Question

Which of the following PGP cryptographic function provides authentication only? E[PUB, Ks] || E[KS, ZEM || E[PRа, H(M)]]] O None O E[PUB, Ks]||E[KS, Z(M)] O Z[M|| E[PRа, H(M)]

network security questions

Answer 1

1) Option 1

E(Private key used to encrypt the message) --> zipped --> E(Public Key with session key used in symmetric encryption)

In Authentication -

• The sender creates a message
• SHA-1 is used to generate a 160-bit hash code of the message
• The hash code is encrypted with RSA using the sender’s private key, and the result is prepended to the message
• The reciever uses RSA with sender’s public key to decrypt and recover the hash code
• The reciever generates a new hash code for the mesage and compares it with the decrypted hash code

2) Option 4

Private key of the user is stored in private key ring by encrypting the key with hash of the passphrase.

E[H[Pi], PRi] - E(Hash Function, Private key)

3) Option 1 - Ping

This is an example of Amplification attack where large volumes of packets are send to flood the targets without alerting the intermediary, by returning a large reply to a small request.

4) Option 3 - DoS Attack

TCP SYN is a type of DoS attack that exploits part of the normal TCP three-way handshake.

In a Three way Handshake what happens -

• Client requests connection by sending SYN message
• Server acknowledges by sending SYN-ACK message back to client
• Client responds back with ACK message and the conection is established

In this TCP-SYN what happens is that the attacker client sends multiple SYN to the server. The server, unaware of the attack, receives multiple requests to establish communication. It responds to each attempt with a SYN-ACK packet from each open port. The malicious client then either doen't sends back any ACK or never recieves any SYN-ACK message back from the server as a result the server would be busy sending back SYN-ACK message and waits and the connection in the meanwhile stays open. Before the previous open connection can time out, another SYN packet from the attacker client will arrive. This leaves an increasingly large number of connections half-open to the server. Eventually, as the server’s connection overflow the service to legitimate clients will be denied, and the server may even crash or even get malfunctioned.