Computer Science - Cryptosecurity - Edit

Download as doc, pdf, or txt
Download as doc, pdf, or txt
You are on page 1of 12

IT Assignment 1

Network Encryption Standards Assignment

Student’s Name

Course

Tutor

University

Date
IT Assignment 2

Task 1a

Data Encryption Standards (DES) is a 56-bit block cipher used in DES as well as in

16 cycles of each system that supports 48-bit subkeys. However, it only supports a permuted

56-bit key network. Its subkeys order are upturned when decrypting and systems

undistinguishable algorithm is applied. This block cipher block size of 64-bit is made from R

and L blocks of each 32-bit (Abdullah, 2017).

Triple DES or 3DES is a block cipher but validated as an extension cipher. It spreads

the critical size by using a systematic algorithm three epochs in sequence basis but with three

different keys. It works best in a combined volume of 168 bits (3 times of each 56 bit),

outside the reach of brute-force (Abdullah, 2017). A brute force creates and attack that can

only be effective if there exist an algorithm (Salah, Humood, Khalaf and Abdalrdha, 2019).

Advanced Encryption Standard (AES) is a key symmetric block cipher that can

encrypt data blocks of 128-bit with the help of 128, 192, and 256 keys (Salah, Humood,

Khalaf and Abdalrdha, 2019). AES functions on the basis that encrypts data blocks of 128

bits in 14, 12, and 10 rounds; however, this is dependent on the key size (Wahid, Ali,

Esparham and Marwan, 2018). The only force that can interfere with its process is the Brute

force attack. AES encryption is a flexible, yet a fast-symmetric block cipher

NB//The firm should consider adopting a 3DES and AES because of the below network

security reasons:

AES is a better replacement for the current DES. According to the existing old DES in

place, both can co-exist for a gradual change or conversion to AES. AES has hypothetical and

physical benefits over DES for effectiveness and speediness in the hardware implementation

currently used, but 3DES maybe be faster whereby the support of 3DES is mature, and the

infrastructure can support the network (Wahid, Ali, Esparham and Marwan, 2018). The

current old DES publishes and creates a product of two big key statistics, sideways with a
IT Assignment 3

supplementary value, using a public key. It keeps the top factors as key and is kept encrypted

only to be used by the Admin. However, DES allows both the Admin and other persons who

have access to the network controls to implement the public key to encode a message (Wahid,

Ali, Esparham and Marwan, 2018). Still, with the implementation of 3DES, only an admin

with the network's knowledge and key so does prime factors can access the signal for

decoding purposes. When breaking DES encryption is as easy as factoring an open system,

but with 3DES and AES, it difficult (Yassein et al,. 2017).

Adoption of 3DES and AES to the system implements two essential concepts that the

old DES can't: 1. Public key encryption. It means that the concept overlooks the need for

using a messenger to deliver a key to the recipient network from another secure channel

before transmitting the original supported message (Wang et al,. 2019). With implementation

of 3DES, the Admin will be limited to the description and encryption keys. 2. Digital

signature; The receiver may be needed to verify the transmission process or any message that

originates from the sender's signature and does not come via the right channel (Yassein et al,.

2017). The security of the DES algorithm that is currently being used in the system electronic

system cannot be validated, especially in modern data engines, especially with more

important data mining tools and frameworks, especially when using CBS-Pads (Breuer and

Bowen, 2019). 3DES and AES can be functional to an automated system that needs to have a

cryptosystem executed; this a new security system and protocol that will not only secure the

network but also increase ease of access among users. 3DES and AES now block ciphers that

should be adopted (Yassein et al,. 2017).

Task 1b

The principle using by DES cipher is to feat processes that are professionally adopted

on contemporary processors; however, it is limited to CBC-Padding Mode. DES does not

take care of 64-bit integer multiplication that is used in CBC-Padding mode (Salah, Humood,
IT Assignment 4

Khalaf and Abdalrdha, 2019). Therefore, it is recommended that 3DES or an AES cipher

should be implemented since it supports both 84 bit and 64-bit integer that not only makes

CBC-Padding faster but also encrypts the entire process. For the above application use of

3DES is the finest choice. 3DES might be printed with under 256 bytes of code for each of

the errands of key setup, block/wedge encryption, and block description. 3DES is a secure,

simple, and compact block cipher that should be used in CBC-padding (Wahid, Ali,

Esparham and Marwan, 2018). It produces considerable flexibility, excellent performance,

and permits quick and refined estimates of its security (Breuer and Bowen, 2019).

Task 2 a

How HMAC Implementation works

To understand HMAC implementation, it is wise first to examine how a hash function

could be used for conducting data integrity security protocols on a file transfer. Let’s

consider, and the first figure 2.1 shows how a client can download a file from the local

remote servers (Patil, Narayankar, Narayan and Meena, 2016). It is noted that the server and

the client must agree on a standard hash function SHA2 (David and Kalimuthu, 2019)

Figure 2.1 before the server remits of a file, it first must get a hash of the same data

using the SHA2 hash function. It sends the hash alongside with the file itself. After receiving

the two files, the downloaded file, and the hash file, the clients will get SHA2 and compares

it with the downloaded hash (Salah, Humood, Khalaf and Abdalrdha, 2019). The two data
IT Assignment 5

should be able to match for the process to go through.

Let’s consider the implementation as viewed in Figure 2.2

If the user or admin or attacker managers to intercept the downloaded file, change

files details and contents, then the system will forward the tempered file to the receipt

(Abdullah, 2017). The malicious attack won’t proceed. This because once the clients run the

file then work on the hash algorithm, the resulting hash won’t go unnoticed. This means that

the system is encrypted and secure (Patil, Narayankar, Narayan and Meena, 2016). Thus, the

hash file functions with work in the background and establish data integrity. This means that

the data won’t be altered in any way keeping the authenticity on the check. That is why the

protocol, such as FTPS, HTTPS, and SFTP, uses HMACs rather than just hash functions.
IT Assignment 6

In the subsequent attacks, the attackers will be limited to two other messages, M and M’ that

are able to generate the same hash; H(M)=H(M'). The implementation will therefore call for

an increased effort of 2n/2 for a given length of hash (n). In such a case, the new system is

called into question, since the second hash level 264 seems to be feasible with the

implementation of HMAC. For a hash code of 128 bits and longer, the system needs 2-64 bits

blocks and 2-68 bits to be generated using the same key (Salah, Humood, Khalaf and

Abdalrdha, 2019).

Task 2b

If we validate the implementation of HMAC above, then there are few benefits, over normal

authentication and encryption:

1. As noted in task 2b above, HMAC authentication after the implementation assures the

needed authenticity of all requests especially from other users by signing the headers

for MD5 content.

2. The admin is able to generate a number of key pairs and use them independently.

3. Since HMAC supports the use of computed values, this means that the data and

values keyed can be optimised as large as needed using 40 characters for SHA-1

algorithm.

4. This type of authentication can be used least the need for an SSL because the key is

never transmitted but only the MAC (Wahid, Ali, Esparham and Marwan, 2018)

5. Since the key pairs are independent, the admin can delete or disable when the system

is compromised. This means that with a system in place, there is sure security

protocols that must be followed to increase its encryptions steps.

6. HMAC supports disabled MAC function as an embedded hash function is a number

of ways to increase authentication efforts.

Task 3 a
IT Assignment 7

Task 3b

1. The transmitter will determine the value of the vector IV

2. The WEB shared key as well as the IV value are to be shown or set to the RC4

3. It is wise that a 32-bit cyclic Redundancy Check will be done

4. The common error check will be done in step 4

5. The cipher text block is generated by encrypting step 3

6. Finally, plain text value IV is prepared according to cipher text block

Task 3c

Task 4a

Rule A; The WEP encryption process I ARC4 stream, based cipher that offer an RSA Security

system to avoid any attack from taking place. Rule B: The ARC4 will use a pseudo-random

number that is autogenerated by a key-stream. The Key-stream is comprehensive with

encrypted text. Rule C: This ensure that outsiders of hackers are not able to penetrate the

system as a whole (Patil, Narayankar, Narayan and Meena, 2016). Rule D: The exclusive OP
IT Assignment 8

operations on the cipher will limit any outsiders action hence not attack will take place. Rule

E: The WEP key will generate the below vectors that are known to create a WEP seen that is

feed to the ARC4 PRNG system to create a unique key-stream. The below are the known

encryption key-stream that prevent an attack from taking place.

Task 4b

Denied: Certificate Packet: The certificate that is used for the above stream when encrypting

packets to other screens in the VPN. For a certain VPN all the certificates should refer to a

primary key of the same length and strength (Abdullah, 2017). Such as for example, 512-,

1024-, 2048-, or 4096-bit keys by Diffie-Hellman rule C

Accepted: Key Algorithm Packet: As seen in the new ruleset, it is clear that the key algorithm

is used in the encryption of the packets to other screen in the VPN is only limited to a certain

strength, but must have a VPN gateway. Rule E

Task 4b

The attack cannot take place or succeed. RC4 is known to create an s-box with only several

arrays of value. These values are encrypted inside the same arrays by swapping operations.

With the help of Pseudorandom Generation Algorithm, system will validate RC4 generated

bits of the same keystreams. Below Ciphertext is known to protect the system from attack

(Patil, Narayankar, Narayan and Meena, 2016). With the best systems, and security protocols

that is supported by the PGA (Pseudorandom Generation Algorithm). RC4 authentication

after the implementation assures the needed authenticity of all requests especially from other

users by signing the headers for RC4 content. Because Since RC4 supports the use of

computed values, this means that the data and values keyed can be optimised as large as

needed using 64 bit characters for SHA-1 algorithm.

Task 4d
IT Assignment 9

Rule A and B: Despite the fact that these packets are operated at two varied frequencies and

at different data levels and rates, they all share a mutual packet format for MAC. Rule C and

D: Nevertheless, the packets are very complex and complicated in nature, it consists of 6

packets of 25 subtypes and 5 different possible headers sized, not limited to the LLC and

WEP encapsulation and WEP packet framing. None definitive change in rule E.

Task 4e

 Data Algorithm Packet: The data algorithm applied when encryption process is in

effect supports packets to another screen in the VPN. The field must be identifiable in

all VPN gateway entries with the same VPN name.

 MAC Algorithm Packet: The MAC algorithm is used in the encryption process

packets to other screens in the VPN. This section field must be identical in all the

VPNs gateway entries that have the same VPN name and value.

 Tunnel Address Packet: The screen tunnel packet validates encryption packets to other

screens in a certain VPN.

 Description Packet: The packet is operational and validates an encryption packet on

the same VPN channel or gateway.

 The certificate that is used for the above stream when encrypting packets to other

screens in the VPN. For a certain VPN all the certificates should refer to a primary

key of the same length and strength (Abdullah, 2017). Such as for example, 512-,

1024-, 2048-, or 4096-bit keys by Diffie-Hellman

 As seen in the new ruleset, it is clear that the key algorithm is used in the encryption

of the packets to other screen in the VPN is only limited to a certain strength, but must

have a VPN gateway.


IT Assignment 10
IT Assignment 11

References

Abdullah, A.M., 2017. Advanced encryption standard (AES) algorithm to encrypt and decrypt

data. Cryptography and Network Security, 16.

Artiles, J.A., Chaves, D.P. and Pimentel, C., 2019. Image encryption using block cipher and

chaotic sequences. Signal Processing: Image Communication, 79, pp.24-31.

Breuer, P.T. and Bowen, J.P., 2019. Fully encrypted high-speed microprocessor architecture:

the secret computer in simulation. International Journal of Critical Computer-Based

Systems, 9(1-2), pp.26-55.

Cheng, G., Wang, C. and Chen, H., 2019. A novel color image encryption algorithm based on

hyperchaotic system and permutation-diffusion architecture. International Journal of

Bifurcation and Chaos, 29(09), p.1950115.

David, S. and Kalimuthu, R., 2019. Countermeasures Against Double Fault Attacks for

Reconfigurable Array Architecture. Journal of Innovation in Computer Science and

Engineering, 8(2), pp.1-7.

Patil, P., Narayankar, P., Narayan, D.G. and Meena, S.M., 2016. A comprehensive evaluation

of cryptographic algorithms: DES, 3DES, AES, RSA and Blowfish. Procedia

Computer Science, 78(1), pp.617-624.

Pirpilidis, F., Pyrgas, L. and Kitsos, P., 2020. An 8-bit Serialized Architecture of SEED Block

Cipher for Constrained Devices. IET Circuits, Devices & Systems.

Roy, S.S., Turan, F., Jarvinen, K., Vercauteren, F. and Verbauwhede, I., 2019, February.

FPGA-Based high-performance parallel architecture for homomorphic computing on

encrypted data. In 2019 IEEE International Symposium on High Performance

Computer Architecture (HPCA) (pp. 387-398). IEEE.

Salah, S.K., Humood, W.R., Khalaf, A.O. and Abdalrdha, Z.K., 2019. Subject Review:

Comparison Between 3DES, AES & HiSea Algorithms.


IT Assignment 12

Wahid, M.N.A., Ali, A., Esparham, B. and Marwan, M., 2018. A Comparison of

Cryptographic Algorithms: DES, 3DES, AES, RSA and Blowfish for Guessing

Attacks Prevention. Journal Computer Science Applications and Information

Technology, 3, pp.1-7.

Wang, W., Wang, J., Wang, W., Liu, P. and Cai, S., 2019. A Secure DFT Architecture

Protecting Crypto Chips Against Scan-Based Attacks. IEEE Access, 7, pp.22206-

22213.

Yassein, M.B., Aljawarneh, S., Qawasmeh, E., Mardini, W. and Khamayseh, Y., 2017,

August. Comprehensive study of symmetric key and asymmetric key encryption

algorithms. In 2017 international conference on engineering and technology (ICET)

(pp. 1-7). IEEE.

You might also like