Scribd
Upload
235 views

Module 16 Assignment

This document contains questions and answers about steganography. 1. Areas of a file system like the directory structure cannot be used to hide data with steganography. 2. The advantages of steganography over encryption include that it is simple, allows encrypting and decrypting own files easily, and prevents widespread compromise if a key is compromised. The disadvantages include the need for a secure channel to exchange keys and not being able to guarantee authenticity of messages. 3. Steganography uses the principle of obscurity by hiding information in a carrier medium like an image, and the five security fundamentals principles that can be found with steganography are layering, limiting, diversity, obscurity

Uploaded by

Ram1z
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
235 views

Module 16 Assignment

This document contains questions and answers about steganography. 1. Areas of a file system like the directory structure cannot be used to hide data with steganography. 2. The advantages of steganography over encryption include that it is simple, allows encrypting and decrypting own files easily, and prevents widespread compromise if a key is compromised. The disadvantages include the need for a secure channel to exchange keys and not being able to guarantee authenticity of messages. 3. Steganography uses the principle of obscurity by hiding information in a carrier medium like an image, and the five security fundamentals principles that can be found with steganography are layering, limiting, diversity, obscurity

Uploaded by

Ram1z
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Questions

1. Which areas of a file cannot be used by steganography to hide data?


2. What are the advantages and disadvantages of using steganography versus symmetric or asymmetric
encryption?
3. Which of the 5 security fundamentals principles for defense can be found using steganography,
4. Explain how each principle is used from questions 3.

Answers

1. In the directory structure of the file system

2. Advantages:Simple: This type of encryption is easy to carry out. All users have to do is specify and
share the secret key and then begin to encrypt and decrypt messages.Encrypt and decrypt your own files: If
you use encryption for messages or files which you alone intend to access, there is no need to create
different keys. Single-key encryption is best for this. Fast: Symmetric key encryption is much faster than
asymmetric key encryption.Uses less computer resources: Single-key encryption does not require a lot of
computer resources when compared to public key encryption.Prevents widespread message security
compromise: A different secret key is used for communication with every different party. If a key is
compromised, only the messages between a particular pair of sender and receiver are affected.
Communication with other people is still secure.Disadvantages:Need for secure channel for secret key
exchange: Sharing the secret key in the beginning is a problem in symmetric key encryption. It has to be
exchanged in a way that ensures it remains secret. Too many keys: A new shared key has to be generated
for communication with every different party. This creates a problem with managing and ensuring the
security of all these keys. Origin and authenticity of message cannot be guaranteed: Since both sender and
receiver use the same key, messages cannot be verified to have come from a particular user. This may be a
problem if there is a dispute.

3. Steganography uses the principle obscurity and is the process of hiding information in some medium.
The medium is known as the carrier. Figure 1 depicts how this works at its most basic level. The carrier is
anything the sender can use to hide the message. The sender follows a process to embed the message in the
carrier in a way that hides its existence.In some cases, the message is encrypted before it is hidden. Because
the carrier does not look like it is carrying a message, the sender can convey it in any unsecured method.
Once the recipient receives the carrier, she reverses the embedding process to extract the message.

4. Layering,Provides the most comprehensive protection. Instead of one security defense you have multiple
defenses.

Limiting is People should only be authorized to the information they need for doing a task. Access must be
restricted to a minimum.

Diversity is Closely related to layering. If you are using layers of security you must use different types of
security for each layer.

Obscurity is Making it more difficult for an outsider to recognize what is going on inside.

Simplicity is Making a security system harder to use and may make the users lazy and create bypasses.
Also if security is complex to set up then it creates more work for the security professional and they may
miss a vulnerability.

You might also like