HAND IN ASSIGNMENT WEEK7

AnsQ1.

a. Confidentiality and message integrity are two of the three desirables used to achieve message security in a network. Confidentiality is the act of packaging a message for transmission over a network in such a way that it is only understood to the sender and intended recipient(s). The goal of confidentiality is to keep the contents of transient communication temporary or persistently secret except to the sender and the recipient. (Daswani, Kern, & Kesavan, 2007). For instance, a message intended for Amir from Hamza should not be understood by Tommy even if Tommy hears or sees the message. Message integrity on the other hand is the ability of the contents of a message to retain its original meaning or form while on transmission from the sender to the intended recipient. (Kurose & Ross). Essentially, the contents of the message must not be altered maliciously or otherwise. For example, like in the above example, Amir should receive the message the way it was sent from Hamza without any alteration. The goal of Integrity is to prevent unauthorized modification of message. (Cole, Krutz & Conley, 2010).

b. Yes it is possible to have confidentiality without integrity. But it must be understood that already one desirables of security has been eliminated. Therefore, the message cannot be considered secured even if it has reached the intended recipient unaltered. Confidentiality as described above is the act of encrypting messages. Confidentiality could provide message encryption but will not provide hashing and, message verification and validation through the performance of digital signature across the information. It is to be noted however, that though the message has been encrypted and could reach it recipient unaltered, it is also not guaranteed that the message cannot be intercepted by an intruder who has the ability to decrypt the message and alter its contents because it lacks message integrity.

A good analogy of this situation is the scenario of a postmaster who is to deliver a letter well-enveloped and encrypted (confidentiality). If the postmaster chooses to open the envelop, he may not even understand the contents but he could chose to replace the whole letter with another encrypted message and seal the envelop then pass it since the recipient does not have any means of verification and validation. Therefore is possible to have confidentiality without message integrity.

c. On the contrary, it is not possible to have message integrity without confidentiality. For example taken the case of Alice and Bob, if Alice want to send message to Bob and want to achieve message integrity, She will harsh her message then encrypts the resulting digest with Bob’s public key. She will then send the message and the encrypted digest to Bob. From the foregoing, we could see that Alice have to encrypts her message even after hashing the message for integrity

1

AnsQ2

Nonce as defined by Kurose, J & Ross, K (2010) is a number that a protocol uses once in a life time. Once is basically used to defend playback attack which is a situation where intruder will sniff and extended message and play the message at a later time to someone else. When nonce and shared secret is used, the combination formed a successful authentication protocol. (Kurose & Ross, 2010). Therefore, Purpose of the random nonces in the SSL handshake to establish integrity check in the TCP handshake, by defending against connection replay attack such that, an intruder who wants to leverage on playback attack to get integrity check will fail such confirmation. (Kurose & Ross, 2010)

AnsQ3

In enhancing network security or protecting the network, firewalls and application gateways are used extensively. Firewalls (Routers) are more concern with traditional packet level filtering on the basis of the contents of IP addresses, TCP/UDP headers, port numbers and acknowledgement bits. “Application gateway is an application-specific server through which all application inbound and outbound data must pass through” (Kurose & Ross, 2010). Application gateways look beyond the IP/TCP/UDP header and make policy decisions based on application data. Therefore to have a good security level in the network, routers must combine with application gateways since they cannot filter packets beyond the IP header. However, with the help of application gateway, application data are filtered. The combination of the two provide a complete filtering of data packet.

AnsQ4

Monoalphabetic cipher is an improvement on the Caesar cipher which also uses the substitution method of replacing one letter with the other. However, in monoalphabetic method, the substitution does not adopt a regular pattern like Caesar’s cipher rather any letter could be substituted for the other as long as each one of them has a unique substitute and vice versa (Kurose & Rose, 2010).

The encoding of “ I am a student of MSc IT” using monoalphabetic cipher is given as

s mh m iuyvcju kx hib su

The decoding of the message “ s vk jku uasjf ik

I do not think so

2

5. I have problems downloading GPG.

References

Cole, E, Krutz, R and Conley J (2010) Network Security Bible: 2 Edition, Indianapolis, Wiley Publishing.

Daswani, N Kern, C & Kesavan, A (2007) Foundations of Security: What every Programmer Needs to Know: ISBN 978-1-59059-784-2.

Kurose, J. F., & Rose, K.W., (2010) Computer Networking: A Top-Down approach. 5th Edition. Boston: Addison Wesley

3