SlideShare a Scribd company logo

A02 assignment-2

Download as DOCX, PDF
Sandeep Ratnam
Sandeep Ratnam

Network securtiy

Education
1 of 11
Need this or a similar Assignment Contact: qualityonewriters@gmail.com Whatsapp/Call: +91-9502220077 COIT20262 – Advanced Network Security, Term 2, 2016 Assignment 2 Due date: 5pm Friday 7th October 2016 (Week 12) ASSESSMENT Weighting: 50% 2Length: N/A Note: Attempt all questions Assignment Submission Your assignment must be in Microsoft Word format, and must be submitted electronically by the due date via the Moodle website Question 1 – Cryptographic Operations with GPG [10 marks] Objective: gain experience with using software to perform common cryptographic operations. There are many different software (and hardware) implementations of cryptographic operations. GNU Privacy Guard (GPG) is one such piece of software, which focusses on a simple, open source implementation of common public key operations (but also includes symmetric key encryption). In this task you must use GPG to perform some common operations to communicate securely with the course coordinator. GPG is available for most operating systems. You will need to install it on your computer to complete this task. Chapter 1 of the GNU Privacy Handbook provides examples of using most of the commands needed for this task. Others may be found in the ‘man’ or help page for the command once installed.
Scenario: you want to send a message to the course coordinator. You will do that by submitting a file on Moodle. But you want the communications to be secure (you don’t even trust other staff that can also access Moodle submissions). You will use symmetric key cryptography to encrypt the message. But the problem with symmetric key cryptography is that a shared secret key must be exchanged somehow. A common solution is to encrypt the shared secret key using public key cryptography. So in fact you will send two pieces of information to the course coordinator (although in one file): a message and the shared secret key. The course coordinator wants to be sure the message they receive came from you, therefore you will also sign the message. This assumes you know the course coordinators public key, which is available on Moodle. In the following instructions when you see id in a filename, replace it with your student ID. For example, if your student ID is s123456, then the message file will be called s123456- message.txt. Similarly, replace the example names, IDs, emails with yours. a) Create the message by putting the following inside a text file named id- message.txt: Name: <include your name here> ID: <include your ID here> Email: <include your email here> Message: <Write one or more paragraphs that explain which software used in the assignments is the hardest to use, and why. This is not assessed but is useful feedback.> b) Create a shared secret key by generating a 12 byte random value encoded as base64. Put the 16 character base64 value in a file called id-sharedsecret.txt. Hint: use gpg to generate the random bytes, and include the --armor option to encode as base64. c) Generate your own RSA 2048-bit key pair. Include your name and CQU email address when prompted. For simplicity in this assignment, do not use a passphrase on your key (if you do, make sure you remember it). d) Export your public key and save it to a text file called id-publickey.txt. Use the -- armor option to generate a text based public key. e) Create a detached signature of the message, saving that signature as id-message.sig. f) Combine the message (id-message.txt) and signature (id-message.sig) into a single file called id-signedmessage.zip) using ZIP. Do not include any directories or other files in the ZIP file – it should contain just two files. g) Use AES128 to encrypt the zip file. When prompted for a passphrase, use the 16 character shared secret generated earlier. The output file is called id- signedmessage.enc. h) Use RSA to encrypt the shared secret. The output file is called id- sharedsecret.gpg. i) “Send” the two encrypted files to the course coordinator by submitting on Moodle. Also “publish” your public key by submitting on Moodle.
In your assignment for this question include the list of GPG commands you used in each step above, and with each command, a short explanation of what it does (including what the options do). If a step did not use a GPG command, then just explain what you did in that step. Marking Scheme Once files are submitted, they will be decrypted/verified using the reverse operations of what you were expected to do. If your files successfully decrypt/verify, and the obtained plaintext files are in the correct format, you will receive 7 marks. If the commands are listed and explained correctly in your assignment submission then you will receive an additional 3 marks. If the explanations are incorrect or do not explain options, then you will be deducted 1 to 3 marks (e.g. receive 7, 8 or 9 out of 10 in total). If your files do NOT successfully decrypt/verify, then your list and explanation of the commands will be reviewed to determine what mistakes you made. For each mistake you will be deducted 3 marks. For example, if you make one mistake but all your other commands and explanations are correct, then you will receive 7 out of 10. Two mistakes will receive 4 out of 10, and so on. Additional marks may be deducted (up to 3) if your explanations are incorrect or do not explain options. Question 2 – Secure Web Browsing with HTTPS [16 marks] Objective: understand basics of HTTPS protocol operation, format of digital certificates, and role of different ciphers in Internet communications. For secure web browsing HTTPS is used. HTTPS is essentially HTTP on top of Secure Sockets Layer (SSL). However over time SSL has been upgraded to various versions, and renamed to Transport Layer Security (TLS). TLS1.0 was very similar to SSL3. TLS1.1 saw significant changes and separation from SSL3. Now TLS1.2 is recommended for use, and SSL3 and earlier no longer considered secure. Despite the differences, you will often see SSL and TLS used interchangeably. In the following we will refer to SSL, but be aware it means TLS in many cases. How does SSL work? Your task is to find out. As a starting point, SSL uses a Record protocol to deliver different SSL messages between client and server. At the start of a SSL connection a Handshake Protocol is used. After the handshake is finished, encrypted application data is sent. After the data is sent, an encrypted Alert message may be sent to notify the close of the SSL connection. One or more HTTP exchanges may be performed in a single SSL connection. The file a02-assignment-2-question-2-capture.pcap includes packets for several HTTPS exchanges from a single web browser to a single website. a) [4 marks] Draw a message sequence diagram that illustrates the SSL packets belonging to the first TCP connection in the file. Refer to the instructions in assignment 1 for drawing a message sequence diagram, as well as these additional requirements: - Only draw the SSL packets; do not draw the 3-way handshake, TCP ACKs or connection close. Hint: identify which packets belong to the first TCP connection and then filter with “ssl” in Wireshark. Depending on your Wireshark version, the protocol may show as “TLSv1.2”.
- A single TCP packet may contain one or more SSL messages (in Wireshark look inside the packet for each “Record La3yer” entry to find the SSL message names). Make sure you draw each SSL message. If a TCP packet contains multiple SSL messages, then draw multiple arrows, one for each SSL message, and clearly label each with SSL message name. - Clearly mark which packets/messages are encrypted. b) [5 marks] Considering the first TCP connection only, answer the following questions. You must explain the reason for your answer by referring to specific parts of the capture. For example, “The answer is X as field Y in packet number Z shows that …”. i. What is the domain of the website that the web browser visited? ii. What symmetric key cipher was used for encrypting the data? iii. What public key cipher was used for exchanging a secret? iv. What cipher and what hash algorithm are used in signing the web servers certificate? v. How many HTTP requests do you think were exchanged in the first SSL connection? Why? c) [3 marks] The user of the web browser typed in a URL containing some domain (answer in question (b) i.). Explain how the web browser knows it is communicating with the server of that domain (and it is not a server pretending to be for that domain). Refer to the specific messages/fields in the capture and the names of the organizations/entities. d) [2 marks] If you were using your browser to visit the same webpages as in the capture (assuming it is a real website and you have access to it), do you think your web browser would present any warnings or errors? Explain your answer. e) [2 marks] In the second and third TCP connections in the capture, the web browser is continuing to access webpages on the same website, but notice the SSL connection handshake has fewer SSL messages than the first TCP/SSL connection. Explain the tradeoffs of doing this (i.e. the advantage and disadvantage of the shortened subsequent handshakes) and how it is achieved (refer to fields in the captured packets). Marking Scheme a) The diagram must have all packets clearly labelled to obtain full marks. Missed messages, incorrect messages or unclear diagram will result in loss of marks. b) 1 mark for each sub-question that has correct answer and reasoning with reference to captured packets.
c) Full marks if the method is clearly described with references to fields and messages in the capture. Minor misunderstandings will receive 2 marks. Poor description and/or incorrect method will receive 0 or 1 mark. d) Description and explanation must demonstrate good understanding of issue to receive full marks. e) Full marks if at least one advantage, at least one disadvantage, and explanation of how the shortened handshake is achieved is correct.
Question 3 – Securing a Small Network [9 marks] Objective: be aware of security features available in WiFi networks, how to deal with threats, as well as password management. Scenario: After graduation, you and 10 of your classmates have formed a startup to commercialise an idea based on your expertise gained from your degree. You have rented a large house where everyone will work together, trying to rapidly turn the idea into a proof-of- concept and eventually marketable product. You are confident in your idea and plan, and expect if you can quickly get to market, your product will be worth millions of dollars, and may result in a buyout from the likes of Google, Facebook, etc. You expect to have 10 to 15 others work with you, either temporarily or full-time, over the next few months. The house you are using as an office will also have regular visitors: friends and family, advisors, potential clients and funders, … . Your network contains several servers and desktops, but primarily everyone works with their own laptop, tablet and phone (they are personal devices of many different types and using different operating systems), and use cloud computing for many non-critical services (email, messaging, non-confidential file storage). The key Intellectual Property is in the form of files (e.g. designs, code, graphics) and is stored on internal servers. The house has two Internet connections: NBN as well as an ADSL2 line. Although there is a wired Ethernet network connecting the desktops and servers, most users will use WiFi. Despite your big plans, you have little income, and cannot afford people dedicated to network administration. Therefore you have been assigned the initial task of setting up the WiFi network, as well as producing a set of recommendations for securing the network. You already have 6 consumer-grades Wi-Fi routers (e.g. TP-Link Archer C series) installed across the house. They provide coverage for most of the area, but there are some dead-zones outside and in some rooms. You don’t have the budget or time to deploy dedicated authentication servers: you want to setup the Wi-Fi routers, and then spend little or no time administering them over the coming months. Consider the security of the Wi-Fi network. You want to set it up so startup members can use the network, but also provide access to visitors and temporary workers. Although you are a small, new startup, your Intellectual Property is potentially very valuable, so different attacks on your network are likely. a) [3 marks] Explain what technologies/settings you will use in securing the WiFi network. Refer to specific technologies/settings and explain why you would use them. For example, “On every WiFi router enable feature X. The reason for doing this is …”. As an example of the features available on WiFi routers, see the emulation website for TP-Link devices: http://www.tp-link.com/en/emulators.html Despite the members of the startup having little time to worry about network security, they all realise that with the value of their Intellectual Property, network security is important. Therefore they will listen to and follow any recommendations you make in using the internal network.
b) [3 marks] Provide a list of recommendations for the startup members in using the internal network. The recommendations are things the users should or should not do to ensure the internal network is secure. For each recommendation give a concise description, explain the reason for the recommendation, and explain any potential disadvantages or weaknesses of following the recommendation. For example, “Recommendation 1: Never do X. The reason is because of Y. The drawback of this is that you won’t be able to do Z.” (This is just a short example; the recommendations may be longer, more detailed). Now consider the external networks, and especially how the startup members use many different cloud services (e.g. Google Docs, Facebook, Twitter, Slack, AWS, …). Each member may have accounts on many different services, and may want to login to those accounts from their own devices (laptop, tablet and phone), as well as other devices (e.g. shared desktops, temporarily using someone else’s laptop). c) [3 marks] Provide a list of recommendations for the startup members in managing (including creating) their passwords and authentication information. For each recommendation give a concise description, explain the reason for the recommendation, and explain any potential disadvantages or weaknesses of following the recommendation. Marking Scheme For sub-questions a), b) and c) marks will be allocated based on the completeness, accuracy and clarity of your answer.  An answer is considered complete if you have listed the main possible answers (technologies, settings, recommendations). You do not have to list all possible answers to be considered complete, but should have most of the relevant answers. There is not fixed number of technologies, settings or recommendations to be considered complete.  An answer is considered accurate if it is correct and/or appropriate. The explanation/reasoning you provide in your answer is an important part to convincing the marker it is correct/appropriate.  An answer is considered clear if it can be easily read and understood by a marker with similar knowledge to other good students. The explanations are detailed and use terminology appropriate for the course. Overall, the answers must demonstrate a good understanding of the important issues that arise from the question.
Question 4 – Intrusion Detection with Snort [9 marks] Objective: gain experience with using Snort and with identifying/analysing packet traces You are the administrator for a network that has users exchanging files using various approved server applications (HTTP and SSH). You have discovered that image editing software used in the organisation has a bug such that JPEG image files may trigger malicious behaviour when opened. As one method to minimise the impact of the bug, you have configured the servers to monitor any JPEG files transferred. However you believe some users are exchanging images using other, unapproved, applications. Therefore your task is to identify in real-time which and when users are exchanging JPEG files using unapproved applications. You will use Snort to alert you of such exchanges. Your task: write Snort rules that alert you of the start of an exchange of a JPEG file that does not involve HTTP or SSH. The rules should be clearly commented. The file a02- assignment-2-question-4-capture.pcap is a trace of the packets exchanged in the network. Use it as an input to Snort to complete this task. Requirements and Hints:  The computers and ports of the approved HTTP and SSH servers may vary. Therefore, as they may change over time, you CANNOT use IP addresses or port numbers to alert you to an unapproved exchange.  Other file formats exchanged using unapproved applications (non-HTTP, non-SSH) are not of interest to you. You only want to be alerted about JPEG files.  The file a02-assignment-2-question-4-capture.pcap was obtained on a non- standard system that resulted in some erroneous packet checksums. Therefore you MUST use the “-k none” option with Snort to disable all checksum checks.  Print the following message when an unapproved JPEG exchange is initiated: Exchange of JPEG file using unapproved application  As a hint, there are 5 unapproved JPEG exchanges. Answer the following sub-questions: a) [5 marks] Submit your Snort rules as a single file called id-snort.conf (replace id with your student ID). Make sure the rules are clearly explained via the comments in the file. Your file will be tested with the following Snort command: snort –k none –c id-snort.conf –r a02-assignment-2-question-4-capture.pcap The alert file produced should contain 5 messages, and the log file produced should contained 5 packets. b) [2 marks] Explain one method that a malicious user could use to avoid detection by your rules.
c) [2 marks] For the 5 alerts, find the actual JPEG images that were exchanged. Hint: you don’t have to use Snort to get this answer. You may use Wireshark or other software, however the answer must come only from the capture file provided. For your answer, include the 5 images in your assignment report (do NOT submit the JPEG files on Moodle; just embed them in your report) and explain how you obtained them. Marking Scheme a) To obtain 5 marks your Snort rules most return the correct 5 packets using correct conditions (e.g. not using IP addresses, but using conditions that would work for other traces) and have comments that explain the rules. No or poor comments, but correct rules, will result in a score of 2 to 4 marks. Incorrect rules (using the wrong conditions, not matching the correct packets) will result in a score of 0 to 3. b) The method must be realistic within the context of the scenario and well explained to obtain 2 marks. c) If all 5 images are included in the report and the method is appropriate you will obtain 2 marks. Including the images with no or poor explanation will result in 0 or 1 mark (depending on part a) answer).
Question 5 – Firewall Rules [6 marks] Objective: understand firewall rules and the importance of consistency and ordering. Consider a firewall configured with the following rules: Rule No. Transport Protocol Source IP Source Port Destination IP Destination Port Action 1 UDP 0.0.0.0/0 any 129.174.17.180 53 allow 2 TCP 55.66.77.0/24 any 129.174.17/180 22 allow 3 TCP 55.66.77.12 4500 129.174.17/180 22 deny 4 TCP 127.0.0.1 443 129.174.17/180 6000 allow 5 TCP 0.0.0.0/0 any 129.174.17/180 6000 deny 6 UDP 0.0.0.0/0 any 129.174.17/180 32768 deny 7 TCP 0.0.0.0/0 any 129.174.17/180 32769 deny 8 TCP 0.0.0.0/0 any 129.174.17/180 32768 deny 9 TCP 0.0.0.0/0 any 129.174.17/180 80 allow 10 UDP 129.174.16.20 1025 0.0.0.0/0 65535 allow 11 UDP 129.174.20.100 1025 0.0.0.0/0 65535 allow 12 UDP 129.174.18.100 1025 0.0.0.0/0 65535 allow 13 any 0.0.0.0/0 any 0.0.0.0/0 any allow 14 TCP 0.0.0.0/0 any 0.0.0.0/0 any deny 15 UDP 0.0.0.0/0 any 0.0.0.0/0 any deny 16 TCP 0.0.0.0/0 any 129.57.17.180 6000:6010 deny 17 TCP 0.0.0.0/0 any 129.174.17.180 0:1024 deny 18 any 0.0.0.0/0 any 129.174.17.180 any deny a) [3 marks] Describe the meaning of a rule conflict. Identify all conflicting rules in the above table. b) [3 marks] Identify any redundancies in the table, and for each, explain which rule would be applied if using each of the following 3 matching strategies: first, best, last. For example, if you identify a redundancy, then state which rule would be applied if first matching was used, then state which rule would be applied if best matching was used, and then for last matching. Repeat for other redundancies.
Marking Scheme Both sub-questions require you to identify all possible correct answers (i.e. all conflicts, all redundancies), and in b) give appropriate explanations to obtain full marks. Missing correct answers and/or poor explanations will see marks deducted.

Recommended

CMGT 432 Focus Dreams/newtonhelp.com
CMGT 432 Focus Dreams/newtonhelp.comCMGT 432 Focus Dreams/newtonhelp.com
CMGT 432 Focus Dreams/newtonhelp.combellflower111
 
Authentication in Different Scenarios
Authentication in Different ScenariosAuthentication in Different Scenarios
Authentication in Different ScenariosRaj Sikarwar
 
CS6601 DISTRIBUTED SYSTEMS
CS6601 DISTRIBUTED SYSTEMSCS6601 DISTRIBUTED SYSTEMS
CS6601 DISTRIBUTED SYSTEMSKathirvel Ayyaswamy
 
Authentication in Different Scenarios
Authentication in Different ScenariosAuthentication in Different Scenarios
Authentication in Different ScenariosRaj Sikarwar
 
IRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption TechniquesIRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption TechniquesIRJET Journal
 
Exploiting tls to disrupt privacy of web application's traffic
Exploiting tls to disrupt privacy of web application's trafficExploiting tls to disrupt privacy of web application's traffic
Exploiting tls to disrupt privacy of web application's trafficSandipan Biswas
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C Programming
2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C Programming2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C Programming
2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C ProgrammingPuneeth Puni
 

Recommended

CMGT 432 Focus Dreams/newtonhelp.com
CMGT 432 Focus Dreams/newtonhelp.comCMGT 432 Focus Dreams/newtonhelp.com
CMGT 432 Focus Dreams/newtonhelp.combellflower111
 
Authentication in Different Scenarios
Authentication in Different ScenariosAuthentication in Different Scenarios
Authentication in Different ScenariosRaj Sikarwar
 
CS6601 DISTRIBUTED SYSTEMS
CS6601 DISTRIBUTED SYSTEMSCS6601 DISTRIBUTED SYSTEMS
CS6601 DISTRIBUTED SYSTEMSKathirvel Ayyaswamy
 
Authentication in Different Scenarios
Authentication in Different ScenariosAuthentication in Different Scenarios
Authentication in Different ScenariosRaj Sikarwar
 
IRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption TechniquesIRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption TechniquesIRJET Journal
 
Exploiting tls to disrupt privacy of web application's traffic
Exploiting tls to disrupt privacy of web application's trafficExploiting tls to disrupt privacy of web application's traffic
Exploiting tls to disrupt privacy of web application's trafficSandipan Biswas
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C Programming
2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C Programming2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C Programming
2 IJAERS-JUN-2015-6-RSA and Modified RSA algorithm using C ProgrammingPuneeth Puni
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 
Java Abs Scalable Wireless Ad Hoc Network Simulation Using
Java Abs Scalable Wireless Ad Hoc Network Simulation UsingJava Abs Scalable Wireless Ad Hoc Network Simulation Using
Java Abs Scalable Wireless Ad Hoc Network Simulation Usingncct
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol ijujournal
 
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution MethodNovel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution MethodIDES Editor
 
A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5ijsrd.com
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for AuthenticationEncrypted Negative Password using for Authentication
Encrypted Negative Password using for Authenticationijtsrd
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Hash
HashHash
HashTazo Al
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Using pgp with mule
Using pgp with muleUsing pgp with mule
Using pgp with muleAnil Kumar V
 
Md5
Md5Md5
Md5annamalai
 
6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Is unit 5_message authentication and hash functions
Is unit 5_message authentication and hash functionsIs unit 5_message authentication and hash functions
Is unit 5_message authentication and hash functionsSarthak Patel
 
Iaetsd enhanced cryptography algorithm for providing
Iaetsd enhanced cryptography algorithm for providingIaetsd enhanced cryptography algorithm for providing
Iaetsd enhanced cryptography algorithm for providingIaetsd Iaetsd
 
TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26Max Kleiner
 
Maxbox starter18
Maxbox starter18Maxbox starter18
Maxbox starter18Max Kleiner
 
Lab08Email
Lab08EmailLab08Email
Lab08EmailRobert Klebes
 
IRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET Journal
 
NP-lab-manual.docx
NP-lab-manual.docxNP-lab-manual.docx
NP-lab-manual.docxRaviRajput416403
 

More Related Content

What's hot

Java Abs Scalable Wireless Ad Hoc Network Simulation Using
Java Abs Scalable Wireless Ad Hoc Network Simulation UsingJava Abs Scalable Wireless Ad Hoc Network Simulation Using
Java Abs Scalable Wireless Ad Hoc Network Simulation Usingncct
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol ijujournal
 
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution MethodNovel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution MethodIDES Editor
 
Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5ijsrd.com
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for AuthenticationEncrypted Negative Password using for Authentication
Encrypted Negative Password using for Authenticationijtsrd
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Using pgp with mule
Using pgp with muleUsing pgp with mule
Using pgp with muleAnil Kumar V
 
Is unit 5_message authentication and hash functions
Is unit 5_message authentication and hash functionsIs unit 5_message authentication and hash functions
Is unit 5_message authentication and hash functionsSarthak Patel
 
Iaetsd enhanced cryptography algorithm for providing
Iaetsd enhanced cryptography algorithm for providingIaetsd enhanced cryptography algorithm for providing
Iaetsd enhanced cryptography algorithm for providingIaetsd Iaetsd
 

What's hot (17)

Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Java Abs Scalable Wireless Ad Hoc Network Simulation Using
Java Abs Scalable Wireless Ad Hoc Network Simulation UsingJava Abs Scalable Wireless Ad Hoc Network Simulation Using
Java Abs Scalable Wireless Ad Hoc Network Simulation Using
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
 
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution MethodNovel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
 
A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5
 
Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for AuthenticationEncrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Hash
HashHash
Hash
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash function
 
Using pgp with mule
Using pgp with muleUsing pgp with mule
Using pgp with mule
 
Md5
Md5Md5
Md5
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
 
Is unit 5_message authentication and hash functions
Is unit 5_message authentication and hash functionsIs unit 5_message authentication and hash functions
Is unit 5_message authentication and hash functions
 
Iaetsd enhanced cryptography algorithm for providing
Iaetsd enhanced cryptography algorithm for providingIaetsd enhanced cryptography algorithm for providing
Iaetsd enhanced cryptography algorithm for providing
 

Similar to A02 assignment-2

TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26Max Kleiner
 
Maxbox starter18
Maxbox starter18Maxbox starter18
Maxbox starter18Max Kleiner
 
IRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET Journal
 
Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Jayanth Dwijesh H P
 
Digital Certified Mail
Digital Certified MailDigital Certified Mail
Digital Certified MailMatthew Chang
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
Final ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docxFinal ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docxAKHIL969626
 
VWBPE 2020 - Overcoming LSL Limitations in Second Life
VWBPE 2020 - Overcoming LSL Limitations in Second LifeVWBPE 2020 - Overcoming LSL Limitations in Second Life
VWBPE 2020 - Overcoming LSL Limitations in Second Lifejbhancroft
 
maXbox_Arduino_Pascal_Magazine
maXbox_Arduino_Pascal_MagazinemaXbox_Arduino_Pascal_Magazine
maXbox_Arduino_Pascal_MagazineMax Kleiner
 
XML Tutor maXbox starter27
XML Tutor maXbox starter27XML Tutor maXbox starter27
XML Tutor maXbox starter27Max Kleiner
 
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)BGSBU Rajouri
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmIJCSEA Journal
 
IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...
IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...
IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...IRJET Journal
 
Unit 3 Assignment 1 Osi Model
Unit 3 Assignment 1 Osi ModelUnit 3 Assignment 1 Osi Model
Unit 3 Assignment 1 Osi ModelJacqueline Thomas
 

Similar to A02 assignment-2 (20)

TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26
 
Maxbox starter18
Maxbox starter18Maxbox starter18
Maxbox starter18
 
Lab08Email
Lab08EmailLab08Email
Lab08Email
 
IRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DES
 
NP-lab-manual.docx
NP-lab-manual.docxNP-lab-manual.docx
NP-lab-manual.docx
 
NP-lab-manual (1).pdf
NP-lab-manual (1).pdfNP-lab-manual (1).pdf
NP-lab-manual (1).pdf
 
NP-lab-manual.pdf
NP-lab-manual.pdfNP-lab-manual.pdf
NP-lab-manual.pdf
 
Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.
 
Digital Certified Mail
Digital Certified MailDigital Certified Mail
Digital Certified Mail
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
Final ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docxFinal ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docx
 
VWBPE 2020 - Overcoming LSL Limitations in Second Life
VWBPE 2020 - Overcoming LSL Limitations in Second LifeVWBPE 2020 - Overcoming LSL Limitations in Second Life
VWBPE 2020 - Overcoming LSL Limitations in Second Life
 
maXbox_Arduino_Pascal_Magazine
maXbox_Arduino_Pascal_MagazinemaXbox_Arduino_Pascal_Magazine
maXbox_Arduino_Pascal_Magazine
 
HHS_TOC_Glossary EMERSON EDUARDO RODRIGUES
HHS_TOC_Glossary EMERSON EDUARDO RODRIGUESHHS_TOC_Glossary EMERSON EDUARDO RODRIGUES
HHS_TOC_Glossary EMERSON EDUARDO RODRIGUES
 
XML Tutor maXbox starter27
XML Tutor maXbox starter27XML Tutor maXbox starter27
XML Tutor maXbox starter27
 
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)
 
Bt0076, tcpip
Bt0076, tcpipBt0076, tcpip
Bt0076, tcpip
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
 
IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...
IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...
IRJET- Privacy Preserving Cloud Storage based on a Three Layer Security M...
 
Unit 3 Assignment 1 Osi Model
Unit 3 Assignment 1 Osi ModelUnit 3 Assignment 1 Osi Model
Unit 3 Assignment 1 Osi Model
 

More from Sandeep Ratnam

Networ routingnswitching
Networ routingnswitchingNetwor routingnswitching
Networ routingnswitchingSandeep Ratnam
 
Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504Sandeep Ratnam
 
Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017Sandeep Ratnam
 
Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)Sandeep Ratnam
 
Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)Sandeep Ratnam
 
Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1Sandeep Ratnam
 
Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1Sandeep Ratnam
 
Itc548 system analysis
Itc548 system analysisItc548 system analysis
Itc548 system analysisSandeep Ratnam
 
Itc544 computer organization
Itc544 computer organizationItc544 computer organization
Itc544 computer organizationSandeep Ratnam
 
Itc508 objective modelling
Itc508 objective modellingItc508 objective modelling
Itc508 objective modellingSandeep Ratnam
 
Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1Sandeep Ratnam
 
Coit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_specCoit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_specSandeep Ratnam
 
Coit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_specCoit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_specSandeep Ratnam
 
Coit20264 network design assignment 2
Coit20264 network design assignment 2Coit20264 network design assignment 2
Coit20264 network design assignment 2Sandeep Ratnam
 
Coit20263 information security management assignment 2
Coit20263 information security management assignment 2Coit20263 information security management assignment 2
Coit20263 information security management assignment 2Sandeep Ratnam
 
Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)Sandeep Ratnam
 

More from Sandeep Ratnam (20)

Req
ReqReq
Req
 
Network switching
Network switchingNetwork switching
Network switching
 
Networ routingnswitching
Networ routingnswitchingNetwor routingnswitching
Networ routingnswitching
 
Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504
 
Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017
 
Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)
 
Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)
 
Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1
 
Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1
 
Itc548 system analysis
Itc548 system analysisItc548 system analysis
Itc548 system analysis
 
Itc544 computer organization
Itc544 computer organizationItc544 computer organization
Itc544 computer organization
 
Itc508 objective modelling
Itc508 objective modellingItc508 objective modelling
Itc508 objective modelling
 
Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1
 
Dba2 spec
Dba2 specDba2 spec
Dba2 spec
 
Csce 5580 001_s17_pa2
Csce 5580 001_s17_pa2Csce 5580 001_s17_pa2
Csce 5580 001_s17_pa2
 
Coit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_specCoit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_spec
 
Coit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_specCoit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_spec
 
Coit20264 network design assignment 2
Coit20264 network design assignment 2Coit20264 network design assignment 2
Coit20264 network design assignment 2
 
Coit20263 information security management assignment 2
Coit20263 information security management assignment 2Coit20263 information security management assignment 2
Coit20263 information security management assignment 2
 
Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)
 

Recently uploaded

INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Dust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEDust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEaurabinda banchhor
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxruthvilladarez
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 

Recently uploaded (20)

INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Dust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEDust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSE
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 

A02 assignment-2

  • 1. Need this or a similar Assignment Contact: qualityonewriters@gmail.com Whatsapp/Call: +91-9502220077 COIT20262 – Advanced Network Security, Term 2, 2016 Assignment 2 Due date: 5pm Friday 7th October 2016 (Week 12) ASSESSMENT Weighting: 50% 2Length: N/A Note: Attempt all questions Assignment Submission Your assignment must be in Microsoft Word format, and must be submitted electronically by the due date via the Moodle website Question 1 – Cryptographic Operations with GPG [10 marks] Objective: gain experience with using software to perform common cryptographic operations. There are many different software (and hardware) implementations of cryptographic operations. GNU Privacy Guard (GPG) is one such piece of software, which focusses on a simple, open source implementation of common public key operations (but also includes symmetric key encryption). In this task you must use GPG to perform some common operations to communicate securely with the course coordinator. GPG is available for most operating systems. You will need to install it on your computer to complete this task. Chapter 1 of the GNU Privacy Handbook provides examples of using most of the commands needed for this task. Others may be found in the ‘man’ or help page for the command once installed.
  • 2. Scenario: you want to send a message to the course coordinator. You will do that by submitting a file on Moodle. But you want the communications to be secure (you don’t even trust other staff that can also access Moodle submissions). You will use symmetric key cryptography to encrypt the message. But the problem with symmetric key cryptography is that a shared secret key must be exchanged somehow. A common solution is to encrypt the shared secret key using public key cryptography. So in fact you will send two pieces of information to the course coordinator (although in one file): a message and the shared secret key. The course coordinator wants to be sure the message they receive came from you, therefore you will also sign the message. This assumes you know the course coordinators public key, which is available on Moodle. In the following instructions when you see id in a filename, replace it with your student ID. For example, if your student ID is s123456, then the message file will be called s123456- message.txt. Similarly, replace the example names, IDs, emails with yours. a) Create the message by putting the following inside a text file named id- message.txt: Name: <include your name here> ID: <include your ID here> Email: <include your email here> Message: <Write one or more paragraphs that explain which software used in the assignments is the hardest to use, and why. This is not assessed but is useful feedback.> b) Create a shared secret key by generating a 12 byte random value encoded as base64. Put the 16 character base64 value in a file called id-sharedsecret.txt. Hint: use gpg to generate the random bytes, and include the --armor option to encode as base64. c) Generate your own RSA 2048-bit key pair. Include your name and CQU email address when prompted. For simplicity in this assignment, do not use a passphrase on your key (if you do, make sure you remember it). d) Export your public key and save it to a text file called id-publickey.txt. Use the -- armor option to generate a text based public key. e) Create a detached signature of the message, saving that signature as id-message.sig. f) Combine the message (id-message.txt) and signature (id-message.sig) into a single file called id-signedmessage.zip) using ZIP. Do not include any directories or other files in the ZIP file – it should contain just two files. g) Use AES128 to encrypt the zip file. When prompted for a passphrase, use the 16 character shared secret generated earlier. The output file is called id- signedmessage.enc. h) Use RSA to encrypt the shared secret. The output file is called id- sharedsecret.gpg. i) “Send” the two encrypted files to the course coordinator by submitting on Moodle. Also “publish” your public key by submitting on Moodle.
  • 3. In your assignment for this question include the list of GPG commands you used in each step above, and with each command, a short explanation of what it does (including what the options do). If a step did not use a GPG command, then just explain what you did in that step. Marking Scheme Once files are submitted, they will be decrypted/verified using the reverse operations of what you were expected to do. If your files successfully decrypt/verify, and the obtained plaintext files are in the correct format, you will receive 7 marks. If the commands are listed and explained correctly in your assignment submission then you will receive an additional 3 marks. If the explanations are incorrect or do not explain options, then you will be deducted 1 to 3 marks (e.g. receive 7, 8 or 9 out of 10 in total). If your files do NOT successfully decrypt/verify, then your list and explanation of the commands will be reviewed to determine what mistakes you made. For each mistake you will be deducted 3 marks. For example, if you make one mistake but all your other commands and explanations are correct, then you will receive 7 out of 10. Two mistakes will receive 4 out of 10, and so on. Additional marks may be deducted (up to 3) if your explanations are incorrect or do not explain options. Question 2 – Secure Web Browsing with HTTPS [16 marks] Objective: understand basics of HTTPS protocol operation, format of digital certificates, and role of different ciphers in Internet communications. For secure web browsing HTTPS is used. HTTPS is essentially HTTP on top of Secure Sockets Layer (SSL). However over time SSL has been upgraded to various versions, and renamed to Transport Layer Security (TLS). TLS1.0 was very similar to SSL3. TLS1.1 saw significant changes and separation from SSL3. Now TLS1.2 is recommended for use, and SSL3 and earlier no longer considered secure. Despite the differences, you will often see SSL and TLS used interchangeably. In the following we will refer to SSL, but be aware it means TLS in many cases. How does SSL work? Your task is to find out. As a starting point, SSL uses a Record protocol to deliver different SSL messages between client and server. At the start of a SSL connection a Handshake Protocol is used. After the handshake is finished, encrypted application data is sent. After the data is sent, an encrypted Alert message may be sent to notify the close of the SSL connection. One or more HTTP exchanges may be performed in a single SSL connection. The file a02-assignment-2-question-2-capture.pcap includes packets for several HTTPS exchanges from a single web browser to a single website. a) [4 marks] Draw a message sequence diagram that illustrates the SSL packets belonging to the first TCP connection in the file. Refer to the instructions in assignment 1 for drawing a message sequence diagram, as well as these additional requirements: - Only draw the SSL packets; do not draw the 3-way handshake, TCP ACKs or connection close. Hint: identify which packets belong to the first TCP connection and then filter with “ssl” in Wireshark. Depending on your Wireshark version, the protocol may show as “TLSv1.2”.
  • 4. - A single TCP packet may contain one or more SSL messages (in Wireshark look inside the packet for each “Record La3yer” entry to find the SSL message names). Make sure you draw each SSL message. If a TCP packet contains multiple SSL messages, then draw multiple arrows, one for each SSL message, and clearly label each with SSL message name. - Clearly mark which packets/messages are encrypted. b) [5 marks] Considering the first TCP connection only, answer the following questions. You must explain the reason for your answer by referring to specific parts of the capture. For example, “The answer is X as field Y in packet number Z shows that …”. i. What is the domain of the website that the web browser visited? ii. What symmetric key cipher was used for encrypting the data? iii. What public key cipher was used for exchanging a secret? iv. What cipher and what hash algorithm are used in signing the web servers certificate? v. How many HTTP requests do you think were exchanged in the first SSL connection? Why? c) [3 marks] The user of the web browser typed in a URL containing some domain (answer in question (b) i.). Explain how the web browser knows it is communicating with the server of that domain (and it is not a server pretending to be for that domain). Refer to the specific messages/fields in the capture and the names of the organizations/entities. d) [2 marks] If you were using your browser to visit the same webpages as in the capture (assuming it is a real website and you have access to it), do you think your web browser would present any warnings or errors? Explain your answer. e) [2 marks] In the second and third TCP connections in the capture, the web browser is continuing to access webpages on the same website, but notice the SSL connection handshake has fewer SSL messages than the first TCP/SSL connection. Explain the tradeoffs of doing this (i.e. the advantage and disadvantage of the shortened subsequent handshakes) and how it is achieved (refer to fields in the captured packets). Marking Scheme a) The diagram must have all packets clearly labelled to obtain full marks. Missed messages, incorrect messages or unclear diagram will result in loss of marks. b) 1 mark for each sub-question that has correct answer and reasoning with reference to captured packets.
  • 5. c) Full marks if the method is clearly described with references to fields and messages in the capture. Minor misunderstandings will receive 2 marks. Poor description and/or incorrect method will receive 0 or 1 mark. d) Description and explanation must demonstrate good understanding of issue to receive full marks. e) Full marks if at least one advantage, at least one disadvantage, and explanation of how the shortened handshake is achieved is correct.
  • 6. Question 3 – Securing a Small Network [9 marks] Objective: be aware of security features available in WiFi networks, how to deal with threats, as well as password management. Scenario: After graduation, you and 10 of your classmates have formed a startup to commercialise an idea based on your expertise gained from your degree. You have rented a large house where everyone will work together, trying to rapidly turn the idea into a proof-of- concept and eventually marketable product. You are confident in your idea and plan, and expect if you can quickly get to market, your product will be worth millions of dollars, and may result in a buyout from the likes of Google, Facebook, etc. You expect to have 10 to 15 others work with you, either temporarily or full-time, over the next few months. The house you are using as an office will also have regular visitors: friends and family, advisors, potential clients and funders, … . Your network contains several servers and desktops, but primarily everyone works with their own laptop, tablet and phone (they are personal devices of many different types and using different operating systems), and use cloud computing for many non-critical services (email, messaging, non-confidential file storage). The key Intellectual Property is in the form of files (e.g. designs, code, graphics) and is stored on internal servers. The house has two Internet connections: NBN as well as an ADSL2 line. Although there is a wired Ethernet network connecting the desktops and servers, most users will use WiFi. Despite your big plans, you have little income, and cannot afford people dedicated to network administration. Therefore you have been assigned the initial task of setting up the WiFi network, as well as producing a set of recommendations for securing the network. You already have 6 consumer-grades Wi-Fi routers (e.g. TP-Link Archer C series) installed across the house. They provide coverage for most of the area, but there are some dead-zones outside and in some rooms. You don’t have the budget or time to deploy dedicated authentication servers: you want to setup the Wi-Fi routers, and then spend little or no time administering them over the coming months. Consider the security of the Wi-Fi network. You want to set it up so startup members can use the network, but also provide access to visitors and temporary workers. Although you are a small, new startup, your Intellectual Property is potentially very valuable, so different attacks on your network are likely. a) [3 marks] Explain what technologies/settings you will use in securing the WiFi network. Refer to specific technologies/settings and explain why you would use them. For example, “On every WiFi router enable feature X. The reason for doing this is …”. As an example of the features available on WiFi routers, see the emulation website for TP-Link devices: http://www.tp-link.com/en/emulators.html Despite the members of the startup having little time to worry about network security, they all realise that with the value of their Intellectual Property, network security is important. Therefore they will listen to and follow any recommendations you make in using the internal network.
  • 7. b) [3 marks] Provide a list of recommendations for the startup members in using the internal network. The recommendations are things the users should or should not do to ensure the internal network is secure. For each recommendation give a concise description, explain the reason for the recommendation, and explain any potential disadvantages or weaknesses of following the recommendation. For example, “Recommendation 1: Never do X. The reason is because of Y. The drawback of this is that you won’t be able to do Z.” (This is just a short example; the recommendations may be longer, more detailed). Now consider the external networks, and especially how the startup members use many different cloud services (e.g. Google Docs, Facebook, Twitter, Slack, AWS, …). Each member may have accounts on many different services, and may want to login to those accounts from their own devices (laptop, tablet and phone), as well as other devices (e.g. shared desktops, temporarily using someone else’s laptop). c) [3 marks] Provide a list of recommendations for the startup members in managing (including creating) their passwords and authentication information. For each recommendation give a concise description, explain the reason for the recommendation, and explain any potential disadvantages or weaknesses of following the recommendation. Marking Scheme For sub-questions a), b) and c) marks will be allocated based on the completeness, accuracy and clarity of your answer.  An answer is considered complete if you have listed the main possible answers (technologies, settings, recommendations). You do not have to list all possible answers to be considered complete, but should have most of the relevant answers. There is not fixed number of technologies, settings or recommendations to be considered complete.  An answer is considered accurate if it is correct and/or appropriate. The explanation/reasoning you provide in your answer is an important part to convincing the marker it is correct/appropriate.  An answer is considered clear if it can be easily read and understood by a marker with similar knowledge to other good students. The explanations are detailed and use terminology appropriate for the course. Overall, the answers must demonstrate a good understanding of the important issues that arise from the question.
  • 8. Question 4 – Intrusion Detection with Snort [9 marks] Objective: gain experience with using Snort and with identifying/analysing packet traces You are the administrator for a network that has users exchanging files using various approved server applications (HTTP and SSH). You have discovered that image editing software used in the organisation has a bug such that JPEG image files may trigger malicious behaviour when opened. As one method to minimise the impact of the bug, you have configured the servers to monitor any JPEG files transferred. However you believe some users are exchanging images using other, unapproved, applications. Therefore your task is to identify in real-time which and when users are exchanging JPEG files using unapproved applications. You will use Snort to alert you of such exchanges. Your task: write Snort rules that alert you of the start of an exchange of a JPEG file that does not involve HTTP or SSH. The rules should be clearly commented. The file a02- assignment-2-question-4-capture.pcap is a trace of the packets exchanged in the network. Use it as an input to Snort to complete this task. Requirements and Hints:  The computers and ports of the approved HTTP and SSH servers may vary. Therefore, as they may change over time, you CANNOT use IP addresses or port numbers to alert you to an unapproved exchange.  Other file formats exchanged using unapproved applications (non-HTTP, non-SSH) are not of interest to you. You only want to be alerted about JPEG files.  The file a02-assignment-2-question-4-capture.pcap was obtained on a non- standard system that resulted in some erroneous packet checksums. Therefore you MUST use the “-k none” option with Snort to disable all checksum checks.  Print the following message when an unapproved JPEG exchange is initiated: Exchange of JPEG file using unapproved application  As a hint, there are 5 unapproved JPEG exchanges. Answer the following sub-questions: a) [5 marks] Submit your Snort rules as a single file called id-snort.conf (replace id with your student ID). Make sure the rules are clearly explained via the comments in the file. Your file will be tested with the following Snort command: snort –k none –c id-snort.conf –r a02-assignment-2-question-4-capture.pcap The alert file produced should contain 5 messages, and the log file produced should contained 5 packets. b) [2 marks] Explain one method that a malicious user could use to avoid detection by your rules.
  • 9. c) [2 marks] For the 5 alerts, find the actual JPEG images that were exchanged. Hint: you don’t have to use Snort to get this answer. You may use Wireshark or other software, however the answer must come only from the capture file provided. For your answer, include the 5 images in your assignment report (do NOT submit the JPEG files on Moodle; just embed them in your report) and explain how you obtained them. Marking Scheme a) To obtain 5 marks your Snort rules most return the correct 5 packets using correct conditions (e.g. not using IP addresses, but using conditions that would work for other traces) and have comments that explain the rules. No or poor comments, but correct rules, will result in a score of 2 to 4 marks. Incorrect rules (using the wrong conditions, not matching the correct packets) will result in a score of 0 to 3. b) The method must be realistic within the context of the scenario and well explained to obtain 2 marks. c) If all 5 images are included in the report and the method is appropriate you will obtain 2 marks. Including the images with no or poor explanation will result in 0 or 1 mark (depending on part a) answer).
  • 10. Question 5 – Firewall Rules [6 marks] Objective: understand firewall rules and the importance of consistency and ordering. Consider a firewall configured with the following rules: Rule No. Transport Protocol Source IP Source Port Destination IP Destination Port Action 1 UDP 0.0.0.0/0 any 129.174.17.180 53 allow 2 TCP 55.66.77.0/24 any 129.174.17/180 22 allow 3 TCP 55.66.77.12 4500 129.174.17/180 22 deny 4 TCP 127.0.0.1 443 129.174.17/180 6000 allow 5 TCP 0.0.0.0/0 any 129.174.17/180 6000 deny 6 UDP 0.0.0.0/0 any 129.174.17/180 32768 deny 7 TCP 0.0.0.0/0 any 129.174.17/180 32769 deny 8 TCP 0.0.0.0/0 any 129.174.17/180 32768 deny 9 TCP 0.0.0.0/0 any 129.174.17/180 80 allow 10 UDP 129.174.16.20 1025 0.0.0.0/0 65535 allow 11 UDP 129.174.20.100 1025 0.0.0.0/0 65535 allow 12 UDP 129.174.18.100 1025 0.0.0.0/0 65535 allow 13 any 0.0.0.0/0 any 0.0.0.0/0 any allow 14 TCP 0.0.0.0/0 any 0.0.0.0/0 any deny 15 UDP 0.0.0.0/0 any 0.0.0.0/0 any deny 16 TCP 0.0.0.0/0 any 129.57.17.180 6000:6010 deny 17 TCP 0.0.0.0/0 any 129.174.17.180 0:1024 deny 18 any 0.0.0.0/0 any 129.174.17.180 any deny a) [3 marks] Describe the meaning of a rule conflict. Identify all conflicting rules in the above table. b) [3 marks] Identify any redundancies in the table, and for each, explain which rule would be applied if using each of the following 3 matching strategies: first, best, last. For example, if you identify a redundancy, then state which rule would be applied if first matching was used, then state which rule would be applied if best matching was used, and then for last matching. Repeat for other redundancies.
  • 11. Marking Scheme Both sub-questions require you to identify all possible correct answers (i.e. all conflicts, all redundancies), and in b) give appropriate explanations to obtain full marks. Missing correct answers and/or poor explanations will see marks deducted.