network security

III B.Tech II Semester

Network Security

Faculty: Mr.G.Srinivas

Dept. of Computer Science Engineering, VCET

UNIT I

Syllabus:

Security Attacks (Interruption, Interception, Modification and Fabrication), Security Services (Confidentiality, Authentication, Integrity, Non-repudiation, access Control and Availability) and Mechanisms, A model for Internetwork security, Internet Standards and RFCs, Buffer overflow & format string vulnerabilities, TCP session hijacking, ARP attacks, route table modification, UDP hijacking, and man-in-the-middle attacks.

Objectives:

To understand the basic concepts of Security attacks

To understand the various to services and mechanisms

To understand the model for Information Security

To know the UDP hijacking

Lecture plan:

S.No. Topic No. of Lectures

1 Security Attacks 12 Security Services and Mechanisms 13 A model for Internetwork security 14 Internet Standards and RFCs 15 Buffer overflow & format string vulnerabilities 16 TCP session hijacking, ARP attacks 17 Route table modification, UDP hijacking 18 Man-in-the-middle attacks 1

8

Important Questions:

1. Define a Security attack. Explain in detail about the various types of attacks an Inter network is vulnerable to?

2


2. Write about Man-in-the-middle attacks?

3. Explain the Security services mentioned in X.800 in detail?

4. Explain the process of standardization process of Internet standards?

5. Describe the Internet standards and RFC’s?

6. “Gaining control over the Routing tables at layer 3 is one of the attacks” Explain how Route table’s modification is crucial?

7. Describe the various Security Services?

8. Compare TCP session hijacking and UDP hijacking?

9. What is a Security attack? Give the classification of the Security attacks?

Assignment Questions:

1. Discuss the following terms in detail with relevant examples:

i. Interruption ii. Interception iii. Modification iv. Fabrication

2. Write in detail about security mechanisms?

3. Discuss a model for Inter network security and Internet Standards?

UNIT II

Syllabus:

Conventional Encryption Principles, Conventional encryption algorithms, cipher block modes of operation, location of encryption devices, key distribution Approaches of Message Authentication, Secure Hash Functions and HMAC.

Objectives:

To understand encryption and decryption

3


To understand Feistel Cipher Structure

To know various Encryption algorithms line DES, TDEA,AES,IDEA,Blowfish

To understand cipher block modes of operation

Lecture plan:

Topic No. of lectures

1 Conventional Encryption Principles 22 Conventional Encryption Algorithms, DES,3DES 2

3 Conventional Encryption Algorithms, AES 14 cipher block modes of operation,

CBC,CFM,CTR1

5 key distribution Approaches of Message Authentication

1

6 Secure Hash Functions 17 Simple,SHA1,HMAC 1

9

1. Explain the Secure Hash Algorithm (SHA-1) in detail with an example.

2. Discuss why Encryption is the most resorted security tool. Explain the

conventional encryption principles.

3. Explain how message authentication is provided without message encryption.

4. Describe Feistel’s cipher structure with a neat illustration.

5. Explain terms related to key distribution methods:

i. Session key iii. Key distribution centre

4


ii. Master key iv. Security service module

6. Compare and contrast between Cryptography and Cryptology.

7. Explain the various Key distribution methods?

8. Differentiate between the symmetric block ciphers and symmetric stream ciphers.

10. Write about Key distribution?

11. Compare AES cipher versus RC4 encryption algorithm?

Assignments:

1. Show that Fiestel decryption is the inverse of Fiestel encryption

2. If a bit error occurs in the transmission of a ciphertext character in 8-bit CFB mode how far does the error propagate?

3.Suppose that someone suggests the following way to confirm that the two of you are both in possession of the same secret key. You create a random bit string the length of the key, XOR it with the key and send the result over the channel. Your partner XORs the incoming block with the key and sends it back. Your check and if that you receive is your original random string, you have verified that your partner has the same secret key, yet neither of you has ever transmitted the key. Is there a flaw in this scheme?

UNIT III

Syllabus:

Public key cryptography principles, public key cryptography algorithms, digital signatures, digital Certificates, Certificate Authority and key management Kerberos, X.509 Directory Authentication Service.

Objectives:

To understand the various approaches to message authentication

5


To understand SHA-1 Secure Hash Function

To understand the public key encryption Structure

To understand the RSA public key encryption algorithms

Lecture plan

S.No Topic No. of lectures

1 Public key cryptography principles: Encryption.Authentication,Cryptosystems

1

2 public key cryptography algorithmsRSA, ,Difffie-Hellman key exchange

1

3 digital signatures 14 digital Certificates, 15 Certificate Authority 16 key management Kerberos 1

7 X.509 Directory Authentication Service 17


1. Explain the procedure involved in RSA public-key encryption algorithm.

2. Explain what Kerberos is and give its requirements.

3. Explain the procedure involved in RSA public-key encryption algorithm.

4. Describe the Digital certificates.

5. Describe the X.509 version 3 in detail.

6. Describe Differences between Kerberos version 4 and version 5.

6


Assignment:

1. Perform the RSA algorithm on the given data and explain how encryption and decryption are performed on the message: p = 3; q = 11; e = 7; M = 5.

2. Consider a Diffie-Hellman scheme with a common prime q=11 and a primitive root α=2.

a).If user A has public key YA=9,what is A’s private key XA

b).If user B has public key YB =3 , what is the shared secret key K?

3. Alice and Bob wish to share private messages, where each of them of two separate keys generated. What kind of strategy would you suggest to ensure confidentiality, key management and authentication for the conversation between Alice and Bob? Explain the strategy and also highlight the design issues related to the strategy proposed.

UNIT-IV

Syllabus:

Email privacy: Pretty Good Privacy (PGP) and S/MIME

Objectives:

To understand the Cryptographic keys and Key Rings

To understand Public Key Management.

To understand about s/MIME Functionality, s/MIME Messages, S/MIME Certificate Processing

7


Lecture plan


1 Pretty Good Privacy (PGP) Email privacy, Header formats

2

2 S/MIME 23 Email privacy, 14 Header formats, mime types 1

6


1. Discuss the following in relation with S/MIME: [Apr/May 2009]

i. RFC 822

ii. MIME Header fields

iii. MIME Content types

2. Explain the following terms in relation with the e-mail software - PGP: [Apr/May 2009]

i. E-mail compatibility

ii. Segmentation and reassembly.

3. Describe how authentication and confidentiality are handled in S/MIME. [Apr/May 2009]

4. Describe clearly the Public key management in PGP. [Apr/May 2009]

5. Show how the S/MIME certification process is carried out. [Apr/May 2010]

8


6. Clearly explain in detail the Multipurpose Internet Mail Extensions (MIME). [Aug/Sep 2008]

7. Explain the general format of a PGP message with a pictorial representation. [Apr/May 2008]

8. What is a Certification Authority and explain its role in S/MIME. [Apr/May 2010]

9. Compare and contrast the key management in PGP and S/MIME. [Nov/Dec 2009]

Assignment:

1. Phil Zimmerman choose IDEA, Triple DEA and CAST-128 as conventional encryption algs for PGP.Give reasons why each of the other conventional encryption algorithms described in this book is suitable or unsuitable for PGP:DES, two-kwy Triple DES, Blowfish, RC2 and RC5.

2. Consider radix-64 conversion as a form of encryption. In this case, there is no key. But suppose that an opponent knew only that some form of substitution algs was being used to encrypt English Text. How effective would this algorithm be against cryptanalysis.

3. Describe the five principal services that Pretty Good Privacy (PGP) provides.

UNIT-V

Syllabus:

IP Security Overview, IP Security Architecture, Authentication Header, Encapsulating Security Payload, Combining Security Associations and Key Management.

Objectives :

To understand about various benefits of IP security

9


To understand about different versions IP security services

To know about address mapping Techniques

Lecture plan


1 IP Security Overview 12 IP Security Architecture 13 Authentication Header 14 Encapsulating Security Payload 15 Combining Security Associations 16 Key Management 2

7

Assignment:

1. In discussing AH processing, it was mentioned that not all of the fields in an IP header are included in MAC calculation.

a). For each of the fields in the IPv4 header, indicate whether the field is immutable, mutable but predictable, or mutable

b) Do the same for the IPv6 header.

c).Do the same for the IPv6 extension headers

In each case, justify your discussion for each field.

2. When tunnel mode is used, a new outer IP header is constructed. For both IPv4 and IPv6,indicate the relationship of each outer IP header field and each extension header in the outer packet to the corresponding field or extension header of the inner IP packet.That is indicate outer values are derived from inner values and which are constructed independently of the inner values.

3. Explain about tunneling and header translation and dual stack?

10


UNIT-VI

Syllabus:

Web Security Requirements, Secure Socket Layer (SSL) and Transport Layer Security (TLS), Secure Electronic Transaction (SET).

Objectives:

To know about various web security considerations

To know web traffic security Approaches

To know about SSL architecture

To understand SSL Record Protocol

To understand Secure Electronic Transactions

Lecture plan


1 Web Security Requirements 12 Secure Socket Layer (SSL) 23 Transport Layer Security (TLS) 24 Secure Electronic Transaction (SET). 2

7

Important Questions

1. Explain the significance of dual signature in SET?

2. List the services provided by TLS?

11


3. Explain how SSL makes use of TCP to provide a reliable end-to-end secure service.

Assignment:

1.In SSL and TSL, why is there a separate Change Cipher Spec Protocol, rather than including a change_cipher_spec messae in the Handshake Protocol?

2.Based on what ,is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so,explain how it can be done. If not whyt?

UNIT-VII

Syllabus:

Basic concepts of SNMP, SNMPv1 Community facility and SNMPv3.

Intruders, Viruses and related threats.

Objectives:

To know about Network Management Architecture

To understand about various versions of SNMP

To know about SNMP message formats

Lecture plan:

S.No Topic No. of lectures1 Basic concepts of SNMP 22 SNMPv1 Community facility 13 SNMPv3 1

4 Intruders 25 Viruses and related threats 2

8

12



1. Rule-based penetration identi_cation: intrusion detection

2.What is a traffic descriptor and what is traffic shaping?

3. Explain the intrusion detection tool: audit records?

Assignment:

1.RFC 2574 states that for a nonauthoritative engine, the values of msgAuthoritative EngineBoots and msgAuthoritativeEngineTime in an outgoing message header are set only if the message is to be authenticated by authoritative receiver.Why does this restriction make sense?

2.However, for a Response message from an authoritative engine, the values of msgAuthoritativeEngineBoots and msgAuthoritativeEngineTime in the outgoing message header are always set.why might this be so?

UNIT-VIII

Syllabus:

Firewall Design principles, Trusted Systems. Intrusion Detection Systems

Objectives:

To know about various types Firewalls

To understand Firewall configurations

To know Trojan Horse Defense

13


Lecture Plan:

S.No Topic No. of lectures1 Firewall Design principles 22 Trusted Systems 23 Intrusion Detection Systems 1

5


Discuss 3 configurations of firewalls.

Explain in detail the two broad categories of statistical anomaly detection and also mention the measures that may be used for intrusion detection.

Explain Application-level gateway: Firewall.

What is R64 conversion? Why is R64 conversion useful for an e-mail application?

Explain: Rule-based penetration identification: intrusion detection

Assignment:1. The necessity of the “no read up” rule for a multilevel secure system is fairly

obvious .what is the importance of the “no-write down” rule?2. The encryption scheme used for UNIX passwords in one way; it is not

possible ASCII characters and that all passwords are 10 characters length. Assume a pwd cracker with an encryption rate of 6.4 million encryptions per second. How long will it take to test exhaustively all possible passwords on a UNIX system?

14

network security

Documents

computer science engineering

secure electronic transaction

route table modification

pretty good privacy

conventional encryption principles

conventional encryption algorithms

key distribution methods

transport layer security