8/7/2019 Amit Fianl Project

1/10

Question no. 1: Provide a critical review of TWO named biometric technologies and devicesthat can be used by SME (Small and Medium Enterprises) for workstation authentication.

[40 marks]

Answer:

The word biometric derived from the Greek word bioswhich means life and metrikoswhich

means measure. Biometric technology is a automated technique, which is used for identifying a

person based on some of his biological characteristics. The biological characteristics evolve as

behavioral characteristic namely voice pattern i.e. distinctive to each person and as fingerprints

also.

The biometric technology also plays a very prominent role for workstations authentication of

small medium enterprises. In small medium enterprises, mostly two technique of biometric are

more appropriate for work station authentication, which are:-

1. Fingerprint technique2. Face recognition

1. Fingerprints technique: - Fingerprint techniques used for the personal identification ofperson, especially this technique have been using for more than 100 years for criminal

investigation. In small medium enterprise as a workstation authentication, fingerprint

technique has gone through distinctive mode, which are as follows:-

a. Digital Scanning Technique: - By making use of software, the imprint of

fingerprint picked up on touchpad, and then it with number of imprint.

b. Laser Technique: - This technique is more reliable because, with the use of laser

we can take fingerprint from different surfaces.

c. Traditional Technique: - In this technique, we use resinous polymer powder that

is used for taking imprint by using oils which are left in hand.

d. Bullet Fingerprint Technique: - its an important technique because even

eradicating fingerprint by any source, probably with the help of this technology

can envisage the fingerprint.

Biometric Fingerprint Matching Structure:

Data Acquisition

Compression

Decompression

Matcher

Decision Maker

Feature Extraction

Biometrics

Database

8/7/2019 Amit Fianl Project

2/10

Fingerprint to Binary Convergent Technique:-

Pre-process Minutiae extraction Template

Enrollment of minutia point 33,11,4,1

25,18,2,0,

18,12,0,1

13,27,2,0

75,4,8,0

10011001

10101001

10010011

11010100

10100110

Fingerprint Structure Design:

Fingerprint is a automatic recognizing verification system which consist of four part:

1. User interface

2. System database

3. Enrollment database

4. Authentication model

The verification model is used to verify the persons identities, who want to logon the system.

For the verification process the individual have to lay his finger on scanner, after putting finger

on scanner, the system lifts the fingerprint of an individual. After taking imprints, the system

matches the minutiae patron by extracting the imprint into minutiae patron in the database the

design.

2. Face Recognition: - Face recognition technique is the most active technique and suitablemethod in the biometric field to identify other people. Face recognition technique scans

the ignorant object which are generally unseen by natural eyes. This technique evolve the

shape of facial characteristics i.e. chin, nose, eyes, lips and eyebrows etc. for the

verification of identity, system breaks image into many component.

Face recognition structure: -

8/7/2019 Amit Fianl Project

3/10

Biometric False Acceptation Rate Method

We can get the acceptation rate through this following formula:

FAR =

1

N

N

n=1

FAR(n)

Where N as average of all FAR

Biometric false Rejection Rate Method

The following way can be used for Rejection Rate:

FRR =

1

N

N

n=1

FRR(n)

Where, N is average ofFRR (n)

Use of Face Recognition Device & Fingerprint for Small medium Enterprise

1. Fingerprint Time attendance system

2. Door entry system

3. ATM machine use

4. Face Scan Time attendance system

8/7/2019 Amit Fianl Project

4/10

5. Banking Industry

6. PC & network access control.

Question No.2: Review the following site: www.nationwide.co.ukfrom a trust perspective. You

do not need to open an account or register simply engage in "shallow navigation" of parts of the

site that are easily accessible by any member of the public. What tangible and intangible methods

does this site use so as to support consumer trust?

Answer:

The www.nationwide.co.ukis the website/web address of nationwide bank. As regards a trust

perspective the webpage of nationwide.co.uk contains all information relating to bank and define

its product and service. The website is providing good satisfaction to customer by giving the

answer of the customer queries.

Trust: As a trust perspective we can say that without trust we cannot make good relationship

with customer without creation of trustee relationship we can deal with customer regarding any

business. The following things may be source of trust: -

1. Image: the information relating to product and services describe the efficiency of company

which build the positive image and establish trust.

2. Physical Thread: the webpage should not contain any fake information which creates

disbelief among parties. Website should not display any threat such as fraud to customertaking contact details & registration number.

3. Ethics: the webpage should follow ethnic identity, rules & regulation relating to banking

transaction should be mention clearly.

4. Law: for the lawfulness, website should give the registration number & FSA registration to

seeking applicant.

The following are the tangible method & intangible method which are used by the bank website

to building customer trust: -

Tangible method:

8/7/2019 Amit Fianl Project

5/10

Home: home button state the overall history of bank which wins the customer loyalty by

explaining its overall history of business.

Image: the images are displaying on the bank website explaining good relation with

bank.

Colour: Colour theme ofwebsite also very charming & attractive.

Logo: Logo is the main element for any company because it describes the mission &vision of the company. The logo of nationwide bank creating trust among its customer

Search tool: Search tool of website is also very frequent. It search website element very

quickly.

Registration Number: the website showing its registration information very clearly

which state that its not a fake also.

B2C: business to consumer matter on website explaining kinship to customer.

Customer Button: describe that how much organization is faithful to its customer andalso responsibility of bank.

Branch link: show the chain of organization and also describe multiple branch &

connectivity with them.

Tangible

MethodHome

Image

Colour

Logo

Search toolRegistrationInformation

B2C

ComplaintButton

Branch link

8/7/2019 Amit Fianl Project

6/10

Intangible Method:

Brand: brand creates the popularity in the market. Brand may be identified by logo & name of

the company.

Attracting Ads: this website, advertising attractive ads such as low interest loan rate, easy

process of loan etc..

Contact details: if someone wants to direct contract with bank for query then he can easilycontact to organization.

Product tools: specified with complete product & service information.

Design: Design & format of presenting way of information is stylish and logical.

Animations: website consist with animations theme explaining specific feature i.e. credit cards.

Question No.3: Provide a critical account of role RSA cryptography in the specific context ofthe SSL/TLS client server protocol (*). How likely is it that an eavesdropper (Eve) can

successfully intercept and decode a secret message exchanged between Alice (an on-line

customer) and Bob (an E-service provider) during an SSL/TLS session using a specially

constructed super-computer or similar device? Assume RSA has been chosen as the cipher by

both Alice and Bob.

Intengible

MethodBrand

AttractingAds

Contectdetails

Producttools

Design

Animations

8/7/2019 Amit Fianl Project

7/10

Answer:

RSA Algorithm

In all of the encryption method the RSA algorithm is different method. For the encryption and

decryption the same key is used by RSA algorithm. These key are divided into two tasks in theRSA algorithm. Initially, RSA algorithm produce digital key in which two huge prime number

exist. After this RSA module break these key again into two huge numbers.

RSA is a part of cryptography method which is used for authentication and encryption. It

develops in 1977.

SSL/TSL protocol with RSA

TSL/SSL protocol with RSA algorithm is trustable algorithm. In RSA algorithm these protocol

apply widely. At the time of connection numerous protocol are used by TSL/SSL protocol. For

encryption algorithm, the TSL/SSL protocol develop standard platform on the internet. CipherSuites are used by these protocols where cipher suites consist of many asymmetrical or

symmetrical keys.

Client Server

Client Hello

ServerHello

*Certificate

*ServerKey Exchange

*Certificate Request

ServerHello Done

*Certificate

Client Key Exchange

*Certificate Verify

[ChangeCipherSpec]

Finished

[ChangeCipherSpec]

Finished

SSL/TLS Handshake

8/7/2019 Amit Fianl Project

8/10

Optional message is evolved by client. Initially client transmit hello message for giving support

to cipher suits. Server setup connection for sending hello message to server. The client

exchanged messages apply by the RSA session with the combination of postmaster-Secret and

encryption value. Cipher-Space is changed by the message sequence and also it finished thesign at the Handshakes end.

Example: Gurpret and Jesus as RSA

Gurpret transfer encrypted message to Jesus. Gurpret create digital signature s reproducing: s

=md mod n. d and n. Gurpret personal key. Jesus transmit M and S to Jesus. To make certainty of

signature Jesus recovered: m=se

mod n, e and n is her public key. But if someone who know the

key then he can easily decrypt the message.

Special Server Hacking

Due to Bad Version Oracle (B.V.O.) the special server hacking takes place of it. In the original

algorithm for covering numerous methods we use SSL/TSL protocol. The speed of 67.7 call per

second attained by Bad Version Oracle for RSA 1024 bit key in the real time hacking.

RSA one way function:

For computing forward direction and inverse direction one way function is a very easy process.

We can explain it with the help of following example. Inverse direction take years where

computation forward direction take few second. Mainly, this function is used by RSA.

Question No. 4: Distinguish between a mono-alphabetic substitution cipher and a poly-

alphabetic substitution cipher. Illustrate your answer with two brief examples (showing that you

understand how to use both methods) using the following plain-text fragment

Answer:

Substitution cipher is a method of cryptography which contain original letter unchanged but

interchange plain text into symbols, letter or number. Here Im discussing about two type of

substitution ciphers which are as follows:-

1. Mono-alphabetic Substitution Cipher

2. Poly-alphabetic Substitution Cipher

8/7/2019 Amit Fianl Project

9/10

Mono-alphabetic Substitution Cipher: - For conceal words of plain text the single cipher

alphabets are used in mono-alphabetic substitution cipher.

Component of mono-alphabetic substitution cipher:-

1.K

ey Phrase Cipher: - it does not include Z & Y. Hence its a 24 letter cipher only,which can be swapped by more than single plain text.

2. Multilateral Forms: - this type of cipher contains two or more letter.

3. Shift Cipher: - it altered to prearranged number into plaintext alphabet. These alphabets

took place for letter which takes three steps with alphabet.

4. Random Substitution Cipher: - Random substitution cipher does not use normal plain

text. It uses random cipher texts which are same to text words.

5. Multilateral variation: - multilateral variation cipher contains lengths of cipher unit

more than one word.

6. Geometric Ciphers: - for replacing words it apply pattern of geographic.

7. Alphanumeric Ciphers: -alphanumeric ciphers change alphabet by applying number.

Poly-alphabetic Substitution Cipher

Poly-alphabetic substitution ciphers also known as multiple substitutions because it applies

many ciphers in replacement alphabet.

Parts of poly-alphabetic substitution cipher

1. Algebraic Ciphers: for text, algebraic ciphers use numerical value.

2. Key Progression: it gives key instruction for improvement of encryption method.

3. Fractionating Ciphers: fractionating ciphers use solo columnar transposition for

modifying Polybius square.

4. Disks: for decryption & encryption with metal disks this method use symbols, alphabets

& numbers.

5. Poly-graphic Ciphers: numerous character can be encrypt in one time by poly-graphic

cipher method.

6. Tableaux: for poly-alphabetic encryption tableaux method use numerous alphabets.

7. Variations of vigeneres table: it is linked with blasie de vigenere.

8/7/2019 Amit Fianl Project

10/10