LAB 2

1) Replay Attack:
Replay attack is a kind of network attack. It occurs when an unauthorized
user gets the network traffic and authorize itself at the receiver. The attacker
will interrupt the information between the sender and receiver and resend it
without changing the content. It communicates with the destination as
original sender and gets the confidentiality information from it.
Example: Suppose sender is communicates with the receiver via switch. The
hacker will get the access to switch and see the network traffic goes through
the switch. If sender tries to authenticate his information to the receiver, the
hacker gets this authentication data and authenticate itself at receiver. Now,
the hacker has authenticated at receiver and gains information from receiver.
2) Lets take an example of sender and receiver, sender is sending its
authorization details to receiver by hashing the data to communicate with
receiver. In the middle of network between sender and receiver, the attacker
gets the network access and get the identity of the sender and communicate
with the receiver as sender. The attacker replays the request to receiver and
gets the confidentiality information. Here are the steps of replay:

3) By the replay attack Confidentiality, Origin Integrity are violated. As the third
person who are not authorized officially at the server end can get the
confidential information by replay attack. Also, Attacker sends the information
with sender identity so, here Origin Integrity is violating.
4) When enforcing confidentiality, two common mechanisms are access control
and encryption.
Access control has three ways one is authentication, second one is
authorization, and the third one is accounting. Authorization is nothing but
giving access rights to the authorization people. It means one is giving read,
write, and execute permissions to people. The other way is authentication
process by username and password. In accounting tracking the information is
done. In the encryption mechanism, it will protect the privacy information.
The information will be encrypted and only the recipient can decrypt the
information. Encryption can be done in two ways, Symmetric and
Asymmetric. In symmetric encryption, the key shared before the
communication occurs. In Asymmetric, Key mechanism will be implemented.
They are two types of public key and private key. Both keys are invers each
other. In these two mechanisms, I would pick encryption mechanism because
encryption mechanism is more secured than access control. Getting
information from the encrypted data is more difficult than getting access
rights by hacking the system.

Context where Access control and encryption adopted:

Lets take a bank application, to transfer the money from person to another
person, first user should login into his account with his credentials like
username and password and he gets the access into his account. This is one
type of access control mechanism. Also, the logged in user can access
only authorized pages. He cant access the other pages. He can read, write in
the pages where he is authorized. He cant do these operations in the other
pages. For example, the account owner can read his account transactions and
can transfer money from his account to another account. But he cant read
other account holder details and he cant change their data. In the bank
application, there would be some data which is highly confidential. That data
will be encrypted by the public key pf the receiver and shared to the
respective person. The person can decrypt the data using his private key and
get the information. This mechanism is encryption mechanism. Lets take
the example of bank account statement. Bank personal account statement
data is highly confidential and it will be shared between authorized bank
employees and account owner. So the bank encrypts the account statement
with account owners public key and send the statement to the user. User can
decrypt the statement with his private key and get the information.
5) When choosing a mechanism to enforce data origin integrity in a computer
application that is to be deployed on small sensors, Digital Signatures may
not be best choice. Because, it needs more memory and its more expensive
compare to other mechanisms for data origin integrity. Also, for digital
signature we need to hash and store the signature in each sensor which is not
a good option to use for small sensors.
6) When choosing a mechanism to enforce data origin integrity in a computer
application that is to be deployed on small sensors, I would pick MAC
(Message Authentication Code) mechanism. Because it wont take more
memory and also MAC will provide both data and origin integrities as other
mechanisms are providing any one of the data and origin Integrity. Also, MAC
would costs less compare to other mechanisms and it would perform better
when compared to other mechanisms.