UNIT-V

Explain Authentication Header

Authentication Header (AH) is used to provide integrity and authentication to IP

datagrams. Replay protection is also possible. The services are connectionless, that
means they work on a per-packet basis.

AH is used in two modes as follows −

 Transport mode
 Tunnel mode

AH authenticates are the same as IP datagram. In transport mode, some fields in

the IP header change en-route and their value cannot be predicted by the receiver.
These fields are called mutable and they are not protected by AH.

Mutable IPv4 fields:

The mutable IPv4 fields are as follows −

 Type of service (TOS)

 Flags
 Fragment offset
 Time to live (TTL)
 Header checksum

To protect these fields, tunnelling must be used. The payload of the IP packet is
considered immutable and is always protected by AH.

AH processing is applied only to non-fragmented IP packets. Whereas an IP packet

with AH applied can be fragmented by intermediate routers.

In this case, the destination first reassembles the packet and then applies AH
processing to it.

If an IP packet that appears to be a fragment is input to AH processing, and it is

discarded.

This prevents the overlapping fragment attack, which misuses the fragment
reassembly algorithm to create forged packets and force them through a firewall.
Packets that fail authentication are discarded and never delivered to upper layers.

This mode of operation greatly reduces the chances of successful denial-of-service

attacks.

AH format

The AH format is described in RFC 2402. The below shows the position of the
Authentication Header fields in the IP packet.

Next header

It is an 8-bit field which identifies the type of what follows. The value of this field
is chosen from the set of IP header protocol fields, which is set to 51, and the value
that would have gone in the protocol field goes in the AH next header field.

Payload length

It is an 8 bits long field and contains the length of the AH header expressed in 32-
bit words, minus 2. It does not relate to the actual payload length of the IP packet.
Suppose if default options are used, the value is 4 (three 32-bit fixed words plus
three 32-bit words of authentication data minus two).

Reserved

It is reserved for future use. Its length is 16 bits and it is set to zero.Security
parameter index (SPI)It is 32 bits in length.

Sequence number
This 32-bit field is a monotonically increasing counter, which is used for replay
protection. It is an optional field. The sender always includes this field, and it is at
the discretion of the receiver to process it or not. Starting the sequence number is
initialized to zero. The first packet transmitted using the SA has a sequence
number of 1. Sequence numbers are not allowed to repeat.

Authentication data

This is a variable-length field containing the Integrity Check Value (ICV), and is
padded to 32 bits for IPv4 or 64 bits for IPv6.

What is Encapsulating Security Payload ?

Cyber Security is the branch of computer technology that deals with the security of
the virtual cloud and internet. Any information that is stored or transmitted through
the cloud needs to be secure and safe. Cyber Networking plays a very important
role in maintaining that the connection established is secured and content goes
through a secured/ safe channel for transmission.

Security in the network is very important and can’t be compromised in any

situation. Security in Networking particularly in IP Sec or IP Network Security is
significant and has some characteristics associated with it.

Characteristics Associated with IPSec:

The standardized algorithms present in IP Sec are SHA and MD5.

IPSec uniquely identifies every packet, and then authentication is carried out based
on verifying the same uniqueness of the packet.

IP network or IPSec has an ESP present in it for security purposes.

Here, we will discuss ESP, the structure of ESP, and its importance in security.

Encapsulating security payload, also abbreviated as ESP plays a very important

role in network security. ESP or Encapsulating security payload is an individual
protocol in IPSec. ESP is responsible for the CIA triad of security (Confidentiality,
Integrity, Availability), which is considered significant only when encryption is
carried along with them. Securing all payload/ packets/ content in IPv4 and IPv6 is
the responsibility of ESP.

As the name suggests, it involves encapsulation of the content/ payload encrypts it

to suitable form and then there a security check or authentication takes place for
payload in IP Network. Encryption/ encapsulation and security/ authentication
make the payload extremely secure and safe from any kind of harm or threat to
content/ data/ payload being stolen by any third party. The encryption process is
performed by authenticated user, similarly, the decryption process is carried out
only when the receiver is verified, thus making the entire process very smooth and
secure. The entire encryption that is performed by ESP is carried on the principle
of the integrity of payload and not on the typical IP header.

Working of ESP:
Encapsulating Security Payload supports both main Network layer protocols: IPv4
and IPv6 protocols.
It performs the functioning of encryption in headers of Internet Protocol or in
general say, it resides and performs functions in IP Header.
One important thing to note here is that the insertion of ESP is between Internet
Protocol and other protocols such as UDP/ TCP/ ICMP.
Modes in ESP:
Encapsulating Security Payload supports two modes, i.e. Transport mode, and
tunnel mode.
Tunnel mode:
Mandatory in Gateway, tunnel mode holds utmost importance.
Here, a new IP Header is created which is used as the outer IP Header followed by
ESP.
Transport mode:
Here, IP Header is not protected via encryption or authentication, making it
vulnerable to threats

Less processing is seen in this mode, so the inclusion of ESP is preferred

Advantages:
Below listed are the advantages of Encapsulating Security Payload:
Encrypting data to provide security
Maintaining a secure gateway for data/ message transmission
3. Properly authenticating the origin of data
4. Providing needed data integrity
5. Maintaining data confidentiality
6. Helping with antireplay service using authentication header
Disadvantages:
Below listed are the disadvantages of Encapsulating Security Payload:
1. There is a restriction on the encryption method to be used
2. For global use and implementation, weaker encryptions are mandatory to use
Components of ESP:
An important point to note is that authentication and security are not provided for
the entire IP packet in transport mode. On the other hand for the tunnel mode, the
entire IP packet along with the new packet header is encapsulated.
ESP structure is composed of the following parts as shown below :

Security Parameter :
Security parameters are assigned a size of 32 bits for use
Security Parameter is mandatory to security parameter in ESP for security links
and associations
2. Sequence Number:
The sequence number is 32 bits in size and works as an incremental counter.
The first packet has a sequence number 1 assigned to it whenever sent through SA
3. Payload Data:
Payload data don’t have fixed size and are variable in size to use
It refers to the data/ content that is provided security by the method of encryption
4. Padding:
Padding has an assigned size of 0-255 bytes assigned to it.
Padding is done to ensure that the payload data which needs to be sent securely fits
into the cipher block correctly, so for this padding payloads come to the rescue.
5. Pad Length:
Pad Length is assigned the size of 8 bits to use
It is a measure of pad bytes that are preceding
6. Next Header:
The next header is associated with a size of 8 bits to use
It is responsible for determining the data type of payload by studying the first
header of the payload

7. Authentication Data:
The size associated with authentication data is variable and never fixed for use-
case
Authentication data is an optional field that is applicable only when SA is selected.
It serves the purpose of providing integrity
Explain Combining Security Associations:
An individual SA can implement either the AH or ESP protocol but
not both. Sometimes a particular traffic flow will call for the services provided by
both AH
and ESP. Further, a particular traffic flow may require IPsec services between hosts
and, for that same flow, separate services between security gateways, such as fire-
walls. In all of these cases, multiple SAs must be employed for the same traffic flo
w
to achieve the desired IPsec services. The term security association bundle refers t
oa
sequence of SAs through which traffic must be processed to provide a desired set o
f IPsec services. The SAs in a bundle may terminate at different endpoints or at the
same endpoints.
Security associations may be combined into bundles in two ways:
• Transport adjacency: Refers to applying more than one security protocol to
the same IP packet without invoking tunneling. This approach to combining AH
and ESP allows for only one level of combination; further nesting yields no added
benefit since the processing is performed at one IPsec instance: the (ultimate)
destination.
Combinations of Security Associations
The IPsec Architecture document lists four examples of combinations of SAs that
must be supported by compliant IPsec hosts (e.g., workstation, server) or security
gateways (e.g. firewall, router).
of each case in the figure represents the physical connectivity of the elements; the
upper part represents logical connectivity via one or more nested SAs. Each SA ca
n be either AH or ESP. For host-to-host SAs, the mode may be either transport or
tunnel; otherwise it must be tunnel mode.
Case 1. All security is provided between end systems that implement
IPsec. For any two end systems to communicate via an SA, they must share the app
ropri- ate secret keys. Among the possible combinations are
a. AH in transport mode
b. ESP in transport mode
c. ESP followed by AH in transport mode (an ESP SA insi
de an AH SA)
d. Any one of a, b, or c inside an AH or ESP in tunnel mod
e
We have already discussed how these various combinations can be used to
support authentication, encryption, authentication before encryption, and authenti-
cation after encryption.
Case 2. Security is provided only between gateways (routers, firewalls, etc.) and
no hosts implement IPsec. This case illustrates simple virtual private network
support. The security architecture document specifies that only a single tunnel SA i
s needed for this case. The tunnel could support AH, ESP, or ESP with the
authenti- cation option. Nested tunnels are not required, because the IPsec services
apply to the entire inner packet.
Case 3. This builds on case 2 by adding end-to-end security. The same combi-
nations discussed for cases 1 and 2 are allowed here. The gateway-to-gateway
tunnel provides either authentication, confidentiality, or both for all traffic between
end systems. When the gateway-to-gateway tunnel is ESP, it also provides a
limited form of traffic confidentiality. Individual hosts can implement any
additional IPsec ser- vices required for given applications or given users by means
of end-to-end SAs.
Case 4. This provides support for a remote host that uses the Internet to reach an org
anization’s firewall and then to gain access to some server or workstation
behind the firewall. Only tunnel mode is required between the remote host and the fi
rewall.As
in case 1, one or two SAs may be used between the remote host and the local host.

What is Secure Multiparty Calculation?

With the use of the cryptographic approach known as “secure multiparty

computation,” “n” parties can securely compute a function together without
disclosing each other’s unique inputs. This preserves data privacy while enabling
computations and analysis. When privacy is important, whether in financial
transactions, healthcare data, or personal information shared between various
institutions, SMPC is used.

Function Evaluation.
The secure multiparty computation is used for the utilization of data without
compromising privacy.
It is the cryptographic subfield that helps in preserving the privacy of the data.
Emerging technologies like blockchain, mobile computing, IoT, and cloud
computing have resulted in the rebirth of secure multiparty computation.
Secure multiparty computation has become a hot area of research in the last decade
due to the rise of blockchain technology.
The researchers are now more interested in implementing secure multiparty
computation in distributed systems.
Unlike in centralized systems, secure multiparty computation may have better
performance in distributed systems.

Architecture
The secure multiparty computation provides a protocol where no individual can see
the other parties data while distributing the data across multi parties. It enables the
data scientists and analysts to compute privately on the distributed data without
exposing it.
The co-workers want to compute the maximum salary without revealing their
salary to others. To perform such a computation, secure multiparty computation is
implemented to calculate the maximum salary. The parties in a distributed manner
jointly perform a function to calculate it without revealing the salary. Data in use is
kept in encrypted form, broken up, and distributed across parties, there are no
chances of quantum attacks. It is impossible to have a trusted party in the real
world, as all parties communicate with each other in one or the other way In such a
scenario, the parties may get corrupted. The corrupted parties have behavior like
semi-honest and malicious.
A semi-honest opponent is one who follows the specified protocol but corrupts the
parties corrupted. The protocol is run honestly, but they try to extract information
from the messages exchanged between parties.
A malicious adversary attempts to breach security and does not follow the
specified protocol. The adversary can make the changes during the execution
process of the protocol. While using multiparty computation, we assume the party
is honest and follows all the protocols.
Example
Suppose we want to compute the average salary among three employees without
revealing the actual salary, for such problems, one can use secure multiparty
computation. Let’s take an example-

A mathematical representation of the problem can be given as:

F(A, B, C) = Average (A, B, C)
Sam, Bob, and Cassy want to calculate their average salary.
Say Sam’s salary is $40k. Using additive sharing, $40k is split into randomly
generated three pieces $44k, $-11k, and $7k.
Sam keeps one of these secret pieces with herself and distributes the other two to
each.
The same procedure is followed by all three.
Secret sharing keeps the data in encrypted form when in use. The procedure is
given below-
Sam Bob Cassy

44 -11 7 $40
 Sam Bob Cassy

-6 32 24 $50

20 0 40 $60

$58 $21 $71

Total salary = $150

Average Salary = 150/3
= $50
From the above data shared,A mathematical there is no clue about the actual
salary, but the average salary is being calculated.
Techniques
There are several techniques developed for secure multiparty computation protocol
construction having different features. Some techniques used in secure Multiparty
computation are listed below:
Shamir Secret Sharing: Secret sharing is utilized as the basic tool when there is
an honest majority in secure multiparty computation. A secret sharing scheme is
that a secret s is shared among n parties, such that t+1 or more parties come
together to reconstruct the secret. The parties lesser than t cannot get any
information or reconstruct the secret. The scheme that fulfills the requirements of
t+1 out of n is called the threshold secret sharing scheme.
Honest Majority MPC: The function can either be represented by Boolean or an
arithmetic circuit in an honest majority. For MPC-based secret sharing having the
honest majority, there is finite field Zp with p>n for the arithmetic circuit, and the
circuit is Turing complete.
Input sharing: Every party shares the input using the Shamir secret sharing. The
circuit is provided as the input for computation. Every party keeps his input private
by adding some random number to the input and finally, after getting the output the
random number known to the party is removed, and we get the output.
Circuit evaluation: The circuit is evaluated by parties one gate at a time. The
gates are evaluated serially from input to output. The evaluation consists of the
computation of addition and multiplication gates. For inputs a(x) and b(x), the
output of addition for the ith party is calculated as c(i) = a(i) + b(i). Similarly, the
output of multiplication for the ith party is calculated as c(i) = a(i). b(i).
Private set intersection: The private set intersection protocol is very efficient for
the two parties’ problems. For two parties who wish to find the elements of
intersection with a private set of inputs without revealing the input, the private set
intersection is a better approach for both honest and dishonest adversaries.
Threshold cryptography: Threshold cryptography aims to carry out the
cryptographic operations for a set of parties without holding the secret by any of
single party. RSA algorithm is used for the scheme where the basic function is
y=xe mod n. RSA is used for encrypting secrets or messages.
Dishonest majority MPC: In the secure multiparty computation, there can be both
honest and dishonest parties. The Multiparty computation is secure as long as there
is an honest majority. If the adversaries are corrupt more than the majority, new
approaches are required for security. For the dishonest majority, there are protocols
like GMW oblivious transfer, garbled circuit, Tiny oz, and many more protocols.
Benefits Of Secure Multiparty Computation
Let’s discuss some benefits of secure multiparty computation:
Trusted third party: In Secure Multiparty Computation, we can share data in a
distributed manner with different organizations without any third party and even
the privacy of data will be preserved while sharing data.
Data Privacy: The private data of organizations can be shared for computation
purposes. The concern of data privacy is provided by using secure multiparty
computation, which keeps the data in use in encrypted form. Thus, the data is not
revealed or compromised.
High accuracy: Secure Multiparty Computation provides highly accurate results
for different computations using cryptography.
Quantum safe: The data shared between parties is safe against quantum attacks, as
the data is broken up and encrypted when distributed among parties for
computation.
Limitations Of Secure Multiparty Computation
Secure multiparty computation is being used for solving different problems, but
there are a few limitations. The main limitations are the computational overhead
and high communication costs.
Computational overhead: To provide the security we need to generate the
random numbers, the random number generation requires more computation
overhead which slows down runtime.
High communication costs: Distributing the data to multiple parties for
computation over the networks leads to higher costs of communication.

Explain Secure Inter BranchTransaction (SET) Protocol:

SET is a security protocol designed to ensure the security and integrity of

electronic transactions conducted using credit cards. Unlike a payment system,
SET operates as a security protocol applied to those payments. It uses different
encryption and hashing techniques to secure payments over the internet done
through credit cards. The SET protocol was supported in development by major
organizations like Visa, Mastercard, and Microsoft which provided its Secure
Transaction Technology (STT), and Netscape which provided the technology of
Secure Socket Layer (SSL).

Requirements in SET: The SET protocol has some requirements to meet, some of
the important requirements are:
It has to provide mutual authentication i.e., customer (or cardholder) authentication
by confirming if the customer is an intended user or not, and merchant
authentication.
It has to keep the PI (Payment Information) and OI (Order Information)
confidential by appropriate encryptions.
It has to be resistive against message modifications i.e., no changes should be
allowed in the content being transmitted.
SET also needs to provide interoperability and make use of the best security
mechanisms.
Participants in SET: In the general scenario of online transactions, SET includes
similar participants:
Cardholder – customer
Issuer – customer financial institution
Merchant
Acquirer – Merchant financial
Certificate authority – Authority that follows certain standards and issues
certificates(like X.509V3) to all other participants.
SET functionalities:
Provide Authentication
Merchant Authentication – To prevent theft, SET allows customers to check
previous relationships between merchants and financial institutions. Standard
X.509V3 certificates are used for this verification.
Customer / Cardholder Authentication – SET checks if the use of a credit card is
done by an authorized user or not using X.509V3 certificates.
Provide Message Confidentiality: Confidentiality refers to preventing unintended
people from reading the message being transferred. SET implements
confidentiality by using encryption techniques. Traditionally DES is used for
encryption purposes.
Provide Message Integrity: SET doesn’t allow message modification with the
help of signatures. Messages are protected against unauthorized modification using
RSA digital signatures with SHA-1 and some using HMAC with SHA-1,
Dual Signature: The dual signature is a concept introduced with SET, which aims
at connecting two information pieces meant for two different receivers :
Order Information (OI)
For merchant
Payment Information (PI) for bank
You might think sending them separately is an easy and more secure way, but
sending them in a connected form resolves any future dispute possible. Here is the
generation of dual signature:

Explain Cross-Site Scripting (XSS) Vulnerability

Cross-Site Scripting (XSS) is a security vulnerability that allows an attacker to
inject malicious scripts into a trusted website or web application. These scripts are
then executed in the context of another user’s browser, potentially leading to data
theft, account compromise, or unauthorized actions.

How XSS Works

Injection:
The attacker identifies an input field or parameter (e.g., a search box, comment
section, URL parameter) in a web application that is not properly validated or
sanitized.
The attacker injects malicious JavaScript, HTML, or other scripts into the input.
Execution:
When another user visits the affected page, the malicious script is served to their
browser.
Since the browser trusts the content from the legitimate website, it executes the
script as if it were legitimate.
Exploitation:
The script can perform malicious actions, such as:
Stealing cookies or session tokens.
Logging keystrokes or redirecting users.
Manipulating the web page’s DOM to deceive users.

Types of XSS
Stored XSS (Persistent):
The malicious script is permanently stored on the server (e.g., in a database or
comment section).
When another user accesses the affected page, the script is delivered and executed.
Example: Injecting a malicious script into a blog comment that gets displayed to all
visitors.
Reflected XSS (Non-Persistent):
The malicious script is embedded in a URL or input and is reflected back to the
user without being stored on the server.
Exploitation typically involves phishing links to trick users into clicking the
malicious URL.
Example: A crafted URL with a script embedded in a search query parameter that
executes when the URL is visited.
DOM-Based XSS:
The vulnerability arises from insecure client-side JavaScript code.
The malicious script modifies the DOM (Document Object Model) directly,
without the need for server interaction.
Example: A script that reads a URL parameter and injects it into the page without
proper sanitization.

Common Attack Scenarios

Session Hijacking:
Stealing session cookies to impersonate the user.
Credential Theft:
Displaying fake login forms to harvest usernames and passwords.
Data Theft:
Accessing sensitive information displayed on the page.
Defacement:
Altering the appearance or behavior of the website.
Browser Redirection:
Redirecting users to malicious websites.

Impact of XSS
Users: Loss of sensitive information, identity theft, or unauthorized actions
performed on their behalf.
Organizations: Damage to reputation, loss of user trust, financial losses, and
potential legal liabilities.

Preventing XSS Vulnerabilities

Input Validation and Sanitization:
Validate user inputs to ensure they conform to expected formats.
Sanitize inputs by escaping or removing potentially malicious characters (e.g., <,
>, ").
Use Content Security Policy (CSP):
Implement a CSP to restrict the execution of unauthorized scripts.
Example: Allow only trusted sources for JavaScript.
Output Encoding:
Encode output data to neutralize any malicious characters before rendering on the
page.
Example: Convert < to &lt; and > to &gt;.
Avoid Inline JavaScript:
Refrain from using inline event handlers (e.g., onclick="...) or <script> tags in the
HTML.
Use Secure Libraries and Frameworks:
Use frameworks that handle sanitization automatically (e.g., React, Angular).
Avoid using outdated libraries with known vulnerabilities.
Properly Configure HTTP Headers:
Set X-Content-Type-Options to nosniff.
Set X-XSS-Protection to block suspected XSS attacks.
Enable HttpOnly and Secure flags on cookies to prevent access via JavaScript.
Regular Security Testing:
Perform security audits and penetration testing.
Use automated vulnerability scanners to identify XSS vulnerabilities.

Example of an XSS Vulnerability

Vulnerable Code:
<form action="/search" method="GET">
<input type="text" name="query" placeholder="Search...">
<button type="submit">Search</button>
</form>
When a user searches for test, the server returns:
<p>You searched for: test</p>
If the input is not sanitized, an attacker could inject:
<script>alert('XSS Attack!');</script>
The output would be:
<p>You searched for: <script>alert('XSS Attack!');</script></p>
This would execute the script in the user’s browser.

Mitigated Code:
<form action="/search" method="GET">
<input type="text" name="query" placeholder="Search...">
<button type="submit">Search</button>
</form>
The server sanitizes input and encodes it before rendering:
<p>You searched for: &lt;script&gt;alert('XSS Attack!');&lt;/script&gt;</p>
This neutralizes the script.

Conclusion
Cross-Site Scripting is a prevalent and dangerous vulnerability that can have severe
consequences for both users and organizations. Proper input validation,
sanitization, encoding, and the use of security mechanisms like CSP and secure
headers are essential to mitigate XSS attacks. Regular security testing is also
critical for identifying and addressing vulnerabilities before they are exploited.