Network Security University QP 2 Mark Questions and Answers

1) MIME S/MIME-Secure/Multipurpose Internet Mail Extension It is a security enhancement to the MIME internet email format standard based on technology from RSA data security. The five headers are MIME version-1.1, content typetype/subtype, content transforms encoding, content ID, content description.

2) PGP (Pretty good privacy) PGP was invented by phil zimmer maan to provide email with privacy, integrity and authentication. It can be used to create secure email message or to store a file securely for future retrieval.

3) Modification detection code:

MDC is a message digest that can prove the integrity of the message: that message has not been changed. Alice can create message digest, MDC and send both to bob.bob can create new MDC from the message and compared with received MDC. if they are same the message is not changed.

4) Chinese remainder theorem: It is used to solve a set congruent equations with one variable but different moduli,which are relatively prime as shown below X=a1(mod m1) X=a2(mod m2) . . X=ak(mod mk) 5) Birthday attack: A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties. The attacks depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations (pigeonholes).

6) Unique properties of hashing: •

Speed of generation of result

•

How uniform the result are

•

There are minimum number of collisions

•

If there are collision it should have provision of mapping it to the other location

7) Difference between Information security and Communication security: Information security

Communication security

•

•

It is a practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal inspection, recording or destination The elements are confidentiality, integrity, possession, authenticity, utility availability

•

•

It is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form while still delivering content to the The specialties are crypto security, emission security, physical security, traffic flow security & transmission security

8) Characteristics of good cipher: •

Large key to resist brute-force search

•

Published, reviewed algorithm a) Security depends entirely on secret of key b) Security cannot depend on algorithm secrecy

•

Resistance to chosen plain text attack

9) Role of modular arithmetic and prime numbers in cryptographic algorithm: Modular arithmetic: 1) In modular arithmetic, we are interested in only one of the outputs, the remainder ‘r’ we don’t care about the quotient ‘q’. 2) This implies that we can change the above relation into a binary operation with inputs ‘a’ & ‘n’ and one output ‘r’. Prime numbers: Prime number is a natural number greater than 1 that has no positive divisors other than 1 itself. The property of being prime is primarily. it is used in public key cryptography algorithms and also in hash takes and pseudorandom number generators. Two integers a and b are relatively prime if gcd (a,b)=1. Eg: gcd(20,7)=gcd(7,20 mod 7) =gcd(7,6) =gcd(1,0) = 1.

10) Compare VIRUS and WORM VIRUS WORM a) Computer virus attaches itself to a a) A worm is similar to a virus but by program or file enabling it to spread form design is considered to be a sub class of one computers to another, leaving virus .Worm spread from computer to infections as it travels. computer. b) viruses which requires the spreading of b) Worms are programs that replicate infected host file themselves from system to system c) Spread with uniform programmed without the use of the host file. c) Worms spread more rapidly than viruses.