Passive And Active Security Attacks Difference English Language Essay

Answer: Passive Attack: Passive attack attempts to learn information but does not affect resources. In this type of attack there is always monitoring of transmit information. Passive attack is of two types:

Release of message contents is easily understood. A telephone conversation, an electronic mail message, and a transferred may contain sensitive or confidential information. In this opponent is preventing from learning this type of information.

Second type of passive attack is traffic analysis .In this type masking of message has occurred so that opponent cannot read the transmitted message. The common technique used for masking is encryption of the plain message into some unreadable form.

ACTIVE ATTACK: Active Attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages and denial of service.

A masquerade occurs when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.

Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

Modification of message includes the altering of a message.

The denial of service prevents the normal use or management of communications facilities.This attack may have a specific target.

Ques3: Is there any problem with one time pad cipher ? Discuss the problems?

Answer: In one time pad we use a random key which is as long as the message. This key is used only one time and then discarded. For new message we have to generate new key. There is no relationship between key and plain text, so it is unbreakable. Security of one time pad lies only on randomness of the key. If the key is random then also the streams of characters in cipher text is random. Two basic problems associated with one time pad:

1. Each time a random key requires random character. For large text number of requiring random character is large, which is very difficult.

2. For sender and receiver there is requirement of same length of key. So there is a problem of key distribution between sender and receiver and also there is a problem of key protection while key distributing.

2.Question: List and briefly define categories of security services?

Answer: Security service is the service provided by a protocol layer of communicating open systems, which provides adequate security to systems and data transfers. These services are divides into five categories:

1. Authentication: It defines that entities wants to communicate are authenticated ones.

a. Peer entity authentication::The entities want to communicate with each other provides a logical connection of confidentiality.

b. Data origin authentication: In connectionless transfer the origin of data is to be authenticated.

2. Access control: It defines that which user or system has which rights.

3. Data Confidentiality: The protection of data from unauthorized user.

a. Connection confidentiality: The communication channel should be secure.

b. Connectionless confidentiality: All user data should be protected.

c. Selective field confidentiality: Selective field should be secure.

d. Traffic flow confidentiality: The information flow should be protected.

4. Data Integrity: The received data should be sent by authorized user.

It is of five subdivisions:

a. Connection integrity with recovery: Provides integrity of all user data on a connection and have recovery attempted of modification,deletion or replay of data.

b. Connection integrity without recovery.

c. Selective field connection integrity.

d. Connectionless integrity.

e. Selective field connectionless integrity.

5.Non Repudiation :Provide protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.

4.Question: Define types of attacks based on what is known to the attacker?

Answer: Various types of attacks based on the information known to the attacker are as follows:

1. Cipher text only: In this attack the attacker have only knowledge of cipher text and knowledge of the encryption algorithm. In this opponent has least information to work with.

2. Known Plaintext Attack: In this attack the attacker knows the following things:

a. Encryption algorithm

b. Cipher text

c. One or more plain text-cipher text pairs formed with secret key

3. Chosen Plain text: In this attack the attacker knows the following:

a. Encryption Algorithm

b. Cipher Text

c. Plain text message chosen by cryptanalyst, Together with its corresponding cipher text generated with the secret key.

4. Chosen Plain text: Attacker Knows:

a. Encryption Algorithm

b. Cipher text

c. Purported cipher text chosen by cryptanalyst, together with its corresponding decrypted plain text generated with secret key.

5. Chosen text: Attacker knows:

a. Encryption Algorithm

b. Cipher text

c. Plain text message chosen by cryptanalyst, together with its corresponding cipher text generated with the secret key.

d. Purported cipher text chosen by cryptanalyst, together with its corresponding decrypted plaintext generated with secret key.

Q5. Write a Program to implement Play fair ciphe public class playfair

{

   private String KeyWord=new String();

   private String Key=new String();

   private char matrix_arr[][]= new char[5][5];

   

   public void setKey(String k)

   {

      KeyWord=k;

   }

   

   public void KeyGen()

   {

      boolean flag=true;

      char current;

      

      Key=KeyWord;

      

      for ( int i=0 ; i<26 ; i++)

      {

         current=(char)(i+97);

         

         if(current==’j’)

            continue;

         

         for(int j=0 ; j< KeyWord.length() ; j++ )

         {

            if (current == KeyWord.charAt(j))

            {

               flag=false;

               break;

            }

         }

         

         if(flag)

            Key=Key+current;

         

         flag=true;

      }

      

      System.out.println(Key);

      matrix ();

   

   }

   

   private void matrix ()

   {

      int counter=0;

      

      for (int i=0 ; i<5 ;i++)

      {

         for (int j=0 ; j<5 ; j++)

         {

            matrix_arr[i][j]=Key.charAt(counter);

            System.out.printf(“%s “,matrix_arr[i][j]);

            

            counter++;

         }

         

         System.out.println(“n”);

      }

   }

   private String [] Divid2Pairs (String Original)

   {

      int size= Original.length();

      if(size%2!=0)

         size++;

      

      String x[]= new String[size/2];

      

      int counter=0;

      

      for ( int i=0 ; i<size/2 ;i++)

      {

         x[i]=Original.substring(counter, counter+2);

         System.out.println(x[i]);

         counter=counter+2;

      }

      

      return x;

   }

   

   public int[]  GetDiminsions(char letter)

   {

      int []key=new int[2];

      

      if ( letter == ‘j’)

         letter=’i’;

      

      for (int i=0 ; i<5 ;i++)

      {

         for (int j=0 ; j<5 ; j++)

         {

            if(matrix_arr[i][j] == letter)

            {

               key[0]=i;

               key[1]=j;

               break;

            }

         }

         

      }

      

      return key;

   }

   

   public String Encript(String Source)

   {   

      String src_arr[]=Divid2Pairs(Source);

      

      String Code=new String();

      

      char one;

      char two;

      

      int part1[]=new int[2];

      int part2[]=new int[2];

      

      //start on pair by pair

      for (int i=0 ; i< src_arr.length ;i++ )

      {

         one = src_arr[i].charAt(0);//get first char

         two = src_arr[i].charAt(1);//get second char

         

         part1 = GetDiminsions(one);//get position of the first char

         part2 = GetDiminsions(two);//get position of the second char

         

         //check for specail casese

         if(part1[0]==part2[0])//same row

         {

            if (part1[1]<4)

               part1[1]++;

            

            else

               part1[1]=0;

            

            if(part2[1]<4)

               part2[1]++;

               

            else

               part2[1]=0;

               

         }

         

         else if (part1[1]==part2[1]) //same column

         {

            if (part1[0]<4)

               part1[0]++;

            

            else

               part1[0]=0;

            

            if(part2[0]<4)

               part2[0]++;

               

            else

               part2[0]=0;

         }

         

         else

         {

            int temp=part1[1];

            part1[1]=part2[1];

            part2[1]=temp;

         }

         

         

         Code= Code + matrix_arr[part1[0]][part1[1]] + matrix_arr[part2[0]][part2[1]];

      }

      System.out.println(Code);

      return Code;

   }

   public String Decript (String Code)

   {

      String Original=new String();

      

      String src_arr[]=Divid2Pairs(Code);

      

      char one;

      char two;

      

      int part1[]=new int[2];

      int part2[]=new int[2];

      //start on pair by pair

      for (int i=0 ; i<= src_arr.length ;i++ )

      {

         one = src_arr[i].charAt(0);//get first char

         two = src_arr[i].charAt(1);//get second char

         

         part1 = GetDiminsions(one);//get position of the first char

         part2 = GetDiminsions(two);//get position of the second char

         

         //check for specail casese

         if(part1[0]==part2[0])//same row

         {

            if (part1[1]>0)

               part1[1]–;

            

            else

               part1[1]=4;

            

            if(part2[1]>0)

               part2[1]–;

               

            else

               part2[1]=4;

               

         }

         

         else if (part1[1]==part2[1]) //same column

         {

            if (part1[0]>0)

               part1[0]–;

            

            else

               part1[0]=4;

            

            if(part2[0]>0)

               part2[0]–;

               

            else

               part2[0]=4;

         }

         

         else

         {

            int temp=part1[1];

            part1[1]=part2[1];

            part2[1]=temp;

         }

         

         

         Original =Original + matrix_arr[part1[0]][part1[1]] + matrix_arr[part2[0]][part2[1]];

      }

      

      System.out.println(Original);

      return Original;

   }

}

r?

Q6. Given the speed of a current ordinary computer (for home or light office use), estimate the amount of time necessary to crack a DES encryption by testing all 256 possible keys. Make a similar estimate for a 128-bit AES key.

.

We assume that the household computer has a 2GHZ processor. Also we assume

that a machine takes a hundred cycles per brute force against a single 56-bit DES key

or 128 bit AES key.

To crack a DES encryption, we need:

(2^56 key)*100 cycles/60sec/60min/24hour/365days/2000000000hz = 114.246566

years

To crack a AES encryption, we need:

(2^128 key)*100 cycles/60sec/60min/24hour/365days/2000000000hz = 5.39514154 Ã-

1023 years