Department of information technology

CYBER LAWS AND IPR

Assignment – 1
Q1. Explain some encryption techniques and algorithms.

A.

BASIS FOR
SYMMETRIC ENCRYPTION ASYMMETRIC ENCRYPTION
COMPARISON

Basic Symmetric encryption uses a Asymmetric encryption uses a

single key for both encryption different key for encryption and

and Decryption. decryption.

Performance Symmetric encryption is fast in Asymmetric Encryption is slow in

execution. execution due to the high

computational burden.

Algorithms DES, 3DES, AES, and RC4. Diffie-Hellman, RSA.

Purpose The symmetric encryption is used The asymmetric encryption is often

for bulk data transmission. used for securely exchanging secret

keys.

Aditya 1703216
 Department of information technology

AES
The Advanced Encryption Standard, AES, is a symmetric encryption algorithm and one of
the most secure. The United States Government use it to protect classified information, and
many software and hardware products use it as well. This method uses a block cipher, which
encrypts data one fixed-size block at a time, unlike other types of encryption, such as stream
ciphers, which encrypt data bit by bit.

AES is comprised of AES-128, AES-192 and AES-256. The key bit you choose encrypts and
decrypts blocks in 128 bits, 192 bits and so on. There are different rounds for each bit key. A
round is the process of turning plaintext into cipher text. For 128-bit, there are 10 rounds;
192-bit has 12 rounds; and 256-bit has 14 rounds.

Since AES is a symmetric key encryption, you must share the key with other individuals for
them to access the encrypted data. Furthermore, if you don’t have a secure way to share that
key and unauthorized individuals gain access to it, they can decrypt everything encrypted
with that specific key.

3DES
Triple Data Encryption Standard, or 3DES, is a current standard, and it is a block cipher. It’s
similar to the older method of encryption, Data Encryption Standard, which uses 56-bit keys.
However, 3DES is a symmetric-key encryption that uses three individual 56-bit keys. It
encrypts data three times, meaning your 56-bit key becomes a 168-bit key.

Unfortunately, since it encrypts data three times, this method is much slower than others.
Also, because 3DES uses shorter block lengths, it is easier to decrypt and leak data. However,
many financial institutions and businesses in numerous other industries use this encryption
method to keep information secure. As more robust encryption methods emerge, this one is
being slowly phased out.

Twofish
Twofish is a symmetric block cipher based on an earlier block cipher – Blowfish. Twofish
has a block size of 128-bits to 256 bits, and it works well on smaller CPUs and hardware.
Similar to AES, it implements rounds of encryption to turn plaintext into cipher text.
However, the number of rounds doesn’t vary as with AES; no matter the key size, there are
always 16 rounds.

In addition, this method provides plenty of flexibility. You can choose for the key setup to be
slow but the encryption process to be quick or vice versa. Furthermore, this form of
encryption is unpatented and license free, so you can use it without restrictions.

RSA
This asymmetric algorithm is named after Ron Rivest, Adi Shamir and Len Adelman. It uses
public-key cryptography to share data over an insecure network. There are two keys: one
public and one private. The public key is just as the name suggests: public. Anyone can
access it. However, the private key must be confidential. When using RSA cryptography, you
need both keys to encrypt and decrypt a message. You use one key to encrypt your data and
the other to decrypt it.

According to Search Security, RSA is secure because it factors large integers that are the
product of two large prime numbers. Additionally, the key size is large, which increases the

Aditya 1703216
 Department of information technology

security. Most RSA keys are 1024-bits and 2048-bits long. However, the longer key size does
mean it’s slower than other encryption methods.

While there are many additional encryption methods available, knowing about and using the
most secure ones ensures your confidential data stays secure and away from unwanted eyes.

Q2. Answer briefly:

a. What is a domain name?

A domain name is your website name. A domain name is the address where Internet users
can access your website. Because of this domain names were developed and used to identify
entities on the Internet rather than using IP addresses.

b. What is a digital signature?

Digital Signature is a process that guarantees that the contents of a message have not been
altered in transit. When you, the server, digitally sign a document, you add a one-way hash
(encryption) of the message content using your public and private key pair.

c. Explain cyber law.

Cyber law is the part of the overall legal system that deals with the Internet, cyberspace, and
their respective legal issues. Cyber law covers a fairly broad area, encompassing several
subtopics including freedom of expression, access to and usage of the Internet, and online
privacy. Generically, cyber law is referred to as the Law of the Internet.

d. What are a few Benefits of e-commerce?

Overcome Geographical Limitations

If you have a physical store, you are limited by the geographical area that you can service.
With an e-commerce website, the whole world is your playground. Additionally, the advent
of m-commerce, i.e., e-commerce on mobile devices, has dissolved every remaining
limitation of geography.

Gain New Customers with Search Engine Visibility

Physical retail is driven by branding and relationships. In addition to these two drivers, online
retail is also driven by traffic from search engines. It is not unusual for customers to follow a
link in search engine results and land on an e-commerce website that they have never heard
of. This additional source of traffic can be the tipping point for some e-commerce businesses.

Aditya 1703216
 Department of information technology

Lower Costs

One of the most tangible positives of e-commerce is the lowered cost. A part of these lowered
costs could be passed on to customers in the form of discounted prices. Here are some of the
ways that costs can be reduced with e-commerce:

 Advertising and Marketing: Organic search engine traffic, pay-per-click, and social
media traffic are some of the advertising channels that can be cost-effective.
 Personnel: The automation of checkout, billing, payments, inventory management,
and other operational processes lowers the number of employees required to run an e-
commerce setup.
 Real Estate: This one is a no-brainer. An e-commerce merchant does not need a
prominent physical location.

Locate the Product Quicker

It is no longer about pushing a shopping cart to the correct aisle or scouting for the desired
product. On an e-commerce website, customers can click through intuitive navigation or use
a search box to narrow down their product search immediately. Some websites remember
customer preferences and shopping lists to facilitate repeat purchase.

Eliminate Travel Time and Cost

It is not unusual for customers to travel long distances to reach their preferred physical store.
E-commerce allows them to visit the same store virtually, with just a few mouse clicks.

e. Explain cyber-crime with an example.

Cybercrime is defined as a crime in which a computer is the object of the crime (hacking,
phishing, spamming) or is used as a tool to commit an offense (child pornography, hate
crimes). Cybercriminals may use computer technology to access personal information,
business trade secrets or use the internet for exploitative or malicious purposes. Criminals can
also use computers for communication and document or data storage. Criminals who perform
these illegal activities are often referred to as hackers.

Eg. Identity theft, Transition Fraud, hacking, Piracy etc.

f. What is domain name resolution?

Domain Name Resolution is the task of converting domain names to their corresponding IP
address. This is all done behind the scenes and is rarely noticed by the user. When you enter a
domain name in an application that uses the Internet, the application will issue a command to
have the operating system convert the domain name into its IP address, and then connect to
that IP address to perform whatever operation it is trying to do.

Aditya 1703216
 Department of information technology

g. What is the significance of copyrights?

Copyright is extremely important to authors because it constitutes the ownership of one's

original work. Having ownership means you can protect your work as intellectual property
and control who makes money off of it—which is you and those to whom you assign rights.

h. What do you understand by encryption?

In cryptography, encryption is the process of encoding a message or information in such a

way that only authorized parties can access it and those who are not authorized
cannot. Encryption does not itself prevent interference, but denies the intelligible content to
a would-be interceptor.

i. What is ISP and what is its role?

An ISP (Internet service provider) is a company that provides individuals and other
companies access to the Internet and other related services such as Web site building and
virtual hosting.

j. Explain cyberspace and netizens.

Cyberspace refers to the virtual computer world, and more specifically, is an electronic
medium used to form a global computer network to facilitate online communication.

The word netizen seems to have two similar meanings.

 A citizen who uses the Internet as a way of participating in political society (for example,
exchanging views, providing information, and voting).
 An Internet user who is trying to contribute to the Internet's use and growth

Q3. What are the various legal aspects of E-Commerce?

Regulating eCommerce:
Describe the key technological elements comprising electronic commerce systems · Explain
the different policy, law and regulatory aspects · Describe the issues to be examined in the
other modules in the course.

The Legal Validity of Electronic Communications:

Examine the legal nature of communications · Understand the process by which contracts are
entered into using electronic commerce systems · Be aware of how legal requirements of form
may constitute obstacles to reliance on the use of electronic commerce systems · Highlight
different approaches to law reform designed to facilitate electronic commerce · Explain the
evidential problems of computer-derived evidence

Aditya 1703216
 Department of information technology

Consumer Protection:
Be able to briefly outline issues in consumer protection law and how they apply to eCommerce.
Be able to define the term "spam", discuss the problems is causes and identify some technical
and legal measures to prevent spam.

Privacy Online:
Be able to identify different categories of personal data in a commercial transaction.
Identify different acts of “data processing”.

Q4. Discuss the various disputes arising in domain names and their resolution.

A domain name dispute is a conflict that arises when more than one individual or group
believes it has the right to register a specific domain name. Most commonly a domain name
dispute would occur when a domain name similar to a registered trademark is registered by an
individual or organization who is not the trademark owner. All domain name registrars must
follow the ICANN's Uniform Domain-Name Dispute-Resolution Policy (UDRP).

Q5. Explain the Various E-Commerce Models in detail.

Business To Consumer (B2C):

Business to consumer is the first type of e-commerce that is also the most common one. It is
also known as B2C model. In this type online business selling is offered to individual
customers. This type started to expand after 1995 and now became one of the most common
e-commerce. The internet users can use the shopping cart for everything they need. Payment
is mostly done through credit cards or by payment gateways like the PayPal.

Business To Business (B2B):

Business to business, known as B2B model, is the largest e-commerce model that is based on
revenue which involves trillions of dollars. In this both the buyers and sellers are business
entities. B2B describes commerce transactions between businesses, such as between a
manufacturer and a wholesaler, or between a wholesaler and a retailer.The volume of B2B
transactions is much higher than the volume of B2C transactions and any other transaction.

Consumer To Consumer (C2C):

Consumer to consumer (C2C) or citizen-to-citizen electronic commerce involves the

electronically facilitated transactions between consumers through some third party. A
common example is the online auction, in which a consumer posts an item for sale and other

Aditya 1703216
 Department of information technology

consumers bid to purchase it; the third party generally charges a flat fee or commission.The
sites are only intermediaries, just there to match consumers. They do not have to check
quality of the products being offered.The C2C model facilitates online transactions of goods
and services between the individual net users. But in this both the web users or both the
parties cannot carry out any transaction without the platform that is provided by an online
market maker such as the eBay.

Q6. Describe role of IPR in software projects. What are various types of IPR?

The main purpose of intellectual property law is to encourage the creation of a wide variety
of intellectual goods for consumers. To achieve this, the law gives people and
businesses property rights to the information and intellectual goods they create, usually for a
limited period of time.
Types of IPR:

Trade secret protection:

To identify the trade secrets in your idea, you need to understand the definition of a trade secret.
A “trade secret” is any valuable information that is not publicly known and of which the owner
has taken “reasonable” steps to maintain secrecy. These include information, such as a business
plans, customer lists, ideas related to your research and development cycle, etc.

Trademark protection:
Your brand needs to be protected because you do not want to invest time and money only to
find out later on that you have to switch to a different trademark because someone else already
using your trademark. In this instance, you would be infringing on that person’s trademark and
will have to switch to a different trademark.

Copyright protection:
Most products have a copyright. The images and words on the product packaging, the label,
the product itself and the webpage can all be protected with a copyright. The advantages of a
copyright registration are that it is inexpensive to secure, and the law allows you to demand
attorney fees from infringers. Often times, your attorney fees are more costly than your
damages due to someone copying your images and words without your authorization. Hence,
being able to demand your attorney fees from the infringer is a significant leverage that can be
used to force infringers to settle early on in the legal process. Without a copyright registration,
you would have to pay your own attorney fees

Patent protection:
Two types of patents may be obtained:

1. Utility (Function) and

2. Design (Aesthetic).

Aditya 1703216
 Department of information technology

Q7. What is the need and applicability of copyrights and patents?

Patents refer to an invention, whereas copyrights refer to the expression of an idea, such as an
artistic work. They are governed by different rules, so it is important to know which
is applicable to your works.
Copyright:

Copyright protects the expression of an idea; it encourages people to 'create'. ... The fact that
people can own the expression of their ideas means they can potentially earn a living by
developing them.

Patent:

A patent gives you certain legal rights, which can deter rival businesses from using or
copying your products or inventions.Whether you are a private inventor working from your
home, a full-time entrepreneur, or a principal in a large corporate entity developing or
refining products or the means of producing them, protecting innovation is an integral part of
modern enterprise.

Q8. Write short note on:

a) Cyber Crime Offences.
b) Certifying Authority.

Cyber Crime Offences:

Cyber offences are the illegitimate actions, which are carried out in a classy manner where
either the computer is the tool or target or both.
Cyber-crime usually includes the following −

 Unauthorized access of the computers

 Data diddling
 Virus/worms attack
 Theft of computer system
 Hacking
 Denial of attacks
 Logic bombs
 Trojan attacks
 Internet time theft
 Web jacking
 Email bombing

Aditya 1703216
 Department of information technology

 Salami attacks
 Physically damaging computer system.

Certifying authority:

In cryptography, a certificate authority or certification authority (CA) is an entity that

issues digital certificates. A digital certificate certifies the ownership of a public key by the
named subject of the certificate. This allows others (relying parties) to rely upon signatures or
on assertions made about the private key that corresponds to the certified public key. A CA
acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the
party relying upon the certificate. The format of these certificates is specified by
the X.509 standard.

Aditya 1703216