Professional Documents
Culture Documents
SECURITY
IT1352 – IT 3rd yr
UNIT – I
PART – A
Peer entity authentication: Provides for the corroboration of the identify of a peer
entity in an association. It provided for use at the establishment of a connection. It
attempts to provide confidence that an entity is not attempting an unauthorized
replay of a previous connection.
2. Data authentication: Provides for the corroboration of the source of a data unit. It
does not provide protection against the duplication of data units. This type of
service supports applications like electronic mail where there are no prior
interactions between the communicating entities.
6.Define Authentication.
Authentication service in concerned with assuring that a communication is authentic.
12.Define ciphertext?
Cipher Text:
This is the scrambled message produced as output. It depends on the plain text
and the secret key. For a given message, two different keys will produce two different
ciphertexts. The ciphertext is an apparently random stream of data.
1.Ciphertext only.
2.Known plaintext.
3.Chosen ciphertext .
4.Chosen text.
1.Caesar cipher.
2.Monoalphabetic ciphers.
3.Playfair cipher.
4.Hill cipher.
5.Polyalphabetic cipher.
Stream Ciphers: It is one that encrypts a digital data stream one bit or one byte at
a time.
Block Ciphers: It is one in which a block of plaintext is treated as a whole and used
to produce a cipher text block of equal length.
19.Define Decryption.
The translation of encrypted text or data(called cipher text)into original text or data
(plain text) Decryption also called as deciphering.
20.Differential Cryptanalysis.
A technique in which chosen plaintext with particular XOR difference patterns are
encrypted. The difference patterns of the resulting cipher text provide information
That can be used to determine the encryption key.
21.Define Diffusion and Confusion
Diffusion:Cryptographic technique that seeks to obscure the statistical structure of the
plain text By spreading out the influence of each individual plain text digit over many
cipher text Digits.
Confusion: Makes the relationship between cipher key and plaintext as complex as
possible
PART-B
2.Substitution Techniques
*Caser Cipher
*Monoalphabetic Ciphers
*Playfair cipher
*Hill Cipher
*Polyalphebetic Cipher
3.Transposition Techniques
4.Rotor Machines
3.Explain Block Cipher Design Principles
1.AES Architecture
2.AES S –Boxes
3.AES Key Expansion
4.Doubles DES
5.Triple DES TWO Keys
6.Triple DES THREE Keys
It provides a radical departure from all that has gone before .Public key algorithm are
based on mathematical functions rather than on substitution and permutation. More
important, public key cryptography is asymmetric involving the use of 2 separate
keys, in contrast to symmetric encryption ,which use only one key.The use of 2 keys has
profound consequences in the areas of confidently ,key distribution and authentication.
1.Brute force:
1 .Public announcement
2 Publicly available directory
3 Public key authority
4 Public key certificates
1.Disclosure
2.Traffic analysis
3.Masquerade
4.Conten modification
5.Timing modification
6.Source repudiation
7.Destination repudiation
PART – B
*Encryption
*Decryption
*Computational Aspects
*Key Generation
1.Brute force
2.Mathematical attacks
3.Timing attacks
4.Factering problem
UNIT – III
PART-A
1.Message encryption
3.Hash function.
Or
For example, say you have a list of the MD5 hashes of all your system files. If you verify
the MD5 values of the files periodically with this list, you could see which files have
been changed or updated, by a virus, for instance. However, if a virus comes in your
system, and replaces a system file, it could also replace the MD5 value in your list with
the new one, and you wouldn't know this happened.
If you had a list of MACs, however, the virus could replace your system file, but it has no
way of replacing the hash, since it doesn't have the key to decrypt it.
PART-B
*Message encryption
*MAC (Message Authentication Code)
*Hash function
2.Briefly write about Security of Hash Functions
3.Explain HMAC.
1.Mutual Authentication
*Simple relay
*Repetition that can be logged
*Backward without modification
*Timestamps
*Challenge
2.Symmetric Encryption Approaches
UNIT-IV
PART-A
3.Benifits of IP Security.
1. IP Security in a firewall is resistant to bypass if all traffic from the outside must use IP
and the firewall is the only means of entrance from the internet into the organization.
2.IP Security can be transparent to end users. It provide security for individual users if
need
1. Architecture
2. Encapsulating Security payload.
3. Authentication header
4. Encryption algorithm
5. Key management
6. Domain of interpretation.
6.Define selectors.
Security Policy Database entry is defined by a set of IP and upper-layer protocol
Field values called selectors.
14.Define Connection.
A connection is a transport that provides a suitable type of service.
1. Confidentiality
2.Message Integrity
25.What is Kerberos?
Kerberos keeps a database of its clients and their private keys. The private key is a large
number known only to Kerberos and the client it belongs to. In the case that the client is a
user, it is an encrypted password. Network services requiring authentication register with
Kerberos, as do clients wishing to use those services. The private keys are negotiated at
registration.
This section describes the Kerberos authentication protocols. As mentioned above, the
Kerberos authentication model is based on the Needham and Schroeder key distribution
protocol. When a user requests a service, her/his identity must be established. To do this,
a ticket is presented to the server, along with proof that the ticket was originally issued to
the user, not stolen. There are three phases to authentication through Kerberos. In the first
phase, the user obtains credentials to be used to request access to other services. In the
second phase, the user requests authentication for a specific service. In the final phase,
the user presents those credentials to the end server.
29.Pretty Good Privacy.
PGP makes use of 4 types of keys: one time session symmetric keys, public keys, private
keys and pass phrase based symmetric keys
Each session key is associated with a single message and is used only for the purpose of
encrypting and decrypting that message.
It defines a frame work for the provision of the authentication services By X.509
directory to its users. The directory may serve as a repository of public key
certificates of the type. The distributed set of servers that maintains a data base of
information about users. The information includes a mapping from user name to
work address, as well as other attributes and information about the users.
One way authentication involves a single transfer of information from one user(A) to
another(B) and establishes the following.
34.Define S/MIME.
1.Enveloped Data.
2.Signed Data
4.Signed Data .
1.Text Type
2.Multipart Type
PART-B
Keys
Key Rings
*Timestamp
*Key ID
*Public Key
*Private Key
*User ID
*Key generation
*Registration
*Certificate storage and retrieval
*Very Sign certificates
*Enhanced Security Services
1.Applications of IP’S
2.Benifits of IP’S
3Routing Applications
1.IP’S Documents
*Architecture
*Encapsulating Security Payload(ESP)
*Authentication Header
*Encryption algorithm
*Authentication algorithm
*Key management
*Domain of Interpretation
2.IP’S Services
3.Security Association
4. SA Selectors
1.Connection
2.Session
*Session identifier
*Peer certificate
*Compression method
*Cipher spec
*Master secret
*Server write MAC secret
*Server and Client Write Key
1.Servicess
2.Change Cipher Spec Protocol.
3.Alert Protocol
4.Handshake Protocol
UNIT-V
SYSTEM LEVEL SECURITY
PART-A
1.Define Passwords.
Password serves to authenticate the ID of the individual logging on the system .
5.Define Zombie
It is a program that secretly takes over another internet attached computer and then uses
that computer to launch attacks that are difficult to trace to the zombie creator .Zombie is
used in denial of services attacks, typically against targeted websites
6.Difine VIRUSES.
It is a program that can infect other programs by modifying them, The modification
includes a copy of the virus program, which can then go on to infect other programs.
7.What are the phases are involved in the virus spreading process.
1.Dormant phase
2.Propacation phase
3.Triggering phase
4.Execution phase
1.Detection:Once the infection has occurred determine that it has occurred and locate the
virus.
2.Identification:Once detection has been achieved identify the specific virus that has
Infected a program.
3.Removal: Once detection has been identified remove all traces of the virus from the
infected program and restore it to its original state .Remove the virus from all infected
systems so that the disease cannot spread further.
2.Only authorized traffic as defined by local security policy will be allowed to pass.
Various types of firewalls are used ,which implement various types of security polices.
3.The firewall itself is immune to penetration .This implies that use of system with a
secure operating system.
20.List the four general techniques that firewall use to control access.
1.Service control
2.Direction control
3.User control
4.Behavior control
PART-B
Audit Records
1.Native Audit Records
2.Detection specific audit records
3.Action
4.Subject
5.Exception – Condition
6.Resource Usage
1.E-Mail Viruses
2.Macro Viruses
*Auto execute
*Auto macro
*Command macro
3. Parasitic virus
4. Memory resident virus
5. Boot sector virus
6.Stealth virus
7. Polymorphic virus
5.Explain Trojan Horse Defense method briefly
Text Book :Cryptography and Network Security
Author :William Stallings
Page No : 631
1.Generic Decryption
*CPU Emulator
*Virus signature scanner
*Emulation control module
1.Service Control
2.Direction control
3.User control
4.Behavior control
1.Packet filters
*Source IP address
*Destination IP address
*Source and Destination Transport level address
*IP protocol field
*Interface
2.Application –level gateways
3.Circuit Level Gateway