REG.

NO. :
5113

(Approved by AICTE, affiliated to Anna University & Accredited by NBA)

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING
INTERNAL ASSESSMENT TEST – II – Answer Key
Sem & Branch: V / CSE(A&B) Subject: CB3491-Cryptography and Cyber Security
Part-A
1. Find GCD (2740, 1760) using Euclidean Algorithm. (K3)(CO2)
To find the greatest common divisor (GCD) of 2740 and 1760 using the Euclidean algorithm,
follow these steps:
1. Divide 2740 by 1760 and find the remainder:
2740 \div 1760 = 1 \quad \text{remainder} = 980
2. Divide 1760 by the remainder (980):
1760 \div 980 = 1 \quad \text{remainder} = 780
3. Divide 980 by the remainder (780):
980 \div 780 = 1 \quad \text{remainder} = 200
4. Divide 780 by the remainder (200):
780 \div 200 = 3 \quad \text{remainder} = 180
5. Divide 200 by the remainder (180):
200 \div 180 = 1 \quad \text{remainder} = 20
6. Divide 180 by the remainder (20):
180 \div 20 = 9 \quad \text{remainder} = 0
Since the remainder is now 0, the GCD is the last non-zero remainder, which is 20.
Thus, the GCD of 2740 and 1760 is 20.
2. List out the ingredients of public key encryption scheme. (K1)(CO2)
The key ingredients of a public key encryption scheme in cryptography are:
1. Plaintext – The original message or data to be encrypted.
2. Encryption Algorithm – The algorithm used to encrypt the plaintext.
3. Public Key – The key used for encryption, known to everyone.
4. Private Key – The key used for decryption, kept secret.
5. Ciphertext – The encrypted message produced by the encryption algorithm.
6. Decryption Algorithm – The algorithm used to decrypt the ciphertext using the
private key.
3. Write down the difference between the public key and a private key cryptosystem.
Here are the key differences between a public key and a private key cryptosystem:
4. Define: Diffusion. (K2)(CO2)
Diffusion in cryptography refers to a property of encryption algorithms where a change in the
plaintext (even a single bit) results in a significant and widespread change in the ciphertext.
The goal is to obscure the relationship between the plaintext and the ciphertext, making it
difficult for an attacker to discern patterns or recover the original message. This is achieved
by spreading the influence of each part of the plaintext over many parts of the ciphertext.
5. How is the S-box constructed? What is the purpose of the S-boxes in DES? D
S-box Construction: In DES, the S-boxes are predefined lookup tables that take a 6-bit input and
produce a 4-bit output. The design ensures nonlinearity, diffusion, and resistance to cryptanalytic
attacks like differential and linear cryptanalysis.
 REG.
NO. :
5113

Purpose in DES: S-boxes provide confusion by introducing nonlinearity, ensuring that even
small changes in the input produce significant changes in the output. This helps obscure the
relationship between the plaintext, ciphertext, and key, enhancing the security of the encryption.
6. List the parameters (block size, key size, and no of rounds) for the three AES versions?
The three versions of AES differ in block size, key size, and number of rounds:
1. AES-128:
Block size: 128 bits
Key size: 128 bits
Number of rounds: 10
2. AES-192:
Block size: 128 bits
Key size: 192 bits
Number of rounds: 12
3. AES-256:
Block size: 128 bits
Key size: 256 bits
Number of rounds: 14
Part-B
7. (i) Discuss the properties that are satisfied by Groups, Rings and Fields. (8)(K2)(CO2)
Here is a summary of the properties satisfied by Groups, Rings, and Fields in abstract
algebra:
1. Group
A group is a set equipped with a single binary operation (denoted as multiplication or
addition), and it satisfies the following properties:
Closure: For any two elements , the result of the operation .
Associativity: For any , .
Identity Element: There exists an element such that for all .
Inverse Element: For each , there exists an element such that .
Commutativity (optional): If for all , the group is called Abelian or commutative.
2. Ring
A ring is a set equipped with two binary operations (typic ally addition and
multiplication) and satisfies the following properties:
Additive Group: The set under addition forms an Abelian group.
Closure, associativity, identity, inverse, and commutativity for addition.
Multiplicative Closure: For any , the product .
Multiplicative Associativity: For any , .
Distributivity: Multiplication distributes over addition for all :
Multiplicative Identity (optional): Some rings have an element such that for all .
Multiplicative Commutativity (optional): If multiplication is commutative, the ring is
called a commutative ring.
3. Field
A field is a set where two operations (addition and multiplication) are defined,
satisfying the properties of both a commutative ring and the following additional
conditions:
Additive Group: forms an Abelian group under addition (same as for a ring).
Multiplicative Group: The set (excluding the additive identity 0) forms an Abelian
group under multiplication.
Closure, associativity, identity, inverse, and commutativity for multiplication.
Distributivity: Multiplication distributes over addition, as in a ring.
 REG.
NO. :
5113

In summary:
A group has one operation and requires closure, associativity, identity, and inverse.
A ring has two operations, forms an Abelian group under addition, and satisfies
distributivity.
A field is a commutative ring where the nonzero elements form a multiplicative group.
(ii) Explain the bitwise XOR operation which involved in RC4. (8)(K2)(CO2)
In the RC4 stream cipher, the bitwise XOR operation is a key component of the encryption
and decryption processes. Here’s how it works and why it is important:
XOR Operation in RC4
XOR (Exclusive OR) is a binary operation that takes two bits as inputs and outputs:
1 if the bits are different (i.e., one is 1 and the other is 0).
0 if the bits are the same (both 1s or both 0s).
Role of XOR in RC4
1. Key Stream Generation: RC4 generates a pseudorandom key stream based on a
given key. This key stream is a sequence of bytes produced through an internal
algorithm using the key.
2. Encryption:
To encrypt, RC4 takes the plaintext and the generated key stream, then applies a
bitwise XOR between the corresponding bits of the plaintext and the key stream.
If is the plaintext byte and is the corresponding key stream byte, the ciphertext byte
is calculated as:
C = P \oplus K
3. Decryption:
Since XOR is its own inverse, to decrypt, the same XOR operation is applied between
the ciphertext and the same key stream:
P = C \oplus K
Why XOR is Used in RC4
Simplicity: XOR is a simple and fast operation, making RC4 efficient for software
and hardware implementations.
Reversibility: The property that XOR is its own inverse allows the same operation to
be used for both encryption and decryption.
Security: XOR with a pseudorandom key stream ensures that the ciphertext appears
random, provided the key stream is not reused (key-stream reuse can lead to
vulnerabilities).
Thus, the XOR operation in RC4 is fundamental for mixing the key stream with the plaintext
to achieve secure encryption and easy decryption.
8. Solve the following using RC4 stream cipher algorithm. Assume the state vector is 8 bits.
Key: [1 0 0 2] Plaintext: [6 1 5 4] (16)(K3)(CO2)
To solve this using the RC4 stream cipher algorithm with an 8-bit state vector, we need to
follow these main steps:
1. Key-Scheduling Algorithm (KSA): Initialize the state array S and permute it based
on the provided key.
2. Pseudo-Random Generation Algorithm (PRGA): Use the permuted state to generate
the keystream.
3. XOR the keystream with the plaintext: Encrypt the plaintext by XORing it with the
generated keystream.
 REG.
NO. :
5113

Step 1: Key-Scheduling Algorithm (KSA)

Initialize the state array S with values from 0 to N-1 where . So, S starts as:
S = [0, 1, 2, 3, 4, 5, 6, 7]
Initialize the key array as given: K = [1, 0, 0, 2]. Repeat the key to match the length of the
state array:
K = [1, 0, 0, 2, 1, 0, 0, 2]
Now, apply the KSA to scramble the state array:
j = (j + S[i] + K[i \mod \text{key length}}) \mod N
Let's compute the steps of KSA:
i = 0: Swap and :
S = [1, 0, 2, 3, 4, 5, 6, 7]
i = 1: Swap and (no change):
S = [1, 0, 2, 3, 4, 5, 6, 7]
i = 2: Swap and :
S = [1, 0, 3, 2, 4, 5, 6, 7]
i = 3: Swap and :
S = [1, 0, 3, 7, 4, 5, 6, 2]
i = 4: Swap and (no change):
S = [1, 0, 3, 7, 4, 5, 6, 2]
i = 5: Swap and :
S = [1, 5, 3, 7, 4, 0, 6, 2]
i = 6: Swap and :
S = [1, 5, 3, 7, 4, 0, 2, 6]
i = 7: Swap and (no change):
S = [1, 5, 3, 7, 4, 0, 2, 6]
Now, the permuted state vector S after the KSA is: S = [1, 5, 3, 7, 4, 0, 2, 6]
Step 2: Pseudo-Random Generation Algorithm (PRGA)
Next, generate the keystream using the PRGA:
Keystream byte 1: S = [1, 0, 3, 7, 4, 5, 2, 6]
Keystream byte 2: S = [3, 0, 1, 7, 4, 5, 2, 6]
Keystream byte 3: S = [3, 0, 1, 6, 4, 5, 2, 7]
Keystream byte 4: S = [3, 0, 1, 4, 6, 5, 2, 7]
The keystream generated is: [5, 4, 5, 1].
 REG.
NO. :
5113

Step 3: XOR the keystream with the plaintext

Now, XOR the plaintext [6, 1, 5, 4]
Keystream: [5, 4, 5, 1]
Ciphertext: [3, 5, 0, 5]
9. (i) Enumerate the rules of number theory in Cryptography. (8)(K2)(CO2)
Here are some fundamental rules and concepts of number theory that are essential in
cryptography:
1. Divisibility
A number is said to be divisible by if there exists an integer such that .
Used in understanding modular arithmetic and properties of numbers.
2. Prime Numbers
A prime number is a natural number greater than 1 that has no positive divisors other than 1
and itself.
Primes are fundamental in cryptographic algorithms, particularly in key generation (e.g.,
RSA).
3. Greatest Common Divisor (GCD)
The GCD of two integers is the largest positive integer that divides both without leaving a
remainder.
Essential for determining the coprimality of numbers, which is important in algorithms like
RSA.
4. Modular Arithmetic
Arithmetic operations performed with respect to a modulus .
The notation means and have the same remainder when divided by .
5. Modular Inverses
An integer is the modular inverse of modulo if .
Key in many cryptographic algorithms, especially for decryption and key exchange protocols.
6. Euler’s Totient Function
Counts the number of integers up to that are coprime to .
Important in RSA encryption for calculating the public and private keys.
7. Fermat’s Little Theorem
States that if is a prime and is an integer not divisible by , then .
Used in primality testing and in algorithms like RSA.
8. Public Key Infrastructure (PKI)
Uses the principles of number theory to establish a framework for secure communication and
authentication using pairs of public and private keys.
9. Hash Functions and Collision Resistance
Hash functions should produce a unique hash for different inputs, and finding two inputs that
hash to the same output (a collision) should be computationally infeasible.
(ii) Explain Extended Euclid’s algorithm with an example. (8)(K2)(CO2)
The Extended Euclidean Algorithm not only computes the greatest common divisor (GCD) of
two integers but also finds integer coefficients (often called and ) such that:
ax + by = \text{gcd}(a, b)
This is particularly useful in number theory, especially in modular arithmetic and
cryptography.
Steps of the Extended Euclidean Algorithm
1. Apply the Euclidean algorithm to find the GCD of and .
2. Backtrack through the steps of the Euclidean algorithm to express the GCD as a linear
combination of and .
 REG.
NO. :
5113

Example
Let's find the GCD of and and express it as a linear combination of these two numbers.
Step 1: Euclidean Algorithm
1. First Division:
30 = 2 \times 12 + 6
2. Second Division:
12 = 2 \times 6 + 0
Since the last non-zero remainder is , we have:
\text{gcd}(30, 12) = 6
Step 2: Extended Backtracking
Now we will backtrack to express as a linear combination of and .
From the first division:
6 = 30 - 2 \times 12 \quad (1)
Since we reached a remainder of 0, we stop here. The equation from (1) gives us the
coefficients directly;
Conclusion
Thus, we have:
6 = 30 \times 1 + 12 \times (-2)
So, the GCD of and is , and it can be expressed as:
6 = 30 \times 1 + 12 \times (-2)
Part-C (Compulsory)
Answer the questions [1 x 16 = 16 Marks]
10. Neatly explain how encryption is done using Advanced Encryption Standards with
necessary block diagrams. (16)(K2)(CO2)
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES) is a specification for the encryption of electronic data
established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES
is widely used today as it is much stronger than DES and triple DES despite being harder to
implement. In this article, we will cover the AES, the Working of Cipher and Encryption-
Decryption methods used in it, and its applications.
What is Advanced Encryption Standard (AES)?
Advanced Encryption Standard (AES) is a highly trusted encryption algorithm used to secure
data by converting it into an unreadable format without the proper key. Developed by the
National Institute of Standards and Technology (NIST), AES encryption uses various key
lengths (128, 192, or 256 bits) to provide strong protection against unauthorized access. This
data security measure is efficient and widely implemented in securing internet
communication, protecting sensitive data, and encrypting files. AES, a cornerstone of modern
cryptography, is recognized globally for its ability to keep information safe from cyber
threats.
AES is a Block Cipher.
The key size can be 128/192/256 bits.
Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text. AES relies
 REG.
NO. :
5113

on the substitution-permutation network principle, which is performed using a series of

linked operations that involve replacing and shuffling the input data.
Working of The Cipher
AES performs operations on bytes of data rather than in bits. Since the block size is 128 bits,
the cipher processes 128 bits (or 16 bytes) of the input data at a time.
The number of rounds depends on the key length as follows :
128-bit key – 10 rounds
192-bit key – 12 rounds
256-bit key – 14 rounds
Creation of Round Keys
A Key Schedule algorithm calculates all the round keys from the key. So the initial key is
used to create many different round keys which will be used in the corresponding round of
the encryption.
Creation of Round Keys (AES)
Creation of Round Keys (AES)
Encryption
AES considers each block as a 16-byte (4 byte x 4 byte = 128 ) grid in a column-major
arrangement.
[ b0 | b4 | b8 | b12 |
| b1 | b5 | b9 | b13 |
| b2 | b6 | b10| b14 |
| b3 | b7 | b11| b15 ]
Each round comprises of 4 steps :
SubBytes
ShiftRows
MixColumns
Add Round Key
The last round doesn’t have the MixColumns round.
The SubBytes does the substitution and ShiftRows and MixColumns perform the permutation
in the algorithm.
Sub Bytes
 REG.
NO. :
5113

This step implements the substitution.

In this step, each byte is substituted by another byte. It is performed using a lookup table also
called the S-box. This substitution is done in a way that a byte is never substituted by itself
and also not substituted by another byte which is a compliment of the current byte. The result
of this step is a 16-byte (4 x 4 ) matrix like before.
The next two steps implement the permutation.
Shift Rows
This step is just as it sounds. Each row is shifted a particular number of times.
The first row is not shifted
The second row is shifted once to the left.
The third row is shifted twice to the left.
The fourth row is shifted thrice to the left.
(A left circular shift is performed.)
[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]
| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 |
| b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |
[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]
Mix Columns
This step is a matrix multiplication. Each column is multiplied with a specific matrix and thus
the position of each byte in the column is changed as a result.
This step is skipped in the last round.
[ c0 ] [ 2 3 1 1 ] [ b0 ]
| c1 | = |1 2 3 1| | b1 |
| c2 | |1 1 2 3| | b2 |
[ c3 ] [3 1 1 2] [ b3 ]
Add Round Keys
Now the resultant output of the previous stage is XOR-ed with the corresponding round key.
Here, the 16 bytes are not considered as a grid but just as 128 bits of data.
Added Round Keys (AES)
Added Round Keys (AES)
After all these rounds 128 bits of encrypted data are given back as output. This process is
 REG.
NO. :
5113

repeated until all the data to be encrypted undergoes this process.

Decryption
The stages in the rounds can be easily undone as these stages have an opposite to it which
when performed reverts the changes. Each 128 blocks goes through the 10,12 or 14 rounds
depending on the key size.
The stages of each round of decryption are as follows :
Add round key
Inverse MixColumns
ShiftRows
Inverse SubByte
The decryption process is the encryption process done in reverse so I will explain the steps
with notable differences.
Inverse MixColumns
This step is similar to the Mix Columns step in encryption but differs in the matrix used to
carry out the operation.
Mix Columns Operation each column is mixed independent of the other.
Matrix multiplication is used. The output of this step is the matrix multiplication of the old
values and a
constant matrix
[b0] = [ 14 11 13 9] [ c0 ]
[b1]=[ 9 14 11 13 ] [ c1 ]
[b2] =[ 13 9 14 11] [ c2 ]
[ b3 ]=[ 11 13 9 14 ] [ c3 ]
Inverse SubBytes
Inverse S-box is used as a lookup table and using which the bytes are substituted during
decryption.
Function Substitute performs a byte substitution on each byte of the input word. For this
purpose,it uses an S-box.
Applications
AES is widely used in many applications which require secure data storage and transmission.
Some common use cases include:
Wireless security: AES is used in securing wireless networks, such as Wi-Fi networks, to
ensure data confidentiality and prevent unauthorized access.
 REG.
NO. :
5113

Database Encryption: AES can be applied to encrypt sensitive data stored in databases. This
helps protect personal information, financial records, and other confidential data from
unauthorized access in case of a data breach.
Secure communications: AES is widely used in protocols such as internet communications,
email, instant messaging, and voice/video calls. It ensures that the data remains confidential.
Data storage: AES is used to encrypt sensitive data stored on hard drives, USB drives, and
other storage media, protecting it from unauthorized access in case of loss or theft.
Virtual Private Networks (VPNs): AES is commonly used in VPN protocols to secure the
communication between a user’s device and a remote server. It ensures that data sent and
received through the VPN remains private and cannot be deciphered by eavesdroppers.
Secure Storage of Passwords: AES encryption is commonly employed to store passwords
securely. Instead of storing plaintext passwords, the encrypted version is stored. This adds an
extra layer of security and protects user credentials in case of unauthorized access to the
storage.
File and Disk Encryption:
AES is used to encrypt files and folders on computers, external storage devices, and cloud
storage. It protects sensitive data stored on devices or during data transfer to prevent
unauthorized access.
Conclusion
AES instruction set is now integrated into the CPU (offers throughput of several GB/s)to
improve the speed and security of applications that use AES for encryption and decryption.
Even though it has been 20 years since its introduction we have failed to break the AES
algorithm as it is infeasible even with the current technology. To date, the only vulnerability
remains in the implementation of the algorithm.