Thursday, 26 May 2016

Solution of MID Term Paper DNS

On 01:02 by Unknown in    1 comment
Solution of DATA & Network Security Mid Term Paper Data & Network Security.     
                                                                            
A: Define security attacks in detail.

Ans: Any action that compromises the security of information owned by an organization is called information security. information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems. There are a wide range of security attacks. These attacks threatened security goals.
  Attacks Threatening Confidentiality
  Attacks Threatening Integrity
  Attacks Threatening Availability  
     

Snooping refers to unauthorized access to or interception of data.
Traffic analysis  refers to obtaining some other type of information by monitoring online traffic.
Modification means that the attacker intercepts the message and changes it.
Masquerading or spoofing happens when the attacker impersonates somebody else.
Replaying means the attacker obtains a copy
of a message sent by a user and later tries to replay it.
Repudiation means that sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message.
Denial of service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system.

B: Define Kirchhoff’s principle for security in detail.      
                                       
Ans: one should always assume that the adversary, Eve, knows the encryption and decryption algorithms. The resistance of the cipher to attack must be based only on the secrecy of the key. This principal called Kerckhoff’s principle.

C: Encrypt your first name with playfair cipher. Use your second name as key.             

Ans: PLAIN TEXT=MOHSIN         KEY=KHAN
K
H
A
N
B
C
D
E
F
G
I/J
L
M
O
P
Q
R
S
T
U
V
W
X
Y
Z
            P = MO   HS   IN
            C = OP   AR   OK
            C = OPAROK
D: Use the hill cipher to encrypt the message “here”. Use
as key. Just till about the decryption process.                             
Ans:  

C = EKGK
E: Draw the diagram of Affine Cipher.                                                            
Ans:


F: Define crypt Analysis in detail.                                                          
  Ans: As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking those codes.  The main objective of cryptanalysis is to recover key not just message. There are two general approaches used for this purpose:
  Cryptanalytic attack
  Brute-force attack
Cryptanalytic attack includes 5 sub categories to break secret codes.
Ciphertext-only attack: In these types of attack the eve only knows the algorithm and some ciphertext. Then she tries to find the corresponding key and plaintext. This is a most probable attach as eve only need cipher text for this type of attack. The process is shown in Behrouz A. Forouzan book figure 3.4.

Known-Plaintext Attack: In this type of attacks, Eve know some plaintext & ciphertext pairs in advance. From the relationship of plaintext/ ciphertext, she tries to decrypt the messages in future with the probability the secret key has not been yet changed. In type of attack eve has more information for analysis. The process is shown in Behrouz A. Forouzan book figure 3.5.

Chosen-Plaintext Attack: this type of attack is similar to Known-plaintext-attack. But eve will select the plaintext/ciphertext pairs by herself. This type of attack is considered on sender side. As eve has access to Alice’s computer. She can choose some plaintext and then intercept their ciphertext. This type of attack is easy but rarely happened. The process is shown in Behrouz A. Forouzan book figure 3.6.

Chosen-Ciphertext Attack: this type of attack is similar to Chosen-Plaintext-attacks. But here eve select some ciphertext and obtain plaintext pairs from Bob’s computer. This attack is considerd ‘on receiver attack’. The process is shown in Behrouz A.  Forouzan book figure 3.7.


Brute Force Search: A brute-force attack involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. Stallings Table 2.2 shows how much time is required to conduct a brute-force attack, for various common key sizes (DES is 56, AES is 128, Triple-DES is 168, plus general mono-alphabetic cipher), where either a single system or a million parallel systems, are used.
Key Size (bits)
Number of Alternative Keys
Time required at 1 decryption/µs
Time required at 106 decryptions/µs
32
232  = 4.3 ´ 109
231 µs   = 35.8 minutes
2.15 milliseconds
56
256  = 7.2 ´ 1016
255 µs   = 1142 years
10.01 hours
128
2128  = 3.4 ´ 1038
2127 µs  = 5.4 ´ 1024 years
5.4 ´ 1018 years
168
2168  = 3.7 ´ 1050
2167 µs  = 5.9 ´ 1036 years
5.9 ´ 1030 years
26 characters (permutation)
26! = 4 ´ 1026
2 ´ 1026 µs      = 6.4 ´ 1012 years
6.4 ´ 106 years


G: Lets a we have 10 bits (1011001000). Generate an 8 bit key using DES key generation process.     
ANS:

 




















                                                                                 


1 comment:

Subscribe to: Post Comments (Atom)