Active Attack: is an attack which the attacked entity gets aware of when attacked. That is the interruption from the attacker is of such kind that he gets aware of the attack, hence called active attack. For example trying to steal some info
It is of 2 types:-
Modification of message
Denial of service
Q2. List and briefly define categories of security services.
Ans2: Security services : A processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented by security mechanisms.
Security Services are:
Authentication: The assurance that the communicating entity is the one that it claims to be.The problem of authorization is often thought to be identical to that of authentication; many widely adopted standard security protocols, obligatory regulations, and even statutes are based on this assumption.
Access control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do)
Data confidentiality: The protection of data from unauthorized disclosure.
Data integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).
Nonrepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Availability service: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system (i.e., a system is available if it provides services according to the system whenever users request them.
Q3. Is there any problem with the one-time pad cipher? Discuss the Problems.
Ans3: Yes, there is problem in One-time pad cipher. The problem are as follows:
"The Random Number Problem"
Despite the appearance of complete security and perfect cryptology, there are some essential problems with One-Time Pads, the least of which is the user's ability to access a reliable source of random characters from which to construct the Pad. If there is any pattern held within the key which (after several attempts and examinations of separate messages back and forth between individuals) can be revealed by a cryptologist, then the jig is up. After discovering any kind of pattern in the supposed random pad, a good cryptologist can then exploit that to decrypt a series of messages wherein this pattern lays. While I acknowledge the strictly theoretical stance I am taking, it must also be noted that as we advance further and further technologically, the possibility of the theoretical occurring comes closer and closer. In any case, it should be noted that a proper One-Time Pad is completely random, and that anything less then that would be potentially crackable.
"The Delivery Of The Pad Problem"
Another inherent difficulty lies in the delivery of the pad itself. While several supposedly secure protocols have been established for the transferring of keys and passwords (i.e. Neuman-Stublebine, Multiple-Public Key protocols etc.) they are slow, tedious, and exploitable. The difficulty with the one-time pad is that if at any point a large section of it should become accessible to outsiders (without the user's notice) then the entire system's privacy is immediately compromised.
"Public-Key Encryption And The One-Time Pad"
Currently the most widespread protocol in transferring keys for cryptography is through Public-Key Cryptography Protocols. Public-Key Cryptography, while being essentially secure, can be compromised should an individual gain access to the KDC, or load key-logging programs onto the computers of individuals who use it. In addition it could be suggested that those parties who use One-Time Pads are most probably utilizing Public-Key Cryptography in order to transfer those Pad files. And so we see how it may be possible to access the One-Time Pad files which are essential to the secure transmission of data across such a network.
PART - B
Q4. Define types of attacks based on what is known to the attacker.
In general, the majority of network communications occur in an unsecured or "cleartext" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.
A common denominator of most operating system and network security plans is password-based access control. This means your access rights to a computer and network resources are determined by who you are, that is, your user name and your password.
Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user.
When an attacker finds a valid user account, the attacker has the same rights as the real user. Therefore, if the user has administrator-level rights, the attacker also can create accounts for subsequent access at a later time.
After gaining access to your network with a valid account, an attacker can do any of the following:
Obtain lists of valid user and computer names and network information.
Modify server and network configurations, including access controls and routing tables.
Modify, reroute, or delete your data.
Unlike a password-based attack, the denial-of-service attack prevents normal use of your computer or network by valid users.
After gaining access to your network, the attacker can do any of the following:
Randomize the attention of your internal Information Systems staff so that they do not see the intrusion immediately, which allows the attacker to make more attacks during the diversion.
Send invalid data to applications or network services, which causes abnormal termination or behavior of the applications or services.
Flood a computer or the entire network with traffic until a shutdown occurs because of the overload.
Block traffic, which results in a loss of access to network resources by authorized users.
AÂ snifferÂ is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encryptedÂ andÂ the attacker does not have access to the key.
Using a sniffer, an attacker can do any of the following:
Analyze your network and gain information to eventually cause your network to crash or to become corrupted.
Read your communications.
Q5. Write a Program to implement Play fair cipher?
Program of play fair Cipher
char key, m,pt;
cout<<"enter the key";
cout<<"entered key is";
Q6. Given the speed of a current ordinary computer (for home or light office use), estimate the amount of time necessary to crack a DES encryption by testing all 256 possible keys. Make a similar estimate for a 128-bit AES key.
We assume that the household computer has a 2.4 GHz processor. Also we assume that a machine takes a hundred cycles per brute force against a single 56-bit DES key or 128 bit AES key.
To crack a DES encryption, we need:
(2^56 key)*100 cycles/60sec/60min/24hour/365days/2000000000hz = 114.246566 years
To crack a AES encryption, we need:
(2^128 key)*100 cycles/60sec/60min/24hour/365days/2000000000hz = 5.39514154 Ã- 1023 years