Student Name: Guy B. Kodjo CIS: 534 Topic Starter: Prof. AnvariTopic: CIS 534 Midterm Take Home Exam Author: Prof. Anvari 1. What is “brute-force attack”? How the “brute-force attack” is related to Key space (the range of possible value of the Key)? Why the issue of number of bit required in a key to ensure secure encryption is controversial? In a brute-force attack, you apply all combinations of a key to the algorithm until you succeed in deciphering the message. In cryptanalysis, a brute force attack is a bruteforce search of the 'key space',in an attempt to recover the plaintext used to produce a particular cipher text. Note that, in most cases, recovery of the plaintext in this way is not equivalent to 'breaking' the underlying cipher as that requires a method of recovering plaintext for all cipher texts; a successful brute force attack merely supplies one plaintext, though it may also provide hints which might help such a cryptanalysis The range possible value 64 bits or 128 bits. The long the key more difficult it is to crack. 2. Very briefly describe the three types of cryptographic functions (Symmetric, Asymmetric, and Hash) that enable authentication, integrity, and confidentiality. Symmetric, encryption where the same key is used to encrypt and decrypt the message. Asymmetric, (or public-key) encryption, which uses one key to encrypt a message and another to decrypt the message. Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key. Hash functions are sometimes misunderstood and some sources claim that no two files can have the same hash value. 3. What are three challenges with secret key encryption? The three challenges with secret key encryption are: 1- Changing the secret keys frequently to avoid the risk of compromising the keys. 2- Securely generating the secret keys 3- Securely distributing the secret keys 4. What are the improvements of 3DES (Data Encryption Standard) over DES? Why the 3DES with one key is used at all? DES, or Digital Encryption Standard, is encryption used for data communications where both the sender and receiver must know the same secret key, which can be used to encrypt and decrypt the message, or to generate and verify a message authentication code. NETGEAR DES encryption uses a 56-bit key. 3DES, or “triple DES” on the other hand, is a variation on DES that uses a 168-bit key to provide more secure data transmission than DES. TripleDES is considered to be virtually unbreakable by security experts. It also requires a great deal more processing power, resulting in increased latency and decreased throughput. 5. A centralized key distribution model relies on what entity to issue keys? A centralized key distribution model relies on a trusted third party, sometimes referred to as a KDC (Key distribution center), to issue keys. 6. Which algorithm is commonly used to create secret session keys in a distributed manner? Differ-Hellman is the algorithm commonly used to create secret session keys in a distributed manner. 7. What transport protocol is commonly used for SSL? Why? SSL assumes that the underlying packet delivery mechanism is reliable and, although in theory there are a number of transport protocols that could provide this service, SSL, nearly always uses TCP as its transport. 8. List three things included as part of an IPsec security Association (SA)? An IPsec security association: 1- The ESP encryption algorithm and keys 2- The AH authentication algorithm and key 3- A shared session key. 9. What is the primary reason for classifying VPNs into access VPNs, intranet VPNs, and extranet VPNs? The primary reason for three distinct classifications is due to security policy variations. A good security policy will detail corporate infrastructure and information mechanism and access privileges, and in many instances these will vary depending on how the corporate resources are accessed. 10. What is NAT, why is it used, and what is it’s security issue? Network Address Translation (NAT) is often used in environments that have private IP address space as opposed to a globally unique IP address. NAT will translate the unregistered IP addresses into legal addresses that are routable in the outside public network. 11. Security Technology protocols are grouped according to their shared attributes of: a. Identity Technologies b. Security in TCP/IP structured layers c. Virtual Private Dial-up security Technologies d. Public Key Infrastructure and distribution models Name and briefly describe one example for each of the above four Security Technology group. A: In object-oriented programming, object identity is a mechanism for distinguishing different objects from each other. This is based on the philosophical concept of identity, but applied to data structures. B: There are several characteristics of TCP/IP that have contributed to its immense success, perhaps none more important than its ruthless eradication of the impractical. The TCP/IP community discourages elaborate formal frameworks, unworkable schemes and senseless strategies. Instead TCP/IP's designers - a mix of academics, engineers, network administrators, and users - concentrate on solving real problems with real applications." C: The world has changed a lot in the last couple of decades. Instead of simply dealing with local or regional concerns, many businesses now have to think about global markets and logistics. Many companies have facilities spread out across the country or around the world, and there is one thing that all of them need: A way to maintain fast, secure and reliable communications wherever their offices are located to different areas. D: There are a few problems with treating public keys as addresses: - Public keys are large: thus they are difficult for people to read, write, speak, memorize, or compare. -Public keys are single-use: it is good practice to use different key pairs for different protocols or in different devices, and thus a person will have multiple public keys. - Public keys are transient: they need to be revoked when the private key is lost or stolen, and should be changed periodically. 12. What is Denial of Service (DoS) attack? Briefly describe 3 types of common DoS Attacks. Ping of death and teardrop are two common DoS attacks that exploit fragmentation vulnerable. The man-in-the middle attack. The moment you install any Internet-facing mission critical assets, you are susceptible to debilitating DDoS attacks. The motives behind the attacks can be varied, from extortion, to political statements, to bragging rights. Virtually any organization that connects to the Internet is highly susceptible to these attacks.