4.

1 INTRODUCTION To CRYPTOGRAPHY
in brief about cryptography and encryption.
Q11. Write
Answer:
CrypBography usable information into a form that is readable only
Cyptographyrefers to the technique of transforming converted
users. The encrypted information can be back to its original form i.e., plaintext by
authorized is
This process called decryption. Hence, cryptography
authorizediuser, possessing the cryptographic key.
bythe
any thereby protecting information from unauthorized access and
providing information security,information.
is a means of storing the
disclosure while transmitting and
Thus, ervptography provides security to the intormation as well as to other useful applications for
improvingauuthentication methods,
message digests, digital signatures, non-repudiation and lencrypted network
communications. If it is notimplemented properly
then, it would lead to many security problems. The length
andstrength of an
encryption key are alsoimportant, because the strength of an encryption algorithm is also
dependent on the key.
Encryption that is
provides message confidentiality. (i.e., protect the information
Encryption is a mechanism thatdestination).
being transmitted between source and
soas to eliminate leakage of confidential data during its transmission through un
Encryption is done data is always encrypted before transmitting it
e-mails or telephonic lines. Therefore, the
secured means like
media.
over an unsecured is used
carried out on the basis of algorithms and key management. The algorithm which Networks
Encryption is protection. If an organization uses Virtual Private
of information should assure its infor
for the encryption VPN should use a stronger encrypted algorithm on.all well
departments, then the
(VPN) between different
Allthe algorithms used for encryption should be well known and
mation transmitted between the sites.
understood by the employees implementing them.
CRYPTOGRAPHY
SYMMETRIC KEYCRYPTOGRAPHY ASYMMETRICKEY
42
cryptography? Discuss its advantages and limitations.
Q12. What is symmetric key
Answer :
Symmetric Key Cryptography of as secret
cryptography. It is also referredIttoshould
is the most earliest form be
Ine symmetric key cryptography using only one key called secret key.
key cryptography. The encryption and decryption is done
users must be done by keeping the key to themselves.
Consequentiy.
PSeret and sharing of thekey among while encryption.
the encrypted data can only be decrypted using the same secret key used speed, which makesit
at very high important
The algorithms based on symmetric key cryptography operatesmanaging the key is highly without being
hand,
appropriate for large amounts of data encryption. On the other of key betweentwo parties securely do it,
in symmetric key cryptography. It is concerned with the exchangecommunicate each other can both
accessed by athird party. In essence, the two parties intendedto communication. Atter this,
by Commencement ofthe diferent from regular
exchanging the secret information long before the
the parties must agree upon the key where exchange of key must be done
by a method,
asmissIon of key. This method is referred to as out-of-band" messagin contons tothe explosion
scalability ifevery single pair
problem of scalability. The
communicating pairs
Further, the algorithm also suffers fromthe
between the total number of keys necessary with the increasing number of proceedings.
demands an individual key. LIABLE to face
LEGAL
 To illustrate this, consider the secure The private-key is kept secret, whereas the public-kev
communication between two parties using symmetric is distributed widely. A message or text data which ie
key cryptography. Basically, the total number of keys encrypted with the public-key can be decrypted only
required is only one. The variation in number of keys with the corresponding private-key. For instance.
occur with the number of people involved in the when Johny wants to send a secure message to Sunny
communication. That is, three members require three he uses Sunny's public-key to encrypt the message
keys, four members in the communication requires six Sunny then uses his private-key to decrypt it.
keys and subsequently, for five members ten pairs of
keys. This is referred to as explosion which continues Apublic-key cryptography/encryption consists
of the following five elements,
radically. Similarly, for 1000 users the total number of
separate keys required would be 49,950. This however (i) Text data/Message
could be tedious task in terms of managing the key.
The entire calculation can be simplified by devising (ii) Encryption algorithm
a formula. (iii) Public-key and Private-key
n(n -1) (iv) Ciphertext/Unreadable text
2
Another concern could be availability of less (v) Decryption algorithm.
number of information security services. Some of the () Text Data/Message: This can be any input
core information security services offered here are data, such as text data or message.
confidentiality, data integrity and authentication.
Public key Private key
For example, Johny is a user of computer
and wants to send his message, M= Hello"
Plaintext
securely to his friend Sunny, who is also a user
Plaint

Encryption
Ciphertext
Decryption of computer.
Insecured Channel
() Encryption Algorith m: To encrypt the
Single secret key (unknown) message, an encryption algorithm performs
certain transformations on it.
Encryption Decryption
Sender Secured Channel Receiver: There are various encryption algorithms, but
the RSA public-key encryption algorithm is
Figure: Secret Key Cryptography (or) Symmetric Key
Cryptography mostly used to perform certain transformations
or calculations on the text data or message.
Advantages For example, Johny uses the public-key of
1. It offers high speed.
2. It is secure.
Sunny and encrypted his message by using
It can be easily understood and can be considered
RSA algorithm.
3
as strength ofother algorithms like DES, IDEA, (ii) Public -key and
Blowfish, RC4, CAST and SKIPJACK. pair of keys are used Private-key: These
to encrypt and decrypt
Disadvantages/Limitations the message respectively. The
is private-key
always kept secret, whereas public-key
1. Itrequires management and implementation of widely distributed. is
keys.
2 It requires sharing of secret key. For example, Johny uses a
3 It has conmplicated administration. to encrypt his message, public-key of Sunny
whereas Sunny uses his
private key to decrypt the Johny's
4 It does not support authentication and non
repudiation security services. shown in the figure. message as
013. Exolain about asymmetric key )
cryptography. Ipnenext/Unreadable Text: Once +he
encryption is done on the text data, it is in
Answer: unreadable format means it cannot be read by
Public-key cryptography was invented by human beings.
Diffie and Hellman in the year 1976. For this reason, For
it is sometimes known as Diffie-Hellman encryption. into example, Johny' s message has
converted
It is also known as a asymmetric cryptography. It
1s form of cryptography in which user has a pair of
unreadable form
Sunny can read his so that nobody except
cryptographic keys i.e., apublic-key and a private key. corresponding message, as he has a
for
 UNIT-4:Cryptograpny au
DecrYptlon Algorlthm: Adecryption algorithm takes the
() convert this text into original text. Hence, it can be unreadable
text and its
decryptioncorresponding
is usedto saidthat the key
reverse of encryption algorithm. algorithm is the
For example, decryption algorithm takes the unreadable text of Johny and also
key to decrypt that message and convert the unreadable text into readable takes Sunny's private
by Johny as shown in the below figure. form ie., original text sent
Johny's
Public-key Table
Sami -Asim

Sunny's Public-key
Johny
Sunny's Private-key
Helo
Helo

Cipher Text /
Unreadabk Text
Input RSA Public-key Encryption RSA Public-key
(Original Text) Output
Algorithm Decryption Algorithm (Original Text)

Figure: Public-key Encryption

Q14. Compare and contrast between symmetric and asymmetric key cryptography.
Answer :
Model Paper-4, Q12(a)

Symmetric Key Cryptography Asymmetric Key Cryptography

1 It involves only one key called shared key, 1. |It involves two keys. One is pubiic key which is
which is shared by both sender and receiver. known to all senders and other is the private key
which is kept secret with the receiver.
2. Encryption and decryption are done using 2. Encryption is done by using public key and
the shared key. decryption is done by using private key.
3 Sender generates a cipher text (message) 3. Sender generates a ciphertext (message) by
by encrypting a textual message with encrypting a textual message with a asymmetric
symmetric encryption algorithm and a encryption algorithm and the receiver's public
shared key. Ciphertext message is then key. Ciphertext message is then forwarded to
forwarded to the receiver.
the receiver.
4
Receiver decrypts the cipher text message 4. Receiver decrypts the cipher text message into
into textual format with a shared key. textual format using the private key relative
to the public key that was used to encrypt the
message.
Textual Textual
Message |Message Reververs
Sender Encrypt Sender Encrypt publc key

Ciptherext Shared Cipher t

Key

Receivers
Decrypt Receiver Deerypt
Receiver
Textual Textual private key
Message Message
It is inefticient for long messages.
5. It is efficient for long messages.
symmetric 6
6. AES andTriple DES (3DES) RSA asymmetric algorithm is currently in uSe.
algorithms are currently in use.
al is a CRIMINAL act. Anyone found guiiy
 4.3 MESSAGE AUTHENTICATION
Q15. Define message authentic ation. List the approaches usedfor message

Answer:
Explain the message encryption approach. aut hent icat ion,
Model Paper-ll,Q12(a)
Message Authentic ation
Message authentication refers to the process of protecting the data/message from active attacks lika
corruption of data and transactions, It is the process of verifying whether the received messages are authentie
or not. It ensures that the
contents of the messages have not been altered and that the source is
Masquerade, content authentic.
that can be addressed modification,
by message
sequence modification and timing modification are the types of attacks
authentication.
Approaches for Message Authentication
The three approaches used for
1.
message authentication are,
Message Encryption
Message encryption is a method used for providing measure of
(i) Symmetric-key Encryption authentication. It is of two types,
(ii) Public-key Encryption.
()
Symmetric-key Encryption
Symmetric-key encryption is a form
encryptionusing a private key 'P,', whichofmessage encryption wherein a sender S of a message performs
is known to the receiver R. The
key P is shared only between two K
information about the
is impossible for any third party to communicating parties, thereby ensuring confidentiality. Due to private this, it
decrypt the message so as to retrieve the
Apart from confidentiality, symmetric plaintext.
that the message being received is transmitted encryption
from
also provides
the intended sender. authentication,
This
as the receiver assures
guarantees the sender is the only party which has the
that assurance is because the
sender has all the required information information about the private key. This impliesreceiver
that the
the private key 'P,;. In addition, the of developing a ciphertext on which decryption can be
receiver also confident about the message that it is performed using
sender, since no other party has the knowledge is
from an
perform any kind ofauthorized
tions on the ciphertext 'C". of the private -key P'in order to
modifica
So, symmetric encryption not only
This can be proved by the facilitates the user with authentication but also ensures
considering processing that takes place at the receiver side. When the
receives a message (in the form of ciphertext) confidentiality.
kev to generate an output from the sender "S", it performs a receiver R
unless it isgenerated from anmessage, msg = D,(K, C). However, this msgl does
I decryption »D'using a private
intended sender. That is, the msgl generated after not have any signifcance
plaintext before encryption, which denotes that the message is an decryption must be same as the
P e at the receiver side must be authentic message.
authenticated message coming from automated,
intended senderwhichS".easily ensures that the output Therefore, the complete
K
message, 'msp] is the
A K

Message E E
Z (K, Message)
Message
Figure (1): Symmetric Encryption
Providing Confidentiality and
The aforementioned approach certainly
bit provides authentication. In Authentication
in arbitrary (random) pattern, the receiver finds it difficult to few cases
ciphertext of the where the
determine automatically
message is the authentic message.
value msg ! = D, (E, ) should be some bit-pattern
For example, if the
message that the messages are
output value as authentic plaintext. Therefore, irrespective of the is any bit
pattern, received
outputthe
accept
should be considered as an authentic
is necessary
that value of Cand then the
bit patterns
Suppose an authentic plaintextplaintext, that
disables only a hence
small subset should
plaintext. is any fake of
authentic
probability of generatingan authentic plaintext from
said to
randomly
be bit
chosenpattern
bit ciphertext possiblethe
from 102. In to
such generate the
h SIA PUBLISHERS AND pattern will be
 UNIT-4.
Erample
message is being transmitted in
Assume a
Let, K=2 (i.e., shift
of two). English--language using a Caesar cipher method.
The authentic ciphertext transmitted by the sender S is,
Case1:
0CuKUCPq WVu VCPfKPiV'gcongcfgt
The receiver then decryptsthe ciphertext in order to generate plaintext,
masisanout standingieamlea der
easily make sure that the message has the
The receiver can profile of ordinary English
frequency evaluation. by asimple
generates the random sequence of letters as:
Case 2: An attacker
uyfvorcehijnq wi
The receiver decrypts this sequence of letters as,
swdtmpacfhlo ug
.. the receiver can easily recognize that the
decrypted message does not correspond to ordinary
English.
Cenerally. the automatic determination of
ie ite difficult. In the same way, it is evenwhether
the received ciphertext can decrypt into a plaintext
difficult to determine the authentic plaintext, if it is in the
of binary object file or
digitized X-rays. Hence, an attacker can achieve a
hu simoly issuing fake messages with random context and pretending to be fromcertain level of interruption
a legitimate user.
(0 Public-key Encryption
Public-key encryption is another form of message encryption that provides,
(a) Confidentiality but not authentication
(b) Authentication but not confidentiality
(c) Both confidentiality and authentication.
(a) Confidentiality but not Authentication
npublic
this key
approach, thesender S sends amessage to the receiver 'R that is encrypted using receiver's
(P). This is because, the receiver can then use his private key to decrypt the message thereby
providing confidentiality. However, there is apossibility that any third party can pretend to be asender
and forward the fake message encrypting it using the receiver's public key. Thus, it can be said that,
this approach provides confidentiality but not authentication.
P,

Message - E
(Pu Message) Message

Figure (2): Public-Key Encryption Provides Confidentiality

(b) Authentication but not Confidentiality
In this approach, the sender uses his private key 'P, of the message and the receiver uses the sender's
public key 'p' todecrypt that message. There are two reasons that assures that the message is from an
authorized sender. They are,
4) Ihe receiver has the knowledge that the private key 'P using which the message has been en
crypted belongs to the sender S".
ne Sender is the only party that has the information required to construct the ciphertext usng
receiver can
e private key "P. Thus, if the receiver is in possession of the ciphertext, then the
prove that the message is from the sender 'S". distin-
be able to
However, a strategy should be applied tothe plaintext using which the receiver must the message by
encrypts
guish between well-formed plaintext and random bits. Moreover, the sendersignature serves as a digital
"signing" it using his private key before transmitting tothe receiver. This
signature.
to face LEGAL proceedings.
LE
 The drawback of this approach is that, it provides only authentication but nÍt
other party who carries sender'spublic key (P) can easily decrypt the ciphertext. confidentiality, since the
PK

E
Message E D
Message
zP,Message)
Figure (3): Public-Key Encryption Provides Authentication
(c) Both Confidentiality and Authentication
In this approaçh, the sender makes use of his private key P, as well as the receiver's public key P'to
decrypt the message. The reason is, private key of the sender provides digital signature ensuring authen
tication. Whereas, the public key 'P of the receiver ensures confidentiality. Thus, the message can be
easily transmitted to the receiver along with the assurance of both confidentiality and authentication.
Sender side
Receiver side
P.

E(Pu,
Message E P,Message) E (Pg,
E
Message) Message
Message)

Figure (4}: Public-key Encryption Provides Confidentiality and Authentication

2. Message Authentication Code
For answer refer Unit-IV, Page No. 66, Q.No. 16(i).
3. Hash Function
For answer refer Unit-IV, Page No. 67, Q.No. 16(ii).
Q16. Explain about the following.
() Message authentication code
() Hash Function.
Answer :
(1) Message Authentication Code (MAC)
Message authentication code is also called as eryptographic checksum, is a small block of data having
fixed size and generatedusing asecret key. It is appended to the message. It is assumed that both the participants
whodesire to communicate sharea common secret key 'K. Let the participants be Aand B. IfA wants to send
the key as follows,
message to B, he calculates the MAC using the message and
MAC= C(M)
Where,
MAC = Message authentication code
C = MAC function
K = Shared secret key
M= Input message
Message Authentication and Confidentiality
made authentic and confidential. There are two ways
When encryption
er is performed, amessage can be
of providing message authentication andconfidentiality.
1. Performing encryption after the MAC algorithm.
2. Performing encryption before the MAC algorithm.
Each of the above two methods requires the use of two Keys ^ and K,. K, is the secret key mead in
MACalgorithm andK, is the key used for encryption and decrYption purpOses. Both K, and K. kevsa
between the sender and the
 UNIT-4:CryYptog
PerformingEncryptlon atter the MAC
the key K,
after concatenating the input Algorithm:
In
message with the this method, encryption is 67
the message. calculated MAC value performed
C using using
key K, for
K
M
|K,
lK,
Ex,[M||C, (M)]
Ck, (M)
Compare
|K
Figure: Message Authentication and
Badoming Confidentiality
Encryption before
a0e sing Key "K, then it is the MAC Algorithm: Here, the encryption is
concatenated with the calculated MAC function performed on the
Cusing kevy K
for the ciphertext of the message.
Ex, (M)
M

Compare
Cx, [E, (M)]
Figure: Message Authentication and Confidentiality
( Hash Function
Ahash function builds a "fingerprints" of
message or file or any other block of data. The following
requirements are essential to achieve message authentication using a hash function.
1 Variable length data blocks
2. Fixed length output
3 Ease of computation
4.
One way property
5 Weak collision
6.
Collision resistance.
1
andble Length Data Blocks: Application of hashfunction 'H must have no restriction for different
cd data blacks. It is practically used by hash function so as to provide message authentication.
2.
Fixed Length Output: Output of a hash reaction "H" should have afixed length. Itis also practically
3.
oy has h functiÍn so as to provide message authentication.
Ease of Computation: The computation of H(r) for any give x' should be easy in order to make
the hardwareeand software implementations possible. It is also practically used by hash functions so as
4 provide message authentication.
One Way Property: The Computation performed on xsuch that H(*) =hfor any given value of 'h'
is
considered to beimpractical. This property is called one way property.
Weak Collision: The computation performed inorder to evaluate ytxfor any given value of 'r' to
form Hy)
)= H(r) is also considered to be impractical. Therefore, this property is referred to as weak
collision.
Strong Collision Resistance: The computations performed inorder toevaluate the pair (r,y) to obtain
referred to as weak collision. This property asserts
theH()= Hy) is ofconsidered
resistivity impractical. Therefore, it is
hash function towards an attack called birthday attack.
 On the other hand, the one way property possess that, it is simple to obtain a code from a
but generating a message from a code is complex job. However, this property has the given
significance mes ags
only
authentication technique makes use of asecret value. Although, during the transmission, the secret value
not sent but the intruder can certainly can gain access to the secret value. This is possible only if the
is not one way therefore, after gaining the access to secret value, the intruder either
monitors hash funcion
or
transmission thereby obtaining the message M. After this, the intruder can easily determine the hash code H
HS,, Furthermore, the intruder inverts the hash function so as to
acquire Sl|M=H (HJ. Asa result
interrupts the
intruder holds both Mand S,, I| M. However it is not essential for him / her to recover Sg
(H
S
Message Message )(H)
Compare
H(M|S)
The weak collision property proclaims that
same value. As a result, one can stop there does not exist any second message hashing to the
replication message while using,
of
encrypted hash code.
K

Message Message
D Compare
E(K, H(M)
Figure: Hash Function User
PR,

Message
Message
Compare
D
From the figures, it can be inferredFigure: Hash Function User
read the transmission line and is also that the intruder does not have
intruder cannot alter the message. Onable to generate its hash
code. secret key, but he/she can
But,
simple that is she/he can casily interrupts the hand, if the property was due to the absence of secret certainly
the other
key, the
also to its encrypted hash code. And later transmission
she/he can
line can incorrect the intruder
gain access not only to job would be
Is successful in creating an
alternate decrypt the hash code the messages but
with same hash code, this property ismessage which has same hash code. from the message. Finally,
always useful. Thus, to avoid of intruder
Q17. Explaln in detall about simple
Aswer : hash functlon. replication
message
The sumple hash function and other
(i) The nput message hash functions operate under
(u) The input in the consisting is message file etc., is considered as a
hash-function
of
processed in an
follosequence
wing principles,
basic
of n-bit
so as to obtain ann-bit hash interactive manner ie.,
The bit-by bit exclusive OR function. block by blockblocks. time
input is XORed bil-by -bit. It is (XOR) regarded as the simplest hash
is one at a
expressed as, function.
x=i bit of the hash code that ranges
Here, every block of the
m= Total number of n-bit blocks in fron Isusn
the input.
Y-i bil withinj block
-XOR operation.
 UNIT-4:CrYptoglil
Whenthissimple hash function is implemented, the operation results in a 69
everybitposition. This is referred to as aIongitudinal redundancy check. However, the simple
hashparity
function
for iseach
capable
and
the role of random data in the form of data
ofperforming
alln-bithashvalues are equal. Hence, due tothis the hash value
integrity check and there is a high
incorrect data then the probability of always remains same but if any probability that
duetothe unchanged hash value is estimated as 2-". error occurs
ettevtivenessofthe function reduces when the user gives a predicated
formatted data into hashHowever,
function.
the
Bxample
Each octet of high order bit in normal text file will be always zero. So, due to this the
prducedby.hash function when 128-bit hash value is used as 2-12 instead of 2-128 effectiveness
In order to overcome this issue, it has to perform one-bit circular shift or rotate over hash value after
theprocessingofeach block. The procedure is illustrated in following steps,
Set the n-bit hash value to zero
1.
Each n-bit data block is processed by following given rules.
) The current hash value must be rotated to left by one bit.
i) The block must be XORed into the hash value.
Therefore, this is equivalent to randomizing the input. As a result all regularities prevailing within the
input area are eliminated.
On the other hand, there exist two types of hash functions for 16-bit hash values,
() XOR with 1-bit relation to eight.
(i) XOR of every 16-bit block.
When compared to the 1 method, the 2nd method is more efficient because it is considered to be more
good technique for providing data integrity. However, if an encrypted hash code used along with a plaintext
then tool is not considered efficient for providing data security. Furthermore, to generate adesired hash code.
amessage is appended with n-bit block. Thereby, compelling the new message as well as the entire block to
produce desired hash code.
However, these two methods can be ineffcient provided if an encrypted hash code is used. However, there
isa less possibility that it is considered as beneficial when message and hash code is encrypted. Such sinmple
Îuncion is also applied on 64-bit blocks of message that is national bureau of standard proposed atechnique.
"cn employes simple XOR to 64- bit blocks of message. After XORing, the encryption is perforined on
essage P,P,, P,...P, and the hash code of the message is computed by performing XORing operation
KDy block on all blocks and finally appending hash code block as the last block to the message.
... ()
X=P, +1 =P,P, ... > Px
the equation (1) which comprises message as well as hash code is encrypted usng CB
mode so as toelore,,
produce the encrypted message ,. O,, Q..,. However, there exist various methods with which
cipher text of the can be modified. Andthe modification performed in
messages are pertect that
are not even detectedmessage
by the hash code. The CBC can be defined as follows,
P= IV9 D(Z, Q,)
P=., D(Z, 9)
P.
W, D(Z, ,.)
But 2: - , D(Z,
But 2N - hash code so N
However, N can be computed as follows,
D(K, O,) t.... I9,,DZ, 9))
*1Y D(Z, 0.)) [Q, mentioned. Theretore, the hash
there are
ude of These terms
which
can be XORed irrespective of the orderin blocks undergo permutation.
 70

4.4 DIGITAL SIGNATURES

1. Key-generatlon Algorithm: This
is used for
SECURI TY
algorithn
generating private key and
corresponding public key.
Q18. Explain in detail the concept and
advantages of digital signature in 2. Slgning Algorthm: This algorithm generates
computer security. adigital signature as output by
message and private key as input.
considerino
Answer:
Digital Signature 3. Slgnature Verifying Algorithm: This
Ad1gital signature is one of the methods algorithm verifies the authenticity of a signature
of cncryptien used to provide authentication. The by taking combination of message, public key
main intent of the digital signature isto protect the and digital signature as input.
message or data trom modifications. It has gained
much popularity in the world of network security. Methods for Creating and Verifying Digtol
In addition to adigital signature, it is a kind of Signature
asymmetric cryptography used to encourage the The following are the two methods that ar
security properties of ahandwritten signatures on most commonly used for creating and verifying the
paper. Basically, digital signature scheme provides
two algorithms, one algorithm is for signing which digital signature,
requires the user's secret or private-key, and the other Public and private key approach
1.
algorithm is for verifying signatures which requires
the user's public-key. The result of the signature 2. Hash function approach.
process is calied the "digital signature". 1. Public and Private Key Approach
Advantages In this method, the signer applies the key
() It verifies the authenticity of signer and also generation algorithm so as to generate public and
the authenticity of the message private keys. The signer creates a digital signature for
(u) It reveals out any alteration or tempering (if a message that is to be transmitted using the private
performed) on the message key. This signature is used by the sender so as to
(111) It provides a high degr e of assurance and encrypt the message. The encrypted message along
doesn't require additional resources for with digital signature is transmitted to the receiver via
processing. the network. After receiving the message, the
receiver
Q19. What are the three algorithms included in verifies the authenticity of the signature using the
digital signature scheme and the methods public key. The advantage of this method is that an
Used for creation and verific ation of intruder cannot forge a digital signature even ifpublic
digital signature? Explain. key of a signer is known. Though theintruder can
Answe: verify the digital signature, he/she
the same digital signature as cannot generate
Algorithms in Digtal Signature Scheme is unknown.
private key of the signer
The algorithms in digital signature has been 2. Hash Function Approach
designed to ensure the authenticity of a message. It
does not perform encryption process over a message. In this method, a hash
These algorithms are used by the sender and receiver so as to generate a function is computed
Soas Lo generale a digital signature on the message and digital
by initially creating and signature. This is done
to vernfy the authenticity of the signature respectively. then verifying the digital
Both sender and reeiver has a privale and public keys signature. The steps
signature considers theinvolved
which are used for performing signature generalion in creating a digital
and verification functions. The following are the
following,
three algorithms included within thedigital signalure Signer generates the private and
scheme. using key-generation algorithm,. public keys
Hash
2
Key-generation algorithm
Sign1ngalgorithm
function(within
computes the
an original hashsigner's software)
message (M) that is result (H)for a
3 Signature verifying algornthm to be
SIA PUBLISHERS AND
computed 'H is unique M'.transmitted. The
 UNIT-4Crptogral
appliesthe signing algorithm so as toThis produces a checksum, it also uses A's
public-key to
decrypt the checksum it received with the message.
Signer
generate a unique
digital signature (digital The
computed twochecksums are then compared. If they are
using H, and signer's
sIgnatureis then the received message is undamaged and matching
privatekey).
is valid one, otherwise the signature
transmits the message 'M" along with message is changed and
signature is invalid.
computedI digital signature to the receiver
Signer
thethenetwork,
via The below figure shows the role or operation of
receiver a digital signature,
r
Atter receiving the message "M,,the
sgnature sauthenticity. The message'M'at Sender A Recever B
INS cbcomes message M, (receivedi message).
the Draft of Draft of
consideredfor verifying the authenticity of Contract
include Contract
sgnature
thedeital
Hashfunction
(that was used for computing the
the new hash
digital signature) "H, computes
M,.
(Hash Function) Hash Function)
result (H) for the message
Receiver uses the verification software to
verify whether private key of signer was
Public-key Public-key Message
Vaidation
and Encryption Encryption
nsed for creating the digital signature
initially
whether "M, = M". This is done by
public
verifying the digital signature using thereceiver
key of signer. After verifying, the
extracts the value ofH' and then performing Private-ky
Sender A"
of Public-key of
Receiver B"
a comparison (using verification software)
between H, and H,. If the values of both these Figure: Role of Digital Signature
hash results matches, then M,'is considered to
be authentic and is accepted. However, if there 4.5 APPLICATIONS OF
is a mismatch, then the message is considered CRYPTOGRAPHY
to be unauthentic and is rejected.
Q21. Discuss the applications of
Q20. Discuss the inmportance of digital
signature in IS security mechanism. cryptography.
Answer: Model Paper-lll, Q12(a) Answer:
Digital Signature Some of the applications of cryptography are
For answer refer Unit-IV, Page No. 70, Q.No. as follows,
I8, Topic: Digital Signature. Secure Message Transmission Using
(0)
Importance of Digital Signatures Proxy Signature - Signcryption: The
Digital signatures are used to provide integration of proxysignature and signcryption
attientication of any electronic information. Consider methods provides secure message transmission.
hO USers Aand B. Awants to send a draft ofa contract The function of proxy signature is to allow
Mich is confidential) to B(who is in some other city). proxy signers to sign messages in order to
Now, Aensures Bthat the message is unchanged and help the organization whereas,the function of
5sent by him signcryption is to perform digital signature and
only.
Ihe sender A writes his draft of acontract into encryption on the messages.
t-mail andlapplies aspecial function known as hash (ii) Authentication and Digital Signature:
uncttheion on the message. This creates the checksum Adigital signature is one of the cryptographic
aLryptinformation.
provide authentication. The
Then,by Aapplying
s this checksum uses its private-key that
its private key methods used to
is to protect
main intent ofthe digitalsignature
ained from public--private key authority. The the message or data from
modifications.
Typted message becomes the A's digital signature Basically, digital signature scheme provides
n sentmessage.
to the
The checksum and the message is lwo algorithms, one algorithm is for signing
or prIvate
receiver. the wlich requires the user's secret ve.ifying
At the is for
key, and the other algorithmuser's
other
and the end, receiver B receives the public-key.
ie
checksum.fromIn sender
order to make sure that Signatures which requires theprocessis called the
meSsag IS undamaged
*lhes the same hash function on the received
A, tthe receiver B The result of the signature
"digital signature".
message. LEGAL proceedings.
 Transterring of Files over the Network: lhe tiles can be transferred on the network by using
CYBER SECURIY
72
form of eryptography. It is also referred to as
which isthe carliest
(ili) svmmetric key
crvptography done using only ohe key called secret key. It seere
he enryptton and
decrvption is
key cryptography sharing of the key among usets must be donc by
keeping the key to should
themsclves
Consequently,the cncrypled data can only be decrypted usingthe:same secret key used while encryption
be keptsret and

oVERVIEW OF FIREWALLS - TYPES OF FIREWALLS

4.6
capabilittes that are wlthin the scope of rewal!.
Q22, What s frewal? Explain the
Answer:

Arewol
information security program located at a network gateway server to protect .
A firewall is an by other insecu
confdential information present in the network from being inercepted by intruders or
network traftic to pass and restrictsthe unauthorized
neworks. It acts as a barrier that allowsonly the authorized either as a filter or as a security device. It is instaled
trafthe from being passed. Firewalls are designed tooperate usere
on a svstem so as to prevent the unauthorized
users to access the secure networks. In case of mobile
remote access into the secure network.
firewalls use secure procedures and authentication keys to allow
communication facilities. These
Most organizations use firewalls to protect their private networks and
organizations develop firewallprograms that include features like remote logging and reporting, computerized
firewall. As most of the applications
alarms at given threshold attacks, and a graphical user interface to control mishandling of information that can
are placed on the internet, they are inherently insecure. This can lead to
be a threat to the organization. Therefore, to avoid such type of malicious activities, organizations employ
firewall to protect a public network that is connected to an insecure network.

(TELNET
Trusted FTP
network SMTP Untrusted
HTTP Out
network

Firewall
Packet-filtering Application Circuit-level
router level gateway gateway

Figure: FirewallConsisting of Packet-filtering Router, Application Level Gateway and Circuit-level Gateway
The above figure represents that a firewall is a networking device hat is placed between an
internal
LAN (rusted network) and internet (untrusted network). This hrewall proteCts the internal LAN rom being
attacked by the unauthorized internet users. Thus, firewall can be considered as an effective
sofware that is
dcd o provide security to the local and remote systems from other network threats.
Capabilities ot Firewalls
Firewall is capatbBe of blocking unauthorized network users from entering into the
2 F1rewall ilters the unsafe MComIng services which attacks the authenticated secured network.
hetwork rOn various types of lP address spoofing and routing threats. users. It also protects the
NIT-4:Cryptograph The advantage of packet-tiltering irewall is
minimizes the burden of security
Firewallis that it reduces extemal attacks made to an nganization
managementservices.
related issues by by an intruder. The disadvantage of this type of
Firewallhandles
security firewall is that it is dithcult to contigure infomation
and audits onthe firewall system.
startingalertss about IP address of every single pcket.
vides a well-suited
Firewall provi
platfornm
like
nternet tunctions
End to ent
for carrying out transport
network security
translation,
network.address (mnnetion

managemnentetc.
for starting virtual
Firewall provides aplatform
IP sec.
Avylkatin unifouNk
and
privatectwork
tyYpes of frewalls.
23 Explain different
Model Paper-l, Q12(b) knd-to end
Swer:
transport
pesofFlrewalls connection

techniques are,
The ditferent types of firewall
Packet-filtering firewall
1.
Statefull inspection firewall
3. Application-level gateway
4 Cireuit-level gateway.
Packet-Altering Firewall
Packet-filtering firewallis one of the simplest
nd eflective form of firewall that accepts or discards
ackets depending upon certain contiguration rules
criteria. The configuration rule basically contains
ne information about lP header which in turn stores
ne information about IP addresses of packets. Each
md every packet in the network is examined by the
outer to check whether it matches one of its packet
altering rules. The packets are then forwarded to
uitable destination as per the rules specitied in the
acket header information. In simple terms, they are
orwarded if amatch is found, clse they are disearded.
fthe match is not found then a default action is carried
Dut. The default policies include,
) Defaut-discard
This is a traditional policy. At tirst, it kecps
everything in blocked state then starts adding
services on case-by-case basis. It is usually
oflend used by those users who uses firewalls
as interruption. The policy is mostly uscd by
businesses and government orpanizations,
(0) Delaut-torward
This policy makes easy the utilization or
Work made by end users, The drawback with
nis policy is that it minimizes the securily
across the network. So. cach time a Necurity
threat occurs, the system administrator has
to solve it.
Figure: Packet Filtering Firewall
2. Statefull lnspecton Frewalls
This type of tirewall creates a directory ot
outbound TCP connections to entoree rules upon
TCP traftic in order to maintain a secured connection.
Every newly formed conneetion has an entry point.
Now the packet tilter permits the arriving trafthe to
onty high-numbered ports specitically tor the packets
which matches protile (i.e., rules set for TCP tratic)
of cntries in the directory.
The arriving packet is then inspevted by the
statetull pcket inspevtion tirewall by treating it as a
packet filtering firewall. Next it keeps reconds or stores
the intormationwith respect to the T(P connections,
Aside this, the tircwallalso kecps checking the TCP
sequence numbers in order to ovoid the attacks based
upon sequence numbers such as Session Hijacking.
Knd to end
transport
connection
vcuy hyscal
ind 0 end
trannport
conmetlon
Flgure: 8tatefulllnspectlon Firewall
 An application-level gateway sets up two
74 Application-levelGateway end-to-end inbound connections and one outbound
as
3 firewall is also known connection between itself and a user in anetwork
This type of proxy
The role of the application level. The gateway transmits the TCP segments between
applicationproxy. at the
application
these networks without examining the packets. Bn
the trallic
is to transmit firewall, this
similar to previous type of circuit-level gateway configures a proxy function for
or
In a way TCPP protocolsuch as Telnet inside host and circuit-level functions for outside host
firewallalso uses the
user interacts with the gateway using to establish a connection. Once the connection has been
FIP The generates the
gateway then
TCPIP protocol. The established, the TCP packets begin to transmit between
ing the identity of the remote
response by identity
Now, the user these networks without any further examination.
accessed.
host which has to be
generates the response by giving
the valid user-id The advantage of circuit-level gateway is that.
and authenticated information. Upon
receiving the It provides many services to large number of different
application protocols. The disadvantage is that, a special client
data, the gateway communicates with an
data software is required in order to provide the services.
present on remote host. Then the application
which is stored in TCP segments is exchanged Because of this drawback, the size of the network
between two communication points (end-to-end increases due to which it is tinme consuming to manage
points). secure clients.
If the proxy code is not used for particular
Internal transport
application by the gateway, then the transmission connection

is terminated and no packets are transmitted over

the firewall. Moreover, gateway can be configured
in such a way th¡t only particular features of Network|
Application Transport|Internet access Physical
application can be allowed. One of the disadvantage
of this type of firewall is the overhead incurred in
every connection. However, the applications level Circuit-level proxy
gateway are effective and secure than packet filtering
firewalls. Network
Application(Transport |Internet access Physical
Internal transport
connection

External transport
connection
|Network
Transport | Internet Physical
access
Figure: Circuit-level proxy Firewall
4.7 USER
Application proxy MANAGEMENT,
SECURITY
VPN
Iransport| Internet
Network
Physical Q24. Explain in brief about user
access

Answer : management.
External transport User Management (UM)
can be
that manages thedefined a
connection
administrative
their
process as
users and
Figure: Application Proxy Firewall accounts by providing access to
4.
Circuit-level Gateway computer resources, applications, data andindividual
It helps in effective services.
This type of firewall can either be used in a
Stand-alone system or in a specialized functional monitorimajor
identity life cycle. It is the ng and management of
system. Circuit-level gateway internally applies Access Managementt part of ldentity and
application-level gateway for handling TCP and UDP supports users in (IAM) which is atechnique that
connections. Auditing (AAA) to Autaccesshentication,
the Authorization and
 78
026. List and explain different types of Virtual Private Network (VPN).
Answer:
CYBER SECURIT
ypes of Vitual Prlvate Network (VPN) Model Poper-l\, Q12
Some of the commonly used virtual private networks are as follows,
() PPTP VPN (Dial-up VPN)
This protocol is developed by microsoft to set up connection
with low charges. The PPTP protocol is very useful for remote users with a private network via
most frequently.
who need to the ne
access a private Interng
Features
Some of the primary features of PPTP are as follows,
networtk
() It supports VPNs that make use of distinct
(i) It was built on the basis of
protocols like L2TP.
(i) It can work with the most
Point-to-Point Protocol (PPP) and Internet Protocol (JP).
method called tunneling.popular network protocols namely, TCP/IP, IPX/SPX and
(iv) Itcan operate at Layer2 of OSI
NETBEUI b
(v) It performs user reference model.
inorder to grant authentication by
access to networkMicrosoft Challenge Handshake Authentication Protocol
(vi) Ituses Microsoft resources. (MSCHA
(vii) It is counted in thePoint-to-Point Encryption (MPPE) protocol.
windows family of OS that starts with
windows 95.
Corporate
LAN
Internet

VPN Firewall
Corporate Server
Desktops

() Site-to-Site VPN Figure: PPTP VPN

line for
Site-to-site VPN works identical to PPTP VPN but
transmission. with a difference that it does not
in order to form a Also, it permits different sites of an use any dedicated
decryption.
VPN, Besides this, routers are organization
(with own real
ends for performing network) to connect
However, the routers can either be a used at two
use either hardware or software based hardware or a software based router.routing,
firewall devices. encryption
This type
and
of VPN can

Corporate Corporate
Server Server
Site B
Site A
Corporate
LAN 5Internet Corporate
LAN
Firewall
VPN Tunnel Firewall
VPN Tunnel

Corporate
Desktops
Corporate
SIA Figure: Site-to-Site VPN Desktops
UNIT-4:Cryptography and Network Security
77
Layer2Tunneling Protocol (L2TP VPN)
ThisprotocolI comprisestwo protocols namely L2F (Layer 2F Forwarding) and PPTP
developedby CISCO and Microsoft respectively. L2TP is implemented at Layer 2 of OSIprotocols that were
reference
Thisprotocol allows a remote user to establish a connection to a corporate network by means model.
of two devices
namelyL2TP.Access Concentrator (LAC) and L2TP Network Server (LNS), as shown in the figure below,
Remote User LAN

ISP
LNS

A L2TP Tunnel
Internet

Figure: Scenario of VPN Implementation Using L2TP

In the above network, if the remote user wants to access the LAN then it initially establishes connection
with ISP by PPP. After this, the LACcommunicates to LNS inorder to check whether the remote user is the
authentic then an L2TP tunnel is established between the L¤C and LNS. Through this tunnel, the remote user
is allowed to access the LAN. And, the data passed through L2TP tunnel will be in encapsulated and decrypted
form.

(iN) Internet Protocol Security (IPSec)

This protocol suite is implemented at layer 3of OSI reference model. It deals with providing the
enhanced security at IP level and hence it is not restricted to some particular operating system. It comprises
thre components namely, Authentication Header (AH), Encapsulating Security Protocol (ESP) and Internet
Security Association and Key Management Protocol (ISAKMP).
(a) Authentication Header (AH): It authenticates the data origin, examines for data integrity and
protects the data against replay.
(b) Encapsulating Security Protocol (ESP): It supports for data confidentiality along with the features
of AH.
(c) Internet Security Association and Key Management Protocol (ISAKMP): It uses a method
for setting up security association automatically inorder to perform encryption and decryption of data.
Modes of IPSec
IPSec can be operated in two modes,
Transpot Mode: This mode is useful incase of communication that is required to be done between
two end points. In this mode, only encryption of data is performed
Tunnei Mode:This mode is useful incase of communication in which either of the devices doesn't
act as end noint. In this mode, both encrypion and encapsulation of data is performed.
() Secure Socket Layer (SSL)
accessed via https in a web brOwser. Here, the web
This type of VPN can be secure session in between the browser represents the client
creating a browser and application server. However,
pPlication, It is used for the client side.
not needed on
stype of VPN is
 78

(vi) Multi-Protocol Label Switching (MPLS 1. Authentication

CYBER SECURITY
VPN) PGP provides digital signature
authentication purpose.
service for
This type of VPN was developed to enhance
the store and forward speed of the routers. Following are the sequence of stepsthat mal
the sender's message to reach an
It is better when compared to site-to-site VPN
since it is fast and less expensive. However, the range
receiver. authenticated
lies in between 30ms to 100ms. (0) Sender's Side
(a) Message M iscreated.
(b) AI60-bit hash code H(M) of the
is generated using SHA-1
message
Site X Data Hashing Algorithm-1 ). (Secure
Center
(c) The sender's private key is used to
encrypt the hash code with RSA and ie
then attached to the message M forming
Site Y
Exg [H(M)].
Site X
(i) Receiver'sSide
(vii) Hybrid VPN (a) Receiver decrypts the encrypted message
This type of VPN is the combination of SSL, Ex, [H(M)] using RSA along with the
IPSec, and other different types ofVPNs. As a result, sender's public key KU, to recover the
hash code.
its servers can set up a connection with various types
of VPN clients. It is very costly and highly flexible (b) A new hash code for the message is
at the client side and server side. generated by the receiver.
(c) Receiver compares the decrypted hash
4.8 SECURITY PROTOCOLS
code. If they are equal, the message is
assumed to be authentic.
4.8.1 Security at the Application Layer
-PGP and S/MIME With the above scheme, it can be ensured
that only an authenticated receiver can receive and
Q27. Write a short note on Pretty Good Privacy. read his message, as the hash code of the message is
Answer :
encrypted with RSA using sender's private key. One
who is provided with the sender's public key is an
Pretty Good Privacy (PGP) authenticated receiver and can decrypt the encrypte0
Pretty Good Privacy (PGP) is a secure mail message. The receiver will be sure that the message 1s
protocoland a hybrid cryptosystem. It is mainly used in
received from an authenticated sender as the message
is signed with
electronic mail and file storage applications as it provides one who has theRSA. This can only be generated by the
basic confidentiality and authentication services. matching private key.
A signature can be an attached
Opetational Description of PGP a detached signature. An signature or
The operation of PGP comprises of five one that is attached to a message and
attached signature is the
the detached
Services with resspect to managenent of keys. They signature is one that is transmitted in isolation witn
are as follows, the signed message.
1. Authentication (a) Using Attached Signature: The
have to be nested. The second signer signatures
signs bo
2. Confidentiality the document and the first
signature and so O
until the message is received
3 Compression by a
(b)
recipient.
4. E-mail compatibility Using Detached Signature: The
of all the signers are signatures
5. Segmentation and reassembly. independent
other. Thus, all the signers sign the from eacu
only. documen
 Cryptographyand Network Security 79
NIT-4: Sender, Receiver,
Generate
Hash Code
Exl(H(M)) KU,
M
DP
Encryption EP)KR, Decryption Compared

Compressed ZJpecompressed
Figure (a): Showing Authentication Only
Confidentiality
One of the basic
services offered by PGPis confidentiality is transmitting confidential messages or storing
files.
themaslocal
sending and receiving confidential
The following are the sequence of steps that must be followed for
DSAges.
Sender's Side
that is used as a session key for
(a) Sender generates a message along with 128-bitrandom number
transmitting the message.
with session key.
b) CAST-128 (or IDEA or TDEA) is used for encrypting the message along
public key and then it is attached
(c) Session key is in turn encrypted with RSA using the receiver's
to the message.
) Receiver's Side
RSA with the receiver's private
(a) Session key is recovered (by the receiver), by decrypting it using
key.
(b) The message can now be decrypted using session key.
The random key or the session
The confidential messages remain confidential using the above mnethod. encrypted with the receiver's
ey Is a unique key that is generated separately for each message. This is then
piDC key to protect the session key. Thus, the person who has the relevant public key can only decrypt it to
TEcOver the session key which inturn decrypts the message.
- Sender,A Receiver,
Compressed KR,
M >DP
Exu(K,]
Decrypt

I'Enerypt +DO Z+M

KU,-HP Decompressed

Figure (b): Showing Confidentiality Only

Conhdentiality
sender hasTheseto
s
and Authentication Services
can be used together to send a confidential message to an authenticated person.
osign the
with its Own private key and then encrypt the
For this,
message with asession key. This
the

furher message
encrypted using receiver 's public key.
Q33. Explain in detail about S/MIME.
Answer:

SMIME stands for Secure Multipurpose Internet Mail Extension. It has come into existence to overcom.
the security problems of simple mail transfer protocol. SIMIME provides more security and is widely accepted
To understand how authentication and confidentially are handled in S/MIME, consider the security servica
provided by it.
The two security services provided by S/MIME are,
1. Digital signatures
2. Message encryption.
1. DigitalSignatures
Digital signatures are like legal signatures on the paper
service of S/MIME. document. They are most commonly used
Digital signatures provide the security capabilities like
These are the core functions of digital signatures. authentication, non-repudiation and data integrity.
Authentication using Digital Signatures in S/MIME
Generally, authentication is defined as the process of
eligibility to ensure that the transmission of information is doneidentifying the individuals and
by authorized person only. verifying their
In traditional paper documents,
signatures serve as the biggest means of
unique for each person. Similarly, in computers,
ensure that the information is received from an there must be an identity of theauthentication
sender
because they are
so that the receiver
and no wav to know the details of intended sender. In SMTP mails, there was no
actual
allows the receiver to know the information sender. 1hus, digital signatures came into authentication
about actual sender. existence. Digital signature
Digital Signoture and Verifiction Operations
In an e-mail message, digital signature is applied on the body
isfirst captured and a signing operation is performed on it. Thebody part of the message. The e-mail
can't be supplied by the person other than the signing operation requires message
later appended to the e-mail message.
sender. Digital signature produced by this signing information thatis
When the e-mail is sent, the digital signature is also operation
digitally signed. included in it.Therefore, the message is said to be
When the receiver receives the e-mail message
which is
a verification procedure. The receiver extracts the
digital digitally
signature signed, digital
message. Then, it performs asigning operation on the from the signature
which is matched with the one extracted from the received message. This message and retrieves the actual
actual undergoes
message will be marked as valid. Otherwise, the message is e-mail message. produces another digital match,
If both the signature
is provided using digital signatures.
discarded. Thus, in S/MIME,signatures
the authentication
the
SI PUBLISHERS AND
UNIT-4:
Cryptography and Network Security
The entire
process is shown in the figure (1),
Message Unique sender Digtal
information |Digital signing Message is
body is is performed signature is
captured retricve appended Sent

Message is
received
side
receiver's
Digital signature Dl is retrie ved

the
at Message body is retrie ved
verification
Unique sender information is
retrieved
signature

Digital Signing operation is performed|

Digitalsignature D2 is produced

No Yes
Dl = D2?

Message is not Message is valid

valid

Unauthorized user Authorized user.

Process
Figure (1): Digital Signing and Verification
signatures is that, they do not provide confidentiality.Messages with
The major drawback of digital as in SMTP. So, the messages can be read by others. To protect the
digitalsignatures are sent in clear text
service of S/MIME called message
encryption is used.
contents of e-mail message, another
2. Message Encryption
not so popular
Message encryption is confidentiality.
message confidentiality using encryption.
SMIME provides the major problem of internet e-mail message by providing
but it solves the The other security service is
as digital signature specihc security services provided by S/MIME.
Confidentiality is one of the two
data integrity.
Encryption in S/MIME
Confidetiality through Message The encrypted
process of transforming the plain text of the message into ciphertext. message.
Encryptionisthe understood by the receiver until it is and converted into actual received
decrypted
Content is normally not the confidential information from being disclosed. Even ifthe message is
process protects able to view the contents and understand the actual information.
Ihus, this might not be
Oy the unauthorized person, heconfidentiality whilethe. message is being transmitted and also during its
storage.
Encryption provides Decrypfion Operations
Message Encryption and performed
transmission of an e-mail message. Encryption operation on the message is
the information used to encrypt
The specific replaced by pertaining only to the intended recipient is
Consider
transnission. the encrypted message and the encrypted form is sent tothe
Defore its messageis
The original
the message.
 ]:

4.8.3 security at Network Layer Q43. Explain the benefits and CYBER SECUR
IPSec
Q42. Explain in brief about IPSec.
Answer:
Answer:
IPSec.

Benefits of IPSec
ap lcatloNy
IPSec can be used Ito secure
applications like file transfer, email,various
IPSec deals with providing the security at IP
level, which includes three fundamental issues which The following are the various
benefits
web e
of
distribase
acCes
are,
(i) One of the important features of IIPSecPSSec,
it can be implemented in afirewall. is thg
Authentication: Authentication mechanism
ensures that a received IP packet is from a
desired source and not from an intruder. It
an IPSec is provided in a firewall.
apowerful security check onnall
it Whresulenetvse
r
also makes sure that the packet has not
been
outgoing packets. incoming:
modified during its transfer. (i) Firewall uses IPSec to restrict
(ü) incoming packets which are not all those
Confidentiality: Confidentiality issue is Since, firewall is the only way to enterusing IP
into a
concerned with encryption of all the data being organization, restricted packets cannot enter
transferred from source to destination using (ii) Althe operations of 1PSec are
certain encryption techniques, so as to reduce other applications because it is transparent
present a P
the impact of third party
interference. layer.
(ii) Key
Management: Key management deals
with the exchange of keys between
(iv) IPSec can be easily
and does not requireimplemented
in a firewall
source ånd any
on the client or the server changes to be made
destination in a secured way. system software.
Internet security needs to improve a lot as (v) IPSec can also be implemented in end user's
per the Internet system without causing higher-layer software
Architecture Boards (IABs) report
released in 1994 which highlighted applications to change.
certain
where improvement in terms of security is sectors (vi) IPSec
These sectors include, securing needed. implementation
additional training to
does not require any
be
end-to-end user because given to the users,
transactions, controlling network traffic and avoiding IPSec
the end user. mechanisms are transparent to
unauthorized access to network infrastructure.
(vii) With the use of
According to IABs report, some of the can be created IPSec, virtual subnetworks
advancements must be made in internet security which and secured for sensitive
are as follows, applications in an
Securing end-to-end user transactions Applications of IPSec organizational network.
Allthe major types of
Controlling network traffic and internet) utilize networks (i.e., LAN, WAN
IPSec features to provide
reliable secure anu
Avoiding unauthorized access
infrastructure.
in network communication. Following are the uses/applka
tions of IPSec.
)
The various threats to internet Creation of Virtual Private
() IP Spoof'ing: IP Spoofing is a
transactions are, IPSec, any organization can Network:itsUsusown
technique with secure, develop
So, the virtual private network on the intenet.
which a duplicate packet with fake
iscreated by an attacker
IP address
and the necessity for private networks is reduced
of the original packet.
which resembles that overhead
management associated
is reduced. with the network
()
(U) Packet Snitfing: Packet Sniffing is a process
in which an
Securinguser"Remot
"remote to
e Access:1IPSec enables the
the sensitiveunauthorized person/hacker reads network. securely access the company $
information for illegitimate
purposes. To avoid these scenarios, IAB has In other
words, the end user who has IP Security
made it mandatory to include
such as authentication and security services
protocols
access theloaded into his system can securely
IP packet generation encryption in every
(|Pv6 as well as IPy4). connecting
This will
company' s network,
to the internet from simpl)
anywhere.
 Security
Cryptographyand Network 97
UNIT-4:
Connection Among VoVarious Partners (d) Authentic ation Algorithm: This section
Intranet or Extranet:
Implementation of contains a group of documents that can specify
Over authentication, confidentiality the implementation procedure of different AH
issues(i.e.,
IPSec, will provide secure and algorithms, in addition to ESP authentication.
management)
| interaction among various organizations,
andkey
(e) Encryptlon Algorith m: This section
reliable communication is
irrespective of whether the includes a group of documents that specifies
or
extranet. the implementation procedure of different
over intranet encryption algorithms used for ESP.
merce Security:
Improving E-com applications of any (6) Key Management: This document repre
E-commerce (or) web well sents the various strategies of key management.
and must be
organization are sensitive enhanced
can be l by using (g) Domain of Interpretation (DOI): DOI
secured.Their security between different
contains the relational values
IPSec.
have some in documents including identifiers and parameters
E-commerce applications needed for encryption and authentication algo
Though
protocols, implementation ofIPSec
built security serves as an
additional rithms.
applications
for thesemechanism.
security Architecture

architecture of IPSec with

ESP
the AH protocol
044. Explain protocol
neat diagram.
Model Paper-lI, Q12(b)
Answer :
IP Security Architecture
Encryption
architecture consists of three
Authentication
Algorithms
IP security follows, Algorithms
sections. They are as
Documents of IPSec
Domain
2. Services provided by IPSec of
3. Security associations. Interpretation
(DO))
Documents of IPSec
1.
of
by using a number
IPSec can be defined and
2401, 2402, 2406,
documents including RFC's in the year 1998 for Key Manage ment
released
2408, which were packet Authentication
describing the extensions of by IPSec
This helps in specifying Services Provided
Header and packet encryption. describing the 2
Page No. 97, Q.No.
45(i).
he keymanagement potential and for Foranswer refer Unit-V,
Overall security architecture. Securlity Assoclatlons
be clas
structure of IPSec documents can 3.
No. 98, Q.No. 45(ii).
The
differentsections
where each section Unit-V, Page
sified into seven Foranswerrefer
functionality.
Nas its own individual section of IPSec
Q45. Explaln about,
(0) Archite cture: Thisthe basic notions/ IPSec Services
documents includes ()
definitions and methods of (I1) Security Associatlons.
different
implemnentation of IPSec
rules, along with the
providing security.
requirements for Answer :
Header (AH): This section IPSec Services major
Authentic ation
implementation Considerations of (0) two
makes use of and ESP
(b) includesauthenticating
the a packet, in additionto IPSee Architecture Header
for
AHpacket
the format. protocols (i.e., Authentieation
security
This
at IP level. an
Security Payload (ESP): protocols) for providing beforehand choose
Encapsulating protocols
(c) includesthe
implementation 0SSues facilitates the system to security provide
section packet, in addition to algorithm to be implemented,
This encrypting a
also 0ssues related
required to
of ESP for format and
ESP
needed, Cryptographic keys
the
packet
authentication using requested services. proceedings.
packet book is a CRIMINAL LEGAL
rox/Photocopyling of this act.Anyone found guilty Is LIABLE to face
 Pat PaCKet, Ihis means, the max1mum
mformation/data, a packet can hold during transmission.
Whatarethe two modes in which IPSec operates? Explain them in detalil.
ASWer,:

Consist of two modes,

IPSecoperations
() Transport mode
() Tunnelmode.
TransportMode
Transport mode provides:ssecurity onlyto the payloadIssection of the lP packet byimplementing encryption
done for protocolslike TCP or UDP segments or an ICMP packet. Atypical
gauthentication,thissis usually communication
end-to-end hosts
between two as such server
client and two or between
tansport mode uses
workstations.
(ESP) of transport mode can only authenticate the lP payload, but
The encapsulating security payload
is not authenticated or encrypted and the Authentication Header (AH) of transport
Pheader of the packet some parts of the IP header along withthe IP payload.
node can authenticate only Transport layer
Transport layer Transport layer payload
H: Header
IPsec layer IPsec -H IPse -T T: Trailer

H: Header
IP payload
Network layer IP-H

Mode
Figure (1): IPSec in Transport Transport layer

Transport layer
Network - layer IPsec layer
Packet
IPsec layer
Network layer

Network layer Virtualcommunication

at the network layer
Host Y

Host X

Figure (2): Transport Mode in Action

the
(i) Tunnel Mode transferring, so that
packetfor Host-to-Host,
In tunnel mode the entire packet is encapsulated into the another communications, i.e., a routerand
packetis
transmitteddin asecured way. Tunnel mode deals with alltypes of used between
network-to-network and host-to-network over the internet. This mode Is basicallyreceiver is not a host.
host and a router. It is activated when it finds either the sender or the mode,
a host(or) a For AHintunnel
For ESP. tunnel mode encrypts and authenticates the inner IP packet.
authenticates the whole inner packet as well as some parts complete
of the outer IP header. proceedings.
LEGAL
to face
 IPH IP Payload Network layer
BER SECURTN
IPSec -H IPSec -T IPSec layer

IP-H New IP Payload

New header

Figure (3): IPSec in Tunnel Mode

Tunnel
Network layer Network layer
IPSec layer Virtual communication IPSec layer
@ Network layer
New Network layer New Network laye

Network layer
Router X Pack RouterY

Figure (4): Tunnel Mode in Action

Q47. Describe about,
(a) IPSec Authentication Header
(b) ESP format.
Answer:

(a) IPSec Authentication Header'

The main aim of the Authentication Header (AH) is to assure integrity and
authentication of P
datagrams. The integrity factor is concerned about securing the data from illegitimate manipulations during its
transmission, while authentication property is concerned about safety of the applications from modern internet
crimes such as address spoofing and replay attacks. All the 1P header fields (i.e. Type of Service (TOS), flags,
Fraomentation ofset, time to leave and header checksum) along with IP payload are protected from being
altered during transmission by authentication header. Authentication is done on the basis of MAC (Message
Authentication Code).
The various fields associated with the authentication header are as follows
(0) Next Header: Next Header field is of3 bits in sZe and is used to determine the type of the
header.
succeeding
() Payload Length: Payload length field is also of 8 bits in size and
authentication header. specifies the length ofthe
(H) Resenved: Authentication Header (AH) conans 10 Dlts neld which is reserved for future purposes.
(iv) Security Parameters Index (): Tne s DS ed lAHIS Used to represent the security
associated with this packet. associations
(v) Sequence Number: The sequence number represents the repetitively increasing counter value which
is used to protect against the replay attacks.
(vi) Authenticatlon Data: Authentication data field is not a fixed length field it contains an Integrity
authentication of this
Check Value (1CV) which is used for (AH) packet, This field maynot
include padding. may or
 Cryptog
8 bits 8 bits 16 bits

Next Payload Reserved

Header Length

Security Parameters Index (SPI)

(32 bits)
Sequence Number

Authentication Data (Variable)

Figure: Authentication Header

D) ESPFormat integrity and authentication services for a

confidentiality, irrespective of each
basically used to provide performed individually on apacket may lead
ESP protocol is andauthentication can be encryption or onlyauthentication
encryption security reasons 1.e., only ESP packetformat,
cket. Here.
not preferred various fields associated with the
due to
association.
ather However it is
following are the determines the security
Dinsecurity. The which increasingnumber
is a 32 bit field monotonically
Security Parameter Index (SPI) used to representa
) SPi: sequencenumberfield
is
Number: A to avoid replay attacks.
SeqUence packet
() to each received
which is assigned Index(32bits)
Security Parameter
(32 bits)
Sequence Number
PayloadData

'Padding(0-255,bytes)
Padlength NextHeader
(8 bits)
(8 bits)
Authentication Data

Packet Diagram transferred. IP header

Figure: IPSec ESP whichis to be mode
the encrypted data the data intransport
data field represents TCP header would prefix
Payload Data: Payload
(u) would prefix the datain tunnel mode ESP. whereas tobe a
multiple
plaintext
ESP. make the length of the flowby hidingthe actual
used to partialtraffic
bits): Paddingfield is
(iv) Padding (0-255number of bytes. It is also added to allow the
desired to
of some providing confidentiality to it. of padding applied
pavload length thereby representsthe
length
Length (8 bits): Padding length field of ESP 1
by
(v) PaddingThe padding length is limited to one octet i.e., 8 bits. presentin the payload
data. the
the
is 8 bits in size and determines the data protocol headers i.e.,
Next header field
(vi) Next Header: assigned to the
examining the first header payload. Some default values are
is 6,. UDP is 17 and IP is 4. present header.
value of TCP followingthe
is length
thenext header field contains the value 17, it means that UDP header
If length, (i.e., its
Authentication Data (Varlable): Authentication data field is of variable
(vil) (ICV).
depends on the security assOCiations) and contains an Integrity Check Value face LEGAL proceedings.
ying of this book