Scribd
Upload
91 views

Cyber Security Unit-4

exam preparation

Uploaded by

All Accounts
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
91 views

Cyber Security Unit-4

exam preparation

Uploaded by

All Accounts
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
You are on page 1/ 46
rsp poasau ap apse snBINN SUE ap aca ee sua 2) 09/1 KOE OMB ‘ydesdotag so suey sour pe some [81a somos ay pur woneonUoURY ABESOIY QI. Whot is Cryptography? Answer Model Peper. a8 Cryptography refersto the technique of tansforming usable information int form thats readable only bythe authorized users. The enerypted information can be converted back tits orginal for i plaintext by ‘any authorized user, possessing the cryptographic ke. This process scaled decryption. Hence, cryptography {is @ means of providing information security, thereby protecting information from unauthorized wesess std ssclosure while transiting and string the information. “Thus, cryptography provides security tothe information as well as to other useful applications for improving authentication methods, message digest, digital signatures, non repudiation and encypied network communications, Its not implemented properly thea, i would lead to many security problems. The length and strength of an encryption key are also important, because the stength of an encryption algorithm is aso dependent on the key G2. White in short about MAC. Anew ‘Message authentication codes also called a cryptographic checksum, isa small block of date having ‘Axed size and generated using secret key. lis appended othe message Its assumed that both the prtlpans ‘who desire to communicate share a common secret key "A. Lethe partcjpants bet and BIf-4 wants seed message to 8 he calculates the MAC using the message and the key as follows, Mac=c,0My Wher, \ MAC = Message authentiaton code { © =MAC function ‘ = Shared secret key M= Input mess 83. What ore the algorithms in cigta signature schema? Answer ; ‘The algorithms in digi signature has been designed to ensure the authenticity of « message. It does ‘not perform encryption process overa message. These algorithms are used by the sender and receive so ast ‘generate a digital signature on the message and to verity the authenticity ofthe signature respectively. Both sender and reeiver has a private and public keys which are used for performing signature pencraton and verification funetions. The following ate the thre algorithms included within the digital signature scheme | 1. Key-genertin algorithm 2 Signing algorithm 3. Signature verifying algorithm 1. Key-generation Algorithm: This algorithm i sed for generating privat key and its corresponding prblic key. 2. Signing Algorithm: This algortun ‘enerats a digital signature as output by considering mess and peivate Key 2s inp. Signature Verifying Algorithm: This algorithm verifies the authenticity of a signature by taking combination of message, public key and digital signature a input. ‘PSA PUBLISHERS AND DISTRIBUTORS PVT.LTD. ge: UNIT-4: Cryptography and Network Security = Gt, Une copies ot trewans a ota ot ‘The capabilites of firewalls ere as follows, 1. Firewalls capable of blocking unauthorized network users from entering into the secured network 2, Firewall filters the unsafe incoming services which attacks the authenticted uses Tt also protects the network fom various types of TP address spoofing and routing treats 5, Firevall is minimizes he burden of security management services 4 Firewall handles security related issues by staring sts and audits onthe firewall system. Fireall provides a welled platform for caring out internet fncions Uke network ess translation, network ecuity management 5, Willen brit about VPN. Answer: ‘VPN technique wd tet connestion oa rate network via pbc network. nthe wd YPN isa network thats constructed ereting conection ta eve econ By sing publi network, Her private network refers oan itera network of an organ and public network eer either IntemetoF& ‘Shared public network provided by service poids. VPN is one ofthe most commonly wed option by the mobile users to establish connection 10 their corespondingcomporate networks. It wes ny coectivity options that aeady exis in a WAN for assessing the ‘ote networks ina lexble clinble and costeflctive manner Practical, VPN enhances the services of WANS itout compromising on daa security 6, Us fve Features of PTP VPN. Answer Model ropert ab ‘Some ofthe primary featues of PPTP ae as follows, (i tesupports VPNs that make use of dsinet protocols ike LTP. (G_tewas built onthe basis of Point-to-Point Protocol (PPP) and Internet Protocol (IP) (ii) ttean work with the most popular network protocols namely, TCPAP, IPX/SPX and NETBEUI by a rathod called tunneling. ie) Itean operate at Laye? of OSI reference mode (0) Itperfomns user authentication by Microso Challenge Handshake Authentiaton Protocol (MMSCHAP) Jnbrde o grant acess network rexoures, G7. What is PGP? List its operational description. Answer: PoP ety Good Privacy (PGE) i secre mail proiool and a hybrid eryptosystem Ii msn ed in electron Dall and fl storaze applications asi provides basic confidentiality and authentication services. Operational Description of PGP “The operation of PGP comprises ove serves wih respect tomanagement of keys. They area follows, 1. Authentication 2 Confidentiality 3. Compression 4. E-mail compatibility 5. Segmentation and reassembly ‘cyber sECURTY (G8. "What isthe purpose of MIME Transfer Encoding? lst any three ransfer encodings. Answer: ‘The main purpose of transfer encodings isto convert any conten format in suchas way thai ‘Preserved and cannot be changed by any mail system, Dieent MIME transfer encodings area follows, (0. 7-bit it indcates that no encoding technique has ben applied andthe data represents sor lines of ‘ASCII characters. This form s se for SMTP tase, (Gabi einicstesthat no encoding technique hasbeen applied andthe data may represent noa-ASCIL characters (ie, ees in which high order its st) with sor ines {| 62a minors tw ding wt tbe ple De ay went nov arate andthe lines mayo esr. 9, Witle in biel about Secure Socket Layer (St), Answer: Mode epee 6 ‘Secure soket ayers a protocol developed by Netscape communication o ensure the security of ta tranamisson ovr the internet SS. as ben universally accepted ara provider of secure data communication between web browse (en!) and web server though HTT, LDAP or POPS application layers transom op ‘of TCP and IP layers to enable services forthe aplication lye. These services help higher layer protacls Fsuchas HTTP, LDAP or IMAP tus SS. functionality. The purpose of SSL. design eto use TCP as con munication lye to provide a reliable end- message t,he calculates the MAC using the Where, K = Shared secret key = Input message ‘Message Avthentication and Confidentiality ‘When enerypion is performed a message ca be. ‘of providing messae autheaticiton an confidential, 1 Performing enerypton afer the MAC algorithm, 2. Performing eneryption before the MAC algorithm, ach of the above two metho requires the use of wo keys K, and KK; isthe eee key used MaCalgothm de kes dnp sd deropsa pe Ke a between the senders the receive. “@PSIA PUBLISHERS AND DISTRIBUTORS PVT.LTD, made authentic and confidential. There are two Wa hy and Network Security performing Encryption after the MAC + (C Algorithms I this method n= tbekey K, afer coneatenating the input message with the calelated MAC value °C” wing Key K for Figure: Mossage Authentication ond Confidentiality 2, Performing Encryption before the MAC Algorithm: Here, the encryption is performed on the message using Key "A." then it is constenaed withthe calculated MAC function °C" using key "A," forthe ciphertext ofthe message, 00 (8,001 igor: Message hutheteton (Hash Function Aah function bulls «“ingerprints” of message or file or any other block of data. The following reqtements are essential to achieve message authentication using a hash funtion, 1, Variable length data locks Fixed length output ase of computation (One way property ‘Weak colision 6 alison exisnce 1. Variable Length Data Blocks: Applicaton oash function ‘4 must hae no resrition for diferent Watle Length Dota Bloc: Ay hab ton ono pve menage anton 2 FhedLengin Output Ouptofakashracton Hsu ves eng isa pcialy Fare Oates opie mex aubenicatn 4. ase of Computation: Te computation of Hs) for any give shouldbe easy in ode to make Save of Computin: Te ons me Wises praca wey fash cine ta provie mesg abet. 4. one Way Property: The computation performed on x such that Hts) Seay Freee eta Tle prope call one ay prope. Vick Coane hu conpunion pone nr evs fray ghen vite of 12 Meck ofton: Ts cmt pe impccaTaiow le prpem iri ea calles Song Coltion Rsslance: The compton prfmednake eva p(y) 2a Fare colon eacea, Theoret rteelton wea colon The oper =e Cae con ovarr on wack called bith wack or any given value of ON pw CYBER SECURMY ma Sans aa a Gael way RE poe ANNE Rag eng eens ba gts om cee ih wee por se een oy sare nltcnfancagan nese Tiss peel ie eh etn Poa MR ta ie een, tie cer ete ner teanenson obtaining the message M. Affer this, the intruder can easily Ti Aste San Puneet ate net wb tcimonrgnmi Shs OD Ark Facer ean ktiad Sc However sot sent fr in he Fove Sy Hos) sot exit ny second messgs bashing tae vet olson propery rossi tthe des nt exist ay ~ sone vale Ast enone ca serena mestage nile sng. encrypted hash oe. Figure Hah Function User From the figures, it can be inferred that the intruder dows nat have secret key, bu else can ceri ‘ad the ransmission line ands algo able to generat is hash code, But, duet the sbscace of seeet ke ‘ntrade cannot alter the message. On the other hand, ifthe property was incorrect the intruder jo would simple tats sere can easly interrupts the tansmission ine ean gan access nt only tothe neem slsotts encrypted hash code, And later shee can deeypt the hash code rom the mescape, realy 's successful in creating an altratemessnge which has same hath code Thus, to avoid epietion chimes wih same hash coe this propery salva useful 4 4217. Explain in deta about simple hash unction. Answer ‘The simple hash funtion an ther hash funtion operate under following basic principles, (Tre inpu message consntng of message eet, x considered asa sequence of bt blocks (3) Tne input in th ash-fantion i processed in an interactive manner. block by block one 8" 504810 obtain an bit hash funcn. ‘The biby-bitexclusive-OR (XOR) ie inputs XORed ity is expat oo 1,974... 87, bit ofthe ash code hat ranges from sas ‘m= Tol uber oft blocks in the ipa = it wii bck B=XOR operation, eardedas the simplest hash function. Here, every block of ‘QIB. Explain in detail the concept and advantages of digital signature In ‘computer secutly. Answer: Digital signature A digital signature is one of the methods of encryption used to provide authentication. The tain Intent ofthe digital signature isto protect the fiom modifiatons. thas gained network secu. Tn addition toa digital signature, i is a kind of asymmetric cryptography used t0 encourage the fusity properties of handwritten signatures on paper. Basically, digital signature scheme provides {vo algorithms, one algorithm i for signing which requires the wes seeet or peivate-key andthe other grim is for verifying signatures which requires the user's public-key. The reslt of the signanure proces i called the "ig signature”. Advantages (Reverses the sthentiity of signer and also the authenticity ofthe message i) Wereveals out any altraton or tempering (iF performed) on the message Gi) 1e provides a high degree of assurance and doesn't require additional resources Tor procesing QI, What are the three algorithms inctudedin dial :ignature scheme ond the methods Used for creation and verification of ‘gio signature? Explain. Answer Algorithms in Digital Signature Scheme “he slgrihnsin dg sgn hasbeen tsi io eae the autenciof nese dees tot permeation aces overs mesage, ‘These algortns re wed bythe senda and recent sosstogenctecgtal spn nthe menage tad ‘ove he ashen ofthe signaue ropes Bothsnder andreas apie pesos which wed for peroming sigur genenon suivante he aloes he lors ned wiht dil Sinaune 1. Keygmertion agri 2. Sizing lori Signature veritying agoritn CYBER SECURITY Key-generation Algorithm: Thisalgorihn js used for generating private key and jt, corresponding public key 2. Signing Algorithm: This algorithm generate, 4 digital signature as output by considering message and private key a input Signature Verifying Algorithm: This gorithm verifies the authenticity ofa signature by taking combination of message, public ey and digital signature as input ‘Methods for Creating and Veritying Digi, Signature ‘The following are the two methods that ae most commonly used for creating and verifying he digital signatre, 1. Publi and private key approach 2. Hash function approach 1. Public and Private Key Approach In this method, the signer applies the key- generation algorithm 80 as to generate public ané privatekeys.Thesignerereates a digital signature fic message that ist be tansmited using the prvae key, This signature is used by the sender 80 45 encrypt the messape. The enerypted message aloes ‘with digital signature is transmitted tothe receiver vit the network Aer receiving the message the eee verifies the authenticity ofthe signature using the Public key. Te advantage ofthis method is that a Intruder cannot forge digital signature even ifpabl= key of a signer is known. Though the intruder < eeeivey, > Compressed Ky BOD atk Dede ie Ku--B Desempesed Figure i: Showing Confidentiality Only Confidentiality and Authentication Services ‘These can be used together to send a confidential message to an authenticated person. For this the sender to sgn he meteage with its own private Key and then enerypt the message with asesion key. This Js further encrypted using receivers publi key. : e cyser SECURNY everte Hash Code Contdentialty Figure et Stowiag Authentication 3. Compression ‘Themessagesthataretransfemedo stores. local lear compressed by PGP, by deftul.Itcompreses the message ater signing but before encryption. Advantage {Less amount of storage space is needed for transmiting e-mail and for storing files. I is preferred iy compress messuges afer signing in order to make the future verification easier, 4. Email Compatibility ively compact and the plain te at message is compressed. Segmentation and Reassembly UNIT-4 Cryptography and Network Saeurity = 7 Metage Component contin the eta dt that ie ues the tine of ation, 3. Slanature Component contains he following componens, ‘Testamp: I defines the ime at which the signature was done 0 Message Digest: Iis formed by creating 160-itSHAI digest and then encrypting i with the sender's rive Sipotre Key. The digest is determined using the signature timestamp aon withthe messaze ‘Semponent’s dat portion. This tnestamp is inladd in the digests that ts saved fom aac ike “relaying. The tinestamp and ile nme portions ofthe message component are not inl inthe digest ‘ensure thatthe detached signatures are sme as that of thatched signatures prefixed to the mesage leading Two Octels of Message Digest: A recipient can deternine whsther he public key that hes wing to decry the message gst is appropriate fer authentication purposes, He can compare the fet 80 sets of he plain ext copy with the fat wo ott ofthe decrypted digs. These octets can also be used as 16-bit fame check sequence fr the memage (0) Key iD of the Senders Public Key it describes the pubic key that a recipient should we to deeryp te message digest. Ths, the privat key tat was wed bythe sender to eng the message dies i alo deserted. {© be sored or ransnited along with fle name ad ime stamp that Zip sued for compressing the message and optional signature component which were eneryped using & session key. Session Key Component contains the session key and the iene forthe recipient's public key tht was used bythe sender for seson key enerption. Generally, Radia-6t encoding wed fo encode teenie black Figure below shows the general format of PGP message = (sn ey Ente). + 219 Camper aertin) pEpznres gee PP Muesge Fm ®, ow the messoues are geneoled and rnsmited in Fey Good Pivacy (GP) pwoioca? Explain wih cle grams seer: '$? Message Transmission and Reception Th evs tht rove by FOP nary union one, competion nd emai ‘spay plays a crucial olen the transmission and ecption of PGP message, The vlatiouhip amo ‘ese evices ean be known during the PGP messaye transmission and reception, Wenng erator ono ra ERMINAL 2 Anon nd aly LADLE w ac LEGAL pCa waa CYBER SECURn, Sender A r — Goin, Na} Cone a ; S|

You might also like