Post on 14-Apr-2018
7/29/2019 Cns Vini.docx
1/23
CRYPTOGRAPHY
&
NETWORK SECURITY
ASSIGNMENT
SUBMITTED TO: SUBMITTED BY:
MR. Kamal Kant Geetika DayalCSE Dept. A2305208545
Roll No. 5128CS-5(X)
7/29/2019 Cns Vini.docx
2/23
CRYPTOGRAPHY
&
NETWORK SECURITY
ASSIGNMENT
SUBMITTED TO: SUBMITTED BY:
MR. Kamal Kant Kritika DayalCSE Dept. A2305208652
Roll No. 5908CS-5(Y)
7/29/2019 Cns Vini.docx
3/23
CRYPTOGRAPHY
&
NETWORK SECURITY
ASSIGNMENT
SUBMITTED TO: SUBMITTED BY:
MR. Kamal Kant Arushi NautiyalCSE Dept. A2305208522
Roll No. 4388CS-5(X)
7/29/2019 Cns Vini.docx
4/23
Q1. Explain Telecommunication Network architecture with neat diagram?
A telecommunications network is a collection of terminals, links and nodes whichconnect to enable telecommunication between users of the terminals. Networks mayuse circuit switching ormessage switching. Each terminal in the network must have
a unique address so messages or connections can be routed to the correctrecipients. The collection of addresses in the network is called the address space.
The links connect the nodes together and are themselves built upon an
underlying transmission network which physically pushes the message across the
link.
Examples of telecommunications networks are:
computer networks
the Internet
the telephone network
All telecommunication networks are made up of five basic components that are
present in each network environment regardless of type or use. These basic
components include terminals, telecommunications processors, telecommunications
channels, computers, and telecommunications control software.
Terminals are the starting and stopping points in any telecommunication network
environment. Any input or output device that is used to transmit or receive data
can be classified as a terminal component.
http://collection/http://telecommunication/http://switching/http://switching/http://switching/http://address/http://space/http://network/http://internet/http://network/http://software/http://telecommunication/http://switching/http://switching/http://switching/http://switching/http://address/http://space/http://space/http://network/http://network/http://internet/http://network/http://network/http://software/http://collection/7/29/2019 Cns Vini.docx
5/23
Telecommunications processors support data transmission and reception
between terminals and computers by providing a variety of control and support
functions. (i.e. convert data from digital to analog and back)
Telecommunications channels are the way by which data is transmitted and
received. Telecommunication channels are created through a variety of media ofwhich the most popular include copper wires and coaxial cables (structured
cabling). Fiber - optic cables are increasingly used to bring faster and more robust
connections to businesses and homes.
In a telecommunication environment computers are connected through media to
perform their communication assignments.
Telecommunications control software is present on all networked computers and
is responsible for controlling network activities and functionality.
Q2. What are different TMN management layers?
The framework identifies four logical layers of network management:
Business management
Includes the functions related to business aspects, analyzes trends and quality
issues, for example, or to provide a basis for billing and other financial reports.
Service managementHandles services in the network: definition, administration and charging of services.
Network management
Distributes network resources, performs tasks of: configuration, control and
supervision of the network.
Element management
Handles individual network elements including alarm management, handling of
information, backup, logging, and maintenance of hardware and software.
A network element provides agent services, mapping the physical aspects of the
equipment into the TMN framework.
Q3. Describe TMN information model?
Basically there are two TMN information models which is based on objects specifiedin:
http://transmission/http://channel/http://wire/http://cabling/http://cabling/http://cable/http://element/http://transmission/http://transmission/http://channel/http://channel/http://wire/http://wire/http://cabling/http://cabling/http://cable/http://cable/http://cable/http://cable/http://element/http://element/7/29/2019 Cns Vini.docx
6/23
1. G.803
2. M.3100
G.803 :
The ever-popular Client/Server model is used as a paradigm for describing the
relationship between the layers of synchronous networks, with the client layer traffic
being carried over transport services provided by the Server Layer. Two important
types of transport entities, trails and connections, are used to transfer information
within the framework of the client and server layers. A trail is responsible for
managing the transfer of information through one or more client layers via "access
points." A trail consists of trail termination functions that interact via a network
connection. Connections, on the other hand, are used to transfer information
between connection points; multiple connections can be used to support a single trail
within a layer. A single layer can contain multiple connections that serve the
information transport needs of the related client layer.
There are several other components in the general framework defined by G.803. The
objects include:
CP - connection point, this is the point at which the end of a single trail is
bound to either another trail or another connection.
TCP - Termination Connection Point (not Transmission Control Protocol). This
is a special case of a connection point where a trail termination and an
adaptation function are bound.
Adaptation - provides a point of access between the client and server layers.
This function "defines the "server/client" association between the connection
point and access points.
Bi-directional reference point - refers to a point in the network in which a
pair of unidirectional connections or trails are combined to provide full-duplex
connections.
Network connection - defined by G.803 as a "transport entity" formed by a
series of "connections between "termination connection points". In our sample
figure, you can see that the server layer provides a network connection across
several connections to provide a service accessible by the client layer. This
network connection can be used to transfer client trail information.
7/29/2019 Cns Vini.docx
7/23
AP - access point. Defined as a "reference point" where the output of an
"adaptation" source function is bound to an input of a "trail termination source"
or the output of a "trail termination sink" is bound to the input of an adaptation
sink function." In simpler terms, each layer's access point is the point at which
a server layer terminates the supporting trail service.
MC - matrix connection. Models the connection within a sub network that
consists of a connection that is transferred through a matrix function. This
matrix can either be a fixed matrix (for example, a permanent circuit through
some switching function, or dynamically, as in the case of an automatically
switched circuit).
Figure: G.803
M.3100 :
The M.3100 specification is organized into 6 "fragments" that combine to form the
Generic information model. There are both direct containment relationships between
7/29/2019 Cns Vini.docx
8/23
the fragments along with associative peer relationships. The 6 fragments defined
within M.3100 are:
Network Fragment: defines the relationship between a managed network and
its related trails, connections, and managed elements. In this case, a network
fragment is shown to contain all elements.
Managed Element: defines the components and relationships contained in a
single managed element. In this case, a managed element is shown to
contain equipment (including software), along with trail termination points.
Termination Point: The termination point fragment contains the types of
terminations that a single piece of managed equipment may contain. Both trail
and connection termination points are included in this fragment.
Transmission Fragment: Provides a different, non-equipment oriented view of
communications through a network. In this case, two forms of transmission
entities are defined, trails and connections. The relationships between these
entities and references to their relative termination points are included in this
fragment. Termination points include termination point sources, sinks and bi-
directional termination points.
Cross Connection Fragment: helps in managing cross connect fabrictopologies. In this case, the cross connection fragment contains multipoint
cross connections, cross connections, generic termination points, and a pool
of termination points.
Functional Area Fragment: defines the classes of objects contained within a
managed element to provide additional management services. Object classes
contained in the functional area fragment include: Management Operations
Schedule, Logs (e.g., alarms, attribute value changes, object creation and
deletion records, state change records), alarm assignment profiles, event
forwarding discriminators and the current alarm summary control. Of these
object classes, with the exception of the Alarm Severity Assignment Profile, all
are defined either in X.721 or Q.821.
7/29/2019 Cns Vini.docx
9/23
Figure: M.3100
Q4. Briefly explain services and functions of TMN?
TMN Services:
There are a number of specific areas covered by different TMN managementservices:
A. Customer administration
This management activity requires the network operator to exchange management
data and functions required by the customers to offer a telecommunication service
and to exchange with the network all the customer-related management data and
functions that the network needs to provide that service. This could involve
interactions which related to provisioning management, configuration administration,
fault administration, charging (billing) administration, complaints administration,
quality of service administration, traffic measurement administration, etc.
B. Traffic management
This deals with the management of traffic associated with circuit switched networks,
for example, Integrated Services Digital Network (ISDN) and Public Switched
Telephone Network (PSTN), and transmission networks.
7/29/2019 Cns Vini.docx
10/23
The objective of traffic management is to enable as many calls as possible to be
successfully completed. This is done by maximising the use of all available
equipment and facilities in the traffic situation. It is also responsible to supervise the
performance of a network, and has to take action to control the flow of the traffic and
to optimise the utilisation of the network capacity.
C. Management of customer access
This includes all the equipment which associated with the customer access involving
multiplex equipment, network terminating units etc, regardless of its bandwidth
(narrow-band or broadband), analogue or digital.
Management describes quite a number of tasks, configuration, failure monitoring,
security and network performance of any part or piece of equipment associated with
the access. Separate requirements resulting from circuit-switched or packet-switched
environments must also be taken into account.
Needs of management control facilities upon the customer access arises due to the
complexity. Customer access may be regarded as consisting of copper wires or
optical fibres with complex electronic equipment whose functions may need updating
or altering by the network provider, instead of merely consisted of copper wires and
network terminating equipment.
D. Common channel signalling system (CCSS) management
This covers all the aspects concerned with the management of CCSSs. During the
process of managing a CCSS, several things outside of the sphere of the MS has to
be considered as well. They are the events and information outside the MS, also
planning is needed.
It is necessary to have a network wide view of the availability of the signalling
network and the signalling traffic loading. The network wide view should at least
contain a number of relevant information such as, the configuration on the signalling
network, the availability of each signalling link set and its capacity, current loading of
each link set, and indication of the initiation of internal flow control procedures.
Those information will be used as a statistical measurements. They will be gathered
from both inside and outside of the signalling system concerned.
7/29/2019 Cns Vini.docx
11/23
E. Staff Work Scheduling
This management service has no direct influence on NEs. However the quality of
telecommunication services depends very much on the network operator's staff, and
that effective staff work scheduling helps to maintain the economic level of the staff
effort. This is a management activity of the network operatorwhich aims at getting
the right staff member to carry out the work. This is valid for OAM of the NEs,
maintenance and installation work to be done at the customers' premises, and also
installation and repair work to be done in the field, such as installing cables.
The TMN management functions are usually grouped into five functional
areas:A. Performance management:
It includes all activities necessary to maintain the short term customer view of
quality of service. It gathers statistical data for monitoring and controlling the
effectiveness and behaviours of the network, NE or equipment.
Performance monitoring (PM)
PM involves the collection of data relating the performance of the NE. It
is designed to measure the overall quality using monitored parameters
and also to detect characteristic pattern before the quality of signal
drops below an acceptable level.
Performance controlling (PC)
B.Fault (Maintenance) Management:
It include all procedure necessary to handle system alarm, correct and test falling
equipment, and respond intelligently to customers complaints.
1. Alarm
TMN is able to monitor NE failures in near real time. Indication is made by the
NE when a failure occurs. TMN determines the nature and severity of the fault
basing on the indication. It may determine the effect of the fault on the
services supported by the fault equipment in two ways. The first one is that a
data base within a TMN may interpret binary alarm indication from the NE,
which requires little of the NE beyond self-monitoring capability. The second is
http://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#alarmhttp://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#correcthttp://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#testhttp://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#alarmhttp://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#correcthttp://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#test7/29/2019 Cns Vini.docx
12/23
that it may transmit self- explanatory messages to a TMN if the NE has
sufficient intelligence, but requires additional support of message syntax for
the description of fault condition from both NE and TMN.
2. Correction
Automatic restoration report from NE to TMN indicates a specific line, service,
equipment or system that has been switched as part of NE's protection
procedures.
TMN requests NE to start/stop hot-standby procedures for system or service
so as to let a redundant unit to take over with minimum disruption to traffic.
Reload procedure involves a request from TMN to NE for reconstruction of a
service or a system from a particular dump record. A reload report is the
reporting of a reloaded service or system from a dump, from NE to TMN.
3. Testing
It can be done in two ways. The first way is that a TMN orders a NE to carry
out analysis of circuit or equipment characteristics, which is done entirely
within the NE. Results are reported to the TMN automatically and immediately
or on a delayed basis. Another way is that the analysis is done within the
TMN. It asks the NE to provide access to the circuit or equipment concerned
and no more messages are exchanged with the NE.
C. Configuration Management:
It provides functions for control over, identify, collect data from and provide data to
NEs.
1. Provisioning
It consists of procedures need to bring an equipment into service, excludinginstallation. When the unit is in service, supporting programs will be initialised
with the TMN. Status of the unit, for example, whether in service or not, may
be controlled by provisioning functions.
Use of provisioning functions differs in different NEs. Frequent use of these
functions is required in digital switching and cross-connect equipment as
circuits are put up and dropped. While only one usage is usually required in
small transmission elements.
7/29/2019 Cns Vini.docx
13/23
2. Status and control of NE
TMN provides monitoring and controlling over the NE on request. A status
check is usually provided in conjunction with each control function so as to
check that the resulting action has taken place. These functions are corrective
when dealing with faulty conditions.
Status and control functions form part of routine maintenance which is done
on a periodic or automatic basis. TMN will stop the operation of a faulty
equipment and may rearrange equipment or re-route traffic. It can also enable
entering of proposed configuration to analyse the feasibility of the design
before its implementation.
D. Accounting Management :
It includes the measurement and control of costs and customers billing.
It provides a function set which enable the use of the network service to be
measured and determine the cost of it. It also collects the accounting record and
1. Billing
Some NEs is used to determine charges to customer accounts and it will send
to the OS within TMN if it requires these data. To enable the maintaining of
the record of billing, this type of function needs highly efficient and redundant
data transport. Processing must be carried out in near real time for large
number of customers.
E. Security Management:
It is responsible for controlling access to customers, network data and resources.
It is concerned not with the provision and use of encryption or authenticationtechniques themselves but rather with their management, including reports
concerning attempts to breach system security. There are two important function,
first one is managing the security and maintaining security audits. The other one is
performing the network management task in a secure way.
Q5. Write down the functions provided by S/MIME?
S/MIME (Secure/Multipurpose Internet Mail Extension) is a security enhancement
to the MIME Internet e-mail format standard.
http://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#billhttp://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol2/tkl1/#bill7/29/2019 Cns Vini.docx
14/23
The Functions provided by S/MIME are:
1.Enveloped data:
This consists of encrypted content of any type and encrypted content encryption
keys for one or more users. This functions provides privacy and data security.
2.Signed data:
A digital signature is formed by signing the message digest and then encrypting that
with the signer private key. The content and the signature are then encoded using
base64 encoding.
This function provides authenticity, message integrity and non-repudiation of origin.
3.SignerInfo: allows the inclusion of unsigned and signed attributes to be included
along with a signature.
-Signing Time
-SMIME Capabilities
-SMIME Encryption Key Preference
4.Clear signed data:
In this case a digital signature of the content is formed, However only the signature is
encoded with base64.
5.Signed and enveloped data:
Because of S/MIME encapsulating capability (multipart type), signed only and
encrypted only entities may be nested, so that encrypted data may be signed and
signed data may be encrypted.
Q6. Explain firewall design principles, characteristics, and types of firewalls
Firewall is a single point of defence between two networks. A firewall can be simply arouter that is used to filter the packets or a complex multi computer, multi routersolution that performs filtering of packets along with application level proxy services.A firewall can be through of as a pair of mechanisms: allow, which permits traffic anddeny, which blocks traffic.
Types of firewalls:
7/29/2019 Cns Vini.docx
15/23
1. Packet filters: A packet filter is one of the earliest firewall technologies that
analyze network traffic at the transport protocol layer. Each ip network packet
is examined to see if it matches one of a set of rules which defines the nature
of allowable data flow.
2. Circuit level firewalls: Circuit level firewalls are similar to packet filtering
firewalls, but they operate at transport and session layer of the OSI model.
The biggest difference between a packet filtering firewall and circuit level
firewall is that circuit level firewall validates TCP and UDP sessions before
opening a connection through the firewall.
3. Application layer firewalls: An application layer firewall is a third generation
firewall technology that evaluates network packets for valid data at the
application layer before allowing a connection. It examines the data in all
network packets at the application layer and maintains a complete list of
connection states and sequencing information.
4. Dynamic packet filter: Dynamic packet filter firewalls are a fourth generation
firewalls that allow modifications of the security rules on the fly. This
technology is most suitable for providing limited support for UDP transport
protocol
Q7.Define man in the middle attack
Internet connections can be attacked in various ways. A general type of attack is
called
Man-inthe-middle. The idea behind this attack is to get in between the sender and
the recipient, access the traffic, modify it and forward it to the recipient.
The term Man-in-the-middle have been used in the context of computer security
The man-in-the-middle attack is a form of active eavesdropping in which the attacker
makes independent connections with the victims and relays messages between
them, making them believe that they are talking directly to each other over a private
connection, when in fact the entire conversation is controlled by the attacker. The
attacker must be able to intercept all messages going between the two victims and
inject new ones, which is straightforward in many circumstances .
http://eavesdropping/http://eavesdropping/7/29/2019 Cns Vini.docx
16/23
A man-in-the-middle attack can succeed only when the attacker can impersonate
each endpoint to the satisfaction of the otherit is an attack on (or lack of) mutual
authentication. Most cryptographic protocols include some form of
endpoint authentication specifically to prevent MITM attacks. For example, SSL can
authenticate one or both parties using a mutually trusted certification authority.
Q 8. Write short notes on following
a) Kerberos-
Kerberos is a network authentication protocol. It is designed to provide strong
authentication for client/server applications by using secret-key cryptography.
It is a computer network authenticationprotocol which works on the basis of "tickets"
to allow nodes communicating over a non-secure network to prove their identity to
one another in a secure manner. Its designers aimed primarily at a client
server model, and it provides mutual authenticationboth the user and the server
verify each other's identity. Kerberos protocol messages are protected
against eavesdropping and replay attacks. Kerberos builds on symmetric key
cryptography and requires a trusted third party, and optionally may use public - key
cryptography by utilizing asymmetric key cryptography during certain phases of
authentication.
b) Virus and Worms-
A computer virus is a computer program that can replicate itself and spread from one
computer to another. The term "virus" is also commonly, but erroneously used, to
refer to other types of malware, including but not limited
to adware and spywareprograms that do not have a reproductive ability.
Viruses can increase their chances of spreading to other computers by infecting files
on a network file system or a file system that is accessed by other computers. [2][3]
Malware includes computer viruses,computer worms, Trojan horses,
most rootkits, spyware, dishonest adware and other malicious or unwanted software,
including true viruses. Viruses are sometimes confused with worms and Trojan
horses, which are technically different. A worm can exploit security vulnerabilities to
spread itself automatically to other computers through networks, while a Trojan
horse is a program that appears harmless but hides malicious functions. Worms and
http://authentication/http://authentication/http://authentication/http://authentication/http://security/http://authority/http://network/http://authentication/http://protocol/http://authentication/http://authentication/http://en.wikipedia.org/wiki/Computer_insecurity#insecurityhttp://attack/http://attack/http://cryptography/http://cryptography/http://party/http://cryptography/http://cryptography/http://cryptography/http://program/http://adware/http://spyware/http://spyware/http://system/http://en.wikipedia.org/wiki/Computer_virus#cite_note-1http://en.wikipedia.org/wiki/Computer_virus#cite_note-2http://malware/http://worm/http://worm/http://rootkit/http://spyware/http://adware/http://authentication/http://authentication/http://authentication/http://security/http://authority/http://authority/http://network/http://network/http://authentication/http://protocol/http://authentication/http://authentication/http://en.wikipedia.org/wiki/Computer_insecurity#insecurityhttp://attack/http://attack/http://cryptography/http://cryptography/http://cryptography/http://party/http://party/http://party/http://cryptography/http://cryptography/http://cryptography/http://cryptography/http://cryptography/http://cryptography/http://cryptography/http://program/http://program/http://adware/http://spyware/http://system/http://system/http://system/http://en.wikipedia.org/wiki/Computer_virus#cite_note-1http://en.wikipedia.org/wiki/Computer_virus#cite_note-2http://malware/http://worm/http://worm/http://rootkit/http://spyware/http://adware/7/29/2019 Cns Vini.docx
17/23
Trojan horses, like viruses, may harm a computer system's data or performance.
Some viruses and other malware have symptoms noticeable to the computer user,
but many are surreptitious or simply do nothing to call attention to themselves. Some
viruses do nothing beyond reproducing themselves.
A computer worm is a standalone malwarecomputer program that replicates itself in
order to spread to other computers. Often, it uses a computer network to spread
itself. This is due to security shortcomings on the target computer. Unlike a computer
virus, it does not need to attach itself to an existing program. Worms almost always
cause at least some harm to the network, even if only by consuming bandwidth,
whereas viruses almost always corrupt or modify files on a targeted computer.
c) Honeypot-
A honeypot is an information system resource whose value lies in unauthorized or
illicit use of that resource. Honeypots are an exciting new technology with enormous
potential for the security community. a honeypot is a trap set to detect, deflect, or in
some manner counteract attempts at unauthorized use ofinformation systems.
Generally it consists of a computer, data, or a network site that appears to be part of
a network, but is actually isolated and monitored, and which seems to contain
information or a resource of value to attackers.
Honeypots can be classified based on their deployment and based on their level of
involvement. Based on deployment, honeypots may be classified as production
honeypots
research honeypots.
d) Elliptic Curve Cryptography
Elliptic Curve Cryptography (ECC) is a public key cryptography. Elliptic curves are
also used in several integer factorization algorithms that have applications in
cryptography, such as Lenstra elliptic curve factorization.
Early public-key systems are secure assuming that it is difficult to factor a large
integer composed of two or more large prime factors. For elliptic-curve-based
protocols, it is assumed that finding the discrete logarithm of a random elliptic curve
element with respect to a publicly-known base point is infeasible. The size of the
elliptic curve determines the difficulty of the problem. The primary benefit promised
http://malware/http://program/http://network/http://virus/http://virus/http://systems/http://computer/http://network/http://factorization/http://algorithm/http://factorization/http://logarithm/http://malware/http://program/http://program/http://network/http://network/http://virus/http://virus/http://systems/http://systems/http://computer/http://network/http://factorization/http://factorization/http://algorithm/http://factorization/http://factorization/http://factorization/http://factorization/http://logarithm/http://logarithm/7/29/2019 Cns Vini.docx
18/23
by ECC is a smaller key size, reducing storage and transmission requirementsie.
that an elliptic curve group could provide the same level of security afforded by an
RSA-based system with a large modulus and correspondingly larger keyeg, a
256bit ECC public key should provide comparable security to a 3072bit RSA public
key
For current cryptographic purposes, an elliptic curve is a plane curve which consists
of the points satisfying the equation
e) IDS -
An intrusion detection system (IDS) is a device orsoftware application that monitorsnetwork and/or system activities for malicious activities or policy violations and
produces reports to a Management Station. Some systems may attempt to stop an
intrusion attempt but this is neither required nor expected of a monitoring
system. Intrusion detection and prevention systems (IDPS) are primarily focused on
identifying possible incidents, logging information about them, and reporting
attempts. In addition, organizations use IDPSes for other purposes, such as
identifying problems with security policies, documenting existing threats, and
deterring individuals from violating security policies. IDPSes have become a
necessary addition to the security infrastructure of nearly every organization.
f) Hash Algorithm -
A hashing algorithm takes a variable length data message and creates a fixed size
message digest. When a one-way hashing algorithm is used to generate the
message digest the input cannot be determined from the output.
The key in public-key encryption is based on a hash value. This is a value that is
computed from a base input number using a hashing algorithm. Essentially, the hash
value is a summary of the original value. The important thing about a hash value is
that it is nearly impossible to derive the original input number without knowing the
data used to create the hash value.
http://application/http://application/http://application/7/29/2019 Cns Vini.docx
19/23
Q9. In network security what we will do first compression or encryption?
Encryption is counterproductive for compression if the two features aren't used
together correctly. Generally, you want to compress first and then encrypt. This is the
order that naturally happens when you compress at the encoding level and encrypt
at the transport level. You tend to get disadvantageous results if you encrypt first and
then compress. This order can happen when you encrypt early on, such as when
you use message security with transport compression, or if you attempt to apply
compression from outside the system after encryption has already taken place.
Statistical tendencies in the resulting encryption output could be a way to attack the
encryption mechanism, possibly revealing the original content or even the secrets
used for encryption. Therefore, the encrypted output tends to be more random than
the original content. If the original content was fairly predictable, then this can cause
a significant decline in compression effectiveness. This makes encrypted content a
poor candidate for compression.
Q10. Difference between SSL and TLS?
SSL
SSL is designed to allow an accessing device or application to connect through ports
associated with SSL for verification. Logging into the destination is handled then
routed for verification then allowed in based on whether or not the key is the same
for the request. Not all web browsers will alert users of changes in security
measures such as those.
TLS
TLS works in a similar fashion but helps to prevent eavesdropping and tampering
with information that is sent between the two locations. The server does a large
amount of encrypting of data being transferred and pulls information for the digital
certificate. If the information is correct the TLS will continue until the connection is
completed.
Q11. What is the segment size of different e-mail providers. Segment size
should be small or large? It depends on what parameters?
The segment size of different email providers are as follows:
7/29/2019 Cns Vini.docx
20/23
Gmail, RediffMail, Excite, AOL Mail, Blue Tie 25 MB
Fastmail -10 MB to 50 MB
GMX Mail, Hushmail, india.com Email, Ovi Mail- 20 MB
Mail.com -50 MB
Runbox-100 MB
If the maximum segment size is sufficient to allow all segments of data to be
transferred without fragmenting the segments, the web page is likely to fulfill
relatively quickly. However, if the data segment is too large for the maximum
segment size established between the ISP and the end users computer, then the
segment will have to be broken down into smaller fragments that will pass throughthe routing process. The end result is that the web page will fulfill at a noticeably
slower rate.
Q12. Explain DES in detail. Write advancement in DES in short.
DES is a block cipher--meaning it operates on plaintext blocks of a given size (64-
bits) and returns ciphertext blocks of the same size. Thus DES results in
a permutation among the 2^64 (read this as: "2 to the 64th power") possible
arrangements of 64 bits, each of which may be either 0 or 1. Each block of 64 bits is
divided into two blocks of 32 bits each, a left half block L and a right half R.
http://www.wisegeek.com/what-is-a-data-segment.htmhttp://www.wisegeek.com/what-is-an-isp.htmhttp://www.wisegeek.com/what-is-a-data-segment.htmhttp://www.wisegeek.com/what-is-an-isp.htm7/29/2019 Cns Vini.docx
21/23
Step 1: Create 16 subkeys , each of which is 48-bits long.
The 64-bit key is permuted according to the permutation table, PC-1. Note only 56
bits of the original key appear in the permuted key.
Next, split this key into left and right halves, C0 and D0, where each half has 28 bits.
With C0 and D0 defined, we now create sixteen blocks Cn and Dn, 1
7/29/2019 Cns Vini.docx
22/23
Triple-DES
Triple-DES is just DES with two 56-bit keys applied. Given a plaintext message, the
first key is used to DES- encrypt the message. The second key is used to DES-
decrypt the encrypted message. (Since the second key is not the right key, this
decryption just scrambles the data further.) The twice-scrambled message is then
encrypted again with the first key to yield the final ciphertext. This three-step
procedure is called triple-DES.
Triple-DES is just DES done three times with two keys used in a particular order.
(Triple-DES can also be done with three separate keys instead of only two. In either
case the resultant key space is about 2^112.)
Q13. Write steps of Diffie Hellmen with example.
The steps of Diffie Hellmen are:
1. Alice and Bob agree to use a prime number p=23 and base g=5.
2. Alice chooses a secret integer a=6, then sends Bob A = ga mod p
A = 56 mod 23
A = 15,625 mod 23
A = 8
3. Bob chooses a secret integer b=15, then sends Alice B = gb mod p
B = 515 mod 23
B = 30,517,578,125 mod 23
B = 19
4. Alice computes s = B a mod p
s = 196 mod 23
s = 47,045,881 mod 23
s = 2
5. Bob computes s = A b mod p
http://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/Alice_and_Bob7/29/2019 Cns Vini.docx
23/23
s = 815 mod 23
s = 35,184,372,088,832 mod 23
s = 2
6. Alice and Bob now share a secret: s = 2. This is because 6*15 is the same
as 15*6. So somebody who had known both these private integers might alsohave calculated s as follows:
s = 56*15 mod 23
s = 515*6 mod 23
s = 590 mod 23
s = 807,793,566,946,316,088,741,610,050,849,573,099,185,363,389,5
51,639,556,884,765,625 mod 23
s = 2
Both Alice and Bob have arrived at the same value, because (ga)b and (gb)a are equalmod p. Note that only a, b and gab = gba mod p are kept secret. All the other values
p, g, ga mod p, and gb mod p are sent in the clear. Once Alice and Bob computethe shared secret they can use it as an encryption key, known only to them, for
sending messages across the same open communications channel. Of course,
much larger values of a, b, and p would be needed to make this example secure,since it is easy to try all the possible values of gab mod 23. There are only 23possible integers as the result of mod 23. If p were a prime of at least 300 digits,
and a and b were at least 100 digits long, then even the best algorithms known todaycould not find a given only g, p, gb mod p and ga modp, even using all of mankind's
computing power. The problem is known as the discrete logarithm problem. Notethat g need not be large at all, and in practice is usually either 2 or 5.
http://en.wikipedia.org/wiki/Discrete_logarithm_problemhttp://en.wikipedia.org/wiki/Discrete_logarithm_problem