COMPUTER SECURITY

IT Assignment

Ashwin Paldano -419

Birju T-422
Gangadharam S-427
Kaushik N-439
Leoprabhu E-443

1. Please decrypt the following sentence

GBQNLF URNQYVARF NER NOBHG GUR JVGUQENJNY BS
GUR PBAIVPGRQ YNJZNXREF OVYY VA CNEYVNZRAG
DV WRGDB LV WKH ODVW FODVV, SOHDVH QRWH
WKDW ZH KDYH QR FODVVHV WRPRUURZ. EHVW RI
OXFN IRU WKH HADPV!
a. What was the value of the key in each case?
TODAYS HEADLINES ARE ABOUT THE WITHDRAWAL OF
THE CONVICTED LAWMAKERS BILL IN PARLIAMENT-The
value of Key is Code=Alphabet+13
AS TODAY IS THE LAST CLASS, PLEASE NOTE THAT WE
HAVE NO CLASSES TOMORROW. BEST OF LUCK FOR
THE EXAMS! - The value of Key is Code=Alphabet-2
b. How much time did you take to decrypt the text?
It took close to 10 minutes to crack the code.
c. How secure would you rate the code?
The code would not be considered to be very complex
as it follows a linear structure and comparatively less
time consuming. It could be rated as 5 on a scale of 10.
2. What are the risks involved in outsourcing?
When a third party service vendor starts providing an
outsourcing service, the vendor may be given access to
internal information which can pose certain risks to the
organisation:
1. The provider gains intimate knowledge of the people,
IT infrastructure, procedures, approval channels, and
even the weaknesses and limitations of systems

(including both IT and non-IT systems) currently in

place;
2. The provider may be processing and handling critical
information, systems and assets, and hence have
access to sensitive or personal information;
3. The provider may have valid user IDs and passwords
with authorisation to access certain highly sensitive
systems logically and/or physically.
Attackers and those with criminal intent may try to get
hold of this internal operation information and use it for
malicious social engineering activities. Together with
the rapid advancement in technology such as email and
the Internet, removable storage devices (e.g. small USB
flash drives), and easy remote access to the
organisations information system, the risks associated
with misuse of the system and data theft (including
intellectual property theft) due to insider infiltration
cannot
be
underestimated.
In
fact,
untimely
termination of systems accounts and revocation of
access rights to staff who are leaving the organisation
may introduce security loopholes. In the worst case, if
the systems in place do not provide for accountability
and proper logging procedures, fraud as well as data
security and breaches of privacy can occur without any
trace being left behind.

3. What is a Man-In-The-Middle attack? How would you

prevent this attack?
The
man-in-the-middle
attack
as MITM, MitM, MIM, MiM, MITMA)

(often)abbreviated

in cryptography and computer security is a form of

active eavesdropping in which the attacker makes
independent connections with the victims and relays
messages between them, making them believe that
they are talking directly to each other over a private
connection, when in fact the entire conversation is
controlled by the attacker. The attacker must be able to
intercept all messages going between the two victims
and inject new ones, which is straightforward in many
circumstances (for example, an attacker within
reception range of an unencrypted Wi-Fi wireless access
point, can insert himself as a man-in-the-middle).
A man-in-the-middle attack can succeed only when the
attacker can impersonate each endpoint to the
satisfaction of the otherit is an attack on mutual
authentication (or lack thereof). Most cryptographic
protocols
include
some
form
of
endpoint authentication specifically to prevent MITM
attacks. For example, SSL can authenticate one or both
parties using a mutually trusted certification authority.
Defenses against the attack
Various defenses against MITM attacks use
authentication techniques that include:

DNSSEC Secure DNS extensions

Strong encryption (as opposed to relying on small
symmetric or asymmetric key sizes, broken ciphers
or unproven ciphers)

Public key infrastructures

PKI mutual authentication the main defence in

a PKI scenario is mutual authentication. In this

case as well as the application validating the user

(not much use if the application is rogue)the
users devices validates the applicationhence
distinguishing rogue applications from genuine
applications.

A recorded media attestment (assuming that the

user's identity can be recognized from the recording),
which can either be:

A verbal communication of a shared value for

each session (as in ZRTP)

An audio/visual communication of the public

key hash (which can be easily distributed via PKI)

Stronger mutual authentication, such as:

Secret keys (which are usually

high information entropy secrets, and thus more
secure), or

Passwords (which are usually low information

entropy secrets, and thus less secure)

Latency examination, such as with

long cryptographic hash function calculations that
lead into tens of seconds; if both parties take 20
seconds normally, and the calculation takes 60
seconds to reach each party, this can indicate a third
party

Second (secure) channel verification

Carry-forward verification.

Testing is being carried out on deleting

compromised certificates from issuing authorities on

the actual computers and compromised certificates

are being exported to sandbox area before removal
for analysis
The integrity of public keys must generally be assured
in some manner, but need not be secret. Passwords
and shared secret keys have the additional secrecy
requirement. Public keys can be verified by a certificate
authority, whose public key is distributed through a
secure channel (for example, with a web browser or OS
installation). Public keys can also be verified by a web
of trust that distributes public keys through a secure
channel (for example by face-to-face meetings).

Thank You Sir