III B.Tech II Semester
Student Handbook For Network Security
Faculty: Mr. G. Kiran Kumar Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
UNIT I Syllabus:
Security Attacks (Interruption, Interception, Modification and Fabrication), Security Services (Confidentiality, Authentication, Integrity, Non-repudiation, access Control and Availability) and Mechanisms, A model for Internetwork security, Internet Standards and RFCs, Buffer overflow & format string vulnerabilities, TCP session hijacking, ARP attacks, route table modification, UDP hijacking, and man-in-the-middle attacks.
Objectives:
To understand the basic concepts of Security attacks
To understand the various to services and mechanisms
To understand the model for Information Security
To know the UDP hijacking
Lecture plan:
S.No. Topic No. of Lectures 1 Security Attacks 1 2 Security Services and Mechanisms 1 3 A model for Internetwork security 1 4 Internet Standards and RFCs 1 5 Buffer overflow & format string vulnerabilities 1 6 TCP session hijacking, ARP attacks 1 7 Route table modification, UDP hijacking 1 8 Man-in-the-middle attacks 1 8
Important Questions:
1. Define a Security attack. Explain in detail about the various types of attacks an Inter network is vulnerable to?
2 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
2. Write about Man-in-the-middle attacks?
3. Explain the Security services mentioned in X.800 in detail?
4. Explain the process of standardization process of Internet standards?
5. Describe the Internet standards and RFC’s?
6. “Gaining control over the Routing tables at layer 3 is one of the attacks” Explain how Route table’s modification is crucial?
7. Describe the various Security Services?
8. Compare TCP session hijacking and UDP hijacking?
9. What is a Security attack? Give the classification of the Security attacks?
Assignment Questions:
1. Discuss the following terms in detail with relevant examples:
i. Interruption ii. Interception iii. Modification iv. Fabrication
2. Write in detail about security mechanisms?
3. Discuss a model for Inter network security and Internet Standards?
UNIT II Syllabus:
Conventional Encryption Principles, Conventional encryption algorithms, cipher block modes of operation, location of encryption devices, key distribution Approaches of Message Authentication, Secure Hash Functions and HMAC.
Objectives:
3 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
To understand encryption and decryption
To understand Feistel Cipher Structure
To know various Encryption algorithms line DES, TDEA,AES,IDEA,Blowfish
To understand cipher block modes of operation
Lecture plan:
Topic No. of lectures 1 Conventional Encryption Principles 2 2 Conventional Encryption Algorithms, DES,3DES 2
3 Conventional Encryption Algorithms, AES 1 4 cipher block modes of operation, 1 CBC,CFM,CTR
5 key distribution Approaches of Message 1 Authentication 6 Secure Hash Functions 1 7 Simple,SHA1,HMAC 1 9
1. Explain the Secure Hash Algorithm (SHA-1) in detail with an example.
2. Discuss why Encryption is the most resorted security tool. Explain the
conventional encryption principles.
3. Explain how message authentication is provided without message encryption.
4. Describe Feistel’s cipher structure with a neat illustration.
5. Explain terms related to key distribution methods:
4 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
i. Session key iii. Key distribution centre
ii. Master key iv. Security service module
6. Compare and contrast between Cryptography and Cryptology.
7. Explain the various Key distribution methods?
8. Differentiate between the symmetric block ciphers and symmetric stream ciphers.
10. Write about Key distribution?
11. Compare AES cipher versus RC4 encryption algorithm?
Assignments:
1. Show that Fiestel decryption is the inverse of Fiestel encryption
2. If a bit error occurs in the transmission of a ciphertext character in 8-bit CFB mode how far does the error propagate?
3.Suppose that someone suggests the following way to confirm that the two of you are both in possession of the same secret key. You create a random bit string the length of the key, XOR it with the key and send the result over the channel. Your partner XORs the incoming block with the key and sends it back. Your check and if that you receive is your original random string, you have verified that your partner has the same secret key, yet neither of you has ever transmitted the key. Is there a flaw in this scheme?
UNIT III Syllabus:
Public key cryptography principles, public key cryptography algorithms, digital signatures, digital Certificates, Certificate Authority and key management Kerberos, X.509 Directory Authentication Service.
Objectives:
5 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
To understand the various approaches to message authentication
To understand SHA-1 Secure Hash Function
To understand the public key encryption Structure
To understand the RSA public key encryption algorithms
Lecture plan
S.No Topic No. of lectures 1 Public key cryptography principles: 1 Encryption.Authentication,Cryptosystems 2 public key cryptography algorithms 1 RSA, ,Difffie-Hellman key exchange 3 digital signatures 1 4 digital Certificates, 1 5 Certificate Authority 1 6 key management Kerberos 1 7 X.509 Directory Authentication Service 1 7
Important Questions:
1. Explain the procedure involved in RSA public-key encryption algorithm.
2. Explain what Kerberos is and give its requirements.
3. Explain the procedure involved in RSA public-key encryption algorithm.
4. Describe the Digital certificates.
5. Describe the X.509 version 3 in detail.
6. Describe Differences between Kerberos version 4 and version 5.
6 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
Assignment:
1. Perform the RSA algorithm on the given data and explain how encryption and decryption are performed on the message: p = 3; q = 11; e = 7; M = 5.
2. Consider a Diffie-Hellman scheme with a common prime q=11 and a primitive root α=2.
a).If user A has public key YA=9,what is A’s private key XA
b).If user B has public key YB =3 , what is the shared secret key K?
3. Alice and Bob wish to share private messages, where each of them of two separate keys generated. What kind of strategy would you suggest to ensure confidentiality, key management and authentication for the conversation between Alice and Bob? Explain the strategy and also highlight the design issues related to the strategy proposed.
UNIT-IV
Syllabus:
Email privacy: Pretty Good Privacy (PGP) and S/MIME
Objectives:
To understand the Cryptographic keys and Key Rings
To understand Public Key Management.
To understand about s/MIME Functionality, s/MIME Messages, S/MIME Certificate Processing
7 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
Lecture plan
S.No Topic No. of lectures 1 Pretty Good Privacy (PGP) 2 Email privacy, Header formats
2 S/MIME 2 3 Email privacy, 1 4 Header formats, mime types 1
6
Important Questions:
1. Discuss the following in relation with S/MIME: [Apr/May 2009] i. RFC 822 ii. MIME Header fields iii. MIME Content types
2. Explain the following terms in relation with the e-mail software - PGP: [Apr/May 2009] i. E-mail compatibility ii. Segmentation and reassembly.
3. Describe how authentication and confidentiality are handled in S/MIME. [Apr/May 2009]
4. Describe clearly the Public key management in PGP. [Apr/May 2009]
5. Show how the S/MIME certification process is carried out. [Apr/May 2010]
8 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
6. Clearly explain in detail the Multipurpose Internet Mail Extensions (MIME). [Aug/Sep 2008]
7. Explain the general format of a PGP message with a pictorial representation. [Apr/May 2008]
8. What is a Certification Authority and explain its role in S/MIME. [Apr/May 2010]
9. Compare and contrast the key management in PGP and S/MIME. [Nov/Dec 2009]
Assignment:
1. Phil Zimmerman choose IDEA, Triple DEA and CAST-128 as conventional encryption algs for PGP.Give reasons why each of the other conventional encryption algorithms described in this book is suitable or unsuitable for PGP:DES, two-kwy Triple DES, Blowfish, RC2 and RC5.
2. Consider radix-64 conversion as a form of encryption. In this case, there is no key. But suppose that an opponent knew only that some form of substitution algs was being used to encrypt English Text. How effective would this algorithm be against cryptanalysis.
3. Describe the five principal services that Pretty Good Privacy (PGP) provides.
UNIT-V
Syllabus:
IP Security Overview, IP Security Architecture, Authentication Header, Encapsulating Security Payload, Combining Security Associations and Key Management.
Objectives :
To understand about various benefits of IP security
To understand about different versions IP security services
9 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
To know about address mapping Techniques
Lecture plan
S.No Topic No. of lectures 1 IP Security Overview 1 2 IP Security Architecture 1 3 Authentication Header 1 4 Encapsulating Security Payload 1 5 Combining Security Associations 1 6 Key Management 2 7 Assignment:
1. In discussing AH processing, it was mentioned that not all of the fields in an IP header are included in MAC calculation.
a). For each of the fields in the IPv4 header, indicate whether the field is immutable, mutable but predictable, or mutable
b) Do the same for the IPv6 header.
c).Do the same for the IPv6 extension headers
In each case, justify your discussion for each field.
2. When tunnel mode is used, a new outer IP header is constructed. For both IPv4 and IPv6,indicate the relationship of each outer IP header field and each extension header in the outer packet to the corresponding field or extension header of the inner IP packet.That is indicate outer values are derived from inner values and which are constructed independently of the inner values.
3. Explain about tunneling and header translation and dual stack?
10 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
UNIT-VI
Syllabus:
Web Security Requirements, Secure Socket Layer (SSL) and Transport Layer Security (TLS), Secure Electronic Transaction (SET).
Objectives:
To know about various web security considerations
To know web traffic security Approaches
To know about SSL architecture
To understand SSL Record Protocol
To understand Secure Electronic Transactions
Lecture plan
S.No Topic No. of lectures 1 Web Security Requirements 1 2 Secure Socket Layer (SSL) 2 3 Transport Layer Security (TLS) 2 4 Secure Electronic Transaction (SET). 2 7
Important Questions
1. Explain the significance of dual signature in SET?
2. List the services provided by TLS?
3. Explain how SSL makes use of TCP to provide a reliable end-to-end secure
11 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
service.
Assignment:
1.In SSL and TSL, why is there a separate Change Cipher Spec Protocol, rather than including a change_cipher_spec messae in the Handshake Protocol?
2.Based on what ,is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so,explain how it can be done. If not whyt?
UNIT-VII
Syllabus:
Basic concepts of SNMP, SNMPv1 Community facility and SNMPv3. Intruders, Viruses and related threats. Objectives:
To know about Network Management Architecture
To understand about various versions of SNMP
To know about SNMP message formats
Lecture plan:
S.No Topic No. of lectures 1 Basic concepts of SNMP 2 2 SNMPv1 Community facility 1 3 SNMPv3 1 4 Intruders 2 5 Viruses and related threats 2 8
12 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
Important Questions:
1. Rule-based penetration identi_cation: intrusion detection
2.What is a traffic descriptor and what is traffic shaping?
3. Explain the intrusion detection tool: audit records?
Assignment:
1.RFC 2574 states that for a nonauthoritative engine, the values of msgAuthoritative EngineBoots and msgAuthoritativeEngineTime in an outgoing message header are set only if the message is to be authenticated by authoritative receiver.Why does this restriction make sense?
2.However, for a Response message from an authoritative engine, the values of msgAuthoritativeEngineBoots and msgAuthoritativeEngineTime in the outgoing message header are always set.why might this be so?
UNIT-VIII
Syllabus:
Firewall Design principles, Trusted Systems. Intrusion Detection Systems
Objectives:
To know about various types Firewalls
To understand Firewall configurations
To know Trojan Horse Defense
Lecture Plan:
13 Dept. of Computer Science Engineering, School of Engineering, Anurag Group of Institutions
S.No Topic No. of lectures 1 Firewall Design principles 2 2 Trusted Systems 2 3 Intrusion Detection Systems 1 5
Important Questions:
Discuss 3 configurations of firewalls.
Explain in detail the two broad categories of statistical anomaly detection and also mention the measures that may be used for intrusion detection.
Explain Application-level gateway: Firewall.
What is R64 conversion? Why is R64 conversion useful for an e-mail application?
Explain: Rule-based penetration identification: intrusion detection
Assignment:
1. The necessity of the “no read up” rule for a multilevel secure system is fairly obvious .what is the importance of the “no-write down” rule?
2. The encryption scheme used for UNIX passwords in one way; it is not possible ASCII characters and that all passwords are 10 characters length. Assume a pwd cracker with an encryption rate of 6.4 million encryptions per second. How long will it take to test exhaustively all possible passwords on a UNIX system?
14