CNS

1. Explain the X-509 public key certificate use and formats with various fields.

●​ An X.509 certificate is a digitally signed data structure that binds a user’s

identity to a public key. It is issued and signed by a Certificate Authority (CA).
●​ An unsigned certificate of a user is made by the CA which contains (i)the user’s
ID, (ii)the user’s public key, and (iii)CA information.
●​ The certificate is then signed by computing a hash value of the information and
generating a digital signature using the hash value and the CA’s private key.

●​ Version: Differentiates among successive versions of the certificate format; the

default is version 1.
●​ Serial number: An integer value unique within the issuing CA that is associated
with this certificate.
●​ Signature algorithm identifier: The algorithm used to sign the certificate
together with any associated parameters.
●​ Issuer name: X.500 name of the CA that created and signed this certificate.
●​ Period of validity: Consists of two dates: the first and last on which the certificate
is valid.
 ●​ Subject name: The name of the user to whom this certificate refers.
●​ Subject’s public-key information: The public key of the subject, plus an identifier
of the algorithm for which this key is to be used, together with any associated
parameters.
●​ Issuer unique identifier: An optional-bit string field used to identify uniquely the
issuing CA in the event the X.500 name has been reused for different entities.
●​ Subject unique identifier: An optional-bit string field used to identify uniquely
the subject in the event the X.500 name has been reused for different entities.
●​ Extensions: A set of one or more extension fields.
●​ Signature: Covers all of the other fields of the certificate. One component of this
field is the digital signature applied to the other fields of the certificate. This
field also contains the signature algorithm identifier.

2. Describe the certification path for forward and reverse certificates of X-509.

●​ X.509 uses a hierarchy of Certificate Authorities (CAs). Each CA directory entry

contains two types of certificates:
○​ Forward certificates: Certificates of X generated by other CAs.
○​ Reverse certificates: Certificates generated by X that are the certificates
of other CAs.
●​ Ex: If user A wants B’s trusted public key, user A can retrieve the following
forward certificates in order:
X <<W>> W <<V>> V <<Y>> Y <<Z>> Z <<B>>
●​ When A has obtained these certificates, it can unwrap the certification path in
sequence to recover a trusted copy of B’s public key. Using this public key, A can
send encrypted messages to B.
●​ If A wishes to receive encrypted messages back from B, or to sign messages sent
to B, then B will require A’s public key, which can be obtained using the reverse
certificates:
Z <<Y>> Y <<V>> V <<W>> W <<X>> X <<A>>
 ●​ B can obtain this set of certificates from the directory, or A can provide them as
part of its initial message to B.

3. Illustrate the block diagram of PKIX architectural modal.

●​ End entity: A generic term used to denote end users, devices (e.g., servers,
routers), or any other entity that can be identified in the subject field of a
public-key certificate.
●​ Certification authority (CA): The issuer of certificates and certificate revocation
lists (CRLs).
●​ Registration authority (RA): An optional component that can assume
administrative functions from the CA. The RA is often associated with the end
entity registration process but can assist in other areas as well.
●​ CRL issuer: An optional component that a CA can delegate to publish CRLs.
●​ Repository: A generic term used to denote any method for storing certificates
and CRLs so that they can be retrieved by end entities.
PKIX identifies several management functions that potentially need to be supported by
management protocols.
●​ Registration: This is the process whereby a user first makes themselves known to
a CA (directly or through an RA), prior to that CA issuing a certificate to that
user.
●​ Initialization: Before a client system can operate securely, it is necessary to install
key materials that have the appropriate relationship with keys stored elsewhere
in the infrastructure.
●​ Certification: This is the process in which a CA issues a certificate for a user’s
public key, returns that certificate to the user’s client system, and/or posts that
certificate in a repository.
●​ Key pair recovery: Key pairs can be used to support digital signature creation and
verification, encryption and decryption, or both. When a key pair is used for
encryption/decryption, it is important to provide a mechanism to recover the
necessary decryption keys when normal access to the keying material is no
 longer possible, otherwise it will not be possible to recover the encrypted data.
Loss of access to the decryption key can result from forgotten passwords/PINs,
corrupted disk drives, damage to hardware tokens, and so on. Key pair recovery
allows end entities to restore their encryption/decryption key pair from an
authorized key backup facility
●​ Key pair update: All key pairs need to be updated regularly and new certificates
issued. Update is required when the certificate lifetime expires and as a result of
certificate revocation.
●​ Revocation request: An authorized person advises a CA of an abnormal situation
requiring certificate revocation. Reasons for revocation include private key
compromise, change in affiliation, and name change.
●​ Cross certification: Two CAs exchange information used in establishing a
cross-certificate. A cross-certificate is a certificate issued by one CA to another
CA that contains a CA signature key used for issuing certificates.

4. Describe the Kerberos system with the aid of a diagram.

5. Differentiate between Kerberos 4.0 with Kerberos 5.0.
6. What is S/MIME? Explain the services of S/MIME.
●​ Secure/Multipurpose Internet Mail Extension (S/MIME) is a security enhancement
to the MIME Internet email format standard based on technology from RSA Data
Security.
●​ The services of S/MIME are:
○​ Digital signature:
-​ Typically uses RSA/SHA-256 algorithm
-​ A hash code of a message is created using SHA-256. This message
is encrypted using SHA-256 with the sender’s private key and
included with the message.
○​ Message encryption:
-​ Typically uses AES-128 with CBC algorithm
-​ A message is encrypted using AES-128 with CBC with a one-time
session key generated by the sender. The session key is encrypted
using RSA with the recipient’s public key and included with the
message.
○​ Compression:
-​ A message may be compressed for storage or transmission.
○​ Email compatibility:
-​ Typically uses Radix-64 conversion algorithm
-​ To provide transparency for email applications, an encrypted
message may be converted to an ASCII string using radix-64
conversion.
7. Explain confidentiality and authentication for S/MIME functional flow.
I. Authentication: Authentication is provided by means of a digital signature.
●​ The sender creates a message
●​ SHA-256 is used to generate a 256-bit message digest of the message.
●​ The message digest is encrypted with RSA using the sender’s private key, and
the result is appended to the message. Also appended is identifying information
for the signer, which will enable the receiver to retrieve the signer’s public key.
●​ The receiver uses RSA with the sender’s public key to decrypt and recover the
message digest.
●​ The receiver generates a new message digest for the message and compares it
with the decrypted hash code. If the two match, the message is accepted as
authentic.
II. Confidentiality: S/MIME provides confidentiality by encrypting messages. Most
commonly, AES with a 128-bit key is used with the cipher block chaining (CBC) mode.
The key itself is also encrypted, typically with RSA.
●​ The sender generates a message and a random 128-bit number to be used as a
content-encryption key for this message only.
●​ The message is encrypted using the content-encryption key.
●​ The content-encryption key is encrypted with RSA using the recipient’s public
key and is attached to the message.
●​ The receiver uses RSA with its private key to decrypt and recover the
content-encryption key.
●​ The content-encryption key is used to decrypt the message.

8. Explain the applications and benefits of IP security with IPsec VPN scenario.
Applications: IPsec provides the capability to secure communications across a LAN,
across private and public WANs, and across the Internet.
Ex:
●​ Secure branch office connectivity over the Internet: A company can build a secure
virtual private network over the Internet or over a public WAN. This enables a
business to rely heavily on the Internet and reduce its need for private networks,
saving costs and network management overhead.
●​ Secure remote access over the Internet: An end user whose system is equipped
with IP security protocols can make a local call to an Internet Service Provider
(ISP) and gain secure access to a company network. This reduces the cost of toll
charges for traveling employees and telecommuters.
●​ Establishing extranet and intranet connectivity with partners: IPsec can be used
to secure communication with other organizations, ensuring authentication and
confidentiality and providing a key exchange mechanism.
●​ Enhancing electronic commerce security: Even though some Web and electronic
commerce applications have built-in security protocols, the use of IPsec enhances
that security. IPsec guarantees that all traffic designated by the network
administrator is both encrypted and authenticated, adding an additional layer of
security to whatever is provided at the application layer.
Benefits:
●​ When IPsec is implemented in a firewall or router, it provides strong security
that can be applied to all traffic crossing the perimeter. Traffic within a company
or workgroup does not incur the overhead of security-related processing.
 ●​ IPsec in a firewall is resistant to bypass if all traffic from the outside must use IP
and the firewall is the only means of entrance from the Internet into the
organization.
●​ IPsec is below the transport layer (TCP, UDP) and so is transparent to
applications. There is no need to change software on a user or server system
when IPsec is implemented in the firewall or router. Even if IPsec is implemented
in end systems, upper-layer software is not affected.
●​ IPsec can be transparent to end users. There is no need to train users on security
mechanisms, issue keying material on a per-user basis, or revoke keying material
when users leave the organization.
●​ IPsec can provide security for individual users if needed. This is useful for off site
workers and for setting up a secure virtual subnetwork within an organization for
sensitive applications.

9. Explain the architecture of IPsec architecture.

●​ IPsec policy is determined primarily by the interaction of two databases, the

security association database (SAD) and the security policy database (SPD).
●​ A Security Association (SA) is a one-way logical connection between a sender
and a receiver that affords security services to the traffic carried on it. If a peer
relationship is needed for two-way secure exchange, then two security
associations are required.
●​ A Security Association Database that defines the parameters associated with
each SA. A security association is defined by the following parameters in an SAD
entry:
○​ Security Parameter Index: A 32-bit value selected by the receiving end of
an SA to uniquely identify the SA.
○​ Sequence Number Counter: A 32-bit value used to generate the Sequence
Number field in AH or ESP headers.
○​ Sequence Counter Overflow: A flag indicating whether overflow of the
Sequence Number Counter should generate an auditable event and
prevent further transmission of packets on this SA.
○​ Anti-Replay Window: Used to determine whether an inbound AH or ESP
packet is a replay.
 ○​ AH Information: Authentication algorithm, keys, key lifetimes, and related
parameters being used with AH.
○​ ESP Information: Encryption and authentication algorithm, keys,
initialization values, key lifetimes, and related parameters being used with
ESP.
○​ Lifetime of this Security Association: A time interval after which an SA
must be replaced with a new SA or terminated.
○​ IPsec Protocol Mode: Tunnel, transport, or wildcard.
○​ Path MTU: Any observed path maximum transmission unit.
●​ A Security Policy Database (SPD) contains entries, each of which defines a
subset of IP traffic and points to an SA for that traffic. The following selectors
determine an SPD entry:
○​ Local and Remote IP address: These may be a single IP address, an
enumerated list or range of addresses, or a wildcard address.
○​ Next Layer Protocol: The IP protocol header includes a field that
designates the protocol operating over IP.
○​ Name: A user identifier from the operating system.
○​ Local and Remote Ports: These may be individual TCP or UDP port values,
an enumerated list of ports, or a wildcard port.

10. With a neat diagram, explain ESP packet format.

●​ Security Parameters Index (32 bits): Identifies a security association.

●​ Sequence Number (32 bits): A monotonically increasing counter value.
●​ Payload Data (variable): This is a transport-level segment (transport mode) or IP
packet (tunnel mode) that is protected by encryption.
●​ Padding (0–255 bytes)
●​ Pad Length (8 bits): Indicates the number of pad bytes immediately preceding
this field.
 ●​ Next Header (8 bits): Identifies the type of data contained in the payload data
field by identifying the first header in that payload.
●​ Integrity Check Value (variable): A variable-length field that contains the
Integrity Check Value computed over the ESP packet minus the Authentication
Data field.
●​ Two additional fields may be present in the payload.
●​ An initialization value (IV) is present if this is required by the encryption or
authenticated encryption algorithm used for ESP.
●​ If tunnel mode is being used, then the IPsec implementation may add traffic flow
confidentiality (TFC) padding after the Payload Data and before the Padding
field.

11. Explain the basic combinations of security associations.

12. Describe the fields of Internet Key Exchange (IKE) formats with diagrams.

●​ Initiator SPI (64 bits): A value chosen by the initiator to identify a unique IKE
security association (SA).
●​ Responder SPI (64 bits): A value chosen by the responder to identify a unique
IKE SA.
●​ Next Payload (8 bits): Indicates the type of the first payload in the message;
payloads are discussed in the next subsection.
●​ Major Version (4 bits): Indicates major version of IKE in use.
●​ Minor Version (4 bits): Indicates minor version in use.
●​ Exchange Type (8 bits): Indicates the type of exchange.
●​ Flags (8 bits): Indicates specific options set for this IKE exchange. The initiator bit
indicates whether this packet is sent by the SA initiator. The version bit indicates
whether the transmitter is capable of using a higher major version number than
the one currently indicated. The response bit indicates whether this is a response
to a message containing the same message ID.
●​ Message ID (32 bits): Used to control retransmission of lost packets and
matching of requests and responses.
●​ Length (32 bits): Length of total message (header plus all payloads) in octets.