CNS

UNIT – 1

1. Define the following

Sol:
Cryptography:
Cryptography is a branch of mathematics that deals with the transformation of
data. Cryptographic algorithms are used in many ways in information security
and network security. Cryptography is an essential component in the secure
storage and transmission of data, and in the secure interaction between
parties.
Cybersecurity:
Cyber Security is the protection of information that is stored & transmitted,
and processed in a networked system of computers, other digital devices,
network devices, and transmission lines, including the internet.
Information Security:
Network Security:
 2. Explain the security objectives in detail. (or) Explain the essential
information & network security objectives with CIA traid.
Sol:
Confidentiality: This term covers two related concepts:
  Data confidentiality: Assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
 Privacy: Assures that individuals control or influence what information
related to them may be collected and stored and by whom and to whom
that information may be disclosed.
Integrity: This term covers two related concepts:
 Data integrity: Assures that data (both stored and in transmitted packets)
and programs are changed only in a specified and authorized manner.
This concept also encompasses data authenticity.
 System integrity: Assures that a system performs its intended function in
an unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system.
Availability: Assures that systems work promptly and service is not denied to
authorized users
Accountability:
 The security goal that generates the requirement for actions of an entity
to be traced uniquely to that entity. This supports nonrepudiation
(preventing entities from denying their actions), deterrence
(discouraging malicious behavior), fault isolation (identifying the source
of issues).
 Systems must keep records of their activities to permit later forensic
analysis to trace security breaches or to aid in transaction disputes.
 3. Mention the challenges of information security.
Sol:
 4. Explain OSI Security architecture (or) key concepts in security.
Sol:
 To assess effectively the security needs of an organization and to
evaluate and choose various security products and policies, the manager
responsible for security needs some systematic way of defining the
 requirements for security and characterizing the approaches to satisfying
those requirements.
 ITU-T Recommendation X.800, Security Architecture for OSI, defines such
a systematic approach. The open systems interconnection (OSI) security
architecture is useful to managers as a way of organizing the task of
providing security.
 The OSI security architecture focuses on security attacks, mechanisms,
and services.
 Security attack: Any action that compromises the security of information
owned by an organization.
 Security mechanism: A process (or a device incorporating such a process)
that is designed to detect, prevent, or recover from a security attack
 Security service: A processing or communication service that enhances
the security of the data processing systems and the information transfers
of an organization. The services are intended to counter security attacks,
and they make use of one or more security mechanisms to provide the
service.
 Threat: any circumstance or event that has the potential to negatively
affect an organization's operations, assets, individuals, or even national
interests through an information system. Threats can manifest in various
forms such as unauthorized access, destruction, disclosure, modification
of information, or denial of service.
 Attack: Any kind of malicious activity that attempts to collect, disrupt,
deny, degrade, or destroy information system resources or the
information itself.

5. Explain the different types of security attacks in detail.

Sol:
Security attacks refer to any attempt made to compromise the confidentiality,
integrity, or availability of information systems.
Security attacks can be broadly classified into passive and active attacks, as
defined in the X.800 standard.
 Passive attacks:
are non-intrusive in nature. They do not modify or disrupt the operation
of the system; instead, they silently monitor or listen to data
transmissions. The main goal of a passive attack is to gain unauthorized
access to sensitive data without being detected. These attacks
compromise confidentiality.
 Common types of passive attacks include:
 Release of Message Contents: an attacker tries to read confidential data
such as emails, voice calls, or transferred files.
 Traffic Analysis:on the other hand, focuses not on the content but on the
patterns of communication. Even when messages are encrypted, an
attacker might still infer valuable information by observing message
timing, frequency, or the identities of communicating parties.
 passive attacks do not alter the data, they are extremely difficult to
detect.As a result, the emphasis in dealing with passive attacks is on
prevention, often through strong encryption techniques.

 Active attacks:
 it involve some modification of the data stream or the creation of false
data.
 Unlike passive attacks, active attacks can often be detected but are
harder to completely prevent due to their aggressive nature.
 Categories of active attacks include:
 Masquerade Attack: In this type, an attacker pretends to be another
legitimate entity to gain unauthorized access. This is often achieved by
stealing login credentials or using spoofed identities.
 Replay Attack: involve capturing legitimate data transmissions and
retransmitting them to produce unauthorized effects.Replay attacks can
be used to bypass login processes or repeat financial transactions.
 Modification of Messages: This involves changing the content of a
legitimate message to produce an undesired effect. The modification
could involve altering permissions, redirecting information, or inserting
false data. This type of attack affects the integrity of information.
 Denial of Service (DoS): This attack aims to make a system or service
unavailable to legitimate users. It may involve flooding a server with
traffic, exploiting vulnerabilities to crash systems, or consuming all
 available resources. Distributed DoS (DDoS) attacks are a more powerful
version, launched from multiple compromised systems.
 Active attacks are generally easier to detect because they leave behind
evidence such as system crashes, service interruptions, or data
inconsistencies. However, preventing them completely is challenging
without comprehensive security controls.

6. Explain security service in detail ?

sol:

A security service is a capability that supports one or more of the security

requirements (confidentiality, integrity, availability, authenticity, and
accountability). Security services implement security policies and are
implemented by security mechanisms.
Authentication is a fundamental security service that ensures the authenticity
of communications in a system. Its main goal is to confirm that the parties
involved in communication are truly who they claim to be, thereby protecting
against impersonation, unauthorized access, and message forgery.
In the context of an ongoing interaction, like a client-server session,
authentication is needed at two levels. First, during the connection initiation
phase, each entity must verify the identity of the other to ensure a trusted
connection is established. Second, throughout the duration of the session, the
system must ensure that the communication is not compromised or
intercepted by a third party who might try to masquerade as one of the
legitimate participants. This helps maintain the integrity and confidentiality of
the session.
The X.800 standard defines two specific types of authentication services:
  Peer Entity Authentication: This service provides verification of the
identity of a peer entity involved in a connection. Two entities are
considered peers if they implement the same protocol in different
systems.
 Data Origin Authentication: This service confirms the source of a specific
data unit, ensuring that the data originated from a legitimate source.it
does not guard against data duplication or modification. Data origin
authentication is particularly useful in applications such as email, where
there may not be a persistent connection between sender and receiver,
but it is still important to confirm that a received message genuinely
came from the stated sender.
Access Control : In the context of network security, access control is the ability
to limit and control the access to host systems and applications via
communications links. To achieve this, each entity trying to gain access must
first be identified, or authenticated, so that access rights can be tailored to the
individual.
Data Confidentiality: Confidentiality is the protection of transmitted data from
passive attacks. The broadest service protects all user data transmitted
between two users over a period of time. For example, when a TCP connection
is set up between two systems, this broad protection prevents the release of
any user data transmitted over the TCP connection.
Data Integrity: A connection-oriented integrity service, one that deals with a
stream of messages, assures that messages are received as sent with no
duplication, insertion, modification, reordering, or replays. the connection-
oriented integrity service addresses both message stream modification and
denial of service.
Nonrepudiation: Nonrepudiation prevents either sender or receiver from
denying a transmitted message. when a message is sent, the receiver can prove
that the alleged sender in fact sent the message.
Availability Service: Availability is the property of a system, or a system
resource, being accessible and usable upon demand by an authorized system
entity, according to performance specifications for the system.

7. Explain the security mechanisms in detail ?

Sol:
 8. what is cryptography explain different types of cryptography algo in
detail ?
sol:
Cryptography is a branch of mathematics that deals with the transformation of
data. Cryptographic algorithms are used in many ways in information security
and network security. Cryptography is an essential component in the secure
storage and transmission of data, and in the secure interaction between
parties.
Keyless Algorithms: are deterministic functions that do not use cryptographic
keys but possess properties that make them valuable in cryptographic systems.
These algorithms do not provide encryption or decryption on their own but are
essential building blocks in various security mechanisms.
 One of the most significant types of keyless algorithms is the
cryptographic hash function. A hash function processes an input of
arbitrary length and produces a fixed-length output known as a hash
value, digest, or hash code.
 it satisfies specific security properties, such as pre-image resistance
(hard to reverse the hash to find the original input), second pre-image
resistance (hard to find a different input with the same hash), and
collision resistance (hard to find two different inputs that produce the
same hash). These properties make cryptographic hash functions crucial
for ensuring data integrity, implementing digital signatures, and
generating message authentication codes.
  Another form of keyless algorithm is the pseudorandom number
generator (PRNG). A PRNG generates a sequence of bits or numbers that
appears to be random but is actually produced by a deterministic
process. Although the sequence will eventually repeat, it is designed to
appear unpredictable for practical purposes. PRNGs are widely used in
cryptographic applications such as key generation, nonce generation,
and in protocols where randomization is essential.
Single-Key Algorithms: also known as symmetric key cryptographic
algorithms, rely on the use of a single, shared secret key for both encryption
and decryption. This key must be kept confidential and is either known only to
one user or shared among multiple trusted parties.
Symmetric encryption involves transforming readable data (plaintext) into an
unreadable format (ciphertext) using an encryption algorithm and a secret key.
To retrieve the original data, the same key and a corresponding decryption
algorithm are used. These algorithms are efficient and fast, making them
suitable for encrypting large volumes of data.
There are two primary types of symmetric encryption:
 Block cipher: A block cipher operates on data as a sequence of blocks. A
typical block size is 128 bits. In most versions of the block cipher, known
as modes of operation, the transformation depends not only on the
current data block and the secret key but also on the content of
preceding blocks.
 Stream cipher: A stream cipher operates on data as a sequence of bits.
Typically, an exclusive-OR operation is used to produce a bit-by-bit
transformation. As with the block cipher, the transformation depends on
a secret key.
 message authentication code (MAC): Another form of single-key
cryptographic algorithm is the message authentication code (MAC). A
MAC is a data element associated with a data block or message. The
MAC is generated by a cryptographic transformation involving a secret
key and, typically, a cryptographic hash function of the message. The
MAC is designed so that someone in possession of the secret key can
verify the integrity of the message. Thus, the MAC algorithm takes as
input a message and secret key and produces the MAC. The recipient of
the message plus the MAC can perform the same calculation on the
message; if the calculated MAC matches the MAC accompanying the
message, this provides assurance that the message has not been altered.
Two-Key Algorithms: also known as asymmetric cryptographic algorithms, rely
on a pair of mathematically related keys: a private key, which is kept secret by
its owner, and a public key, which is shared openly with others. Unlike single-
key or symmetric algorithms, where the same key is used for both encryption
and decryption, asymmetric encryption uses different keys for each operation,
making it highly suitable for secure communication over untrusted networks.
There are two primary modes in which asymmetric encryption works:
 Private Key Encryption and Public Key Decryption: In this mode, the
sender encrypts the data using their private key. Since only the sender
has access to this private key, it ensures that the data could only have
come from that sender. Anyone with the corresponding public key can
decrypt and read the message, making this approach suitable for
authentication and digital signatures. The purpose here is not to protect
confidentiality but to guarantee the authenticity and integrity of the
message's origin.
 Public Key Encryption and Private Key Decryption: In this mode, the
sender encrypts the data using the recipient’s public key, which is freely
available. Only the intended recipient, who possesses the corresponding
private key, can decrypt the message. This approach is used to maintain
confidentiality of the transmitted data, ensuring that only the authorized
party can access the original message.
Asymmetric encryption is widely used in several critical cryptographic
applications. One of the most important is the digital signature. A digital
signature is created when a sender uses their private key to generate a
cryptographic value based on the message content. The recipient can verify the
signature using the sender’s public key, thereby confirming both the
authenticity of the sender and the integrity of the message.
Another essential application is key exchange, where asymmetric algorithms
enable secure distribution of a symmetric encryption key. This is especially
useful because symmetric encryption is much faster for large-scale data
encryption, but it requires a secure method of key sharing—something
asymmetric encryption efficiently provides.