CNS

Q: Explain the following terms in brief:**

i) Confidentiality: Confidentiality is the protection of information in the system so that an

unauthorized person cannot access it.

ii) Non-repudiation: Non-repudiation is the ability to prevent a denial in an electronic message

or transaction that someone cannot deny the validity of something.

iii) Access Control: Access control is a security strategy that controls who or what can view or
utilize resources in a computer system.

iv) Data Integrity: Data integrity is the assurance that digital information is uncorrupted
and can only be accessed or modified by those authorized to do so

v) Cryptanalysis: Cryptanalysis is the study and process of analyzing and decrypting ciphers,
codes, and encrypted text without using the real key

vi) Relative Prime Number: Relatively prime numbers, also known as coprime numbers, are
two or more numbers that have no common factors other than 1.

vii)passive attack: Passive attack refers to an attack in which the attackers quietly watch and
collect the information without your knowledge.

viii) active attack: An active attack is an attack in which attackers directly harm your computer
systems.

ix) block cipher: A block cipher is an encryption algorithm that takes a fixed -size input (e.g., b
bits) and produces a ciphertext of b bits.

X)cryptograph:Cryptography is divide into two parts crpt means “Hidden” and graphy means
“ writing”. It is an art in which we can protect or data and information.

i) Group:ii) Ringiii) Field- B

Q: List and briefly define categories of security mechanisms.

ANS:
1.Encipherment:

• This security mechanism deals with hiding and covering of data which helps data to
become confidential.
• It is achieved by two famous techniques named Cryptography and Encipherment.

2. Access Control:

• This mechanism is used to stop unattended access to data which you are sending.
• It can be achieved by various techniques such as applying passwords, using firewall,or
just by adding PIN to data.

3.Notarization:

• This security mechanism involves use of trusted third party in communication.

• It acts as mediator between sender and receiver so that if any chance of conflict is
reduced.

3. Data Integrity:

• This security mechanism is used by appending value to data to which is created by data
itself.
• It is similar to sending packet of information known to both sending and receiving parties
and checked before and after data is received.

4.Authentication exchange:

• This security mechanism deals with identity to be known in communication.

• This is achieved at the TCP/IP layer where two-way handshaking mechanism is used to
ensure data is sent or not

5.Bit stuffing:

• This security mechanism is used to add some extra bits into data which is being
transmitted.

6.Digital Signature:

• This security mechanism is achieved by adding digital data that is not visible to eyes.
• It is form of electronic signature which is added by sender which is checked by receiver
electronically.
Q: List and define the three security goals.

ANS: The three security goals:

1. Confidentiality
2. Integrity
3. Availability
4. Authentication

1. Confidentiality:

• Confidentiality means that data, objects and resources are protected from unauthorized
viewing and other access.
• Confidentiality is the protection of transmitted data from passive attacks.
• The other aspect of confidentiality is the protection of traffic flow from analysis.
• This requires that an attacker not be able to observe the source and destination,
frequency, length, or other characteristics of the traffic on a communications facility.
• A loss of confidentiality is the unauthorized disclosure of information.
• Loss of Confidentiality:

2. Integrity:

• Integrity means that data is protected from unauthorized changes to ensure that it is
reliable and correct.
• Assures that information and programs are changed only in a specified and authorized
manner.
• Loss of integrity means that data or an IT system has been modified or destroyed by an
unauthorized entity.
• Loss of integrity:
3.Availability:

• Availability means that authorized users have access to the systems and the resources
they need.
• Assures that systems work promptly and service is not denied to authorized users
• Ensuring that authorized parties are not denied access to information and resources
• Ensuring that the computer works when it is supposed to work and that it works the way
it should.
• Loss of Availability indicates that either data or a system is not available when
needed by a user
• Loss of Availability:
DIFFERENCE:

1.passive and active security attacks:

Passive Attack Active Attack

The attacker only monitors or intercepts data The attacker modifies, deletes, or injects data into
without altering it. the system.

Its goal to gather information secretly. Its goal to disrupt communication or gain
unauthorized access.

It usually does not harm the system directly. It can cause serious damage, data loss, or system
malfunction.

It is hard to detect because there is no alteration. It is easier to detect as it involves system

modification.

Prevention:Encryption, strong access control. Firewalls, authentication, and intrusion detection

systems.

Examples: Eavesdropping, traffic analysis. EXAPMLE: Man-in-the-middle attack, phishing,

malware injection.

2.

Monoalphabetic Cipher Polyalphabetic Cipher

Less secure More secure than a Monoalphabetic cipher.
Contains frequency of letters same as the It does not contain the same frequency of letters as
message. in the message.
The space between words is left blank. The space between the words are also mapped to
some letters.
Brute force algorithm can decrypt it. Brute force algorithm cannot decrypt it.
It is not used nowadays. It is used more frequently than Monoalphabetic
cipher.
The same alphabet in the message will be made The same alphabet in the code may or may not be
up of similar code letters. made of similar code letters.

3. (Asymmetric)public key cryptography and (secret or same or private )symmetric key

Cryptography OR Differentiate conventiona(symmetric)l encryption and public key encryption.
 Symmetric Key Encryption Asymmetric Key Encryption
It only requires a single key for both encryption It requires two keys, a public key and a private
and decryption. key, one to encrypt and the other to decrypt.
The size of ciphertext is the same or smaller The size of ciphertext is the same or larger
than the original plaintext. than the original plaintext.
The encryption process is very fast. The encryption process is slow.
It is used when a large amount of data needs to It is used to transfer small amount of data.
be transferred.
It only provides confidentiality. It provides confidentiality, authenticity, and
non-repudiation.
The length of key used is 128 or 256 bits The length of key used is 2048 or higher
It is efficient It is comparatively less efficient
Security is lower as only one key is used for Security is higher as two keys are used, one
both encryption and decryption purposes. for encryption and the other for decryption.
Examples: 3DES, AES, DES and RC4 Examples: Diffie-Hellman, ECC, El Gamal,
DSA and RSA

3. Stream Cipher and block cipher

Block Cipher Stream Cipher

Block Cipher Converts the plain text into Stream Cipher Converts the plain text
cipher text by taking plain text’s block at into cipher text by taking 1 bit plain
a time. text at a time.
Block cipher uses either 64 bits or more While stream cipher uses 8 bits.
than 64 bits.
The complexity of block cipher is simple. Stream cipher is more complex.
Block cipher uses confusion as well as Stream cipher uses only confusion.
diffusion.
In block cipher, reverse encrypted text is In-stream cipher, reverse encrypted
hard. text is easy.
Block cipher works on transposition While stream cipher works on
techniques like rail-fence technique, substitution techniques like Caesar
columnar transposition technique, etc. cipher, polygram substitution cipher,
etc.
Block cipher is slow. fast
More secure Less secure
key length is typically 128 or 256 bits. key length is typically 128 or 256 bits.

4 Substitution cipher and transposition cipher

 Key Substitution Cipher Technique Transposition Cipher
Technique
Algorithm Each character is replaced with a Each character has been
different character, integer, or repositioned from its original
symbol. place.
Forms It comes in two forms: Mono- It has two forms: Key-less
Alphabetic Substitution Cipher and transposition cipher and
Poly-Alphabetic Substitution Cipher. keyed transposition cipher.
Change Character identity is changed but Character position is changed
position remains same. but identity remains same.
Detection A letter less frequently used can be A letter near to original
easily traced. position can be easily traced.
Example Caesar Cipher is an example of Reil Fence Cipher is an
Substitution Cipher. example of Transposition
Cipher.