0% found this document useful (0 votes)
119 views46 pagesCyber Security Unit-4
exam preparation
Uploaded by
All AccountsCopyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
0% found this document useful (0 votes)
119 views46 pagesCyber Security Unit-4
exam preparation
Uploaded by
All AccountsCopyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
/ 46
rsp poasau ap apse snBINN SUE ap
aca ee sua 2) 09/1 KOE OMB
‘ydesdotag so suey sour pe some [81a
somos ay pur woneonUoURY ABESOIY
QI. Whot is Cryptography?
Answer Model Peper. a8
Cryptography refersto the technique of tansforming usable information int form thats readable only
bythe authorized users. The enerypted information can be converted back tits orginal for i plaintext by
‘any authorized user, possessing the cryptographic ke. This process scaled decryption. Hence, cryptography
{is @ means of providing information security, thereby protecting information from unauthorized wesess std
ssclosure while transiting and string the information.
“Thus, cryptography provides security tothe information as well as to other useful applications for
improving authentication methods, message digest, digital signatures, non repudiation and encypied network
communications, Its not implemented properly thea, i would lead to many security problems. The length
and strength of an encryption key are also important, because the stength of an encryption algorithm is aso
dependent on the key
G2. White in short about MAC.
Anew
‘Message authentication codes also called a cryptographic checksum, isa small block of date having
‘Axed size and generated using secret key. lis appended othe message Its assumed that both the prtlpans
‘who desire to communicate share a common secret key "A. Lethe partcjpants bet and BIf-4 wants seed
message to 8 he calculates the MAC using the message and the key as follows,
Mac=c,0My
Wher,
\ MAC = Message authentiaton code
{ © =MAC function
‘ = Shared secret key
M= Input mess
83. What ore the algorithms in cigta signature schema?
Answer
; ‘The algorithms in digi
signature has been designed to ensure the authenticity of « message. It does
‘not perform encryption process overa message. These algorithms are used by the sender and receive so ast
‘generate a digital signature on the message and to verity the authenticity ofthe signature respectively. Both
sender and reeiver has a private and public keys which are used for performing signature pencraton and
verification funetions. The following ate the thre algorithms included within the digital signature scheme
| 1. Key-genertin algorithm
2 Signing algorithm
3. Signature verifying algorithm
1. Key-generation Algorithm: This algorithm i sed for generating privat key and its corresponding
prblic key.
2. Signing Algorithm: This algortun
‘enerats a digital signature as output by considering mess
and peivate Key 2s inp.
Signature Verifying Algorithm: This algorithm verifies the authenticity of a signature by taking
combination of message, public key and digital signature a input.
‘PSA PUBLISHERS AND DISTRIBUTORS PVT.LTD.
ge:
UNIT-4: Cryptography and Network Security =
Gt, Une copies ot trewans
a ota ot
‘The capabilites of firewalls ere as follows,
1. Firewalls capable of blocking unauthorized network users from entering into the secured network
2, Firewall filters the unsafe incoming services which attacks the authenticted uses Tt also protects the
network fom various types of TP address spoofing and routing treats
5, Firevall is minimizes he burden of security management services
4 Firewall handles security related issues by staring sts and audits onthe firewall system.
Fireall provides a welled platform for caring out internet fncions Uke network ess
translation, network ecuity management
5, Willen brit about VPN.
Answer:
‘VPN technique wd tet connestion oa rate network via pbc network. nthe wd
YPN isa network thats constructed ereting conection ta eve econ By sing publi network, Her
private network refers oan itera network of an organ and public network eer either IntemetoF&
‘Shared public network provided by service poids.
VPN is one ofthe most commonly wed option by the mobile users to establish connection 10 their
corespondingcomporate networks. It wes ny coectivity options that aeady exis in a WAN for assessing the
‘ote networks ina lexble clinble and costeflctive manner Practical, VPN enhances the services of WANS
itout compromising on daa security
6, Us fve Features of PTP VPN.
Answer Model ropert ab
‘Some ofthe primary featues of PPTP ae as follows,
(i tesupports VPNs that make use of dsinet protocols ike LTP.
(G_tewas built onthe basis of Point-to-Point Protocol (PPP) and Internet Protocol (IP)
(ii) ttean work with the most popular network protocols namely, TCPAP, IPX/SPX and NETBEUI by a
rathod called tunneling.
ie) Itean operate at Laye? of OSI reference mode
(0) Itperfomns user authentication by Microso Challenge Handshake Authentiaton Protocol (MMSCHAP)
Jnbrde o grant acess network rexoures,
G7. What is PGP? List its operational description.
Answer:
PoP
ety Good Privacy (PGE) i secre mail proiool and a hybrid eryptosystem Ii msn ed in
electron Dall and fl storaze applications asi provides basic confidentiality and authentication services.
Operational Description of PGP
“The operation of PGP comprises ove serves wih respect tomanagement of keys. They area follows,
1. Authentication
2 Confidentiality
3. Compression
4. E-mail compatibility
5. Segmentation and reassembly
‘cyber sECURTY
(G8. "What isthe purpose of MIME Transfer Encoding? lst any three ransfer encodings.
Answer:
‘The main purpose of transfer encodings isto convert any conten format in suchas way thai
‘Preserved and cannot be changed by any mail system,
Dieent MIME transfer encodings area follows,
(0. 7-bit it indcates that no encoding technique has ben applied andthe data represents sor lines of
‘ASCII characters. This form s se for SMTP tase,
(Gabi einicstesthat no encoding technique hasbeen applied andthe data may represent noa-ASCIL
characters (ie, ees in which high order its st) with sor ines
{| 62a minors tw ding wt tbe ple De ay went nov
arate andthe lines mayo esr.
9, Witle in biel about Secure Socket Layer (St),
Answer: Mode epee 6
‘Secure soket ayers a protocol developed by Netscape communication o ensure the security of ta
tranamisson ovr the internet SS. as ben universally accepted ara provider of secure data communication
between web browse (en!) and web server though HTT, LDAP or POPS application layers transom op
‘of TCP and IP layers to enable services forthe aplication lye. These services help higher layer protacls
Fsuchas HTTP, LDAP or IMAP tus SS. functionality. The purpose of SSL. design eto use TCP as con
munication lye to provide a reliable end- message t,he calculates the MAC using the
Where,
K = Shared secret key
= Input message
‘Message Avthentication and Confidentiality
‘When enerypion is performed a message ca be.
‘of providing messae autheaticiton an confidential,
1 Performing enerypton afer the MAC algorithm,
2. Performing eneryption before the MAC algorithm,
ach of the above two metho requires the use of wo keys K, and KK; isthe eee key used
MaCalgothm de kes dnp sd deropsa pe Ke a
between the senders the receive.
“@PSIA PUBLISHERS AND DISTRIBUTORS PVT.LTD,
made authentic and confidential. There are two Wa
hy and Network Security
performing Encryption after the MAC
+ (C Algorithms I this method n=
tbekey K, afer coneatenating the input message with the calelated MAC value °C” wing Key K for
Figure: Mossage Authentication ond Confidentiality
2, Performing Encryption before the MAC Algorithm: Here, the encryption is performed on the
message using Key "A." then it is constenaed withthe calculated MAC function °C" using key "A,"
forthe ciphertext ofthe message,
00
(8,001
igor: Message hutheteton
(Hash Function
Aah function bulls «“ingerprints” of message or file or any other block of data. The following
reqtements are essential to achieve message authentication using a hash funtion,
1, Variable length data locks
Fixed length output
ase of computation
(One way property
‘Weak colision
6 alison exisnce
1. Variable Length Data Blocks: Applicaton oash function ‘4 must hae no resrition for diferent
Watle Length Dota Bloc: Ay hab ton ono pve menage anton
2 FhedLengin Output Ouptofakashracton Hsu ves eng isa pcialy
Fare Oates opie mex aubenicatn
4. ase of Computation: Te computation of Hs) for any give shouldbe easy in ode to make
Save of Computin: Te ons me Wises praca wey fash cine
ta provie mesg abet.
4. one Way Property: The computation performed on x such that Hts)
Seay Freee eta Tle prope call one ay prope.
Vick Coane hu conpunion pone nr evs fray ghen vite of 12
Meck ofton: Ts cmt pe impccaTaiow le prpem iri ea
calles
Song Coltion Rsslance: The compton prfmednake eva p(y) 2a
Fare colon eacea, Theoret rteelton wea colon The oper =e
Cae con ovarr on wack called bith wack
or any given value of
ON pw
CYBER SECURMY
ma Sans aa a
Gael way RE poe ANNE Rag eng eens
ba gts om cee ih wee por se een oy
sare nltcnfancagan nese Tiss peel ie eh etn
Poa MR ta ie een, tie cer ete ner
teanenson obtaining the message M. Affer this, the intruder can easily Ti Aste
San Puneet ate net wb tcimonrgnmi Shs OD Ark
Facer ean ktiad Sc However sot sent fr in he Fove Sy
Hos)
sot exit ny second messgs bashing tae
vet olson propery rossi tthe des nt exist ay ~
sone vale Ast enone ca serena mestage nile sng. encrypted hash oe.
Figure Hah Function User
From the figures, it can be inferred that the intruder dows nat have secret key, bu else can ceri
‘ad the ransmission line ands algo able to generat is hash code, But, duet the sbscace of seeet ke
‘ntrade cannot alter the message. On the other hand, ifthe property was incorrect the intruder jo would
simple tats sere can easly interrupts the tansmission ine ean gan access nt only tothe neem
slsotts encrypted hash code, And later shee can deeypt the hash code rom the mescape, realy
's successful in creating an altratemessnge which has same hath code Thus, to avoid epietion chimes
wih same hash coe this propery salva useful 4
4217. Explain in deta about simple hash unction.
Answer
‘The simple hash funtion an ther hash funtion operate under following basic principles,
(Tre inpu message consntng of message eet, x considered asa sequence of bt blocks
(3) Tne input in th ash-fantion i processed in an interactive manner. block by block one 8"
504810 obtain an bit hash funcn.
‘The biby-bitexclusive-OR (XOR) ie
inputs XORed ity is expat oo
1,974... 87,
bit ofthe ash code hat ranges from sas
‘m= Tol uber oft blocks in the ipa
= it wii bck
B=XOR operation,
eardedas the simplest hash function. Here, every block of
‘QIB. Explain in detail the concept and
advantages of digital signature In
‘computer secutly.
Answer:
Digital signature
A digital signature is one of the methods
of encryption used to provide authentication. The
tain Intent ofthe digital signature isto protect the
fiom modifiatons. thas gained
network secu.
Tn addition toa digital signature, i is a kind of
asymmetric cryptography used t0 encourage the
fusity properties of handwritten signatures on
paper. Basically, digital signature scheme provides
{vo algorithms, one algorithm i for signing which
requires the wes seeet or peivate-key andthe other
grim is for verifying signatures which requires
the user's public-key. The reslt of the signanure
proces i called the "ig signature”.
Advantages
(Reverses the sthentiity of signer and also
the authenticity ofthe message
i) Wereveals out any altraton or tempering (iF
performed) on the message
Gi) 1e provides a high degree of assurance and
doesn't require additional resources Tor
procesing
QI, What are the three algorithms inctudedin
dial :ignature scheme ond the methods
Used for creation and verification of
‘gio signature? Explain.
Answer
Algorithms in Digital Signature Scheme
“he slgrihnsin dg sgn hasbeen
tsi io eae the autenciof nese
dees tot permeation aces overs mesage,
‘These algortns re wed bythe senda and recent
sosstogenctecgtal spn nthe menage tad
‘ove he ashen ofthe signaue ropes
Bothsnder andreas apie pesos
which wed for peroming sigur genenon
suivante he aloes he
lors ned wiht dil Sinaune
1. Keygmertion agri
2. Sizing lori
Signature veritying agoritn
CYBER SECURITY
Key-generation Algorithm: Thisalgorihn
js used for generating private key and jt,
corresponding public key
2. Signing Algorithm: This algorithm generate,
4 digital signature as output by considering
message and private key a input
Signature Verifying Algorithm: This
gorithm verifies the authenticity ofa signature
by taking combination of message, public ey
and digital signature as input
‘Methods for Creating and Veritying Digi,
Signature
‘The following are the two methods that ae
most commonly used for creating and verifying he
digital signatre,
1. Publi and private key approach
2. Hash function approach
1. Public and Private Key Approach
In this method, the signer applies the key-
generation algorithm 80 as to generate public ané
privatekeys.Thesignerereates a digital signature fic
message that ist be tansmited using the prvae
key, This signature is used by the sender 80 45
encrypt the messape. The enerypted message aloes
‘with digital signature is transmitted tothe receiver vit
the network Aer receiving the message the eee
verifies the authenticity ofthe signature using the
Public key. Te advantage ofthis method is that a
Intruder cannot forge digital signature even ifpabl=
key of a signer is known. Though the intruder < eeeivey, >
Compressed Ky
BOD atk
Dede
ie
Ku--B Desempesed
Figure i: Showing Confidentiality Only
Confidentiality and Authentication Services
‘These can be used together to send a confidential message to an authenticated person. For this the
sender to sgn he meteage with its own private Key and then enerypt the message with asesion key. This
Js further encrypted using receivers publi key.
: e cyser SECURNY
everte Hash Code
Contdentialty
Figure et Stowiag Authentication
3. Compression
‘Themessagesthataretransfemedo stores. local lear compressed by PGP, by deftul.Itcompreses
the message ater signing but before encryption.
Advantage
{Less amount of storage space is needed for transmiting e-mail and for storing files. I is preferred iy
compress messuges afer signing in order to make the future verification easier,
4. Email Compatibility
ively compact and the plain te
at message is compressed.
Segmentation and Reassembly
UNIT-4 Cryptography and Network Saeurity =
7 Metage Component
contin the eta dt that ie
ues the tine of ation,
3. Slanature Component
contains he following componens,
‘Testamp: I defines the ime at which the signature was done
0
Message Digest: Iis formed by creating 160-itSHAI digest and then encrypting i with the sender's
rive Sipotre Key. The digest is determined using the signature timestamp aon withthe messaze
‘Semponent’s dat portion. This tnestamp is inladd in the digests that ts saved fom aac ike
“relaying. The tinestamp and ile nme portions ofthe message component are not inl inthe digest
‘ensure thatthe detached signatures are sme as that of thatched signatures prefixed to the mesage
leading Two Octels of Message Digest: A recipient can deternine whsther he public key that hes
wing to decry the message gst is appropriate fer authentication purposes, He can compare the fet 80
sets of he plain ext copy with the fat wo ott ofthe decrypted digs. These octets can also be used
as 16-bit fame check sequence fr the memage
(0) Key iD of the Senders Public Key it describes the pubic key that a recipient should we to deeryp
te message digest. Ths, the privat key tat was wed bythe sender to eng the message dies i alo
deserted.
{© be sored or ransnited along with fle name ad ime stamp that
Zip sued for compressing the message and optional signature component which were eneryped using &
session key.
Session Key Component
contains the session key and the iene forthe recipient's public key tht was used bythe sender for
seson key enerption. Generally, Radia-6t encoding wed fo encode teenie black
Figure below shows the general format of PGP message
= (sn ey Ente). +
219 Camper aertin)
pEpznres
gee PP Muesge Fm
®, ow the messoues are geneoled and rnsmited in Fey Good Pivacy (GP) pwoioca?
Explain wih cle grams
seer:
'$? Message Transmission and Reception
Th evs tht rove by FOP nary union one, competion nd emai
‘spay plays a crucial olen the transmission and ecption of PGP message, The vlatiouhip amo
‘ese evices ean be known during the PGP messaye transmission and reception,
Wenng erator ono ra ERMINAL 2 Anon nd aly LADLE w ac LEGAL pCa
waa
CYBER SECURn,
Sender A
r — Goin, Na} Cone a
; S|
You might also like
