Reference no: EM133107816

CO3099 Cryptography and Internet Security - University of Leicester

Assignment - Security Protocol Portfolio

Overview:

In Part 2 of this module, you are learning the concepts of various security protocols and network defence mechanisms. For Assignment 2 of this module, you are required to submit a report of security protocol portfolio. Every week in part 2 contains lab activities based on exploring network packets using the Wireshark tool. You are required to submit a portfolio based on your weekly lab activities supported with empirical analysis of the protocols to derive inference on their security attributes.

Content of the Portfolio:

Your portfolio should comprise the following sections.

• Section 1: TCP Handshake
This is based on the lab activity in week 31. You will have to explain how a TCP handshaking mechanism works, extending on the exchange of messages between the source and destination. You will have to choose and interpret messages that are exchanges on one single TCP handshaking process. Analyse and explain the network parameters such as IP addresses, port numbers, application involved and other TCP related fields and their significance specific to this handshaking process. Briefly present your thoughts on the security aspects in your chosen TCP handshaking process. All your analysis and claims should be empirically supported with relevant screenshots of your analysis in Wireshark, and reference to literature.

• Section 2: SSL/TLS Cipher Suites
This is based on the lab activity in week 32. You will comparatively evaluate the cipher suites on two different versions of SSL proposed by the client when the SSL handshaking process is initiated. You will evaluate the cipher suites proposed in the analysed two versions, and present your security perspectives of the two versions of SSL cipher suites. Further, you will choose a client hello message and identify the corresponding server hello. Identify and present the cipher suite chosen by the server and justify why the server has chosen that cipher suite. Your explanation here should present the security strength of the cipher suite by empirically analysing the security attributes. All your analysis should be supported by screenshots of your analysis in Wireshark, and reference to literature.

• Section 3: Kerberos
This is based on lab activity in week 33. You will identify and explore an authentication request and response message pair and a ticket granting service message pair. You will explain why these messages are exchanged, and explain the transport header information and the information pertinent to the Kerberos protocol focusing on the security features including the algorithms used for security services. You will present your evaluation of the security strength of the protocols used. All your analysis should be supported by screenshots of your analysis in Wireshark, and reference to literature.

• Section 4: DNS Anomalies
This is based on lab activity in week 34. You will explore the DNS protocol, and briefly explain the purpose of DNS protocol and its working mechanism in a general context. You will identify a normal DNS request-response message pair, and explain the protocol operation focusing on the transport layer and DNS fields, and the purpose of that DNS query and how that query is resolved.

Further, you will identify a DNS anomaly, and explain the nature and type of that anomaly and how it is detected based on analysing a request-response pair with anomaly. All your analysis should be supported empirically with screenshots of your analysis in Wireshark, and reference to literature.

• Section 5: References
You are required to do referencing in your report with IEEE referencing format with suitable in-text citations.

Attachment:- Cryptography and Internet Security.rar