CNS QB 2 MK WA
of 25
Transcript of CNS QB 2 MK WA
-
7/25/2019 CNS QB 2 MK WA
1/25
SASURIE ACADEMY OF ENGINEERING
NH-209, Sathy Main Road, Kariya!a"aya, Coi#ator$ - %&' %()
1
'.*hat i+ ry!to"oy.
Cryptology is the study of cryptography and cryptanalysis.
2.*hat i+ th$ di//$r$n$ #$t$$n an 1nonditiona""y +$1r$ i!h$r and a
o!1tationa""y +$1r$ i!h$r.
_ An unconditionally secure cipher is a scheme such that if the cipher text generated by thescheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much cipher text is available. A computationally secure scheme is suchthat the cost of breaking the cipher exceeds the value of the encrypted information and the
time required to break the cipher exceeds the useful lifetime of the information.
). ri$/"y d$/in$ th$ Ca$+ar i!h$r3
he Caesar cipher involves replacing each letter of the alphabet with the letter standing
three places further down the alphabet. !or example"
#lain" meet me after the toga party
Cipher" #$$% #$ &'%$( %)$ %*+& &(%-
&. ri$/"y d$/in$ th$ onoa"!ha#$ti i!h$r.
A monoalphabetic cipher maps from a plain alphabet to cipher alphabet. $ere a single cipheralphabet is used per message.
Fina" Y$ar Co!1t$r Si$n$ and Enin$$rin, 4
DE5AR6MEN6 OF COM5U6ER SIENCE AND ENGINEERING
UNI6-I
2 Mar7+ 81$+tion and An+$r
th
S$$+t$r
S1#$t Cod$ : Na$ ; Cry!tora!hy and N$tor7 S$1rity
-
7/25/2019 CNS QB 2 MK WA
2/25
(. ri$/"y d$/in$ th$ !"ay/air i!h$r3
he best/known multiple/letter encryption cipher is the playfair, which treats diagrams in theplain text as single units and translates these units into cipher text diagrams.
%.*hat ar$ th$ to !ro#"$+ ith on$-ti$ !ad.
1.'t makes the problem of making large quantities of random keys.
.'t also makes the problem of key distribution and protection.
4.*hat i+ a tran+!o+ition i!h$r.
ransposition cipher is a cipher, which is achieved by performing some sort of
permutation on the plaintext letters.
ia a i!h$r.
'f both sender and receiver use the same key, the system is referred to as symmetric, singlekey, secret key, or conventional encryption. 'f the sender and receiver each use a differentkey, the system is referred to as asymmetric, two/key, or public/key encryption.
'0.*hat i+ th$ di//$r$n$ #$t$$n a #"o7 i!h$r and a +tr$a i!h$r.
A block cipher processes the input one block of elements at a time, producing an outputblock for each input block. A stream cipher processes the input elements continuously,producing output one element at a time, as it goes along.
''.
*hat ar$ th$ to a!!roah$+ to atta7in a i!h$r0
he two approaches to attack a cipher are"
Cryptanalysis
-rute/force attack
'2.*hat i+ St$anora!hy.
his conceals the existence of the message.
-
7/25/2019 CNS QB 2 MK WA
3/25
').*hy i+ it i!ortant to +t1dy /$i+t$" i!h$r.
his cipher can be used to approximate the simple substitution cipher by utili2ing theconcept of a product cipher, which is the performing of two or more basic ciphers insequence in such a way that the final result or product is cryptographically stronger than anyof the component ciphers.
'&.*hy i+ it not !ratia" to 1+$ an ar#itrary r$>$r+i#"$ +1#+tit1tion i!h$r.
An arbitrary reversible cipher for a large block si2e is not practical, however, from animplementation and performance point of view. $ere the mapping itself is the key.
'(.*hat i+ th$ di//$r$n$ #$t$$n di//1+ion and on/1+ion.
'n diffusion, the statistical structure of the plain text is dissipated into long/range statistics of
the cipher text. his is achieved by permutation. 'n confusion, the relationship between thestatistics of the cipher text and the value of the encryption key is made complex. 't isachieved by substitution.
'%.*hih !ara$t$r+ and d$+in hoi$+ d$t$rin$ th$ at1a" a"orith o/ a /$i+t$"
i!h$r.
-lock si2e )ey si2e
3umber of rounds ub key generation algorithm *ound functions !ast software encryption or decryption 4ase of analysis
'4.*hat i+ th$ !1r!o+$ o/ th$ S-#o?$+ in DES.
4ach row of a /box defines a general reversible substitution. 't consists of a set of eight /boxes, each of which accepts 5 bits as input and produces 6 bits as output.
'
-
7/25/2019 CNS QB 2 MK WA
4/25
6
'9. *hat i+ th$ di//$r$n$ #$t$$n a ono a"!ha#$ti i!h$r and a !o"y a"!ha#$ti
i!h$r.
7ono alphabetic cipher" $ere a single cipher alphabet is used.
#oly alphabetic cipher" $ere a set of related mono alphabetic substitution rules is used.
20.@i+t th$ ty!$+ o/ ry!tana"yti atta7+3
Cipher text only )nown plaintext Chosen plaintext Chosen cipher text
Chosen text
2'.*hat ar$ th$ $++$ntia" inr$di$nt+ o/ a +y$tri i!h$r.
A symmetric cipher encryption has five ingredients. hey are"
#laintext
4ncryption algorithm
ecret key
Cipher text
&ecryption algorithm
-
7/25/2019 CNS QB 2 MK WA
5/25
8
UNI6 II
'.*hat i+ th$ !1r!o+$ o/ th$ Stat$ array.
A single 19/bit block is depicted as a square matrix of bytes. his block is copied into thetate array, which is modified at each stage of encryption or decryption. After the final stage,tate is copied to an output matrix.
2.Ho i+ th$ S-#o? on+tr1t$d.
he /box is constructed in the following fashion"
'nitiali2e the /box with the byte values in ascending sequence row by row. he
first row contains :;;
-
7/25/2019 CNS QB 2 MK WA
6/25
5
%.*hat a+ th$ oriina" +$t o/ rit$ria 1+$d #y NIS6 to $>a"1at$ andidat$ AES
i!h$r.
he original set of criteria used by 3' to evaluate candidate A4 cipher was"
ecurityActual ecurity
*andomness
oundness
ther security factors Cost Dicensing *equirements Computational 4fficiency 7emory *equirements Algorithm And 'mplementation
Characteristics !lexibility $ardware and software suitability implicity
4.*hat a+ th$ /ina" +$t o/ rit$ria 1+$d #y NIS6 to $>a"1at$ andidat$ AES
i!h$r+.
he final set of criteria used by 3' to evaluate candidate A4 ciphers was"
?eneral ecurity
oftware 'mplementations *estricted/pace 4nvironments $ardware 'mplementations Attacks n 'mplementations 4ncryption vs. &ecryption )ey Agility ther Eersatility And !lexibility #otential for 'nstruction/Devel #arallelism
-
7/25/2019 CNS QB 2 MK WA
7/25
B
shift. econd *ow a 1/byte circular left shift is performed. hird *ow a /byte circular leftshift is performed. !or the !ourth *ow a /byte circular left shift is performed. 'n 'nverse hift*ow, each row perform circular right shift.
'0.Ho any #yt$+ in Stat$ ar$ a//$t$d #y Shi/t Ro+.
otally 5/bytes in state are affected by hift *ows.
''.ri$/"y d$+ri#$ Mi? Co"1n+3
7ix Column is substitution that makes use of arithmetic over [email protected] Column
operates on each column individually. 4ach byte of a column is mapped into a new valuethat is a function of all four bytes in the column. he 7ix Column ransformation combinedwith the shift row transformation ensures that after a few rounds, all output bits depend onall input bits.
'2.ri$/"y d$+ri#$ Add Ro1nd K$y3
'n Add *ound )ey, the 19 bits of tate are bit wise F*ed with the 19 bits of the roundkey. he operation is viewed as a column wise operation between the 6 bytes of a tatecolumn and one word of the round key> it can also be viewed as a byte/level operation. heAdd *ound )ey transformation is as simple as possible and affects every bit of tate.
').ri$/"y d$+ri#$ th$ K$y E?!an+ion A"orith3
he A4 key expansion algorithm takes as input a 6/word@15/byte key and produces a
linear array of 66 words@185 bytes. his is sufficient to provide a 6/word round key for
the initial Add *ound )ey stage and each of the 1; rounds of the cipher.
'&.*hat i+ th$ di//$r$n$ #$t$$n S1# yt$+ and S1# *ord.
ub -ytes" ub -ytes uses an /box to perform a byte/by/byte substitution of the block. ub%ord" ub %ord performs a byte substitution on each byte of its input word,using the box.
'(.*hat i+ th$ di//$r$n$ #$t$$n Shi/t Ro+ and Rot *ord.
hift *ows"
hift *ow is simple permutation. 't shifts the rows circularly left or right.
*ot %ord"*ot word performs a one/byte circular left shift on a word. his means that an
input word Gb;,b1,b,bH is transformed into Gb1,b,b,b;H.
-
7/25/2019 CNS QB 2 MK WA
8/25
9
'%.*hat i+ tri!"$ $nry!tion.
uchman proposed a triple encryption method that uses only two keys G(C$BIH. hefunction follows an encrypt J decrypt J encrypt @4&4 sequence.
CK4k1G&kG4k1G#HHH here is no cryptographic significance to the use of decryption for the
second stage. 'ts only advantage is that it allows users of &4 to decrypt data encrypted byusers of the older single &4"
CK4k1G&kG4k1G#HHH K 4k1G#H
'4.*hat i+ a $$t-in-th$-idd"$ atta7.
7eet/in/the/middle attack, was first described in G&'!!BBH. 't is based on the
observation that, if we have
CK4kG4k1G#HH
hen
FK4k1G#HK&kGCH
?iven a known pair, @#,C, the attack proceeds as follows. !irst, encrypt # for all
85 possible values of )1. tore these results in a table and then sort the table by the
values of F. 3ext, decrypt C using all 85 possible values of ). As each decryption isproduced, check the result against the table for a match. 'f a match occurs, then test the tworesulting keys against a new known plaintext/ciphertext pair. 'f the two keys produce the
correct ciphertext, accept them as the correct keys.
'
-
7/25/2019 CNS QB 2 MK WA
9/25
I
20.*hy do +o$ #"o7 i!h$r od$+ o/ o!$ration on"y 1+$ $nry!tion hi"$ oth$r+
1+$ #oth $nry!tion and d$ry!tion.
ome block cipher modes of operation only use encryption because the input is set to someinitiali2ation vector and the leftmost bits of the output of the encryption function are F*edwith the first segment of plain text p1 to produce the first unit of cipher text C1 and it istransmitted. %hile in decryption, the cipher text is F*ed with the output of the encryption
function to produce the plain text.
-
7/25/2019 CNS QB 2 MK WA
10/25
1;
UNI6 III
'.@i+t i!ortant d$+in on+id$ration+ /or a +tr$a i!h$r3
he encyption sequence should have a large period. he keystream should
approximate the properties of a true random number stream as close as possible. heoutput of the pseudorandom number generator is conditioned on the value of the input
key.
2.*hy i+ it not d$+ira#"$ to r$1+$ a +tr$a i!h$r 7$y.
'f two plaintexts are encrypted with the same key using a stream cipher then
cryptanalysis is often quite simple. 'f the two ciphertext streams are F*ed together theresult is the F* of the original plaintexts. o it is not desirable to reuse a stream cipher
key.
).*hat !riiti>$ o!$ration+ ar$ 1+$d in "o/i+h.
-lowfish uses two primitive operations"
Addition; Addition of words, denoted by M, is performed modulo )2.
it i+$ $?"1+i>$-OR; his operation is denoted by N.
&.*hat oon ath$atia" on+tant+ ar$ 1+$d in RC(.
W :%ord si2e in bits. *C8 encrypts /word
blocks.
15,,56
r:3umber of rounds. ;,1,=.,88
B3umber of 9/bit bytes @octets in the secret
key ).
0,1,=.,88
(.*hat !riiti>$ o!$ration+ ar$ 1+$d in RC(.
*C8 uses three primitive operations @and their inverse"
Addition; Addition of words, denoted by M, is performed modulo w. he inverse
operation, denoted by /, is subtraction modulo w.
-
7/25/2019 CNS QB 2 MK WA
11/25
11
iti+$ $?"1+i>$-OR; his operation is denoted by O NP.
@$/t i1"ar rotation; he cyclic rotation of word x left by y bits is denoted by
xQQQy. he inverse is the right circular rotation of word x by y bits, denoted by
xRRRy.
%.*hat !riiti>$ o!$ration i+ 1+$d in RC&.
he primitive operation used in *C6 is bit wise 4xclusive/* @F* operation.
4.For a 1+$r or7+tation+ in a ty!ia" #1+in$++ $n>iron$nt, "i+t !ot$ntia" "oation+
/or on/id$ntia"ity atta7+3
DA3s in the same building that are interconnected with bridges and routers.
he wiring closet itself is vulnerable.
wisted pair and coaxial cable can be attacked using either invasive taps or
inductive devices that monitor electromagnetic emanation.
'n addition to the potential vulnerability of the various communications links, the
various processors along the path are themselves subSect to attack.
-
7/25/2019 CNS QB 2 MK WA
12/25
1
'0.*hat i+ tra//i !addin and hat i+ it+ !1r!o+$.
raffic padding produces ciphertext output continuously, even in the absence of
plaintext. A continuous random data stream is generated. %hen plaintext is available, it is
encrypted and transmitted. %hen input plaintext is not present, random data are
encrypted and transmitted.
''.@i+t ay+ in hih +$r$t 7$y+ an #$ di+tri#1t$d to to o1niatin !arti$+3
A can select a key and physically deliver it to -.
A third party can select the key and physically deliver it o A and -
'f A and - have previously and recently used a key, one party can transmit the
new key to the other, encrypted using the old key
'f A and - each has an encrypted connection to a third party C, C can deliver a
key on the encrypted links to A and -
'2.*hat i+ th$ di//$r$n$ #$t$$n a +$++ion 7$y and a a+t$r 7$y.
ession key 7aster key Communication between end systems is encrypted using temporarykey, often referred to as a session key. ession keys are transmitted in encrypted form,using master key that is shared by the keys distribution center and an end system. hesession key is used for the duration of a logical connection, such as a frame relay
connection or transport connection, and then discarded. !or each end system or user, thereis a unique master key that it shares with the key distribution center. hese master keysmust be distributed in some fashion.
').*hat i+ non$.
Consider A issues a request to the )&C for a session key to protect a logical
connection to -. he message includes the identity of A and - and a unique identifier, 31,for this transaction, which we refer to as nonce. he nonce may be a timestamp, a counter,
or a random number.
'&.*hat i+ 7$y di+tri#1tion $nt$r.
A key distribution center is responsible for distributing keys to pairs of users such
as hosts, processes, applications. 4ach user must share a unique key with the keydistribution center for purposes of key distribution.
-
7/25/2019 CNS QB 2 MK WA
13/25
1
'(.*hat i+ th$ di//$r$n$ #$t$$n +tati+tia" randon$++ and 1n!r$dita#i"ity.
'n applications such as reciprocal authentication and session key generation the
requirement is not so much that the sequence of numbers be statistically random but that
the successive numbers of the sequence are unpredictable. %ith true random sequences
each number is statistically independent of other numbers in the sequence and thereforeunpredictable.
'%.*hat i+ th$ di//$r$n$ #$t$$n Rinda$" and AES.
A4 was developed by 3' .A4 is a symmetric block cipher that is intended to replace&4.3' selected riSndael as the proposed A4 algorithm. he two researchers whodeveloped and submitted *iSndael for the A4 are the both cryptographers from -elgium.
'4.*hy i+ th$ idd"$ !ortion o/ )DES a d$ry!tion rath$r than an $nry!tion.
&ecryption requires that the keys be applied in reverse order"
#K&k1G4k1G#HH
his results in a dramatic increase in cryptographic strength.he use of &4 results in a
mapping that is not equivalent to a single &4 encryption.
'$r+$ i!h$r.
'n A4 decryption, we use inverse shift rows inverse sub bytes, add round key, inverse mixcolumns. -ut in equivalent inverse cipher, we interchange inverse shift rows and inverse sub
bytes.
'9. Stat$ /$ratB + th$or$3
For a !ri$ n1#$r ! and a!!o+iti>$ int$$r a
aTn ' od !
-
7/25/2019 CNS QB 2 MK WA
14/25
16
Unit I
'.Di//$r$ntiat$ !1#"i 7$y $nry!tion and on>$ntiona" $nry!tion3
Conventional 4ncryption #ublic key 4ncryption1. ame algorithm with 1.ame algorithm is used for
same key used for encryption U decryption with
encryption and decryption. a pair of keys.
. ender U receiver must .ender U receiver have one of
share the algorithm and key. the matched pair keys.
. )ey must be kept secret. . Any one of the key must be
kept secret.
2. S!$i/y th$ a!!"iation o/ !1#"i 7$y ry!tora!hy3
_ 4ncryptionV&ecryption.
_ &igital signature.
_ )ey exchange.
).D$t$rin$ th$ d2&'&0,'%4%2 1+in E1"idB+ a"orith3
oln"
%e know, gcd@a,bKgcd@b,a mod b
gcd@616;,15B5Kgcd@15B5,BB9
gcd@BB9,;;5Kgcd@;;5,15;
gcd@15;,565Kgcd@565,59
gcd@59,6K6
gcd@616;,15B5 K 6.
&35$ r/or $nry!tion and d$ry!tion 1+in RSA a"3 For th$ /o""oin3
54 ='' $'4 M
-
7/25/2019 CNS QB 2 MK WA
15/25
18
nKBL11KBB
W@nK@p/1 @q/1
K5L1; K 5;
eK1B
d KBCK 7e mod n
C K 91B mod BB
K 8B
7 K Cd mod n
K 8BB mod BB
K 9
(.U+$r A : $?han$ th$ 7$y 1+in Di//i$ H$""an a"3 A++1$
( ='' A2 )3 Find YA, Y, K3
oln"
XA K YFA mod q
K8 mod 11
K
X- K YF- mod q
K 8 mod 11
K 6
)A K X-FA mod q
K 6 mod 11
K 8
)- K XAF- mod q
K mod 11
K 8
%3*hat i+ $++a$ a1th$ntiation.
't is a procedure that verifies whether the received message comes from assigned sourcehas not been altered.
-
7/25/2019 CNS QB 2 MK WA
16/25
15
4.D$/in$ th$ "a++$+ o/ $++a$ a1th$ntiation /1ntion3
7essage encryption" he entire cipher text would be used for authentication.
7essage Authentication Code" 't is a function of message and secret key produce
a fixed length value.
$ash function" ome function that map a message of any length to fixed length
which serves as authentication.
-
7/25/2019 CNS QB 2 MK WA
17/25
1B
'n internal error control, an error detecting code also known as frame check sequence orchecksum. 4xternal error control" 'n external error control, error detecting codes areappended after encryption.
'2.%hat you meant by hash function0
$ash function accept a variable si2e message 7 as input and produces a fixed si2e hashcode $@7 called as message digest as output. 't is the variation on the messageauthentication code.
').&ifferentiate 7AC and $ash function0
7AC" 'n 7essage Authentication Code, the secret key shared by sender
and receiver. he 7AC is appended to the message at the source at a time which themessage is assumed or known to be correct. $ash !unction" he hash value is appended tothe message at the source at time when the message is assumed or known to be correct.he hash function itself not considered to be secret.
'&3D$/in$ K$r#$ro+3
)erberos is an authentication service developed as part of proSect Athena at
7'.he problem that )erberos address is, assume an open distributed environment inwhich users at work stations wish to access services on servers distributed throughout thenetwork.
'(3In th$ ont$nt o/ K$r#$ro+, hat i+ r$a".
A full service )erberos environment consisting of a )erberos server, a no. of
clients, no.of application server requires the following"
he )erberos server must have user '& and hashed password of all participating
users in its database.
he )erberos server must share a secret key with each server. uch an
environment is referred to as O*ealmP.
'4.A++1$ th$ "i$nt C ant+ to o1niat$ +$r>$r S 1+in K$r#$ro+ !ro$d1r$3
Ho an it #$ ahi$>$d.
a C Z A" G'&C[[ #C [[ '&EH
b A Z C" icket
-
7/25/2019 CNS QB 2 MK WA
18/25
19
c C Z E" G'&C [[ A&C [[ '&EH
icket K 4)E G'&C [[A&C [[ '&EH
'
-
7/25/2019 CNS QB 2 MK WA
19/25
1I
Unit
'.*hat ar$ th$ +$r>i$+ !ro>id$d #y 5G5 +$r>i$+
&igital signature 7essage encryption Compression 4/mail compatibility egmentation
2.E?!"ain th$ r$a+on+ /or 1+in 5G5.
a 't is available free worldwide in versions that run on a variety of platforms,
including &Vwindows, (3'F, 7acintosh and many more.
b 't is based on algorithms that have survived extensive public review and are
considered extremely secure.
4.g. *A, & and &iffie/$ellman for public key encryption, CA/19,
'&4A, &4 for conventional encryption, $A/1for hash coding.
c 't has a wide range of applicability from corporations that wish to select and
enforce a standardi2ed scheme for encrypting files and communication.
d 't was not developed by nor is it controlled by any governmental or standards
organi2ation.
).*hy E-ai" o!ati#i"ity /1ntion in 5G5 n$$d$d.
4lectronic mail systems only permit the use of blocks consisting of AC'' text.
o accommodate this restriction #?# provides the service converting the row 9/
bit binary stream to a stream of printable AC'' characters. he scheme used for
this purpose is *adix/56 conversion.
&.Na$ any ry!tora!hi 7$y+ 1+$d in 5G5.
a ne/time session conventional keys.
b #ublic keys.
c #rivate keys.
d #ass phrase based conventional keys.
-
7/25/2019 CNS QB 2 MK WA
20/25
;
(.D$/in$ 7$y Id$nti/i$r.
#?# assigns a key '& to each public key that is very high probability unique
with a user '&. 't is also required for the #?# digital signature. he key '&
associated with each public key consists of its least significant 56bits.
%.@i+t th$ "iitation+ o/ SM65JRFC
-
7/25/2019 CNS QB 2 MK WA
21/25
1
&igital signature standards. &iffi $ellman. *A algorithm.
'2.Gi>$ th$ +t$!+ /or !r$!arin $n>$"o!$ data MIME.
?enerate )s.
4ncrypt )s using recipient\s public key. *A algorithm used for encryption. #repare the ]recipient info block\. 4ncrypt the message using )s.
').*hat yo1 $an #y >$r+ion$d $rti/iat$.
7ostly used issue F.8;I certificate with the product nameP versioned
digital idP. 4ach digital id contains owner\s public key, owner\s name and serial number ofthe digital id.
'&.*hat ar$ th$ /1ntion ar$a+ o/ I5 +$1rity.
Authentication Confidentiality )ey management.
'(.Gi>$ th$ a!!"iation o/ I5 +$1rity.
#rovide secure communication across private U public DA3.
ecure remote access over the 'nternet.
ecure communication to other organi2ation.
'%.Gi>$ th$ #$n$/it+ o/ I5 +$1rity.
#rovide security when '# security implement in router or firewall.
'# security is below the transport layer is transparent to the application.
'# security transparent to end/user.
'# security can provide security for individual user.
'4.*hat ar$ th$ !rotoo"+ 1+$d to !ro>id$ I5 +$1rity.
Authentication header @A$ protocol.
4ncapsulating ecurity #ayload@4#.
-
7/25/2019 CNS QB 2 MK WA
22/25
'i$+.
Access control. Connectionless interpretty. &ata origin authentication *eSection of replayed packet. Confidentiality. Dimited traffic for Confidentiality.
'9.*hat do yo1 $an #y S$1rity A++oiation. S!$i/y th$ !ara$t$r+
that id$nti/i$+ th$ S$1rity A++oiation.
An association is a one/way relationship between a sender and receiver that
affords security services to the traffic carried on.
A key concept that appears in both the authentication and confidentiality
mechanism for ip is the security association @A.
A security Association is uniquely identified by parameters"
ecurity #arameter 'ndex @#'.
'# &estination Address.
ecurity #rotocol 'dentifier.
20.*hat do$+ yo1 $an #y R$!"y Atta7.
A replay attack is one in which an attacker obtains a copy of an
authenticated packet and later transmits it to the intended destination.
4ach time a packet is send the sequence number is incremented .
2'.E?!"ain an in th$ idd"$ atta7.
'f A and - exchange message, means 4 intercept the message and receive
the -\s public key and b\s user'd,4 sends its own message with its own public key and b\s
user'& based on the private key and X.- compute the secret key and A compute k basedon private key of A and X
22. St$!+ in>o">$d in SS @ r$=1ir$d !rotoo".
1. D record protocol takes application data as input and fragments it.
. Apply lossless Compression algorithm.
. Compute 7AC for compressed data.
-
7/25/2019 CNS QB 2 MK WA
23/25
6. 7AC and compression message is encrypted using conventional alg.
2).*hat i+ $an #y SE6. *hat ar$ th$ /$at1r$+ o/ SE6.
ecure 4lectronic ransaction @4 is an open encryption and security
specification designed to protect credit card transaction on the internet.!eatures are"
1. Confidentiality of information
. 'ntegrity of data
. Cardholder account authentication
6. 7erchant authentication
2&.*hat ar$ th$ +t$!+ in>o">$d in SE6 6ran+ation.
1. he customer opens an account
. he customer receives a certificate
. 7erchants have their own certificate
6. he customer places an order.
8. he merchant is verified.
5. he order and payment are sent.
B. he merchant requests payment authori2ation.
9. he merchant confirm the order.
I. he merchant provides the goods or services.
10. he merchant requests payment.
2(.*hat i+ d1a" +inat1r$. *hat it i+ !1r!o+$.
he purpose of the dual signature is to link two messages that intended for
two different recipients.
o avoid misplacement of orders
2%.@i+t th$ ) "a++$+ o/ intr1d$r.
C"a++$+ o/ Intr1d$r+
1 7asquerader
-
7/25/2019 CNS QB 2 MK WA
24/25
6
7isfeasor
Clandestine user
24.D$/in$ >ir1+3 S!$i/y th$ ty!$+ o/ >ir1+$+.
A virus is a program that can infect other program by modifying them themodification includes a copy of the virus program, which can then go on to infect other
program.
ypes"
1 #arasitic virus
7emory/resident virus
-oot sector virus
6 tealth virus
8 #olymorphic virus
2$" at$ay.
An application level gateway also called a proxy server> act as a relay of
application/level traffic. he user contacts the gateway using a C#^'# application, such aselnet or !#, and the gateway asks the user for the name of the remote host to
be accessed.
29.@i+t th$ d$+in oa"+ o/ /ir$a""+.
1. All traffic from inside to outside, and vise versa, must pass through
the firewall.
. nly authori2ed traffic, as defined by the local security policy, will
be allowed to pass.
. he firewall itself is immune to penetration.
-
7/25/2019 CNS QB 2 MK WA
25/25
