Scribd
Upload
25 views5 pages

Assignment No.1

The document discusses the differences between Symmetric Key Encryption and Asymmetric Key Encryption, highlighting aspects such as key type, speed, and security. It also provides a practical example of encrypting the plaintext 'HELLO' using the Caesar Cipher with a shift of 3, resulting in 'KHOOR'. Additionally, it defines phishing, ransomware, and denial-of-service attacks, along with real-world examples and countermeasures to protect against these threats.

Uploaded by

Muhammad Muzaib
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
25 views5 pages

Assignment No.1

The document discusses the differences between Symmetric Key Encryption and Asymmetric Key Encryption, highlighting aspects such as key type, speed, and security. It also provides a practical example of encrypting the plaintext 'HELLO' using the Caesar Cipher with a shift of 3, resulting in 'KHOOR'. Additionally, it defines phishing, ransomware, and denial-of-service attacks, along with real-world examples and countermeasures to protect against these threats.

Uploaded by

Muhammad Muzaib
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Assignment No.

1
Subject: Information Security

Submitted By:
Muhammad Muzaib
Roll Number:
Bsf2204232
Submitted To:
Sir Irfan Anwar

University of Education, Faisalabad Campus


Question 1:
a) Explain the difference between Symmetric Key Encryption and
Asymmetric Key Encryption with suitable examples.
Symmetric Key Encryption and Asymmetric Key Encryption are two fundamental types
of encryption methods used to secure data.
Aspect Symmetric Key Encryption Asymmetric Key
Encryption
Key Type Single shared key (same key Key pair: Public key (for
for encryption and encryption) and Private key
decryption). (for decryption).
Key Length Shorter key lengths (e.g., Longer key lengths (e.g.,
128-bit, 256-bit). 2048-bit, 4096-bit) for
equivalent security.
Speed Faster and more efficient for Slower and computationally
encrypting large data. intensive for large data.
Resource Usage Requires fewer computational Requires more computational
resources. resources due to complex
algorithms.
Key Distribution Challenging because the same Easier because only the public
key must be securely shared key needs to be shared; the
between parties. private key remains secret.
Security Secure if the key is kept More secure for key
secret, but vulnerable if the exchange; even if the public
key is compromised. key is known, the private key
remains secure.
Examples of Algorithms AES (Advanced Encryption RSA (Rivest-Shamir-
Standard), DES (Data Adleman), ECC (Elliptic
Encryption Standard), 3DES, Curve Cryptography), DSA
Blowfish. (Digital Signature Algorithm).

Practical Example
Symmetric Key Encryption:

Scenario: Alice wants to send a confidential document to Bob.

Process: Alice uses a secret key to encrypt the document using AES. She sends the
encrypted document to Bob. Bob uses the same secret key to decrypt and read the
document.

Asymmetric Key Encryption:

Scenario: Alice wants to send a confidential document to Bob.


Process: Alice obtains Bob's public key and uses it to encrypt the document using RSA.
She sends the encrypted document to Bob. Bob uses his private key to decrypt and read
the document.

b) Given the plaintext "HELLO", encrypt it using the Caesar Cipher with a shift
of 3. Show all steps clearly.

Step 1: Write the English Alphabet

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Step 2: Shift Each Letter by 3 Positions Forward

 H→K
 E→H
 L→O
 L→O
 O→R

Step 3: Construct the Encrypted Text

The encrypted text for "HELLO" with a shift of 3 is:

KHOOR

✅ Final Answer:

The plaintext "HELLO" becomes "KHOOR" after applying the Caesar Cipher with a shift of 3.

Lett Shift New Encrypted


er Position (+3) Position Letter
7+3=
H 7 K
10
4+3=
E 4 H
7
11 + 3 =
L 11 O
14
11 + 3 =
L 11 O
14
14 + 3 =
O 14 R
17
Question 2:

a) Define Phishing, Ransomware, and Denial-of-Service (DoS) attacks. Provide


real-world examples of each.
1. Phishing:

Definition: Attackers trick users into revealing sensitive information (e.g., passwords, credit card
details) by pretending to be a trusted entity via emails, messages, or fake websites.

Example: The 2017 Google Docs phishing attack stole over 1 million users' credentials by
mimicking a Google login page.

2. Ransomware:

Definition: Malware that encrypts files or locks systems, demanding a ransom (often in
cryptocurrency) to restore access.
Example: The 2017 WannaCry attack encrypted data on 200,000+ computers globally, including
NHS systems, demanding Bitcoin payments.

3. Denial-of-Service (DoS) Attack:

Definition: Overwhelming a system or network with traffic to make it unavailable to users. A


DDoS attack uses multiple systems to amplify the attack.

Example: The 2018 GitHub DDoS attack hit 1.35 terabits per second, disrupting services briefly
before being mitigated.

b) As a security analyst, suggest three countermeasures to protect an


organization from these threats.

1. Countermeasures Against Phishing:

 Employee Training and Awareness: Conduct regular training sessions to help employees
identify phishing emails and suspicious links.
 Email Filtering Systems: Use advanced spam filters and email security solutions to block
phishing attempts.
 Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security,
even if login credentials are compromised.

2. Countermeasures Against Ransomware:

 Regular Data Backups: Maintain secure, offline backups to restore data in case of an
attack.
 Endpoint Protection and Antivirus Software: Install advanced antivirus and anti-malware
solutions to detect and block ransomware.
 Access Control: Limit user access to sensitive data and systems, and use the principle of
least privilege (PoLP).

3. Countermeasures Against Denial-of-Service (DoS) Attacks:

 Network Traffic Monitoring: Use intrusion detection systems (IDS) and firewalls to
monitor and filter malicious traffic.
 Load Balancers and Content Delivery Networks (CDN): Distribute traffic across multiple
servers to prevent overload.
 Rate Limiting and Throttling: Limit the number of requests a user or IP address can send
in a given time period to prevent flooding.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy