This model of network security is generic. The development of the NSM is important because unity is needed in securing networks.. When an attacker attack on a network has succeeded it is much easier to locate the underlying issue and fix it with the use of the NSM.
A message is to be transferred from one party to another across some sort of internet. The two parties, who are the principals in this transactionmust cooperate for the exchange to take place.
All the techniques for providing security have two components:
A security-related transformation on the information to be sent. Examples include the encryption of the message, which scrambles the message so that it is unreadable by the opponent, and the addition of a code based on the contents of the message, which can be used to verify the identity of the sender
Some secret information shared by the two principals and, it is hoped, unknown to the opponent. An example is an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.
Get your grade
or your money back
using our Essay Writing Service!
The general model shows that there are four basic tasks in designing a particular security service:-
design a suitable algorithm for the security transformation
generate the secret information (keys) used by the algorithm
develop methods to distribute and share the secret information
specify a protocol enabling the principals to use the transformation and secret information for a security service .
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4
Q2. Why is polyalphabetic substitution superior to monoalphabetic substitution?
Ans: Polyalphabetic substitution superior to monoalphabetic substitution by following points :
In polyalphabetic,use different monoalphabetic substitutions as one proceeds through the plaintext message. All these techniques through have the following features:
A set of related monoalphabetic rules is used.
A key determines which particular rule is chosen for a given transformation.
Use multiple cipher alphabets to improve security level than monoalphabetic substitution.
Make cryptanalysis harder with more alphabets to guess and flatter frequency distribution .
Simplest polyalphabetic substitution cipher which effectively multiply Caesar ciphers.
Q3.Why are conventional encryption/decryption method not suitable for a bank?
Ans: The conventional encryption/decryption method not suitable for a bank because of following drawback:
The main limitation of the conventional encryption/decryption method is that it purely depends on the key alone for encryption. The encryption is to be performed for a predetermined number of rounds.
The conventional encryption/decryption method is vulnerable to brute force attack and a proper cryptanalysis can easily bring out the message content easily. This is true because, in most cases, in a random code space of â€žnâ€Ÿ sets, the key can be found out with in â€žn/2â€Ÿ sets of data.
PART - B
Q4. Define types of attacks based on what is known to the attacker.
Ans: Security Attacks:- A useful means of classifying security attacks, used both in x.800 and RFC 2828, is in terms of passive attacks and active attacks . An active attack attempts to alter system resources or affect their operation.
Passive attacks: A passive attack attempts to learn or make use of information from the system but does not affect system resources.
A passive attack is an attack where an unauthorized attacker monitors or listens in on the communication between two parties. Passive attack on a cryptosystem is one in which the cryptanalyst cannot interact with any of the parties involved, attempting to break the system solely based upon observed data. This can also include known plaintext attacks where both the plaintext and its corresponding cipher text are known. A passive attack attempts to learn or make use of information from the system but does not affect system resources.
Types of Passive Attacks are
Release of message contents. The release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.
Traffic analysis, is subtler. Suppose that we had a Way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.
Always on Time
Marked to Standard
Active attacks on a communications system is one in which the attacker changes the communication. They may create, forge, alter, replace, block or reroute messages. They involves some modification of the data stream or the creation of a false Stream and can be subdivided into four categories.
Masquerade: A masquerade takes place when one entity when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.
Replay: Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
Modification of message: Modification of messages simply means that some portion of a legitimate message is altered or that messages are delayed or reordered, to produce an unauthorizedeffect.
Password guessing attack
This attack occurs when an unauthorized user repeatedly tries to log on to a computer or network by guessing usernames and passwords. Many password-guessing programs that attempt to break passwords are available on the Internet. Following are the types of password guessing attacks:
Brute force attack: Brute force attack is a type of password guessing attack. In this type of attack, attackers systematically try every conceivable combination to find out the password of a user.
Dictionary attack: Dictionary attack is a type of password guessing attack. This type of attack uses a dictionary of common words to find out the password of a user. It can also use common words in either upper or lower case to find a password.
A Denial-of-Service (DoS) attack causes a negative impact on the performance of a computer or network. This attack is designed to bring loss of network connectivity and services by consuming the bandwidth of the user's network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network.
Q6.Encrypted the following plaintext by Playfair substitution.
Ans: Encrypted the following plaintext "wearediscoveredsaveyourself" and key is:
Encrypting message : we ar ed is co ve re ds av ey ou rs el fx
Encrypted plaintext is : XF RN FB SX FC ZF NF BX RZ FG CW NX KU
Encrypted form is XFRNFBSXFCZFNFBXRZFGCWNXKU