Part A)Choose the suitable answers (1 mark each)
1.MIM is type of attackers who get the message illegally and retransmitting again to?
a) New recipient
b) The sender.
c) The originally-intended recipient.
d)d.None one of them.
2.What is a one way hash function? It is a mathematical function which
a) takes a variable-length input string and converts it into a variable-length binary
sequence. It is hard to find two strings that would produce the same hash value.
b) takes a variable-length input string and encrypts it. This hash can then be
decrypted to get the original message, proving it came from the sender.
c) takes a variable-length input string and converts it into a fixed-length binary
sequence. It is hard to find two strings that would produce the same hash
value.
d)is easy to calculate but hard to invert because it is difficult to calculate the input
to the function given its output.
3.What does “symmetric-key cryptography” mean? An encryption system in which
the sender and receiver of a message
a) share a public and a private key that are used to encrypt and decrypt the
message
b) share one public key that is used to encrypt and decrypt the message.
c) share two common keys that are used to encrypt and decrypt the message.
d) share a single, common key that is used to encrypt and decrypt the message.
4.What is a “digital signature”? An information that is encrypted with an entity’s
a)public key and is appended to a message to assure the recipient of the
encryption and integrity of the message.
b)private key and is appended to a message to assure the recipient of the
authenticity and integrity of the message.
c)private key and is appended to a message to assure the recipient of the
encryption and integrity of the message.
5. mutual authentication is
a) add one to the checksum, encrypt it with the session key and send it back to
Attacker
b) session key used to add cryptographic checksums to the messages sent between
A and B
c) add encryption, best approach in all cases
6.A VPN typically provides a remote access link from one host to another over
a) An intranet.
b) A modem.
d) A network interface card.
d) The Internet.
7. What is a digital certificate?
a)private key. It is issued by a certificate authority.
b)private key. It is issued by a repudiation authority.
c)public key. It is issued by a certificate authority.
d)public key. It is issued by a repudiation authority.
8. Which technology should be used to keep a file content private during transmission ?
a) SSH
b) SSL
c) PGP
d) Encrypted filesystem
9. Which is not a feature of the SSL protocol?
a) Verifying the server is actually the server you think it is.
b) Verifying the client is actually the server you think it is.
c) Preventing data in transit from being observed in clear-text.
d) Transparently enabling SSL connections to non-SSL enabled servers.
10. Intermediate systems, such as ---------- treat the encrypted part of the packets purely
as payload.
a) switches
b) routers
c) servers
d) getaways
Part B) Give the full word for the following abbreviation(1 mark each)
1.MD5 ____________________________________
2.SSH_____________________________________
3.DES_____________________________________
4.RSA_____________________________________
5.SHA_____________________________________
6.ITEF_____________________________________
7.HMAC___________________________________
8.SHA1____________________________________
9.SSL______________________________________
10.TLS_____________________________________
Part C) Table matching (1 mark each)
SSH prevents from
DNS spoofing
encrypts the data in an IP datagram and
provides authentication, integrity, and antireplay services
IPsec
IP @, packet sequence numbers , other
personal information to create new packets
appear coming from actual U C
Spoofing
Usually replaces the sender IP address with
a different address
Secure Shell
The amount of time, effort and resources
necessary to break a cryptosystem
Work factor
Specifies the length of the AH header
Payload Length
Part D) Answer any questions within question 1
1. What are the differences between SSH1 and SSH2(6 marks)
Cipher
SSH1
SSH2
DES
yes
no
3DES
yes
yes
IDEA
yes
no
Blowfish
yes
yes
Arcfour
no
yes
Cipher
SSH1
SSH2
RSA
DSA
yes
no
yes
yes
•
SSH1 and SSH2 encrypt different parts of the packets (see Table 1 and Table
2)
•
•
SSH1 uses server and host keys to authenticate systems where SSH2 only
uses host keys
SSH2 is a complete rewrite of the protocol and does not use the same
implementation as SSH1
– they are not compatible
2. Define Non-Repudiation(4 Marks)
The non-repudiation is a way to guarantee that the sender of the message can not later
deny having sent the message or having furnished the signature of a message
3. Define Cryptosystem (4marks)
Cryptosystem: The hardware and software that implement the cryptographic
(encryption/decryption) transformations
Part E) Answer any four questions (each 5 marks)
1. Draw and explain the complete steps for Kerberos algorithm
2. List the differences between Symmetric and Asymmetric Encryption
A.Symmetric ciphers use a Pre-Shared-Key (PSK). The same key is used for both
encrypting and decrypting
1.Primary advantage: faster than asymmetric ciphers, hard to break with large
key.
2.Primary disadvantage: difficult to distribute key
3.Cannot authenticate or provide non-repudiation
4.Includes: DES (Date Encryption Standard), Triple DES, IDEA
(International Data Encryption Algorithm), RC4, RC5, AES (Advanced
Encryption Standard)
B.Asymmetric ciphers use a public/private key-pair. Keys are mathematically linked
such that what is encrypted with one is only decrypted by the other. Keys are linked
so that it is computationally hard to guess the private key having the public key
1.You must keep your private key secret. Often encrypted with a pass-phrase
2.You disclose your public key to whoever wants to communicate with you
3.You can have your public key signed by a mutually trusted Certificate Authority
Advantages: Better at key distribution, better scalability for large systems, can
provide authentication and non-repudiation
Disadvantages: Asymmetric ciphers are many times slower than symmetric ciphers
Includes: RSA , Diffie Hellman, El Gamal, DSA, Knapsack, PGP
3. Define three way hand shaking with listing the complete steps for this process
TCP handshaking technique to open connections: SYN-SYN-ACK
2 systems attempting to initiate a connection for communication can negotiate one
connection at a time independently of each other.
Description
Host A sends a TCP SYNchronize packet → Host B
Host B receives A's SYN
Host B sends SYN → Host A
Host A receives B's SYN
Host A sends ACKnowledge → Host B
Host B receives ACK → TCP connection is established.
TCP knows the state of a connection by using the SYN and ACK
Once connected, TCP hands off to the application for data transfer and
communication
4.List the IP Security functions with details for every function
• Key generation
– 2 C both must access to shared encryption key: Diffie–Hellman algorithm
to compute shared key
• Cryptographic checksums
– cryptographic keys to calculate checksum for data in each packet, called a
Hash Message Authentication Code (HMAC)
– HMAC in combination with Message Digest 5 (MD5) and HMAC in
combination with Secure Hash Algorithm-1 (SHA1):
• SHA1 160-bit key and MD5 128-bit key
• SHA1 in USA for high-level security requirement
• Mutual authentication
– C authenticate e/o to establish a trust relationship
– WS2003 Kerberos, digital certificates, or pre-shared key
• Replay prevention
– Replay even when data in packets is encrypted
– IPSec prevents replay by assigning a sequence number to each packet:
anti-replay services
• IP packet filtering
– IPSec includes its own packet filtering mechanism: prevent DoS attacks:
port, @, protocolk