What is Transposition technique? Explain one of technique with example.

4m
Ans :
Transposition techniques

Transposition techniques in cryptography involve rearranging the order of characters in the

plaintext without altering their identities.

Unlike substitution techniques, where characters are replaced with other characters,
transposition techniques focus on changing the positions of characters within the message. Here
are some common transposition techniques:

1. Columnar Transposition: In columnar transposition, the plaintext is written out in rows

of a fixed length, and then the columns are rearranged according to a specific key. The
ciphertext is then formed by reading the columns in a different order.

Example : The key for the columnar transposition cipher is a keyword e.g., ORANGE. The row
length that is used is the same as the length of the keyword.
To encrypt a below plaintext: COMPUTER PROGRAMMING

In the above example, the plaintext has been padded so that it neatly fits in a rectangle. This is
known as a regular columnar transposition. An irregular columnar transposition leaves these
characters blank, though this makes decryption slightly more difficult. The columns are now
reordered such that the letters in the key word are ordered alphabetically.

The Encrypted text or Cipher text is: MPMETGNMUOIXPRXCERGORAL

Explain the working of Kerberos 4m,

Ans :
Kerberos is a network authentication protocol. It is designed to provide strong authentication for
client/server applications by using secret-key cryptography.
The entire process takes a total of eight steps, as shown below. 1. The authentication service, or
AS, receivers the request by the client and verifies that the Client is indeed the computer it
claims to be. This is usually just a simple database lookup of the user‟s ID.
2. Upon verification, a timestamp is crated. This puts the current time in a user session,
along with an expiration date. The default expiration date of a timestamp is 8 hours. The
encryption key is then created. The timestamp ensures that when 8 hours is up, the
encryption key is useless. (This is used to make sure a hacker doesn‟t intercept the data,
and try to crack the key. Almost all keys are able to be cracked, but it will take a lot
longer than 8 hours to do so).

3. The key is sent back to the client in the form of a ticket-granting ticket, or TGT. This
is a simple ticket that is issued by the authentication service. It is used for authentication
the client for future reference.
4. The client submits the ticket-granting ticket to the ticket-granting server, or TGS, to
get authenticated.

5. The TGS creates an encrypted key with a timestamp, and grants the client a service
ticket.
 6. The client decrypts the ticket, tells the TGS it has done so, and then sends its own
encrypted key to the service server.

7. The service server decrypts the key, and makes sure the timestamp is still valid. If it is,
the service contacts the key distribution center to receive a session that is returned to the
client.
8. The client decrypts the ticket. If the keys are still valid, communication is initiated
between client and server.
Explain configuration & limitations of firewall. 4m
Ans :
Policies of firewall: a) All traffic from inside to outside and vice versa must pass through the
firewall. To achieve this all access to local network must first be physically blocked and access
only via the firewall should be permitted. As per local security policy traffic should be
permitted. b) The firewall itself must be strong enough so as to render attacks on it useless.
Configuration of firewall
There are 3 common firewall configurations.
1. Screened host firewall, single-homed bastion configuration
2. Screened host firewall, dual homed bastion configuration
3. Screened subnet firewall configuration
1. Screened host firewall, single-homed bastion configuration
In this type of configuration a firewall consists of following parts
i)A packet filtering router
(ii)An application gateway.

allowed only if it is destined for application gateway, by verifying the destination address field
of incoming IP packet. It also performs the same task on outing data by checking the source
proxy function. Here Internal users are connected to both application gateway as well as to
packet filters therefore if packet filter is successfully attacked then the whole Internal Network is
opened to the attacker

3. Screened host firewall, dual homed bastion configuration

To overcome the disadvantage of a screened host firewall, single homed bastion
configuration, another configuration is available known as screened host firewall, Dual
homed bastion. n this, direct connections between internal hosts and packet filter are
avoided. As it provide connection between packet filter and application gateway, which has
separate connection with the internal hosts. Now if the packet filter is successfully attacked.
Only application gateway is visible to attacker. It will provide security to internal hosts.

Limitations: (one mark)

1. Firewall do not protect against inside threats.
2. Packet filter firewall does not provide any content based filtering.
3. Protocol tunneling, i.e. sending data from one protocol to another protocol which negates
the purpose of firewall.
4. Encrypted traffic cannot be examine and filter.
Explain PKI in detail. 4 m
Ans :
A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures
needed to create, manage, distribute, use, store and revoke digital certificates and manage
public- key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of
information for a range of network activities such as e-commerce, internet banking and
confidential email. PKI is the governing body behind issuing digital certificates. It helps to
protect confidential data and gives unique identities to users and systems. Thus, it ensures
security in communications. The public key infrastructure uses a pair of keys: the public key and
the private key to achieve security. The public keys are prone to attacks and thus an intact
infrastructure is needed to maintain them. PKI identifies a public key along with its purpose. It
usually consists of the following components:
A digital certificate also called a public key certificate
Private Key tokens
Registration authority
Certification authority
CMS or Certification management system
Working on a PKI: PKI and Encryption: The root of PKI involves the use of cryptography
and encryption techniques. Both symmetric and asymmetric encryption uses a public key. There
is always a risk of MITM (Man in the middle). This issue is resolved by a PKI using digital
certificates. It gives identities to keys in order to make the verification of owners easy and
accurate.
Public Key Certificate or Digital Certificate: Digital certificates are issued to people and
electronic systems to uniquely identify them in the digital world.
The Certification Authority (CA) stores the public key of a user along with other
information about the client in the digital certificate. The information is signed and a
digital signature is also included in the certificate.
The affirmation for the public key then thus be retrieved by validating the signature
using the public key of the Certification Authority.
Certifying Authorities: A CA issues and verifies certificates. This authority makes sure that the
information in a certificate is real and correct and it also digitally signs the certificate. A CA or
Certifying
Authority performs these basic roles:
Generates the key pairs – This key pair generated by the CA can be either independent or
in collaboration with the client.
Issuing of the digital certificates – When the client successfully provides the right details
about his identity, the CA issues a certificate to the client. Then CA further signs this
certificate digitally so that no changes can be made to the information.
Publishing of certificates – The CA publishes the certificates so that the users can find
them. They can do this by either publishing them in an electronic telephone directory or
by sending them out to other people.
Verification of certificate – CA gives a public key that helps in verifying if the access
attempt is authorized or not.
Revocation – In case of suspicious behavior of a client or loss of trust in them, the CA
has the power to revoke the digital certificate.
 The most popular usage example of PKI (Public Key Infrastructure) is the HTTPS
(Hypertext Transfer Protocol Secure) protocol. HTTPS is a combination of the HTTP
(Hypertext Transfer Protocol) and SSL/TLS (Secure Sockets Layer/Transport Layer
Security) protocols to provide encrypted communication and secure identification of a
Web server.
In HTTPS, the Web server's PKI certificate is used by the browser for two purposes:
Validate the identity of the Web server by verify the CA's digital signature in the
certificate. Encrypt a secret key to be securely delivered to the Web server. The secret
key will be used to encrypt actual data to be exchanged between the browser and the
Web server. Other examples of PKI (Public Key Infrastructure) are: Digital signature -
The sender of a digital message uses his/her private key to generate a digital signature
attached to the message. The receiver uses the sender's certificate to verify the digital
signature to ensure the message was sent by the claimed sender. Encryption of
documents - The sender of a digital message uses the receiver's certificate to encrypt the
message to protect the confidentiality of the message. Only the receiver who can use
his/her private key decrypt the message. Digital identification - User's certificate is
stored in a smart card to be used to verify card holder's identities. (CONSIDER ANY
ONE EXAMPLE)

Convert the given plain test into cipher text using single columnar technique using
following data

Ans :
remaining

Explain stenography technique with suitable diagram. 2m

Ans :
Steganography:
Steganography is the art and science of writing hidden message in such a way that no one apart
from sender and intended recipient suspects the existence of the message. Steganography works
by replacing bits of useless or unused data in regular computer files (such as graphics, sound,
text, html or even floppy disks) with bits of different, invisible information. This hidden
information can be plain text, cipher text or even images. In modern steganography, data is first
encrypted by the usual means and then inserted, using a special algorithm, into redundant data
that is part of
a particular file format such as a JPEG image.
Steganography process:
Cover-media + Hidden data + Stego-key = Stego-medium

Cover media is the file in which we will hide the hidden data, which may also be encrypted
using stego-key. The resultant file is stego medium. Cover-media can be image or audio file.
Stenography takes cryptography a step further by hiding an encrypted message so that no one
suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data.
Stenography has a number of drawbacks when compared to encryption. It requires a lot of
overhead to hide a relatively few bits of information. I.e. One can hide text, data, image, sound,
and video, behind image.
Applications :
1. Confidential communication and secret data storing
2. Protection of data alteration
3. Access control system for digital content distribution
4. Media Database systems
State difference between Firewall and Intrusion Detection System? 2m
State of needs of Firewalls. 2m
Ans :
A firewall is a network security device that monitors incoming and outgoing network traffic
and permits or blocks data packets based on a set of security rules.
Its purpose is to establish a barrier between your internal network and incoming traffic from
external sources (such as the internet) in order to block malicious traffic like viruses and
hackers.
Firewalls can be an effective means of protecting a local system or network of systems from
network-based security threats while at the same time affording access to the outside world via
wide area networks and the Internet.
Describe the DMZ with suitable example.2m
Ans :
DMZ (Demilitarized Zone): a computer host or small network It is inserted a a private network
and the as “neutral zone” in company‟s outside public network. avoids outside users from
getting direct It access a data server. A DMZ optional but more to company‟s is an secure
approach a firewall. can effectively acts a proxy server. toItas The typical DMZ configuration
has a separate computer or host in network which receives requests from users within the private
network access a web sites or public network. Then DMZ host to initiates sessions for such
requests on the public network but not it is able initiate a session back into the private network.
only toIt can forward packets which have been requested a host. The public by network‟s users
who are outside the company access only the can DMZ host. store the web pages which be
served It can company‟s can toto the outside users. Hence, the DMZ give access can‟t the other
company‟s data. By any way, outsider penetrates the if an DMZ‟s security the web pages may
get corrupted but other company‟s information can be safe.

Examples:
1) Web servers It‟s possible for web servers communicating with internal database servers be
deployed a DMZ. This makes internal databases more to in secure, these are the repositories
responsible for storing sensitive as information. Web servers connect with the internal database
can server directly or through application firewalls, even though the DMZ continues to provide
protection.
2) servers DNS A server stores a database of public addresses and their DNSIP associated
hostnames. usually resolves or converts those names Itto IP addresses when applicable. servers
use specialized software DNS and communicate with one another using dedicated protocols.
Placing a server within the DMZ prevents external requests from DNS gaining access the
internal network. Installing a second toDNS server on the internal network also serve additional
security.
3)Proxy servers A proxy server often paired with a firewall. Other computers use isit to view
Web pages. When another computer requests a Web page, the proxy server retrieves and
delivers the appropriate requesting itit to machine. Proxy servers establish connections behalf of
clients, on shielding them from direct communication with a server. They also isolate internal
networks from external networks and save bandwidth by caching web content.
Classify following cyber-crimes: i) Cyber stalking ii) Email harassment 2 m
Ans :
i) Cyber stalking : Cyber Stalking means following some ones activity over internet. This can
be done with the help of many protocols available such as e- mail, chat rooms, user net groups.
OR
Cyber stalking :Cyberstalking/ Harassment refers to the use of the internet and other
technologies to harass or stalk another person online, and is potentially a crime in the India
under IT act-2000. This online harassment, which is an extension of cyberbullying and in-
person stalking, can take the form of e-mails, text messages, social media posts, and more and is
often methodical, deliberate, and persistent.
ii) Email harassment
:
Email harassment is usually understood to be a form of stalking in which one or more people
send consistent, unwanted, and often threatening electronic messages to someone else
OR
Email harassment : Cybercrime against individual
Define AS, TGS with respect to Kerberos.2m
Ans :
In the context of Kerberos (a network authentication protocol), the terms AS and TGS are
defined as:

- AS (Authentication Server):
It is the component of the Key Distribution Center (KDC) that authenticates users and issues
Ticket Granting Tickets (TGTs) after verifying the user’s credentials.

- TGS (Ticket Granting Server):

Also part of the KDC, the TGS issues service tickets based on the TGT, allowing users to
access specific network services securely.
Explain Following terms:
. i) Application Gateway
ii) Honey Pots 4m
ans :
Sure! Here's the same explanation without any bold text:

---

i) Application Gateway (2 marks):

An Application Gateway, also known as an Application-Level Gateway or Proxy Firewall, is a
security component that filters incoming and outgoing traffic at the application layer of the OSI
model. It acts as an intermediary between users and services, inspecting the content of the traffic
(e.g., HTTP, FTP) to block malicious data or unauthorized access. It provides deep packet
inspection, user authentication, and can hide the internal network structure from the outside.

---

ii) Honey Pots (2 marks):

A Honeypot is a decoy system or network resource designed to attract attackers. It simulates
vulnerable targets to detect, deflect, or study hacking attempts. Honeypots are used by security
professionals to analyze attacker behavior and gather intelligence without risking actual assets.
They help improve security by revealing attack vectors and tactics.

---

How PGP is used for email security?

Ans :
PGP is Pretty Good Privacy. It is a popular program used to encrypt and decrypt email over the
internet. It becomes a standard for email security. It is used to send encrypted code (digital
signature) that lets the receiver verify the sender’s identity and takes care that the route of
message should not change. PGP can be used to encrypt files being stored so that they are in
unreadable form and not readable by users or intruders It is available in Low cost and Freeware
version. It is most widely used privacy ensuring program used by individuals as well as many
corporations.
There are five steps as shown below:
1. Digital signature: it consists of the creation a message digest of the
email message using SHA-1 algorithm. The resulting MD is then
encrypted with the sender’s private key. The result is the sender’s
digital signature.
2. Compression: The input message as well as p digital signature are
compressed together to reduce the size of final message that will be
transmitted. For this the Lempel -Ziv algorithm is used.
3. Encryption: The compressed output of step 2 (i.e. the compressed
form of the original email and the digital signature together) are
encrypted with a symmetric key.
4. Digital enveloping: the symmetric key used for encryption in step 3
is now encrypted with the receiver’s public key. The output of step 3
and 4 together form a digital envelope.
5. Base -64 encoding: this process transforms arbitrary binary input
into printable character output. The binary input is processed in
blocks of 3 octets (24-bits).these 24 bits are considered to be made up
of 4 sets, each of 6 bits. Each such set of 6 bits is mapped into an 8-
bit output character in this process.
Classify following cyber-crimes: i) Cyber stalking ii) Email harassment 2 m
reapeated
Describe working of PEM e-mail security.
Ans :
Privacy enhance mail (PEM)
Privacy enhance mail employees the range ofcryptographic technique for enhancement of
security which allow authentication.confidentiality and integrity.
There are total 4 opercetions envolves:
1) Coniccel conversion
2) Digital signature
3) Encryption
4) Base 64 encoding
Define IDS 2m
Ans :
An intrusion detection system (IDS) is a device or software application that monitors a traffic
for malicious activity or policy violations and sends
alert on detection. IDS inspects overall network traffic.
Explain IP security in detail? 4m,
Ans :
IPSec is a set of protocols used to secure data as it travels over IP networks. It works at the
network layer (Layer 3) of the OSI model and is widely used in Virtual Private Networks
(VPNs) to provide secure communication over the internet.

---

Key Features of IPSec:

1. Confidentiality –
Uses encryption to keep data private during transmission.

2. Data Integrity –
Ensures the data is not altered or tampered with during transfer.

3. Authentication –
Verifies the identity of the sender and receiver using keys.

4. Anti-Replay Protection –
Detects and blocks repeated or delayed packets to prevent attacks.

---
Main Components of IPSec:

- AH (Authentication Header):
Provides authentication and data integrity, but no encryption.

- ESP (Encapsulating Security Payload):

Provides encryption, authentication, and integrity.

Modes of IPSec:

1. Transport Mode:
Encrypts only the data (payload), used for end-to-end communication.

2. Tunnel Mode:
Encrypts the entire IP packet, used in VPNs for site-to-site communication.

---

---