Network Security - Mid Sem Solution

Mid-Sem Paper Solutions:

Question:

What are the different types of active security attack ?

Answer:

Security Attack: Any action that compromises the security of information owned by an organization. There are 2 types of attack as shown below.

Active Attack:

An Active attack attempts to alter system resources or effect their operations. The attacker changes the data or harms the system.

Passive Attacks:

The attacker’s goal is to just obtain the information. The attack does not harm the system.

Types of active attacks include:

• Denial of service (DoS) - It prevents normal use of communication facilities. Slowing down or totally interrupt the service of the system. E.g. multiple requests to bring an exam result server down.
• Session replay - Subsequent retransmission of a captured message to produce an unauthorized effect. E.g. Bill payment fake reminders.
• Masquerade - Masquerade attack takes place when one entity pretends to be different entity. E.g. Hoax bank sites. 
• Message modification - It means that some portion of a message is altered or that message is delayed or reordered to produce an unauthorized effect.
• Repudiation - Sender denies that it sent the message or the receiver denies that it received the message.
• Trojans - A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on your data or network.

Types of passive attack include:

• Snooping - Data is intercepted by an unauthorized person. E.g. Tapping
• Traffic Analysis - May be the data is masked, so no information can be extracted but some patterns like - sender, receiver, message length, time of the message etc. can be extracted to make intelligent guesses.

Question:

Write the pseudo code of the RC4 stream generation part.

Answer:
RC4 is a stream cipher and variable length key algorithm. This algorithm encrypts one byte at a time (or larger units on a time). This algorithm involves three steps:

• Initialization of Vector S and key K
• Initial Permutation of vector S
• Stream Generation

Below are the detailed steps for third part of RC4 :

Stream Generation

• Once the S vector is initially permuted, the input key (K) is no longer used. 
• Stream generation involves cycling through all the elements of S[i], and for each S[i], swapping S[i] with another byte in S according to a scheme dictated by the current configuration of S. 
• As an output a random stream bytes values (k) are generated.

Pseudo Code

  /* Stream Generation */

  i, j = 0;

  while (true)

  {

   i = (i + 1) mod 256;

   j = (j + S[i]) mod 256;

   swap (S[i], S[j]);

   t = (S[i] + S[j]) mod 256;

   k = S[t];

  }

NOTE: As only stream generation step is asked in the question therefore only that step is explained in detail. Below is elaborated reference for the first two steps of RC4 encryption algorithm.

Initialization of Vector S and key K

Steps

• S is a state vector to store 256 bytes, with elements S[0], S[1]........S[255].
• The entries of S are set equal to the values from 0 through 255 in ascending order; that is, S[0] = 0, S[1] = 1, ...... S[255] = 255.
• A key (K) of variable length <= 256 bytes is chosen.
• A temporary vector T of 256 bytes is filled with the values of K. If K = 256, then all of K is filled in T, else K is repeated as required to fill T.

Pseudo Code

  /* Initialization*/

  for i = 0 to 255 do

  {

   S[i] = i;

   T[i] = K[i mod key_length];

  }

Initial Permutation of vector S

Steps

• T is used to produce the initial permutation of S. 
• This involves starting with S[0] and going through to S[255], and for each S[i], swapping S[i] with another byte in S according to a scheme dictated by T[i].

Pseudo Code

  /* Initial Permutation of S */

  j = 0;

  for i = 0 to 255 do

  {

   j = (j + S[i] + T[i]) mod 256;

   swap (S[i], S[j]);

  }

Question:
Using extended Euclidean algorithm compute 19^-1 mod 999
Answer:

Given as => 19^-1 mod 999

So compare with equation as d = e^-1 mod z

Using Extended Euclidean Algorithm, e = 19 and z = 999

999 = 19*52+11          => 11 = 999-19*52

19 = 11*1+8                => 8 = 19-11*1

11 = 8*1+3                  => 3 = 11-8*1

8 = 3*2+2                    => 2 = 8-3*2

3 = 2*1+1                    => 1 = 3-2*1

2 = 1*2+0                    => 0

/ * Comments -  Pro Tip.

Now try to make all remainders look like a combo of 999 and 19, i.e. try to make them look like:

8 =19*_ + 999*_

3 =19*_ + 999*_

2 =19*_ + 999*_

11=19*_+ 999*_

1 =19*_ + 999*_

*/

Applying the Extended Euclidean Algorithm, we get:

11        = 999-19*52               Step 1

8          = 19-1*(999-19*52)

            = 19-999+19*52

            = 19*53-999                Step 2

3          = (999-19*52)-1*(19*53-999)

            = -19*105+999*2       Step 3

2          = (19*53-999)-2*(-19*105+999*2)

            = 19*53-999 +19*210-999*4

            = 19*263-999*5          Step 4

1          = (-19*105+999*2) -1*(19*263-999*5)

            = -19*105+999*2 - 19*263+999*5

            = -19*368+999*7       Step 5

The final equation means that d = 368 is the multiplicative inverse of e = 19 mod 999, which can also be written as 368 = 19^-1 mod 999.

Question:
Draw g-function of AES. write the value of RC[7]. RC[8], RC [9] and RC [10] in hexadecimal ? 
Answer:

• g-function of AES

The g function of the AES key schedule is illustrated in the Figure above. As shown, the operation consists of three stages: an S-Box transformation, a permutation, and an exclusive-or. The S-Box operation used in the AES key schedule is identical to the one used in the encryption phase as described previously. In the permutation phase of the g function, each byte of the word is shifted one position to the left. Finally, the leftmost byte is exclusive-ored with a round constant. The rounds constants in AES are the value of 2round_number modulo Galois Field 28.

• Hexadecimal values

Question: