1 Can you explain the concept security attack, security mechanism

and security services.

Security attack: Any action that compromises the security of information
owned by an organization.
Security mechanism: A process that is designed to detect, prevent, or
recover from a security attack.
Security service: A processing or communication service that enhances the
security of the data processing systems and the information transfers of an
organization.

2. Convert the Given Text CRYPTOGRAPHY into cipher text using Rail
fence Technique.
Rail 1: C P R Y
Rail 2: R Y O G A P H
Rail 3: T T Y
Ciphertext: CPRYRYOGAPHTTH

OR
Rail 1: C Y T R P Y
Rail 2: R P O G A H
Ciphertext: CYTRPYRPOGAH

3. Interpret masquerade.

A masquerade takes place when one entity pretends to be a different

entity.

For example, authentication sequences can be captured and replayed after a

valid authentication sequence has taken place, thus enabling an authorized
entity with few privileges to obtain extra privileges by impersonating an
entity that has those privileges

4. Interpret about Round Keys Generation in DES.

Initial 64-bit key is transformed into a 56-bit key by discarding every 8th bit
of the initial key.
Thus, for each a 56-bit key is available. From this 56-bit key, a different 48-
bit Sub Key is generated during each round using a process called key
transformation.
For this, the 56-bit key is divided into two halves, each of 28 bits.
5. Describe subBytes.

 This stage (known as SubBytes) is simply a table lookup using a 16 ×

16 matrix of byte values called an s-box.
 This matrix consists of all the possible combinations of an 8 bit
sequence (28 = 16 × 16 = 256).
 However, the s-box is not just a random permutation of these values
and there is a well defined method for creating the s-box tables.

Part –B

6. a) Discuss the types of security threads and attacks that must be

dealt with and give examples of the types of threats and attacks
that apply to different categories of computer and network assets.

Threat
A threat is a possible security violation that might exploit the vulnerability
of a system or asset. The origin of the threat may be accidental,
environmental (natural disaster), human negligence, or human failure.
Different types of security threats are interruption, interception,
fabrication, and modification.

Types of Threats
 Unstructured Threats: Unstructured threats are typically executed by
inexperienced individuals using easily accessible hacking tools like shell
scripts and password crackers. If executed solely to test a hacker’s
skills, they can cause significant damage to a company.
 Structured Threat: A structured threat involves an organized attempt
to breach a specific network or organization. These threats come from
highly motivated and technically proficient hackers.
 External Threats: External threats might come from individuals or
organizations working outside the company. They have unauthorized
access to the computer systems and network. They typically enter a
network via the Internet or dial-up access servers.
 Internal Threat: Internal dangers occur due to authorized network
access, whether through a server account or physical access.

ATTACKS

The security attacks can be classified into two types passive attacks and
active attacks.
A passive attack attempts to learn or make use of information from the
system but does not affect system resources.

An active attack attempts to alter system resources or affect their

operation.

Passive Attack

The release of message contents is easily understood (Figure 1.5a).A

telephone conversation, an electronic mail message, and a transferred file
may contain sensitive or confidential information. We would like to prevent
an opponent from learning the contents of these transmissions.

Traffic analysis is subtler. Suppose that we had a way of masking the

contents of messages or other information traffic so that opponents, even if
they captured the message, could not extract the information from the
message. The common technique for masking contents is encryption. If we
had encryption protection in place, an opponent might still be able to
observe the pattern of these messages.

Passive attacks are very difficult to detect, because they do not involve
any alteration of the data. Typically, the message traffic is not sent and
received in an apparently normal fashion and the sender nor receiver is
aware that a third party has read the messages or observed the traffic
pattern.
Active Attacks

Active attacks involve some modification of the data stream or the creation
of a false stream and can be subdivided into four categories: masquerade,
replay, modification of messages, and denial of service.

A masquerade takes place when one entity pretends to be a different entity

(Figure 1.6a). A masquerade attack usually includes one of the other forms
of active attack. For example, authentication sequences can be captured and
replayed after a valid authentication sequence has taken place, thus
enabling an authorized entity with few privileges to obtain extra privileges by
impersonating an entity that has those privileges.

Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect

Modification of messages simply means that some portion of a legitimate

message is altered, or that messages are delayed or reordered, to produce
an unauthorized effect (Figure 1.6c). For example, a message meaning
“Allow John Smith to read confidential file accounts” is modified to mean
“Allow Fred Brown to read confidential file account.

The denial of service prevents or inhibits the normal use or management

of communications facilities. This attack may have a specific target.

A threat is a potential security risk that could take advantage of a system

or asset’s weakness. An attack is a deliberate unauthorized action on a
system or asset. Threats and attacks on information security can be
avoided in a number of ways. The IT system should be designed and
administered using soft and physical firewalls, update antivirus and
antimalware software, and other forms of protection.

6. b) (i) Give explanation in detail about Computer Security

Concepts with example.(8 marks)
Computer Security

The protection afforded to an automated information system in order to

attain the applicable objectives of preserving the integrity, availability, and
confidentiality of information system resources (includes hardware, software,
firmware, information/ data, and telecommunications)

This definition introduces three key objectives that are at the heart of
computer security:

Confidentiality: This term covers two related concepts:

Data confidentiality: Assures that private or confidential information

is not made available or disclosed to unauthorized individuals.

Privacy: Assures that individuals control or influence what information

related to them may be collected and stored and by whom and to
whom that information may be disclosed.

Integrity: This term covers two related concepts:

Data integrity: Assures that information and programs are changed

only in a specified and authorized manner.

System integrity: Assures that a system performs its intended

function in an unimpaired manner, free from deliberate or inadvertent
unauthorized manipulation of the system.

Availability: Assures that systems work promptly and service is not denied
to authorized users

These three concepts form what is often referred to as the CIA triad
Authenticity: The property of being genuine and being able to be verified
and trusted; confidence in the validity of a transmission, a message, or
message originator. This means verifying that users are who they say they
are and that each input arriving at the system came from a trusted source

Accountability: The security goal that generates the requirement for

actions of an entity to be traced uniquely to that entity. This supports non
repudiation, deterrence, fault isolation, intrusion detection and prevention,
and after-action recovery and legal action.

(ii)Consider an automated cash deposit machine in which users

provide a card or an account number to deposit cash. Give examples
of confidentiality, integrity, and availability requirements
associated with the system, and, in each case, indicate the degree
of importance of the requirement.(7 marks)

Confidentiality requirements: One of the primary confidentiality

requirements for the automated cash deposit machine is the need to protect
the personal and financial information of users. This information could
include account numbers, deposit amounts, and other sensitive information
that should only be accessible to authorized parties. The degree of
importance for this requirement is high, as the exposure of this information
could lead to financial loss or identity theft.

Integrity requirements: The integrity of the automated cash deposit

machine system is essential to ensure that the deposited cash is accurately
recorded and credited to the correct account. The system should have
measures in place to prevent tampering with the deposited cash and ensure
the accuracy of the recorded deposit amounts. The degree of importance for
this requirement is also high, as any errors or inconsistencies in the
deposited amounts could lead to financial loss or incorrect account balances.

Availability requirements: The availability of the automated cash deposit

machine system is crucial to ensure that users can make deposits whenever
they need to. The system should have measures in place to prevent
downtime, such as regular maintenance and backup systems, to ensure that
users can always access the machine when needed. The degree of
importance for this requirement is also high, as any downtime could lead to
inconvenience for users and potential financial loss for the company running
the machine.

7. a) Elaborate on AES encryption and decryption. How will

you evaluate the AES algorithm.
The Advanced Encryption Standard (AES) was published by the National
Institute of Standards and Technology (NIST) in 2001.

AES is a symmetric block cipher that is intended to replace DES as the

approved standard for a wide range of applications. Compared to public-key
ciphers such as RSA, the structure of AES and most symmetric ciphers is
quite complex and cannot be explained as easily as many other
cryptographic algorithms.

AES Parameters

■ Block Size is 128

■ No. of Rounds is 10

■ Key Size is 128 bits (4 Words/16 Bytes)

■ No. of Sub keys is 44 (128 bit)

■ Each subkey Size is 32 bits/ 1 word/ 4 bytes

■ Each Round there is 4 subkeys, total 40 subkeys

■ Pre round calculation, 4 Subkeys were used

■ Cipher Text is 128 bits

Encryption Process:
Detailed Structure

Here, we restrict to description of a typical round of AES encryption. Each

round comprises of four sub-processes. The first-round process is depicted
below

1. AES instead processes the entire data block as a single matrix during each
round using substitutions and permutation.

2. The key that is provided as input is expanded into an array of forty-four

32-bit words, w[i]. Four distinct words (128 bits) serve as a round key for
each round.

3. Four different stages are used, one of permutation and three of

substitution:

• Substitute bytes: Uses an S-box to perform a byte-by-byte

substitution of the block

• ShiftRows: A simple permutation

• MixColumns: A substitution that makes use of arithmetic over

• AddRoundKey: A simple bitwise XOR of the current block with

a portion of the expanded key.

4. The structure is quite simple. For both encryption and decryption, the
cipher begins with an AddRoundKey stage, followed by nine rounds that each
includes all four stages, followed by a tenth round of three stages.

5. Only the AddRoundKey stage makes use of the key. For this reason, the
cipher begins and ends with an AddRoundKey stage. Any other stage,
applied at the beginning or end, is reversible without knowledge of the key
and so would add no security.

6. The AddRoundKey stage is, in effect, a form of Vernam cipher and by itself
would not be formidable. The other three stages together provide confusion,
diffusion, and nonlinearity, but by themselves would provide no security
because they do not use the key. We can view the cipher as alternating
operations of XOR encryption (AddRoundKey) of a block, followed by
scrambling of the block (the other three stages), followed by XOR encryption,
and so on.This scheme is both efficient and highly secure.
7. Each stage is easily reversible. For the Substitute Byte, ShiftRows, and
MixColumns stages, an inverse function is used in the decryption algorithm.
For the AddRoundKey stage, the inverse is achieved by XORing the same
round key to the block.

8. The decryption algorithm makes use of the expanded key in reverse order.
The decryption algorithm is not identical to the encryption algorithm.

9. The final round of both encryption and decryption consists of only three
Stages. This is a consequence of the particular structure of aes and is
required to make the cipher reversible.
b) Describe DES algorithm with neat diagram and explain the steps.

As with any encryption scheme, there are two inputs to the

encryption function: the plaintext to be encrypted and the
key. In this case, the plaintext must be 64 bits in length and the
key is 56 bits in length.

Input of 64-bit plaintext passes through an initial permutation (IP)

that rearranges the bits to produce the permuted input. This is
followed by a phase consisting of sixteen rounds of the same
function, which involves both permutation and substitution
functions. The output of the last (sixteenth) round consists of 64
bits that are a function of the input plaintext and the key. The left
and right halves of the output are swapped to produce the
preoutput.

Finally, the preoutput is passed through a permutation that is the

inverse of the initial permutation function, to produce the 64-bit
ciphertext. 56-bit key is used. Initially, the key is passed through
a permutation function. Then, for each of the sixteen rounds, a
subkey (Ki) is produced by the combination of a left circular shift
and a permutation. The permutation function is the same for each
round, but a different subkey is produced because of the repeated
shifts of the key bits.
Key Generation

64-bit key is used as input to the algorithm. The bits of the key are
numbered from 1 through 64. The key is first subjected to a permutation
governed by a table labeled Permuted Choice One. The resulting 56-bit key
is then treated as

two 28-bit quantities, labeled C0 and D0. At each round, Ci-1 and Di-1 are
separately subjected to a circular left shift or (rotation) of 1 or 2 bits.

These shifted values serve as input to the next round. They also serve as
input to the part labeled Permuted Choice Two, which produces a 48-bit
output that serves as input to the function F(Ri-1, Ki).
DES Decryption

As with any Feistel cipher, decryption uses the same algorithm as

encryption, except that the application of the subkeys is reversed.

The Avalanche Effect That a small change in either the plaintext or the key
should produce a significant change in the cipher text. a change in one bit of
the plaintext or one bit of the key should produce a change in many bits of
the cipher text. This is referred to as the avalanche effect.