CRYPTOGRAPHY &

NETWORK SECURITY

Attacks on Computers & Computer Security 2

Cryptography: Concepts & Techniques 17

Symmetric Key Algorithm 45

Asymmetric Key Algorithm, Digital Signature and RSA 60

Internet Security Protocols, user Authentication 80

Electronic Mail Security 101

Firewall 107
 POPULAR PUBLICATIONS

ATTACKS ON COMPUTERS & COMPUTER

SECURITY
Very Short Answer Type guestions

1. If
the principle of to be onsurod the contents of a message
modified while in transit. must not b
WBUT 2009)
a) confidentiality b) authontication c) integrity d) access
Answer: (c) control

2. The ..attack is related to confidentiality

a) interception WBUT 2009]
b) fabrication c) modification
Answer: (a) d) interruption

3. The principle of ensures that only

recipients have access to the contents of a message. the sender and the intendod
a) Confidentiality WBUT 2014]
b) Authentication
c) Integrity
d) Access control
Aaswer: (a)

4. The attack is related to authentication

a) Interception b) Fabrication
WBUT 2014, 2018]
c) Modification d) Interruption
Answer: (b)

5. ensures that a message was

sender and not from an attacker. received by thereceiver from the actual
a) Authentication WBUT 2015]
c) Integration
b) Authorization
d) None of these
Answer: (a)

6. Which of the following a

is passive attack?
a) Masquerade [WBUT 2015]
c) Denial of service b)Replay
Answer: (d) d)Traffic analysis

7. A is used to verify the integrity and

a) Decryption algorithm authenticity of a message
c) MAC b) Message digest [WBUT 2015]
Answer: HMAC d) both (b) and (c)

8. Interception is an
attack on
a) availability b) confidentiality WBUT 2016]
Answer: (b) c) authenticity d) integrity

C&NS-2
 CRYPIOGRAPHY& NETWORK SECURITY

9. If the recipient of message has to be satisfied with the identity of the sende the
principle of comes into picture. [WBUT 2016]
a) confidentiality b) authentication c) integrity d) access control
Answer: (b)
10. The four primary security principles rlated to a mdssage are
[WBUT 2016, 2018]
a)confidentiality, authentication, integrity and non-repudiation
b) confidentiality, access control, non-repudiation and integrity
c) authentication, authorization, non-repudiation and availability
d) availability, access control, authorization and authentication
Answer: (a)
11. In which attack,there is no modification to message contents?
WBUT 2016, 2019]
passive
a) b) active c) both of these d) none of these
Answer: (a)
12. A Worm modify a program. WBUT 2016,20171
a) does not b) does c) may d) may or may not
Answer: (a)
[WBUT 2017]
13. The attack is related to confidentiality.
a) interception b) fabrication c) modification d) interruption
Answer: (a)
14. DOSattacks are caused by WBUT 2017, 2019]
a) authentication b)fabrication c) alteration d) replay attacks
Answer: (b)
15. Interception is an attack on WBUT 2019]
a) availability b) authentication c) confidentiality d) access control
Answer: (c)

16. creates an isolated passage across a public network

as
that enables computing devices to communicate and receive data discreetly
WBUT 2023]
though they were directly linked to the private network.
Answer: Vitual private network

Short Answer Type guestions

1. What is Access Control? How is it different from Availability? WBUT 2008]
Answer: access to areas and
Access control is a system which enables an authority to control
resources in a given physical facility or computer-based information system. An access
seen as the second layer
control system, within the field of physical security, is generally
in the security of a physical structure.

C&NS-3
 POPULAR PUBLICATIONS

Access control is brondiy related to two orcas

Role management: which concentrate on the user sidc(which user can do what)
Rule management: which focus on the rcsources side (which resource
is accessible
and under what circumstances)
Availability is the assurancc that a computer system is accessible by authorized tisers
whenever nceded. Two faccts of availability are typically discussed:
1. Denial of service.
2. Loss of data processing capabilities as a result of natural disasters (e.g., fires, loode
storms, or carthquakes) or human actions (e.g., bombs or strikes).
However, access control signifies control led access to physically available resources 1e
availability of resources are blocked by any of the two mechanisms stated above, then
cannot assure any access control.
'
2. Write down the differences between Active attacks and Passive attacks.
WBUT 2008)
OR,
Explain active attack and passive attack with example. WBUT 2014, 2015]
Answer:
Active Atacks
In an active attack, the attacker tries to bypass or break
into secured systems. This can be
done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to
circumvent or break protection features, to introduce malicious code, and to steal r
modify information. These attacks are mounted against a network
backbone, cxploit
information in transit, electronically penetrate an enclave, or attack an
authorized remote
user during an attempt to connect to an enclave.
Active attacks result in the disclosure or
dissemination of data files, DoS, or modification of data.

Active attacks can be classified into four categories as follows:

Masquerade: In computer terms, 'masquerading' is said to happen when an entity
impersonates another. In such an attack, an unauthorizcd
entity tries to gain more
privileges than it is authorized for. Masquerading is
generally done by using stolen
IDsand passwords, or through bypassing authentication mechanisms.
Replay: This active attack involves capturing a copy message sent by the
of
original sender and retransmitting it later to bring about an the
unauthorized result.
Modification of messages: This attack involves making certain modifications to the
captured message, or delaying or reodering the messages to cause an unauthorized
effect.
Denial of service (DoS): This attack prevents the normal functioning or proper
management of communication facilities. For examle, a
network server can be
overloaded by unwanted packets, thus resulting in performance
degradation. DoS
attacks can interrupt and slow down the services a or
a of network, even completely
jam network.

C&NS-4
 SECURITY
CRYPTOGRAPHY& NETWORK

Passive Attacks
A passive attack monitors unencrvpted trafTic and looks for clear-text passwords and
scnsitive information that can be uscd in other types of attacks. Passive attacks include
trafiic analysis, monitoring of unprotcclcd communications, decrypting weakly encrypted
as passwords. Passive interception
traffic, and capturing authentication information such
see upcoming actions. Passive attacks result
of network opcrations enables adversarics to or
in the disclosure of information or data files to an attacker without the conscnt
knowledge of the user.

Two typcs of passive attacks are:

of passive attack involves (l) capturing the
Release of message contents: This type
or (2) tapping a conversation that is
sensitivc information that is sent via email
conducted over a telephone linc.
an the frequency and length
Tratfic analysis: In this type of attack, intruder observes A passive attacker can
nodes.
of messages being exchanged betwecn communicating
nature of the communication that was
then usc this information for guessing the
taking place.
[WBUT 2014]
3. What is the idea behind man-in-the-middle attack?
OR, [WBUT 2017]
Discuss the man-in-the-middle attack.
Answer: message, an intruder can act in between Aiice and Bob
Suppose Alice sends Bob some message thercby taking control of entire
resembling sender and receiver of original repeated or
or fraudulently
communication that is trarismission is either maliciouslya stream
an attacker copies of messages between
delayed. A replay attack 0ccurs vhen
one or more of the parties.
two parties and replays the strcam to
Man-in-the-middle attack
Original connection

New conncction

Man-in-the middle, phisher

or anonymous proNy

pharming. WBUT 2014, 2017]

4. Distinguish between phishing and WBUT 2014]
phishing?
Why is it easy to fall prey to pharming than

C&NS-5
 POPULAR PUBLICATIONS

Answer:
I" Part: are quite different
Both attacks arc attempts to get user names and passwords, but they
Phishing attacks usually will involve an email hat appears to be from a company with
which we do business prompting us to take action and log in to our account with the lint
provided in the cmail. The Web site we visit is not the real site but a cleverly designed
imposter site that may secm real to us, so we will enter our username and password
which is then captured by the attacker.

2ne Part:
Pharming is different in that it can happen when we arc going to a legitimate Web site
even when we have typed the URL of the Web site oursclves. In a pharming attack. the
criminal "hijacks" the intended site's DNS (domain name system) scrver. The result is
that we are redirected an imposter site that looks like our intended site. Many won't
notice any diflerence, willenter their username and password as usual, and the attacker
captures it.
5. What are the different types of attacks oncomputer and network systems?
WBUT 2014]
Answer:
Active attacks alter the system or network operations
while passive attack gathers
information about the system without altering the system.
Active attack can involve
infecting the system with virus or worms or can span upto
drive. Normally passive attacks remain undetected. deleting the entire hard
Active attack can flood the entire
network with unnecessary packets and can render
it slow while passive attack can
sniff network packets without changing them.
Different types of active attack
includes: masquerade, replay, DOS, DDOS,
can know the presence alteration of message. Passive attackers
of certain. user accounts along with thcir password
active attackers use
these information to render the system useless while
Eavesdropping or sniffing or snooping: Capturing to the owner.
sensitive information like passwords, of. network packets to obtain
plain text messages, other confidential
information.
Spoofing: Act of hiding the original contents
identification in order to bypass of IP, MAC, protocols with false
certain security checks, impersonate
computing system is called spoofing. By another
forging the header so it contains a different
address, an attacker can make
it appear that the packet was sent
machine. The machine that by a different
receives spoofed packets will
forged source address. send a response back to the
Interception: attacker monitors the strcam
and gathers information which can
used to organize the attack later on. In be
this kind of attack the packets intended for the
recipient are captured or altered
by the attacker in the middle
packets. intercepting the

C&NS-6
 CRYYTOGRAPHY &
NEIWORK SECURITY

Modification Attacks: the data packets are modified or altered by the attacker
carn intercept and alter
there is no strong encryption method provided and the attacker
the contents violating the integrity of message.
source of the
Repudiation Attacks: the sender of the message denies that he is the
message. Here the authenticity of the message is violated. Digital signaturcs are used
to prevent these kind of' attack.
Denial-of-Service (DOS) Aacks and Distributcd Denia-of-Servicc (DDOS)
server to flood the network
Attacks: DOS attacks arc organized between clicnt and
requcsts from spoote
witli unnecessary packets. The server is overwhelmed with arc different
addresses and thercby fails to reply scrvices to the original clients. There
catcgories of DOS attacks. Some send 1CMP ccho packets in largc quantity while
are send in large
others send SYN packets for TCP connections. Some IP packets
server fails to reassemble the
numbers so that original packct size eNcccds and
packets.
Back door Attacks: attackers plat root kits or Trojans to take control ofopenthe system
a port
anonymously and without the knowledge of the attacker. They normally
or a service which are later exploitcd.
some message, an
Replay attack or Man-in-the-Middle Attacks: Alice sends Bob
receiver of original
intruder can act in between Alice and Bob resembling sender and is either
message thereby taking control of entire communication that is transmission
or delayed. A rcplay attack occurs when an
maliciously or fraudulcntly repcated
replays the stream tO
attacker copies a stream of messages between two parties and
one or more of the parties. an organization. Normally,
Inside attack takes place from inside of secured perimeters of
resources of the organization. This may include selling of
Insider has more access to any competitor. Also time taken by an
confidential information of an organization to
an outside intruder. Outside attack takes place from
inside attacker is always less than
is less than the previous
remote site or from Internet. Resources gathcred by the attacker
case. Outside attack may bypass firewall and NAT.
WBUT 2016]
6. What is availability?
Answer:
at Authentify is to provide uninterrupted service 24 hours
By means of the term our goal is inevitable, our
per day, 7 days a weck, 365 days a ycar. While system maintenarce
99.9% or better.
service level agreements reflect up-time commitments of
[WBUT 2019]
7.What are Brute force attack and Man-in-the-Middle attack?
Answer:
1" Part:
In cryptography, a brute-force attack,
or exhaustive key search, is a cryptanalytic
any encrypted data (except for data encrypted
attack that can, in theory, be uscd against
in an information-theoretically
secure manner). Such an attack might be used when it is
an encryption system (if any exist)
not possible to take advantage of other weaknesses in
that would make the task casier. It consists of
systematically checking all possible
C&NS-7
 POPULAR PUBLICATIONS

keys passwords until the correct one is found. In the worst casc, this would involve
or

raversing the entire scarch space.

When password gucssing, this method is very fast when used to check
all shor
passwords, but for longer passwords other methods such as the dictionary attack are uscd
because of the time a brute-forcc scarch takes.
When key guessing. the key lengthused in the cipher determines the practical feasibil:..
of performing a brutc-force attack, with longer keys cxponentially more difficult to cra
than shorter ones. A cipher with a key length of N bits can be broken in a worst-case tim
proportional to 2N and an average time of hal f' that.
Brute-force attacks can be made less effective by obfuscating the data to be encod.d
something that makes it more difficult for an attacker to recognize when heshe ha:
cracked the code. One of the measures of the strength of an encryption system is ho
long it would theoretically take an attacker to mount a successful brute-force atael
against it.
Brute-force attacks are an application of brute-force scarch, the general problem-solvine
technique of enumerating all candidates and checking cach one.
The term "brute-force" is not the only term to name such a type of attack. It can also he
called "bruteforce", "brute force" and ijust "brute" (that is common in names of prograrms
that perform brute-force attacks).

2 Part: Refer to Question No. 3 of Short Answer Type Questions.

8. Explain different types of cyber attacks to break network security. WBUT 20231
Answer:
Refer to Questions No. l of
ShortAnswer Type Questions.
9. Explain different security aspect in cryptography. WBUT 2023]
Answer:
Refer to Questions No. 2(a) of LongAnswer Type Questions.

Long Answer Type Questions

1. What is the basic difference between worm and virus? WBUT 2008]
OR,
a
What is worm? What is the difference between Worm and Virus?
[WBUT 2016, 2017, 2019]
Answer:
A computer virus attaches itself to a program or file enabling it to sprcad from one
computer to another, leaving infections as it travels. Like a human
virus, a computer virus
can range in severity: some may cause only mildly
annoying effects while others can
damage your hardware, software or files. Almost all viruses are attached to an
executable
file, which means the virus may exist on your computer but it
actually cannot infect yOur
Computer unless you run or open the malicious program. It is
important to note that
Virus cannot be spread without a human
action, (such as running an infected program) O
C&NS-8
 CRYTOGRAPHY &NETWORK SECURITY

keep it going. Because a virus is spread by human action people will unknowingly
continue the spread of acomputer virus by sharing infecting files or sending emails with
viruses as attachments in the enmail.
A worm is similar lo a virus by design and is considercd to be a sub-class of a virus.
Worns sprcad from computer to computer, but unlike a virus, it has the capability to
travel without any human action. A worm takes advantage of file or information transport
fcatures on your system, which is what allows it to travel unaided.
The biggest danger with a worm is its capability to replicate itsclf on your system, so
rather than your computer sending out a single worm, it could send out hundreds or
thousands of copies of itself, creating a huge devastating effect. One example would be
for a worm to send a copy of itsclf to cveryone listed in your e-mail address book. Then.,
the worm replicates and sends itself out to cveryone listed in cach of the receiver's
address book, and the maniest continucs on down the linc.
Duc to the copying nature of a worm and its capability to travel across networks the end
result in most cases is that the worm consumes too much system memory (or network
bandwidth). causing Web servers, nctwork servers and indiidual computers to stop
responding. In recent wom attacks such as the much-talked-about Blaster Worm, the
wom has been designed to tunnel into your system and allow malicious users to control
your computer remotely.

2. a) What are the key principles of security? WBUT 2014, 2016, 2019]
OR,
Discuss the basic principle of security. [WBUT 2015]
OR,
Discuss about the four basic principles related to the security of a message.
[WBUT 2016]
Answer: to
Confidentiality: Confidentiality refers to prcventing the disclosure of information
unauthorized individuals or systems. Confidentiality is necessary for maintaining the
privacy of the people whose personal information is held in the system.
means maintaining and assuring the
Integrity: In information sccurity, data integrity
accuracy and consistency of data over its entire life-cycle. This means that data cannot be
modified in an unauthorized or undetected manner
purpose, the information must be
Availability: For any information system to serve its
available when it is needed. This means that the computing systems used to store and
process the information, the security controls used to protect it, and the communication
to
channcls used to access it must be functioning correctly. High availability systems aim
remain available at all times, preventing service disruptions due to power outages,
hardware failures, and system upgrades. Ensuring availability also involves preventing
denial-of-service attacks, such as a flood of incoming messages to the targct system
essentially forcing it to shut down.
is necessary to
Authenticity: In computing, e-Business, and information security, it
ensure that the data, transactions, communications or documents (electronic or physical)
are genuine. It is also important for authenticity to validate that both parties involved
are

C&NS-9
 POPULAR PUBLICATIONS

who they claim to be. Somc information security systems incorporate authentication
features such as "digital signatures", which give cvidence that the message data is
proper signing key.
genuine and was sent by someone possessing the
Non-repudiation: In law, non-repudiation inplies onc's intention to fulfill thcir
obligations to a contract. It also implies that onc party of a tansaction cannot deny
having reccived a transaction nor can the other party deny having sent a transaction. It is
not, for instance, suflicient to show that the message matches a digital signature signed
with the sender's private key, and thus only the sender could have sent the message and
nobody cise could have altered it in transit. The alleged sender could in retum
demonstrate that the digital signature algorithm is vulnerable or lawcd, or allege or prove
that his signing key has been compromised. The fault for these violations may or may not
lie with the sender himself, and such assertions may or may not relieve the sender of
liability, but the asscrion would invalidate the claim that the signature necessarily proves
authenticity and integrity and thus prevents repudiation.

b)What are meant by IP sniffing and IP spoofing? WBUT 2014, 2015]

OR,
What is meant by IP shifting and IP spoofing? [WBUT 2019]
Answer:
Sniffing and spoofing are security threats that target the lower layers of the networking
infrastructure supporting applications that use the Internet.
Eavesdropping on cxisting traffic can be called sniffing, for example we can snifT our
own traffic using a network sniffer, WireShark is a good tool for this purpose. WireShark
does not change the packets and only capture them and display them, this is the meaning
of snifing.
Spoofing is the act of hiding the original contents of IP, MAC, protocols with false
identification in order o bypass certain security checks, impersonate another computing
system is called spoofing. By forging the header so it contains a different address, an
attacker can make it appear that the packet was sent by a dfferent machine. The machine
that receives spoofed packets willsend a response back to the forged source address.

3. What is DOS (denial-of-service attack)? [WBUT 2016, 2017, 2019]

Answer:
The denial of service (DoS) has gained a lot of attention in the last few ycars. The basic
purpose of a DoS attack is simply to flood / overhaul a network so as to deny the
authentic users services of the network. A DoS attack can be launched in many ivays. The
end result is the flooding of a network or change in the configuration of routers on the
network.
A typical mechanism to launcha DoS attack is with the help of the SYN rcquests. On the
Internet, a client and a server communicate using the TCP/IP protocol. The technique is
as follows:
() Client sends a SYN request to the server. A SYN request indicates to the server that
the client is requesting for a TCP connection with it.
(ii) The server responds back to the client with an acknowledgement, which is

C&NS-10
 CEYTOGRAPHY NETWORKSECURIIY

Iechnically called as SYN ACK.

(iti) The clicnt is then expected to acknowlcdge
the server's SYN ACK.
Packet snifling is a passive attack on an ongoing conversation. An
not hyack a conservation, but instead, can sirmply
attacker need
observe (i.e. snif) packets 2s
they pasS5 by. Clearly, to prevent an attacker from sniffing packets.
process is called 1P sniffing. The entire
In this technique, an attacker sends packets with an incorrect source
address.
When this happens, the recciver would inadvertently send
replies back to this
forged address (called as spoofed address), and not to the attacker. The cntire
proccss is called IP spoofing.

4. a) Name some viruses & explain working mechanism of those viruses.

b) Explain in detail about various types of attacks. [WBUT 2023]
Answcr:
A virus is a type of malware and all malware are not viruses. Examples of viruses are
Nimda. Trojan, Tinba, SQL Slammer, and crypto locker. Many types of viruses affect the
system namely,
Boot Sector Virs: Boot sector virus enters the system using a USB drive. It is a type of
malware that affects storage sectors containing startup folders. The virus enters the
startup folder and execute during the booting of the operating system by inserting
malicious code. So these viruses run before starting security software like antivirus.
These viruses affect during startup of operating system and damage the system
completely. Operating system like BIOS and UEFIhas preinstalled sccurity against the
boot sector virus.
Examples: Elk Clones, Brain, Stoned, and Parity boot virus.

Parasitic Virus: Parasitic virus attacks the file using the extensions .exe or .com. t
spreads the virus by attaching itself to another program. It is also called a file virus. The
Parasitic virus hides them in a file and runs along with the file. To avoid this virus, users
should avoid clicking unwanted links.
Examples: Virut, sality and vetor.
a
Stealth Virus: Stealth virus is computer viruses that are hidden inside file ain the
operating system. It steals the data, changes the encryption of data, and undergoes self
modification of the code. It is unnoticcable by the users and usually hide in the boot part
scanner software to protect the
of the system. So, it nceds an updated strong antivirus and
system from the stcalth virus.
Example: Brain

Macro Virus: It is a type of virus coded in the macro language. The Macro language is
applications
mainly used for designing software applications. It affects only the softwareuse
virus the same
irrespective of the operating system used. As both software and the
language they enter the application and affect them.
Examples: Melissa Virus and Nuclcar virus.
C&NS-11
 POPULARPUBLICATIONS

Polymorphic Virus: The Polymorphic virus enters the machine via infected systems,
cornupted files, and emails. It affects thec data, and functions and changes the encryption
the data. They have a complex design structure in such way that any protcction
of a

system could not find this virus. They get modified according to the softwarc.
Examplcs: VIRLOCK, VOBFUS, and BAGLE

Source code Virus: The source code of the infected computer gets changed or affected
This type of virus is rare and it is very difficult to remove them when a computer is
affected by it. The causes of source code virus is hijacking the machine and corrupts iL.

Resident Virus: The Resident virus is a type of malware that targets the memory file of
the computer system. I is considered the worst one as they get attached to thc files of
antivirus softwarc and corrupt them too.
Examples: Meve, CMJ and Randex

Tunneling Virus: The Tunneling virus finds that the antivirus is dctecting it as malicious
software. So it enters into the antivirus program, intercepts its function, and thus avoids
running the antivirus software.
Example: Frodo

Multipartite Virus: It is the fastest virus that affects the executables files and system
boot sector simultaneously. It affects multiple parts namely
the memory and the operating
system.
Examples: Invader and Flip

b) o
Refer Questions No. 5 ofShort Answer Type Questions.
5.Discuss security mechanism for a network. (WBUT 2023]
Answer:
Network security is usually based on limiting or blocking operations fromn
remote
systems. The following figure describes the sccurity restrictions you can
that impose on
remote operations.

C&NS-12
 CRYITOGRAPHY & NETWORK SECURITY

The firewall restricts the types

the
Freuall of tenutc operatons that can
a paricular site
systems t are
perform wth systems that
outside the firewall

Can Ilog m?

Depends Remote systems

AuthentKation who arc your" authentication to restrict
JcCess to specfic users

Local system Remote system

Can I copy
that file?

Remote systems usc

authorzation to restrict
Authorization Sure. go authentcated users from
ahead performing operations on
thcir file systems
L.ocal file Remote
system file system

Fig: Security Restrictions for Remote Operations

6. What is Zombie? (WBUT 2023]

Answer:
In computing, a zombie is a computer connected to a network that has been compromised
by a hacker, a virus or a Trojan. It can be used remotely for malicious tasks.
Most owners of zombie computers do not realize that their system is being used in this
way, hence the comparison with the living dead. They are also used in DDoS attacks in
coordination with botncts in a way that resembles the typical zombie attacks of horror
films.

7. Write short notes on the following:

a)Sniffing and spoofing WBUT 2016]
b) Malicious programs [WBUT 2017]
c) IP spoofing and DoS attacks WBUT 2017]
d) Principles of security with example [MODEL QUESTIONJ
e) DNS spoofing [MODEL QUESTIONJ
Answer:
a) Saiffing and spoofing:
Refer to Question No. 2(b) of Long Answer Type Questions.

C&NS-13
POPULAR PUBLICATIONS

b) Malicious programs:
Malware, shorn for malicious sofiware, is an umbrella ferm used to refer to a varicty
of
forms of hostile or intrusive sofware. including computer viruses, worms,
Trojan
hoses, ransom warc, spyware, adware, scare ware, and other malicious programs. It can
take the fom of code, seripts, active content, and other software. Malware is defined b
its malicious intent, acting against the requirements of the computer user - and so does
not incude software that causes unintentional harn due to some deficiency. ProgramE
supplicd officially by companies can be considered malware if they secretly act agains
the interests of the computer uscr. An example is the Sony rootkit, a Trojan horse
embedded into CDs sold by Sony, which silently installed and concealed itself om
purchasers' computers with the intention of preventing illicit copying: it also reported on
Users' listening habits, and unintentionally created vulnerabilities that were exploitéd by
unrelated malware. Software such as anti-virus and firewalls are used to protect against
activity identified as malicious, and to recover from attacks. Thc best-known types of
malware, viruses and worms, are known for the manner in which they spread, rather than
any specific types of behavior. The term computer virus is used for a program
that
embeds itself in some other executable software (including the operating systemn itself) on
the target system without the.user's consent and when that is run causes the virus to
spread to other executables. On the other hand, a worm is a starnd-alone malware program
that actively transmits itself over a network to infect other computers. These definitions
lead to the observation that a virus requires the user to run an
infected program or
operating system for the virus to spread, whereasa worm spreads itself.

c) IP spoofing and DoS attacks:

IP Spoofing is a technique used to gain unauthorized access to
machines, whereby an
attacker illicitly impersonate another machine by manipulating IP packets. IP
Spoofing
involves modifying the packet header with a forged (spoofed) source IP
address, a
checksum, and the order value. Internet is a packet switched network, which causes
the
packets leaving one machine may be arriving at the destination machine in different
order. The receiving machine resembles the message based on the order value embedded
in the IP header. IP spoofing involves solving
order sent values, and to modify them correctly.
the algorithm that is used to select the

2nd part: Refer to Question No. 3 of Long Answer Type Questions.

d) Principles of Security:
Let us assume that person A
wants to send a check worth S 100 to another person B.
normally, what are the a factors that A and B will think of, in such a case? A will write
the check for $ 100, put it inside an envelopc, and send it to B.
A will like to ensure that no one except B gets the envelope, and even someone
if
cisc gets it, she does not come to know about the details of the check. This is the
principle of confidentiality.
and B will further like to make sure that no one can tamper with the contents
A

of the check (such as its amount, date, signature, name of the payee, etc.). This is
C&NS-14
 SECURITY
CRYTOGRAPHY& NETWORK

the principle of intcgrity.

B would like to be assured that the check has indced come from A, and not from
SOMCone else psing as (as it could be a fake check in that casc). This is the
A

principle of authentication.
What will happen tonnorrow if B deposits the check in her account, the money 1s
transfered from A's account to B's account. and then A refuses having
writtcnsent the check? The court of law will use A's signature to disallow A to
refute this claim, and sctle the dispute. This is the principle of non-nepudiation.
access control and
These are the four chief principlcs of security. Therc arc two more,
a messagc, but are linked to the overall
availability, which arc not related to particular
sVstem as a whole.

c)DNS spoofing:
that can force victims to
DNS spoofing is another one of thc man-in-the-middle attacks
a one.
navigate to a fake website purporting to be real
information to a victim in response to
DNS spoofing is based on presenting fake DNS one.
request and, as a result, forcing them to visit a site which is not the real
their DNS is
suppose the user requests the IP address of mail.yahoo.com, which
As an example, query before
to XX.XX.XX.XX. But the attacker would respond to the DNS
supposed be system
response arrives with a spoofed address of YY.YY.YY.YY. The user's
the actual is
a connection rcquest to YY.YY.YY.YY, thinking that mail.yahoo.com
will make site
the user is routed to a complctely diferent
located at that IP address. So effectively,
from the one-which he
or she originally intended to visit.
a
communication occurs when the system requests the IP of particular
Normal DNS of that website. The
server responds back with the actual IP address response. With
website and the DNS the IP address it received as a
system then connects to the website through response that
intercepts the DNS requcst and sends out a
DNS sp0ofing, the attacker a spoofed IP address.
doesn't contain the actual lP actual, but

spoofing: secure
To secure yourself from DNS systems in the internal LAN must be kept
systems: the
Secure your internal security patches from the different vendos.
Without this
latest will be
and updated with the one the systems in the internal LAN
a chance of systems,
protection, there is DNS spoofing attacks on other LAN
compromised and stait launching
infections.
further increasing the
intrusion prevention systems are
detection systems and
Deploy IDS/IPS: intrusion inside the
attacks, so they need to be deployed
spoofing
capable of handling DNS network.
as well as on the perimeter of the
network

C&NS-15
POPULAR PUBLICATIONS

DNSSEC: DNSSEC is
a very sccurc technology that can be used to allo.
on DNSservers. Through DNSSEC
.
digitally signed DNS records to be published
servers from
can also prevent bogus zone transfers and hcnce prevent DNS geting
infected themselves.

C&NS-16
 CRYPTOGRAPHY & NETWORK SECURITY

CRYPTOGRAPHY: CONCEPTS &

TECHNIQUES
Very Short Answer Type Questions
1. The matrix theory is used in the technique. WBUT 2008, 2017]
a) Hill Cipher b) Playfair Cipher
c) Mono-alphabetic Cipher d) Vigenere Cipher
Answer:(b)

2. Homophonic Substitution Cipher is ... ....

to break as compared to Mono
[WBUT 2008]
alphabetic Cipher.
a) easier b) the same c) difficult d) easier or same
Answer: (c)

3. Symmetric key cryptography is .asymmetric key cryptography.

[WBUT 2009, 2018]
a) always slower than b) of the same speed as
c) faster than d) usually slower than
Answer: (c)
B must not know
4. and B want to communicate securely with each other, WBUT 2009, 2018]
If A
a) A's private key b) A's public key
c) B's private key d) B's public key
Answer: (a)
WBUT 2010, 20171
5. Caesar Cipher is an example of
a) Substitution Cipher
b) Transposition Cipher
c) Substitution as well as Transposition Cipher
d) None of these
Answer: (a)
of plain text. [WBUT 2010]
6. Name the concept that increases the redundancy
b) Diffusion
a) Confusion
d) None of these
c) Both (a) and (b)
Answer: (b)
[WBUT 2011, 20171
7. Cryptanalyst is a person who
a) devises cryptographic solutions
solutions
b) attempts to break cryptographic
c) both of these
Answer: (c)

C&NS-17
 POPULAR PUBLICATIONS

as columns is as [WBUT 2014]

8.
The process of toxt as rows and reading it
writing
b) Ceaser Cipher
a) Vornam Ciphor
d) Homophonic:Substitution Cipher
c) Columnar Transposition Cipher
Answer: (c)
key is used for encryption WBUT 2015]
9. In public-key cryptography,
b) private c) both (a) and (b) d) shared
a) public
Answer: (a)

10. is based on the idea of hiding the rolationship between the cipherteyt
and the key WBUT 2015]
a) Diffusion b) Confusion
c) Both (a) and (b) d) None of these
Answer: (a)

11. Which of the following is a monoalphabetic cipher? WBUT 2015)

a) Caesar cipher b) Autokey cipher
c) Vigenere cipher d) All of these
Answer: (a)

12. In polyalphabetic cipher, the characters in plaintext have a relationship

with the characters in ciphertext [WBUT 2015]
a) one-to-one b) one-to-many c) many-to-one d) many-to-many
Answer: (a)

13. Conversion of cipher text into plain text is called as WBUT 2016, 2018]
a) encryption b) decryption c) cryptography d)cryptanalyst
Answer: (b)
14. In substitution cipher, which of the following happens? (WBUT 2016]
a) characters are replaced by other characters
b) rows are replaced by columns
c) columns are replaced by columns
d) none of these
Answer: (a)

15. Vernam cipher is also called WBUT 2017, 2018]

a) rail-fence technique b) one-time pad
c) book cipher d) running-key cipher
Answer: (b)

16. Book Cipher is also called as

WBUT 2017]
a) Rail Fence Technique b) One-time pad
c) Mono -alphabetic Cipher d) Running Key Cipher
Answer: (d)

C&NS-I8
 CRYPTOGRAPHY&NETWORK SECURITY

17. Transposition cipher involves [WBUT 2u18]

a) replacement of blocks of text with other blocks
b) replacement of characters of text with other characters
c) strictly row-to-column replacement
d) some permutation on the input text to produce cipher text
Answer: (a)

18. The process of writing the toxt as diagonals and roading it as

sequence of rows
[WBUT 2018]
is called as
a) Rail Fence Technique b) Caesar Cipher
c) Mono-alphabetic cipher d) Homophonic substitution cipher
Answer: (a)
WBUT 2019]
19. Redundancy of plain text increases by
a) Confusion b) Diffusion
c) Both confusion and diffusion d) None of these
Answer: (b)
(WBUT 2019]
20. Which of the following is a monoalphabetic cipher?
a) vigenere cipher b) ceaser cipher
c) autokey cipher d) all of these
Answer: (b)
WBUT 2023]
21. measures can help reduce the risk of data leakage?
Answer: Steganography
offers a procedure that wraps the protected information
22. Asymmetric encryption (WBUT 2023]
in package(s).
Answcr: Two
message integrity. [WBUT 2023]
use algorithm in order to provide
23. SSL
Answer: SHA

Short Answer Type Questions

[WBUT 2014]
1. Distinguish between linear
and differential cryptanalysis.
Answer: advantage of high probability occurrences of lincar
Lincar cryptanalysis tries to
take we shall use bits from the
plaintext bits, "ciphertext" bits (actually
expressions involving It is a known plaintext attack: that is, it. is
subkey bits.
2nd last round output), and on a set of plaintexts and the
corresponding
on theattacker having information (and
premised
attacker has no way to select which plaintexts
ciphertexts. However, the are scenarios it is
available. In many applications and
corresponding ciphertexts) knowledge of a random set of plaintexts and
attacker has
reasonable to assume that the
the corresponding.
C&NS-19
 POPULARPUBLICATIONS
attackee
is usually a choscn plaintcxt attack, meaning that the
Differential cryptanalysis some sct of plaintexts of his choosino
must be able to obtain encrypted ciphertexts for 21" chosen
scheme can successfully cryptanalyze DES with an cffort on the order
The a known plaintext or even a
plaintexts. There are, however, extensions that would allow
attack. The basic method uses pairs of plaintext related by a constant
ciphertext-only
ways, but the cxclusive OR (XOR)
diflerence, difference can bec defincd in several
of the corresponding
operation is usual. The attacker then computes the differences
The resulting pair of
ciphertexts, hoping to detect statistical pattems in their distribution.
upon the nature of
differences is called a differential. Thcir statistical properties depend
Ay), where A,
the S-boxes used for encryption, so the attacker analyses difierentials (A,
= SX (XOR) A) (XOR)SA (for each such S-bOx S. In the basic attack, onc particular
can be
ciphertext difterence is expectcd to be especially frecquent; in this way, the cipher
distinguished from random. More sophisticated variations allow the key to be recovered
faster than cxhaustive search.

2. How does digital envelope exploit the advantages of the both symmetric and
asymmetric key cryptography? [WBUT 2014]
Answer:
Two primary kinds of encryption are symmetric key and asymmetric key. Symmetric key
encryption uses the same key to encrypt and to decrypt. Asymmetric key encryption
creates the key in two complementary pieces, Iike the two pieces of a raggedly tom dollar
bil. One picce is the public key, because no security is lost by publishing it for anyone to
know, and the other is thie private key, because you mustguard it from discovery. If we
encrypt with a given public key, somcone can decrypt only with the corresponding
private key; no other key, including the public key used to encrypt the information, can
successfully decrypt it. That simple difference in key use is he most significant
breakthrough in security technology in 2000 years.

3. Is itpossible to combine symmetric key and asymmetric key cryptography so

that better of the two can be combined? [WBUT 2014]
Answer:
Asymmetric encryption is typically 1000 times slower than symmetric encryption,
and
the encrypted data it creates is several times larger. One can avoid these limitations by
generating a random symmetric key, and using it to encrypt the bulk of the data. The
trick
is to encrypt the random key using asymmetric encryption with the recipient's
public key,
and then add it to the encrypted document. The recipient can
retrieve the encrypled
symmetric key, decrypt it using his or her private key, and then use to
it decrypt the
remainder of the document. This technique is commonly
used; two exampics are SSL
(which negotiates a symmetric session key for each interaction)
and the Windows
Encrypting File System (which generates a random symmetric
key for each file it
encrypts).

C&NS-20
 CRYPTOGRAPHY & NETWORK SECURITY

4. Explain Vernam cipher. [WBUT 2014, 2015, 2018]

Answer:
A Vernam cipher is a symmetrical stream cipher in which the plaintext is XORed witn a
random or pseudorandom strcam of data (the "keystream") of the same length to generate
once. this is effectively a
the ciphcrtext. If the keystream is truly tandom and used only
one-time pad. Substituting pseudorandom data generated by a cryptographically sccure
a
pscudo-random number gencrator is a common and effective construction for stream
cipher. RC4 is an cxample of a Vernam cipher that is widcly used on the Internct.
are the
5. What is the difference between block cipher and stream cipher? What
Different modes of block cipher operation? Explain any one of them. [WBUT 2014]
Answer:
1" Part:
Although both stream ciplers and block ciphers belong to the family of symmetric
encrypt fixed iength
encryption ciphers, there are some key differences. Block ciphers a cipher
blocks of bits, while stream ciphers combine plain-text bits with pseudorandom same
use the
bits strcam using XoR operation. Even though block ciphers on the state of the
transformation, stream ciphers use varying transformations bascd
ciphers. In terms of hardware
engine. Stream ciphers usually execute faster than block
ciphers are the typica!
complexity, stream ciphers are relatively less complex. Stream
quantities (for
prefercnce over block ciphers when the plain-text is available in varying
e.g. a secure wifi connection), because block ciphers cannot
operate directly on blocks
stream ciphers and
shorter than the block size. But sometimes, the difference between
reason is that, when using certain modes of operation,
block ciphers is not very clear. The
to encrypt the smallest
a block cipher can be used to act as a stream cipher by allowing it
unit of data available.

2nd Part: Refer to Question No. 1(a) ofLong Answer Type Questions.
to computationally secure?
6. When an encryption algorithm is said be WBUT 2014, 2018]

Answer: computationally secure if

The encryptionalgorithm is said to be
1. The cost of breaking the cipher.exceeds the
value of the encrypted information
2. The time required to break the cipher
exceeds the useful time of the information.
[WBUT 2015]
7. Distinguish between substitution and transposition cipher.
OR,
and transposition cipher?
What is the difference between substitution cipher [WBUT 20171

Answer: are two categories of ciphers used in classical

Substitution and transposition ciphers message are
and transposition differ in how chunks of the
cryptography. Substitution
handled by the encryption process.
C&NS-21
 POPULARPUBLICATIONS

Substitution ciphers onc piece at a time.

Substitution ciphers encrypt plaintext by changing the plaintext
In the Caesar Cipher, cach charaes:
The Cacsar Cipher was an carly substitution cipher.
B bccomes E, ctc...
is shifted threc places up. Thereforc, A becomes D and
This table shows "VOYAGER" being encrypted with the Caesar substitution cipher:
13

ROT13

Plaintext |O Y |<|#|a|
A G E R
Key +3 +3 +3 +3 +3 +3 +3
Ciphertext Y R B D H U

A more complex substitution cipher would be created if, instead

of incrementing cach
character by three, we used a more complex key. This table shows a simple substitution
cipher with a key of "123".

|Plaintext A
B|C DEFG
|H|I J K|L|M
|Key |T OE|UNZIJA
NOP QRs TIUV|W|XY |Z
|GXP QY RHVS MDFCJ WB|K|L|
Using this substitution cipher to encrypt VOYAGER would give us
these results:
Plaintext A oGlx R
Ciphertext H K T X N M

The Vernam Cipher, or one time pad, is a simple substitution cipher

where the key length
equals the message length.
ROT-1 isa simple substitution cipher used to
encode messages on Usene.

Transpositionciphers
Transposition ciphers encrypt plaintext by moving small pieces
of the message around.
Anagrams are a primitive transposition cipher.
This table shows "VOYAGER" being encrypted
with a primitive transposition cipher
where every two letters are switched with each other:

o
VA
YAGER
YEGR R

C&NS-22
 CRYPTOGRAPHY &
NETWORK SECURITY

8. What is mon0-alphabetic cipher? How is it different from

Caesar cipher?
[WBUT 2017]
Answer:
In cryptography, a substitution cipher is a method
are replaced with cipher text, according to a of encoding by which units of plaintext
tixed system. Mono-alphabetic cipher is alsO
called sinple substitution cipher. A mono-alphabetic cipler uses fixed substitution over
the entirc message. It relics on a fixcd replacement structure. That is, the substitution is
fixcd for cach letter of the alphabet. That is, if"a" is encrypted to
"R" then every time we
see "a" in plain text then wc replace it with
"R" in the cipher text.
The Cacsar cipher uses a simple shilt to deternninc the encrypted text.
IT you use a lett shilt
of 3. you get a cipher that looks like
Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW
So. any X in the encrypted string would be an A when decrypted, Y is B, etc.
A substitution cipher is a more generic form where instances of one value are always
replaced with instances of another value. Fr example, all X's are replaced with Q's.
The Caesar cipher is a specific type of substitution cipher, but not all substitution ciphers
are Caesar ciphers.

9. Whatis private key cryptosystem? WBUT 2017]

Answer:
A cryptosystem is an implementation of cryptographic techniques and their
accompanying infrastructure to provide information security services. A cryptosystem is
also referred to as a cipher system. Private Key cryptosystem is the one where private key
encryption is used. It is also refcrred as asymmetric key cryptosystem. The encryption
process where different kcys are used for encrypting and decrypting the information is
known as Asymmetric Key Encrypion. Though the keys are different. they are
mathematically related and hence, retrieving the plaintext by decrypting cipher text is
come over the
feasible. Asymmetric Key Encryption was invented in the 20" century to
necessity of pre-shared secret key between communicating persons.
[WBUT 2018]
10. Illustrate the application areas of Public-Key Cryptosystems?
Answer:
Applications of PKC
a number of applications and systems software.
Public Key Cryptosystem is used in
Some examples of application are:
Digitally signcd document
as
E-mailencryption software such PGP and MIME
RFC 316l authenticated timestamps
such as Ubuntu, Red Hat
Digital signatures in the Operating System software
Linux packages distribution
SSL protocol
SSH protocol

C&NS-23
 POPULAR PUBLICATIONS

11. What are the roles of the public and private key? wBUT2018]
Answer:
A
user's private key is kept private and known only to the user. The user's public
key
ihis
made available to others to use. The private key can be used
to encrypt
can be verified by anyone with thc public key. Or the public key can
a signature
be used to encrypt
information that can only be decrypted by the possessor of the private key

12. Define cryptography.

WBUT 2023]
Answer:
Cryptography: Cryptography is the study of algorithms to encode plain text. It ie
characterizcd by:
type of encryption operations used: substitution /transposition product
/
number of keys used : single-key or secret-key vs. two-key or public-key
way in which plaintext is processed :
block /stream
Cryptanalysis: the study of principles/ methods of deciphering
ciphertext without
knowing key
Block cipher: Encrypts a block of plaintext at a
time (typically 64 or 128 bits)
Stream cipher: encrypts data one bit or one byte at a
time
Substitution: replacing each element
kind of mapping from a known set
of the plaintext with another element. It is a
of
plain text encrypted. There are two kinds
alphabets to another known sct rendering the
of substitution Cacsar substitution one time
pad substitution and another is poly-alphabetic
substitution.
Transposition: It is the mcthod by which
the letters arc rearranged to produce
different words wvith same alphabcts. It
is also called permutation. Plain text or
key can be used in permutation. the
Product cipher: using multiple stages substitutions
of and transpositions.
Symmetric and asymmetric cipher: When same
key is used to encrypt and decrypt
the message it is called symmetric cipher,
otherwise it is asymmetric cipher.
Public and private key: In asymmetric
cryptography, two different types keys are
used for encryption and decryption. Alice
sends a message to Bob over anof
system by using Bob's key. This unsecurcd
key as known to cverybody it is called
Bob receives the message, only he can decrypt public key. When
it using another key. This key is known to
Bob only. This is private key. If anybody
else is listening to conversation
Bob it is made sure that no one else
other than Bob can decrypt it.
of Alice and
13. Compare stream cipher with
block cipher with proper example. [WBUT 2023]
Answer:
Refer to Questions No. 5 of ShortAnswer Type Questions.
14. Define cryptanalysis?
Answer: WBUT 2023]
Refer to Questions No. 12 of ShortAnswer Type Questions.

C&NS-24
 CRYPTOGRAPHY &
NEIWORK SECURITY

15. Define the following terms

cryptography,
stream cipher, transposition and substitution, cryptanalysis, block cipher an0
key, symmetric and asymmetric cipher. product cipher, public and private
(MODEL QUESTIONJ
Answer:
Refer to Questions No. 12 of Short Answer Type
Questions.
16. Explain with example the relationship between key size and key range.
[MODEL QUESTIONJ
Answer:
The relationship betwecn key size (in bits), time of decryption, number
of alternative
keys are tabulated below.
Key Size Number ofTimc requircd at 1|Time requircd at
(bits) |Alternative Keys ldecryption/us 10 decryptions/uS
32 2** =4.3 12*" us = 35.8 minutes
10 2.15 milliseconds
S6 |20 =7.2 106 = ||42 years 10.01 hours
128 |22 =3.4 ' 10'h LS .4 10* years 5.4' 10" years
168 -3.7 100 |20' us =$.910 years |5.9 10
years
= 4
|26 characters|26! 10* 10 years
|2
10us =6.4' 10: ycars 6.4
(permutation)

17. What do you mean by encryption and decryption? (MODEL QUESTION]

Answer:
The process by which a plain text message is converted to a
cipher text is called
encryption whereas the reverse process is termed as decryption.

18. What are the different cryptanalysis attack? [MODEL QUESTION]

Answer:
Cryptanalysis is the method of obtaining the plain text or the key from encrypted
message. There are different types of cryptanalysis attack.
ciphertext only: only know algorithm / ciphertext, statistical, can identify plaintext
known plaintcxt: know/suspect plaintext & ciphertext to attack cipher
chosen plaintext: select plaintcxt and obtain ciphertext to attack cipher
chosen ciplhertext: select ciphertext and obtain plaintext to attack cipher
chosen text: selcct cither plaintext or ciphertext to en/decrypt to attack cipher

19. What is the difference between unconditionally secure and computationally

secure ? (MODEL QUESTION]
Answer:
A cipher is unconditionally secure if it is secure no matter how much resourccs (ime,
space) the attacker has, that is because the amount of data in cipher text is insufficient.
All the ciphers we have examincd are not unconditionally secure. A cipher is
so much
computationally secure if the best algorithn for breaking it will require
resources (e.g., 1000 years) that practically the cryptosystem is secure.

C&NS-25
 POPULARPUBLICATIONS

20. What are symmetric cipher and asymmetric cipher? [MODEL

QUESTION
Answer:
Symmetric cipher:
In a symmetric ciplher, both partiesmust use the same key
for cncryption and decryption.
This mcans that the cncryption key must be shared betwcen the two parties
messages can be decryptcd. Symmctric systems are also before any
known as shared Sccrct
or private key systems. systems
Symmetric ciphers are significantly faster than
asymmetric ciphcrs, but the rcquiremente
for key exchange make them dificult to usc.

Asymmetriccipher:
In an asymmetric cipher, the encryption key and
the decryption keys are separate.
In an asymmetric system, cach person has two
keys. One key, the public key, is shared
publicly. The sccond key, the private key, should never
be shared with anyone. When you
send a message using asymmetric cryptography, you
encrypt the message using the
recipients public key.
The recipient then decrypts the message
using his private key.
That is why the system is called asymmetric.

21. What are the drawbacks

of symmetric cipher? (MODEL QUESTION]
Answer:
Drawbacks of symmetric cipher arc:
Key distributivn
As the keys at both the side should be samc,
it
media for exchanging the key is compromised, necds to be exchanged first. So if the
it becomes a disaster.
Compromised KDC
If we are using a key distribution center (KDC) to
is compromised it also becomes a limítation. exchange the keys and the KDC itsclf

Randonn number generation

We use random numbers for the generation
Onc problem with this random of cipher text in the transformation function.
number generator is that the numbers
be perfectly random. So there is a possibility gencrated will not
that it can be guessed.
Placement of encryptionfunction
If the encryption function is not properly placed it can lead to lcakage of data.
22. What are the problems
with exchanging of public keys?
Answer: (MODEL QUESTION]
The key exchange problem is how to cxchange
needed so that no one else can obtain acopy. whatever keys or other information are
Historically, this required trusted couriers,
diplomatic bags, or some other secure
channel. With the advent of public key private
key cipher algorithms, the encrypting
key (aka public key) could be made
public, since
C&NS-26
 CRYI'TOGRAPHY &
NETWORK SECURITY

(at lcast for high quality algorithms) Ino one without the decrypting kcy (aka, the private
key) could decrypt the message.

23. "Symmetric key cryptography is fastor than Asymmetric key cryptography"'

QUESTIONJ
Justify. (MODEL
Answer:
to
Synmetric key encryption is much faster than public key cncryption, often by 100 on
a
1,000 imes, Because public key encryption places much heavier computational load
computcr procesSors than symmctric key encryption, symmetric key technology is
generally used toprovide secrecy for the bulk cncryption and decryption of informatíon.

24. a) What are the problems associated with symrmetric-key encryption?

b) How those problems can besolved using asymmetric-key encryption?
(MODEL QUESTION]
Answer:
a) One big issue with using symmetric algorithms is thc key exchange problem. The
a
other main issue is the problem of trust between two parties that share sccret symmetric
key. Problems of trust may be encountered when encryption is used for authentication
and integrity checking.

b) Asymmetric key can be used to verify the identity of the other communicating party.
Asymmetric algorithms encrypt and decrypt with different keys. Data is encrypted with a
are much
public key, and decrypted with a private key. Generally, symmetric algorithms
ones. In practice they are often used
faster to exccute on a computer than asymmetric a randomly generated
together, so that a public-key algorithm is used to cncrypt
message using a
encryption key, and the random key is used to encrypt the actual
symmetric algorithm. This is sometimes called hybrid encryption.

25. What is key wrapping? How it is useful? [MODEL QUESTION]

Answer:
1" Part:
Key Wrap constructions are a class of symmetric cncryption algorithms are
designed to
intended
encapsulate (encrypt) cryptographic key material. The Key Wrap algorithms
for applications such as (a) protecting keys while in untrusted
storage, or (b) transmitting
are typically built from
keys over untrusted communications networks. The constructions
standard primitives such as block ciphers and cryptographic hash functions.

Key Wrap may be considered as a form of key encapsulation algorithm, although

it

should not be confused with the more commonly knownasymmetric (public-key) key
can be used in a
encapsulation algorithms (e.g., PSEC-KEM). Key Wrap algorithms
similar application:to securely transport asession key by encrypting under a long-term
it
encryption key.

C&NS-27
 POPULAR PUBLICATIONS

2nd Part:
This applies to mee
Key wrapping is uscd in pure symnctric cncryption scenarios.
applications using password based cncryption.

One role of key management is to ensure that the same key used in cncrypting a message
by a sender is the same key used to decrypt the message by the intended recciver. Thus, if
Terry and Pat wish to exchange encrypted messages, cach must be cquipped to decrypt
reccived messages and to encrypt sent messagcs. If they use a cipher, they will need
appropriate keys. The problem is lhow to exchange whatever keys or other information
are necded so that no one else can obtain acopy.

One solution is to protect the session key with a special purpose long-term usc key called
a key encrypting key (KEK). KEKs are used as part of key distribution or key exchange.
The process of using a KEK to protect session keys is called key wrapping. Key
Wrapping uses symmetric ciphers lo securely encrypt (thus encapsulating) a plaintext key
along wilh any associated integrity information and data. One application for key
Wrapping is protecting session keys in untrusted storage or when sending over an
untrusted transport. Key wrapping or encapsulation using a KEK can be acconmplished
using cither symmetric or asymmetric ciphers. If the cipher is åsymmetric KEK, both the
sender and the receiver will nced a copy of the same key. If using an asymmetric cipher.,
with publichprivate key properties, to encapsulate a session key both the sender and the
receiver will need the other's public key.

Long Answer Type Questions

1. a) What is Algorithm mode? WBUT 2010, 2015]
Describe Cipher Block Chaining (CBC) mode. [WBUT 2010, 2015, 2016, 2018]
b) Explain the differences between asymmetric and symmetric key cryptographies.
[WBUT 2010, 2014, 2015, 2019]
OR,
What is the difference between symmetric key encryption and asymmetric key
encryption? [WBUT 2016]
Answer:
a) 1" Part:
An algorithm mode is a series of a basic algorithm steps ofblock cipher and some kind of
feedback from the precious step.
There are for important algorithm modes,
Electronic code book (ECB,
Cipher block chaining (CBC),
Cipher fecdback (CFB),
Output feedback (OFB).

C&NS-28
 CRYrTOGRAPHY &
NETWORK SECURITY

2d Part:
In the cipher-block chaining (CBC) mode, each block of plaintext is XORed with the
previous cipher text block before being encrypted. This way, each cipher text block is
depcndent on all plaintext blocks proccssed up to that point. Also, to make each message
uniquc, an initialization vector nmust be used in the first block.
CBC has becn the most conmmonly used mode of operation. Its main drawbacks are that
encryption is sequential (i.c., it cannot be parallclized), and that the message must be
padded toa multiple ofthe ciplher block size. Onc way to handle this last issuc is through
the method known as cipher lest stcaling.
Note that a one-bit change in a plaintext affects all following cipher text blocks. A
plaintext can be recovered from just two adjacent blocks of cipher text. As a
consequence, decryption can be parallclized, and a one-bit change to the cipher text
causes conmplete coruption of the corresponding block of plaintext, and inverts the
corresponding bit in the following block of plaintext.
Plaintext Plaintext Plaintext

Intalizaton Vector (IV)

Block cipher
Block cipher Block cipher Key
Key Key cncryption
cncryption cncryplion

Ciphertext Ciphertext CiphertexI

Cipher Block Chaining (CBC) mode encryption

Ciphertext Ciphertext Ciphertext

Block cipher Block cipher

Block cipher Key Key
Key decryption decryption decryption

Initialvation Vector (IV)

T1
Plaintext Plaintext
Plaintext
Cipher Block Chaining (CBC) mode decryption

Key Cryplography
b) Table: Symmetric versus Asymmetric
Symmetric key cryptography Asymmetric key cryptography
Characteristic used for encryption and
1. Key used for Same key is used for encryption One key
another, different key is used for
encryption/ |and decryption.
decryption.
decryption Slower.
|2. Speed of encryption/ Very fast.
decryption.

C&NS-29
 POPULAR PUBLICATIONS

Asymmetric key cryptography

Characteristic |Symmetric key cryptography clear
resulting|Usually same as or less than the More than the original
3. Size of
original clear text size. size.
encrypled text
Key agrcciment| A big problem. |No problem at all.
lexchange square of the Same as thc number of participante
5 Number of keys Equals about the so so scales up quit well.
required as compared tonumber of participants,
|the number of participants scalability is an issuc.
in the message exchange.
6. Usage. Mainly for encryption and Can be used for encryption and
|decryption (confidentiality).Jdecryption (confidentiality) as wel
signatures (integrity and non- as for digital signatures (integrity
repudiation checks). and non-rcpudiation checks).

2. a) Explain the diffusion.property and confusion property for evaluation of a

block cipher.
b) Explain the difference modes of a block cipher and mention the merits and
demerits of each one of them. wBUT 2011]
Answer:
a) Every block cipher involves a transfornation of a block of plaintext into a block of
ciphertext, where the transformation depends on the key.
The mechanism of diffusion seeks to make the statistical relationship betwecn
the
plaintext and ciphertext as complex as possible in order to thwart attempts to
deducc the
key.

b)The various modes are ECB, CBC, CFB, OFB and CTR
which are cxplained below:
Electronic Codebook Book (ECB)
message is broken into independent
blocks which are encrypted.
each block is a value which is substituted, like a
codebook, hence name.
cach block is encoded independently the
of other blocks
Ci= DESKI(Pi)
uses: secure transmission
of single values
Advantages and Limitations of ECB
repetitions in message may show in ciphertext
if aligned with message block
particularly with data such graphics
ur with messages that
change very little, which become a
problem code-book analysis
weakness due to encrypted message
blocks being independent
main use is sending a few blocks data.
of
Ciplher Block Chaining (CBC)
message is broken into blocks
but these are linked together
in the encryption operation

C&NS-30
 SRYPTQGRAPHY &
NETWORK SECURITY
cach previous ciplhcr blocks is chained
use Initial Vector with current plaintext block, hence namc
(|V) to start process
Ci= DESKI(P XOR Ci-1)
C-l = |V
uses: bulk data cncryption,
nuthentication
Advantnges and Limitations CBC
of
cach ciphertext block depends on
all message blocks
thus a clhange in the message atccts all
as the original block ciphcrtest blocks after the change as well
nced Initial Value (IV)known to
sender & receiver
however if IV is sent in the clcar. an attacker can
and change IV to compensate change bits of the first block,
hence cither IV must be a fixed value (as
in EFTPOS) or it must bc sent
cncrypted in ECB mode before rest message
at end of message, handle possible
of
last short block
by padding cither with known non-data valuc
(e.g. nulls)
or pad last block with count
c.g. [bl b2 b3 0 0 of pad size
00S]<-3 data bytes, then 5 bytes padtcount.
Ciplher FeedBack (CFB)
message is treated as a stream bits
of
added to the output of the block ciphcr
result is fecdback for ncxt stage (hence name)
standard allows any number of bit (1,8 or 64 or whatcver) to be fecd back
denoted CFB-1, CFB-8, CFB-64 etc
is most efficicnt to use all 64 bits (CFB-64)
Ci= Pi XOR DESKI(Ci-1)
C-l = |V
uses: strcam data encryption, authentication.
Advantages and Limitations of CFB
appropriate when data arrives in bits/bytes
Imost common stream mode
limitation is nccd to stallwhile do block encryption after every n-bits
note that he block cipher is uscd in encryption mode at both cnds
crrors propagate for several blocks after the error.

Output FeedBack (OFB)

message is trcated as a strcam of bits
outpt of cipher is added to message
output is then feedback (hence name)
feedback is indepcndent of message
can be computed in advance
C&NS-31
POPULAR PUBLICATIONS

Ci Pi XOR Oi

Oi= DESK 1(0i-1)

O-| =|V
uses: stream encryption over noisy channcls.
Advantages and Limitations of OFB
L
used when eror fcedback a problem or where necd to encryptions before
message is available
superficially similar to CFB
but feedback is from the output of cipher and is indepcndent of message
a variation of a Vernam cipher
hence must never reuse the same sequcnce (key+|V)
sender and receiver must remain in sync, and some recovery method is needed to
ensure this occurs
originally specified with m-bit feedback in the standards
subsequent research has shown that only OFB-64 should ever be used
Counter (CTR)
similar to OFB but encrypts counter value rather than any feedback value
must have a different key & counter value for every plaintext block (never
reused)
Ci=Pi XOR Oi
Oi = DESKI(()
uses: high-speed network encryptions.
Advantages and Limitations of CTR
efficiency
can do parallel encryptions
in advance of need
good for bursty high speed links
random access to encrypted data blocks
provable security (good as other modes)
but must ensure never reuse key/counter values, otherwise could break.
3. a) What would be the transformation of a message "Happy birthday to you"
using Rail Fence technique? [WBUT 2014]
Answer:
H y
b h
d 0
So the transformed message is - Hyt yoa pbr hat yup ido

b) For a Vernam Cipher do the following: [WBUT 2014)

i) Using pad "TZQ" encode "ARE"
ii) Using pad "ARX" decode "YFR"

C&NS-32
 CRYPTOGRAPHY &
NETWORK SECURITY

Answer:
Consider the following table:
Letter Bit sequence Letter Bit sequence
A 00000 10000
B 00001 R 10001
C 00010 S 10010
D (0001| T 10011
00100 10100
00101 V 10101
G 00110 W 10110
H 00111 X 10111
01000 11000
01001 11001
K 01010 11010
01011 1
11011
M 01100 2 1]100
01101 3 11101
01110 4 11110
p 01111 11111

i)
A- 00000 R-10001 E- 00100
T- 10011 Z- 11001 Q- 10000
XOR

T- 10011 [- 01000 U- 10100

Sothe cipher text will be TIU

ii)
Y- 11000 F- 0010I R- 10001
A- 00000 R- 10001 X- 10111
XOR

Y- 11000 U- 10100 G- 00110

So the plain text will be YUG

in the location of
4. a) Explain link encryption and end to end encryption
[WBUT 20171
encryption devices.
Answer: as a system for secure transfer of
End-to-end encryption, sometimes abbreviated E2EE, is
at points, no matter how
information where data is encrypted and decrypted only the end
is a
many points it touches in the middle of its virtual jourmey. This type of encryption
encryption differs from end-to
great way to provide secure, private communication. Link
all traffic at every point,
cnd encryption mainly in the fact that it encrypts and decrypts
C&NS-33
 POPULAR PUBLIGATIONS

not just at the end points. With this approach, al data is in an encrypted state while it
travcls on its communication path. However, when it reaches a router or another
intermediate device, it gets decrypted so that the intermediator knows which way to
send it next. In end-to-end encryption the encrypting deviccs are at the two end points
whereas in link encryption the encrypting devices are at every point.

b) For a Vernam Cipher do the following: WBUT 20171

i) Using pad "ARE" encode "TZP"
i) Using pad "ARX" decode "YFR".
Answer:
Consider the following table:
Letter Bit sequence Letter Bit sequence
A 00000 Q I0000
B 00001 R 10001
00010 10010
D 00011 10011
00100 10100
00101 10101
00110 W 10110
00111 10111
01000 Y 11000
01001 11001
K 01010 11010
01011 I1011
M 01100 2 I1100
N 01101 3 11101
01110 4
P 11111

i)
A- 00000 R-10001 E- 00100
T- 10011 Z- 11001 P- 011|1
XOR

T- 100!I - 01000 L-01011

So the cipher text willbe TIL

ii)
Y- I1000 F-00101 R- 1000I
A-00000 R- 10001 X- 10111
XOR

Y- 11000 U- 10100 G-
00110
So the plain text will be YUG

C&NS-34
 SRYPTOGRAPHY &NETWORK SECURITY

5. Write short notes

on the following:
a)Publlc key infrastructure [WBUT 2015]
b)Ono-Time pad [WBUT 2016]
c) Cryptanalysis WBUT 2018]
Answer:
a)Public key infrastructure:
A public key infrastructure (PKI) supports the distribution and identification of public
encryption keys, cnabling uscrs and computers to both sccurcly exchange data over
networks such as the Internet andverify the identity of
theother party.
Without PKI, sensitive information can still be encrypted (ensuring confidentiality) and
exchangcd, but there would be no assurance of the identity (authentication) of the other
party. Any form of sensitive data exchanged over the Internct is reliant on PKI for
security.

Elements of PKI
A typical PKI consists of hardware, software, policies and standards to manage the
creation, administration, distribution and revocation of keys and digital certificates.
Digital certificates are at the heart of PKIl as they affirm the identity of the certificate
subject and bind that identity to the public key containcd in the certificate.
A
typical PKI includes the following key elements:
A trusted party, called a certificate authority (CA), acts as the root of trust and
provides services that authenticate the identity of individuals, computers and
other entities
A
registration authority, often called a subordinate CA, certified by a root CA
to issue certificates for specific uses permitted by the root
A certificate database, which stores certificate rcquests and issues and revokes
certificates
A certificate storc, which resides on a local computer as a place to store issued
certificates and private keys
A
CA issues digital certificates to entities and individuals after verifying their identity. lt
signs these certificates using its private key; its public key is made available to all
interested parties in a self-signed CA certificate. CAs uses this trusted root certificate to
so they
create a "chain of trust" - many root certificates are embeddcd in Web browsers
have built-in trust of those CAs. Web servers, email clients, smartphones and many other
types of hardware and software also support PKI and contain trusted root certificates
from the major CAs.
information
Along yith an entity's or individual's public key, digital certificates contain
person or entity identified, the digital
about the algorithm used to create the signature, the
purpose of
signature of the CA that verified the subject data and issued the certificate, the
as well as a date range during
the public key encryption, signature and certificate signing,
which the certificate can be considered valid.

C&NS-35
 POPULAR PUBLICAIIONS

b) One-Time pad: a system in which

a private key generated randomly

In cryptography,
a one-time pad is that is then decrypted by the receiver using
is
a message
uscd only once to cncrypt cncrypted with keys based on randomness a
key. Messages
matching one-time pad and way to "brcak the code" by analyzing
is theoretically no a
have the advantagc that there no relation
messages. Each encryption is unique and bears to thhe next
succession of With a one-time pad, however,
pattern can be detected. the
encryption so that some message and thi
same key used to encrypt the
decrypting party must have access to the
party safely or how to keen
raises the problem of how to get the key to the decrypting
both keys secure. One-time pads have sometimes been used
when the both parties stared
out at the same physical location and then separated, each with knowledge of
the kevs in
a a secret key because if it is
the one-time pad. The key used in one-time pad is called
figured
revealed, the messages encrypted with it can casily be deciphered. One-time pads
War
prominently in secret message transmission and espionage before and during World
il and in the Cold War era. On the Internet, the difficulty of securely controlling secret
keys led to the invention of public key cryptography.

c) Cryptanalysis:
Cryptanalysis is the decryption and analysis of codes, ciphers or encrypted text.
Cryptanalysis uses mathematical formulas to search for algorithm vulnerabilities and
break into cryptography or information security systems.

Cryptanalysis attack types include:

Known-Plaintext Analysis (KPA): Attacker decrypt cipher textS with known
partial plaintext.
Chosen-Plaintext Analysis (CPA): Attacker uses cipher text that matches
arbitrarily selected plaintext via the same algorithm technique.
Cipher text-Only Analysis (COA): Atacker uses known cipher text collections.
Man-in-the-Middle (MITM) Attack: Attack occurs when two parties usc message
or key sharing for communication via a channel that appears secure
but is
actually compromised. Attacker employs this attack for the interception
messages that pass through the communications channel. Hash of
functions prevent
MITM attacks.
Adaptive Chosen-Plaintext Attack (ACPA): Similar to a CPA, this
attack uses
chosen plaintext and cipher text based on data learned from past
encryptions.
6. a) Whatis the principle behind One-Time Pads? Why are they highly
b) What is the output of the following Plaintext: secured?
"l am student of fourth year Information Technology department."
a

[MODEL QUESTION]
Answer:
a) In cryptography, a one-time pad is asystem in which a private
key generated randomly
is used only once to encrypt a message
that is then decrypted by the receiver using a
matching one-time pad and key. Messages
encrypted with keys based on randomness

C&NS-36
 CRYPTOGRAPHY& NETWORK SECURITY

have the advantage that there is theorctically no way to "break the code" by analyzng a
successtION of messages. Each cncrvption is uniaue and bears no relation to
the nCx
encryption so that some pattern can be detccted. With a one-timc pad, however, the
decrypting party must have access to the same key uscd to encrypt the message and tnis
raises the problem of how to get the key to the decrypting party safely or how to keep
both keys secure. Onc-timnc pads have sometimes bccn uscd when the both parties started
out at the same physical location and then separated, each with knowlcdge
of the keys i
the onc-timc pad. The key used in a onc-time pad is callcd a sccret key because if it is
revealed, the messages encrypted with it can casily be deciphered. Onc-timc pads figured
prominently in secret message transmission and cspionage before and during World War
Il and in the Cold War era. On the Internct, the difficulty
of securely controlling sccret
kevs led to the invcntion of public key cryplography.

b) If we usc a route cipher of dimension 6 x9 then we get the table as below:

|I A M A
<<-ol S T
+|o-lolo|

N R T
Y E A R N
R M A T N T E
H L G D
|E P A R T M E N T
So the cipher text will be
ETOEDTNEMTRAPECRHNIAMASTUDRETYGOLONHMYTOFFOUNNOITAEARI

7. Briefly describe the Knapsack algorithm for public key encryption.

[MODEL QUESTION]
Answer:
Creating the publichprivate key
First we have to choose a super-increasing knapsack (to use as the private key) with
which to encrypt our data. To keep it simple, in my knapsack, we have objects of the
following weights: {1, 7,9, 18, 50, 86)
Now we pick a modulus, m, which is bigger than the sum of all the elements. With my
knapsack, the total weight is 171, so 175 would be a suitable value, so m=175.
We then pick a number, n, that is less than, and relatively prime to (that is, sharing no
factors beside l with) m. We will take n=27.
We then multiply each clement in my knapsack by n mod m. This gives me:
1* 27 mod 175 =27
=
7*27 mod 175 14
9* 27 mod 175 = 68
18 * 27 mod 175 = 136
50 * 27 mod 175 = 125
86 * 27 mod 175 = 47
This crcates the knapsack {27, 14, 68, 136, 125, 47}. This will be
our public key because,
as the subset-sum problem demonstrates, solving this will be hard because it is not super
increasing.
C&NS-37
 POPULAR PUBLICATIONS

00100101
Encryption cxample 01010101 1001100
1

to encrypt. For
Now we nced somehing are the length of our knapsack, so: 010101 01
U0o
First we break it up into blocks that
110000 100101
sivtk
there are l's in the second, fourth and
If we look at the first block (010101), our publie
positions. This means that we take the second,
fourth and sixth numbers in
key, and add them together:
14+136+47 =197

Repeating this for the other 3 blocks gives us:

011100 = 14 + 68 + 136 =218
110000 = 27 + 14 = 4|
100101 =27+ 136 + 47 =210

This gives us the encrypted version of 01010101 11001100 00100101 as {197, 218, 41,
210}. This encrypted data would then be transmitted to the recipient.
We know that the subset-sum problem is easy to solve using a super-increasing set and
since our private key is super-increasing we can send them this along with m and n (as
chosen carlier), to enable them to decrypt the message.

Decryption
Decrypting the message is the same as solving the subset-sum problem with the original,
decrypted message as our target. First we need to solve:
(x * 27) mod 175 = 1 so that we can move from the hard non-super-increasing set to
the easy super-increasing set.
In this case, x = 13.
We can then do
(13 197) mod 175 =1|| to translate the target of the hard to solve problem to the target
of the easy to solve problem. If we look at the private key ( {, 7, 9, 18, 50, 86 } ), we
can easily see that 111 is, made up of 86 + 18 + 7. Since
these correspond to the second,
fourth and sixth values in the key, w can convert this to 010101. Repeating
this with the
other parts of the cncrypted data will reveal the whole message.

8. Describe steganography.
WBUT 2023]
Answer:
It is the process of hiding a message message.
in another
E.g., hide your plaintext in a graphic image
Each pixel has 3 bytes specifying the RGB color
The least significant bits of pixels can be changed
wlo greatly affecting the image
quality
C So can hide messages in these LSBs. Take a
640x480 (-30,7200) pixel image.
Using only 1 LSB, can hide 115,200 characters

C&NS-38
 CRYPTOCaAPHY &NEIWORK SECURITY

Advantage: hiding existence messages

Drawback: high overhcad.
of

9. a) Explain the Playfair cipher

with oxample.
b) Discuss Vernam cipher in detall.
WBUT 2023]
Answer:
a) The Playfair Cipher is an unusual cryptosystem bccausc it operates on pairs
of lctters
(bigrams). The Playfair Cipher consists of a preprocessing stage and then an encryption
stage.
Pre-processing for the Playfair Cipher: Thc plaintext requires a degree of pre
proccssing before it can be encrypted. We now deseribe this proccss and explain why
cach stcp is necessary.
1. Replace J's with I's: The Playfair Cipher is based on a Sx5 square
grid (the
Playfair Square) with 25 positions, cach of which contains a different letter of the
alphabet. Thus one letter of the alphabet cannot appear in this grid and must be
discarded. It makes most sense for this to be a fairly uncommon letter. There is
nothing spccial about the selection of the letter J, other than it does not occur
often in English. The choice of replacement of the letter J by the letter I is
because of the supcrficial rescmblance between these two letters. A number of
variants of the Playfair Cipher could be designed that remove a different
unpopular letter and replace it by another of the remaining letters.
2. Write out the plaintext in pairs of letters: This is done because the Playfair
Cipher operates on bigrams and hence processes the plaintext in "blocks' of two
letters.
3. Split identical pairs by inserting a Z between them: The Playfair Cipher relies
on the two letters in cach plaintext bigram being different. If a plaintext bigram
currently consists of two identical letters then the letter Z is inserted between
them in the plaintext in order to separate them. There is nothing special about the
selection of the letter Z. Any other unpopular lctter could be chosen instead.
Indced, if two Z's occur together in a bigram of the plaintext them some other
letter must be inserted betwen them.
4. Rewrite the modificd plaintext in pairs of letters: Check to see whether there
has been a 'knock on' cffect that has resulted in a new plaintext bigram
consisting of two identical letters. If this is the case then repcat the previous step
until there are no such bigram.
5. If the final number of letters is odd then add Z to the end: This is done in
order to guarantee that the entire plaintext can be partitioned into igrams. If
there is an odd number of letters then the last letter needs a partner in order to be
processed. Again, Z is used simply because it is an unpopular letter in English. If
the last plaintext letter is itself a Z then a different final character willneed to be
used.

C&NS-39
 POPULAR PUBLICATIONS

using the Playfair Cipher: The Playfair Square, which forms the kev of.,
Encryption a
consists of a five-by-five grid, where cach entry contains unique let
Piayfair Cipher,
pre-processed the plaintextaccording to the outlin
of the alphabet other than J. Having as
procedure, the plaintext is encrypted follows:
same row of the Playfair Square then
1.
If two plaintext bigram lctters lic in the
on its right in the Playfair Square (if one of th
replace each letter by the letter
in the fires
letters lies in the fifth entry of the row then replace it by the letter
entry of the row).
2. Iftwo plaintext bigram letters lic in the same column of the Playfair Square then
replace cach letter by the letter bencath it in the Playfair Square (if
one of the
letters lies in the fiAth entry of the column then replace it by the letter in the first
entry of the column).
3. Otherwise:
a) Replace the first plaintext bigram letter by the letter in the Playfair Square
occurring in
the same row as the first bigram letter and
the same column as the second bigram letter.
b) Replace the second plaintext bigram letter by the letter in the Playfair Square
occurring in
the same column as the first bigram letter and
the same row as the second bigram letter.

Example of a Playfair Cipher: An example is very useful for mastering the subtleties of
the Playfair Cipher.
Fig. 1 shows an example of a Playfair Square. We use
this as the key to cncrypt the
plaintext NATTERJACK TOAD. Ignoring the space
process the plaintext in preparation for encryption, as between the two words, we pre
follows:
1. First, replace the single occurrence an
ofJ with I, resulting in NATTERIACKTOAD.
T A N
Z|I| D
R C H B
K
M P Q
W X Y
Fig: 1 Example of a Playfair Square
2. We write out the plaintext as a sequence
of pairs of letters:
NATT ER IA CK TO AD,
3. We observe that the second
bigram consists of TT, so we must insert a
the two Ts, to get Z in between
NATZ TE RI ACKT OAD,

C&NS-40
 CRYPTOGRAPHY& NETWORK SECURITY

4. We rewrite the modified plaintext as a sequence

of pairs of letters:
NA TZ TE RI AC KT OA D,
and note that there are noW no bigrams with
repeated letters.
5. Finally, we necd to add a Z to the cnd
inorder to complete the last bigram:
NA TZ TE RI AC KT OA DZ.
We then proceed tocnerypt these bigrams as follows:
1. The letters of the first bigram NA lic together in the same row of the Playfair
Square in Fig. I, so NA is cncrypted using this squarc to DN.
2. The letters in the next bigram TZ do not lie together in the same row or column.
They thus define the corners of a rectangle in the Playfair Square. The encryption
rule says that in this case they are encryped to the two letters occurring at the
other two corners of this rectangle. Thus TZ is encrypted to DW. Similarly, TE is
encrypted to SR and RI is encrypted to HF.
3. The letters AClie in the same column, so they are cncrypted to CG.
4. The letters KT do not lie in the same row or column, so KT is encrypted to FS.
Similarly, OA is encrypted to PT.
5. Finally, DZ lie in the same column, so are encrypted to BD (note that since Z is
in the last row, it is encrypted to the letter in the first row, D).
The final ciphertext is thus DNDwSRHFCGFSPTBD.
To decrypt this ciphertext, the receiver will reverse the encryption process using the
Playfair Square in Fig. 1 to obtain NATZTERIACKTOADZ. They will hopefully 'guess'
that the two Zs are redundant and remove them to recover NATTERIACKTOAD. A
knowledge of European amphibians should then allow the correct plaintext to be
obtained!

b) Gilbert Sandford Vernam (1890-1960) was said to have invented the stream cipher in
1917. Vermam worked for Bell Labs and his patent described a cipher in which a prepared
key, on a paper tape, combined with plaintext to produce a transmitted ciphertext
message. The same tape would then be used to decrypt the ciphertext. In effect, the
Vernam and "one-time pad" ciphers are very similar. The primary difference is that the
"one-time pad" cipher implements an XOR for the first time and dictates that a truly
random stream cipher be used for the encryption. The stream cipher had no such
requirement and used a different method of relay logic to combine a pscudo-random
stream of bits with the plaintext bits. More about the XOR process is discussed in the
section on XOR ciphering. In practice today, the Vernam cipher is any stream cipher in
which pseudo-random or random text is combined with plaintext to produce cipher text
that is the same length as the cipher. RC4 is a modern example of a Vernam cipher.

Example: Using the random cipher, a modulus shift instead of an XOR and plaintext to
produce ciphertext
Plaintext 1

th is wi l 1 besoeas
n n y
ytob rea k
i tw
i 11 b e fu

C&NS-41
 POPULAR PUBLICATIONS
5 ]1
23 9 12 12 19 15
2 5 5 1 19 25 20 15 2
18 11 9 20
20 8 9 19
23 9 12 12 2 56 21 14 14 25

Cipher One
e
r tyu o p a s d £ g h j k 1 z x CV b n m q a z Wsy
q
i
fv t
6 7 8 10 11 12 26 24 3 22 2 14 ..
17 5 18 20 25 21 15 16 1 19 9 4

17 1 26 23 19 24 5 18 6 22 20

CipherText 1
11 13 1 13 22 4 21 1 18 6 12 19 11 8 1 9 5 1 2 16 8 23 13 23 7 14
10 12 9 21 3 11 13 20 10 19
k m a m

vdu a r f l s kh a i e a bph w m
wg n j l w uck
m

t j s

Plaintext 2
t h i s w
i 1 1 n
ot b e e a s yt o
br e a k o r bet oof u
n n y
20 8 9 19 23 9 12 12 14 15 20 2 5 5 1 19 25 20 15 2 18 5 1 11
15
18 2 5 20 15 15 6 21 14 14 25

Ciphertext 2, also using Cipher One.

11 13 1 13 22 4 21 1 4 16 13 6 11 12 9 3 10 6 15 0 21 1 3 25 2 9
35 17 8 13 11 13 20 10 19
vd u a e p f k 1 i Ej f o
a m
k m
m

u acy b i ce q m

t j s
h k m

10. Write short notes on the following:

i) Caosar cipher (MODEL QUESTION]
i) Vigenàre clpher
ii) Playfalr or earller block cipher
iv) Steganography
Answer:
i) Cacsar cipher:
Earliest known substitution cipher.
Invented by Julius Caesar. In this type
each letter is replaced by the letter three
positions further down the alphabet.
of encryption
Plain: abcdefg hijklmnopqrstuvw Xyz
Cipher:
DEFGHJKLMNOPQRSTUV WXYZABC
Example: ohio state
à RKLR VWDWH
Mathematically, map letters to numbers:
a, b, C, .s X, y, z
0, 1, 2, .., 23, 24. 25
1. Then the general
Caesar
c= Ep) =(( k)mod 26 cipher is:
p=Dc) = (c-k) mod 26
A Can be generalized
with any alphabet.

C&NS-42
 CRYPTOGRAPHY &
NETWORK SECURITY

ii)Vigenère cipher:
An early stream cipher is commonly ascribed to
the Frenchman Blaise de Vigenère, a
diplomat who served King Charles
X. works by adding a key repcatedly into the
plaintext using the convention that A =0,
It
B=
modulo 26-that is, if the result is greater than 1,....Z-
25: and addition is carried out

are nceded to bring us 25, we subtract as many multiples of 26 as

into the range [0,
wTte this as: C P+ K
mod 26
25], that is, [A,...„Z]. Mathematicians

For example, when we add P(15) to U(20) we get 35,

which we reduce to 9 by
subtracting 26; 9 corresponds to J, so the encryption of P under
the key U (and of U
under thc key P) is J. Vigenère used a repeating key, also known as a
running key.
Various means were developed to do this addition quickly, including printed
tables and,
for field use, cipher wheels.

iii) Playfair or earlier block cipher:

One of the best-known early block ciphers is the Playfair system. It was invented in 1854
by Sir Charles Wheatstone, a telegraph pioneer who also invented the concertina and
the
Wheatstone bridge. This cipher uses a 5 by S grid, in which the alphabet is placed,
permuted by the keyword, and omitting the leer 1. The plaintext is first conditioned by
replacing J with I wherever it occurs, then dividing it into letter pairs, preventing double
leters occurring in a pair by separating them with an x, and finaly adding a z if
necessary to còmplete the last letter pair. The example Playfair written was "Lord
Granville's letter," which becomes rd gr an vi lx le sl et te rz". It is then enciphered
lo
two letters at a time using the following rues:
If two letters are in the same row or column, they are replaced by the succeeding
letters. For example, "am" enciphers to "LE."
Otherwise, the two letters stand at two of the corners of a rectangle in the table, and
we replace them with the letters at the other two comers of this rectangle.

Steps:
Use a 5 x S matrix.
Fill in letters of the key (w/o duplicates).
Fill the rest of matrix with other letters.
E.g., key= MONARCHY.
M N A R

H B
F G K
L P
W
U

C&NS-43
POPULAR PUBLICATIONS

havc the property that if

you change
Playfair ciphertexts do look random, but they
only a single lctter of
the ciphertext a
single letter of a plaintext pair, then often will
change.

iv) Steganography:
Refer to Questions No. 8 of L.ong Answer Type Questions.

C&NS-44
 CRYPTOGRAPHY& NETWORK SECURITY

SYMMETRIC KEY ALGORITHM

Very Short Answer Type Questions
1. In IDEA, the key size is (WBUT 2014]
bits.
a) 128 b) 64 d) 512
c) 256
Answer: (a)
2. There are encryption rounds in IDEA. [WBUT 2015, 2019]
a) 5 b) 16 c) 10 d) 8
Answer: (d)
3. There are rounds in DES. WBUT 2016, 2017]
a) 8 b) 10 c) 14 d) 16
Answer: (d)
4. DES encrypts blocks of bits. WBUT 2016, 2017, 2019]
a) 32 b) 56 c) 64 d) 128
Answer: (c)
5. AES algorithm uses number of keys for encryption and decryption.
[WBUT 2023]
Answer: Same

6. Which one of
the following modes of operation in DES is used for operating
short data? WBUT 2023]
Answer: Electronic Code Book (ECB)
7. Bits contain in DES encrypts blocks. [MODEL QUESTION]
a) 32 b) 56 c) 64 d) 128
Answer: (c)
8. In DES encryption algorithm, which of the following is used for converting 32-bit
right half into 48-bits? (MODEL QUESTION]
a) Permutation b) Expansion permutation
c) Substitution d) Key scheduling
Answer: (a)

Short Answer Type Questions

1.What is initializing Vector ((V)? [WBUT 2014, 2016, 2019]
What is its significance? WBUT 2014, 2019]

C&NS-45
 POPULAR PUBLICATIONS

Answer:
An initialization vector (IV) is
an arbitrary number that can be used along with
a nonce, is employed
a secte,
key for data encryption. This nunber, also called only onetime in
any session.

The use of an IV prevents repetition in data encryption, making it more difficult for
a
hacker using a dictionary attack to find paterns and break cipher. For example,
a
a
sequence might appear twice or more within the body of a message. If there arc repcated
Scqucnces in encrypted data, an altacker could assume that the corresponding sequences
in the message were also identical. The 1V prevents the appearance of corresponding
duplicate character scquences in the cipher text.

The ideal IV is a random number that is made khown to the destination computer to
facilitate decryption of the data when it is received. The IV can be agreed on in advance
transmitted independently or included as part of the session setup prior to exchange of the
message data. The length of the 1V
(he number of bits or bytes it contains) depends on
the method of encryption. The IV length is usually comparable to the length of the
encryption key or block of the cipher in use.

2. Describe briefly DES algorithm. WBUT 2014, 2015-Short Note)

OR,
Describe the working principle of DES algorithm for ensuring
security.
WBUT 2019]
Answer:
The modified Lucifer algorithm was adopted by NIST as a federal
standard on November
23, 1976. Its name was changed to the Data Encryption
Standard (DES).It takes å 64-bit
block of plaintext as input and outputs a 64-bit block
operates on blocks of equal size and it uses both
of ciphertext. Since it always
permutations and substitutions in the
algorithm, DES is both a block cipher and a product cipher.
DES has 16 rounds, meaning
the main algorithm is repeated 16 times to produce the ciphertext. It
has been found that
the number of rounds is exponentially proportional to the amount
a key using a brute-force attack. So as of time required to find
the number of rounds increases, the security the
algorithm increases exponentially. To do the encryption, of
DES uses "keys" where are 64
bits long. However, every 8th key bit is ignored in
the DES algorithm, so that the
effective key size is 56 bits. But, in any case,64 bits
(16 hexadecimal digits) is the round
number upon which DES is organized.
For example, if we take the plaintext message "8787878787878787",
and encrypt it with
the DES key "OE329232EA6DOD73",
"0000000000000000". If the ciphertext is We end up with the ciphertext
decrypted with the same secret DES Key
"OE329232EA6DOD73", the result is
the original plaintext "8787878787878787".

C&NS-46
 CRYPTQGRAPHY& NETWORK SECURITY

3. What is the differenco betwoen diffusion and confusion? (WBUT 2016]

Answer:
By confusion we mcan that a cipher should hide local patterns in language from an
attacker. By diffusion we mcan that the cipher should mix around different parts of the
plaintext, so that nothing is left in its original position. A polyalphabetic substitution
cipher such as the Vignere cipher is more effective at confusion. Symmetric cipher is the
Data Encryption Standard (DES) is an example of both confusion and diffusion.

4. Explain the key generation process in DES. [wBUT 2016]

Answer:
The generation of keys in DES for each round is done by round-key generator. The
round-key generator produces sixteen 48-bit keys out of a 56-bit cipher key, one for each
round. As in DES, the original key size is 64-bits, including the parity bits; therefore, the
parity bits are initially dropped using the parity bit drop process before the actual key
generation process starts. The parity bit drop process is actually a compression
transposition step that drops the parity bits present at every eighth position (8, 16, 24, 32,
40, 48, 56 and 64) in the 64-bit key, generating a 56-bit key. Then the 56 bits of the key
are permuted according to a predetermined rule, as shown in table. For example, the bit 1
of the original 56-bit key becomes the eighth bit of the new 56-bit key. This 56-bit key is
the actual cipher key used for key generation.
Table: Parity Drop Box Table
57 49 41 33 25 17 09 01

58 42 34 26 18 10 02
S9 S1 43 35 27 19 11 03
60 52 44 36 63 55 47 39
31 23 15 07 62 54 46 38
30 22 14 06 61 53 45 37
29 21 13 05 28 20 12 04

iC&NS-47
 POPULAR PUBLICATIONS

64 bits

Party bt drop
Cipher key (56 bits)

28 bits 28 bits

Shift left Shif left

28 brts 28 bits
Compression
P-box
Generator
48 bts
Shift left Shift left

Key 28 bits 28 bits

Round Compression
P-box
48 bts

Shift len Shift le

28 bits 28 bits
Compresion
P.box

48 bits

Fig: Key Generation in DES

During each round, the round key generator uses

following steps to generate the key the 56-bit cipher key and performs
for that round (see in figure). the
1. Divide the
plaintext into two halves of 28
2. Perform circular bits cach.
left shift operation on cach
28-bit half. Shifting is donc
Ior 2 bits, depending on the round number. either by
In case of rounds 1,
shifting is done by 2 bits. 2, 9 and 16,
3. After shifting has
been performed, both halves are
bit part. These 56 bits are combined again to form a
then given as input to the 56
4. The compression compression P-box.
P-box, as its name suggests, compresses
produce 48-bit output This the 56-bit input to
as key for the round. 48-bit output generated from
the P-box is then used

C&NS-48
 CRYVTOGRAPHY& NETWORK SECURITY

5.What are the problems with symmetric key [WBUT 2016]

encryption?
Answer:
The biggest problem with symmetric key encryption is that we need to have a way to get
the key to the party with whom we are sharing data. Encryption keys aren't simple strings
of test like passwords. They are cssentially blocks of gibberish. As such, we'll necd to
have a sate way to get the key to the other party. Of course, if we have a safe way to
share the key. we probably dont nccd to bc using encryption in the first place. With this
in mind, symmeiric key cncryption is particularly useful when encrypting our own
information as opposed to when sharing cncryptcd information.
6. Describe a single round of DESwith block diagram. WBUT 2018]
Answer:
Refer to Ouestion No. 2 of Short Answer Type Questions.
12 hits

R,-1 C-i D,-1

Espantinomutaioa Le shifu)
(EtNc

XOR) emutationkostea
2)
(Amutod chicc

Substitution/choice
(S-box)

Permutation
(P)

(NOR

Fig: Single round of DES algorithm

[WBUT 2019]
7. What is the purpose of the $-boxes in DES?
Answer:
The S-boxes are the nonlinear part of DES that makes it difficult to break the algorithm
and secure against linear and differential cryptanalysis. the s-boxes provide
the
as widely
"confusion" of data and key values, whilst the permutation P then spreads this
as
as possible, so each S-box output affects as many S-box inputs in the next round
possible, giving "diffusion".
a
There are 8 s-boxes also known as the substitution boxes, is table that consist of four
rows and 16 columns with 64 entries all together. They take in 6-bits and produce or
output 4-bits. That is, the 48-bits into 8 S-boxes will be 6-bits each. However the 6-bits is
represented in binary form of say, 010100. The two outer bits (the first and the last bit)
C&NS-49
 POPULAR PUBLICATIIONS

bits represcnt
rows) and the inner four the columns
represents the row (one of the four row and the column meets represents
The cell where the
(one of the 16 columns). as
converted to binary the output. From
the
in decimal of the output. This is then
value the
digits 00 the row which is the first row (00, 01,
=

Cxample 010100, thc first and last 10,

digits 1010= the column. All 8 S-boxes will Output 4-bits cach
1) and the inner four
in
output that is then permutated and further processed in the
similar way and that is 32-bits
next round.
of

8. Explain Simple Columnar Transpositlon

Technique symmetric encryption.
OF TECHNOLOGY" with the
Convert the text "WEST BENGAL UNIVERSITY
[MODEL QUESTIONÍ
value 31254.
Answer:
1" Part:
The Simple Columnar Transposition Technique is the variation of the Rail Fence
Technique. This technique simply arange the plain text as a sequence of rows of the
rectangle. that are read in column randomly. The Simple Columnar Transposition
Technique is also used multiple rounds to provide a tight security. Ciphertext produced
by using Simple Columnar Transposition Technique with multiple rounds is much more
complex to crack as compare to the basic technique.

2 Part: SGIITOWEUROHGENNSFNYBLEYCOTAVTEL

9. a) What is a meet-in-the-middle attack? (MODEL QUESTION]

b)Why is the middie portion of 3DES a decryption rather than an encryption?
Answer:
a) l's that artack doesnt depend on any particular property of the DES, instead, it will
work against any type of block ciphers.
For the double-DES cipher &a given (P,C)pair, this attack works as follow:
1. Encrypt the plaintext P with all possibilities of K1, store the results in a table, &
sort that table by the value of X.

2. Decrypt C with all possible values of K2, check cach resulted value with the
entries in the table, in case of match, check these two keys against another known
pair (Pi,CI), ifmatch, accept them as the correct keys.
b)
1. Il's a decryption process in order to change the traditional nature of
the DES, if it's an
encryption, it"llstay a DES but with longer key size.
2. In the cryptography, there is no significance of using the decryption in the middle
stage, the only advantage of doing so is to allow users of 3DES to decrypt data
encrypted by the users of the older single DES
C= Ekl[Dk2(Ekl[P)] = Ek1[P).
Suppose that the middle portion isdecryption instead of encryption,
C= Eki (Ek2{Ekl[P)))
The previous assumption in equation I will not be ever met. On the other hand

C&NS-50
 CRYTOGRAPHY &
NETWORK SECURITY

3. If an cncryption process is donc instead of decryption the meet-in-the-middle attack

becomes possible.
10. What is symmetric key cryptography? (MODEL QUESTION]
Answer:
Symmetric key algorithms are the quickest and most commonly used type of encryption.
Here, a single key is used for both encryption and decryption. There are few well-known
symmetric key algorithms i.e. DES, RC2, RC4, IDEA etc. Symmetric key cryptography
çonsists of the following terms:
1. Plaintext: This is the original inteligible message or data that is fed to the algorithm
as input.
2. Encryption algorithm: The encryption algorithm performs various substitutions and
pernutations on the plaintext
3. Sccret Key: The secret key is also input to the encryption algorithm. The exact
substitutions and permutations performed depend on the key used, and the algorithm
will produce a different output depending on the specific key being used at the time.
4. Ciphertext: This is the scrambled message produced as output. It depends on the
plaintext and the key. The ciphertext is an apparently random strean of data, as it
stands, is unintelligible.
5. Decryption Algorithm: This is essentially the encryption algorithm run in reverse. It
takes the ciphertext and the secret key and produces the original plaintext.

11. What are the different types of symmetric key encryption? (MODEL QUESTION]
Answer:
Types of symmetric key ciphers are
Block Ciphers: Symmetric key ciphers, where a block of data is encrypted
Stream Ciphers: Symmetric key ciphers, wherce block size=l

12. What are the modes of operation of Biock cipher? [MODEL QUESTION]
Answer:
Block ciphers can operate in several modes like Electronic Codebook (ECB), Cipher
Block Chaining (CBC), Cipher Feedback (CFB) mode and (Output Feedback (OFB) etc.

(MODEL QUESTION]
13.What is the key size of IDEA?
Answer: a
IDEA operates with 64-bit plaintext and cipher text blocks and is controlled by 128-bit
key and there are 8 rounds of transformation.
[MODEL QUESTION]
14. How the keys are generated In IDEA?
Answer:
transformed into 16 bit subkey for rounds. 64-bit plaintext block is
8
128 bit key is
on 16 bit sub-blocks in 8
partitioned into four 16-bit sub-blocks. Then keys are operated
are generated from the 128-bit
rounds subsequently. The 52 16-bit key sub-blocks which
key are produced as follows:
C&NS-51
 PUBL,ICATIONS
POPULAR

is partitioned into cight l6-bit sub-blocks which

First, the 128-bit key
sub-blocks. are
as the fist eight key
directly used lefi by he
is then cyclically shifted to the 25 positions, after
The 128-bit key partitioned into eight I6-bit sub-blocks
again to
resulting 128-bit block is bedirecty
eight key sub-blocks.
as
used the next
proccdure described above is repcated until all of therequired
The cyclic shift
have bcen generated. 5216
bit key sub-blocks

of DES? [MODEL aUESTIOH

Q
15. What are the drawbacks
Answer: algorithm has been a popular secretkey
The Data Encryption Standard (DES) cncypMion
many commercial and financial applications.
algorithm and is used in Athoug
it has proved resistant to all forms of cryplanalysis. However,
introduccd in 1976, itskey
small by current standards and its entire 56 bit key space can be scarched
size is to0 in
approximately 22 hours.

the term modes

of
operation? (MODEL
16. What do you understand by QUESTION

Answer: A
Electronic Code Book (ECB) mode: block cipher encrypls and decrypts plaintext
in
fixcd-size-bit blocks (mostly 64 and 128 bit). For plaintext exceeding this fixed size, the
blocks offequal length: and encrypt
simplest approach is to partition the plaintext into cach
Code
separately. This method is named Electronic Book (ECB) mode. However,
Electronic Code Book is not a good system to use with small lock sizes (for examoe
smaller than 40 bits) and identical encryption modes. As ECB has disadvantages in mos
applications, other methods named modes have been created.
In cipher block chaining, or CBC, mode we esclusive-or the previous block of cipher text
to the current block of plaintext bcfore cncryption. This mode is cfective at disguising
any patterns in the plaintext: the encryption of cach block depends on all the previous
blocks. The input IV is an initialization vector, a random number that performs the sane
function as a seed in a stream cipher, and ensures that sterceotyped plaintext message
headers won't leak infomation by encrypting to identical cipher text blocks. Othes
modes include, Cipher Feedback (CFB) and Output Feedback (OFB) modes.

17. What are the advantages of IDEA? [MODEL QUESTION)

Answer:
The IDEA encryption algorithm
provides high level security not based on keeping the rather
secret. but
algorithm
upon ignorance of the secret key
is fully specified and easily understood
is available to everybody
is suitable for use in a wide range
can be economically implemented in
of applications
electronic components (VLSI Chip)
can be used efficiently

C&NS-52
 CRYITOGRAPHY&NETWORK SECURITY

may be cxported world wide

is patent protected to prevent fraud and piracy

18. What are the applications of IDEA? [MODEL QUESTIONJ

Answcr:
Today, therc are hundreds of IDE-based sccurity solutions available in many ia
arcas, rangng trOm Financial Services, and Broadcasting to Governmcnt. IDEA Is the
name of a proven, sccurc, and universally applicable block encryption algorithn. which
permits eflective protcetion of transmitted and storeddata against unauthorized access by
third partics. The fundamental criteria for the development of IDEA were highest security
rcquirenments along with easy hardwarc and software inplementatior for fast exccution.
The IDEA algorithm can casily be embedded in any cncryption software. Data cncryption
can be uscd to protect data transnission and storage. Typical ficlds are:
Audio and vidco data for cable TV, pay TV, video conferencing, distance
learning, business TV, VolP
Sensitivc financial and commercial data
Email via public networks
Transmission links via modem, routcr or ATM link, GSM technology
Smart cards

Long Answer Type Questions

1. State and explain how IDEA works. WBUT 2015, 2017, 2018]
OR,
Describè the working principle of IDEA algorithm for ensuring security.[WBUT 2019]

Answer: which would replace the DES

IDEA was to develop a strong encryption algorithm,
interesting in that it entirely
procedure developed in the U.S.A. in the seventies. is also
It
or S-boxes. When the famous PGP email and file
avoids the use of any lookup tables
developers were looking for
encryption product was designed by Phil Zimmermann, the
based on its proven
maximum security. IDEA was their first choice for data encryption
design and its great reputation.
The IDEA encryption algorithm
on keeping the algorithm a secret, but
provides high level security not based
rather upon ignorance of the secret key
is fully specified and easily understood
is available to everybody
is suitable for use in a wide range of applications
can be economically implemented in electronic components (VLSI Chip)
can be used efficiently
may be exported world wide
is patent protected to prevent fraud and
piracy

C&NS-53
 POPULARPUBLICATIONS

Description of IDEA
and cipher text blocks
The block cipher IDEA operatcs with 64-bit plaintcxt
in the design offthis and
controlled by a 128-bit key. The fundamental innovation algorithmis
groups. The substitution boxes is
the use of operations from threc different algebraic and
the associatcd table lookups used in the block ciphers available to-date have been
completely avoided. The algorithm structure has been chosen such that, with the
exception that diffierent key sub-blocks are used, the encryption process is identical to th
decryption process.

Key Generation
The 64-bit plaintext block is partitioned into four 16-bit sub-blocks, since all the
algebraic operations used in the encryption process operate on 16-bit numbers. Another
process produces for cach of the encryption rounds, six l6-bit key sub-blocks from the
128-bit key. Since a further four 16-bit key-sub-blocks are required for the subscquent
output transformation, a total of 52 (= 8 x6+4) different 16-bit sub-blocks have iobe
generated from the 128-bit key.
The key sub-blocks used for the encryption and the decryption in the individual rounds
are shown in Table 1.
Encryption of the key sub-blocks
Round I Z"Z"z,"Z"Z,"Z,"T
Round 2
Round 3 Z"ZZ,z,"Z,"Z"
Round 4
Round 5 zz,"Z,Z.ZZ,)
Round 6 z0z,02,OZ,DZZ,a
Round 7 Z"Z"2"ZZ"Z,"
Round 8 ZZ,"Z"Z"Z,"Z
Output
Transform z,"z,z,"z,9)
The 52 16-bit key sub-blocks which are generatcd from the 128-bit key are
produced as
follows:
First, the 128-bit kcy is partitioned into eight 16-bit sub-blocks which are then
directly used as the first eight key sub-blocks.
The 128-bit key is then cyclically shifted to the left by 25 positions, after which
the resulting 128-bit block is again partitioned into eight 16-bit sub-blocks to be
directly used as the next eight key sub-blocks.
The cyclic shift procedure described above is repeated until all the required 52
of
16-bit key sub-blocks have been generáted.

C&NS-54
 CRYTOGRAPHY &NETWORK SECURITY

Encryption
The functional representation of the cncryption process is shown in Figure 1. The process
consists of cight identical cncryption steps (knowyn as encryption rounds) followed by an
output transformation. The structure of the first round is shown in detail.

Plainnext 4 16 bit

Z,"

First
Round
-Z,""

7 additional rounds

Output
2, Z," Transform
gh Round

Ciphertext 4 16 bit

-Bit-by-bit exclusive OR oftwo 16-bit sub-blocks

O. Additional modulo 2+| of

two 16-bit integers
Multiplication moduto 2^41 of wo l6-bit integers,
where sub-blocks of all zeroes corresponds to 2

Fig: The IDEA Structure

In the first encryption round, the first four 16-bit key sub-blocks are combined with two
of the 16-bit plaintext blocks using addition modulo 2, and with the other two plaintext
blocks using multiplication modulo 2 + 1. The results are then processed further as
shown in Figure 1, whereby two more 16-bit key sub-blocks enter the calculation and the
third algebraic group operator, the bit-by-bit exclusive OR, is used. At the end of the first
encryption round four 16-bit values are produced which are used as input to the second
encryption round in a partially changed order. The process described above for round one
is repeated in each of the subsequent 7 encryption rounds using different 16-bit key sub
blocks for each combination. During the subsequent output transformation, the four 16
bit values produced at the endof the 8th encryption round are combined with the last four
C&NS-55
 POPULAR PUBLICATIONS

multiplication modulo
of the 52 key sub-blocks using addition modulo 2° and
form the resulting four 16-bit ciphertext blocks.

Decryption
Decryption of the key sub-blocks
Round I
ZV-Z,-Z"Z,z,Z,
Round 2 Z-Z,5-Z,"Z(5Z."Z)
Round 3 zVF-2-Z"ZZ"Z
-Z,"-Z,°ZOZ.Z1
Round 4 Z
Round 5 Z-Z,1-ZZ,'Z,"z
Round 6 Zu-Z,"-z,"Z,"Z,Z
Round 7 ZU-Z4-Z,Z,(ZZ
Round 8
Output Z,"M.
Transform '-z,'"-z,"Z,1
The computational proccss used for decryption of the ciphertext is essentially the same as
that used for encryption of the plaintext. The only difference compared
with encryption is
that during decryption, different l6-bit key sub-blocks are
generated.
Morc prcciscly, cach of the 52 16-bit key sub-blocks used
for decryption is the inverse of
the key sub-block used during encryption in respect
of the applied algebraic group
operation. Additionally, the key sub-blocks must
be used in the reverse order during
decryption in order to revcrse the encryption process as
shown in Table 2.
Modes of opcration
IDEA supports allmodes of operation as
described by NIST in its publication FIPS 81l. A
block cipher encrypts and decrypts plaintext
in fixed-size-bit blocks (mostly 64
bit). For plaintext excecding and 128
this fixed size, the simplest approach
plaintext into blocks of cqual length is to partition the
and encrypt each separately. This
Electronic Code Book (ECB) mode. method is named
However, Electronic Code Book
system to use with small block is not a good
sizes (for example, smaller than 40
cncryption modes. AsECB has disadvantages bits) and identical
in most applications, other
modes have been created. They are methods named
Cipher Block Chaining (CBC),
(CFB) and Output Feedback (OFB) modes. Cipher Feedback

2. What is {01)" in
GF(2)? Verify the entry for (01) in
Answer: the S-box. [WBUT 2018]
The Sub Bytes transformation is a
nonlinear byte substitution
oneach byte
oftheState usinga substitution that operates independently
table (S-box). ThisS-box, was
usually invertible, and it can
1. Look up
table construted using two method :
2. Composite field arithmetic

C&NS-56
 CRYPTOGRAPHY& NETWORK SECURITY

In that loOk up table all the valucs arc prede fined based on the ROM so the arca and
memory access & latency is high. So our method is based on the composite field
arithmetic it contain two main opcration as follows:
(1)Perform the multiplicativc inverse in GF(2^8).
(2) Perform the afine transformation over GF(2).
The GF stands for Galois Ficld. The Arithmetic in a finite ficld( Galois Field) is usually
difierent from the standard integer arithmetic.
The finite ficld should contain the limited nunbcr of clements. The finite field with (p^n)
element is denotcd GF(p^n), where p is a prime
Number called the characteristic of the ficld and n is a positive integer. A particular case
is GF(2)which has only two clemcnts (1 and 0)where addition is exclusive OR (XOR)
and multiplication is AND. The element "0" is never invertible, the element "1" is always
invertible and inverse to itsclf. Therefore, the only invertible element in GF(2) is "1".
Since the only invertible clement is "1" and the
multiplicative inverse of "]" is also "!", division is an identity function. This proves the
entry of {O1} in S-box.

3. Write short notes on the following:

i) RC5 (Rivest Cipher 5) algorithm (WBUT 2016, 2017]
ii) IDEA WBUT 2016]
Answer:
i) RCS(Rivest Cipher 5) algorithm:
RCS is a block cipher notable for its simplicity. RCS has a variable block size (32, 64 or
128 bits), key size (0 to 2040 bits) and number of rounds (0 to 255). The original
suggested choice of parameters were a block size of 64 bits, a 128-bit key and 12 rounds.
A
key feature of RCS is the use of data-dependent rotations; one of the goals of RCS was
to prompt the study and evaluation of such operations as a cryptographic primitive. RCS
also consists of a number of modular additions and eXclusive OR (XOR)s. The
encryption and decryption routines can be specified in a few lines of code but the key
schedule is more complex. The simplicity of the algorithm together with the novelty of
the data-dependent rotations has made RCS an attractive object of study for cryptanalysts.
The RCS is basically denoted as RCS-w/rb where w=word size in bits, rnumber of
rounds, b=number of8-bit byte in the key.

ii) Encryption
The functional representation of the encryption- process is given below. The process
consists of eight identical encryption steps (known as encryption rounds) followed by an
output transformation. The structure of the first round is shown in detail.
In the first encryption round, the first four 16-bit key sub-blocks are combined with two
of the 16-bit plaintext blocks using addition modulo 2°, and with the other two plaintext
blocks using multiplication modulo 2 + 1. The results are then processed by two more
I6-bit key sub-blocks enter the calculation and the third algcbraic group operator, the bit
by-bit exclusive OR, is used. At the end of the first encryption round four 16-bit values
are produced which are used as input to the second encryption round in a partially
C&NS-57
 PQPULAR PUBLICATIQNS

onc is repcated in cach of h

changed order. Thc process describcd above for round
16-bit kcy sub-blocks for
subsequcnt 7 cncryption rounds using different
combination. During the subsequent output transtormation, the tour T6-bit values
sa
produced at the cnd of the 8h encryption round are combincd with thc last four of the
key sub-blocks using addition modulo
2 and multiplication modulo 2" + l to form th
resulting four l6-bit ciphertext blocks.

Decryption
Thecomputational process used for dccryption of the ciphertext is essentially the same as
that used for cneryption of the plaintext. The only difference compared with encryption is
that during decryption, different 16-bit key sub-blocks are generated.
More precisely, each of the 52 16-bit key sub-blocks used for decryption is the inverse of
the key sub-block used during encryption in respect of the applied algebraic group
operation. Additionally, the key sub-blocks must be used in the reverse order during
decryption in order to revcrse the cncryption process.

4. Describe the working principle of DES algorithm for

ensuring security.
[MODEL QUESTION]
Answer:
Figure below shows the sequcnce of events that occur
during an encryption operation.
DES performs an initial pernutation on the entire
64 bit block of data. It is then split into
2, 32 bit sub-blocks, Li and Ri which are
then passed into what is known as a round,
which there are 16 (the subscript i in Li and Ri of
indicates the current round). Each of the
rounds are identical andthe effects increasing
of their number is twofold - the algorithms
security is increased and its temporal
efficiency decreased. Clearly these are two
conflicting outcomes and a compromise must
be made. For DES the number chosen was
16, probably to guarantce the elimination any correlation between
either the plaintext or key6. At the end of the ciphertext and
quantities are swapped to create what
of the 16th round, the 32 bit Li and Ri output
is known as the pre-output.
concatenation is permuted using a This [R16, LI16]
function which is the exact inverse
permutation. The output of this final
permutation is the 64 bit ciphertext.
of the initial

C&NS-S8
 CRYVTOGRAPHY &
NETWORK SECURITY

64-bit plaintext
56-bit plaintext

Initial ermutation 1
Permuted choice
32 bits 32 bits S6 bits
Round I Jas hit Permuted Choice2 Lefn Circular Shift
32 bits | 32 bits S6 bits
Round 2 Permuted Choice 2 Len Circular Shift
48 bits J56 bits

32 bits 32 bits S6 bits

Round 15 Permuted Choice 2 Left Circular Shift

J48 bitsl 36 bits
32 bits 32 bits 56 bits
Round l6 J48 bis Permuted Choice 2 Lef Circular Shift
32 bits 32 bits
32 bit Swap
64 bits
Inverse Permutation

64-bit ciphertext

Fig: Flow diagram of DES algorithm for encrypting data

C&NS-59
 POPULAR PUBLICATIONS

ASYMMETRIC KEY ALGORITHM, DIGITAL

SIGNATURE AND RSA

Very Short Answer Type Questions

1. Toverify a digital signaturo, we need the WBUT 2014)

a) Sender's private key b) Receiver's private key
c)sender's public key d) Receiver's public key
Answer: (d)

2. RSA .......
be used for digital signatures. WBUT 2014, 2015, 20191
a) Must not b) Cannot c) Can d) Should not
Answer: (c)

3. ....... is a message digest algorithm. [WBUT 2014]

a) DES b) IDEA c) MD5 d) RSA
Answer: (c)

4. In asymmetric-key cryptography, how many keys are required for each

communicating party?
a) 2 [WBUT 2015]
b) 3 c) 4 1
Answer: (a) d)

5. Todecrypt a message encrypted using RSA, we

a) sender's private key need the WBUT 2017]
c) receiver's private key b) sender's public key
Answer: (a) d) receiver's public key

6. We require
to verify digital signature.
a) receiver's public WBUT 2019]
key b) sender's private key
c) receiver's private
key d) sender's public key
Answer: (b)

7.
is used to generate a message
protocols. digest by the network security
Answer: SHA Iand MDS
[WBUT 2023]

Short Answer Type

guestions
1. Given, 2 prime numbers p =
process. 19, q = 31. Find out
N, E, D in RSA
Answer: encryption
WBUT 2014, 2019)
Choose p=19 and
q=31

C&NS-60
 CRYTOGRAPHY& NEJWORK SECURITY

Compute n=pq=- 193|

=
589
Compute o(n) = (p )(q-
1)= 13 * 30 = 540
Chooseesuch that | < e on) and e and n are coprime. Let e = 463
<

Compute a valuc for d such that (d c) % on) = 1. One solution is d =7 ((7*463) %

=
$40 1]
Public kcy is (c, n) => (463, 589)
Private key is (d, n) => (7, 589)

2. Consider the diffie-hellman scheme with a common-prime q=11 and primitive

a
root =2,
i) Show that 2 is indeed a generator
i) If theuser A has public key Ya =9, what is A's private key?
ii) lf the user =
B has public key Yb 3, What is the secret key K in between A and
B? WBUT 2014]
OR,
Consider the Diffie-Hellman scheme with a common prime p=11 and primitive root
a =2.
(i) Show that 2 is indeed a generator
(ü) If the user A has key Xa = 9, what is A's private key?
(iii) If the user B has public key Xb =3, what is secret key K in between A and B?
[WBUT 2018]
Answer:
i) p=l1, g-2, p-1 = 10
Let's check:
= 1.
Obviously 2 and 1l are co-prime so we now need to show that 2^ 10 mod 1|
p a so 2 is a
2^10 mod 11does equal I so 2 has modulo order p-i where is prime and
primitive root of 1.
1

ii) q =11, n=2, Ya =9.

Ya (n^Xa) mod p=(2^Xa) mod 11 9
=

What power of has modulo order 9 mod 11?

2

2^1 mod 1] =2
2^2 mod 1| =4
2^3 mod 1| =8
2^4 mod 1| =5
2^5 mod 1| = 10
2^6 mod 1| =9
Therefore Xa =6

iiü) Now all that remains is to find the secret key K:

K=(Yb^ Xa) mod q =3^6 mod l| =3
or exchanged by using Diffie-Hellman key
3. What type of key is generated WBUT 2015, 2019]
exchange algorithm? Justify your answer.

C&NS-61
 POPULAR PUBLICATIONS

Answer:
Difie-Helman Algorithm and is still considered
was the first public-key algorithm
The Diffic-Hellman algorithm a
uscs public-key cryptography to negotiate security parameters
onc of thc best. IKE t
Spccially, the DifMie-Hellman algorithm is uscd in the
protcct key exchanges.
agree on a shared secret by generating
the key
pcers for
negotiations to enable the two to algorithm is used several time
use. This is why you sce that the
will Diffic-Hellman
throughout the proccss. peer contains a private key. The Diff
In general, here is how the algorithn works: Each a public key is a
Hellman algorithn takes that private key and generales public key. The
product of the private key, but is such that the private key
cannot be deduced by knowing
as shown in the figure below:
the public key. The peers then exchange public keys,
Peer A
Peer B

Key and
RI Private Key and RIPrivate
Public Key Public Key
L.
Public keys are cxchanged in
clear text

2. Random Integer 2 2. Random Integer

generated generated

+ Prime Number "A" + Prime Number "B"

3. Each rouler uses the random
integer to generale a private key.

4. RI and R2 then combínc with

the knowTI prime number A and B
I0 generate a public key.

Shared secret
Fig: Diffic-Hellman Key Exchange

4. What are the propertles that a digltal signature should have? [wBUT 2016]
Answer:
To summarize, digital signatures have the following properties:
The signature can only be created by someone who knows the secret information.
Once a signature is created, anyone can validate that the signature is
associated
with the individual and the document, without
needing to know the secret
information used to create the digital signature.
Since the signature depends on the document, it cannot
be used to validate a
different document.
It is impossible to produce a document
that differs from the original document by
even asingle bit but for
which the signature is stillvalid.
In this way, the digital signature
replicates the desirable features
signature, and offers even stronger forms of a handwritten
followed in the handling secret information.
of authentication if the proper procedures are
of For example, handwritten signatures can
C&NS-62
 CRYTOGRAPHY& NETWORK SECURITY

be verified only by cxperts practicing what can only be described as an incexact science.
By contrast, the mathematical procedure for verifying digital
signatures can be veritiea
by any number of independent agents, and there is no room for disagreement among
these agents. The numberS arc cither corrcct or they arc not.

5. What do youmean by asymmetric koy oncryption? Explain. [WBUT 2016]

Answer:
Unlike symmetric key encryption, hcre two types of keys are used to encrypt and decrypt
messages- private or sccret key and public key. When encrypted with receivers public
key at the senders side and decrypted with receivers private key at the receivers side it is
called public key encryption. When the reverse happens i.c when encrypted with senders
private key on senders side and decrypted with senders public key at the receivers side
then this form of communication invokes digital signature.

6. Explaln RSA public key encryption algorithm with example. [WBUT 2017]
Answer:
Refer to l" part of Question No. I(a) of Long Answer Type Questions.
What do you mean by key management?
7.
WBUT 2017]
Answer:
Refers to the distribution of cryptographic keys
mechanisms used to bind an identity to a key
generation and maintenance of keys
revoking of keys
8. What do you use digital signature? What are digitalcertificates? WBUT 2018]
Answer:
1" part:
A digital signature is a mathematical techniquc used to validate the authenticity and
integrity of a message, software or digital document. The digital equivalent of a
handwritten signature or stamped seal, a digital signature offers far more inherent
security, and it is intended to solve the problem of tampering and impersonation in digital
communications. Digital signatures can provide the added assurances of evidence of
origin, identity and status of an electronic document, transaction or message and can
acknowledge informed consent by the signer.

20d Part:
A digital certificate, also known as a public key certificate, is used to çryptographically
link ownerstip of a public key with the entity that owns it. Digital certificates are for
sharing public keys to be used for encryption and authentication. Digital certificates
inclde the public key being certified, identifying information about the entity that owns
the public key, metadata relating to the digital certificate and a digital signature of the
public key created by the issuer of the certificate.

C&NS-63
 POPULARPUBLICATIONS

SHA-1 (message digest) algorithm. How

9. Explain the significance of
wBUTis SHA
different from MD5? 2018)
Answer: a 160-bit hash valuc
or nessage digests from theinputted
1" Part: SHA-1 produces value of the MDS algorithm,.h
data
cncryption), which resembles the hash
(data that requires encrypt and secure data object. Some
a
uses 80 rounds of cryptograplhic operations to
of
the protocols that use SHA-I include:
Transport Layer Security (TLS)
Secure Sockets Layer (SSL)
Pretty Good Privacy (PGP)
Secure Shell (SSH)
SecurcMultipurpose Internet Mail Extensions (S/MIME)
Internet Protocol Security (IPSec)
SHA-l is commonly used in cryptographic applications and environmenis where the need
for data integrity is high. It is also used to index hash functions and identify datz
corruption and checksum errors.

2nd Part: Refer to Question No. 2(b) (2" part) of Long Answer Type Questions.
10. Explain the working principle of Message Digest and Hash function.
[WBUT 2019]
Answer:
1" part: Refer to Question No. 7(b) of
Long Answer Type Questions.
2 part: Refer to Question No. 5 of Long Answer Type
Questions.
11. Explain the concepts of Confusion
and Diffusion? [WBUT 2019]
Answer:
Refer to Question No. 4(b) of Long Answer Type Questions.
12. Briefly discussed Diffusion & Confusion.
Answer: WBUT 2023]
Refer to Questions No. 4(b) ofLong
Answer Type Questions.
13. How should one
check that the data is untampered,
error-free, unread?
Answer: [MODEL QUESTIONJ
i) untampered - Hash Functions
ii) error-free - Checksums
iii) unread -Quantum
tracing
14. What are the
generic algorithms involved
in public key cryptography?
[MODEL QUESTION]

C&NS-64
 CRYPTOGRAPHY &
NETWORK SECURITY
Answer:
The randomized key generation
algorithm K (takcs no inputs
sk) of kcys, the public key and) returns a pair (pk,
and matching sccret key, respectively.
-K for the operation of executing K and letting (pk, sk) be the pairWe keys
write (pk, SK)
The encryption algorithm E takes thc of returned.
public key pk and a plaintext (also
message) M to return a valuc called called a
the ciphcrtcxt. We write C
-E(pk,M) for thc opcration of running E on inputs pk, M -E(M) or C
ciphertext returned. and letting C be the
The deterministic decryption algorithm D
takes the secret key sk and a ciphertext
to return a message M. We write C
M-D,(C) or M D(sk,C).
15. What are the characteristics of public
key encryption? [MODEL QUESTION]
Answer:
Public Key Cryptography - One of the keys would be publicly known
whereas the
other would be private
Must be computationally easy to encipher or decipher a message
given the
appropriate key
Must be computationally infeasible to derive the private key from the public key
Must be computationally infeasible to determine the private key from a chosen
plaintext attack
16. Give two examples of public key encryption algorithm. [MODEL QUESTIONJ
Answer:
Diffie-Hellman and RSA are two popular public key cryptography algorithm.
Diffie-Hellman
A pair of users generate a common key.
To,find k such that =g'modp for given n, g and prime p
also known as Symmetric key exchange protocol

-
RSA exponentiation cipher
Two large prime numbers p and q to be chosen and n=pq computcd
totient f(n)computed
chose an integer e <n and relatively prime to f(n).
find dsuch that ed mod f(n) = 1

17. Name two popular Hash functions. [MODEL QUESTION]

Answer:
MDS – Message Digest #5 and SHA - Secure Hash Algorithm

MDS – Message Digest #5

Invented by Ron Rivest (the R in RSA) of RSA Security Inc. an
arbitrary-sized binary
MDS computes a hash value of 128 bits (16 bytes) out of
document.

C&NS-65
 POPULAR PUBLICATIONS

SHA - Secure Hash Algorithm

Developed by the US National Institute of Standards and Technology (NIST) with
Agerncy (NSA).
the assistance of the National Security an
computes a
hash value of 160 bits (20 bytes) out of 1 arbitrary-sized binary
SHA-1
document. The algorithm is simnilar to MD5.
SHA-1is more sccure than MDS due to its increascd hash
size.
An improved SHA-2 algorithm with hash sizes of 256 bits (32 bytes), 384 bite te
bytes) and S12 bits (64 bytes)
was published by NIST
in October 2000 to keep up
with the increased key sizes
of
the Advanced Encryption Standard (AES).

18. What are the modes of operation public key encryption? [MODEL QUESTION)
Answer:
Public-key encryption functions operate on fixed-size inputs and produce fixed-size
outputs.

19. What do you mean by Symmetric & Asymmetric key Cryptography together or
hybrid encryption? [MODEL QUESTION)
Answer:
To get the speed of symmetric key opcrations in open systems, key exchange protocols
have been developed that initially use public-key operations to establish a shared key for
a given communication session and then use
that shared key (under, e.g., AES) for the
remainder of the session. A simplistic example involves encrypting a
large amount of
data x. Given a secure public-key encryption scheme (E, D) with public
key K for
principal j, principal i can generate a new shared key k for AES and send AESK(X)
Ex(k). Then jcan decrypt k and use k to decrypt x at high speed. Key k can then ||
for a session of communication between iandj. be used

20. What are the security mechanisms attempted for detection of corrupted
documents and messages and protection against unauthorized modification?
[MODEL QUESTION]
Answer:
Detection of corrupted documents and messages
Detection of bit errors caused by unreliable
transmission links or faulty storage
media.
Solution: Message Digest acting as a unique fingerprint
for the document (similar
function as CRC).

Protection against unauthorized modification

Without protection a forger could create both an
alternative document and its
corresponding correct message digest.
Symmetric Key Solution: Message Authentication
Code (MAG) formed by using a
keyed message digest function.
Asymmetric Key Solution: Digital Signature
formed by encrypting the message digest
with the document author's private
key.

C&NS-66
 CRYITOGRAPHY& NETWORK SECURITY

21. What do you mean by data integrity? What are the algorithms involveJ in
ensuring data integrity? (MODEL QUESTIONJ
Answcr:
Data integrity involves checking that the rccejved message is without data corruption like
altering and tampering of the documents. Use of message digest and digital signature
ensurcs data integrily.

Long Answer Type Questions

1. a) Write down RSA algorithm. (WBUT 2015]

b) In a RSA system, the public key of a user is 17 and N=187. What willbe the
private key of this user?
Answer: are translated into
a) RSA algorithm: In the RSA encryption method, messages
sequences of integers. This can be done by translating cach letter into an integer, as is
done with the Caesar cipher. These integers are grouped together to form larger integers
each representing a block of letters. The encryption procceds by transforming the integer
an integer C, representing the
M, representing the plaintext (the original mcssage) to
ciphertext (the encrypted message) using the function.
C= Mmod n
2537, and with e= 13.
We select 2 primes, p = 43 & q =59 so that n=43 59=
gcd (e,(p-1)Xq-1) = gcd(13,42.58)
= I (gcd greatest common divisor)
convert the letters into their
Lets take the hypothetical message STOP, first we'll group those numbers into
numerical equivalents (position in the alphabet-1) and then
blocks of 4.
1819 1415 = ST OP
We encrypt each block using the mapping:
C=
M
mod 2537 = 2081, and
that 1819 mod 2537
Computations using modular multiplication show
message is thus 2081 21 82.
1415 mod 2537 =2182. The encrypted
RSA Decryption an inverse of
message can be quickly recovered when the decryption key d,
The plaintext an inverse exists since gcd(e,(p-1)(q-1))=l). To
see
e modulo (p-1)(q-1l) is known. (Such
(mod (p-1Xg-1)), there is an integer k such that de=1+ k(p-1)
this, note that de °1
if
(q-1). It follows that.
= MIk(p- Xq-1)
C°= (M)= Me = gcd(M,q) = 1, which holds except in rare
(assuming that gcd(M,p)
By Fermat's theorem M
I(mod q), consequently.
cases, it follows that MP o| (mod p) ánd
C=
M
(MP-1)k()° M1° M (mod p)
and q)
Cd= M(Mel)k(p-l)
M
1°M (mod
Since gcd(p.q) = 1, it follows that:
C M (mod pq)
C&NS-67
 POPULAR PUBLICATIONS

Example Decryption message 0981 0461, lets go

above we rcccive the abou
Using the simple cipher
decrypting it. is an inverse ofi13
13, we can work out that d=937 modujo
n=43:59 and (exponent) use 937 as our decryptionexponent, therefore.
e

42· S8 = 2436. We therefore

P=c7 mod 2537
0981 937 mod 2537,
=
0704 and 04619 mod 2537
=
111s. Translation
We compute
reveals that this message was HELP.
=
b) p=17 q=l1 n=187 (n) 160
Let us choose (- 7 since gcd(7, 160)=l
Let us complete d :de =Imod160
x 7) = 161
d= 23 (in fact 23 =l mod 160
Publickey = {7, 187}
Private key = 23

2. a) How digital signatures can be generated? WBUT 2015, 2018]

b) Compare and contrast MD5 and SHA-1 algorithms.
Answer:
a) How digital signatures work
The private key of the originator is used as input to the algorithm which
transforms the
data being signed (or its hash value). This transformation can
only be reversed, and the
data decrypted and accessed, by use of the originator's
public key, which is provided to
the recipient(s) by the originator.
Creating a digital signature with a private key
Data encryption using asymmetric keys an
is expensive operation directly proportional to
the size of the data being encrypted;
it potentially doubles the size
the processing power and bandwidth required to process of the data increasing
efficient approach is to first use a secure and transfer the data. A more
which can take large objects cryptographic hash function (such as SHA-1)
or message digest. of varying size and produce a unique fixed-size
hash value
The much smaller hash value can
key of the originator to produce then be encrypted with the private
the digital signature.

C&NS-68
 CRYPTOGRAPHY& NETWORK SECURITY

Having caleulated the meSsage digest this can be encrypted using the
private key o
he
originator to produce the digital signature, as shown in the diagram below:

Input Hash Funetion Hash Valuc

(base4 encoded)

SIIA-1 EPT9W8nb2z7byME.pnwHrUSkXig*

Private Encrypt with

Key Private Key

Digtal Signature.
VrCooaN1fp Rcoeujjczg
VjBluUUOg+ VwgGCFoodB
gZ0"
Lqph2d'qDd

Fig: Creating a digital signature

Verifying a digital signature created with a private key

key of the originator
The recipient must de-crypt the digital signature using the public
the calculated hash
and recalculate the hash value of the corresponding digital object. If
the object has been
value does not match the result of the decrypted signature, either
was not generated with the corresponding
altered since being signed, or the signature
private key of the originator.
Digital Signature
VrCooaNIfp Rcoeujezg
VjBluUUOg+ VwgGCFoodB
Lgpb2d/qDd gZiQ

Hash Decrypt with

Public Public Key
Function Key
SHA-I

EPT9W&mb2z7byMqEpnwHTUSKXIg=
EPT9w&mb227by MqEpnwHTUSkXlg= Match?

signature
Fig: Verifying a digital

C&NS-69
 POPULARPUBLICATIONS

Digital signature algorithms algorithms for crcating hásh

valucs, there are also a
Just as there
arc a number of
commonly used are RSA and De numbcr
most
of digital signature
algorithms. Tvo of the
algorithm was devcloped by Ron Rivest, Adi Shamir
RSA The RSA digital
signature and
Institute of Technology (MIT) in 1977. RSA can also
at Massachusetts
Lconard Adleman signcd. RSA does not
mandatc
the use of a
decrypt the data being
be used to encrypt and encryption are parly
particular hash function,
so the security of the signature and
used to compute the signature.
dependent on the choice of hash function Stand.s
DSA The DSA (Digital Signature
Algorithm) is defined by the Digital Security
of Standards and Technology (NIST)
was developed by the National Institute
(DSS) and to compute its digital signature.,
ThA
in 1991. The algorithm requires a SHA-l digest
signed, it purely produces a signature
that
DSA algorithm does not encrypt the data being
provenance of the data. DSA signature:
allows the recipient to verify the authenticity and can take much longer
can be created as quickly as RSA signatures, but their verification

was clearly inspired on either MD5 or

b) MDS and SHA-l have a lot in common; SHA-1
was publishedin 1993.
MD4, or both (SHA-1 is a patched version of SHA-0, which
while MDS was described as a RFC in 1992).
The main structural differences are the following:
SHA-1 has a larger state: 160 bits vs. 128 bits.
SHA-1 has more rounds: 80 vs. 64.
SHA-1 rounds have an extra bit rotation and the mixing of state words is slightly
different (mostly to account for the fifth word).
Bitwise combination functions and round constants are different.
Bit rotation counts in SHA-l are the same for all rounds, while in MDS each round
has its oWn rotation count.
The message words are pre-processed in SHA-0 and SHA-1. In MD5, cach round
uses one of the l6 message words "as is"; in SHA-0, the 16 message words are
expanded into 80 derived words with a sort of word-wise linear feedback shift
register. SHA-1 furthermore adds a bit rotation to these word derivation.
The extra bit rotation is what makes SHA-I distinct from SHA-0; it also makes SHA-I
much stronger against collision attacks, and, indeed, SHA-0 collisions have been found
while SHA-] collisions stillremain theoretical.

3. Given 2 prime numbers P= 13, Q = 31. Find out N, E, D in RSA encryption

process. WBUT 2016]
Answer:
p=13 and q =31
=
Compute n =p*q= -
1331 403
Compute g(n) (p 1) * (q-) = 12* 30 = 360,
=

Choose e such thatl<e<on) and e and n are

coprime. Let e= 103
Compute a value ford such that (d e) % o(n) = 1. One solution is d =7 [(7*103) 0
360 = 1]
Public key is (e, n) => (103, 403)

C&NS-70
 CRYITOGRAPHY & NETWORK SECURITY

Private key is (d. n) >(7,403)

4. a) With a help of diagram, briefly explain how public key cryptography works.
Explain with a diagram, how the addition of a digital signature changes
process of public key cryptography. [WBUT 2016, 2019]
b) Explain the concept of Confusion and Diffusion. (WBUT 2016]
Answer:
a) 1" Part:
users
Onc of the weaknesses some point out about symnetric key encryption is that two
attempting to communicate with cach other nced a secure
way to do so; otherwise, an
attacker can casily pluck the neccssary data from the stream. In November 1976, a paper
published in the journal IEEE Transactions on Information Theory, titled "New
up a solution: public
Dircctions in Cryptography," addressed this problem and offered
key encryption.
Also known as asymmetric-key encryption, public-key encryption
uses two different keys
at once --a combination of a private key and a public key. The private key is known only
to our computer, while the public key is given by our computer to any computer that
wants to communicate securely with it. To decode an encrypted message, a computer
must use the public key, provided by the originating computer, and its own private key.
secure since the public
Although a message sent from one computer to another won't be
key used for encryption is published and available to anyone,
anyone who picks it up
can't read it without the private key. The key pair is based on prime numbers (numbers
that only have divisors of itself and one, such as 2, 3, 5, 7, 11 and so on) of long length.
an infinite number
This makes the system extremely secure, because there is essentially
of prime numbers available, meaning there are ncarly infinite possibilities for keys. One
very popular public-key encryption program is Pretty Good Privacy (PGP), which allows
youto encrypt almost anything.

2nd Part:
The steps are:
1. Each system generates a pair of keys.
2. Each system publishes its encryption key (public key) keeping its companion key
private.
3. IfA wishes to send a message to B it encrypts the message using B's public key.
4. When B receives. the message, it decrypts the message using its private key. No one
else can decrypt the message because only B knows its private key.

C&NS-71
 POPULAR PUBLICATIONS

Bobs's
public
key rng

Joy ,Ted

Mike Alice
Alicc's
Alice's private key
publc key

Transmtted
ciphertest

Plantext Decryption Algorithm Plaintext

Encryption Algorithm
nput reverse of encryption output
(c.g RSA)
algorithm
(a) Encryption
Alice's
public
key ring

Joy
Mike Bob
Bob's
Bob's
private key
public key

Transmitted
ciphertext

Plantext Plaintext
Encryption Algorithm Decryption Algorithm
nput (c.g. RSA) reverse of encryption output
(b) Authentication algorithm

Considering P-K in more detail we have a source A that produces plaintext X destined for
B. B generates a pair of keys KUb (a public key) and KRb (a private key). With X and
KUb as inputs, A forms the ciphertext Y:
Y = Exu(X)
The intended receiver B is able to invert the transformation with his private key:
X=DxRb(Y).

C&NS-72
 CRYTOGRAPHY& NETWORK SECURITY

Cryptanalyst
A
KRA

Sourcc A
Destination B

Message Encryption Decryption X

Destination
Source Algarithm Algorithm

KR
KU,

Key Pair
Source

b) Claude Shannon in hisclassic 1949 paper, Communication theory of secrecy systemns,

introduced the concepts of confusion and diffusion. To this day, these are the guiding
principles for the design of cryptogaphic algorithms.
Roughly speaking, confusion obscures the relationship between the plaintext and
ciphertext, while diffusion spreads the plaintext statistics through the ciphertext. A one
time pad relies entirely on confusion while a simple substitution cipher is another (weak)
example of a confusion-only cryptosystem. A double transposition is the classic example
of a diffusion-only cryptosystem.
Note that confusion alone is, apparentiy, "enough", since the one-time pad is provably
secure. But diffusion alone is, perhaps, not enough, at least using relatively small blocks.
A stream cipher is simply a weaker version of a one-time pad and hence stream ciphers
employ only confusion.
Modern block ciphers employ both confusion and diffusion. The codebook aspects of
such systems provide confusion analogous to--though on a much grander scale--a
simple substitution. Well-designed block ciphers spread any local statistics throughout
the block, thus employing the principle of diffusion.

5. Define Hash function. [WBUT 2017]

Answer:
Hash function: A hash function H is a transformation that tkes a variable-size input m
= H(m). Hash
and retums a fixed-size string, which is called the hash value h (that is, h
functions with just this property have a varicty of general computational uses, but when
some additional
employed in cryptography the hash functions are usually chosen to have
properties.
are:
The basic requirements for a cryptographic hash function
the input can be of any length,
C&NS-73
 POPULAR PUBLICATIONS

the output has a fixed length.

compute for any given x.
H(x) is relatively casy to
H(x) is one-way.
V H(x) is collision-frce.
A
hash function H
is said to be one-way if it is hard to invert. where "hard
means that given a hash value h, it is computationally infeasible to find some 10inver
input
that H(x) =h. xsuch
message , computationally infcasible to find a mnessage
I1, given a
it is y not
= His saidto be a weakly collision-freelhash cqual
such that H(x) H(y) then
H is one
function.
for which it is computationally
tox
A
strongly collision-free hash function
= infeasitle
to tind any tvo messages x andy such that H(x) H(Y).
The hash value represents, concisely the longer message or document from
which
as a "digital
computed; one can think ofa message digest fingerprint" of
document. Examples of well-known hash functions are MD2 and MDS and
the larger
SHA.

6. What is message digest? WBUT

Answer: 207
Refer to Question No. 7(b) of Lomg Answer Type Questions.

7. a) What are the steps involved in SSL protocol? WBUT 2023]

b) Discuss the advantages of SSL protocol.
c) How it is different from TSL.
Answer:
a) Refer to Questions No. 8(a) ofLong Answer Type Question.

b) Advantages of SSL:
SSL also has numerous interesting noteworthy aspects, as
Completely universal - the following list highlights:
SSL's all-purpose applicability instantly creates a VPN
client using any modern Web browser (older
versions may not suppor SSL, so
be sure to test older browsers that may
be employed in your user population,
knowing that VPN requirements may force upgrades to
occur)
Total flexibility SSL supports additional applications without firewall
configuration changes.
Total transparency SSL background services have no visible impact on end
users.
Cost effectiveness Existing SSL implementations conserve both time and
budget.
Unrestricted movement
pass through most firewalls.
-
Many SSL VPNs use that SHTTP port, allowed

C&NS-74
 CRYPTOGRAPHY & NETWORK SECURITY

TLS SSL
More sccure in Comparisonto SSL. Less secure in cormparison to TLS.
TLS 1.0 and 1.1 are cumently deprccatedAIL the SSL versions are deprccated now.
but TLS 1.2and TLS 1.3 are actively uscd
asof 2022.
Pruvides more alert messages than SSL. Less alcrt messages in comparison to
TLS.
Provides support to the alern messagcs No support provided for the alert
generated by SSL..
messages.
Uses HMAC for data integrity. TLS 1.3 Uses MDS and SHAI based on a MAC.
uses AEAD for both encryption and
authentication.
Doesn't support the Fortezza cipher suite. | Supports the Fortezza cipher suite.
Client sends an insecure Hello requcst and An explicit secure conncction is made at a
once secure connection is made port. For example cxplicit HTTPS
communication switches to a port like 443 connection is made at port 443.
in case of HTTPS.

8. Write short notes on the following:

a) Digital Signature WBUT 2014, 2019]
b) Message Digest WBUT 2014, 2015]
cj Diffie-Hellman Key-ExchangelAgreement Algorithm WBUT 2016]
Answer:
a) Digital Signature:
a
A digital signature is a construct that authenticates both the origin and contents of
message in a manner that is provable to a disinterested third party.
can be
Digital signatures, in which a message is signed with the sender's private key and
proves
verified by anyone who has access to the sender's public key. This verification person
that the sender had access to the private key, and therefore is likely to be the
message has not been tampered,
associated with the public key. This also ensures that the
as any manipulation of the message will result in changes to the encoded
message digest,
which otherwise remains unchanged betwecn the sender and receiver.
a not only has to know
Example: Think of Alice's signature on contract with Bob. Bob
that Alice is the other signer and is signing it; he also
must be able to prove to a
it and that the contract he
disintérested third party (called a judge) that Alice signed
is called a digital
presents has not been altered since Alice signed it. Such a construct
certificate-issuing
signature. A digital certificate contains the digital signature of the
can verify that the certificate is real
authority (CA) so that anyone

b) Message Digest: message or document from which it was

The hash value represents concisely the longer
can think ofa message digest as a
computed; this value is called the message digest. One
was proposed by Rivest, part of RSA
"digital fingerprint" of the larger document MDS
C&NS-75
 POPULAR PUBLICATIONS
MDS and SHA
MDS is 128-bit message digest functjon. are based
Sccurity PKCS. considered secure anymore
However, MDS may not be due to
Same principles. message digest function (SHA) is
as follows: 1s\engh
Working principle of
Pad mcssage so its length is 448 mod S12
I. message
2. Append a 64-bit length value to
3. Initialise 5-word (160-bit)
buffer (A,B.C,D,E)to
(67452301,cfcdab89. 98badcfe,10325476,c362e1n
message
in 16-word (S12-bit) chunks:
4. Process
5. Expand 16 words into S0 words by
mixing & shifing
6. use 4 rounds of 20bit
operations on message block & buffer
new buffer value
7. Add output to input to form
8. Output hash value is the final buffer value
MDS and SHAl are algorithms for cormputing 'condensed representation' of
a
a messagt
or a data file. The 'condensed representation' is of fixed length and is
known
message igest' or 'fingerprint'. as a
it clear
A
comparison of the two hash functions and make that they have very
simila
design principles.
SHA-1, published in 1994, produces a 160-bit (20 byte) message digest. Although
slower
than MDS, this larger digest size makes it stronger against brute force attacks. SHAl L
ses
five rounds of an MDS like round function to produce five 32 bit blocks. The new feature
of SHAI is an expansion step before
the five rounds. I is a simple lincar feedback shit,
register expansion that mixes all the bits of the input block.
MDS, developed in 1994, produces an 128 bit (16 byte) message digest vwhiclh
nakeh
faster implementation than SHA-1. MDS uses four rounds to producc four 32 bit blocke
In both cases, the fingerprint (message digest) is
also non-reversible data cannot
retrieved from the message digest, yet as stated earlier, the
digest uniqucly identifies the
data.

c) Refer toQuestion No. 3 of Short Answer Type Questions.

9. a) Inthe public-key system using RSA, you intercept
to a user whose public key is E=5, N=35. What is the plainthe cipher text CT=10 sent
text PT?
b) In an RSAsystem, the public key
of a given user is E=31, N=3599. What is the
private key of the user?
Answer: [(MODEL QUESTION)
a) We know that the ciphertext
CT= 10, and the public key PU= {e, n} =
Based on Euler's Totient function, (5, 35}.
than n and relatively prime to n
(n) is defined as the number of positive integers les
[textbook: "Cryptography and Net work
240). We could find that Security", pag*
(n) = 24.
Now, we guess two prime numbers p
conditions will be satisfied and g. Let p be 5 and a be 7. All the follows
based on the guess:
(0) n=p*q=5*7=35
(2) (n) = (p-1Xq-l(5-1X(7-1)=4*6=24
C&NS-76
 CRYTOGRAPHY &
NEIWORK SECURITY

(3) gcd((n). c) = gcd(24, 5) =1,

Wecalculate d
1<e< (n)
in the next step. Based on RSA key generation
aigo.ithm.
d=c-l mod (n) which is cquivalent to
cd = l mod (n)
cd mod (n) =1.
We havee= 5, (n)= 24. So, Sd mod 24 =1, and d
=S.
Now, we find the private key PR= (d, n)= (5, 35).
Based on RSA decryption algorithm,
M=Cd mod n
= 105 mod 35

We also can verify the corectnessby the RSA cncryption algorithm as the following:
CT = PTe mod n=55 mod 35 = 10
Therefore, we conclude that the plaintext PT is 5.

b) The private key can be written as {d, n

To calculate d, we have to |" calculate O(n)
where (n) is the number of prime factors of n
e=31, n=3599
Itmeans that e is relatively prime to (n), i.e. gcd ((n), e) = 1
To find (n), we have to first check whether n is prime or not, and if it is not, what are
the prime factors of n.

Step 1: To find prime factors ofn

By using trial and error we find that n is not prime and the prime factors of n are
n=3599 = 6] * 59
Thus p =61 and q = 59 are both prime numbers.

Step 2: To calculate D(n)

Here we find the Euler's totient function written as O(n), where D(n) is the number of
positive integers less than n and relatively prime to n.
It is clear that for a prime number p,
O(p)= p-l
Now since we have two prime numbers p and q, with p # q, Then for n= pq,
D(n) =(pq) = (p) * (q) (p-1) * (q-1)
=

Therefore
=
D(3599) (61) o(59) = 60* 58 =3480

Step 3: Calculate d
We know that if gcd(O(n), e)= 1,then e has a multiplicative inverse modulo o(n)
Therefore
d=e'modo(n)
i.e. d is multiplicative inverseofe mod (n)

C&NS-77
 POPULAR PUBLICATIONS

find the multiplicative

So now we usethe cxtendcd Euclid's algorithm to iinverse
ofe.
EXTENDED EUCLID ((n), c)
I. (Al, A2, A3) -(U, 0, m): (BI, B2, B3) (0, b)
1,

return A3- gcd((n), c): no inverse

2. ifB3 =0
3. if B3 =| return B3 gcd((n), e); B2
=e mod m
4.Q = [A3/B3]
5. (TI, T2, T3) - - -
(AI QBI, A2 QB2. A3 QB3)
-

6. (A1, A2, A3) - (BI,

B2, B3)
7.(B1, B2, B3) -(TI, T2, T3)
8. goto 2

Throughout the computation, the following relationships hold:

D(n)T1 +eT2 = T3
D(n)Al+ cA2 = A3
O(n)BI + eB2 = B3
Now we construct a multiplication table
Al A2 A3 BI B2 B3
0 3480 1
31
112 31 1

-112 8
3 -112 8 -3 337
-3 337 7 4 449
Now we need to check whether 449 is multiplicative inverse of 3 l modulo 3480
Therefore
449 * 3| =-13919
-13919 mod 3480=-3479 mod 3480 =| mod 3480
Hence it is proved that d =449 is multiplicative inverse of e= 31 mod
o(n)
So the private key of this user will be {-449, 3599}

10. a) Given 2 prime numbers P=13, Q=31,find out N, E, D in RSA encryption

process.
b) Compare and contrast between MD5 and SHA.
(MODEL QUESTION]
Answer:
a) Choose p= 13 and q =31
Compute n =p* q= 13 * 31 =403
Compute o(n) =(p - 1) (q- 1) = 12• 30 = 360
Choose e such that 1 <e<q(n) and e and n are
coprime. Let e =7
Compute a value for d such that (d e) % o(n) = 1. One solution is d = 103 [(103
360 = 1] 7))
Public key is (e, n) => (7, 403)
Private key is (d, n)=> (103, 403)

b)MDS -Message Digest #5 and SHA -Secure Hash Algorithm

MD5- Message Digest #5
Invented by Ron Rivest (the R in RSA) RSA
of Security Inc.
C&NS-78
 CRYPTOGRAPHY &
NETWORK SECURITY

MDS computes a haslh value of 128 bils (16 bytcs) out of an arbitrary-sized binary
document.
-
SHA Secure Hash Algorithm
Developed by the US National Institute of Standards and Technology (NIsT) with
the assistance of thc National Sccurity Agency (NSA).
SHA-1 computes a hash value of 160 bits (20 bytes) out of an arbitrary-sized binary
document. The algorithm is similar to MDS.
SHA-1 is more secure than MDS due toits increased hash size.
An improved SHA-2 algorithm with hash sizes of 256 bits (32 bytes), 384 bits (48
bytes) and 512 bits (64 bytes) was published by NIST in October 2000 1o keep up
with the increased key sizes of the Advanccd Encryption Standard (AES).

C&NS-79
 POPULAR PUBLICATIONS

INTERNET SECURITY PROTOCOLS, USER

AUTHENTICATION
Very Short Answer Type Questions

Biometric authentication works on the basic of

1.
wBUT
a) Human characteristics b) Passwords 209)
c) Smart cards d) PINs
Answer: (a)

2. forms the basic for the randomness of an authentication

a) Password b) Seed token.
c) User id wBUT
d) Message digest 2014
Answer: (b)

3. SSL Iayer is located between

a) transport layer, network layer b) application wBVT2018)
c) data link layer, physical layer layer, transport layer
d) network layer,
Answer: (b) data link layer
4. The protocol is responsible for
sending change Cipher Spec
messages.
Answer: CCS WBUT2023
5. In authentication, the claimant
without actually sending proves that
it. helshe knows a secret
Answer: Challenge-response
WBUT 2023)
6. IPsec services are
avallable in
a) Application layer.
b) Data link [MODEL QUESTION)
Answer: (c) c) Network
d) Transport

Short Answer Type

1. What do you mean
Questions
by 2-factor authentication?
Answer:
Two-factor authentication [WBUT 2014)
identification, one is a security process
of which in which the user
which is typically
something
is typically a physical
token,
provides two means
factors involved are memorized, such as a such as a card, and
the other of
sometimes spoken security code. In
A common example of as
something we
this context, ne t
physical item and of two-factor authentication a have and something we know.
the personal identification is bank card: the card
itselr
is the data that goes with5it. .
number (PIN)

C&NS-80
 CRYTOGRAPHY &
NETWORK SECURITY

According lo proponents, two-factor authentication

could drastically
of online identity theft, phishing expeditions, and other online fraud, reduce the incidenee
because the victims
password would no longer be cnough to gve a access
thicf to their information.
Opponents argue (among other things) that, should a access
he can boot up in safe mode, bypass the plhysical thief have to your computel,
svstem 1or all passwords and enter the data authentication processes, Scanyou
manually, thus -- at least in this situation --
making two-factor authentication no morc securc
than the usc of a password alone.
2. Describe the functioning of an MAC?
[WBUT 2014]
Answer:
While message authentication code (MAC) unctions are similar to
cryptographic hash
functions, they pSsess different securityrequirements. To be considered securc, a MAC
function must resist existential forgery under choscn-plaintext attacks.
even if an attacker has access to an This means that
oracle which possesses the secret key and generates
MACs tor messages of the attacker's choosing. the attacker cannot guess the MAC for
other messages (which were not used to query the oracle) without performing infeasible
amounts of computation.
MACs differ from digital signatures as MAC values are both generated and verified using
the same secret key. This implies that the sender and receiver of a message must agree on
the same key before initiating communications, as is the case with symmetric encryption.
For the same reason, MACs do not provide the property of non-repudiation offered by
signatures specifically in the casc of a network-wide shared sccret key: any user who can
verify a MAC is also capable of generating MACS for other messages. In contrast, a
digital signature is generated using the private key of a key pair, which is public-key
cryptography. Since this private key is only accessible to its holder, a digital signature
proves that a document was signed by none other than that holder. Thus, digital
signatures do offer non-repudiation.
However, non-repudiation can be provided by systems that securely bind key usage
information to the MAC key; the same key is in possession of two people, but one has a
copy of the key that can be used for MAC generation while the other has a copy of the
key in a hardware security module that only permits MAC verification. This is commonly
done in the finance industry.

3. Explain how NAT works with an example. [WBUT 2014]

Answer: a uses a
The following figure shows an example of single-subnet private network that
Routing and Remote Access NAT-enabled router to provide
access to the Intermet.
Computers on the private network have a private IPy4 address, except for the router,
on the
which has both a private and a public address. The Web server, like any computer
Internet, has a public IPv4 address.
a
Client on a Private Network Behind a Routing and Remote Access NAT Accessing
Resource over the Internet.

C&NS-81
 POPULAR PUBLICATIONS

I0003
Client PC with
IE Web Browscr
TCP Port 1025 |000|
Roquests nformation 208.73.11866
from the Web Server
on the internet

Modem
I57 54.01 Web Server
TCP Pot 80
NAT-cnabled Router
TCP Port |9.44
Optional NAT
Components Configured:
• Basic Firewall
DHCP Ailocator
DNS Proxy

The following table describes cach component shown in the prcceding figure.
Component Description
on its network adapter.
Client PCs Each client has private IPv4 address configured
a

Clients nced onlya Web browser and access to NAT-cnabled

a router to bel
able to access the Wcb scrver across the Internct.
on its
|Routing and The NAT-cnabled router has a private IP v4 address configurcd
a public IPv4 address configured on its Internet
Remote Access| private interface, and
NAT-enabled interface (in this example, a dial-up modem). The router has the optional
router Basic Fircwall, DHCP allocator, and DNS proxy NAT components enabled.
For more information, see"Optional NAT Subsystems."
For a larger network, an administrator might also configure a more
sophisticated firewall in addition to using Basic Firewall to protect the
|Internct interface of the NAT-enabled router and might use a DHCP server
(requiredif the network has more than one segment) and a DNS server.
Web server |A Web server on the Internet provides resources necded by thec client
computers on the private network. Like all computers on the Intermct, it has
la public IPy4 address.
4. Differentiate between transport and tunnel modes of operation of IPsec.
[WBUT 2015]
Answer:
Tunnel mode encapsulates the whole IP packet by cither encrypting, authenticating or
most likely doing both. Tunnel mode willencapsulate our packets with IPSec headers
and trailers.
Transport mode can be used to protect IPsec peers traffic that they exchange and
generate by themselves. This means that we configure transport
if mode on some
tunnel interface it will only be used when the traffic to be protected
has the same lP

C&NS-82
 CRYTOGRAPHY &
NETWORK SECURITY

addresses as the lPScc peers. Though it could also be cncapsulated in tunnel .ode
likecverything clsc but here is an interesting concept.
Transport mode having Larger MTUthanTunncl mode
Transport mode Requires IPsec to be implemented on the IPS entities Wnerca
Tunncl mode Don't have to implement IPscc on the IPS entity
Traversing NATs is gasicr in tunnel mode than transport mode

5. How is S-HTTP different from SSL? [WBUT 2015, 2016, 2017]

Answcr:
Secure Sockets Laycr (SSL)and Secure Hypertext Transport Protocol (S-HTTP) allow
for the cxchange of multiple messages betwcen two proccsses.
The main diflercnce between these protocols and PGP and PEM is that SSL and S-HTTP
use a session model, and thus the security mechanisms and parameters used during a
session can be negotiated. This allows the degree and kind of sccurity to be varied
according to such factors as the nature of the data being cxchanged and the vulnerabilities
of the underlying communication media. SSL and S-HTTP were designed primarily for
WWW-based conmerce.
In terms of implementation, SSL fits between the session and transport layers, and is
implemented as a replacement for the sockets API to be used by applications requiring
secure communications. S-HTTP, on the other hand, is similar to PEM in terms of
implementation - its data are passed in named text fields in the HTTP header.

6. a) Why is the SSL layer positioned between the application layer and transport
layer? [wBUT 2015, 2016, 2019]
b) What are the problems associated with clear text password?
WBUT 2015, 2018, 2019]
Answer:
a) Because of its position, SSL gives the client machines the ability to selectively apply
security protection on individual applications, rather than set forth encryption on an entire
group of applications. The procedure can be done without concerning Layer 3, the
network layer. For these reasons, when SSL is used for encrypting network traffic, only
the application layer data is actually encrypted. This differs from, say, the IPsec protocol,
which operates at the network layer and encrypts all traffic data right down to the IP
layer.

b) The problem happens in at least five different areas:

occurs when end users type passwords
Clear text password during input: This problem
and those passwords remain visible on the screen after being typed.
occurs when an operator pulls
Clear text password during management: This problem
up a connection profile and can read the password off the profile when he/she really only
should be using an existing profile.
configuration files,
Clear text password during storage: This problem happens when
customer profiles or FTP scripts are written to disk and no encryption is used to protect
the stored data.
C&NS-83
 POPULAR PUBLIOCATIONS

occurs when passwords

Clear text password in tracc logs: This problem are
written
trace logs. into
Clear text password on the wire: This problem occurs when passwords are
sent across
network. a
7. What is the difference between MAC and message digest? wBUT
2018)
Answer:
A message digest algorithm takes a single input -- a message -- and produces
a "message
digest" (aka hash) which allows you to verify the integrity ofthe message: Any
change
the message will (idcally) result in a different hash being generated. An attacker to
that
replace the message and digest is fully capable of replacing the message and digest can
new valid pair. witha
A
MAC algorithm takes two inputs -- a message and a secret key -- and produces
which allows you to verify the integrity and the a MAC
authenticity of the message: Any change
to the message or the secret key will (ideally) result a
in different MAC being generated.
Nobody without access to the secret should be able to gencrate a
verifies; in other words a MACcan be used to MACcalculation that
check that the MAC was generated by a
party that has access to the secret
key.
8. Drawthe IP security authentication header.
Answer: Refer to Question No. 6.a) [WBUT 2019]
ofLong Answer Type Questions.
9. What are authentication
tokens? [MODEL QUESTION]
Answer:
Tokens are either physical or digital
entitics given to the user by the server
exchange of their username and system in
password, which helps a user to access resources
multiple times without requiring usernames or
entire session of communication. password pair possible through out
the
a
Example of physical token is smar card. In
Kerberos authentication tokens are
used.
10. Narme the different
Internet security protocols. (MODEL QUESTIONJ
Answer:
Transport Layer Security (TLS) and
its predecessor, Secure Sockets Layer
cryptographic protocols that provide sccurity (SSL), are
encrypt the segments of network for communications. TLS and SSL
connections at the Transport Layer end-to-end.
TLS allows clienUserver applications to
communicate in a way designed to prevent
cavesdropping and tampering.
TLS provides endpoint authentication
and communications confidentiality
crvptography. using

11. What is the purpose

of challenge/ response method in
authentication?
[MODEL QUESTION]

C&NS-84
 CRYPTOGRAPHY& NETWORK SECURITY

Answcr:
Passwords have the fundanmental
problem that they are reusablc. If an attacker sees a
nassword. she can later replay the password. The system cannot
distinguish betwecn ne
attacker and the legitimate user, and allows access. An
alternative is to authenticate m
such a vay that the transnnitted password changes cach time. Then, an attacker
a if replays
previously uscd password, the system will rcjcct it. Let user desire to
U
authenticate
himselt t0 system S. Let and S have an agrecd-on secrct function f. A challenge
U

responsc authentication system is onc in

which S sends a random message m (ne
challenge) to U, and rcplies with the transformation r= f(m) (the response). S
U

validates
rby computing it scparately.
12. What is the common way to ensure authentication? (MODEL QUESTIONJ
Answer:
Passwords are an examplc of an authentication mechanism based on what people know:
the user supplies a passwvord, and the computer validates it. If the password is the one
associated with the user, that users identity is authenticated. If not, the password
is
rejected and the authentication fails.

13. What are the requirements of authentication? [MODEL QUESTIONJ

Answer:
set A
of specific (authentication) information from an entity
Set Cof complementary information stored with the system and used for validation
Set Fof complementation functions that generate the complementary information
Set L of authentication functions that verify identity
Set S of selection functions that enable an entity to create or alter the authentication
and complementary information

14. What are the goals of password protected authentication system?

[MODEL QUESTION]
Answer:
The goal of an authentication system is to ensure that entities are correctly identified.
The goal is to find an aiA such that, for fiF. fla)=c iC and c is associated with a partiçulr
entity.

Long Answer Type Questions

1. Write short note Biometric Authentication. WBUT 2015, 2018,2019]
OR,
Explain in brief the concept of Biometric Authentication. WBUT 2017]
Answer:
capture to.stored,
Biometric authentication systems compare the current biometric data
match.
confirmed authentic data in database. If both samples of the biometric data
a

process is sometimes part of a

authentication is confirmed and access is granted. The
a user might log on with his
multifactor authentication system. For example, smartphone
C&NS-85
 POPULARPUBLICATIONS

personal identification number (PIN) and then provide an iris scan to complete
authentication process. Differcnt mechanisms by which biometric can be includedthe
cryptography: in
Fingerprints
May be scanned optically
A
capacitative technique uscs the differences in electrical charges
of
on the finger. The data is converted into a graph. The problem of the whors
determining
matches is basically similar to the classical graph isomorphism.
Voiccs
Authentication by voice involves recognition
or verbal information verification.
of a spcaker's voice characterist
The first one uses statistical techniques to A
the hypothesis that the speaker's identity is as
claimed. The other one deals m

the contents of utterances.

The difference is that the speaker
verification techniques are speaker dependent
whereas verbal information verification
tcchniques are speaker-independent.
Eyes
Authentication by eyc characteristics uses
the iris and the retina. Patterns within
the iris are unique with cach person.
Retinal scans rely on the uniqueness
patterns made by blood vessels at of the
the back of the eye.
Faces
Face recognition consists
of various steps starting with the location
This requires placing the face of the face.
in a predetermined position.
neural networks and templates. Techniques include
Keystrokes
Keystroke dynamics requires a
pressure, keystroke signature based on keystroke
duration and the position intervals, keystroke
signature is believed to be unique. of the stroke in the key. This
2. What do you mean by network
security? Explain with a suitable
model.
Answer: [WBUT 2016, 2019]
Each layer of the NSM
is built upon the layer
layer fails all layers above below it,
it willfail as well. We will much like the OSI model, if one
OSImodel as look at the NSM versus an
shown in figure below to inverted
show how each model
Network Security Model relates and differs.
Physical (NSM)
OSI Model (inverted)
VLAN Physical
ACL Data Link
Software Network
uscr Transport
Administration Session
IT Department Presentation
Application

C&NS-86
 CRYPTQGRAPHY&NETWORK SECURITY

The first layer is the physical layer from the NSM and the physical layer fron the OSi
model. Both work with the physical aspects of the network. The physical layer from the
NSM deals with physical securities where thc physical layer from OSI
dcals
physical network conncetions. Both layers are very scif explanatory and very easy to deal
with.
The second layer is the VLAN layer from the NSM and the data link layer from the OSi
model. Both work sinilarly by dealing with MAC addressing and VLANs. The VLAN
layer fromthe NSM deals with VLAN seginentation. This splits LAN'S across switches
and segments based on the data link layer from OSI model which covers MAC
addressing.
The third layer is the ACL layer from the NSM and the network layer frorn the OSI
model. Both work similarly by dealing with IP addressing and LAN's. The ACL layer
fronm the NSM dcals with ACL implementation which is used to allow or deny access
based on the network layer from the OSI model which covers IP addressing.
The fourth laycr is the software layer from the NSM and the transport layer from the OSt
model. Both deal with the actual connection on the network from host to host. The
software layer from the NSM deals with the software and the patches that allow the
OSI model describes the
software to not be exploited whilc the transport layer from the
connection between the both ends of the software connection.
OSI model.
The fifth layer is the user layer from the NSM and the session layer from the
Both deal directly with the local host wherc the
user layer from the NSM deals directly
layer from the OSI
with the user who is able to utilize that local machinc. The Session
model deals directly with communication on that local machine.
presentation layer from
The sixth layer is the administrative layer from the NSM and the
administrative layer deals
the OSI model. Both deal with administrative functions. The uscrs
to direct and the presentation
with the administrative users who have the ability
layer deals with how the data is
dirccted.
The seventh and final layer is the IT department
layer from the NSM and the application
layer deals directly with the maintenance
layer from the OSImodel. The IT department model
sure that the entire network works correctly from NSM
of all layers and making application layer from the OSI model deals with the.
and all layers of the OSI model. The
actual display of the data.
creation ofa Digital certificate. How is SHTTP
3. a) Name the four key steps in the [WBUT 2016, 2019]
different from SSL? WBUT 2017]
b) What is HMAC?
Answer:
a) 1" Part: the IP-Protcctor application. Then, a copy of the
Digital certificate is creatcd outside of
private key is exported for access by IP-Protector sofware.
certificate and

Steps:
1. Creating our private
signing key and certificate
Vendors that provide CA services
C&NS-87
 POPULAR PUBLICATIONS

access by IP-Protector
2. Exporting your certificatc for
3. Recording key storage
location information in IP-Protector
a
4. Accessing the private key to crcate signature

Creating our private signing key and requesting a public

key certiffcote
Step 1.
Several vendors are listed below that provide signing certificates (public and
keys) that can.be used in the lP-Protcctor application. prial
There are several techniqucs for creating key-pairs and certificates. Each of the vendors
web sites below will describe their unique process for creating our keys and
their
trials. For example. our organization may have a defincd process for creating fre
siging
certificates. The IP-Protector only requires that the certificate key-pair be stored
IETF standard PKCS #12 record. in a

Step 2. Exiporting your certificate for access by IP Protector

The process of exporting our certificate is identical to making a
digital certificate. There are two decisions that we backup copy of
make during this process:
1. Where to store the
certificate file? We suggest that we put
certificate on a removable disk Iike a thumb the copy of the:
drive. The certificate file i
encrypted and could be stored anywhere on our
computer.
2. The password we use to protect
the certificate should be difficult to guess.
of letters and numbers and longer than 10t
should include a combination
characters. The security
of your signing certificate is only as good as the
password we choose.

Step 3. Recording key storage location

This is a one-time setup task to information in IP-Protector
describe where the signing key is stored.
create a signature. the Each time we
software willnecd to access
for password. During this step, this storage location and will ask us
the signing key file is not opened or
read.
Step 4. Accessing tlhe private
key to create a signature
The private key is stored inside
private key can be accessed the computer file you spccified
in the previous step. The
only by providing your
private key is retrieved password. Using your
from the file and used to password, the
calculation is done inside calculate your signature. "The
thc IP-Protector software. signature
2nd Part:
The main difference betwecen
operates at the transport the protocols is the
layer and mimics the "socket layer at which they operatc. SSL
the application layer.
Encryption of the transport library." while S-HTTP operates at
independent, while layer allows SSL to
S-HTTP is limited to be application
protocols adopt different the specific software
implementing
the entire communicationsphilosophies towards encryption as well, i. The.
channel and S-HTTP with SSL encrypting
S-HTTP allows a user encrypting each message
to produce digital
messages during an signatures on any messages independenily.
authentication protocol), a (not just specite
feature SSL lacks.
C&NS-88
 CRYTOGRAPHY& NETWORK SECURITY

b) Incryptography, a keyed-hash message authentication code (IMAC) is a specific type

of message authenNication code (MAC) involving a cryptographic hash function and a
sccret cryptographic kcy. mnay
lt be used to simultancously verify both the data
integrity and the authetication of a messuge, as with any MAC.
Any cryptographic nas
function. such as MDS or SHA-1, may be Used in the calculation
of an HMAC; the
resulting MAC algorithm is termed HMAC-MDS or HMAC-SHAI accordingly. The
cryptographic strength of the HMAC depends upon the cryptographic strength of the
underlying hash tunction, the size of its hash output, and on thc size and quality of
the
key.

4. What is the difference between a message authentication code and a one-way

hash-function? [WBUT 2018]
Answer:
The main difference is conceptual: while hashes are used to guarantee the integrity of
data. a MAC guarantees integrity and authentication.
This means tlhat a hash codc is blindly generated from the message without any kind of
external input: what you obtain is something that can be used to check if the message got
any alteration during its travel.
A MAC instead uses a private key as the seed to the hash function it uses when
generating the code: thisshould assure the receiver that, not only the message hasn't been
modified, but also whosent it is what we were expecting: otherwise an attacker couldnt
know the private key used to generate the code.
5. Explain with figures how secure socket layer (SSL) is accommodated in TCPIP
protocol suit. WBUT 2018]
Answer:
SSL can be conceptually considercd as an additional layer in the TCP/IP protocol suite.
The SSL layer is located between the application layer and the transport layer. Here, the
is
SSL layer performs encryption on the data received from the application laycr (which
own encryption information header,
indicated by a different color), and also adds its
called as SSL Header (SH) to the encrypted data.
transport layer. It adds is
Afier this, the SSL layer data (L5) becomes the input for the
own header (H4), and passes it on to the Internet layer, and so
on. This process happens
data transfer. Finally, when the
exactly the way it happens in the case of normal TCP/IP
a

voltage pulses across the

data reaches the physical layer, it is sent in the form of
transmission medium.
to how it happens in the case or
a
Atthe receiver's end, the process happens pretty similar
new SSL layer. The SSL layer at the
normal TCP/IP connection, until it reaches the
the encrypted data, and gives the
receiver's end removes the SSL Header (SH), decrypts
the receiving computer.
plain text data back to the application layer of are
layer data is encrypted by SSL. The lower layer hcaders
Thus, only the application
not encrypted.

C&NS-89
 POPULAR PUBLICATIONS
must
SSL to
has encrypt all the headers, it be I positioned
obvious: if below
This is quite
serve no purpose at all. In fact, would leadto problemg
it

the data link layer. That

would even the IP and physicali addresses
all the lower layer hcaders,
If ssL encrypted
internediate nodes) would be encrypted. and bccome ofthe
computers (sender, receiver, and a
where to deliver the packets would be big question. To undersland
unreadable. Thus, we put address of the sender
what would happen if the and the
the problem, imagine
of a letter inside the cnvelope!
Clearly, the postal servicc would not know where
recciver
no point in encrypting the lower layer headers
to send the letter! This is also why there is transport layers.
Therefore. SSL is required betwcen the application and the
Located between the application layer and thetransport layer:
Application layer

SSL. laycr

Transport laycr

Network layet

Data lunk layer

Physcal layer

6. What do you mean by network security? [WBUT 2023)

Answer:
Refer to Questions No. 2 of
Long Answer Type Questions.
7. a) What are Biometrics?
b) Discuss different examples of Biometrics.
c) Discuss problems with current security systems.
[WBUT 2023)
Answer:
a) Biometrics are a group of digital security
methods that rely on biological o
physiological attributes and that are used to prevent
hacks or unauthorized logins. Biometrics use
data breaches such as credit card
criteria that are physically unique to an
individual that can prove their identity, as
such a fingerprint or voice pattern,
relying on passwords or PIN codes that can be more rather than
easily hacked or stolen.
b) DNA - DNA (Deoxyribonucleic acid) is a
approximately 100 trillion cells within
chemical substance found in ecach the
the human body. It contains informational,
of
code for replicating the cells and genetic
constructing the proteins required to
life. The entire DNA in
each cell holds the complete set
sustain and develop
creating an organism and is known as genome. DNA found
of biological instructions to
is divided into two chromosomes
the in the nucleus of the cell
(one inherited from the mother
father) and this DNA material and the other from th
comprises both protein-coding
regions. A protein-coding rcgion regions and non-coo
is known as a gene
and this contains all
e
C&NS-90
 CRYITOGRAPHY& NETWORK SECURIIY

information for the ccll to make protcins.

Gencs form less than 5% of the genone which
is mostly made up from non-coding DNA.
There are iportant differences between the uscs of DNA andthe associated processinB
protocols for identity management and
biometric databases as opposed to other
arplications Such as medical rescarch
and gencalogy (sce use cascs). DNA is present in
all human cellular matcrial (hair, blood, skin ctc.) but biometric sampling is commonly
undertaken by obtaining a buccal swab of the inside surface of the facc check to remove
skin cclls. Biometric DNAsampling therefore requircs contact with
thesubject.
Ear-The shapc and features of
the human car revcal spccific characteristics that allow
for the identification of an individual. Ear identification has been used for many years in
countrics such as France and details of an arrested person's cars were collected alongside
face images and fingerprints as part of the criminal record. With the advent of advanced
computing algorithms such as convolutional neural networks during the last decade ear
recognition has become a viable automated biometric technology that now extends
beyond its traditional law cnforcement applications.

Eyes: Iris -The iris is the coloured circular segment at the front of theeye that contains
the pupil at its centre. The iris controls the size of the pupil to adjust the afnount of light
entering the eye. Iris recognition technology uses the unique patterns of the coloured
tissue that form the iris. Thcse patterns are captured by a camera operating in near infra
red wavelengths. The first iris cameras had to be close to the eyes (but not in contact with
them) in order to record sufficient detail but technological advances now allow cameras
to be placed several feet away and capturc the irises of those on the move such as at an
airport boarding gate. The system uses pattern-recognition algorithms, in a similar way to
automated fingerprint recognition systems, to perform comparisons in both the
biometric one-to-one (1:1) verification to authenticate a suggested identity and one-t
many (1:N) identification'modes as a probe to search a database to establish if any of
the other iris records provide a potential match.

Eye: Retina The retina lies at the back of the eye and detects light which is
transmitted as electrical impulses to theoptic nerve. The retina is fed by a network of
blood vessels and it is this network that forms the unique structure that facilitates retina
recognition. The array of blood vessels is different in each cye and no two people have
the same configuration.

Face - Face biometrics use aspects of the facial area to verify or identify an individual.
There are a wide variety of techniques used to statistically look at facial characteristics in
a way that is not affected significantly by age, expression, lighting, or many other
variables. Such techniques might include machine learning algorithms, such as
convolutional neural networks (CNN) that have been trained on huge sets of facial
images. It does not directly involve mcasuring the distance between fëatures. Current face
algorithms describe the shape and appearance of facial features, like cyes, nose or mouth,

C&NS-91
 POPULAR PUBLICATIONS

capture discriminative
by applying imagc proccssing spccially traincd to as a
andstable
representation which is known face template.
a
combincd in numeric a face' dan
about
The same techniques can also be tused to derive information
the
s
charactcrisicy
identificaion
uses do not necd to involve
such aS age or gender. Such
individual. of an
a conventional camera
or

Tihe tace image can be canturcd by

smartphone camera
subject is in motion. The images may as
portrait or as part of vidco while the
a
or knowledge of be captureAa
remotely and at a distance and without the cooperation the datasubject
advanced algorithns, machine learning lools and processing
Ihe advent of capabiltúes
over decade has greatly increased the accuracy of facc
C.g.. CNN the last recognition.
However, it is very important to note that face recognition
deals with theidentity
individual while face characterisation. which uses
different 'algorithms, of the
is designed
as age, gender, cthnic background to
classify an individual into a category such cc.
operating context and objectives
of
these two applications are very different The
but often
confuscd by the media and public at large.

Fingerprint -- Fingerprints are formed by the raised papillary ridges that run across
skin's surtace. Humans, together with some other mammals, have these ridges on the
their.
fingers, thumbs, palms and the toes and soles of the fet. The ridges have evolved
to
provide friction in order to aid grip and locomotion. The flow of these ridges often forms
patterns but the ridges themselves do not always run continuously due to breaks
deviations in their structure (i.e., wherethe ridges end or bifurcate - known as minutiae).
The occurrence of these minutiae is random in nature and are used as the basis t
establishing identity as no two regions of skin, bearing papillary ridge systems, have eer
been found to have the same arrangement of minutiae. Consequently, thc fingerprints on
cach human digit are unique and can be used to identily individuals. The same is true of
palmprints but the area of ridged skin is much larger and therefore contains more delail.
Some biometric systenms use palm prints or palm prints together with fingerprints to enrol
individuals.
Biometric recognition systerms capture and digitise salient features from the fingerin
such as the arrangement of minutiae and the flow and orientation of the ridges to crcale
a biometric template. These templates are thenstored in a dataset
that allows the system
to select fingerprints to perform either individual comparisons or scarches through the
appropriate database(s) depending on the use case.
Fingerprints can be recorded using paper and ink but most current biometric applications
use either a scanner, where the finger is placed on or rolled across a platen, or a
contactless method that captures the required detail at a proximal distance. This method s
becoming increasingly popular because of the potential hygiene issues associated with
methods
multiple enrolments on the same platen. However, any of
these enrolment
require cooperation from the subject and ofen human supervision at m
he
enrolment to assure the quality of the biometric data.
rate
Heartbeat-Individuals produce a distinctive heartbeat, regardless of their heart
shape
and level of exertion, that is determined by a number of factors, for example, the
C&NS-92
 CRYPTOGRAPHY &
NETWORK SECURITY

size and sounds of the hcart, the arrangcment of the heart valy es and the pressures the
produce and the individual's general physiology and hcaltr. Only the
electron
signature' of the hcartbeat is transmitted and reccived within the biometric system.
characteristics of the heartbcat remainconstant, throughout life, unless they are disrupted
G
and altercd by illness or a serious cardiac cpisode such as a stroke or heart attack.

Odour The primary body odour of individuals has bcen studied to determine the
extent that it is distinctive and stable over time and potentially can be separated trom
other odours conveyed by the human body from sources such as soaps, perfumes, dict
and the cnvironment. Some discascs may disrupt or mask the primary odour. Animals
such as bcars and dogs have a very acute sense of smell and can track and trail hurmans
but the biometric application of odour requires the use of machine olfaction devices that
can detcct and capture human odours for subscqucnt analysis and classi fication as a
bionetric template. These acquisition techniques are contactless and unobtrusive and
consequently could be used with or without the consent or cooperation of the subject. lt
should be noted that odour biometric recognition is primarily a research subject and has
not yet proven to beeffective or practical in real applications.

Voice -A - -
person's voice i.e., the way they sound when they speak is the result of a
combination of distinctive physical attributes (such as the length of vocal cords and the
shape of the throat) and distinctive behavioural attributes (such as the accent with whicha
person speaks).
The human voice consists of 7 creates wave lengths that can be measured. The voice is
collected and analysed by software that employs artificial intelligence and machine
as
learning techniques to produce a vast array of data derived from factors such
modulation of speech, tones, accent, frequency etc. These elements enable the system to
create a reference template of the voice (known as a 'voice print' or 'voice model') that
can be used to authenticate the speaker in subscquent transactions. Similar technology is
a voice
applied to allow devices to understand, translate and interact with
command/question, for example, when talking to smart speakers, mobile devices,
domestic appliances, virtual assistants.
your business, and it can similarly
c) Your website could be among the greatest assets in
be a key vulnerability. All the effort you invested to generate traffic and promote your
security
brand online could end up in flames if you do not know the different network
covers the five common problems and
threats and their solutions. This three-minute read
how to fix them. programs, we
and all
1. Worms and viruses: We have all heard about these malicious core
systems, destroy
have fears. They usually attach to a host file or system then infect
Furthermore, they can infect
crucial information, and make your network inoperable.
networked systems and create
avenues for other advanced threats.
on your systems or devices. Also, you
The remedy is to install anti-malware solutions
should ensure that the software is up to date and implement protective
strategies for your
local and cloud resident information.
C&NS-93
 POPULAR PUBLICATIONS
2016s Harvard
Information cited by the Busine
2. Abuse of account privilegcs: of
all attancks are trom insiders. From
a whopping 60 percent
Review indicates that and intentional lcaks, to identity hone
mistakes to misuse of account privilcgeS
thel, orany
compromisc the sccurity of user account data individua
other engincering attack to problems.
are among your najor sccurity
your premises ternms of user acccss.
it
Inside
If You use POLP(policy of lcast privilcged) in is possible
can also mitigate the risk
case of such an attack. You to
minimize the damage in visibility, through
tools that allow context and
cndpoint auditing and monitoring Regardless of yourtireless cfforts, an attacker
3, Insufficient defence in
depth: Can
security. But it is the network structure that determines theextent sili
breach your network are at higher
structures risk once of
the damage. Organizations with open network
the
access to a trusted system.
attacker obtains unfettered
To avoid this, you should
structure your network with strong segmentation.
prevent them from This
scparates all thediscrete parts to slow down the attacker and acceing
the vital system as you address the threat. Even with the most reliable cyber-securiy
4. Insuficient IT security management:
threats since they lack enough skilled
solutions, most organizations may still face
As a result, you may miss crucial security alerts,
l
1Workforce to manage the rcsources well.
may not be countered early enough to minimize the damage.
and any successful attack
This avoidable threat can be dealt with by hiring enough skilled talent
fast
and secure your
partnering with reliable service providers to eliminate the risk systems,
5.
Ransomware: This is among the most unpredictable and feared thrcats, with overal
secure svet
business detection rising to 79% in 2018 alone. Attackers usually infect
encrypt data, and thrcaten to corrupt or delete the files if they are not paid some hef
ransom anonymously.
The necessary defensive strategies necessary for this threat include antivirus software,
updating your security patches, and teaching staf how they can identify phishing attacks
You also need a backup and recovery strategy to reduce the impact.
With these tips, you now understand what you need to recover and securc your network
systems.

8. Write short notes on the following:

a) Authentication Header WBUT 2017)
b) lpsec WBUT 2019)
Answer:
a)Authentication Header:
Authentication Header (AH) is a member of the IPSec protocol suite. AH guarantces
connectionless integrity and data origin authentication of IP packets. Further, it can
optionally protect against replay atacks by using the sliding window technique and
discarding old packets. In IPv4, AH prevents option-insertion attacks. In IPvó, A
protects both against header insertion attacks and option insertion attacks. In IPv4, the
mutabl
AH protects
the IP payload and all header fields of an IP datagram except for P
fields (i.e. those that might be altered in transit), and also IP options such as the
fields
Security Option (RFC 1108). Mutable (and therefore unauthenticated) IPy4 header

C&NS-94
 RYPTQGRAPHY &
NETWORK SECURITY

are DSCP/ToS, ECN, Flags, Fragment Offset,

TTL and Header Checksum. In IPv6, the
AHprotects most of the lPv6 basc header. AH itself. non-mutable cxtension
headers
for the IPv6 header excludes the mutable alte
the AH, and the TIP payload. Protcction
e
DSCP, ECN, Flow Label, and Hop
Limit. AH operates directly on top
protocol number 51. of IP, Using
The following AH packet diagram shows how an
AH packet is constructed and
interprctcd:

Auttentiation Hezder icrrn

Ofsels Oddu 0 4
0clel
Ely 101 234 SE17 8 9 1011 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 23 30
Paykad len
32
Secarty Paranehrs adex (SFI)
S4 er
Srquexe
36
ktegety Ceck Vale ()
!

Next Header (8 bits)

Type of the next hcader, indicating what upper-layer protocol was protected. The value is
taken from the list of IP protocol numbers.
Payload Len (8 bits)
The length of this Authentication Header in 4-octet units, minus 2. For example, an AH
value of 4 equals 3×(32-bit fixed-length AH fields) + 3x(32-bit ICV fields) and thus -2
an AH value of 4 means 24 octets. Although the size is measured in 4-octet units, the
length of this header needs to be a multiple of 8 octcts if carried in an IPv6 packet. This
restriction does not apply to an Authentication Header carriedin an IPv4 packet.
Reserved (16 bits)
Reserved for future use (all zerocs until then).
Security Parameters Index (32 bits)
Arbitrary value which is uscd (together with the destination IP address) to identify the
security association of the receiving party.
Sequence Nunber (32 bits)
A monotonic strictly increasing sequence number (incremented by for every packet 1

sent) to prevent replay attacks. When replay detection is enabled, sequence numbers are
never reused, because a new security association must be renegotiated before an attempt
to incremnent the sequence number beyond its maximum value.
Itegrity Check Value (multiple of32 bits)
Variable lengths check value. It may contain padding to align the field to an 8-octet
boundary for IPv6, or a 4-0ctet boundary for IPv4.

b) Ipsec:
IPSec, is a framework of open standards (from IETF) that define policies for secure
communication in a network. In addition, these standards also describe how to enforce
these policies.
C&NS-95
 POPULAR PUBLICATIONS
machines) can achieve
pecrs(computers or network layer
Using lPSec. participating authentication at the (1.e. Layerda
data RFC 2401 3o
confidentiality, data inegrity, and 7-laycr networking
model).
specities
Interconncction the
the Open Systems systems.
IPsec compliant various security
base architecture for architecture is to provide also services
This RFC says that "the goal
of the cnvironments." Sce RFC2402, fo
both the IPv4 and
IPvó RFC
tratic at the lP layer, inmore details on IPScc.
2406 and RFC 2407 for provide interoperable, high quality, cryptographically.
The main purpose of IPSec is
to security services at the 1P layer
It offers various
lPv4 and IPv6. and
based security for (i.e. IP) and higher laycrs. These security services
at this are,
therefore, offers proection connectionless integrity, data origin authenticaion,
for examplc, access control, sequence integrity), confidentialiy
form of partial
protection against replays (a
(cncryption), and limited traffic flow confidentiality.
mode (host-to-host) and Tunnel Mode
IPSec has two different modes: Transport
or Gatevway-to-host). In transport mode, the payload
(Gateway-io-Gateway is
is left intact) and the end-host (to which, the IP packet addressed)
is
cncapsulated (header
is entirely encapsulatcd (w
decapsulates the packet. In the tunnel mode, the lP packet
new IP header, decapsulates the
ney header). The host (or gateway), specified in the
no necd for client software to run on t
packet. Note that, in tunnel mode, there is
gateway and the communication between clienl sysiems and gateways are not protected,
IPSec standard supports the following features:
AH (Authentication Header) that provides authenticity guarantee for transpornet
packets.. This is done by check-summing the packages using a cryptagraphic
algorithm.
ESP (Encapsulating Security Payload) that provides encryption of packets.
IPcomp (IP payload compression) that provides compression before a packet is
encrypted.
IKE (Internet Key Exchange) provides the (optional) means to negotiate keys in
secrecy.

7. What are the problems associated with clear text passwords?

[MODEL QUESTIONJ
Answer:
When a password is transmited in clear text, it is vulnerable in many ways:
1. The password is available on
the wire. As the password is transmitted over
wire, tools such as packet sniffers or network analyzers can casily monitor he
traffic and intercept passwords as they're sent
between computers.
2. The password is available in browsing history.
Most web browsers provide
navigation to previous pages, with content locally
cached for performance:as
well ba
as ease of use relatively
for the user. These pages are
stored in memory and are
easy to examine.
3. The password is readable on web proxies.
Many larger corporations, as
internet service providers, offer web proxies
to allow faster downloads as
well as t
some levelof anonymity for web users.

C&NS-96
 CRYITOGRAPHY &
NETWORK SECURITY

8. a) What are the different sub-protocols definod by SSL? Explain one of them.
b) How can a Digital Certificate bo vorifiod? [MODEL QUESTIONJ
Answer:
a) 1" part:
Different sub-protocols defined by SSL:
Handshake: This sub-protocolnegotiates session information between the client and the
server. The session information includes the session ID, the
comprcssion algorithm to be
used, and a sharcd secret used to generate keys.
Change Cipher Spee: This sub-protocol consists of a single message to tell the other
party in the SSL session, who is known as the pcer, that the sender wants to change to a
new set of encryption keys. The keys are computcd from the information that is
eschanged by the Handshake sub-protocol.
Alert: This sub-protocol generates error messages as well as status alerts. Alerts are
commonly scnt when the connection is closcd, an invalid message is received, a message
cannot be decrypted or the uscr cancels the operation.

2nd part:
SSL handshake protocol is very effective for clients and server complete the mutual
authentication, the main process is as follows:
(1) the client's browser to the server sending the client SSL protocol version number, the
type of encryption algorithm to generate random numbers, and other communications
between servers and clients all the information needed.
(2) SSL server sent to the lient protocol version number, the type of encryption
algorithm, random number and other relevant information to the client while the server
will send its own certificate.
(3) customers using the server information transfer over the legitimacy of the
authentication server, the server's legitimacy, including: the certificate is expired, the CA
issued the server certificate is reliable, the public key of the certificate issuer server
ccrtificate can correctly solve the "issuer digital signature ", the server certificate on the
domain name is the actual domain name and server match. 1f the legitimacy of
verification does not pass, communication will be disconnected; if legitimacy is
validated, will continue to the fourth step.
(4) client generates a random back communications for the "symmetric key", and then
use the server's public key (the server's public key from the steps of the server's certificate
(2) obiained) for its encryption, and then encrypted the "pre-primary password "pass the
Server.
(5) If the server requires a clicnt's identity authentication (Zai handshake Zhongwei
optional), the user can create a Sui Jishu and its Jinxing Shujuqianming to incorporate the
Han You signed random number and the customer had their own certificates, and Jia Mi's
"pre-primary password "pass with the server.
(6) If the server requires client authentication, the server
nmust verify client certificate and

the signature of random numbers of legitimacy, the legitimacy of the specific validation
process includes: customers use the date the certificate is valid, the CA certificates to
can
provide Customers with the reliability issue of CA, client certificate public key
C&NS-97
 POPULAR PUBLICATIONS

signature, check whcther the client certificale

of CA's digital
correctly solve the issue If you do not pass inspection, communication in
(CRI.) in.
the certificate revocation list validatcd, server will be encrypted with their private
is the
immediately intemupted; If it and thcn perforns a series of steps to produce the
password"
key unlock the "pre-master will also be produced
by the same method
pnmary communication code (the client he
same main communication password). code" a symmetric
client with the samc master password that is the "cal!
(7) server and secure data communications
encryption communication.
key for the SSL. protocol for
SSL communications at the same time to
complete the process of data communication
communications to, prevent any changes.
but also the integrity of data
(8) client send a message to the server, specify the
data communication will be used later
symmetric key, also informed the process
in step (7) of the master password for the
server hands the client end.
server a message to the client, specify the data communication will be Used Lor.
(9) send
in step (7) of the master password for the symmetric key,
notify the client servs.
handshake proccss is completed.
secure channel for data communicatione
(10) SSL handshake part of the end, SSL
communication
customers and the server to start using the same symmctric key for data
and to communicate the integrity of the test.

b) To verify the identity of people and organizations on the Web and to

ensure content
integrity, Internet Explorer uses industry-standard X.509 V3 digital certificates.
Certificates are electronic credentials that bind the identity of the certificate owner to a
pair (public and private) of electronic keys that can be used to encrypt and sign
information digitally. These clectronic credentials assure that the keys actually belong to
the person or organization specified. Messages can be encrypted with cither the public or
the private key and then decrypted with the other key.

Each certificate contains at least the following information:

Owner's public key
Owner's name or alias
Expiration date of the certificate
Serial number of the certificate
Name of the organization that issued the certificate
Digital signature of the organization that issued the certificate

Certificates can also contain other user-supplied information. including a postal

an e-mail address, and basic registration information, such as the country or region,adar
pos
code, age, and gender of the user.
Certificates form the basis for secure communication and authentication
client and server
on the Web. We can use certificates to do the following:
Verify the identity of clients and servers on the Web.
Encrypt channels to provide secure communication betwveen clients and servele

C&NS-98
 CRYTOGRAPHY &
NETWORK SECURITY

Encrypt messages for secure Internet c-mail communication.

Verify the sender's identity for Internct e-mail messages.
Put your digital signature on cxccutable code that users can download from the Web.
Verify the source and integrity of signcd cxccutable code that uscrs can download from
the Web.

9. Write short notes on the following: [MODEL QUESTION]

a) Kerberos
b) Secure Electronic Transaction (SET)
Answer:
a) Kerberos:
Kerberos is a secure method for authenticating a request for a service in a computer
network. Kerberos was developed in the Athena Project at the Massachusetts lInstitute of
Technology (MIT). The name is taken from Greek mythology; Kerberos was a three
headed dog who guarded the gates of Hades. Kerberos lets a user request an cncrypted
"ticket" from an authentication process that can then be used to request a particular
service from a server. The user's password does not have to pass through the network. A
version of Kerberos (client and server) can be downloaded from MIT or we can buy a
commercial version.
Briefly and approximately, here's how Kerberos works:
1. Suppose we want to access a server on another computer (which we may get to by
sending a Telnet or similar login request). We know that this server requires a
Kerberos "icket" bcfore it will honor our request.
2. To get our ticket, we first request authentication from the Authenticatión Server
(AS). The Authentication Scrver creates a "session key" (which is also an encryption
key) basing it on our password (which it can get from our user name) and a random
value that represents the requested service. The session key is effectively a "ticket
granting ticket."
3. We next send our ticket-granting ticket to a ticket-granting server (TGS). The TGS
may be physically the same server as the Authentication Server, but it's now
performing a different service. The TGS returns the ticket that can be sent to the
server for the requested service.
4. The service either rejects the ticket or accepts it and performs the service.
5. Because the ticket we received from the TGS is time-stamped, it allows us to make
additional requests using the same ticket within a certain time period (typically, eight
hours) without having to be reauthenticated. Making the ticket valid for a limited
time period make it less likely that someone clse will be able to use it later.
b) Secure Electronic Transaction:
Secure Electronic Transaction (SET) is a system for ensuring the security of financial
transactions on the Internet. It was supported initially by Mastercard, Visa, Microsoft,
Netscape, and others. With SET, a user is given an electronic wallet (digital certificate)
and a transaction is conducted and verified using a combination of digital certificates and
digital signatures among the purchaser, a merchant, and the purchaser's bank in
a wav

C&NS-99
 POPULAR PUBLICATIONS Netscape's Secure Sockets
makes use of
confidentiality. SET Technology (STT), and Terisa System's
that ensures privacy and Transaction not all
Microsof's Secure SET uses some but aspects of a
Layer (SSL). Protocol
(S-HTTP).
Secure Hypertest Transfer how SET works:
key intrastructure (PKI).Here's
browser such as Netscapc a or MicrOSof':
public a SET-enabled has SET-enabled
Assume that
a customer has
provider (bank, store, elc.)
the transaction
Intenet Explorer and that account. Any issuer of a credit
server. or Visa bank
opens a Mastercard
1. The customer
tile functions as a
card some kind of
bank. This elcctronic
a digital certificate.
2. The customer receives transactions. It includes a public
purchases or other
credit card for online a digital switch to the bank to
has been through
key an cxpiration date. It
with
ensure its validity. bank. These certificates
receive certificates fron the
3. Third-party merchants also key.
merchant's public key and the bank's public meane
include the
an overa Wcb page, by phone, or some other
4. The customer
places order merchant's certicua
customer's browser receives and confims trom the
5. The
that the merchant is valid. message is encrypted with the
sends the order infor:nation. This
6. The browser the
public kcy, the payment infornation, which is encrypted with
merchant's that
(which cant be read by the merchant), and information
bank's public key
particular order.
ensures the payment can only be used with this
7. The merchant verifies the customer by checking the
digital signature on the
customer's certificate. This may be done by referring the
certificate to the bank or
to a third-party verifier.
8. The nerchant sends the order message along to the bank. This
includes the bank's
cant
public key, the customer's payment information (which the merchant
decode), and the merchant's certificate.
9. The bank verifies the merchant and the message. The bank uses the digital
signature on the certificate with the message and verifies the payment part of the
message.
10. The bank digitally signs and sends authorization to the merchant, who can then

fillthe order.

C&NS-100
 CRYITOGRAPHY& NETWORK SECURITY

ELECTRONIC MAIL SECURITY

Short Answer Type Qucstions
1. What is S/MIME? [WBUT 2018]
Answer:
Secure/Multipurposc Internet Mail Extension is sccurity enhancement to MIME e-mail
standard format based on tcchnology from RSA Data Security. MIME is based on
traditional e-mail format standard RFC 822.

What is RFC 822.

2. (MODEL QUESTION]
Answer:
It is Internet email transnission protocol or SMTP.
Supports only 7bit ASCITcharacters-simple text messages (English only)
Defines format for text messages sent using e-mail
Messages are viewed as having an envelope and content
Envelope contains information for transmission
Contents is the object to be delivered
Content standard includes set of hcader ficlds used for creating envelope
Message consists of hcader lines followed by unrestricted text.

What are the problems with normal SMTP?

3. (MODEL QUESTION]
Answer:
Do not support executabie or binaryy files.
Cannot transmit "Latin" like other language.
SMTP servers may reject mail over a certain_size.
No proper mapping when ASCII translate EBCDIC
No non-textual data handling.
Problems in writing (deletion/addition/reordering/truncating etc.)
[MODEL QUESTIONI
4.What is MIME?
Answer:
Stands for Multipurpose Internct Mail Extensions
It is an extension to simple basic text messages(RFC822)
8-bit binary data encoding capability(both ASCIl and
Non-ASCII)
can support images, sounds, movies, computer programs, multimedia.
L 5 new hcader fields are added such
as (MIME-version, Content-Type, Content-ID,
Content -Description, Content-transfer-encoding)
Content type - seven major- types and total of fifteen
a subtypes
across the largest
Content transfer encoding objective is to provide reliable delivery
range of environments
Content id - used to identify MIME entities uniquely in multiple
contexts
Content description - text description of the object with the
body

C&NS-101
 POPULARPUBLICATIONS
[MODEL
aUESTIO
RFCfor MIME?
5. What is the
mnemoranda: RFC 2045, RFC 2046.
RFC
Answer: specificd in sis linked define the specifications.RFC2041,
MIME is 2049, which together
4289 and RFC
RFC 428S, RFC
[MODEL
Functionalities aUESTIOH
6.What are the SIMIME
Answer:
to sign and encrypt messages.
SMIME has ability content and encryption keys
for one or more
recipients
- encrypted
Enveloped data encrypted using private key of
- message digest of content is sender, Contert
Signed data
are then encoded
and signature digital signature isencoded.
Clear-signed data - only the -
signed-only and encrypted-only entities may be nested
Signed and enveloped data

used in S/MIME? MODEL QUESTION

7. What are the
cryptographic algorithms
Answer: algorithms
SMIME incorporates threc cryplographic
digital signature
Digital Signature Standard (DSS)- for
are ElGamal, RSA)
Diffic-Hellman - for encrypting session keys (altematives
SHA-1 for creating message digest
-
Triple DES for message encryption
-
HMAC with SHA-| for message authentication code

8. What is the user role in S/MIME? [MODEL QUESTION)

Answer:
Key generation, Registration and Certificate storage and retrieval.

9. What are the key requirements of message digest? [MODEL QUESTION)

Answer:
A message digest or hash function is used to turn input of arbitrary length into an outpu
of fixed length, which is called the digest or hash of the input. This output can then be
used in place of the original input. This has many advantages. Theoutput always has the
same length, so this can be taken into account when processing or storing the messag*
digest. Also, the output is much shorter than the input, so that processing and storing can
be done much quicker.
The most common cryptographic hash function is MDS. MDS was designed by wel
in
known cryptographer Ronald Rivest in 1991. In 2004, Some serious flaws were found
MDS. The complete implications of Another
these flaws has yet to be determined.
popular hash function is SHA-1.
To make hash functions work, they should
have two properties:
Given a particular message digest, it has the
should be very difficult to find an input that
same message digest.
It should be very difficult to find two inputs
that have the same message diges

C&NS-102
 CRYITOGRAPHY &
NETWORK SECURITY

10. Taking g=ll, n=19 and assuming values for

A and B, find
the value of K
(symmetric key) by Diffie-Heilman Algorithm and prove that the algorithm is abio to
maintain security. [MODEL QUESTION]
Answer:
Here. g =ll, n/p=19
Let choosc r= 2, '=4

..a- =11 mod|9-7

mod p

h=g'mod =11 mod 19 =||

p

.k =h'modp =11 mod19 =7

k. =a' mod
p
=7* mod19 =7
:k, =k, =k
Long Answer Type Questions
1. Why does PGP generate a signature before applying compression? [WBUT 2018]
Answer:
SMIME and PGP both provide "sccure emailing" but use distinct encodings, formats,
user tools, and hcy distribution models.
SIMIME builds over MIME and CMS. MIME is a standard way of putting arbirary data
into emails, with a "type" (an explicit indication of what the data is supposed to mean)
and gazillions of encoding rules and other interoperability details. CMS
means
"Cryptographic Message Syntax": it is a binary format for encrypting and signing data.
CMS relies on X.509 certificates for public key distribution. X.509 was designed to
support top-down hierarchical PKI: a small number of "root certification authorities"
a user
issue (i.e. sign) certificates for many users (or possibly intermediate CA);
certificate contains his name (in an email context, his email address) and his public key,
an cmail to Bob will use Bob's
and is signed by a CA: Someonc wanting to send
so that only Bob will be able
certificate to get his public key (needed to encrypt the email,
to read it); verifying the signature on Bob's certificate is a way to make
sure that the
binding is genuine, i.e. this is really Bob's public key, not
someone else's public key.
PGP is actually an implementation of the Opcn PGP standard (historically,
Open PGP
was defincd as a way to standardize what the pre-existing PGP software did, but there
now are other implementations, in particular the free opensource GnuPG). Open PGP
to CMS) and encoding
defines its own encryption methods (similar in functionality
formats, in particular an encoding layer called "ASCII Armor" which allows binary
data
to travel unscathed in emails (but you can also mix MIME and OpenPGP). For public key
you can view that as a decentralized PKI
distribution, Open PGP. relies on Web of Trust:
is redundancy: you
where everybody is a potential CA. The security foundation of WoT an
can trust a public key because it has been signed by many people (the idea being that if
attacker "cannot fool cverybody for a long time").

C&NS-103
 POPULAR
PUBLICATIONS
PGP and S/MIME, WBUT
2. Compare managoment in 2018)
Answer: and contrast key
PGP stands pretty goodIprivacy. intcrnet mail extcnsion.
is for the securcd/multipurpose
S/MIME for the the PGPaand S/MIME
Followingtable is stands betwecn
describe the diflerence S/MIME
PGP S/MIME is also string standard but
PGP is in S/MIME. there
the
strong standard.
encryption sorne (laws is
Elgamal digital. signature is used.
Diffic hellman 1024 public keys in S/MIME.
digital signature is used. There is
Therc are 4096
But S/MIME is used EMAIL services
PGP.
It
public keys in
also uscd in virtual networks. digital certificate standard only.
The digital certificate private t PGP is PGP.
The
in S/MIMIE
standard in X.S09.

3. Write short notes on

the followIng*
a) PGP WBUT 2015])
b) SIMIME WBUT 2017, 2019)
Answer:
a) PGP:
or andfamily
PGP
is aof sofware
similar products
svstems developed by Philip R. Ziminermann.
follow the OpenPGP standard (RFC
4880) (or encrypting and
decrypting data. Pretty Good Privacy (PGP) is a data encryption and decryption computer
program that provides cryptographic privacy and authentication tor data communication
PGP is often used for signing, encrypting and decrypting texts, -mails, files, directories
and whole disk partitions to increase the security of c-mail communications:
Open PGP provides data integrity services for messages and data files by using these
core technologies:
digital signatures
encryption
compression
Radix-64 conversion
In addition, OpenPGP provides key management and certificate services.

Confidentiality via Encryption

OpenPGP combines symmetric-key encryption and public-key
encryption to provide
confidentiality. When made confidential, first the object is encrypted
using a symmetnt
encryption algorithm. Each symmetric key used only once, for a
is
"'session key" is generated as a random number for each
single object. A ne
a session). Since it is used only once, obiect (sometimes referred 1o 25
with
the session key is bound to
the messag and
transmitted it. To protect the key, it is encrypted with The
the receiver's public key.
sequence is as follows:
1. The sender creates a message.
The sending Openfor generates a random
number to be used as a session N
this message only,

C&NS-104
 RYPTOGRAPHY &
NETWORK SECURITY

1
The session key isencrypted using cach recipient's public key.
These "cncrypted session kcys" start the message.
The sending OpenPGP encrypts the message using the session kcy. which forms the
remainder of the message. Note that the message is also usually cornpressed.
5. The recciving OpenPGP decrypts the session key using the recipient's private key.
6. The receiving OpcnPGP decrypts the message using the session key.
Ifthe message was compresšed. it will be decompressed.
Authentication via Digital Signature
The digital signature uses a hash code or message digest algorithm, and a public-key
signature algorithm. The sequence is as follows:
1. The sender creates a message.
2. The sending software generates a hash code of the message.
3. The sending software generates a signature from the hash code using the sender's
private key.
4. The binary signature is attached to the message.
5. The receiving software keeps a copy of the message signature.
6. The receiving software generates a new hash code for the received message and
verifies it using the message's signature. If the verification is successful, the message
is accepted as authentic.

Compression:
Open PGP implementations SHOULD compress the message after applying the signature
but before encryption.

b) S/MIME:
Messages
SIMIME secures a MIME entity by signature and /or encryption
MIME entity may be entire message or one / more subparts ofa
message
a
MIME entity along with related security data are processed to produce PKCS object
to be sent is
which is treated as message content and wrapped in MIME. Message
converted into canonical form (i.e., a format appropriate to the content typc, that is
standardized for use between systems)
in an outer MIME
Resultant message (after applying security algorithm) is wrapped
message and transfer encoding applied.

Enveloped data (MIME entity) or tripleDES).

Generate a pseudorandom session key for symmetric encryption (RC240
a block Recipientinfo
Encrypt session key with recipient's public RSA key. Prepare
an identifier of algorithm
containing an identifier of the recipient's public-key certificate,
message content with
used to encrypt session key and encrypted session key. Encrypt the
the session key. Encode the entire object

C&NS-105
 POPULARPUBLICATIONS

private kcy is uscd| to recover session

Receier 's end: cncoding. Recipicnt's
ofTthe
Rccipient first geis rid
key. with session key.
decryptcd
Finally message content is
message digest, or hash
or MD5). Compute
Signed data algorithm (SHA
Sclect message digest message digest with signer's privatc key.
Encrypt
function. of the content to
be signcd.
signer's public key certificate, identifier of
Info containing used to encrypt message
Preparc a block Signcr identifier of encryption algorithm
message digest algorithm. cntity consists of a series of blocks.
Signed data
digest and the encrypted messuge digest
algorithm identifier, message being signed and Signer
Infot
including a messagc digest
may also include a set of public
key certificates. content type with a siøned
achicved using multipart
signing is
This is then encoded. Clear
subiype
entity is used to transfer a
Registration request - the application/pkcs10
S/MIME
certificate).
certification request (for public-key
message containing only certificates
or a certification
Certificates-only message -
response to registration requcst.
revocation list can be sent in

C&NS-106
 CRYITOGRAPHY& NETWORK SECURITY

FIREWALL
Very Short Answer Type guestions
a WBUT 2014, 2016, 2019]
4 Firewall is a speclallzed form of
a) Bridge b) Switch c) Network d) Router
Answer: (d)
[WBUT 2018]
2. Firewall should be situatod
a) inside a corporato network
b) outside a corporate network
c) between a corporate network and the outsido word
d) none of the above
Answer: (c)
WBUT 2023]
3, Types of firewall are or both
Answer: Software firewalls, hardware firewalls,
(WBUT 2023]
4.Define firewall.
Answcr: and blocking cyber threats
A Firewall is a barrier between two networks identifying
while allowing appropriate traffic through.
[WBUT 2023]
5. A proxy gateway is a
Answer: requests and forwards them to endpoints that
Service gateway that receives web service
you definc in proxy groups.

Short Answer Type guestions

diagram. WBUT 2015]
Discuss different types of firewall with neat
1.
OR,
What are different types of firewall? Briefly explain
working principle of each.
[WBUT 2017]

Answer:
There are sevcral classifications of firewalls depending on:
between a single node and the
Whether the communication is being done
network, or betwcen two or
more networks.
at the network layer, or at the
Whether the communication is intercepted
application layer. at the firewall or not.
Whether the communication state is being tracked
depending on whether the firewalls keep track of the state of network
Similarly,
two categories of firewalls exist:
connections or treats cach packet in isolation,
C&NS-107
 POPULAR PUBLICATIONS

Stateful firewalls
a destination
Statcless firewalls a source to based on
limits nctwork infomation from port and the
A
stateful ) Sirewall address, source TCP/UDP destinaticn
source IP content and chcck for protocol
destination 1P address. can also inspcct date
TCP/UDP port. Stateful fircwalls
much bctter cquipped than proxy filter or
a
a stateful firewall is A proxy filter
anomalies. For Cxample,. denial-of-scrvice attack.
or paclet
filter is
a
packet filter to detcct and stop BecauSC
detcctig such an attack.whcther it the
source
of and
ill-equipped and incapable through is legitimate or an
data is permitted
destination address are valid, the illustrates the inspection depth of a stateful
attempted hack into the network. Figure 4 of the OSI model, which is the transport
firewall. Packets are innspected upto Layer anomalics.
Therefore, stateful firewalls are able to inspect protocol
layer. OSI Reference
Application
Presentation
Session

DATA Transport
IP Source IP Destination
Nework
Stateful Inspection
Datu Link
Traftic
Plhysical

Fig: Stateful Firewall

information packets that are

Basically. a stateless firewall permits only the receipt of
are trustcd. A statcless firewall
based on the source's address and port from nctworksthat A
was introduced to add more flexibility and scalability to network configuration.
on source and destination address.
stateless firewall inspects network information based
a or stateless firewall. Packets are
Figure illustrates the inspection depth of packet filter
stateless
inspected up to Layer 3of the OSI model. which is the network layer. Therefore,
source and
firewalls are able to inspect source and destination IP addresses and protocol
destination ports. OSIReference

Application

Presentaton
Session
IP Source IP Destnation DATA Transport
Network
Packet Filter
Traflic Data Link

Physical

Fig: Stateless Firevall

of
In reference to the layers where the traffic can beintercepted, the following categories
firewalls exist:

C&NS-108
 CRYPTOGRAPHY &
NTWORK SECURITY

Network layer firewalls

Application layer firewalls.
ose network-layer and application-layer types of firewall may overlap, even
though the
personal firewall docs not serve a nctwork: indeed, single systems have implemented
both together.
Nevork Layer Firewall
Nevork layer fircwalls operate at a (relativcly)low levcl of the TCP/IP protocol stack as
IP-packet filters, not allowing packets to pass through the firewall unless they match the
les The firewall administrator may deline the rules: or default built-in rules may apply
(as in sone inflexible firewall systems). A more pcrmissive sctup could allow any
packet
a nass the filter as long as it does not match one or more
"negative-rules", or "deny
rules"
Application Layer Firewall
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all
browser traffic, or all telnct or fip traffic), and may intercept all packets traveling to or
from an application.

2. What are three main actions of a packet filter? [WBUT 2018]

Answer:
Packer Fillers
Inpacket filters some rules are stored previously and whenever any packet comes from
outside it applies those set of rules to incoming packet and on basis of rules it decides
whether give permission for go inside or discard the packet. They also apply same action
if packets are going outside from inside. Packet filters are also known as screening filter
or screening router. Now you might be thinking that on which basis set of rules are
defined. So let me tell you that set of rules are defined on basis of number of fields in
internet protocol and tcp(transmission control protocol) or udp(user datagram protocol)
header. Packet filters are extremcly fast during their operating speed. In this way packet
filters are providing protection to the local system or private networks from outside
network. But there is one disadvantage is that setting up rules is too difficult.

3.What is Firewall? Differentiate between Packet filters and Application Gateways.

[WBUT 2019]
Answer:
I" Part:Refer to Question No. 1(1st Part) of Long Answer Type Questions.
2nd Part:
In reference to the layers where the traffic can be intercepted, the following categories of
firewalls exist:
Network layer firewalls
Application layer firewalls.
Kefer to Question No. I of Short Answer Type Questions.

C&NS-109
 POPULAR PUBLICATIONS
any one types
of firowall and describ0 of firewall
WBUT
4. Explain the technical dotails 2023)
with neat diagran1.
Answer: ofLong Answer 7ype Ouestions.
T"Part: Refer to Questions No. l of Short Answer Tpe Qtestions,
No. I
4 art: Refer to Questions
and trUsted
devices In
firewall
5. What moan by trustod servlce
do you [MODEL QUESTIONI
configuration?
Answer: are specificd to pass through the firewa. Examples
list
The of allowcd services those Trusted devices allow access to your
SSH, Telnet. system
include: Www(HTTP), FTP,
for example ethernet0.
for alltraffic from that devicc,

Long Answer Type guestions

WBUT 2014, 2017)
What is firewall?
1. [WBUT 2014]
What are the different types of firewall? WBUT 2014, 2017
State the limitations of firewall.
Answer:
1" Part:
A firewall blocks traffic to all except Trusted lnternal Network
authorized ports on a computer, thus IP: 192.168.0.0/24
even
restricting access. A stateful firewall is IFACE: ethl
more cautious about what it permits through, 1P. 192.168 0.2

and the most cautious system administrators

a
often combine a proxy firewall with packet FIREWALL
filtering firewall to crcate defense in depth.
Most home users would use a softwarc IFACE eth0
firewall, while some high risk servers and IP 194.236.50.1 55

computers might need a hardware firewall. By

Internct
inspecting all packets for improper content.
firewalls can even prevent the spread of the
likes of viruses.

2nd Part: Refer to Question No. l of

Short Answer Type Questions.

3rd Part:
A firewall cannot protect against:
malicious insiders
connections that circumvent it
completely new threats
Some viruses
the administrator that does not correctly set it up

C&NS-110
 CRYPTOGRArHY &
NETWORK SEÇURITY

following:
2. Write short notes on the
Firewall WBUT 2017, 2018]
a) Network (WBUT 2018, 2019]
b) DMZ
Answer:
Firewal: Refer to Question I ofLong Answer Type Questions.
No.
a)

b) DMZ Network:
ets in the DMZ are pcnnitted to have only linited connectivity to specific hosts in the

intemal network, as thc content of DMZ is not as sccurc as the internal network.
Similarly communication between hosts in the DMZ and to the external network is also
icted, to make the DMZ more secure than the Internet,toand suitable for housing both
these
the
snecial purpose services. This allows hosts in the DMZ communicate with
ioemal and external network. There are two basic configuration exists for a DMZ :
single firewall or three legged model and dual firewall.
In a threc legged model the external network is formed from the ISP to the firewall
on the
first network interface, the internal network is formed from the second network interface,
and the DMZ is formed from the third network interface. The firewall becomes a single
oint of failure for the network and must be able to handle all of the traffic going to the
DMZ as well as the internal network.
in dual firewall approach two firewalls are used to create a DMZ. The first firewall or
front-end or perimeter firewall must be configured to allow traffic destined to the DMZ
only. The second firewall (also called "back-end" or "internal" firewall) only allows
traffic from the DMZ to the internal network.

3. Write short notes on the following:

a) Application firewalls (MODEL QUESTION]
b) Packet filtering [MODEL QUESTION]
Answer:
a) Application firewalls:
Application-layer firewalls are aware of certain applications, such as the Web, SQL, and
e-mail. Also, these multi-talented firewalls prohibit direct connections from the Internet
to your servers by acting as a proxy between the applications you serve (Web, E-mail,
FTP, ete.) to the rest of the wired world.
An application-level firewalls' excellence is in going deep into a packet's application
payload on a session level. Deciding before your sever receives each packet, whether the
data portion of the packet is a normal part of a TCP/IP conversation, or malformed and
part of a virus or a known
exploit.
An application-layer filter is essential when it comes to Wcb, e-mail, and SQL servers,
Which are high profile targets for application cxploits. The firewall makes decisions at the
application level before the server sees the malformed command. lt inspects and passes
normal SMTP commands but stops spammers cold when they try to verify
your e-mail .In addition, Web and enumerate
application filtering on some of the best application-layer
devices (Firewall ING-Check Point, Symantec Enterprise Firewall - Symantec and ISA -
Microsoft) easily blocks the latest URL string patterns and Unicode
expressions, which is
C&NS-111
 POPULAR PUBLICATIONS seem
dircctory traversal attacks
that to pop up every
nasty
a
nicc defense against thosc no trafGc directly
servers, which permit betwcen
other month. running proxy of traffic passing
These generally are hosts and auditing through
perform elaborate loggingcomponents running on thefirewall,
networks, and which it is
proxy afpplications are softwarecontrol. Application layer firewalls can
them. Since the
of logging and access goes one side and out the other, be
a
good place to do lots since traflic
in after
used as network address
translators, eflectively masks the origin of the initiating
application that
having passed through an way in some cases
may impact performance
and
spplication in the firewalls such as
connection. Having an Early application layer those
may make the firewall less transparent. iransparent to end users
are not particularly and may
built using the TIS firewall toolkit, firewalls are often fully transparent.
Modern application layer
require some training. provide more detailed audit
reports and tend to cnforce
Application layer firewalls tend to
network layer firewalls.
more conservative security models than

b) Packet filtering: a network. In practice thax

of rules defining the security policy of
A packet filter is a set
IP or transport layer headers. Any ficld ofh
rules are bascd on the values of fields in the common ones are:
a but the most
IP or transport hcader can be used in firewall rule,
on
filter thesource address. For example, a company may dccide to discard all
souree
packets received from one of its conmpetitors. In this case, all packets whose
address belong to the competitor's address block would be
rejected
flter on destination address. For example, the hosts of the research lab of a company
may receive packets from the global Internet, but not the hosts of the financial
department
filter on the Protocol number found in the IP header. For example, a company may
only allow its hosts to use TCP or UDP, but not other, more experimental, transport
protocols
filter on the. TCP or UDP port numbers. For example, only the DNS server of a
company should be received UDP segments whose destination port is set to 53 or
only the oficial SMTP servers of the company can send TCP segments whose source
ports are set to 25
A simple router is the traditional network layer firewall, siuce it is not
able to make
particularly sophisticated decisions about what a packet is actually
talking to or where it
actually came from. Modern network layer firewalls have
become increasingly
sophisticated, and now maintain internal information
about the state of connections
passing through them, the contents of some the data streams.
firewalls tend to be very fast and
of and so on. Network layer
tend to be very transparent to users.

C&NS-112
 CRYITOGRAPHY & NETWORK SECURITY

QUESTION 2016

Group
-A
(Multiple Choice Type Questions)
+
Choose the correct altermatives for the following:
D Interceplion is an atlack on

a) availability Vb) confidentiality c) authenticity d) integrity

a If the recipient of message has to be satisfied with the identity of the sender, the principle of
comes into picture.
a) confidentiality Vb) authentication c) integrity d) access control

i) The four primary security principles related to a message are

Va) confidentiality, authentication, integrity and non-repudiation
b) confidentiality, access control, non-repudiation and integrity
c) 2uthentication, authorization, non-repudiation and availability
d) availability, access control, authorization and authentication

N) Conversion of cipher text into plain text is called as

a)encryption b) decryption c) cryptography d) cryptanalyst

v) Firewall is a specialized form of a

a) bridge b) disk c) printer Vd) router

vi) In substitution cipher, which of the following happens?

Va) characters are replaced by other characters b) rows are replaced by columns
c) columns are replaced by columns d) none of these

Vi) There are rounds in DES.

a) 8 b) 10 c) 14 Vd) 16

vi) DES encrypts blocks of bits.

a) 32 b)56 Vc) 64 d) 128

ix) In which attack, there is no modification to message contents?

c) both of these d) none of these
a) passive b) active

x) A worm modify a program.

Va) does not b) does c) may d) may or may not

C&NS-113
 POPULAR PUBLICATIONS

Group-D
Questions)
(Short Answer Type
diffusion and
confusion?
2 What is the difference between No, 3.
S\NIMETRIC KEY ALGORITIIM, Short Answer lype Qucstion
Ser Topic:

that a digital signature should have?

3 What are the properties
See T'opic: AS\MMETRIC KEY
ALGORITIIM, DIGITAL SIGNATURE AND RSA, Short
Answer
Type Question No. 4.

to the security of a message.

4 a) Discuss about the four basic principles related
b) What iS availablity?
a) Sce Topic: ATTACKS ON COMPUTERS &
COM1PUTER SECURITY, Long Answer
Type
Question No. 2(a).
h) See Topic: ATTACKS ON CONMPUTERS &
COMPUTER SECURITY, Short Answer
Type
Question No. 6.

5 Explain ihe key generation process in DES.

See Topic: STMMETRIC KEY ALGORITHM, Short Answer Type Question No. 4.

are the problems with symmetric key encryption?

6. What
See Topic: SYMMETRIC KEY ALGORITIM, Short Answer
Type Question No. 5.

Group-C
(Long Answer Type Questions)
7 a) Wnat is a worm? What is the difference
between Worm and Virus?
b) What are the key principles
of security?
c) What is DOS (denial-of-service
attack)?
d)What do you mean by network security?
Explain with a suitable model.
a) See Topic: ATTACKS ON CONIPUTERS
& COMMPUTER SECURITY,
Question No. 1. Long Answer Type
b) See Topic: ATTACKS
ON COMPUTERS & COMPUTER
Question No. 2(a). SECURITY, Long Answer Tpe
c) See Topic: ATTACKS
0N COMPUTERS & COMPUTER
Question No. 3. ŠECURITY, Long Answer Type
d) Sce Topic: INTERNET
SECURITY PROTOCOLS,
Type Question No. 2. USER AUTHENTICATION,
Long Answer

8.
a) What do you mean by
asymmetric key encryption?
b) What is the difference Explain.
between symmetric key
c) Describe CBC mode encryption and asymmetric key encrypUo
of encryption process.
a) See Topic: ASYMMETRIC What is Initialization Vector?
KEY ALGORITHM,
Answer Type Question No. DIGITAL SIGNATURE AND RSA, Short
5.

C&NS-114
 CRYPIOGRAPHY &
NETWORK SECURITY

See Topic: CR\TTOGRAPIIV: CONCEPTS & TECUNIOUEs, Long Answer Type Question No.
1(b).
part: Sce Topic: CRYTTOGRAPUY: CONCEPTS & TECIINIQUES, Long
Answer Type
Ouestion No. l(a)(2"" part).
ymd nart: See Topic:
S\MM1ETRIC KEY ALGORITIIM, Short Answer Ty pe Question No. l(1" part).

o a) Given 2 prime numbers

P= 13, Q =31. Find out N, E D in RSA encryption process
h)Why is the SSL layer positioned between application layer and transpose
layer?
c) Name the four key steps in the creation of a Digital certificate How is SHTTP different from
SSL?
a) See Topic: ASTMMETRIC KEY AL.GORITIUM, DIGITAL. SIGNATURE AND RSA, ong Answer
Type Question No. 3.
h
Sce Tonic: INTERNET SECURITY PROTOCOLS,
SERAUTIIENTICATION, Short Answer
Type Question No. 6(a).
e) 1" part: See T'opic: INTERNET SECURITY PROTOCOLS, USER AUTIHENTICATION, Long
Answer Type Qucstion No. 3(a).
2nd part: See Topic: INTERNET SECURITY PROTOCOLS, USER AUTHENTICATION, Short

Answer Type Question No. 5.

10. a) With the help of diagram, briefly explain how public key cryptography works. Explain with a
diegram how the addition of a digital signature changes the process of public key cryptography.
b) Explain the concepts of confusion and diffusion.
c) Expiain the working principle of RC5.
a) See Topic: ASYMMETRIC KEY ALGORITIIM, DIGITAL SIGNATURE AND RSA, Long Answer
Type Qucstion No. 4(a).
b) See Topic: ASYM1METRICKEY ALGORITIIM, DIGITAL SIGNATURE AND RSA, Long Answer
Type Question No. 4(b).
c) See Topic: SYMMETRIC KEY ALGORITIIM, Long Answer Type Question No. 3(i).

11. Write short notes on any three of the following:

a) Firewal
b) Sniffing and spoofing
c) IDEA
d) Diffie-Hellman Key-Exchange/Agreement Algorithm
e) One-Time pad
a) See Topic: FIREWALL, Long Answer Type Question No. 2(a).
b) Sec Topic: ATTACKS ON COMPUTERS & COMPUTER SECURITY, Long Answer Type
Question No. 7(a).
c) See Topic: SYMMETRIC KEY ALGORITHM, Long Answer Type Question No. 3(ii).
AND RSA, Long Answer
) See Topic: ASYMMETRIC KEY ALGORITHM, DIGITAL SIGNATURE
Type Question No. 8(c).
e) See Topic: CRYPTOGRAPIIY: CONCEPTS & TECIINIQUES, Long Answer Type
Question No.
5(b).

C&NS-115
 PQPULAR PUBLICATIONS

QUESTION 2017

Group - A
Questions)
(Multiple Choice Type
any ten of the following
Choose the
1 correct alternatives for
i) Vernam cipher is also called
/b) one-time pad
a) rail-fence technique
d) running-key cipher
c) book Cipher

i) Caesat cipher is an example of

b)transposition cipher
Va)substitution cipher
d) none of these
c) both of these

i) DES encrypts blocks of bits.

a) 32 b) 56 Vc) 64 d) 128

Tv) There are rounds in DES.

a) 8 b) 14 c) 10 Va) 16

v) Book cipher is also called

a) one-time pad b) mono-alphabetic cipher
c) running-key cipher d) Caesar cipher
vi) The attack is related to confidentiality.
a) interception b) fabrication c) modification
d) interruption
vi) DOS attacks are caused by
a) authentication Vb)fabrication
c) alteration d) replay attacks
vii) A worm modify a program.
a) does not b) may or may not
C) does d) may
) The matrix theory is used
in the
a) hill cipher technique.
c) playfair cipher b)mono-alphabetic cipher
d) vigenere cipher
x) A
cryptanalyst is a person
vho
a) derives cryptography
solutions
Vc) both of these D) attempts to break cryptographic solutons
d) none of these

C&NS-116
 CRYTQGRAPUY &
NETWORK SECURITY

To decrypt
amessage encrypled using RSA, we need the
Va) sender's private key b) sender's public key
c) receiver's private key
d) receiver's public key

Group - B
(Short Answer Type Questions)
2
Discuss the man-in-the-middle attack.
Soe Tonic: ATTACKS ON
COMPUERS & COMPUTER SECURITY, Short Answer Tyne Question
No. 3.

3 What is the Denialof Service (DoS) attack?

Soe Tonic:ATTACKS ON COMPUTERS & COMPUTER SECURITY, Long Answer Type Question
No.3.

A What is the difference between substitution cipher and transposition cipher?

See Topic: CRYPTOGRAPHY: CONCEPTS & TECHNIQUES, Short Answer Type Question No. 7.

5 What is mono-alphabetic cipher? How is it different from Caesar cipher?

Sec Topic: CRYPTOGRAPHY:CONCEPTS & TECHNIQUES, Short Answer Type Question No. 8.

Group-C
(Long Answer Type Questions)
6. a) Explain link encryption and end to end encryption in the location of encryption devices.
b) Explain RSA public key encryption algorithm with example.
c) Define Hash function.
a)See Topic: CRYPTOGRAPIIY: CONCEPTS& TECIINIQUES, Long Answer Type Question No.

4(1).
b) See Topic: ASTMMETRIC KEY ALGORITHM, DIGITAL SIGNATURE AND RSA, Short
Answer Type Qucstion No. 6.
c) See Topic: ASYMMETRIC KEY ALGORITIHM, DIGITAL SIGNATURE AND RSA, Long Answer

Type Question No. 5.

7.
concept of Biometric Authentication.
a) Explain in brief the
b) State and explain how IDEAWorks.
c) For a Vernam Cipher do the following:
i) Using pad "ARE encode "TZP"

i) Using pad "ARX decode "YFR".

a) See Topic: INTERNET SECURITY
PROTOCOLS, USER AUTHENTICATION, Long Answer
Type Question No. 1.
Answer Type Question No. 1.
b) SeeTopic: SYMMETRIC KEY ALGORITHM, Long No.
& TECIHNIQUES, Long Answer Type Question
c)See Topic: CRYPTOGRAPHY: CONCEPTS
4(b).

C&NS-117
 POPULAR PUBLICATIONS

message dgest?
8. a) What is mean by key management?
b) What ís HMAC? pharming. What do you
and
c) Differentiate
between phishing
different from SSL?
d) How is SHTTP
key cryptosystem? DIGITAL SIGNATURE AND RSA. Long
e) What is private
ASTMMMETRICKEYALGORITIIM, Answer
a) Sre Topici
l'ype Quetion No.6. SECURITY PROTOCOLS,
ISER AUTHENTICATION, Short
Topic: INTERNET niwer
h) See
Type Question No. 3(b). & COMPUTER SECURITY,
A1TACKS ON
COMPUTERS Short
pan: See Topic: aswer
) 1"
Type Question No. 4(1" part). DIGITAL SIGNATURE AND
ASYMMETRIC KEY ALGORITIIM, RSA,Shor
2 part: Sce Topic:
Answer Typc Questivn No.7.
INTERNET SECURITY
PROTOCOLS, USER ALTIENTICATION, Short
d) Sec T'opic: Answer

Type Qucstion No. 5.

CONCEPTS &
TECHNIQES, ShortAnswer Type Question
e) See Topic: CRYPTOGRAPIIl: No.9,

9. a) What is firewall?
principle of each.
b)What are different types of firewall? Briefiy explain workng
c) What are the limitations of firewall?
d) What is a worm? How does it differ from a virus?
a) See Tapic: FIREWALL, Long Answer Type Question No. 1(1" part).
b) See Topic: FIREWALL, Short Answer Type Question N. I.
c) See Topic: FIREWALL, Long Answer Type Question No. 1(3 part).
d) See Topic: ATTACKS ON COMPUTERS & COMPUTER SECURITY, Long Anner To.
Question No. 1.

10. Write short notes on any three of the following

a) S/MINME
b) Malicious programs
c) RC5
d) IP spoofing and DoS attacks
e) Authentication Header.
a) See Topic: ELECTRONIC MAIL SECURITY, Long
Answer Type Question So. 3(b).
b) See Topic: ATTACKS ON COMPUTERS
& COMPUTER SECURITY, Long
Answer Tp®
Question No. 7(b).
c) See Iopic: STMNIETRIC KEY
ALGORITHVI, Long Answer Tvne
d) Sce Topic: AITACKS ON COMPUTERS Question No. 3(i).
& COMPUTER SECURITY,
Question No. 7(c). Long Answer
c) See T'opic: 1NTERNET SECURITY
PROTOCOLS, ('SER AUTHENTICATION,
Type Question No. 8a). Long A

C&NS-118
 CRYPTOGRAPHY &
NETWORK SECURITY

9UESTION 2018
Group-A
(Multiple Choice Type Questions)
correct alternatives for the following:
1. Choose the
principles related to a message are
The four primary security
)
Va) confidentiality. authentication, integrity and non-repudiation
confidentiality, access Control, non-repudiation and availability
)
d) availability, access control, authorization and authentication

Symmetric key cryptography

is asymmetric key cryptography.
) b) usually slower than
a) always slower than
c)of the
same speed as Vd) faster than

attack is related to authentication.

i) The c) modification d) interruption
a) interception b) fabrication

N) Transposition cipher involves

text with other blocks
/a) replacement of blocks of
b) replacement of characters of
text with other characters
c) strictly row-to-column replacement
text
d) some permutation on the input text to produce cipher

v) Firewall shouldbe situated

a) inside a corporate network
b) outside a corporate
network
the outside word
Vc) between a corporate network and
d) none of the above

SSL layer is located between

Vb) application layer, transport layer
vi)

a) transport layer, network

layer
d) network layer, data link layer
c) data link layer, physical layer

Conversion of cipher text into plain

text is called as
Vi) d) cryptanalyst
c) cryptography
a) encryption b) decryption

Vii) Vernam cipher is also called as

Vb)one-time pad
a) Rail Fence Technique
d) running key cipher
c) book cipher

C&NS-119
 POPULAR PUBLICATIONS
as sequence
as diagonals and reading it of
rows
The process
of writing the text IS calleda
) b) Caesar Cipher
a) Rail Fence Technique d)
Homophonic substitution
cipher cipher
c) Mono-alphabetic
not know
with each other, B must
and B want to communicate securely
) IA c) B's private key
Va) A's private key b) A's
public key d)B's publc
key
Group - B

(Short Answer Type Qucstions)

message digest?
2 What the difference between MAC and
is
PROTOCOLS, USER AUTHENTICATION, Short
See Topic: INTERNET SECURITY Answer
Question No. 7. Tye

3 llustrate the application areas of Public-Key Cryptosystems?

See Topic: CRYPTOGRAPHY: CONCEPTS TECIHNIQUES, Short Answer Type
&

Question
No. 0,
4. What do you use digital signature? What are digital certificates?
See Topic: ASTMMETRIC KEY ALGORITHM, DIGITAL SIGNATURE AND
RSA, Short Annsmer
Type Question No. 8.

5 Explain the significance of SHA-1 (message digest) algorithm.

How is SHA-1 different
MD5? fron
See Tonic: ASVMMETRIC KEY
ALGORITIIN1, DIGITAL
SIGNATURE AND RSA, Shart a..
Type Question No. 9.

6. Describe a single round of DES

with block diagram.
See Topic: SYMMETRIC KEY
ALGORITHM, Short Answer
Type Question No. 6.
7. What are three main
actions of a packet filter?
See Topic: FIREWALL,
Short Answer Type Question No.
2.

Group - C
(Long Answer Type
8. a) What are the Questions)
problems associated
b) Discuss the vernam with clear text password?
cipher.
c) Describe Cipher
Block Chaining
(CBC) mode.
d) State and explain
how IDEA works.
a) See Topic: INTERNET
SECURITY PROTOCOLS,
Type Question No. USER AUTHENTICATION,
6(b). Short A
b) See Topic:
CRYPTOGRAPIIY:
4. CONCEPTS &
TECHNIQES, Short Question Na,
c) See Topic: Answer Type
CRYPTOGRAPIIY:
I(a) (2°part). CONCEPTS &
TECHNIQUES, Nà
Long Answer Type Question

C&NS-120
 CRYTOGRAPIY &
NEIWORKSECURITY

a seeTopic: SVMMETRIC KEY

ALGORITIIM, L.ong Answer Type Questinn No. t.

alWhat is
the difference between MAC and Message Digest?
h How digital signature can be generaled?
Gompare and contrast MD5 and SHA-1 algorithms.
d What is the difference between a mesSage authentication code and a one-way-hash-function?
a) See Topic: INTERNET SECURITY PROTOCOLS, ('SER AUTIENTICATON, Short Answer
Type Question
No. 7.
I See Topic: ASTMIMETRIC KEY ALGORITIN1, DIGITAL. SIGNATURE. AND RSA, Long Answer
Type Question No.
2(1).
Sec Tonic: ASYMMETRICKEY ALGORITIM, DIGITAL. SIGNATURE AND RSA, Long Answer
Type Question No. 2(b).
A See Tonic: INTERNET SECURTY PROTOCOLS, USER AUTHENTICATION, Long Answer
Type Qucestion No.
4.

10 a) When an encryption algorithm is said to be computationally secure?

b) What is {01}-1 in GF(28)? Verify the entry for (01) in the S-box.
c) Consider the Diffie-Hellman scheme with a common prime
p= 11 and primitive root a =2.
() Show that 2 is indeed a generator
(i) (f the user has key Xa=9, what is A's private key?
A

secret key K in between and B?

A

(üi) If the user B has public key Xb =3, what is

d) What are the roles of the public and private key?

a) See Topic: CRYPTOGRAPHY: CONCEPTS &
TECHNIQUES, Short Answer Type Question No.

6.
Answer Type Question No. 2.
b) SeeTopic: SYMMMETRICKEY ALGORITIIM, Long
ALGORITIINM, DIGITAL SIGNATURE AND RSA, Short
c) See Topic: ASYMMETRIC KEY
2.
Answer Type Question No. Type Question No.
d) See Topic: CRYPTOGRAPIY:
CONCEPTS & TECINIQUES, Short Answer

11.

11. a) What is S/MIME?

b) Why does PGP generate
a signature before applying compression?
management in PGP and SIM/ME.
c) Compare and contrast key TCPIP protocol suit.
figures how secure socket layer (SSL)is accommodated in
d) Explain with No. 1.
ELECTRONIC MAIL SECURITY. Short Answer Type Question
a) See Topic: 1.
MAIL SECURITY, Long Answer Type Question No.
b) See Topic: ELECTRONIC Question No. 2.
ELECTRONIC MAIL SECURITY, Long Answer Type
) See Topic: Long Answer
PROTOCOLS, USER AUTHENTICATION,
Topic: INTERNET
SECURITY
d) Sce
Type Question No. 5.

C&NS-121
 POPULARPUBLICATIONS
following
on anythree
of
the
12 Wrte he short notes

a) Biometric Authentication
b) Firewal!
c) DES
d) DMZ Nehwork
e) Cryptanalysis ('SER AUTHENTICATION,
INTERNET SECURIT PROTOCOLS, Long
a) See Topic: Anwer
Type Qucestion No. l. 2(a).
Type Question No.
F7REWALL, Long Answer
b) Sce Topic: e
S\MMETRICKEYALGORITIIMl, Short Answer Type Qucstion No
c)Sec Topic:
No. 2(b).
Long Answer Type Question
d)Sce Topic: IREWALL, TECIINIQU'ES, Long Answer
*) Sec Tapic:
CRYPTOGRAPHY: CONCEPTS & Typc Question

QUESTION 2019

Group - A
(Multiple Choice Type Questions)
1. Choose the correct alternatives for the following:
) Firewall is a specialized form of a
b) disk c) printer Vd) router
a) bridge

i) DES encrypts blocks of bits.

a) 32 Vb) 64 c) 56 d) 128

ii) In which attack there is no modification to message contents?

a) Passive b) Active c) Both (a) and (b) d) None of these

iv) DOS attacks are caused by

a) alternation b) fabrication c) authentication d) replay altacks

v) RSA be used for digital signatures.

a) must b) cannot Vc) can d) should not
vi) Redundancy of plain text increases by
a) confusion b)diffusion
d) none of
c) both (a) and (b) these

vi) We require to verify digital signature.

a)receiver's public key
c)receiver's private key
Vb) sender's private key
d) sender's public key

C&NS-122
 CRYTOGRAPHY&NETWORK SECURITY

aua
Which of the following is a monoalphabetic cipher?
a) vigenere
cipher Vb) ceaser cipher c) autokey cipher d) all of these

are encryption rounds in IDEA

ix) There
b) 16 c) 10 Vd) 8
a) 5
isS an attack on
) Interception
a) availability b) authentication Vc) confidentiality d) access control

Group -B
(Short Answer Type Qucstions)
al Explaun the differences betweern asymmetric key and symmetric key cryptography.
b) What is meant by IP shiftingand IP spoofing?
a See Topic: CRYlTOGRAPIIY: CONCEPTS & TECHNIQUES, Long Answer Type Question No.
1(b).
k Soe Tonic: ATTACKS ON COMPUTERS & COMPUTER SECURITY, Long Answer Type
Question No. 2(b).

algorithm?
What type of key is generated or exchanged by using Diffie-Hellman key exchange
3

Justify your answer.

See Topic: ASYMMETRIC KEYALGORITHM, DIGITAL SIGNATURE AND RSA, Short
Answer
3.,
Type Question No.

4 What is Initialization Vector (IV)? What is its significance?

nswer Type Question No.
A 1.
See Topic: SY\MMIETRIC KEY ALGORITH1, Short

5.What are Brute force attack and Man-in-the-Middle attack?

See Topic: ATTACKS ON COMPUTERS & CO\MPUTER SECURITY,
Short Answer Type Question

No. 7.

6 Draw the lP security authentication header.

AUTHENTICATION, Short Answer Type
See Topic: INTERNET SECURITY PROTOCOLS, USER
Question No. 8.

7 Message Digest and Hash-function.

Explain the working principle of
Sce Topic: ASYMMETRIC KEY ALGORITIIM,
DIGITAL SIGNATURE AND RSA, Short Answer
Type Question No. 10.

Group- C
(Long Answer Type Questions)
. 13, Q=31. Find out N, E, D in RSA encryption process.
a) Given prime
2 numbers P=
D)Why is SSL layer position between application and
transport layer?

C&NS-123
 PUBLICGATIONS
POPULAR
How is SHTTP different from
of digital certificate.
G) Name four key
sleps in creation
KEYAL.GORITUM. DIGITAL SIGNATURE ASD
SSL
AS\MAIETRIC RSA.Short
n) See Topic:
Answer 'ype Qucstion No. I. I 'SER ALTIIENTICATION.
INTERNET SECURITY PROTOCOLS, Short
Tapic:
b) See AnImtr
Type Qucestion No. 6. PROTOCOLS, ('SER AUIUENTICATlO,
INTERVET SECURITY Long Anw.
e) Sce T'opic:
Type Question No. 3(a).

ditference between worm and virus?

a) What is a worm? What the
9. is

b)What are the key principles of security?

c) What is DOS (denial-of-service attack)?
c) What do you mean by network security?
Explain with a suitable mode!

a) See Topic: ATTACKS

ON COVIPUTERS
&
CO\MPTER SEC RITY, Long Answer
Tyype
Qucstion No. I.
b) Sce Topic: ATTACKs ON COMPTERS & COMP(TER SECURITY, Long
Answer Type
Question So. 2(a).
c) See Topic: ATTACKS ON CONMPUTERS & COMPTER SECURRITY, Long
Answer
Question No. 3. Type
d) Sce Topic: INTERNET SECURITY PROTOCOLS, (SERATIIENTICATION.,
LLong Answer
Type Question No. 2.

10 a) What is the purpose of S-Boxes in DES?

b) Explain the concepts of Confusion and Diffusion?
c) Describe the working princple of
DES algorthm for ensurng
d) What are the problems associated security
with clear text passWords?
a) See Topic: SYMMETRIC
KEYALGORITIINM,
b) Sce Tupic: ASTMMETRIC Shart Ansner lype Question ND, 7,
KEY ALGORITIINI,
DIGTTAL SIG\ATRE
Answer Type Question No. AND RSA Short
Il.
c) Sec Topic: SVMETRIC KEY ALGORITIUM,
d) See Tonic: INTERNET Short Anvwer Iype
SECRITY PR0TOCOLS, Question No, 2.
Typc Question No.
6(b).
(SER A
TIENTICATION, Short Anner

11. a) With the

help of diagram, briefly
diagram, how the explain how
addition of a digital putlic key cryptography
b) Describe signature changes works. Explain
the working principle the process of public wha
c) What is Firewal? of IDEA algorthm key cryptograpny
Diferentiate between for ensuring
security
a) See Topic: ASYMMMETRIC Packet fiters and
KEY ALGORITHM, Appication Gateways.
Type Qucstion No, DIGITAL SIGNATIRE
4(a).
b)See Topic: SYMMETRIC AND RSA, Long
c) See Topic: KEY ALGORITIL\M,
FIREWALL,
Short Answer.Type
Long Answer
Question No.
3.
Tvpe Question
So. .

C&NS-124
 CRYITOGRAPUY& NETORK SECURITY

short notes on any three the following

of
12 Write

a) S/MIME
b)Digital Signatures
c) IPSec
d) DMZ Network
e) Brometric
Authentication
See Tonic: ELECTRONIC MAIL SECURITY, Long Answer Type Question No. 3(b).
Answer
k See Tonic: ASMMETRIC KE ALGORITIUM, DIGITAL SIGNATI RE AND RSA, Long

Type Question
No. 8(a).
See Topic: INTERNET SECURITY PROTOCOLS, (SER AUTHENTICATION,
Long Answer

Type Question No.

8(b).
d See T'onic: FIREWALL, Long Answer Type Question No. 2(b).
-) See Topic: INTERNET SECURITY PROTOCOLS, USER AUTHENTICATION, Long Answer
1.
Type Qucstion No.

QUESTION 2023
Group- A
(Very Short Answer Type Question)

1. Answer any ten of the following:

measures can help reduce the risk of data leakage?
See Topic: CRYPTOGRAPHY: CONCEPTS & TECHNIQUES, Very Short Answer Type
Question
No. 21.

i) creates an isolated passage across a public network that. enables

computing devices to communicate and receive data discreetly
as though they were directly linked
to the private network.
See Topic: ATTACKS ON COMPUTERS & CÔMPUTER SECURITY, Very Short Answer Type
Question No. 16.

i) Types of firewall are

See Topic: FIREWALL, Very Short Answer Type Question No. 3.

iv) The protocol is responsible for sending change Cipher Spec messages.
See Topic: INTER:NET SECURITY PROTOCOLS, USER AUTIHENTICATION, Very Short Answer
Type Question No. 4.

wraps the protected information in

) Asymmetric encryption offers a procedure that
package(s).
See Topic: CRYPTOGRAPHY: CONCEPTS & TECHNIQUES, V'ery Short Answer Typc Question
No. 22.

C&NS-125
 POPULAR PUBLICATIONS
encryption and decryption
number of keys for
uses Answer Typc Qucstion No. 5.
vi) AES algorithm KEYALGORITIIM, Very Short
Sec SVMMETRIC
Iopic:
provide
message integrity.
algonithm in order to Very Short Answer
vii) SSL use TECHNIQUES,
&
Type
(RYPTOGRAPIIY': CONCEPTS Question
See Topic:
No. 23.

of operation in
DES is used for operating short data?
modes
vii) Which one of
the followng
KEYALGORITIHM, Very Short Answer
Type Question No. 6.
Sce Topic: SY\MNETRIC

a message digest by the network security protocois

ix) is used to generate SIGNATURE AND RSA.
AS)NIMETRIC KEY' ALGORITHM, DIGITAL Very Short
See Topic:
Answer Type Questian No. 7.

x) In authentication, the daimant proves that he/she knows a secret wthout

actually sending it
Sce Topic: INTERNET SECURITY PROTOCOLS, ('SER ATHEVTICATION, Very Short
Ansmer

Type Qucstion No. 5.

xi) Defhne firewall.

See Topic: FIREWALL, Very Short Answer lype Question No, 4.

xii) A proxygateway is a
See Topic: FIREWALL, Very Short Answer Ty pe (Quetion No. S.

-
Group B
(Short Ansner Type (Question)

2 Define cryptography. Briefly

discussed Diffusion & Confuson
I" Part: See Tapic: CRYPTOGRAPIIV: CONCEPIS &
TECINIQUES, Short Answer Type Questioo
No. 12.
2ndPart: Sce Topic: ASVMMIETRIC KEY ALGORITH\I,
DIGITAL SIGNATVRE AND RSA, Short
Answer Type Question No. 12.

3. Explain the technical details of firewall

and describe any one types of firewall with neat diagta
See Topic: FIREWALL, Short
Answer Type Question No. 4.

4. Explain different types

of cyber attacks to break
Sec network security.
Topic: ATTACKS ON COMIPUTERS & Questios
COMPUTER SECLRITY, Short Answer Type
No. 8.

C&NS-126
 CRYITOGRAPHY &
NETWORKSECURIY

K
Compare stream cipher with block cipher with proper example.
Eor Tonic:CRYPTOGRAPIY: CONCEPTS & TECINIQUES, Short Answer Type Question No. 13.

c Detng cryptanalysis? Explain different security aspect in cryptography.

M Part: Sce Topic: CRYPTOGRAPIIV: CONCETS & TECINIQUES, Short Answer Type Question

No. 12.
,d Purt: See Topic: ATTACKS ON COMPUTERS & COMP("TER SECURITY, Long Answer Type
Question No. 2.(u).

Group - C
(Long Answer Type Question)

What are the steps involved in SSL protocol?

7. a)

b) Discuss the advantages of SSL protocol.

c) How it is different from TSL
See Topic: ASYMMETRIC KEY ALGORITIM, DIGITAL SIGNATURE AND RSA, Long Answer

Type Question No. 7.

Name some viruses & explain working mechanism of those viruses.

8. a)

b) Explaln in detail about various types of attacks.

See Topic: ATTACKS ON COMPUTERS & COMPUTER SECURITY, Long Answer T'ype Question

No. 4.

9 mean by network security?

a) What do you
b) Discuss security mechanism fora network.
c) Describe steganography

d) What is Zombie?
a) See Topic: INTERNET SECURIT PROTOCOLS, USER
AUTIIENTICATION, Long Answer
Type Question No. 6.
SECURITY, Long Answer Type
b) Sec Topic: ATTACKS ON COMPUTERS & COMPUTER
Question No. S.
No. 8.
c) CRYPTOGRAPHY: CONCEPTS & TECHNIQUES, Long Answer Type Question
See Topic:
SECURITY, Long Answer Type
d) See Topic: ATTACKS ON COMPUTERS & COMPTER
Question No. 6.

10. a) Explain the Playfair cipher with example.

b) Discuss Vernam cipher in detail.
Question No. 9.
See Topic: CRYPTOGRAPIIY: CONCEPTS & TECHNIQUES, Long Answer Type

C&NS-127
 POPULAR PUBLICATIONS

11 a) What are BiometriGs?

examples of Biometrics.
b) Discuss different
C) Discuss problems with Current security
systems.
PROTOCOLS, USER
ATIIENTICATION. Long
INTERNET SECURITY Answer
Sce Topic: Type
Question No. 7.

C&NS-128