Operation of AES - Bhargavi Goswami



COMPUTER NETWORKSUNIT – 6QNo. 1 to 12 is of 10 marksQNo. 13 to 24 is of 2 marksQNo. 25 to 42 is of 6 marksContributed By—MOHNISH VEDI (1741135)POOJA SHAH (1741137)RAHUL P VINISH (1741138)RAHUL PRADEEP KELUSKAR (1741139)RAJESH N PATEL (1741140)RASHI KHANDELWAL (1741141)RATANDEEP KAUR SODHI (1741142)RECHETHAS C (1741143)RIYA RAJESH (1741144)S ANISHA (1741145)Write a short note on FTP. How does it maintain connection using TCP and Port? Draw clear figure explaining architecture using control and data connection.FTP File Transfer Protocol (FTP) is the standard protocol provided by TCP/IP for copying a file from one host to another. Although transferring files from one system to another seems simple and straightforward, some problems must be dealt with first. For example, two systems may use different file name conventions. Two systems may have different ways to represent data. Two systems may have different directory structures. All of these problems have been solved by FTP in a very simple and elegant approach. Although we can transfer files using HTTP, FTP is a better choice to transfer large files or to transfer files using different formats.Figure 26.10 shows the basic model of FTP.The client has three components: the user interface, the client control process, and the client data transfer process. The server has two components: the server control process and the server data transfer process. The control connection is made between the control processes. The data connection is made between the data transfer processes.Separation of commands and data transfer makes FTP more efficient. The control connection uses very simple rules of communication. We need to transfer only a line of command or a line of response at a time. The data connection, on the other hand, needs more complex rules due to the variety of data types transferred.Two Connections The two connections in FTP have different lifetimes. The control connection remains connected during the entire interactive FTP session. The data connection is opened and then closed for each file transfer activity. It opens each time commands that involve transferring files are used, and it closes when the file is transferred. In other words, when a user starts an FTP session, the control connection opens. While the control connection is open, the data connection can be opened and closed multiple times if several files are transferred. FTP uses two well-known TCP ports: port 21 is used for the control connection, and port 20 is used for the data connection.Control Connection For control communication, FTP uses the same approach as TELNET (discussed later). It uses the NVT ASCII character set as used by TELNET. Communication is achieved through commands and responses. This simple method is adequate for the control connection because we send one command (or response) at a time. Each line is terminated with a two-character (carriage return and line feed) end-of-line token. During this control connection, commands are sent from the client to the server and responses are sent from the server to the client. Commands, which are sent from the FTP client control process, are in the form of ASCII uppercase, which may or may not be followed by an argument. Some of the most common commands are shown in Table 26.4.Data ConnectionThe data connection uses the well-known port 20 at the server site. However, the creation of a data connection is different from the control connection. The following shows the steps: 1. The client, not the server, issues a passive open using an ephemeral port. This must be done by the client because it is the client that issues the commands for transferring files. 2. Using the PORT command the client sends this port number to the server. 3. The server receives the port number and issues an active open using the well known port 20 and the received ephemeral port munication over Data ConnectionThe purpose and implementation of the data connection are different from those of the control connection. We want to transfer files through the data connection. The client must define the type of file to be transferred, the structure of the data, and the transmission mode. Before sending the file through the data connection, we prepare for transmission through the control connection. The heterogeneity problem is resolved by defining three attributes of communication: file type, data structure, and transmission mode. File Type FTP can transfer one of the following file types across the data connection: ASCII file, EBCDIC file, or image file. Data Structure FTP can transfer a file across the data connection using one of the following interpretations of the structure of the data: file structure, record structure, or page structure. The file structure format (used by default) has no structure. It is a continuous stream of bytes. In the record structure, the file is divided into records. This can be used only with text files. In the page structure, the file is divided into pages, with each page having a page number and a page header. The pages can be stored and accessed randomly or sequentially.Transmission Mode FTP can transfer a file across the data connection using one of the following three transmission modes: stream mode, block mode, or compressed mode. The stream mode is the default mode; data are delivered from FTP to TCP as a continuous stream of bytes. In the block mode, data can be delivered from FTP to TCP in blocks. In this case, each block is preceded by a 3-byte header. The first byte is called the block descriptor; the next two bytes define the size of the block in bytes. File Transfer File transfer occurs over the data connection under the control of the commands sent over the control connection. However, we should remember that file transfer in FTP means one of three things: retrieving a file (server to client), storing a file (client to server), and directory listing (server to client).What is WWW? Explain the architecture of WWW. Also explain the terms Browser, Server, URL, Cookies with clear figures.The World Wide Web (WWW) is a repository of all resources and users on the Internet that are using the Hypertext Transfer Protocol (HTTP).Architecture: The WWW today is a distributed client-server service, in which a client using a browser can access a service using a server. However, the service provided is distributed over many locations called sites. Each site holds one or more documents called web pages. Each web page, however, can contain some links to other web pages in the same or other sites. In other words, a web page can be simple or composite. A simple web page has no links to other web pages; a composite web page has one or more links to other web pages. Each web page is a file with a name and address.Assume we need to retrieve a scientific document that contains one reference to another text file and one reference to a large image. The main document and the image are stored in two separate files (file A and file B) in the same site; the referenced text file (file C) is stored in another site. Since we are dealing with three different files, we need three transactions if we want to see the whole document. The first transaction (request/response) retrieves a copy of the main document (file A), which has references (pointers) to the second and third files. When a copy of the main document is retrieved and browsed, the user can click on the reference to the image to invoke the second transaction and retrieve a copy of the image (file B). If the user needs to see the contents of the referenced text file, she can click on its reference (pointer) invoking the third transaction and retrieving a copy of file C. Note that although files A and B both are stored in site I, they are independent files with different names and addresses. Two transactions are needed to retrieve them. A very important point we need to remember is that file A, file B, and file C are independent web pages, each with independent names and addresses. Although references to file B or C are included in file A, it does not mean that each of these files cannot be retrieved independently. A second user can retrieve file B with one transaction. A third user can retrieve file C with one transaction.A variety of vendors offer commercial browsers that interpret and display a web page, and all of them use nearly the same architecture. Each browser usually consists of three parts: a controller, client protocols, and interpreters. Web Server: The web page is stored at the server. Each time a request arrives, the corresponding document is sent to the client. To improve efficiency, servers normally store requested files in a cache in memory; memory is faster to access than a disk. A server can also become more efficient through multithreading or multiprocessing. In this case, a server can answer more than one request at a time. Some popular web servers include Apache and Microsoft Internet Information Server. Uniform Resource Locator (URL): A web page, as a file, needs to have a unique identifier to distinguish it from other web pages. To define a web page, we need three identifiers: host, port, and path. However, before defining the web page, we need to tell the browser what client server application we want to use, which is called the protocol. This means we need four identifiers to define the web page. The first is the type of vehicle to be used to fetch the web page; the last three make up the combination that defines the destination object (web page). To combine these four pieces together, the uniform resource locator (URL) has been designed; it uses three different separators between the four pieces as shown below: Example: Cookies: The original purpose of the Web, retrieving publicly available documents, exactly fits this design. Today the Web has other functions that need to remember some information about the clients. For these purposes, the cookie mechanism was devised. When a client sends a request to a server, the browser looks in the cookie directory to see if it can find a cookie sent by that server. If found, the cookie is included in the request. When the server receives the request, it knows that this is an old client, not a new one. Note that the contents of the cookie are never read by the browser or disclosed to the user. It is a cookie made by the server and eaten by the server.Categorize the documents used in WWW. Explain static, dynamic and active documents with details and clear figures.Three basic types of web documents are:Static.A static web document resides in a file that it is associated with a web server. The author of a static document determines the contents at the time the document is written. Because the contents do not change,each request for astatic document results in exactly the same response.Dynamic.A dynamic web document does not exist in a predefined form. When a request arrives, the webserver runs an application program that creates the document. The server returns the output of the program as a response to the browser that requested the document. Because a fresh document is created or each request,the contents of a dynamic document can vary from one request to another.ActiveAn active web document consists of a computer program that the server sends to the browser and that the browser must run locally. When it runs, the active document program can interact with the user change the display continuously.Advantages and disadvantages of each document typeStaticAdvantages: simplicity, reliability and performance. The browser can place a copy in a cache on a local disk".Disadvantages: inflexibility, changes are time consuming because they require a human to edit the file.DynamicAdvantages: ability to report current information (current stocks prices, current weather conditions, current availability of tickets or a concert%. Because, both static and dynamic documents use HTML, a browser does not know whether the server extracted the page from a disk file or obtained the page dynamically from a computer program.Disadvantages: increased cost and, like a static document, a dynamic document does not change after a browser retrieves a copy.Thus, information in a dynamic document begins to age as soon as it has been sent to the browser (stock prices).Server push. The server runs the programs periodically and sends the new document to the browserActiveAdvantages: ability to update information continuously. for example, only an active document can change the display quickly enough to show an animated image.More important, an active document can access sources of information directly and update the display continuously. For example, an active document that displays stock prices can continue to retrieve stock information and change the display without requiring any action from the user.Describe asymmetric key cryptography.Asymmetric cryptography, also known as public key cryptography, uses public and private keys to encrypt and decrypt data. The keys are simply large numbers that have been paired together but are not identical (asymmetric). One key in the pair can be shared with everyone; it is called the public key. The other key in the pair is kept secret; it is called the private key. Either of the keys can be used to encrypt a message; the opposite key from the one used to encrypt the message is used for decryption.Many protocols like SSH, Open PGP, S/MIME, and SSL/TLS rely on asymmetric cryptography for encryption and digital signature functions. It is also used in software programs, such as browsers, which need to establish a secure connection over an insecure network like the internet or need to validate a digital signature. Encryption strength is directly tied to key size and doubling key length delivers an exponential increase in strength, although it does impair performance. As computing power increases and more efficient factoring algorithms are discovered, the ability to factor larger and larger numbers also increases.For asymmetric encryption to deliver confidentiality, integrity, authenticity and non-repudiation, users and systems need to be certain that a public key is authentic, that it belongs to the person or entity claimed and that it has not been tampered with or replaced by a malicious third party. There is no perfect solution to this public key authentication problem. A public key infrastructure (PKI), where trusted certificate authorities certify ownership of key pairs and certificates, is the most common approach, but encryption products based on the Pretty Good Privacy (PGP) model (including Open PGP), rely on a decentralized authentication model called a web of trust, which relies on individual endorsements of the link between user and public key. Write the short note on Headers of HTTP. How many types of header exist? Explain at least 10 of them in one statement each.HTTP header fields provide required information about the request or response, or about the object sent in the message body.General header: Headers applying to both requests and responses but with no relation to the data eventually transmitted in the body.Request header: Headers containing more information about the resource to be fetched or about the client itself.Response header: Headers with additional information about the response, like its location or about the server itself (name and version etc.).Entity header: Headers containing more information about the body of the entity, like its content length or its MIME-type.End-to-end headers: These headers must be transmitted to the final recipient of the message; that is, the server for a request or the client for a response. Intermediate proxies must retransmit end-to-end headers unmodified and caches must store them.Hop-by-hop headers: These headers are meaningful only for a single transport-level connection and must not be retransmitted by proxies or cached. Such headers are: Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, TE, Trailer, Transfer-Encoding and Upgrade.Classify modes of operation for block ciphers. Explain each with valid figures and examples.Encryption algorithms are divided into two categories based on input type, as block cipher and stream cipher.?Block cipher?is an encryption algorithm which takes fixed size of input say?b?bits and produces a ciphertext of?b?bits again. If input is larger than?b?bits it can be divided further. For different applications and uses, there are several modes of operations for a block cipher.Electronic Code Book (ECB) –Electronic code book is the easiest block cipher mode of functioning. It is easier because of direct encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext. Generally, if a message is larger than?b?bits in size, it can be broken down into bunch of blocks and the procedure is repeated.Procedure of ECB is illustrated below:Advantages of using ECB –Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.Simple way of block cipher.Disadvantages of using ECB –Prone to cryptanalysis since there is a direct relationship between plaintext and ciphertext.?Cipher Block Chaining –Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some security requirements. In CBC, previous cipher block is given as input to next encryption algorithm after XOR with original plaintext block. In a nutshell here, a cipher block is produced by encrypting a XOR output of previous cipher block and present plaintext block.The process is illustrated here:Advantages of CBC –CBC works well for input greater than?b?bits.CBC is a good authentication mechanism.Better resistive nature towards cryptanalysis than ECB.Disadvantages of CBC –Parallel encryption is not possible since every encryption requires previous cipher.??Cipher Feedback Mode (CFB) –In this mode the cipher is given as feedback to the next block of encryption with some new specifications: first an initial vector IV is used for first encryption and output bits are divided as set of?s and b-s?bits the left-hand side?s bits are selected and are applied an XOR operation with plaintext bits. The result given as input to a shift register and the process continues. The encryption and decryption process for the same is shown below, both of them use encryption algorithm.?Advantages of CFB –Since, there is some data loss due to use of shift register, thus it is difficult for applying cryptanalysis.??Output Feedback Mode –The output feedback mode follows nearly same process as the Cipher Feedback mode except that it sends the encrypted output as feedback instead of the actual cipher which is XOR output. In this output feedback mode, all bits of the block are sent instead of sending selected?s?bits. The Output Feedback mode of block cipher holds great resistance towards bit transmission errors. It also decreases dependency or relationship of cipher on plaintext.?Counter Mode –The Counter Mode or CTR is a simple counter-based block cipher implementation. Every time a counter initiated value is encrypted and given as input to XOR with plaintext which results in ciphertext block. The CTR mode is independent of feedback use and thus can be implemented in parallel.Its simple implementation is shown below:?What is DNS Protocol? How does it work for Internet? Explain Generic, country and inverse domains with examples.A Domain Name System is?a hierarchical decentralized naming system?for computers and other resources connected to the internet or private networks. In use since 1985, it associates information with domain names assigned to participating entities and translates domain names to their numerical IP addresses. It's considered an essential component of the functionality of the internet.Working of DNS for the InternetA frequently used analogy is that?DNS functions as the phonebook?for the internet; it stores the long numerical IP addresses by an easier to remember website address. The hierarchy of domain is read from right to left; a domain name is divided into separate parts, or labels, separated by dots (ex: ) with the farthest right demarking the dominant domain. (In this case, .com) When a user types a domain name into a URL or web address, the computer uses a DNS server to?look up the domain name?and redirect the page to the correct IP address.Types of domains:DNS is a protocol that can be used in different platforms. In the Internet, the domain name space (tree) was originally divided into three different sections: generic domains, country domains, and the inverse domains. However, due to the rapid growth of the Internet, it became extremely difficult to keep track of the inverse domains, which could be used to find the name of a host when given the IP address. The inverse domains are now deprecated (see RFC 3425).Generic DomainsThe generic domains define registered hosts according to their generic behaviour. Each node in the tree defines a domain, which is an index to the domain name space database. Looking at the tree, we see that the first level in the generic domains section allows 14 possible labels. These labels describe the organization types as listed in Table.Country DomainsThe country domains section uses two-character country abbreviations (e.g., us for United States). Second labels can be organizational, or they can be more specific national designations. The United States, for example, uses state abbreviations as a sub-division of us (e.g., ca.us.). Figure shows the country domains section. The address uci.ca.us. can be translated to University of California, Irvine, in the state of California in the United States. ? Inverse DomainsInverse domain is used to map an address to a name.For example,?a client send a request to the server for performing a particular task, server finds a list of authorized client.??The list contains only IP addresses of the client.The server sends a query to the DNS server to map an address to a name to determine if the client is on the authorized list.This query is called an inverse query.This query is handled by first level node called arpa.Explain the architecture of Email. Provide the format of Email and Email Address.Electronic mail(e-mail) allows users to exchange messages. Architecture To explain the architecture of e-mail, we give a common scenario, as shown belowIn the common scenario, the sender and the receiver of the e-mail, Alice and Bob respectively, are connected via a LAN or a WAN to two mail servers. The administrator has created one mailbox for each user where the received messages are stored. A mail-box is part of a server hard drive, a special file with permission restrictions. Only the owner of the mailbox has access to it. The administrator has also created a queue (spool) to store messages waiting to be sent. A simple e-mail from Alice to Bob takes nine different steps, as shown in the figure. Alice and Bob use three different agents: a user agent (UA), a message transfer agent (MTA), and a message access agent (MAA). USER AGENT: The first component of an electronic mail system is the user agent (UA). It provides service to the user to make the process of sending and receiving a message easier. A user agent is a software package (program) that composes, reads, replies to, and forwards messages. It also handles local mailboxes on the user computers. There are two types of user agents: command-driven and GUI-based. Command driven user agents belong to the early days of electronic mail. They are still present as the underlying user agents. Some examples of command driven user agents are mail, pine, and elm. Modern user agents are GUI-based. They contain graphical user interface (GUI)components that allow the user to interact with the software by using both the keyboard and the mouse. Some examples of GUI-based user agents are Eudora and Outlook.MESSAGE TRANSFER AGENT: The formal protocol that defines the MTA client and server in the Internet is called Simple Mail Transfer Protocol (SMTP). SMTP is used two times, between the sender and the sender’s mail server and between the two mail servers. As we will see shortly, another protocol is needed between the mail server and the receiver. SMTP simply defines how commands and responses must be sent back and forth. Commands and Responses SMTP uses commands and responses to transfer messages between an MTA client and an MTA server. The command is from an MTA client to an MTA server; the response is from an MTA server to the MTA client. Each command or reply is terminated by a two-character (carriage return and line feed) end-of-line token. Commands are sent from the client to the server. Responses are sent from the server to the client. A response is a three-digit code that may be followed by additional textual information. MESSAGE ACCESS AGENT The first and second stages of mail delivery use SMTP. However, SMTP is not involved in the third stage because SMTP is a push protocol; it pushes the message from the client to the server. In other words, the direction of the bulk data (messages) is from the client to the server. On the other hand, the third stage needs a pull protocol; the client must pull messages from the server. The direction of the bulk data is from the server to the client. The third stage uses a message access agent. Currently two message access protocols are available: Post Office Protocol, version 3 (POP3) and Internet Mail Access Protocol, version 4 (IMAP4). POP3 is simple but limited in functionality. The client POP3 software is installed on the recipient computer; the server POP3 software is installed on the mail server.Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4). IMAP4 is similar to POP3, but it has more features; IMAP4 is more powerful and more complex. Format of email: Format of email address: To deliver mail, a mail handling system must use an addressing system with unique addresses. In the Internet, the address consists of two parts: a local part and a domain name, separated by an @ sign. Explain the internal and external network security issues you can visualize in a network.Few internal network security issues are: a) Malicious cyber-attacks: The most likely perpetrators of cyber-attacks are system administrators or the other IT staff with privileged system access. Technically proficient employees can use their system access to open back doors into computer systems, or leave programs on the network to steal information or wreak havoc. The best protection against this sort of attack is to monitor employees closely and be alert for disgruntled employees who might abuse their positions. In addition, experts advise immediately cancelling network access and passwords when employees leave the company, to avoid those using passwords to remotely access the network in future. b) Social engineering: Perhaps one of the most common ways for attackers to gain access to a network is by exploiting the trusting nature of your employees. c) Downloading malicious internet content: Some reports suggest the average employee in a small business spends up to an hour a day surfing the web for personal use — perhaps looking at video or file-sharing websites, playing games or using social media websites such as Facebook. It's not just time that this activity could cost you. Analyst reports show that the number of malware and virus threats is increasing by more than 50 percent each year, and many of these destructive payloads can be inadvertently introduced to the network by employees. The best advice is to constantly update and patch your IT systems to ensure you are protected. d) Information leakage: There are now a staggering number of ways that information can be taken from your computer networks and released outside the organisation. Whether it's an MP3 player, a CD-ROM, a digital camera or USB data stick, today's employees could easily take a significant chunk of your customer database out of the door in their back pocket. e) Illegal activities: It's important to remember that, as an employer, you are responsible for pretty much anything your employees do using your computer network — unless you can show you have taken reasonable steps to prevent this. To protect yourself, experts advise a two-pronged approach. First, use monitoring software to check email and internet traffic for certain keywords or file types. You might also choose to block certain websites and applications completely. Few internal network security issues are: a) Economic threats: The economy can be considered an external threat to businesses because, no matter how hard a company works or how good its products are, economic conditions dictate a business's profit and success. Economic downturns can decrease the demand for goods or services on the consumer market. On the other hand, a robust economy will inspire more consumer spending and business growth. According to the Economic Development Research and Training Centre, studying economic trends, such as household spending or consumer demand reports, can help companies track economic patterns in their external environments. b) Competitors: Competition is a significant external threat to businesses and is a product of the marketplace. A competitive market requires knowing who your competitors are. Competition serves as an external threat because businesses compete with other organizations for the same customers. In turn, this challenge can cause one company to flourish and the other to flop. c) Global Environment: The global environment can be risky for companies that rely on horticulture, agriculture or other types of natural resources. Weather patterns are examples of global environmental threats that can impact a company’s resources, projects and profitability. Businesses track and trend weather patterns and global changes to monitor what types of environmental risks are out there. d) Political factors: Political decisions or changes can threaten businesses. Foreign investments, for instance, can be threatened by political decisions to go to war with other countries. Or government-funded agencies can have their businesses impacted by budget cuts or budget deficits. e) New technology: The technological field, with all of its advancements, can serve as a potential external threat to businesses. Technological changes can give companies a competitive advantage, leaving others behind. For instance, travel agencies were exposed to a technological threat when the Internet gave customers the ability to do their own research and make their own travel plans from their computers, thereby eliminating the need for travel agencies. Technological changes should be monitored to determine if there are any direct threats to a business. Explain Email architecture with a neat diagramE-mail system normally consists of two sub systems1. the user agents2. the message transfer agentsThe user agents allow people to read and send e-mails. The message transfer agents move the messages from source to destination. The user agents are local programs that provide a command based, menu-based, or graphical method for interacting with e-mail system. The message transfer agents are daemons, which are processes that run-in background. Their job is to move datagram e-mail through system.A key idea in e-mail system is the distinction between the envelope and its contents. The envelope encapsulates the message. It contains all the information needed for transporting the message like destinations address, priority, and security level, all of which are distinct from the message itself. The message transport agents use the envelope for routing. The message inside the envelope consists of two major sections: Explain RSA Public key algorithm with suitable example.There are several asymmetric-key cryptosystems, one of the common public key algorithms is the RSA cryptosystem, named for its inventors (Rivest, Shamir, and Adleman). RSA uses two exponents, e and d, where e is public and d is private. Suppose P is the plaintext and C is the ciphertext. Alice uses C = Pe mod n to create ciphertext C from plaintext P; Bob uses P = Cd mod n to retrieve the plaintext sent by Alice. The modulus n, a very large number, is created during the key generation process.Procedure Bob chooses two large numbers, p and q, and calculates n = p × q and φ = (p ? 1) × (q ? 1). Bob then selects e and d such that (e × d) mod φ = 1. Bob advertises e and n to the community as the public key; Bob keeps d as the private key. Anyone, including Alice, can encrypt a message and send the ciphertext to Bob, using C = (Pe) mod n; only Bob can decrypt the message, using P = (Cd) mod n. An intruder such as Eve cannot decrypt the message if p and q are very large numbers (she does not know d).14325943220519665179000 593358000Applications Although RSA can be used to encrypt and decrypt actual messages, it is very slow if the message is long. RSA, therefore, is useful for short messages. In particular, we will see that RSA is used in digital signatures and other cryptosystems that often need to encrypt a small message without having access to a symmetric key. RSA is also used for authentication.Write a short note on DES with clear figures. Also list its limitations.The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST). DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64- bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only). General Structure of DES is depicted in the following illustration.Since DES is based on the Feistel Cipher, all that is required to specify DES is: - ? Round function Key scheduleAny additional processing ? Initial and final permutationInitial and Final PermutationThe initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each other. They have no cryptography significance in DES. The initial and final permutations are shown as follows: - Round Function The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit output. Expansion Permutation Box ? Since right input is 32-bit and round key is a 48-bit, we first need to expand right input to 48 bits. Permutation logic is graphically depicted in the following illustration: - The graphically depicted permutation logic is generally described as table in DES specification illustrated as shown: - XOR (Whitener). ? After the expansion permutation, DES does XOR operation on the expanded right section and the round key. The round key is used only in this operation. ?Substitution Boxes. ? The S-boxes carry out the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output. Refer the following illustration: - The S-box rule is illustrated below: - ? There are a total of eight S-box tables. The output of all eight s-boxes is then combined in to 32 bit section.Straight Permutation ? The 32 bit output of S-boxes is then subjected to the straight permutation with rule shown in the following illustration: KeyGeneration The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of key generation is depicted in the following illustration: - The logic for Parity drop, shifting, and Compression P-box is given in the DES description. DES Analysis The DES satisfies both the desired properties of block cipher. These two properties make cipher very strong. ?Avalanche effect ? A small change in plaintext results in the very great change in the ciphertext. ?Completeness ? Each bit of ciphertext depends on many bits of plaintext. During the last few years, cryptanalysis have found some weaknesses in DES when key selected are weak keys. These keys shall be avoided. DES has proved to be a very well-designed block cipher. There have been no significant cryptanalytic attacks on DES other than exhaustive key search. Disadvantages: 1. Experts have found a weakness in the design of the cipher. 2. S box creates same output with two chosen input. 3. The initial and final permutation is not exactly clear and seems confusing. Define World Wide Web.The Web, or World Wide Web (W3), is basically a system of Internet servers that support specially formatted documents. The documents are formatted in a mark-up language called HTML (Hyper Text Mark-up Language) that supports links to other documents, as well as graphics, audio, and video files. This means you can jump from one document to another simply by clicking on hot spots. Not all Internet servers are part of the World Wide Web.Explain beginning and ending tags. Provide example.<html> is the opening tag that kicks things off and tells the browser that everything between that and the </html> closing tag is an HTML document. The stuff between <body> and </body> is the main content of the document that will appear in the browser window. Not all tags have closing tags like this (<html></html>) some tags, which do not wrap around content will close themselves. The line-break tag for example, looks like this: <br>.Explain GET and POST method of HTTP.The GET method requests a representation of the specified resource. Requests using GET should only retrieve data. The POST method is used to submit an entity to the specified resource, often causing a change in state or side effects on the server.ENCRYPTION DECRYPTIONDefine Encryption and Decryption.Conversion of a human understandable message into an unintelligible and obscure form that cannot be interpreted.Conversion of an unintelligible message into a comprehensible form which could be easily understood by a human.Classify cryptography.Define HTTP.HTTP?means Hyper Text Transfer Protocol.?HTTP?is the underlying protocol used by the World Wide Web and this protocol?defines?how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands.What is a cipher text?Ciphertext?is encrypted text. Plaintext is what you have before encryption, and ciphertext?is the encrypted result. The term?cipher?is sometimes used as a synonym for?ciphertext, but it more properly means the method of encryption rather than the result.Why is poly-alphabetic substitution superior to mono-alphabetic substitution?More secure than monoalphabetic substitutions.Multiple ciphertext letters for each plaintext letter, one for each unique letter of the keyword.Define Network work security is protection of the access to files and directories in a computer network against hacking, misuse and unauthorized changes to the system.What is the relationship between plain text and cipher text?Plaintext is the input to an encryption algorithm. Ciphertext is the unreadable output of an encryption algorithm. Plain-Text is what you have before encryption, and Cipher Text is the encrypted result.What is Decryption?Decryption is the process of taking encoded or encrypted text or other data and converting it back into text that you or the computer can read and understand. This term could be used to describe a method of unencrypting the data manually or unencrypting the data using the proper codes or keys.What are the two categories of cryptography methods?There are two basic types of cryptographic systems: symmetric ("private key") and asymmetric ("public key").Describe the hierarchy of name servers. Hierarchy of Name Servers?Root name servers?– It is contacted by name servers that cannot resolve the name. It contacts authoritative name server if name mapping is not known. It then gets the mapping and return the IP address to the host.?Top level server?– It is responsible for com, org, edu, etc and all the top level country domains like UK, Fr, ca, in etc. They have info about authoritative domain servers and know names and IP addresses of each authoritative name server for the second level domains.?Authoritative name servers?This is organization’s DNS server, providing authoritative hostname to IP mapping for organization servers. It can be maintained by organization or service provider. In order to reach cse.dtu.in we have to ask the root DNS server, then it will point out to the top level domain server and then to authoritative domain name server which actually contains the IP address. So, the authoritative domain server will return the associative IP address.The client machine sends a request to the local name server, which, if root does not find the address in its database, sends a request to the root name server, which in turn, will route the query to an intermediate or authoritative name server. The root name server can also contain some hostname to IP address mappings. The intermediate name server always knows who the authoritative name server is. So finally the IP address is returned to the local name server which in turn returns the IP address to the host.Explain the terms: name space, domain name space, domains and zones.Name spaceA Name space is a context within which the names of all objects must be unambiguously resolvable. Name spaces can be flat or hierarchical. Flat Name Spaces Flat name spaces do not scale well because they can grow only so large before all available names are used up. Once a name is used more than once in a name space, the name space violates the unambiguously resolvable requirement. Hierarchical Name Space A hierarchical name space is divided into different areas, which can be thought of as sub name spaces. Each area is its own sub name space within the overall name space. Therefore, each object must have a unique name only within its sub name space in order to have an unambiguously resolvable name within the name space hierarchy. Hierarchical name spaces, then, can scale to extremely large networks — as you add more objects to the overall name space, you have to find unique names for them within only the sub name space to which they belong.Domain Name Space To have a hierarchical name space, a domain name space was designed. In this design the names are defined in an inverted-tree structure with the root at the top. Domain A domain is a subtree of the domain name space. The name of the domain is the name of the node at the top of the subtree. Zone Since the complete domain name hierarchy cannot be stored on a single server, it is divided among many servers. What a server is responsible for or has authority over is called a zone. We can define a zone as a contiguous part of the entire tree.Write about FILE transfer.File transfer is the process of copying or moving a file from one computer to another over a network or Internet connection. It enables sharing, transferring or transmitting a file or a logical data object between different users and/or computers both locally and remotely.A file transfer can be an upload or download. File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), BitTorrent and Simple File Transfer Protocol are the most common file transfer protocols used in computer networks and online.There are two main types of file transfer:Pull-Based: The file transfer request is initiated by the receiver.Push Based: The file transfer request is initiated by the sender.Moreover, other than network or Internet, file transfer can be performed manually by copying a file to a new folder/drive in the same computer or by copying it on a USB pen drive, CD or other portable storage device to be transferred to another computer.Explain FILE transfer protocol with an example.File Transfer Protocol (FTP) is the standard protocol provided by TCP/IP for copying a file from one host to another. Although we can transfer files using HTTP, FTP is a better choice to transfer large files or to transfer files using different formats. The basic model of FTP has a client and a server. The client has three components: the user interface, the client control process, and the client data transfer process. The server has two components: the server control process and the server data transfer process. The control connection is made between the control processes. The data connection is made between the data transfer processes. Separation of commands and data transfer makes FTP more efficient. The control connection uses very simple rules of communication. We need to transfer only a line of command or a line of response at a time. The data connection, on the other hand, needs more complex rules due to the variety of data types transferred. The two connections in FTP have different lifetimes. The control connection remains connected during the entire interactive FTP session. The data connection is opened and then closed for each file transfer activity. It opens each time commands that involve transferring files are used, and it closes when the file is transferred. In other words, when a user starts an FTP session, the control connection opens. While the control connection is open, the data connection can be opened and closed multiple times if several files are transferred. FTP uses two well-known TCP ports: port 21 is used for the control connection, and port 20 is used for the data connection. Write down the step by step procedure of maintaining an FTP Session.File transfer in FTP means one of three things: o A file is to be copied from the server to the client. This is called retrieving aft/e. It is done under the supervision of the RETR command, o A file is to be copied from the client to the server. This is called storing aft/e. It is done under the supervision of the STOR command. o A list of directory or file names is to be sent from the server to the client. This is done under the supervision of the LIST command. The following shows an actual FTP session for retrieving a list of items in a directory. $ ftp voyager.deanza.tbda.edu Connected to voyager.deanza.tbda.edu. 220 (vsFTPd 1.2.1) 530 Please login with USER and PASS. Name (voyager.deanza.tbda.edu:forouzan): forouzan 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> Is reports 227 Entering Passive Mode (153,18,17,11,238,169) 150 Here comes the directory listing. 226 Directory send OK. ftp>quit 221 Goodbye. 1. After the control connection is created, the FIP server sends the 220 (service ready) response on the control connection. 2. The client sends its name. 3. The server responds with 331 (user name is OK, password is required). 4. The client sends the password (not shown). 5. The server responds with 230 (user log-in is OK). 6. The client sends the list command OS reports) to find the list of files on the directory named report. 7. Now the server responds with 150 and opens the data connection. 8. The server then sends the list of the files or directories (as a file) on the data connection. 9. When the whole list (file) is sent, the server responds with 226 (closing data connection) over the control connection. 10. The client now has two choices. It can use the QUIT command to request the closing of the control connection, or it can send another command to start another activity (and eventually open another data connection). In our example, the client sends a QUIT command. 11. After receiving the QUIT command, the server responds with 221 (service closing) and then closes the control connection. Explain HTTP Transaction with request and response messages.The Hyper-Text Transfer Protocol (HTTP) is used to define how the client-server programs can be written to retrieve web pages from the Web. An HTTP client sends a request; an HTTP server returns a response. The server uses the port number 80; the client uses a temporary port number. HTTP uses the services of TCP, which, as discussed before, is a connection-oriented and reliable protocol. This means that, before any transaction between the client and the server can take place, a connection needs to be established between them. After the transaction, the connection should be terminated. The client and server, however, do not need to worry about errors in messages exchanged or loss of any message, because the TCP is reliable and will take care of this matter. As we discussed in the previous section, the hypertext concept embedded in web page documents may require several requests and responses. If the web pages, objects to be retrieved, are located on different servers, we do not have any other choice than to create a new TCP connection for retrieving each object. However, if some of the objects are located on the same server, we have two choices: to retrieve each object using a new TCP connection or to make a TCP connection and retrieve them all. The first method is referredto as a non-persistent connection, the second as a persistent connection. HTTP, prior to version 1.1, specified non-persistent connections, while persistent connections are the default in version 1.1, but it can be changed by the user. List the methods and its related action for HTTP protocol.The Hyper Text Transfer Protocol (HTTP) is used to define how the client-server programs can be written to retrieve web pages from the Web. An HTTP client sends a request; an HTTP server returns a response. The server uses the port number 80; the client uses a temporary port number. Methods The method field defines the request types. In version 1.1 of HTTP, several methods are defined. Most of the time, the client uses the GET method to send a request. In this case, the body of the message is empty. The HEAD method is used when the client needs only some information about the web page from the server, such as the last time it was modified. It can also be used to test the validity of a URL. The response message in this case has only the header section; the body section is empty. The PUT method is the inverse of the GET method; it allows the client to post a new web page on the server (if permitted). The POST method is similar to the PUT method, but it is used to send some information to the server to be added to the web page or to modify the web page. The TRACE method is used for debugging; the client asks the server to echo back the request to check whether the server is getting the requests. The DELETE method allows the client to delete a web page on the server if the client has permission to do so. The CONNECT method was originally made as a reserve method; it may be used by proxy servers, as discussed later. Finally, the OPTIONS method allows the client to ask about the properties of a web page. Classify traditional cipher. Explain Transpositional Cipher with an example.The two types of traditional symmetric ciphers are?Substitution Cipher?and?Transposition Cipher. The following flowchart categories the ?traditional ciphers:1.SubstitutionCipher:Substitution Ciphers are further divided into?Mono-alphabetic Cipher?and?Poly-alphabetic Cipher.First, let’s study about mono-alphabetic cipher.Mono-alphabeticCipher–In mono-alphabetic ciphers, each symbol in plain-text (eg; ‘o’ in ‘follow’) is mapped to one cipher-text symbol. No matter how many times a symbol occurs in the plain-text, it will correspond to the same cipher-text symbol. For example, if the plain-text is ‘follow’ and the mapping is :f -> go -> pl -> mw -> x The cipher-text is ‘gpmmpx’. Types of mono-alphabetic ciphers are: Additive Cipher (Shift Cipher / Caesar Cipher) –The simplest mono-alphabetic cipher is additive cipher. It is also referred to as ‘Shift Cipher’ or ‘Caesar Cipher’. As the name suggests, ‘addition modulus 2’ operation is performed on the plain-text to obtain a cipher-text. C = (M + k) mod n M = (C – k) mod n where,C -> cipher-textM -> message/plain-textk -> key The key space is 26. Thus, it is not very secure. It can be broken by brute-force attack.For more information and implementation see?Caesar CipherMultiplicativeCipher –The multiplicative cipher is similar to additive cipher except the fact that the key bit is multiplied to the plain-text symbol during encryption. Likewise, the cipher-text is multiplied by the multiplicative inverse of key for decryption to obtain back the plain-text. C=(M*k)modn M = (C * k-1) mod n where, k-1?-> multiplicative inverse of k (key) The key space of multiplicative cipher is 12. Thus, it is also not very secure.AffineCipher –The affine cipher is a combination of additive cipher and multiplicative cipher. The key space is 26 * 12 (key space of additive * key space of multiplicative) i.e. 312. It is relatively secure than the above two as the key space is larger.Here two keys k1?and k2?are used. C=[(M*k1)+k2]modn M = [(C – k2) * k1-1?] mod n For more information and implementation, see?Affine Cipher Now, let’s study about poly-alphabetic cipher.Poly-alphabetic Cipher –In poly-alphabetic ciphers, every symbol in plain-text is mapped to a different cipher-text symbol regardless of its occurrence. Every different occurrence of a symbol has different mapping to a cipher-text. For example, in the plain-text ‘follow’, the mapping is : f -> q o -> w l -> e l -> r o -> t w -> y Thus, the cipher text is ‘qwerty’. Types of poly-alphabetic ciphers are: 2.TranspositionCipher:The transposition cipher does not deal with substitution of one symbol with another. It focuses on changing the position of the symbol in the plain-text. A symbol in the first position in plain-text may occur in fifth position in cipher-text. Two of the transposition ciphers are: Columnar Transposition Cipher –For information and implementation, see?Columnar Transposition CipherRail-Fence Cipher –For information and implementation, see?Rail-Fence CipherTransposition Cipher with example:It is another type of cipher where the order of the alphabets in the plaintext is rearranged to create the ciphertext. The actual plaintext alphabets are not replaced.An example is a ‘simple columnar transposition’ cipher where the plaintext is written horizontally with a certain alphabet width. Then the ciphertext is read vertically as shown.For example, the plaintext is “golden statue is in eleventh cave” and the secret random key chosen is “five”. We arrange this text horizontally in table with number of column equal to key value. The resulting text is shown below. The ciphertext is obtained by reading column vertically downward from first to last column. The ciphertext is ‘gnuneaoseenvltiltedasehetivc’.To decrypt, the receiver prepares similar table. The number of columns is equal to key number. The number of rows is obtained by dividing number of total ciphertext alphabets by key value and rounding of the quotient to next integer value.The receiver then writes the received ciphertext vertically down and from left to right column. To obtain the text, he reads horizontally left to right and from top to bottom row.Explain AES architecture with clear figures.The more popular and widely adopted symmetric encryption algorithm likely to be encountered nowadays is the Advanced Encryption Standard (AES). It is found at least six time faster than triple DES.A replacement for DES was needed as its key size was too small. With increasing computing power, it was considered vulnerable against exhaustive key search attack. Triple DES was designed to overcome this drawback but it was found slow.The features of AES are as follows ?Symmetric key symmetric block cipher128-bit data, 128/192/256-bit keysStronger and faster than Triple-DESProvide full specification and design detailsSoftware implementable in C and JavaOperation of AESAES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations).Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix ?Unlike DES, the number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.The schematic of AES structure is given in the following illustration ?Encryption ProcessHere, we restrict to description of a typical round of AES encryption. Each round comprise of four sub-processes. The first round process is depicted below ? Byte Substitution (SubBytes)The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result is in a matrix of four rows and four columns.Shift rowsEach of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are re-inserted on the right side of row. Shift is carried out as follows ?First row is not shifted.Second row is shifted one (byte) position to the left.Third row is shifted two positions to the left.Fourth row is shifted three positions to the left.The result is a new matrix consisting of the same 16 bytes but shifted with respect to each other.Mix ColumnsEach column of four bytes is now transformed using a special mathematical function. This function takes as input the four bytes of one column and outputs four completely new bytes, which replace the original column. The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not performed in the last round.Add round keyThe 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of the round key. If this is the last round then the output is the ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and we begin another similar round.Decryption ProcessThe process of decryption of an AES ciphertext is similar to the encryption process in the reverse order. Each round consists of the four processes conducted in the reverse order ?Add round keyMix columnsShift rowsByte substitutionSince sub-processes in each round are in reverse manner, unlike for a Feistel Cipher, the encryption and decryption algorithms needs to be separately implemented, although they are very closely related.AES AnalysisIn present day cryptography, AES is widely adopted and supported in both hardware and software. Till date, no practical cryptanalytic attacks against AES has been discovered. Additionally, AES has built-in flexibility of key length, which allows a degree of ‘future-proofing’ against progress in the ability to perform exhaustive key searches.However, just as for DES, the AES security is assured only if it is correctly implemented and good key management is employed.Illustrate about symmetric key cryptography.Confidentiality can be achieved using ciphers. Ciphers can be divided into two broad categories: symmetric key and asymmetric-key.Symmetric-Key CiphersA symmetric-key cipher uses the same key for both encryption and decryption, and the key can be used for bidirectional communication, which is why it is called symmetric.general idea behind a symmetric-key cipher is mentioned in the figure given below. the symmetric-key encipherment uses a single key (the key itself may be a set of values) for both encryption and decryption. In addition, the encryption and decryption algorithms are inverses of each other. If P is the plaintext, C is the ciphertext, and K is the key, the encryption algorithm Ek(x) creates the ciphertext from the plaintext; the decryption algorithm Dk(x) creates the plaintext from the ciphertext. We assume that Ek(x) and Dk(x) are inverses of each other: they cancel the effect of each other if they are applied one after the other on the same input. We have in which, Dk(Ek(x)) = Ek(Dk(x)) = x. We need to emphasize that it is better to make the encryption and decryption public but keep the shared key secret.This means that Alice and Bob need another channel, a secured one, to exchange the secret key. Alice and Bob can meet once and exchange the key personally. The secured channel here is the face-to-face exchange of the key. They can also trust a third party to give them the same key. They can create a temporary secret key using another kind of cipher?asymmetric-key ciphers?which will be described later. Encryption can be thought of as locking the message in a box; decryption can be thought of as unlocking the box. In symmetric-key encipherment, the same key locks and unlocks, as shown in Figure 31.3. Later sections show that the asymmetric-key encipherment needs two keys, one for locking and one for unlocking.The symmetric-key ciphers can be divided into traditional ciphers and modern ciphers. Traditional ciphers are simple, character-oriented ciphers that are not secure based on today’s standard. Modern ciphers, on the other hand, are complex, bit oriented ciphers that are more secure. We briefly discuss the traditional ciphers to pave the way for discussing more complex modern ciphers.Traditional Symmetric-Key Ciphers Traditional ciphers belong to the past. However, we briefly discuss them here because they can be thought of as the components of the modern ciphers. To be more exact, we can divide traditional ciphers into substitution ciphers and transposition ciphers.Explain domain name space with neat diagram.Alternatively referred to as a namespace, a domain namespace is a name service provided by the Internet for Transmission Control Protocol networks/Internet Protocol (TCP/IP). DNS is broken up into domains, a logical organization of computers that exist in a larger network. Below is an example of the hierarchy of domain naming on the Internet. In the above example, all websites are broken into regional sections based on the top-level domain (TLD). In the example of it has a ".com" TLD, with "computer hope" as its second level domain that is local to the .com TLD, and "support" as its subdomain, which is determined by its server. Explain poly alphabetic substitution with a suitable example.In a polyalphabetic cipher, each occurrence of a character may have a different substitute. The relationship of a character in the plaintext to a character in the ciphertext is one-to-many. For example, “a” could be enciphered as “D” at the beginning of the text, but as “N” in the middle. Polyalphabetic ciphers have the advantage of hiding the letter frequency of the underlying language. Even single-letter frequency statistics cannot be used to break the ciphertext. To create a polyalphabetic cipher, we need to make each ciphertext character dependent on both the corresponding plaintext character and the position of the plaintext character in the message. This implies that our key should be a stream of subkeys, in which each subkey depends somehow on the position of the plaintext character that uses that subkey for encipherment. In other words, we need to have a key stream k = (k1, k2, k3, …) in which ki is used to encipher the ith character in the plaintext to create the ith character in the ciphertext. To see the position dependency of the key, let us discuss a simple polyalphabetic cipher called the autokey cipher. In this cipher, the key is a stream of subkeys, in which each subkey is used to encrypt the corresponding character in the plaintext. The first subkey is a predetermined value secretly agreed upon by Alice and Bob. The second subkey is the value of the first plaintext character (between 0 and 25). The third subkey is the value of the second plaintext character, and so on. The name of the cipher, autokey, implies that the subkeys are automatically created from the plaintext cipher characters during the encryption process. Example: Assume that Alice and Bob agreed to use an autokey cipher with initial key value k1 = 12. Now Alice wants to send Bob the message “Attack is today”. Enciphering is done character by character. Each character in the plaintext is first replaced by its integer value. The first subkey is added to create the first ciphertext character. The rest of the key is created as the plaintext characters are read. Note that the cipher is polyalphabetic because the three occurrences of “a” in the plaintext are encrypted differently. The three occurrences of “t” are also encrypted differently 39 Write a note on network security. Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and networkaccessible resources. Only network security can remove Trojan horse viruses if it is activated. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password. Security management for networks is different for all kinds of situations. A home or small office may only require basic security while large businesses may require high-maintenance and advanced software and hardware to prevent malicious attacks from hacking and spamming. Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wire shark traffic and may be logged for audit purposes and for later high-level analysis. Newer systems combining unsupervised machine learning with full network traffic analysis can detect active network attackers from malicious insiders or targeted external attackers that have compromised a user machine or account.Write a note on network work security is the security provided to a network from unauthorized access and risks. It is the duty of network administrators to adopt preventive measures to protect their networks from potential security puter networks that are involved in regular transactions and communication within the government, individuals, or business require security. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.Types of Network Security DevicesActive DevicesThese security devices block the surplus traffic. Firewalls, antivirus scanning devices, and content filtering devices are the examples of such devices.Passive DevicesThese devices identify and report on unwanted traffic, for example, intrusion detection appliances.Preventative DevicesThese devices scan the networks and identify potential security problems. For example, penetration testing devices and vulnerability assessment appliances.Unified Threat Management (UTM)These devices serve as all-in-one security devices. Examples include firewalls, content filtering, web caching, etc.Explain the following with an example. a) Web documents. b) WWW.a) A web page (also written as webpage) is a document that is suitable to act as a web resource on the World Wide Web. When accessed by a web browser it may be displayed as a web page on a monitor or mobile device. The documents on the web are called web pages. The web page usually means what is visible, but the term may also refer to a computer file, usually hypertext written in HTML or a comparable mark-up language. Web browsers coordinate various web resource elements for the written web page, such as style sheets, scripts, and images, to present the web page. Typical web pages provide hypertext that includes a navigation bar or a sidebar menu linking to other web pages via hyperlinks, often referred to as links.b) The World Wide Web (WWW), commonly known as the Web, is an information space where documents and other web resources are identified by Uniform Resource Locators (URLs, such as ), which may be interlinked by hypertext, and are accessible via the Internet. The resources of the WWW may be accessed by users via a software application called a web browser.Explain monoalphabetic substitution with suitable examplesA substitution cipher replaces one symbol with another. If the symbols in the plaintext are alphabetic characters, we replace one character with another. For example, we can replace letter A with letter D and letter T with letter Z. If the symbols are digits (0 to 9), we can replace 3 with 7 and 2 with 6. Substitution ciphers can be categorized as either monoalphabetic ciphers or polyalphabetic ciphers. Monoalphabetic Ciphers In a monoalphabetic cipher, a character (or a symbol) in the plaintext is always changed to the same character (or symbol) in the ciphertext regardless of its position in the text. For example, if the algorithm says that letter A in the plaintext is changed to letter D, every letter A is changed to letter D. In other words, the relationship between letters in the plaintext and the ciphertext is one-to-one. The simplest monoalphabetic cipher is the additive cipher (or shift cipher). Assume that the plaintext consists of lowercase letters (a to z), and that the ciphertext consists of uppercase letters (A to Z). To be able to apply mathematical operations on the plaintext and ciphertext, we assign numerical values to each letter (lowercase or uppercase), as shown in Figure 31.4. Encrypt the following message using mono alphabetic substitution with key=4. I AM FROM CHRIST UNIVERSITYKey=4c=p+e MOD 26 where, c= Ciphertextp=Plaintexte=Encryption key A=0, B=1, C=2, D=3, E=4, F=5, G=6, H=7, I=8, J=9, K=10, L=11, M=12, N=13, O=14,P=15, Q=16, R=17, S=18, T=19, U=20, V=21, W=22, X=23, Y=24, Z=25pp+ep+e MOD 26cI = 88+4=1212 MOD 26=1212=MA=00+4=44 MOD 26=44=EM=1212+4=1616 MOD 26=1616=QF=55+4=99 MOD 26=99=JR=1717+4=2121 MOD 26=2121=VO=1414+4=1818 MOD 26=1818=SM=1212+4=1616 MOD 26=1616=QC=22+4=66 MOD 26=66=GH=77+4=1111 MOD 26=1111=LR=1717+4=2121 MOD 26=2121=VI=88+4=1212 MOD 26=1212=MS=1818+4=2222 MOD 26=2222=WT=1919+4=2323 MOD 26=2323=XU=2020+4=2424 MOD 26=2424=YN=1313+4=1717 MOD 26=1717=RI=88+4=1212 MOD 26=1212=MV=2121+4=2525 MOD 26=2525=ZE=44+4=88 MOD 26=88=IR=1717+4=2121 MOD 26=2121=VS=1818+4=2222 MOD 26=2222=WI=88+4=1212 MOD 26=1212=MT=1919+4=2323 MOD 26=2323=XY=2424+4=2828 MOD 26=22=C Therefore the Encrypted Mono alphabetic substitution message is M EQ JVSQ GLVMWX YRMZIVWMXC. Decrypt the following message using Monoalphabetic substitution with key=4. IRGVCTXMSR MW JYR.Key=4m=c+d MOD 26 where, c= Ciphertextd=Decryption key d=-key mod 26 = (-4) mod 26 d=22 A=1, B=2, C=3, D=4, E=5, F=6, G=7, H=8, I=9, J=10, K=11, L=12, M=13, N=14, O=15, P=16, Q=17, R=18, S=19, T=20, U=21, V=22, W=23, X=24, Y=25, Z=26 Therefore the Decrypted Mono alphabetic substitution message is ENCRYPTION IS FUN Explain the following: a) HTTP. b) FTPHTTP FTP Figure 26.21 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download