Cryptography and network seCurity

Previous year solution 2022 Solved by Deepak Kumar

1. Choose the correct answer (any seven) :

(a) Advanced Encryption Standard (AES) has three different configurations

with respect to number of rounds and

(i) Data size

(ii) Round size
(iii) Key size
(iv) Encryption size
Correct option is (iv)
(b) Which of the following is also known as key exchange algorithm?
(i) RSA
(ii) DES
(iii) DH
(iv) ECC
Correct option is (iii)

(c) RC4 is an example of

(i) Hash algorithm
(ii) Stream algorithm
(iii) Block cipher
(iv) None of the above
Correct option is (ii)
(d) Hash function is
(i) Used to provide fingerprint of a file
(ii) Useful for message authentication
(iii) Both (i) and (ii)
(iv) None of the above
Correct option is (iii)
 (e) Which one of the following is not a higher-layer SSL protocol?
(i) Alert protocol
(ii) Handshake protocol
(iii) Alarm protocol
(iv) Change cipher spec protocol
Correct option is (iii)
(f) An HTTP connection uses port _____ whereas HTTPS uses port
_____and invokes SSL.
(i) 40; 80
(ii) 60; 620
(iii) 80; 443
(iv) 620; 80
Correct option is (iii)
(g) The DES algorithm cipher system consists of _____ rounds (iterations)
each with a round key.
(1) 12
(2) 18
(3) 9
(4) 16
Correct option is (4)
(h) For p=11 and q=19 and choose e=17. Apply RSA algorithm where
message = 5 and find the cipher text.
(1) C = 80
(2) C = 92
(3) C = 56
(4) C = 23
Correct option is (3)
Explanation :-

Given:

 p = 11
 q = 19
 e = 17
 M (message) = 5

Calculate n=p×q=11×19=209
Now, apply the encryption formula: C≡517(mod209)

To calculate this, you can use modular exponentiation. The result is: C≡56(mod209)

So, the correct option is: (3) C = 56

(i) SHA produces a hash value of.

(1) 256 bits

(2) 160 bits
(3) 180 bits
(4) 128 bits
Correct option is (2)
(j) In which of the following encryption key is used to encrypt and decrypt
the data.
(i) Public Key
(ii) Private key
(iii) Symmetric key
(iv) Asymmetric key

Correct option is (iii)

2. (a) What are the two general approaches to attack a cipher? List and
briefly define the types of cryptanalytic attacks based on what is
known to the attacker.
Ans:- The two general approaches to attack a cipher are:

1. Cryptanalysis (or Codebreaking): Cryptanalysis involves analyzing the

ciphertext or the cryptographic algorithm to deduce the plaintext or the
key used for encryption. Cryptanalysts use various techniques, such as
mathematical analysis, frequency analysis, and exploiting weaknesses in
the algorithm to break the encryption. This approach aims to find
vulnerabilities in the cryptographic system without necessarily having
access to the key.
2. Brute Force Attacks: Brute force attacks involve trying every possible key
until the correct one is found. This method is based on the assumption that it
is computationally infeasible to try all possible keys, especially if the key
space is sufficiently large. However, the effectiveness of brute force attacks
 depends on the key length and the computational resources available to the
attacker.
Here are some types of cryptanalytic attacks:

1. Ciphertext-Only Attack (COA):

 In a ciphertext-only attack, the cryptanalyst has access only to a
collection of encrypted messages.
 The goal is to deduce the plaintext or the key used for encryption.
2. Known-Plaintext Attack (KPA):
 In a known-plaintext attack, the cryptanalyst has access to pairs of
corresponding plaintext and ciphertext.
 The objective is to discover the key or the encryption algorithm
based on the known relationships between plaintext and ciphertext.
3. Chosen-Plaintext Attack (CPA):
 In a chosen-plaintext attack, the cryptanalyst can choose plaintexts
and obtain the corresponding ciphertexts from the encryption
oracle.
 The attacker aims to deduce the key or gain information about the
encryption algorithm.
4. Adaptive Chosen-Plaintext Attack (ACPA):
 An adaptive chosen-plaintext attack is an extension of the chosen-
plaintext attack where the attacker can adaptively choose plaintexts
based on the information gained during the attack.
5. Known-Ciphertext Attack (KCA):
 In a known-ciphertext attack, the cryptanalyst has access to pairs of
corresponding ciphertext and plaintext.
 The attacker's goal is to determine the key or gain information
about the encryption algorithm.
6. Chosen-Ciphertext Attack (CCA):
 In a chosen-ciphertext attack, the cryptanalyst can choose
ciphertexts and obtain the corresponding plaintexts from the
decryption oracle.
 The attacker aims to deduce the key or gain information about the
encryption algorithm.
7. Side-Channel Attacks:
 Side-channel attacks do not focus on the cryptographic algorithm
itself but exploit information leaked during the encryption or
decryption process, such as timing information, power
consumption, or electromagnetic emissions.
2.(b) What are the difference between a monoalphabetic cipher and a
polyalphabetic cipher? Explain with examples.
Ans:-

SR.NO Monoalphabetic Cipher Polyalphabetic Cipher

Polyalphabetic cipher is any cipher

Monoalphabetic cipher is one where
based on substitution, using
1 each symbol in plain text is mapped
multiple substitution alphabets.
to a fixed symbol in cipher text.

The relationship between a

The relationship between a character
character in the plain text and the
2 in the plain text and the characters in
characters in the cipher text is one-
the cipher text is one-to-one.
to-many.

Each alphabetic character of plain

Each alphabetic character of plain
text can be mapped onto ‘m’
3 text is mapped onto a unique
alphabetic characters of a cipher
alphabetic character of a cipher text.
text.

A stream cipher is a monoalphabetic A stream cipher is a polyalphabetic

cipher if the value of key does not cipher if the value of key does
4 depend on the position of the plain depend on the position of the plain
text character in the plain text text character in the plain text
stream. stream.

It includes autokey, Playfair,

It includes additive, multiplicative,
Vigenere, Hill, one-time pad,
5 affine and monoalphabetic
rotor, and Enigma cipher.
substitution cipher.

6 It is a simple substitution cipher. It is multiple substitutions cipher.

Monoalphabetic ciphers are not that

Polyalphabetic ciphers are much
7 strong as compared to polyalphabetic
stronger.
cipher.
 3. Explain the key generation process of AES cipher. We try now to take
advances in computer technology into account. Predicting the future
tends to be tricky but the estimate usually applied is Moore’s law ,
which states that the computer power doubles every 18 months while
the costs of integrated circuits stay constant. How many years do we
have to wait until a key-search machine can be built for breaking
AES with 128 bits with an average search time of 24 hours? Again,
assume a budget of $1 million (do not take inflation into account).

Ans:- Here's a brief overview of the key generation process in AES:

1. Initial Round Key:

 For the initial round, the original key is used directly.
 The key is divided into blocks, and each block is treated as a word.
2. Key Expansion:
 The key expansion process is different for each key length (128, 192, or
256 bits).
 For a 128-bit key, the key expansion involves creating 10 round keys
(one for each of the 10 rounds).
 For a 192-bit key, the key expansion involves creating 12 round keys.
 For a 256-bit key, the key expansion involves creating 14 round keys.
3. Word Expansion:
 Each word in the key is expanded by applying various transformations.
 The expansion involves rotating bytes, substituting bytes using the S-
box (a specific substitution table), and XORing with a round constant.
4. Round Constants:
 Round constants are used in the key expansion process and are XORed
with one of the expanded key words in each round.
 The round constants are generated based on a specific algorithm.
5. Final Round Keys:
 The resulting expanded key produces the set of round keys needed for
the encryption and decryption processes.
 Each round key is derived from a portion of the expanded key.
Given that you want to break AES with a 128-bit key with an average search time of
24 hours, we can use the following formula to estimate the number of years required:

T=log2(Moore’s Law Growth Factor)/log2(Search Space)

where:

 T is the time in years,

 Search Space is the number of possible keys (in this case, 2128 for a 128-bit
key),
 Moore’s Law Growth Factor is the factor by which computational power
doubles during the time period.

So, according to this rough estimate and assuming Moore's Law

continues to hold, it would take approximately 85.33 years for
computational power to reach a point where breaking AES with a
128-bit key could be done within an average search time of 24
hours.
 4. Design a Security service that provides data integrity, data
confidentiality and non-repudiation using public-key
cryptography in a two-party communication system over an
insecure channel. Give a rationale that data integrity,
confidentiality and nonrepudiation are achieved by your
solution. (Recommendation in your argumentation).
Ans:- Design of a Security Service: Public-Key Cryptography for Data
Integrity, Confidentiality, and Non-Repudiation

1. Key Pair Generation:

 Each party generates a unique key pair: a public key and a private key
using a strong and secure algorithm (e.g., RSA, ECC).
 Rationale: Public-key cryptography ensures that each party has a unique
pair of keys, providing a foundation for secure communication.

2. Key Exchange:

 Parties securely exchange public keys through a trusted channel or a

secure key exchange protocol.
 Rationale: Key exchange ensures that each party possesses the necessary
information to encrypt and decrypt messages securely.

3. Data Confidentiality (Encryption):

 When Party A wants to send a confidential message to Party B, it

encrypts the message using Party B's public key.
 Rationale: The use of the recipient's public key ensures that only the
possessor of the corresponding private key (Party B) can decrypt and
access the original message, providing data confidentiality.

4. Data Integrity (Hashing and Signing):

 Party A generates a hash of the message for data integrity verification.

 Party A signs the hash using its private key, creating a digital signature.
 The encrypted message and digital signature are sent to Party B.
 Rationale: Hashing guarantees data integrity by creating a unique
identifier for the message. Signing the hash with a private key ensures
that the message has not been tampered with during transmission.

5. Message Transmission:
  The encrypted message and digital signature are transmitted over the
insecure channel.

6. Data Integrity and Authenticity Check:

 Party B receives the message and decrypts it using its private key.
 Party B generates a hash of the received message and compares it to the
hash within the digital signature.
 Rationale: The comparison of hashes ensures data integrity and
authenticity. Any modification to the message will result in a mismatch,
indicating potential tampering.

7. Verification of Digital Signature:

 Party B verifies the digital signature using Party A's public key. If the
verification is successful, Party B can confirm the message's origin and
integrity.
 Rationale: The digital signature provides non-repudiation, as only Party
A possesses the private key necessary to create a valid signature. This
prevents Party A from denying their involvement in sending the message.

8. Non-Repudiation:

 The use of digital signatures ensures non-repudiation, as the signature

uniquely ties the message to the sender (Party A).
 Rationale: Non-repudiation prevents a party from denying its
involvement in the communication, enhancing accountability and trust in
the system.
 5. In an RSA system the public key of a given user is e = 65, n = 2 8 8 1.
What is the private key of this user? Hint : First use trial-and-error
to determine p and q; then use the extended Euclidean algorithm to
find the multiplicative inverse of 31 modulo Φ (n).
Ans:- In an RSA system, the public key consists of e and n, and the private key is
calculated based on the values of p and q. The modulus n is given by n=p×q, and
Φ(n) (Euler's totient function) is given by Φ(n)=(p−1)×(q−1).

Given:

 e=65
 n=2881

Step 1: Find p and q using trial and error: n=p×q

You can try different values for p and q until you find the correct pair that satisfies
n=2881.

Let's find that p=53 and q=59:

53×59=3127

Now, calculate Φ(n):

Φ(n)=(53−1)×(59−1)=52×58=3016

Step 2: Use the Extended Euclidean Algorithm to find the multiplicative inverse
of e modulo Φ(n):

e×d≡1(modΦ(n))

In other words, find d such that 65×d≡1(mod3016).

Now, use the Extended Euclidean Algorithm to find d.

Extended Euclidean Algorithm:

3016=46×65+26
65=2×26+13
26=2×13+0
Now, work backward:

13=65−2×26

13=65−2×(3016−46×65)

13=93×65−2×3016

So, d=93.

Conclusion: The private key ( d) for the given public key ( e=65,n=2881 ) is d=93

6. (a) What type of attackers are addressed by message authentication?

Describe the basic uses of message authentication code.
Ans:- Message authentication is primarily designed to address two types of
attackers:

1. Tampering Attackers:
 These attackers attempt to modify the content of the message
during transmission. The goal is to alter the information in a way
that may be beneficial to the attacker or to disrupt the
communication. Tampering attacks can include inserting, deleting,
or modifying data within the message.
2. Replay Attackers:
 In replay attacks, an attacker intercepts a valid message and
retransmits it to the recipient. The attacker's intention might be to
trick the recipient into processing the same message multiple times,
potentially causing unintended actions or gaining unauthorized
access.

Basic Uses of Message Authentication Code (MAC):

A Message Authentication Code is a cryptographic technique used to ensure the

integrity and authenticity of a message. It involves the use of a secret key to
generate a fixed-size tag (MAC) that is appended to the message. The recipient,
who shares the same secret key, can then verify the authenticity and integrity of
the received message by recomputing the MAC and comparing it to the received
MAC.
Here are the basic uses of Message Authentication Code:

1. Integrity Verification:
 MACs are used to verify that the received message has not been
altered during transmission. If the content of the message is
modified, the computed MAC will not match the received MAC,
indicating potential tampering.
2. Authentication:
 MACs provide a means of authenticating the sender of the
message. Since the MAC is generated using a secret key known
only to the sender and the recipient, a correct MAC implies that the
sender possessed the key.
3. Data Origin Authentication:
 MACs ensure that the received message is indeed from the claimed
sender. Without the correct secret key, an attacker cannot generate
a valid MAC that matches the one computed by the sender.
4. Non-Repudiation:
 While non-repudiation is more strongly associated with digital
signatures, in some contexts, MACs can be used to establish a level
of non-repudiation. If only the sender possesses the secret key used
to generate the MAC, the sender cannot later deny sending the
message.
5. Protection Against Replay Attacks:
 By incorporating a timestamp or a sequence number along with the
message in the MAC computation, MACs can help protect against
replay attacks. The recipient can check if the timestamp or
sequence number is within an acceptable range.
 6(b)Differentiate between the symmetric key cryptography and
public key cryptography.
Ans:- As we know that , Public key cryptography is also known as
Asymmetric key cryptography.

There are following differences between Symmetric key cryptography

and Asymmetric key cryptography.

Symmetric Key Encryption Asymmetric Key Encryption

It requires two keys, a public key and a

It only requires a single key for
private key, one to encrypt and the other
both encryption and decryption.
one to decrypt.

The size of cipher text is the

The size of cipher text is the same or
same or smaller than the original
larger than the original plain text.
plain text.

The encryption process is very

The encryption process is slow.
fast.

It is used when a large amount of It is used to transfer small amounts of

data is required to transfer. data.

It provides confidentiality, authenticity,

It only provides confidentiality.
and non-repudiation.

The length of key used is 128 or The length of key used is 2048 or
256 bits higher

Examples: 3DES, AES, DES and Examples: Diffie-Hellman, ECC, El

RC4 Gamal, DSA and RSA
 7. Explain the following :

(a) X.509 Format of a certificate.

Ans:- X.509 is a standard that defines the format of public key certificates, which are a key
component of the public key infrastructure (PKI). X.509 certificates are widely used in
various security protocols, including TLS/SSL for securing web communication.

The X.509 format of a certificate specifies the structure and content of a digital certificate,
including information about the certificate holder and their public key. Here is an overview of
the key components of an X.509 certificate:

1. Version:
 Indicates the version of the X.509 standard used to encode the certificate.
Common versions include v1, v2, and v3.
2. Serial Number:
 A unique identifier assigned by the certificate issuer to differentiate one
certificate from another.
3. Signature Algorithm:
 Specifies the algorithm used to sign the certificate. Common algorithms
include RSA, DSA, and ECDSA.
4. Issuer:
 Identifies the entity (usually a certification authority) that issues the certificate.
5. Validity Period:
 Specifies the start and end dates during which the certificate is considered
valid.
6. Subject:
 Identifies the entity (e.g., an individual, organization, or device) associated
with the public key in the certificate.
7. Subject Public Key Info:
 Contains information about the public key, including the algorithm used and
the actual public key value.
8. Issuer Unique Identifier (optional):
 An optional field that may be used to include additional unique identifiers for
the issuer.
9. Subject Unique Identifier (optional):
 An optional field that may be used to include additional unique identifiers for
the subject.
10. Extensions (v3 certificates):
 Additional fields that can include various extensions providing extra
information, such as key usage, subject alternative names, and policies.
11. Signature Algorithm (Algorithm Identifier):
 Specifies the algorithm used by the issuer to sign the certificate.
 (b) Public Key distribution

Ans:- Public key distribution is a crucial aspect of public key cryptography and secure
communication. In a public key cryptography system, each participant has a pair of keys: a
public key and a private key. The public key is shared openly, while the private key is kept
secret. Public key distribution involves making public keys available to other entities in a
secure and efficient manner.

Here are the key aspects and methods associated with public key distribution:

1. Public Key Infrastructure (PKI):

 PKI is a framework that includes policies, procedures, and technologies for
managing and distributing public keys securely. It involves the use of
certification authorities (CAs) to issue digital certificates that bind public keys
to the identity of the key owner.
2. Digital Certificates:
 Digital certificates are a standardized way of distributing public keys. They are
issued by CAs and include the public key along with information about the
key owner. The certificate is digitally signed by the CA, providing a way for
others to verify the authenticity of the public key.
3. Certificate Authorities (CAs):
 CAs are trusted entities responsible for verifying the identity of individuals or
organizations and issuing digital certificates. CAs play a central role in
establishing trust in the public key infrastructure.
4. Web of Trust:
 In environments where a centralized CA is not used, a web of trust model can
be employed. In this model, individuals sign each other's public keys, forming
a network of trust. Users can choose to trust the public keys of others based on
the strength and depth of these connections.
5. Key Distribution Centers (KDCs):
 In certain cryptographic protocols, such as Kerberos, a Key Distribution
Center is used to distribute session keys securely. The KDC issues tickets
containing encrypted session keys to entities, enabling secure communication.
6. Secure Key Exchange Protocols:
 Various secure key exchange protocols, such as Diffie-Hellman key exchange,
enable parties to establish a shared secret key over an insecure communication
channel. While not directly distributing public keys, these protocols allow
parties to agree on a shared key without the need for a trusted third party.
7. Public Key Repositories:
 Public key repositories or directories can be used to store and retrieve public
keys. Users can query the repository to obtain the public key of another entity.
Directories such as LDAP (Lightweight Directory Access Protocol) may be
used for this purpose.
 8. (a). Explain the working of Diffie-Hellman key exchange technique.

Ans:- The Diffie-Hellman key exchange technique is a method for two parties to
securely agree on a shared secret key over an insecure communication channel. It
was introduced by Whitfield Diffie and Martin Hellman in 1976 and is widely used in
secure communication protocols.

Here's a step-by-step explanation of how the Diffie-Hellman key exchange works:

1. Initialization:
 Both parties, let's call them Alice and Bob, agree on two public
parameters:
 A large prime number, p .
 A primitive root modulo p , often denoted as g .
2. Private Keys:
 Each party generates its private key:
 Alice selects a private key, a .
 Bob selects a private key, b.
3. Public Keys:
 Both parties calculate their public keys based on their private keys and
the agreed-upon parameters:
 Alice computes A=g^a mod p and sends A to Bob.
 Bob computes B=g^b mod p and sends B to Alice.
4. Exchange Public Keys:
 Alice and Bob exchange their public keys ( A and B ) openly, but these
values alone cannot be used to derive the shared secret.
5. Shared Secret Calculation:
 Both parties independently calculate the shared secret using their own
private keys and the received public key:
 Alice computes s=B^a mod p .
 Bob computes s=A^b mod p .
6. Result:
 Since modular exponentiation is commutative, both Alice and Bob
arrive at the same shared secret ( s). This shared secret can be used as
the key for symmetric encryption or any other cryptographic purpose.
8(b) Alice and Bob use the Diffie-Hellman key exchange technique
with a common prime q = 23 and a primitive root a = 5.

(i) If Bob has a public key YB = 10 , what is Bob’s private key

Yb=?
Ans:-
(ii) If Alice has a public key YA = 8 , what is the shared key K with Bob?
Ans:-
 9. List the main features of the SHA-512 cryptographic hash. What
kind of compression function is used in SHA-512? Compare the
compression function of SHA-512 without the last operation (Final
padding) with a Feistel cipher of 80 rounds. Show the similarities and
differences.
Ans:- Here are the main features of SHA-512:

1. Output Size:
 SHA-512 produces a fixed-size output of 512 bits (64 bytes).
2. Bit Length:
 The internal operations of SHA-512 are based on 64-bit words,
providing a higher level of security compared to SHA-256, which
uses 32-bit words.
3. Rounds:
 SHA-512 uses 80 rounds of processing to mix and transform the
input data. The increased number of rounds enhances its resistance
to cryptanalytic attacks.
4. Block Size:
 The block size for SHA-512 is 1024 bits (128 bytes). The message
is padded to a multiple of the block size before processing.
5. Message Padding:
 SHA-512 employs the Merkle–Damgård construction with a
padding scheme that appends a '1' bit followed by a variable
number of '0' bits, along with the length of the original message.
6. Word Size:
 The word size of SHA-512 is 64 bits. The message is processed in
1024-bit blocks, and the compression function operates on 64-bit
words.
7. Initial Hash Values (IVs):
 SHA-512 uses eight 64-bit initial hash values (IVs) derived from
the fractional parts of the square roots of the first eight prime
numbers.
Here is a simplified representation of the compression function used in SHA-
512:

1. Input:
 The input to the compression function is the current hash value
(512 bits) and the message block (1024 bits).
2. Operation:
 The compression function performs a series of bitwise logical
operations (such as AND, OR, XOR), modular addition, and
bitwise rotations on the current hash value and the message block.
3. Output:
 The output of the compression function is a new hash value, which
becomes the input for processing the next message block.
4. Iteration:
 The compression function is iterated multiple times (80 rounds in
the case of SHA-512) for each message block, enhancing the
diffusion and mixing properties of the hash function.
5. Final Hash Value:
 After processing all message blocks, the final hash value is
obtained as the cumulative result of processing each block.

The compression function of SHA-512, without considering the final

padding operation, is based on the Davies–Meyer structure. This
structure involves mixing the current hash value with the message
block using various bitwise logical operations, modular addition, and
bitwise rotations.

Let's compare the two:

Similarities:

1. Rounds:
 Both SHA-512 and a Feistel cipher involve multiple
rounds of processing. SHA-512 has 80 rounds in its
compression function, and a Feistel cipher with 80 rounds
would similarly iterate through its processing steps.
 2. Bitwise Operations:
 Both structures involve bitwise logical operations, such as
AND, OR, XOR. These operations contribute to the
diffusion and confusion properties essential for
cryptographic security.
3. Complexity:
 Both structures are designed to be computationally
complex, making them resistant to various types of
cryptanalysis.

Differences:

1. Block Structure:
 In SHA-512, the input block is processed as a whole, and
the compression function updates the entire hash value. In
a Feistel cipher, the input is typically divided into two
halves, and only one half is processed at a time.
2. Operation Types:
 While both involve bitwise operations, SHA-512's
compression function includes modular addition and
bitwise rotations, which are not inherent to a typical
Feistel structure. Feistel ciphers often use simple bitwise
operations, such as XOR and AND.
3. Message Dependency:
 In SHA-512, the compression function processes the entire
message block, and the output is used as the new hash
value for the next block. In a Feistel cipher, each round's
output is dependent on the previous round's output, and the
two halves of the block are swapped.

solved by deepak kumar