Network Security Cryptography Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Security attacks used both in X.800 and RFC 2828 is in terms of passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect systems resources. An active attack attempts to alter system resources or affect their operation.

1.Passive attack:-passive attack are the nature of eavesdropping on or monitoring of transmissions.the goal of the opponent is to obtain information that is being transmitted.

Two types of passive attacks are RELEASE OF MESSAGE CONTENTS and TRAFFIC ANALYSIS.

The release of message contents is easily understood. A telephone conversation,an electronic mail message,and a transfer file may contain sensitive or contidential information. We would like to prevent an opponent from learning the contents of these transmissions.

A second type of passive attack,TRAFFIC ANALYSIS is subtler suppose that we had a way of masking the contents of message or other information traffic so that opponents, even if they captured the message, could not exract the information from the message. the common technique for masking contents is encryption.

ACTIVE ATTACK:-Active attack involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories masquerade, replay modification of message and denial of service.

A masquerade takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.REPLAY involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. Modification of message simply means that some portion of a legitimate message is altered, or message are delayed or reordered to, to produce an unauthorized affect. The DENIAL OF SERVICE prevents or inhibits the normal use or management or communication facilities.

DIFFERENCE BETWEEN PASSIVE ATTACKS AND ACTIVE ATTACKS

Passive attacks are very difficult to detect because they do not involve any alteration the data. Typically the message traffic is sent and received in an apparently normal fashion and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However it is feasible to prevent the success of these attacks, usually by means of encryption.

On the other hand, ACTIVE ATTACKS presents the opposite characterstics of passive attacks. whereas passive ara difficult to detect, measures are available to prevent their success. It is quite difficult to prevent active attacks absolutely, because of the wide variety of potential, software and network vulnerabilities.

QUES:2 List and briefly define categories of security services.

ANS: A processing or communication service that is provided by a system to give a specific kind of protection to system resources, security services implement security policy and are implemented by security mechanism. There are different -2 kinds of security services:-

1.AUTHENTICATION

2.ACCESS CONTROL

3.DATA CONFIDENTALITY

4.DATA INTEGRITY

5.NON REPUDATION

1.AUTHENTICATION:-The assurance that the communicating entity is the one that it claims to be .

1.Peer entity authentication:-Used in association with a logical connection to provide confidence in the identity of the entities connected.

2. data origin authentication:-in a connectionless transfer provide assurance that the source of received data is as claimed.

2:-ACCESS CONTROL:-The prevention of unauthorized user of a resource.

3:-DATA CONFIDENTALITY:-The protection of data from unauthorized disclosure.

1.Connection confidentiality:-the protection of all user data on a connection.

2.connectionless confidentiality:-the protection of all user data in a single data block.

3.selective field confidentiality:-The confidentiality of selected field within the user data on a connection or in a single data block.

4.TRAFFIC DATA CONFIDENTALITY:-The protection of the information that might be derived from observation of traffic flows.

3.DATA INTEGRITY:-The assurance that data received are exactly as sent by an authorized entity.

CONNECTION INTEGRITY WITH RECOVERY:-Provides for integrity of all user data on a connection and detects any modification insertion. deletion, or replay of any data within an entire data sequence, with recovery attempted.

4.NONREPUDATION:-Provides protection against denial by one of the entity involved in a communication of having participated in all or part of the communication.

Non repudiation origin: proof that the message was sent by the specified party non repudation, destination: proof that the message was received by the specified party.

Ques :-Is there any problem with the one time pad cipher? discuss the problem.

ANS:- One-time pads are used in pairs. The more copies of a given pad, the greater the likelihood is that one may be captured, in which case the system is completely broken. One copy of the pad is kept by each user, and pads must be exchanged via a secure channel [e.g.: face to face on floppy disks]. The pad is used by XOR ing every bit of the pad with every bit of the original message. Once the message is encoded with the pad, the pad is destroyed and the encoded message is sent. On the recipient's side, the encoded message is XOR ed with the duplicate copy of the pad and the plaintext message is generated.

There is the practical problem of making large quantities of random keys. Any heavily used system might require millions of random characters on a regular basis. Supplying truly random characters in this volume is a significant task.

Even more daunting is the problem of key distribution and protection. For every message to be sent, a key of equal length is needed by both sender and receiver. Thus, a mammoth key distribution problem exists.

Because of these difficulties, the one-time pad is of limited utility, and is useful primarily for low-bandwidth channels requiring very high security.

PART - B

Q4. Define types of attacks based on what is known to the attacker

Attack

An attack is the act of trying to bypass security controls on a computer system. It can be active or passive. An active attack is an attack in which the attacker manipulates data and adds unauthorized data. In a passive attack, the attacker only monitors and/or records data.

To secure a network from attacks, it is necessary to detect when and what type of attack is taking place. Some of the common attacks are listed bellow:

Password guessing attack

This attack occurs when an unauthorized user repeatedly tries to log on to a computer or network by guessing usernames and passwords. Many password-guessing programs that attempt to break passwords are available on the Internet. Following are the types of password guessing attacks:

Brute force attack: Brute force attack is a type of password guessing attack. In this type of attack, attackers systematically try every conceivable combination to find out the password of a user.

Dictionary attack: Dictionary attack is a type of password guessing attack. This type of attack uses a dictionary of common words to find out the password of a user. It can also use common words in either upper or lower case to find a password. There are many programs available on the Internet to automate and execute dictionary attacks.

DoS attack

A Denial-of-Service (DoS) attack causes a negative impact on the performance of a computer or network. This attack is designed to bring loss of network connectivity and services by consuming the bandwidth of the user's network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network. A DoS attack can cause the following:

Saturate network resources.

Disrupt connections between two computers, thereby preventing communication between services.

Disrupt services to a specific computer.

A Denial-of-Service attack is very common on the Internet because it is much easier to accomplish. Most of the DoS attacks rely on the weaknesses in the TCP/IP protocol. Some of the common DoS attacks are as follows:

Man-in-the-middle attack

Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. The intermediary software or program allows attackers to listen to and modify the communication packets passing between the two hosts. The software intercepts the communication packets and then sends the information to the receiving host. The receiving host responds to the software, presuming it to be the legitimate client.

Spoofing

Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc., because forging the source IP address causes the responses to be misdirected.

Back Door

Back door is a program or account that allows access to a system by skipping the security checks. Many vendors and developers implement back doors to save time and effort by skipping the security checks while troubleshooting. Back door is considered to be a security threat and should be kept with the highest security. If a back door becomes known to attackers and malicious users, they can use it to exploit the system.

Hacking

Hacking is a process by which a person acquires illegal access to a computer or network through a security break or by implanting a virus on the computer or network.

.

Q5. Write a Program to implement Play fair ciphe public class playfair

{

   private String KeyWord=new String();

   private String Key=new String();

   private char matrix_arr[][]= new char[5][5];

   

   public void setKey(String k)

   {

      KeyWord=k;

   }

   

   public void KeyGen()

   {

      boolean flag=true;

      char current;

      

      Key=KeyWord;

      

      for ( int i=0 ; i<26 ; i++)

      {

         current=(char)(i+97);

         

         if(current=='j')

            continue;

         

         for(int j=0 ; j< KeyWord.length() ; j++ )

         {

            if (current == KeyWord.charAt(j))

            {

               flag=false;

               break;

            }

         }

         

         if(flag)

            Key=Key+current;

         

         flag=true;

      }

      

      System.out.println(Key);

      matrix ();

   

   }

   

   private void matrix ()

   {

      int counter=0;

      

      for (int i=0 ; i<5 ;i++)

      {

         for (int j=0 ; j<5 ; j++)

         {

            matrix_arr[i][j]=Key.charAt(counter);

            System.out.printf("%s ",matrix_arr[i][j]);

            

            counter++;

         }

         

         System.out.println("\n");

      }

   }

   private String [] Divid2Pairs (String Original)

   {

      int size= Original.length();

      if(size%2!=0)

         size++;

      

      String x[]= new String[size/2];

      

      int counter=0;

      

      for ( int i=0 ; i<size/2 ;i++)

      {

         x[i]=Original.substring(counter, counter+2);

         System.out.println(x[i]);

         counter=counter+2;

      }

      

      return x;

   }

   

   public int[]  GetDiminsions(char letter)

   {

      int []key=new int[2];

      

      if ( letter == 'j')

         letter='i';

      

      for (int i=0 ; i<5 ;i++)

      {

         for (int j=0 ; j<5 ; j++)

         {

            if(matrix_arr[i][j] == letter)

            {

               key[0]=i;

               key[1]=j;

               break;

            }

         }

         

      }

      

      return key;

   }

   

   public String Encript(String Source)

   {   

      String src_arr[]=Divid2Pairs(Source);

      

      String Code=new String();

      

      char one;

      char two;

      

      int part1[]=new int[2];

      int part2[]=new int[2];

      

      //start on pair by pair

      for (int i=0 ; i< src_arr.length ;i++ )

      {

         one = src_arr[i].charAt(0);//get first char

         two = src_arr[i].charAt(1);//get second char

         

         part1 = GetDiminsions(one);//get position of the first char

         part2 = GetDiminsions(two);//get position of the second char

         

         //check for specail casese

         if(part1[0]==part2[0])//same row

         {

            if (part1[1]<4)

               part1[1]++;

            

            else

               part1[1]=0;

            

            if(part2[1]<4)

               part2[1]++;

               

            else

               part2[1]=0;

               

         }

         

         else if (part1[1]==part2[1]) //same column

         {

            if (part1[0]<4)

               part1[0]++;

            

            else

               part1[0]=0;

            

            if(part2[0]<4)

               part2[0]++;

               

            else

               part2[0]=0;

         }

         

         else

         {

            int temp=part1[1];

            part1[1]=part2[1];

            part2[1]=temp;

         }

         

         

         Code= Code + matrix_arr[part1[0]][part1[1]] + matrix_arr[part2[0]][part2[1]];

      }

      System.out.println(Code);

      return Code;

   }

   public String Decript (String Code)

   {

      String Original=new String();

      

      String src_arr[]=Divid2Pairs(Code);

      

      char one;

      char two;

      

      int part1[]=new int[2];

      int part2[]=new int[2];

      //start on pair by pair

      for (int i=0 ; i<= src_arr.length ;i++ )

      {

         one = src_arr[i].charAt(0);//get first char

         two = src_arr[i].charAt(1);//get second char

         

         part1 = GetDiminsions(one);//get position of the first char

         part2 = GetDiminsions(two);//get position of the second char

         

         //check for specail casese

         if(part1[0]==part2[0])//same row

         {

            if (part1[1]>0)

               part1[1]--;

            

            else

               part1[1]=4;

            

            if(part2[1]>0)

               part2[1]--;

               

            else

               part2[1]=4;

               

         }

         

         else if (part1[1]==part2[1]) //same column

         {

            if (part1[0]>0)

               part1[0]--;

            

            else

               part1[0]=4;

            

            if(part2[0]>0)

               part2[0]--;

               

            else

               part2[0]=4;

         }

         

         else

         {

            int temp=part1[1];

            part1[1]=part2[1];

            part2[1]=temp;

         }

         

         

         Original =Original + matrix_arr[part1[0]][part1[1]] + matrix_arr[part2[0]][part2[1]];

      }

      

      System.out.println(Original);

      return Original;

   }

}

r?

Q6. Given the speed of a current ordinary computer (for home or light office use), estimate the amount of time necessary to crack a DES encryption by testing all 256 possible keys. Make a similar estimate for a 128-bit AES key.

.

We assume that the household computer has a 2GHZ processor. Also we assume

that a machine takes a hundred cycles per brute force against a single 56-bit DES key

or 128 bit AES key.

To crack a DES encryption, we need:

(2^56 key)*100 cycles/60sec/60min/24hour/365days/2000000000hz = 114.246566

years

To crack a AES encryption, we need:

(2^128 key)*100 cycles/60sec/60min/24hour/365days/2000000000hz = 5.39514154 Ã-

1023 years

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.