Note for Cryptography And Network Security - CNS by UPTU Risers
- Cryptography And Network Security - CNS
- Note
- uttar pradesh technical university - uptu
- Computer Science Engineering
- B.Tech
- 7796 Views
- 109 Offline Downloads
- Uploaded 1 year ago
Text from page-1
Q.1 What is cryptography? Ans. Cryptographic systems are generally classified along 3 independent dimensions: Type of operations used for transforming plain text to cipher text All the encryption algorithms are based on two general principles: substitution, in which each element in the plaintext is mapped into another element, and transposition, in which elements in the plaintext are rearranged. The number of keys used are: 1. If the sender and receiver uses same key then it is said to be symmetric key (or) single key (or) conventional encryption. 2. If the sender and receiver use different keys then it is said to be public key encryption. Q.2 Explain the Cryptanalysis? Ans. The process of attempting to discover X or K or both is known as cryptanalysis. The strategy used by the cryptanalysis depends on the nature of the encryption scheme and the information available to the cryptanalyst. Q.3 Write down the various types of cryptanalytic attacks? Ans. There are various types of cryptanalytic attacks based on the amount of information known to the cryptanalyst. 1. Cipher Text Only – A copy of cipher text alone is known to the cryptanalyst. 2. Known Plaintext – The cryptanalyst has a copy of the cipher text and the corresponding plaintext. 3. Chosen Plaintext – The cryptanalysts gains temporary access to the encryption machine. They cannot open it to find the key, however; they can encrypt a large number of suitably chosen plaintexts and try to use the resulting cipher texts to deduce the key. 4. Chosen Cipher Text – The cryptanalyst obtains temporary access to the decryption machine, uses it to decrypt several string of symbols, and tries to use the results to deduce the key. By:Ruchi khetan (Assistant Professor, KIOT, Kanpur) ruchi.khetan10@gmail.com 1
Text from page-2
Q4.What is security? Ans. Security is state of being secure—to be free from danger. 1. Computer Security-generic name for the collection of tools designed to protect data and to thwart hackers 2. Network Security-measures to protect data during their transmission 3. Internet Security-measures to protect data during their transmission over a collection of interconnected networks. Q.5 What are the key principles of security? Ans. Key properties of security: To protect the data during transmission across the networks 1. Authentication 2. Confidentiality 3. Integrity 4. Access control Q.6 What are Active Attacks? Ans. An active attack attempts to alter system resources or affect their operation. Active attacks involve some modification of the data stream or the creation of a false stream. It can be subdivided into four categories. (i) Masquerade (ii) Replay (iii) Modification of messages (iv) Denial of Service(DoS) Q7. What are Passive Attacks? Ans A passive attack attempts to learn or make use of information from the system but does not affect system resources. Two types of passive attacks are (i) Release of message contents (ii) Traffic Analysis Q8. Explain in detail the concept of active and passive attack with example? Ans. Passive Attacks: A passive attack attempts to learn or make use of information from the system but does not affect system resources. By:Ruchi khetan (Assistant Professor, KIOT, Kanpur) ruchi.khetan10@gmail.com 2
Text from page-3
A passive attack, in computing security, is an attack characterized by the attacker listening in on communication. In such an attack, the intruder/hacker does not attempt to break into the system or otherwise change data Passive attacks are very difficult to detect, because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion, and neither the sender nor the receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Goal: To obtain information that is being transmitted; Passive attacks basically mean that the attacker is eavesdropping (listen secretly to or over-hear private conversation) Two types of passive attacks are 1. The release of message contents and 2. Traffic analysis. 1. Release of message contents: A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. 2. Traffic analysis: By monitoring frequency and length of messages, even encrypted, nature of communication may be guessed. Active attack: An active attack attempts to alter system resources or affect their operation. Active attacks involve some modification of the data stream or the creation of a false stream. Active attacks can be subdivided into four categories: 1. Masquerade, 2. Replay, 3. Modification Of Messages 4. Denial Of Service. 1. A masquerade takes place when one entity pretends to be a different entity . A masquerade attack usually includes one of the other forms of active attack. 2. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. 3. Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. By:Ruchi khetan (Assistant Professor, KIOT, Kanpur) ruchi.khetan10@gmail.com 3
Text from page-4
4. The denial of service prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target. Q.9 What is meant by Denial of Service (DoS)? Ans. The denial of service(DoS) is an active attack that prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target, for example, an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network either by disabling the network or by overloading it with messages so as to degrade performance. Q.10 What is Brute-force attack? Ans. The attacker tries every possible key on a piece of cipher text until an intelligible translation into plain text is obtained. On average, half of possible keys must be tried to achieve success. It is a trial and error method used by application programs to decode encrypted data or keys through exhaustive effort rather than employing intellectual strategies. Q.11 Explain all security services? Ans. Security services are: 1. Authentication: The assurance that the communicating entity is the one that it claims to be. Peer Entity Authentication Data-Origin Authentication 2. Access control: The prevention of unauthorized use of a resource 3. Data confidentiality: The protection of data from unauthorized disclosure. Connection Confidentiality Connectionless Confidentiality Selective-Field Confidentiality Traffic-Flow Confidentiality 4. Data integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Connection Integrity with Recovery Connection Integrity without Recovery Selective-Field Connection Integrity Connectionless Integrity By:Ruchi khetan (Assistant Professor, KIOT, Kanpur) ruchi.khetan10@gmail.com 4
Leave your Comments