Name: J Yeshwanth Gopal

Roll No:1210716114
SEC:C1
Assignment – 3

1. Describe the architecture of IPSec.

Fundamental to the operation of IPsec is the concept of a security policy appliedto each IP
packet that transits from a source to a destination. IPsec policy isdetermined primarily by the
interaction of two databases, the security associationdatabase (SAD) and the security
policy database (SPD).
The Internet Key Exchange (IKE) protocol is used to manage the cryptographic keys used by
hosts for IPsec.

Internet Key Exchange (IKE), defined in RFC 7296, "Internet Key Exchange Protocol
Version 2 (IKEv2)," is a protocol defined to allow hosts to specify which services are to be
incorporated in packets, which cryptographic algorithms will be used to provide those
services, and a mechanism for sharing the keys used with those cryptographic algorithms.

Security Associations
A key concept that appears in both the authentication and confidentiality mechanismsfor IP is
the security association (SA).An association is a one-way logical connectionbetween asender
and a receiver that affords security services to the trafficcarried on it. If a peerrelationship is
needed for two-way secure exchange, then twosecurity associations arerequired. Security
services are afforded to a SA for theuse of AH or ESP, but not both.
A security association is uniquely identified by three parameters.
• Security Parameters Index (SPI): A bit string assigned to this SA and
havinglocalsignificance only.The SPI is carried in AH and ESP headers to enable
thereceiving system to select the SA under which a received packet will beprocessed.
• IP Destination Address: This is the address of the destination endpoint of theSA, which
may be an end-user system or a network system such as a firewall orrouter.
• Security Protocol Identifier: This field from the outer IP header indicateswhether the
association is an AH or ESP security association.
Security Association Database
In each IPsec implementation, there is a nominal2 Security Association Databasethat defines
the parameters associated with each SA. A security association is normallydefined by the
following parameters in an SAD entry.
• Security Parameter Index: A 32-bit value selected by the receiving end of anSA to
uniquely identify the SA. In an SAD entry for an outbound SA, the SPIis used to
construct the packet’s AH or ESP header. In an SAD entry for aninbound SA, the SPI
is used to map traffic to the appropriate SA.
• Sequence Number Counter: A 32-bit value used to generate the SequenceNumber
field in AH or ESP headers, described in Section 19.3 (required for
allimplementations).
• Sequence Counter Overflow: A flag indicating whether overflow of theSequence
Number Counter should generate an auditable event and preventfurther transmission
of packets on this SA (required for all implementations).
• Anti-Replay Window: Used to determine whether an inbound AH or ESPpacket is a
replay, described in Section 19.3 (required for all implementations).
• AH Information: Authentication algorithm, keys, key lifetimes, and
relatedparameters being used with AH (required for AH implementations).
• ESP Information: Encryption and authentication algorithm, keys,
initializationvalues, key lifetimes, and related parameters being used with
ESP(required for ESP implementations).
 • Lifetime of this Security Association: A time interval or byte count afterwhich an
SA must be replaced with a new SA (and new SPI) or terminated,plus an indication of
which of these actions should occur (required for allimplementations).
• IPsec Protocol Mode: Tunnel, transport, or wildcard.
• Path MTU: Any observed path maximum transmission unit (maximum sizeof a
packet that can be transmitted without fragmentation) and agingvariables (required for
allimplementations).

Security Policy Database

The means by which IP traffic is related to specific SAs (or no SA in the case of
trafficallowed to bypass IPsec) is the nominal Security Policy Database (SPD). In its
simplestform,an SPD contains entries, each of which defines a subset of IP traffic andpoints
to an SA for that traffic.
Each SPD entry is defined by a set of IP and upper-layer protocol field values,calledselectors.
The following selectors determine an SPD entry:
• Remote IP Address: This may be a single IP address, an enumerated list or
rangeofaddresses, or a wildcard (mask) address.The latter two are required to
supportmore than one destination system sharing the same SA (e.g., behind a
firewall).
• Local IP Address: This may be a single IP address, an enumerated list or rangeof
addresses, or a wildcard (mask) address. The latter two are required to supportmore
than one source system sharing the same SA (e.g., behind a firewall).
• Next Layer Protocol: The IP protocol header (IPv4, IPv6, or IPv6
Extension)includes a field (Protocol for IPv4, Next Header for IPv6 or IPv6
Extension)that designates the protocol operating over IP. This is an individual
protocolnumber,ANY, or for IPv6 only, OPAQUE. If AH or ESP is used, then this
IPprotocol header immediately precedes the AH or ESP header in the packet.
• Name: A user identifier from the operating system.This is not a field in the IPor
upper-layer headers but is available if IPsec is running on the same operatingsystem
as the user.
• Local and Remote Ports: These may be individual TCP or UDP port values,an
enumerated list of ports, or a wildcard port.
2. What is Transport mode and Tunnel mode?
Ans. TRANSPORT MODE Transport mode provides protection primarily for upper-
layerprotocols. That is, transport mode protection extends to the payload of an IPpacket.1
Examples include a TCP or UDP segment or an ICMP packet, all of whichoperate directly
above IP in a host protocol stack.Typically, transport mode is usedfor end-to-end
communication between two hosts (e.g., a client and a server, or twoworkstations).When a
host runs AH or ESP over IPv4, the payload is the data thatnormally follow the IP header.
For IPv6, the payload is the data that normally followboth the IP header and any IPv6
extensions headers that are present, with thepossible exception of the destination options
header, which may be included inthe protection.ESP in transport mode encrypts and
optionally authenticates the IP payloadbut not the IP header. AH in transport mode
authenticates the IP payload andselected portions of the IP header.
TUNNEL MODE Tunnel mode provides protection to the entire IP packet. Toachieve this,
after the AH or ESP fields are added to the IP packet, the entirepacket plus security fields is
treated as the payload of new outer IP packet with new outer IP header. The entire original,
inner, packet travels through a tunnelfrom one point of an IP network to another; no routers
along the way are able toexamine the inner IP header. Because the original packet
isencapsulated, the new,larger packet may have totally different source and
destinationaddresses, addingto the security.Tunnel mode is used when one or both ends of a
security association(SA) are a security gateway, such as a firewall or router that implements
IPsec.With tunnel mode, a number of hosts on networks behind firewalls may engage
insecure communications without implementing IPsec. The unprotected packetsgenerated by
such hosts are tunneled through external networks by tunnel modeSAs set up by the
IPsecsoftware in the firewall or secure router at the boundary ofthe local network.

3. List out web security threats.

Ans. The below table provides a summary of the types of security threats faced when using
theWeb. One way to group these threats is in terms of passive and active attacks.Passive
attacks include eavesdropping on network traffic between browser andserver and gaining
access to information on a Web site that is supposed to berestricted. Active attacks
includeimpersonating another user, altering messages intransit between client and server, and
altering information on a Web site.
Another way to classify Web security threats is in terms of the location of thethreat:Web
server,Web browser, and network traffic between browser and server.Issues of server and
browser security fall into the category of computer system security;Part Four of this book
addresses the issue of system security in general but isalso applicable to Web system security.
Issues of traffic security fall into the categoryof network security and are addressed in this
chapter.

4. What protocols comprise SSL?

Ans. The SSL Record Protocol provides basic security services to various
higherlayerprotocols. In particular, the Hypertext Transfer Protocol (HTTP), which
providesthe transfer service for Web client/server interaction, can operate on top ofSSL.
Three higher-layer protocols are defined as part of SSL: the HandshakeProtocol, the Change
Cipher Spec Protocol, and the Alert Protocol.
5. Explain in detail S/MIME certification processing.
S/MIME, the acronym of Secure/Multipurpose Internet Mail Extensions, is a universal web
standard defined by the IETF. S/MIME is employed to encrypt MIME data—emails in simple
terms. Initially developed by RSA Data Security, it’s been made a standard by the IETF and
has been defined in many of its documents.
S/MIME, based on Public Key Infrastructure or Asymmetric Encryption, facilitates email
security by virtue of encryption, authentication, and integrity. In other words, it allows you to
digitally sign your emails so that only the intended recipient can see the message and he/she
also gets to know that the email really came from you. While the email is on its way, the
encryption takes care of its integrity as it doesn’t allow an unauthorized third party to
intercept and tamper with the data.
Both of these downsides can be eliminated using an S/MIME (client) certificate. Yes, there’s
a certificate for that. To implement S/MIME, you must install an S/MIME certificate—also
known as “client certificate.” As they work on the principles of public key infrastructure
(PKI), what they do is pretty similar to SSL certificates. The only key difference is that these
certs are installed on clients while SSL/TLS certs are implemented on servers.

How does S/MIME (Client) certificate work?

As we saw earlier, S/MIME certs are based on asymmetric encryption. That’s why they
involve two distinct keys – a public key and a private key. Keep in mind that a public key and
private key come in a pair, one public key can only have one private key and vice versa. This
is because they’re mathematically related to each other, the public key is actually derived
from the privatekey.
While using an S/MIME certificate, a sender sends an email by encrypting it through
recipient’s public key. On the other side, the recipient decrypts the email using the private
key he/she has. There’s no scope for someone else to come in between and see or tamper with
the email as it’s in an encrypted format.
All of this works splendidly as long as the private key isn’t compromised. If it gets
compromised, all the floodgates open up.

6 ) What are the keys used by PGP?

PGP (Pretty Good Privacy) is a public-key encryption program that has become the most
popular standard for email encryption. The "pretty good" bit is meant to be a bit of an ironic
understatement.
In addition to encrypting and decrypting email, PGP is used to sign messages so that the
receiver can verify both the identity of the sender and the integrity of the content.
PGP uses a private-key that must be kept secret and a public-key that sender and receiver
must share.
GPG (Gnu Privacy Guard) is an independent implementation of the OpenPGP standards.
Setting up PGP/GPG will allow you to:
Verify automated messages from Kraken, so that you can be sure they came from us and
haven't been tampered with en route.
Receive encrypted automated emails from us. Some of these emails will contain sensitive
information, such as account recovery instructions, so encryption adds an extra layer of
security.
For a sender and recipient to communicate securely using conventional encryption, they must
agree upon a key and keep it secret between themselves. If they are in different physical
locations, they must trust a courier, the Bat Phone, or some other secure communication
medium to prevent the disclosure of the secret key during transmission. Anyone who
overhears or intercepts the key in transit can later read, modify, and forge all information
encrypted or authenticated with that key.
Public key cryptography
The problems of key distribution are solved by public key cryptography, the concept of
which was introduced by Whitfield Diffie and Martin Hellman in 1975. Public key
cryptography is an asymmetric scheme that uses a pair of keys for encryption:a publickey,
which encrypts data, and a corresponding private, or secret key for decryption. You publish
your public key to the world while keeping your private key secret. Anyone with a copy of
your public key can then encrypt information that only you can read. Even people you have
never met.
It is computationally infeasible to deduce the private key from the public key. Anyone who
has a public key can encrypt information but cannot decrypt it. Only the person who has the
corresponding private key can decrypt the information.

Figure 1-3. Public key encryption

The primary benefit of public key cryptography is that it allows people who have no
preexisting security arrangement to exchange messages securely. The need for sender and
receiver to share secret keys via some secure channel is eliminated; all communications
involve only public keys, and no private key is ever transmitted or shared.
Some examples of public-key cryptosystems are Elgamal (named for its inventor, Taher
Elgamal), RSA (named for its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman),
Diffie-Hellman (named, you guessed it, for its inventors), and DSA, the Digital Signature
Algorithm (invented by David Kravitz).
How PGP works
PGP combines some of the best features of both conventional and public key cryptography.
PGP is a hybrid cryptosystem. When a user encrypts plaintext with PGP, PGP first
compresses the plaintext. PGP then creates a session key, which is a one-time-only secret
key. This key is a random number generated from the random movements of your mouse and
the keystrokes you type. This session key works with a very secure, fast conventional
encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is
encrypted, the session key is then encrypted to the recipient's public key. This public key-
encrypted session key is transmitted along with the ciphertext to the recipient.

Figure 1-4. How PGP encryption works

Decryption works in the reverse. The recipient's copy of PGP uses his or her private key to
recover the temporary session key, which PGP then uses to decrypt the conventionally-
encrypted ciphertext.

Figure 1-5. How PGP decryption works

Keys
A key is a value that works with a cryptographic algorithm to produce a specific ciphertext.
Keys are basically really, really, really big numbers. Key size is measured in bits; the number
representing a 1024-bit key is darn huge. In public key cryptography, the bigger the key, the
more secure the ciphertext.
However, public key size and conventional cryptography's secret key size are totally
unrelated. A conventional 80-bit key has the equivalent strength of a 1024-bit public key. A
conventional 128-bit key is equivalent to a 3000-bit public key. Again, the bigger the key, the
more secure, but the algorithms used for each type of cryptography are very different and
thus comparison is like that of apples to oranges.
While the public and private keys are mathematically related, it's very difficult to derive the
private key given only the public key; however, deriving the private key is always possible
given enough time and computing power. This makes it very important to pick keys of the
right size; large enough to be secure, but small enough to be applied fairly quickly.
Additionally, you need to consider who might be trying to read your files, how determined
they are, how much time they have, and what their resources might be.
Larger keys will be cryptographically secure for a longer period of time. If what you want to
encrypt needs to be hidden for many years, you might want to use a very large key. Of
course, who knows how long it will take to determine your key using tomorrow's faster, more
efficient computers? There was a time when a 56-bit symmetric key was considered
extremely safe.
Keys are stored in encrypted form. PGP stores the keys in two files on your hard disk; one for
public keys and one for private keys. These files are called keyrings. As you use PGP, you
will typically add the public keys of your recipients to your public keyring. Your private keys
are stored on your private keyring. If you lose your private keyring, you will be unable to
decrypt any information encrypted to keys on that ring.