Sylzm � S=fer- 7

�d; --Analysis by Topper's Solutions Team -­

Sys tem Security)
_ (�-ptography & LA 5:" ll!',LTE PP.EPAP.ATIOS:

Er.gine-:rin;; i� c1 :,,otoriously der.:iandJlg field Clf s :.:d� • .Z..:::ig wc.c-c» • in e:o�--i: t."XaW'\
rt."!;'"_,re!$
a�·stematicand foc;used aPJ]roach. ino,Ce.:oc',.(1"e:l,youwiil,..eedwlttrc?:.o-,,,. tr.,�•ro:-h:
s.t.mesttr exam in cnginttrlng.. Ha\'C Y<Y'.J !!a\e a!!'e:ady gin.n up th!Ilkir:1,. "Vtlut the h.e.U J can do
11 B
at this moment? TomotTOW L,:: ex.am!· Thi:::ik .1pin! You a.r� � srud,e,:;t u last ru.;f::
21 17 �l.;<�J'!i" are e'\·ery eng.ineericg: studrot"5 epitome.

39 17
... I ?--� ;:,y em,<.,;s,.# •we�� aN k;Jown for our crMfivff_J•
I
54 13
u:,�;,hk H.i<b Fu::ctio-...s p. : v;cny �ntireToppcr's Solution.s Team is •,-.·orking o...:: for bm.ermmt of ibdt:c:.s.. H� ur:
... I 65 14
oome techniques abcnn Cryptography & System Security (CSS) Subj,ert.

79 Zi
Ho·w to score first 50 marks:
% 30
Study anv 11n .. of the bel"" set an d tnaU: s-Jrl! yoi.: Qn f!3rily attempt any,;-�� f:oo b,e:;c..-w
12.; 5 �b:ipters included in particular��-....

i� Ch.2:pte.r Sa.me

O[C-16

__,
f-- ------·----t-----------1

05 !O
I
1'5 15 :o 15
I w 15
J Public Iv!\ C.rypt;;,::aph,
7:J 15 2� 30
I 10
)
ll

QS lO 15 15 I JO 23

(1 l:, .5 rn
! ;?r, 2;

15 :3 :;5. 10
l 30 15

40 ,n :co 35
I
I
25 ,n --i :.:o

05
-\--
I so
2!, 60 �c ;o 1J
__j

musolution. in Scanned by CamScanner

 ro~peri So/,
i ·Au/.&¥1h%:16•*/.Ji

•
/I

---
I

.---
II
- ---
111lowi11µ, :\ clia ptcr5.

-
---

Chapter Na inc
W<:ightage (Marks)

I 1n1rod11ction
8

2 Basici of Cryptography

Secret Key . h 17 / 13
Cryptography/Cryptographic Has
:3/5
Functions

Nole: If you wmit to score good marks, study ALL Chapters.

Please Note: The Above Analysis is suggest by Topper's Solutions Team. Don't be
completely dependent on it. It may change as per University of Mumbai Guidelines.

Copyright © ~016 - :rn18 by Topper's Solutions

J\ll r!gl:u; re-served. Nci part of this puhlicati cin .

. . . may 1)e I '!prod uced, distrib d . ..
01 b} ,111y n w.1 115, 111cl11ding photocopyi , .. Ute , ortransr:11tted 1n any forr.i
. . ng, rernro1r.g, or other ele t . .
the pri o;· written permission of the publish" , . c ronic or mechan! cal methcds, v:itho1.i,
. . . ,. . . . . -r, except in the case of 1 . . .
i t:v1e ..vs and ~c:t;11n other non commerc" · 1 . . . )fief quotations embodied in critical
. ia uses p:::rm1tted I
wr11e lo the publd1 er1 c1 ddressed · "Att,ent1on:
. Pennis"' , )Y copyright law · F 01. perm1ss1on
. . reques-, r,
1·
,>10 IJS l<' Or
- mnato •·
Col1 tact No: 7507531198 r, at the address below.

Email II) : S11ppnrt@>Topper~s 1 .

-~- o ut1ons.con.
Wel:si1·e: ·.vww.Top1wrs"oh
- ., 1t·wns.cnrn,

-usol ution. in Scanned by CamScanner

 CHAPTER - 1: INTRODUCTION
()c I 01wrnting Systl•m Sl'curity.

.Ans: [5M - Dec15]

SECURITY':

1. Security rt•fers to provid ing a protection system to computer system resources.

2. Resources c:rn be n CPU, memory, disk, software programs and most importantly
data/informati on stored in the computer system.

OS SECURITY:

l. Oµ eratin g Syst em Security (OS security) is the process of ensuring OS integrity, confidentiality
and availability.
2. lf a L·0mputcr prog:·am is run by an unauthorized user, then he/she may cause severe damage to
rompu tt: r or d:'lt:l s tored in it
3. So :1 computer system must be protected against unauthorized access, threats, viruses, worms
;md m:1lw:1res.

ent
Figm·e 1.1: OS Security .

60ALS OF OS SECC!{ IT't':

I) _confid e nti ;1lity:

► It is th e ht.'st s ecu rity µc lic:'·
► It :1ss ures ttwt d2r:1 i~ accessed by ,;uthorizcd use r onl y.
II) 11.1_!.~gri ty:
~ It ens ures rh:1 t th ~ d:1 t:1 r ece:ved by the re ceive r 1s 12:-.:actly s::: mr as t!w d210 ;;;end t~y send er.
',, The d:11~ sh ou ld not he rnod il1e,l by any unautli u,·izl'tl e nt 1t _l'.

► It t' i) . m es th,1Lt h1.: d:1t:1 1s :1:w:1ys .1ccess ible/ a•.ta ilablc to a; 1ti10!'"iZ~l1 µ ersc 1,:.
► Wh cnewr .in a uthori zed sys tem entity dema nds for s~ ste m ,e. tir re, i~ mu~ t be .tC es s ible am!
usable at :1ll times by h im/h er.

musolution. in Scanned by CamScanner

 SemMhr-7 Toppt-r'i tti;;J~"z ,,w,
f I 9nfrolucfion . ----;_
. d ecify mechanisnts to archive each goal.
Define the goals of secunty an sp
. anisms to achieve security.
List with example the different mcc11 • •

[Q 2 I 5M - Dcc15] & [Q3 I sM-l\fay16l

Ans:

Note: For Q3) Refer only Security Mechanism Part

SECURITYG.OALS:

I) Confidentiality:

► It is the best security policy.

► Confidentiality assures L,at data is accessed by authorized user only.
► No unauthorized party can have access to the data.
► Accessing data means to read, to print or just to knm.v the existence of data.
► It is a lso called as secre cy or privacy.
► Confidentially ca n be achieved by means of encryption, so that ever. third party gets access to the
message, they cannot reveal the exact meaning of that message.

► Example: Figure 1.2 shows the example of Con fidenti:i li ty. Consider tha t A & E wants to
communicate with each oth er. When A sends a messc1ge "111" to B, only B should rece ive it. Only
then confide ,1ti3lly is maintajne d.

A B
(Semler)

l _
_...__
(Attackei·)
_..__,

Figure 1.2: Exa:nple ofConfidenti;:ility.

JI) integrity:

r in teer ily ens ures lhat the data received by the r~ceiv e r is exactly same as the data send by ser. de r.
Th e dnta sho tild not be modified by ariy unauth o ri ;~ecl entiry.
Only a•.1thorized entity or perscn shot.:ld he ..i o:e to modify or update the datci.
,. M0d ification mea ns modification of cia r.1 through ii1~ertio11, deletion o r replay of da t~.
In te grity can bE: achieved by using checksum or hashing methods such as MDS, SHA-1 & Tige r

Hash.

musolution.in Scanned by CamScanner

f I 9nfrolucfion .Semufer-7 Tof1(1er1 .Sofutlom

Ideal Route oftbe message

,\ B

(Sr11,l r r)

Actual Rout&

[Attadlar)

Figure 1.3: Example of Integrity.

Ill) Ayailabi)jty;
► It ensures that the rlata is always accessible/ available to authorizE'CI persons.
► Whenever an authorized system entity demands for system resou rce, it must be accessible and
usable at all times by him/h er.
► The informcJtion created and stored bv, an organization needs to be ava ilable to authorized
/
entities. Information is useless ifit is not available.
► Example: The situation c.rn be difficult for a banh: if the customer cou ld not access their accounts
for transactions. !nte rrupticn puts the availab ility of resources in danger.

\'

A B

D (Sen~er) (Re-ceive r)

Figure 1.4: Example o; Availability.

SECURITY- MECH A N!SMS:

I) Encipherment:
:,, This is hidi ng or cove ring of dc1 ta which provides confidentiality.

1• Ir is also used to c0n!ple111 e:·1t '.lther rne cha11isms to i: ro virle other se:·v ice;,.
► Cryptography ,rnd Stego nography arc used for en.:iph erin g.
H) Digital Integrity;
,. The data integ rity mecha ni sm appends a shorl' ched: value to the d:1 ta tin t ha:; ueen creatf'.d by a
specific process from the rlata itself.
,.
111) Dir;:ital S:i:naturc :
-,. A digital s igna tu:-e is a mc;ins by which th e !:e nd er c.:111 clr.c.tronic.iiiy sign t!JP i1:1ta :in:! t hP ~eceiv':'r
can el ec.tronically verify tlw s1gr.alu:-e.
► Public and pri',ate keys ca n bl! U!:ed .

musolution.in Scanned by CamScanner

 , \ 9n{ro/uclion
t\.u!MDlicatiou Excilllll~ I" ve their identity to each other.
lV orne messages to P· o
I •
In this tW<' entities exchanges .
ru.ffic Padlljn~ d . to the dota troffic to thwart the ad
V} . e bogus ata in • versa"'1
Traffic padding 111e::ins inserting sol11 ·1 s
►
attempt to use the tra ffic analysis.

Vl) Routing Control . .

. cusly changing d1fferem . available
. routes b
Routino control means selectmg and conunu . etween
► 0 t f om eavesdropping on a particular route
sender and receiver to prevent the opponen · r .

VU) Notari'zatio n;
Notarization means selecting a third trusted party to control the communication between two
►
entities.
The receiver can involve a trusted third party to store the sender reg uest in order to prevent the
►
sender from later denying that she has made a request

Vlll) ~sControl:
Access control used methods to p rove that a user has access right to ·L he data
c or reso urces owned
►
by a system.

► Examples of prcofs are pas~words and P!Ns.

Give examples of replay

· al.tacks
· · 1~1· s t th ree general ~ ) 1. l ~ • . . .
replay attack~ · l=P nae h::S .01 dcalmg ·with

Ans: [5M-May18]

REPLAY ATTACKS:

1. Replay
•
attack is also \ nows a('~ phyb
< ack attack.
2. It, ., tyµe of active security attack
3. Re play atta cks :ire the nenvo r,, ,. :it,.:1c.ks
•· .
in 'Nhich a -
11
sende r a.nd receive r a,1 ct ta 1,cs the authenticatE;d ., dttacker SJ)les
· tli e wnversation between t~e
1
the re.-:e1 \'e r wi th that key· 1. fo:-m a ti on e. -~-s11;-i nng
. key ;:1nJ tr.en cor.~act!O
4. In replay attack, th e attacker .
gives the. Proo• f l . .
.). Rep b y i!aacl, i~ l1l1 e o f the I , . . D .11s ldentil:'y d
. o .ver t1e1· Vt: i an authe t ' · •
5.
in Replay Ar-ck • rs on s of a''!\\ . . n ,ci.y.
'" 'ar. ::i tLacker ca t . an in the ' . •
p ures d)e. datc1 ~ •
-•
Fio1ire 1 s i.-uduie atla ::k"
., . . c.na rr>·
-Ll.a ns n1 itt; • . .
· - lt ,i fte r s0 rn e delay as sbo,\·nif.

A scncs Rs. 1, u~.ooo to B TI

irough an .
An Atta cker r:i ptures this tl t on li ne trans1n. .,
a a and (;ends , . iss,cn.
,taga1 ·, f
· • d te r r
- - -- - - -- : : : : - - ~omp rl)lle to 1• 1 0 llu cc un,rnth orized el·rec tS
h . •

Hwe ,, of-=----
J ..,. 134 -- --- .,,.,

• musol ution. in -:a:dbyC:;canner

 f I 9n/roducllon .Semuhr-7 rfo(J/l'" 1.Sofuliom i·Muf·MPFA,,,t\,JMN

A n
(S<-udrr)

C
at.er somt' time
(Allarlu,r)

figure 1.5: Example of Replay Attack.

GENERAL APPROACHES FOR DEALING WITH REPLAY ATTACKS:

I) Attacb a sequence number to each messaee used in an authentication exchange:

► A new message is accepted only if its sequence number is in the proper order.
► Difficulty with this approach is that it requires each party to keep trar:k of the last sequence
number for each claimant it has dealt with.

► Generally not used for authentication and key exchange because of overhead.
II) Timestamps:

► Requires that clocks among the v:irious p.:.rtidpants be synchronized.

Party A accepts a message as fresh only if the message contains a timestamp t hat, in A's judgment,
is close enough to A's knowledge or current time.
Ill) Challenge /resiJOnse :
Party A. expecting.:. fresh mess;ige fr om B, first se nds S a nonce (challenge) a nd i·equ ires thal the
subseque nt message (response) received from 1:3 cont,iin t·he correct nonce v.i lue.

Q5] List and explain various t)1lCS of attacks on encrypted message

Ans: [5lVI -- l\lay1SJ

CRYPTOGRAPHIC ATTACKS:

J. Att;,ci< is the ac~ion which exploits tlie vulnerability of system.

2. In cryptographic attacks the bas ic inte r. tion of a n 3ttcicker is to break a cryp tosyste m and to find
i.hc plair.text from the c:iµh ertext.
3. To obtain the plaintext, the attacker rJ11 ly 11eeds to find out the secret decrypti on key, :is Llw
aigoritlim is already in pulJlic clon:c1in.
,'J.. l! ence, attacke r ap p!i es maxin.ur11 effort tow;;; rds findin g out the sec·et key lJ S l' d in the
r.rypcosys tem.
5. 011ce the ,,tt;-icker is ;iblc· to determin e th e key, the c1ttacked system is cc nside red
as broken or compromis ed.

musolution.in Scanned by CamScanner

 1 J 9ntrotlucfion
<Topper 1.So_
--
fufin>i, .

I) Ciphertext On1y Attaclc (COAJ..;. . , .( )

. et of c1pnertext s .
ln this method, the attacker has 3ccess to as
· P1am
acce<"S to corresponding
h , · t ex t ·
► Attacker does not a .re ~ d. ·ntext can be determined from a given set
1
COA is said to be successful when the correspon mg p a1
►
of ciphertext.

IJ 1<1!.0WU PlaintextAttack [KPA): .

• .
pa .. ts of the c1phertext.
ln this method, the attacker knows the plamtext 1 or some •
►
The task is to decrypt the rest of the ciphertext using this information.
►
► This may be done by determining the key or via some other method.
The best example of this attack is linear cryptanalysis against block ciphers.

III) Chosen Plaintext Attack (CPA):

► In this method, the attacker has tl ,e text of his choice encrypted.

► .So attacker has the ciphertext-plaintext pair of his choice.

► This simplifies his task of deter-mining the encr;ption key.

An example of this attack is differenti;i l cryptanalysis apylied against block ciphers as well as hash
functions.

IV) Di.::tionafY Attack;

This att;ick has many variants, all of which involve compiling ;i 'dictiona1 y·.
In simplest method of th is attack, atta cker builds .:1 dictionary of ciphe r texts and correspo r.di!lg
plain texts that h e has le;i rnt 0 1er a period of time.
1

In future, when an atta cker gets th e ciphertext, he refers the di ctionary to find th e corresponding
plain text.

Brute Force Attack (BFA):

!n t his method, the attacker tries to determine the key by attempting all possible keys.
► lfthe key is R tits Je ng, then th e number of possible keys is 28 =- 256.
The attacker k.101,vs the ciphertext a;1d the algorithm, r.ow he attempts 2 1; the 256 keys on e by
one for clecryption.
The time ~o complete the a tta ck would be very high if the key i'i long.

vo Birthday At::ack:
/, bi rthde1y a tt:ick is ~1 i:!a-;s of brute for ce ,ltt3ck used ag;:i i nsl h;:i;; h 1nr.; f•.11: ·ti 0 n!:.
► It is haseci on the "birthday paradox"

Thie; states tl.;i t in .i grouµ of 2:3 peo pl e, there is at least 2 50% proh?.bil1ty that at leas t ti..vo peunle
will share the same birthday. '
ln <-1 group of 60 people, th e probabiiity is over 99%.

Scanned by CamScanner
 IA11 ·# ?Hmll.JMN
f I 9nlroducfion .J~me.rler - 7

VII) M.n1Liu..Mllld.l!LJUta\:lt!MlMJ i
,- The targl'IS of this nltack are lllOstly p11hlk l<1•y cryptosystcms where key exch..111ge is involved
before wn1111unlr:11l1111 t;1lu·s pl:1, 1•.
:.- llos t t.. wants to con11111111lc:1te tn hnsl ll, he 111·e rcqul'sts puhllc lrny of □.
► t..11 nttackcr lnterct~pls this req11rst :rncl sends his pullllc key instead.
:;.. Thus. whntcver host A sends to lwst 0, Ihe :ittad:cr Is able to react.
,, In order to mnlnt,1ln communication, the attacker re-encrypts the data after reading with his
public key :rnd sends to B.
► The :1ttncker sends his public: key as i\'s public key so that D takes it as if it is taking it from A.

VIII) fillk_Channcl Attack (SCA);

► Side channel attnck Is .used tLi exploit the w1: almess in physical implementntion of the
cryptosystem.
► Side chnnncl o1ttacks are n type of attacks based on implementation details s uch as timing, po\ver,
and radlatlon emissions.
► ny carefully measuring the amount oft ime required to perform private key opcrnlions, ;1tt;1ckers
mciy be able to find fixed Diffie-flell,11;111 exponents, fn ctor RSA key!;, ;111cl bre:1k other
cryptosysterns.

IX) Iillli!w Attncl~

;;., Timing attack exploit the fo ci tlrn t clilferent rn n1p11t all1rns tnkc differ ent tin1cs lo rn 111p:1tl' 011
processor.
-,,. By mensunng ;;uch li ml ngs, it· b he pos:-. ilile In lrnt ,w :i 11 011 l :l p.1 rl irn l:1r t:l)l1llhll :i t ion l lw pr, H' l'S::o r

is carryi ng out.
For example, if the encryplio n t;:i l<cs ;1 l011g1! 1· ti111c, it i 11 d lc:1tcs th :i l the secre t lwy is I011g.

X) Power Analysis Att~

These attacks are s imilar to liming ;1~t:1rl,s L':O:L'C lll tlln l the ;1111nu11 t of pm 11' 1· rn 11s111 11pt io11 Is IISl' d
to obtain in fo rmati on :ibout th e nnl urL' nl' tlw 1111d erly i11g co 111p11ta tlo11s.

F,llllt anaiysi:; Attac!i.£

,.. In these attacks, e rrors are induced i11 1l1c cry;1Losyste1 11 :n1d th e .:i tt nclw r stuclie,; \h,· r~•s 11lt 111g
outp ut for useful informa1.io1 1.

- ------ ---------

musol ution. in Scanned by CamScanner

 ✓ ) Security Attncks.
,\11s:

SECURITY ATTACKS:

Attack is the action which exploits the vulnerability of system. . .

1.
2. . 1 . r
Security Attack is a method or technique tlrn t v1 0 atr.s secu I'ty policy of a system or org;:i111zat1on.

3. While transferring an information, att.ick may occur.

4. This attack may be either active or pa!:sive.

Sncurlty l\tt:,ck

1
Pasdve
l
Active

l l l f
n.,pJay
I
Modifica tion
l
0Pnl'11
1'-1 cssag e Content Altaclc o (M esaago o(Se1-vlce

Figure 1.6: Types of Attacl<s.

PASSI\'E ATTACK:

1. In Passive Attack, an a ttacker just obtains <1 11 information being trn nsmittcu.
2. It does not alter the message.

;J Release of Message Content:

;.... This Attack disclos ~s th e message info1mat iCJn.

:,... It may happe n th rough various ways s uch as: Listening to teleph o ne co nvcr~ati o n, access ing e-
ma ils or observing a tra nsferred file which may co nta in sensiti've in fo rmat ioP..

11) Traffic Analysis:

► In Trnffic An alysis, an attacker observes th e netwo rk traffic: an d tri es to '.l naly;;:e ti e na tu:-c: of
1
communi catio!1.
:;... Encrypcion technique is used to prevent ..fraffic Analysis.

ACT!VE ATTAr.K:

Active Att;ick is an Attack that rncdifies th e original Message.

i) M~queradc;

This attack occurs when uria11thom:ed Ci1 ti1 y pretends r0 be a?1 au~iw.-,zetl C:~ ! i t y.

ThJt is a n attacker takes J n identity of somE-one and acts on bch.1lf of them w ith out th e ir
knowledge.
--

musol ution. in Scanned by CamScanner

 f I 9nfroducfion SemMfer-7 'Toffor ', Sofufiom
IA,,i·#¥di•J,,,21,,mn
► Phishing is one of the variation of masquer.1dl!.

[D EJ]
C

(Att>rkn)

Figure 1.7: Example ofMa!iqucradc.

11) .Replay Attack;

► In Replay Attack, an attacker captures the data and rctr.111s111its it after some tl elay as shown in
Figure 1.8.
► Example: A sends Rs. 1, 00,000 to B Througl1 ;rn 011Ii11c tra nrn1ission.
► An Attacker captures this data and sends it agi:lin after some time to produce unauthorized effects.

H,·pl:I\' s :1111t, lllf>Ss ;11:o ;:tS A

.1 ftf 1· SOllh.1 lh,1,:-

Figure 1.8: Example of Replay i\lla ck.

III) Modific;ition ofMess;:i~cs:

,- In this technique, an attacker tries to modify the mes~wgc.

,,. This 111od :ficatio11 may be in terms of 111,~ss:1gc.: c1 !t~r.1tio11, cl e!:1y c,r reu rdc ring.
,- Ex,1 :nplc : If th e original messace is Tr.in s fer n.s. 1, U0,000 froil, A to 13, il may be n1 odifit..:d rr,
'fran'>fr r TT5. 1, 00,000 from A to C.

rT::IL_
1......______Lf

Figure 1.1): M1t1lif1ca1ie11 of Mcss:1gc.

musolution.in Scanned by CamScanner

 f I 9ntroluclion ~~-----tfi-=-o/'i...!...~-er__!~ •••
~~---------
most })cniill of S~r.vlcc ·1·1bility /\ttad{.
. . . I I nC'wn ;.,s /\v.11 •
De111al of Service (OoS) 1s n so < . - t , communication facilities or ,
',,
. . . •Lting ;icc.:ess LO ':,Y':. e111 resou~ce
It prevents a t1thorized users fl Olli gc .1 r by overloading it with s.
d' bl'ng
1
the netwo1 co :nessa
It may disrupt the network either by isa ge.
•ffi It to prevent.
Active Attacks are easy to detect but dI icu

- ------------------
(,l:-\] S e curity Services
Ans:

SECURITY SERVICES:
1. Security service is a service that enhances the security of the system or data transfer.

2. They are intended to counter Security Attacks.

3. Security Services make use of one or more security mechanisms to provide the service.

4. Figure 1.10 shows the Categories ofSernrity Services.

Security Sc-n•ices

Aut)1e11 ticntion
I
'D.•ta Confidentially
i I.,
N o11-rep11diation
I
l
A.c:ce .'i!: C;i11tTol

Figure 1.10: Categories oi Sect11·1·ty Se rv1ces.

.

I) Authentication:

,- lt ellsures that the communicating en•·t . l

Ll y is t 1e o ne cbimecl.

11) Data Confidentially:

·,. lt protects the data from unauth orized ct·1sclosure.

.
:A, P a ta Intecritv:
,, It a~sures that :.lata recoivecl -::-.as
•
~ 1 sc nthy an atHhori z.c 1· .
• l ent1h,
IV) Non-Repudiation : · 'Y ·

:,, It protects .:ga insr• Denial\-" une 0 f t],.e pan1es

1 J ., . ·
1n aco
-1 1
I V) Lli.~ss Control; nmunicatiQn.
I
ll p:-e•1ents from authori ze I . .
, c l1-;e; o l a r e~ Ol' .
' ,I LL' $

P,~
C1_Jefoof134 - - - __

mUsOIUti On .in Scanned b--=-:

y Cam
~Scanner
 d ·1¥4Vi,,,ei,i~M

CHAPTER- 2: BASIC OF CRYPTOGRAPHY

QtJ Define the following examples:
(i) Substitution cipher.
(ii) Poly-alphabetic cipher.

Q2] WitJ1 the help of suitable examples compa1·c and contrast monoalphabctic
ciphers and polyalphabetic ciphers?
Ans: [Qt I 5M -- Dec15] & [Q2 I 5M - Dcc17]

SUBSTlTIITION CIPHER:

1. Substitution cipher is a method of encoding by which units of rlaintext are replaced with cipher
text, according to a fixed system.
2. The "units" may be single letters, pairs of letters, and tripl e ts of le tters or mixtures of the above.
3. The recei ver deciphers the text by performing th e inverse suhstitution.
4. In s hort, in Subs titution, one symbol/letter is re placed by ;mother.
S. Subs tituti on Cipher can be divided as:

I) Monoalph abetic Cipher:

► A characte r i:1 pbn :ext is always changed to the s am e ch;cir;icte r in th e ci pher t exr regardless of
its pos it:on.
► Exa mple of this is the Ceaser Cipher v.rhich involves r e pl;i cing each le tte r of the a lphabet wi th
th e le tt e r s tandi:ig three places furthe r dow 11 the alphab et.

Plain Text j a b Clo

I I
e If g ih i Ij k
!' I' I'
---+- - at-Q[ h-1 I
I !lll ll iGI p q
ti V w X y z

Cipher Text jo
i I
1
E F G H II
I I J KIL IM N
I '
R
I
T u Iv w
I I
X y
I
z A B cl

P!ain Text: Vi VA Ins titut e ofTechn ology

Cipher Text: YLYD LQVWLWXWH RI WHFKQRORJB

II) Poiviilphal.>etic Cipher:

;... In a r oly;i! µha t e ti c cipher, multiple cipher alph abe ts ;i re usect .
A po:yzii~•ha be tic cip her uses a r.umber of c; u bs ti rn tions a t d 1ft't' re1:t ttr~, ? ~ in the me:"s;ige
In p0lya lph ;i beti c cipher, r ela tion ship ott\•'.'ee n c!1<1 r?. cte ,·s in p::un '.ex t to a rhM:1cter in ci1ili,·r
t ext 1:; o,1 e- w -1:1any.
► Example: Cons ider the previous exampl e of Monoa lphah e tic· Cipher , wh er e 'A' is I epbred uy ·o·
a t 4 differ eut places.

- -- -- - - -

musolution. in Scanned by CamScanner

 .semtJtu--7' ______
~opper1 So{ufi,,.,._
___.!....!.... _ _~ -----
~ -

2 l '8anco{Cryfl0jrt1fhJ - - - - - 4 different letters.

· ·pher
'A' Wl·11 be replaced by
If we use polyalphabet1c c1 '

Ker Topµer 19 14 ---

I 15
, ,..
.::i
.,.
17
17
.
I
18 0 6 0 !
$agar .
Pl:ti11 Text
Cipher Text LOYPV 37 14 21 15 21
I

_co1, PARISON:
1 habetic & PolyaJphabetic Cipher
Table 2 1 · Comparison between Monoa p

In polyalphabet1c c1phe1 ther.__ ar p p er

In monoalphabetic cipher single cipher a IPh a b e t
is used per message. text letters for each plain text Jette!"·

The relationship between a character in the The relationsh ip between a character in the

plaintext and the character in the cipher text is plaintext and the character in the cipher text is
one to one. one to many.
Monoalpha bet ic cipher is easy to break. Polyalphabetic cipher is difficul t to break a5

I compared to mono2lphabetir. cipher. I

I A stre>m cipher isa monoalphabetic cipher if the A strea•:•. , ;_:her is a monoalp habet ic cipher if the ,

value of'ki' do es not depend on the positior. of the value u, kt t1oes <!cpe11d on the p osit!on of the
1
plaintext charactei in the plaintext stream. I plaintext char;:icter in th e p!aintext stream. _l

Monoalphabetic cipher includes ad-d-it-iv_e_,-P-_o-lyalphab.°'ic ciph er includes autokey, playfa;r, ,

multipUcatton, affine and rnonoa!phabetic v1genere, hill a nd o ne time pa d ciph er.
substitution cipher.
Example: Refer ex<::mple given a bove.
Example: Refe r· exa mple given a bove.
L - - -- -- - - - - -- - - - -- - ----'-- -- - - -

- - - - -- - -·- - - - - - - - - - - - - -
E:,qJlain ""ith example, keved and ke,,Jcss transpos1·t1• • I
~ ., - 011 c1p 1crs.
Ans:
[51\I ·- 1'fay16J
TRANSPOSITION CIPHER:
].
Tra ns r,osition cipher is;; method of encryption by w11ich ti •. l
· 1e Dos1t1(~ns ie ld by uni~:; o f p!2in te:xt
are sh ifted accC1rding to a regular system su that the cinh . t . •
• · . e t L' X t co11sut1t1.es .i perr:illt.itio'1 of the
plain tex t.
L. That is, lit e r, rdc r of ~he units is changed.
3.. .
Transposition cipher does not s11bstitutc one ~ymuol fo r a nothtr ins te- J ;t c· . . . .
of th e symbols. ct • na .1ge~ t 1le 1ocatwn
4.
Transpos ition Cipher c;in he c!i·1ided J~ keyless a nd keyed trJns posi ti on cipher.

- ---
Scanned by CamScanner
 i-f#efi.#¥4H,,,2ieiU·5
'Topper 1Sofufion,

I) Keyless Transposition Cipher:

;.. It is Simplest Transpos ition Cipher.
In first m et!10d tlw text is written int o a ta ble colum n by col umn and th en rnw by row.
For exa mpl e, to seild th e m essage "Meet m e at the park" to Bob, Al ice writes

The cipher text is created r e ading the pattern row by row.

Cipher text is HMEMATEAKETETHPR",

► In the second method the text is written into t.~e table row by row .ind then tra nsmitted column
by column.
► For example, Alice a nd Bob ca n agree 0n the number of colum ns an d use the second method.
► Alice w rites t he sam e pla in text, row by row, in a table of fo ur columns.

m e e t
m e a t
t h

nt
e p
a r k

Th e c ipher text is created read ing th2 pattern Column by Column.

Cipher text is "MMTA EEHREAEKTTP".

11) Key ed T ra nsposition Ciph er :

► In Keyed T ra ns posit ion Ci rhe,, plain text is divided into grou ps of p rerletermined size called
blocks.
Then it u se a key rn !Jermute th e cha racters in each block sepa ra tely.
Exampl e: Al ice needs to se n d t he message "Enemy attacks t on igh t" to Bob.

Let the biock s:zc be 5.

,. Th e key used for encryptio n and decryption is a pe rmut:ition key, wi11cb sh ows how th e
cha racter!: are per,nLl teG .

K ey:

Encryptio11
_ _ .1._
I
_r-__
-1-
3 \ 1 4 5 _-.-+,- -Z
--+L--2~ ~~:__3_ __.,_ _1 _ _,_ _s_ _,_______
__,
iDec,~t;J

musolution.in Scanned by CamScanner

 J'JaintcKI
r.ncmy a t t acks l o n g h1 2
/e n em y a t I 3 c _k_._s_,_"_"_ _s_h_t_z_
RcllJ row by row
Write row by row
C n C m y
C n I!
a a C
a
k s 0 n
k ll

E
~J I i i i I/·1
tfj 12 34 5
E
Key /\ /\ C T
T A ,\ C T T
T K () N S T K 0 N s
11 l T /,~ JI ! T z G

Head colun111 by col111nn l _ Wrifc coluum hy colum.

~J; I J,'' A Y.·

~
I M /\ 0 T '( C N I. ti 'I' S--zt_ . .
_____ '..:~J . .
I rt,n!( ,n1~s11m
E ., T ,, r-: /\ K : M /\ () T '/ C N zN T s ul
_J

Ci11li;;, lcx t Ciphcrlcxi

flgurc 2. J: Exa mpl e of l<tJ ycd Tr;; nsposf I lou Cl p li e r·

--- ------ ----

Q4J Encrypt "The /w.v is h idde n unch.:1· Lh c doo r " us ing pb1 y fair· c iph c,· with k cyworc
"Jo111cstic"

An s:
f r;M - I )(,:Cl;il

Pl.A'/ FA II? Cll'II Elt

1 1'l,1y Fair Clplw r is 1, 111: ti( t/,e Mulll-lclt<!I' Ciph er,

2. Play F,1/r Cipher 11sr•~ .1 5 x 5 M;i trix of a/plrnlw ls Cfllll i1 i11 i11g i1 l<r•ywMcl ,,r phn .,;1•.
J. This dpli r!r encrypts p.1i r o{ l<!: 1,,,-:; i i:r;te:i d () ( sl r1 gle le:1te r.
4·. It i:; diffic11l1 lo lin:.ik 1Je:c:11ii,£: fn :q111;11r-y .i n nly -.; ;.., does ,1111 wnrk /11 Pl[1y J\ tir (;ip/w r.

Plafl, Tcxl: The lwy Is hidd1n1u11 dr,r :he do()I'.

/Ccy: /)omc:sllc

-------------------
'P".ief 4 of(34 ■ --

mus oIut10n. 1n Scanned by Ca1nScanner

M ll I

'I'll 111( 11y lu hi 1111111111111111, tho 1111111 1

:1. l>1111hlr1 1011111· 111' r1111 ••111tlv11 ly 1,,p,1111,•tl 11,1111111 11 11,11 ,, 111 ,, i11•p,1111 111d liy " ,
111 1

'1 , II ,111 ntlll I l111r,wtr11· lri l,11111111 p tlr II wit h >1 1ll" 1 ,

'I'll 1111 ,,y IN hi" " 111111111111111· lh ml"" 111•

!~. l' r,1p 1•1111t:1hh1 11 11111111,1 M1111,1,tlpl 1.d1111l,· 1i1l1l,1h1111hl u 11,11111 wll l 11, !i ;i !i 1,,1,1,, 1,,., .rn .,. 'I' f.J.'j' w;II
1
lllt llllll'II'' I CIHI 111111', nlr,I IIH l(,,y 1.,,, I )1111111:,I Ir' )
ii fl M .,
1/1 r: a --- h

II

V
p
\\I
II
(J

X ~ i-
nt

H11lcm

llw 11111 111111)

II 11 11 1I I l,•t I:· r·, ,Ir!, 1,1 1I 1,. :,,1 111, · rnw, t.tlc,• .r1•· l< ·'. l1 r to Lill! n gl; t r,( <' ,,< h '1 11 ( g,,:r. ;., !n c,c t 'J tn,• Id: 1
,

1il 1111' f;1111 11 1 :, I rlgl11)

If 11,, 111i ,1J' ,,! 11 11• 111 ,., ,·rl1 :1h t w 11 1:di'!, :c11 1111 1•, f.inn ,1 n •r.1:.111;~le V.':tl. 11:1: 11, 0 tl·:t'c!rs :rn<l ta~e t!it
1,,111• r•, 1111 1li1 • l1orlz,1111. rl 1,pp1,•,l1,. ,·1,r,11 r ,,1 the rcc:1.111,:ic.

'I' ll 1•1~ "Y I'>' Iii dr. etc 111111<1 l! I' th c d oJX or

t\f ter J\1>vtyl11u HtLk:J: cf a I' :1 , . 1, o gt: 111 v os p II vi ay cf so mw c p

'1'11,:1 l'f11n ·,
---
<:l plll' r T1•x1 I•;: d ar a c ho gc 111v os pl! vi. ay d ~o mw e p
_ _ _ _ _j

-----------

l musolution. in Scanned by CamScanner

 111/'fOr', iJhtlff1fiJ
--~--- -- ·- · .
fuh' ci JJh .,. whh k'"'y
k'' uslu~ n I' Iu Y .
. 1111 cnsY tnN
"'l'hls Is
Eucrypt 1hc s1rl11H
ti
"monnrcI,y

Ans:

I I\Y f1\l8 C PllEi :

f~ ltl•lcllCr Cipher. ..
Play F;iir Ciplwr is one of the Mu I. I •l ·onlalnlng a keyword of" phra se,
l. . r: M·itrlx of alp "1 Jc 5 1·
., Pl;iy Fnir Cipher uses a 5 x a • ·I rl lclter.
, . fl •Ltcrs lnstc;i d of s Ilg c '
:.I. This cipher encrypts p;m o c . . I . t work in Play Palr' Cipher'.
. 'f.' ue11cy nn.1lys1s t ocs no
4. It is difficult to brc;ik because r cq

EX AMPLE:

Pl.tin Text: This is an easy task.

Key: Monarchy

1. Pair the plain text alplrnbets in two.

Th is is ;;11 ca sy ta .sk

2. JfJny ch:iractcr in the pl::li11 text: i-; ')' then rep Ince it with 'I'. (in our c;:ise cha!·;:i ct er T :s ri o: presP.n:}

Tl1 is is .1 11 ca sy task

3. Doub!" letter or consecutively repc,, ted sa rne letters nre ::€ par<1ted by x or z. (in our case there i~
no consecu tively repe;i ted s:1111e lett ers)
Th is is an ca sy task

4.
!f an odd characte r is left out pair it with x or z. (in our case the re is no odd ch"• t )
. c. I ac er
Th is is an ea sy task

l'reparc a t;-iblc san; c ;.is Mo noalph,:bet:c table b1H t 1iis table \/\,·1• b
1
s .5 I ·
' " ' e x t:ib c beca:.1sc Tc ')' \·: d!
be merge together. (Using Key i.e. Monarchy)

- ------ - ·- ------

Scanned by CamScanner
 .J'emtrfer - 7
hJ
~
If both ll'tters arc in the s;11111.' ff'lt111111 , t:,l<t• \IH' kllt•1· lil'lnw Pnd1 011f' (gol11 i: l,nt'k fo tl, r fr ,p if ,ti

the hntttllll)
If both lellers arc in the snme row, tal<e the letter tu the right ofc,11.:h <111c (gnl11g lmtk to th e left if

a l the farthest right)

> If neither of the preceding two rules ;1re true, rurm n redangle with th~ lwo letters a11d tal<i: th·
letters on the horizontal opposite wrner or tile recta11glc.

Th Is Is an ea sy la sl<

th ➔ Rule 3 ➔ pd
i$ -➔ Rule 2 ➔ sx
is ➔ Rule 2 ➔ sx
an ➔ Rule 1 ➔ ra
eJ ➔ Rule 3 ➔ im
sy ➔ Rule 3 ➔ qb
ta ➔ Rule 3 ➔ sr
sk ➔ Rule 3 ➔ ti

Afler Applyi.!.!.&..RUJ.f..£ pd sx sx ra im qb sr t!

[::1ercfore, Ciphe:· Text is: pd sx sx 1·a im_q_b_s_r_ti_ _ _ __

Q6] Use the Play fair cipher ,dth the keyword: "MEDICINE" to encipher the mcss;:ge
"The greatest wealth is health".

Ans: [5M - :.\lay17 ]

PL.-\ 't' FAIR CIPHER:

'
.l. ?lay Fai:- Ciphe r is e>llt' c,f th ~ J\iulti -lctt~r Cipher.
2. Piay Fair Cipher uses a 5 x 5 i\'latrix (, f :Jlphabcts conraining a key\.vorct or phrase.
This cipher encrypts pair o l lettP rs iP::>te:1d of :single letter.
4. It i~ difficult to t,revk l.JecJu sr frequ en cy amc!ysis dot!s not work ir1 Pby F:i ir Cir her.

l'ialn Text: The greJ test w ea lth i~ he;:ilth.

lCey: MEDICINE

- - -- - - - --- - --

musolution.in Scanned by CamScanner

 l·Muf·MPFA,,,t\,JMN

2
.. ----- c~e
'°.f:t_~
I, ------
I '8aiiC o{

1',il r th1! pl,1111 lt.J ><l :1lph,1lrn l:, 1111w11.

I.
Th ll li fl i il l I! !/ IW !!il If hi 1,h IJil II Ii
1 1
' I· •. 11wlll! '.f' (l 11 0UJ' C:i.lti~ f h,HW l '! f / 1~ ,f'1lru,1:1,,,,;
lf.iny char;i clcrln the plnln wxt Jq 'I 1l11J II n!p ,,, o '
'l..
Th c1: ro al. (),'l lW 11,1 II hi lih Mi It 11
,. I •·' n ' 11,11 ,irs r1r<-1rwp,i rarnrl hy x or¼, (111 i,11 t ;•:11:J• Iii ·1, !}
Double letter or co11f;ec11t lvcly rur1.,Hu1 ,~,11 ,.
3.
no c:onsecutlvcly repe:itcd m:uno lrll ten;)
Th 111-! re at 1i ~1 1w 1m II hi 11h ,:n It h
If.in odd character Is left oul J1il ll' IL wi th x on. ( WH pair IL wflh ' x' )
4.
Tit cg I'll at es tw l!il It hi NII Cil It h x
" '
I 11 t ' • '1' 1- 'J' 1 'fl 1

- ~I M onwili) ln l ►l' L lr 1·1lil c hu t thl!; 1alll c wJll ht; 5 1. ,)

r'.
L:l > , : ,ec::iu:.,, , 11
'l
I
5. Prepare a tau e same il~ · • · '

be merge togr. ther. (Using l<cy Le. Mcd lc lnw)

f M E- - ~·r_,/_.,J_ __,.......,,-i
1'
N ;1 ._.b f
j.--,.... ~~,.--~--+---1
h -Ii I I ()j)

r-
Jq- - /s1- - LI

rv-
L__..1.l_~_v__ _x_ 1
1 . _
y z
. 1 - . - -'---- -J

-,.. lfho th letters are in the sa me coli 111111, t,1ke th e letter below each one (gc ing ba ck t o the tcp ·rat

the bott om)

If bot h letters are in the same rnw, ta ke the lctk r to the right of each on e (going bac4. to th t left 1f

at tile fa,t heGt right)

r- If neit her oi tl1e preceding two rul<:~ arc true. fo rm a rccta ngli:! with the t wo lette rs ;;r. c t:1i<e i i:e
lette rs on 1h11 hnrizontal opr osile corner of the rectanp,le.

Th eg re at 1'S tv1 ca It hi sh e:1 !t hx

t i, ➔ Ru l~ :-; -::, qo1

'f'. -> 1< ,111.: :=. ➔ c;;
rr -➔ J{ule l ➔ wa
,11 ➔ HuIC; 3 ➔ fr

c!i ➔ Huie 3 · ➔ cir

tw ➔ Hu ie 3 ➔ ry

musolution.in Scanned by CamScanner

 1@,,1·&4,H%,,MS:ti
ea ➔ Rule3 ➔ ak
It ➔ Ruic 3 ➔ os
hi ➔ Ruic 3 ➔ om
sh ➔ Rule 3 ➔ qi

ea ➔ Rule 3 ➔ ak
It ➔ Rule 3 ➔ os
hx ➔ Rule 3 ➔ Iv

After Applyinr: Ruf es; qo caw a fr dr ry ak os om qi ak os Iv

Therefore, Cipher Text is: qo caw a fr dr ry al< os om qi ak os Iv

Q7] Compare and contrast: Block and stream ciphers.

Ans: [5M - Dcc16]
Table 2.2: Comparison betwt:cn mock & Stream Cipher.
. ' . h
~~~~; !i_:f~:.:"'t:; _< · __J · ;·:,Bl. \~:ftk ft~,-{.f;.i::':',:::
.... h . . .. ' ·
~ ;-
... ...,,· .
s,ream c; ?her o per; ,:s ;;-~ ·s;~I;~; :~ its ~r pla; n text. 181 oc~ c;ph e ,. ope~at;~: /1a ;~~-, hj~~k of data. I
1
r5'er than Block c;pher. I Slower than Stream Gphcr. I
I Stmm Clpher has Low Dfffusion. Block Cipher has High omus;on. I
/ Requi res less code. Rtq1iires more code.

1/ It does not provide integrity protection or

1acthentica tion .
... 1· n·legr1·ty protect1·on or
It 1·Jro 11 1·,.ie

a uth er. tic;:ition.

7
1

~'
Stream Clpher is more s uitable for hardwar-c- - ---;-B-l-1J_c_kCiph_e_r-:is_ n_10_r-·e_s_u-:-it-a-:-b-le_fo_r_s_o_f_~_v_a-re-~
'
I, ,···•r
. ._., r, ·1,~,-r.
- "'·n 2 ti on. I 1·1nplP..111'-'-11·at1
• · on . 1

I II Re•J se of l.;ey is po~<;i:)i e.

- - ------=--=--------
__ ______" - - - - --- - - - - -- ~ =le:_D~S - - - -- -/
1\ pplic.lliun: ~SL j App!italion : D,1t,1Lu-s:-:r-i1e En -· yj•t1.,,~---7 1

L _______ ___ _J _ __________ - - - - - - I

musolution.in Scanned by CamScanner

 I-----

..J'emMler- 7

[5M - f)p_,.,
,. -:-1

· .. p_,.:', is a symmetr :c key cipher which oper;i tes on a fixed length gr oup of bits c ,
1
, a~,1:-:

:- ~::CT)?ts en ::ire bl ock f message one a t a time.

{' tt: ·_ ±e pfab te_"{t are com b ined with a p scu<loran dom cipher bit stream by an XOR operacio:i.
--?--~=- t ~ ·s &t""l!e-rated by encrypting th e µfain text bits one a t a time.
.5. F-\.::amvle; ~:'\,, Dillie HeHman, DES an d AES.

~ . ?a m Ci;tb.e:.- is also ralled as state cipher.

7' • r is. a _:y r:unetric key d p he., ,;vbich opera tes o n bits/ by tes.
•:: :±:L· ~=- p-!ain ~e..--cr a.e combfned witJ-i a µse udorar.dom cipher bit stream by an XOR ope1arwr_
·f;;ae-r tex.:- is &Enerated by encryp ting the p lain text bits one a t a time.
;:xa,[?lple: A.5/ 1, RC 4.

musolution.in Scanned by CainScanner

~ J I .Sec~l 'lv.!J C,y(1f0Jra(lh_J .SomMfer - 7 rr,'/1'!!' J}lull,m1 M11MMH111@/H

CHA.PT,ER - 3: SECRET KEY CHYPTOORAPU,X

~,\·/ QJ] IDEA.

Q2] Key generation in IDEA.

'1~ Ans: [Qt I5M - MnyJ(,J & 1<}2 ' r,M - 1) ·c:•nl

IDEA:

1. IDEA stands for International Data Encryption /\lgorlthm .

io~
2. It is Block Cipher Algorithm.
3. IDEA is the replacement of DES (Data Encryption StancJanJJ.
4. IDEA operates on 64-bit blocks using a 128 bit key.

5. IDEA de rives much of its security by interleavi ng opernllon:; frum df(fore nl g((JU('fi Jlkc: mndular
addition a nd multiplication, and bitwise exclusive OH (XO R).

KEY GENERATION:

► The 128 bit key is divided into 8 sub parts tha t is 16 hits cnch.
► Then th e 128 bit key is cyclically shifted to the left by 25 pos ition, so by uolng tbl!; we wfll bave
one new 128 b it key.
► New simila rly as abow it is divided into Hs ub bl ocks an rl wil l lw us ud in ncx rnuniJ.

► The same proce::s is performe<i 9 times anJ 56 keys ;u c g!! n11rJ ,r:cl from whlr:h th e Dn,t 52 keys
will be used.
► So likewise from Kl to K52 key$ are generate ~! ;:i s s hown in figurr: 3,1.

Pl ;iin TPxt (6~- l!.i l s ) I

!" 2 (16 Ditsj P 3 (1 6 Uit~)

K-i

l !
Rounrl 1

l l
- K,.

L
1{7
J'lo1 .1rl 2
1

,~,2
......... ' ........ ......'
l l nn,rn ~ 0
l
____r l Y.1a

K1a

l J l l
[_ OufJ,u~ T, ansfo n :1,1ti o 11
K,. e,

r- J
/(H

c, (16 Dils) C2 (H: Elts) C3 (16 H ii s J C 1 (16 ni l :;)

Fig1Jre 3.1: W EA l<e:y Ccncrati!ln.

1la_Je 2f of f34

musolution.in Scanned by CamScanner

 i·Muf·MPFA,,,t\,JMN

S.t'ltJ.el\.te.&llllC.[ iillmwlJllltlfillll.d
1. Mu ltiply fl, ;rnd K:.
t.. AJd P. :ind seco nd I<.:,
3. Add P:i and third 1( ,.
4. Multiply P4and K., .
s. Step 1 EB step 3.
6. Step 2 EB step 4.
7. Multiply step S with l<s.
8. Add result of !>tep 6 and step 7.
9. Multiply result of step 8 with K6•
10. Add n•sult of step 7 and step 9.
11. XOR result of steps 1 and step 9.
12. XOR result o!' steps 3 and step 9.
13. XOR resul t of steps 2 and step 10.
14. XOR result of steps 4 a nd step 1 O.

Same operations are µerformet.l in 8 rounds. [

~'. :~· 1 - ~ •- "
►(e -➔1

~ ·~-+K6
f-H4--+--l------L..►EB
__,____ ____ J _. ►
I

l
Figure 3.2: cn cryp~ion round of IDF./ •.

Sequence o[m1mtion ln..h1stJuu!1c:!:

I. Multip:y Pi w 1t l1 }{49.
2. Ad d P2 and Ksu.
3. AJd PJ am! l<s1.
4. Mult:p!y P., a nd i<sz.

'Paae 2.2. off34

musolutiOn.in Scanned by CamScanner -

 7o "r 1 Soluliom w -1m1111%iin

lllowtlsh

l. lllmvllsh Is nn t'nc1·yptl11n ,IHorllhm.

... It l'l\11 he u:wll as \ l't'l)ll\t'c'IIHHII foi· the nns OI' IDI\A nl~m·lthm ,i,,
•i ll IS:, synmH'lrh~bhwlt cl11ht'I',
It was d,!SIH1\l1tl In I C)IJ:1 hy lln1co Seim ,1 ,. ns Ill\ nll(H"I\OIIVO to e;,,;l!illllg cncryptloll ;i]gorlthms.
It u~cs :i v:wl:\bll •l 'I\Hth l,t1y, from :n hits to •MO hits.
6. ll usd11I f11r hoth tlonwslh: mul cxporlnhlt°' u~o.
'l'his sy111111 •trl <: ·lpher splits nwssni:tes Into hlocks of 64 hit s and encrypt s thc111 individually.
n. H10,,1,1l1sh c:111 he l'o1111tl 111 s,,rtwn1·1• rnlDHf> rl •s nrnglng from e-commerce plritforms for securing
pny111c11Is to passw1lrd rnn11:1111Jt1Hllll tonls, wlrnrc ll 11scd lo protect passwords.

STHUCTUHc OF l)LOWVISII .,\ l.<:,0 1 ITIIM:

.--- -------
,- l' (Ill l •II~)
L-1,- - - - - - - ~ - -- ~ -
I.
nt
"'

• JI
G:··<

,.,I, ____
.- - -
- -- ----
c' (H l l ii 1, ~

t•- r•JrJ t,l rn, \.; t_ - C q ,J11 tCt.a. t ; l( x - I' m rnv t 11 111 ·: ,

Q) _ "'"' I [J -· ,uldlll!,u """' ') ' ;\')

Figure :J.:J: The Hcsl'cl slrucl11n• of lllnwf'i.,;h,

Pa_Je 2
ef134 ■

musolu Ion.1n Scanned by CamScanner

 Semukr-7

Blowfish has a 64-bir block size. .

► f 32 bits to 44U bits.
It has a key length of anywhere rorn .
It i,; a 16-ro und Fiestd cipher.
It uses large kcy-d epen1.h!nt S-boxes.
► · h•• f d <"-hoxes.
It is similar in structure to CAST-128, whtc uses ixe .J .
►
Each line represents 32 bits.
► The algorithm keeps two sub key arrays: the 18-entry P-array and four 256-entry S-boxes.
►
The S-boxes accept 8-bit input and produce 32-bit output.
►
One entry of the P-array is used every round, and after the final round, each half of the data block
►
is XORed with one of the two remaining unused P-entries.
Since Blowfish is a Fiestel network, it can be inverted simpiy hy XO Ring Kl 7 and K18 to the
ciphertext block, then using the ?-entries in reverse order.
► Figure 3.3 shows the action of Blowfish.

Q4] Key generation in IDEA and Blowfish

Ans: [5M - Dec17J
KEVGENERAT!ON IN IDEA:

ReferQ2.

KEV GENERATION IN BLO\A/FJSH:

fe\ernent
Blowfish algorithm is divid ed into two par·s· Rau d S
nL..truct:.ire anJ l<:ey ExpJ ns1 on Fu;1cti or:.
I) Round Structure / Data Encrvption:

0 = XOR _j
..__P_la_inr-T_ex_t 6 4 b::
L
XL

Cipher T<•x t
6~ bi t

.
-- Figur~ 3.4: Data E
- --
'Pa e 24 of
ncryption.
t34 -;
musol ut1on. 1n Scanned by CamScanner
 .Semmu-7 Topper 1 .Sofufiom
Oat.\ Encryption has a function to iler:lle 16 times of neh•1ork.
► Each round consists ofkey·depend cn l permut:ltion a nd a key and data-dependent substitution.
·..., All t I et .H ion:: are \ORs ;\ttd ,Hld il i11'ls o n 3 2-\Jit words.
► The only additicnal operations :lre rour indexed array data lookup tables for each round.

AJgmitbmi
Divide x into two 32-bit halves: xL, xR
For i = l to 16:
xL =XL XOR Pi
xR = F(XL) XOR xR
Swap XL and xR
Swap XL and xR (Undo the last swap.)
xR = xR XOR Pl 7
xL = xi.. XOR P18
Recombine xL and xR

ll) Key Expansion:

nt
8 hi,s 8 bils
I
'

Figure 3.5: Key Expansion.

:, Key E}:pansio11 is used to cu11vert a key of at most 448 bits into several subk ey a rrays totaling

4168 bytes.
Th ese keys :ire ~eneratcd ec1 ,·!icr 1o a ny data encryptio11 or de:crypticn.
,.. The P-Mray co nsists or 10 s ub keys of 32 bi~. i.e. P, · P,u
four 32- bi t S-Ro:<es consists o f 256 e n tries each i.e. Sln - Sl m , S2o - S2i ,s,S3 o - S3cs, &Strn - S·L s5

Sllh...Kctlakll I;1l j0~

i. lniti:11 i7.e fi ,·: t tlt1] r--;1rr:.1y :.1!HI th,~n th e fo ur S-b ox0s, 111 orde r, wi th :, fi xnd strir,g. Tltb ~t r i ng
li.ll\s;:;ts .if~!1•~ lwx:1dL·1·i1P:,I digt l s uf pi l!ess U1 c in1ti ;-,I ::;J: i'l - 0~; : 1:; ::i.1W' , I' ~ = 0'1:ll:i,t30Bd3, P3
= Ox 13 1L)8,12 ,!, r ,1 "' OxO 'PlJ73 1\ ~, etc.
2. XOR p ~ wit ii the tirst 32 h its of the key, XOR P2 with the :;cco:1d 2:.'.- hil s llf the key, :-iml so O!t for
all bi ts ofti\l' l<ey (po,;sibly up to Pl'\·).

musolution.in Scanned by CamScanner

 ~-'~ISc~ee~re~l1<.ej"5:J_~e'Ji'1'11~«!J'2!."'-"'·PhJz_
~ ___Sc_m1_e._k_r_-~7-~-===~1o
.r, ='/1(1:-e~rf ~~~~n&H,,,e@M
•th the Blowfish algorithm, usi ng the subkeys descrihed in steps (
l Encrypt the all-zero s trlng w1 I)
;ind (2 ).
Replace P1 anJ P2 will1 til e o 11:rwt uf s te p (3).

5.
.
hr.crypt the outpu t O f see t'n (3) u s ing the Blowfish algorithm with th e mudifiNI subke_vs.

6. Replace PJ and p4 with the output of step (5).

7. Continue the process, replacing all e ntries of the P arr3y, and then all four $-boxes in order, With
the output of the continuous ly changing Blowfis h algorithm.
8. Jn total, 521 iterations a rc required to generate all required subkeys.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - ---
Q5] Explain working of DES.
Q6] R'.li'.pfain working of DES detailing the FicstcJ structure.
Q7] Explain DES, detailing the Ficstcl s tructure and S-block design.

Ans: [Qs I 10M - May16], [Q6 I 10M - Dcc15] & [Q7 / 1ol\1 - May ]
17
0£S:

1. DES stands for Data Encryption Standard.

2. It is also known as Da ta Encryption /llg o rithm or DEA - 1.
3.
It is a symmetric-key hlocl< tiphc:-- publi~!Jed b_;, the N,Hi o;ial In s titute o f s~.rn cfa rds and
Tech nology (NIST).
,t
DES is :in irnplem,1ot;i tion of:i Fc is,,.?I Cip he r.
5. It uses 16 round Feistc:1struc1:1re.
6.
DES is nothing but an a lgorith:i; developed by 113M based on "Lu cifer".
7.
The suc<:essor of DES a,-c Tripl0 DES, t~ - DES. iJES _ X.
8. DES algorithm is a powcrf1il comllir.;iti op c- ftw . .
. , o 1Jas1c e ncryptio n tc,ch11 i11 11 e~
a. Conft•sion. ··
b !Jiffusion.

WOHKING-
- -----:.

Figure 3.6 sho·Ns workin-•,; of DE,.).

'·

L __,. . ,..................!
,-------
L- •n
.
-- J
-,
tu•r ~ I
' "')' -----..

,.,,,,...,.n., r•,41.!u,,
- - -- Pl:.:11r1! :t ( . W
-- - - - -::_~ rhlu~ uf DES.
'Pa_Je2.Go/~ - ------ - ·-

mu so Iuti on.in Scanned by CamScanner

 1./Jul· 4tfP3111 i,1#.f I

5_ l _.S_tert_f1v:J--=-~~
- -~-=-..,_·_:::fJJc___ _ _J_'t1_n_Mh_ r_-_l_ ____ _____~_'Tl
_o_,t/1er1
_,_ Suf.1Hu11J
STEPS:

n lnitial Permut.ttion:
-,. lnit1,,l r~rmutation m~ans rc:11-r,rng111i:.1lh! 11:ts ,ii 1hi.: pl,1111 t cxL
lnith,l P~rmutation is pt!rformed owr pl.1i11 text
For ~uili:,; P = 1010101010 ➔ 11 l l 100000
It produc~s two halves of the permuted blocks Le. Ldt Plain Text (LPT) & Right Pin In te xt (HPT)

Detail of one round in DES;

Each Rounu in DES performs following Steps a s s hown in Figure 3.7

3':: Bits Ji Bits 32 nits ]:l DIis

l ,. 1
'--~-D_
,._1 )

Lc ll Shirt (s)

Perm11t ~t lo11/
Conlr,,rl lc,n

e n
I
I
I
I I
I
_J
R,. 1 [ c,.1 [ '7
0,. ,

Figure 3 .7: Fiestel s tructtu-e of Detail of one rnund in DES.

Iii) Kev Dist:ardim;; Process:

56 Bil Key is used durini encryption process.

In Key Dis cardi1,e PrGce :;s . 56 bi: k~y 1s tra nsfo:·med into 4 8 hit key by dis ca r d in g ever:.' 3 1•, b it o "
initial key.

Expansi'lr, PP. rmutati o r.:

!n Exp ar.s io:-1 Permut?tion, lr. e ri;;ilt h:i lf is expam4ed from 32 bits to -Hl h its.
cxpans:on µenna ~a lio n per:-mlles orr.kr oft h~ bil .:tr.d r epc;,ts cen;-iin hit :;, ~u th;it b,)th :lie in;.,u t$
of first XOR operation a re co mp,ir.:ibk.

musolution.in Scanned by CamScanner

V H1t l••".. .,,.,,i f•IYt 1uu,.,. thdi
fl•-"l"'"'I lll"f :i:t to -JII l'.l• ►• k-.)

Plgurc J.U: S-Uox Substitution.

S-\3ox Substitution is the procc!.is which ,1c:ccpts 48 bi t key and expanded right piai n te:<t of t,.8 b:~
which get XOR and prmluccs 32 bit m1tpul .is shown in figure 3.8

VI) P-UOX Pcnmitalliuli.

,. It ls similar to Initial Pr.rmutation.
In this step, the 32 bit output from ei ght boxes is permuted.

VII)

'.,- \11 this Step, the output of XOR oper:.i tion becomes new right pla in tex t and old rH·,t
0

becomes 11ew left p\ain text.

The complete process is called as XOR.,rncl swapping
. operations.
.

c----~~~~=------
~1._____ ,:_u;_:•1,:::gl:.:. :·''
".::.: (;-I hit l'l 'l ill Text

[ :n hit LPT Uloc l< 32 bit RPT Elod,

l· .ig111· l! ·.,1 .9: XOP \' ,

• · , •..t swap.
Vll1) Elna! Pcru:rntaUou;
l'in~1I \'crmutation is perform• l . .
,.,. It n. I . ' . t ( ,1 ltcr s11cccssru1 .
. ioc uccs 6•l-blt cncryi>•cLI 111 nc. <.
1 romple tinn of 16 1.oi 1nds,

-- - --
musolutifl Scanned by CamScanner
 11-&uP ¥ f\J4w 2 ri~M
Semufer-7

QSJ With reference to DES comment on the follow;ng:

(i) Block size and key size.
(ii) Need for expansion permutation.
(iii) Avalanche and comp]ctcness effects.
(iv) \,Veak keys and semi-weak keys.
(v) Role of S-box
Q9] What is the purpose of S-boxes in DES? Exp]ain the avalanche effect?
Ans: [Q8 I 10M-Dee17] & [Q9 [ 5M -May:18]

1. DES stands for Data Encryption Stanrlard.

2. It is also known as Data Encryption Algorithm or DEA - 1.
3. It is a symmetric-key block cipher published by the National Institute of Standard:; and
Technology (NIST).
1. DES is an implementation of a Feistel Cipher.

BLOCK SIZE AND KEYSlZE:

r l<ey sizes: 56 bits ( +8 parity bits)

► 6 iock sizt=S: 64 bits

NEED fOR EXPANSION PERMUTAT!ON:

fe\ernent
,- The bean of DES Cipher is the DES function.
:,. The DES function applies a 48-bit key to the :-ightmost 32 iJits ro ::,roc!uce;:. 32-bit (J :.,cp ,lt.
,. Since right input is 32-bit and round key is a -l-8-bit. Ex::,:rns icn Permutation is used co t:~p;;r.w

right input to 48 bits.

•<\ VALANCHE AND CO~tPLETENESS EFFECTS:

,.. The DES satisfies both the desired properties of block cipheL
>- These avalanche and cnmpletene~s p:-~perry ;11ake cipher ver: stro::f:
• Avalanche Effect: A sm~,li change in plaintext resd~s in ~he \·e:-y greJ.t ci,z.ng ,,, ~I~<:

cipher text.
■ Completenesf.: Each bit of ripher te~:t depe nds 0r. ma:1y bics 0f plain -<.: :x:.

.,. Four o ut o f 256 possible keys ir. DES art· called W eak Keys .
A wea!< key is th£ one that, after p,11 ity drop operation, con~ists eithtr c f J !l 1.b. ,; !t L:;. L'r r.,,., L' ~;

a nd h..:lf l s .
, These keys are shown in Table 3. 1.

musolution.in Scanned by CamScanner

 I U(l(Jt:r 1 ,JO/t<fj
. ~~0_~~~~"'1..---~~~m>~M={e~r-~7=------~~
3_J SeJ:~t'KeJ Cr1jpto_Jra/•'.J =~!,
----=--r---
- - - - - - ; ·7.---droP
Table J.1 • Weak~h~e~y_s_.---;-;;-:~-;;-;-w;:::;-------,

(64 bits)
Actual key (56 bits)
~

\
_ s before
l{ey parities

010 1 0101 0101 0101

lFlF rnf OEOE OEOE
±=------==:::-:-::=-----·-
,'

_ _ __
- 000000 000000
000000 FFFFFF
FFFFFFF 0000000
EOEO EOEO F1F1 FlFl
FEFE FEFE FEFE FEFE
II FFFFFFF FFFFFFF

of these weak keys are the same and have the same pattern
The round keys create d from any '" as
►
the cipher key.
► Weak key is the inverse of itself.

SEMl-WEAK KE'( lN DES:

► There are six key pairs that are called semi-weak keys.
► These six pairs are shown in Table 3.2 (64 -bit forrnrlt bP.fore dropping the parity bits)

Table 3.2: Semi-weak keys.

· First key in the pair Second key in the pair
FEO l FE01 FEOJ FEOl

Ase mi-VvPak kevJ ere a t es on1y two di ffe re nt r ,

' ctct· . - oJ11e.I .key'> anct each of ..l o ~ ·,. • .
in a 1t1o n, the round keys er"' t d f "1 --n , 1., ! epeated eight t i lll'.•
..,a e rom eacl.1 p;::ur
· ue the same with diff .. ~ • '
ROLE OF S-BOX: e aen , Ort,ers

The
..
S-boxes do the re~a \ mixtng
. . '~conf:.isicm)
-,.. DES uses 3 S-b
oxes, each with a 6-b't . ~ ·
i
.
ln1) u , 2na ci,,.r -b·It (1t.1tput.

.. - ,- i--r-T·,-
32- b .11 u u1pw1

musolutKr .1n
. ......
:·. ·...
_.- . .- Scanned by CamScanner
 mt¥,!H,,,2i,iut5

,. The 1A· hll da1a from the second operation is divided into eight 6-bit chunks, and each chunk is
f•c1 Into n hnx.
;,. TIii' rl",11lt nf l':1d1 i>ox Is n 4-hlt chunk,
,. Wh en tlw sc :irf' con1hlncd th e result is a 32-bit text.
► ror ex;im plr, in Sl, for Input 011001, the row is 01 and the column is 1100.
► The value In row 1, column 12 is 9, so the output is 1001.

QtoJ Desc•·ihc triple DES with two DES keys. Is man in the middle attack possible on
triple DES?
Ans: [5M- Dec16]

'r IPl.lr DES:

1. The DES ;ilr,orlthm user. a key length of 56 bits, with which becomes very easy for an attacker to
hrcnk I he 1:ncryrt ion.
2. To improve thr. security of DES at higher level Triple DES was proposed.
3. This uses 1lm:c stages on DES for encryrtior1 and Dccryrtion.
4. It l,Js two versions: Triple DES with Two Keys and Triple DES with Three Keys.

Irlul.u..Dfil with Two.K~

),,-
",,
111 tlii~ tw o keys nre 11 ~e d .
In rirst and third s tage l(cy 1<1 is
e
use<l wliil c in sernnd st::igc i{cy K2 is used.
, First th e r,bi n text is i:ncryrt cd with key 1<1 the n the riutrut of st;~ge l is decrypted with key K2
,111cl fin;,! c,u tp t1t second ster is encrypted agai n wi th l«:y l<l .
,. Figure 3.8 s hcrvvs the encryption & decryption lasi ng tr ip le DES w ith 2 keys.

I( I 1{2 K1 1<1 1<2 1<1

p-6- D E C p -♦ch-.cb-cb-~
Figurr: 3.1 !J: Tripi(• DES witl1 'L lfoy~.

Miln.jDJbc· Midclic; l)tt:1cti;.

;.. No Man-111-th<:- micldlc attar!< ,,r M1!1.:l-i11-lhe•rniddl c: attil cJ< is no t p,issfl•i ~ 111 T , lpl1· lll:S.
,, Fnr lll\.! giv1.; 11 !<tiOWII r,1ir UI pla 111 [(;Yt- ci1d1 ·r le l' l [I', CJ, th 1• atl ;,r!{l: r will E1111yp1 I' 1V1tl 1 .all .!,.
possil,k key,; for I( I ('- iZl" 0 f!w y is S{, hi ts in IJE~J ,.111d Derrypi C v1ilh ,ill z ~,. pm ~lil1 1• I<••\", 111r 1, 1.
► If E ( I( l, P) = i) (1<2, C) then 1(1, K2 ;1,e nw sL lil:e ly th e rn rTct t p;aIr 11f l<ey!;.
,,. The at l.icker c:onfirm s th,._ iH.: 1 r air by t.:hedrn:g :1w ill, ;1111,tlw r p ;1i r of I', c .

- -- -- - ·1"Ja.3e310(134

musolution.in Scanned by CamScanner

 SemMftr- 7
•'an-in-the-middle attack or Meet-in-th e- middle Jtta k, d1rec sta ''Es 'i,
In order to counter i••
enc ryption-d ecry ption with two different keys is used. . . 1 .'
. .f I ., -in-the-middle :1ttack or t--kL' t-111 -t llt'•t11 h.ldl ,~ Jlta .·k 11> 2
This r;,1 scs 1h e c,>st o t 1c ,.. .:in
not practical for now.
However, it has the drawback of requiring a key length of 56 x 3 = 168 bits, which 11 ay ,

somewhat unwieldy.
For this reason Triple DES with 2 keys is used.
Using Triple DES with 2 keys we get the same cost of attacking for less number o f keys.

One half has (Kl, 1<2) and the other Kl.

► 56
Attacking the first half costs zm operations, attacking the second half cos ts 2 operations.
►

Qu] Compare DES and IDEA. Explain the rounc.l key generation scheme in both these

algorithms.
[10M - Dec1 6}
Ans:

COMPARISON BF.TWEEN DES & IDEA:

T.1ble 3.3: Comp:lrison between DES & IDEA.

I- DE~. JDEA
I
, DE
D ESS. S-t-a-nd-s--fo-r-Da ta ..•r,;. EEn~c~r~y~p;;ti~o-;_;-n----;S;t:an::-d~a:-:r::d.+~;::-:-~--:----=---_:_=:
IDEA s tc1n ds for Intern oti __ a nal:--:Dc1t,:,
_______ 1

I A:gorithm. Enc:-y~tio:i
_ _ _-.1._A_lgori thm . j
ll uses 56-hit !-:ey. I It uses 17.8-bit key. -
DES is nov: considered insecure (mainl.v due to -:,-r-::----------
u Consi dered to bo d - - - - -- - -~
small key size of 56-hits). - a goo and secure a]go,ith m.

· hlock.
' inrn 64 h 'rrsper
DES divides plain text/cipher te-<t
t;;.IDEA<li ·c1 ,
ll k
.
.vi es pl arn text/cipher text intc, O, 4 1 · c
!.lit.p
,~

16 :·our.ds of en . J oc .
crypt10n /decryptic1n It h -o=--- -~;-;;,:;::=-:::--~ ---- - - -~
pn.icess. I · as rou n els o f "-l1Crypti. o n/d er.rypio11 pr0cf~~

I - - --- -
I fo ll owed lr
Y ;:i fin ;, ) roun,JlJ of (),J : i li ;

~~~~i~~;;f~~)i;triain~~fo;i~·n;1a~t~i~c,;n~.;-:::;:-----:------
f: E::; ch :·ou 11 cl uses d.t ft·crent 48 -hi t sub
~-e_n_e~a~~-~rJrn the 56-bit key. key Each of the 8 ro und s L,ses ciiff"rf' r, .. , -;-.- - -.•

- :-
~
I l c rl 1'f'1l're> 11L~~-;_-::-::-::-:--~
:; u!:J kC'
_ _____ y., ;ire used in DES.
-- -
- -1__
'1Js t r 0 1
~ · us~c; 4s ub key.-,.
.... - , D
•
lll ., '\. '1 •
"\ - ,,, ·

IIJf.S 1:; we;ik~r ~r;;;-iDEA. - --- - --- ~ I d:tTerent '\ 1!11

52
- -----__ kc >·,;1rc
-- 11s d ; 11 !DE\ --
- ------ IDr. l\ . . . - .1 ..
no1.1ncl k<>• - - ~- ) !, S l l 011 •1,, r tr ;"I DE- -- -
~Y generation schcin .
em DES:
- - " . "n ·S.
------ ---- -
. . -4'.....
Hcf,n QS.

,----- -
muso u~ion.-in Scanned by CamScanner
 i!u/.fii,i\N,,,21,S:d

Round key generation scheme in IDEA:

Refe r Q2.

Q1:.1J \¥hat arc block ciphers? Explain with examples the CBC and ECB m odt!s of block
ciphers
[s_~I - Dee16]
Ans:

B1.0CK CIPHER:
1. Block Cipher is a symm etric key cipher which operates on a fixed length group of bi.ts, ca!Ted

block.
2. It encrypts entire block c f message one at a time.
3. In this the pla in text a re combined with a pseudorandom ciphe r bit stream by :an XOR operatiorr..
4. Cipher text is generat e d by en crypting the plain text bits o ne at a time.
S. Example: RS A. Diffie 1-: e llma n, DES and AES.

MODES OF OPERATION:

I)

►
►
Ef.B Mode:
ECB Mol1e s tands for El e ctronic Code Book M ode.

lt is s implest encryption m ode.

nt
The m essage is divided into biock~. and each bio:::k is encrypted ser,:.1r.., tt'ir.
► unifc n , ~l,:~ of
If th e s i7.e of plain text is not a m ulti ple of bl ock size, pa dding is u seJ to m::iim::i i t

bloc.k.
· · t .· · ·r , ·es . .., Ill" kov fo r ncrup tic n a nd dE-(T\" ptitH, of t•~1 d ·, bk,d;:.
0
Sin ce it is symm e 1 1c. I L,!> ::-o , . ~. ~ ., ;

· d cte•·i-)' J1tic 11 c;:in be do ne as fo l!ow s as shown in 1igu:-e 3. ~ L

Th e encry p tion a n .... · •
Pl:?U)k'(t
?t~inte>.t
CTt llil ii!ilO ~
[UllWI.IED I !
! bbck c1p 1iier
t-toc:C ::10~e-r i-.e)' _ .,. encr,'?tlM
~y -► c-n.crypti~:1

I '
I
I
[ffiiliilllLD a o -rrrrn,n
'
crrro ITJTrTTI Ciphcrtc,t ' ;.'~:-n;Et.\ \,
~ p nerte,.l
Eiect ronic ~odPboo\.: (ECB) mode e11c1~pti0n

.;:, pt\~ e1.t.

C1pht'~e~t
Up~1ertP.•t [ill..[UJ.IlTIIl r:rr-..n-_1.1.:.-1
I
aTIILlf-L!,Ii:Il ! --' - ,
I ~ ' - ' < ..•~.-•
...!----, ~~"~ ;
~v t r ~-
. ~?.:.:~
l '-"'l .~ :: I
~ I~~

I
I '
;:r_s1::::uuw rr::I UITI!"T...:l
a:;:r:rr::J rrrm P!a•" ··e "-t
"iJ r~tit , l
Pia •n te •t
[ lec,ronl-: Coclcbc.ok (t::CU) 1r1 odE> d eer) µl.t>n

Figure 3. 1 ~: ECB l\~otl e.

,-
'Pa.!lJ3ofB4

musol ution. in Scanned by CamScanner

 JI) (u.c.M2W
me Mode Stancle; for Cipher JJlock Chaining Mode.
It WilS Jn11e11tcd by JOM .
It Is used to overcome the secu rity d~firiencles of ECB Mode.
, In CDC mode, t:Jch block of plalntext is XOfied with the previous ciphertext blGck before beirzi

encrypted.
This way, each cipherter.t block depends on all pla!ntext blocks processed up to that point
To make each message unique, an lnltlallzatfon vector (IV) must be used in the first block.
, The encryption and decryption can be done as follows as shown in figure 3.12.

Pla•nr t ,t Plalnt~•t Plaint er.

lnill~r.zarlon V.r.t~~mTI ,----i-1_"_'i tLIIIJ Lilfl 1111 I ii i I /

am:rmnm - . ' ,------,

rcey- blod. cipher blc;c~ c,pher
r;nuyptlo;, encri•plion
1- - t---
mra:mnm rrm:an:m:-o rm rt t) II I IIJ
r:1J, herl~•I Ciphcrtcxt C:phc-rtc•t

Cipher Dlock Ch/lining (Cl3C) mode encryption

Jfthe flrst block has Jn J , 1 I

c i;x , t w mathcn11atical fon111Jla fo r r,w ' . . .
,. , <c ti u y pti nn rs
Ci = fa (P, AJ C1- 1) ,111d Co = IV

While rlie ·'l1ath('Jn ·•

· 1,,ca
. l /or mul:i rnr c r. r J
' ,, •' ecryptlcm i•;
P, = Dr. (Ci) ffi C,. ' .! JJcl f.o= IV
---------
()1:11 Cnc1·y,,t ti
- - -- - - -- - -- - -~
, "f'J' I
IC )t!C'i.' Jill!C - ---
= 15 De . , ' YI> og,·aphy is fun'' witl 1 .
J •. • ---- ~
•· CrJ pl lo get h·•<'k < 1• 111
• • •' 111111t,pllt"lll ,
Ano;: ' · '" 14 " 1 plai11t,~xt · ''-' \' l))h~r ,, i:h !.,·~

-f..1IJ1~
TIP! 11• .1. ·r •
"..: Ll/1-: {; 11' II CH :
l.
M.ultii,!it;:i tiv!! clph1;r I~ a
,-' 2. J• ·, .- . . . type1Jfsuhstilu11
• ,_sim;Jar to ra,.... on Cii)!iel'
- ---
--- - - '-',,<tr rlpher, .

mu soiuiiffif.-,;-n--·-- Scanned by CamScanner

 Seme.rfer-7
3. The only diffe1·ence is instead of addition, we use multiplication.
4. Multiplicative cipher can represented mathematically as:
C = (P x K) mod 26
P = (C x K·1) mod 26
5. Multiplicative cipher has only 12 possible keys.

EXAMPLE:

Plain Text: Cryptography is fun

Key: 15

Encryption:
Plain Test Number C = (P x KJ mod 26 Cipher Text
--
C 2 2 x 15 mod 26 = 4 E
R 17 1 7 x 15 mod 26 = 21 V
I
y 24 24x 15 mod 26 = 22 w
p 15 15x15mod26=17 R
T -o
l , 19 x 15 mod 26 =25
I ~f( z
0
\
I

II
...
14 ' 14 x 15 m od 26 =2 C

G
~ 6 ·\.'::: ....
6x 15mod26-1 2 M

R
\ 17 17 x 15mod2 6::.: 2 1 V

A - 0 0 x 15 m od 26 ::: 0 A
p 15 15 x 15 ni od 26 - 1 7 I R
I
H 7 7 x 15mod 26=1 lJ
y 24 24 x 15 mod 26 = 22
l \IV

I 8 8 x 15 mod 26 - 16 Q

s l8 18x 15 mocl26 10 K

-j
F 5 S x 15 mod 26 - 23 X
-- ,-- ~

20 20 x !5moci 2,S = 14 0
~
LI

L N 13
I
13 x 15 mod 26 = 13 I
I
N

.,.
Qe~r:wtion:
,--- - - -T------r Number -
P - (C x J{- 1) m o d ·1 r, Plai11 Text 7
Cipn e r e st ~

I l
t, 4 I .J. :: 7 Ill rid :1 () = 2 C
-I
I

- - - -
\i 21 I 2Jx7 m nd2 6 = 17 R
L ·- -- 22
- -- --
22 x 7 /11(\d 26 = 24
- - y- - - --
I \IV

r- R 17 17 x 7 mod 26 - 15 p

- - -- - - - -- --
tJa_Je-~ off34
•
musolution .1n Scanned by CamScanner
 LMul.faft?H,,,ffiiMtl

,_ 2x7rno d 26= 1
,,
I C
I 2
- - -(,
(

I M 12 I 2. 7 mod 26 =- 6
- It
-

t= A
R
V

17
21
0
21x7 mod 26=17
Ox 7 mod 26 - 0
17 x 7 m od 26 =15
-- A
-

1----=
1
-

~-
-
!

I x 7 m od 26 - 7
- --
B ] It
w 22 22 x 7 mor.J 26 =21
·-
_____ ,,___
-- -- - --:;:..

Q 16 16 x 7 m od 26 =8 J
I( JO 1o x 7111oc1 26 "' w
---23 x- 7 rnlld
------
- -----=--
.t.;
~- ·-
-- I

X 23 26 = 5 /l
I

0 H 1,~ x 7 mod 2 6 =7.0 l1

N 13 U x 7 mod 26 = 13 u
--.!.

Q14] Use Hill cipher to encrypt the text "short". The k ey to be w;cc1 is ''hill''

1.
Ans:
HILL CIPHER:

Hill ciph er is a po:ygra phic substitutio11 cipher.

em
2. ln ve!1te d by Le ster S. Hill in 1 9 29.
3. It ;s based o n linear alge brJ.
4. The Hiil ciphe r is an exa m p le of a b!ock ciphP.r.
S. In hill cipher. ea ch letter is re presen ted by a number n1od u lo 26.
6. To e ncryp t a m essage, each block of n le tters is m ul tipli ed hy an invertible I x 1 : .i s i x, dg-,i t., :
morlul us 2 6 .
7. To decrypt the message, each block is multiplie d by the in ve rsP of the rnc1 ,·ix 11 • e I for en ·f) v :f •,;.
8. The n:;:,tr;:-: used for en cryp ti1rn is the ciph er key, and it sl 1oulJ 11( • clw., ·:i r.ii: !l>"·, lr i". •;~ er. <:' ,,:·:
of in vertible n x n :-natr ices (modulo 26] .

EXAMPLE:

Plainte.xc: short

musol ution. in Scanned by CamScanner

 i·Mul·1¥,?H,,, 2,i~d

w e have to encrypt 1he mcss:iRc 'short' (11 ,. :. ). The• 11,·y i s 'hill' which ,;.111 lw w1'111,•11,1s the• 11 x 11111.11rlx:

tlill Ill I.11 -- 17

= I. 11
0]
11

Short =- [;,
0 7'] = [I II 1-1
17
19]
0
I? - 7

The enciphered vector Is r,lvcn as:

81 [187
11
14
17
191 d ( ) ,.,, [ ll12
0 mo 26> 275
2 ]'1
3'11

0 3]
3 1

£ru:rvnted Text= apaddb

--- EXTRA QUESTION ---

Qt] Variant of DES
Ans:
IJOUEl!..E DES:

I. Tltf! DES algorithm uses a key !~ngt~1 of 56 hits, w ith which becomes very easy for a n a ttai:ker to
urec.1 k th e enc.ryption.
2. Do ubl e DES is the encrypti on star.rla rJ v,1 hi r.h p rnvides gr2a ter se curity, si n ce it uses key !ength
of 80 bit-;.
3. In thi s two key s are u se J sny K1 and !<2.
4 It firs t pe t form s DES on the original plain rext u s ing Key K1 to get t he e ncrypted text.
5. It performs DES agai n on the encrypted text but this time with the other k ey K2 .
6. ThP. final output is the encryption of e n crypted text with th e o riginal plain text e ncryp ted twice
with twc diffe:-ent kt:y!: show!1 below in fig'Jre 3. 13 .

I 011£,ltia l Plain
Tr..; 1 f :-1}
Tn u po rary Cip h " ,.
Key ('rJ
.___ _ _ _ _ _j
___
._ En rry pt

t
Fiu;il Ciµh e 1· K..,~.
( C.J
,

L-----~ 1

K,
I
f:g~re :u 3: Dour.le TlES.

7. !t.2 :1 in th~ miJdie z t-:ac:k ,~ t'1c dra wb.:?ck of double! DE~.

musolution.in Scanned by CamScanner

 ! f .f~£ D£5: , . . It' DES wa s propose<i .
. ofDES a tllig/Jerlew l Trip .
1. To improve the secunLy ptiCJn and Decryption.
e,. on DES for f.mcry
2. This use:s three stag .,

3. !t has two versions:

I.dP.le DES with Two~

;,...
In this two keys are used. . , d stage Key K2 is used.
.. .
Kl is used whue secon
in
In first and third stage Key h tput of stage 1 is decrypted With ke
. d with key Kl then t e ou 1
First the plain text lS encrypte . K1
· c ted again with key -·
and final output second step is en ryp . . I DES with 2 keys.
Figure 3.12 shows ti1e enc1ypt1on· & d e_rryption using mp e

p C p D D C

Figure 3.ll: Triple DES with 2 Keys.

II) Triple ~!:S wit~ Three Keys:
In this three: key.:; are used
;...
In fi rst s tage Key !<l is used while in second s tage Key K2 is used a nci in th ird st.1 11 e key K3.
r
First th~ pJ;:iin text is rncryptec with key Kl th en the :rn , pi.;r oi ~tage 1 is d e ~ryp ted wi!h kl rL1

and final output seco:1ci step i:; encrypt':'d c1gain with key K3 .

.!='igure 3.13 shows the encryption & decryprion us ing triple DES \\'ith 3 key .

nl

p -cb-Jl~ ·[ 1~]- ,
figure 3.13: Trjple DES With
3
l<<:ys.

musol ution ■ in ScannedbyCamScanner

 i-&::1• 1¥dFJm21,i#d

Sem01ler - 7 To . ~r i .Solulionr

CHAPTER - 4: PUBLIC KEY ~RYPT06RAPHV

Qi] l~lahornlc the steps ofl<cy gcnc,·ati1111 11s i11;~ R~i\ Algorithm.
Ans: f5M - Mny1<,)
RSA:

1. RS/\ is a t>Ublic l<cy encryption algorithm.

2. RSA is derived from il.S inventors Rivest, Shamir ;rnrl i\dlt!111a11 111 J ')70,
3. RSA works on the pr!nr.iplc that says It 1r: LOo dlff!c11IL ro (11111 th e f.1r.tor:i of lanw prlrnil 1111mhers.
4. It involves multiplying two large prime numhcrs.
5. It is used for both public key cncryrtlon and dl1tll al ::lg11:il11rc.
6. RSA LJscs modular cxponentlat(on for cnc:rypt!ng ;111cl dcc:ryptl111t tltc lltl1~Hi:l ~c; ,

AL<:iORITHM:

1. Choose two different lnrge rancJorn prime 1111r11IH: r:l :,ay "p" ;1 11cl "q",
2. Calculate n = p x q. Sinre "n" Is Lite modulw: for Iii• 1,111Jllc lwy a11d llw l)l'lv:il u lwy::
3. Calcul;ite th e toticnt: 0 (n) = (p - t)(q • I)
4. Choose an inle:gc r "e" such tlrnl 1 < c < {tj (11) ;,r,rl " l'" Ir, , (l•j1 rl111 •1 to 0 (11) L •. ",,". 11d I-') (llj ·;l1.11·,·
,w fa ctor!; oth er than 1.
5. F111d Oi.l t decrypti on key "d" such th;i l 1• • d = I riir,d (p · l J fq • I) .
6. En crypt the me~sagc "m" usin1~ c 11 cryption key c, c ~ 111 · 11111d rt.
1
7. D ecryp t ti1 e mes,,age " ;11" us in g (lec ryp llon i«.:y d, 111 " t• 1110d 11.

In above algorithm, c and n are puhllc whereas cl Is hcpl p111Jllc,

Qz] Briefly define icl ea behind RSA nnd :,l,o; u cxplid,,

1) v\lhat is the one w tay funt.:tion in this 1-iyslc111'/

2) ,v1rnt ;,, the trap dour in this?

3) G;vc J>11biic key and Private l<cy,
4) [lcscrihc security in this sys tem.

Ans:

RefE: r Q~.

What i~ the r,r,c way function in llils systern?

, II. o n e··Nay fun ~t icn is a f unctt (Jn tha t ic: "1:; ;1sy" t11 < 0111 1, 11 11· :i 11rl "dlffl! 1111" 111, ,,._.,,, t; •• .

musolution.i Scanned by CamScanner

 ■ Encryption Function.

■
Muhipii ca tion of Two Primes.

What is the trap door in th is? ,

. . . t erform one way, but has a secret th.it 1s n:qtib
A trapdoor function is a function that is eas} o p ~

to perform the inverse calculation efficiently.

► Trapdoor in RSA is the private key.

Give Public key and Private Key

► Refer RSA AlgC1rithm from Ql.

Describe security in this system.

> There are two one-way functions involved in the security of RSA.

1. Encryption Function:
r '!'he encryption function is a trapdoor one-way function, whose trapdoor is the private key.
,. The difficulty of reversing this function without th e trapdoor knowiedge is believed (hu t n~t
known) to be as difficult as factoring.

2. Multiplication of Two Primes:

The difficulty of determining a n RSA private key from an RSA pu i.Jl ic key is known to be e q uivale n
to factorir.g n.
An ;;ttacker thu s ca11 n ot use knowledge c,f an RSA public key to determ ir1e . R", .
- a n • ..)~ pnvate kev
unl ess they can factor n. -
Beca use multiplication of two primes is believed to be a one-way fun ctior. Jet . .
•· c ermmmg an RSA
p r ivate key from an RSA public key is belie-✓ e<l to be very difficul t.

In an llSA system the public key (c, n) of user A is defined as ( , ).

7 119
Calculate <I>n and private k e y d. what is the cipher text whci• ' '<>11 , .
m=10, using the puhhc . k~y? • .. • ~ nc1··•'·IH rn es~ag ..

Ans:

!{SA:

Refe:· Ql.

E.X~JJ.Pl..£:

Given:

Pllhlic Key (e, n) = (7, 1.19)

IQ Calculate: 0 (n) and p:-ivc:1te !<ey 'ci'.

musou -
Scanned by CamScanner
 l•h::f·' ¥,f !Jm2 ,Mi·' I
1JJ- .Semufer-7
............

Solution:
n = p x q ...........wh ere p & CJ are two prime numbers

:. p = 17 and q = 7
Now 0 (n) =(p-l)x(q-1)
= ( 1 7 · 1) X (7 · 1)
= J.6 X 6
= 96
:. 0 (n) = 96

1 + k 0 (n)
Now Private Key 'd'
e
1 + 4 (96)
=
7
= 385/7
= 55
:. d = 55

Thus, private i<ey is (d, n) = (5 5, 119)

Then As given m = 10
t Using fo rmu ia fo r encryption key e: c = me mod n
= 10 7 mod 119
= 73
:. Cipher T ext ( c) = 73

j 0 (n) =96, d = 55 & Cipher Text (c) =73 j

o4 ] A and n wish to use RSA to communicate securely. A chooses public key (c, n) as
(7, 247) and B chooses public key (e, n) as (5, 221). Calc~late their prh·ate keys.
'\Nhat will be the cipher text sent by A to B if A wishes to send message m = 5
securely to B?

Ans:

RSA:

Refer Ql.

EXAMPLE:

A: Public Key [e, n) = (7 , 2 4 7 )

B: Public Key (e, nJ = (5, 221)

To Calculate: 0 (n) and private key 'd'.

musolution.in Scanned by CamScanner

 FOR A:
e= 7

n = ?.47

Si11cc 11 = p x q ...........where p & q :ire two prime m1111bers

.-. p :-:-: n and q = 19

tlow O (n) = (p · 1) X ( q • 1)
= (13 · J) X (19 · 1)
= 12 X 18
= 216
:. 0 (n) = 216

Now Private Key d ::-: 1 + I< £J (11)

e

-------
_l+k.(216)
7

Priva te Key d :: 1+1(216)

7

:. d == 31
== 2i7/7

== 31 ... (which is <111 integer)

ernent
f_QR 8:
e == 5

n =-= 2 2 1

Si ri ce n -=: ') ,. q
' · ........... wh ere ,1 & .
·, (J ;.ir etwo ,. .
.-. P =-= 13 ;ind q ==
17
r, ini e nunibc, 8

== (p • 1) x ( q . J)

;-:: (13. 1) X (1 'l - 1)

==12x I 6
::: 1'J2
··· 0 (n)::: 192

Now pr·
i v:i te f(cy d

---- 'Pflje ~ ------

so Iuti on.in --
Scanned by CamScanner
 i·Muf·MPH,,,t\,JMN

4 I 'Pu6nc Sem1.1ftr-7
:= 1 t k ( 1 '>2)
!;

Privnlc K 'Yd

::: l 'J3 / 5

= 38.6 ... (which Is not a n lntcccr)

When k = 2,
I • 2(1'.12)
Private Key ,I =- --
s
== 305/ 5
= 17 ... (wh ich I~ n lntcr,cr)
:. d =77
Dms...nciV..'\lC key of A Is (d. a) = (7Z.-22l)

Now./\ wishes to scn:t mcss:ir;e m = 5 to D.

/\ will encrypt t ile m css.tf!C u~111t: p11l~li c k ·y of H (c. n ' = (S. '.!21 _I

P ..: Plaintc:..t :..: 5

C :.; C1phcrtcx t = ?
rnent
C -= P·· mud 11

:-: ('.i-,s mod 2:. 1

Thus. dnMJ: text:-: 31 for plain text= 5

Q5l A and B ,,;s h to use RS,\ to communic.1tc sccun•:y. .-\ ch o o ~c~ pu h lic !,cy a-.(;,
119) and B chooses p11hlic 1,cy a s (13, 221). C.,lculat c the !, pr:'l.·a tc keys. A ,.,;~hes
tn -.end mr.ssa;_!o.! ,n :..: 10 I<, r.. '.\'ha t will he the c ipl1cr !t·: ·t:J \\"ith ,,·h a t kc:- " i ll _.1_

cncr)11t the mcs., agc "m" if ,\ needs to a11thcnticatl.'. itself ton

,\ ltS:

l~cfer Q !

EX AMPLE :

A: Publi..: K y (c. n) = (7. I I S)

musolution.in Scanned by CamScanner

 4 I 1'u6!c 'l<AJ_C'JfJlOJM('hJ____J_ei_nM_k_r_-_!_
1_ ___;~:___
JI • Pt d1llc l,,,y (<', 11J ( I :1, i!2 I)
'l'oJ.:alculalc: n (11} :1 11d pri v.itt• l<,•v ·i1 ·.
SolUliuu:
F_OI( _A '

I' • 7

Slnc,i
. n a px11 .. ......... w Iicrc II ,Iv., q nre Lwo p1"1rt1c numbers

:. P ... 7 and rt :::: 17

Now0(11) c::: (p • l)x(q - I)

:;: (7 · I) x ( I 7 . I)
c:: 6xl6

'-" 9(,

I + I< 1,1 (n)

Mow Pr iv:1te lfoy d = ·----
,.
=I 1' k (%)

te\ernent
7

When k :.:: 1,
rrivale l{Py d ::::: I + I (?(,)

:;:; lJ 7/7

= l3 .BS7 ... (wh ich is not an integer)

Silliil.irly, I< = 2 ,'\i k = 3 do es no t ,·estilt
• • integer.
,111 · .

Wht) n le :-:: 4,

l' r ivilte J<ey cl

= 305/7
= 55 ... (whirl'. is ,111 integer)
I - .. .,..

t I{

II = nI
.\1II C:1' n -:.:: r, .:\: ('I .... .. ..... \VIH!I ..? p
I •• '" ! ·c
fl '·ire IW
. Ll J)r.·11111• nurn llc rs

~·J1 0 1
:{ ;ind fl == I'/
- 'Plf_Je 44 of 1y7 --
musol ution. in Scanned by CamScanner
 l-&11\· 1i¥di%u2 ,ifl-i I

.Semamr-7
Now 0 (n) (p -1) X (q - 1)
= (13 - 1) X (17 - 1)
= 12 X i6
= 192
:. 0 (n) = 192
1 + k 0 (n)
Now Private Key d e

=1 + k (192)
13

Whenk=l
. I

Private Key d = 1 + 113C192 )

= 193/13
= 14.84 ... (which is not an integer)
V/henk=9,

Private Key d = 1 + 9]3l192)

= 1729/ 13
= 133 ... (which is an int eger) te\ernent
:. d == 133
Ihus. private key of A is (d. n) - (133, 221)

Now, A wishes to send message m == 10 to 8 .

A will encrypt the messag_e using nublic kev of13 (e. n) - (13.J.ill

!' ~ Plaintext == 10

C == Ciphertext == ?

C == pe mod n
== (10)l 3 mod 221

== 62
Thus . cinher text.=Jl2 for r-Iain text = 10

---------- - ---- - - - - -- --- ----- - --

Pa3e 45 o{-'34

musolution.in Scanned by CamScanner

!)1>; In RSA system the public key of a given user e = 7 & n= 187
i) What is the private key of this user?
V
2) Ifthc jntercepted Cf= 11 a nd sent to a us er whose public key <: = 7 8: 11 .-:: 18 ,
·IS th C PT?• 7· \.1,.
,

3) Elaborate various kinds of attacks on RSA aJgorithn1?

Ans:

C
Refer Ql.

EXAMPLE:

C- ) r.1 rivate key of this user?

Public Key (e, n) = (7, 187)

Since n = p x q ...........where p & q are two prime numbers

Po
:. p = 17 and q = 11
I)
Now0 (n) =; (p - 1) X ( q - 1)
:,.
=(17-l)x (ll-1)

= 16 X 10
= 160
fe\ernent ff

:. 0 (n) = 160 ,.
I\
Now Private Key d

_ 1 + .'<. (160)
7

When k= 1, Q

Private Key d = 1 + 1 (11\0)

7

= J 61/7 D'
= 23 •·· (which is an integer) l.
:. d = 23 2.
3.
Thus, privatf! keyJud, n) == (.n..Jfil)
2 -L
( ) Jf tlw intcrc(•ptcd CT= . .
ihc I'T? 11 ,ind s ent to a u ser whos e pub}; . k • . ·-- .. 5
.c '-=) c - / & n=1S7. \\"h~t 1~
L1 phrr ·:·ext == 1 1 G.
PuoJi c Key (e, n) = (7, l8?)
l'nva te key (d, n) = (Z 3 , 187 )

--
--------- - - - - --- -
musol ut10 fr in
6

Scanned by CamScanner
 N,,w, ll,1-.,•<111n USA d1 '1 pllo11 il,to, II h111,
1''1' I:'1'• 1 uw d 11

1111

Wt• 111•,o r 11 11 wrlfy th e rnrn ctuw::i hy 1111 l{l'A

" " ' 111 ·1·yp1 l,111 ,d1:w lth111 afl 11 1., foll nwlu~:
er l'T" 1111Hln

BfP mod 1117

II

l:hcrofore. w1.1,condudQU1uLtho plalulcxt(Ef)Js OU,

(a) Einhorn le various l<lnds or attn c l<s 011 nst\ Hlgorilhm?

Poss ibl e appro;1chcs to altacl<ln,: th u HS/\ a lgorlth111 arc ;1s fol lo w s:
I) llutk_ Fon:t! Alla ci.G
Th f~; all :1ck Involves t r y l11,: :ill pos::fli lt• p,·lv:,tc key ~.
II)

111)
.M..all ll! ma Llc.i.u. All aCks i
This :tltac:k dupf'rul 011 f:H'l o rir q: tilt· 1irnd11rt ol lwo p.-i nws.
J.iwlu lLJlLlil.cJi:ii
rnent
T ill s :1t l :1c:k dt.qw 11d 011 th • l'llllllin g t irnc of' the l1 l'L'l'ypl io 11 idgo r i lhm .
IV) ChNiC ll Clu h ~.a.~
'!'hrs typo of :Ht ad<ex plnir,., pnip e rt ies o r lhe RS,\ ,1 lgorit h111.

Explain how n key is c;han..: d hctwcc n lwo parties u s ing Diffie -Hcllm a n hy
exchange algoritlm1. Wlwt i!-- the cl1·awhack of thi!i algorithm?

An s : [ toM - Dcc15]

DIFFIE· ll l~ I.LMA N·A LGOHITH M:.

l) lffic:-11 ·lbi:rn nlgorilh n1 W itS cl ev:! ic,r, ed by Whit fiel d Diffi c & Martir. 1-fcllm<'n in 197 6.
It is ltscd w s olve the k e y ,lisl ribuli1rn prn!Jlcm of symmetr ic key er,cr; ption.
Di ffil! llc!lm:111 is n puhl!c lwy cryplosyslcm.

II cl rH·S 11o t c·n cryp t tlw 111 "SSi!g~·.

,.
r' It ts n s p e cial method o f cx dwngin~ l<cys.
.l t s ., •., ...,·d ki>y •o 11c used for !! r. crypt in g il message.
6. Th is r.!lgont 1m gc11cn.1 e. •• , .. · ' -
. .,., I I tli til e se·id e r n11 ci receiver ,:;in encry pt and decrypt th e mess;igc us ing
'/. One . n lccy 1s <1cu u e<, io · •

:;, m • lwy.
--- - -- - - - - --:;,f;_ge 47 of134

musolution.in Scanned by CamScanner

t i LGORITHM: PROB
· 1 r A and Bare two users.
ConsH e .. ., ~ ,, ,,
·11
/\ ;1nd B w1, • t-ake two large prime nu111ber.s n L g.
r
A will choose any large random number s;:iy "x". ,..
r
A will then compute m = g" mod n.
Similarly B will choose any independent large random number say "y".
►
n the computes= gr mod n.
A will send "m" to Band 8 will send "s'; to A .

► Key for A: K1 = sxmod n _

► Key for B: Kz = mvmod n
:;...
Both the key K1 and K2 are equal i.e. K = K1 = K2

A choose x = 3 B choose y = 6
M = gxmod n. S = gYmod n.
= 7 3 mod n = 76 m o d n
= 343 mod 11 = 117649 mod 11
M =2 S =4

A sends M = 2 to B ......__ - 8 se nd~ :.:: 4 to A

Ki = sx mod n ~
-><-.._
Kz = mYr.io cl n
= 4 3 mod 11 =2 6 mod l l
~~4mod11 = 64 mod 11
K2 = 9
---

DRAWl3AC!(S:

Di l fie- l lellma n key exchange is vulnerable to a 111 an ii1 tli - :c.ld l

e 111 1 e c1tta ck.
Diffi<:- l lr~llma n Algorithm r:an,~ot be used tu e·irr,"Jl •.
1 11
J ,
1cs~c1l!L'3 it ca n on 1y h~ ll ~Pd to c-:; t. l'li~•;,:·,.
a ~ccre t key.

r:xp011sive: exponentia l operations are involved.

,.
Thi s JIEon thm is als,J n lack of' authcutication.
Q8]
Expl:iin Diffic-Hc ll111·111 l(, J
. . • '-Y t!Xc 1a11g·c } · I
cx pta, n 1.iw Jl lT l·len· ·)f l\'l IM . a gorit 1 1ll with f'l11't.·,lll••
_., ... cxn mp Il-' , : \1'.
11

, , ' ' . all:icl( Ill it

Ans:

DlffJF · :l
-...c....;.;.~ .:. J.,_LMA N l< CY EX C!! AN"'-,~
- - ----'-=...:... • '" ,-, ~ ALl'i ORITIIM:
Refer Q7.

--
mus O Iut10h~Tn-~ Scanned by CamScanner
 Seme.J{er- 7
PROBLEM OF MIM ATTACK IN DIFFIF.-HELLMAN KF.Y f:XCIIANEiE ALGORITHM:

► MIM s tands for Man in Middle Attack

:,.. The Diffic-llellm.in key exchange is vu lneraliJt, lo " 111 ,11 1- i11 -tlir~- midd le alt,ick.
► in this attack, an opponent Carol intercepts Alice's public value and sends her own publlc va lue
to Bob.
► When Bob transmits his public value, Carol substitutes it w ith her own and sends it to Alice.
► Carol and Alice thus agree on one sh::ired key and Carol and Bob agree on another sharecl key.
► After this exchange, Carol simply decrypl'i any messages sent cut hy Alice or Bob, and then reads
and possibly modifies them before re-encrypting with Lhe appropriate key and transmitting them
to th e other party.
► This vulnerability is present b e cause Diffie-Hellman key exchange does not authenticate the
participants.
> Possible solutions include the use of digital signatures and other protocol variar.ts.
> Figu,e 4.1 shows the MIM ,3ttack in Diffie Hellmar. Algorithm.
Alire Bob

Choose;,. I Choose b

ent
r.'
Con1putt.> (g•) m

Figure 4.1: Man in Middle Attack in Dillie Hellman Algorithm.

A an dB cl cc1 e
·a
to use Diffie Hellman Algorithm to share a key.
. _ d G = 5 as the vubiic parameters . Their 5CC!'(·t kl'YS ;~\-,' l'
Thcv choose P - 2 3 an ·
." . · 1 Coni1>utc tile secret key that they s hare.
ano 1 5 respective Y·
[10M - l\ l:\y Ill & lh'l·th)
.~m;: . -
. _ . Al ,orilhm is bcfPn! sc, iving any Difiie He!lm.\n Exanq ,h•. ::l1r 1'11:l t'
•·•• Nole: Expl;:ai11 what D1f11c Hcllm,111 g
l-lellm~11 Algorithm Theory re fer Q7 ***

Given :

Pu hl i:: paran1eter (P = ?..3 & G = SJ

Seuct Keys 6 & 15 i.e. x =6 & Y =15
·h d betwee n A & 11 i.e. I,
To Caicul.1te: Secret l<ey s are

---- 'Pa3e490{64

musolution.in Scanned by CamScanner

 rop~r', So{Ltffr;,
-
Semufer-7
-
B

- --
~ · ',... l

A r hnoscx: 6
M::: wmod p.
~ _ ; _.!.,...'.;;;..-------
£3 ch()o~c y = 15
s = g:rrnod p.
::S' • mod 23
:: 51, rn od 23
= 30517578125 mod 23
= 15625 mod 23
S :: l 9
M=8

A 5ends M = 8 to B B send S = 19 to A

K1 = si mod p K2 = mr mod p
= 196 mod 23 = g,; mod 23
= 47045881 mod 23 = 35184372088832 mod 23
K, :: 2 Kz= 2

:. K = K1 =K2 =2 ·- - -----,
ITherefore, A & B Share Secre t K<:y as 2

Q10 l \'\'hat arc the various wayR in whkh public key <listdbution is implcmcn tc,
Explain the wor king o f puhUc k ey cc1·tifica t cs clearly <lct:aWng the role 1

certifi cate authority.

An,-,:
r101't1 - May a:
PIJBI.IC KE'{ lJlSTH IB UTfON:
.,.
In ;-,ubliL iwy cryrt 1Jgraphy, only puoik key needs LIJ be: di-;t ;·ib ill1:d, w hcn:,1 s rrl vntc k ey it: l<cr
secrel.
,. Following ,1rc the 'N'JYS Jn wh ich puhlk key:; can h,~ di s trihutcd:
. I

I) PII bIic I\J1!ill!!lJ£.!!111.!!.ll!l

:,..
One of th e :.irnplcst app roach to distri lmt~ imlJlit' k ~y fi
.,.. Gne c;i n dis pby hi'.;/lier pu l fie key
-
hi··/IJ 1, r ~
• 1'
· k

I •
t ,
CJ ,tnflOllll C(.! It pu!,11<:Jy .

rwwsr;1pcr.
011
' "II:
1'> 1U: 11r Hdvrnf•:,: ir 111 I," ,rl (ir : 1;,r:or:,1

;...
For ~ .ilDluJ.!!i. Wh,:n !{ 11ti.;jJ Vv;J 11t s to '> (!lld a r or n f i I
c:,1 1.. , t :1 , ..,,,;q~,- l n T· ' 1vi · I I. 'I'
r1u l,Jic; key ci th ' r 1. h
1
• J l
· .i , , l l· 1, 1: 1 n 1::11, 1 .,nv1 ·,·
. e iom ,~r we,slt<: orfrom ne " . ,. .
;. Fivu
'
r c 1 ·
'L. dr•sn
--
··
r ti· .. .
11,_ .. J ! ~11u at 11m .
, ,,.
w ,p.1p~, :i nd
· U1 1: 11 l"H
.. ry !, 1 1.i,~
, 1
,11 •·,: :,~1,· 11 •. ln ~ It.

..,,

., Fi 1tUf'I! 1 'l. A
- - -- - - -- - -- - - - -~ 1111111111 cc rn 1: 111 Ill r,ul:fl c lw y,

'P~e5oo{f3LI ----- - ,. ---·

muso Iuti on.in Scanned by CamScanner

, \ 4 \ (i I1 i~
·('!'/' I, j ~ • I~
i·Muf·MPH,,,t\,JMN

n,, '\hu h
I 1111 •1111\111111111 I 111111111 I Pl' I 1\111 1111!11l' Hil I II 1111111 111 11 111 111 11 111111,111 111 ), 14 /t/llil, /11/11

II\ \111111111\1 , \ \ 1llhlllh1111111·111111

1

,\ \11111 111 r,111111111• 11 1111111111 II 1 11 1111,111111111 ,1111ilt11, Iv,J11,i/lrd,I,, d11,11 1,,11/ ,,r 111 ,!i/1, ~•,:;~, ,rh/1/, 1::
II\Hl11li:1I 11 \'\I 11111111\1\I
II I 11111 I 11 11\ill\ltti\11111 \1 111 ~1111111 II ll~lflil I 11111 111 ill 11111,111/ lill/lJ /I /I , ///11//J}•II// :J /Ji/ ,1w11im1;,, I / '-

IIII 11I 111l'I' 1

1
'1\111 \'\1 1111'\I I Ill 1111 111 IIl l \1 111 !Pt f11llil\\ll1 I
• '11h11 1111 ,,ri. 11 \I , 11111,,111:i (11111111 11 p11 l1ll1• h,1111/11111 /11111,11 /1111//11,
ii I II II IP11ll' IPl\lti lt' t 1i ,, p11l1l1t: I t V Willl il lilll 1111 •1 ,11111,,,111 y
• ,\ 111~11 , I1111,1lti11 11 11 11111v 11 11' 11111111, I 11v ,i i] 1111d v1l11111 11111,,l11,I
• '1'11\1 tll 11111111I' I'"' 11111111 11 tll 11•~111 !1 1d 11; 11 ,,1111,ill 1; l, lli' 1 111,11111.
1 1 1
/

~ tri11111 p ,1,,I ~h 111V 111 i1 1111 1111i1 11 111 !II p11l 1l11 I 1111 d 111 1111 11y

l11il1III I l•i'
IIII H ll•I Y
, , 1 , , ,;, ,,. , i 111•1•1/ /'Ill/Ii'
w
l
·•• /II/ I

l.11'11\\l llil elU . 11 1 11l 11• 111 IVri11J ht!\i 1J r d1 ,,,1l1J / l/ ;1lill111ill /,H1il l11JJJ' l ~'llli' l':! ~/J'j•JV'l; JJ,1 •;;,,
,, 11 ;11i v111 1i,11 ,v/ 1111 rn il u1111111' II I 11 ' -
lil'l lll li li l11 1jJl'ti rffll 11/ ~[ l(l~t< d ltl 111 11·111 1111',

111)
,

musolution.i Scanned by CamScanner

t .
 l , P. frll..,, jl'II, i1 ll••111,.. 11J Mf)

Fl!!ttrc 1.'I: Olstrlhutlon uf1mhllc lrny through a11thorlly,

[)rawhacki
):• Publi c keys 111;1intaincd by ,wthorlty :-ire vulnerable to n10clifl c;1tio11.
► Public key authority gc1:: overloaded if the number <if request~: ls large.

1V) ~lc.lic...'!..Cw.if1£11.ti;
► The ;iltcrnative to prcvioui: :1ppro.1ch l.s to create public l<cy rertlf1c:i tt·s.
► Using the pnblk key ccrtif1catcs, 11'.iCrs can exchange the keys withou t ro11tncli11g a public kt
;111thorily.
The r •rtific:-it es n ,nsi sts of:
•
11
A pdilic key.
,'\n id enti fil':1 tio11 of key ow ner.
--..---ent
► Thi:, certifi c,ne is signed by a certificate au tho ri ty such .1s ;i govc;·11me11t agency, a financia
inslitu ion or ;1 s1,1 te organ b 1tion.
► Consider for Examp le: Rutuja w<1nts to distribute her publ ic key i n ;i securt manner.
► She c.111 presP.nt he r public key to certificate authority (CA), obt;iin a certiricate and then publis~
the certificate.

Now. one who wJ nts the public key of Rutuja, can obtain the cc , ti fi rate ,md ;:ilso ver ify that the
certifica te has originated from CA. (i.e. the certificate is valid and cri gi n;ilJ.
One r:111 also tra r:smit ::: certi ficate to convey the hy to th ose \'✓li u r eq,.ie:;~ed it.
Figure 4.S shuws di~t rillut:011 of pu b:ic key using certi fie ates.

Figure 4.5: Di:;tribution of public 'H? .

_ _ _ _ _ __ _ • Y using certificate~.

'Pa.Je J2. of134 -

musol ution. in Scanned by CamScanner

 i·Muf·MFA,,,t\,JMN

I'll~ = JJulJlk lwy 1Jf l(t1l t1 lr1,

flll 1 - J'111il1, · l(•'Y i1 f 'l'!lll ,1
Cu = .vrllflt'a1r! l11 t1 t1 t. d lfJt' lllllll),1,
1

Cr == Cort.llk..it!! l!'ll,ll!!J lrJJ' 'l';111 vl.

------
·---- 1'~1ej 3o(f!JII

musolution.in Scanned by CamScanner

 -I ~ -f~ - ... 'i-wh tF,JnctionJ "m,c,w, - I ~
-,-,. •• ,I '\JO/rdf...

- - ~uArTER - 5: CRYPT06RAPHIC HASH FUNCTIONS ...,,..,,,_

. . r....xp
\\ h~,t is a digit ;il s1g11:1tnrc? . · any digital signature algorithm in detail .
, _ 1.un
Qtl
[10M - May16 & SM - De
Cl6'
I

. §lGNAnJRE:

_~-:!ilill S~~n;Hurc is .1 type of electronic signature.

It encrYJ>t5 documents with digital codes that are particularly difficult to duplicate.
A dlgital signJture takes the concept of traditional paper-based signing and turns it into an
c!ectmnic ''fingerprint."
1 hi~ "fingerprint," or coded message, is unique to both the do~ument and the signer and binds
them together.
:S. It is used tl> v:1lidatc the authenticity and integrity of a message, software or digital document
6- Digilj) sign.1tun~ technique is b~sed on public key cryptography with a difference.
7. J, public k~y cryptogr;i phy a pair of keys are used, one public key and one private key.
'il;t.' puulic key is often used for message encryption, ancJ the private kPy is often used for
lltcrypt;n!! th€' mess:ig•~-

However in c:1:,c of digit:il ~ig1~:lture, message is encrypted with the p;·iv;;;te key and decrypted
·with t.he pt,tlic key.
0.
Only :1 spe cific p~rs0n w;th the c rrcspondi ng priv:itc•
' ,
1Jyc-rn' nc·r·ypt •I •
' ic message or lil oth ei
words sign the mess:-igc.
.i 1.
Ho,"evt.'r 3ny party \Vh o '1:-is th e sig;1:itory's public key can enc•·yiit •he :i i e · . , • • .
, 3n verify the mes--~1ge. · ' • :ss~Je, 111 ol11er wonts
12. Figur e 5. J shows the pn.cesses of Digit:-il Signature.

Figure s 1 · D' .
~ - ~ - - - - - - - -_
i, , . . Jgllal Signature p roi.:e!-.s.

--~-;;;;;J~-
'Pt1_Je540(134
-- - - --

mu so Iutie n. ifl Scanned by CamScanner

 i·Muf·MPH,,,t\,JMN

Scmuf~r-7

1. OS/\ Sw11d:; for Dl~ltal Sl~11:ilu re AIJ~orllhm .

L DSA is a United Sta tes Fede ral l;overn rn cnr s tand;m.J for di gita! signatu r~s.
3. lt is used with Digital Signature Standa rd (DSS) .
k
1 The first part of the DSA algorithm is the public key and priva te key generatfon,
5. The secoml part of the DSA algorithm ls the s ignature ge neration a nd s ignature ve.rification.

Key Generallon;
~, Choose a prime number q, which is called th e prime divis or.
► Choose another primer number p, such that p -1 mod q = 0. Where pis called th e prime- modulus.
► Choose an integer g, such th at
1 < g < p,
g11 mod p = 1,
g = h HP· 1J/qJ mod p.
;.. Choos e a secret key x by some ran dom melh od, where O < x < q.
;.. Compute public key y = g• mod p.
, Package th e public key as {p, q, g, y}.
-,. Packnge th e priva tP key as {x] .

.S.ti!..nature Ge11~r,1li9n;
dfe\ernent
!las h
Alg orithm
----+

Ele ctronic Fil o

1 0 11(10
11011)1

Hash Vnl11c
+ Si g n er' s Pri v::ite
Key
Oigi ra lly Signe d rne

Figure 5.2: Si gna ture Gc nr. ra ti on.

To genera t e a mess age sign ;i turc, t h e ~c ncl c r ra n foll ow th e ~c s t e: p s:

;... Let 'h ' he the hashing functio n & ' m' lh c message.
;,.. Genera te ;i ra nd11p1 num he r k, ,;uch that O< k < q.
r Cnm!") LJ te r = (r_:I: mod r) mo d q.
,. 111 thr! 1rnli!<ely cnsc~t hill If ,::: n, start ag.1in w ith ;i d iffe rent r;i r.do m k.
,. C:Jlcu l..! l(; s :.; It 1 (1! (11::} + xr) lll tt d q

- m USO IUti On . i n f-----

sc-a nned-by Ca-mScanner
 , ,-.. ......
'''•~•••·Ith tit

--
, ...... v ........

Figure 5.3: Signature Verification.

. tu the receiver of the message and the digital signature can folio~
To ,·erify a message s1gna re,
cc steps:
,. , · 'h' be the hashing function & 'm' the message.
Reject the signature if O < r < q or O < s < q is not satisfied.
Cakulate \V =: ;·1 mod q.
Compute u1 = h (m) * w mod q.
Compute u2 = r * w mod q.
► Compute v = (((gu1) *(yll2 )) mod p) mod q.
► lf v == r, the rligit2l s,gnature is v,;lid.

Q2] '\\Thy arc Digital Signatures & Digital certificates required'? What is the
s ignificanceofDual Signature?

Ans: [101\1 - May17]

m GITAl. SIGNATURE:

REfer uigira\ Signature part from Ql.

\"I y Digital Signatures are required:

T.: :i f)rovide Authenticity, ln tcg:-ity and Non-repudiat ion to eiect ~· · .

r01.i c OCClll11 E: lll S.
To 1.:se the lnterncr as t \,e safe and secure m edi um fo r e -C , 1
• ~
o.11.11e1 re ,1 nd e- Govern <1. nc~.
P. IGIT AI. CE P.Tif\CATES:

1 Dig:tai C~rtif,c:itc lDC} i:; c1 cligi t;i l ril e.

I~ ccrtifie~ the 1dt•m; t,· Lr .11 1 i·~rh •i , . . .
, • . • llll ,l l UI' lll S \11 lll i •· 11 . , • . .
. f onnat1on.
- ha• S t.:•d ,n , ·' ' ~., t: \ e1 1 ~, rou t''. . i.: • ,··
-1 se'-' l'..,l\g ~.--: ce,:;s t o .::or.·,µu,r•

It i s issued by a f.e t·r· .

. . . . r ta1cat1on Authority (Cl\)
4.
A d1g1tal ce rtific;:ne is a n elnc•-or,1· " .
r !HS ·po
'-' .. II If
excha nge infon . - ' =- rt t ·,;1 1: nllows cl pe r i

- _ _ _ _ _ _ _ _n_a_ti_on secure:y ove·· ~1 1 son, computer o r o r o,rn izJ tioll t,

l.c::~::;~:~·~:~~~~~er
' . le r.terrwt using the ub ; . .

musol LI R..
t,

-- ■ ■ p
 Seme.rfer-7 Topper', Sofufiom
$. digit:il rertificill0 may also be referred to as a public J<cy ccrtlncatc.

> • i~1t.1t C~rtit1c·1tes c-.111 be used to idt~ntify a pl'rso11 or" device.

> rt~ ident ifir.ltion is e~tablished, the Certificate is mo.st frequently used to prove one perso n's,
or devke's identity to another person or device.
> Se<."ause of the RSA system, they both know each other.
► The Dlgital Certificate can now be used for signing and/or encrypting email or for providing two-
factor strong authentication.

Sl~NlflCANCE OF DUAL S16NATURE:

1. Dual signature is a significant moderniza tion of SET protocol.

The function of the dual signature is to guarantee the authenticity and integrity of data.
..). The pmpos~ o f the dual signature is to link two messages that are intended fo;- two differe nt
reci'pients.
-1-. In this rnse, the customer wants to send the order information (O!) to the r.1e,chant and the
paymer~t idormt":tio n (Pl) to the bank.
~ The merchant does not need to know the custome r's credit-card number. a11d the bank does n0t
r~eed to know the details cf th e cu. tom er's ord ~r.
6 The customer is afforded extra protection in terms of privacy by keeping these twe itt:>rn ·
::;e pa:a te.
7_ Howeve1·. the tvvo ite ms mus t be l;nkect in :1 way that c ,11~ be used to resolve dispu tes if neces.s:uy.
s. The link is neec:ed s o th.:it the customer can prove that this pay me nt is intended fot this order :rn i
not fo r so m e o ther goods or se rvice.
9. To see th e nee d for the !ink, s upµose tk1t th e l·usto111 ers !'-end tlw t~1t'1-ch:rnt 1wo mt'ss:1~c-s: :~
sigr.ed 01 and ;:i signed Pl, and the 111erch;111t passt'S th e Pi tin LO the bank.
lit. If the rne rch a n, L·an r,1ptwe a;wt h1:r 0 1 from this custo111er, tll'.' rnni:hnr:t n •lll:! rL1:1~. th.it this r!
i•oes wit!1 rh e P! r,:[h e r tl r:.i n tl:t' ori gin.ii OJ
"'
l i. The linbsP rreVt~nt . this.
~2. Figure 5.4 sh O\'-'.!-' tilt' 1::; e of;, dllill sig nata re to m ·e t the r~q uire nh:i:t l'I tht· m t' ·t•,!,n:~ t'·ll'- t~r.q /1

11 ,1..i
:,,i l*: u a l\· 1,·
►~ ~--~: .J

Figure !"i.'I: Use ofa 1l11al slHn~1_11_11_·1·_. _ __

- -- - -------,P-.1Y
. 57 {Iff34

musolution.in Scanned by CamScanner

 olMD = or Message Digest
,-
pQM D::: Payme nt Order Message iY•lh
Pl = p;1yment Information. ,-
E::: Encryption (RSA)
01 == Order Jnforn1ation.
,- KRc::: customer's private signatUJ~r.~y
H = Hash function.
II = concatenation
PIMD = Pl Message Digest
------ --------
Q3]
- ---------
SHA-1

Ans:

~3HA -1:
1. SHA stands for Secure Hash Algorithm.
2. In cryptography, SHA-I IS a cryptographic hash function proposed hy NIST.
3. There are three SHA algorithm named as SHA-0, SHA-1 ar.d SHA-2.
4. SliA-1 is most widely used SHA hash function.
~ The input to SHA-1 is message of length 264· bits and its produces a 160 bits outp1.1t

sirnilc:r to MDS with following differe nces:

nt
Ir is
6.
3. · It is more secure.
b. It is little slower to execute than 1\1 OS.
c. SHA-1 makes 5 passes whereas MDS makes fo ur p3sses.
7. SHA-1 pads the message in similar way ciS MD5 .
8. Similar to MDS, SHA-1 also operates i:1 st3ges.

ALGORITHM:
Step - 1: Append Padding: Bits

The message is padded so that its length is congruent to 448, modul e 512.

, Mess2ge + Padding bits + 64 shuu lei be J n i ul tiple of 512 bit~.

Example; If message is 400 + 64 = 464

!fence padding= 512 - 464 = 48 pcic!di ng bi t:s.

P:11ldl11g

l'ad1lh1"
1,

________ __..
Scanned by CamScanner
 IA,,i·#¥di•J,,,21,JMN

Strn · 2; A1lpencl Leneth

6•1 ha l rn gth is appende d.

Th l· n's ultant message has a le ngth tha t is an e;.;;:ic t m ultip lt:: of s 12 bits.

400 ◄ II

+-1
64

.____o_,_1i:_tn_11_Musa
_ _~_--1,_ _
Pa_dd_11_,!l__J~ l ~ngth ]

- - - - - - Dai ll tob e h:,sh ..t - - - - -

.•,_t~p · 3: Divide the input into 512 bit blocks

Da l:, tn be h~shed

I Blo~k 1 c:lock 2 Dlork ~ I ··· ·· ········ .... ... 1 Dl ork I\'

s1;: ttt 5.Zbll 51'.?bll 51 2 bil

Ste p - 4 : Initi aliz e chaining va riab!es

32 Bil t__A_----l-_H_E__
X--1-_ 0_l-+- 2__3_ i--_4_5_ t_6_7 _j
32 E3!t B HEX 89 AB CD EF j
98 ~
1
32 Bit 1:.-
1 _ C_-+-_H_E
_X--t FE DC BA
32 Bit O I HEX _ +-__7_6_-1--_s-=4-r--=3=-=-2-t-~ 0 ~
3 2 S it E HEX I C3 i D2
I El ~ 0

Sten 5: Process block

• • · b·ie to five corres ponding va riables a, b, c, cl anti c.
S.1: Copy ch ammg van a ·

cp cp cp 9
G][J0Q
} • co 16 su b blocks.
5 .2 : Divide current 512 bit bl ot: <. ,n

-L~--------_-_-_ __J
- Bind; 1 (5 12 ul!]

--- sulJ ufock 1

Sub lilocll 2
Suh hli•d<N

32 bll
32 hi t
3z uit

- ------ --
musolution.in Scanned by CamScanner
 Semuftr-7

c1) 1\111 6 sub-hlock-

b) Variables a, b, c, d and e.
c) Some cor.s ta nt

16 Snb 13focks Olli Pr Cons r:rnls

One Round

l nr PJ ➔ I= o ro 15 a b C d e t(~J ➔ k = 1 to 7'J

Process round In each round process P /

II
1 (b c) V (b' 11 d)
2 bEf)cffid
(b " c-J V (b II d) V (c II d)
bEE,c(f) cJ

fi tep - 6 : :,HA-1 operation

A B C D E

Q4 i V\/ha t arc foe pro perties of hash fiH1c rion .,;? \ Vhat is lhc rol e of a has h function jn
s ecurity?

A n ~;:
11 A _c;H FIJ.\C ;'!0.\::
·- ---- -
1. A hash f; rnclion is a mathematical fu11crion ,hJ t coni,,,,r,.:- a nu m • 1 . • 1icr
· - • ., Cf! CJ. l n p t: I 1/cl.1ll C JOto <1110 1
compressed n11m1:rm tl v;i lu e.
.,
L,. The input to th t hash fu nction is of arbitrary fengtl, h t .
0
u
,s r1 lways uf fixed lc11gtlt.
11 tr 11t
3. Values rct 11rneu by a hash functio n are ca/Jeri messaa. d' .
_ _ __ _ _ _ _ - - - , ,11--1.:1..__ _ · 1-; i
1gcst or simp ly hash v,1l11 c5.

musou Scanned by CamScanner

 Smtt.rfu-7

4. Hash funct i ns are "'Xtremely usi::ful anJ appeJr in almost all ini rm:it iun s~urity Jpplications.

PROPERTIES OF H.-\ ~H FU~ CTIO.\'S:

I) Pre- lm;1gt> Resistance:

► This property means that it .should be computationally h3rd t re,·erse 3 hash function.
► In other words, if a hash function h produced a hash value z. th~n it should be a difficult process
to find any input value x that hashes to z.
► This prope rty protects against an attacker who only has a has h value and is trying to find the
input.

II) Second Pre-Image Resi!aance;

► This property means gi\'en a n input and its hash, it should be hard to find a different input with
the same hcis h.
► In other words, i f a hash function h for an input x produces hash va lue h(x), then it should be
difficulr to find any othe:- in put value y such that h(y) = h[x).
► This property of hash function protects against an attacker who has a n input va lue and its hash,
and wants to substitute different value as legitimate value in place of original input value.

IIJ} Collision Resistance:

► This property is also referre d to ;is coliision free hash function.
► This property mc;:;ns it s hould oe nc1rc to f. nd twc diffcrE:n~ ;npuL<; o:· any leng~h thar. :-esult in tr.e
sa m e has h.
1:1 othe, word s, for ;:i hash fur, r.ti on h . :tis hard to fir.ct any two diffete nt iilpu~s x a,, d y :a,ch tha t
h(x) = h(y).
This property makes it very difficult for an 3ttackerto find two inp ut va lues w ith the sa m e has h.

IV) Other Properties:

Compression: Outp ut ]e!1gth i$ small.
Efficiency: h(x) easy to comµute for any x.
One-way: Give n a value y, it shou ld b~ infrasibie to fi !1d ,rn x su d; t]1,1 t h(x) = y
,. weak collision resistauce: Gi ve:1 x a nd li(xJ, infoasibie to fin<i y != x S ll(h th ::i t h(y) = h( x)
-,.. Strong colJisjon resistance: J;ir"e:Jsibie to fir. cl :my x a nd y, w i~h x != y , uch th:it h(xJ = !l(y1

ROLE:

Password Stnra c.e.;

,. Hash functions provic.l :: protection tu passv;ord storage.
In stead of s toririg :n.1ssword in clear, m ~s tly all logon proces:;e$ s tore 1he h :-i ~h v :1)11 Ps ,if
JJnsswords in the fil e.

musolution.in Scanned by CainScanner

 5~l..::..:C1Ji-21.'/J-=--:..WJ;f__JrapLh_ic_~_a1_6_"Fun_ch_a_m_ _ _ Ji_em_Mkr_-_7_ _ _ _ _ _~ ...,.
Data fnte1;:rity Check:
Data integrity ch eck is a m os t common a pplication of the hash functions.
,.. It i s used to ge11 e r.:i te the ch eck:wms o n data fr!P.s.
Jt provides assura n ce to the user about correctness of the data .
---------
QsJ What characteristics are needed in secure hash function? Explain t~op
er..r
of secure hash algorithm on 512 bit block {

An.s: [toM-.May.
CHARACTERISTICS ARE NEEDED IN SECURE HASH FUNCTION:

Refer Q4 (Properties of Secure Hash Function Part)

OPERATION Of SECURE HASH ALGORITHM ON 512 BIT BLOCK (SHA - 1 ):

Refer Q3.

Q6] What is the need for message authentication? List various techniques used fa
message authentication. Explain any one

Ans:
NEED FOR MESSA6£ A:UTHENTICATJON: e
1. Message authentica ti o n ens ures th a t t he m ess agP. has been s ent by a g e nuine i den tity and not t
ar: imposter.
2. Message a uth entication is used to verify:
3. Received m essage is fro m a ll eged so urce .
b. Message h as not been a ltered.
c. Th e r e is no change in message s eque n ce.
d, Message is not del aye d or a replay.
3_ Messa g e a !_;thenticatio n indudes mechanis m for r~on-rev 1l!;a ti on O} s ource .

4_ Message authenticr1tion is typicaliy ;ichie \·ed hr using message autlil'nticativr.

codes (MACsJ, a uthentirnted encryptiori (,'\E) or digit;.! signatur es.

MJ~SS.AGF: A l/THENTICATfGN CODE ( MAC ) :

1. !•-1/\C ;dgcri l!1m i.o; ;1.sy mmetric Jw .v cry ptogn1 pl!i c !(•cl111iqu e.
2. :t 15 U~£:d Lu J)ro•; io(' 111e-.s~1,~e ;, 11th1:ntir..1 ti,J11.
)
3. /\ MAC uses a keyed hash functio11 th at i11,·lt1d
.
c.;• 1/1•• ' "' ,.. ,,.· c I,c_v h (:: (\Vet•ll the s e 1HJ1·r ··1'•1-1
... .,_, . 11111 - l l

r cc,dvcr wh e n c:-c:,1ting the d igest'.

For e!;t.:i b!is hing MA C r,roce:;s, the se nder •ind rL•c , · , . ·/1 . . .
' Ln er s .11 e ;i symme tric key K.

musolution.in Scanned by CamScanner

 l-&fit.#dM,,,cJ,5h-S

Semt1hr-7

5. Essentially, a MAC is an encrypt ed checks um generated on the untl e rlying 111ess:ige tha t is se nt
along with a message to cns11rc m essage .1uth e nticallon.
6. Th e process of us ing M,\C rnr a uthL' ntic.i ti o n is s hown in ngure 5.!:i.

MAC MAC
K eyK
Algo rithm

MAC
Message MAC fcq1111I ·r
Algorillnn

Sender

Figure 5.5: MAC Process.

WORKING:

> f-igure 5.5 s hows how a sender uses a keyed hash fun ction to aulhe nlic.llc hi s message aml
how the receiver can verify the authenticity of the mcssnge.
> This system makes use or a symmetric key shared by sender and rece ive r.
r Sender use rhe symme tric key a nd a ke yed has h ru nctinn o gene rates a MI\ C.
-,. Sende r then sends this MAC a long wi th the origi 1:,1 l m essage to n~ceivur.
> Receiver rece ives the m essag.:? an d the MAC a nd separa tes the 11ess.ige frn m th e r,..·1M:.
-,. Rece ive r th e n a p p lies the s:m1e keyed !ia~I. fun cti on to Lhe 1:1!!ss.igc usi r:g ihc s'..'I~1 u .;ym ;n ut ric
key to get a fresh l\lA.C.
Receiver then comp:'.! res tile !Vt,\C se nt I )' se 11dc r wi th th e ne wly ge ne r~1ted M / 1C.
-;.. If they m a tch, the n the re n ~iver ;:icce;Hs t!i e 1:1ess.ige a nd :-1s:rn r es h im,:Qlf ti1;i t tne 111c s~.1gc h;:is
hee n sent by the intended sender.
If the compute d 1\11-\C d oes not ma tch the 1\1!\C s e n t by the sender, th e receivc r c:11111 0 ; dct~rrn ine
" h ether it is the m essage that h:is Ut' e n ~1lt e re d or it is th e origin tha t has bPe:n fri lsifie ,I.
-;.., As a botto m-line. a receive r sa fe ly assu m s tin t the 111ess;1ge is not the ge n u ine.
0

Q, l Compare and contrast: KD C vers us CA.

·1:ibl~ 5.1: Comparison b etwe en KDC versus CA.

KDC
--T C.\
--- - ----....
I
I
~D( 1311 J ~ fo r ~ey Dis t r;buti on Ce nl~r. CA St:ir.ds fo r Ce rt ifi ca t e Authorit ·

ht l5 symmetric key solution a gai ns t a ct ive c1 tt.1 ck~. I t is ,;symm e trickcy solut ion ;-ig:i ins t .. rti \'t' .11 t1cks. I
I 1
I , t ,s less se cure.
- -- - -- -- - ~
~
t~
is lll Ul'l! S CC lll't! . - - -- - - - - - ~
I
--

musolution.in Scanned by CamScanner

 --- -

~ - ~------
Pr •f<:rr1•d for WAN:. .. --- --
---- -------------

SIi i\
I

I$,11·v:;,~~1• IJJ~•··
I -,. . - . .. --·· - ~

l ,~nl!' I;
I --
l 1,,q w , -------·
j 1,, ,., l)j ,t I c.011·.i,1 ,,, ,.<1 m ,JI , • ._,., ur,• ill.Ht . n,

\ . ! ~ •ldJ· '' 1/l r'•, . !•!\ ·. le ..., ff 1::i1\ l. p) ',

r•

j ,t; "'jiJ_l;w, 4 JJ:)' :,"',,

j If r• ' PJJ r,i•, ·, Jl:t·,•. ,
I .
If '/, i· •, J•1d·
I • ,.
j ~,1, P,11,n d··
I Y1;J1w1aJ;)a !,;
I
t. . '' 111•:in:-ily,·'•; t N'ln V .
,:1 1)'.J f . IJ IJl•·t;11Jl ,,,qqH~! :i11~1~·.
'

1}~1~ G4 ,J/1~t, .

usol ution. in Scanned by CamScanner

 i ·B:f. 1¥ f ·-1112 :1#5

CHAPTER - 6: i-\UTHENTlC ~TlON APPLICATIONS

'l~h \h~ fo'l"tn:\t ,,f 'X. - 1. q l\\~\t;,l \ ·rttfil·:ltt' anu
~\~Hl\hlt'~ \\\ \\.

t. : .C-ll~ L '1t\ tm\Klrtmt '$t3mi.Jni r 1 r :, 'Public K.~y lnfrastructlt~ (PKI).

·,:_ \t ,~ \\~~,\tum.in~ o~,t.i\ C~rtifh:3t~ · & PubHc Key Encryption.
:3 . X.SQ~ ,,~ th~ bu\hHn~ bl l. ':k.· .l P ·1 sy-:;t~m t ~t .i~fit:es · ~ st:rnu:ird · r.n:;ts fo r c~:- ific3t~s and
th~\, U $\',

\. F\~u~ t1. l :;hows th fom1;..t f X.S -1 igit..1l C~rti fi -;:;.~. -CA- Ce ro -ote Au th ority)

Sigr,atun:? Algorithm 10 •- - - ~ - ----·~

- · •m
~-----------------.1--- ~;-s t~ l
I
SHA1w::t:RSA
•·:y
!-------------------;

Subiect Putl:c
t<e-: info

Figure 6.1: fomu: uf X.SOS fJi gi: al t::cr ! il;ot~.

I SF. m· l)IS \ f AL Sl6~:-\TuRE.

Oi:,:_1r.1\ 1gn .1tt1te

V
!I\ .,
u~ O •a1r3
•.,..
l (. •rt 1fc , l( (,H', t..~ :.~C,1 :c :l(,f$ $
'-• -
<; n 1re,: ~ O!' (" (', f "S l·hs• L,

., lt 1:, 11c;erl fo r ·1eritic:\tl n S: ""3\ic!a tion P ;-p Sc .

It er,st:res conl1de:1ti:.\ity o f c~n:tk :ltf'.
Ito:, :-il s1) b e use l! to \'c !'lfy v;11i,lity ;,Priod - Un q ,1c ID.

musolution.in Scanned by CamScanner

 t
I
,r ' ~~~
~:n~.-~~,,_
~ -~~ •--j'J_
1\~
'
l ~ 3:
~~-~-~~~~-===~----
- /ZJ~~']J
~:..::

digital '-~ ._. 1

- . ---- -.,_,.te?
1
~
"-dir-
'\Jt u, 7
How does it hdp to validate the authenticity of a
rfo1J1Jer1So{tf!f.,.~-
rr

~
_-~-..,- ...,_,t'
~a.in .
thcX~ .0 9 l."'e rtjficate format

[toM - Dec17]

. . ._ 0£ R7&7C..I\TE-

Ca 3 -.-. -=:: (Dq rs a digital fiJ e.

_:J:-= C=..i~ e:_::: cs ~~;.~ b~· 2 rrusted third party which proves sender's identity to the receiver

3. .: ~ ::-~ :ad~ 2 U:,J-ti:h ::.':e Au· mi ty (C..\) to verify the identity of the certificate holder.

~- °i::= CA r-s::'=5 <;.J : za:--;i-:ai oigitaEcetfficar-e co n □ ining the applicant's public key and a variety

.;,. i..i:~E) ....::.:: =b-i' Es · sro ro c:::tc.ch ;:m b!id :ey with a particu!ar individual or an entity.
5. .=-:;:3 ~ '"c:l .:B-2 m =::;;;•rr;:

n. S::..~ =·•, ~ w·,•,-::im ts us...-=<l m u niquely identif/ a certifica te, the individual er the entity
!t:=-i~i:ffi ~ -L_-2 CE, :ifica.e

2:...
rn
l.
is Dc:S"'c:! on ,ne c!igica! certifica tes o f the user .
in ~ i:l~~ r:Z'j' infrc:...~ .x~ re
(PKIJ, cte digir:.:: l c1;:rcifica tes a re us ed fo r
ITT.nsa ct!OilS. se cure cligit;il
3.
4.

l J Ui;e,- t':ll l'TS

i:,:i~'2· .. ~ µab'S1->Y>,d

2 J (.,.: : t n:tr.t-".:~ pn . ·..ai., !~ ·

~ u~s i t to ~~ 1 ~ ~ irl ~~J•c ""·
( &igit.ll !i~ru:-t-)

ri,~ur t' 6 .2: Certifa:ate b,be d ::icrh entlc u i

0 1) Ill ll C€:i'i.

'P45e 66 of04 - - - - - ~ ---~-----

mus oIuti on.in Scanned by CamScanner

 s~mdlfll,._-_7________7_i,fi or', ,\'oli,llom
)\'2!lli.~

ntering this pnsswon\ nnc-, ti

·· c, lC use r dtws lHll 111•1·!1 lo l' l\l or ll a1-t:1 l11 fo r lhc re~.~ of 1hr:
s •ssio n. even whe n nccessin,1ti othci· SS\
,
. l I l ·rvcrs.
,. •11., 1 ct SL
-
·\ . The dient unlocks th~ lll"lvnt •·\• , l . \
' c ,cy • .1 t .1 lase, r •lrlu v1:s lh u prlvnlc lwy for· tho 111:or'i: c:crll flc:H1:,
:1nd uses that private kc•y • tl·,t"
· lo •s1'l'tl .. t \0111 I y-ncn ·ralct I lrnm
, " 1,,11 · l11p11l frnm l,r,\ l1 t I10 cIlu111 nnc I
the server.
s. This data .1ml the di git;\\ sii;nalurc :H"c evide nce nr lh e private l<cy's vnlld lty.
6. Th e d ir,itn\ s ign.ltur c ( an b e cn •a\ctl 011\y w ith 1h;1t private l<cy r11HI c;,n h, v.lll dnlc:d wlll r lhe
COtTcsµ onding public key a~.iins\ the signed d:11.,, which Is 1111 lq11 c lo lhr SSL s1.:s~lo11.
7. The dicnt sends both lhe user's ccrtilh:;1lc and Ill e r:111do1nly-g•..'1H:r:i\cd data ncrm;-. th · nr-twc,rl<.
8. The serve r uses the ce rli fh::1te :1ml the signed d;1\ o1 Lo authc nllcatu lite user' s h.lcnllty.
9. Th i: se rve r m :1y pe rform other ;,11th c 11\i .itin n t;1sl, s, s11t:11 as r hl·cl<•nit tha l lll • C"rt lfl c;11c:

1u-e s P. ntc l! by tlw c\ic nl is stored in the user's c 111ry 111 : n LIMI ' tl :rccto,y.
1

10. Th i.' serv ~r the!\ l'V:ll ltales whether Lhc itlt-11ti fic:I 11s •r is pt·11111 t\ •d t o n 't'c :;i; lil t: n :q111":l1:rl

l l.
resou:-c~.

X.50 9 CERTlFlC.:-\ Tf. FOR MAT:

Refer Ql. ___ _ __ __

---=-----------
Q3) E mail Security.

D l.-\lL SECURlT'I'·:

1. r M ·1Sl" n •ls to • r El
. c...•·t1·<)t1ic
. Mail. . . 11 • 1•1 t1• l'l) '' l I I) S l ' I\( I ; 11) ( I ..' l'I l '••
'"t' ,r1(•.., .,., ....
• • ,. , .. ,
i·,•
c.· . il l " - - I 11\i1"\ I l ( ' li 111 , ,, .
. . . .. i , l vmkly us1:t np ,
2. Eleclro1~1t m,11' ,s 111 ( ·
. cxlrc rr\l' ly i111port:1r,L l~s111·.
othc:- users . .. ,s Ir is bew1nu •111
ii 111cs:,,1gc. . . . I
3. . tl1t' sC't:u!·llY o f P rn il . I for c111,ill ri 11111111111wat n 11.
l hie tl'! ltlS , . . I (SMTP) is W,L'(
. ·fe r l' rowco • I .
1. The Simple Milil 1 r" ns . 1· ,1scd arc ;is fn l ows .
· 1 st:
··1y 1)1·0\o cn s
· •(:Lll l
5. The th ree ma in e rn at ----::--- -- - -
---- -- - - -~ e670( :A
1

musol ution ■ in ScannedbyCamScanner

 i m::,l foo -r,
Pop 3.b..()'rg'

sn1tp.a.0T&

Figure 6.3: Email Serurity.

Privacv Enhanced Mail (PEM}:

Privacy Enh~nced Mail is an Internet Standa rd for P ro tecti ng Em ail.

It was adoµted by inte rnet Arch itecture Board (l.<\B).
nt
PEM sup po rts the th::-ee ::nain functi ons of enc-yption. r.on-r1::pudi2 -on a r.d' m::Ss.ag"":' L~ :Y-
in PEM. Message is DES Encrypted.
Authe n tication is p rovided usi r.g MD-5.

II) Prettv Good P~v-.1 n - (PGP):

,,. Pretty Good Frivacy [PGP) ~ widely used Em a ii cryp t os y rt-::'!:n..
:;,. PGP provides authet!tic:ition th:.ou gh the use of Digit.a! Signa tu,e.
r It provides confi dentiality through the use of syn:.metn · b OQ-,: enc, ',{i--. tr.-.
• r-" uo:t_
It provides comp,ression usi ng Zi p Algorithm.
,,.
The most s:gnifica nt aspects of PGP are t.1-ta [ ·: su p po:--- dtoc' bas:c r eo •"- - ,....,.~-
• .. c .1._ t.. :.;;;:t~ -: -;----ii-, _
w i1 ich i.s quite s'!mple to use and is free ;;.1ong ·.,.ith its so• re"' ~ ..:.,. _ ,J,.. .., _ - .,....,1,~ ; : j-__
.,.
0
- .... \,..,. ,_ c:._~..,.1. t_ (_-J~~ r :' -: - T'II". ..

l t!J
·---~:-:_
Secu re M~1itip•Jrpo se Interne!: l\'t2il Extensio ns fS/ i\ll ~H:i:

M!ME system exte nd5 the bas[c e ma!J Si.·st e m !},.- cermicr·ncr -e ,....,. - - -_ •
_. - • . 0- k ..:b I,. 0 - e .__ · ~ " " : - -;;-,
•1mai! sys tem. .... - - ...........

musolution.in Scanned by CamScanner

 1-M,,t.MMl'J,,,ei,l@ii

Q •I uow docs PG P nchicvc confide, t· •

~ l la 1lly and 1111 II 1 ' .
How is l'onfidt•ntialit1· nchicvc• I• cnt1<.: allon in emails?
Qr;) l 111 c111·1ils · •
.. ' ' usingc11lll•1·H/MIMEorPCP'I

1. PGP Stands for Pretty Good Privacy.

2. It is an open-source, freely available softw k

are pac ugc for e-mail security.
3. It provides Authentication through the us rd ' •. .
O
of symmetric block encryption. e 1g1ta 1signature and conf1dcntiallty through the use

4. It also provides Compression using the ZIP algorithm.

PGP ACHIEVE CONFIDENTlA.LlTY AND AUTHENTICATION IN EMi\lLS:

► Figure 6.4 shows the Confidentiality & Authentication in Em;iils using PGP.
► First, a signature is generated for the plaintext mess;:ige and prcpended to the message.
► Then the pbintext message plus signature is encrypted usi ng CAST-128 (or IDEA or 3DES).
► Session key is then encrypted using RSA.

► In summary, whe n both services are used, the sender fi rs t s igns the message with its own private·
key.

> Then the sender encrypts the message with ~ session key, c1nd finctlly encrypts the s ession key
with the r e cipien t'-s public key.

Puh lir Kry

P~. K
l,

'"""~fl~~©-€)-.
lfa sl:

j
I · ul g
Compress1011 s n .
ZIP Algo,ithm a lul'trse C~mpression
Usiug
ZIP AlgN'it!:ir.

EniaH lE)
~~
l'uhl1r Kl'}'
£11rrypt 1011
Svnu:ie o·i c
E.n rryp tio11

S)'111111 e!ric
-
[lecrr;it ion
PU l'u!ilir :,er
~ ~'ernvt icn

r~·
Co111 p.11 r I■I
iia;;-7 I ½l'j
fu nction~
E(PR. lf(E)l

. . . prp
& Confidentiality 111 " • _ _ __
Figure 6.4: Aulhent1catron - -- - - - - --

1'14_3c 6~ of134 ■

musol ut10n. In ScannedbyCamScanner

 ..,r;,,,.,.,.,_. , .
6I rl ... fi•r,at,·on,.'.111'1!/ir.aatml I
"'umen
/11
rt • 7
. an
Give .. •·1lgor1t• ·Iun to secure cmnils bcitio6
t to emaJ 1s.
Q6] ,vhat are the d1'ff,erent threa • U.A-1•,,•tn
sen t from user A to user B

Ans:

TYPES Of EMAIL THREATS:

Typeso(Email Threats

I
I Phishing I Spoofin~ I IL__s_p_a_u•__I ~
~ L n.rnsomwa1·0
_ _ _ _ __
Zllro Day
Exploits
Social
Engineerin
1
I)

► Phishing:is an example o f soc1a

Phishing , .
· I eng1·neering tec,1111ques. tic;ed
· to deceive users, and exploits
weaknesses in web security. d
► Phishing is the fraudulent a ttempt to obtain sensitive information such as usernames, passwor s,
and credit ca rd deta, Is (and money), often lo r malicious reasons. .

A phishing attack us ually consists of Jn a uthentic-looking sender and a socially eng111eered

message.

Many email recipients beUevc the mtssage is from a trusted indivJ dua) and wi }) open infecter/
attachments or click on malicious Jinks.

IJJ SU!>ofing:

A spoofing attack is a situation in which a person or program successfuJJy masquerades a;

another by falsifying data, to gain. an illegitir.1ate advantage.

Because email protocols lack effective mechanisms for authenticating email addresses, hackers
are able to use addresses 2nd domains that are very similar to leg,·r ·ma.. d . , · ri·ms
into believing that rraudulent emails are from a trusted individual 1
. .e ones, ece1v,ng vie .
►
Crim;n::il$ may spoof an individual mailbox

~~~ u tiQJJ s.com

sagarnarkaar@to_@ erssoluti_ons.rom.
IHJ to
S;>am:

Despite a n~mber of ways to filter out unwanted c> -

1
organizations. . ·r·ican,• cha11 enge {J r
rna,, spc1m remains a s,gn,
While ordinary s pan1 is sirnpiy ca,isidered : ...,
a riu,s«nce, spa,r. is I . ,.
> malware. · a so fre4oent1y used ro Je,.•1'f
Ransomware, for example, is most commonly d _

orgamzadons 1
. ... t o care fuIIYevamate
. spam f d e ivered Via spam, "..,nd i' t behooves ;ill
or angerous intent.

-~-------- -----
musolution.in Scanned by CamScanner
 Ef§uh'ii,?H:::3,1}[,J I

In the most damaging data h h

. reac es th . .
. . e crnn1nals b h"
u ~er cred e n t 1:-ils. e tnd the att.:icks nearly always utilize stolen
One effect ive method criminal
s use to obtain 1D 3nd , .
by email when victims inadvert tl . s passwords is a key logger, often delivered
en Y chck on arr 1· •
Read Password Stealino M l . la ic,ous attachment or link.
<> a ware Remains Ke T 00l '
loggers. ' Y ,or Cybercriminals to learn more about key

Bansomware:
Ransom malware, or ransomware 1·s a typ f
• e o malwa.re.
It prevents users from accessing th ·
e,r system or personal files and demands ransom p.;.yment in
order to regain access.

Vl) Zero-Day Exploits:

► A zero-day vulnerability refers to a security weakness that is unknown ta the software developer.

► The security hole is ex ploited by hackers before the vendor h3s created a fi x.
Zero-day attacks are frequently delivered via malicious emails, ar:d h ackers use them to gain
►
unal!thorized a ccess and steal sensitive information.

VII) Social Engineerin~:

Cybercriminals use s o ci3 l er.gineering to build tn:st before steai:i1g us e, i 0gon credentials or

confidenti al data .
. . k mou te r criminal poses as a trus ted individl.!al (IT sup port,
b a social e ngmeer!ng attac , a co . . .
t ) .:I enoa oes in ;i conYer ·ancn t0 gall' access tc a
.r.nman ~.e s ource, o uts ide contractor, e c. an •,:, "'

company's network. . . 1Ds pasS\\ Ords, and sensitin• info rm:ition, or

. l victim into d1vu1gm o0 •
► The attacke r d e c e ives u e .
. r udulent t rar.sacoon.
dupes them into p e r fonmng a ,ra
. O~I USER A TO u c ER B ( PoP):
. BEi\6 SE~T f R .
AlGORlTHU TO SECURE £.\l:\iLS .

Refer Q4. _ __ _ _ . . P ~ P (Prdt'" Good Pri....-acy)

bh' funct10n rn u .
. and rcas sen1 .
Q7] Why is t..1-ie segmcnt.Jtion .
needed

Ans:

of 50,000 octe ts. r n li

--- 'Pae iO( •~ •

- -----musolu 1on.1n Scanned by CamScanner

6 \ 11.u{htnfir.nfion :AfffiMfiont _ _ _
St_mdl
__ft_r_- .:_
7 _ _ _ __
~
1
. ny message longer than that must lie broke n 11r into sma ll er St!g,11c111 s, t:i.l 1 ,f w Hel l 1, 1 1.11! .d

sep'1rately. 1111
To ac.:rn inii1ml,,l t! 1lw, n: , l rit:L in11. PGP ..u1101H i-Hicillly :-i 1d>div1d ,::-, .1 ,,,, ...,..,,.,,,l, 111.il 1·, l •J•J !,,,)',~ .v

segments thnt arc s111all enough to sen d vir1 e-mail.

:, The segmentation is don e after all the other processing, i11cl11ding l))L' ra<.lix-61; c·<JIIVN!;tvr ,.
6. Thus the session key component and signahirt rnmponent ap pei'lr 1,n!y <)II ·c, JI th 1! iJ(!gir,nh (if

the first segmenl.

7. At the receiving end, PGP must strip off all e-mail headers and reassc Jll ble rhe _n Li re 1. ri~in· J l> cr.J,
before performing the s teps illustrated in figure 6.5.

Couvcll r:1,lix 6-f

Slgnaturo Rcq11lre117 GrllH-'I& Slgnnruro O..:r.r;s,cK~

I
~
Co11Ji 1l011linlly n N111ii~j -----
'-----r---·_J
No

r.cnvert radix u••

{A) Grn cric Tr,ans111issio11 Oi11 i;1·11:11 (l' ro m /\)

Figun.: 6.5: Tr:111s111isslon :lnd Rccc11tion ofl'Gl'

- - - - - - - - - -- me.:;:;a ges.
Q8) Explain key rings in-~P~G~l~'-·---------__:~:__:_:_:~~~-------- -

Ans:

PGP Stands for Pr~tty Good Privacy.

It is an npen-s ourc~. Creely avc1ilablc sn ftw .
. . . a1e packa ge fo r e-ma il sec u~· '
3. It provides J\uthcnt1c.:li.in throu gh tli r us, f . . . • 1t:--
• , o.: o u1 g1l;:il !>1gn atu r e and r. .
nfsymmf:!tr: c blo ck e n cryp ti on . con, .den l :2l.:v n
It als n provides Compression u s inP-~ tl1
· e ZIP
• a I.gon!'hm
. .
f
h'. L Y l!I N<'iS IN Pol':

J. PGP l\Scs key ri ngs to identify lhe lrny p;il 1s ti - - .

' . i.it .i user C'I\Vns
·2. I nvate-key r ing cont.ii ns 1rni>llr/1ff·1v·· I ' 1· .
,1 L wv p:urs ofk ,
or t n.is ts.
Publi k · - cy~ hP (J\vn ·
1. c- cy ring co ntnlns public keys of ntl,cr s. l 1e trust<;. s.

rfllJSOI u·ion .In Scanned by CainScanner

 i·Muf·MPFA,,,t\,JMN

1'" h I'• ,, 1111 P1 lw , ,111111 1 111 1 u\J 111111 ii 1 l'itlilln lu.1v ,.. , . .
' 11111 ,, 111
I I1I 1Vil 1It 1lf! Y 1'11 Ill,
I) 1'11htlc llm• 1'III L11
1•1lP ,111111\•>-t 1111!11 q, 1,, 1111 1,1 11 / 111 ll'tl lp 1111\1 11ni1'ri l11 r 11111 Ii 111,11r,
11 11111111 1111111 1' ii 111 11 ,111 h 11 \H1 h1111 w 11 ill 111111 11,111 ,J,
l'uhll•' l,1c1v 1'1111 ll11 u ht ,1111111' 111 Vr11lt111 !i wny11,

-- ---- '"---~--
- - - .,,.__ __ _ - - - - - ---+- - -- --1

'l'r11 •ll J h1111 I ltlti t' 1 'l'1•111n _ll ng , r-- - - - - -1- - - - -

---- --=----- - - - - - --1-- - - ----1

uwu11 · ~ l1'l'l'll:il vnl\1 11 1111 1h11 I<

,,.,, 11 \\1/11' 1': ,1:::1i1111 11 11 v 111 11 I ISti l ,,1 11•11 I 1,, I ::t• j' /• 111 •, ;1 ll •' VI lth lic l< c>y.
~l~11~LUl'tlSl ~l1:111°1u 11 · :, .,11 r1 ,·l1t•d 1111 1111, "11,

fil~1u1Lurn LUL~J.St 'l't'll;il l',U II P 1111 11 111 it,

111 '1 ' ,, I I\ .\i ,l lHllnll ll'lt ,l ll ilrllr' ,1111 lil t• 11,· \1 : "1 111 k 11 1,111 11 " v:il , ,,. ;<;
t1111:l1mr~tl II' tl1 t1 t)\\l l\t 1 1' I·, Ill I\ Im, 11\11)

I~\' cul!J.mut· 't.'l'lu_,ex 1,,i 111 ,, w l111·l1 1 (:1• IVl ll 11 11•,11 1,,. l11•v,
1

II) 'ci.Y.ulti!lt!.t.V l'lllUl

,. It Sltll't!li tliu p11hl ii'/ 11 1·lv 11" lt1• v p,t1 1·:: 11w1 1"il hy 111 111 11od1•,

).. Pt·lvo le l<11y:, lll'n r 11 1·1·y p ll'il 111:1 1111 ,I 1<1·.v hli t,l' d ll l l I lle ' u1:111•':, l\ il ti.~p l1 1',1!,1• (Si l/\ ll ,1:-.h l'llrl,· nr' th,,
pn::1;pl1 l'!Wt 1J

l~ . '
iii,,,-=- ·--·- Tcu~•111
'
1'

11., I',

.• 7-' of,:;.~
Pr,q11
1

musolution.in Scanned by CamScanner

 11411
f
, I 'i 111,·,t s,1 1 ,orls :iuthcntication in distrilmtcu
K'-t'l n In IH'I' ~,·a·os pro 1ot 1 • • 11 ,
sv!·t;; ,;im,n
•

[Q 9 I 10IVI - May16] & [Qto I 10M - Mayi8]

Kl~ trn .UW!~·

l. 1 Greek mytholof{y, l(t~ rhcros Is a t!ll'ul'•llea<lcd dog that guards the entrance to the Hades.
11
L WhM, 1u: l11 ~cc,1rlly, l( nrheros Is 11 nclwork authentication protocol.
3. It Is dcsl~tH!CI to provide sl rong nuthenlication for Client/Server Applications by usi ng Secret-Ke,:
(Symmolrlc l(cy) CryploBrnphy.
4. Korhcros orlr;l11atcd i"l l MI T (M:i:;s;.1chusctts Institute of Technology) which was designed for
~mailer scnlc 11sc.
5. l<orhoros Is 11:-;c(I for :1t1thc11tkalio11 :111d to establish a session key that ca n be used for
conl1dm1llnllly u11<I l11Le1~rlly.

WORKING OF lilll BE.ll OS:

rlg11rn 6.6 shows th~ world11g of l(e rburm:.

I
_____J

------~.. _._____
1)t!J;·?4 a/~ -----

muso u ion.in Scanned by CamScanner

 i·Muf·MPFA,,,t\,JMN

"'

.,.
_e-:r,2:- ('iTGS;...

Tl-:.e: TGT ~=-- c:~ \,;:~:-..e::

ce:cr) h- ii.Ci __
TI•.;;-;._- ~..E:':'."~ c;_:-_c:~~:..e:: :-.:-..,::' -:: ~--: :::r..:::::. ::Jc:=-~::-.. : -::. r.:::_.- ~j,'.'_I) ::.:d ~..:1:c:;:i--:73 ::.'"le :->1 '.J -_:-i'.'- :..::i~·r .:s.,:::~.:,

,,.
,.

,.
,..
I-

Scanned by CamScanner
 ~ ~ r <;ontacts Secrer for access:
JI!
Server in order to i:nter in to a session.
User can now sen d KAB to
Si nce this exchange is also desired to be secure, User can simply forwac ci KAU encryp tl'd ~v,1~
,.
Server's secret key to Server.
This will ensure that only Server can access KAO.
► Server now adds 1 to the timestamp sent by User, encrypts the result wit KAB and se nds it 10

User.
Since User and Server know KAB, User can open this packet and verify tha t th~ timestarnp
►
incremented by Server was indeed the one sent to Server in the first place.
Now User and Server can communicate securely using the shared secret key KAB to encrypt
►
messages.
u key from
If User wants to communicate with another server, than User will need another s hare·1
the TGS and specify the name in the messagi:.

Qu] S/MIME

\ernent
r\ns:
[5M - !\lay17I
S/ MIME:

1. S/M IME Stands for Secure/Muiripurpose In te rnet M ·1 E

2. It is a s tandard for public ke enc . . a1 xtensions.
y rypt1on cir.d s1gn' n, '" M
3. It was originally developed b RSA ' g 1 ►, lf-t E data .
Y Data Security !nc
4. S/M
_ IME enables email security f eatures by p .·. _
· ed services.
integrity and other n•lat . r o\ •d in g en cryption ' a uth entica li o11, 111 L'S~.11;1
5. It ensures th3t an ema·1J message is ser.t b
. .
mco ming and outPoing
o messages. . Y a lcg1~ima te se nd
- e r an d 1

To cnahle S/M IME based . provides cn c,·yptit'll [< r

6.
cornmun1cil ti on •h
ke y and s ignatu res issued f- , , e se nder and rec ·,
. . ,oma ce rtificc t e1,1erin us tb• ·
A d1 g1 t2l si ona►ure , e aut hCJri tv (" 1
.1t. 111tegr.:llt• d ,v 1,; p1il •/11
b ' . ,s used to va1· l , '-A) . .
. .i uate
e: r.crypt1ori and c . a
ecryptJon services
a. A very SPCIJ,':! way().- e . .
. -mail e ncr·✓ • ·
9. X.SG9 ce:-tificate$ are used b . , P.ion is the S/M IME
Tl YS/M I ME · f)ro t,,c I
·
lG. '<' user d oes n't d c1;-i::J ccin b . G.
F= r.ee to have: an . t . e cr eatEd h 1
11. ,gure 6. 7 shows S/M } echni ca j k , tlw a d 11111 .
IME Encryµtio P nowJedge tn u ' i1slrc1 t,Jr cJr JJI\ I tru .,t i r n:
n rocess. se S/MIMt,

-- ~ G---
■ -.le 7 of[,- ;;;--------:.

musol ut,on. in Sc= dbyCamScanner

 11£· ¥ i ·t:::2,1fl·!I

Sender

Figure 6.7: S/MIME En cr,pt,on

. . Process.

. a. nonce in key distribuhon

What is . . . scenario? Exp .
scenano if A wishes to establ" h . · lam the key distribution
15 logical connection \\-;th B
master key which they share WI"th.1tself and key distribution· A and B both ha\·c a
center

[10M - :May18j

~O~CE. i:-l KEY DlSTRiBUTION:

A nonce is an arbitrary number that can be used ju~t once.

1.
lt i:; often a random or pseudo-ranco.n !lumber issut!d ir. 3n aut.henticatior: protocol
2.
lt ensure that old communication'.; cannot be reus':!d in replay attacks.
'l
Nonce c.ar. also be u seful as initiaHz.atior, ·;ectcrs and in cry~tograph1c h2.sh functio ns.
In key dis tribution scenario, ococe may he a timesran,p, a countec, oc a random ournb.c.
S.
1 he minim·..im requirement i:; th a 1. it J;ffers w ith zach requ est.
6.

Kf.Y DlSTRlBUT!O~: :1spect of the subject informatio!1 anc nttw.-ir'.·

Key Distribution Scenario is the irnpor!an t
1.
sern rity. ' d,. lo ,ed in ci numbe
. r of ways.
The key distribution concept can oe
. -P\<?Y>dist ri\wnon
. at,ernau,es.
• . ·., .
3
Two partie!; A anc 6 can r.;;ve v nous
• , \ly de\ivf r to 9 .
51 0
a A c.:in select key and phY& d ,:<>Hve r l<eY t o A & 13 · . ., .
b. Thi rd party can select · • • .,,·i u;
. - ,. , rcv,nu:: lj' can \ 1:.e p 1 ~
,,y
to ,ncrY~' " ''" k, ' ·
- .• . ._ i;
o. u h.., ve commun1c.st-c p CC r •' · vkl!'' \·,l\\\<1 11 .\ ,
c. u. 1.J ...
; ·atio•~S wit\·, cl i.. · :iri-y c:in . 1:•••. J
,1 ,lfl1 j1 • • • . ,, •h l• \ , '
<l. If/\
If A & B h a ve secure cornn1t.1n,c
· • \• - \
·,, ,•·"' ' \ II ::\li~
!l l \ \ l ~•~r '- •• '- ·' '
n, ,,\1 , \; t• . ,. , ,1 • .
·
5
c,\•,nes • .,. ·
The Kty Dis trihut:O'"l s,~pr,an° ;i • ·-

--------
dir.l ribution ce 11tc:- (KDC) . ·
1- 11 ' 1re
' r '1l\\1i; 1ra\(' ( \1., -f'' r..
. · ScPnart D ' " ·
5. A typical KP.Y Distr:but1on -

-
mUSol u{i011 .in Scanned by CamScanner
 Gl 11ul~l;CA6on '

li!Buf·SMH,\,fuiMN

I<,•)' ll ltl rlllltlhm

Sll!llS

(-1) E(K., N;zJ

,\mhontic:1tio11
St r ps
~=;__-~ (5) E(I<,, f(N.z))

Figure 6.8: Key Distribution Scenario.

STEPS:

1. A issues a request to the KOC for a session key.

" Nonce is also sent.
•
Nonce in cl udes identities of c0 mm u11 ic;.ti ng pa :·ties Jnci a un iq~ e value.
2. l<DC sends a response encrypted with A's secret key l<:
1
• It includes one-time session kEy Ks

• Original request message, incl uding the nonce.

3. • Message also includes I(, and ID of A encrypted with KB ioten<led for B.

A stcres Ks and forwa r<ls infonnation fo r B i.e., E(K,., [Ksi 11D,,])
4.
8 sends a non ce to A e ncryp ted with l<s
5.
A res ponds by performing some fun ction on non ]·k .
6.
ce -1 e increme nting.
.fn. e b s t two s teps assure B that th e rnessaoe ·r ..
a , , ece1ved W~s not~ replav.
-------~
l{ E'{O JSTR! BUTION ENTITIES·
...

I)
,..
H)
,..
,..

-------
musolu --- ■

: In Scanned by CamScanner
7 I Securi'J ~ ~rewa/6 i·Muf·MPFA,,,t\,JMN

..Sttmt.rfer - 7 To
CHAPTER 1.Sofufio111
Q tJ
.
What 1s a firewall? \Vhat al" th
- ?: SE.cum.TY&. flREWALLs
AJ)S:
e e fi rew•1 ll ·l • .. . .
• • CSl~n pr111c1pte·?

-
flRfWALL:

J. Firewall is the device or set of devices l ~ d

[5M - May16]

2. .
It ca n be hardware, software or co~b,·n OLate
ti
at the
fb
network gateway server.
'" a on o oth.
3. It protects private networks from outside networks.
4. It is a nehvork security system that m ·t d •
- om ors an controls the incoming and outgoing nt?twork
traffic based on predetermined security rules.
S. The rules c1re nothing but the firewall security policy.
6.
This poiicies specifies which traffic is authorized to pass in each direction.
7.
Firewall examines each packet to determine whether to permi t or deny network trnnsmission.
8.
The purpose of firewall is to filter traffic ar.d keep malicious or un s;,fe info rmation outside of a
protecte d network.
9. Firewail is like a secretary of network.
10.
A firewall typically es tablishes a barrier b etween a t:.-ustecl, s~rnrt> in ternal network an d anoth~r
outs1·ct e networ.k , sueh as the Internet
1
or \Vide Art>a Net,·:ork that i:; assurm:d not to be secure or
trnsted <1.s s how n ir: figure 7.j ·

F i1-..'-"-:til l

,, 7.1: Firewa ll.

Fiaure

~
... r I,T1 ~s-
?JB£WALL CHAR1-\CTE.~ .__, ...!. , • , l I ·endine- on set of rnk~.
~
of se:·vicc~ can be ::ice :,St c . 't.>(, o
Serv:ce control: Sp2cifies wha, typ e . . = • . ,·.,.~ tion :rnd tkw of I :1rt1rnbr ~t' :'\'tCe.
II) ~ •fiesth " (lI·,.,e ct1·0n ol 111, tu .1..,, ·
Directic,r. control: :-:,peCI
1
~ •
-- ·111 G\\
. 1 le' - cr~:;s :1 :-t' IYtt'I!.
1
IJJ) . Particular use1, .~, ,U •
User control: Specifie~ which · . .
IV) . . ~ beh3vior nf t Iie. ~" r'\'l c' t' .
Behavi<!U=Ontrol; Sp~crnes ·'

f.IBi.WAl LDE Sl':i~J f'RlNCIPLE:

-....c....::__ - -- ·I
. ,· l' tlie firt'\\·.1!\.
1 ·, til l 11,, ·
· ·p r , ·1 11' ll •, 11• · ·
,
,.. All tr:iffir.: frn,~1 ins .id. e t o ou t s .itle :ll'd
· · vice ' -· .. , .. -,. .,. poUry will .u•: :i II t,,,·cti ltl p:1s~.
Only auth0;·ized Lrnfll:.: , ;is definct • 'l b v Ihe 10:::11 st C\I . 11 •

C trol Link. .

------------
io Establish a Sccurf: on . ,, ti:ised ;:tt,tl"~~-
To protc<.:t the pre mtst!
· c; net•.vor k f ro·11
' lntc1n, , .
_ _ _ _ __ _

fla.J~ 79 er..,
'°64

, musolution.in Scanned by CamScanner

 " ·ii)l .s diffcl' •111 from lHS?
I\ I'll tll ' I \ \\

IQ •• I aoM -
.~
l)cc16 l & [Q:l I 10M _ M"~~

fltJfel' t) I ,

I) J111cltul 111lltlt'IIIIL l1h'tlwlllh

. lll(J ro11i-c~r flrcwall.
/I p1111!,•l lil1 11r11111111·t1w,dl i'l 11h10 f!ill IfllI nfi sci '"111
Il 111 111t11pl,i~1 111111 1111l·H 11ffnl'I iv,1l)lfli nflfr 11wnll,
.,..
\
ll llllPl"l lhrt 1i.1d11il hnnod 011 fnllnwinf{ lnf<ll'lll Ilion:
~ ~)11111'1 I' ,111d dit:Hl11 n1l1111 IP nddl'!Jlitl,
• ::11111','" 1111d d11:11ln11 1lo11 Pn1•1 1drlrri:i:i,

• 11 1 Pt 11111,·111 l111 ltl,

'.- l':t11 lw1 11111'111111 lln•w11II 1ix11nil1111:i p111fo t:1 11p 10 th,1 nc.twJlrlLl.n.Yn :ind c:tn only filter p~ck11
ilni,l'il 111 1 1111 1 111l1111111,1l11n 1h111 l:1 1vn1lahlrt nt tlw 11,•1w,wl<lny,•r.
► I\ p111'1M ll ll1•1' 11•1·,·lv, 111 jHl('i<r•t:1 n1,d p:t i:;,•ii llHllll Lllr11111~h :1 :;,•t 1,f rn l1•:-;, if thL·y 111:nrh the ru\ ·
lliuil ii I l 'l'pl Il l' I f'i, 1r1'

11111111·0 '/,l t Parhtit Fll1 I

. CJI 11 8 Fll•l'\\11\ 11.

l•;r11 d1•1 11y

'., i111pll1'ilv, l'.1::1:,jll'"ii of p·ti 'lll't ,
, 111 u1·1::w111H,
.,. J.uw r u:;1.
.,. l.,,w lll1p:l!'I ,11, :1etworl{ 111 ,1,1••
!ll lllllltt't' ,

,,

Scanned by CamScanner
 Semeite,_ 7
\\)
filateful lnspectio 0 F.irewa\l.,
Unlike packet fi\\crin,~. firCW;'I\\ St
'P
be initiat ion . lbta \r;l n.,,·fe, r ur \c• r matefu\
inati firewall k ccps lrar.k of s1.:it1· ' ,
A drawba ck of packet 1 ters IS tl r·, .
on . - Jf a crrnnct tion v11l1C
i . ·h rn,JJ
• ,at they
~ vu\ncrab\e to are state\ css and they have •10
pack e ts w \Heh makes t\ lt!ITI
Attacker may modi· fy t\
,c attack b s . spoofing
. "a•t·acks. · memory of nrei,·,, t i~
,. , ,
packet fi\ter . y plittmg it into multiP\c packt·l~, wh·ICh f1OCS un delected in 0 •

Statcfu\ inspection fircwa\\ examines

. a g~ou
Statefu\ firewall operate s a t network tr' P of packets at the same time.
.
.ss on layer 0 r ost .
,------- . - ansport & se i
Client IP Address ,------ - • MocleJ .
Slate[ul l':.cket Filter
191.168.10.1 172.H .5.5

TCP
From: 192.1 68.10.1
To: 177.1 6 .5.5 -- TCP
From: 192.168.10.1
To: 172.16.5.5

\.-TCP
- From : 172.1 6.5.5
To: \ 91..168.10.1
-- 172 16 ~.s
F·r-om: TCP
T~: 192.1 68.101
_ \

No UD P Se'lL "7CP \
fr(»n: 172 II, 5 !' --
~•a Protoccl Match. \- To. 192.16'! l ~
UC,P !l.•·icct

Figure 7 .3: Statefu\ \nsµection Fircwali.

Advantages:
Prevent more kind s of OoS attack than packet fil te r.

,. Have more robust logging.

llisadyantal,!es:
,. S\ower than p?..cket fi\ t ering firewall.
lt doP.s not prevent app\icnli on layer c1ttac\<s.

ill) Alm}ication Proxi es Firewa\t

. I ' ,.- 11 t\l e twn \l o~IS ;-111t1 i t is , , . ,,..

ccmmunicalc witll each nth c f. , ,.. r. ,rrn
',,. App\icatior. pr,,xies never allow o Uirect conncclH>O ,e,we · 1 1

tothem
· .. .. • th the :n" h ·""' ·' h"' I ·' "' "•"
E \ · f 11 ' \ 1a \ nctwnrk 11., rt • \\ I
1111
. ach proxv
• ngent nutncnticatcs eac 1 iv. \blontctrlCS,
' 10\w•' ,,,att·hto~
. . -----

".'---several forms such as, user ID and ~ -~

•. ~ - - 'P"!J;e s, o{ij/1 •

·musol ut,on.,n Scanned by CamScanner

 ' , , 11,.,.,.,,..,
'jL""'-~-----~---: r
//~I_:v:""'::"::_':_;

:.. fj
. .de the packet. l•hn'·'i i .J:n2,ifo5
► It also veri ies the. data msi f the OSI Mo ctel .
1· ation layer.o
It work on the i!clPi!PlllllC=~~
►
__S_o_u_rce
_· A:--d~d::re=ss-;-~ I SOIIITe t'\<l1lr,is-;
t 7 U.2 11. l0.60
178.28,10.80

JP Pitcket
I'

Inside Host
7 IP Packet
- ..
(
HTfP
SMTP
1 - !

- Outslclo Host
I

FTP

I l TELNIIT _,,
App Ucation Gateway

IP Address: 178.28.10.60

Figure 7.4: Application Proxy Firewall.

Advantalies:

-► It has com!}lete view of connections and application data.

► It provides detailed logging.

Disadvantages:

► Requires special client .softw are.

~ernent
►
Pr~ces s intensive. They requires Iat of CPU eye\es itn d me ma ry to p roe e s s every pa cket that ey
see.
th
IV) Personal Firewall~

It is software application used to protect a single internet connected computer from intruders.
Personal firewall protection is useful for use rs With.'always , . DSL or cable
modem.
. ·on connecti o n s sue 11 as
These users are students, hoine users, individual wo k

. a separate ...nrewal\ system would be <xp

Usmg . r ers, sma]J· busiJ1essmen etc. JI,~
used. •
► '"· ensive. To tackle thi s pi·0bl e111 personal firew:i
,.,,. It is an app\kati en program which runs C>
O

►
Personal firew;i \j can ue u'-e' d w ·it}1 cl. !l t·1\'irt;s
.n cl Work station t 0 bl oc k u1~wr111~ ed trziffi c from nen•/O
,. f

Example, Norton Persnr,a\ fi rewall 1· . re effect, ve ,rnC e:,, '"·, rt

,o tware to b • con, e inu
. roin Symantec, Mcl\fe . 0
H.OW ARE fiREWAu.s r.1 IFFf.l{E \l·r 1:1)011
- - - . ; . ; ~ ~ ~§1 e Pet Sona] firewall etL.
ReferQ4.

. ■

m lution.1n Scanned by CamScanner

 (5M - Dec15 & May18J

network gateway server.

the network or host

Firewall is used to protect private networks from

IDS is used to detect and report intrusion attempts
outside networks. to the network.

Firewall can block connection. IDS cannot block connection.

lt does not gives early warning of an intrusion. It gives ear!y warning 0I an intrusion.

Firewall is more likely to be attacked then IDS. IDS ls less likely to be attacked then Firewall.

It is not aware of traffic in the internal network. It is aware of traffic in t!ie :nternal necw o rk.

ITypes: I Types:

11. Packet Filtering Firewall. I 1. Net\vork IDS.

I 2. Statefut-inspe.ction Fi:-ewail. I Z
13:
Host IDS.
Protocol Ba~t:d :os.
I 3. Network Address Translation fir ewall.
4. Application Based firewall
I 4. An ornaly 8 dsed ! OS.
s. Misus~ 13a~ed IDS.
I 5. Hybrid Firewc:111s.
6. Hybrid IDs.

musolution.in Scanned by CamScanner

 .. etwork. Compare signature based and anomaly based IDS.
Q6] \\'hat are the different compoaents of an Intrus:on De tedivn \'>~tc.~,u ·J ( '
• O•,
the v,orking of signature based IDS with anomaly based IDS '·1.ll<:1't

Ans:

IDS:

1.
IDS stand for Intrusion Detection System.
2.
It is the device which gives early warning of an intrusion.
3.
So that the defensive action can be taken to prevent or minimize damage.
4.
IDS detect unusual pattern of activity, which may be malicious or suspicious.

Jl
SWitch

IDS
Server Router

rg -
c:::::i:;t
PC

CHARACTERISTICS:
p Figure 7.S: IDs.
1.
It must run continuously Without h
2. I t suould
1. uman supe· . .
not be ir. a bl
. ac kb ox. cv1s1on.
3.
It must resist subversion.
4.
It must be fault toler;:int.

)DS SIGN!FICANCE·
---.:
1.
IDS is used forMcni·t .
. onng a11 d ana]I, · .
2.
It helps in assessin , _./J ng !:>0th Use
3. . g S} s tern and fi l ; . . rand syste ..
!DSdetectattackwhi h e .n ,egm y_ lllact1v1ties.
4. r • C :-n;:iy hr1rrn th
it provides cross pla tfor . e system by r .
ll is used . m Pr1Jte(:ti0n. -Ontinuousiy . .
to tr..ick llse r 11c1· . tnon1t,)nn o it
6. ID~ perform A
'I~ ll_)' 1•1nf ~ .
1 • ;i t, ;1!1s.
na.ys1s of - b
a 11orrn- •
a, ;ictivit
COMPONENTS OF AN IDS· y P,HtQ1 ns i?1 o d
~ rert
~-
. 1gure 7.6 shows the co o secur . '
e cl 1.et\~,, rk.
rnprments of ID
- - - - - - - - - s.

musofut~ ~-
• Scanned by CamScanner
 -
Iii, "''•u-., I
1••111.,1•••

I , . . ,.. ----1
--
-
1
,,. --
I I of. •••'-I

"· •1111 ~ 11.,◄

I) J11c:u1111m, trnfUcLJo~ llu!il;

II)
Ill)

IV)

SIHnaturn Based IDS

11 h l!.1s,•d oil hdiavior ol us·•r.
ll!i-,>~ 1m:J111:1l11 d:1 l:11Ja~t• of sil{11:iu1re.

ii 1:; 1~ ·1; cifl&ill :1s n ,111p.1;·e d Ill ~ig:\,ll ll l't·

nas1d IDS. 1

11 ,~~ii:1~ 1;;-;v7'1 w
tne~-; 1~1k;1~v11~1t1.l~1 s~ - ·- -

-ti;mi7i'iyiT:i~ ll)S 1~ )1':i thl' sys t•. 'l ll ,l l tivity

·!· " if i' t ·· tl l"ill :1~ t•llill1 r w1r11 1:i! 11r .111t1111.1!1J11:i
I
;I rl I < , I ,:, ,,, '
, .•,·i ic:; r a1lw1· tli:1n sl i-;1 1.1111 n •.
IJ,t!:t•( I ( ) 11 l I f • 1111, 1 '

Scanned by CamScanner
 i·Muf·MP\1§,,,t\,JMN

_ ll,_ _ __ _ _.Semdrler-7
7 I Securl'J ~ 'NrrlMM
rortcr~ Soft,l•110n,
-----..:_

71 Vi ruse~ ~ncl their type~.

f ,• 'II'- •.,,,, , - us?
•s all (I • • 1 1 '
I low clo thcv
·
pro11:i ., ,11 ,,.J
o • ..,
QRl Whnl nre the different l,rp1:s o , " , . - .
IQ7 I 5M - l)ccar,I & (Q8 I aol\1 - Dcc16 &. Drt171
Ans;

1. A compui-cr vin1s is n type of mallt:1011.o; ~oflware pa·ogram.

2. It is a program or piece of cnde that is lnndcd onto the to inputer wil h nut t1Se r's knowl edi:e Jnd
nms against wishes of the user.
3. Viruses can also replicate themselves.
4. All computer viruses are man•mncle.
5. Viruses can automatically copied ancl p,,stecl from memory to m e mory over & over.
6. It can cause program to operate lnrnrreclly or corrupt a wmputcr's memory.
7. Virus can spread itself by infecting fil es 011 a network fi le system th~r is aL"cc:;si:d by utlH'r
comruters.
8,
For Exam~ A virus might attach itself to :i progr,im such ::is Excel. Now c;,ch tim e tlw Exrf'I
runs, the virus runs too.
-I
t:
J j
TYPES OE VIRUSES:

Types: ofVi1 ·11s0s

1r---·----~1-----
1e_ _ _Do_o_t_Sc-Jr,o-r\-~-ru_s___~l-01-
ou.~T-i11~

E:;erntl o11 Vims

11-01-y T[_
" _l,-le-111_ L _ _

\'lr11s
M~rro Vin,.•
·' 6111.,11 \'irm
7
Flgu 1·"'- 7 ' 7 : ·1·}'Jl" •'
~ -• 11f Vi I•IISt!S,
(),
,iliw TI mc E2illru1Jilll..YJtllii.;

Tliis type of virus cxectt tes only nncC'.

-- In 011 (; 1~x•~cution, Virus S Jl r P:i •~ . .. , .
,1 1. tl.,1 11pv 1:1 n1(i ' · t
-,. I' 0 -
r t.>GHnplc: 1\ virus that con , .. , .
. l l ll\' '1\) '
' !>I} 1
11;ll lt-i o 11s ,,ff, .1
, c~,ls .i11t'· 1n.iil ,. l ( '
sp read it:;e!r. oll l a1.l ,nl!,.' l\l. 011 c:.i ii , , t
· 15 0 P11 lH·d, it i:,•t-: t':-.1•,· 11 1,·,I JIH,
11 1 Jlu.u L.SJ.: ctu r. VI l'\l 5;
Thi!> iypc nf' vints i11fe1·t s: tl1 I
. ' e 10( 1\ !:1•1·tu 1 Ill 1
CD or DVO. 11 nppy dt!; k~ 11·11·11 1·
' • l l SI· ' . 111
· ,s ' <1 11thc•r lin1 i1,1hl1• 111t•tl1.1 l1k
Exa n1pl e nflJoot Sector Vt . _• . .
t 11 :; .i 1 i• h in 11 1I!: S
, l t 11 \l) 1I,
-- ------ ------

Scanned by CamScanner
 .. -.

7 I .SecurifJ ~ 'firewaffr .Seme.1/er- 7 Toeper'i Sofullon1

Ill) MemoQRcsidcnt Virus;
,. This type of virus lodges in main memory as p;irt of;i resident system progra m.
, Fr,>m th ;:i l point on, th e virus infe cts e,·e:ry prngr.1 ,11 tl1;1 l exerntes.

IV) Ma cro Vlru5:

, Mac ros are the blocks of the code written to automate frequently performed tasks and embedded

in a program file.
, Macro virus is platform independent.
► Virtually al! of the macro viruses infect Microsoft Word documents.

► Examples of Macro virus are Relax, Babbles & Melissa.

V) E-Mail Virus;

► This type of virus is transferred through Email.

,.. Generally this is a macro virus which multiplies by sending itself to other contacts, in hopes that

they will activate the virns as well.

\TI) Network Virus:

This type of virus are unique ly created to quickly spread throughout the local area network and

gene ra lly across the inte rnet as well.

It ty pical moves within shared rernurces like drivers an d folders .

ea I fro m one compu ter to ano thPr with out

A won,1 is a piece of rna licious .:o d e t h a t c.,n s pr l

re qui;-ing a host fil e to infect. . . .

. t ·tself and makes use of a PC's n erwork connect1V1ty to tra ns fer
2. Worm is a program that rep Iica es I
a copy o f it!:elf to o ther computers within that ne twork.
. f ' . ig this without any input from !he user.
t..J
3. It 1s cap a,J e o
GOil · . . • . .. •
. • · h I :In not reo ui re a ho5t program tCI ru n, bu, li ke v11u~t?s,
Wo rm s arc dis tinct from vin1se:. int a t t iey l • .
4.
• • cause dar,~age to th e in fe cted computer.
thf'.y ,i]most a j Nay" ·

5. Thus, th er a re si:!lf-propagating.

I) Em;1il Worm£ .
• . . f)("' r "rr. ,,il r.J11: r,t t" ~11 :·1',,cl qi·rlt. .
r ,\;) !:Olcll
·1\·1-,~m·
· ·
us ,·" •1
J ..
• ·· " · ·
I ·· 1 · 1 , t th , ('l)'lllll llt'f'. • ·t
•J I 1
,,,ill
. ' .
I ·. t' ,. cnrnil urn t. w!H·ll rllcke<, \I' ll in .n ' . .
it w!II eith er ~end ,, lin k WJI ,1.1 n - . ..
r
h . <: ned 1-.,,1! :;tart the 1nfcL1 11 >11.
s'.:!nd a:1 attachmen t tha t, w .e n op , . I '"ILOVEYOU" worm. which infected millions of
le of this tvp~ o f worm is t ,e
;... A well-known eY.amp .
mputers worldw1'J e in
· 2000.
co ---- -{
'Pa_Je 87 o 134

musol ution.in Scanned by CamScanner

II) 1n.1c:rnct wonns: I
lntl:rnct worms are completely autonomous programs. .
. . r . I itli , r vu lnerab le machines.
Tln·v ll~ l' ;rn l11fectcd machine M scan th e 111 l L! l"llt'l or t! ·
• . ·11 · f,ct it and begin the process ag;iin.
Wht•Jl ;i vulnerable machine is located, the wm rn w 1 in e ·

111) .Eil.s:.:s.11.ilrlnc Networks worms.:

File-sharing worms take advantage of the fact that file-sharers do not know exactly what they are

downloading. fl)
The worm will copy itself into a shared folder with an unassuming name.
►
When another user on the network downloads files from the shared folder, they will unwittingly
►
downlo;itl the worm, which then copies itself and repea ts the process.
In 2004, a worm called "Phatbot" infected millions of computers in this way, and had the ability
lo steal personal information, including credit card details, and send spam on an unprecedented
scale.

IV) ~ U ! . e..muJJ:llat Room Worms:

► These work in a similar way to email worms.
The infected worm will use the contact list c f th e user's chat-room profil e or instant-mess2 0oe
prngr.im lo send links to infecte d web5ltes.

• needs to "..,ere
Th ese a:-c not as effective as email worms u:i the recii1 ient - p t th
. e message an d clJCk
•
the link. ~ http://
Th ey tend to effect only the users ofth<:! parti culnr prngn:rn
•
•
\'Vilh the help of examples C:\.1>lain ll011-
ni.,. r,c1ous
.· progranuning errors. •
An s: Ill)

NO IHl.'\!.ICIOUS Pl~O<:rnAMMING ER RORS:

I. flc i n~ I l,1m::in, Progr;:immers· & Otlwr· - Deve 1P'lt'

· . 1 r·· m •11
,L' ni :111y mi s t ·, I• ,
,I '

2. J\'1os t tit 1111st,1kes m::ide are uninrt' nti 11 1 ,.. . - · .,cs.

· · P il L'>'. •l () n m:i li l ie 11 c:
3. M,w y surh errors will not lead to In<• . , .· ··
tc s t r 1n 11 s vuJn er:ihT
1 .
profession.ils in troul,!,,. ' lti cs hut few will put m:rny ::e a (\Y

4 Tbere ;ire thrre broad cbsse~ ofnc 11 _,,11a 1.li.,•)l ll! S pri,gr:i .
t:1t:y ::r, · ,1 , fllll ow~. ' Ii·" 1,t: S('
· - · rnrnmg errnrs th.it , l'tu·1ty
, l'fkrt~ ,11:t

I) .IJ.!illfr Ov1.:rflows;
A bufft•r is a spnce in which dat·a t:.111
, be held .
/1 buffer resides in memory.
•.
:.'"

1'.·~
·· °r; •

·-·(
:{;.;
~}~
..
: ,
v.r~
;!trt

Scanned by CamScanner
7 \ SuurifJ &:_______
-:-----=:;__ 'Hrewaffl St
-=.~em=ei=ie=-r_-!_7 _______1i::_o'ff_~~er'i .Sofuliom
1.

► For this reason ' in many programrnmg

· Ianguages the programmer must declare the buffer's
maximum size so that the complier can set aside th at amollnt of space.

Example of BuffPr Overflow m C Language:

• Char Sample [S]

• The complier sets aside 5 bytes to store this buffer, one byte for each of the s elements of
the array, sample [01 through sample [4].
• Now we execute the statement: Sample [5] = 'A';
• The subscript is out of hounds and results in buffer overflow because it does not fall
between O and 4.

11) Incomplete Mediation:

Incomplete Mediation means Incomplete Checking.

►
Incomplete Mediation is easy to exploit and attackers use it to cause security problems.
►
In above example, buffer overflow will occur if the length of the input is greater th an the length
►
of buffer.
► To prevent such a buffer overflow. the program validates the input by checking the length of input

before attempting to write it to huffer.

► Fa ilure tQ do so is an example of Incomplete Mediation.

,Example:

Cons ider the following um.

http://www.To ppersSolutions.com/index.asp ?parm 1 = (55 5)81845 6 7anLl parm2=2 0 l 4De c20

?arm 1 & Parm2 are the parnm~ters for Telephone number and a Date r espectivel y .
•
it is possibi e for the a ttacker to change this parameters in th e URL as Pa rm 2:: 11 GOFPb20 .
•
The receiving program may give data type error, or it may execute and give wrong res ulr.
•
Time-of-check to Time-of-use Errors:
III)
The Time-cf-cher.k to Time-of-use (TOCTTOU) Errors is pe rformed b y "bait & switch" ~trategy,
r
It is a lso known as Race Condition Errors or se rialization or synchronizatiun ffaw .
1
. f r l k to Ti·n o. ~i-u se erro rs exp· lo:ts the time lag between th e time ¥ e ch <: ck ;111d the tin~r
.,· T 1me-u --. 1ec
1 ~ .1 . .

we use.
:;.. Non Computing Exampl~:
r Shopketper shows bt,)'et r er1I Role x W3(Ch LLa it)
• After bu~1e r pays, shopket'µc!· switches rf-!al Rolex vvcitch tn c1 forged o ne.

_fornp_utin~ £xam•ll1;_;, . c~ Data '; between time access checked and tim e ar.l'.ess u~ed.
■ Change cf~ res oUl ce 1:.g. -

Pa.3e 89 of134

musolution.in Scanned by CamScanner

 . ll .. ,,•i·•,1~
wn,·" fhr mcmon· :HHI :ulcln•.:.., 11t·1,tt•t-tlt,11 .
t 1 V, hat a~ ,c '· " · "· ·
Qu J Whal ,,... the ,·:u-iuus " 'nj•s fot• 111c 11w 1·., · :II ul '.'.:hi l'I·. ., '""' H I;,.,. i" I •r• · r, •m
1
~y~t~m~·t n,,w i~ :ml h~11t kaltott :,~h h.•,·1•tl I h t 1., •

Ans:

Mfu~Ri '-'- ~\D01\ES~ PI\OTECTlON:

1. It is a way to \'.Olllrul llll'lilllr)' ;in;l,!SS rlghl!- ou n t:p11iptd n .
2. ~lemory prott?cllun i11dmll's prule1:Lll111 ror the 111e 11H11·y 1'1:11 !lit• (>~ :t:t.J f 11 ~~f; M\: vi II ,,,i th"

memory of u ·e1· prncl.'sses.

The m3in µurpo st> nr 1nc1nt11)' & 01hh'ess pn1l ert 1(111 i~ ti, l' rl•l/(' 11 t .i ptM~f;f. frt,m ,11'1."~•;,-:i , 1{
3.
memory th,1t has not brcn :1llurnled to it.
4. This prevents a bug or 111.1lwarc wllhin n protess frc,111 11 ff f'<:lin/\ (,th~ r r,rM:l'ssef;., <,r' rht\ <'>P r',, ii g.,
sy~tt>m it~df.

METHODS:
1'1•rnur)' 11:t .i\tltit 1•.c• 1•, t• t "'f-111,1 ,

-----------.-•.;a~------~-
I U.uo .~ lJnun,b
J{,c.L: h t P1'

I)

A ft>nt:e
. or lenrc
. :itidrcss is simpll•sl
.. fol' 111 ll 1· lll('l1101'_1' p ro f .. , I i( l l '
,..... !tis tltis1g1:t>d rur si11glc llSl!r systems. .

• . tlr,1l users
A fe nce is .i p:irtil:u lar address . . il nd lhL·l1· 1i1·( I "(•<.,• I " t '
Only th e OS ra n npl!ra tc o11 o11e side of the f, . , . . ., ,11 111r,r rr-<,. ~-
enu:, nd 11 ... <·,·r•·. ''1r·,: r ·!'; trJ Ct(: d t'() rhr. •
11 I1;15l' and Bonmls Rc:i:!stcrs; ..: n t h~r ~id1,.

im pli ci llv .·,,;~

. . 111111:!i th r h
" r .... u~ :r or n r n .,. .. ,. r:r:;1~P. :.,..
• f'; , 1 •
,.,
: dct1•n11i11c wh II .
' p1 lllt: cl1 0 11 lo ·,11 I
• P Y to
Iii} r..uu~
Prohlt·m of B:isL• & illl .
a II nils 111.! 1:istc r ,,. .
l, iltd. •• th.it It tt1 11'I"'"I (IJ\,y;J
r llr;th ·r rtio, Iul c• rr
- ---- - -·- --- ·-;;:;----_
• lri CCr. ,.,, l]
· · ··· ,. ur t, 1it~ '" 1 ..-

'P&f_Je 90 o(04- - - - - - - - -

tion.in Scanned by CamScanner

 f .
' 1
i ·@M#H:::2\siM5
.Semeifu- 7
► This problem is solved using Tagging.

► Tagging specifies the protection for each individual address.

► In this m et hod of protection eve ry word of mJchine m e mory h.1s one M m ore ext ra l; it :; tu id e ntify
the access rights to that word.

► Only privileged instructions can se t these access bits.

IV) ~entation;
► This method divides the memory into logical units such as individua! procedures or the data in
one array.
► Once they are divided, appropriate access control can be enforced on each segment.
► A benefit of segmentation is that any segment can be placed in any memory location provided the
location is large enough to hold it.

► Paging discards the disadvantage of segmentation.

► In paging all segments are of a fixed size called as pages and the memory divid ed is known as page
frames .
► Th e advantcJ ges of paging over segmentc:tion include no fragmentation & im proved efficiency.
► The disa dva~tages are that there is, in general, no logical un ity to pziges, w hich makes it more
difficult to determine the prope r uccess control to apply to a g iven page.

HOW AUTHENTICATION ACHIEVED IN O.S:

1. Authentication refers lo identifying each user of the system.

2. It is th e respon!>ibility of th e Operating System t o create a protection sys Le m w hich ensures th at
a user who is running aparticula r program is a uthentic.
3. Operating Systems ge n erally authentica t es users using following three ways:

a. Username / Password :_User need t o ente r a regi s tered use ,·na me a nd passwo r d with
Oµerating system to login into the system.
b. User card/l<P.V: Use r need Lo pu ~,ch cc:rd in card slot, or e nl e:· key gene r,n ed by kt<y
generator in option provided by operating system to login into the syst e m.

c. User attribut~ - fin~.rp_rinr-J eye 1:etin.:i [Jatten11.filru)Jlturc : User need to j1:i:,;s h is / her

attributt:: •,na Jcsignated inpu, clcvi r.e l1sed hy opera t inr-; system to ltlgin into the system .

--------- - -- -- ·
'Pa_JP, 91 o{f34

musolution.in Scanned by CamScanner

 1J1U,-Vf u;ts·n_t)fi:. . . of th e system.
I I ~1,ufylnR ,•;tc;ll m;CJ
/lutlwuilcrill"ll rnfc:r:1 to 1 '· ' "llrlliY ba~cd on a u~eruame and password
I, f 11 tlfyl11f' ·rn t11divld11:1 1, u.., • .
Alltlrnn1 icr11lo11lj pn>t: 1!~is o cnn · 1 ' t )1e orsheclaimstobc,butsaysnothin
, t ll 111 tndlvtd11al Is W w . ~
Authm1t ic,ulo11111 <:1cly c 11,11 irf.!:i IIl,J
nho11t th(} ai:c.,!:>!) rlglll:i of th e lllcllvidllal. )· ti cation would be to detcrmt
If ,. snchal the aut ,en ne
l'or IDcrun1>Jt:; If the :,1rndcr claims Ii<irso a.1 '
wh ether tht! , 1mder Is r1::illy Snehal or not.
· "following three ways:
Operating Sy~t•Jms gt!ncrally ;1uthe11tlcatcs users usin,.,
a. ~i;:.matn!LIBlfilil\'Jlill:. User need to enter a registered use rname and password with

Op~r:1tlng system to login Into the system.

b. .llii.!a:...canl/1<<:y; llscr need to punch r.ard in card slot, or e nte r key generated by key
r.cncr;1tor 111 op tion provided by operating system to login into the system.
r.. !J~!'.lC :n1riJ111t!l.:..fi11l!~rprint/ ~e retina pattern/ :rum.a tu re: Use.- need to p2~s his/h!:r
:it trlbut£i via J!!;; ignated input device used by operating !;ystem to login into the system.
6. Flg11ri: 7.0 shows IK,sic .iuthentication process.

1) fl,eques t s a protecte d resource

I
r"""'

2) Hequcsts use,·nani.~ & p.issword I

I ( li ~nt

L
3) Scuds uscrnamc & pas sword

1·) fle tum requested resource- - Se1·ver

- -·- .
Fl gun• 7.8: Authentic.atio a
n rrccess.
NON·ltf~PUDI/•, TION:

1, Non•r•~r,udi;-•.Uon is th r•. ass•

. . u r·anct> t liat somP
2. Non•r~pudiatior1 d1ies not II
. a ow the send,
-0 1!{! cannot li en"J s umc,t hing
1· er or r · - ·
!'>!:ll( 11lg ,,r ,.,,n-;vjpo . ,,
1h·;_i , 111e•,s:1r•· ecciver of ::i iness ·i • • , ,
ln ,efon:nc,? ro scc11r' . , .. . , i:;e ,O r efu ~e th e ch:111 o, ncl
lly, 0<,11-rer111tii:it'
u l l'fl mn-.
''"nt ,.
-·~ "' 1, l rr!c1
. i1ve/l
. by . 1 , . "'"'ns. to en.
N . ' l~ par~1cs c1:>1··n1·
" ' n,, • I s ure that .·i I r;:i ~ f .,,.
1, <>r1•n: pud1.::tio1111, a wa • . o ,u luve Sl:! nt '. s f'rr e cl mes._aae has \;l'-'
Y ·" gua r·•rit · ;i,1d rr•c.:·p · o
tht' rn 1!!>Sa~c
. an cJ lhi.lt ti
... •~ e t 11 at to• e se nd " I v c. d t',1~ mc:.sage
IC re:cipi,:nt c;.i nn nt de, er of a messag~ c.in . 11 •
-- _ 1 Yhaviiw r . . ' notl;-1terd1;•nylrnvi11~se •
----- .., ec t1vet1 ti •
Pa.3e ~ - - - = - :ies,;age. .
-----...____ - _ ____...--r ~

musol ution. in Scanned by CamScanner

 - ..
,.....,,.,

Semukr-7
:,. Non-repudiation can be obtained through the use of:

a. lll£llal..s.l.lmal~ Function ;1s a un·ique identifier for an individual, mu ch li ke a writwn

signatml'.

b. ConOrmatlon seryjcc:;: The message transfer agent can create digita l r,:r.:cipt:; 10 indicate
that messages were se nt a nd/or received.
c. Timestamps: Timestamps contain the date and time a document was composed and
proves that a document existed at a certain time.
6. Figure 7.9 shows non-repudiation process.

Signed Message

Sign Signature Verification

Recipient
Initiator

Service's Public Client's Private Client's Public Service's Priv:.te

Cerrificate Key Certificate Key

Oient's Key Store Server's Key Storf'

Fioure
:::,
7.';: Non-rl!pudiati~n 5c~nari:>.

musolution.in Scanned by CamScanner

 I
I·%:'·;¥ fHw2 ,ifoff

(ltl Malwnrc

2.

Figure 7.1 O: Types ofMalware.

I) toe)c Bomb:
It \s 3 piece of rode tha t detonates 0r sets ~IT when specific condition is tri_g gered.
►
The condition may be a day. d at e, rime, a particular 'if!uop', 1i!'Tle inte1val, or coum:.

11) Vin1s:
lt is s computH prog.r?m w h ic h rep!icate~ itself and spreads fr-o!11 one computer to a noth er.
A vi:-us can s;::iread itself by infe cti ng files on a n etwork file s ystem that is accessed by other
compute r.
,,. Ex;1mple: An cman virus attaches ;t selfto an email
=-- · that is sencl . m on e user to ano ti1er.
- fro
lll) Worm:
....,· Jt spread~ itself:hrou gh nctwor~ to infect o~he r compute rs .
It does not need ct• ~ide assista nce a'.; required by vir:.is.
Example: Code r ed worm mav be eras}, rhe ope t ·
· · - ra 111 g syst-
.em :1 nr! othe r '' evic.:C's conn ccicd u, l.it'f
l
the same P.ct'.H,r k. '"' ·

IV) Tn>jan horse:

,. It is th e n~ah .1.ue th2t ;n-,.;tes the use . .
,
· I I nlJ'.,1 CC' : .
co '• 'Jri i t , "11''1 IC
~1
, • , '1(1,11
I
1
The payloac.i may lea<1 to many uno - bl . lll,\111 , \ . nm ul or n,:d,, 11H!:< P·'
t S lid t etfects.
Exampl~: ..;n inP.ocem lcokin u ua
• <> o me could do son
1eclHng .
mall · ·r~·
V) Trapdoor: lt is me~hod oi bypas~i CHJUS ·...vhile llw vlc~ill1 i,; pl;-iyr
- ng norinal a •Jth e 1w . . i
ac::ess to a system. lt at,on prc,ced ti re i.e. it ;ill ow:; 11 n,1utllMl/t'•'
- - -- - -
- --------°{134PCI_Je 94

musol ution. in Scanned by Ca1nScanner

 \ Securi'J
'.----~ ~ rfirewa/G
~=----------===::_.=!_
Semukr 7 _ _ ___~~~o/1('~:itr~'s~&~-~{~~W-'.~•r,,~•
1
vn &!b--lilt
\l is a ma\ware which creates many instances. of the m ·in urder to exhaust th~ S)'St t • ft",t'~rc.0..

I
unli\<C worms, it ::\oes not spre:i ri o\'~r ne, worl·.
It c:1n exh aust system resource!:.

5oywar~ 1

v1ll ll is the type of malware that can be insta\led on computer and which collectS informat.;1;i:12.bti .:1

users without their know\edge.

\t monitors user's computing.

mus .,n Scanned by CamScanner

 ·1Of'{'"r , J!Ut,l/r,,,1 l
8 1?1' ,St,CUrifJ
,
l·Muf·MPFA,,,t\eJMN

I ·• \Vlwl
Whal i~ a Uc11ial of s crvk1.• all:H' ":
<.l It· ·I~ on H ~yR lCllt~
11 1' '
. I
:,uackcr- can mount ;.1 0 ()
,.:i •• •''-

Denial of service ~,uacks.

. . . ·k .., F 1:1111 nr1y tlu·co l.YJ.H!I) ,,f' fHJ J Jit tu, kc; in
1

\\that arc Denml of Service :1tt._1c Sr ..,xp

detail.
[Q1. 110M - DcCJ!fl, [Q2 I r,M - Muy16 I & (Qa I ,oM - M ty17J
Ans:

DENIAi. OF SERVICE:.

l. Denial of Service (DoS) Is also r:a llccJ as avallahlllty :1ttadc.

2. OoS makes a computer or its resources 111i:iva ilablc 10 its lr1ter1dcd tl!:~r.
3. In DoS, an attacker may prevent you fro111 ..1t'rcsslng cnwll, wi:h,<i l!LJ, onllrw nccn11 11 t:. 0r oth(:r
services that rely on affected c:ompuler.
4. The basic purpose of a DoS attack is ~imply to flood a nr1twork l}r drnngc Jn tile conf!guratlm1S l,f
routers on the n~twcrk.
5. These attacks sometimes ha ve a specifi c target.
6. For Examul 1;;
a. All message sent to specific recipi n t may be s uppressed.
b. 1\n entire nei:\vork m2y bi: disrupt:::d citlwr by Jisabl'mg t'ne n etvvo1 ·k o r hy flocomg
•· H
• w1·.:.

ME.TIIODS:
messages.

The different ways in which attackers can nH1u:1t s

l
· , Do attac k s a re:
I) SYN Flood Attack:

r S'/N F!ood Artack ~ses TCP protocol ·r,,

.•. sui "· whe re a 3-wa r.
done w1.n SYN an::! ACK me~sage as sh own 111
. figure 8.1. Y -~nc!sha ki:lco o ·f n e ....
... .10.~·t< conne...t.:v.,
. , - •,•·

1 -
I
--
I
Source SYN -!-ACK
I
ACK Des ~in? !ion

- --
---------
Figure 8.1 : SYN fl '
o !>ti Attack 3 W
ay Hanctshak' '
--
~-
~e 96 of~-- - - - - --
• Htg.
-•-:

Scanned by CamScanner
g\ 9,P Stcurif:J ii..

----
i ·Muf·WPFA,,,t\eJMN

To initi ~te TCP connection, the system that wishes to communicate, se nds a SYN message to the
target system.

I f the t:> rg2t sys tem is ready to communicate, it sen ds SYN+ AC!< message to source ma chine.
The source system then responds with an AC!( message to complete the communication.
In SYN flood attack, attacker denies service to the ta rget by sending many SYN message and not
replyi11g with ACK.

► This fills up the buffer space for SYN message on the target mach ine, which preve r.ts other
systems on the network from communicating with target system.

SYN
SYN +ACK

ACK

Source SYN+ ACK Destination

SYN

SYN +ACK

I I

Figi.re 8.2: SYN Flood Attack.

ll) Ping of death: . .

. d ·ng packets that are larger than o£. 5 .535 bytes to the v1ct1m.
. " of dealh simply sen s p1
The pino . l 86600 victim.org .
....r T h . DoS attack is as follows: pmg - . l . . i let's saying 100 MB connection ,rnd
is . t 1·m's banclwidth, ifatlac ~er is OJ
_res the V!C
This ai:ta cl<. satun;i, .

vict-im is or, 10 M B co nnection. l . on 10 MB conn ecti. on an d v1·ctim is on 100 MB

- - - ot succeed if attac <er is '
But the att acK woul d n

connection.

lli) Teardrop Attack: . . TCP /JP fragmcnta tic.,n :-eassemblr code.

d ted by taroet mg - ip'
Tt>ardrnp Attac~ is con uc o k . t overla p one a no1h e r on the h ost re ce l.

fragmentation pac ets o r ·1 ---~.

Th ··· a ttack causes . h " roccss b u t ,;, 1 s . .•
►
J.., .
Tl1~ hos r 3rtem p
t to re construct them ciunng t p
-
~
3000 bytes of d,,t.a fro111 on .
e ,;ys~em to an0Lher. Tht> dat:i i s
need to .,end
Fo r Example~ you , kets as give11 below:
. d cl ;rnc1 sent illto small e r pac
d;v1 e · , _ 1000
1 c rri cs byt._s 1
• !J:1ckf: l - c.. - 2000

·'<,.., 2 . bytes 1001

carries
P,l ( I<:< 3000
• 5 bvtes 2001 -
:; r.arnc ,
~ ?ac k ct . , . with each oth e r.
veriaps th e bytes 500
►
► ----r
Teardrop a(tack o
-
Bytes 1- 1:>00, y -
- - - - - - - 1J143e 970
b tes 1000-
2000 and bytes 1 S0O - 2

f34
-
- ----------

musolution.in Scanned by CamScanner

 8 I 91' Securi[J
I'/) smurC Attacis~
----
semuf~r-7

. _ ing message.
. attack. I l ru:idcas 1 p
;.. I . ·1vari.1tion of a ping ia spoofe1 J t address on the network addr
tis. t "}'stell1 v
I a targe ~ •ty , b1·oadcas
s es,·•·
:.- This atwck~r fhio( s t to a third P31 ds p ing response to the Victim
·ng reques . then sen . .
The attacker sends a p1 ' broadcast domain
. h. third party s
Eve,y system wit 111

1. Sends Echo request to

netwoTk in broadcast mode.

2. Host Teplyto
vlctim.

3 _V ictim gets saturated

Victim

Figure 8.3: Smurf Attack

Echo Chare::en:

Echo char gen takes place between two hosts.

Ecbc services repea t a;1ything .;ent to it.
Cha rgen service ge nerates a continuous stream of data.
If they a,e i;sed together, they crea te ;:in infinite loop and res ul ts in deilial of service.
,.
For example an attacker !::tarts this chargen process on host A w hich sends echo packets to host
B.
;.,.
Host B replies to stream of packets generated by hos t A, by echoing them back tc host A.
This creates a11 endless loop between A and B.

u
n
1
hat is access contrr,)'- H
control?
' .
d
o-.~, ocs the n.,11 L.a
"'- Padula model achieve acct'~s
-
Ans:

].
!.c.,e ,., t Onlrvl is,~~ccuritv tec.h·i· .
• I lc.;.t(•.
ll c;;n he us~d to regu!atp who .
3. or \\ 11Jt can ·
Vi Qw or u
The ;Jct of a,.cessing m '>ere sour , - . (Tlfl'i-
-t . . . • ay rr.ean co;1surn tn g, enteri · ces 111 a comptilin g environ
Perm1ss1on to a ccess a reso·• . . ng, or lJs ing
s. vrce IS Crtll<>d •
An:ess Control includes /icces(" C - a Utho-iz' a t··ion.
- Or.trol fvt .., t .
... rix & Ac
- ------ cess Control List.
'P..4Je98 o(fJA
----
Scanned by CamScanner
 ll "'°Secs,1_ri='J==~
V - --.S~--.:. :. :_r-_!._7_ _ _ _'!.!!ff_~~~
7'of'/'erl ..So/ut;om
~ s Control Matrix:
. I)
Access Control Matrix gives a classic view of authorizati on.
Authorization is used to restrict the actions of aut] e c· , __
• 1 11 lt ,he,1 u s e1·:, .

Access control matrix has all relevant information needed b ti .

operating systerr. to made a Y 1e
s. decision about which users arc allowed to tlo what with th e various system resources.
Access Co.itrol Matrix consists of subje~ts and objects.
Subjects (users] are the index of rows.
Objects (resources) are the index of columns.
Figure 8.4 shows the example of Access Control Matrix, w he re UNIX-style notation such as
execute (x). read (r). and write {w) privileges arc used.

OS Acc:nunttng Arrounllng lnsur~nre Payroll

Program Data Da ta Data

Bllb rx rx r -·- -·-

Ali.::e rx rx r ,-~v rv~· I

Sam rwx rwx r rw 1'1\" I
Accounting I rx n: rw n~ )\\"
I
I
nt
Program J

Figure 8.4: Examrle of Access Control Mat 1·ix.

II) Access Control List:

Access contro l ma t r· L·x has all relevant informatio n .

This could be lG00's of users and l000's of res o ur ces.
Then matrix wilh 1,000,000's of entries.
►
bl ·s how to manage such a large ma t rix.
The pro em i ' . . - .• 1 .
. nmg
Th is can b e done by port:o . ti1 e. Access Control Matrix in to n, o re rna1,a g1=ali.e pu~ces.
. to split the Access Control Matrix:
There a re two w2ys i . I.
• 1 L' t · A~cps'" Con trol Li s t sto res JC::ess cont,·o, mat:-1x by co ur.m.
■ Usini? A,:ce s s ContrQLill!.;. . '- - J

iI OS I Accounting Accounting \ 1ns1l":rn ce : Payrc,J i

Data Data I IJat'l
Program
I -- I
I ~--L~:__+_
Bo b
!
i"X
I
I . :.: . __ f-___ l ______:.,. - ---1 rx r --- i ---

'
rx rx
I
;·w l "\\' _jI
..~lll"P I :

r.vx i-vx L--- 1~·-----1---- ~- --,

l·w I rv: I
~ ·"'
I
!
I r.{ r:~ nv rw I I\\" I
Accounting I I
Program i

musol ution. in Scanned by CamScanner

 To d , ~
r Q
■·Mi@ww;,.,z1,*"
SemMfer- 7 ~------:.-:..._r_, ~ /
8 l 9'PSeeurifJ - ~ 1111 :,trix hy row. (]!
·ccss contro
bTties stores ;:tC •
■ Usin~ CapahUitlcs;. Capa 11
_ ____ - - - -r-- - - (}'
- - , 111s 11r.111c1' P.1y1·0II
- - - - .- - -,, ,\CCollll 1111"
<>
1\rr o1111tl!IH r);i( ;l
llnta
_ _ _ __ ft.
Os . oara 1.__.- --

l - ---- 1 - - - ,
j ~.JE".!.!' r
-
:- - - : - -1
rx _.,_,_- _
---4.
- ,II'. ..

• • ' •. f\'t'
I
f ! :r· _r "ii:_
· _j__:-~--t----i 1
rw
rwx r
Sam rwx 2
IW
!X rw
Accounting rx
Program
3

BELL-LA PADULlt MODEL:

1. Bell La Padula model is known as BLP Securit'/ Model.

2. BLP security model was designed to express essential requirements for Multi-Level Security.

3. BLP dea ls with confidentiality.

4. It is us ed to prevent un;1uthorized reading.
5. Bell La Padula Model Supplements the Access Matrix to provide Access Control & Information
Flow.

e\erne
6. Ass ume th3 t O is an object, Sis a subjer.t.
7. Object O h<ls 2 classification.
8. Subject S has a cle;;1ra?1ce.
9. Secu rity leve l deno ted L(O) a nd L(S)
10. BLP consi~ts of:

a. Simple Security Condition: s ca·1 read O ·r :I .

,, I anl 0i1 1y tfL(O) ~ L(S)
b. Property [Star Propert;y_l_; scan write O ·r d · . ·
·
1
an only 1f L(S) ~ L(O)
11. No read up & no write down as shown in figure B.S

No Read Up

l"o
' \\' nre
· Oown

r;·
. igure 8.S: BelJ-L.

---
muso1·----
uAIon.in
a Par1u1a ..h ,od el.

Scanned by CamScanner
 J,ist the functions of the different protocols of SSL.
~] protocol Explain the handshake

[Qs I sM- May16] & [Q6 I 5M-Dec15J

, SSL stands for Secure Socket Layer (SSL).
J.

z. !tis also known as Transport Layer Security (TLS).

3, SSL is layered on top of-TCP.

4. It is a protocol developed by Netscape to protect communication between web browser and senrer.

5. URLs that r e quire SSL connection start with https.

6. SSL ensures that all data pas se d b etween web server and browser r emair.s private a nd secure.

FUNCTlONS Of THE DIFFERE NT PROTOCOLS OF SSL:

1. SSL Protocols Authenti cates th e End Points usually the servers.

2. It hides t:he data during tr,1!1s mi~s ion.
3. lt provides a way to vali da te or ider:tify the w ebsite by creating the information fil e and making
the accessing possible.
4. \i: creates 2 11 encrypted co nnecti on that provides the sending of the da ta frn m one sou;-ce to

:m c th er using the SSL.

s. SSL prov ides ci. w ay to ensure that the security is being p rovided to th~ tra;1~2.nion and the data

in use.
6. Th e lock is used to d isplay the browsers ccrmection is closed or opened on the secure channel of

SSL or TLS.

HANDSHAKE ?ROTOCOL:

1. Hands hake Protocoi is th e fi ,·st ~ui1 lnyer pr otocol used in client and se rve1 tn comm:rnir:ate using

an SSL-Enabled Co nnect?on.
2. Thi~ is simila l' to i,o,,v 1\licf: g, 81:b would s hake hand s with each cth~r with a i1 e\lo 1:Jefore they

start conver si ng.

Th £: Handshake Proto::ci is mrt de up 0f fo ur ph2ses which pzss !1:ess~1ge bct\\'e,,,1 the cli ent and
3.
serve r.
4. Figure 8.6 s how s the hc1ndshah ;:irntccol operatior..

musolution.in Scanned by CamScanner

8 I 91> Securil:J IA,,i·#¥di•J,,,2l,JMN
server
Client

l-----~44~--~
L-----s --
u _ _ __ _
L-----6

--- ---------------------- ------------------------

7
J. Client.SayJi1,Jlo
2. Server_S.;iy.fl f!Jo
8 J. Stud. Certificate
4. Send):ierver_Key_&..change
Phase3
9 S. Cerlificate_Reque~c
6. Server_Hel!o_Dor.e
7. Send. Certificate
--- --------- ------------------------
10 a. Send_Client_K.;y_Exc!1;,11zt-
?. Cer1ificate_ VErify
11 10. Srn<i_Change_Ciphe~_Spfc
Phas<?4 1 t. Finished
J.2 12. Send_Cl1ange_Cipl:~~-SpEC
13 13. Finish.,d

--- ----------------------------------------- -
Figure 8.6: Handshake Protocol Operation.

j) Establish Secu::-ity Capabilities:

;.. Thi$ initiate., logical connections a nd 2stablis hes cap abilities associate d wi th that con ncrt.:c:.
► Th is con sisrs of two messages th at are the client hello and server hello.

► The cl ie nt sends the cli ent heilo r,1essdge to ~erver and re:ceives a s erve r h e llo message fr .c ::c
server as a reply.

II) Serv~r Authentication and K~v Exchan~

,.. The ser1er initiates thi s phase and is the so le sender of all
· messages.
Whil e cl ient is th e sole recip ie nt of c1ll mess2. ges.
,.. This phase contains the fo llowinc fou r ncps:

Certificate: Se rv~r sends its digit,11 c" rt T .. , •t

- I ica te tCJ .,,e clienL fo r . I , .
• Server Exchange l<eY. If sc rvE' r 1 ;iut 1,~nt1 cJ t1 0;1 .
c oes not sen,! a ,.,. ·t·n
.!&r!i[icate.B.filuwst: The ser ver . . f
'-\!I I IC''l ti · ·
._. e 1e n It se nds it s puhli . :t::,
- r eq 11 c~t o:- t!1e clicn ' ' . J .
S,erv.crJ.!rulo Done: Th i5 n1 cssage . . l ' ·~ . I ~ s ( 1g1t .:i l re1·u1 icJ t c.
11.c ic:t.tes t,J the cl .~ " .
r;r ,nrlete. Hllh th ~lt it!; POl'ti(n) or h~ll,1 l\1t'~:->•1~ l ..

ii!)
!.JLe;1t..Aul.h_cntication ai1d l{e_y E~h.~n~
Th e: ciienr initiates thi ',; JJh <1··••p i'l 'Hl :s
J - ( , ,.
t!H! S(JI"
. · ,..,, .,
._ ,,1,; IJuei- Of ·1I)
Whi!P.· server 1·s t he sol e rcciJJient of all rr , .. • nitis•· - .
· '' 11gu~
I C!, S<1g e s .
► Th is phase contains the full owi11g tlm:e s te ps :

~CljfJ toioT,i;;;----..~ ·-
mLI so ILI tIO n.In Scanned b; ·CamScanner
 ~~4
/J'->-- fu_-:--:=~~~~-&~~-u_u_r-~7----~~~~~~
'J , o!!er1 Softl!iom
J , ~
Th. .
lS 1s an optional and used only if th
e server requested for client's digital
certificate.

• .-li.fil.lt Exchanee Key: the clie nt sen ds a svmmeti·i·c

~ • 1<e • 11e· ~e rver.
• Y tot
, ~rtjficate Verify: This
. is needed only if the server d ernan· ds c.11ent
- authentication.
. .

finiSffi
The client initiates this phase of the Handshake which the server ends.
The client sends change ciphe r specs and finished message to the server.
On receiving them the server sends change cipher specs and finishes messages.

Q71 What are the different protocols in SSL? How do the client and server establish
an SSL connection

[5M-Dec17]
Ans:

1. SSL stands for Secure Socket Layer (SSL).

2. SSL ensures that all data passe d between web server and browser remc:ins private and secure.

SSL PROTOCOLS:

I) ~andshake Protocol :
j SSL Han dsha ke Protocol is the most complex p c:r t of SSL.
It is invoked before any app licati on d;:ita is transm itted.
It creates SSL sessions be Lween th e cli en t a nd the server.

ll) ChangeCipherSpec Protocol:

,. It ls s implest part of SSL protocol

:,.. It comprises of a single message excha nged between two communicating enti ties, the client a nd

the s erver .
,. As each entity se11ds the C:haneeCipherSpcc rness3ge, it changes its sine of th e co1111ectio11 in to th e

secu re s tate as agreer! upon.

The cipher paramete:-s pe:iding st~re is copied into the cur,·erit state.
r

,. F.xrhar.[;e of this Message in d ic~tes c1ll fu t ure data exchanges are encr~1 ptecl :ir, Li i:11 ,' grity is

p ro~ected.

111) SSL Alert Protocol:

,. This protocol is used to report erro rs - s uch as unexpected mes;;agc, h~d ri'rnrd J\IAC, securit'/

parameters negotiation failed, e tc.

musolution.in Scanned by CamScanner

 'To('p,r, .Sof.s ,,J,,..,. .,4
8 I 9'P&curi'!J - s,,nuftr- 1 £--
th_e_'f_C_P_c_o_nn_e_c_ti-o-'-!n, ~
h s notify c)osure o rece ipt
It is also used for other purposes - SllC a or
►
bad or unknown certificate, etc.
rr10N PROTOCOi.? ~
NS~~
HOW CLIENT AND SERVER ESTABLISH Ai y

Refer QS (SSL Handshake Protocol Section).

QB] IPSec Protocols for security

. ite applications and advantages of 1
Q9] Explain IPSec protocol in detail. Also wr ' PSec
[Q8 I 5M - Mayt6] & [Q9 j 10M - MaYt8)
Ans:

lf'SEC PROTOCOL.:

1. IPSec Stands for Internet Protocol Security.

i

2. It is a protocol suite for securing Internet Protocol Communication.

3. lt uses cryptographic security services to protect communications over Internet Protocol (IPJ
neh-vorks.
4. IPSec is implemented at the IP Laye r, so it affects all upper layers (i.e. TCP & UDP)
5. It provides Authentication, Confidentiality & Key Management.
6. · poss1·ble to communi cate s ecurely a cross a LAN across pub] · · ·
Using !PSec, 1·t is
- · ' 1c; priva te WPN
acro.c:s the internet. ' and
7. lPSec i s u sed to provide an en-to-e nd security s e1 vices.
8. JPSec is us ually installed in networkina device s ·h .
·a - "' •JC • as router or firewall
9. F1"'ure 8.1 sh ows IP-Sec Scenai'io. .

!PSec System

~ ----- r1;
User System
IPSec in Nehvork O .
e\1Ce
~

--
-""...o..
!PSec In Nen.io'"'- D
F' '" e\ire
igure 8.7: IPSe User ~r:tem
- ~
csccnar·10.

Pt,;_Je1040(134--- - - - -~
-----___.,,..
musolution. in Scanned by CamScanner
 IIgf Secstri'J SemeJfer-l
~ D E D BYlPSEC:
vicf.
,fR
· j\C,ess Control.
connectionless Integrity.
confidentiality.
r
Data Origin Authentication.

---
r
Rejection of Replayed Packets.
r
oOALS Of IPSE.C:
:::---

Psec To provide system security solutions.

YI8] To have single security policy.

► Both endpoints must agree to bypass or protect traffic.

ADVANTAGES:

lPSec provides security without any modifi cati ons to user computers.
lPJ
► It can work independent of applicati ons.
> In a firewall/router, it provides strong security to all traffic crossing the perimeter.
► It is below transport layer, hence trans p3rent to applications.
r le ca n be t r ansparent t o end use rs.
j ,_ !Psec all ows p er flo w or per connection based secu ri ty.
,Y

;,, it p rovides seamless secu,ity to a ppli co ri on a n,i t ra nsport layers (ULPs).

APPLICATIONS:
c:
IP.,ec ·d es th e ca pab ii ity to se.::11· re c,1111 r1
pro '.✓1 · un irntions across a LA N, across private .:ind pt, blic
WANs, and across the Inte rnet.

,- Examples of its use include:

Secure branch office connec ti vity ove r the Internet.
• Secure rem ote access over the lritet"net.
Usi ng IPSec all distributed appii cati o11s can be secure d. Example:

• Remo t~ !ogon.

• Client/s erver.

• E-mail.

• Fil e tra nsfer .

• W eb access
. l ·ng r•x tra1li' t <',,-! :1n1
· •·,11,1: ' L· L·1vity with 1.1artne rs.
• t c·L11111 L
r Itis used fo r esta bl 1s1 1 .

,,. Enh a ncing el ectronic com rnPr,~e sec! 1r it y.

musolution.in Scanned by CamScanner

 .t J n---~ otn-r.s S'i."CUTit.Y al n
f 'S p_rottx-ru?

I) To iEDm'1'lt Jnf\~:cnJticm;
> T .~tr.3j~r :-u~c" r:m SSL C':?ntinc.,tc }:; w encr;pt infa;matiorr so

c: '..: r,:..rty :-.:aid ~ in ::rc-c..~

,-ln ~ • (';;'>rtiik.;,t'~ in$'~ r.1ndv,11 d 1.ir~1 Ch TS in

Te- en,,,ids: Aut.hs-otiratit.m:

:,.

m1

usolution.in Scanned by CamScanner

 i~--==-------_!_____
,
,;fu
f 551. PROTOCOL:
1cE ~
Seme1fer - 7
_}__1i.joA~~er~1~So~fu~fio~m
1
~ ~r~ j o n : o·tVl·ctes the d ata into
· blocks of 214 hytes or less.
r ....
~
,nr~illlill Lossless compression methods are ,i -ed ror Lumpressmg
. . tragmented
. d
• ::i
J t a.
~~~ To preserve the integrity of data SSL uses a keyed-h· h fu .
as, nct10n to create a
MAC.
!Jl_nficlentialit;y: Original data and the MAC are encrypted using symm t · k
e nc ey cryptography.
Protects against Man-in-the-middle att.:ick.
Simple and well designed.

Qll] How is security achieved in the transport and tunnel modes of IPSec? Describe
the role of AH and ESP.

Ans: [10M - Dec16]

1. lPgec Communication has two modes of functioni ng: transport a nd tunnel modes.
2. These rnodes can be used in combination or used ind ividually depen ding upon the type of
communication desired.

TRANSP'JRT MODE

T r~rnsport mode \s used for host-to-host communication.

\t on\y encrypts and optically authenticates IP Payloa d z, nd not the IP header as shown in figure

8.8.

B~fo re l? ~ec \ IP Header TCP Data

F.SP/AH ESP/.~H ESP/AH

II' Header TCP
Head er Traikr Autlumli catio1i

Th <1t mea!lS, tra nsport mode does n ot protect entire IP packet.

, r;i :1sport mode is efficient, but s:nce it Jo~,; n0t er. cr ypts IP header, IP hea de r is •,is ibie tG

1. l ·r ured fo •~ network tc netw c rl{ communication, host to ne two rk

T llll !1C 1 :.1oc1e 1.., .,
communication and host to host communication .

2. .n t,h'1s mo d e, en t 1·r e IP packet is encrypted and option.i Uy au th enti cated.

1

musolution. in Scanned by CamScanner

 _ _ _ _ _ _ _ _.:....:....__ ropper$ Sofrr, "''101)• I ".
s I 91' .s,cur;'fJ -
,rsec to encrypt 1t and then adds n
. ~ ,,u,,,.., ""''"
. ·ts IP header, uses ew I~
1
3. It takes the original IP packet with _

header to encrypted payload.

,f Reft'r 8.9 figure fnr tunnel mode.

Before IPSec I IPHeador

I Tel'
I v=J ESP/Alf
n.ailcr
ESP/Alt
Authenticatlc.n
TCP
f..<;F/1'.H JP t1~der
Af«rlPS.-c New IP He~d•r lfe;adu

Figure 8.9: Tunnel Mode.

AH:

1. AH s tands for Authentication Header.

The AH protocol provides service of da"ta integrity and authentication of IP packets.
2.
It also protects against replay attacks by us ing sliding window and discarding old packets.
3.
4. It is based an use of MAC.
5. The packet format of AH is shown in figure 8.10.

16 31
C 8

Next Header Payload Length Rc serveci

Security Paramet~r h:dex (S?l) _

Seque nce N111Pb e:·

Authentica:1011 D,tta (V~ ri ~ble)

Figure 8.10: Authentication Hea ue·:-.

Next Header (8 bit): It identifi es th e type ofh ea~d er immed

. iately followin t:-.

Payloa d Le ngth (8 bit): It is lengtI, of th . g - .H header.

• . au ent1cation header.

Reserved (.16 bit'): It is reserved

· for fut ure use.

s ~curity P;:irameter Index (SPI) f32 b I' f\, . . -.

J.:. It id entiti es as ecuntvas
. ·
S .
eguence Numbe r (8 bit) · l ·,. . . :;oc1a t:on.
~=-'-'-· t L used as counter.
.Authentication Data (V.:riable)· A . b
. van a le length f Id
ESP: le that c0r.t31ns
·
tr· ie integ:-ity
. check value.

1. ESP s tands fo r r:ncapsulat·mg uecurity

c p
2. lt is thP. key protoc:ol , 0
• ayload.
. IP.Sec.
lJS~ Jr.
3. lt is used to p,... ov1·ct e confidentiality d
I
.
, ata ono·
repay service and limited fl o•n authenticar
ow confidentialit ion, co nne . .
-~ - -- - - - - - - - - - - - - - - - - y. rt,on less integrity, an anti·

------- ----
musol ution. in Scanned by CamScanner
 -
~
Security Parameter l11dP;.: (SPl)
-
:u :1

S01111enco Number

Payload (Varia ble)

I Padding

I Pa<I Length
I Next Header

Authentication (Variable)

Figure 8.11: ESP Packet Header.

Secmity Parameter Index (SPI) (32 bit): It identifies a security association.

Seguenr.e Number (32 hit): lt is used as counter to provide anti-replay function.

Payload (Variable): IP Packet protected by encryption.

Padd!ng (0 - 255 nrtw.;. lt is used for variou s reasons.

£ad length (8 bit): It indicates number ::if pad bytes.

Next Header: It id entifies type of data contained in pay load d;.ta fi el d by idf: ntiryi:ig the fi rst head e r in

that payload.
Authentication Data (Variable): A variable length value wlii t h conrn ins l!1e integrity ch eck value.

Paddin~: It is used as padd ing bit.

Qi ] How is security achieved in the transport and tu 11ncl modes of IPScc? \ \That ,\l'c
2
s~curif::',' associations?
(10M - Dcc171
Ans:

SEgURIIl iN TRAriSPOP.T &. TUNNEL MODE OF IPSEC:

Refer Ql 1.

SECUf< ITY ASSOC l1\TIONS~

One of\ht: most important concepts in IPScc i~ c,11\ed ;1 'Jecuril y /\ssuci:itio,1 (S1\).
1.

2. Security J\~sociation J re defined in RFC 1825.

1.· •• f given Security P.i 1·;:imctr~r inciex [S P!) :ind Desti n::itioi. Address.
3. SAsarPthecomu1m1c1ono ;i _ __ _ _ _ __ _ __ _ __ _

---- 'Pt,3e 109 of04

muso u 1on.1n Scanned by CamScanner

 4. SAs are one way. . connec tion .
. d for a single IP 5 ec
5. A minimum of nvo SAs are require

6. SAs cont;iin par.1111~ters including:

. d algorithm mode.
• Auth e ntication algorithm an
. d lgorithm mode.
• Encryption algonthrn an a · . ( J
. 1 cryption algorithm s
• Key(s) used with the authenticatwn, en

• Lifetime of the key.

,. Lifetime of the SA
■ Source Address(es) of the SA
• Sensitivity level (i.e. Secret or Unclassified)
Exam~le:
l. A security is a very complex set of pieces of information.
2. However, we can show the simplest case in which Alice wants to have an association with Bob for

use in a tvvo-way communication.

3. Alice can have an outbound association (for datagrams to Bob) and an inbound association (for

datagrams from Bob).

4. Bob can have the same.
5. In this case, the securit·y associations are reduced to two smcili t~oles for both Alice and Bob as
s hovvn in figure 8.12.

Outbound SA OL1tbour.d S/\

·-
To Drctocol Authe ntic;it ion Encryption To Protccol Auth e ntica t ion
AH
' 80 0 ESP SH/\- I , x DES,>' A lice MDS,z

I Inbound SA
From Protoco l Authentication

!3o b AH
- ---t:= .,,...,,,,:.,,-..,....,...1
MO S, z
Inbound SA
From
/ \1 10~
Protocol Authenticc:ition/ Encryption
ESP S HA-1 . x DES. y I
I
A l ice Boh I
[_]
,~ -] 0
Authenticate &l'T'' :~;,,. ,,-:;a, , - . . •
~ '.:l-Hl.t;v,__· ,__, Veri fy I i'
,__
an_d_e_n_c_
r y_~_t _ ~ f - _ __,C IPSe-c pac-ket u:'---~--,.,. ---~~~
1 - ~ iv I

_}r-- - ---- -+1-__Al_H~::_

Verify ~
1--_ _ _ ___;__ _ __.,_ _ _ _ -....:~ [ _ IF-Sec.: pnc;l-;et _ 1
~

F:gure U.J 2 : Example ufSec1irit}' , \ ssnc

. . .,.1 1.l<'II S .
The figur e 8.12 s hows tl,;1t v1l1 en Al ice uee d s to sP nd a I .
~ · ' r :l l ilgl_',11 11 l11 B11h, slw tlSt'S th r 6St f't1111
of IP.Sec.
7. Autnentica ti on is done L_v using Sl-!A-1 with key x.
8. The encryption is don e by us ing DES with key Y.

muso~u ioh.in Scanned by CamScanner

 •1,i SemtJf,r - 7
l~ . To~rer', Sofufion,
uob n. •tis tn send a cl, taitram to Alice he uses ti . 1\II
\l'h1'll . ' • · )<.: Protoc,,I of IPScc.
tic ,t io 1, b dnn 'liy 11s rng MD5 with k y 1
\11thl' 11 • .•
, ,!,:ti tln' in bo1111d ,1-;..;1 ,ci:1ti1111 for Bob is the sn me ·is ti
Nl'll ,• 10 0 111 1lo11n d .1s., 1H·1,llion l'o1· Alice, and
vin· v -rs.1.

~Jtliffcrc1-1t_i_a_lc_ h_c_h_,-,c-c_n_\l_1_c·_t_r_a_11_sp--o-r_t_m_o_d_c_a_1_1d_ ll_u_1_n_c_l _m_o_l _·- -f lP-S--.- - - - . -

Jd • • • • • · <c O ... cc and explam
\Jll
,authcnt1cnhon and conhdcnllahty ;u-c achieved usilwr,,
·ii> Sc.C• 1..
•
[1ol\1-Dec15]

~SON OF TRANSPORT &. TUNNEL MODE OFJPSEC:

Table 8.1: Dllforcntlate between the transport mode and tunnel mode orIP Sec.
..
· "; , -~! •• Tunnc},M<fr •
, If I , , t ,J r

Protection rrovillc<l It protects IP Payload only. It protects entire IP Packet.

,\uthentkation l lcmlcr i\\lthenticates only IP paylo3d and Authenticates enti re in!1er IP
(AH) selected portions of the IP head er. pacl«?r and selected portions of
ll1 e out1~r IP header.

' jEnc.1psu\ation Security It encry pts IP Payload a nd I[ encrypts an J optionally

Pay\o..Hl (ESP) optionally authenticates it. .1ulhent1nnes the enti re in ner JP

p,1cket.
lt is 11sC'J whe~eed hos t-t o- I, h used wht'n 011 t:' or both ends
Purpose
host protection of dat.:i. of :i secu rity .isc;or:ia tion arc a
scc .1r ily ga rcw:iy.
1

- - - --+-·------:-- ·- - -- -- -- -1
L--- - - --:-,- -- ---r,,-:l---:-=-l1::rn::v:i'i~de;:-:s--:- 1)rotection primarily It p1 ovides protection to th e enti re
P,·otect\on Mm c
for 11pper layer protocols. IP Packets.
Co mpa rati vely higher.
Paylo:u\ Mess age Service Less.
Spec:ifk,1tion (J\ISS)
Place in TCP/IP Mol lel 1; this mode, !PSec is plc1cPd \ In tl:is~1o<le~IPSec is placed

I betwee n tra!1sport a nti network I bct,·:een nctwoi·k \ayer a,~d new

I
I layer. 1\ :1Ptwork l=~- - - ,
I Tr.;\11spm1 L,y,-r I

I
I NAT Trave rsal
-7
Nnt supported. S11pp-01-·
t_c~
tl~. ==~~------~
CliL•nl ·to•S ite VPN S c e n a ~ J
t VPN Scen.1rios
Site-to-site VPN Scena rios.

---------

musolution.in Scanned by CamScanner

 fW,,.§¥,M111'3'?
/
QiA
8 191'SN:Uri(J
======------
is used L>etw~en
~ - - end-to-end

Use
1c-,:--~
It
1-5~-;:u~s;edd
. n
for
between
r,..vo I betwe
· en a ute r an d h
·
host a n d a rou•1:r
':r
cmnmt1nicat10 . between a r o• • a ,o:;,:_

I
L___ _ __ _ __
I hos ts._ _ _ _ _ _ __
_..__
2-
AUTIIE/\'TICATION IN lPSEC: .fy th identjty of the sending IPsec device
. . a shared key to ven e •.
► IPsecauthentication algorithms u::,e · . ·tJuns: MDS and SHA-1.
,0 -uthentication algon
The IPsec protocol suite defines tv, " , SHA-1 algorithms that proVide ari
► The Services Router uses an HM A L- va riant of MD 5 ana 1

additional level of hashing. JP acket computes a MDS or su ._

c; R0 uter that sends an - P
► In an IPsec-enabled network, the Service.
• •Ui
,..
:::>-
1 digital signature, and adds this digital signature to th e packet .
.
The Services Router that receives the packet comp utes the digital signature and compares 1t v,'ith
the signature stored in the packet's hec!der.
► If t.he digital signatures m:itch. the packet is authenticated.

CONFIDENTIALITY IN I PS£ C:

> Ccnfidentia lity means encryptior. of data .

rnent
► Encryption encodes data intc a secure format so u1at it Cd1lllot be deciphered by unauthorized
users.

► Like authentication algorithms. encryption algorithms use a shc:red key to v ei ify th e a11 thenticit:7
of the IPSec devices.

,- The Scr✓ices Router uses the followi ng encrjption algorithms:

• Data Encryption Sta ndard-cip her block chaining (DES-CBC)
• Triple Data Encryption Sta ndard-cipher block chaining ( DES-CBC)
3
• Advanced Eri cryption Standard (AES)

musolution.in Scanned by CamScanner

 . ..
i·Muf·MPH,,,t\,JMN

r·outers, , ~,: r;;M - May16J

:J ~-
1
.
Asoflware flaws 1&an error, bug, failure or fault in a computer program or system.
Most software flaws arise from mistakes and errors made in either a program's source code o:- its
design, or in components and operating systems used by such programs.
According to National Institute of Standards and Technology (NIST), there are as many as twenty
flaws per thousand lines of software code.

Software Flaws can result in Denial of Service, Unauthorized Disclosure and Unauthorized
Modification of Data.
s. Following are some standard terminologies suggested by IEEE:
i. EtTor; Human Action that produces an incorrect Result.
ii. Fault: It is an incorr~ct step, :,rocess, command or data definition in a compute r program.
iii. Failure; A failure is the ina bility of the system to perform its required behavior.

Classification of Software Flaws:

.....-------;--:-~,----,

r-1 Allcious
1
N ,..1 11-,..1 : tll c iot 1$

Figure 3.1 3: Cl:issil1cation of Software Flaws.

Consider the below programming cod e.

Ch;;r Array flU];

For(i = 0; J < 10; +ti)
{
An·..iy [i] "' 'A';
Array [1 OJ"" 'R':
}

::.- This Progr;:im IJ ;:is ;rn Errn, ·

;.. This Error might rn us~ ;J f,ll/lt.
► If a Fault occurs, it might lc!;:iJ to F,Iil11rc.
► We use the term f,l;Jw for all lhu ,1 hovu ca5e.
- - -------- ---~-~-- ---
flt4_9e 113 o/134

Scanned by CamScanner
 Q15] Buffer o,·erllow attack.

Ans:
UUFFEP. OVERFLO\V ATTACK:

l. A buffer is a spat:e in which c13ta ca n be held.

2. A buffer res ides in memory.

. . b f' , . pacity is finite.
3. Because memory 1s finite, 3 t! ,er s ca d . can ha ndle.
·nto a buffer t.rian it
1
4. Buffer overflow is the resul t of stuffing more ata
·nto
I
t.hree gallons capacit'J j ug. so
5. For Example; lf you try to pour four gallons Of water me Water

is going to spill out.

6. It is also called as buffer ove rrun or smashing the stack.
7. It is the basis of many softwa re vulnerabilities.
8. Assume a Web form t'"iat asks the user to enter d ata, such as name, a ge a nd da t P of birth.

9. The entered informa tion is the n se nt t•J a server and ti'1e server writes t h e d ata ente red to 3 buffer

that can hold N characters.

10. If the server software does not veri fy that the length of the data is at m ost N cha racters. rh en a
buffer overilow might occur.

EX AMPLE OF BUFFER OVERFLOW' INC LA N6U.-\6E:

In t m ain 1)

Cll:, r ·;am pk [ SJ
s ~mph.· l·:;1 = . , •.
j ..- , , . ..

r Char Sample [S]: The complier s ets aside S ' ,

J, . u) tes to store th·15 b
~ ,_ men ts of the array, sa mplr> [OJ th ro,,,,11 u ffer, one bvte fo r ec1ci' of the 3
, · .... "' samp 1e [4 ]. ~ · •
Now we execute the staten ,enl: Sa mp le [SJ= 'A'·
,,. The s ubscript is ou t of houn ds a nd . I . •
I esu ts in b fr
and 4. u i er 0•1erflo w b ecau · d oes not f:1ll O
se it 'c'tm'L'll

The huffer overflow m,·g1)i r IJVt:w nre th

. . e user ct t
co de. or It might overwrit "· ,.1 .,1..,,,,1
- ,,i-
' ' a cl or code • o...· it
. could
.
- ctcc. · svstel11
• oven -.•rnc tbta or

- .J

Pa,.,.,.

muso u 1on.1n
I• . ;: _ •

Scanned by CamScanner
 •Fu SemeJfer - 7 rr. ,
;fS¢Jll'J I D/J/Jtr 1Sofu!iom
V:::-packet sniffing and packet spoofing. Exp] • . .. .
/1coJJlP am session hijacking attack.

[10M - May16J
£T sNlfflN6:
.,CK ~
y ·r-,·· . t h . f ·
packet Sm 1mg 1s a ec mque o monitoring every packet that crosses the network.
/.
It is a form of wiretap applied to computer.

j, Packet Sniffing is widely used by hackers and crackers to gather information illegally about
networks they intend to break into.

The software or device used to do this is called a Packet Sniffer.

s. A Packet Sniffer is a utility that sniffs without modifying the network's packets in any ways.
6. There are two ways in which a Packet Sniffer can be set:
a. Unfiltered: It captures all packets.
b. Filtered: It captures only the packets with specific data items.
7. Packet Sniffing is difficult to detect, but it ca n be done. But the difficulty of the solution means that
in practice, it is rarely done.
8. Figure 8.14 shows example of Packet Sniffing.

User ~ rnent
II
.. Houte1·
P"c k e ts 2,
1illlr
User

Figure 8.14: Packet Sniffing Example.

P1~CKET SPOOFlNfi:

1. Packet Spoofing is also known as IP Spoofing.

2. It is the crea t io n of Internet P.otocol [J P) packe ls with o. fa lse source IP ;:;dd:·ess, fo, the P'Jrµuse
of !ii ding the ide ntit°'; of ~he sende, or impe rscnating another computing syste!ll .

3. · ue w·L11_.
0 netec hrnq ich,d SPn
• der m·1v
< _ •1se
• to mainta in c: nonymity is to use 3 r r0w
- '> L'J'\'er

4. As :;!,own belo'A' in figur1: 8.J 5, :,ttc:cker c:·e;,~tes 3 1! IP racke r and sends to ~l ie se iYl' :

kn own as SYN req uest.

5. The d 1•r·1ere
• nce m
· the' IP p"'cket
" an d normi.l l packet is that the attacker puts the O\\'n sourrc> address

as anot h e r co mpu ters

. IP a·ldress
'"' , created IP packet.
in the new lv

6. The se rver respon d s b aL-k w_, 'tl_1_a SYN-ACK

_ __ response which travels to th e forgec..l IP ad dr~ss.
f llje f{J off34

musolution.in Scanned by CamScanner

 rfo(Jpcr1 Solun·o},/ .
Seme!fer-7 _ _ - - - - ~ -~ l}'

8 I ?r'-P~Sec~u~,.;1u~·
..::J
~ - - - - - - - - - - - d b the server an d a ck now1edges it so
. YN-ACK respons e sen y as
7. The a tta cker somehow gets lhis 5
to complete a connection wit.h server. J th e server comp uttr.
8. -- tr . vario us co111 111a n s o11 Q
OJ1 ce th is is done the attacker 1...in Y attacks, ARP s poofing atta cks, anu D
9. The most common methods mclud . e JP a dd ress spoofin g Ns

s erver spoofing attacks.

F
-11'1172.t.S.1.6
~ IP: J0.0.0.25 ] Sot.tte IP: 172.1S. J.6
o,,sdu~tlo• l-'"' 10.0.o.zs
'

User

,,,,t:J.._ .-.-SoarcoJP: 172.H .0.S

SpoalNI So>u,..,. IP: 72.1 5 .1.6

-~-===•=P:=1=0.0.=0.=2=5==::______
s erve-r
al.......J
----:--:-----,
JP: 172.l S.l .6
Sour..-e
Qestj...,tjoD 1P, 10.0 .0.2',

Figure 8 .15: Pa cke t Spoofing Example.

SESSION HIJACKING.:

l. Session Hijacking is a lso kn own as TCP session hijacking.

2. !tis a meth od of taking over a secure/unsecu re web t..ser session by secretly o b tajr.ing the session
ID 3nd masq ueradi ng as a n authorized use r.

.:i . Once the user's sessio n ID has been accessed, th e a ttacke r ca n m as quera d e as tliat user a nd do
a nything the use r is auth orized to do on th e netwo rk c:s shown in fig u re 8.1 6.

.. _Ce,
User

l'. tr,1cker

Figt:re ll.16 Session Hijacking E

4. xampie.
Thi: ~c5sion ID is stored within a cookie or URL.
J
JITT/' cookiP.s a re used for a u thcn tic.:i tiilg •
. ' '>C!-stnn tracki n ' st . . .
use r 111forma tion. g, ate rna intena r. ce and ni:i in w1r11ng
6.
~cssion hijacking ta kes a dva nt.ige of this . .
7. Th . t . . 11 l.ict1 cehy 1n trqcJ · .
e m .rusion may or may no t be di!tectable. . ing in re._,1
.., t·1me d uring a sess1c111.
.

musol ution ■ in · Scannedby CamScanner

 mt¥,!H,,,21,1mn
S\9'P .J'eluri~ SemMfer _ 7 ,
~ .. 'T0ffer 1 Sofulion,
8.
,r 3 ,11ebsllc
.
does not respond in a normal .
W,1y lo 11:;cr il1p11L or ,, ' ' .
~ij:ick111r may be the reason. :itops responding t!ic11 :-;c:;~ifon

~
-----
Q,
71 IP spoofing.

[5M - l>ccir,f
Refer Q16 Packet Spoofing Part.

Q18] Session Hijacking and Spoofing,

Ans: [5M-May17J

Refer Q16 Session Hijacking ancl Packet Spoofing Part.

- - - - - - - - - - - - - - - - - - --
Q19j Define the following examples:
(i) Salami attack.
(ii) Session Hi,iacldng.

Ans:

S:\LA~H ATTACK:
dfe\e [5M - Dcc15]

l. Sabmi J\ttack is the series nf :;m:ill <1tt.icks which results in i,Fge at tack.
2. lt works 0 :1 "Collect & Round Off' Trick.
3. A salami a ttack is when small attacks add up t:.l one 111;:ijor ,1ttack that ca n go undetew ~d
4. It also known .is salami slicing or penny shriving.

Exampie:

► Coasider the exa mpie oibanking syste:11.

► Tr e bai1i-- pays 9% interest on .:ccounts depositrd in ihe hank.
> Jn first month. let's say an acco unt holder gets Rs. 102.25 and in second montn !11:/s!ic gets Rs.

198.54
Bu t because th e bank d1:r1ls c:1iy in RuiJees, r CL:nding is perfc rn,ed bc1sed on va,uc cf rc:,i,\•Je.
ff resi due is halfofrupees or ,~10re, round up is performed otherwise round do\·1n :s perfoi":neu .
At,c>cke :· c:-:es ! O stea l thi:; CJ.25 w 0.f- or sc,:ne 1>l her fr:i ct:on Llf a r1Jp~c in r aist: z.n::I ;iJj t ,) i-~ .:w r.

accoani.
> Even if the value is negligible for one accou nt holder er transacti0n. 2 hank rna~:es ., fc \·, !2kh
tra nsactions every day and an attacker mc1y collect these fractional paise from all accounts er

tra nsaction to add significant amount his account. - - - -- ----

ll

musolution.in Scanned by CamScanner

 I
i ·Muf·WPH,,,t\,JMN

SESSION HIJACKING:

Refer Ql 6 Se.'ision Hijacking part.

{i0 Bowing attacks occur:

Q20J Explain briefly with examples, how th e
i) Salami attack
ii) Denial of Senice attack
iii) Session hijacking attack
iv) Cross-site scripting attack.
Ans: [10M - Dec16]

SAL>\Ml ATTACK:

Refer Ql 9 Salami attack part.

DEt-JI AL OF SERVICE ATTACK:

Refer Ql.

SESSION IIIJACKING:

fe\ernent
Refe r Ql 9 Sess ion Hijacking part.

CROSS-SITE SCRIPTL\!6 A TTACJ<\:

@ ~
Perpetrctor injects tJ1e
website .si th a malicious I
/
W ebsi t e
~
script that steals each
visitors session cookies ( \ r-or each \llslt to th~
w e bsite,, t h ~ ma licious

\ ~c:ipt is .-.ctivated

I
,.__________
©l _~isitnrs session cookie
1s s en t t0 ~erpetra :cr.

Perpetrator
~ ~e;petrator_disrnv~rs a
website ha11111g 2 \1Jl~erab1'ity
the, enables sc.ipt lnjPction
-
Websit e Visitor

. Figu r e 8.17: Working of\ SS.

1. Crnss-~1te scripting (XSS) is a type \) f rt' n" _
. . - . . pute1 secui-1ty vul . ..
aoplicat1 ons. -11 ~1abili ty typic.:tlly j, uml in wd
2. XSS enables 2tt3ckers to inject cli~nt-side .· ..
sci ipts into Wt"b pa .
~es viewed by other t:st rs.
-
• t _t,, ~
. .i;_'

_:. ::··::_~:I0i
. I .; ·,·
t'::t ~-- -~.. ":.
■
~
i t"
~

muso u 1on.1n Scanned by CamScanner

 -
J.
81 'J'P Securif!J
A Cros. .s-si te ~er
- · Iptrni.:
· vulncrat Ill
> Ly m ay he uncd h
SernMur - 7
- ----- % ,~,', & ftdlrnu
.~;imc-origi r, policy " y illtackcrs In bt;p;.,:ir; ;j(.et z• '''m tr, I I <
' ' ""- ' -: f, ln I il "J l1l!:,
1. The scri pt s ,·,,f,-r rt•rl h c rr, . .
· "rl' Illa 1lclous cod ~.
5. In XSS, th e a ttacker doc•· not di
. ., rcctly ta rget the Wifir,
6. Firstly th e a tt;icker injects th ·I .
e ma lc1ous code into the Wc l A
the m.ilicious code is delivered . . , i PP whcr,: thr: ur.er vi::itr, and ..~tn
to the v1 ct1m i; browser.
7.
Th e figure 8.18 s hows Lhc working ofXSS.

Q21] Explain briefly with exam • h .

1
P es, ow the foUowmg attack.~ occ..'1.lr: [loMJ
(a) Phis hing attack.

(b) Denial of Service attack.

(c) SQL injection attack.

(d) Cross -s ite scripting attac:k

Ans:
[10~1- D e e17]
_P HISHING A TTACK :

1.

3.
Phishing is a n exampl e of social engine ering techn iqu es.
it is use d to c.leceivc use rs.
It exp loits w eJkne::;se s in we h security.
rnent
1. Ph ishi ng is the fra udul ent atte);)pt to obta :n se.isitivc informa tion ::;1;ch as LSc:--n2m!::s , pas:;,.•:cmh,
;;; nd credit card details (a nd money), often fo r ma!icic11!. rt:a:;011s.
5. Phish ing is typically carried out by email spoofing or instan t messaging.
6. A phishing attack usua lly consists of an au the ntic-looking sende:- and a socially E:ngjn::ered
m~ssage.

7. Ma ny email recipients believe th e rn tssage is frcm a trusc1:d ind ividuai an:i •.v;ll ooen infc:.:tt rl
attachme nts or click on malicicus lin ks.
Example:
MyUniverslty

TJ1:s f.• m;. 11 i~ rnettnt to inform yo u tha t ·1our r,1,,u.,r:e;ity n':t•·,or( ~-' ~~•::-:,:
:·1iil t~p;,e ir: 24 IJ ?ur~.
'i~,.;.!~ ' o!l,;·N tr t Lr,;,: :)elv•.·1 tc upd3tt •,•cr.:r i'J:11j~•••,;r-J
f:1 .'•l('i!, •(l.;J:i.~[P;1h','<))

Figure 8.18: Ph:shi r.g Atta ck Exc1:nple.

I. A spoofed email as shown in figure 8.18 from myu ni·1ersity.edu is mass-dist:ibuted •o as I any
fa culty members as possible.
----- - - - - - - - -
o{f34 ■

muso 10n .1n Scanned by CamScanner

 Soma1ftr-7

Thi' «:1111111 ct.11ms th.,1 the 11s,11·':; pa::swonJ IGahuu t to cxpi n• .

J re11ew their password with in 24
:,, l11s triu:lio11·: art• Hlvc•n to HO to myu11lverslly.~du/ rc11cw;i1 11
iilllll'~.
i
.,. •··1
I 11.! 11 sN Is redl1\:1·tcd to my1111IVl'l'Slly.cdurcr1ewal.com, a
, I u•· 1n gc appearing exactly like th
JOr, " ' e
5
r,•:il 1·cncwnl p:iv,c, wlrnre bolh new and cxls tlnr, passwords a re rcquc led.
5. "I I1c :lllac:1<er, 11H)nltorlt1tl llie pn1:c, hijacks the o rlglna 1passwo
. I'd to 0oa in access to secured areas

on tlw 1111iv,!rslly network

6. The usc1· ls Sl' lll to the adual password renewal p;igc.
7. llowcvcr, while being redirected, a malicious scri pt ;,ictlvates in the backgrouo d to hijack the
11scr's sessio n cool<ic.
8. This results in a refle cted XSS attack, giving the perpetrator privileged access to the university
ne twork.

DENIAi. OF SEHVICE ArrACI{:

Refer QI.

SQL INJECTION .<\T l'...\CI<:

1.
2.
SQL inj ection is a code injection technique.
It is 11:,; ed to .11 ta ck data-driven applications.
rnent
3. SQL injen io11 is :1 :set of SQl. com mand s that are placed in a URL s tring or in data strJctun:s in
rinlc1 tn l'llri e e ;1 rc.-;rons e that we want from the tl;ii:ab;i:,es that a re connecte d with th~ web
.1pplic;1tio11s.

4. Thi s type oi ,1Lt.1ci<s gene rally takes place on web pages devel oped us ing PHP or ASP.NET.
s. J\11 SQL injection att.1ck can be done with the following inte ntio ns:
• To d u:11p Ill e whole database ofa system.
To 111ocl i1y the r.ontent of the databases.
'J'o pc1·fo r11; different queries that are not ::di uwcci by the ...-npl'i
,
c·d t 10n .

Example :

1. /\ ~ypic:11•! S~o;·c':; SQi. dalalnse qu ery may look lii~c the fo!l o,vi:,g:
SELECT JtemName, lternDcscript:on
FROM Item
WHERE ItemNumber == ltcn1Numbei-
2. J-'ro111 th is. tl11! wr~b Jflplication builds a string query th,u is -:e nt h
- to t e database as a :;ingl~ SQL
!: latc:ne,1t.
I •

3. /1 user -p rov ided input h.t.1lli/ /www,c:,tore.com/itemsLi!J.~ms 7. . . ·

~ -...Hfilnid=999 ean thPn generates
the follow int: SQl. QlH'!ry. -

■.
muso u 1on.1n - - - ~ - - -- - - -- -- -
Scanned by CamScanner
 ----------~:;.:J:~=r=f~~,.~-z7______:~~~~~ SELECT ltemN·
,lmt\ ltemOcscriptlon
To~per 1 ..Sofufio,u

FROM ltclll
WllEHF It, N
4. The above- m , . · cm umber :: 99')
c nt1onc d lllput 1 . 1
• w H r 1 palls informa tion fo r ~ . -·
read ht.rg://www.estorcnn" ,;,, 1· "spcufic prouuct, c:i n be altert?d to
- ·•·........ u.a_<llfil. Items ·3c:" '.'i~n .. 11· I
s. As a result ti '' " ~ ( =-lJlJ9 or I =1.
, , 1e corrcspo 1· S
· n, lllg QL query looks like this:
SELECT JtcmName, lt_
emDescrlption
FROM Items
WHERE ltc111Number = 999 OR 1= 1
6. And since the state me nt 1 - 1 . I
. . - is a ways true, the query returns r1l1 of the prod uct names and
d escnpl1ons in th e da tab .
;1se, even t h ose that you may not be eligible to access.

CROSS-SlTE SCRIPTING ATTACI< :

ReferQ20.

Q22] \Vhy E-commerce h•,ms actions need security? ·which tas ks arc performed by
payinent gateway in E-commerce transaction? Explain tlu.~ S ET (Secure
Electronic Tr.ins action) protocol

Ans: r10ii - l\lay-18]

IMPORTA NCE OF INTER NET SECUH!TY~

1. Secu ri ty is an esse11tial part of c1ny tran sac.tion that takes p!a,;e ove r th e inte nwc.
2. Ci..:s tomers vJill lo:;e his/ her bith in e-busi ness if its sec uri ty is compromised.
3. Following are the essenti:i l requi re ments for £afe e-p;1yments/transactions:
Confidentiality: Info rmation should not be accessible to an unau th orized perso:1. lt shuuirt
not be in tercepterl rluri ng the trans mi$sio n.
Integrity: Informa ti on slrnuld not be altered du ring its transmission ovc::r the netw()rk.
•
Availahilitv: Info rmation shou ld be availabl~ wh erc:'Jcr cir,d whet~t.>v~r required within ;.

time limit specified.

• Autllenticit~ There should be a mechan ism to autl~enticate a user b~fore ~i•:ing him / her
an access to th e req ui red informati:.in.

• Non-Repudiabilit~~ It is the 9:-otecti:)11 agr:i inst t!·,e <lrniai of payIT.e!1t. Once a ser,cier sends
a message, the se11der should not be abl2 rn dcr1y srnd:ng the rnessc1ie. S1m\!?.r!y , 1\L

recipien t of message should not be able to d2ny Lhe :·eceipt.

.. EncD'.Jltion: f;i formation should be encrypted and decryµted only by an authori'z.E:ri u~e:-.
AuditabiJity: Data should be recorded in such a way that it can be auditetl for integrity
•
requirements.
---------- - -- - - - - ~ ,. -- - -- - -- - - - -
1ltlje 12.f of 134

ill
musolution.in Scanned by CamScanner
 I

I
i·Muf·MPH,,,t\,J~M
1vfucsllaneow Semerkr-7
TASKS ARE PERFORMED BY PAYMENT GATEWAY IN E-COMMERCE TRANSACTION:
1· A payment g:i tew,1y ,s
- :1 • prov1'd e d hy •:111 e-cnmm crre .inolication
merch.int service ' · service
provider.
2. Payment gateways facilitate transactions by transferring key information between payment
portals such as web-enabled mobile devices/websites and the front end processor /bank.
3. When a customer place.s an order from an online store, the payment gateway performs several
tasks to finalize the transaction.

I) ~

► The web browser encrypts the data to be sent between it and the vendor's web server.
► The gateway then sends the transaction data to the payment processor utilized by the vendor's
acquiring bank.

ll) Authorization Request:

► The payment processor sends the transaction data to a card association.
► The card's issuing bank views the authorization request and "apµro';es" or "denies."

Ill) Fillin~ the Order:

► The processor th en rorw;irds an authorization pertaini ng to lhe rne rc!tant and consumer to the
payrrten: gatzw::c:,·.

► Once the gateway obtains th(s response, it transmits it to th e website/interface to process the
pi3.yment.

► Here, it is interpreted and an appropriate response is ge11erat1:d .

► This seemingly complicated and lengthy process t"IJpically takes Oi1ly a few s econds at most.

► At this point, the !l1erchant fills the order.

IV) Clearing Transactions:

► The steps outlined 3bove are repeated in an effort to "clear". the authorization v ia a consu mmation
of the transaction.
,..
...._
llowever,tbecleari11gisonly triggeredonce thcrnerchant hasactua ll vcon1 1 • d'h t _ , t;on
_ .p.e,e L e nm::.ar .t

SECURE ELECTRONIC TRANS1-\CTION (SET) PROTOCOl;::_:_

1. Secure Electronic Trc> n~; 3ctio11 (SET) is a communications protocol st.., ➔ •• ,

. -- 11C.d, l1
2. It is used for securing cr1:dit card transactions over networks speci·r·c.., ll tl
'
1 n y, 1€: 1nternct.
3. ft is a s,:c u,-e prr. lur:o l r'. e ·.,eloped by MasterCard and Visa ip c·,1•1., 11 <ll'' l .
· · ' '" d ll)I)
4. SET n:-otoco! restr; Lts J"evealing of credit card detail:; to nierr h~i t . ti . . k .J
t • 1 ~ His 1, eeµlll g hac t!i"S a,1
thieves ;it b::iy.
5. SET prorncol includ es Certification Authorities for making use or ·t d l . . . 1·ke
:, a n, ::ire D1l!1tal Certificates ,1
X.509 Certificate.

Scanned by CamScanner
 a,,1.1J&PJ,,, 21,1ms

"MfrcellanNJUJ
Semt1fer-l
1"o('{'er1 Sofufion1
PARTICIPANTS lN SE.T:

► Cardholder1 Customer.
Issuer·. rustom
~ er flInancial i:1stitution
Merchant

► Acquire[j Merchant financial -

Certificate Auth_ority: Authorit h.
X SOOV3) II y w tch follows certain standards and issues certificates (like
· ~ to a other participants.

SET FUNCTlONALITIE~

► Provide Authentication.

► Provide Message Confidentiality.

► Provide Message Integrity.

SET WORKlN6:
Both cardholders and merchants must register w ith CA (certificate au~hority) first, before they can buy
or sell on the Internet. Once registration is do ne, cardholder and merchant can start to do transactions,
which involve 9 basic steps in this proto col, whi ch is simpli fied.
l. Cus tomer b rowses webs ite an d d ecides on wh2t to purchase
2. Cust om er sends order and payment information, wh ich includes 2 parts in one message:
a. Pu, ch~c;kc This par t is fo r n1erchant.
b. Card Information: This part is fur merch ant's bank oniy.
3. Merch ant forwards car d inform atio n (part b) LO th eir bank.
4. Merch ant's bank checks w ith Issu er fo r paym ent i:ili th oriza tion.
s. Issue r send a uthoriza tion to Mer chan t's bank.
6. Merchant's bank send auth oriza ti on to merch ant.
7. Merchan t comp letes th e or de r a nd sen ds confi r mation to the customer.

8. Merch a nt ca ptures the transa cti on fr om their bank.

9. lss11 e r prints cre dit ca r d bill (in vo ice) to cus tomer.

musolution.in Scanned by CamScanner

'MilceflimMW
----------------------------------
~USCELLAN£.OUS
SemMfer-7
-
1'o(1p r1 o/ut; 1

QtJ Timing nn<l Stom~c C11\'c1·t Cha nnel.

Ans:

COVERT CHANNEL:
1. Covert Channel is type of computer security attack.
2. It transfers information in a way that violates a security policy.
3. Covert channels have been defined by Lampson in 1973 as a rnmmunicati on channel, not
designed for any kind of information transfer.
4. Consider there is group of studen ts preparing for exam, where questions are of o bje ctive type.
5. For each question there are four choice of answer: a, b, c, d and right answer has to be se lected.
6. Now one who is clever in the group decides to help -others.
7. So he/she any reve 3] the answer by acting in accordance to a prede tem1ined protocol like
coughing for answer "a", sighing for answer "b" anrl so on.
8. Covert channel is hidden communication in open channel.

TIMI.NG COVERT CHANNEL:

1. Timing Covert Channel 3re nwmor.vless channeJ.

-----ent
2. In a covert timing chanr,tl, the t riformation transmitted from th e sender m ust b~ $Cl1Si'd by me
receiver irr.meJiately, otherwise it wi ll be lus t.
3. The task of id e n t ifyi ng :1;1J han dlinb covert timing cha nnel in a secu re sy '.>~1: m 1s more difficult
than storage covert cha!ln c!.
4. Examples o f timing ch a nn el are:
a. 1/0 Sched uling Control.
b . Memory Reso un e t-1~n:i g12m en t C!tannel.
s. Figure 9.1 represents cx;;imple of covert tim ing channel.

I---+- -t---+
Srrvic<·
J'roer;: 01

I
5J' )'
J> r oe r,1 ,11

,l
Servtrc
Progra m

l
Spy
Procr.lm

O
Se n •ire
Procran:
Sp,·
Progr;, l\\

,'ir,111 ~ •1. 1 ( ~ I Non nn l Sd1,, dullnt:

'i,•1·:11 ,. '•1 \ -,py '.)f'i\h"v

f'l'fJ f!••"l lli 1•, ,,1,,,,;r1 l· n, ur :, 111 l'n,r,r.un 'Pl
ProtH\ \111 r, "'l~n IH
i......----+I~ -~-i ~---t- -t--
J"lr,i, n 'l. t jh) ~rrvlrn l'f''•r,r:1111 ro 111111111,l,Jll n:J I Ol

- ---- - -------

musol ution. in Scanned by CamScanner

----
6. In Figure 9.1, the schedul·
.
mg of service
~erfer -
progra m and . ,
7
__ Topper ,J .Jofubon,
. .
7. \' service program makes use of . . spy s program is shown.
timing ch annel . h
11s inu it eit er by usino cc t· · .
· t- · b r ;:iin amount of lime nr by not
9. In multi programmed "Yst . .
" em, time is divided into block
alternatively. sa nd allocated to one process a nd another
9. The processing time is rejected b
10. A block . . db ya process if it is waiting for an event to occur and is idle.
is use Ya process to · I
. . signa 1 and it is rejected to signal o.
11. Figure 9.1 (aJ shows first situation 0 f .
• norm a l scheduling, where service program and spy program
are used alternately.
12. In figure 9.2 Cb) the second ·tu · · h ·
' SI at1on :s s owed where service program communicates 101 string
to spy program.

STORAGE. COVERT CHANNEL:

1. A storage covert channel transfers informatio n throu gh the writing of bits by one progra m .1 nd
reading those bits by another.
2. Exa mples of storage covert channel are:
a. File Lock Channel.

3.
b. Printer Attachment Channel.
Figure 9.2 shows the exampl e o f st orage covert chan nel.

Art~rhed ?
ent
Sender Process

Printer
~·es: J Gl
---+ Sp)'
Progra,n
Det2ched (O J No: !
Rece iver Process

[ o~ta t G ue-:::1

. 9 2· P1·1·•1ter Attaclw1em Cove1·t Chann~l.

Figure • · · . . "
. . . shared re5ources in a system, a se ndmg pt aces.
. or other J/0 devices a1e
WheP. p h ys1c2 · 1p~inters
. . I . • process 'R' :.i t :i,
for ;n fo:-rnation to a rece1vmg
4.
. l vo) could pote ntial y tra ns - .
h . h ec.Jnty e ...
'S' 3t a ig s . tentio n fo r the device.
. . el b'-' creating con
. -o ~1ir1ty Jev
!owP.! :,... ... J
y t o svncui. ron,z e .
= ;.
. . t h avF' some wa .- . .
dPr and receiver rn us • . ·f l ri n•er ,5 attached and dttachc:- if ,t :s
5. The se n - . plv che cks tn see , c ie p ' • .
1, ., ~ender process s1 in ,
6. T ose :1cl a 1. r - ·
. , d and detaches if it is attached.
r:, ot . h ks to see ·(th
I •'
e printer is a ttarne h .
c:ler process c ec . . 0 'f successful and a 1 ot crw1se.
7. To se:1d;:; 0, th e se n h the printer, re ceiving a J
. er p rocess attemp ts to attac ·r h atta"h call wa5 successful.
8. The :-ece1v h "the printer I t e _~_ __ _ _____ - -- -
. cess then detac e- -
The receiver pro - -- - -----::~ - f,21,
~ Pa9e12.; 0• ln

musol ution. in Scanned by CamScanner

 <Top(1eri Sofufion1
O.Ue.rfion 1'a(lm Semeifer-7

Mumbai University - Dec zotS

[ 1O]
(a) [)e fin e th e following ex:rn1 p les :
(i) Subs titutio.1 ciphe r.
(ii) Poly-alpha betic ciphe r.
(iii) Salami a ttack.
(iv) Session Hijacking.
Ans: [Chapter - 2 I Page No. 11 & Cha pter - 8 I Page No. 117]
(b) With the help of examples explain non-malicious programming errors. [OS]

Ans: [Chapter - 7 I Page No. 88]

(c) Define the goals of security and s pecify m echa n isms to a r chive each goal. [OS]

Ans: [Chapter - 1 I Page No. 2]

Q2] (a) In an RSA system the public key (e, n) of user A is defin ed as (7, 119). Calculate <Pn a n d private
key d . what is th e cipher text w h e n y ou en crypt m essage m == lO, u s ing th e public key? [10]
Ans: [Chapter - 4 I Page No. 40]
(b) Give the format ofX 509 digital cer tifi cate a nd expla in th e use ofa digit al s ignature in it. [OS]
Ans: [Chapter ·- 6 I Page No. 65]
(c) Encrypt "Th e key is h id den unde r th e doo;·" us ing pby fa ir ciph er vvith k eyv.io r d "' d om es lic''
Ans: [Chapter - 2 ! Page No. 14] fOSJ
Q3] (a) Expla in how a key is s ha red b et:iNeen tw o pa rties using Diffie-H ellman by excha n ge a lg orithm.
Wha t is th e drawback of th is algorith 11i"? [ ! Oj
Ans: [Chapter - 4 I Page No. 4 7}
(b) Diffe rentiat e b etv.reen i) MD-5 and SH A ii) Firew all and IDS.
(1 O]
Ans: [Chapter - 5 & 7 I Page No. 64- & 8 3 )

Q4] (a) Explain w orking of DES detc=liling th e Fies tel s t ru cture.

[10)
Ans: [Chapter - 3 I Page No. 26)
(b) Wha t is a Deni ai c f sE:rvi ce a tr2ck? W h .:i t ,ire th e d iffere nt w ays in . .
w 1lie11 a n att.icke ,· crn n,ount
a DOS a ttack o n a sys te m ?
[lOJ
Ans: [Chapter - 8 I Pa ge No. 96]

QS] (a) Lis t the fonctio ns of the d iffe r e nt protocols uf SSL. Explai n th h
Ans: [Chapte1· •- 8 l P age No . 101]
e <lndshake nrotornl
· ·
[O S]
I
. ,
(iJ) Hr1w does PGP .i ch 1evc con fi d e ;1tia!ly and ;-uit he n rcatioi1 111
• .
' e m a ils '? f05 1
Ans: LChapter- 61 Page No. 6 9]
(c) Differe ntiate bdween the tr anspo rt mode a n d tu nnel
mode of IP Sec a nd 1J:-:p!:1 i11 how
a uth e nticatio n a nd con fi den tl ali ty are c1ch ieved using IP Sec.

- - ---- -

musolution.in Scanned by CamScanner

 - Ans: (Chapter_ 81 P age No.1tiJ
I \,' .1
Q6) • r :1:: 1n hrif- f al,o
(any fo Lr):

{a) Oper,Hi ng System<- .

-erunty.
Ans: (Chapter - 1 I Page No.1]
{b) Bu ffe r overtl o-.v a ttack.
Ans: [Chapter - 81 Page No. 114]
{c) !P s p oofing.
Ans: [Chapter- 81 Page No.117]
(d) Viru ses and thP.ir types.

Ans: (Chapter - 7 I Page No. 86]

(e) Key gene ratio n in IDEA.
An s: [Chapter - 3 I Page No. 211

Mumbai Universit~; - ~tay 2016

Ql] t a) Explain soft\,;are flaws with exar.ipl=. 105)

Ans: (Chapter - 8 I Page No. 113)
(h) Lis t w ith exar.iple .he G1ffP.rent mech::r.isr:s to acr,tt·:::: sernr:r-;.
Ar~s: fChap, er - J I F'age No. 2:
(c.) Expla;n ·.v:th examµle, keyed and keyl:::ss .,aJ1S?fo :.on o;::ir.=rs
nt (05]

(05]

;\us: (Ch,ipter - 2 I Page No.12j

(d) Eb borate t!iP. steps oi !<ey ge ner2tic:1 usi.1g R.S..:. .:-•.go:-;::::m. f05]

.\r.s: [Cha pt~,- - 41 Page Ne. 39]

Q2] (a) 1
\- and 8 decide to use Diffi e Hellman Algc:-·Ltim ~0$::a:-e .. key. r ne:,· mos=?= 23 a!"ld G = 5 as
the pu bl!c pa rameters. Th~!!" secret keys are 5 ar.d -: 5 rc:s;-e,:,1·:el..-. Ccmputk the s <:c::et key that
(10]
th ey shc1 re.
Aus: fCha pter - 4 1Page No. 49]
(10]
(b) Explr1ir. \ vo rki ng of DES.
,r 2. I
Ans ; !Chapter - 3 1Page ,~<•. oJ
[1 OJ
Q3)
(li>)

j10}
d acket spoofing. E.:q lain !:e,;sio:i hijacl<;og ,mack.
. fi
04· (;:i) Compare packet snit mg an P .
- l
Ans: (Chapter- 8 I r~~2
151
- -- - -
- - fla_Jt 127 a{04 ... ~• I

.....;, _:, .. :., _,<

··. -,...>!!

·. . .·, ·-:>·:::••:.:{_~'~ -:-~~:~;~~'~}%

~
musolution.in Scanned by CamScanner
 .Semmer 7
[10]
(b) E.xplain working oi Kerberos.
Ans: (Chapter- 6 I Page No. 74]

· principle? LOS]
SJ (a) Wh at 1s a firewall? What are the firewa II d es1gn ··
Ans: [Chapter - 7 I Page No. 79)
[OS]
(b) What are the various ways for memory an d a dd r ess protection.
Ans: [Chapter - 71 Page No. 90)
. S tern for securing a network. Cornpare
(c) Explain the significance of an instruction Detection ys ·
(10}
signature based and anomaly based IDS.
Ans: [Chapter - 71 Page No. 84)

Q6] [20]
Write in brie(about (any four):
{a) Email Security.
Ans: [Chapter - 6 I Page No. 67]
(b) SSL ha ndshake protocol.
Ans: [Chapter - 3 I Page No. 101]
(c) !?Sec Protocols for security.
•.\ns: [Chapter - 8 I Page No. 104]

fe\ernent
(d) Denial of service attacks.
A.ns: [Chapter - S ! Page NG. 96j
(e} IDEA.
,\.is: (Ch~pter - 3 1 Page No. 2 J]

Mumbai University - Dec 2 016

QI] (a) \Vha tare block ciphers? Exphin with examples the CBC and ECB modes of block ciphers. [OS]
Ans: [Chapter - 3 I Page No. 33]
(b) Eucryptthe string "This is 2r. easy task " using a µlayfai r cipher with key "mon arcliy". {OS}
Ans: [Chapter - 2 I Page No. 128]

(c} ['efi11~ authentication and 1~on-repud iarion a ,1d shov,• with example , .1 • ,. ,
s 1.ow e aL11 0 I, e ~::ir. e
ac:11cved.
(C5!
Ans: [<:hapter - 7 ! Page No. 92)

(d) Describr; ~riple DES with t:wu !JES key:;. ls ma n ;n the: 1~11d ·1l, atta k .. _. • • - . ~
' l
1
c po:.siu!e e n tnD •i- fJES . (0-i.1
Ans: [Chapter - 3 I Page No. 31]

Q~1 (a) A a;id B ciecide ta use Diffle; Hellma n .ilgorithm to s hare key •rh .
· ey choose µ=23 and 0o=S as th~
public par;:imeters. Their sec:-et l:cys ;:: re 6 a nd 15 respectivel C
Y, ompute the secret key that they
share.
[ tel
- -------
. :

musolution.in Scanned by CainScanner

 ..Semtfkr-7
Ans: [Chapter - 4 I Page No. 49]
(b) Compare DES and IDEA E I . th
Ans· [Cl · xp am e rou n ct key generation scheme in bo th these algorithms. 1101
· lapter - 3 I Page No. 32]

Q3) (a) What are the different ty f .

• peso viruses and worms? How do they propagate? [10)
Ans: [Chapter - 7 I Page No. 86]
(b) What are the various r
ways 1 or memory and address protection in Operating systems? How is
authentication a chieved in 0.S? [10)
Ans: [Chapter - 7 I Page No. 901

Q4)
(a) Explain briefly with examples, how the following attacks occur: [10]
i) Sa lami attack
ii) Denial of Service a ttack
iii) Session hijacking attack
iv) Cross-cite scripti ng attack
Ans: (Chapter - 8 I Page No. 118]
(b) How is security achieved in the t ransport and tunnel modes of IPSec"? Describ e the r ole of AH
and ESP. [10]
Ans: [Chapter - 8 I Page No. 107]

QS] (a) Ho\N is confidentialit:y ach ieved in emails using e ither S/M I ME o r P GP"? [OSj
Ans: [Chapter - 6 ! Page No. 69]
(b) A a nd B wish to use RSfa. Lo corn mu n ica te secu re ly. A chooses 1,ublic key (e, n) as (7. 24 ) <1ml
B ch ooses p ublic key [e, n) as (5, 221). Calculate their privat e key~. What w:ll be th~ , iphe r t t!Xt
se nt by A to 8 if A wi shes to send m essage m =- 5 secure ly ro B'? (10}
Ans: [Chapter - 41 Page No. 41]
[c) What is a dig ital signature? Expla in a ny digital signature .-1lgori thm . (OS}
Ans: [Chapter - 5 I Page No. 54]

QG] (a) Compare and cor.~rait (any two) :

i) Block and stream ciphers
ii) MD-5 versu!: SHA
iii) KDC vers us CA
Ans; [Chapter - 2 & !:i I P,~ge No. 19, 64 & 63)
(b) Whclt ar e firev.;:;JJ.,·:' Exp lai1: ril e di ffe rent types of fi rewans ,111d nlt' i11i ,,11 the l 1y1·r \n ,,•hid1

t}iey opernte. l\O\

Ans: [Chapter - 7 / Page No. 80J

-------- - 'Pa eI2.9. o(.f34 •

muso ut1on.1n Scanned by CamScanner

 au«tflm, 1'4 .Stmdlfer -!_7 ______ 7i---.!oA-!..,P_er_i_Jj_o,_ufi_•o_m_
--..!.------------- -----
Mumbai University- May ZOl?
., • CINE" In e 11 ,_·iphL'r the message "The r
l} II (:1jll~t•lh1•fil:,vf':-1lrtlph1'rwfthlh c l1cywonl : MUJI ' g eatest
, ,·1'. llt h ,~ h,•, tlth ". [OS]
i\ns: I Ch11111or - 2 I Paiic No. 17]
lh) lixplalt1 key t l118s In l'GP. [05)
/\11s: (Ch11111cr ·(,I Page Nu. 72]
(c) IJ rlt: fly d11nnt~ Idea behind HSA and also cxpl.:lin [10)
J) Wh[1t I~ the one way function in this system?
2) What Is the trap doo1· in U1is'/
3) Give Publlc key and Private l<ey.
1
1,) Dcscrihc scct1l'ity itt this system.
Ans: ('Chaplet· - 4 I Page No. 39]

0,2) (:1) E:-:plnin DES, dc t::iiling the Fiestel structure and 5-blocl< des ign [10]
Ans: [Chaplc•r - 3 I Page No. 26)
(b) Consider a Voter cl:ita management system in E-voting system with sensitive and non-
sensi tive ntl-rib1ttt•s.
1) Show with sam ple queries how ntt;icks (Direcl, inference) .ire possible on s uch data
se ts.
2) Suggcsl 2 different w;,ys l<1 mitigate tli e problem. [10]
J\ns: !Not In chu.lcd]

Q3) (:1) Expl,1in Diffie- ll cllm an J<ey exchange algori thm with s uitabl e example. Al:,o explain the
probl em of MIM artrick in it.
[10]
Ans: IClrnµtcr - 41 Page No. 48]
(b) Whn t ,ire Den ial of Service attacks? Explain a ny three types o f DOS a ttacks in detail. [10]
Ans: [Chapter - 81 Page No. 96]

(~) !PSec offe rs security a t n/w layer. WhJt is the nee d of SSL? ExpJ ... 1·n th • f SSL
· u e services o
;Jro locol?
[10]
1\ns: [Chapter- 81 Page No. 106]
(b) What are the types offirewalls? How are fi r~wr1 ils cliffe rent from IDS
(lOJ
:\ns: [f.haptcr - 7 I Page No. 801

(,:) Wh,1 t :ire the various ways in whicl1 pub lic kev dis lribiif · , .
. . _ , ion is .n,p 1emented. Explair, chc
work111g of rubl1c key certificates clearly detailing the rnl e of . -~·r· , .
cc r .i 1cate aut11onty. t10]
1\11s: [Chapter - 41 Page No. 50]

------ -------
fla_Je 130 off34

musolution. in Scanned by CamScanner

 . ..

Stnumr-7
(b) Why a r e Digi t.ii Signa tu re . .
S1s;nature ? s & Digital ce rtifica tes req..;lred? What is the significa nce of Dua l
(10]
Ans: fCh a ptf! r- S I P<11~1• No. S6 J

Q6J i\tte mpt a ny 4

[20]
(il) SHA-1

Ans: [Chapter- 5 I Page No. 58)

(05]
(h) Timing a nd Storage Cove rt Cha nnel.
Am,: [MlscP.IJaneous I Page No. 124)
(c) Session Hijack in g and Spoofing.
Ans: [Chapter - H I Pa ge No. 117]
(d) Blowfis h.
Ans: [Chapter - 3 I Page No. 23]
(f) S/MIME
Ans: [Chapter - 6 I Page No. 76)

Mumbai University- Dec 2017

Q1l (a ) En cr y pt lhe mcss;ige "Cryplograp hy is fun" w ith a mul t ipli ca tive c1pi1er with key:: 15. Decrypt
to g e t back o ri gina l ;:i laiP tcxt. (05)
Ans: [Chapter - 3 I P.?gc No. 34]
(b) Wi t h the he:lp c f s u: t;i bl c e xamples- compc1re and co ntra st m o n o;i lp h:i heti c ciphers a nd
p o lya lpha b etic cipher s·!
[OSJ
Ans: jChapter - 2 I r age No. 11 J
(c) Wh a t a re th e prope rties of h ash fur1ctions?Wha ti s the role ofa hash funct ion in sernrity? [05]
Ans: lChapte r - 5 I Page No. 60 ]
(d) What a r e th e differen t protorols in SSL? How d o the client and se:·ve 1· £::s tabli s h ;:in SSL
conn ection .
[05]
Ans: (Ch ap ter - 8 / Page No. 1 03]

Q2] (a) Wh a t is a digita l cerri{;cate? How does it help to validate the auther.~ic: ity uf ;i u:1::,? Ex plai11
tJ1e X.5 09 certificate furm;:i t
(101
Ans: [Ch apter- 6 / Pa ge Ko . 66J
( I, ) \.Viti: :-eftn~nce w CC co;:11 ;1e1:~ rJil the fcll o-,·.-i;,g: 1101
(i) Block size and ke_v s;ze.
(ii) Need for exp2mi on permutaticn.
(iii) Avalanche and completene~s effects_
(iv) Weak keys ar.d serr.i-wec:k keys_
- - - ----------

musolution.in Scanned by CamScanner

 1-&::1• 1¥dFJm21,i#d

Owsiicn 1>.~
(v) Role of S-b x.
ns: [Chapter - 3 I Page No. 2 91

t .1} \\lhat are the different types of vi rus2s and wom"ls? How do th <'Y prnp:ig:He] ( I OJ
An~: [Chapter - 7 I Page No. 86]
(l>) What are the various ways for memory and address protection in Opera ting System 7 rlO)
Ans: [Chapter - 7 I Page No. 90]

Q1J (a) Explain briefly with examples. how the following attacks occur: (101
i) Phishing attack.
ii) Denial of Ser:ice att:ick.
iii) SQL injection a ttack.
i \·) Cross-site scripting a ttack
Ans: {Miscellaneous I Page ~o. 119]
(b) How is se-rnrity achie\'ed in the tr.rnsport and tunnei modes of IPScc! Wh::.t :1re secu rity
asscciations? [10]
Ans: lChapter- 8 I Page No. 107]

QS j {a)\\ hat are the different threats to emails? Gt\'e an :tlgorithm to secure crna1b being sent from
u~er .-\ rn t.:::er B. [10}
Ans: (Chapter - 6 I Page No. 70)
tb) A a n B wish to use RS.-\ to communiC3te securely . .-\ chooses p ublic k~y as (7, 119) an d I3
chcost?s c u· lie key ctS ( 13, 2~1). CJ lcubte their private ;.;~ys. A wisi1es to s end r~~essage m = 10 to
B. \\ r. :a wm be th e ciµher!e:xt? \'. ith what key will A encrypt th e message "m'' if A needs to
:tuthemiGte itself to B. (10)
Ans: (Chapter - --l- I Page No. --l-3]

(2) Com pare and contrast (any two): (10)

[i) B! r_~ :rnd str~3m ciphers.
Ans: (Chapter - 2 j Page No. 19]
(ii) i m -5 \ 'cf'SU ~ SHA
Ans: [Chapter - 5 l Page NCl. 64-]
(iii) Key g:neranon in JDE..l_ 3r.c 3lowfish
.-\ns: tCh,1pter - 3 I F~gc No. '.!4J

(l\l ;-:Ii.. ar c · he d iffer ~nt components of a :i l11trusion Detection Sust->m?

i J '- •
Cornp~
• nre t:1.1e w o r k.
·1n:
or. i2,.i1::?tm e based IDS with anomaly based IDS.
1101
,\ n.s: fChapter - 7 I Page No. 8-1 J

----mus oI(f TOh_____in-~~=~ by CamScanner

 SernMftr-7

Mumbai University- May 2018

Q1l (n) Wh at is the purpnc;c of S-lHlXl'S i 11 DES? Explain the avnlanrhe eft'ccl't IOS I
Ans: [Chapter ·- 3 I Page No. 29]
(b) Give examples of replay ntwcks. List th rec general approaches for dealing with rcpl;1y a ll.lCY.!i, (05 I
Ans: [Chapter - 1 I Page No. 41
(c) Why is the segmentation c1nd reassembly function in PGP (Pretty Good Privacy) needed? [05J
Ans: (Chapter - 6 I Page No. 71)
(d) List and explain various types of attacks on encrypted message. (OS]
Ans: [Chapter - 11 Page No. 5]

Q2] (a) What is the need for message authentication? List various techniques used for message
authentication. Explain any one. (10]
Ans: [Chapter- 51 Page No. 62)
(b) Explain Kerberos protocol that supports authentication in distributed system. (10]
Ans: [Chapter- 6 I Page No. 74)

Q3] (a) What characteristics are need ~d in ~ecu re hash function? Explain the operation of secure hash
algorithm on 512 bit block. (10)
Ans: [Chapter - 5 I Page No. 62]
(b) What is a nonce in key distribution scenario? Explain the key distribution scena rio if A wishes
to establish logical connection with 8. A and B both have a master key which they share with itself
and key distribution center. [10]
Ans: [Chapter - 6 I Page No. 77]

Q4,] (a) Why E-commerce transa•: tions need security? Which tasks are perfor,neci by p;iyrncnt
gateway in E-commerce transaction? Explain the SET (Secure Electronic Tra nsaction) protocol.
Ans: [Miscellaneous I Page No . 1 21] fl O]
(b) In RSA system the pu blic key uf2. given user e = 7 & n= 187 [10]
1) What is the private key of this use r?
2) Jf the in tercep ted CT=l land sent to a user whose public key c =7 & n=l8 7. Wh3t is the
PT?
3) Elaborate various kinds of attacks on RSA algorithm?
Ans: [Chapter - 4 I Page No . 46 J

QS] (a) How can we achieve w eb secu ;·iry" Explain w ith exarnp!P.. (10]
Ans: [Not Included]
(b) Use HiJl cipher to encrypt tile text "short". The key to be used is "hill". (10]
Ans: [Chapter - 3 / Page No . 36]

Q61 (a) Explain JP Sec proto co l it~ deta il. Also write appiications and advantages of IPSec. flOl
Ans: [Chapter- 8 / P2ge No. 104]
(t) Differentit.1te bP.t\vee 11 i) MD·5 r1n ri SH.A. ii) Firewdll 2nd IDS. i IOI
Ans: [Chapter - 5 & 'l / Page No. 64 & 83]

musolution.in Scanned by CamScanner