Scribd
Upload
15 views6 pages

InSecur Final

The document provides an overview of various cryptographic protocols and concepts, including Kerberos versions, IPsec modes, TLS, and encryption types. It explains the differences between symmetric and asymmetric encryption, as well as hashing functions, and compares security protocols like WEP and WPA2. Additionally, it discusses WiFi security measures and tools for password recovery, highlighting the differences between Hashcat and John the Ripper.

Uploaded by

hamzaafridi1only76
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
15 views6 pages

InSecur Final

The document provides an overview of various cryptographic protocols and concepts, including Kerberos versions, IPsec modes, TLS, and encryption types. It explains the differences between symmetric and asymmetric encryption, as well as hashing functions, and compares security protocols like WEP and WPA2. Additionally, it discusses WiFi security measures and tools for password recovery, highlighting the differences between Hashcat and John the Ripper.

Uploaded by

hamzaafridi1only76
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

1. Kerberos v4 and v5?

 Kerberos v4: Older version of Kerberos. Used for secure authentication


in a network using secret-key cryptography.
 Kerberos v5: Updated version of Kerberos (RFC 1510). It includes
improvements over v4 such as better encryption algorithms, cross-realm
authentication, and more flexibility.

2. AH(Authentication Header) and ESP(Encapsulating Security Payload)?


 AH (Authentication Header): Provides integrity, authentication, and
optional anti-replay protection for IP packets but does not provide
confidentiality (no encryption).
 ESP (Encapsulating Security Payload): Provides confidentiality
(encryption), integrity, authentication, and anti-replay protection.

3. IPsec tunnel mode and transport mode?


 Tunnel mode: Entire IP packet is encrypted and encapsulated with a new
IP header. Commonly used in VPNs to connect networks.
 Transport mode: Only the payload (data) of the IP packet is encrypted.
The original IP header is left intact. Used for end-to-end connections.

4. Kerberos?
 Uses a trusted third-party (Key Distribution Center - KDC) to authenticate
users.
 Based on tickets:
o TGT (Ticket Granting Ticket): Initial ticket.
o Service Tickets: For access to specific services.
 Avoids sending passwords over the network.
 Secure against replay attacks (uses timestamps).
5. TLS (Transport Layer Security)?
 Successor to SSL.
 Provides:
o Encryption: Keeps data confidential.
o Integrity: Detects tampering.
o Authentication: Server (and optionally client) authentication.
 Commonly used in:
o HTTPS (secure web traffic)
o Email encryption (SMTPS, IMAPS)
o VPNs (e.g., OpenVPN)

6. IPsec and what services it provides?


 IPsec: A suite of protocols (AH, ESP, IKE) for securing IP communications.
IPsec services:
 Confidentiality: Encryption of data (ESP).
 Integrity: Data hasn’t been tampered with (AH/ESP).
 Authentication: Validates source (AH/ESP).
 Replay protection: Blocks re-used packets (sequence numbers).
Protocols in IPsec:
 AH, ESP.
 IKE (Internet Key Exchange): Key management.

7. Symmetric and asymmetric encryption?


 Symmetric encryption:
o Same key for encryption and decryption.
o Faster, suitable for large data (e.g., AES, DES, RC4).
 Asymmetric encryption:
o Public/private key pairs.
o Public key for encryption, private key for decryption.
o Slower, used for secure key exchange and digital signatures (e.g.,
RSA, ECC).

8. Hashing function and encryption?


 Hashing:
o One-way.
o Converts input to fixed-size hash value (e.g., SHA-256 output is
256 bits).
o Used in passwords storage, data integrity.
 Encryption:
o Two-way.
o Uses keys to transform plaintext to ciphertext and back.
o Used for secure data transmission.

9. WEP and WPA2?


 WEP:
o Uses RC4 encryption.
o Weak because of short IV (24-bit), predictable keystreams.
o Easily cracked with tools like Aircrack-ng.
 WPA2:
o Uses AES-based CCMP encryption.
o Replaces WEP’s RC4.
o Much more secure, default in modern WiFi.
10. Which cryptographic method uses no key and provides data integrity
only?
 Hashing functions (SHA-1, SHA-256, MD5).
 No encryption keys involved.
 Produces hash for data integrity checking (file verification, password
storage).

11. What is common among HTTPS, SSH, and TLS?


 They all use encryption to secure data in transit:
o HTTPS: Uses TLS to secure HTTP.
o SSH: Secure remote login.
o TLS: Protocol for secure communications.

12. WiFi security?


 Encompasses measures to secure wireless networks:
o Use strong encryption (WPA2 or WPA3)
o Strong passwords
o MAC address filtering
o Hide SSID
o Firmware updates

13. Hashcat software and how it is different from John the Ripper?
 Hashcat: Advanced password recovery tool focused on GPU-based
cracking (high speed, modern hashes).
 John the Ripper: Password cracker that’s more CPU-focused but also has
GPU support (general-purpose cracking).
 Difference: Hashcat is faster on GPUs, supports more hashing
algorithms, and better optimized for modern hardware.
14. What protocol is the following figure depicting? Label each step and
explain the process depicted in each steps?

1. Application Data
o This is the raw data generated by the application (e.g., a web
browser).
2. Fragment
o The large application data is split into manageable blocks
(fragments).
3. Compress
o Each fragment is optionally compressed to reduce size.
4. Add MAC (Message Authentication Code)
o A MAC is computed and appended to the data.
5. Encrypt
o The compressed data + MAC are encrypted using symmetric
encryption (e.g., AES).
6. Append SSL Record Header
o A header is added to the encrypted data.
o The header contains metadata.
-> This marks the final SSL Record, ready for transmission over the network.
15. What algorithm the following pic is depicting? If 10 bit key is
‘1110001110’, Find K1 and K2? P10 is given [3 5 27 4 10 1 9 8 6] and P8 is
[6 3 7 4 8 5 10 9]?

ANSWER:
The image depicts the Simplified DES (Data Encryption Standard) key
generation process. Given the 10-bit key '1110001110', we first apply P10
permutation [3 5 2 7 4 10 1 9 8 6], resulting in '1100111011'. Split into two 5-
bit halves (11001, 11011), left-shift both by 1 (10011, 10111), then apply P8 [6
3 7 4 8 5 10 9] to get K1 = '10101101'. Repeat the shift (left-shift by 2) and P8 to
get K2 = '01011101'.

You might also like