Computer Security

Computer SecurityIT Assignment

1. Please decrypt the following sentenceGBQNLF URNQYVARF NER NOBHG GUR JVGUQENJNY BS GUR PBAIVPGRQ YNJZNXREF OVYY VA CNEYVNZRAGDV WRGDB LV WKH ODVW FODVV, SOHDVH QRWH WKDW ZH KDYH QR FODVVHV WRPRUURZ. EHVW RI OXFN IRU WKH HADPV!a. What was the value of the key in each case?TODAYS HEADLINES ARE ABOUT THE WITHDRAWAL OF THE CONVICTED LAWMAKERS BILL IN PARLIAMENT-The value of Key is Code=Alphabet+13AS TODAY IS THE LAST CLASS, PLEASE NOTE THAT WE HAVE NO CLASSES TOMORROW. BEST OF LUCK FOR THE EXAMS! - The value of Key is Code=Alphabet-2

b. How much time did you take to decrypt the text? It took close to 10 minutes to crack the code.c. How secure would you rate the code?The code would not be considered to be very complex as it follows a linear structure and comparatively less time consuming. It could be rated as 5 on a scale of 10.

2. What are the risks involved in outsourcing?When a third party service vendor starts providing an outsourcing service, the vendor may be given access to internal information which can pose certain risks to the organisation:1. The provider gains intimate knowledge of the people, IT infrastructure, procedures, approval channels, and even the weaknesses and limitations of systems (including both IT and non-IT systems) currently in place;2. The provider may be processing and handling critical information, systems and assets, and hence have access to sensitive or personal information;3. The provider may have valid user IDs and passwords with authorisation to access certain highly sensitive systems logically and/or physically.Attackers and those with criminal intent may try to get hold of this internal operation information and use it for malicious social engineering activities. Together with the rapid advancement in technology such as email and the Internet, removable storage devices (e.g. small USB flash drives), and easy remote access to the organisations information system, the risks associated with misuse of the system and data theft (including intellectual property theft) due to insider infiltration cannot be underestimated. In fact, untimely termination of systems accounts and revocation of access rights to staff who are leaving the organisation may introduce security loopholes. In the worst case, if the systems in place do not provide for accountability and proper logging procedures, fraud as well as data security and breaches of privacy can occur without any trace being left behind.

3. What is a Man-In-The-Middle attack? How would you prevent this attack?The man-in-the-middle attack (often)abbreviated asMITM,MitM,MIM,MiM,MITMA) incryptographyandcomputer securityis a form of activeeavesdroppingin which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencryptedWi-Fiwireless access point, can insert himself as a man-in-the-middle). A man-in-the-middle attack can succeed only when the attacker can impersonate each endpoint to the satisfaction of the otherit is an attack onmutual authentication(or lack thereof). Most cryptographic protocols include some form of endpointauthenticationspecifically to prevent MITM attacks. For example,SSLcan authenticate one or both parties using a mutually trustedcertification authority.

Defenses against the attackVarious defenses against MITM attacks use authentication techniques that include: DNSSECSecure DNS extensions Strong encryption(as opposed to relying on small symmetric or asymmetric key sizes, broken ciphers or unproven ciphers) Public key infrastructures PKI mutual authentication the main defence in a PKI scenario is mutual authentication. In this case as well as the application validating the user (not much use if the application is rogue)the users devices validates the applicationhence distinguishing rogue applications from genuine applications. A recorded media attestment (assuming that the user's identity can be recognized from the recording), which can either be: A verbal communication of a shared value for each session (as inZRTP) An audio/visual communication of the public key hash (which can be easily distributed via PKI) Strongermutual authentication, such as: Secret keys (which are usually highinformation entropysecrets, and thus more secure), or Passwords (which are usually low information entropy secrets, and thus less secure) Latency examination, such as with longcryptographic hash functioncalculations that lead into tens of seconds; if both parties take 20 seconds normally, and the calculation takes 60 seconds to reach each party, this can indicate a third party Second (secure) channel verification Carry-forward verification. Testing is being carried out on deleting compromised certificates from issuing authorities on the actual computers and compromised certificates are being exported to sandbox area before removal for analysisThe integrity of public keys must generally be assured in some manner, but need not be secret. Passwords and shared secret keys have the additional secrecy requirement. Public keys can be verified by acertificate authority, whose public key is distributed through a secure channel (for example, with a web browser or OS installation). Public keys can also be verified by aweb of trustthat distributes public keys through a secure channel (for example by face-to-face meetings).

Thank You Sir