Upload File

answer shruti

7
LOVELY PROFESSIONAL UNIVERSITY HOME WORK: #3 Course Code: CSE403 Course Title: Network Security & Cryptography School: LSE Department: CSE/IT Name of the faculty member: Shashi Kant Rathore Name: SHRUTI KAPOOR Class: BT-MT-IT Section:B27T2 ROLL NO:17 Part A: Q1. When a combination of symmetric encryption and an error control code is used for message authentication, in what order must the two functions be performed? Answer: The message is encrypted first, and then the MAC is calculated using the resulting cipher text to form the transmitted block. In particular, message authentication involves two aspects: • Source authentication, which verifies the identity of the source, prevents the acceptance of messages from a fraudulent source. • Data integrity, which protects the data from modification. Let’s start with symmetric encryption. As shown in Fig. 1 (a), A sends B a message M encrypted by their shared secret key K. Because a third party is unable to recover the plaintext of the message

Upload: shruti-kapoor

Post on 26-Mar-2015

513 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Answer Shruti

LOVELY PROFESSIONAL UNIVERSITY

HOME WORK: #3

Course Code: CSE403 Course Title: Network Security & Cryptography

School: LSE Department: CSE/IT

Name of the faculty member: Shashi Kant Rathore

Name: SHRUTI KAPOOR

Class: BT-MT-IT

Section:B27T2

ROLL NO:17

Part A:

Q1. When a combination of symmetric encryption and an error control code is used for message authentication, in what order must the two functions be performed?

Answer:

The message is encrypted first, and then the MAC is calculated using the resulting cipher text to form the transmitted block.

In particular,message authentication involves two aspects:• Source authentication, which verifies the identity of the source, prevents the acceptance of messagesfrom a fraudulent source.• Data integrity, which protects the data from modification.Let’s start with symmetric encryption. As shown in Fig. 1 (a), A sends B a message M encryptedby their shared secret key K. Because a third party is unable to recover the plaintext of the mes-sagewithout the knowledge of K, confidentiality is provided. Now let’s examine how encryption mechanismcan provide message authentication. Generally, B is assured that the message is from A, because A is theonly person (other than B) who is able to generate the ciphertext that can be decrypted using K. Further,if M is fully recovered, B knows none of the bits of M have been altered.However, to achieve this goal B needs to be able to identify the “correct plaintext” from the ones that

Page 2: Answer Shruti

is decrypted from an altered ciphertext, or the ciphertext generated with a different key. And there areseveral scenarios:• If M is in ordinary English, then B can recognize the message by reading off it. But this “plain-text”is difficult to be recognized automatically.• If M is in binary code, and can be any arbitrary bit pattern, then there is no way to determineautomatically, whether the recovered message is legitimate or not.Lacking of an automatic way to verify the recovered message limits the usage of symmetric en-cryptionas a mechanism for message authentication. Moreover, if a block cipher (such as DES, AES) is used,

Q2. In what ways can a hash values be secured so as to provide message authentication? Is it necessary to recover the secret key in order to attack a MAC algorithm?

Answer:

The ways in which a hash code can be used to provide message authentication are:

1. The message plus concatenated hash code is encrypted using symmetric encryption.The hash code provides the structure required for authentication.

2. Only the hash code is encrypted using symmetric encryption. This reduces the processing burden.

3. Only the hash code is encrypted using public key encryption and the sender’s private key.This provides digital signature.

4. The message plus the public key-encrypted hash code may be encrypted using a symmetric secret key.

5. A hash function may be used without encryption for message authentication.It assumes that two communicating parties (A and B) share a common key (s). ’A’ computes the hash value over the concatenation of M and S.B knows S and therefore can re-compute M.

6. The entire message plus the hash code may be encrypted.

Q3. a) What are the properties a digital signature should have and what requirements should a digital signature scheme satisfy?

Page 3: Answer Shruti

b) What are some threats associated with a direct digital signature scheme?

Answer:

Data appended to, or a data unit that allows a recipient of the data unit to prove the source and integrity if the data unit and protect against forgery.

A digital signature scheme using symmetric encryption is based on the following: To sign an n-bit message, the sender randomly generates in advance 2n 56-bit cryptographic keys:

k1, K1, k2, K2,..., kn, Kn

which are kept secret. The sender prepares in advance two sets of corresponding nonsecret 64-bit validation parameters, which are made public:

u1, V1, u2, V2,..., un, Vn and v1, V1, v2, V2,..., vn, Vn

where

vi = E(ki, ui), Vi = E(ki, Ui)

The message M is signed as follows. For the i th bit of the message, either ki or Ki is attached to the message, depending on whether the message bit is 0 or 1. For example, if the first three bits of the message are 011, then the first three keys of the signature are k1, K2, K3.

A digital signature is formed by taking the message digest of the content to be signed and then encrypting that with the private key of signer. The content plus signature are the encoded using base64 encoding. Clear-signed data: As with assigned data, a digital signature of the content is formed. In this case only the digital signature is encoded using base64. Signed and enveloped date: Signed-only and encrypted-only entities may be nested, so that encrypted data may be signed and signed data or clear-signed data may be signed and signed data or clear-signed data may be encrypted.

Digital Signature provides two levels of authentication:

1. Low-level authentication

2. Higher-level authentication

At the lower level there must be some sort of function that produces an authenticator: a value to be used to authenticate a message. This lower level function is then used as primitive in a higher-level authentication protocol that enables a receiver to verify the authenticity of message.

Page 4: Answer Shruti

Part B:

Q4. Describe a Brute Force attack on a digitally signed message. Discuss the complexity of the brute force attack. How can the complexity of the attack be increased without changing the size of the key?

Q5. a) When would you use a MAC rather than a plain hash?

b) List out the design objectives for HMAC.

Answer:

This technique assumes that two communicating parties A and B share a common key K.When A sends a message to B it calculates the MAC as a function of the message and the key:MAC=CK{M),

Where,

M=input message

C=MAC function

K=shared secret key

MAC=message authentication code

The message plus the MAC are transmitted to the recipient. The recipient performs the same calculation on the received message to generate a new MAC.The received MAC is compared to the calculated MAC.If only the sender and receiver know the secret key,if the received MAC matches the calculated MAC , then

1.The receiver is assured that the message has not been altered.

2.The receiver is assured that the message is from the alleged sender.

3.If the message includes a sequence number then the receiver is assured of the proper sequence.

The MAC function need not be reversible.Usually, it is a many-to-one function.

If there are N possible messages then an n bit MAC is used where N>>2n and there are 2k possible keys where the key has k bits.

Q6. What is difference between transport mode and tunnel mode? Why does ESP include a padding field?

Answer:

Page 5: Answer Shruti

These are the two ways in which the IPSec authentication service can be used.In one case authentication is provided directly between a server and client work stations;the work station can be either on the same network as the server or on an external network.As long as the work station and the server share a protected secret key, the authentication process is secure.This case uses a transport mode SA. In the other case a remote work station authenticates itself to the corporate firewall, either for access to the entire internal network or because the requested server does not support the authentication feature. This case uses a tunnel mode SA.

For transport mode AH using IPv4, the AH is inserted after the original IP header and before the IP payload. In the context of IPv6, the AH is viewed as an end-to-end payload;that is it is not examined or processed by intermediate routers. Therefore the AH appears after the IPv6 base header and the hop-by-hop,routing and fragment extension headers.

For tunnel mode AH the original IP packet is authenticated, and the AH is inserted between the original IP header and a new outer IP header

Transport mode Tunnel mode

1.It provides protection for upper layer protocols.

2.Used for end-to-end communication between two host

3.AH:Authenticates IP payload and selected portions of IP header and IPv6 extension header

1. It provides protection to the entire IP packet.

3.It is used when one or both ends of an SA is a security gateway , such as firewall or router that implement IPSec.

3.Authenticates entir inner IP packet plus selected portions of outer IP header and outer IPv6 extension headers.

ESP includes the padding field serves several purposes:

If an encryption algorithm requires the plaintext to be a multiple of some number of bytes (e.g., the multiple of a single block for a block cipher), the Padding field is used to ex-pand the plaintext (consisting of the Payload Data, Padding, Pad Length, and Next Header fields) to the required length.

The ESP format requires hat the PAD length and Next header fields be right aligned within a 32-bit word. Equivalently, the cipher text must be an integer multiple of 32 bits. The padding field is used to assure this alignment.

Page 6: Answer Shruti

Additional padding may be added to provide partial traffic flow confidentiality by con-cealing the actual length of the payload.


Shruti Journal Document

Shruti Parihar 298 Report

Shruti rao

Register here! Shruti Pavagadhi

Holy Book Hinduism Shruti Smriti

Shruti - Ayurveda for Well Being

Shruti in Contemporary Hindustani Music

Shruti PDF

Shruti Madam Synopsis

Shruti Hassan Top 20 Pics

Presentation kashmir(shruti)

Modified Shruti

Class 6th Shruti

Shruti creation

Kamal Shruti

Shruti Jire 511 Interim Report

Shruti Agarwal, demonitization

BCG Matrix- Shruti B Gupta

Dr. Shruti Bhat

Profile - Shruti Sharma

Final Shruti Pres

Shruti Garg - Resume!

Day-3, Ms. Shruti Bhatia

Shruti ubgade portfolio

Stp Shruti (1)

Shruti Oberoi

Shruti final pepsi report

Project Banking Law Shruti Kamble

009 Shruti Dave Consolidation

2 Clase Shruti

Supply Chain Management-Shruti

Shruti Dandekar Product Design (PG)

Shruti Arts Gallery

Shruti MPR Project

Swara Sthapana on Shruti Veena or Shruti Sitarcomputationalmusic.com/pdfs/Shruti-Veena-Swara-Sthapana.pdf · Swara Sthapana on Shruti Veena or Shruti Sitar (Establishing Musical notes