PESIT SOUTH CAMPUS 10IS835: INFORMATION AND NETWORK SECURITY. Faculty Name: Aisha Begam No. of Hours: 52

Transcription

1 10IS835: INFORMATION AND NETWORK SECURITY Faculty Name: Aisha Begam No. of Hours: 52 Objectives In this electronic age, security and privacy are two of the issues whose importance cannot be stressed enough. How do we ensure the systems we use are resistant to electronic fraud? What are some of the safe computing/internet practices that we can follow to avoid attacks by hackers? How do we share private data over a public channel and be immune to eavesdropping or interceptions? How do we ensure information is sent to an authentic source and guard against repudiation? These are some of the many questions that a computer or information scientist and engineer ought to be aware of. From times immemorial, cryptography has captured the imagination of people. Though the discussions are largely qualitative and not mathematically involved, the course provides a broad overview of the challenges that face electronic storage and communication. Recognizing that it is as important in knowing what has been done to fortify against possible attacks over time, in the words of Dr. Bill Stallings (the author of one of the prescribed texts for this course), the course provides a survey of both the principles and practices of information and network security. B.E 8 th Sem Information Science & Engineering 1

2 INFORMATION NETWORK SECURITY LESSON PLAN SUBJECT CODE: 10IS835 % of portions to Chapter Title Class be covered /Reference No. Ref. Cumul- Literature Topics to be covered Chap. Ative 1. UNIT IV Introduction Cryptography Foundations of cryptology, cipher Methods 3. Cipher methods (continued) 4. Cryptographic algorithms 5. Cryptographic algorithms (contd.) 6. Cryptographic tools 7. Attacks on Cryptosystems 8. Review 9. UNIT II Introduction Physical Design 11. Security Firewalls, 12. Technology I Firewalls(contd..) 13. protecting remote connections 14. UNIT V Attacks, services and mechanisms Security attacks 16. Introduction to Security Services 17. Network A model for internetwork security, 18. Security, Internet standards and RFC s 19. Authentication Kerberos 20. Application X.509 Directory Authentication Services 21. UNIT VI Pretty good privacy (PGP) 22. Pretty good privacy (PGP) (Contd..) 23. Security S/ MIME 24. S/ MIME (Contd..) 25. S/ MIME (Contd..) 11.53% 53.82% 26. UNIT III Introduction 27. Security Intrusion detection system IDS 28. Technology II Honey pots, 29. Honey net 11.53% 65.35%

3 Chapter Title Class /Reference No. Literature Topics to be covered 30. Padded Cell Systems 31. Scanning and Analysis tools 32. Scanning and Analysis tools (Contd..) 33. UNIT VII IP Security overview 34. IP Security IP Security Architecture 35. Authentication header 36. Encapsulating security payload 37. Combining security associations 38. Combining security associations (Contd..) 39. Key Management 40. UNIT VIII Web security Considerations 41. Web Security Web security Considerations (Contd..) 42. Secure socket layer 43. Secure Transport layer 44. Secure electronic transactions 45. Secure electronic transactions (Contd..) 46. UNIT I Introduction 47. Information Security Policy 48. Planning and Standards and Practices 49. Security Information Security Blueprint 50. Contingency Plan 51. Model for Contingency Plan 52. Model for Contingency Plan (Contd..) % of portions to be covered Ref. Cumul- Chap. Ative 11.53% 76.88% 11.53% 88.41% 11.53% 100% B.E 8 th Sem Information Science & Engineering 2

4 Literature: Book Type Code Title & Author Publication Info Edition Publisher Year Text Book T1 Principles of Information Security Second Thomson 2005 by Michael E Whitman and Herbert Edition Mattord Text Book T2 Network Security Essentials - Third Edition Pearson 2000 Applications and Standards by Education William Stallings Reference R1 Cryptography and Network Tata McGraw 2007 Book Security Hill Study aids 1. Slides and other useful materials are available on the webpage of the author of the second textbook. The URL is: Recommended Readings 1. Simon Singh, The Code Book, Anchor Relevant articles/links will be posted on the course web page/ mentioned in class. B.E 8 th Sem Information Science & Engineering 4

5 QUESTION BANK Acknowledgement: This set of questions is based largely on the material available on the PESIT website for Cryptography and Network Security. A large number of questions have been extracted from previous years VTU papers. These are based on the old syllabus. Any updates would be intimated in class and posted on the class blog for this course. Sl No Questions Marks 1. Explain the classification of Security Services Define the term information security. With examples discuss about 10* various security violations during transmission of information 3. Describe the different Security attacks with figure 6 4. Explain briefly the four types of security attacks that are normally 10* encountered. Also distinguish between active and passive attacks 5. Explain the model for network Security 6 6. With a neat diagram explain each component of Model of 6 Conventional Crypto System. 7. Explain briefly the four types of security attacks that are normally 10 encountered. Also distinguish between active and passive attacks 8. Discuss Briefly about cryptanalysis 5 9. Explain Caesar cipher & mono alphabetic ciphers method of 10 encryption 10. Explain simplified DES method of encryption 10* 11. Explain what is meant by diffusion & confusion Explain the classical Feistel cipher structure Explain the differential Cryptanalysis mechanism 6* 14. Bring out the difference between the following pairs of terms: 10* i) Diffusion and confusion ii) Steganography and Cryptography iii) Known and chosen plaintext Cryptanalysis 15. Write a brief note on Steganography What is the need for public key cryptography? Explain its principle 10* and how it can be adopted for 1) encryption and 2) authentication 17. Explain in brief the schemes public key authority and public key 10* certificates proposed for the distribution of public keys 18. With suitable diagrams show how public key encryption can be used 10* in confidentiality, authentication and both 19. With schematic diagrams explain the single round of DES 10* encryption algorithm 20. Explain the principle of Diffie- Hellman key exchange with a 10* suitable example 21. Briefly explain the classical encryption techniques Briefly describe the two basic building blocks of all encryption 10 techniques 23. Briefly explain the Simplified DES scheme Describe stream ciphers and block ciphers 6 B.E 8 th Sem Information Science & Engineering 5

6 25. Explain the motivation for Feistel cipher structure Explain Feistel Decryption algorithm Describe briefly the DES encryption Describe briefly the DES decryption Explain Single Round DES algorithm Write a short note on Strength of DES Write a short note on Differential and linear cryptanalysis What is meant by triple DES How does it over come the problem 10* encountered in Double DES 33. How does triple DES differ from double DES? Discuss about the 10* known plain text attack on triple DES 34. Explain the design principles of IDEA. 10* 35. With the structure of IDEA explain the algorithm of IDEA 6* 36. With a detailed diagram explain the method of encryption and 10 decryption using Blowfish Algorithm 37. Define what is link and End-to-End encryption with advantages and 6* disadvantages of each. 38. State the steps followed in Key Distribution Scenario. With Diagram 6* 39. Explain Blum Blum Shub generator Explain a typical key distribution scenario. What are the tradeoffs 14* involved in determining the life of a particular session key. 41. Write a short note on Potential Locations for confidentiality Attacks Briefly explain Traffic Confidentiality Describe the different sources of Random numbers 15 B.E 8 th Sem Information Science & Engineering 6

7 Cryptography Algorithms (contd) PESIT SOUTH CAMPUS SlNo. Questions Marks 1. What are the important characteristics of that public key 10 Cryptosystems follow. Explain the public key encryption process 2. Differentiate between public key and conventional encryption 6* Techniques. 3. State the requirements of public key cryptography Describe the different applications for Public-Key Cryptosystems Write a short note on Public-Key Cryptanalysis Describe RSA algorithm. 10* 7. Explain the Security of RSA Explain the different methods of Distribution of Public Keys. 10* 9. Briefly explain the Public-Key Distribution of Secret Keys Explain DIFFIE-HELLMAN key exchange method. 10* 11. Why is gcd(n,n+1)=1 for two consecutive integers n and n+1? Using Ferments theorem find mod X=2(mod3); x=3(mod5); x=2(mod7); solve for x Explain the two theorems that play important roles in public-key 10 cryptography. 15. Explain Euclid s Algorithm Explain Chinese remainder theorem and Discrete Logarithms State and explain the requirements of message Authentication Explain the Authentication Functions Explain the message authentication codes Explain MD5 message digest Algorithm. 10* 21. What are the differences between MD5 and MD4 5* 22. Explain Digital Signature Algorithm. 5* 23. Explain the different requirements of digital signature Briefly describe the two approaches for the digital signature 10 function 25. Explain in detail the Mutual Authentication and One-Way 14 authentication 26. Explain the basic uses of Message Encryption With Example State the requirements of Hash Functions What is the need for public key cryptography? Explain it s principle 10* and how it can be adopted for i) Encryption and ii) Authentication. 29. Enunciate and explain the digital signature algorithm 10* B.E 8 th Sem Information Science & Engineering 7

8 Network Security Content: Network Security Practice: Covers important network security tools and applications including Kerberos, X.509v3 certificates, PGP, S/MIME, IP Security, SSL/TLS and SET. Sl No Questions Marks 1. Explain Kerberos 4? 8* 2. Explain kerberos 5? 8* 3. State and explain the differences between Keberos 4 and Keberos Explain at least 7 elements of X.509 public key certificate. 10* 5. Explain the different methods of X.509 strong Authentication 10 Procedures. 6. What does the key and policy information(of X.509 version 3) area 10 include 8 7. State the different features of PGP which has made it very popular. 8* 8. Explain the four types of keys which the PGP makes use of What is meant by PGP? why ois it widely used? Expalin the 10* general format of PGP message. 10. Explain the method revoking public keys in PGP List out the limitations of SMTP/ What is the importance of IP security? Discuss about the 10* applications and the benefits of IP security. 13. What is a security association? With neat diagrams discuss about 10* basic combinations of security associations 14. Explain the different MIME content Types. 10* 15. State and describe the functions of S/MIME Give the summary of web security threats, consequences and 10* counter measures 17. What is meant by a fire wall? Discuss about various types of fire 10* wall configuration 18. Explain the role of User Agent in S/MIME Certificate processing Briefly explain the arbitrated digital signature schemes using 10* conventional and public key encryptions 20. Describe the IP security Architecture What are the different applications of IPSec? 5* 22. Explain Transport and Tunnel modes of AH and ESP Show the format of IPSec Authentication Header What are the needs of padding field in a ESP packet Describe the IPSec ESP format with help of a neat diagram Explain Oakley key determination protocol and state its features. 10* 27. What is Kerboras? Discuss the motivation and requirements of 10* Kerberos approach. 28. What are the key features of a X.509 certificate? How are they 10* issued and revoked by the certificate authority? 29. What are the five basic services available for the users of Pretty 20* B.E 8 th Sem Information Science & Engineering 8

9 Good Privacy (PGP)? How are they provided? 30. What is ISAKMP? Briefly explain the ISAKMP header format Write short note on Ipv4 and Ipv State some of the web security considerations With a neat diagram explain SSL Protocol Stack Explain SSL Handshake Protocol and SSL record protocol. 10* 35. State the requirements of SET With the help of an example explain the steps in a Transaction using 10* SET. 37. Explain the key features of SET Explain the steps in Payment Processing using SET What is the need for dual signatures in SET? How are they 10* constructed? 40. Explain the secure socket layer (SSL-V3) architecture, indicating 10* how the session state and connection state are defined Information Security 1. What are the different classes of Intruders? Explain each of them State the different methods of learning passwords Explain the different Password selection strategies Explain the Vulnerability of password system used in Unix 6* 5. Explain the techniques that can be used to eliminate guessable 10* passwords. 6. Explain the different methods of Intrusion Detection State and explain the different methods of checking activities are 5 genuine or not. 8. Explain with suitable example, how to overload extraction and 5 insertion operator 9. Explain Distributed Intrusion detection. 10* 10. Explain trap Doors and Trojan Horses Explain the Nature Of Viruses How does a virus work and propagate 6* 13. Explain the different types of Viruses What is Macro viruses and why are they Threatening? 6* 15. Explain the Digital Immune System. 10* 16. Explain the Antivirus Approaches Write a short note on Macro viruses What are the four basic techniques of choosing passwords? 10* Compare their relative merits. 19. What is a Virus? What are the typical stages it passes through in 10* its lifetime? Suggest a suitable virus structure. 20. Explain the design principles of Firewall Describe the firewall characteristics Explain the different types of firewalls Explain the different Firewall configurations Explain the concept of Trusted systems Write a short note on trusted systems 8 B.E 8 th Sem Information Science & Engineering 9

10 Chapter-wise Questions from Previous year papers of Information & network security CHAPTER 1: Planning for security 1. Define Policy and explain issue specific security policy Explain the importance of incident response planning strategy Explain the Pipkin s three categories of incident indicators Explain the ISO/IEC 27001:2005 plan-do-check-act-cycle Discuss the system specific policy. How managerial guidance and 10 technical specifications can be used in SYSSP? 6. Who is responsible for a policy management? How a policy is 10 managed? Explain. 7. Define the terms : Policy,standards and practices in the context of 06 information security. Draw a schematic diagram depicting the interrelationship between the above. 8. What are the policies that must be defined by the managements (of 07 organizations) as per NIST SP ? Describe briefly the specific areas covered by any of these policies. 9. What are the components of contingency planning? Describe briefly 07 the important steps involved in the recovery process after the extent of damage causes by an incident has been assessed? 10. Explain the major steps specified in BS7799:2 documents. How 10 these steps help in security planning? CHAPTER 2: SECURITY TECHNOLOGY-1 1. Explain the firewall rules Explain the screened subnet firewall What is a firewall? Show the working of a screened host and dual 10 homed firewalls. 4. How a firewall can be configured and managed? Give examples What is firewall? Explain categories of firewalls based on 10 processing mode. 6. What is VPN? Explain two modes of a VPN What are VPN? Explain different techniques to implement a VPN? What is a firewall? List the type of firewalls categorized by 10 processing mode. Draw a schematic diagram of a packet filtering router used as a firewall and explain its function using a sample firewall rule. CHAPTER 3: SECURITY TECHNOLOGY-2 1. How a signature based IDPS differ from a behavior based IDPs? Explain the venerability scanners What is an intrusion? Briefly write about any eight IDPS 10 terminologies. 4. Explain network based intrusion detection and prevention systems. 10 B.E 8 th Sem Information Science & Engineering 10

11 5. Describe the need of operating system detecting tools Define the following terms related to IDS: 05 i) Alert ii) False attack stimulus iii) False negative iv) False positive v) True attack stimulus. 7. Discuss the reasons for acquisition and use of IDSs by organization Discuss the differences between host IDS and network IDS, with the 06 help of a schematic diagram. 9. Define the terms : honey pots,honey net and padded cells. 03 CHAPTER 4: CRYPTOGRAPHY 1. What are the differences between digital signature and digital 10 certificate? 2. Explain the two methods of encrypting plain text? What is an encryption? Discuss the symmetric and asymmetric 10 encryption methods? 4. List out the elements of cryptosystems and explain transposition 10 cipher technique. 5. Who can attack cryptosystems? Discuss different categories of 10 attacks on cryptosystems. 6. Define the following terms related to cryptography: 05 1) Algorithm 2) Cipher 3)Key 4) Link encryption 5) Work factor 7. Distinguish between symmetric encryption and asymmetric 06 encryption with suitable examples. CHAPTER 5: INTRODUCTION TO NETWORK SECURITY, AUTHENTICATION APPLICATIONS 1. Describe the terms: authentication, integrity, privacy, authorization 05 and non repudiation. 2. Discuss the man-in-the-middle attack What are the differences between active and passive security 05 attacks? 4. Explain the different authentication procedures in X.509 certificate Write the summary of Kerberos version five message exchange What is meant by information security? Discuss the three aspects of 10 information security. 7. Briefly explain the four types of security attacks that are normally 10 encountered.also distinguish between active and passive attacks. 8. With a schematic figure, explain Kerberos Ver-4 Authentication 10* dialogue. Clearly mention various steps. 9. Compare active and passive attacks With a neat diagram, explain network security model List out the differences between Kerberos version 4 and version Describe briefly the various security attacks and specific security 14 mechanisms covered by X Describe briefly the authentication procedures covered by X Describe the steps involved in Kerberos Login and Kerberos 10 Request for services, with suitable illustrations. CHAPTER 6: ELECTRONIC MAIL SECURITY B.E 8 th Sem Information Science & Engineering 11

12 1. With a neat diagram, explain the digital signature service provided 10 by PGP. 2. Explain the different MIME content types With flow charts, explain the process of transmission and reception 10 of PGP messages. 4. Explain PGP Message generation and PGP message reception 10 techniques. 5. Describe S/MIME functionality Explain S/MIME certificate processing method Describe the steps involved in providing authentication and 10 confidentiality by PGP, with suitable illustrations. 8. Discuss the limitations of SMTP/RFC 822 and how MIME 10 overcomes these limitations. CHAPTER 7: IP SECURITY 1. Explain the format of an ESP packet in IP Security Why does ESP include a padding field? Give an example of an aggressive 0akley key Give the general structure of IPSEC authentication header. Describe 10 how anti reply service is supported. 5. With neat diagrams, discuss the basic combinations of security 10 associations. 6. Describe SA parameters and SA selectors in detail Describe Oakley key determination protocol Describe the benefits of IPSec What is security association? Discuss briefly the parameters that are 05 used to define a security association. 10. Describe the transport and tunnel modes used for IPSec AH 10 authentication bringing out their scope relevant to IPV4. CHAPTER 8: WEB SECURITY 1. Explain the dual signature in SET protocol. What is its purpose? Explain the different alert codes of TLS protocols What is SET? Discuss the requirements and key features of SET Write short notes on: 1) SSL handshake protocol 2) SSL alert 10 protocol. 5. Explain SSL handshake protocol with a neat diagram List out the key features of secure electronic transaction and explain 10 in detail. 7. Discuss the SSL protocol stack What are the services provided by SSL record protocol? Describe 08 the operation of this protocol, with suitable illustration. 9. What is SET? Discuss its specifications. 08 Question Paper May/June 2004 Cryptography and Network Security: Total =100 marks (Please note that these questions pertain to the old syllabus; material relevant to the revised syllabus would be made available in class) B.E 8 th Sem Information Science & Engineering 12

13 1 a. Explain mxm Hill Cipher 5 b. Show how this Hill Cipher can be broken with a known 5 Plaintext attack. c. You intercept a message SONAFQCHMWPTVEVY, 10 resulting from a 2x2 Hill Cipher, where the sender used the usual 26-letter alphabet A-Z with numerical equivalents 0-25, respectively. An earlier statistical analysis of a long string of intercepted cipher text revealed that the most frequently occurring cipher text diagraphs were KH and XW in that order. You take a guess that those diagraphs correspond to TH and HE, respectively. Since those are the most frequently occulting diagraphs in most long plain text messages on the subject. Find the deciphering matrix and read the message. 2 a. Explain encryption and decryption operation of output 10 feedback mode of a block cipher. b. Explain double DES. What are its merits compared to single 5 DES? c. What is meet-in-the-middle attack? Explain with reference to 5 the Double DES. 3 a. describe RSA public key cryptosystem 5 b. Describe how to send digital signature in RSA 5 c. Suppose that n is known to be product of two distinct primes, 10 p and q. Show that the knowledge of Φ(N ) is equivalent to the knowledge of primes p, q. 4 a. What is the difference between message authentication and 10 digital signature? b. Develop a scheme for message authentication and digital 5 signature using a hash function. c. Describe message authentication code based on DES. 5 5 a. Write digital signature algorithm (DSA). 8 b. Prove the correctness of DSA 7 c. DSA specifies that if the signature generation process results 5 in a value s=0 for the signature (r,s) a new value of random integer k ( user s per message secret number) should be generated and signature should be recalculated. Why? 6 a. Explain the services provided by Pretty good Privacy(PGP) 12 b. List the cryptographic keys used in PGP. Explain briefly the 8 requirements of each key. 7 a. Why do we need IP level security? Explain the benefits and 8 applications of IPSec. b. Discuss the IPSec authentication Header format and describe 12 how anti-replay service and data integrity are supported. 8 a. Explain what is SSL, and how does it enable web security? 10 b. Explain the following terms with examples : viruses, worms and firewalls (3+3+4) Question paper from Jan/Feb 2005: Total Marks 100 B.E 8 th Sem Information Science & Engineering 13

14 Sl. No. Questions Marks 1 a. What are the different security services available in a 8 computer system? Explain. b. Discuss the following classical encryption techniques: 12 Playfair cipher, Hill cipher, rotor machines 2 a. With a neat diagram explain simple DES encryption 12 algorithm. b. What do you mean by cryptanalysis? Describe the two 8 promising approaches of cryptanalysis. 3 a. What are the characteristics of BLOWFISH? Discuss its 8 strengths. Further compare the speeds of various BLOCK ciphers on a Pentium machines. b. List the important characteristics of Public Key 8 Cryptosystems. Explain the essential steps to be followed in the Public key encryption process with an example. c. Write a note on Traffic confidentiality. 4 4 a. Define the following: 10 i. Prime and Relatively Prime Numbers ii. Fermat s theorem iii. Euler s theorem iv. Euler s Totient function v. Chinese reminder theorem b. What is a message authentication code? Describe MD5 10 Message Digest Algorithm. 5 a. Explain X.509 Directory authentication service 8 b. What is meant by PGP? Describe the operational principle of 12 PGP services. Also Compare it with S/MIME. 6 a. What are the benefits and applications of IP Security? 12 Explain IP Security architecture? b. Discuss the following with respect to IP Security: 8 i. Encapsulating Security Payload ii. Oakley key Determination protocol 7 a. Write the layer diagram of SSL protocol stack. Explain SSL. 10 Record protocol. b. What are the components of secure Electronic Transaction 10 (SET)? Describe SET participants in detail. 8 Write short notes on the following: 20 i. Intruders ii. Viruses iii. Firewalls iv. Trojan horse defence B.E 8 th Sem Information Science & Engineering 14