(2½ hours) Total Marks: 75
|
|
- Denis Hamilton
- 6 years ago
- Views:
Transcription
1 (2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together. (4) Numbers to the right indicate marks. (5) Draw neat labeled diagrams wherever necessary. (6) Use of Non-programmable calculators is allowed. 1. Attempt any two of the following: 10 a. Describe the various security services. b. What are poly-alphabetic ciphers? Explaining one technique with suitable example c. What is cryptanalysis? Explain different cryptanalysis attacks d. What is DDOS attack? What are the ways in which DDOS attack can be classified? 2. Attempt any two of the following: 10 a. Explain the working of AES round in detail. b. Explain the encryption operation used inrc5 algorithm c. Explain the working of IDEA algorithm d. Write a note on Blowfish. 3. Attempt any two of the following: 10 a. What is message digest? Explain. b. Explain the working of the SHA algorithm c. What is digital signature? Explain the different categories of verification. d. Explain the Elgamal cryptosystems. 4. Attempt any two of the following: 10 a. Explain the Diffie Hellman s Key agreement algorithm and its vulnerability b. What is Key pre-distribution? Explain c. Write a note on station-to-station protocol. d. What is KDC? Explain its different implementations and significance. 5. Attempt any two of the following: 10 a. What are firewalls? What are its characteristics and limitations b. Write a note on IPSec Architecture c. What is SSL Record protocol? Explain its operations d. Explain the Handshake protocol action 6. Attempt any two of the following: 10 a. Explain the password based authentication system. What are the problems associated with passwords? b. Write a note on Kerberos c. Explain Biometric authentication technique. d. What is certificate based authentication and explain its working. 7. Attempt any three of the following: 15 a. What are the different goals of security? Explain the different attacks these security goals are vulnerable to b. Explain the working of DES function in details c. What is Asymmetric encryption? Explain the RSA algorithm used for asymmetric encryption d. Explain the concept of Digital Certificate and how it is created? e. What are the approaches used to detect intrusion? Give a brief description of each f. Write a note on Authentication token.
2 Solution Set 1 Attempt any two of the following: 10 a. Describe the various security services. Authentication - assurance that communicating entity is the one claimed have both peer-entity & data origin authentication Access Control - prevention of the unauthorized use of a resource Data Confidentiality - protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication Availability - resource accessible/usable 1 marks for any five services explanation b What are poly-alphabetic ciphers? Explaining one technique with suitable example A polyalphabetic cipher is any cipher based on substitution, using multiple substitution alphabets. (1marks) The Vigenère cipher is probably the best-known example of apolyalphabetic cipher, though it is a simplified special case. (2 marks) One example for the same (2 marks) c. What is cryptanalysis? Explain different cryptanalysis attacks Cryptanalysi is the art or process of deciphering coded messages without being told the key. It is the technique of decoding message from a non-readable format back to a readable format without knowing how they were initially converted from readable format to a non-readable format. (2 marks) Ciphertext only, known plaintext, chosen plaintext and chosen ciphertext attack explanation along with diagrams (3marks) d What is DDOS attack? What are the ways in which DDOS attack can be classified? DDoS stands for Distributed Denial of Service. A DDoS attack is a malicious attempt to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server. (2 marks) Diagram (1marks) Classification: SYN flood, DCN flood, UDP Flood etc (any one) (2marks) 2 Attempt any two of the following: 10 a. Explain the working of AES round in detail. Advance Encryption Standard has key size and the plain text block size decide how many rounds need to be excecuted. Min of rounds is 10 when key size is 128 bits and Max of rounds is 14 when the key size is 256 bits (1 marks) For each round the following is done (2 marks) i. Apply s box to each plain text bytes ii. Rotate row k of the plain text block (state) by k bytes iii. Perform a mix column operations iv. XOR the state with the key block Neat diagram expected for the above explanation of each step b Explain the encryption operation used inrc5 algorithm Explanation of the following diagram (4 marks) Diagram (1 marks)
3 c. Explain the working of IDEA algorithm The block cipher IDEA operates with 64-bit plaintext and cipher text blocks and is controlled by a 128-bit key. Rounds of IDEA (2 marks) Subkey generation of IDEA (2 marks) Output transformation (1 marks) d Write a note on Blowfish. Objectives of blowfish: fast, compact, simple and secure (1 marks) Operation: subkey generation and data encryption (2 marks) Diagrams : (2 marks)
4 3 Attempt any two of the following: 10 a. What is message digest? Explain. A message digest is a finger print or the summary of a message. A message digest is a cryptographic hash function containing a string of digits created by a one-way hashing formula. Message digests are designed to protect the integrity of a piece of data or media to detect changes and alterations to any part of a message. (1 marks) Idea of message digest (1 marks) Requirements of a message digest (2 marks) i. Given a message, it should be very easy to find its corresponding message digest ii. Given a message digest, it should be very difficult to find the original message for which the digest was created iii. Given any two messages, if we calculate their message digests, the two message digests must be different b Explain the working of the SHA algorithm Secure has algorithm works with any input message that is less than 2 64 bits in length. The output of SHA is a message digest which is 160 bits in length. (1 marks) Working:. (2 marks) Padding Append Length Divide the input into 512-bit block Initialize chaining variables Process block: Page 178 c. What is digital signature? Explain the different categories of verification It is a digital code (generated and authenticated by public key encryption) which is attached to an
5 electronically transmitted document to verify its contents and the sender's identity. (1 marks) Diagrams and explanation (4 marks) d Explain the Elgamal cryptosystems. ElGamal Key generation (2 marks) ElGamal Key encryption (1½ marks) ElGamal Key decryption (1½ marks) 4 Attempt any two of the following: 10 a. Explain the Diffie Hellman s Key agreement algorithm and its vulnerability Introduction and description of the algorithm (2 marks)
6 Explanation of man-in-middle attack(2 marks) b What is Key pre-distribution? Explain Key pre-distribution is the method of distribution of keys onto nodes before deployment (1 mark) Distribution can be done using KDC, Kerberos etc overall idea of the sheme (4 marks) c. Write a note on station-to-station protocol. The Station-to-Station (STS) protocol is a three-pass variation of the basic Diffie-Hellman protocol. It enables you to establish a shared secret key between two nodes with mutual entity authentication. Nodes are authenticated using digital signatures that sign and verify messages. When you use the STS protocol, you are responsible for generating and managing authentication and signature public keys and exchanging these keys with your trading partners. (1 marks) Explanation with diagram (4 marks)
7 d What is KDC? Explain its different implementations and significance. Key Distribution Center is the central authority dealing with keys for individual computers in a network. It is similar to authentication servers and Ticket Granting server in Kerberos. A typical operation with a KDC involves a request from a user to use some service. The KDC will use cryptographic techniques to authenticate requesting users as themselves. It will also check whether an individual user has the right to access the service requested. If the authenticated user meets all prescribed conditions, the KDC can issue a ticket permitting access. (3 marks) Implementation : Flat and Hierarchal (2 marks) 5 Attempt any two of the following: 10 a. What are firewalls? What are its characteristics and limitations A firewall acts like a guard, which can guard a corporate network by standing between the network and the outside world. A firewall is a network security system designed to prevent unauthorized access to a private network from any other network. It works closely with a router program to determine if a packet should be forwarded to its destination. It also provides a proxy service that makes network requests on behalf of the users on a network.
8 The characteristics of a good firewall can be described as follows: (1) All traffic from inside to outside, and vice versa must pass through the firewall. To achieve this, all the access to the local network must first be physically blocked, and access only via the firewall should be permitted. (2) Only the traffic authorized as per the local security policy should be allowed to pass through. (3) The firewall itself must be strong enough, so as to render attacks on it useless. The main limitations of a firewall can be listed as follows: (1) Insider s intrusion (2) Direct Internet traffic (3) Virus attacks (4) It needs specialized skills to configure, and many attacks occur because of badly configured policies on a firewall. b Write a note on IPSec Architecture Explanation on each above stated protocol (2½ marks) c. What is SSL Record protocol? Explain its operations The SSL Record Protocol provides two services for SSL connections: Confidentiality: The Handshake Protocol defines a shared secret key that is used for conventional encryption of SSL payloads. Message Integrity: The Handshake Protocol also defines a shared secret key that is used to form a message authentication code (MAC). Figure indicates the overall operation of the SSL Record Protocol. The Record Protocol takes an application message to be transmitted, fragments the data into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit in a TCP segment. Received data are decrypted, verified, decompressed, and reassembled and then delivered to higher-level users.
9 d Explain the Handshake protocol action SSL Handshake protocol allows following between client and Server. The handshake is done before any data is transmitted (1 marks) 1. to authenticate each other 2. to negotiate encryption and MAC algorithms 3. to create cryptographic keys to be used 4. to establish a session and then a connection There are four phases in SSL handshake protocol. Following series of messages are used in these 4 phases. Phase-1: Establish Security Capabilities Phase-2: Server Authentication and Key Exchange Phase-3: Client Authentication and Key Exchange Phase-4: Finish Each phase explanation (1 marks) 6 Attempt any two of the following: 10 a. Explain the password based authentication system. What are the problems associated with passwords? Any two explained in detail (4 marks) i. Clear text password ii. Something derived from password iii. Adding randomness in password iv. Password encryption Problems: maintenance, password policies etc (1 marks) b Write a note on Kerberos Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. (1 marks) Kerberos acts as a third party authenticator (1 marks) - Helps the user to prove its identity to the various services and vice versa -Uses symmetrical cryptographic algorithms (private key cryptosystems) Same key is used for encryption as well as decryption Uses DES (Data Encryption Standard) Explanation of working (AS and TGS)along with diagram (3 marks)
10 c. Explain Biometric authentication technique. Introduction (1 marks) Working (1 marks) Techniques (3 marks) Physiological (face, voice fingerprint) Behavioral (keystroke, signature) d What is certificate based authentication and explain its working Introduction (1 marks) Working (4 marks) i. Creation, storage and distribution of digital certificates ii. Login request iii. Server creates a random challenge iv. User signs using random challenge v. Server returns an appropriate message back to the user 7 Attempt any three of the following: 15 a. What are the different goals of security? Explain the different attacks these security goals are vulnerable to. Security Goals: Confidentiality, integrity and availability (2 marks) Attacks on Confidentiality: interception, modification etc Integrity: Masquerade, alterations and replay Availability: DOS and DDOS (3 marks) b Explain the working of DES function in details Diagram (1 mark) Expansion permutation, XOR with key, S-box substitution and P-box permutation (4 marks)
11 c. What is Asymmetric encryption? Explain the RSA algorithm used for asymmetric encryption Public key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. (1 mark) RSA is an algorithm used by modern computers to encrypt and decrypt messages. It is an asymmetric cryptographic algorithm. Asymmetric means that there are two different keys. d Explain the concept of Digital Certificate and how it is created? Digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. An individual wishing to send an encrypted message applies for adigital certificate from a Certificate Authority (CA). (1 mark) Digital Certificate contents (2 marks) Certificate creation steps (2 marks) Key generation Registration verification Certificate creation e. What are the approaches used to detect intrusion? Give a brief description of each The following approaches to intrusion detection: 1. Statistical anomaly detection: Involves the collection of data relating to the behavior of legitimate users
12 over a period of time. Then statistical tests are applied to observed behavior to determine with a high level of confidence whether that behavior is not legitimate user behavior. Threshold detection: This approach involves defining thresholds, independent of user, for the frequency of occurrence of various events. Profile based: A profile of the activity of each user is developed and used to detect changes in the behavior of individual accounts. 2. Rule-based detection: Involves an attempt to define a set of rules that can be used to decide that a given behavior is that of an intruder. Anomaly detection: Rules are developed to detect deviation from previous usage patterns. Penetration identification: An expert system approach that searches for suspicious behavior. f. Write a note on Authentication token. Authentication token is an extremely useful alternative to password. Authentication token is a small device that generates a new random value every time it is used. This random value becomes the basis for authentication. (1 mark) Creation of token, Use of token, Token types (4 marks)
Cryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on
More informationCRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK
CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK UNIT-1 1. Answer the following: a. What is Non-repudiation b. Distinguish between stream and block ciphers c. List out the problems of one time pad d. Define
More information06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security
1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More informationSankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank
Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology Question Bank Subject: Information Security (160702) Class: BE Sem. VI (CE/IT) Unit-1: Conventional
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationPrinciples of Information Security, Fourth Edition. Chapter 8 Cryptography
Principles of Information Security, Fourth Edition Chapter 8 Cryptography Learning Objectives Upon completion of this material, you should be able to: Chronicle the most significant events and discoveries
More informationCSC 774 Network Security
CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationKALASALINGAM UNIVERSITY
KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationAuthentication. Chapter 2
Authentication Chapter 2 Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand how CHAP works Understand what mutual authentication
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationEncryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationProtecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures MIS5206 Week 11 Identity and Access Control Week 10 continued Cryptography, Public Key Encryption and
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationGlenda Whitbeck Global Computing Security Architect Spirit AeroSystems
Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems History 2000 B.C. Egyptian Hieroglyphics Atbash - Hebrew Original alphabet mapped to different letter Type of Substitution Cipher
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More information10EC832: NETWORK SECURITY
10EC832: NETWORK SECURITY Objective: In this electronic age, security and privacy are two of the issues whose importance cannot be stressed enough. How do we ensure the systems we use are resistant to
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationVerteilte Systeme (Distributed Systems)
Verteilte Systeme (Distributed Systems) Lorenz Froihofer l.froihofer@infosys.tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Security Threats, mechanisms, design issues
More informationFrom Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005
Chapter 7: Security From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edition 4 Introduction Security policies Provide for the sharing of resources within specified limits
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 9 Encryption and Firewalls By Whitman, Mattord & Austin 2008 Course Technology Learning Objectives Describe the role encryption
More informationChapter 19 Security. Chapter 19 Security
Chapter 19 Security Outline 19.1 Introduction 19.2 Cryptography 19.2.1 Secret-Key Cryptography 19.2.2 Public-Key Cryptography 19.3 Authentication 19.3.1 Basic Authentication 19.3.2 Biometrics and Smart
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 7. Network Security Network Attacks Cryptographic Technologies Message Integrity and Authentication Key Distribution Firewalls Transport Layer
More informationA New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4
IJSRD - International Journal for Scientific Research & Development Vol. 2, Issue 08, 2014 ISSN (online): 2321-0613 A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationCS6701 CRYPTOGRAPHY AND NETWORK SECURITY 2 Mark Questions & Answers
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY 2 Mark Questions & Answers UNIT-I INTRODUCTION & NUMBER THEORY 1. What is meant by cryptography and cryptanalysis? (N/D-09) Cryptography is an art of writing hidden
More informationSample excerpt. Virtual Private Networks. Contents
Contents Overview...................................................... 7-3.................................................... 7-5 Overview of...................................... 7-5 IPsec Headers...........................................
More informationCryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption
and secure channel May 17, 2018 1 / 45 1 2 3 4 5 2 / 45 Introduction Simplified model for and decryption key decryption key plain text X KE algorithm KD Y = E(KE, X ) decryption ciphertext algorithm X
More information2.1 Basic Cryptography Concepts
ENEE739B Fall 2005 Part 2 Secure Media Communications 2.1 Basic Cryptography Concepts Min Wu Electrical and Computer Engineering University of Maryland, College Park Outline: Basic Security/Crypto Concepts
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationAuthentication CHAPTER 17
Authentication CHAPTER 17 Authentication Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources. getting entrance
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2017 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationComputers and Security
The contents of this Supporting Material document have been prepared from the Eight units of study texts for the course M150: Date, Computing and Information, produced by The Open University, UK. Copyright
More informationChapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010
Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationCS 356 Internet Security Protocols. Fall 2013
CS 356 Internet Security Protocols Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationChapter 15: Security. Operating System Concepts 8 th Edition,
Chapter 15: Security, Silberschatz, Galvin and Gagne 2009 Chapter 15: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing
More informationDistributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationInformation Security: Principles and Practice Second Edition. Mark Stamp
Information Security: Principles and Practice Second Edition Mark Stamp August 10, 2009 Contents Preface Second Edition Preface About The Author Acknowledgments xvii xix xxiii xxv 1 Introduction 1 1.1
More informationCryptography Introduction
Cryptography Introduction Last Updated: Aug 20, 2013 Terminology Access Control o Authentication Assurance that entities are who they claim to be o Authorization Assurance that entities have permission
More informationSecurity issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.
Security issues: Threats Methods of attack Encryption algorithms Secret-key Public-key Hybrid protocols Lecture 15 Page 2 1965-75 1975-89 1990-99 Current Platforms Multi-user timesharing computers Distributed
More informationNetwork Security and Cryptography. December Sample Exam Marking Scheme
Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2018 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationInternet and Intranet Protocols and Applications
Internet and Intranet Protocols and Applications Lecture 10: Internet and Network Security April 9, 2003 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu What is network
More informationCompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals
CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals This course contains copyrighted material used by permission of Logical Operations, Inc. Slide 1 Course 01: Security Fundamentals The Information
More informationCryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain
Cryptography Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar Submitted by:- Hardeep Gaurav Jain Cryptography Cryptography, a word with Greek origins, means "secret writing." However, we use the term
More informationClassical Cryptography. Thierry Sans
Classical Cryptography Thierry Sans Example and definitions of a cryptosystem Caesar Cipher - the oldest cryptosystem A shift cipher attributed to Julius Caesar (100-44 BC) MEET ME AFTER THE TOGA PARTY
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms
Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationChapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads
Cryptography p y Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationIssues. Separation of. Distributed system security. Security services. Security policies. Security mechanism
Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationCSC 8560 Computer Networks: Network Security
CSC 8560 Computer Networks: Network Security Professor Henry Carter Fall 2017 Last Time We talked about mobility as a matter of context: How is mobility handled as you move around a room? Between rooms
More informationData Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II
Data Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II Hello and welcome to today's lecture on secured communication.
More informationCRYPTOGRAPHY & DIGITAL SIGNATURE
UNIT V CRYPTOGRAPHY & DIGITAL SIGNATURE What happens in real life? We have universal electronic connectivity via networks of our computers so allowing viruses and hackers to do eavesdropping. So both the
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL
CS 393 Network Security Nasir Memon Polytechnic University Module 12 SSL Course Logistics HW 4 due today. HW 5 will be posted later today. Due in a week. Group homework. DoD Scholarships? NSF Scholarships?
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationNetwork Security and Cryptography. 2 September Marking Scheme
Network Security and Cryptography 2 September 2015 Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers to the questions,
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationDavid Wetherall, with some slides from Radia Perlman s security lectures.
David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive
More informationSyllabus: The syllabus is broadly structured as follows:
Syllabus: The syllabus is broadly structured as follows: SR. NO. TOPICS SUBTOPICS 1 Foundations of Network Security Principles of Network Security Network Security Terminologies Network Security and Data
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationNetwork Security Issues and Cryptography
Network Security Issues and Cryptography PriyaTrivedi 1, Sanya Harneja 2 1 Information Technology, Maharishi Dayanand University Farrukhnagar, Gurgaon, Haryana, India 2 Information Technology, Maharishi
More informationTechnological foundation
Technological foundation Carte à puce et Java Card 2010-2011 Jean-Louis Lanet Jean-louis.lanet@unilim.fr Cryptology Authentication Secure upload Agenda Cryptology Cryptography / Cryptanalysis, Smart Cards
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 20 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationRadius, LDAP, Radius, Kerberos used in Authenticating Users
CSCD 303 Lecture 5 Fall 2018 Radius, LDAP, Radius, Kerberos used in Authenticating Users Kerberos Authentication and Authorization Previously Said that identification, authentication and authorization
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationComputer Communication Networks Network Security
Computer Communication Networks Network Security ICEN/ICSI 416 Fall 2016 Prof. Dola Saha 1 Network Security Goals: understand principles of network security: cryptography and its many uses beyond confidentiality
More information