EXPERIMENT-4

Objective:
Authentication in networking is the process of verifying the identity of a user, device, or
system before granting access to network resources. It ensures that only authorized entities
can access and interact with the network. Authentication is a critical security measure to
protect data and prevent unauthorized access.
Important of Authentication
User authentication is a method that keeps unauthorized users from accessing sensitive
information. For example, User A only has access to relevant information and cannot see
the sensitive information of User B.
Cybercriminals can gain access to a system and steal information when user
authentication is not secure.

Authentication Types:
• Cybercriminals always improve their attacks. As a result, security teams
are facing plenty of authentication-related challenges. This is why companies are
starting to implement more sophisticated incident response strategies, including
authentication as part of the process. The list below reviews some common
authentication methods used to secure modern systems.

1. Password-based authentication
Passwords are the most common methods of authentication. Passwords can be in
the form of a string of letters, numbers, or special characters. To protect yourself
you need to create strong passwords that include a combination of all possible
options.

However, passwords are prone to phishing attacks and bad hygiene that
weakens effectiveness. An average person has about 25 different online accounts, but

Examples:
only 54% of users use different passwords
• Username and Password: The user enters a username (e.g., "user1") and a
password (e.g., "password123"). If both match the credentials stored on the server,
the user is authenticated.
• Web Login: Most websites use password-based authentication when you sign in
using your email and password.

.
2. Multi-factor authentication
Multi-Factor Authentication (MFA) is an authentication method that requires two or more
independent ways to identify a user. Examples include codes generated from the
user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial recognition.

• MFA authentication methods and technologies increase the confidence of users by

adding multiple layers of security. MFA may be a good defense against most
account hacks, but it has its own pitfalls. People may lose their phones or SIM
cards and not be able to generate an authentication code.

Examples:

• Two-Factor Authentication (2FA): In addition to a password, users must provide

a second factor, such as a code sent to their phone (SMS or app-based).
• Google Authenticator: Google’s app generates a time-based, one-time passcode
(TOTP) as the second factor of authentication, providing additional security
beyond just the password.

3. Certificate-based authentication
Certificate-based authentication technologies identify users, machines or devices
by using digital certificates. A digital certificate is an electronic document based
on the idea of a driver’s license or a passport.

• The certificate contains the digital identity of a user including a public key,
and the digital signature of a certification authority. Digital certificates prove
the ownership of a public key and issued only by a certification authority.

Examples:

• SSL/TLS Client Certificates: When accessing a secure website or web

application, a client can present an SSL certificate to authenticate themselves.
• VPN Access: Many Virtual Private Networks (VPNs) use certificates to
authenticate users before granting access to the network.
 •

4. Biometric authentication
Biometric authentication technologies are used by consumers, governments and private
corporations including airports, military bases, and national borders. The technology is
increasingly adopted due to the ability to achieve a high level of security without creating
friction for the user. Common biometric authentication methods include:

Facial recognition—matches the different face characteristics of an individual

trying to gain access to an approved face stored in a database. Face recognition
can be inconsistent when comparing faces at different angles or comparing people
who look similar, like close relatives. Facial liveness like ID R&D’s pass liveness
prevents spoofing.

Fingerprint scanners—match the unique patterns on an individual’s fingerprints.

Some new versions of fingerprint scanners can even assess the vascular patterns in
people’s fingers. Fingerprint scanners are currently the most popular biometric
technology for everyday consumers, despite their frequent inaccuracies. This
popularity can be attributed to iPhones.

Examples:

• Fingerprint Scanning: Used in smartphones and laptops (e.g., Apple’s Touch

ID or Windows Hello).
• Facial Recognition: Used in smartphones (e.g., Apple Face ID), access control
systems, and some banking apps.

Conclusion:

Each authentication technique has its strengths and weaknesses. The best choice
depends on the required security level, ease of use, and available resources. For
example, password-based authentication is simple but vulnerable to attacks, while
MFA and biometric systems are more secure but may require additional hardware
or user inconvenience. Combining several methods (like password + 2FA) can
provide a robust solution for securing sensitive systems.
 Case Study on Network Attacks: Active and Passive Attacks

Introduction

Network security is a crucial aspect of modern cybersecurity, as cyber threats continue to

evolve. Attacks on networks can be broadly categorized into active attacks and passive attacks.
Active attacks involve direct modification, destruction, or disruption of data and services, while
passive attacks focus on eavesdropping or data interception without altering the system. This
case study presents two real-world examples for each type of attack to illustrate their impact
and mitigation strategies.

Case Study 1: Active Attack

Background:

GitHub, a popular code hosting and version control platform, faced one of the largest
Distributed Denial of Service (DDoS) attacks in history in February 2018.

Attack Methodology:

• The attack exploited memcached servers, an open-source memory caching system, to

amplify the traffic directed at GitHub’s servers.

• Attackers sent spoofed requests to publicly accessible memcached servers, which then
responded with large data packets directed at GitHub.

• The attack reached a peak traffic rate of 1.35 terabits per second (Tbps), overwhelming
GitHub’s infrastructure.

Impact:

• GitHub services became temporarily inaccessible.

• The platform experienced downtime and performance issues.

• Users were unable to access repositories, affecting global development operations.

Mitigation Strategies:

• GitHub relied on Akamai’s DDoS mitigation service, which rerouted traffic and
absorbed the malicious requests.

• Network filtering and rate-limiting techniques were deployed to reduce amplification

effects.
• Industry-wide efforts led to securing memcached servers to prevent future abuse.

Devanshu 2201060052
Case Study 2: Active Attack
Background:

In May 2021, Colonial Pipeline, a major fuel supplier in the U.S., was hit by a ransomware
attack by the DarkSide hacking group.
Attack Methodology:

• Attackers infiltrated the network through a compromised VPN account without multi-
factor authentication.

• Ransomware encrypted critical operational data, disrupting pipeline operations.

• The attackers demanded a $4.4 million ransom in Bitcoin to provide a decryption key.

Impact:

• The pipeline supplying nearly 45% of fuel to the U.S. East Coast was shut down.

• Fuel shortages and price hikes occurred in several states.

• The company was forced to pay the ransom to regain access to its systems.
Mitigation Strategies:

• Enhanced multi-factor authentication was implemented to secure remote access.

• Improved network segmentation to isolate critical infrastructure from vulnerable

endpoints.

• Strengthened incident response and disaster recovery plans.

Case Study 3: Passive Attack

Background:
In 2011, a large-scale Man-in-the-Middle (MITM) attack targeted Iranian banking customers,
redirecting their web traffic to malicious servers.

Attack Methodology:
• Attackers exploited SSL certificate vulnerabilities to intercept encrypted banking
transactions.

Devanshu 2201060052
 • A fraudulent DigiNotar digital certificate was issued, allowing attackers to impersonate
banking websites.

• Users’ login credentials and sensitive financial data were stolen without their
knowledge.

Impact:

• Thousands of Iranian banking customers were affected.

• Personal and financial information was compromised.

• DigiNotar, the company responsible for issuing the compromised certificate, was forced
into bankruptcy.

Mitigation Strategies:

• Revocation of fraudulent SSL certificates.

• Adoption of Certificate Transparency (CT) logs to detect anomalies.

• Implementation of end-to-end encryption and improved SSL/TLS security measures.

Case Study 4: Passive Attack

Background:

Marriott International suffered a massive data breach in 2018 due to an undetected

eavesdropping attack on its customer database.

Attack Methodology:
• Hackers gained access to the Starwood guest reservation database in 2014 and remained
undetected for four years.

• Attackers continuously monitored and extracted sensitive guest information, including

passport numbers, credit card details, and personal data of over 500 million customers.

• The breach was only discovered in 2018 when unusual data access patterns were
detected.

Impact:

• Personal and financial data of 500 million customers were exposed.

• Marriott faced legal actions and a $124 million fine for failing to protect customer data.
• The company’s reputation suffered significant damage.

Devanshu 2201060052
Mitigation Strategies:

• Strengthening intrusion detection and monitoring systems.

• Implementing encryption for sensitive customer data.

• Conducting regular security audits and employee training on cybersecurity best

practices.

Conclusion

Active and passive attacks pose significant threats to organizations and individuals. While
active attacks like DDoS and ransomware disrupt services and demand immediate response,
passive attacks like MITM and eavesdropping silently compromise sensitive data over time.
Implementing strong security measures, encryption protocols, multi-factor authentication, and
continuous monitoring can help mitigate these risks and ensure network resilience against
cyber threats.

Devanshu 2201060052
 EXPERIMENT – 2

1. Introduction

In the modern digital landscape, securing sensitive information is of utmost importance. One
widely used approach for ensuring data security is Symmetric Key Encryption. This encryption
technique relies on a single key for both encryption and decryption, making it a fast and
efficient method for securing communications, financial transactions, and IoT applications.

This report provides an overview of symmetric encryption, detailing its functionality, benefits,
challenges, and real-world applications.

2. Understanding Symmetric Key Encryption

The process of symmetric encryption follows a straightforward yet effective approach:

1. Key Generation – A unique secret key (e.g., 128-bit or 256-bit) is generated.

2. Encryption – The sender encrypts the original message (plaintext) using the secret key,
transforming it into unreadable ciphertext.

3. Data Transmission – The encrypted message is transmitted over a network. Even if

intercepted, the data remains inaccessible without the correct key.

4. Decryption – The intended recipient uses the same secret key to decrypt the ciphertext
back into readable plaintext.

Example Scenario:

• A user wants to send a confidential message to another person.

• The sender encrypts the message using a predefined secret key (e.g., "SecureKey789").

• The recipient, possessing the same key, decrypts the message to retrieve its original
content.

3. Key Characteristics of Symmetric Encryption

• Single Key Mechanism – The same key is used for both encryption and decryption.

• High Speed & Efficiency – Performs encryption and decryption quickly, making it
ideal for large datasets.

• Robust Security – As long as the secret key remains confidential, the encrypted data
is secure.
• Widespread Use – Commonly implemented in Wi-Fi security (WPA2), VPNs, and file
encryption applications.

Devanshu 220106052
Challenges:

• Key Distribution Risk – Securely sharing the encryption key between sender and
receiver is difficult. If an unauthorized party gains access to the key, they can decrypt
all messages.

4. Common Symmetric Encryption Algorithms

Security
Algorithm Key Size Common Applications
Level

AES (Advanced 128/192/256- Highly Banking, VPNs, Messaging Apps

Encryption Standard) bit Secure (e.g., WhatsApp)

DES (Data Encryption Weak Older systems (rarely in use

56-bit
Standard) (Outdated) today)

Legacy financial systems,

3DES (Triple DES) 168-bit Moderate
payment processing

Among these, AES encryption is considered the most secure and widely adopted due to its
efficiency and strong cryptographic protection.

5. Practical Applications of Symmetric Encryption

a) Secure Communication (Messaging Apps like WhatsApp, Signal)

• Messages are encrypted using symmetric keys, preventing unauthorized access.

• Only the sender and recipient can decrypt and read the conversation.

b) Wireless Network Security (WPA2/WPA3)

• Uses AES encryption to safeguard Wi-Fi networks from cyber threats.

• Prevents unauthorized users from intercepting network traffic.

c) Online Banking & Financial Transactions

• Sensitive information such as credit card details and banking credentials are encrypted.

• Protects user data from cybercriminals even if intercepted during transmission.

d) IoT Devices & Smart Systems

• Ensures secure communication between smart devices, such as smart locks and
wearable gadgets.

Devanshu 220106052
 • Example: A smart lock system that only grants access to authorized users with a valid
encryption key.

6. Advantages & Limitations

Advantages Limitations

High-speed encryption and

Key distribution remains a challenge
decryption

Requires minimal computational If the encryption key is exposed, all data is

power compromised

Not suitable for digital signatures or public-key

Ideal for large-scale data security
scenarios

7. Conclusion

Symmetric key encryption is a fundamental pillar of modern cybersecurity, offering speed and
reliability in securing digital communication. From messaging applications to banking
transactions, its implementation ensures data privacy and protection. However, the primary
challenge lies in securely distributing the encryption key without the risk of interception.

To further enhance its security, advancements in key management strategies and hybrid
encryption approaches are being explored. Despite its limitations, symmetric encryption
remains a widely trusted method for safeguarding sensitive data in today’s interconnected
world.

Devanshu 220106052
 EXPERIMENT-3

Overview

The Data Encryption Standard (DES) is a symmetric-key cipher that operates on 64-bit data
blocks with a 56-bit key. It utilizes the Feistel network framework, executing 16 rounds of
transformations that include both substitution and permutation steps. Although DES was
widely adopted for securing digital data in the past, its use has declined due to identified
security weaknesses. This experiment demonstrates the encryption and decryption processes
of DES using a randomly created key.
Approach

• An 8-byte key is randomly produced, as DES requires a 56-bit key (with each of the 8
bytes including a parity bit).
• The input plaintext is formatted and padded to ensure its length is a multiple of 8
bytes.
• The DES encryption algorithm is applied to the padded data in Electronic Codebook
(ECB) mode.
• The resulting ciphertext is displayed in hexadecimal for clarity.
• The decryption function is then used to reverse the encryption, recovering the original
plaintext.
• The decrypted output is compared with the initial plaintext to confirm the accuracy of
the process.

Summary

The Data Encryption Standard (DES) was effectively implemented and validated. The
encryption phase successfully converted readable text into a scrambled format, while
decryption precisely reconstructed the original message. This exercise highlights the core
concepts of symmetric encryption while also acknowledging the outdated nature of DES in
modern cryptography.

Security Notes

• DES is considered insecure for modern applications due to its short key length.
• ECB mode (used in this example) has security weaknesses - for real applications,
consider using CBC mode with a random IV.
• In practice, AES should be used instead of DES for better security.
• This implementation uses a well-tested library rather than implementing DES from
scratch, which is safer for production use.

Code:

Devanshu 2201060052
Devanshu 2201060052