St.

Mary’s University
School of Graduate Studies
MSc program in Computer Science
Final Exam Answer

Course Name: Computer System and Network Security

Time allowed: 4:00 hrs.
Date: March 11, 2021
Attempt all questions, show your work clearly

Name: Behaylu Yalew Tesfye Id: SGS/0375/2013

Question No.1
A. Briefly discuss computer and network authentication methods.
There are several methods to secure our computer or network,
Authentication is needed to provide some assurance about the source of a
message did it originate from the location it appears to have originated from, it
is the process of determining whether someone or something is, in fact, who or
what it declares itself to be it can be Physically or digital authentication One of
the simplest authentication methods is the use of a shared secret such as a
password. The other method is biometric e.g., fingerprint and facial Scan.
Passphrase is more secure than a password because it is more complex
because it uses characters to strong a security, Digital certificates it is security
method it gave a digital passport to identifies and verifies, Kerberos, Digital
card, Digital token, SSL are some others methods to secure our computer and
networks.
In general, they use to keeps invalid users out of networks and other
resources.

B. What main problem with the traditional symmetric-key cryptography is

solved by public-key cryptography?
The main problem on symmetric-key must share the same key to
encryption and decryption packages that mains a secret key known only by
sender and receiver but in asymmetric the sender and receiver use deferent
key to encrypt and decrypt the data so this increase for user’s authenticity it’s
 avoids the need of using a secure channel to communicate the key. Deferent
key for deferent user, in symmetric same key for deferent users.

Question No.2
A) Discuss how messages are digitally signed at the sender side and verified
at the receiver side using Hash function.

Digital signatures are created by encrypting a hash of the data with sender
private key, we gat the sender signature, this signature/hash can decrypt only
by sender public key.
E.g., let A is sender and B is receiver A crate a message and A encrypt a
message by hash function he uses his privet key to encrypt the message and
signed on his message then the message was gone to B must use to decrypt A
Public key.

B) Perform encryption and decryption using the RSA algorithm for: P=3,
q=11, e=7, m=5

P=3, q=11, e=7, m=5

N=(p*q)=33
Phi = (p-1)(q-1)=10*2=20
E =7
D=7-1 mod 20= 3
PU = (n,e)=(33,7)
PR =(n,d)(33,6)
M=5
C=57 mode 33=14
M=143 mode 33=5
Question No.3
A) If Parties A and B want to establish a secured and authenticated
communication link to exchange a secret session key using digital certificates,
what are the steps both parties should follow? (This is how Web is secured
using Secured Socket Layer (SSL/TLS/HTTPS)).

the two parties will ask public key from certification authorities A and B
if they both received there public key from CA they will exchange there public
key after that
After exchanging PU a will send message that contains A ID identifier and
nonce N as transaction identifier in order to secure that he will use B public
key so B will responds back using A PU and new N transaction identifier
So after this they will now they be sure communicating each other
After this A will select secret session key and encrypt with his own private key
send to B so that B will authenticate he is communicating with A so B will
decrypt message using his own private key and after that with A public key .

Question No.4
A) Discuss Diffie-Hellman Algorithm for generating a shared secret session key.
(This is an application of IPSec/ SSL/PGP/S/MIME…)
Given: Users A and B use the Diffie-Hellman key exchange technique with a
common prime q = 71 and a primitive root a = 7.
a. If user A has private keyXA = 5, what is A's public key YA?
b. If user B has private keyXB = 12, what is B's public key YB?

Diffie-Hellman Algorithm is used to exchange the secret key between the

sender and the receiver, it could not be used to send messages. algorithm
facilitates the exchange of secret key without actually transmitting it.

A, Ya=75 mode 71
= 16807 mod 71
=51
 B, YB=712mod 71
= 13841287201 mod 71
=4
KAB=YBXA mod 71
=45 mode 71
= 1024 mod 71
= 30
KAB=YAXB mod 71
=5112 mode 71
= mod 71
= 30

Question No.5

A. Why does polymorphism cause greater concern than traditional malware?

Because it changes over time making it more difficult to detect and anti-Virus
software see them like virus, they are appearing for anti-virus software.
Polymorphism makes it harder for antivirus software that rely on signature-based
detection schemes to detect the malware.
How does it affect detection?
because it change it self when it appear to anti-virus software so it will make
undetectable by looking pre-configured signatures. So it will change it self after
time to time to be undetected.

B. Present Direct Key Exchange (DKE) protocol for the exchange of secret
session key using RSA algorithm.
If A and B are sure about each other’s identity, and can be certain that a third
party will not masquerade, The key exchange protocols are more complex for
security that provides a higher level of either one-sided or mutual
authentication between two communicating parties. These protocols usually
involve Certificate Authorities.
Question No.6
A) In IPsec configuration, what is the difference between transport and tunnel
modes?
The key difference between transport and tunnel mode are tunnel mode
the original packet is encapsulated in another IP header. The addresses in the
other header can be different. In transport mode the IP addresses in the outer
header are used to determine the IPsec policy that will be applied to the packet
processed by AH/ESP and appropriate headers are added in front of the
transport header, IP header is then added in front of that by IP. In tunnel
mode, two IP headers are sent new and org Ip . The inner IP packet determines
the IPsec policy that protects its contents.
In general, transport mode IPsec only encapsulates the inner content
excluding the original IP header, while tunnel mode encapsulates the entire
inner content, including the IP header. In each case, the content needs to
traverse a network, therefore the outer IP header has to come from
somewhere.

B) What are the three main security services that VPN with IPSec provides?

 Confidentiality Protect against unauthorised data disclosure.

Accomplished by the use of encryption mechanisms.
 Integrity IPsec can determine if data has been changed intentionally or
unintentionally during transit. The integrity of data can be assured by
generating a message.
 and traffic key management analysis protection between end systems.
A person monitoring network traffic does not know which parties are
communicating, how often communications are occurring, or how much
data is being exchanged.
Question No.7
A. Why do we use Virtual Private Network (VPN) and how does a VPN work?
We use to connect two private networks together via the Internet for security
and used to connect remote users to a private network via the Internet for remotely
access, Reduced telecommunication costs, less expense for client and more income
for ISPs, long distance calls replaced by local calls, More remote access, increasing
collaborations, Greater scalability, Easy to add/remove users, Reduced long-
distance telecommunications costs, Mobility, Security…VPN work Two connections
one is made to the Internet and the second is made to the VPN. Datagrams contains
data, destination and source information. Firewalls VPNs allow authorized users to
pass through the firewalls. Protocols protocols create the VPN tunnels.

B. What are the different types of VPN and tunneling protocols?

types of VPN
 WAN VPN: Branch offices
 Access VPN: Roaming Users
 Extranet VPNs: Suppliers and Customers

types of tunneling protocols

 IPSec Tunnel Mode
RFC 2401
 Point-to-Point Tunneling Protocol (PPTP)
RFC 2637
 Layer 2 Tunneling Protocol (L2TP)
RFC 2661