Professional Documents
Culture Documents
Network Security
Prelim Question Paper Solution
Time : 2 Hrs.]
[Marks : 75
al
an
ka
Q.1
Attempt the following (any TWO)
[10]
Q.1(a) Explain CIA security goals.
[5]
(A)
(i) Confidentiality
The principle of confidentiality specifies that only the sender and the
intended recipient(s) should be able to access the contents of a message.
Confidentiality gets compromised if an unauthorized person is able to
access a message. Example of compromising the confidentiality of a
message is shown in fig 1.
dy
(ii) Authentication
Authentication mechanisms help establish proof of identities. The
authentication process ensures that the origin of a electronic message
or document is correctly identified. This concept is shown in figure 2.
Vi
al
an
ka
(iii) Integrity
When the contents of a message are changed after the sender sends it,
but before it reaches the intended recipient, we say that the integrity
of the message is lost. Conceptually, this shown in figure 3.
Vi
dy
al
an
ka
dy
Vi
into
then second character on the second line, i.e. o, then the third character
on the first line, i.e. m, then the fourth character on the second line, i.e.
e, and so on). This creates a zigzag sequence, as shown below.
ka
2) Now read the text row-by-row, and write it sequentially. Thus, we have :
Cmhmtmrooeoeoorw as the cipher text.
dy
al
an
Vi
Q.2
Attempt the following (any TWO)
[10]
Q.2(a) Describe CFB (Cipher Feed Back) Mode in detail.
[5]
(A)
Security is also required in applications that are character-oriented. For
instance, an operator can be typing keystrokes at a terminal, which needs to
be immediately transmitted across the communications link in a secure
manner, i.e. by using encryption. In such situations, stream cipher must be
used. The Cipher Feedback (CFB) mode is useful in such cases. In this mode,
data is encrypted in units that are smaller (i.e. they could be of size 8 bits,
i.e. the size of a character typed by an operator) than a defined block size
(which is usually 64 bits).
al
an
ka
Step 1 : Like CBC, a 64-bit Initialization Vector (IV) is used in the case of
CFB mode. The IV is kept in a shift register. It is encrypted in the first
step to produce a corresponding 64-bit IV cipher text.
Step 2 : Now, the leftmost (i.e. the most significant) j bits of the
encrypted IV are XORed with the first j bits of the plain text.
Step 3 : Now, the bits of IV (i.e. the contents of the shift register
containing IV) are shifted left by j positions. Thus, the rightmost j positions
of the shift register now contain unpredictable data. These rightmost j
positions are now filled with C.
Step 4 : Now, steps 1 through 3 continue until all the plain-text units are
encrypted. That is the following steps are repeated:
IV is encrypted.
The leftmost j bits resulting from this encryption process are XORed
with the next j bits of the plain text. .
The resulting cipher-text portion (i.e. the next j bits of cipher text) is
sent to the receiver.
The shift register containing the IV is left-shifted by j bits.
The j bits of the cipher text are inserted from right into the shift
register containing the IV.
Vi
dy
al
an
ka
Q.2(b) List all 5 steps of DES round and explain Key Transformation and [5]
X-OR and Swap steps in detail.
(A)
Each of the 16 rounds, in turn, consists of the broad level steps outlined in
figure 1.
dy
Vi
al
an
ka
RPT). The old right half (i.e. RPT) becomes the new left half, in a process of
swapping. This is shown in figure 3.
dy
Vi
dy
al
an
ka
Vi
ka
al
an
dy
Note that this is just a permutation. The values of S are simply being
rearranged, not changed.
Vi
Stream Generation
Now that the S array is ready with the above initializations and
permutations, the initial key array K discarded. Use a loop from i = 0 to 255.
In each step, swap S[i] with another byte in S, as per the mechanism
decided by the implementation of S. Once exhaust the 255 positions, then
restart at S[0].
After this, for encryption, k is XORed with the next byte of the plain text.
For decryption, k is XORed with the next byte of the cipher text.
al
an
ka
Q.3
Attempt the following (any TWO)
[10]
Q.3(a) Explain an overview of Asymmetric Key Cryptography.
[5]
(A)
An Overview of Asymmetric Key Cryptography
In Asymmetric Key Cryptography, also called as Public Key Cryptography,
two different keys (which form a key pair) are used. One key is used for
encryption and only the other corresponding key must be used for
decryption. No other key can decrypt the message - not even the original
(i.e. the first) key used for encryption!
Vi
dy
10
[5]
ka
al
an
Vi
dy
Examples of RSA
al
an
ka
Vi
dy
Fig. 1 : Message digest for the original data should always be the same.
(c) Given any two messages, if we calculate their message digests, the two
message digests must be different. This is shown in Fig. 3.
12
ka
Vi
dy
al
an
13
al
an
ka
Q.4
Attempt the following (any TWO)
[10]
Q.4(a) Explain the verification of CA signature on a certificate.
[5]
(A)
If we receive a digital certificate of a user, which we want to verify. We
need to verify the digital signature of the CA. Steps are involved in this
process, as shown in Fig. 1.
dy
Vi
14
ka
(d) The user de-signs the CAs signature (i.e. the user decrypts the
signature with the CAs public key.)
(e) This produces another message digest, which we shall call MD2. Note
that MD2 is the same message digest as would have been calculated by
the CA during the signing of the certificate (i.e. before it encrypted the
message digest with its private key to create its digital signature over
the certificate.)
(f) Now, the user compares the message digest it calculated (MD1) with the
one, which is the result of de-signing the CAs signature (MD2). If the
two match, i.e. if MD1 = MD2, the user is convinced that the digital
certificate was indeed signed by the CA with its private key. If this
comparison fails, the user will not trust the certificate, and reject it.
Vi
dy
al
an
Now, suppose that Alices CA is B1, whereas Bobs CA is B11. Clearly, Alice
cannot straightaway know the public key of B11. Therefore, in addition to his
own certificate, Bob must send the certificate of his CA (i.e. B11) to Alice.
This would tell Alice the public key of B11. Now, using the public key of B11,
Alice can de-sign and verify Bobs certificate.
15
The root CA (and many times, even the second or the third-level CAs) are
automatically considered trusted CAs.
Vi
dy
al
an
ka
As the figure shows, first encrypt the plain-text message with the
symmetric key, and then encrypt the symmetric key with a Key Encryption
Key (KEK). This protects the symmetric key from an unauthorized access.
This is conceptually very similar to the concept of digital envelopes.
16
ka
al
an
dy
Vi
Field
Version
Signature
Algorithm
Identifier
Issuer Name
This Update
(Date and
Time)
Description
Indicates the version of the CRL.
Identifies the algorithm used by the CA to sign the CRL
(e.g. it could be SHA-1 with RSA, which indicates that the
CA first calculated the message digest of the CRL using the
SHA-1 algorithm, and then signed it (i.e. encrypted the
message digest with its private key) using the RSA
algorithm.
Identifies the Distinguished Name (DN) of the CA.
Contains the date and time value when this CRL was issued.
17
al
an
CRL Entry
Extensions
CRL
Extensions
Signature
Contains the date and time value when the next CRL will be
issued.
ka
Next Update
(Date and
Time)
User
Certificate
Serial
Number
Revocation
Date
dy
Q.5
Attempt the following (any TWO)
[10]
Q.5(a) Describe Packet Filters.
[5]
(A)
A packet filter applies a set of rules to each packet and based on the
outcome, decides to either forward or discard the packet. It is also called as
screening router or screening filter.
The idea of a packet filter is shown in figure 1.
Vi
ka
Vi
dy
al
an
19
ka
al
an
(v) From here onwards, the application gateway acts like a proxy of the
actual end user and delivers packets from the user to the remote host
and vice versa.
dy
Vi
20
ka
al
an
dy
Vi
ka
al
an
Vi
dy
Q.6
Attempt the following (any TWO)
[10]
Q.6(a) Explain the working of Kerberos Protocol.
[5]
(A)
The Working of Kerberos
There are four parties involved in the Kerberos protocol:
Alice: The client workstation
Authentication Server (AS): Verifies (authenticates) the user during
login
Ticket Granting Server (TGS): Issues tickets to certify proof of
identity
Bob: The server offering services such as network printing, file sharing
or an application program.
There are three primary steps in the Kerberos protocol.
Step 1: Login
To start with, Alice, the user, sits down at an arbitrary public workstation
and enters her name. The work station sends her name in plain text to the
AS, as shown in figure 1.
22
ka
The AS then combines the TGT with the session key (KS), and encrypts the
two together using a symmetric key derived from the password of Alice (KA).
After this message is received, Alice's workstation asks her for the
password. When Alice enters it, the workstation generates the symmetric
key (KA) derived from the password (in the same manner as AS would have
done earlier) and uses that key to extract the session key (KS) and the
Ticket Granting Ticket (TGT).
al
an
Alice wants to make use of Bob - the email server, for some email
communication. For this, Alice would inform her workstation that she needs
to contact Bob. Therefore, Alice needs a ticket to communicate with Bob. At
this juncture, Alice's workstation creates a message intended for the Ticket
Granting Server (TGS), which contains the following items:
The TGT as in step 1
The id of the server (Bob) whose services Alice is interested in
The current timestamp, encrypted with the same session key (KS)
Vi
dy
al
an
ka
Its Working
This is the simplest password-based authentication mechanism. Usually,
every user in the system is assigned a user id and an initial password. The
user changes the password periodically for security reasons. The password is
stored in clear text in the user database against the user id on the server.
The authentication mechanism works as follows:
dy
(A)
[5]
Vi
The server consults the user database to see if this particular user id and
password combination exists there. Usually, this is the job of a user
authenticator program. This is a program that takes user id and password,
checks it against the user database, and returns the result of the
authentication (success or failure).
24
ka
al
an
dy
Vi
25
Q.7
Attempt the following (any THREE)
[15]
Q.7(a) Describe Trojan Horse in detail.
[5]
(A)
Trojan Horse
A Trojan horse is a hidden piece of code, like a virus. However, the purpose
of a Trojan horse is different. Whereas the main purpose of a virus is to
make some sort of modifications to the target computer or network, a
Trojan horse attempts to reveal confidential information to an attacker.
ka
A Trojan horse could silently sit in the code for a Login screen by attaching
itself to it. When the user enters the user id and password, the Trojan
horse could capture these details, and send this information to the attacker
without the knowledge of the user who had entered the id and password.
The attacker can then merrily misuse the user id and password to gain
access to the system. This is shown in Fig. 1.
dy
al
an
Vi
As shown in the figure, the first step receives two inputs: the first block of
plain text and a random block of text, called as Initialization Vector (IV).
The IV has no special meaning: it is simply used to make each message unique.
26
ka
The first block of cipher text and IV are combined using XOR and then
encrypted using a key to produce the first cipher text block. The first cipher
text block is then provided as a feedback to the next plain text block.
In the second step, the second plain text block is XORed with the output
of Step 1, i.e. the first cipher text block. It is then encrypted with the
same key, as used in Step 1. This produces cipher text block 2.
In the third step, the third plain text block is XORed with the output of
Step 2, i.e. the second cipher text block. It is then encrypted with the same
key, as used in Step 1.
This process continues for all the remaining plan text blocks of the
original message.
al
an
Vi
dy
[5]
SHA
160
Software
implementation
Simple, does not need any Simple does not need any
large programs or complex large programs or complex
tables.
table.
al
an
ka
dy
Certificate Serial
Number
Signature Algorithm
Identifier
Issuer Name
Description
Identifies a particular version of the X.509 protocol,
which is used for this digital certificate. Currently,
this field can contain 1, 2 or 3.
Contains a unique integer number, which is generated
by the CA.
Identifies the algorithm used by the CA to sign this
certificate.
Identifies the Distinguished Name (DN) of the CA
that created and signed this certificate.
Contains two date-time values (Not Before and Not
After), which specify the time frame within which
the certificate should be considered valid. These
values generally specify the date and time up to
seconds or milliseconds.
Identifies the Distinguished Name (DN) of the end
entity (i.e. the user or the organization) to whom this
certificate refers. This field must contain an entry
unless an alternative name is defined in Version 3
extensions.
Contains the subject's public key and algorithms
related to that key. This field can never be blank.
Validity (Not
Before/Not After)
Vi
Subject Name
28
ka
al
an
This field is useful for the later, actual communication between the client
and the server.
Session id : This is a variable-length session identifier. If this field contains
a non-zero value, it means that there is already a connection between the
client and the server, and the client wishes to update the parameters of
that connection. A zero value in this field indicates that the client wants to
create a new connection with the server.
Cipher suite : This list contains a list of the cryptographic algorithms
supported by the client (e.g. RSA, Diffie-Hellman, etc.) in the decreasing
order of preference.
Compression method : This field contains a list of the compression
algorithms supported by the client.
dy
Accordingly, the server sends back a server hello message to the client.
Vi
In the first step (certificate) : The server sends its digital certificate and
the entire chain leading upto root CA to the client. This will help the client
to authenticate the server using the servers public key from the servers
certificate.
ka
The second step (Server key exchange) : Is optional. It is used only if the
server does not send its digital certificate to the client in step 1 above.
The third step (certificate request) : The server can request for the clients
digital certificate.
al
an
The last step (server hello done) : Message indicates to the client that its
portion of the hello message (i.e. the server hello message) is complete. This
indicates to the client that the client that the client can now (optionally)
verify the certificates sent by the server, and ensure that all the
parameters sent by the server are acceptable. This message does not have
any parameters. After sending this message, the server waits for the
clients response.
dy
The first step (certificate) : is optional. This step is performed only if the
server had requested for the clients digital certificate.
Vi
Like the server key exchange message this second step (client key
exchange) :
Here, the client creates a 48-bytes pre-master secret, and encrypts it with the
servers public key and sends this encrypted pre-master secret to the server.
The third step (Certificate verify) : is necessary only if the server had
demanded client authentication. If this is the case, the client has already
sent its certificate to the server. However, additionally, the client also
needs to prove to the server that it is the correct and authorized holder of
the private key corresponding to the certificate. For this purpose, in this
optional step, the client combines the pre-master secret with the random
numbers exchanged by the client and the server earlier.
30
Phase 3: Finish
The client initiates this fourth phase of the SSL handshake, which the
server ends.
The first two messages are from the client : Change cipher specs Finished.
The server responds back with two identical messages : Change cipher specs,
Finished.
Vi
dy
al
an
ka
al
an
ka
Vi
dy
The user id and the message digest of the password travel to the server
over the communication link. The server passes these values to the user
authentication program, which validates the user id and the message digest
of the password against the database and returns an appropriate response
back to the server. The server uses the result of this operation to return an
appropriate message back to the user. This is shown in figure 2.
32