INFORMATION AND COMMUNICATION SYSTEM SECURITY

Password attack (Password cracking)

In cryptanalysis and computer security, password cracking is the process of discover passwords
from data that have been stored in or transmitted by a computer system.
A common approach attacks:
1. (brute-force attack) is to try guesses repeatedly for the password and check them
against an available cryptographic hash of the password.
2. Dictionary attack.
3. Key logger.
Characteristics of CBC
 Even though the key and the encryption/decryption algorithm are the same, equal blocks
in the plaintext do not become equal blocks in the cipher text.
 Blocks are dependent on each other
 The error in one block is propagated to the other blocks.
Can also ECB (Electronic code block)
x-ristics are opposite to CBC

What are the inputs and output of the GSM authentication function A3?

Categories of java cryptographic package

 JCE -Java Cryptography Extension
 JSSE -Java Secure Sockets Extension
 JAAS -Java Authentication and Authorization Services
 Java GSS API -Java Generic Security Services API
 Java Certification Path API

Pieces of Information Contained in Java Cryptographic package

  Name of owner
could be a person, device, or even role.
Should uniquely identify the owner within the environment in which the public key will
be employed.
 Public key value
 Validity time period
identifies date and time from which the public key is valid, and more importantly the date
and time of its expiry.
 Signature
Creator of certificate digitally signs all data that forms the public key certificate. This
binds the data and acts as a guarantee that the creator of the certificate believes the data is
correct.

Vulnerability Vs Security
A vulnerability is a weakness in the system that might be exploited to cause loss or harm. In
computer security,
a threat is a possible danger that might exploit a vulnerability to breach security and therefore
cause possible harm.

Advantage and Disadvantage of Media Access Control

Advantage:
 Provides a little stronger security than SSID
Disadvantages:
 Increases Administrative overhead
 Reduces Scalability
 Determined hackers can still break it

Two ways of Distributing Digital Certificate

 Pushing
The owner of the certificate automatically provides the certificate when it is required
 Pulling
users must request copies of certificates when they need them.
Security Attack
 Interruption: This is an attack on availability
 Interception: This is an attack on confidentiality
 Modification: This is an attack on integrity
 Fabrication: This is an attack on authenticity

Security solutions used to implement to secure the network

 Should enable automatic software updates for each computer and network device
 Use firewalls to prevent hackers gaining access to network resources
 Use antivirus software
 Use Intrusion detection system and Intrusion Prevention System
 Use VLAN
 Use Access control list
Method used to Monitor the security
 Map out the current architecture and ensure it is accuracy
 Determine what information is critical to monitor
 To configure exception based notification
 To identify and monitor network performance baseline
 To make upgrade to your core hardware to support performance monitoring protocol
 Implement continuous monitoring 24/7
Test for security measures that used in security and monitoring phase
 Vulnerability Scanning
 Security Scanning
 Penetration testing
 Risk assessment
 Security auditing
 Ethical hacking
How to improve security policy?
 Manage who has access
 Know and protect your most important data
 Develop a data security plan/policy
 Develop stronger passwords thought your organization
 Regular backup data

3 Ways to protect to protect the Smart phones

  Lock your smart phone
 Fingerprint


UE 2016 qn3
Identify seven mandatory field in X.509v3 digital certificates and describe the purpose of each
field
Explain the PGP (UE 2017 qn4 )
PGP (Pretty Good Privacy)
Implements all major cryptographic algorithms, the ZIP compression algorithms, and the
Base64 encoding algorithm
•Can be used to authenticate or encrypt a message, or both
•General format:
–Authentication
–ZIP compression
–Encryption
–Base64 encoding (for SMTP transmission)

Why is PGP popular?

•It is available free on a variety of platforms including Windows, UNIX and Macintosh.
•Based on well-known algorithms such as RSA and Diffie-Hellman Key Exchange.
•Wide range of applicability
•Not developed or controlled by governmental or standards organizations

Why ECB is rarely used to encrypt messages. (UE 2016 qn3e)

ECB has two serious flaws. Someone seeing the cipher text can gain information from repeated
blocks, and someone can rearrange blocks or modify blocks to his own advantage. As a result of
these flaws, ECB is rarely used to encrypt messages.