NIS End Term Notes

1)List the various functions of Network layers and explain any two in details
The network layer has two main functions. One is breaking up segments into network packets,
and reassembling the packets on the receiving end. The other is routing packets by
discovering the best path across a physical network.
1. Routing:It is the process to determine the most effective route for data transmission in the
network. When a data packet arrives at the router's input link, it determines the ideal route for
data transmission in the network. It determines the path that will be used to transfer the packet
further in the network.
2. Fragmentation:It is the conversion of data packets into the smallest individual data units
capable of being transmitted in the network.
3. Internetworking:This is the most important function performed by the network layer of the
OSI model. It establishes the logical connection between nodes in the same or different
networks.
4. Logical Addressing:There are two types of addressing performed in the network: logical
addressing and physical addressing. The data link layer performs the physical addressing, while
the network layer does the logical addressing in the OSI model. Logical addressing is also used
to distinguish between the source and destination system. The network layer adds a header to
the packet, which includes the logical addresses of both the sender and the receiver.
2) Explain confidentiality and authentication in security service?

Computer network security consists of measures taken by a business or some
organizations to monitor and prevent unauthorised access from the outside attackers.
Different approaches to computer network security management have different

requirements depending on the size of the computer network.
For example, a home office requires basic network security, while large businesses require
high maintenance to prevent the network from malicious attacks.
 Confidentiality or privacy means that the sender and the receiver expect
confidentiality. The transmitted message must make sense to only the intended
receiver. To all others, the message must be garbage. When a customer
communicates with her bank, she expects that the communication is totally
confidential.
 Authentication is a service beyond message integrity. In message authentication,
the receiver needs to be sure of the sender's identity and that an imposter has not
sent the message.
3) Classify different types of threats and explain in detail

Threats can be classified into four different categories; direct, indirect, veiled, conditional. A
direct threat identifies a specific target and is delivered in a straightforward, clear, and explicit
manner.
Data exfiltration
Data exfiltration is the unauthorized copying or transfer of data out of your domain. This transfer
may be conducted manually by someone with access to resources within your organization, or the
transfer may be automated and carried out through malicious programming in your network. For
example, the data can be stolen through a breach of an account with access to the data, or by
installing a third-party app that sends the data outside of your domain.
Phishing/whaling
Phishing/whaling is the fraudulent practice of sending emails purporting to be from reputable
companies to trick individuals into revealing personal information, such as passwords and account
numbers, or to acquire control over a user account in your domain. There are three variations of
phishing:
 Phishing attack—Broadly targeted email that works through large volumes of low-cost messages to
many users. The message might contain a link to a site inviting users to sign up to win a cash prize,
and by signing up, the victim gives up their sign-in credentials.
 Spearphishing attack—A targeted attack against a specific individual; for example, inducing an
accountant to open an attachment that installs malware. The malware then helps the attacker gain
access to accounting and bank data.
 Whaling attack—An attempt to trick individuals into taking a specific action such as making a
money transfer. A whaling scam is designed to masquerade as a critical business email, sent from a
legitimate authority.
Malware
Malware is software that’s designed with malicious intent, such as computer viruses, trojan horses,
spyware, and other malicious programs.
Spoofing
Spoofing is the forgery of an email header by an attacker so that a message appears to have
originated from someone other than the actual source. When one of your users sees the email
sender, it may look like someone they know, or appear to be from a domain that they trust. Email
spoofing is a tactic used in phishing and spam campaigns, because email users are more likely to
open a message when they believe it’s from a legitimate source.
4)Explain the keys used in idea algorithm

The International Data Encryption Algorithm (IDEA) is a symmetric key block
cipher encryption algorithm designed to encrypt text to an unreadable format for transmission
via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input, i.e., 64-bit
data.
The IDEA (International Data Encryption Algorithm) is a symmetric key block cipher
that operates on 64-bit blocks of data. It uses a 128-bit key for encryption and decryption.
Here's a brief explanation of the keys used in the IDEA algorithm:
1. Encryption Key: The encryption key is a 128-bit key used to encrypt plaintext data. This
key is kept secret between the sender and the receiver. IDEA processes the plaintext in 64-bit
blocks using this key.
2. Round Keys: The encryption process of IDEA involves multiple rounds (typically 8 or 16).
Each round uses a subkey derived from the original encryption key. These round keys are
generated from the 128-bit encryption key during the key scheduling process. Each round key
is used only for that specific round of encryption.
3. Subkeys: IDEA generates round keys by splitting the 128-bit encryption key into smaller
parts, which are used in each round of the encryption process. These subkeys are used for
various operations within each round, such as XOR and modular addition.
5)explain the various functions in x509

X.509 Authentication Service
X.509 is a digital certificate that is built on top of a widely trusted standard known as ITU or
International Telecommunication Union X.509 standard, in which the format of PKI
certificates is defined. X.509 digital certificate is a certificate-based authentication security
framework that can be used for providing secure transaction processing and private
information. These are primarily used for handling the security and identity in computer
networking and internet-based communications.
Working of X.509 Authentication Service Certificate:
The core of the X.509 authentication service is the public key certificate connected to each
user. These user certificates are assumed to be produced by some trusted certification
authority and positioned in the directory by the user or the certified authority. These directory
servers are only used for providing an effortless reachable location for all users so that they
can acquire certificates. X.509 standard is built on an IDL known as ASN.1. With the help of
Abstract Syntax Notation, the X.509 certificate format uses an associated public and private
key pair for encrypting and decrypting a message.
Once an X.509 certificate is provided to a user by the certified authority, that certificate is
attached to it like an identity card. The chances of someone stealing it or losing it are less,
unlike other unsecured passwords. With the help of this analogy, it is easier to imagine how
this authentication works: the certificate is basically presented like an identity at the resource
that requires authentication.
Public Key certificate use

Format of X.509 Authentication Service Certificate:
Generally, the certificate includes the elements given below:
 Version number: It defines the X.509 version that concerns the certificate.
 Serial number: It is the unique number that the certified authority issues.
 Signature Algorithm Identifier: This is the algorithm that is used for signing the
certificate.
 Issuer name: Tells about the X.500 name of the certified authority which signed and
created the certificate.
 Period of Validity: It defines the period for which the certificate is valid.
 Subject Name: Tells about the name of the user to whom this certificate has been
issued.
 Subject’s public key information: It defines the subject’s public key along with an
identifier of the algorithm for which this key is supposed to be used.
 Extension block: This field contains additional standard information.
 Signature: This field contains the hash code of all other fields which is encrypted by
the certified authority private key.
Applications of X.509 Authentication Service Certificate:
Many protocols depend on X.509 and it has many applications, some of them are given
below:
 Document signing and Digital signature
 Web server security with the help of Transport Layer Security (TLS)/Secure Sockets
Layer (SSL) certificates
 Email certificates
 Code signing
 Secure Shell Protocol (SSH) keys
 Digital Identities
Symmetric key distribution is a crucial aspect of secure communication when using
symmetric encryption algorithms. Symmetric encryption relies on both parties sharing a secret
key, and the challenge lies in securely distributing this key to ensure confidentiality and
integrity. Here are several methods used for symmetric key distribution:
6.explain in detail symmetric key distribution methods

1. Pre-shared Key (PSK):
- In PSK distribution, the communicating parties agree on a secret key beforehand, often
through secure channels or out-of-band methods.
- This method is common in scenarios where the parties have prior knowledge of each other
or have established trust through other means.
- It's straightforward and efficient but requires a secure initial exchange to prevent
interception or compromise.
2. Key Distribution Centers (KDC):

- KDCs are trusted entities responsible for distributing keys between communicating parties
in a secure manner.
- When two parties wish to communicate securely, they request the key from the KDC. The
KDC generates a session key, encrypts it with each party's public key, and sends it securely to
them.
- Commonly used in centralized environments like Kerberos authentication systems, where
a central server (the KDC) manages authentication and key distribution.
3. Diffie-Hellman Key Exchange:
- Diffie-Hellman (DH) is a cryptographic protocol that allows two parties to establish a
shared secret over an insecure channel.
- The DH protocol enables secure key exchange without requiring pre-shared keys or trusted
third parties.
- Both parties contribute random values and perform mathematical operations to derive a
shared secret without directly exchanging it over the insecure channel.
- DH provides perfect forward secrecy, meaning even if an attacker intercepts the
communication, they can't derive the shared secret without the parties' private keys.
4. Public Key Infrastructure (PKI):

- PKI relies on asymmetric cryptography, where each party has a pair of public and private
keys.
- Public keys are distributed widely and used for encryption or verifying signatures, while
private keys are kept secret.
- Symmetric keys can be securely exchanged using public key encryption techniques. For
example, party A can encrypt the symmetric key with party B's public key and send it
securely. Only party B, possessing the corresponding private key, can decrypt and obtain the
symmetric key.
- PKI offers scalability and flexibility for secure key exchange in large networks or the
internet but requires trusted certificate authorities to verify public keys' authenticity.
5. Manual Key Exchange:

- In some cases, symmetric keys may be exchanged manually through secure means such as
physically handing over a USB drive containing the key or verbally communicating it in a
secure environment.
- While this method ensures direct and controlled key distribution, it is impractical for large-
scale or automated systems and introduces the risk of human error or interception during the
exchange.
7. explain the functions of authentication server

An authentication server is an application used to verify credentials and authentication of a
person when a person verifies their identity to an application. An authentication server is like
a security guard for computers and online services. An authentication server is a special server
responsible for verifying the identity of users to access a network, system, application, or
service. It is a crucial component of many authentication systems and plays an important role
in ensuring the security of the system and system resources.
Importance of Authentication Servers
 Scalability: As more people use a service, you need to check who they are quickly.
Authentication servers can handle lots of users at once, making sure everyone who
should get access does so without slowing down.
 Easy to manage: When there’s one place that looks after signing in, it’s much easier
for the people in charge to keep an eye on everything. They can set rules, see who’s
logging in, and keep things secure.
 Single Sign-On (SSO): This cool feature lets users log in once and access many
different services without having to sign in again and again. It saves time and makes
using the internet way easier.
8. Explain any two function of data link layers?

Framing
The packet received from the Network layer is known as a frame in the Data link layer. At the
sender’s side, DLL receives packets from the Network layer and divides them into small
frames, then, sends each frame bit-by-bit to the physical layer. It also attaches some special
bits (for error control and addressing) at the header and end of the frame. At the receiver’s
end, DLL takes bits from the Physical layer organizes them into the frame, and sends them to
the Network layer.
Addressing
The data link layer encapsulates the source and destination’s MAC address/ physical address
in the header of each frame to ensure node-to-node delivery. MAC address is the unique
hardware address that is assigned to the device while manufacturing.
Error Control
Data can get corrupted due to various reasons like noise, attenuation, etc. So, it is the
responsibility of the data link layer, to detect the error in the transmitted data and correct it
using error detection and correction techniques respectively. DLL adds error detection bits
into the frame’s header, so that receiver can check received data is correct or not. It adds
reliability to phyiscal layer by adding mechansims to detect and retransmit damaged or lost
frames.
9.explain the two network topologies with a diagram?

Sure, let's compare the bus and star network topologies with examples:
Bus Topology:
In a bus topology, all devices are connected to a single central cable called the bus. This cable
serves as the communication medium, and each device can transmit data onto the bus, which
is then received by all other devices on the network. However, only the intended recipient
processes the data. Here's an example:
Imagine a small office with several computers connected via Ethernet cables to a main coaxial
cable running through the office. This coaxial cable acts as the bus. Each computer can
communicate with the others by transmitting data onto the bus. When one computer sends
data, it travels along the bus and reaches all other computers. However, only the intended
recipient computer processes the data, while the others ignore it.
Star Topology:
In a star topology, each device on the network is connected directly to a central hub or switch.
All communication between devices passes through this central hub. Here's an example:
Consider a home network where several devices like computers, printers, and smart TVs are
connected to a central Wi-Fi router. This router acts as the central hub in the star network.
Each device communicates with the router, and the router manages the traffic between
devices. If one device wants to communicate with another, it sends data to the router, which
then forwards it to the intended recipient. In this setup, even if one device fails or is
disconnected, the rest of the network remains operational.
10.Classify different types of attack and explain any two of them?
Data exfiltration
Data exfiltration is the unauthorized copying or transfer of data out of your domain. This transfer
may be conducted manually by someone with access to resources within your organization, or the
transfer may be automated and carried out through malicious programming in your network. For
example, the data can be stolen through a breach of an account with access to the data, or by
installing a third-party app that sends the data outside of your domain.
Phishing/whaling
Phishing/whaling is the fraudulent practice of sending emails purporting to be from reputable
companies to trick individuals into revealing personal information, such as passwords and account
numbers, or to acquire control over a user account in your domain. There are three variations of
phishing:
 Phishing attack—Broadly targeted email that works through large volumes of low-cost messages to
many users. The message might contain a link to a site inviting users to sign up to win a cash prize,
and by signing up, the victim gives up their sign-in credentials.
 Spearphishing attack—A targeted attack against a specific individual; for example, inducing an
accountant to open an attachment that installs malware. The malware then helps the attacker gain
access to accounting and bank data.
 Whaling attack—An attempt to trick individuals into taking a specific action such as making a
money transfer. A whaling scam is designed to masquerade as a critical business email, sent from a
legitimate authority.
Malware
Malware is software that’s designed with malicious intent, such as computer viruses, trojan horses,
spyware, and other malicious programs.
Spoofing
Spoofing is the forgery of an email header by an attacker so that a message appears to have
originated from someone other than the actual source. When one of your users sees the email
sender, it may look like someone they know, or appear to be from a domain that they trust. Email
spoofing is a tactic used in phishing and spam campaigns, because email users are more likely to
open a message when they believe it’s from a legitimate source.
11.List out the disadvantage of des and explain the functioning of TDEA?
Disadvantages of DSA
 Key Management Complexity: Cryptographic keys that are used for signing
documents must be properly managed. Generating, storing, and distributing keys in a
secure manner are all complicated procedures that need to be attended to, and
revocation has to be handled carefully.
 Infrastructure Dependence: Digital signatures are built on a secure and reliable
infrastructure of Public Key Infrastructure (PKI) and Certificate Authorities. If the
infrastructure is compromised or becomes unavailable, it may compromise trust in
digital signatures.
 Legal and Regulatory Challenges: Although many people are increasingly using
digital signatures, there might still be legal and regulatory challenges in some places. It
will be very important to observe local laws and standards.
 Initial Setup Costs: A proper setup of an extensive digital signature system may
include the cost of obtaining certificates for digital certificates, putting in place safety
measures, and training of the users.
 Offline Usability: In the event of not having access to the signer’s private key, digital
signatures are found to be challenged. Solutions of hardware tokens and secure
elements add to the complexity.
 User Education: Education of the proper application and value of digital signatures is
necessary in order that the users should be educated in use. The correct measures to be
taken against vulnerability, as well as being aware of any possible threat, are important
in successful implementation.
 Vulnerability to Key Compromise: Private keys need to be safeguarded from
unauthorized access since one compromised private key can initiate fraudulent
signatures.
12.Define message digest and explain one-way hashing function with a neat diagram.
Message Digest is used to ensure the integrity of a message transmitted over an insecure
channel (where the content of the message can be changed). The message is passed through
a Cryptographic hash function. This function creates a compressed image of the message
called Digest.
Lets assume, Alice sent a message and digest pair to Bob. To check the integrity of the
message Bob runs the cryptographic hash function on the received message and gets a new
digest. Now, Bob will compare the new digest and the digest sent by Alice. If, both are same
then Bob is sure that the original message is not changed.
This message and digest pair is equivalent to a physical document and fingerprint of a person
on that document. Unlike the physical document and the fingerprint, the message and the
digest can be sent separately.
A hash function in cryptography is like a mathematical function that takes various

inputs, like messages or data, and transforms them into fixed-length strings of
characters. Means the input to the hash function is of any length but output is always
of fixed length. This is like compressing a large balloon into a compact ball.
The importance of this process lies in its generation of a unique "fingerprint" for each
input. Any minor alteration in the input results in a substantially different fingerprint, a
quality known as "collision resistance."
Hash functions play a crucial role in various security applications, including password
storage (hash values instead of passwords), digital signatures, and data integrity
checks. Hash values, or message digests, are values that a hash function returns. The
hash function is shown in the image below −
13) explain with example the use of coprime and primitive ROOTS IN cryptographic
algorithm
Coprime numbers and primitive roots play crucial roles in various cryptographic algorithms,
particularly in asymmetric cryptography and number theory-based cryptographic systems like
Diffie-Hellman key exchange and RSA encryption. Let's explore their use with examples:
1. Diffie-Hellman Key Exchange:
In the Diffie-Hellman key exchange protocol, two parties can agree on a shared secret key
over an insecure channel without directly exchanging the key. The protocol relies on the
difficulty of the discrete logarithm problem. Here's how it works:
Setup:
- Choose a large prime number \( p \) and a generator \( g \) such that \( g \) is a primitive
root modulo \( p \).
- Both parties agree on \( p \) and \( g \), which can be publicly known.
Key Exchange:
- Each party chooses a private key (\( a \) for party A and \( b \) for party B) randomly from
the set of positive integers less than \( p \).
- Party A computes \( A = gâ \mod p \) and sends \( A \) to party B.
- Party B computes \( B = g^b \mod p \) and sends \( B \) to party A.
- Both parties can compute the shared secret key \( K \) using \( K = A^b \mod p = Bâ
\mod p \).
Example:
- Let's choose \( p = 23 \) and \( g = 5 \). Here, \( g \) is a primitive root modulo \( p \).
- Party A chooses \( a = 6 \), computes \( A = 5^6 \mod 23 = 8 \), and sends \( A = 8 \) to
party B.
- Party B chooses \( b = 15 \), computes \( B = 5^{15} \mod 23 = 19 \), and sends \( B = 19
\) to party A.
- Both parties can compute the shared secret key \( K = 8^{15} \mod 23 = 19^{6} \mod 23
= 2 \).
Security:
- The security of Diffie-Hellman relies on the difficulty of computing discrete logarithms,
especially in the case of large prime numbers.
2. RSA Encryption:
In RSA encryption, coprime numbers are used to generate the public and private keys. The
RSA algorithm is based on the difficulty of factoring large composite numbers into their
prime factors. Here's how it works:
Key Generation:
- Choose two large prime numbers \( p \) and \( q \).
- Compute their product \( n = pq \), which serves as the modulus.
- Choose an integer \( e \) such that \( e \) and \( (p-1)(q-1) \) are coprime. \( e \) is the
public exponent.
- Compute the modular multiplicative inverse \( d \) of \( e \) modulo \( (p-1)(q-1) \). \( d \)
is the private exponent.
Encryption and Decryption:

- To encrypt a message \( M \), compute \( C = Mê \mod n \) using the public key \( (e, n)
\).
- To decrypt the ciphertext \( C \), compute \( M = C^d \mod n \) using the private key \(
(d, n) \).
- **Example:**
- Let's choose \( p = 61 \) and \( q = 53 \). Their product \( n = 3233 \) serves as the
modulus.
- Choose \( e = 17 \) as the public exponent, which is coprime to \( (p-1)(q-1) = 3120 \).
- Compute the modular multiplicative inverse of \( e \) modulo \( 3120 \) to obtain \( d =
2753 \).
Security:
- RSA's security relies on the difficulty of factoring large composite numbers, making it
computationally infeasible to derive the private key \( d \) from the public key \( e \) and
modulus \( n \).
In both examples, the use of coprime numbers (in RSA) and primitive roots modulo a prime
(in Diffie-Hellman) ensures the security and correctness of the cryptographic algorithms by
leveraging the computational hardness of certain mathematical problems.
13)write a short note on ieee 802.11
IEEE 802.11 standard, popularly known as WiFi, lays down the architecture and
specifications of wireless LANs (WLANs). WiFi or WLAN uses high-frequency radio waves
instead of cables for connecting the devices in LAN. Users connected by WLANs can move
around within the area of network coverage.
IEEE 802.11 Architecture

The components of an IEEE 802.11 architecture are as follows −
 Stations (STA) − Stations comprises of all devices and equipment that are connected to the wireless LAN.
A station can be of two types−
o Wireless Access Point (WAP) − WAPs or simply access points (AP) are generally wireless routers
that form the base stations or access.
o Client. Clients are workstations, computers, laptops, printers, smartphones, etc.
 Each station has a wireless network interface controller.
 Basic Service Set (BSS) − A basic service set is a group of stations communicating at the physical layer
level. BSS can be of two categories depending upon the mode of operation−
o Infrastructure BSS − Here, the devices communicate with other devices through access points.
o Independent BSS − Here, the devices communicate in a peer-to-peer basis in an ad hoc manner.
 Extended Service Set (ESS) − It is a set of all connected BSS.
 Distribution System (DS) − It connects access points in ESS.
14.Explain OSI Reference Model with a Neat Diagram

The OSI (Open Systems Interconnection) reference model is a conceptual framework that standardizes the
functions of a telecommunication or computing system into seven distinct layers. Each layer serves a
specific purpose and interacts with adjacent layers to enable communication between devices on a
network. Here's a breakdown of the OSI reference model for your 5 marks:
Physical Layer (Layer 1):

This layer deals with the physical transmission of data over the network medium.
It defines the hardware characteristics of the transmission medium, such as cables, connectors, and signaling
methods.
Functions include transmitting raw data bits over a communication channel and handling issues like voltage
levels, timing, and data rates.
Data Link Layer (Layer 2):

The data link layer is responsible for providing error-free transmission of data frames between adjacent nodes
over a physical link.
It ensures reliable point-to-point and point-to-multipoint communication by handling issues like framing, error
detection, and flow control.
Ethernet and Wi-Fi are examples of protocols operating at this layer.

Network Layer (Layer 3):
This layer is responsible for the logical addressing and routing of data packets between different networks.
It determines the best path for data to travel from the source to the destination based on network conditions
and congestion.
The Internet Protocol (IP) is a key protocol at this layer.
Transport Layer (Layer 4):

The transport layer ensures end-to-end communication between hosts and provides reliable data delivery
services.
It segments and reassembles data from upper-layer applications into smaller units (segments or packets) for
transmission.
This layer also handles issues like flow control, error recovery, and congestion control.
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) operate at this layer.
Session Layer (Layer 5):

The session layer establishes, manages, and terminates connections (sessions) between applications on different
devices.
It provides services such as session establishment, synchronization, and checkpointing to ensure that data
exchange between applications is reliable and orderly.
Presentation Layer (Layer 6):

The presentation layer is responsible for data translation, encryption, and compression to ensure that data
sent by the application layer of one system can be read by the application layer of another system.
It deals with the syntax and semantics of the information exchanged between systems, ensuring compatibility
between different data formats.
Application Layer (Layer 7):

The application layer provides network services directly to end-users and applications.
It enables communication between user applications and the network, handling tasks such as email, file transfer,
and web browsing.
Protocols like HTTP, FTP, SMTP, and DNS operate at this layer.
This model serves as a universal guideline for developing and understanding network communication protocols
and systems, facilitating interoperability and standardization in networking technologies.
15.Explain Tcp/ip Model with a Neat Diagram
The TCP/IP model, often used as a conceptual alternative to the OSI model, is a simpler and more practical
approach to networking. It consists of four layers:
Application Layer:
The topmost layer in the TCP/IP model.
Corresponds roughly to the combination of the top three layers (Application, Presentation, and Session) of
the OSI model.
Responsible for providing network services directly to end-users and applications.
Examples of protocols and services at this layer include HTTP, FTP, SMTP, DNS, and DHCP.
Transport Layer:
Equivalent to the Transport Layer of the OSI model.
Provides end-to-end communication between hosts and ensures reliable data delivery services.
Key protocols at this layer include Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
TCP offers reliable, connection-oriented communication with features like error checking, sequencing,
and flow control, while UDP offers connectionless communication without these features, making it faster
but less reliable.
Internet Layer:
Comparable to the Network Layer of the OSI model.
Responsible for addressing, routing, and fragmenting data packets across interconnected networks.
Core protocol at this layer is the Internet Protocol (IP), which provides logical addressing and routing functionality.
Other protocols such as Internet Control Message Protocol (ICMP) and Internet Group Management Protocol
(IGMP) also operate at this layer.
Link Layer:
Corresponds to the combination of the Data Link and Physical layers of the OSI model.
Handles the physical transmission of data over the network medium and manages communication between
devices on the same local network segment.
Includes protocols and technologies such as Ethernet, Wi-Fi (IEEE 802.11), PPP (Point-to-Point Protocol), and
DSL (Digital Subscriber Line).
Responsible for framing data into frames, error detection, and handling access to the physical medium.
The TCP/IP model is widely used in modern networking implementations, especially in the context of the
Internet, and provides a more streamlined and practical framework compared to the OSI model. 3.Compare
osi with tcp/ip model
16.Explain transmission modes
Transmission modes
o The way in which data is transmitted from one device to another device is known as
transmission mode.
o The transmission mode is also known as the communication mode.
o Each communication channel has a direction associated with it, and transmission media
provide the direction. Therefore, the transmission mode is also known as a directional
mode.
o The transmission mode is defined in the physical layer.
The Transmission mode is divided into three categories:
o Simplex mode o Half-duplex mode o Full-duplex mode
Simplex mode
o In Simplex mode, the communication is unidirectional, i.e., the data flow in one direction.
o A device can only send the data but cannot receive it or it can receive the data but
cannot send the data.
o This transmission mode is not very popular as mainly communications require the two-
way exchange of data. The simplex mode is used in the business field as in sales that do
not require any corresponding reply.
o The radio station is a simplex channel as it transmits the signal to the listeners but never
allows them to transmit back.
o Keyboard and Monitor are the examples of the simplex mode as a keyboard can only
accept the data from the user and monitor can only be used to display the data on the
screen.
o The main advantage of the simplex mode is that the full capacity of the communication
channel can be utilized during transmission.
Advantage of Simplex mode:
o In simplex mode, the station can utilize the entire bandwidth of the communication
channel, so that more data can be transmitted at a time.
Disadvantage of Simplex mode:
o Communication is unidirectional, so it has no inter-communication between devices.
Half-Duplex mode
o In a Half-duplex channel, direction can be reversed, i.e., the station can transmit and
receive the data as well.
o Messages flow in both the directions, but not at the same time.
o The entire bandwidth of the communication channel is utilized in one direction at a time.
o In half-duplex mode, it is possible to perform the error detection, and if any error occurs,
then the receiver requests the sender to retransmit the data.
o A Walkie-talkie is an example of the Half-duplex mode. In Walkie-talkie, one party

speaks, and another party listens. After a pause, the other speaks and first party listens.
Speaking simultaneously will create the distorted sound which cannot be understood.
Advantage of Half-duplex mode:
o In half-duplex mode, both the devices can send and receive the data and also can utilize
the entire bandwidth of the communication channel during the transmission of data.
Disadvantage of Half-Duplex mode:
o In half-duplex mode, when one device is sending the data, then another has to wait, this
causes the delay in sending the data at the right time.
Full-duplex mode
o In Full duplex mode, the communication is bi-directional, i.e., the data flow in both the
directions.
o Both the stations can send and receive the message simultaneously.
o Full-duplex mode has two simplex channels. One channel has traffic moving in one
direction, and another channel has traffic flowing in the opposite direction. o The Full-
duplex mode is the fastest mode of communication between devices.
o The most common example of the full-duplex mode is a telephone network. When two
people are communicating with each other by a telephone line, both can talk and listen
at the same time.
Advantage of Full-duplex mode: o Both the stations can send and
receive the data at the same time.
Disadvantage of Full-duplex mode:
o If there is no dedicated path exists between the devices, then the capacity of the
communication channel is divided into two parts.
17.Explain topology in computer Networks
What is Network Topology?

Topology defines the structure of the network of how all the components are
interconnected to each other. There are two types of topology: physical and logical
topology.
Types of Network Topology

Physical topology is the geometric representation of all the nodes in a network. There are
six types of network topology which are Bus Topology, Ring Topology, Tree Topology, Star
Topology, Mesh Topology, and Hybrid Topology.
1) Bus Topology
ADVERTISEMENT
ADVERTISEMENT
o The bus topology is designed in such a way that all the stations are connected through a single
cable known as a backbone cable. o Each node is either connected to the backbone cable by drop
cable or directly connected to the backbone cable.
o When a node wants to send a message over the network, it puts a message over the network. All
the stations available in the network will receive the message whether it has been addressed or not.
o The bus topology is mainly used in 802.3 (ethernet) and 802.4 standard networks. o The
configuration of a bus topology is quite simpler as compared to other topologies.
o The backbone cable is considered as a "single lane" through which the message is broadcast to all
the stations.
o The most common access method of the bus topologies is CSMA (Carrier Sense Multiple Access).
CSMA: It is a media access control used to control the data flow so that data integrity is
maintained, i.e., the packets do not get lost. There are two alternative ways of handling
the problems that occur when two nodes send the messages simultaneously.
o CSMA CD: CSMA CD (Collision detection) is an access method used to detect the collision. Once
the collision is detected, the sender will stop transmitting the data. Therefore, it works on "recovery
after the collision".
o CSMA CA: CSMA CA (Collision Avoidance) is an access method used to avoid the collision by
checking whether the transmission media is busy or not. If busy, then the sender waits until the
media becomes idle. This technique effectively reduces the possibility of the collision. It does not
work on "recovery after the collision".
Advantages of Bus topology:
o Low-cost cable: In bus topology, nodes are directly connected to the cable without passing
through a hub. Therefore, the initial cost of installation is low.
o Moderate data speeds: Coaxial or twisted pair cables are mainly used in bus-based networks that
support upto 10 Mbps.
o
Familiar technology: Bus topology is a familiar technology as the installation and

troubleshooting techniques are well known, and hardware components are easily available.
o Limited failure: A failure in one node will not have any effect on other nodes.
Disadvantages of Bus topology:
o Extensive cabling: A bus topology is quite simpler, but still it requires a lot of cabling.
o Difficult troubleshooting: It requires specialized test equipment to determine the cable faults. If
any fault occurs in the cable, then it would disrupt the communication for all the nodes.
o Signal interference: If two nodes send the messages simultaneously, then the signals of both the
nodes collide with each other.
o Reconfiguration difficult: Adding new devices to the network would slow down the network.
o Attenuation: Attenuation is a loss of signal leads to communication issues. Repeaters are used to
regenerate the signal.
2) Ring Topology
o Ring topology is like a bus topology, but with connected ends.

o The node that receives the message from the previous computer will retransmit to the next node.
o
o The data flows in one direction, i.e., it is unidirectional. o The data flows in a single loop
continuously known as an endless loop.
o It has no terminated ends, i.e., each node is connected to other node and having no termination
point.
o The data in a ring topology flow in a clockwise direction.
o The most common access method of the ring topology is token passing.
o Token passing: It is a network access method in which token is passed from one node to another
node.
o Token: It is a frame that circulates around the network.
Working of Token passing
o A token moves around the network, and it is passed from computer to computer until it reaches
the destination.
o The sender modifies the token by putting the address along with the data.
o The data is passed from one device to another device until the destination address matches. Once
the token received by the destination device, then it sends the acknowledgment to the sender.
o In a ring topology, a token is used as a carrier.
Advantages of Ring topology:
o Network Management: Faulty devices can be removed from the network without bringing the
network down.
o Product availability: Many hardware and software tools for network operation and monitoring are
available.
o Cost: Twisted pair cabling is inexpensive and easily available. Therefore, the installation cost is very
low.
o
o Reliable: It is a more reliable network because the communication system is not dependent on the
single host computer.
Disadvantages of Ring topology:

Difficult troubleshooting: It requires specialized test equipment to determine the cable faults.
If any fault occurs in the cable, then it would disrupt the communication for all the nodes.
o Failure: The breakdown in one station leads to the failure of the overall network.
o Reconfiguration difficult: Adding new devices to the network would slow down the network.
o Delay: Communication delay is directly proportional to the number of nodes. Adding new devices
increases the communication delay.
3) Star Topology
o
o Star topology is an arrangement of the network in which every node is connected to the central
hub, switch or a central computer.
o The central computer is known as a server, and the peripheral devices attached to the server are
known as clients.
o Coaxial cable or RJ-45 cables are used to connect the computers.
o Hubs or Switches are mainly used as connection devices in a physical star topology. o Star
topology is the most popular topology in network implementation.
Advantages of Star topology

o
Efficient troubleshooting: Troubleshooting is quite efficient in a star topology as

compared to bus topology. In a bus topology, the manager has to inspect the kilometers
of cable. In a star topology, all the stations are connected to the centralized network.
Therefore, the network administrator has to go to the single station to troubleshoot the
problem.
o Network control: Complex network control features can be easily implemented in the star
topology. Any changes made in the star topology are automatically accommodated.
o Limited failure: As each station is connected to the central hub with its own cable, therefore failure
in one cable will not affect the entire network.
o Familiar technology: Star topology is a familiar technology as its tools are cost-effective.
o Easily expandable: It is easily expandable as new stations can be added to the open ports on the
hub. o Cost effective: Star topology networks are cost-effective as it uses inexpensive coaxial cable.
o High data speeds: It supports a bandwidth of approx 100Mbps. Ethernet 100BaseT is one of the
most popular Star topology networks.
Disadvantages of Star topology
o A Central point of failure: If the central hub or switch goes down, then all the connected nodes
will not be able to communicate with each other.
o Cable: Sometimes cable routing becomes difficult when a significant amount of routing is required.
ADVERTISEMENT
4) Tree topology
o
o Tree topology combines the characteristics of bus topology and star topology.
o A tree topology is a type of structure in which all the computers are connected with each other in
hierarchical fashion.
o The top-most node in tree topology is known as a root node, and all other nodes are the
descendants of the root node.
o There is only one path exists between two nodes for the data transmission. Thus, it forms a parent-
child hierarchy.
Advantages of Tree topology
o Support for broadband transmission: Tree topology is mainly used to provide broadband
transmission, i.e., signals are sent over long distances without being attenuated.
o Easily expandable: We can add the new device to the existing network. Therefore, we can say that
tree topology is easily expandable.
o Easily manageable: In tree topology, the whole network is divided into segments known as star
networks which can be easily managed and maintained.
o Error detection: Error detection and error correction are very easy in a tree topology. o Limited
failure: The breakdown in one station does not affect the entire network. o Point-to-point
wiring: It has point-to-point wiring for individual segments.

o
Disadvantages of Tree topology
o Difficult troubleshooting: If any fault occurs in the node, then it becomes difficult to troubleshoot
the problem.
High cost: Devices required for broadband transmission are very costly.
o Failure: A tree topology mainly relies on main bus cable and failure in main bus cable will damage
the overall network.
o Reconfiguration difficult: If new devices are added, then it becomes difficult to reconfigure.
5) Mesh topology
o
o Mesh technology is an arrangement of the network in which computers are interconnected with
each other through various redundant connections.
o There are multiple paths from one computer to another computer.
o It does not contain the switch, hub or any central computer which acts as a central point of
communication.
The Internet is an example of the mesh topology.
o Mesh topology is mainly used for WAN implementations where communication

failures are a critical concern.
o Mesh topology is mainly used for wireless networks.
o Mesh topology can be formed by using the formula:
Number of cables = (n*(n-1))/2;
Where n is the number of nodes that represents the network.
Mesh topology is divided into two categories:
o Fully connected mesh topology
o Partially connected mesh topology
o Full Mesh Topology: In a full mesh topology, each computer is connected to all the
computers available in the network.
o Partial Mesh Topology: In a partial mesh topology, not all but certain computers are
connected to those computers with which they communicate frequently.
Advantages of Mesh topology:
Reliable: The mesh topology networks are very reliable as if any link breakdown will not
affect the communication between connected computers.
Fast Communication: Communication is very fast between the nodes.
Easier Reconfiguration: Adding new devices would not disrupt the communication
between other devices.
Disadvantages of Mesh topology

Cost: A mesh topology contains a large number of connected devices such as a router and
more transmission media than other topologies. o Management: Mesh topology networks
are very large and very difficult to maintain and manage. If the network is not monitored
carefully, then the communication link failure goes undetected. o Efficiency: In this topology,
redundant connections are high that reduces the efficiency of the network.
6) Hybrid Topology
o The combination of various different topologies is known as Hybrid topology.

o A Hybrid topology is a connection between different links and nodes to transfer the data.
o When two or more different topologies are combined together is termed as Hybrid
topology and if similar topologies are connected with each other will not result in Hybrid
topology. For example, if there exist a ring topology in one branch of ICICI bank and bus
topology in another branch of ICICI bank, connecting these two topologies will result in
Hybrid topology.
Advantages of Hybrid Topology
o Reliable: If a fault occurs in any part of the network will not affect the functioning of the
rest of the network.
o Scalable: Size of the network can be easily expanded by adding new devices without
affecting the functionality of the existing network.
o Flexible: This topology is very flexible as it can be designed according to the requirements
of the organization.
o Effective: Hybrid topology is very effective as it can be designed in such a way that the
strength of the network is maximized and weakness of the network is minimized.
Disadvantages of Hybrid topology
o Complex design: The major drawback of the Hybrid topology is the design of the Hybrid
network. It is very difficult to design the architecture of the Hybrid network.
o Costly Hub: The Hubs used in the Hybrid topology are very expensive as these hubs are
different from usual Hubs used in other topologies.
o Costly infrastructure: The infrastructure cost is very high as a hybrid network requires a
lot of cabling, network devices, etc.
18. Compare star and Mesh topology
19.Explain SHA-1 Algorithm with a neat diagram?
21.Explain all stages of x 509 authentication
X.509 is a standard that defines the format of public key certificates and the
procedures for validating their authenticity. X.509 certificates are widely used in
various security protocols, including SSL/TLS for secure web communication, VPNs,
and digital signatures. The authentication process using X.509 certificates involves
several stages:
1. Certificate Generation:
- The first stage involves the generation of X.509 certificates by a Certificate
Authority (CA) or a self-signed certificate by the entity itself.
- The certificate contains information such as the entity's public key, its identity
(common name or subject), the issuer (CA), validity period, and digital signature.
2. Certificate Distribution:
- Once generated, the certificate needs to be distributed to the parties that need
to verify the entity's identity.
- Certificates can be distributed through various channels, including email, web
servers, LDAP directories, or embedded in software applications.
3. Certificate Validation:
- When a relying party (client) needs to authenticate an entity (server), it obtains
the entity's X.509 certificate during the handshake process.
- The client verifies the authenticity and integrity of the certificate using the
following steps:
- a. Certificate Chain Validation:
- The client checks if the certificate is trusted by verifying its signature and issuer
against a set of trusted root certificates (root CA certificates) stored locally or
obtained from trusted sources.
- If the certificate is not self-signed, the client builds a certificate chain by
recursively validating the issuer's certificate until it reaches a trusted root
certificate.
- Each certificate in the chain must be issued by the preceding certificate,
forming a chain of trust back to a trusted root.
- b. Certificate Expiry Check:
- The client checks the certificate's validity period (validity start and end dates)
to ensure it has not expired.
- If the certificate is expired, it is considered invalid, and authentication fails.
- c. Certificate Revocation Check:
- The client checks if the certificate has been revoked by querying Certificate
Revocation Lists (CRLs) maintained by CAs or by using Online Certificate Status
Protocol (OCSP) services.
- If the certificate has been revoked, it is considered invalid, and authentication
fails.
- d. Key Usage Check:
- The client verifies that the certificate's key usage extensions match the
intended purpose (e.g., digital signatures, encryption, server authentication).
- If the key usage is not appropriate for the intended use, authentication fails.
4. Authentication:
- After successfully validating the certificate, the client extracts the entity's public
key from the certificate and uses it to authenticate the entity.
- For example, in SSL/TLS, the client encrypts a random session key with the
server's public key and sends it to the server, proving that it possesses the
corresponding private key.
- The server decrypts the session key using its private key and uses it to establish
a secure communication channel with the client.
5. Secure Communication:
- Once authentication is complete, the client and server can securely exchange
data over the established communication channel.
- Data exchanged between them is encrypted using symmetric encryption
algorithms, with keys negotiated during the authentication process.
By following these stages, X.509 authentication ensures that entities are

authenticated based on their digital certificates, providing a secure foundation for
communication over networks.
22.Explain various steps involved in KERBEROS with a neat diagram?
Kerberos provides a centralized authentication server whose function is to
authenticate users to servers and servers to users. In Kerberos Authentication
server and database is used for client authentication. Kerberos runs as a third-party
trusted server known as the Key Distribution Center (KDC). Each user and service
on the network is a principal.
The main components of Kerberos are:
 Authentication Server (AS):

The Authentication Server performs the initial authentication and ticket for
Ticket Granting Service.
 Database:
The Authentication Server verifies the access rights of users in the database.
 Ticket Granting Server (TGS):

The Ticket Granting Server issues the ticket for the Server
Kerberos Overview:
 Step-1:
User login and request services on the host. Thus user requests for ticket-
granting service.
 Step-2:
Authentication Server verifies user’s access right using database and then
gives ticket-granting-ticket and session key. Results are encrypted using the
Password of the user.
 Step-3:
The decryption of the message is done using the password then send the
ticket to Ticket Granting Server. The Ticket contains authenticators like user
names and network addresses.
 Step-4:
Ticket Granting Server decrypts the ticket sent by User and authenticator
verifies the request then creates the ticket for requesting services from the
Server.
 Step-5:
The user sends the Ticket and Authenticator to the Server.
 Step-6:
The server verifies the Ticket and authenticators then generate access to the
service. After this User can access the services.
Kerberos Limitations
 Each network service must be modified individually for use with Kerberos
 It doesn’t work well in a timeshare environment
 Secured Kerberos Server
 Requires an always-on Kerberos server
 Stores all passwords are encrypted with a single key
 Assumes workstations are secure
 May result in cascading loss of trust.
 Scalability
Is Kerberos Infallible?
No security measure is 100% impregnable, and Kerberos is no exception. Because
it’s been around for so long, hackers have had the ability over the years to find ways
around it, typically through forging tickets, repeated attempts at password
guessing (brute force/credential stuffing), and the use of malware, to downgrade
the encryption.
Despite this, Kerberos remains the best access security protocol available today.
The protocol is flexible enough to employ stronger encryption algorithms to
combat new threats, and if users employ good password-choice guidelines, you
shouldn’t have a problem!
What is Kerberos Used For?
Although Kerberos can be found everywhere in the digital world, it is commonly
used in secure systems that rely on robust authentication and auditing capabilities.
Kerberos is used for Posix, Active Directory, NFS, and Samba authentication. It is
also an alternative authentication system to SSH, POP, and SMTP.
Applications
 User Authentication: User Authentication is one of the main applications of
Kerberos. Users only have to input their username and password once with
Kerberos to gain access to the network. The Kerberos server subsequently
receives the encrypted authentication data and issues a ticket granting ticket
(TGT).
 Single Sign-On (SSO): Kerberos offers a Single Sign-On (SSO) solution that
enables users to log in once to access a variety of network resources. A user
can access any network resource they have been authorized to use after
being authenticated by the Kerberos server without having to provide their
credentials again.
 Mutual Authentication: Before any data is transferred, Kerberos uses a
mutual authentication technique to make sure that both the client and
server are authenticated. Using a shared secret key that is securely kept on
both the client and server, this is accomplished. A client asks the Kerberos
server for a service ticket whenever it tries to access a network resource. The
client must use its shared secret key to decrypt the challenge that the
Kerberos server sends via encryption. If the decryption is successful, the
client responds to the server with evidence of its identity.
 Authorization: Kerberos also offers a system for authorization in addition to
authentication. After being authenticated, a user can submit service tickets
for certain network resources. Users can access just the resources they have
been given permission to use thanks to information about their privileges
and permissions contained in the service tickets.
 Network Security: Kerberos offers a central authentication server that can
regulate user credentials and access restrictions, which helps to ensure
network security. In order to prevent unwanted access to sensitive data and
resources, this server may authenticate users before granting them access
to network resources.
22.explain any two framing methods?
Fixed Size Framing
Fixed-size framing involves dividing the data into frames of a predetermined,

fixed size. This approach is commonly used in networks such as Ethernet,
where each frame is exactly 1500 bytes long. The advantage of fixed-size
framing is that it is simple and efficient, as all frames are of the same size.
This makes it easy for network devices to split the data stream into frames,
and for the receiving device to know how much data is in each frame.
Fixed-size framing also makes it easier to manage network resources, as it

ensures that each frame takes up the same amount of bandwidth. This is
important in high-speed networks where a large amount of data is being
transmitted simultaneously. Furthermore, fixed-size framing is suitable for
data that can be easily divided into smaller units, such as text files or
structured data.
However, fixed-size framing also has some disadvantages. One disadvantage

is that it may not be suitable for all types of data. For example, video or audio
files may not fit neatly into fixed-size frames, as their size and complexity may
vary. Another disadvantage is that it can introduce additional overhead, as
some frames may contain unused space if the data being transmitted does
not fill the entire frame.
Variable Size Framing
Variable size framing involves dividing the data into frames of varying sizes.
This approach is commonly used in networks where the data being
transmitted does not fit neatly into fixed-size frames, such as video or audio
streaming. In variable-size framing, each frame contains a header that
specifies the length of the payload, allowing the receiving device to know how
much data is in each frame.
The advantage of variable-size framing is that it provides more flexibility than

fixed-size framing. Frames can be sized to fit the data being transmitted,
which can help to reduce overhead and increase efficiency. This is particularly
important in applications where data may be of varying sizes, such as
multimedia streaming.
However, variable-size framing also has some disadvantages. One

disadvantage is that it can be more complex to implement, as each frame
must contain a header specifying the length of the payload. This increases the
overhead of each frame, which can reduce overall network efficiency.
Additionally, variable-size framing can introduce additional delay, as the
receiver must wait for the entire frame to be received before processing it.
23.
25. explain cfb and ofb block mode of operation with a neat diagram
Cipher Feedback Mode (CFB) –
In this mode the cipher is given as feedback to the next block of encryption with
some new specifications: first, an initial vector IV is used for first encryption and
output bits are divided as a set of s and b-s bits.The left-hand side s bits are selected
along with plaintext bits to which an XOR operation is applied. The result is given
as input to a shift register having b-s bits to lhs,s bits to rhs and the process
continues. The encryption and decryption process for the same is shown below,
both of them use encryption algorithms.
Advantages of CFB –
 Since, there is some data loss due to the use of shift register, thus it is difficult
for applying cryptanalysis.
Disadvantages of using CFB –
 The drawbacks of CFB are the same as those of CBC mode. Both block losses
and concurrent encryption of several blocks are not supported by the
encryption. Decryption, however, is parallelizable and loss-tolerant.
Output Feedback Mode –
The output feedback mode follows nearly the same process as the Cipher Feedback
mode except that it sends the encrypted output as feedback instead of the actual
cipher which is XOR output. In this output feedback mode, all bits of the block are
sent instead of sending selected s bits. The Output Feedback mode of block cipher
holds great resistance towards bit transmission errors. It also decreases the
dependency or relationship of the cipher on the plaintext.
Advantages of OFB –
 In the case of CFB, a single bit error in a block is propagated to all subsequent
blocks. This problem is solved by OFB as it is free from bit errors in the
plaintext block.
Disadvantages of OFB-
 The drawback of OFB is that, because to its operational modes, it is more
susceptible to a message stream modification attack than CFB.
26.Explain the various steps involved in pgp for email
PGP
o PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann.
o PGP was designed to provide all four aspects of security, i.e., privacy, integrity,
authentication, and non-repudiation in the sending of email.
o PGP uses a digital signature (a combination of hashing and public key encryption) to
provide integrity, authentication, and non-repudiation. PGP uses a combination of secret
key encryption and public key encryption to provide privacy. Therefore, we can say that
the digital signature uses one hash function, one secret key, and two private-public key
pairs.
o PGP is an open source and freely available software package for email security.
o PGP provides authentication through the use of Digital Signature.
o It provides confidentiality through the use of symmetric block encryption.
o It provides compression by using the ZIP algorithm, and EMAIL compatibility using the
radix-64 encoding scheme.
Following are the steps taken by PGP to create secure e-mail

at the sender site:
o The e-mail message is hashed by using a hashing function to create a digest.
o The digest is then encrypted to form a signed digest by using the sender's private key, and
then signed digest is added to the original email message.
o The original message and signed digest are encrypted by using a one-time secret key
created by the sender.
o The secret key is encrypted by using a receiver's public key.
o Both the encrypted secret key and the encrypted combination of message and digest are
sent together.
PGP at the Sender site (A)
Following are the steps taken to show how PGP uses hashing
and a combination of three keys to generate the original
message:
o The receiver receives the combination of encrypted secret key and message digest is
received.
o The encrypted secret key is decrypted by using the receiver's private key to get the one-
time secret key.
o The secret key is then used to decrypt the combination of message and digest.
o The digest is decrypted by using the sender's public key, and the original message is
hashed by using a hash function to create a digest.
o Both the digests are compared if both of them are equal means that all the aspects of
security are preserved.
PGP at the Receiver site (B)
Disadvantages of PGP Encryption

o The Administration is difficult: The different versions of PGP complicate the
administration.
o Compatibility issues: Both the sender and the receiver must have compatible versions of
PGP. For example, if you encrypt an email by using PGP with one of the encryption
technique, the receiver has a different version of PGP which cannot read the data.
o Complexity: PGP is a complex technique. Other security schemes use symmetric
encryption that uses one key or asymmetric encryption that uses two different keys. PGP
uses a hybrid approach that implements symmetric encryption with two keys. PGP is more
complex, and it is less familiar than the traditional symmetric or asymmetric methods.
o No Recovery: Computer administrators face the problems of losing their passwords. In
such situations, an administrator should use a special program to retrieve passwords. For
example, a technician has physical access to a PC which can be used to retrieve a password.
However, PGP does not offer such a special program for recovery; encryption methods are
very strong so, it does not retrieve the forgotten passwords results in lost messages or lost
files.
27.State the importance of ip security and explain in detail its architecture
with neat diagram
IPSec Architecture
IPSec (IP Security) architecture uses two protocols to secure the traffic or data
flow. These protocols are ESP (Encapsulation Security Payload) and AH
(Authentication Header). IPSec Architecture includes protocols, algorithms, DOI,
and Key Management. All these components are very important in order to provide
the three main services:
 Confidentiality
 Authentication
 Integrity
IP Security Architecture:
1. Architecture: Architecture or IP Security Architecture covers the general

concepts, definitions, protocols, algorithms, and security requirements of IP
Security technology.
2. ESP Protocol: ESP(Encapsulation Security Payload) provides a confidentiality
service. Encapsulation Security Payload is implemented in either two ways:
 ESP with optional Authentication.
 ESP with Authentication.
Packet Format:
 Security Parameter Index(SPI): This parameter is used by Security

Association. It is used to give a unique number to the connection built
between the Client and Server.
 Sequence Number: Unique Sequence numbers are allotted to every packet
so that on the receiver side packets can be arranged properly.
 Payload Data: Payload data means the actual data or the actual message.
The Payload data is in an encrypted format to achieve confidentiality.
 Padding: Extra bits of space are added to the original message in order to
ensure confidentiality. Padding length is the size of the added bits of space
in the original message.
 Next Header: Next header means the next payload or next actual data.
 Authentication Data This field is optional in ESP protocol packet format.
3. Encryption algorithm: The encryption algorithm is the document that
describes various encryption algorithms used for Encapsulation Security Payload.
4. AH Protocol: AH (Authentication Header) Protocol provides both
Authentication and Integrity service. Authentication Header is implemented in one
way only: Authentication along with Integrity.
Authentication Header covers the packet format and general issues related to the
use of AH for packet authentication and integrity.
5. Authentication Algorithm: The authentication Algorithm contains the set of
documents that describe the authentication algorithm used for AH and for the
authentication option of ESP.
6. DOI (Domain of Interpretation): DOI is the identifier that supports both AH
and ESP protocols. It contains values needed for documentation related to each
other.
7. Key Management: Key Management contains the document that describes how
the keys are exchanged between sender and receiver.
28.Explain one way hash function with diagram?

A one-way hash function is a mathematical algorithm that takes an input (or
message) and produces a fixed-size string of characters, known as a hash value or
digest. It's called "one-way" because it's computationally infeasible to reverse the
process and retrieve the original input from the hash value. Here's a simplified
diagram illustrating the concept of a one-way hash function:
A one-way hash function is a mathematical algorithm that takes an input (or

message) and produces a fixed-size string of characters, known as a hash value or
digest. It's called "one-way" because it's computationally infeasible to reverse the
process and retrieve the original input from the hash value. Here's a simplified
diagram illustrating the concept of a one-way hash function:
```
+------------------------+
| Input Message |
+------------------------+
|
v
+------------------------+
| Hash Function |
+------------------------+
|
v
+------------------------+
| Hash Value |
+------------------------+
```
Explanation:
Input Message: This is the data or message that we want to hash. It can be of any
length and can contain any type of data (text, binary, etc.).
Hash Function: The hash function takes the input message and applies
mathematical operations to it, transforming it into a fixed-size hash value. The
specific operations performed by the hash function ensure that the resulting hash
value is unique to the input message.
Hash Value: This is the output of the hash function. It is a fixed-size string of
characters (usually represented in hexadecimal format) that uniquely represents the
input message. Even a small change in the input message will result in a
significantly different hash value.
In summary, the input message is processed through the hash function to produce a
hash value. The resulting hash value serves as a unique fingerprint of the input
message, allowing for data integrity verification, password hashing, digital
signatures, and various other security applications.
29.Explain various steps in Kerberos with a neat diagram?

Kerberos provides a centralized authentication server whose function is to
authenticate users to servers and servers to users. In Kerberos Authentication
server and database is used for client authentication. Kerberos runs as a third-party
trusted server known as the Key Distribution Center (KDC). Each user and service
on the network is a principal.
The main components of Kerberos are:
 Authentication Server (AS):

The Authentication Server performs the initial authentication and ticket for
Ticket Granting Service.
 Database:
The Authentication Server verifies the access rights of users in the database.
 Ticket Granting Server (TGS):

The Ticket Granting Server issues the ticket for the Server
 Step-1:
User login and request services on the host. Thus user requests for ticket-
granting service.
 Step-2:
Authentication Server verifies user’s access right using database and then
gives ticket-granting-ticket and session key. Results are encrypted using the
Password of the user.
 Step-3:
The decryption of the message is done using the password then send the
ticket to Ticket Granting Server. The Ticket contains authenticators like user
names and network addresses.
 Step-4:
Ticket Granting Server decrypts the ticket sent by User and authenticator
verifies the request then creates the ticket for requesting services from the
Server.
 Step-5:
The user sends the Ticket and Authenticator to the Server.
 Step-6:
The server verifies the Ticket and authenticators then generate access to the
service. After this User can access the services.
Kerberos Limitations
 Each network service must be modified individually for use with Kerberos
 It doesn’t work well in a timeshare environment
 Secured Kerberos Server
 Requires an always-on Kerberos server
 Stores all passwords are encrypted with a single key
 Assumes workstations are secure
 May result in cascading loss of trust.
 Scalability
30.Explain with a neat diagram the functioning of des algorithm?
The Data Encryption Standard (DES) is a symmetric-key block

cipher published by the National Institute of Standards and
Technology (NIST).
DES is an implementation of a Feistel Cipher. It uses 16 round

Feistel structure. The block size is 64-bit. Though, key length is 64-
bit, DES has an effective key length of 56 bits, since 8 of the 64 bits
of the key are not used by the encryption algorithm (function as
check bits only). General Structure of DES is depicted in the
following illustration −
Since DES is based on the Feistel Cipher, all that is required to
specify DES is −
 Round function
 Key schedule
 Any additional processing − Initial and final permutation
Initial and Final Permutation

The initial and final permutations are straight Permutation boxes (P-
boxes) that are inverses of each other. They have no cryptography
significance in DES. The initial and final permutations are shown as
follows −
Round Function
The heart of this cipher is the DES function, f. The DES function
applies a 48-bit key to the rightmost 32 bits to produce a 32-bit
output.
 Expansion Permutation Box − Since right input is 32-bit and round
key is a 48-bit, we first need to expand right input to 48 bits.
Permutation logic is graphically depicted in the following
illustration −
 The graphically depicted permutation logic is generally

described as table in DES specification illustrated as shown −
 XOR (Whitener). − After the expansion permutation, DES does
XOR operation on the expanded right section and the round key.
The round key is used only in this operation.
 Substitution Boxes. − The S-boxes carry out the real mixing
(confusion). DES uses 8 S-boxes, each with a 6-bit input and a
4-bit output. Refer the following illustration −
 The S-box rule is illustrated below −

 There are a total of eight S-box tables. The output of all eight
s-boxes is then combined in to 32 bit section.
 Straight Permutation − The 32 bit output of S-boxes is then
subjected to the straight permutation with rule shown in the
following illustration:
Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit
cipher key. The process of key generation is depicted in the
following illustration −
The logic for Parity drop, shifting, and Compression P-box is given in
the DES description.
DES Analysis
The DES satisfies both the desired properties of block cipher. These
two properties make cipher very strong.
 Avalanche effect − A small change in plaintext results in the very

great change in the ciphertext.
 Completeness − Each bit of ciphertext depends on many bits of
plaintext.
During the last few years, cryptanalysis have found some

weaknesses in DES when key selected are weak keys. These keys
shall be avoided.
DES has proved to be a very well designed block cipher. There have
been no significant cryptanalytic attacks on DES other than
exhaustive key search.
31.Explain MD5 Algorithm with a neat

diagram?
The use of codes to secure information and communications in such a way that only the
intended recipients can decipher and process them is known as cryptography. Hence,
information access by unauthorized parties is prevented. "Cryptography" is the
combination of the words "crypt" (which means "hidden") and "graphy" (which means
"writing"). The methods used in cryptography to safeguard data are derived from
mathematical ideas and a set of rule-based computations known as algorithms to
transform communications in ways that make them difficult to decipher. These algorithms
are employed in the creation of cryptographic keys, digital signatures, data privacy
protection, online browsing on the internet, and the security of private transactions like
debit and credit card purchases.
Techniques for Cryptography: In the era of computers, cryptography is frequently

connected with the transformation of plain text into cipher text, which is text that can only
be decoded by the intended recipient. This process is known as encryption. Decryption is
the process of converting encrypted text into plain text.
The following list of cryptographic features:

Information may only be viewed by the intended recipient and no one else. This is known
as confidentiality. Information cannot be changed while being stored or sent between a
sender and the intended recipient without the addition of new information being noticed.
Non-repudiation: The information creator/sender is unable to subsequently retract his
desire to disseminate information. Authentication: The sender's and receiver's identities
are verified. Additionally, the information's origin and destination are verified.
MD5 Algorithm
The MD5 message-digest technique, which produces a hash value of 128 bits, is a
frequently used hash function. Ronald Rivest created MD5 in 1991 to replace the older
hash function MD4, and it was defined in RFC 1321 in 1992.
As a checksum, MD5 may be used to ensure data integrity and protect it from accidental
damage. It has been discovered that this historically used cryptographic hash algorithm
has several serious flaws. It continues to be useful for various non-cryptographic tasks,
such as locating the partition for a certain key in a partitioned database, and could even
be favored because it requires less CPU power than more contemporary Secure Hash
Algorithms.
Professor Ronald Rivest of MIT created a number of message digest algorithms, including
MD5 (Rivest, 1992). Rivest created MD5 in 1991 as a secure substitute for MD4 after
analytical research suggested that MD4 was probably unsafe. (Hans Dobbertin did in fact
discover MD4's flaws later.)
Den Boer and Bosselaers provided an early, albeit constrained, conclusion in 1993 by
identifying a "pseudo-collision" of the MD5 compression function, or two initialization
vectors that yield the same digest.
The MD5 compression function collided in 1996, according to Dobbertin (Dobbertin,

1996). Although this attack did not target the whole MD5 hash algorithm, it was near
enough for cryptographers to advise switching to an alternative like SHA-1 (which was
also compromised). The hash value's (128 bits) size is short enough to allow for the
possibility of a birthday attack. A distributed effort called MD5CRK was launched in March
2004 with the goal of showing how practically vulnerable MD5 is by locating a collision
using a birthday attack.
MD5 algorithm uses:

o For file authentication, it is employed.
o It is utilized for security in online applications. For instance, secure user passwords, etc.
o We can save our password in 128-bit format using this approach.
The MD5 algorithm goes through the following steps to operations:
1. Add Padding Bits: In the first stage, padding bits are added to the original message
so that the overall message length is 64 bits shorter than the precise multiple of 512.
Consider receiving a message with 1000 bits. We now need to modify the original
message by adding padding bits. Here, we shall pad the original message with 472 bits.
The original message/output of the first step will be 1472 after the padding bits have been
added, which is 64 bits less than an exact multiple of 512 (i.e., 512*3 = 1536).
Length(original message + padding bits) = 512 * i - 64 where i = 1,2,3 . . .

2. Add Length Bits: In this step, we add the length bit to the output from the previous step
in order to increase the number of bits to a perfect multiple of 512. We only add the 64-
bit length bit in this case to the result of the first step. i.e., the output of the first step is
equal to 512 * n - 64 length bits.
We shall have 512 * n, which is an exact multiple of 512, after adding the two.
3. Initialize the MD buffer: Here, we employ the J, K, L, and M buffers. Each buffer has a
32-bit size.
1. - J = 0x67425301
2. - K = 0xEDFCBA45
3. - L = 0x98CBADFE
4. - M = 0x13DCE476
4. Method The most crucial phase of the MD5 algorithm is each 512-bit block. In this case,
4 rounds and a total of 64 operations are carried out. There will be 16 operations
conducted in the first round, 16 operations in the second round, 16 operations in the third
round, and 16 operations in the fourth round. For example, we apply the F function for
the first round, the G function for the second, the H function for the third, and the i
function for the fourth. For computing functions, we use logic gates such as OR, AND,
XOR, and NOT. We employ three buffers-K, L, and M-for each function.
- F(K,L,M) = (K AND L) OR (NOT K AND M)
- G(K,L,M) = (K AND L) OR (L AND NOT M)
- H(K,L,M) = K XOR L XOR M
- I(K,L,M) = L XOR (K OR NOT M)
Now that the function has been applied, we are going to do something with each block.
To conduct activities, we need
1. • add modulo 232

2. • M[i] - 32 bit message.
3. • K[i] - 32-bit constant.
4. • <<<n - Left shift by n bits.
5. Now take input as initialize MD buffer i.e. J, K, L, M. Output of K will be fed in L, L will
be fed into M, and M will be fed into J. After doing this now we perform some operations
to find the output for J.
1. • In the first step, Outputs of K, L, and M are taken and then the function F is applied to them.
We will add modulo 232 bits for the output of this with J.
2. • In the second step, we add the M[i] bit message with the output of the first step.
3. • Then add 32 bits constant i.e. K[i] to the output of the second step.
4. • At last, we do left shift operation by n (can be any value of n) and addition modulo by 232.
The outcome of step J will be put into step K after all stages. The same procedures will
now be followed for all G, H, and I functions. We shall obtain our message digest once all
64 operations have been completed.
OUTPUT:
After all, rounds have been performed, the buffer J, K, L, and M contains the MD5 output
starting with the lower bit J and ending with Higher bits M.
1. # importing the required libraries

2. import hashlib
3. # making a message
4. inputstring = "This is a message sent by a computer user."
5. # encoding the message using the library function
6. output = hashlib.md5(inputstring.encode())
7. # printing the hash function
8. print("Hash of the input string:")
9. print(output.hexdigest())
OUTPUT:
Hash of the input string:

922547e866c89b8f677312df0ccec8ee
Application of the MD5 Algorithm
o To authenticate and check the integrity of files, we employ message digests.
o For data security and encryption, MD5 was utilised.
o It is employed for both password verification and message digestion, regardless of
message size.
o For the graphics and game boards.
Benefits of the MD5 Algorithm

o Faster and easier to comprehend is MD5.
o A 16-byte strong password is generated by the MD5 algorithm. To safeguard user
passwords, all developers, including web developers, employ the MD5 algorithm.
o The MD5 method requires a relatively little amount of memory to be integrated.
o Generating a digest message from the original message is simple and quick.
Drawback of the MD5 algorithm

o For various inputs, MD5 generates the same hash function.
o Compared to SHA1, MD5 offers inferior security.
o The algorithm MD5 has been criticized for being unsafe. Therefore, we are currently
switching from MD5 to SHA256.
o The algorithm MD5 is neither symmetric nor asymmetric.

NIS End Term Notes

Uploaded by

Copyright:

Available Formats

NIS End Term Notes

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NIS End Term Notes

Uploaded by

Copyright:

Available Formats

1)List the various functions of Network layers and explain any two in details

2) Explain confidentiality and authentication in security service?

Different approaches to computer network security management have different

3) Classify different types of threats and explain in detail

4)Explain the keys used in idea algorithm

5)explain the various functions in x509

Public Key certificate use

6.explain in detail symmetric key distribution methods

2. Key Distribution Centers (KDC):

4. Public Key Infrastructure (PKI):

5. Manual Key Exchange:

7. explain the functions of authentication server

8. Explain any two function of data link layers?

9.explain the two network topologies with a diagram?

A hash function in cryptography is like a mathematical function that takes various

1. Diffie-Hellman Key Exchange:

Encryption and Decryption:

13)write a short note on ieee 802.11

IEEE 802.11 Architecture

14.Explain OSI Reference Model with a Neat Diagram

Physical Layer (Layer 1):

Data Link Layer (Layer 2):

Ethernet and Wi-Fi are examples of protocols operating at this layer.

The Internet Protocol (IP) is a key protocol at this layer.

Transport Layer (Layer 4):

Session Layer (Layer 5):

Presentation Layer (Layer 6):

Application Layer (Layer 7):

Responsible for providing network services directly to end-users and applications.

o The transmission mode is also known as the communication mode.

o The transmission mode is defined in the physical layer.

The Transmission mode is divided into three categories:

o Simplex mode o Half-duplex mode o Full-duplex mode

Advantage of Simplex mode:

Disadvantage of Simplex mode:

o Communication is unidirectional, so it has no inter-communication between devices.

o A Walkie-talkie is an example of the Half-duplex mode. In Walkie-talkie, one party

Advantage of Half-duplex mode:

Disadvantage of Half-Duplex mode:

Advantage of Full-duplex mode: o Both the stations can send and

receive the data at the same time.

Disadvantage of Full-duplex mode:

17.Explain topology in computer Networks

What is Network Topology?

Types of Network Topology

configuration of a bus topology is quite simpler as compared to other topologies.

Advantages of Bus topology:

Familiar technology: Bus topology is a familiar technology as the installation and

Disadvantages of Bus topology:

o Ring topology is like a bus topology, but with connected ends.

continuously known as an endless loop.

o The data in a ring topology flow in a clockwise direction.

o Token: It is a frame that circulates around the network.

Working of Token passing

o In a ring topology, a token is used as a carrier.

Advantages of Ring topology:

Disadvantages of Ring topology:

o Coaxial cable or RJ-45 cables are used to connect the computers.

topology is the most popular topology in network implementation.

Advantages of Star topology