptanalysis related key attacks Strength of DES Timing Attacks attacks actual implementation of cipher use knowledge of consequences of implementation to derive information about some/all subkey bits particularly problematic on smartcards

1. 2. 3. 4.

2. Given parties A and B, what would be the key distribution alternative? given parties A and B have various key distribution alternatives: A can select key and physically deliver to B third party can select & deliver key to A & B if A & B have communicated previously can use previous key to encrypt a new key if A & B have secure communications with a third party C, C can relay key between A & B 3. What are the two security mechanisms? Define them

specific security mechanisms: are protocol layer specific

encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization

pervasive security mechanisms: are not

trusted functionality, security labels, event detection, security audit trails security recovery. CAT 2B x.509 includes three alternative authentication procedure. What are they?
One-Way Authentication Two-Way Authentication Three-Way Authentication , all use public-key signatures

Email is one of the most widely used and regarded network services :give four security that needed to be enhanced and led to the development of pgp. confidentiality protection from disclosure authentication of sender of message message integrity protection from modification non-repudiation of origin protection from denial by sender Give the 10 steps of an set transaction

1. customer opens account 2. customer receives a certificate 3. merchants have their own certificates 4. customer places an order 5. merchant is verified 6. order and payment are sent 7. merchant requests payment authorization 8. merchant confirms order 9. merchant provides goods or service 10. merchant requests payment

Internet and web are vulnerable to a variety of threats; give four of them o integrity o confidentiality o denial of service o authentication


1. Why is R64 conversion useful for an e-mail application?

To provide transparency for email applications, an encrypted message may be converted to an ASCII string using radix 64 conversion.(e-mail compatibility)

2. S/MIME Functions
enveloped data encrypted content and associated keys signed data encoded message + signed digest clear-signed data cleartext message + encoded signed digest signed & enveloped data nesting of signed & encrypted entities

3. Differentiate between Transport mode and Tunnel mode

Transport mode provides protection primarily for upper-layer protocols. That is, transport mode protection extends to the payload of an IP packet. Examples include a TCP or UDP segment WHEREAS Tunnel mode provides protection to the entire IP packet. To achieve this, after the AH or ESP fields are added to the IP packet, the entire packet plus security fields is treated as the payload of new "outer" IP packet with a new outer IP header. 4. Use a diagram to illustrate and explain phases of an SSL connection between client and server 5. Use a diagram to illustrate the Kerberos v4 authentication dialogue Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks

3 aspects of information security: security attack security mechanism security service Security attack: Any action that compromises the security of information owned by an organization. Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. Generic types of attacks Passive Active Have passive attacks which attempt to learn or make use of information from the system but does not affect system resources. By eavesdropping on, or monitoring of, transmissions to: + obtain message contents , or+ monitor traffic flows Also have active attacks which attempt to alter system resources or affect their operation. By modification of data stream to:+ masquerade of one entity as some other, + replay previous messages , + modify messages in transit Security Services (X.800) Authentication - assurance that the communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication Model for Network Security Using this model requires us to: 1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service plaintext - original message ciphertext - coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key

cryptology - field of both cryptography and cryptanalysis Two requirements for secure use of symmetric encryption: 1. a strong encryption algorithm 2. a secret key known only to sender / receiver Characterize cryptographic system by: 3. type of encryption operations used substitution / transposition / product 4. number of keys used single-key or private / two-key or public 5. way in which plaintext is processed block / stream Feistel Cipher Design Elements block size key size number of rounds subkey generation algorithm round function fast software en/decryption ease of analysis Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the security requirements then three alternative functions used: message encryption message authentication code (MAC) hash function Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination repudiation why use a MAC? sometimes only authentication is needed sometimes need authentication to persist longer than the encryption (eg. archival use) Hash Functions condense arbitrary size message to fixed size through some compression function either custom or block cipher based Message Authentication Code (MAC) fixed sized authenticator for some message to provide authentication for message

by using block cipher mode or hash function digital signatures provide the ability to: (chap13) verify author, date & time of signature authenticate message contents be verified by third parties to resolve disputes Kerberos Requirements (chap14) its first report identified requirements as: secure, reliable, transparent, scalable Kerberos v4 Overview a basic third-party authentication scheme have an Authentication Server (AS) have a Ticket Granting server (TGS) Kerberos v4 Dialogue 1. obtain ticket granting ticket from AS, 2. obtain service granting ticket from TGT 3.client/server exchange to obtain service Kerberos Realms:A Kerberos realm is a set of managed nodes that share the same Kerberos database, and are part of the same administrative domain. If have multiple realms, their Kerberos servers must share keys and trust each other. a Kerberos environment consists of: a Kerberos server a number of clients, all registered with server application servers, sharing keys with server

Kerberos Version 5
developed in mid 1990s specified as Internet standard RFC 1510 provides improvements over v4 addresses environmental shortcomings and technical deficiencies

X.509 Authentication Service

part of CCITT X.500 directory service standards defines framework for authentication services also defines authentication protocols uses public-key crypto & digital signatures X.509 certificates are widely used

Certificate Revocation
certificates have a period of validity

may need to revoke before expiry, CAs maintain list of revoked certificates users should check certificates with CAs CRL

Chap15(Email Security)
email is one of the most widely used and regarded network services

Email Security Enhancements

confidentiality protection from disclosure authentication of sender of message message integrity protection from modification non-repudiation of origin

Pretty Good Privacy (PGP) Operation Authentication

The actual operation of PGP consists of five services: authentication, confidentiality, compression, e-mail compatibility, and segmentation.

PGP Operation Confidentiality

Another basic service provided by PGP is confidentiality, provided by encrypting messages to be transmitted or to be stored locally as files, using symmetric encryption algorithms CAST-128, IDEA or 3DES in 64-bit cipher feedback (CFB) mode.

PGP Operation Confidentiality & Authentication

Both confidentiality & authentication services may be used for the same message.

PGP Operation Compression

By default PGP compresses the message after applying the signature but before encryption.

PGP Session Keys

PGP makes use of four types of keys: one-time session symmetric keys, public keys, private keys, and passphrase-based symmetric keys.

S/MIME (Secure/Multipurpose Internet Mail Extensions)

MIME allows encoding of binary data to textual form for transport over traditional RFC822 email systems. S/MIME support is now included in many modern mail agents.

S/MIME Messages
have a range of content-types: enveloped data signed data clear-signed data registration request certificate only message

chap16 (Ip sec) IP-level security encompasses three functional areas: authentication, confidentiality, and key

IP Security Architecture
specification is quite complex defined in numerous RFCs mandatory in IPv6, optional in IPv4 have two security header extensions: Authentication Header (AH) Encapsulating Security Payload (ESP)

Security Associations
An association of a one-way relationship between sender & receiver that affords security for traffic flow defined by 3 parameters: Security Parameters Index (SPI) IP Destination Address Security Protocol Identifier have a database of Security Associations

Authentication Header (AH)

1. provides support for data integrity & authentication of IP packets 2. based on use of a MAC 3. parties must share a secret key

Oakley is a key exchange protocol based on the Diffie-Hellman algorithm but providing added security.
Oakley is generic in that it does not dictate specific formats.

The Internet Security Association and Key Management Protocol (ISAKMP) provides a framework for Internet key management and provides the specific protocol
support, defining procedures and packet formats to establish, negotiate, modify, and delete security associations.

Chap17 (web sec)

The World Wide Web is widely used by businesses, government agencies, and many individuals.

have a variety of threats

integrity confidentiality denial of service authentication

SSL Architecture Session: An SSL session is an association between a client and a server, created by the Handshake
Protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections.

Connection: A connection is a network transport that provides a suitable type of service, such
connections are transient, peer-to-peer relationships, associated with one session

SSL Handshake Protocol

allows server & client to: authenticate each other to negotiate encryption & MAC algorithms to negotiate cryptographic keys to be used comprises a series of messages in phases Establish Security Capabilities Server Authentication and Key Exchange Client Authentication and Key Exchange, Finish

SET Components
Cardholder: purchasers interact with merchants from personal computers over the Internet Merchant: a person or organization that has goods or services to sell to the cardholder Issuer: a financial institution, such as a bank, that provides the cardholder with the payment card. Acquirer: a financial institution that establishes an account with a merchant and processes payment card authorizations and payments Payment gateway: a function operated by the acquirer or a designated third party that processes merchant payment messages Certification authority (CA): an entity that is trusted to issue X.509v3 public-key certificates for cardholders, merchants, and payment gateways

SET Purchase Request

SET purchase request exchange consists of four messages 1. Initiate Request - get certificates 2. Initiate Response - signed response 3. Purchase Request - of OI & PI 4. Purchase Response - ack order

Dual Signature
The purpose of the dual signature is to link two messages that are intended for two different recipients.

significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: masquerader misfeasor clandestine user

Intrusion Techniques
aim to gain access and/or increase privileges on a system basic attack methodology target acquisition and information gathering initial access privilege escalation covering tracks key goal often is to acquire passwords

Password Guessing
one of the most common attacks attacker knows a login (from email/web page etc)

then attempts to guess password for it defaults, short passwords, common word searches user info (variations on names, birthday, phone, common words/interests) exhaustively searching all possible passwords check by login or against stolen password file success depends on password chosen by user surveys show many users choose poorly

Password Management
front-line defense against intruders users supply both: login determines privileges of that user password to identify them passwords often stored encrypted Unix uses multiple DES (variant with salt) more recent systems use crypto hash function should protect password file on system

Managing Passwords - Education

can use policies and good user education educate on importance of good passwords give guidelines for good passwords minimum length (>6) require a mix of upper & lower case letters, numbers, punctuation not dictionary words but likely to be ignored by many users

Intrusion Detection
inevitably will have security failures so need also to detect intrusions so can block if detected quickly act as deterrent collect info to improve security assume intruder will behave differently to a legitimate user but will have imperfect distinction between

CHAP19 A backdoor, or trapdoor, is a secret entry point into a program that allows someone that is
aware of it to gain access without going through the usual security access procedures

Logic Bomb
one of oldest types of malicious software code embedded in legitimate program activated when specified conditions met eg presence/absence of some file

particular date/time

particular user Trojan Horse

program with hidden side-effects which is usually superficially attractive eg game, s/w upgrade etc when run performs some additional tasks allows attacker to indirectly gain access they do not have directly often used to propagate a virus/worm or install a backdoor or simply to destroy data

program which secretly takes over another networked computer then uses it to indirectly launch attacks often used to launch distributed denial of service (DDoS) attacks exploits known flaws in network systems

a piece of self-replicating code attached to some other code cf biological virus both propagates itself & carries a payload carries code to make copies of itself as well as code to perform some covert task A virus may use compression so that the infected program is exactly the same length as an uninfected version.

Virus Operation
virus phases: dormant waiting on trigger event propagation replicating to programs/disks triggering by event to execute payload execution of payload

details usually machine/OS specific exploiting features/weaknesses

Types of Viruses
Parasitic virus: traditional and still most common form of virus, it attaches itself to executable files and replicates when the infected program is executed Memory-resident virus: Lodges in main memory as part of a resident system program, and infects every program that executes Boot sector virus: Infects a master boot record and spreads when a system is booted from the disk containing the virus Stealth virus: a virus explicitly designed to hide itself from detection by antivirus software Polymorphic virus: mutates with every infection, making detection by the signatureof the virus impossible. Metamorphic virus: mutates with every infection, rewriting itself completely at each iteration changing behavior and/or appearance, increasing the difficulty of detection.

Email Virus
spread using email with attachment containing a macro virus cf Melissa triggered when user opens attachment

replicating but not infecting program typically spreads over a network using users distributed privileges or by exploiting system vulnerabilities

Worm Operation
worm phases like those of viruses: dormant propagation search for other systems to infect establish connection to target remote system replicate self onto remote system

triggering execution

Worm Techology
multiplatform multiexploit ultrafast spreading polymorphic metamorphic transport vehicles zero-day exploit

CHAP20 What is a Firewall?

a point of control and monitoring interconnects networks with differing trust imposes restrictions on network services only authorized traffic is allowed auditing and controlling access

Firewalls Roles
All traffic from inside to outside, and vice versa, must pass through the firewall. Only authorized traffic, as defined by the local security policy, will be allowed to pass. The firewall itself must resist to penetration.

Firewalls Techniques
To control access and enforce security policy

Service control: Determines the types of Internet services that can be accessed, inbound or outbound.
Direction control: Determines the direction in which particular service requests may be initiated and allowed
to flow through the firewall.

User control: Controls access to a service according to which user is attempting to access it

Behavior control: Controls how particular services are used.