Academic Details of Course

CS-7201

Network Security

1
 (i)Course contents

CATEGORY COURSE TITLE COURSE CODE CREDITS – THEORY PAPERS

OF COURSE 4C
Departmental Network Security Network L T P Max. Marks:100
Elective Security 3 1 0 Min. Marks:35
DCO(E):II CS7201 Duration – 3 Hrs

UNIT-1
Conventional Encryption
 Convention Encryption: Conventional Encryption Model,
 Stenography, Classical Encryption Techniques,
 Simplified DES, Block Cipher Principles,
 The Data Encryption Standard,
 The Strength of DES,
 Differential and Linear Cryptanalysis,
 Block Design Principles, Block Cipher of operation,
 Conventional Encryption algorithms

UNIT-II
Public Key Encryption And Hash Functions
 Public Key Crypgraphy ,
 Principles of Public Key Crypsystems,
 The RSA Algorithm, Key Management,
 Diffie Hellman Key Exchange,
 Elliptic Curve Crypgraphy,Message Authenticain and Hash Functions
 Authenticain Requirements, Authenticain Functions,
 Message Authentication Codes,
 Hash Functions, Security of Hash Functions.

UNIT-III
Hash and Mac Algorithms

o MD5 Message Digest Algorithm,

o Secure Hash Algorithm (SHA:I),
o RIPEMD, HMAC
o Digital Signatures and Authentication Protocols
o Digital Signatures, Authentication Protocols: Digital Signature Standard

2
 UNIT-IV
 Authentication Applications,
 IP Security,
 Web Security

UNIT-V

Intruders, Viruses and Worms

 Intruders,
 Viruses and Related Threats
 Firewalls Firewall Design Principles,
 Trusted Systems

References

(i) William Stallings, “Crypgraphy and Network Security”, Third Edition,

Prentice Hall,1999
(ii) Atul Kahate, Crypgraphy & Network Security, Tata McGraw Hill Pub.
Co

(ii)Lecture Plan with references

3
 Jul-Dec
Department Computer Science & Engineering Session 2012
Faculty Name Semester Odd
Subject Network Security Sub. Code CS-7201
(B) TIME SCHEDULE: Total expected periods: 53, Extra periods (if required)…

Lecture Date of
Topics to be covered Remarks
No. Completion

1 Introduction to Network Security

R1 (1-7)
2 Services, Mechanism and attack
R2 (5-8)
R1 (7-12)
3 Introduction to cryptography
R2 (59,73-80)
4 Steganography R3(377,755-757)

5 Conventional Encryption mode R1 (12-14)

6 Classical Encryption Model R1 (21-4 8)

R1 (55-56)
7 Block cipher principles
R2(60,66,71,93)
8 Simplified DES R1(56-71)

9 Designing Simplified DES R1(71-82)

R1(82-85)
10 Strength of DES, Differential & Linear Cryptanalysis
R2(65,69,658)
11 Block Cipher Design principles R1(85-89)

12 Block Cipher modes of operation R1(90-97)

13 Modular arithmetic, euclid’s algorithm R1(107-116)

Lect. No. 01 to
Unit Test – I (25% of Syllabus)
13
15 Double & triple DES, meet-in-the middle attack R1(173-178)

16 Blowfish R1(179-184)

17 RC5 R1(185-191)

18 RC4 stream cipher R1(192-196)

19 Key distribution R1(211-219)
20 Random Number Generation R1(220-226)
4
21 Testing of primality R1(243-245)

22 Principles of Public Key Cryptosystem R1(257-267)

R1(268-278)
23 The RSA Algorithm
R2(75,80,678)
R1(286-292)
24 Key management R2(442,477,440,
439,47,60)
R1(293-296)
25 Diffie-Hellman Key Exchange
R2(442)
26 Elliptic curve Cryptography R1(297-306)
R1(313-323)
27 Authentication Functions
R2(194)
Lect. No. 01 to
Mid Semester (50% of Syllabus)
27
29 Message Authentication codes R1(324-328)
R1(328-334)
30 Hash functions R2
(76,77,405)
31 Security of hash function R1(335-338)

32 MD 5 message Digest algorithm R1(347-356)

R1(357-365)
33 Secure Hash Algorithm (SHA-I)
R2(77,439)
34 RIPEMD-160 R1(365-372)

35 HMAC R1(372-377)
R1(379-384)
36 Digital signature R2(79,107,442,5
93,682)
37 Digital signature standard (DSS) R1(384-395)

38 Kerberos R1(401-418)

39 X.509 Authentication services R1(419-428)

40 PGP R1(435-454)
41 S/MIME R1(455-472)
R1(481-490)
42 IP Security
R2-440
43 Authentication Header R1(491-495)
Lect. No. 01 to
Unit Test – II (75% of Syllabus)
43

5
45 Encapsulating Security Payload R1(496-503)

46 Key management R1(504-515)

47 Secure Socket Layer (SSL) R1(527-530)

48 Transport Layer Security R1(531-548)

49 Secure Electronic Transaction R1(540-560)

R1(563-580)
50 Intruders & Intrusion Detection R2(14,36,387-
390)
51 Password management R1(581-590)
R1(597-608)
R2
52 Virus and Related Threats
(156,108,111,419
,528)
53 Virus Countermeasures R1(609-613)

54 Firewalls R2(435,451,457
R1(615-634)
55 Firewall Design Principles & Trusted System R2(169,229,215,
273)
Lect. No. 01 to
PUT (100% of Syllabus) 9
55

References:

Cryptography and Network Security, William Stallings PrenticeHall, 1999(R1)

R1

Security in computing Shari Charles p. pfleeger, Low price Edison (R2) R2

Introduction to computer security,Mattbishop sathyanarayana s. vencatramanayya, Pearson

R3
Education

6
 (iii) Unit Wise blow up

UNIT 1

INTRODUCTION NETWORKING

A basic understanding of computer networks is requisite in order understand the principles

of network security. In this section, we'll cover some of the foundations of computer
networking, then move on an overview of some popular networks. Following that, we'll
take a more in: depth look at TCP/IP, the network protocol suite that is used run the
Internet and many intranets.

7
 TYPES AND SOURCES OF NETWORK THREATS

1. Denial:of:Service

2. Unauthorized Access

3. Executing Commands Illicitly

4. Confidentiality Breaches

5. Destructive Behavior

6. Data Diddling

7. Data Destruction

SECURE NETWORK DEVICES

1. Secure Modems; Dial:Back Systems

2. Cryp:Capable Routers

3. Virtual Private Networks

4. Encryption Options Beyond DES

CRYPTANALYSIS

If brute force is the only form of attack that can be made on an encryption algorithm, then
the way counter such attacks is obvious: use longer keys. For example, for a 128:bit key,
which is common, it would take over 10 19 years break the code using the EFF cracker.
Even if we managed speed up the cracker by a facr of 1 trillion, it would still take over 10
million years break the code. So a 128:bit key is guaranteed result in an algorithm that is
unbreakable by brute force. Structure of an encryption algorithm
The exact realization of a Feistel network depends on the choice of the following
parameters and design features:

 Block size.
o Key size .

o Number of rounds.

 Subkey generation algorithm.

o Round function:

 Fast software encryption/decryption.

 Ease of analysis

Triple DES
8
The most widely:used alternative DES is a variant of DES known as triple DES. DES is
highly resistant the known forms of cryptanalysis, so it makes sense use DES as a building
block for longer:key algorithms. Triple DES preserves the existing investment in software
and equipment, and operates by passing the data be encrypted through three stages of DES
The data is first encrypted with one key by passing it through the DES encryption
algorithm.

Then, the data is passed through the DES decryption algorithm using a second key. Finally,
the output of the second stage is passed through DES encryption again using either a third
key or a repetition of the first key.

In the former case, the key length is 168 bits, and in the latter, the key length is 112 bits.

Idea

The International Data Encryption Algorithm (IDEA) is a symmetric block cipher

developed by Xuejia Lai and James Massey of the Swiss Federal Institute of Technology in
1991. IDEA uses a 128:bit key and differs markedly from DES both in the round function
and in the subkey generation function. For the round function, IDEA does not use S:boxes.
Rather, IDEA relies on three different mathematical operations: XOR, binary addition of
16:bit integers, and binary multiplication of 16:bit integers. These functions are combined
produce a complex transformation that is very difficult analyze and hence very difficult
cryptanalyze. The subkey generation algorithm relies solely on the use of circular shifts, but
uses these in a complex way generate a tal of six subkeys for each of the eight rounds of
IDEA. Because IDEA was one of the earliest of the proposed 128:bit replacements for DES,
it has undergone considerable scrutiny and, so far, appears be highly resistant
cryptanalysis. IDEA is used in PGP (as one alternative) and is also used in a number of
commercial products.

Blowfish

Blowfish was developed in 1993 by Bruce Schneier, an independent consultant and

crypgrapher, and quickly became one of the most popular alternatives DES. Blow:fish was
designed be easy implement and have a high execution speed. It is also a very compact
algorithm that can run in less than 5k bytes of memory. An interesting feature of Blowfish is
that the key length is variable and can be as long as 448 bits. Blowfish uses 128:bit keys and
sixteen rounds.

Blowfish uses S:boxes and the XOR function, as does DES, but also uses binary addition.
Unlike DES, which uses fixed S:boxes, Blowfish uses dynamic S:boxes that are generated
as a function of the key. The subkeys and the S:boxes are generated by repeated application
of the Blowfish algorithm itself the key. A tal of 521 executions of the Blowfish encryption
algorithm are required produce the subkeys and S:boxes. Accordingly, Blowfish is not
suitable for applications in which the secret key changes frequently.

RC5

9
RC5 was developed in 1994 by Ron Rivest, one of the invenrs of the public:key algorithm
RSA. RC5 was designed have the following characteristics:

• Suitable for hardware or software. RC5 only uses primitive computational operations
commonly found on microprocessors.

• Speed. achieve this, RC5 is a simple algorithm and is word oriented. The basic operations
work on full words of data at a time.

• Adaptable processors of different word lengths . The number of bits in a word is a

parameter of RC5. Diff:erent word lengths yield different algorithms.

• Variable number of rounds. The number of rounds is a second parameter of RC5. This
parameter allows a trade:off between higher speed and higher security.

• Variable:length key. The key length is a third parameter of RC5. Again, this flexibility
allows a trade:off between speed and security.

• Data:dependent rotations. RC5 incorporates rotations (circular bit shifts) whose amount is
data dependent. This appears strengthen the algorithm against cryptanalysis.

CAST:128
CAST is a design procedure for symmetric encryption algorithms developed in 1997 by
Carlisle Adams and Stafford Tavares of Entrust Technologies. One specific algorithm
developed as part of the CAST project is CAST:128, which makes use of a key size that
varies from 40 bits 128 bits in 8:bit increments. CAST is the result of a long process of
research and development and has benefited from extensive review by cryplogists. It is
beginning be used in a number of products, including PGP.

STEGANOGRAPHY

Steganography sometimes is used when encryption is not permitted. Or, more commonly,
steganography is used supplement encryption. An encrypted file may still hide information
using steganography, so even if the encrypted file is deciphered, the hidden message is not
seen.

Special software is needed for steganography, and there are freeware versions available at
any good download site.

10
 UNIT 2

PUBLIC:KEY ENCRYPTION

INTRODUCTION
A crypgraphic system that uses two keys :: a public key known everyone and a private
or secret key known only the recipient of the message. When John wants send a secure
message Jane, he uses Jane's public key encrypt the message. Jane then uses her private
key decrypt it. An important element the public key system is that the public and private
keys are related in such a way that only the public key can be used encrypt messages and
only the corresponding private key can be used decrypt them. Moreover, it is virtually
impossible deduce the private key if you know the public key.

Public key crypgraphy, also known as asymmetric crypgraphy, is a form of crypgraphy in

which a user has a pair of crypgraphic keys : a public key and a private key. The private key
is kept secret, while the public key may be widely distributed. The keys are related
mathematically, but the private key cannot be practically derived from the public key. A
message encrypted with the public key can be decrypted only with the corresponding
private key.

The two main branches of public key crypgraphy are:

 public key encryption — a message encrypted with a recipient's public key cannot
be decrypted by anyone except the recipient possessing the corresponding private
key. This is used ensure confidentiality.
 digital signatures — a message signed with a sender's private key can be verified by
anyone who has access the sender's public key, thereby proving that the sender
signed it and that the message has not been tampered with. This is used ensure
authenticity.

INTRODUCTION PUBLIC:KEY CRYPGRAPHY

Public:key crypgraphy and related standards and techniques underlie security features of
many Netscape products, including signed and encrypted email, form signing, object
signing, single sign:on, and the Secure Sockets Layer (SSL) protocol. This document
introduces the basic concepts of public:key crypgraphy.

Symmetric: Key Encryption

With symmetric:key encryption, the encryption key can be calculated from the decryption
key and vice versa. With most symmetric algorithms, the same key is used for both
encryption and decryption, as shown in Figure 1.

Figure 1 Symmetric: key encryption

11
Implementations of symmetric:key encryption can be highly efficient, so that users do not
experience any significant time delay as a result of the encryption and decryption.

Symmetric:key encryption also provides a degree of authentication, since information

encrypted with one symmetric key cannot be decrypted with any other symmetric key.
Thus, as long as the symmetric key is kept secret by the two parties using it encrypt
communications, each party can be sure that it is communicating with the other as long as
the decrypted messages continue make sense.

RSA ALGORITHM
The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented
it in 1977. The basic technique was first discovered in 1973 by Clifford Cocks(part of the
British GCHQ) but this was a secret until 1997. RSA algorithm can be used for both public
key encryption and digital signatures. Its security is based on the difficulty of facring large
integers.

Key Generation Algorithm

 Generate two large random primes, p and q, of approximately equal size such
that their product n = pq is of the required bit length, e.g. 1024 bits. [See note 1].
 Compute n = pq and (φ) phi = (p:1)(q:1).
 Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1. [See note 2].
 Compute the secret exponent d, 1 < d < phi, such that
ed ≡ 1 (mod phi). [See note 3].
 The public key is (n, e) and the private key is (n, d). The values of p, q, and phi
should also be kept secret.
 n is known as the modulus.
 e is known as the public exponent or encryption exponent.
 d is known as the secret exponent or decryption exponent.

Encryption
Sender A does the following::
 Obtains the recipient B's public key (n, e).
 Represents the plaintext message as a positive integer m [see note 4].
 Computes the ciphertext c = m^e mod n.
 Sends the ciphertext c B.

12
Decryption
Recipient B does the following::
 Uses his private key (n, d) compute m = c^d mod n.
 Extracts the plaintext from the integer representative m.

Digital signing
Sender A does the following::
 Creates a message digest of the information be sent.
 Represents this digest as an integer m between 0 and n:1. [See note 5].
 Uses her private key (n, d) compute the signature s = m^d mod n.
 Sends this signature s the recipient, B.

Signature verification
Recipient B does the following::
 Uses sender A's public key (n, e) compute integer v = s^e mod n.
 Extracts the message digest from this integer.

ELLIPTIC CURVE

(1) What is an elliptic curve?

Well for a start, it is not the same as an ellipse! But be more positive: from school
mathematics, you probably know the equation for a circle centred on the (a,b) of radius r,
which is (x:a)^2 + (y:b)^2 = r^2, where x, y, a, b and r are real numbers. An elliptic curve is
also defined by an equation, but it has the slightly more complicated form:

y^2 [ + x·y ] = x^3 + a·x^2 + b

(2) What is a field?

The familiar examples of fields are real numbers, complex numbers, rational numbers
(fractions) and integers modulo a prime number. The latter is an example of a "finite field".
The requirements of a field are normal addition and multiplication, plus the existence of
both additive and multiplicative inverses (except that 0 doesn't have a multiplicative
inverse). put it another way, a field has addition, subtraction, multiplication and division :
and these operations always produce a result that is in the field, with the exception of
division by zero, which is undefined.It turns out that this construction works for other
"reduction rules" involving higher powers of i.This construction works for all p and m, as
long as p is prime; in fact every finite field can be constructed in this way; moreover two
finite fields with the same number of elements are always isomorphic : that is there is a 1:1
map between them which preserves the addition and multiplication rules.

(3) How are elliptic curves used?

The crucial property of an elliptic curve is that we can define a rule for "adding" two points
which are on the curve, obtain a 3rd point which is also on the curve. This addition rule
13
satisfies the normal properties of addition. In math jargon, the points and the addition law
form a finite Abelian group.The equations for the addition rule are given in (7) and (8).For
addition be well defined for any two points, we need include an extra 'zero' point O, which
does not satisfy the elliptic curve equation. This 'zero' point is taken be a fully paid up point
of the curve. The order of the curve is the number of distinct points on the curve, including
the zero point.Having defined addition of two points, we can also define multiplication k*P
where k is a positive integer and P is a point as the sum of k copies of P.

Thus 2*P = P+P

3*P = P+P+P
etc.This is analagous how we define "powers" in normal arithmetic, where
x^2 = x.x
x^3 = x.x.x
etc.

(4) WHAT IS A HASH FUNCTION?

A hash function H is a transformation that takes a variable:size input m and returns a

fixed:size string, which is called the hash value h (that is, h = H(m)). Hash functions with
just this property have a variety of general computational uses, but when employed in
crypgraphy the hash functions are usually chosen have some additional properties.

The basic requirements for a crypgraphic hash function are:

1. the input can be of any length,

2. the output has a fixed length,
3. H(x) is relatively easy compute for any given x ,
4. H(x) is one:way,
5. H(x) is collision:free.

A hash function H is said be one:way if it is hard invert, where "hard invert" means that
given a hash value h, it is computationally infeasible find some input x such that H(x) = h.

If, given a message x, it is computationally infeasible find a message y not equal x such
that H(x) = H(y) then H is said be a weakly collision:free hash function.

A strongly collision:free hash function H is one for which it is computationally infeasible

find any two messages x and y such that H(x) = H(y).

UNIT 3
14
DIGITAL SIGNATURE ALGORITHM

DIFINITION
A digital signature (not be confused with a digital certificate) is an electronic signature that
can be used authenticate the identity of the sender of a message or the signer of a
document, and possibly ensure that the original content of the message or document that
has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated
by someone else, and can be automatically time:stamped. The ability ensure that the
original signed message arrived means that the sender cannot easily repudiate it later.

HOW IT WORKS
Assume you were going send the draft of a contract your lawyer in another way. You want
give your lawyer the assurance that it was unchanged from what you sent
and that it is really from you.
 You copy:and:paste the contract (it's a short one!) in an e:mail note.
 Using special software, you obtain a message hash (mathematical summary)
of the contract.
 You then use a private key that you have previously obtained from a
public:private key authority encrypt the hash.
 The encrypted hash becomes your digital signature of the message. (Note
that it will be different each time you send a message.)

AUTHENTICATION PROCOLS

Various authentication protocols are listed and described below.

 CHAP : Challenge Handshake Authentication Protocol is a three way

handshake protocol which is considered more secure than PAP.
Authentication Protocol.
 EAP : Extensible Authentication Protocol is used between a dial:in client and
server determine what authentication protocol will be used.
 PAP : Password Authentication Protocol is a two way handshake protocol
designed for use with PPP. Authentication Protocol Password Authentication
Protocol is a plain text password used on older SLIP systems. It is not secure.
 SPAP : Shiva PAP. Only NT RAS server supports this for clients dialing in.
 DES : Data Encryption Standard for older clients and servers.
 RADIUS : Remote Authentication Dial:In User Service used authenticate
users dialing in remotely servers in a organization's network.

SNA NETWORKING PROCOLS

System Network Architecture (SNA) by IBM is a suite of protocols mainly used with IBM
mainframe and AS/400 computers.

(1) APPC : Advanced Peer::Peer Communications provides peer peer services at the
transport and session layer. Part of the System Network Architecture (SNA) suite of
protocols.

15
 (2) APPN : Advanced Peer::Peer Networking supports the computer connections at the
network and transport layers. Part of the System Network Architecture (SNA) suite
of protocols.

ENCRYPTION PROCOLS

Various encryption protocols are listed and described below.

 CIPE : Cryp IP Encapsulation. An encryption protocol.

 SSL : Secure sockets layer. An encryption protocol.

UNIT 4

IP SECURITY
In 1994, the Internet Architecture Board (IAB) issued a report entitled "Security in the
Internet Architecture" (RFC 1636). The report stated the general consensus that the Internet
needs more and better security, and it identified key areas for security mechanisms. Among
these were the need secure the network infrastructure from unauthorized monitoring and

16
control of network traffic and the need secure end:user::end:user traffic using
authentication and encryption mechanisms.

BENEFITS OF IPSEC

The benefits of IPSec include:

 When IPSec is implemented in a firewall or router, it provides strong

security that can be applied all traffic crossing the perimeter. Traffic within
a company or workgroup does not incur the overhead of security:related
processing.
 IPSec is below the transport layer (TCP, UDP), so is transparent
applications. There is no need change software on a user or server system
when IPSec is implemented in the firewall or router. Even if IPSec is
implemented in end systems, upper layer software, including applications, is
not affected.

Authentication Header

The authentication header provides support for data integrity and authentication of IP
packets. The data integrity feature ensures that undetected modification the content of a
packet in transit is not possible. The authentication feature enables an end system or
network device authenticate the user or application and filter traffic accordingly; it also
prevents the address spoofing attacks observed in day's Internet. The AH also guards against
the replay attack described later.

17
Authentication is based on the use of a Message Authentication Code (MAC); hence the
two parties must share a secret key. The authentication header consists of the following
fields (Figure 2):

 Next Header (8 bits): This field identifies the type of header immediately
following this header.
 Payload Length (8 bits): This field gives the length of the authentication
header in 32:bit words, minus 2. For example, the default length of the
authentication data field is 96 bits, or three 32:bit words. With a three:word
fixed header, there are a tal of six words in the header, and the Payload
Length field has a value of 4.
 Reserved (16 bits): This field is reserved for future use.

WEB SECURITY

The Security Landscape Continues Evolve

The use of the web launch attacks, and the variety of methods used launch attacks has
increased in recent years. The number of malicious websites and the amount of malicious
code being released with criminal intent (crimeware) has continued rise. The phishing
landscape has also changed considerably, with significant differences in types of targets and
attacks. Browser and operating system exploits are being used more frequently, including
zero:day exploits used for spyware, crimeware, phishing, and key logger installations.

New Threats Demand New Technologies

Perimeter defenses, like firewalls, are designed prevent web security threats from outside,
but perimeter defenses can be bypassed. Endpoint defenses, like antivirus software on the
deskp, are designed prevent threats from the inside, but antivirus software can only protect
against threats when the threat is already known. Clearly, organizations need a more
comprehensive, defense:in:depth solution.

18
 ensure the needed protection, organizations need incorporate content:level protection in
their overall security strategies. A critical component of any defense:in:depth strategy, Web
sense provides an additional layer of protection against web security and endpoint security
threats.

UNIT 5

INTRUDERS, VIRUSES AND WORMS

19
INTRODUCTION :

A program or piece of code that is loaded on your computer without your knowledge and
runs against your wishes. Viruses can also replicate themselves. All computer viruses are
manmade. A simple virus that can make a copy of itself over and over again is relatively
easy produce. Even such a simple virus is dangerous because it will quickly use all
available memory and bring the system a halt. An even more dangerous type of virus is one
capable of transmitting itself across networks and bypassing security systems.
WORMS

 A program or algorithm that replicates itself over a computer network and usually
performs malicious actions, such as using up the computer's resources and possibly
shutting the system down.

 When used in all capital letters, WORM is an acronym for write once, read many, an
optical disk technology that allows you write data on a disk just once. After that, the
data is permanent and can be read any number of times.

FIREWALLS

Firewalls create a secure barrier (in theory) between your internal network and the outside
world. Common in large corporate environments for years, the growth of broadband internet
access has expanded the need for firewalls on any network with a full time internet
connection. But not all firewalls are created equal, and even a great firewall is only as good
as it's configuration. In fact, they're not really walls, but doors that allow trusted traffic flow
in and out of your network. Unfortunately, firewalls can give network administrars a false
sense of security resulting in weak security policies and unsecured servers. Never assume a
firewall is completely secure, perform regular audits, and never let up on the security on the
other side of the wall.

TRUSTED SYSTEM

In the security engineering subspecialty of computer science, a trusted system is a system

that is relied upon a specified extent enforce a specified security policy. As such, a trusted
system is one which failure may break a specified security policy.

The highest levels of assurance were guaranteed by significant system engineering directed
ward minimization of the size of the trusted computing base, or TCB, defined as that
combination of hardware, software, and firmware that is responsible for enforcing the
system's security policy.'Trust is that which is essential a communication channel but
cannot be transferred from a source a destination using that channe

(iv) RGPV Exam Paper

CS/IT-7201

20
 B. E. (Seventh Semester) examination, June,2009

(Common for CS & IT Engg.)

NETWORK SECURITY

Time : Three Hours

Maximum Marks : 100

Minimum Pass Marks ; 35

Note: Attempt any one question from each unit, all question carry equal marks.

Unit-I

1. (a) Describe conventional encryption model. What are the requirements for secure use of
conventional encryption ?
(b) Give an overview of simplified DES.
OR
2. (a) What is Stenography ? What are various drawbacks and advantage of Stenography.
(b) What is triple DES ? How we can differentiate two key and three key triple DES ?

Unit-II

3. (a) What are the principles of the public key cryptosystems ? Differentiate conventional
encryption and public key encryption.
(b) What do you mean by RSA algorithms ? In the public key system using RSA, you
intercept the ciphertext C = 11 sent to a user whose public key is e = 7, h = 37. What is the
plaintext M ?

OR
4.(a) What do you mean by birthday attack ?
(b) Explain Diffe-Hellman key exchange, if Alice has chosen a common pair h= 13, y=7
shared with his friend Bob having sincere random nos.x =3 and y = 9 respectively for Alice
and Bob but unfortunately woman-in-middle-attack is there by mona having x =8, y = 6.
Then calculate secret shared key and also verify the attack.

Unit- III

5.(a) What do you mean by Kerberos ? Compare it with digital signature.

(b) What do you understand by strength of ND5 ? Compare MD4 and MD5.

OR

1. (a) Why are massage authentication codes derived from a cryptographic hash
function being preferred over authentication code derived from symmetric cipher ?

21
 (b) What do you understand by security of HMAC ?

Unit-IV

2. (a) What do you mean by IP security ?

(b) What is Honey-pot ? Explain Secure Electronic Transaction (SET).

OR

3. (a) Differentiate Kerberos version 4 and 5.

(b) Compare the types of security threats faced in using the web.

Unit-V

4. (a) Explain any four among below :

(i) E-mail viruses
(ii) Trojan horses
(iii) Zombie
(iv) Logic bomb
(v) Trap doors
(vi) Morris worm

(b)what do you mean by Firewall Design principles ? Also explain its

characteristics.

OR

10. (a) What are the weaknesses of a packet filtering router ? What do you mean by
application

(b) What do you mean by multilevel security ?Also explain trusted systems.

(v) Model Test Paper

22
 CS:7201
NETWORK SECURITY
Time : Three Hours

Maximum Marks : 100

Minimum Pass Marks : 35

Note: Attempt any five questions. All questions carry equal marks.

Que : 1 (a) Define conventional Encryption Model with Example.

a. Define types and different sources of network threats.

Que 2 (a) Explain RSA algorithm.with example.

1. Define principal elements of public key crypsystem. What are the roles of the public
key and private key.

Que 3 (a) Write the conventional Encryption Algorithm.

(b) Define symmetric key encryption with example.

Que 4 (a) What is an Elliptic curve.? How are elliptic curve used.?
(b) What is hash function.? Write the basic requirements for a crypgraphic hash
function.?

Que 5. (a) What are the block cipher modes of operation. Explain each function of block
chipper model.
(b) Define term Digital Signature. How it works.

Que 6 (a) Explain Encryption Protocol, SNA network protocol.

(b) Define term IP security, Write the benefits of IP security.

Que 7 (a) What is firewall. Give design principles for a firewall.

(b) Define trusted System in detail.

Que 8 Write short notes on any Four of the following :

i) Authentication procedure
ii) Intruders
iii)IDEA
iv) Steganography
v) MDS
vi) Brute:force attack

23