Computer Science - Cryptosecurity - Edit
Computer Science - Cryptosecurity - Edit
Computer Science - Cryptosecurity - Edit
Student’s Name
Course
Tutor
University
Date
IT Assignment 2
Task 1a
Data Encryption Standards (DES) is a 56-bit block cipher used in DES as well as in
16 cycles of each system that supports 48-bit subkeys. However, it only supports a permuted
56-bit key network. Its subkeys order are upturned when decrypting and systems
undistinguishable algorithm is applied. This block cipher block size of 64-bit is made from R
Triple DES or 3DES is a block cipher but validated as an extension cipher. It spreads
the critical size by using a systematic algorithm three epochs in sequence basis but with three
different keys. It works best in a combined volume of 168 bits (3 times of each 56 bit),
outside the reach of brute-force (Abdullah, 2017). A brute force creates and attack that can
only be effective if there exist an algorithm (Salah, Humood, Khalaf and Abdalrdha, 2019).
Advanced Encryption Standard (AES) is a key symmetric block cipher that can
encrypt data blocks of 128-bit with the help of 128, 192, and 256 keys (Salah, Humood,
Khalaf and Abdalrdha, 2019). AES functions on the basis that encrypts data blocks of 128
bits in 14, 12, and 10 rounds; however, this is dependent on the key size (Wahid, Ali,
Esparham and Marwan, 2018). The only force that can interfere with its process is the Brute
NB//The firm should consider adopting a 3DES and AES because of the below network
security reasons:
AES is a better replacement for the current DES. According to the existing old DES in
place, both can co-exist for a gradual change or conversion to AES. AES has hypothetical and
physical benefits over DES for effectiveness and speediness in the hardware implementation
currently used, but 3DES maybe be faster whereby the support of 3DES is mature, and the
infrastructure can support the network (Wahid, Ali, Esparham and Marwan, 2018). The
current old DES publishes and creates a product of two big key statistics, sideways with a
IT Assignment 3
supplementary value, using a public key. It keeps the top factors as key and is kept encrypted
only to be used by the Admin. However, DES allows both the Admin and other persons who
have access to the network controls to implement the public key to encode a message (Wahid,
Ali, Esparham and Marwan, 2018). Still, with the implementation of 3DES, only an admin
with the network's knowledge and key so does prime factors can access the signal for
decoding purposes. When breaking DES encryption is as easy as factoring an open system,
Adoption of 3DES and AES to the system implements two essential concepts that the
old DES can't: 1. Public key encryption. It means that the concept overlooks the need for
using a messenger to deliver a key to the recipient network from another secure channel
before transmitting the original supported message (Wang et al,. 2019). With implementation
of 3DES, the Admin will be limited to the description and encryption keys. 2. Digital
signature; The receiver may be needed to verify the transmission process or any message that
originates from the sender's signature and does not come via the right channel (Yassein et al,.
2017). The security of the DES algorithm that is currently being used in the system electronic
system cannot be validated, especially in modern data engines, especially with more
important data mining tools and frameworks, especially when using CBS-Pads (Breuer and
Bowen, 2019). 3DES and AES can be functional to an automated system that needs to have a
cryptosystem executed; this a new security system and protocol that will not only secure the
network but also increase ease of access among users. 3DES and AES now block ciphers that
Task 1b
The principle using by DES cipher is to feat processes that are professionally adopted
take care of 64-bit integer multiplication that is used in CBC-Padding mode (Salah, Humood,
IT Assignment 4
Khalaf and Abdalrdha, 2019). Therefore, it is recommended that 3DES or an AES cipher
should be implemented since it supports both 84 bit and 64-bit integer that not only makes
CBC-Padding faster but also encrypts the entire process. For the above application use of
3DES is the finest choice. 3DES might be printed with under 256 bytes of code for each of
the errands of key setup, block/wedge encryption, and block description. 3DES is a secure,
simple, and compact block cipher that should be used in CBC-padding (Wahid, Ali,
and permits quick and refined estimates of its security (Breuer and Bowen, 2019).
Task 2 a
could be used for conducting data integrity security protocols on a file transfer. Let’s
consider, and the first figure 2.1 shows how a client can download a file from the local
remote servers (Patil, Narayankar, Narayan and Meena, 2016). It is noted that the server and
the client must agree on a standard hash function SHA2 (David and Kalimuthu, 2019)
Figure 2.1 before the server remits of a file, it first must get a hash of the same data
using the SHA2 hash function. It sends the hash alongside with the file itself. After receiving
the two files, the downloaded file, and the hash file, the clients will get SHA2 and compares
it with the downloaded hash (Salah, Humood, Khalaf and Abdalrdha, 2019). The two data
IT Assignment 5
If the user or admin or attacker managers to intercept the downloaded file, change
files details and contents, then the system will forward the tempered file to the receipt
(Abdullah, 2017). The malicious attack won’t proceed. This because once the clients run the
file then work on the hash algorithm, the resulting hash won’t go unnoticed. This means that
the system is encrypted and secure (Patil, Narayankar, Narayan and Meena, 2016). Thus, the
hash file functions with work in the background and establish data integrity. This means that
the data won’t be altered in any way keeping the authenticity on the check. That is why the
protocol, such as FTPS, HTTPS, and SFTP, uses HMACs rather than just hash functions.
IT Assignment 6
In the subsequent attacks, the attackers will be limited to two other messages, M and M’ that
are able to generate the same hash; H(M)=H(M'). The implementation will therefore call for
an increased effort of 2n/2 for a given length of hash (n). In such a case, the new system is
called into question, since the second hash level 264 seems to be feasible with the
implementation of HMAC. For a hash code of 128 bits and longer, the system needs 2-64 bits
blocks and 2-68 bits to be generated using the same key (Salah, Humood, Khalaf and
Abdalrdha, 2019).
Task 2b
If we validate the implementation of HMAC above, then there are few benefits, over normal
1. As noted in task 2b above, HMAC authentication after the implementation assures the
needed authenticity of all requests especially from other users by signing the headers
2. The admin is able to generate a number of key pairs and use them independently.
3. Since HMAC supports the use of computed values, this means that the data and
values keyed can be optimised as large as needed using 40 characters for SHA-1
algorithm.
4. This type of authentication can be used least the need for an SSL because the key is
never transmitted but only the MAC (Wahid, Ali, Esparham and Marwan, 2018)
5. Since the key pairs are independent, the admin can delete or disable when the system
is compromised. This means that with a system in place, there is sure security
Task 3 a
IT Assignment 7
Task 3b
2. The WEB shared key as well as the IV value are to be shown or set to the RC4
Task 3c
Task 4a
Rule A; The WEP encryption process I ARC4 stream, based cipher that offer an RSA Security
system to avoid any attack from taking place. Rule B: The ARC4 will use a pseudo-random
encrypted text. Rule C: This ensure that outsiders of hackers are not able to penetrate the
system as a whole (Patil, Narayankar, Narayan and Meena, 2016). Rule D: The exclusive OP
IT Assignment 8
operations on the cipher will limit any outsiders action hence not attack will take place. Rule
E: The WEP key will generate the below vectors that are known to create a WEP seen that is
feed to the ARC4 PRNG system to create a unique key-stream. The below are the known
Task 4b
Denied: Certificate Packet: The certificate that is used for the above stream when encrypting
packets to other screens in the VPN. For a certain VPN all the certificates should refer to a
primary key of the same length and strength (Abdullah, 2017). Such as for example, 512-,
Accepted: Key Algorithm Packet: As seen in the new ruleset, it is clear that the key algorithm
is used in the encryption of the packets to other screen in the VPN is only limited to a certain
Task 4b
The attack cannot take place or succeed. RC4 is known to create an s-box with only several
arrays of value. These values are encrypted inside the same arrays by swapping operations.
With the help of Pseudorandom Generation Algorithm, system will validate RC4 generated
bits of the same keystreams. Below Ciphertext is known to protect the system from attack
(Patil, Narayankar, Narayan and Meena, 2016). With the best systems, and security protocols
after the implementation assures the needed authenticity of all requests especially from other
users by signing the headers for RC4 content. Because Since RC4 supports the use of
computed values, this means that the data and values keyed can be optimised as large as
Task 4d
IT Assignment 9
Rule A and B: Despite the fact that these packets are operated at two varied frequencies and
at different data levels and rates, they all share a mutual packet format for MAC. Rule C and
D: Nevertheless, the packets are very complex and complicated in nature, it consists of 6
packets of 25 subtypes and 5 different possible headers sized, not limited to the LLC and
WEP encapsulation and WEP packet framing. None definitive change in rule E.
Task 4e
Data Algorithm Packet: The data algorithm applied when encryption process is in
effect supports packets to another screen in the VPN. The field must be identifiable in
MAC Algorithm Packet: The MAC algorithm is used in the encryption process
packets to other screens in the VPN. This section field must be identical in all the
VPNs gateway entries that have the same VPN name and value.
Tunnel Address Packet: The screen tunnel packet validates encryption packets to other
The certificate that is used for the above stream when encrypting packets to other
screens in the VPN. For a certain VPN all the certificates should refer to a primary
key of the same length and strength (Abdullah, 2017). Such as for example, 512-,
As seen in the new ruleset, it is clear that the key algorithm is used in the encryption
of the packets to other screen in the VPN is only limited to a certain strength, but must
References
Abdullah, A.M., 2017. Advanced encryption standard (AES) algorithm to encrypt and decrypt
Artiles, J.A., Chaves, D.P. and Pimentel, C., 2019. Image encryption using block cipher and
Breuer, P.T. and Bowen, J.P., 2019. Fully encrypted high-speed microprocessor architecture:
Cheng, G., Wang, C. and Chen, H., 2019. A novel color image encryption algorithm based on
David, S. and Kalimuthu, R., 2019. Countermeasures Against Double Fault Attacks for
Patil, P., Narayankar, P., Narayan, D.G. and Meena, S.M., 2016. A comprehensive evaluation
Pirpilidis, F., Pyrgas, L. and Kitsos, P., 2020. An 8-bit Serialized Architecture of SEED Block
Roy, S.S., Turan, F., Jarvinen, K., Vercauteren, F. and Verbauwhede, I., 2019, February.
Salah, S.K., Humood, W.R., Khalaf, A.O. and Abdalrdha, Z.K., 2019. Subject Review:
Wahid, M.N.A., Ali, A., Esparham, B. and Marwan, M., 2018. A Comparison of
Cryptographic Algorithms: DES, 3DES, AES, RSA and Blowfish for Guessing
Technology, 3, pp.1-7.
Wang, W., Wang, J., Wang, W., Liu, P. and Cai, S., 2019. A Secure DFT Architecture
22213.
Yassein, M.B., Aljawarneh, S., Qawasmeh, E., Mardini, W. and Khamayseh, Y., 2017,