Network Security and Cryptography Assignment Questions

Question 1 (25 Marks)

(a) Appraise and comment on the following statement:

(i) “It is important and essential to have collision resistance property (both weak collision resistance and strong collision resistance) in a secure hash function”.

(6 marks)

(ii) “Either AH (Authentication Header) or ESP (Encapsulating Security Payload) protocol, but not both, can be selected or enabled in a single Security Association (SA). However, a particular traffic flow can be protected by both AH and ESP”.

(6 marks)

(b) Assess and analyse the email header of an email, using Gmail, Yahoo mail, or otherwise, based on Activity 5 of Study Unit 3, Chapter2.

(i) Provide the steps of how the email header may be read from the chosen email service.

  (2 marks)

(ii) List and explain two (2) MIME headers of your email.

  (4 marks)

(iii) In the header, you will notice the word – ‘ARC’ and ‘DKIM’. Appraise the purpose of ARC and DKIM. List and explain both the ARC headers as well as the DKIM header.

  (7 marks)

Question 2 (25 Marks)

(a) (i)   Apply columnar transposition algorithm to the following ciphertext and determine its plaintext:

CGIPPURRSYAFTHNOY

Assume that the key is “ASSESS”, ignoring all spaces.

  (4 marks)

(ii)  Apply Vigenère Square cipher algorithm to the plaintext obtained in part (i), using the    key, ‘CRYPTO’, describe how the resultant ciphertext can be obtained. {Note: Use the Vigenère Square table given below}

  (4 marks)

(iii)  What is the possible weakness of using Vigenère Square method of encryption?

(2 marks)

(b) Examine the following message packet.

(i) Appraise how one can be reasonably sure that the message is authentic, if the message is encrypted.

(4 marks)

(ii) Assess whether it would be sufficient to just encrypt the actual data field or the entire message needs to be encrypted and why?

  (3 marks)

(c) Appraise how security can be provided using symmetric encryption for the so-called enhanced protocol of the Kerberos authentication service.

  (8 marks)

Question 3 (25 Marks)

(a) Go to the following website: https://www.cloudshark.org/captures/a9718e5fdb28 to access the TLS test pcap file (starting from Line 1). Analyse the TLS_test pcap file and determine the following:

(i) What is the purpose of the Client_Hello message?

  (2 marks)

(ii) What is the chosen Cipher Suite and explain how did the server obtained the Cipher Suite?

  (2 marks)

(iii) In SSL/TLS, a session key will normally be created to enable it to perform encryption. Briefly discuss how this key is determined.

  (4 marks)

(iv) In Line 5, what is the alert number given for the message “Encrypted Alert Message” and explain what does it mean?

(3 marks)

(b) (i) Go into any browser and open any web-based (X.509 Version 3) public certificate. Illustrate by using your chosen certificate and determine the following items:

• the purpose of the certificate and the issuer.
• the public key, the signature algorithm and the issuer’s signature.
• the URL where the CRL list can be found and highlight one of the CRLs

(Provide a screenshot of all these items as part of your illustration)

  (6 marks)

(ii)  Discuss how verification can be done to determine if the public certificate is genuine and came from the correct source. Illustrate your answer by using an appropriate diagram.

  (8 marks) 

Question 4 (25 Mark)

(a) An intrusion detection system (IDS) is an application that monitors network traffic and searches for known threats and suspicious or malicious activities.

(i) Appraise the difference between threshold detection and profile-based detection used in statistical anomaly detection.

  (4 marks)

(ii) A private education centre recently installed a computer network system to be used mainly by its employees. These employees have been with the company for many years and are expected to remain until retirement and possibly even longer. The centre has also recruited a new network administrator who has just graduated from university.

• Appraise if the centre has any chance of implementing an effective intrusion detection system and explain why?
• If so, which detection system would you recommend for the centre? Explain your answer.

  (7 marks)

(b) A management consultancy firm, headquartered in Singapore with a branch in Sydney, requires a secure network connection between the two sites. This connection will operate over the public internet and must guarantee the confidentiality of all data in transit—including the source and destination IP addresses. All internet-bound traffic is routed through designated network gateways.

Since both the headquarters and Sydney branch host servers containing sensitive data, encryption keys must be stored exclusively on those individual servers. Although authentication is not a primary concern for the organization, your CISO has tasked you to explore implementing IPsec to ensure secure communication between the two locations.

Apply IPSEC and recommend appropriate IPSEC configurations for the firm to provide the necessary secured communication. Justify and discuss why you have made these recommendations.

(8 mark)

(c) Discuss what security services are specified by the IEEE 802.11i RSN standard. Illustrate, in your answer, the appropriate security protocols supporting these services.

  (6 marks

Network Security Answers: Expert Answers on Above Network Security Questions

Collision resistance in Hash functions

In case of weak collision resistance, it is difficult to find a second input that gives the same hash as a given input. With respect to strong collision resistance, finding two different inputs with the same hash is difficult. It is highly important as it prevents data tempering and ensures integrity in cryptography systems.

AH vs ESP in IPsec

The authentication header provides Data integrity and authentication whereas encapsulating security payload is quite effective in providing encryption, integrity and authentication. The protection of traffic can be ensured using a separate security association.

Reading email headers

The email headers in Gmail can be read by opening the email, next is to click on the three dots and then show the original. In the case of Yahoo Mail, click on more and view raw messages.

Two MIME Headers

Content type define the type of data which can be text or HTML, and content transfer encoding provides specification with respect to encoding of data for Transport.

ARC and DKIM

Authenticated received chains are useful in preserving authentication results across intermediaries. DomainKeys Identified Mail also known as DKIM makes use of digital signatures in order to verify the domain of the sender. 

Want a Full Worked Out Answer with References?

The post Network Security and Cryptography Assignment Questions appeared first on Assignment Help Singapore.