Cryptography and Network Security: A Comprehensive Report
VerifiedAdded on 2025/04/28
|9
|1366
|442
AI Summary
Desklib provides past papers and solved assignments for students. This report explores cryptography and network security.

Cryptography and Security
1
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Task 1...............................................................................................................................................3
Task 2...............................................................................................................................................4
Task 3...............................................................................................................................................5
Task 4...............................................................................................................................................6
Task 5...............................................................................................................................................7
References........................................................................................................................................8
2
Task 1...............................................................................................................................................3
Task 2...............................................................................................................................................4
Task 3...............................................................................................................................................5
Task 4...............................................................................................................................................6
Task 5...............................................................................................................................................7
References........................................................................................................................................8
2

Task 1
In computer, security CIA stands for Confidentiality, Integrity, and Availability. This is also
known as CIA or AIC triad. CIA is designed to implementing policies for computer security of
an organization. The CIA components are the most powerful and crucial three components for
computer security.
Figure 1: CIA Triad
Confidentiality: It is a set of rules for privacy means limits the access for the information. This is
the first components of CIA which are used to prevent unauthorized access to the sensitive and
important information and it is also checked that the right person will get the information
properly. Access can be only for reading the data to some authorized users. It will depend on the
categorization of data and damage types. Data encryption is the most popular and common
method to achieve confidentiality.
Integrity: Integrity has three important aspects consistency, trustworthiness, and accuracy. All
three aspects maintained in the entire life cycle of data. Integrity ensures that data cannot be
changed in between the cycle by an unauthorized person. Integrity is dependent on
Confidentiality and data include cryptographic checksum or checksum for the integrity
verification.
Availability: Availability is maintaining all the hardware and repair it immediately when
required. It provides access control like data should be available for the authorized person. For
providing availability it ensures functionality and updating software, network optimization. In
case of failing in hacking attack, the attacker tries to destroy the availability of data.
3
In computer, security CIA stands for Confidentiality, Integrity, and Availability. This is also
known as CIA or AIC triad. CIA is designed to implementing policies for computer security of
an organization. The CIA components are the most powerful and crucial three components for
computer security.
Figure 1: CIA Triad
Confidentiality: It is a set of rules for privacy means limits the access for the information. This is
the first components of CIA which are used to prevent unauthorized access to the sensitive and
important information and it is also checked that the right person will get the information
properly. Access can be only for reading the data to some authorized users. It will depend on the
categorization of data and damage types. Data encryption is the most popular and common
method to achieve confidentiality.
Integrity: Integrity has three important aspects consistency, trustworthiness, and accuracy. All
three aspects maintained in the entire life cycle of data. Integrity ensures that data cannot be
changed in between the cycle by an unauthorized person. Integrity is dependent on
Confidentiality and data include cryptographic checksum or checksum for the integrity
verification.
Availability: Availability is maintaining all the hardware and repair it immediately when
required. It provides access control like data should be available for the authorized person. For
providing availability it ensures functionality and updating software, network optimization. In
case of failing in hacking attack, the attacker tries to destroy the availability of data.
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

Task 2
While building secure systems the process should be followed by a secure system design which
is made up of best security design decisions or instructions. It means the secure design will end
up to a secure system. So the five design decisions for the secure system are:
Data Controlling: This decision is an important factor for system security design. Data
controlling is mainly used to maintain the integrity of the stored system data. This aspect shows
how the data will be controlled. Authorized persons can alter or control the data to prevent it
from hackers.
Internal System Mechanism: The leakage of the internal data can be responsible for the
breaching the security as the security of a system depends on the internal mechanism of the
system. If an attacker is successful to extract the data, he will know all the security system easily.
Simple or Complex Design: If security design will be simple then it will be very easy to
understand the facts and use them but in disadvantage, hackers can easily breach the simple
system. If design will be complex, then it will be difficult to understand and use but it will be
more secure than others for penetrating.
Fewer Privileges: There should be a small number of authorized users for a system so data will
be more secure and avoid the frequent alteration.
Data Distribution: Data can be centralized where all the data stored in one place or decentralized
where data is distributed. Both can be a good approach for security, depends on the system.
4
While building secure systems the process should be followed by a secure system design which
is made up of best security design decisions or instructions. It means the secure design will end
up to a secure system. So the five design decisions for the secure system are:
Data Controlling: This decision is an important factor for system security design. Data
controlling is mainly used to maintain the integrity of the stored system data. This aspect shows
how the data will be controlled. Authorized persons can alter or control the data to prevent it
from hackers.
Internal System Mechanism: The leakage of the internal data can be responsible for the
breaching the security as the security of a system depends on the internal mechanism of the
system. If an attacker is successful to extract the data, he will know all the security system easily.
Simple or Complex Design: If security design will be simple then it will be very easy to
understand the facts and use them but in disadvantage, hackers can easily breach the simple
system. If design will be complex, then it will be difficult to understand and use but it will be
more secure than others for penetrating.
Fewer Privileges: There should be a small number of authorized users for a system so data will
be more secure and avoid the frequent alteration.
Data Distribution: Data can be centralized where all the data stored in one place or decentralized
where data is distributed. Both can be a good approach for security, depends on the system.
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Task 3
The Substitution-box (S-box) table is given in the assignment.
1) Substitution value of 12
Binary value of digit 12 - 1100
Row Number (The first two digits of binary number) – 11
Column Number (The last two digits of binary number) – 00
Let’s match the row and column numbers from the given table
Substitution of 12 in binary = 0111
Substitution of 12 in decimal = 7
2) Substitution value of 7
Binary value of digit 7 - 0111
Row Number (The first two digits of binary number) – 01
Column Number (The last two digits of binary number) – 11
Let’s match the row and column numbers from the given table
Substitution of 7 in binary = 1011
Substitution of 7 in decimal = 11
3) Substitution value of 2
Binary value of digit 2 - 0010
Row Number (The first two digits of binary number) – 00
Column Number (The last two digits of binary number) – 10
Let’s match the row and column numbers from the given table
Substitution of 2 in binary = 1111
Substitution of 2 in decimal = 15
5
The Substitution-box (S-box) table is given in the assignment.
1) Substitution value of 12
Binary value of digit 12 - 1100
Row Number (The first two digits of binary number) – 11
Column Number (The last two digits of binary number) – 00
Let’s match the row and column numbers from the given table
Substitution of 12 in binary = 0111
Substitution of 12 in decimal = 7
2) Substitution value of 7
Binary value of digit 7 - 0111
Row Number (The first two digits of binary number) – 01
Column Number (The last two digits of binary number) – 11
Let’s match the row and column numbers from the given table
Substitution of 7 in binary = 1011
Substitution of 7 in decimal = 11
3) Substitution value of 2
Binary value of digit 2 - 0010
Row Number (The first two digits of binary number) – 00
Column Number (The last two digits of binary number) – 10
Let’s match the row and column numbers from the given table
Substitution of 2 in binary = 1111
Substitution of 2 in decimal = 15
5

Task 4
Calculating the values of w[4], w[5], w[6] and w[7]:
1) For w[4] value of i = 4
From the key expansion algorithm:
Rot word = cf 4f 3c 09 (cyclic permutation of 8 bytes)
Sub word = 4 8a 84 eb 01 (8 equivalent bytes’ substitution)
w[i-Nk] = 2b 7e 15 16 (sub word and Recon XORed)
w[4] = a0 fa fe 17
2) For w[5] value of i = 5
w[4] = a0 fa fe 17
w[i-Nk] = 28 ae d2 a6
w[5] = 88 54 2c b1
3) For w[6] value for i = 6
w[5] = 88 54 2c b1
w[i-Nk] = ab f7 15 88
w[6] = 23 a3 39 39
4) For w[7] value for i = 7
w[6] = 23 a3 39 39
w[i-Nk] = 09 cf 4f 3c
w[7] = 2a 6c 76 05
6
Calculating the values of w[4], w[5], w[6] and w[7]:
1) For w[4] value of i = 4
From the key expansion algorithm:
Rot word = cf 4f 3c 09 (cyclic permutation of 8 bytes)
Sub word = 4 8a 84 eb 01 (8 equivalent bytes’ substitution)
w[i-Nk] = 2b 7e 15 16 (sub word and Recon XORed)
w[4] = a0 fa fe 17
2) For w[5] value of i = 5
w[4] = a0 fa fe 17
w[i-Nk] = 28 ae d2 a6
w[5] = 88 54 2c b1
3) For w[6] value for i = 6
w[5] = 88 54 2c b1
w[i-Nk] = ab f7 15 88
w[6] = 23 a3 39 39
4) For w[7] value for i = 7
w[6] = 23 a3 39 39
w[i-Nk] = 09 cf 4f 3c
w[7] = 2a 6c 76 05
6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

Task 5
Using the OpenSSL toolkit to generate Digital Certificates.
In information Technology, SSL stands for Secure Socket Layer. OpenSSL tool is the
cryptography tool which includes the Secure Socket Layer and transport layer security network
protocol and the cryptography standards which are required to generate the certificates. This tool
is a pure command line tool and it provides a huge variety of commands and arguments with the
elaborated options. There are three types of digital certificates:
Self-signed Certificate
Server-signed Certificate
Client-signed Certificate
Figure 2: Creating certificate using SSL
There is a list of steps which includes OpenSSL commands, used for generating digital signed
certificates.
1) Private key generation
2) Generating Certificate Signing Request (CSR)
3) Self-Signed Certificate generation
4) Converting the PEM format from CRT format
5) Reporter Configuration for using the private key and server.pem
6) Save all the changes and then restart reporter service
These are the steps for generating signed digital certificate using OpenSSL tool.
7
Using the OpenSSL toolkit to generate Digital Certificates.
In information Technology, SSL stands for Secure Socket Layer. OpenSSL tool is the
cryptography tool which includes the Secure Socket Layer and transport layer security network
protocol and the cryptography standards which are required to generate the certificates. This tool
is a pure command line tool and it provides a huge variety of commands and arguments with the
elaborated options. There are three types of digital certificates:
Self-signed Certificate
Server-signed Certificate
Client-signed Certificate
Figure 2: Creating certificate using SSL
There is a list of steps which includes OpenSSL commands, used for generating digital signed
certificates.
1) Private key generation
2) Generating Certificate Signing Request (CSR)
3) Self-Signed Certificate generation
4) Converting the PEM format from CRT format
5) Reporter Configuration for using the private key and server.pem
6) Save all the changes and then restart reporter service
These are the steps for generating signed digital certificate using OpenSSL tool.
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

References
Banday, M.T., 2018. Applications of Digital Signature Certificates for Online Information
Security. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp.
756-803). IGI Global.
This journal describes the use of digital certificates in the system security. These certificates use
a hash algorithm which creates an encrypted message. This message is created by using the
sender’s private key.
Martinez, H.D., 2018, December. Management of SSL Certificates: Through Dynamic Link
Libraries. In Technology Trends: 4th International Conference, CITT 2018, Babahoyo, Ecuador,
August 29–31, 2018, Revised Selected Papers (Vol. 895, p. 29). Springer.
This journal describes the process of creating dynamic link libraries for SSL certificates because
these libraries work for communication security between client and server. This infrastructure
uses the OpenSSL environment for communication.
Chandrasekar, B., Ramesh, B., Prabhu, V., Sajeev, S., Mohanty, P.K. and Shobha, G., 2017,
March. Development of intelligent digital certificate fuzzing tool. In Proceedings of the 2017
International Conference on Cryptography, Security and Privacy (pp. 126-130). ACM.
In this journal, the author describes the fuzzing which is the process of inserting the invalid and
random inputs into some program. In this, a user interface and user-friendly fuzzing tool are
introduced which is used to generate digital certificates using OpenSSL with user-provided test
cases.
Zheng, Y., Bai, Q., Zhao, L., Chun, H. and Chen, J., 2015, December. Design and
implementation of PKI-based certification authority. In Sixth International Conference on
Electronics and Information Engineering (Vol. 9794, p. 979437). International Society for
Optics and Photonics.
OpenSSL consists of the SSL libraries, command tool and crypto database which is used to
create the digital certificates. This general describes the certificate revocation list which is used
to identify the certificate when it becomes invalid.
Forsby, F., Furuhed, M., Papadimitratos, P. and Raza, S., 2017. Lightweight x. 509 digital
certificates for the internet of things. In Interoperability, Safety and Security in IoT(pp. 123-133).
Springer, Cham.
8
Banday, M.T., 2018. Applications of Digital Signature Certificates for Online Information
Security. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp.
756-803). IGI Global.
This journal describes the use of digital certificates in the system security. These certificates use
a hash algorithm which creates an encrypted message. This message is created by using the
sender’s private key.
Martinez, H.D., 2018, December. Management of SSL Certificates: Through Dynamic Link
Libraries. In Technology Trends: 4th International Conference, CITT 2018, Babahoyo, Ecuador,
August 29–31, 2018, Revised Selected Papers (Vol. 895, p. 29). Springer.
This journal describes the process of creating dynamic link libraries for SSL certificates because
these libraries work for communication security between client and server. This infrastructure
uses the OpenSSL environment for communication.
Chandrasekar, B., Ramesh, B., Prabhu, V., Sajeev, S., Mohanty, P.K. and Shobha, G., 2017,
March. Development of intelligent digital certificate fuzzing tool. In Proceedings of the 2017
International Conference on Cryptography, Security and Privacy (pp. 126-130). ACM.
In this journal, the author describes the fuzzing which is the process of inserting the invalid and
random inputs into some program. In this, a user interface and user-friendly fuzzing tool are
introduced which is used to generate digital certificates using OpenSSL with user-provided test
cases.
Zheng, Y., Bai, Q., Zhao, L., Chun, H. and Chen, J., 2015, December. Design and
implementation of PKI-based certification authority. In Sixth International Conference on
Electronics and Information Engineering (Vol. 9794, p. 979437). International Society for
Optics and Photonics.
OpenSSL consists of the SSL libraries, command tool and crypto database which is used to
create the digital certificates. This general describes the certificate revocation list which is used
to identify the certificate when it becomes invalid.
Forsby, F., Furuhed, M., Papadimitratos, P. and Raza, S., 2017. Lightweight x. 509 digital
certificates for the internet of things. In Interoperability, Safety and Security in IoT(pp. 123-133).
Springer, Cham.
8

The author implements and evaluates the lightweight digital signed certificates for the IOT
devices. For this, the author describes the X.509 profile for IoT devices without breaching
computer security.
9
devices. For this, the author describes the X.509 profile for IoT devices without breaching
computer security.
9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide
1 out of 9
Related Documents

Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.