III B.

Tech II Semester

Network Security
Faculty: Mr.G.Srinivas

Dept. of Computer Science & Engineering, VCET

UNIT I Syllabus:
Security Attacks (Interruption, Interception, Modification and Fabrication), Security Services (Confidentiality, Authentication, Integrity, Non-repudiation, access Control and Availability) and Mechanisms, A model for Internetwork security, Internet Standards and RFCs, Buffer overflow & format string vulnerabilities, TCP session hijacking, ARP attacks, route table modification, UDP hijacking, and man-in-the-middle attacks.

Objectives:

To understand the basic concepts of Security attacks

To understand the various to services and mechanisms To understand the model for Information Security To know the UDP hijacking Lecture plan: S.No. Topic 1 2 3 4 5 6 7 8
Security Attacks Security Services and Mechanisms A model for Internetwork security Internet Standards and RFCs Buffer overflow & format string vulnerabilities TCP session hijacking, ARP attacks

Route table modification, UDP hijacking

Man-in-the-middle attacks

No. of Lectures 1 1 1 1 1 1 1 1 8

Important Questions: 1. Define a Security attack. Explain in detail about the various types of attacks an Inter network is vulnerable to? 2. Write about Man-in-the-middle attacks?
2

Dept. of Computer Science & Engineering, VCET

3. Explain the Security services mentioned in X.800 in detail? 4. Explain the process of standardization process of Internet standards? 5. Describe the Internet standards and RFCs? 6. Gaining control over the Routing tables at layer 3 is one of the attacks Explain how Route tables modification is crucial? 7. Describe the various Security Services? 8. Compare TCP session hijacking and UDP hijacking? 9. What is a Security attack? Give the classification of the Security attacks? Assignment Questions: 1. Discuss the following terms in detail with relevant examples: i. Interruption ii. Interception iii. Modification iv. Fabrication 2. Write in detail about security mechanisms? 3. Discuss a model for Inter network security and Internet Standards?

UNIT II Syllabus: Conventional Encryption Principles, Conventional encryption algorithms, cipher block modes of operation, location of encryption devices, key distribution Approaches of Message Authentication, Secure Hash Functions and HMAC. Objectives:

To understand encryption and decryption

Dept. of Computer Science & Engineering, VCET

To understand Feistel Cipher Structure

To know various Encryption algorithms line DES, TDEA,AES,IDEA,Blowfish

To understand cipher block modes of operation

Lecture plan: Topic 1 2 3 4 5 6 7 Conventional Encryption Principles

Conventional Encryption Algorithms, DES,3DES

No. of lectures 2 2 1 1 1 1 1 9

Conventional Encryption Algorithms, AES cipher block modes of operation,

CBC,CFM,CTR

key distribution Approaches of Message Authentication Secure Hash Functions Simple,SHA1,HMAC

1. Explain the Secure Hash Algorithm (SHA-1) in detail with an example. 2. Discuss why Encryption is the most resorted security tool. Explain the conventional encryption principles. 3. Explain how message authentication is provided without message encryption. 4. Describe Feistels cipher structure with a neat illustration.

5. Explain terms related to key distribution methods: i. Session key iii. Key distribution centre

Dept. of Computer Science & Engineering, VCET

ii. Master key

iv. Security service module

6. Compare and contrast between Cryptography and Cryptology. 7. Explain the various Key distribution methods? 8. Differentiate between the symmetric block ciphers and symmetric stream ciphers. 10. Write about Key distribution? 11. Compare AES cipher versus RC4 encryption algorithm? Assignments: 1. Show that Fiestel decryption is the inverse of Fiestel encryption 2. If a bit error occurs in the transmission of a ciphertext character in 8-bit CFB mode how far does the error propagate? 3.Suppose that someone suggests the following way to confirm that the two of you are both in possession of the same secret key. You create a random bit string the length of the key, XOR it with the key and send the result over the channel. Your partner XORs the incoming block with the key and sends it back. Your check and if that you receive is your original random string, you have verified that your partner has the same secret key, yet neither of you has ever transmitted the key. Is there a flaw in this scheme? UNIT III Syllabus:
Public key cryptography principles, public key cryptography algorithms, digital signatures, digital Certificates, Certificate Authority and key management Kerberos, X.509 Directory Authentication Service.

Objectives: To understand the various approaches to message authentication

Dept. of Computer Science & Engineering, VCET

To understand SHA-1 Secure Hash Function To understand the public key encryption Structure To understand the RSA public key encryption algorithms Lecture plan S.No Topic 1 2 3 4 5 6 7 Public key cryptography principles: Encryption.Authentication,Cryptosystems
public key cryptography algorithms RSA, ,Difffie-Hellman key exchange digital signatures digital Certificates, Certificate Authority key management Kerberos

No. of lectures 1 1 1 1 1 1 1 7

X.509 Directory Authentication Service

Important Questions: 1. Explain the procedure involved in RSA public-key encryption algorithm. 2. Explain what Kerberos is and give its requirements. 3. Explain the procedure involved in RSA public-key encryption algorithm. 4. Describe the Digital certificates. 5. Describe the X.509 version 3 in detail. 6. Describe Differences between Kerberos version 4 and version 5.

Dept. of Computer Science & Engineering, VCET

Assignment: 1. Perform the RSA algorithm on the given data and explain how encryption and decryption are performed on the message: p = 3; q = 11; e = 7; M = 5. 2. Consider a Diffie-Hellman scheme with a common prime q=11 and a primitive root =2. a).If user A has public key YA=9,what is As private key XA b).If user B has public key YB =3 , what is the shared secret key K? 3. Alice and Bob wish to share private messages, where each of them of two separate keys generated. What kind of strategy would you suggest to ensure confidentiality, key management and authentication for the conversation between Alice and Bob? Explain the strategy and also highlight the design issues related to the strategy proposed. UNIT-IV Syllabus: Email privacy: Pretty Good Privacy (PGP) and S/MIME Objectives: To understand the Cryptographic keys and Key Rings To understand Public Key Management. To understand about s/MIME Functionality, s/MIME Messages, S/MIME Certificate Processing

Dept. of Computer Science & Engineering, VCET

Lecture plan S.No 1 2 3 4 Topic

Pretty Good Privacy (PGP)
Email privacy, Header formats

No. of lectures 2 2 1 1 6

S/MIME
Email privacy, Header formats, mime types

Important Questions: 1. Discuss the following in relation with S/MIME: [Apr/May 2009] i. RFC 822 ii. MIME Header fields iii. MIME Content types 2. Explain the following terms in relation with the e-mail software - PGP: [Apr/May 2009] i. E-mail compatibility ii. Segmentation and reassembly. 3. Describe how authentication and confidentiality are handled in S/MIME. [Apr/May 2009] 4. Describe clearly the Public key management in PGP. [Apr/May 2009] 5. Show how the S/MIME certification process is carried out. [Apr/May 2010]

Dept. of Computer Science & Engineering, VCET

6. Clearly explain in detail the Multipurpose Internet Mail Extensions (MIME). [Aug/Sep 2008] 7. Explain the general format of a PGP message with a pictorial representation. [Apr/May 2008] 8. What is a Certification Authority and explain its role in S/MIME. [Apr/May 2010] 9. Compare and contrast the key management in PGP and S/MIME. [Nov/Dec 2009] Assignment: 1. Phil Zimmerman choose IDEA, Triple DEA and CAST-128 as conventional encryption algs for PGP.Give reasons why each of the other conventional encryption algorithms described in this book is suitable or unsuitable for PGP:DES, two-kwy Triple DES, Blowfish, RC2 and RC5. 2. Consider radix-64 conversion as a form of encryption. In this case, there is no key. But suppose that an opponent knew only that some form of substitution algs was being used to encrypt English Text. How effective would this algorithm be against cryptanalysis. 3. Describe the five principal services that Pretty Good Privacy (PGP) provides. UNIT-V Syllabus: IP Security Overview, IP Security Architecture, Authentication Header, Encapsulating Security Payload, Combining Security Associations and Key Management. Objectives : To understand about various benefits of IP security To understand about different versions IP security services

Dept. of Computer Science & Engineering, VCET

To know about address mapping Techniques Lecture plan S.No 1 2 3 4 5 6 Topic

IP Security Overview

IP Security Architecture Authentication Header Encapsulating Security Payload Combining Security Associations Key Management

No. of lectures 1 1 1 1 1 2 7

Assignment: 1. In discussing AH processing, it was mentioned that not all of the fields in an IP header are included in MAC calculation. a). For each of the fields in the IPv4 header, indicate whether the field is immutable, mutable but predictable, or mutable b) Do the same for the IPv6 header. c).Do the same for the IPv6 extension headers In each case, justify your discussion for each field. 2. When tunnel mode is used, a new outer IP header is constructed. For both IPv4 and IPv6,indicate the relationship of each outer IP header field and each extension header in the outer packet to the corresponding field or extension header of the inner IP packet.That is indicate outer values are derived from inner values and which are constructed independently of the inner values. 3. Explain about tunneling and header translation and dual stack?

10

Dept. of Computer Science & Engineering, VCET

UNIT-VI Syllabus: Web Security Requirements, Secure Socket Layer (SSL) and Transport Layer Security (TLS), Secure Electronic Transaction (SET). Objectives: To know about various web security considerations To know web traffic security Approaches To know about SSL architecture To understand SSL Record Protocol To understand Secure Electronic Transactions Lecture plan S.No 1 2 3 4 Topic Web Security Requirements Secure Socket Layer (SSL) Transport Layer Security (TLS) Secure Electronic Transaction (SET). No. of lectures 1 2 2 2 7

Important Questions 1. Explain the significance of dual signature in SET? 2. List the services provided by TLS? 3. Explain how SSL makes use of TCP to provide a reliable end-to-end secure
11

Dept. of Computer Science & Engineering, VCET service. Assignment: 1.In SSL and TSL, why is there a separate Change Cipher Spec Protocol, rather than including a change_cipher_spec messae in the Handshake Protocol? 2.Based on what ,is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so,explain how it can be done. If not whyt?

UNIT-VII Syllabus: Basic concepts of SNMP, SNMPv1 Community facility and SNMPv3. Intruders, Viruses and related threats. Objectives: To know about Network Management Architecture To understand about various versions of SNMP To know about SNMP message formats Lecture plan: S.No 1 2 3 4 5 Topic
Basic concepts of SNMP SNMPv1 Community facility SNMPv3
Intruders

No. of lectures 2 1 1 2 2 8

Viruses and related threats

12

Dept. of Computer Science & Engineering, VCET

Important Questions: 1. Rule-based penetration identi_cation: intrusion detection 2.What is a traffic descriptor and what is traffic shaping? 3. Explain the intrusion detection tool: audit records? Assignment:
1.RFC 2574 states that for a nonauthoritative engine, the values of msgAuthoritative EngineBoots and msgAuthoritativeEngineTime in an outgoing message header are set only if the message is to be authenticated by authoritative receiver.Why does this restriction make sense? 2.However, for a Response message from an authoritative engine, the values of msgAuthoritativeEngineBoots and msgAuthoritativeEngineTime in the outgoing message header are always set.why might this be so?

UNIT-VIII Syllabus: Firewall Design principles, Trusted Systems. Intrusion Detection Systems Objectives:

To know about various types Firewalls

To understand Firewall configurations To know Trojan Horse Defense

Lecture Plan:

13

Dept. of Computer Science & Engineering, VCET

S.No 1 2 3

Topic
Firewall Design principles Trusted Systems Intrusion Detection Systems

No. of lectures 2 2 1 5

Important Questions: Discuss 3 configurations of firewalls. Explain in detail the two broad categories of statistical anomaly detection and also mention the measures that may be used for intrusion detection.
Explain Application-level gateway: Firewall.

What is R64 conversion? Why is R64 conversion useful for an e-mail application? Explain: Rule-based penetration identification: intrusion detection

Assignment: 1. The necessity of the no read up rule for a multilevel secure system is fairly obvious .what is the importance of the no-write down rule? 2. The encryption scheme used for UNIX passwords in one way; it is not possible ASCII characters and that all passwords are 10 characters length. Assume a pwd cracker with an encryption rate of 6.4 million encryptions per second. How long will it take to test exhaustively all possible passwords on a UNIX system?

14