Professional Documents
Culture Documents
2 Computer Security (CSE 17514) Model Answer Practice Test
2 Computer Security (CSE 17514) Model Answer Practice Test
Model Answer 2
Q2. a) Explain
i. Spoofing attack with diagram.
(Spoofing Diagram – 2M, Description 2M)
Spoofing is making data similar to it has come from a different
source.
This is possible in TCP/IP because of friendly assumptions
behind the protocols.
When packet is sent from one system to another, it includes not
only IP address and port of destination but the source IP address as
well.
Spoofing can takes advantage of a trusted relationship between
two systems.
Attacker takes advantage of this by sending a packet to one
system that appears to have come from a trusted system.
Target system may perform the requested task without
authentication.
The attacker will launch a DOS Attack to temporarily take out
the spoofed system for the period of time that the attacker is exploiting
the trusted relationship.
When attack is completed, DOS attack on the spoofed system is
terminated.
Initial Permutation
LPT RPT
16 16
Key Rounds Rounds
Inverse
Initial Permutation
Ciphertext 64 bit
The plaintext proceeds in three phases
1. Initial permutation (IP) that rearranges the bits to produce the
permuted input.
2. sixteen rounds involves both permutation and substitution
functions and outputs of last round are swapped to produce the
preoutput
3. inverse of the initial permutation function, to produce the 64-bit
ciphertext
Details of Single Round
Application Application
Transpor Transport
t
IPSe IPSec
c
Internet Internet
Physical Physical
Transmission
Media
Transport Mode
• Encrypts only data portion of packet,
• Thus enabling outsiders to see source & dest. IP address.
• This protects data being transmitted, but allows knowledge of
transmission.
• IPSec takes transport layer payload adds IPSec header & then
adds the IP header
• Thus the IP header in not encrypted.
• Protection of data portion of packet is referred as content
protection
Transport Layer
Payload
IP H IP Payload
Tunnel Mode
• Provides encryption of source & dest. IP addresses, as well as of
the data itself.
• It can only be done between IPSec servers because final dest.
Needs to be known for delivery.
• Protection of header information known as context protection.
• It takes IP datagram, including IP header.
• It adds IPSec header & trailer & encrypts whole thing.
• It then adds new IP header to this encrypted datagram
• It is possible to use both methods at the same time
• Such as using transport within ones own n/w to reach an IPSec
server
• Which then using the transport method from the target n/w IPSec
server to target host.
• Has three connections- host to server, server to server & host to
host.
Transport
Payload
IP H IP Payload
Interne
t
d) What is steganography? Give its advantages
(Steganography 3M, two advantages 1M)
Steganography is the art and science of writing hidden message
in such a way that no one, apart from the sender and intended
recipient, suspects the existence of the message.
Steganography process :
Cover media is the file in which we will hide the hidden data,
which may also be encrypted using stego-key.
Authentication
Server (AS)
KRB_AS_REQ 2
User
KRB_AS_REP Ticket Granting
Workstation Server (TGS)
1 KRB_TGS_REQ
4
KRB_TGS_REP
3
Once per
service Server
session 6
IP TCP
Header
AH Header
Original Data
Provides security for the higher level portion of packet not the IP
header.
Provides data confidentiality
Defines a new header, inserted into IP packet
Transform data into unreadable encrypted form.
The ESP will be inside AH i.e encryption happens first & then
authentication.
ESP Transport Mode
Used to encrypt and optionally authenticate data carried by IP.
ESP is inserted into the IP packet immediately before the
transport layer header & ESP trailer is inserted after the IP
packet.
If authentication is also used, ESP authentication field is added
after ESP trailer.
The entire transport layer segment & ESP trailer are encrypted.
IP TCP
Original Data
Header Header