CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE EVENT_CODE SMUAPR15 ASSESSMENT_CODE MIT4022_SMUAPR15 QUESTION_TYPE DESCRIPTIVE_QUESTION QUESTION_ID 12785 QUESTION_TEXT Discuss overview of Rijndael Algorithm. SCHEME OF EVALUATION Rijndael is a fast algorithm with strong mathematical foundation but require simple processors for implementation. It primarily uses substitution, transposition, and the shift, exclusive OR, and addition operations. Algorithm also uses repeated cycles. There are 9, 11, or 13 cycles for keys of 128, 192, and 256 bits, respectively. (2 marks) Each cycle consists of four steps: *Byte substitution: This step uses a substitution box structure similar to the DES, substituting each byte of a 128-bit block according to a substitution table. This is straight confusion operation. *Shift row: A transposition step for 128- and 192-bit block sizes, row n is shifted left circular (n-1) bytes; for 256-bit blocks, row 2 is shifted I byte and rows 3 and 4 are shifted 3 and 4 bytes, respectively. This is straight confusion operation. *Mix Column: This step involves shifting left and exclusive-ORing bits with themselves. These operations provide both confusion and diffusion. *Add subkey: here, a portion of the key unique to this cycle is exclusive-ORed with the cycle result. This operation provides confusion and incorporates the key. (2 marks each) QUESTION_TYPE DESCRIPTIVE_QUESTION QUESTION_ID 72791 QUESTION_TEXT Explain how cryptanalyst uses different information to break the cipher? SCHEME OF EVALUATION a. Ciphertext only: The cryptanalyst decrypt messages based on probabilities, distributions, and characteristics of the available ciphertext, plus publicly available knowledge. b. Full or partial plaintext: the analyst may be fortunate to have a sample message and its decipherment. In these cases, the analyst can use what is called a probable plaintext analysis. After doing part of the decryption, the analyst may find places where the known message fits with the deciphered parts, thereby giving more clues about the total translation. c. Ciphertext of any plaintext: the analyst might have infiltrated the sender’s transmission process so as to be able to cause messages to be encrypted and sent at will. This attack is called a chosen plaintext attack. For instance, the analyst may be able to insert records into a database and observe the change in statistics after the insertions. Linear programming some times enables such an analyst to infer data that should be kept confidential in the database. This attack is very favorable to the analyst. d. Algorithm and Ciphertext: the analyst may have both the encryption algorithm and the ciphertext. In a chosen plaintext attack, the analyst can run the algorithm on massive amounts of plaintext to find one plaintext message that encrypt as the ciphertext. This approach fails if two or more distinct keys can produce the same ciphertext as the result of encrypting meaningful plaintext. e. Ciphertext and Plaintext: the cryptanalyst may lucky enough to have some pairs of plaintext and matching ciphertext. Then, the game is to deduce the key by which those pairs were encrypted so that the same key can be used in cases in which the analyst has only the ciphertext. (2 marks each) QUESTION_TYPE DESCRIPTIVE_QUESTION QUESTION_ID 72792 QUESTION_TEXT List and briefly explain five types of Firewalls Explanation about the following five types of firewalls: i. Packet filtering gateways or screening routers ii. Stateful inspection firewalls SCHEME OF EVALUATION iii. Application Proxies iv. Guards v. Personal Firewalls 2 x 5 = 10 marks QUESTION_TYPE DESCRIPTIVE_QUESTION QUESTION_ID 72794 QUESTION_TEXT List different Session state parameter and Connection state parameter SCHEME OF EVALUATION Different Session state parameters are : i. Session ID ii. Peer Certificate iii. Compression method iv. Cipher Suite v. Master Secret vi. Is Resumable 5 marks Different Connection state parameters are: i. Server and client random number ii. Server write MAC secret iii. Client write MAC secret iv. Server write secret v. Client write secret vi. Initialization vii. Sequence number QUESTION_TYPE DESCRIPTIVE_QUESTION QUESTION_ID 118697 QUESTION_TEXT Write a short note on IPSec architecture. Ans: It provides a set of security services which includes access control, connectionless integrity, data origin authentication, rejection of replayed packets, confidentiality. These services are provided at the IP layer. They can be used by any higher layer protocols. These security services are met through the use of two traffic security protocols; the AH and the ESP, and through the use of cryptographic key management procedures and protocols. The set of IPSec protocols employed in any context, and the ways in which they are employed, will be determined by the security and the system requirements of users, applications, and/or organizations. 4M SCHEME OF EVALUATION When these mechanisms are correctly implemented and deployed, they will not affect the other parts of the implementation such as hosts, and other internet components that do not employ these security mechanisms for protection of their traffic. These mechanisms are also providing modularity which permits selection of different set of algorithms without affecting the other parts of the implementation. So we can say these mechanisms are algorithm–independent. For example, different user communities may select different set of algorithms. 4M A standard set of default algorithms in conjunction with IPSec traffic protection and key management protocols, is intended to permit system and application developers to deploy high quality, internet layer, cryptographic security technology. 2M QUESTION_TYPE DESCRIPTIVE_QUESTION QUESTION_ID 118699 QUESTION_TEXT Explain the various types of threats in a computing environment SCHEME OF EVALUATION (Each threat carries 2 ½ marks) a. Interception b. Interruption c. Passive attacks d. Active attacks