Module 1

1.Explain classical encryption techniques with symmetric cipher

model.

Symmetric cipher model

Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed
using the

same key.

It is also known as conventional encryption.

Symmetric encryption transforms plaintext into cipher text using a secret key and an encryption
algorithm.

Using the same key and a decryption algorithm, the plaintext is recovered from the cipher text.

A symmetric encryption scheme has five ingredients

o Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.

o Encryption algorithm: The encryption algorithm performs various substitutions and

transformations

on the plaintext.

o Secret key: The secret key is also input to the encryption algorithm. The key is a value independent

of the plaintext and of the algorithm.

o Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the

secret key. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible.

o Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the

ciphertext and the secret key and produces the original plaintext.

A symmetric cipher model are broadly contains five parts.

 Plaintext: This is the original intelligible message.

Encryption algorithm: The encryption algorithm performs various substitutions and

transformations on the plaintext. It takes in plaintext and key and gives the cipher text.

Secret key: The key is a value independent of the plaintext and of the algorithm. Different keys will

yield different outputs.

Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the

secret key.

Decryption algorithm: Runs on the cipher text and the key to produce the plaintext.This is
essentially the

encryption algorithm run in reverse.

Types of Classical Encryption Techniques

1. Substitution Techniques

Substitution techniques replace characters or bits of plaintext with other characters, numbers, or
symbols.

Examples:

• Caesar Cipher:

o Shifts each letter of the plaintext by a fixed number of positions in the alphabet.

o Example: HELLO→KHOOR\text{HELLO} \to \text{KHOOR}HELLO→KHOOR (Shift = 3)

• Monoalphabetic Cipher:

o Maps each plaintext letter to a different ciphertext letter using a substitution table.

o Example: A→M,B→N,…\text{A} \to \text{M}, \text{B} \to \text{N},

\ldotsA→M,B→N,…

• Playfair Cipher:

o Uses a 5×55 \times 55×5 matrix of letters for substitution, encrypting digrams (pairs
of letters).

o Example: "HI" becomes "BM" based on the matrix.

2. Transposition Techniques

Transposition techniques rearrange the order of characters in plaintext without changing the
characters themselves.

Examples:

• Rail Fence Cipher:

o Writes plaintext in a zigzag pattern across multiple rows, then reads row by row.

o Example:
 ▪ Plaintext: HELLOWORLD\text{HELLOWORLD}HELLOWORLD

▪ Zigzag: HLWRDELOOLH L W R D E L O O LHLWRDELOOL Ciphertext:

HLWRDELOOL\text{HLWRDELOOL}HLWRDELOOL

2. Specify the basic task for defining a security service.

A service that enhances the security of the data processing systems and the information transfer of
an organization. The services are intended to counter security attack, and they make use of one or
more security mechanism to provide the service.

• Message Confidentiality − The principle of confidentiality defines that only the sender and
the intended recipient should be capable to create the element of the message. It protects
the transmitted data from passive attack.

Confidentiality can be used at several levels on the basis of content of an information to be

transmitted. There are the following types of confidentiality which are as follows −

o Connection Confidentiality − The protection of all user information on a connection.

o Connectionless Confidentiality − The security of all user data in an individual data

block.

o Traffic-flow Confidentiality − The protection of the information that can be derived

from observation of traffic flows.

• Authentication − The authentication service is concerned with likely that a connection is

authentic. In the case of a single message, including a warning or alarm signal, the function
of the authentication service is to persuade the recipient that the message is from the source
that it declare to be from.

• Non-repudiation − Nonrepudiation avoids either sender or receiver from adverse a

transmitted message. Therefore, when a message is sent, the receiver can validate that the
asserted sender actually sent the message.

Likewise, when a message is received, the sender can validate that the asserted receiver actually
received the message.

• Access Control − The principle of access control decides who should be capable to access
information or system through communication link. It supports the avoidance of
unauthorized use of a resource.

• Data Integrity − Data integrity is designed to secure information from modification, insertion,
deletion and rehashing by any entity. Data integrity can be used to a flow of message, an
individual message or a selected portion inside a message. Data integrity can be used to
support total stream protection.

3. Specify the components of encryption algorithm.

### **Components of an Encryption Algorithm**

An encryption algorithm is composed of several key components that work together to transform
plaintext into ciphertext and vice versa. Here are the components:

---
### **1. Plaintext**
- **Definition:** The original, unencrypted data or message that needs to be protected.
- **Example:** A text message, file, or email in its readable format.

---

### **2. Encryption Algorithm**

- **Definition:** The mathematical process or set of rules used to transform plaintext into ciphertext.
- **Purpose:** Uses the secret key to scramble the plaintext, making it unreadable without
decryption.
- **Example:** Algorithms like AES (Advanced Encryption Standard), DES (Data Encryption
Standard), or RSA.

---

### **3. Secret Key**

- **Definition:** A key used in the encryption and decryption process.
- **Types:**
- **Symmetric Key:** The same key is used for both encryption and decryption.
- **Asymmetric Key:** Uses a pair of keys (public and private keys).
- **Purpose:** Determines how the plaintext is transformed into ciphertext.
- **Example:** A 128-bit or 256-bit key in AES.

---

### **4. Ciphertext**

- **Definition:** The encrypted output produced by the encryption algorithm.
- **Purpose:** Represents the plaintext in an unreadable format to protect its contents from
unauthorized access.
- **Example:** Random-looking data like "Hdu84&ks09*" that requires a key for decryption.

---

### **5. Decryption Algorithm**

- **Definition:** The mathematical process used to transform ciphertext back into plaintext.
- **Purpose:** Uses the secret key to reverse the encryption process and retrieve the original data.
- **Example:** Decrypting ciphertext produced by AES using the same secret key.

---

### **Process Flow**

1. Plaintext → **Encryption Algorithm** + **Secret Key** → Ciphertext
2. Ciphertext → **Decryption Algorithm** + **Secret Key** → Plaintext

These components ensure secure data communication and are the foundation of modern cryptographic
systems.

4. What are the design parameters of Feistel cipher network?

### **Design Parameters of Feistel Cipher Network**

A **Feistel Cipher Network** is a structure used to build block ciphers, named after Horst Feistel. It
divides the plaintext into two halves and processes them in multiple rounds to achieve encryption.
The following design parameters influence the effectiveness and efficiency of a Feistel cipher:

---

### **1. Block Size**

- **Definition:** The size of the data block processed at a time (in bits).

- **Impact:**

- Larger block sizes offer stronger security but require more memory and processing power.

- Common block sizes: 64 bits (e.g., DES) and 128 bits (e.g., AES in Feistel-based variants).

---

### **2. Key Size**

- **Definition:** The size of the encryption key (in bits).

- **Impact:**

- Larger key sizes enhance security by increasing the difficulty of brute-force attacks.

- Typical key sizes: 56 bits (DES), 128, 192, or 256 bits (modern ciphers).

---

### **3. Number of Rounds**

- **Definition:** The number of iterations the algorithm performs to transform the plaintext into
ciphertext.

- **Impact:**

- More rounds increase security but reduce performance.

- Common: DES uses 16 rounds, while some modern ciphers use more.

---

### **4. Subkey Generation Algorithm**

- **Definition:** The method used to derive subkeys from the main key for each round.

- **Impact:**

- A good subkey generation algorithm ensures that keys are highly uncorrelated and sufficiently
random.

- Examples: Permutations, rotations, or cryptographic hash functions.

---

### **5. Round Function (F-function)**

- **Definition:** The core function applied in each round to one half of the data block.

- **Impact:**

- Determines the complexity and security of the cipher.

- Should introduce confusion and diffusion effectively.

- Commonly incorporates substitution (S-boxes) and permutation (P-boxes).

---

### **6. Fast Software Encryption/Decryption**

- **Definition:** The ability of the cipher to be efficiently implemented in software.

- **Impact:**

- Determines the practicality of the cipher for real-world applications.

- Simpler round functions enhance performance but may compromise security.

---

### **7. Ease of Analysis**

- **Definition:** The cipher's resistance to cryptanalysis while still being mathematically analyzable.

- **Impact:**

- A well-designed Feistel cipher balances complexity and transparency, making it secure yet
understandable for verification.

---
### **Key Advantages of Feistel Cipher Design**

- **Symmetric structure:** Enables the same algorithm to be used for both encryption and
decryption.

- **Flexibility:** Adjusting parameters like block size, key size, and number of rounds allows tailoring
for specific security and performance needs.

- **Security:** Proven resistance to certain cryptanalytic attacks when designed correctly.

5. Why network need security?

Benefits of Network Security

Network Security has several benefits, some of which are mentioned below:

• Network Security helps in protecting clients’ information and data which ensures reliable
access and helps in protecting the data from cyber threats.

• Network Security protects the organization from heavy losses that may have occurred from
data loss or any security incident.

• It overall protects the reputation of the organization as it protects the data and confidential
items.

Advantages of Network Security

• Protection from Unauthorized Access: Network security measures such as firewalls and
authentication systems prevent unauthorized users from accessing sensitive information or
disrupting network operations.

• Data Confidentiality: Encryption technologies ensure that data transmitted over the network
remains confidential and cannot be intercepted by unauthorized parties.

• Prevention of Malware and Viruses: Network security solutions like antivirus software and
intrusion detection systems (IDS) detect and block malware, viruses, and other malicious
threats before they can infect systems.

• Secure Remote Access: Virtual private networks (VPNs) and other secure remote access
methods enable employees to work remotely without compromising the security of the
organization’s network and data.

6. Differentiate symmetric and asymmetric encryption?

ymmetric Key Encryption Asymmetric Key Encryption

It requires two keys, a public key and a

It only requires a single key for both
private key, one to encrypt and the
encryption and decryption.
other to decrypt.
ymmetric Key Encryption Asymmetric Key Encryption

The size of ciphertext is the same or smaller The size of ciphertext is the same or
than the original plaintext. larger than the original plaintext.

The encryption process is very fast. The encryption process is slow.

It is used when a large amount of data It is used to transfer small amount of

needs to be transferred. data.

It provides confidentiality, authenticity,

It only provides confidentiality.
and non-repudiation.

The length of key used is 2048 or

The length of key used is 128 or 256 bits
higher

In symmetric key encryption, resource

In asymmetric key encryption, resource
utilization is low compared to asymmetric
utilization is high.
key encryption.

It is efficient as it is used for handling large It is comparatively less efficient as it

amount of data. can handle a small amount of data.

Security is higher as two keys are used,

Security is lower as only one key is used for
one for encryption and the other for
both encryption and decryption purposes.
decryption.

The Mathematical Representation is as

The Mathematical Representation is as
follows-
follows-
P = D(Kd, E (Ke,P))
P = D (K, E(K, P))
where Ke –> encryption key
where K –> encryption and decryption key
Kd –> decryption key
P –> plain text
D –> Decryption
D –> Decryption
E(Ke, P) –> Encryption of plain text
E(K, P) –> Encryption of plain text using K
using encryption key Ke. P –> plain text
ymmetric Key Encryption Asymmetric Key Encryption

Examples: Diffie-Hellman, ECC, El

Examples: 3DES, AES, DES and RC4
Gamal, DSA and RSA
Module 2
1. What is an elliptic curve?

ECC, as the name implies, is an asymmetric encryption algorithm that employs the algebraic
architecture of elliptic curves with finite fields.

• Elliptic Curve Cryptography (ECC) is an encryption technology comparable to RSA that

enables public-key encryption.

• While RSA’s security is dependent on huge prime numbers, ECC leverages the mathematical
theory of elliptic curves to achieve the same level of security with considerably smaller keys.

Components of Elliptic Curve Cryptography

Below are the components of elliptic curve cryptography:

1. ECC keys:

• Private key: ECC cryptography’s private key creation is as simple as safely producing a
random integer in a specific range, making it highly quick. Any integer in the field represents
a valid ECC private key.

• Public keys: Public keys within ECC are EC points, which are pairs of integer coordinates x,
and y that lie on a curve. Because of its unique features, EC points can be compressed to a
single coordinate + 1 bit (odd or even). As a result, the compressed public key corresponds to
a 256-bit ECC.

2. Generator Point:

• ECC cryptosystems establish a special pre-defined EC point called generator point G (base
point) for elliptic curves over finite fields, which can generate any other position in its
subgroup over the elliptic curve by multiplying G from some integer in the range [0…r].

• The number r is referred to as the “ordering” of the cyclic subgroup.

• Elliptic curve subgroups typically contain numerous generator points, but cryptologists
carefully select one of them to generate the entire group (or subgroup), and is excellent for
performance optimizations in calculations. This is the “G” generator.

Application of Elliptic Curve Cryptography

• Diffie-Hellman: The basic public-key cryptosystem suggested for secret key sharing is the
Diffie-Hellman protocol. If A (Alice) and B (Bob) initially agree on a given curve, field size, and
mathematical type. They then distribute the secret key in the following manner. We can see
that all we need to build the Diffie-Hellman protocol is scalar multiplication.

• Elliptic Curve Digital Signature Algorithm (ECDSA): ECC is one of the most widely utilized
digital signature implementation approaches in cryptocurrencies. In order to sign
transactions, both Bitcoin and Ethereum use the field inverse multiplication, but also
arithmetic multiplication, inverse function, and modular operation.
 • Online application: Moreover, ECC is not limited to cryptocurrencies. It is an encryption
standard that will be utilized by most online apps in the future due to its reduced key size
and efficiency. Most commonly used in cryptocurrencies such as Bitcoin and Ethereum, along
with single-way encryption of emails, data, and software.

• Blockchain application: The cryptocurrency Bitcoin employs elliptic curve

cryptography. Ethereum 2.0 makes heavy use of elliptic curve pairs with BLS signatures, as
stated in the IETF proposed BLS specification, to cryptographically ensure that a specific Eth2
validator has really verified a specific transaction.

2. Determine the gcd (24140, 16762) using Euclid’s algorithm.

Soln:

We know, gcd(a, b) = gcd(b, a mod b) gcd(24140,16762) =gcd(16762,7378) gcd(7378,2006)

=gcd(2006,1360) gcd(1360,646) =gcd(646,68) gcd(68,34) = 34

gcd(24140,16762) = 34.

Step 1 :
Divide 24140 by 16762 and get the remainder

24140:16762=1 ( remainder is 7378 )

The remainder is positive (7378>0), so we will continue with division.

Step 2 :
Divide 16762 by 7378 and get the remainder

16762:7378=2 ( remainder is 2006 )

The remainder is still positive (2006>0), so we will continue with division.

Step 3 :
Divide 7378 by 2006 and get the remainder

7378:2006=3 ( remainder is 1360 )

The remainder is still positive (1360>0), so we will continue with division.

Step 4 :
Divide 2006 by 1360 and get the remainder

2006:1360=1 ( remainder is 646 )

The remainder is still positive (646>0), so we will continue with division.

Step 5 :
Divide 1360 by 646 and get the remainder

1360:646=2 ( remainder is 68 )

The remainder is still positive (68>0), so we will continue with division.

Step 6 :
Divide 646 by 68 and get the remainder
646:68=9 ( remainder is 34 )

The remainder is still positive (34>0), so we will continue with division.

Step 7 :
Divide 68 by 34 and get the remainder

68:34=2 ( remainder is 0 )

The remainder is zero => GCD is the last divisor 34.

We can summarize an algorithm into a following table.

2414 1676
: = 1 remainder ( 7378 )
0 2

1676 737
: = 2 remainder ( 2006 )
2 8

737 20
: = 3 remainder ( 1360 )
8 06

20 13
: = 1 remainder ( 646 )
06 60

6
13
: 4 = 2 remainder ( 68 )
60
6

6
6 remainder
4 : = 9
8 ( 34 )
6

remain
6 3
: = 2 der
8 4
(0)

GCD = 34

3. Define Fermat Theorem?

Fermat’s little theorem states that if p is a prime number, then for any integer a, the number a p – a is
an integer multiple of p.

Here p is a prime number

ap ≡ a (mod p).

Special Case: If a is not divisible by p, Fermat’s little theorem is equivalent to the statement that a p-1-
1 is an integer multiple of p.
ap-1 ≡ 1 (mod p)
OR
ap-1 % p = 1
Here a is not divisible by p.

Take an Example How Fermat’s little theorem works

Example 1:

P = an integer Prime number

a = an integer which is not multiple of P

Let a = 2 and P = 17

According to Fermat's little theorem

2 17 - 1 ≡ 1 mod(17)

we got 65536 % 17 ≡ 1

that mean (65536-1) is an multiple of 17

4. State and explain the principles of public key cryptography?

### **Principles of Public Key Cryptography**

Public key cryptography, also known as **asymmetric cryptography**, is a cryptographic method

that uses two different keys: a **public key** for encryption and a **private key** for decryption.
This method ensures secure communication and data transfer. Below are the main principles:

---

### **1. Key Pair**

Public key cryptography relies on the use of two mathematically related keys:

- **Public Key:** This key is shared publicly and is used for encrypting messages.

- **Private Key:** This key is kept secret and is used for decrypting messages encrypted with the
corresponding public key.

---

### **2. Encryption and Decryption**

- **Encryption:** The sender encrypts the message using the recipient's public key.

- **Decryption:** The recipient decrypts the message using their private key.

This ensures that only the intended recipient can read the message.

---

### **3. One-Way Function**

- Public key cryptography uses mathematical functions that are easy to compute in one direction
(encryption using a public key) but infeasible to reverse without the private key.

---

### **4. Digital Signatures**

- Public key cryptography allows for digital signatures, which provide **authentication, integrity, and
non-repudiation**:

- A sender can sign a message with their private key.

- The receiver can verify the signature using the sender's public key.

---

### **5. Secure Key Exchange**

- Public key cryptography facilitates the secure exchange of symmetric keys in systems like HTTPS.
This hybrid approach combines the efficiency of symmetric encryption with the security of
asymmetric methods.

---

### **Advantages of Public Key Cryptography**

1. **Enhanced Security:** Private keys are not shared, reducing the risk of compromise.

2. **Scalability:** Public keys can be freely distributed without compromising security.

3. **Digital Signatures:** Ensures data authenticity and integrity.

---

### **Disadvantages of Public Key Cryptography**

1. **Performance:** Slower than symmetric cryptography due to complex mathematical operations.

2. **Key Management:** Requires careful handling of public-private key pairs.

---

### **Applications of Public Key Cryptography**

1. **Secure Communication:** Used in emails, web browsers (HTTPS), and VPNs.

2. **Digital Signatures:** Verifies authenticity in documents and certificates.

3. **Key Exchange:** Securely exchanges symmetric keys for encrypted communication.

4. **Authentication Systems:** Enables secure login mechanisms like RSA tokens.

5. List the schemes for the distribution of public keys.

Distribution of Public Key

The public key can be distributed in four ways:
1. Public announcement
2. Publicly available directory
3. Public-key authority
4. Public-key certificates.
These are explained as following below:
1. Public Announcement: Here the public key is broadcast to everyone. The major weakness
of this method is a forgery. Anyone can create a key claiming to be someone else and
broadcast it. Until forgery is discovered can masquerade as claimed user.
2. Publicly Available Directory: In this type, the public key is stored in a public directory.
Directories are trusted here, with properties like Participant Registration, access and allow to
modify values at any time, contains entries like {name, public-key}. Directories can be
accessed electronically still vulnerable to forgery or tampering.
3. Public Key Authority: It is similar to the directory but, improves security by tightening
control over the distribution of keys from the directory. It requires users to know the public
key for the directory. Whenever the keys are needed, real-time access to the directory is made
by the user to obtain any desired public key securely.
4. Public Certification: This time authority provides a certificate (which binds an identity to
the public key) to allow key exchange without real-time access to the public authority each
time. The certificate is accompanied by some other info such as period of validity, rights of
use, etc. All of this content is signed by the private key of the certificate authority and it can
be verified by anyone possessing the authority’s public key.
First sender and receiver both request CA for a certificate which contains a public key and
other information and then they can exchange these certificates and can start communication

5. What is the difference between link and end to end encryption?

6. Aspect Link Encryption End-to-End Encryption
Encrypts data at each link of the Encrypts data from the sender to the
Definition
communication path. receiver directly.
Encryption Encrypts data at every hop (e.g., Encrypts data only at the endpoints
Scope routers, switches). (sender and receiver).
Who Has Intermediate nodes (routers, switches) Only the sender and receiver have
Access to Keys decrypt and re-encrypt the data. access to the encryption keys.
Data is decrypted and re-encrypted Data remains encrypted throughout the
Data
at each hop, so it can be exposed at communication path and is never exposed
Exposure
intermediate nodes. to intermediate nodes.
Common in networks where data passes Common in secure messaging apps
Use
through trusted intermediary systems (e.g., (e.g., WhatsApp, Signal) and secure
Cases
MPLS networks). email systems.
 Relies on the security of intermediate Provides stronger security as
Security
nodes; less secure against attacks on intermediaries cannot access the
Level
these nodes. plaintext data.
Slightly faster since intermediaries Slightly slower due to the
Performance decrypt and forward the data without computation involved in
complex end-to-end encryption setups. encrypting/decrypting at endpoints.
Less complex; easier to implement for More complex due to the need for key
Complexity
managing data across multiple hops. management between endpoints.
Used in traditional communication Used in modern communication systems
Examples networks like telephone systems and like TLS/SSL (HTTPS), and secure
older internet protocols. messaging platforms.
Module 3
1.Explain triple DES with keys.

Ans : triple des is an encryption algorithm based on the original data encryption standard it is a
symmetric encryption algorithm that uses multiple rounds of data encryption standard to improve
securities it is also known as triple d e s because it uses the data encryption standard cipher which
takes three times to encrypt its data it is essential block cipher use to encrypt data in 64 bit blocks
security wise it out performs the original data encryption standard however triple d e s is less
efficient and slower than advanced encryption standard aes

Feature of triple des:-

• It utilizers are triple layer of encryption which means it utilises three different keys to encrypt
the plane text three times
• It's a sports variable key size which range from 128 bits to 192 bits
• It basically involves the uses of a symmetric key encryption system which states that the
same case used for both encryption and decryption
• It is a block cipher encryption algorithm that works with 64 bit blocks of plane text at a time
• It is a suitable for legacy systems that requires secure encryption

Encryption process:-

• Key generation -this is the first step of encryption process of triple d e s in the system three
unit keys are generated using a key derivation algorithm
• Initial permutation-this is step comes after the process of key generation it invoice the
rearrangements of bits of the plain text according to a predefined permutation table
• Three rounds of encryption-this is regarded as the most important round of the encryption
process of triple des it consist of multiple rounds typically 48 rounds in total in the system
the plane text is processed three times and get encrypted each time we take use of different
keys to create three layers of encryption
• Final permutation-it completes the tripleds process in the system the resulting sephet text
blocks under goes a final permutation operation which which the inverse of the initial
permutation and returns the bits of the saffer text blocks to their original order

Advantage of triple d e s

• It provides three layer encryption techniques which provides and hand security features.
• it offers backward compatibility with the data encryption standard which means it can use
the legacy system that uses DES
• it support variable key sizes which lead to enhance security
• it is widely used encryption algorithm and is used with many encryption standards and
protocols

Applications of DeS

• Financial transaction DS is widely used in financial transactions record it secures the

transactions that takes place like online banking credit card payment etc
 • Data protection DS is often used to protect sensitive data which are stored on computers
service and other electronic devices it used in various fields such as health care government
etc
• Virtual private network security communication process between the remote locations it is
done by securing the virtual private networks

Disadvantage of triple des

• Performance they algorithm is slower than newer encryption standards example aes due to
multiple rounds of processing
• Security councils do much stronger than d e s it is available to specific attacks likes meet in
the middle attacks and is no longer considered sector for most modern applications

2. Describe about RC4 algorithm.

RC4 is a stream cipher and variable-length key algorithm. This algorithm encrypts one byte at a time
(or larger units at a time). A key input is a pseudorandom bit generator that produces a stream 8-bit
number that is unpredictable without knowledge of input key, The output of the generator is called
key-stream, is combined one byte at a time with the plaintext stream cipher using X-OR operation.

Key-Generation Algorithm – A variable-length key from 1 to 256 bytes is used to initialize a 256-byte
state vector S, with elements S[0] to S[255]. For encryption and decryption, a byte k is generated
from S by selecting one of the 255 entries in a systematic fashion, then the entries in S are permuted
again.
Features of the RC4 encryption algorithm:

1. Symmetric key algorithm: RC4 is a symmetric key encryption algorithm, which means that
the same key is used for encryption and decryption.

2. Stream cipher algorithm: RC4 is a stream cipher algorithm, which means that it encrypts and
decrypts data one byte at a time. It generates a key stream of pseudorandom bits that are
XORed with the plaintext to produce the ciphertext.

3. Variable key size: RC4 supports variable key sizes, from 40 bits to 2048 bits, making it flexible
for different security requirements.

4. Fast and efficient: RC4 is a fast and efficient encryption algorithm that is suitable for low-
power devices and applications that require high-speed data transmission.

5. Widely used: RC4 has been widely used in various applications, including wireless networks,
secure sockets layer (SSL), virtual private networks (VPN), and file encryption.

6. Vulnerabilities: RC4 has several vulnerabilities, including a bias in the first few bytes of the
keystream, which can be exploited to recover the key. As a result, RC4 is no longer
recommended for use in new applications.

Advantages:

1. Fast and efficient: RC4 is a very fast and efficient encryption algorithm, which makes it
suitable for use in applications where speed and efficiency are critical.
 2. Simple to implement: RC4 is a relatively simple algorithm to implement, which means that it
can be easily implemented in software or hardware.

3. Variable key size: RC4 supports variable key sizes, which makes it flexible and adaptable for
different security requirements.

4. Widely used: RC4 has been widely used in various applications, including wireless networks,
secure sockets layer (SSL), virtual private networks (VPN), and file encryption.

Disadvantages:

1. Vulnerabilities: RC4 has several known vulnerabilities that make it unsuitable for new
applications. For example, there is a bias in the first few bytes of the keystream, which can be
exploited to recover the key.

2. Security weaknesses: RC4 has some inherent weaknesses in its design, which make it less
secure than other encryption algorithms, such as AES or ChaCha20.

3. Limited key length: The maximum key length for RC4 is 2048 bits, which may not be
sufficient for some applications that require stronger encryption.

4. Not recommended for new applications: Due to its vulnerabilities and weaknesses, RC4 is
no longer recommended for use in new applications. Other more secure stream cipher
algorithms, such as AES-CTR or ChaCha20, should be used instead.

3.Briefly explain the idea behind Elliptic Curve Cryptosystem.

ECC, as the name implies, is an asymmetric encryption algorithm that employs the algebraic
architecture of elliptic curves with finite fields.
• Elliptic Curve Cryptography (ECC) is an encryption technology comparable to RSA
that enables public-key encryption.
• While RSA’s security is dependent on huge prime numbers, ECC leverages the
mathematical theory of elliptic curves to achieve the same level of security with
considerably smaller keys.

Components of Elliptic Curve Cryptography

Below are the components of elliptic curve cryptography:
1. ECC keys:
• Private key: ECC cryptography’s private key creation is as simple as safely
producing a random integer in a specific range, making it highly quick. Any integer in
the field represents a valid ECC private key.
• Public keys: Public keys within ECC are EC points, which are pairs of integer
coordinates x, and y that lie on a curve. Because of its unique features, EC points can
be compressed to a single coordinate + 1 bit (odd or even). As a result, the
compressed public key corresponds to a 256-bit ECC.
2. Generator Point:
• ECC cryptosystems establish a special pre-defined EC point called generator point G
(base point) for elliptic curves over finite fields, which can generate any other position
in its subgroup over the elliptic curve by multiplying G from some integer in the
range [0…r].
• The number r is referred to as the “ordering” of the cyclic subgroup.
 • Elliptic curve subgroups typically contain numerous generator points, but
cryptologists carefully select one of them to generate the entire group (or subgroup),
and is excellent for performance optimizations in calculations. This is the “G”
generator.
Elliptic Curve Cryptography Algorithms
Based on the arithmetic of elliptic curves over finite fields, Elliptic-Curve Cryptography
(ECC) provides numerous sets of algorithms:
Digital signature algorithms:
• Elliptic Curve Digital Signature Algorithm. (ECDSA): ECDSA, or Elliptic Curve
Digital Signature Algorithm, is a more highly complicated public-key cryptography
encryption algorithm. Elliptic curve cryptography is a type of public key cryptography
that uses the algebraic structure of elliptic curves with finite fields as its foundation.
Elliptic curve cryptography is primarily used to generate pseudo-random numbers,
digital signatures, and other data.
• Edwards-curve Digital Signature Algorithm (EdDSA): The Edwards-curve Digital
Signature Algorithm (EdDSA) was proposed as a replacement for the Elliptic Curve
Digital Signature Algorithm for performing fast public-key digital signatures
(ECDSA). Its primary benefits for embedded devices are higher performance and
simple, secure implementations. During a signature, no branch or lookup operations
based on the secret values are performed. Many side-channel attacks are foiled by
these properties.
Encryption algorithms:
• Elliptic Curve Integrated Encryption Scheme (ECIES): ECIES is a public-key
authenticated encryption scheme that uses a KDF (key-derivation function) to
generate a separate Medium Access Control key and symmetric encryption key from
the ECDH shared secret. Because the ECIES algorithm incorporates a symmetric
cipher, it can encrypt any amount of data. In practice, ECIES is used by standards
such as Intelligent Transportation Systems.
• EC-based ElGamal Elliptic Curve Cryptography: ElGamal Elliptic Curve
Cryptography is the public key cryptography equivalent of ElGamal encryption
schemes that employ the Elliptic Curve Discrete Logarithm Problem. ElGamal is an
asymmetric encryption algorithm that is used to send messages securely over long
distances. Unfortunately, if the encrypted message is short enough, the algorithm is
vulnerable to a Meet in the Middle attack.
Key Agreement algorithm:
• Elliptic-curve Diffie–Hellman (ECDH): Elliptic-curve Diffie-Hellman (ECDH) is a
key agreement protocol that enables two parties to establish a shared secret over an
insecure channel, each with an elliptic-curve public-private key pair. This shared
secret can be used directly as a key or to generate another key. Following that, the
key, or the derived key, can be used to encrypt subsequent communications with a
symmetric-key cipher.
• Fully Hashed Menezes-Qu-Vanstone(FHMQV): Fully Hashed Menezes-Qu-
Vanstone is an authenticated key agreement protocol based on the Diffie-Hellman
scheme. MQV, like other authenticated Diffie-Hellman schemes, protects against an
active attacker. The protocol can be adapted to work in any finite group, most notably
elliptic curve groups, in which it is recognized as elliptic curve MQV (ECMQV).
Application of Elliptic Curve Cryptography
• Diffie-Hellman: The basic public-key cryptosystem suggested for secret key sharing
is the Diffie-Hellman protocol. If A (Alice) and B (Bob) initially agree on a given
curve, field size, and mathematical type. They then distribute the secret key in the
 following manner. We can see that all we need to build the Diffie-Hellman protocol is
scalar multiplication.
• Elliptic Curve Digital Signature Algorithm (ECDSA): ECC is one of the most
widely utilized digital signature implementation approaches in cryptocurrencies. In
order to sign transactions, both Bitcoin and Ethereum use the field inverse
multiplication, but also arithmetic multiplication, inverse function, and modular
operation.
• Online application: Moreover, ECC is not limited to cryptocurrencies. It is an
encryption standard that will be utilized by most online apps in the future due to its
reduced key size and efficiency. Most commonly used in cryptocurrencies such as
Bitcoin and Ethereum, along with single-way encryption of emails, data, and
software.
• Blockchain application: The cryptocurrency Bitcoin employs elliptic curve
cryptography. Ethereum 2.0 makes heavy use of elliptic curve pairs with BLS
signatures, as stated in the IETF proposed BLS specification, to cryptographically
ensure that a specific Eth2 validator has really verified a specific transaction.

ECC RSA
Parameters

ECC is a cryptography RSA cryptography

technique that works just on algorithm is primarily
Working a mathematical model of based on the prime
algorithm elliptic curves. factorization approach.

RSA provides much lesser

Bandwidth ECC gives significant
bandwidth saving than
bandwidth savings over RSA.
savings ECC.

Encryption The encryption process takes The encryption process

process less time in ECC. takes more time in RSA.

Decryption The decryption process takes Decryption is faster than

process more time. ECC.

ECC is much safer than RSA

RSA is heading toward the
and is currently in the process
end of its tenure.
Security of adapting.

4.Compare the Features of SHA-1 and MD5 algorithm.

 MD5 SHA1

While SHA1 stands for Secure

MD5 stands for Message Digest.
Hash Algorithm.

MD5 can have 128 bits length of message Whereas SHA1 can have 160
digest. bits length of message digest.

While the speed of SHA1 is

The speed of MD5 is fast in comparison of
slow in comparison of MD5’s
SHA1’s speed.
speed.

To make out the initial message the

On the opposite hand, in SHA1
aggressor would want 2^128 operations
it’ll be 2^160 that makes it
whereas exploitation the MD5 algorithmic
quite troublesome to seek out.
program.

While SHA1 is more complex

MD5 is simple than SHA1.
than MD5.

While it provides balanced or

MD5 provides indigent or poor security.
tolerable security.

In MD5, if the assailant needs to seek out Whereas in SHA1, assailant

the 2 messages having identical message would need to perform 2^80
digest then assailant would need to operations which is greater
perform 2^64 operations. than MD5.

While SHA1 was presented in

MD5 was presented in the year 1992.
the year 1995.

5. What are the properties a digital signature should have?

 1. Authenticity: The identity of the signer is verified.

2. Integration: Since the content was digitally signed, it hasn’t been altered or interfered with.

3. Non-repudiation: demonstrates the source of the signed content to all parties. The act of a
signer denying any affiliation with the signed material is known as repudiation.

4. Notarization: Under some conditions, a signature in a Microsoft Word, Microsoft Excel, or

Microsoft PowerPoint document that has been time-stamped by a secure time-stamp server
is equivalent to a notarization.

6.What are the requirements for message authentication?

Authentication Requirements:
• Revelation: It means releasing the content of the message to someone who does not have an
appropriate cryptographic key.
• Analysis of Traffic: Determination of the pattern of traffic through the duration of
connection and frequency of connections between different parties.
• Deception: Adding out of context messages from a fraudulent source into a communication
network. This will lead to mistrust between the parties communicating and may also cause
loss of critical data.
• Modification in the Content: Changing the content of a message. This includes inserting
new information or deleting/changing the existing one.
• Modification in the sequence: Changing the order of messages between parties. This
includes insertion, deletion, and reordering of messages.
• Modification in the Timings: This includes replay and delay of messages sent between
different parties. This way session tracking is also disrupted.
• Source Refusal: When the source denies being the originator of a message.
• Destination refusal: When the receiver of the message denies the reception.
MODULE 4
1. What is application level gateway?

Application level gateway

• Application-level gateway is also called a bastion host. It operates at the application level.
Multiple application gateways can run on the same host but each gateway is a separate
server with its own processes.

• These firewalls, also known as application proxies, provide the most secure type of data
connection because they can examine every layer of the communication, including the
application data.

• Example: Consider FTP service. The FTP commands like getting the file, putting the file, listing
files, and positioning the process at a particular point in a directory tree. Some system admin
blocks put command but permits get command, list only certain files, or prohibit changing
out of a particular directory. The proxy server would simulate both sides of this protocol
exchange. For example, the proxy might accept get commands and reject put commands.

It works as follows:

Step-1: User contacts the application gateway using a TCP/IP application such as HTTP.

Step-2: The application gateway asks about the remote host with which the user wants to establish a
connection. It also asks for the user id and password that is required to access the services of the
application gateway.

Step-3: After verifying the authenticity of the user, the application gateway accesses the remote host
on behalf of the user to deliver the packets.

2. Define virus. Specify the types of viruses?

A virus is a fragment of code embedded in a legitimate program. Viruses are self-replicating and are
designed to infect other programs. They can wreak havoc in a system by modifying or destroying files
causing system crashes and program malfunctions. On reaching the target machine a virus
dropper(usually a trojan horse) inserts the virus into the system.
For more details, refer to this.

Various types of viruses:

• File Virus:
This type of virus infects the system by appending itself to the end of a file. It changes the
start of a program so that the control jumps to its code. After the execution of its code, the
control returns back to the main program. Its execution is not even noticed. It is also called
a Parasitic virus because it leaves no file intact but also leaves the host functional.

• Boot sector Virus:

It infects the boot sector of the system, executing every time system is booted and before
the operating system is loaded. It infects other bootable media like floppy disks. These are
also known as memory viruses as they do not infect the file systems.

• Macro Virus:
Unlike most viruses which are written in a low-level language(like C or assembly language),
these are written in a high-level language like Visual Basic. These viruses are triggered
when a program capable of executing a macro is run. For example, the macro viruses can be
contained in spreadsheet files.
 • Source code Virus:
It looks for source code and modifies it to include virus and to help spread it.

• Polymorphic Virus:
A virus signature is a pattern that can identify a virus(a series of bytes that make up virus
code). So in order to avoid detection by antivirus a polymorphic virus changes each time it is
installed. The functionality of the virus remains the same but its signature is changed.

• Encrypted Virus:
In order to avoid detection by antivirus, this type of virus exists in encrypted form. It carries a
decryption algorithm along with it. So the virus first decrypts and then executes.

• Stealth Virus:
It is a very tricky virus as it changes the code that can be used to detect it. Hence, the
detection of viruses becomes very difficult. For example, it can change the read system call
such that whenever the user asks to read a code modified by a virus, the original form of
code is shown rather than infected code.

• Tunneling Virus:
This virus attempts to bypass detection by antivirus scanner by installing itself in the
interrupt handler chain. Interception programs, which remain in the background of an
operating system and catch viruses, become disabled during the course of a tunneling virus.
Similar viruses install themselves in device drivers.

• Multipartite Virus:
This type of virus is able to infect multiple parts of a system including the boot sector,
memory, and files. This makes it difficult to detect and contain.

• Armored Virus:
An armored virus is coded to make it difficult for antivirus to unravel and understand. It uses
a variety of techniques to do so like fooling antivirus to believe that it lies somewhere else
than its real location or using compression to complicate its code.

• Browser Hijacker:
As the name suggests this virus is coded to target the user’s browser and can alter the
browser settings. It is also called the browser redirect virus because it redirects your browser
to other malicious sites that can harm your computer system.

• Memory Resident Virus:

Resident viruses installation store for your RAM and meddle together along with your device
operations. They behave in a very secret and dishonest way that they can even connect themselves
for the anti-virus software program files.

• Direct Action Virus:

The main perspective of this virus is to replicate and take action when it is executed. When a
particular condition is met the virus will get into action and infect files in the directory that are
specified in the AUTOEXEC.BAT file path.

• Overwrite virus:

This type of virus deletes the information contained in the file that it infects, rendering them partially
or totally is useless once they have been infected.

• Directory Virus:

This virus is also called called File System Virus or Cluster Virus. It infects the directory of the
computer by modifying the path that indicates the location of a file.

• Companion Virus:

This kind of virus usually use a similar file name and create a different extension of it. For example, if
there’s a file “Hello.exe”, the virus will create another file named “Hello.com” and will hide in the
new file

• FAT Virus:

The File Allocation Table is the part of the disk used to store all information about the location of
files, available space , unusable space etc.

This virus affects the FAT section and may damage crucial information

3. What is the purpose of X.509 standard?

X.509 defines framework for authentication services by the X.500 directory to its users.X.509 defines
authentication protocols based on public key certificates.

X.509 is a digital certificate that is built on top of a widely trusted standard known as ITU or
International Telecommunication Union X.509 standard, in which the format of PKI certificates is
defined. X.509 digital certificate is a certificate-based authentication security framework that can be
used for providing secure transaction processing and private information. These are primarily used
for handling the security and identity in computer networking and internet-based communications.

Many protocols depend on X.509 and it has many applications, some of them are given below:

• Document signing and Digital signature

• Web server security with the help of Transport Layer Security (TLS)/Secure Sockets Layer
(SSL) certificates

• Email certificates

• Code signing

• Secure Shell Protocol (SSH) keys

• Digital Identities

The core of the X.509 authentication service is the public key certificate connected to each user.
These user certificates are assumed to be produced by some trusted certification authority and
positioned in the directory by the user or the certified authority. These directory servers are only
used for providing an effortless reachable location for all users so that they can acquire certificates.
X.509 standard is built on an IDL known as ASN.1. With the help of Abstract Syntax Notation, the
X.509 certificate format uses an associated public and private key pair for encrypting and decrypting
a message.

Once an X.509 certificate is provided to a user by the certified authority, that certificate is attached to
it like an identity card. The chances of someone stealing it or losing it are less, unlike other unsecured
passwords. With the help of this analogy, it is easier to imagine how this authentication works: the
certificate is basically presented like an identity at the resource that requires authentication.

4.What 4 requirements were defined by Kerberos?

Kerberos Requirements
• Secure – no masquerading
• Reliable – distributed server architecture
• Transparent – user unaware authentication is taking place
• Scalable – support large number of clients and servers

5. What is the difference between weak and strong collision resistance?

Strong Collision Weak Collision

Property Resistance Resistance

Strong collision resistance in It is a feature of a

cryptography refers to an
attribute of a cryptographic
hash function. This is the
Definition
situation where it is difficult
to compute two different
inputs that produce the same
hash value.
cryptographic hash function.
That means when one input
has been given, it is
practically impossible to
determine another input
which leads to the same
hash value as the initial one.

Finding a second input that

Any two inputs resulting in
Focus produces the same hash
the same hash value.
value as a given input.

Digital signatures, message Digital certificates,

Application
authentication codes. password hashing.
 Strong Collision Weak Collision
Property Resistance Resistance

Essential for secure

Crucial for ensuring data
Importance cryptographic protocols and
integrity and security.
applications.

Example
Hash SHA-256, SHA-3 SHA-256, SHA-3, MD5
Functions

Weak collisions resistance: for any given block x, it is computationally infeasible to find y * x with H(y)
= H(x). it is proportional to 2n .

Strong collision resistance: it is computationally infeasible to find any pair (x,y) such that H(x)= H(y). it
is proportional to 2n/2

6. Differentiate internal and external error control.

Internal error control:

In internal error control, an error detecting code also known as frame check sequence
or checksum.

External error control:

In external error control, error detecting codes are appended after encryption.

Aspect Internal Error Control External Error Control

Error detection is integrated within the

Error detection codes are appended
Definition message itself, often using a frame check
after the encryption process.
sequence (FCS) or checksum.

Error Detection Error control codes are added before Error control codes are added after
Placement encryption. encryption.

Ensures data integrity during

Ensures data integrity by verifying
Purpose transmission, allowing detection and
the encrypted data’s correctness.
correction of errors before encryption.

Implementation Detects errors in plaintext. Detects errors in ciphertext.

Aspect Internal Error Control External Error Control

Error detection codes may be altered Error detection codes remain

Encryption Impact during encryption, requiring recalculation independent of the encryption
after decryption. process.

Common in communication systems Often used in secure systems to

Use Cases where plaintext is processed directly verify the integrity of encrypted
before encryption. data.

Less secure as error control operates on More secure since error control
Security plaintext, making it vulnerable to attacks if operates on ciphertext, protecting
intercepted. the integrity of encrypted data.
MODULE 5
1. List the design goals of firewalls?

1. All traffic from inside to outside and vice versa must pass through the
firewall. This is achieved by physically blocking all access to the local
network except via the firewall. The configurations used for this are
screened Host Firewall (Single and Dual) and Screened Subnet Firewall.

2. Only authorized traffic as defined by the local security policy will

be allowed to pass. Various types of firewalls that can be used are
Packet Filters, Stateful Filters and Application Proxy Filters.

3.The firewall itself is immune to penetration. This implies that use of a

trusted system with a secure operating system.

2.Give SSL record format?

• Content Type (8 bits): The higher layer protocol used to process the enclosed
fragment.
• Major Version (8 bits): Indicates major version of SSL in use. For SSLv3, the
value is 3.
• Minor Version (8 bits): Indicates minor version in use. For SSLv3, the value is
0.
Compressed Length (16 bits): The length in bytes of the plaintext fragment (or
compressed fragment if compression is used). The maximum value is 214 +
2048.
 3. What are the protocols used to provide IP security?

1. Encapsulating Security Payload (ESP): It provides data integrity,

encryption, authentication, and anti-replay. It also provides authentication for
payload.
2. Authentication Header (AH): It also provides data integrity, authentication,
and anti-replay and it does not provide encryption. The anti-replay protection
protects against the unauthorized transmission of packets. It does not protect
data confidentiality.

4. Write brief note on Web Security.

Web Security deals with the security of data over the internet/network or web or
while it is being transferred over the internet. Web security is crucial for
protecting web applications, websites, and the underlying servers from
malicious attacks and unauthorized access.
Web Security is an online security solution that will restrict access to harmful
websites, stop web-based risks, and manage staff internet usage. Web Security
is very important nowadays. Websites are always prone to security threats/risks.
For example- when you are transferring data between client and server and you
have to protect that data that security of data is your web security.
Web security is critical for protecting web applications and data from malicious
attacks and unauthorized access. It is critical to implement precautions such as
updated software, understanding of SQL injection and cross-site scripting,
proper error handling, extensive data validation, and strong password
restrictions. These methods assure the integrity, confidentiality, and availability
of information, protecting both users and organizations from security risks.

5. Name any cryptographic keys used in PGP?

### **Cryptographic Keys Used in PGP (Pretty Good Privacy)**

PGP employs a combination of cryptographic keys to provide confidentiality,

authentication, and integrity. Below are the keys used:

---

#### **1. One-Time Session Conventional Keys**

- **Purpose:** Used for encrypting the message data (symmetric encryption).
- **Key Features:**
- A randomly generated key that is used only for a single session.
- Encrypted using the recipient's public key and sent along with the message.

---

#### **2. Public Keys**

- **Purpose:** Used for encrypting the one-time session key and verifying
digital signatures.
- **Key Features:**
- Publicly shared and uniquely associated with a user.
- Part of the public-private key pair in asymmetric encryption.

---

#### **3. Private Keys**

- **Purpose:** Used for decrypting the session key and creating digital
signatures.
- **Key Features:**
- Kept secret by the user.
- Used to decrypt the one-time session key and verify the origin of messages.

---

#### **4. Passphrase-Based Conventional Keys**

- **Purpose:** Used to encrypt the private key for added security.
- **Key Features:**
- The user protects their private key with a passphrase.
- Ensures that even if the private key file is accessed, it cannot be used without
the correct passphrase.

---

### **Explanation of the Combined Approach**

PGP uses a hybrid encryption model:
1. The **message** is encrypted with a **one-time session key** (symmetric
encryption).
2. The **session key** is encrypted with the recipient's **public key**
(asymmetric encryption).
3. The **private key** is used to decrypt the session key, which then decrypts
the message.

This combination provides the efficiency of symmetric encryption with the

security of asymmetric encryption.

---

### **Answer:**
The cryptographic keys used in PGP include:
- a) One-time session conventional keys
- b) Public keys
- c) Private keys
- d) Passphrase-based conventional keys

5. What are the different between SSL version 3 and TLS?

 SSL TLS

TLS stands for Transport Layer

SSL stands for Secure Socket Layer.
Security.

SSL (Secure Socket Layer) supports TLS (Transport Layer Security) does
the Fortezza algorithm. not support the Fortezza algorithm.

SSL (Secure Socket Layer) is the 3.0 TLS (Transport Layer Security) is the
version. 1.0 version.

In SSL( Secure Socket Layer), the In TLS(Transport Layer Security), a

Message digest is used to create a Pseudo-random function is used to
master secret. create a master secret.

In SSL( Secure Socket Layer), the In TLS(Transport Layer Security),

Message Authentication Code Hashed Message Authentication
protocol is used. Code protocol is used.

SSL (Secure Socket Layer) is more

TLS (Transport Layer Security) is
complex than TLS(Transport Layer
simple.
Security).

SSL (Secure Socket Layer) is less

TLS (Transport Layer Security)
secured as compared to
provides high security.
TLS(Transport Layer Security).

TLS is highly reliable and upgraded.

SSL is less reliable and slower.
It provides less latency.

SSL has been depreciated. TLS is still widely used.

 SSL TLS

SSL uses port to set up explicit TLS uses protocol to set up implicit
connection. connection.