logo

COIT20262 - Advanced Network Security

Answering questions related to network security, including CSR and certificate files, capture files, hash algorithms, encryption algorithms, key exchange, and security issues with communicating with CA.

7 Pages1530 Words156 Views
   

Added on  2023-03-31

About This Document

This document is the submission for Assignment 2 of COIT20262 - Advanced Network Security. It covers topics such as HTTPS and Certificates, Authentication and Access Control, Firewalls and iptables, and Internet Privacy.

COIT20262 - Advanced Network Security

Answering questions related to network security, including CSR and certificate files, capture files, hash algorithms, encryption algorithms, key exchange, and security issues with communicating with CA.

   Added on 2023-03-31

ShareRelated Documents
COIT20262 Assignment 2 Submission Term 1, 2019
COIT20262 - Advanced Network Security, Term 1, 2019
Assignment 2 Submission
Due date: 5pm Friday 7 June 2019 (Week 12) ASSESSMENT
Weighting: 45%
2Length: N/A
Student Name: enter your name
Student ID: id
Campus: campus
Tutor: tutor
Advanced Network Security Page 1 of 7
COIT20262 - Advanced Network Security_1
COIT20262 Assignment 2 Submission Term 1, 2019
Question 1. HTTPS and Certificates
Part (d)
What hash algorithm is used to generate the certificate
signature?
SHA algorithm is used for
generating the certificate
signature
What encryption algorithm is used to generate the
certificate signature?
The certificate signature file is
generated using the RSA
encryption algorithm
How many bytes is the public key modulus in the
certificate?
The public key modulus in the
certificate is of 2048 bytes
In the TLS cipher suite used between client and server,
what algorithm is used for:
- Encrypting session data?
SSL is used as the key
exchange algorithm in the TLS
cipher suite between client and
server
- Hashing for the MAC? SHA 256 is used for hashing
for MAC
- Key exchange? ECDHE is the key exchange
algorithm
How many bytes of random data are sent from the client
to server at the start of the handshake?
At the start of the handshake
128 bytes of data are sent from
the client to the server
Part (e)
For the process of sending CSR to CA and receiving the certificate back there are certain
security issues because the certificate authority would have the access of the server and it is
based on the trust and relationship with the certificate authority.
When receiving back, the certificate using the communication method man in the middle
attack can cause the certificate being available with the hacker and thus compromising the
security of the web server. The attacker can use the certificate file to forge the identity of the
user and perform illegal activity.
Advanced Network Security Page 2 of 7
COIT20262 - Advanced Network Security_2
COIT20262 Assignment 2 Submission Term 1, 2019
Question 2. Authentication and Access Control
Part (e)
The security and convenience issues of the three different password that is selected by web
developers are given below:
/etc/shadow –
- is used for storing the password details of the user
- It is readable for the root account
- It stores the password in encrypted format
- It can be generated from the passwd file using the command pwconv
- The information changes frequently as it is related to password and password of
the user can be changed frequently.
/etc/passwd –
- is used for storing the details of the user accounts
- It stores the details in readable format for all the users
- It exists by default in the system
- It is static
/etc/groups –
- It is readable top all the users and contains the details of the group
- Commands can be used for changing the membership of the group
- Additional permission can be provided by changing the group membership
Part (f)
For increasing the chances that the user selects a good password a checking is needed to be
done for the minimum characters used for the password and search for letters, digits and a
symbol in the string used as the password. The use of common words is also checked and a
checking is needed to be done for the simultaneous three character in alphabetic order and if
one of the condition matches the password should not be accepted.
Part (g)
In Linux password is stored in the shadow file in encrypted format such that it is not available
to the people trying to break into the system. The user information as well as passwords are
kept in the system file named /etc/passwd where the passwords are stored in encrypted
format.
An encryption key or a randomly generated value between 1 to 4096 is used for encrypting
the original password. A one way hashing functionality is applied for arriving at the encoded
password for storing it in the system file. The key also known as salt is stored with encoded
password and the key cannot be used for decoding encrypted password as the encryption is a
single way.
Advanced Network Security Page 3 of 7
COIT20262 - Advanced Network Security_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Hash Algorithm and Encryption Algorithm for Certificate Signature
|9
|2432
|48

Advanced Network Security : PDF
|10
|1144
|216

COIT20262 Assignment 2 Submission
|6
|821
|58

Advanced Network Security - PDF
|9
|1400
|70

Advanced Network Security: Cryptography, Access Control, Firewalls, and Wireless Network Security
|11
|1783
|206

Advanced Network Security: Cryptography, HTTPS, Access Control, Firewalls, Wireless Security
|10
|1404
|169